#include "crypto/tlscredsx509.h"
#include "qom/object_interfaces.h"
#include "qemu/cutils.h"
+#include "io/dns-resolver.h"
#define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT
#define VNC_REFRESH_INTERVAL_INC 50
{
SocketAddress *addr = NULL;
+ if (!ioc) {
+ error_setg(errp, "No listener socket available");
+ return;
+ }
+
addr = qio_channel_socket_get_local_address(ioc, errp);
if (!addr) {
return;
VncServerInfo *info;
Error *err = NULL;
- info = g_malloc(sizeof(*info));
- vnc_init_basic_info_from_server_addr(vd->lsock,
+ if (!vd->nlsock) {
+ return NULL;
+ }
+
+ info = g_malloc0(sizeof(*info));
+ vnc_init_basic_info_from_server_addr(vd->lsock[0],
qapi_VncServerInfo_base(info), &err);
info->has_auth = true;
info->auth = g_strdup(vnc_auth_name(vd));
VncDisplay *vd = vnc_display_find(NULL);
SocketAddress *addr = NULL;
- if (vd == NULL || !vd->enabled) {
+ if (vd == NULL || !vd->nlsock) {
info->enabled = false;
} else {
info->enabled = true;
return info;
}
- addr = qio_channel_socket_get_local_address(vd->lsock, errp);
+ addr = qio_channel_socket_get_local_address(vd->lsock[0], errp);
if (!addr) {
goto out_error;
}
return NULL;
}
-static VncBasicInfoList *qmp_query_server_entry(QIOChannelSocket *ioc,
- bool websocket,
- VncBasicInfoList *prev)
+
+static void qmp_query_auth(int auth, int subauth,
+ VncPrimaryAuth *qmp_auth,
+ VncVencryptSubAuth *qmp_vencrypt,
+ bool *qmp_has_vencrypt);
+
+static VncServerInfo2List *qmp_query_server_entry(QIOChannelSocket *ioc,
+ bool websocket,
+ int auth,
+ int subauth,
+ VncServerInfo2List *prev)
{
- VncBasicInfoList *list;
- VncBasicInfo *info;
+ VncServerInfo2List *list;
+ VncServerInfo2 *info;
Error *err = NULL;
SocketAddress *addr;
return prev;
}
- info = g_new0(VncBasicInfo, 1);
- vnc_init_basic_info(addr, info, &err);
+ info = g_new0(VncServerInfo2, 1);
+ vnc_init_basic_info(addr, qapi_VncServerInfo2_base(info), &err);
qapi_free_SocketAddress(addr);
if (err) {
- qapi_free_VncBasicInfo(info);
+ qapi_free_VncServerInfo2(info);
error_free(err);
return prev;
}
info->websocket = websocket;
- list = g_new0(VncBasicInfoList, 1);
+ qmp_query_auth(auth, subauth, &info->auth,
+ &info->vencrypt, &info->has_vencrypt);
+
+ list = g_new0(VncServerInfo2List, 1);
list->value = info;
list->next = prev;
return list;
}
-static void qmp_query_auth(VncDisplay *vd, VncInfo2 *info)
+static void qmp_query_auth(int auth, int subauth,
+ VncPrimaryAuth *qmp_auth,
+ VncVencryptSubAuth *qmp_vencrypt,
+ bool *qmp_has_vencrypt)
{
- switch (vd->auth) {
+ switch (auth) {
case VNC_AUTH_VNC:
- info->auth = VNC_PRIMARY_AUTH_VNC;
+ *qmp_auth = VNC_PRIMARY_AUTH_VNC;
break;
case VNC_AUTH_RA2:
- info->auth = VNC_PRIMARY_AUTH_RA2;
+ *qmp_auth = VNC_PRIMARY_AUTH_RA2;
break;
case VNC_AUTH_RA2NE:
- info->auth = VNC_PRIMARY_AUTH_RA2NE;
+ *qmp_auth = VNC_PRIMARY_AUTH_RA2NE;
break;
case VNC_AUTH_TIGHT:
- info->auth = VNC_PRIMARY_AUTH_TIGHT;
+ *qmp_auth = VNC_PRIMARY_AUTH_TIGHT;
break;
case VNC_AUTH_ULTRA:
- info->auth = VNC_PRIMARY_AUTH_ULTRA;
+ *qmp_auth = VNC_PRIMARY_AUTH_ULTRA;
break;
case VNC_AUTH_TLS:
- info->auth = VNC_PRIMARY_AUTH_TLS;
+ *qmp_auth = VNC_PRIMARY_AUTH_TLS;
break;
case VNC_AUTH_VENCRYPT:
- info->auth = VNC_PRIMARY_AUTH_VENCRYPT;
- info->has_vencrypt = true;
- switch (vd->subauth) {
+ *qmp_auth = VNC_PRIMARY_AUTH_VENCRYPT;
+ *qmp_has_vencrypt = true;
+ switch (subauth) {
case VNC_AUTH_VENCRYPT_PLAIN:
- info->vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN;
+ *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN;
break;
case VNC_AUTH_VENCRYPT_TLSNONE:
- info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE;
+ *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE;
break;
case VNC_AUTH_VENCRYPT_TLSVNC:
- info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC;
+ *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC;
break;
case VNC_AUTH_VENCRYPT_TLSPLAIN:
- info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN;
+ *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN;
break;
case VNC_AUTH_VENCRYPT_X509NONE:
- info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE;
+ *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE;
break;
case VNC_AUTH_VENCRYPT_X509VNC:
- info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC;
+ *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC;
break;
case VNC_AUTH_VENCRYPT_X509PLAIN:
- info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN;
+ *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN;
break;
case VNC_AUTH_VENCRYPT_TLSSASL:
- info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL;
+ *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL;
break;
case VNC_AUTH_VENCRYPT_X509SASL:
- info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL;
+ *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL;
break;
default:
- info->has_vencrypt = false;
+ *qmp_has_vencrypt = false;
break;
}
break;
case VNC_AUTH_SASL:
- info->auth = VNC_PRIMARY_AUTH_SASL;
+ *qmp_auth = VNC_PRIMARY_AUTH_SASL;
break;
case VNC_AUTH_NONE:
default:
- info->auth = VNC_PRIMARY_AUTH_NONE;
+ *qmp_auth = VNC_PRIMARY_AUTH_NONE;
break;
}
}
VncInfo2 *info;
VncDisplay *vd;
DeviceState *dev;
+ size_t i;
QTAILQ_FOREACH(vd, &vnc_displays, next) {
info = g_new0(VncInfo2, 1);
info->id = g_strdup(vd->id);
info->clients = qmp_query_client_list(vd);
- qmp_query_auth(vd, info);
+ qmp_query_auth(vd->auth, vd->subauth, &info->auth,
+ &info->vencrypt, &info->has_vencrypt);
if (vd->dcl.con) {
dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con),
"device", NULL));
info->has_display = true;
info->display = g_strdup(dev->id);
}
- if (vd->lsock != NULL) {
+ for (i = 0; i < vd->nlsock; i++) {
info->server = qmp_query_server_entry(
- vd->lsock, false, info->server);
+ vd->lsock[i], false, vd->auth, vd->subauth, info->server);
}
- if (vd->lwebsock != NULL) {
+ for (i = 0; i < vd->nlwebsock; i++) {
info->server = qmp_query_server_entry(
- vd->lwebsock, true, info->server);
+ vd->lwebsock[i], true, vd->ws_auth,
+ vd->ws_subauth, info->server);
}
item = g_new0(VncInfo2List, 1);
static void vnc_update_server_surface(VncDisplay *vd)
{
+ int width, height;
+
qemu_pixman_image_unref(vd->server);
vd->server = NULL;
return;
}
+ width = vnc_width(vd);
+ height = vnc_height(vd);
vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT,
- vnc_width(vd),
- vnc_height(vd),
+ width, height,
NULL, 0);
+
+ memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty));
+ vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0,
+ width, height);
}
static void vnc_dpy_switch(DisplayChangeListener *dcl,
{
VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
VncState *vs;
- int width, height;
vnc_abort_display_jobs(vd);
vd->ds = surface;
qemu_pixman_image_unref(vd->guest.fb);
vd->guest.fb = pixman_image_ref(surface->image);
vd->guest.format = surface->format;
- width = vnc_width(vd);
- height = vnc_height(vd);
- memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty));
- vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0,
- width, height);
QTAILQ_FOREACH(vs, &vd->clients, next) {
vnc_colordepth(vs);
}
memset(vs->dirty, 0x00, sizeof(vs->dirty));
vnc_set_area_dirty(vs->dirty, vd, 0, 0,
- width, height);
+ vnc_width(vd),
+ vnc_height(vd));
}
}
}
}
+ if (!vd->server) {
+ /* no client connected */
+ return;
+ }
/* do bitblit op on the local surface too */
pitch = vnc_server_fb_stride(vd);
src_row = vnc_server_fb_ptr(vd, src_x, src_y);
static int vnc_update_client(VncState *vs, int has_dirty, bool sync)
{
+ if (vs->disconnecting) {
+ vnc_disconnect_finish(vs);
+ return 0;
+ }
+
vs->has_dirty += has_dirty;
- if (vs->need_update && vs->ioc != NULL) {
+ if (vs->need_update && !vs->disconnecting) {
VncDisplay *vd = vs->vd;
VncJob *job;
int y;
audio_del(vs);
vnc_release_modifiers(vs);
- if (vs->initialized) {
- QTAILQ_REMOVE(&vs->vd->clients, vs, next);
+ if (vs->mouse_mode_notifier.notify != NULL) {
qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
- if (QTAILQ_EMPTY(&vs->vd->clients)) {
- /* last client gone */
- vnc_update_server_surface(vs->vd);
- }
+ }
+ QTAILQ_REMOVE(&vs->vd->clients, vs, next);
+ if (QTAILQ_EMPTY(&vs->vd->clients)) {
+ /* last client gone */
+ vnc_update_server_surface(vs->vd);
}
- if (vs->vd->lock_key_sync)
- qemu_remove_led_event_handler(vs->led);
vnc_unlock_output(vs);
qemu_mutex_destroy(&vs->output_mutex);
if (ret <= 0) {
if (ret == 0) {
VNC_DEBUG("Closing down client sock: EOF\n");
+ vnc_disconnect_start(vs);
} else if (ret != QIO_CHANNEL_ERR_BLOCK) {
- VNC_DEBUG("Closing down client sock: ret %d (%s)\n",
+ VNC_DEBUG("Closing down client sock: ret %zd (%s)\n",
ret, errp ? error_get_pretty(*errp) : "Unknown");
+ vnc_disconnect_start(vs);
}
- vnc_disconnect_start(vs);
if (errp) {
error_free(*errp);
*errp = NULL;
* First function called whenever there is more data to be read from
* the client socket. Will delegate actual work according to whether
* SASL SSF layers are enabled (thus requiring decryption calls)
+ * Returns 0 on success, -1 if client disconnected
*/
-static void vnc_client_read(VncState *vs)
+static int vnc_client_read(VncState *vs)
{
ssize_t ret;
if (!ret) {
if (vs->disconnecting) {
vnc_disconnect_finish(vs);
+ return -1;
}
- return;
+ return 0;
}
while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) {
ret = vs->read_handler(vs, vs->input.buffer, len);
if (vs->disconnecting) {
vnc_disconnect_finish(vs);
- return;
+ return -1;
}
if (!ret) {
vs->read_handler_expect = ret;
}
}
+ return 0;
}
gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED,
{
VncState *vs = opaque;
if (condition & G_IO_IN) {
- vnc_client_read(vs);
+ if (vnc_client_read(vs) < 0) {
+ return TRUE;
+ }
}
if (condition & G_IO_OUT) {
vnc_client_write(vs);
qemu_input_event_send_key_delay(vs->vd->key_delay_ms);
}
-static int current_led_state(VncState *vs)
-{
- int ledstate = 0;
-
- if (vs->modifiers_state[0x46]) {
- ledstate |= QEMU_SCROLL_LOCK_LED;
- }
- if (vs->modifiers_state[0x45]) {
- ledstate |= QEMU_NUM_LOCK_LED;
- }
- if (vs->modifiers_state[0x3a]) {
- ledstate |= QEMU_CAPS_LOCK_LED;
- }
-
- return ledstate;
-}
-
static void vnc_led_state_change(VncState *vs)
{
- int ledstate = 0;
-
if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) {
return;
}
- ledstate = current_led_state(vs);
vnc_lock_output(vs);
vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
vnc_write_u8(vs, 0);
vnc_write_u16(vs, 1);
vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE);
- vnc_write_u8(vs, ledstate);
+ vnc_write_u8(vs, vs->vd->ledstate);
vnc_unlock_output(vs);
vnc_flush(vs);
}
static void kbd_leds(void *opaque, int ledstate)
{
- VncState *vs = opaque;
- int caps, num, scr;
- bool has_changed = (ledstate != current_led_state(vs));
+ VncDisplay *vd = opaque;
+ VncState *client;
trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED),
(ledstate & QEMU_NUM_LOCK_LED),
(ledstate & QEMU_SCROLL_LOCK_LED));
- caps = ledstate & QEMU_CAPS_LOCK_LED ? 1 : 0;
- num = ledstate & QEMU_NUM_LOCK_LED ? 1 : 0;
- scr = ledstate & QEMU_SCROLL_LOCK_LED ? 1 : 0;
-
- if (vs->modifiers_state[0x3a] != caps) {
- vs->modifiers_state[0x3a] = caps;
- }
- if (vs->modifiers_state[0x45] != num) {
- vs->modifiers_state[0x45] = num;
- }
- if (vs->modifiers_state[0x46] != scr) {
- vs->modifiers_state[0x46] = scr;
+ if (ledstate == vd->ledstate) {
+ return;
}
- /* Sending the current led state message to the client */
- if (has_changed) {
- vnc_led_state_change(vs);
+ vd->ledstate = ledstate;
+
+ QTAILQ_FOREACH(client, &vd->clients, next) {
+ vnc_led_state_change(client);
}
}
}
}
-static void set_pixel_format(VncState *vs,
- int bits_per_pixel, int depth,
+static void set_pixel_format(VncState *vs, int bits_per_pixel,
int big_endian_flag, int true_color_flag,
int red_max, int green_max, int blue_max,
int red_shift, int green_shift, int blue_shift)
if (!true_color_flag) {
/* Expose a reasonable default 256 color map */
bits_per_pixel = 8;
- depth = 8;
red_max = 7;
green_max = 7;
blue_max = 3;
if (len == 1)
return 20;
- set_pixel_format(vs, read_u8(data, 4), read_u8(data, 5),
+ set_pixel_format(vs, read_u8(data, 4),
read_u8(data, 6), read_u8(data, 7),
read_u16(data, 8), read_u16(data, 10),
read_u16(data, 12), read_u8(data, 14),
pixel_format_message(vs);
- if (qemu_name)
+ if (qemu_name) {
size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name);
- else
+ if (size > sizeof(buf)) {
+ size = sizeof(buf);
+ }
+ } else {
size = snprintf(buf, sizeof(buf), "QEMU");
+ }
vnc_write_u32(vs, size);
vnc_write(vs, buf, size);
static int vnc_update_stats(VncDisplay *vd, struct timeval * tv)
{
- int width = pixman_image_get_width(vd->guest.fb);
- int height = pixman_image_get_height(vd->guest.fb);
+ int width = MIN(pixman_image_get_width(vd->guest.fb),
+ pixman_image_get_width(vd->server));
+ int height = MIN(pixman_image_get_height(vd->guest.fb),
+ pixman_image_get_height(vd->server));
int x, y;
struct timeval res;
int has_dirty = 0;
bool skipauth, bool websocket)
{
VncState *vs = g_new0(VncState, 1);
+ bool first_client = QTAILQ_EMPTY(&vd->clients);
int i;
vs->sioc = sioc;
qio_channel_set_blocking(vs->ioc, false, NULL);
if (websocket) {
vs->websocket = 1;
- if (vd->ws_tls) {
+ if (vd->tlscreds) {
vs->ioc_tag = qio_channel_add_watch(
vs->ioc, G_IO_IN, vncws_tls_handshake_io, vs, NULL);
} else {
vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED);
vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING);
- if (!vs->websocket) {
- vnc_init_state(vs);
- }
-
- if (vd->num_connecting > vd->connections_limit) {
- QTAILQ_FOREACH(vs, &vd->clients, next) {
- if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) {
- vnc_disconnect_start(vs);
- return;
- }
- }
- }
-}
-
-void vnc_init_state(VncState *vs)
-{
- vs->initialized = true;
- VncDisplay *vd = vs->vd;
- bool first_client = QTAILQ_EMPTY(&vd->clients);
-
vs->last_x = -1;
vs->last_y = -1;
graphic_hw_update(vd->dcl.con);
+ if (!vs->websocket) {
+ vnc_start_protocol(vs);
+ }
+
+ if (vd->num_connecting > vd->connections_limit) {
+ QTAILQ_FOREACH(vs, &vd->clients, next) {
+ if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) {
+ vnc_disconnect_start(vs);
+ return;
+ }
+ }
+ }
+}
+
+void vnc_start_protocol(VncState *vs)
+{
vnc_write(vs, "RFB 003.008\n", 12);
vnc_flush(vs);
vnc_read_when(vs, protocol_version, 12);
- reset_keys(vs);
- if (vs->vd->lock_key_sync)
- vs->led = qemu_add_led_event_handler(kbd_leds, vs);
vs->mouse_mode_notifier.notify = check_pointer_type_change;
qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
-
- /* vs might be free()ed here */
}
static gboolean vnc_listen_io(QIOChannel *ioc,
GIOCondition condition,
void *opaque)
{
- VncDisplay *vs = opaque;
+ VncDisplay *vd = opaque;
QIOChannelSocket *sioc = NULL;
Error *err = NULL;
+ bool isWebsock = false;
+ size_t i;
+
+ for (i = 0; i < vd->nlwebsock; i++) {
+ if (ioc == QIO_CHANNEL(vd->lwebsock[i])) {
+ isWebsock = true;
+ break;
+ }
+ }
- /* Catch-up */
- graphic_hw_update(vs->dcl.con);
sioc = qio_channel_socket_accept(QIO_CHANNEL_SOCKET(ioc), &err);
if (sioc != NULL) {
+ qio_channel_set_name(QIO_CHANNEL(sioc),
+ isWebsock ? "vnc-ws-server" : "vnc-server");
qio_channel_set_delay(QIO_CHANNEL(sioc), false);
- vnc_connect(vs, sioc, false,
- ioc != QIO_CHANNEL(vs->lsock));
+ vnc_connect(vd, sioc, false, isWebsock);
object_unref(OBJECT(sioc));
} else {
/* client probably closed connection before we got there */
void vnc_display_init(const char *id)
{
- VncDisplay *vs;
+ VncDisplay *vd;
if (vnc_display_find(id) != NULL) {
return;
}
- vs = g_malloc0(sizeof(*vs));
+ vd = g_malloc0(sizeof(*vd));
- vs->id = strdup(id);
- QTAILQ_INSERT_TAIL(&vnc_displays, vs, next);
+ vd->id = strdup(id);
+ QTAILQ_INSERT_TAIL(&vnc_displays, vd, next);
- QTAILQ_INIT(&vs->clients);
- vs->expires = TIME_MAX;
+ QTAILQ_INIT(&vd->clients);
+ vd->expires = TIME_MAX;
if (keyboard_layout) {
trace_vnc_key_map_init(keyboard_layout);
- vs->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout);
+ vd->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout);
} else {
- vs->kbd_layout = init_keyboard_layout(name2keysym, "en-us");
+ vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us");
}
- if (!vs->kbd_layout)
+ if (!vd->kbd_layout) {
exit(1);
+ }
+
+ vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
+ vd->connections_limit = 32;
- qemu_mutex_init(&vs->mutex);
+ qemu_mutex_init(&vd->mutex);
vnc_start_worker_thread();
- vs->dcl.ops = &dcl_ops;
- register_displaychangelistener(&vs->dcl);
+ vd->dcl.ops = &dcl_ops;
+ register_displaychangelistener(&vd->dcl);
}
-static void vnc_display_close(VncDisplay *vs)
+static void vnc_display_close(VncDisplay *vd)
{
- if (!vs)
+ size_t i;
+ if (!vd) {
return;
- vs->enabled = false;
- vs->is_unix = false;
- if (vs->lsock != NULL) {
- if (vs->lsock_tag) {
- g_source_remove(vs->lsock_tag);
+ }
+ vd->is_unix = false;
+ for (i = 0; i < vd->nlsock; i++) {
+ if (vd->lsock_tag[i]) {
+ g_source_remove(vd->lsock_tag[i]);
}
- object_unref(OBJECT(vs->lsock));
- vs->lsock = NULL;
+ object_unref(OBJECT(vd->lsock[i]));
}
- vs->ws_enabled = false;
- if (vs->lwebsock != NULL) {
- if (vs->lwebsock_tag) {
- g_source_remove(vs->lwebsock_tag);
+ g_free(vd->lsock);
+ g_free(vd->lsock_tag);
+ vd->lsock = NULL;
+ vd->nlsock = 0;
+
+ for (i = 0; i < vd->nlwebsock; i++) {
+ if (vd->lwebsock_tag[i]) {
+ g_source_remove(vd->lwebsock_tag[i]);
}
- object_unref(OBJECT(vs->lwebsock));
- vs->lwebsock = NULL;
+ object_unref(OBJECT(vd->lwebsock[i]));
}
- vs->auth = VNC_AUTH_INVALID;
- vs->subauth = VNC_AUTH_INVALID;
- if (vs->tlscreds) {
- object_unparent(OBJECT(vs->tlscreds));
- vs->tlscreds = NULL;
+ g_free(vd->lwebsock);
+ g_free(vd->lwebsock_tag);
+ vd->lwebsock = NULL;
+ vd->nlwebsock = 0;
+
+ vd->auth = VNC_AUTH_INVALID;
+ vd->subauth = VNC_AUTH_INVALID;
+ if (vd->tlscreds) {
+ object_unparent(OBJECT(vd->tlscreds));
+ vd->tlscreds = NULL;
+ }
+ g_free(vd->tlsaclname);
+ vd->tlsaclname = NULL;
+ if (vd->lock_key_sync) {
+ qemu_remove_led_event_handler(vd->led);
}
- g_free(vs->tlsaclname);
- vs->tlsaclname = NULL;
}
int vnc_display_password(const char *id, const char *password)
{
- VncDisplay *vs = vnc_display_find(id);
+ VncDisplay *vd = vnc_display_find(id);
- if (!vs) {
+ if (!vd) {
return -EINVAL;
}
- if (vs->auth == VNC_AUTH_NONE) {
+ if (vd->auth == VNC_AUTH_NONE) {
error_printf_unless_qmp("If you want use passwords please enable "
- "password auth using '-vnc ${dpy},password'.");
+ "password auth using '-vnc ${dpy},password'.\n");
return -EINVAL;
}
- g_free(vs->password);
- vs->password = g_strdup(password);
+ g_free(vd->password);
+ vd->password = g_strdup(password);
return 0;
}
int vnc_display_pw_expire(const char *id, time_t expires)
{
- VncDisplay *vs = vnc_display_find(id);
+ VncDisplay *vd = vnc_display_find(id);
- if (!vs) {
+ if (!vd) {
return -EINVAL;
}
- vs->expires = expires;
+ vd->expires = expires;
return 0;
}
-char *vnc_display_local_addr(const char *id)
+static void vnc_display_print_local_addr(VncDisplay *vd)
{
- VncDisplay *vs = vnc_display_find(id);
SocketAddress *addr;
- char *ret;
Error *err = NULL;
- assert(vs);
+ if (!vd->nlsock) {
+ return;
+ }
- addr = qio_channel_socket_get_local_address(vs->lsock, &err);
+ addr = qio_channel_socket_get_local_address(vd->lsock[0], &err);
if (!addr) {
- return NULL;
+ return;
}
if (addr->type != SOCKET_ADDRESS_KIND_INET) {
qapi_free_SocketAddress(addr);
- return NULL;
+ return;
}
- ret = g_strdup_printf("%s;%s", addr->u.inet.data->host,
- addr->u.inet.data->port);
+ error_printf_unless_qmp("VNC server running on %s:%s\n",
+ addr->u.inet.data->host,
+ addr->u.inet.data->port);
qapi_free_SocketAddress(addr);
-
- return ret;
}
static QemuOptsList qemu_vnc_opts = {
static int
-vnc_display_setup_auth(VncDisplay *vs,
+vnc_display_setup_auth(int *auth,
+ int *subauth,
+ QCryptoTLSCreds *tlscreds,
bool password,
bool sasl,
bool websocket,
* VNC auth mechs for plain VNC vs websockets VNC, the end
* result has the same security characteristics.
*/
- if (password) {
- if (vs->tlscreds) {
- vs->auth = VNC_AUTH_VENCRYPT;
- if (websocket) {
- vs->ws_tls = true;
- }
- if (object_dynamic_cast(OBJECT(vs->tlscreds),
- TYPE_QCRYPTO_TLS_CREDS_X509)) {
- VNC_DEBUG("Initializing VNC server with x509 password auth\n");
- vs->subauth = VNC_AUTH_VENCRYPT_X509VNC;
- } else if (object_dynamic_cast(OBJECT(vs->tlscreds),
- TYPE_QCRYPTO_TLS_CREDS_ANON)) {
- VNC_DEBUG("Initializing VNC server with TLS password auth\n");
- vs->subauth = VNC_AUTH_VENCRYPT_TLSVNC;
- } else {
- error_setg(errp,
- "Unsupported TLS cred type %s",
- object_get_typename(OBJECT(vs->tlscreds)));
- return -1;
- }
- } else {
+ if (websocket || !tlscreds) {
+ if (password) {
VNC_DEBUG("Initializing VNC server with password auth\n");
- vs->auth = VNC_AUTH_VNC;
- vs->subauth = VNC_AUTH_INVALID;
- }
- if (websocket) {
- vs->ws_auth = VNC_AUTH_VNC;
+ *auth = VNC_AUTH_VNC;
+ } else if (sasl) {
+ VNC_DEBUG("Initializing VNC server with SASL auth\n");
+ *auth = VNC_AUTH_SASL;
} else {
- vs->ws_auth = VNC_AUTH_INVALID;
+ VNC_DEBUG("Initializing VNC server with no auth\n");
+ *auth = VNC_AUTH_NONE;
}
- } else if (sasl) {
- if (vs->tlscreds) {
- vs->auth = VNC_AUTH_VENCRYPT;
- if (websocket) {
- vs->ws_tls = true;
+ *subauth = VNC_AUTH_INVALID;
+ } else {
+ bool is_x509 = object_dynamic_cast(OBJECT(tlscreds),
+ TYPE_QCRYPTO_TLS_CREDS_X509) != NULL;
+ bool is_anon = object_dynamic_cast(OBJECT(tlscreds),
+ TYPE_QCRYPTO_TLS_CREDS_ANON) != NULL;
+
+ if (!is_x509 && !is_anon) {
+ error_setg(errp,
+ "Unsupported TLS cred type %s",
+ object_get_typename(OBJECT(tlscreds)));
+ return -1;
+ }
+ *auth = VNC_AUTH_VENCRYPT;
+ if (password) {
+ if (is_x509) {
+ VNC_DEBUG("Initializing VNC server with x509 password auth\n");
+ *subauth = VNC_AUTH_VENCRYPT_X509VNC;
+ } else {
+ VNC_DEBUG("Initializing VNC server with TLS password auth\n");
+ *subauth = VNC_AUTH_VENCRYPT_TLSVNC;
}
- if (object_dynamic_cast(OBJECT(vs->tlscreds),
- TYPE_QCRYPTO_TLS_CREDS_X509)) {
+
+ } else if (sasl) {
+ if (is_x509) {
VNC_DEBUG("Initializing VNC server with x509 SASL auth\n");
- vs->subauth = VNC_AUTH_VENCRYPT_X509SASL;
- } else if (object_dynamic_cast(OBJECT(vs->tlscreds),
- TYPE_QCRYPTO_TLS_CREDS_ANON)) {
- VNC_DEBUG("Initializing VNC server with TLS SASL auth\n");
- vs->subauth = VNC_AUTH_VENCRYPT_TLSSASL;
+ *subauth = VNC_AUTH_VENCRYPT_X509SASL;
} else {
- error_setg(errp,
- "Unsupported TLS cred type %s",
- object_get_typename(OBJECT(vs->tlscreds)));
- return -1;
+ VNC_DEBUG("Initializing VNC server with TLS SASL auth\n");
+ *subauth = VNC_AUTH_VENCRYPT_TLSSASL;
}
} else {
- VNC_DEBUG("Initializing VNC server with SASL auth\n");
- vs->auth = VNC_AUTH_SASL;
- vs->subauth = VNC_AUTH_INVALID;
- }
- if (websocket) {
- vs->ws_auth = VNC_AUTH_SASL;
- } else {
- vs->ws_auth = VNC_AUTH_INVALID;
- }
- } else {
- if (vs->tlscreds) {
- vs->auth = VNC_AUTH_VENCRYPT;
- if (websocket) {
- vs->ws_tls = true;
- }
- if (object_dynamic_cast(OBJECT(vs->tlscreds),
- TYPE_QCRYPTO_TLS_CREDS_X509)) {
+ if (is_x509) {
VNC_DEBUG("Initializing VNC server with x509 no auth\n");
- vs->subauth = VNC_AUTH_VENCRYPT_X509NONE;
- } else if (object_dynamic_cast(OBJECT(vs->tlscreds),
- TYPE_QCRYPTO_TLS_CREDS_ANON)) {
- VNC_DEBUG("Initializing VNC server with TLS no auth\n");
- vs->subauth = VNC_AUTH_VENCRYPT_TLSNONE;
+ *subauth = VNC_AUTH_VENCRYPT_X509NONE;
} else {
- error_setg(errp,
- "Unsupported TLS cred type %s",
- object_get_typename(OBJECT(vs->tlscreds)));
- return -1;
+ VNC_DEBUG("Initializing VNC server with TLS no auth\n");
+ *subauth = VNC_AUTH_VENCRYPT_TLSNONE;
}
- } else {
- VNC_DEBUG("Initializing VNC server with no auth\n");
- vs->auth = VNC_AUTH_NONE;
- vs->subauth = VNC_AUTH_INVALID;
- }
- if (websocket) {
- vs->ws_auth = VNC_AUTH_NONE;
- } else {
- vs->ws_auth = VNC_AUTH_INVALID;
}
}
return 0;
}
-void vnc_display_open(const char *id, Error **errp)
+static int vnc_display_get_address(const char *addrstr,
+ bool websocket,
+ int displaynum,
+ int to,
+ bool has_ipv4,
+ bool has_ipv6,
+ bool ipv4,
+ bool ipv6,
+ SocketAddress **retaddr,
+ Error **errp)
{
- VncDisplay *vs = vnc_display_find(id);
- QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id);
- SocketAddress *saddr = NULL, *wsaddr = NULL;
- const char *share, *device_id;
- QemuConsole *con;
- bool password = false;
- bool reverse = false;
- const char *vnc;
- char *h;
- const char *credid;
- bool sasl = false;
-#ifdef CONFIG_VNC_SASL
- int saslErr;
-#endif
- int acl = 0;
- int lock_key_sync = 1;
- int key_delay_ms;
-
- if (!vs) {
- error_setg(errp, "VNC display not active");
- return;
- }
- vnc_display_close(vs);
-
- if (!opts) {
- return;
- }
- vnc = qemu_opt_get(opts, "vnc");
- if (!vnc || strcmp(vnc, "none") == 0) {
- return;
- }
+ int ret = -1;
+ SocketAddress *addr = NULL;
- h = strrchr(vnc, ':');
- if (h) {
- size_t hlen = h - vnc;
+ addr = g_new0(SocketAddress, 1);
- const char *websocket = qemu_opt_get(opts, "websocket");
- int to = qemu_opt_get_number(opts, "to", 0);
- bool has_ipv4 = qemu_opt_get(opts, "ipv4");
- bool has_ipv6 = qemu_opt_get(opts, "ipv6");
- bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false);
- bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false);
+ if (strncmp(addrstr, "unix:", 5) == 0) {
+ addr->type = SOCKET_ADDRESS_KIND_UNIX;
+ addr->u.q_unix.data = g_new0(UnixSocketAddress, 1);
+ addr->u.q_unix.data->path = g_strdup(addrstr + 5);
- saddr = g_new0(SocketAddress, 1);
if (websocket) {
- if (!qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) {
- error_setg(errp,
- "SHA1 hash support is required for websockets");
- goto fail;
- }
-
- wsaddr = g_new0(SocketAddress, 1);
- vs->ws_enabled = true;
+ error_setg(errp, "UNIX sockets not supported with websock");
+ goto cleanup;
}
- if (strncmp(vnc, "unix:", 5) == 0) {
- saddr->type = SOCKET_ADDRESS_KIND_UNIX;
- saddr->u.q_unix.data = g_new0(UnixSocketAddress, 1);
- saddr->u.q_unix.data->path = g_strdup(vnc + 5);
+ if (to) {
+ error_setg(errp, "Port range not support with UNIX socket");
+ goto cleanup;
+ }
+ ret = 0;
+ } else {
+ const char *port;
+ size_t hostlen;
+ unsigned long long baseport = 0;
+ InetSocketAddress *inet;
- if (vs->ws_enabled) {
- error_setg(errp, "UNIX sockets not supported with websock");
- goto fail;
+ port = strrchr(addrstr, ':');
+ if (!port) {
+ if (websocket) {
+ hostlen = 0;
+ port = addrstr;
+ } else {
+ error_setg(errp, "no vnc port specified");
+ goto cleanup;
+ }
+ } else {
+ hostlen = port - addrstr;
+ port++;
+ if (*port == '\0') {
+ error_setg(errp, "vnc port cannot be empty");
+ goto cleanup;
}
+ }
+
+ addr->type = SOCKET_ADDRESS_KIND_INET;
+ inet = addr->u.inet.data = g_new0(InetSocketAddress, 1);
+ if (addrstr[0] == '[' && addrstr[hostlen - 1] == ']') {
+ inet->host = g_strndup(addrstr + 1, hostlen - 2);
} else {
- unsigned long long baseport;
- InetSocketAddress *inet;
- saddr->type = SOCKET_ADDRESS_KIND_INET;
- inet = saddr->u.inet.data = g_new0(InetSocketAddress, 1);
- if (vnc[0] == '[' && vnc[hlen - 1] == ']') {
- inet->host = g_strndup(vnc + 1, hlen - 2);
+ inet->host = g_strndup(addrstr, hostlen);
+ }
+ /* plain VNC port is just an offset, for websocket
+ * port is absolute */
+ if (websocket) {
+ if (g_str_equal(addrstr, "") ||
+ g_str_equal(addrstr, "on")) {
+ if (displaynum == -1) {
+ error_setg(errp, "explicit websocket port is required");
+ goto cleanup;
+ }
+ inet->port = g_strdup_printf(
+ "%d", displaynum + 5700);
+ if (to) {
+ inet->has_to = true;
+ inet->to = to + 5700;
+ }
} else {
- inet->host = g_strndup(vnc, hlen);
+ inet->port = g_strdup(port);
}
- if (parse_uint_full(h + 1, &baseport, 10) < 0) {
- error_setg(errp, "can't convert to a number: %s", h + 1);
- goto fail;
+ } else {
+ if (parse_uint_full(port, &baseport, 10) < 0) {
+ error_setg(errp, "can't convert to a number: %s", port);
+ goto cleanup;
}
if (baseport > 65535 ||
baseport + 5900 > 65535) {
- error_setg(errp, "port %s out of range", h + 1);
- goto fail;
+ error_setg(errp, "port %s out of range", port);
+ goto cleanup;
}
inet->port = g_strdup_printf(
"%d", (int)baseport + 5900);
inet->has_to = true;
inet->to = to + 5900;
}
- inet->ipv4 = ipv4;
- inet->has_ipv4 = has_ipv4;
- inet->ipv6 = ipv6;
- inet->has_ipv6 = has_ipv6;
+ }
- if (vs->ws_enabled) {
- wsaddr->type = SOCKET_ADDRESS_KIND_INET;
- inet = wsaddr->u.inet.data = g_new0(InetSocketAddress, 1);
- inet->host = g_strdup(saddr->u.inet.data->host);
- inet->port = g_strdup(websocket);
+ inet->ipv4 = ipv4;
+ inet->has_ipv4 = has_ipv4;
+ inet->ipv6 = ipv6;
+ inet->has_ipv6 = has_ipv6;
- if (to) {
- inet->has_to = true;
- inet->to = to;
- }
- inet->ipv4 = ipv4;
- inet->has_ipv4 = has_ipv4;
- inet->ipv6 = ipv6;
- inet->has_ipv6 = has_ipv6;
- }
+ ret = baseport;
+ }
+
+ *retaddr = addr;
+
+ cleanup:
+ if (ret < 0) {
+ qapi_free_SocketAddress(addr);
+ }
+ return ret;
+}
+
+static int vnc_display_get_addresses(QemuOpts *opts,
+ SocketAddress ***retsaddr,
+ size_t *retnsaddr,
+ SocketAddress ***retwsaddr,
+ size_t *retnwsaddr,
+ Error **errp)
+{
+ SocketAddress *saddr = NULL;
+ SocketAddress *wsaddr = NULL;
+ QemuOptsIter addriter;
+ const char *addr;
+ int to = qemu_opt_get_number(opts, "to", 0);
+ bool has_ipv4 = qemu_opt_get(opts, "ipv4");
+ bool has_ipv6 = qemu_opt_get(opts, "ipv6");
+ bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false);
+ bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false);
+ size_t i;
+ int displaynum = -1;
+ int ret = -1;
+
+ *retsaddr = NULL;
+ *retnsaddr = 0;
+ *retwsaddr = NULL;
+ *retnwsaddr = 0;
+
+ addr = qemu_opt_get(opts, "vnc");
+ if (addr == NULL || g_str_equal(addr, "none")) {
+ ret = 0;
+ goto cleanup;
+ }
+ if (qemu_opt_get(opts, "websocket") &&
+ !qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) {
+ error_setg(errp,
+ "SHA1 hash support is required for websockets");
+ goto cleanup;
+ }
+
+ qemu_opt_iter_init(&addriter, opts, "vnc");
+ while ((addr = qemu_opt_iter_next(&addriter)) != NULL) {
+ int rv;
+ rv = vnc_display_get_address(addr, false, 0, to,
+ has_ipv4, has_ipv6,
+ ipv4, ipv6,
+ &saddr, errp);
+ if (rv < 0) {
+ goto cleanup;
}
- } else {
- error_setg(errp, "no vnc port specified");
+ /* Historical compat - first listen address can be used
+ * to set the default websocket port
+ */
+ if (displaynum == -1) {
+ displaynum = rv;
+ }
+ *retsaddr = g_renew(SocketAddress *, *retsaddr, *retnsaddr + 1);
+ (*retsaddr)[(*retnsaddr)++] = saddr;
+ }
+
+ /* If we had multiple primary displays, we don't do defaults
+ * for websocket, and require explicit config instead. */
+ if (*retnsaddr > 1) {
+ displaynum = -1;
+ }
+
+ qemu_opt_iter_init(&addriter, opts, "websocket");
+ while ((addr = qemu_opt_iter_next(&addriter)) != NULL) {
+ if (vnc_display_get_address(addr, true, displaynum, to,
+ has_ipv4, has_ipv6,
+ ipv4, ipv6,
+ &wsaddr, errp) < 0) {
+ goto cleanup;
+ }
+
+ /* Historical compat - if only a single listen address was
+ * provided, then this is used to set the default listen
+ * address for websocket too
+ */
+ if (*retnsaddr == 1 &&
+ (*retsaddr)[0]->type == SOCKET_ADDRESS_KIND_INET &&
+ wsaddr->type == SOCKET_ADDRESS_KIND_INET &&
+ g_str_equal(wsaddr->u.inet.data->host, "") &&
+ !g_str_equal((*retsaddr)[0]->u.inet.data->host, "")) {
+ g_free(wsaddr->u.inet.data->host);
+ wsaddr->u.inet.data->host =
+ g_strdup((*retsaddr)[0]->u.inet.data->host);
+ }
+
+ *retwsaddr = g_renew(SocketAddress *, *retwsaddr, *retnwsaddr + 1);
+ (*retwsaddr)[(*retnwsaddr)++] = wsaddr;
+ }
+
+ ret = 0;
+ cleanup:
+ if (ret < 0) {
+ for (i = 0; i < *retnsaddr; i++) {
+ qapi_free_SocketAddress((*retsaddr)[i]);
+ }
+ g_free(*retsaddr);
+ for (i = 0; i < *retnwsaddr; i++) {
+ qapi_free_SocketAddress((*retwsaddr)[i]);
+ }
+ g_free(*retwsaddr);
+ *retsaddr = *retwsaddr = NULL;
+ *retnsaddr = *retnwsaddr = 0;
+ }
+ return ret;
+}
+
+static int vnc_display_connect(VncDisplay *vd,
+ SocketAddress **saddr,
+ size_t nsaddr,
+ SocketAddress **wsaddr,
+ size_t nwsaddr,
+ Error **errp)
+{
+ /* connect to viewer */
+ QIOChannelSocket *sioc = NULL;
+ if (nwsaddr != 0) {
+ error_setg(errp, "Cannot use websockets in reverse mode");
+ return -1;
+ }
+ if (nsaddr != 1) {
+ error_setg(errp, "Expected a single address in reverse mode");
+ return -1;
+ }
+ vd->is_unix = saddr[0]->type == SOCKET_ADDRESS_KIND_UNIX;
+ sioc = qio_channel_socket_new();
+ qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse");
+ if (qio_channel_socket_connect_sync(sioc, saddr[0], errp) < 0) {
+ return -1;
+ }
+ vnc_connect(vd, sioc, false, false);
+ object_unref(OBJECT(sioc));
+ return 0;
+}
+
+
+static int vnc_display_listen_addr(VncDisplay *vd,
+ SocketAddress *addr,
+ const char *name,
+ QIOChannelSocket ***lsock,
+ guint **lsock_tag,
+ size_t *nlsock,
+ Error **errp)
+{
+ QIODNSResolver *resolver = qio_dns_resolver_get_instance();
+ SocketAddress **rawaddrs = NULL;
+ size_t nrawaddrs = 0;
+ Error *listenerr = NULL;
+ bool listening = false;
+ size_t i;
+
+ if (qio_dns_resolver_lookup_sync(resolver, addr, &nrawaddrs,
+ &rawaddrs, errp) < 0) {
+ return -1;
+ }
+
+ for (i = 0; i < nrawaddrs; i++) {
+ QIOChannelSocket *sioc = qio_channel_socket_new();
+
+ qio_channel_set_name(QIO_CHANNEL(sioc), name);
+ if (qio_channel_socket_listen_sync(
+ sioc, rawaddrs[i], listenerr == NULL ? &listenerr : NULL) < 0) {
+ continue;
+ }
+ listening = true;
+ (*nlsock)++;
+ *lsock = g_renew(QIOChannelSocket *, *lsock, *nlsock);
+ *lsock_tag = g_renew(guint, *lsock_tag, *nlsock);
+
+ (*lsock)[*nlsock - 1] = sioc;
+ (*lsock_tag)[*nlsock - 1] = 0;
+ }
+
+ for (i = 0; i < nrawaddrs; i++) {
+ qapi_free_SocketAddress(rawaddrs[i]);
+ }
+ g_free(rawaddrs);
+
+ if (listenerr) {
+ if (!listening) {
+ error_propagate(errp, listenerr);
+ return -1;
+ } else {
+ error_free(listenerr);
+ }
+ }
+
+ for (i = 0; i < *nlsock; i++) {
+ (*lsock_tag)[i] = qio_channel_add_watch(
+ QIO_CHANNEL((*lsock)[i]),
+ G_IO_IN, vnc_listen_io, vd, NULL);
+ }
+
+ return 0;
+}
+
+
+static int vnc_display_listen(VncDisplay *vd,
+ SocketAddress **saddr,
+ size_t nsaddr,
+ SocketAddress **wsaddr,
+ size_t nwsaddr,
+ Error **errp)
+{
+ size_t i;
+
+ for (i = 0; i < nsaddr; i++) {
+ if (vnc_display_listen_addr(vd, saddr[i],
+ "vnc-listen",
+ &vd->lsock,
+ &vd->lsock_tag,
+ &vd->nlsock,
+ errp) < 0) {
+ return -1;
+ }
+ }
+ for (i = 0; i < nwsaddr; i++) {
+ if (vnc_display_listen_addr(vd, wsaddr[i],
+ "vnc-ws-listen",
+ &vd->lwebsock,
+ &vd->lwebsock_tag,
+ &vd->nlwebsock,
+ errp) < 0) {
+ return -1;
+ }
+ }
+
+ return 0;
+}
+
+
+void vnc_display_open(const char *id, Error **errp)
+{
+ VncDisplay *vd = vnc_display_find(id);
+ QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id);
+ SocketAddress **saddr = NULL, **wsaddr = NULL;
+ size_t nsaddr, nwsaddr;
+ const char *share, *device_id;
+ QemuConsole *con;
+ bool password = false;
+ bool reverse = false;
+ const char *credid;
+ bool sasl = false;
+#ifdef CONFIG_VNC_SASL
+ int saslErr;
+#endif
+ int acl = 0;
+ int lock_key_sync = 1;
+ int key_delay_ms;
+ size_t i;
+
+ if (!vd) {
+ error_setg(errp, "VNC display not active");
+ return;
+ }
+ vnc_display_close(vd);
+
+ if (!opts) {
+ return;
+ }
+
+ if (vnc_display_get_addresses(opts, &saddr, &nsaddr,
+ &wsaddr, &nwsaddr, errp) < 0) {
goto fail;
}
+ if (saddr == NULL) {
+ return;
+ }
+
password = qemu_opt_get_bool(opts, "password", false);
if (password) {
if (fips_get_state()) {
goto fail;
}
if (!qcrypto_cipher_supports(
- QCRYPTO_CIPHER_ALG_DES_RFB)) {
+ QCRYPTO_CIPHER_ALG_DES_RFB, QCRYPTO_CIPHER_MODE_ECB)) {
error_setg(errp,
"Cipher backend does not support DES RFB algorithm");
goto fail;
credid);
goto fail;
}
- vs->tlscreds = (QCryptoTLSCreds *)
+ vd->tlscreds = (QCryptoTLSCreds *)
object_dynamic_cast(creds,
TYPE_QCRYPTO_TLS_CREDS);
- if (!vs->tlscreds) {
+ if (!vd->tlscreds) {
error_setg(errp, "Object with id '%s' is not TLS credentials",
credid);
goto fail;
}
- object_ref(OBJECT(vs->tlscreds));
+ object_ref(OBJECT(vd->tlscreds));
- if (vs->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
+ if (vd->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
error_setg(errp,
"Expecting TLS credentials with a server endpoint");
goto fail;
x509verify = true;
}
}
- vs->tlscreds = vnc_display_create_creds(x509,
+ vd->tlscreds = vnc_display_create_creds(x509,
x509verify,
path,
- vs->id,
+ vd->id,
errp);
- if (!vs->tlscreds) {
+ if (!vd->tlscreds) {
goto fail;
}
}
share = qemu_opt_get(opts, "share");
if (share) {
if (strcmp(share, "ignore") == 0) {
- vs->share_policy = VNC_SHARE_POLICY_IGNORE;
+ vd->share_policy = VNC_SHARE_POLICY_IGNORE;
} else if (strcmp(share, "allow-exclusive") == 0) {
- vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
+ vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
} else if (strcmp(share, "force-shared") == 0) {
- vs->share_policy = VNC_SHARE_POLICY_FORCE_SHARED;
+ vd->share_policy = VNC_SHARE_POLICY_FORCE_SHARED;
} else {
error_setg(errp, "unknown vnc share= option");
goto fail;
}
} else {
- vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
+ vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
}
- vs->connections_limit = qemu_opt_get_number(opts, "connections", 32);
+ vd->connections_limit = qemu_opt_get_number(opts, "connections", 32);
#ifdef CONFIG_VNC_JPEG
- vs->lossy = qemu_opt_get_bool(opts, "lossy", false);
+ vd->lossy = qemu_opt_get_bool(opts, "lossy", false);
#endif
- vs->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false);
+ vd->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false);
/* adaptive updates are only used with tight encoding and
* if lossy updates are enabled so we can disable all the
* calculations otherwise */
- if (!vs->lossy) {
- vs->non_adaptive = true;
+ if (!vd->lossy) {
+ vd->non_adaptive = true;
}
if (acl) {
- if (strcmp(vs->id, "default") == 0) {
- vs->tlsaclname = g_strdup("vnc.x509dname");
+ if (strcmp(vd->id, "default") == 0) {
+ vd->tlsaclname = g_strdup("vnc.x509dname");
} else {
- vs->tlsaclname = g_strdup_printf("vnc.%s.x509dname", vs->id);
+ vd->tlsaclname = g_strdup_printf("vnc.%s.x509dname", vd->id);
}
- qemu_acl_init(vs->tlsaclname);
+ qemu_acl_init(vd->tlsaclname);
}
#ifdef CONFIG_VNC_SASL
if (acl && sasl) {
char *aclname;
- if (strcmp(vs->id, "default") == 0) {
+ if (strcmp(vd->id, "default") == 0) {
aclname = g_strdup("vnc.username");
} else {
- aclname = g_strdup_printf("vnc.%s.username", vs->id);
+ aclname = g_strdup_printf("vnc.%s.username", vd->id);
}
- vs->sasl.acl = qemu_acl_init(aclname);
+ vd->sasl.acl = qemu_acl_init(aclname);
g_free(aclname);
}
#endif
- if (vnc_display_setup_auth(vs, password, sasl, vs->ws_enabled, errp) < 0) {
+ if (vnc_display_setup_auth(&vd->auth, &vd->subauth,
+ vd->tlscreds, password,
+ sasl, false, errp) < 0) {
+ goto fail;
+ }
+
+ if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth,
+ vd->tlscreds, password,
+ sasl, true, errp) < 0) {
goto fail;
}
goto fail;
}
#endif
- vs->lock_key_sync = lock_key_sync;
- vs->key_delay_ms = key_delay_ms;
+ vd->lock_key_sync = lock_key_sync;
+ if (lock_key_sync) {
+ vd->led = qemu_add_led_event_handler(kbd_leds, vd);
+ }
+ vd->ledstate = 0;
+ vd->key_delay_ms = key_delay_ms;
device_id = qemu_opt_get(opts, "display");
if (device_id) {
con = NULL;
}
- if (con != vs->dcl.con) {
- unregister_displaychangelistener(&vs->dcl);
- vs->dcl.con = con;
- register_displaychangelistener(&vs->dcl);
+ if (con != vd->dcl.con) {
+ unregister_displaychangelistener(&vd->dcl);
+ vd->dcl.con = con;
+ register_displaychangelistener(&vd->dcl);
}
if (reverse) {
- /* connect to viewer */
- QIOChannelSocket *sioc = NULL;
- vs->lsock = NULL;
- vs->lwebsock = NULL;
- if (vs->ws_enabled) {
- error_setg(errp, "Cannot use websockets in reverse mode");
- goto fail;
- }
- vs->is_unix = saddr->type == SOCKET_ADDRESS_KIND_UNIX;
- sioc = qio_channel_socket_new();
- if (qio_channel_socket_connect_sync(sioc, saddr, errp) < 0) {
+ if (vnc_display_connect(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) {
goto fail;
}
- vnc_connect(vs, sioc, false, false);
- object_unref(OBJECT(sioc));
} else {
- vs->lsock = qio_channel_socket_new();
- if (qio_channel_socket_listen_sync(vs->lsock, saddr, errp) < 0) {
+ if (vnc_display_listen(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) {
goto fail;
}
- vs->is_unix = saddr->type == SOCKET_ADDRESS_KIND_UNIX;
- vs->enabled = true;
-
- if (vs->ws_enabled) {
- vs->lwebsock = qio_channel_socket_new();
- if (qio_channel_socket_listen_sync(vs->lwebsock,
- wsaddr, errp) < 0) {
- object_unref(OBJECT(vs->lsock));
- vs->lsock = NULL;
- goto fail;
- }
- }
+ }
- vs->lsock_tag = qio_channel_add_watch(
- QIO_CHANNEL(vs->lsock),
- G_IO_IN, vnc_listen_io, vs, NULL);
- if (vs->ws_enabled) {
- vs->lwebsock_tag = qio_channel_add_watch(
- QIO_CHANNEL(vs->lwebsock),
- G_IO_IN, vnc_listen_io, vs, NULL);
- }
+ if (qemu_opt_get(opts, "to")) {
+ vnc_display_print_local_addr(vd);
}
- qapi_free_SocketAddress(saddr);
- qapi_free_SocketAddress(wsaddr);
+ cleanup:
+ for (i = 0; i < nsaddr; i++) {
+ qapi_free_SocketAddress(saddr[i]);
+ }
+ for (i = 0; i < nwsaddr; i++) {
+ qapi_free_SocketAddress(wsaddr[i]);
+ }
return;
fail:
- qapi_free_SocketAddress(saddr);
- qapi_free_SocketAddress(wsaddr);
- vs->enabled = false;
- vs->ws_enabled = false;
+ vnc_display_close(vd);
+ goto cleanup;
}
void vnc_display_add_client(const char *id, int csock, bool skipauth)
{
- VncDisplay *vs = vnc_display_find(id);
+ VncDisplay *vd = vnc_display_find(id);
QIOChannelSocket *sioc;
- if (!vs) {
+ if (!vd) {
return;
}
sioc = qio_channel_socket_new_fd(csock, NULL);
if (sioc) {
- vnc_connect(vs, sioc, skipauth, false);
+ qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-server");
+ vnc_connect(vd, sioc, skipauth, false);
object_unref(OBJECT(sioc));
}
}