2 * QEMU VNC display driver
4 * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws>
5 * Copyright (C) 2006 Fabrice Bellard
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 #include "qemu_socket.h"
29 #define VNC_REFRESH_INTERVAL (1000 / 30)
31 #include "vnc_keysym.h"
38 #define VNC_DEBUG(fmt, ...) do { fprintf(stderr, fmt, ## __VA_ARGS__); } while (0)
40 #define VNC_DEBUG(fmt, ...) do { } while (0)
50 typedef struct VncState VncState
;
52 typedef int VncReadEvent(VncState
*vs
, char *data
, size_t len
);
54 typedef void VncWritePixels(VncState
*vs
, void *data
, int size
);
56 typedef void VncSendHextileTile(VncState
*vs
,
57 int x
, int y
, int w
, int h
,
60 int *has_bg
, int *has_fg
);
62 #define VNC_MAX_WIDTH 2048
63 #define VNC_MAX_HEIGHT 2048
64 #define VNC_DIRTY_WORDS (VNC_MAX_WIDTH / (16 * 32))
66 #define VNC_AUTH_CHALLENGE_SIZE 16
77 VNC_AUTH_VENCRYPT
= 19
89 uint32_t dirty_row
[VNC_MAX_HEIGHT
][VNC_DIRTY_WORDS
];
91 int depth
; /* internal VNC frame buffer byte per pixel */
94 int has_pointer_type_change
;
105 char challenge
[VNC_AUTH_CHALLENGE_SIZE
];
109 kbd_layout_t
*kbd_layout
;
110 /* current output mode information */
111 VncWritePixels
*write_pixels
;
112 VncSendHextileTile
*send_hextile_tile
;
113 int pix_bpp
, pix_big_endian
;
114 int red_shift
, red_max
, red_shift1
;
115 int green_shift
, green_max
, green_shift1
;
116 int blue_shift
, blue_max
, blue_shift1
;
118 VncReadEvent
*read_handler
;
119 size_t read_handler_expect
;
121 uint8_t modifiers_state
[256];
124 static VncState
*vnc_state
; /* needed for info vnc */
126 void do_info_vnc(void)
128 if (vnc_state
== NULL
)
129 term_printf("VNC server disabled\n");
131 term_printf("VNC server active on: ");
132 term_print_filename(vnc_state
->display
);
135 if (vnc_state
->csock
== -1)
136 term_printf("No client connected\n");
138 term_printf("Client connected\n");
143 1) Get the queue working for IO.
144 2) there is some weirdness when using the -S option (the screen is grey
145 and not totally invalidated
146 3) resolutions > 1024
149 static void vnc_write(VncState
*vs
, const void *data
, size_t len
);
150 static void vnc_write_u32(VncState
*vs
, uint32_t value
);
151 static void vnc_write_s32(VncState
*vs
, int32_t value
);
152 static void vnc_write_u16(VncState
*vs
, uint16_t value
);
153 static void vnc_write_u8(VncState
*vs
, uint8_t value
);
154 static void vnc_flush(VncState
*vs
);
155 static void vnc_update_client(void *opaque
);
156 static void vnc_client_read(void *opaque
);
158 static inline void vnc_set_bit(uint32_t *d
, int k
)
160 d
[k
>> 5] |= 1 << (k
& 0x1f);
163 static inline void vnc_clear_bit(uint32_t *d
, int k
)
165 d
[k
>> 5] &= ~(1 << (k
& 0x1f));
168 static inline void vnc_set_bits(uint32_t *d
, int n
, int nb_words
)
178 d
[j
++] = (1 << n
) - 1;
183 static inline int vnc_get_bit(const uint32_t *d
, int k
)
185 return (d
[k
>> 5] >> (k
& 0x1f)) & 1;
188 static inline int vnc_and_bits(const uint32_t *d1
, const uint32_t *d2
,
192 for(i
= 0; i
< nb_words
; i
++) {
193 if ((d1
[i
] & d2
[i
]) != 0)
199 static void vnc_dpy_update(DisplayState
*ds
, int x
, int y
, int w
, int h
)
201 VncState
*vs
= ds
->opaque
;
207 for (i
= 0; i
< w
; i
+= 16)
208 vnc_set_bit(vs
->dirty_row
[y
], (x
+ i
) / 16);
211 static void vnc_framebuffer_update(VncState
*vs
, int x
, int y
, int w
, int h
,
214 vnc_write_u16(vs
, x
);
215 vnc_write_u16(vs
, y
);
216 vnc_write_u16(vs
, w
);
217 vnc_write_u16(vs
, h
);
219 vnc_write_s32(vs
, encoding
);
222 static void vnc_dpy_resize(DisplayState
*ds
, int w
, int h
)
225 VncState
*vs
= ds
->opaque
;
227 ds
->data
= realloc(ds
->data
, w
* h
* vs
->depth
);
228 vs
->old_data
= realloc(vs
->old_data
, w
* h
* vs
->depth
);
230 if (ds
->data
== NULL
|| vs
->old_data
== NULL
) {
231 fprintf(stderr
, "vnc: memory allocation failed\n");
235 ds
->depth
= vs
->depth
* 8;
236 size_changed
= ds
->width
!= w
|| ds
->height
!= h
;
239 ds
->linesize
= w
* vs
->depth
;
240 if (vs
->csock
!= -1 && vs
->has_resize
&& size_changed
) {
241 vnc_write_u8(vs
, 0); /* msg id */
243 vnc_write_u16(vs
, 1); /* number of rects */
244 vnc_framebuffer_update(vs
, 0, 0, ds
->width
, ds
->height
, -223);
246 vs
->width
= ds
->width
;
247 vs
->height
= ds
->height
;
252 static void vnc_write_pixels_copy(VncState
*vs
, void *pixels
, int size
)
254 vnc_write(vs
, pixels
, size
);
257 /* slowest but generic code. */
258 static void vnc_convert_pixel(VncState
*vs
, uint8_t *buf
, uint32_t v
)
260 unsigned int r
, g
, b
;
262 r
= (v
>> vs
->red_shift1
) & vs
->red_max
;
263 g
= (v
>> vs
->green_shift1
) & vs
->green_max
;
264 b
= (v
>> vs
->blue_shift1
) & vs
->blue_max
;
265 v
= (r
<< vs
->red_shift
) |
266 (g
<< vs
->green_shift
) |
267 (b
<< vs
->blue_shift
);
268 switch(vs
->pix_bpp
) {
273 if (vs
->pix_big_endian
) {
283 if (vs
->pix_big_endian
) {
298 static void vnc_write_pixels_generic(VncState
*vs
, void *pixels1
, int size
)
300 uint32_t *pixels
= pixels1
;
305 for(i
= 0; i
< n
; i
++) {
306 vnc_convert_pixel(vs
, buf
, pixels
[i
]);
307 vnc_write(vs
, buf
, vs
->pix_bpp
);
311 static void send_framebuffer_update_raw(VncState
*vs
, int x
, int y
, int w
, int h
)
316 vnc_framebuffer_update(vs
, x
, y
, w
, h
, 0);
318 row
= vs
->ds
->data
+ y
* vs
->ds
->linesize
+ x
* vs
->depth
;
319 for (i
= 0; i
< h
; i
++) {
320 vs
->write_pixels(vs
, row
, w
* vs
->depth
);
321 row
+= vs
->ds
->linesize
;
325 static void hextile_enc_cord(uint8_t *ptr
, int x
, int y
, int w
, int h
)
327 ptr
[0] = ((x
& 0x0F) << 4) | (y
& 0x0F);
328 ptr
[1] = (((w
- 1) & 0x0F) << 4) | ((h
- 1) & 0x0F);
332 #include "vnchextile.h"
336 #include "vnchextile.h"
340 #include "vnchextile.h"
345 #include "vnchextile.h"
349 static void send_framebuffer_update_hextile(VncState
*vs
, int x
, int y
, int w
, int h
)
353 uint32_t last_fg32
, last_bg32
;
355 vnc_framebuffer_update(vs
, x
, y
, w
, h
, 5);
358 for (j
= y
; j
< (y
+ h
); j
+= 16) {
359 for (i
= x
; i
< (x
+ w
); i
+= 16) {
360 vs
->send_hextile_tile(vs
, i
, j
,
361 MIN(16, x
+ w
- i
), MIN(16, y
+ h
- j
),
362 &last_bg32
, &last_fg32
, &has_bg
, &has_fg
);
367 static void send_framebuffer_update(VncState
*vs
, int x
, int y
, int w
, int h
)
370 send_framebuffer_update_hextile(vs
, x
, y
, w
, h
);
372 send_framebuffer_update_raw(vs
, x
, y
, w
, h
);
375 static void vnc_copy(DisplayState
*ds
, int src_x
, int src_y
, int dst_x
, int dst_y
, int w
, int h
)
382 int pitch
= ds
->linesize
;
383 VncState
*vs
= ds
->opaque
;
385 vnc_update_client(vs
);
392 src
= (ds
->linesize
* (src_y
+ y
) + vs
->depth
* src_x
);
393 dst
= (ds
->linesize
* (dst_y
+ y
) + vs
->depth
* dst_x
);
395 src_row
= ds
->data
+ src
;
396 dst_row
= ds
->data
+ dst
;
397 old_row
= vs
->old_data
+ dst
;
399 for (y
= 0; y
< h
; y
++) {
400 memmove(old_row
, src_row
, w
* vs
->depth
);
401 memmove(dst_row
, src_row
, w
* vs
->depth
);
407 vnc_write_u8(vs
, 0); /* msg id */
409 vnc_write_u16(vs
, 1); /* number of rects */
410 vnc_framebuffer_update(vs
, dst_x
, dst_y
, w
, h
, 1);
411 vnc_write_u16(vs
, src_x
);
412 vnc_write_u16(vs
, src_y
);
416 static int find_dirty_height(VncState
*vs
, int y
, int last_x
, int x
)
420 for (h
= 1; h
< (vs
->height
- y
); h
++) {
422 if (!vnc_get_bit(vs
->dirty_row
[y
+ h
], last_x
))
424 for (tmp_x
= last_x
; tmp_x
< x
; tmp_x
++)
425 vnc_clear_bit(vs
->dirty_row
[y
+ h
], tmp_x
);
431 static void vnc_update_client(void *opaque
)
433 VncState
*vs
= opaque
;
435 if (vs
->need_update
&& vs
->csock
!= -1) {
439 uint32_t width_mask
[VNC_DIRTY_WORDS
];
444 vnc_set_bits(width_mask
, (vs
->width
/ 16), VNC_DIRTY_WORDS
);
446 /* Walk through the dirty map and eliminate tiles that
447 really aren't dirty */
449 old_row
= vs
->old_data
;
451 for (y
= 0; y
< vs
->height
; y
++) {
452 if (vnc_and_bits(vs
->dirty_row
[y
], width_mask
, VNC_DIRTY_WORDS
)) {
459 for (x
= 0; x
< vs
->ds
->width
; x
+= 16) {
460 if (memcmp(old_ptr
, ptr
, 16 * vs
->depth
) == 0) {
461 vnc_clear_bit(vs
->dirty_row
[y
], (x
/ 16));
464 memcpy(old_ptr
, ptr
, 16 * vs
->depth
);
467 ptr
+= 16 * vs
->depth
;
468 old_ptr
+= 16 * vs
->depth
;
472 row
+= vs
->ds
->linesize
;
473 old_row
+= vs
->ds
->linesize
;
477 qemu_mod_timer(vs
->timer
, qemu_get_clock(rt_clock
) + VNC_REFRESH_INTERVAL
);
481 /* Count rectangles */
483 vnc_write_u8(vs
, 0); /* msg id */
485 saved_offset
= vs
->output
.offset
;
486 vnc_write_u16(vs
, 0);
488 for (y
= 0; y
< vs
->height
; y
++) {
491 for (x
= 0; x
< vs
->width
/ 16; x
++) {
492 if (vnc_get_bit(vs
->dirty_row
[y
], x
)) {
496 vnc_clear_bit(vs
->dirty_row
[y
], x
);
499 int h
= find_dirty_height(vs
, y
, last_x
, x
);
500 send_framebuffer_update(vs
, last_x
* 16, y
, (x
- last_x
) * 16, h
);
507 int h
= find_dirty_height(vs
, y
, last_x
, x
);
508 send_framebuffer_update(vs
, last_x
* 16, y
, (x
- last_x
) * 16, h
);
512 vs
->output
.buffer
[saved_offset
] = (n_rectangles
>> 8) & 0xFF;
513 vs
->output
.buffer
[saved_offset
+ 1] = n_rectangles
& 0xFF;
517 qemu_mod_timer(vs
->timer
, qemu_get_clock(rt_clock
) + VNC_REFRESH_INTERVAL
);
520 static void vnc_timer_init(VncState
*vs
)
522 if (vs
->timer
== NULL
) {
523 vs
->timer
= qemu_new_timer(rt_clock
, vnc_update_client
, vs
);
524 qemu_mod_timer(vs
->timer
, qemu_get_clock(rt_clock
));
528 static void vnc_dpy_refresh(DisplayState
*ds
)
530 VncState
*vs
= ds
->opaque
;
535 static int vnc_listen_poll(void *opaque
)
537 VncState
*vs
= opaque
;
543 static void buffer_reserve(Buffer
*buffer
, size_t len
)
545 if ((buffer
->capacity
- buffer
->offset
) < len
) {
546 buffer
->capacity
+= (len
+ 1024);
547 buffer
->buffer
= realloc(buffer
->buffer
, buffer
->capacity
);
548 if (buffer
->buffer
== NULL
) {
549 fprintf(stderr
, "vnc: out of memory\n");
555 static int buffer_empty(Buffer
*buffer
)
557 return buffer
->offset
== 0;
560 static char *buffer_end(Buffer
*buffer
)
562 return buffer
->buffer
+ buffer
->offset
;
565 static void buffer_reset(Buffer
*buffer
)
570 static void buffer_append(Buffer
*buffer
, const void *data
, size_t len
)
572 memcpy(buffer
->buffer
+ buffer
->offset
, data
, len
);
573 buffer
->offset
+= len
;
576 static int vnc_client_io_error(VncState
*vs
, int ret
, int last_errno
)
578 if (ret
== 0 || ret
== -1) {
579 if (ret
== -1 && (last_errno
== EINTR
|| last_errno
== EAGAIN
))
582 qemu_set_fd_handler2(vs
->csock
, NULL
, NULL
, NULL
, NULL
);
583 closesocket(vs
->csock
);
585 buffer_reset(&vs
->input
);
586 buffer_reset(&vs
->output
);
593 static void vnc_client_error(VncState
*vs
)
595 vnc_client_io_error(vs
, -1, EINVAL
);
598 static void vnc_client_write(void *opaque
)
601 VncState
*vs
= opaque
;
603 ret
= send(vs
->csock
, vs
->output
.buffer
, vs
->output
.offset
, 0);
604 ret
= vnc_client_io_error(vs
, ret
, socket_error());
608 memmove(vs
->output
.buffer
, vs
->output
.buffer
+ ret
, (vs
->output
.offset
- ret
));
609 vs
->output
.offset
-= ret
;
611 if (vs
->output
.offset
== 0) {
612 qemu_set_fd_handler2(vs
->csock
, NULL
, vnc_client_read
, NULL
, vs
);
616 static void vnc_read_when(VncState
*vs
, VncReadEvent
*func
, size_t expecting
)
618 vs
->read_handler
= func
;
619 vs
->read_handler_expect
= expecting
;
622 static void vnc_client_read(void *opaque
)
624 VncState
*vs
= opaque
;
627 buffer_reserve(&vs
->input
, 4096);
629 ret
= recv(vs
->csock
, buffer_end(&vs
->input
), 4096, 0);
630 ret
= vnc_client_io_error(vs
, ret
, socket_error());
634 vs
->input
.offset
+= ret
;
636 while (vs
->read_handler
&& vs
->input
.offset
>= vs
->read_handler_expect
) {
637 size_t len
= vs
->read_handler_expect
;
640 ret
= vs
->read_handler(vs
, vs
->input
.buffer
, len
);
645 memmove(vs
->input
.buffer
, vs
->input
.buffer
+ len
, (vs
->input
.offset
- len
));
646 vs
->input
.offset
-= len
;
648 vs
->read_handler_expect
= ret
;
653 static void vnc_write(VncState
*vs
, const void *data
, size_t len
)
655 buffer_reserve(&vs
->output
, len
);
657 if (buffer_empty(&vs
->output
)) {
658 qemu_set_fd_handler2(vs
->csock
, NULL
, vnc_client_read
, vnc_client_write
, vs
);
661 buffer_append(&vs
->output
, data
, len
);
664 static void vnc_write_s32(VncState
*vs
, int32_t value
)
666 vnc_write_u32(vs
, *(uint32_t *)&value
);
669 static void vnc_write_u32(VncState
*vs
, uint32_t value
)
673 buf
[0] = (value
>> 24) & 0xFF;
674 buf
[1] = (value
>> 16) & 0xFF;
675 buf
[2] = (value
>> 8) & 0xFF;
676 buf
[3] = value
& 0xFF;
678 vnc_write(vs
, buf
, 4);
681 static void vnc_write_u16(VncState
*vs
, uint16_t value
)
685 buf
[0] = (value
>> 8) & 0xFF;
686 buf
[1] = value
& 0xFF;
688 vnc_write(vs
, buf
, 2);
691 static void vnc_write_u8(VncState
*vs
, uint8_t value
)
693 vnc_write(vs
, (char *)&value
, 1);
696 static void vnc_flush(VncState
*vs
)
698 if (vs
->output
.offset
)
699 vnc_client_write(vs
);
702 static uint8_t read_u8(uint8_t *data
, size_t offset
)
707 static uint16_t read_u16(uint8_t *data
, size_t offset
)
709 return ((data
[offset
] & 0xFF) << 8) | (data
[offset
+ 1] & 0xFF);
712 static int32_t read_s32(uint8_t *data
, size_t offset
)
714 return (int32_t)((data
[offset
] << 24) | (data
[offset
+ 1] << 16) |
715 (data
[offset
+ 2] << 8) | data
[offset
+ 3]);
718 static uint32_t read_u32(uint8_t *data
, size_t offset
)
720 return ((data
[offset
] << 24) | (data
[offset
+ 1] << 16) |
721 (data
[offset
+ 2] << 8) | data
[offset
+ 3]);
724 static void client_cut_text(VncState
*vs
, size_t len
, char *text
)
728 static void check_pointer_type_change(VncState
*vs
, int absolute
)
730 if (vs
->has_pointer_type_change
&& vs
->absolute
!= absolute
) {
733 vnc_write_u16(vs
, 1);
734 vnc_framebuffer_update(vs
, absolute
, 0,
735 vs
->ds
->width
, vs
->ds
->height
, -257);
738 vs
->absolute
= absolute
;
741 static void pointer_event(VncState
*vs
, int button_mask
, int x
, int y
)
746 if (button_mask
& 0x01)
747 buttons
|= MOUSE_EVENT_LBUTTON
;
748 if (button_mask
& 0x02)
749 buttons
|= MOUSE_EVENT_MBUTTON
;
750 if (button_mask
& 0x04)
751 buttons
|= MOUSE_EVENT_RBUTTON
;
752 if (button_mask
& 0x08)
754 if (button_mask
& 0x10)
758 kbd_mouse_event(x
* 0x7FFF / vs
->ds
->width
,
759 y
* 0x7FFF / vs
->ds
->height
,
761 } else if (vs
->has_pointer_type_change
) {
765 kbd_mouse_event(x
, y
, dz
, buttons
);
767 if (vs
->last_x
!= -1)
768 kbd_mouse_event(x
- vs
->last_x
,
775 check_pointer_type_change(vs
, kbd_mouse_is_absolute());
778 static void reset_keys(VncState
*vs
)
781 for(i
= 0; i
< 256; i
++) {
782 if (vs
->modifiers_state
[i
]) {
784 kbd_put_keycode(0xe0);
785 kbd_put_keycode(i
| 0x80);
786 vs
->modifiers_state
[i
] = 0;
791 static void do_key_event(VncState
*vs
, int down
, uint32_t sym
)
795 keycode
= keysym2scancode(vs
->kbd_layout
, sym
& 0xFFFF);
797 /* QEMU console switch */
799 case 0x2a: /* Left Shift */
800 case 0x36: /* Right Shift */
801 case 0x1d: /* Left CTRL */
802 case 0x9d: /* Right CTRL */
803 case 0x38: /* Left ALT */
804 case 0xb8: /* Right ALT */
806 vs
->modifiers_state
[keycode
] = 1;
808 vs
->modifiers_state
[keycode
] = 0;
810 case 0x02 ... 0x0a: /* '1' to '9' keys */
811 if (down
&& vs
->modifiers_state
[0x1d] && vs
->modifiers_state
[0x38]) {
812 /* Reset the modifiers sent to the current console */
814 console_select(keycode
- 0x02);
820 if (is_graphic_console()) {
822 kbd_put_keycode(0xe0);
824 kbd_put_keycode(keycode
& 0x7f);
826 kbd_put_keycode(keycode
| 0x80);
828 /* QEMU console emulation */
831 case 0x2a: /* Left Shift */
832 case 0x36: /* Right Shift */
833 case 0x1d: /* Left CTRL */
834 case 0x9d: /* Right CTRL */
835 case 0x38: /* Left ALT */
836 case 0xb8: /* Right ALT */
839 kbd_put_keysym(QEMU_KEY_UP
);
842 kbd_put_keysym(QEMU_KEY_DOWN
);
845 kbd_put_keysym(QEMU_KEY_LEFT
);
848 kbd_put_keysym(QEMU_KEY_RIGHT
);
851 kbd_put_keysym(QEMU_KEY_DELETE
);
854 kbd_put_keysym(QEMU_KEY_HOME
);
857 kbd_put_keysym(QEMU_KEY_END
);
860 kbd_put_keysym(QEMU_KEY_PAGEUP
);
863 kbd_put_keysym(QEMU_KEY_PAGEDOWN
);
873 static void key_event(VncState
*vs
, int down
, uint32_t sym
)
875 if (sym
>= 'A' && sym
<= 'Z')
876 sym
= sym
- 'A' + 'a';
877 do_key_event(vs
, down
, sym
);
880 static void framebuffer_update_request(VncState
*vs
, int incremental
,
881 int x_position
, int y_position
,
884 if (x_position
> vs
->ds
->width
)
885 x_position
= vs
->ds
->width
;
886 if (y_position
> vs
->ds
->height
)
887 y_position
= vs
->ds
->height
;
888 if (x_position
+ w
>= vs
->ds
->width
)
889 w
= vs
->ds
->width
- x_position
;
890 if (y_position
+ h
>= vs
->ds
->height
)
891 h
= vs
->ds
->height
- y_position
;
896 char *old_row
= vs
->old_data
+ y_position
* vs
->ds
->linesize
;
898 for (i
= 0; i
< h
; i
++) {
899 vnc_set_bits(vs
->dirty_row
[y_position
+ i
],
900 (vs
->ds
->width
/ 16), VNC_DIRTY_WORDS
);
901 memset(old_row
, 42, vs
->ds
->width
* vs
->depth
);
902 old_row
+= vs
->ds
->linesize
;
907 static void set_encodings(VncState
*vs
, int32_t *encodings
, size_t n_encodings
)
913 vs
->has_pointer_type_change
= 0;
915 vs
->ds
->dpy_copy
= NULL
;
917 for (i
= n_encodings
- 1; i
>= 0; i
--) {
918 switch (encodings
[i
]) {
922 case 1: /* CopyRect */
923 vs
->ds
->dpy_copy
= vnc_copy
;
925 case 5: /* Hextile */
928 case -223: /* DesktopResize */
932 vs
->has_pointer_type_change
= 1;
939 check_pointer_type_change(vs
, kbd_mouse_is_absolute());
942 static int compute_nbits(unsigned int val
)
953 static void set_pixel_format(VncState
*vs
,
954 int bits_per_pixel
, int depth
,
955 int big_endian_flag
, int true_color_flag
,
956 int red_max
, int green_max
, int blue_max
,
957 int red_shift
, int green_shift
, int blue_shift
)
959 int host_big_endian_flag
;
961 #ifdef WORDS_BIGENDIAN
962 host_big_endian_flag
= 1;
964 host_big_endian_flag
= 0;
966 if (!true_color_flag
) {
968 vnc_client_error(vs
);
971 if (bits_per_pixel
== 32 &&
972 host_big_endian_flag
== big_endian_flag
&&
973 red_max
== 0xff && green_max
== 0xff && blue_max
== 0xff &&
974 red_shift
== 16 && green_shift
== 8 && blue_shift
== 0) {
976 vs
->write_pixels
= vnc_write_pixels_copy
;
977 vs
->send_hextile_tile
= send_hextile_tile_32
;
979 if (bits_per_pixel
== 16 &&
980 host_big_endian_flag
== big_endian_flag
&&
981 red_max
== 31 && green_max
== 63 && blue_max
== 31 &&
982 red_shift
== 11 && green_shift
== 5 && blue_shift
== 0) {
984 vs
->write_pixels
= vnc_write_pixels_copy
;
985 vs
->send_hextile_tile
= send_hextile_tile_16
;
987 if (bits_per_pixel
== 8 &&
988 red_max
== 7 && green_max
== 7 && blue_max
== 3 &&
989 red_shift
== 5 && green_shift
== 2 && blue_shift
== 0) {
991 vs
->write_pixels
= vnc_write_pixels_copy
;
992 vs
->send_hextile_tile
= send_hextile_tile_8
;
995 /* generic and slower case */
996 if (bits_per_pixel
!= 8 &&
997 bits_per_pixel
!= 16 &&
998 bits_per_pixel
!= 32)
1001 vs
->red_shift
= red_shift
;
1002 vs
->red_max
= red_max
;
1003 vs
->red_shift1
= 24 - compute_nbits(red_max
);
1004 vs
->green_shift
= green_shift
;
1005 vs
->green_max
= green_max
;
1006 vs
->green_shift1
= 16 - compute_nbits(green_max
);
1007 vs
->blue_shift
= blue_shift
;
1008 vs
->blue_max
= blue_max
;
1009 vs
->blue_shift1
= 8 - compute_nbits(blue_max
);
1010 vs
->pix_bpp
= bits_per_pixel
/ 8;
1011 vs
->pix_big_endian
= big_endian_flag
;
1012 vs
->write_pixels
= vnc_write_pixels_generic
;
1013 vs
->send_hextile_tile
= send_hextile_tile_generic
;
1016 vnc_dpy_resize(vs
->ds
, vs
->ds
->width
, vs
->ds
->height
);
1017 memset(vs
->dirty_row
, 0xFF, sizeof(vs
->dirty_row
));
1018 memset(vs
->old_data
, 42, vs
->ds
->linesize
* vs
->ds
->height
);
1020 vga_hw_invalidate();
1024 static int protocol_client_msg(VncState
*vs
, char *data
, size_t len
)
1034 set_pixel_format(vs
, read_u8(data
, 4), read_u8(data
, 5),
1035 read_u8(data
, 6), read_u8(data
, 7),
1036 read_u16(data
, 8), read_u16(data
, 10),
1037 read_u16(data
, 12), read_u8(data
, 14),
1038 read_u8(data
, 15), read_u8(data
, 16));
1045 return 4 + (read_u16(data
, 2) * 4);
1047 limit
= read_u16(data
, 2);
1048 for (i
= 0; i
< limit
; i
++) {
1049 int32_t val
= read_s32(data
, 4 + (i
* 4));
1050 memcpy(data
+ 4 + (i
* 4), &val
, sizeof(val
));
1053 set_encodings(vs
, (int32_t *)(data
+ 4), limit
);
1059 framebuffer_update_request(vs
,
1060 read_u8(data
, 1), read_u16(data
, 2), read_u16(data
, 4),
1061 read_u16(data
, 6), read_u16(data
, 8));
1067 key_event(vs
, read_u8(data
, 1), read_u32(data
, 4));
1073 pointer_event(vs
, read_u8(data
, 1), read_u16(data
, 2), read_u16(data
, 4));
1080 return 8 + read_u32(data
, 4);
1082 client_cut_text(vs
, read_u32(data
, 4), data
+ 8);
1085 printf("Msg: %d\n", data
[0]);
1086 vnc_client_error(vs
);
1090 vnc_read_when(vs
, protocol_client_msg
, 1);
1094 static int protocol_client_init(VncState
*vs
, char *data
, size_t len
)
1096 char pad
[3] = { 0, 0, 0 };
1100 vs
->width
= vs
->ds
->width
;
1101 vs
->height
= vs
->ds
->height
;
1102 vnc_write_u16(vs
, vs
->ds
->width
);
1103 vnc_write_u16(vs
, vs
->ds
->height
);
1105 vnc_write_u8(vs
, vs
->depth
* 8); /* bits-per-pixel */
1106 vnc_write_u8(vs
, vs
->depth
* 8); /* depth */
1107 #ifdef WORDS_BIGENDIAN
1108 vnc_write_u8(vs
, 1); /* big-endian-flag */
1110 vnc_write_u8(vs
, 0); /* big-endian-flag */
1112 vnc_write_u8(vs
, 1); /* true-color-flag */
1113 if (vs
->depth
== 4) {
1114 vnc_write_u16(vs
, 0xFF); /* red-max */
1115 vnc_write_u16(vs
, 0xFF); /* green-max */
1116 vnc_write_u16(vs
, 0xFF); /* blue-max */
1117 vnc_write_u8(vs
, 16); /* red-shift */
1118 vnc_write_u8(vs
, 8); /* green-shift */
1119 vnc_write_u8(vs
, 0); /* blue-shift */
1120 vs
->send_hextile_tile
= send_hextile_tile_32
;
1121 } else if (vs
->depth
== 2) {
1122 vnc_write_u16(vs
, 31); /* red-max */
1123 vnc_write_u16(vs
, 63); /* green-max */
1124 vnc_write_u16(vs
, 31); /* blue-max */
1125 vnc_write_u8(vs
, 11); /* red-shift */
1126 vnc_write_u8(vs
, 5); /* green-shift */
1127 vnc_write_u8(vs
, 0); /* blue-shift */
1128 vs
->send_hextile_tile
= send_hextile_tile_16
;
1129 } else if (vs
->depth
== 1) {
1130 /* XXX: change QEMU pixel 8 bit pixel format to match the VNC one ? */
1131 vnc_write_u16(vs
, 7); /* red-max */
1132 vnc_write_u16(vs
, 7); /* green-max */
1133 vnc_write_u16(vs
, 3); /* blue-max */
1134 vnc_write_u8(vs
, 5); /* red-shift */
1135 vnc_write_u8(vs
, 2); /* green-shift */
1136 vnc_write_u8(vs
, 0); /* blue-shift */
1137 vs
->send_hextile_tile
= send_hextile_tile_8
;
1139 vs
->write_pixels
= vnc_write_pixels_copy
;
1141 vnc_write(vs
, pad
, 3); /* padding */
1144 size
= snprintf(buf
, sizeof(buf
), "QEMU (%s)", qemu_name
);
1146 size
= snprintf(buf
, sizeof(buf
), "QEMU");
1148 vnc_write_u32(vs
, size
);
1149 vnc_write(vs
, buf
, size
);
1152 vnc_read_when(vs
, protocol_client_msg
, 1);
1157 static void make_challenge(VncState
*vs
)
1161 srand(time(NULL
)+getpid()+getpid()*987654+rand());
1163 for (i
= 0 ; i
< sizeof(vs
->challenge
) ; i
++)
1164 vs
->challenge
[i
] = (int) (256.0*rand()/(RAND_MAX
+1.0));
1167 static int protocol_client_auth_vnc(VncState
*vs
, char *data
, size_t len
)
1169 char response
[VNC_AUTH_CHALLENGE_SIZE
];
1173 if (!vs
->password
|| !vs
->password
[0]) {
1174 VNC_DEBUG("No password configured on server");
1175 vnc_write_u32(vs
, 1); /* Reject auth */
1176 if (vs
->minor
>= 8) {
1177 static const char err
[] = "Authentication failed";
1178 vnc_write_u32(vs
, sizeof(err
));
1179 vnc_write(vs
, err
, sizeof(err
));
1182 vnc_client_error(vs
);
1186 memcpy(response
, vs
->challenge
, VNC_AUTH_CHALLENGE_SIZE
);
1188 /* Calculate the expected challenge response */
1189 pwlen
= strlen(vs
->password
);
1190 for (i
=0; i
<sizeof(key
); i
++)
1191 key
[i
] = i
<pwlen
? vs
->password
[i
] : 0;
1193 for (j
= 0; j
< VNC_AUTH_CHALLENGE_SIZE
; j
+= 8)
1194 des(response
+j
, response
+j
);
1196 /* Compare expected vs actual challenge response */
1197 if (memcmp(response
, data
, VNC_AUTH_CHALLENGE_SIZE
) != 0) {
1198 VNC_DEBUG("Client challenge reponse did not match\n");
1199 vnc_write_u32(vs
, 1); /* Reject auth */
1200 if (vs
->minor
>= 8) {
1201 static const char err
[] = "Authentication failed";
1202 vnc_write_u32(vs
, sizeof(err
));
1203 vnc_write(vs
, err
, sizeof(err
));
1206 vnc_client_error(vs
);
1208 VNC_DEBUG("Accepting VNC challenge response\n");
1209 vnc_write_u32(vs
, 0); /* Accept auth */
1212 vnc_read_when(vs
, protocol_client_init
, 1);
1217 static int start_auth_vnc(VncState
*vs
)
1220 /* Send client a 'random' challenge */
1221 vnc_write(vs
, vs
->challenge
, sizeof(vs
->challenge
));
1224 vnc_read_when(vs
, protocol_client_auth_vnc
, sizeof(vs
->challenge
));
1228 static int protocol_client_auth(VncState
*vs
, char *data
, size_t len
)
1230 /* We only advertise 1 auth scheme at a time, so client
1231 * must pick the one we sent. Verify this */
1232 if (data
[0] != vs
->auth
) { /* Reject auth */
1233 VNC_DEBUG("Reject auth %d\n", (int)data
[0]);
1234 vnc_write_u32(vs
, 1);
1235 if (vs
->minor
>= 8) {
1236 static const char err
[] = "Authentication failed";
1237 vnc_write_u32(vs
, sizeof(err
));
1238 vnc_write(vs
, err
, sizeof(err
));
1240 vnc_client_error(vs
);
1241 } else { /* Accept requested auth */
1242 VNC_DEBUG("Client requested auth %d\n", (int)data
[0]);
1245 VNC_DEBUG("Accept auth none\n");
1246 vnc_write_u32(vs
, 0); /* Accept auth completion */
1247 vnc_read_when(vs
, protocol_client_init
, 1);
1251 VNC_DEBUG("Start VNC auth\n");
1252 return start_auth_vnc(vs
);
1254 default: /* Should not be possible, but just in case */
1255 VNC_DEBUG("Reject auth %d\n", vs
->auth
);
1256 vnc_write_u8(vs
, 1);
1257 if (vs
->minor
>= 8) {
1258 static const char err
[] = "Authentication failed";
1259 vnc_write_u32(vs
, sizeof(err
));
1260 vnc_write(vs
, err
, sizeof(err
));
1262 vnc_client_error(vs
);
1268 static int protocol_version(VncState
*vs
, char *version
, size_t len
)
1272 memcpy(local
, version
, 12);
1275 if (sscanf(local
, "RFB %03d.%03d\n", &vs
->major
, &vs
->minor
) != 2) {
1276 VNC_DEBUG("Malformed protocol version %s\n", local
);
1277 vnc_client_error(vs
);
1280 VNC_DEBUG("Client request protocol version %d.%d\n", vs
->major
, vs
->minor
);
1281 if (vs
->major
!= 3 ||
1286 VNC_DEBUG("Unsupported client version\n");
1287 vnc_write_u32(vs
, VNC_AUTH_INVALID
);
1289 vnc_client_error(vs
);
1292 /* Some broken client report v3.5 which spec requires to be treated
1293 * as equivalent to v3.3 by servers
1298 if (vs
->minor
== 3) {
1299 if (vs
->auth
== VNC_AUTH_NONE
) {
1300 VNC_DEBUG("Tell client auth none\n");
1301 vnc_write_u32(vs
, vs
->auth
);
1303 vnc_read_when(vs
, protocol_client_init
, 1);
1304 } else if (vs
->auth
== VNC_AUTH_VNC
) {
1305 VNC_DEBUG("Tell client VNC auth\n");
1306 vnc_write_u32(vs
, vs
->auth
);
1310 VNC_DEBUG("Unsupported auth %d for protocol 3.3\n", vs
->auth
);
1311 vnc_write_u32(vs
, VNC_AUTH_INVALID
);
1313 vnc_client_error(vs
);
1316 VNC_DEBUG("Telling client we support auth %d\n", vs
->auth
);
1317 vnc_write_u8(vs
, 1); /* num auth */
1318 vnc_write_u8(vs
, vs
->auth
);
1319 vnc_read_when(vs
, protocol_client_auth
, 1);
1326 static void vnc_listen_read(void *opaque
)
1328 VncState
*vs
= opaque
;
1329 struct sockaddr_in addr
;
1330 socklen_t addrlen
= sizeof(addr
);
1332 vs
->csock
= accept(vs
->lsock
, (struct sockaddr
*)&addr
, &addrlen
);
1333 if (vs
->csock
!= -1) {
1334 socket_set_nonblock(vs
->csock
);
1335 qemu_set_fd_handler2(vs
->csock
, NULL
, vnc_client_read
, NULL
, opaque
);
1336 vnc_write(vs
, "RFB 003.008\n", 12);
1338 vnc_read_when(vs
, protocol_version
, 12);
1339 memset(vs
->old_data
, 0, vs
->ds
->linesize
* vs
->ds
->height
);
1340 memset(vs
->dirty_row
, 0xFF, sizeof(vs
->dirty_row
));
1342 vs
->has_hextile
= 0;
1343 vs
->ds
->dpy_copy
= NULL
;
1347 extern int parse_host_port(struct sockaddr_in
*saddr
, const char *str
);
1349 void vnc_display_init(DisplayState
*ds
)
1353 vs
= qemu_mallocz(sizeof(VncState
));
1360 vs
->password
= NULL
;
1370 if (!keyboard_layout
)
1371 keyboard_layout
= "en-us";
1373 vs
->kbd_layout
= init_keyboard_layout(keyboard_layout
);
1374 if (!vs
->kbd_layout
)
1377 vs
->ds
->data
= NULL
;
1378 vs
->ds
->dpy_update
= vnc_dpy_update
;
1379 vs
->ds
->dpy_resize
= vnc_dpy_resize
;
1380 vs
->ds
->dpy_refresh
= vnc_dpy_refresh
;
1382 memset(vs
->dirty_row
, 0xFF, sizeof(vs
->dirty_row
));
1384 vnc_dpy_resize(vs
->ds
, 640, 400);
1387 void vnc_display_close(DisplayState
*ds
)
1389 VncState
*vs
= ds
? (VncState
*)ds
->opaque
: vnc_state
;
1392 qemu_free(vs
->display
);
1395 if (vs
->lsock
!= -1) {
1396 qemu_set_fd_handler2(vs
->lsock
, NULL
, NULL
, NULL
, NULL
);
1400 if (vs
->csock
!= -1) {
1401 qemu_set_fd_handler2(vs
->csock
, NULL
, NULL
, NULL
, NULL
);
1402 closesocket(vs
->csock
);
1404 buffer_reset(&vs
->input
);
1405 buffer_reset(&vs
->output
);
1406 vs
->need_update
= 0;
1408 vs
->auth
= VNC_AUTH_INVALID
;
1411 int vnc_display_password(DisplayState
*ds
, const char *password
)
1413 VncState
*vs
= ds
? (VncState
*)ds
->opaque
: vnc_state
;
1416 qemu_free(vs
->password
);
1417 vs
->password
= NULL
;
1419 if (password
&& password
[0]) {
1420 if (!(vs
->password
= qemu_strdup(password
)))
1427 int vnc_display_open(DisplayState
*ds
, const char *display
)
1429 struct sockaddr
*addr
;
1430 struct sockaddr_in iaddr
;
1432 struct sockaddr_un uaddr
;
1434 int reuse_addr
, ret
;
1437 VncState
*vs
= ds
? (VncState
*)ds
->opaque
: vnc_state
;
1438 const char *options
;
1441 vnc_display_close(ds
);
1442 if (strcmp(display
, "none") == 0)
1445 if (!(vs
->display
= strdup(display
)))
1449 while ((options
= strchr(options
, ','))) {
1451 if (strncmp(options
, "password", 8) == 0)
1452 password
= 1; /* Require password auth */
1456 VNC_DEBUG("Initializing VNC server with password auth\n");
1457 vs
->auth
= VNC_AUTH_VNC
;
1459 VNC_DEBUG("Initializing VNC server with no auth\n");
1460 vs
->auth
= VNC_AUTH_NONE
;
1463 if (strstart(display
, "unix:", &p
)) {
1464 addr
= (struct sockaddr
*)&uaddr
;
1465 addrlen
= sizeof(uaddr
);
1467 vs
->lsock
= socket(PF_UNIX
, SOCK_STREAM
, 0);
1468 if (vs
->lsock
== -1) {
1469 fprintf(stderr
, "Could not create socket\n");
1475 uaddr
.sun_family
= AF_UNIX
;
1476 memset(uaddr
.sun_path
, 0, 108);
1477 snprintf(uaddr
.sun_path
, 108, "%s", p
);
1479 unlink(uaddr
.sun_path
);
1483 addr
= (struct sockaddr
*)&iaddr
;
1484 addrlen
= sizeof(iaddr
);
1486 if (parse_host_port(&iaddr
, display
) < 0) {
1487 fprintf(stderr
, "Could not parse VNC address\n");
1493 iaddr
.sin_port
= htons(ntohs(iaddr
.sin_port
) + 5900);
1495 vs
->lsock
= socket(PF_INET
, SOCK_STREAM
, 0);
1496 if (vs
->lsock
== -1) {
1497 fprintf(stderr
, "Could not create socket\n");
1504 ret
= setsockopt(vs
->lsock
, SOL_SOCKET
, SO_REUSEADDR
,
1505 (const char *)&reuse_addr
, sizeof(reuse_addr
));
1507 fprintf(stderr
, "setsockopt() failed\n");
1516 if (bind(vs
->lsock
, addr
, addrlen
) == -1) {
1517 fprintf(stderr
, "bind() failed\n");
1525 if (listen(vs
->lsock
, 1) == -1) {
1526 fprintf(stderr
, "listen() failed\n");
1534 return qemu_set_fd_handler2(vs
->lsock
, vnc_listen_poll
, vnc_listen_read
, NULL
, vs
);