2 * QEMU VNC display driver
5 * Copyright (C) 2006 Fabrice Bellard
6 * Copyright (C) 2009 Red Hat, Inc
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
9 * of this software and associated documentation files (the "Software"), to deal
10 * in the Software without restriction, including without limitation the rights
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 * copies of the Software, and to permit persons to whom the Software is
13 * furnished to do so, subject to the following conditions:
15 * The above copyright notice and this permission notice shall be included in
16 * all copies or substantial portions of the Software.
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
29 #include "qemu_socket.h"
30 #include "qemu-timer.h"
32 #include "qemu-objects.h"
34 #define VNC_REFRESH_INTERVAL_BASE 30
35 #define VNC_REFRESH_INTERVAL_INC 50
36 #define VNC_REFRESH_INTERVAL_MAX 2000
38 #include "vnc_keysym.h"
41 #define count_bits(c, v) { \
42 for (c = 0; v; v >>= 1) \
49 static VncDisplay *vnc_display; /* needed for info vnc */
50 static DisplayChangeListener *dcl;
52 static char *addr_to_string(const char *format,
53 struct sockaddr_storage *sa,
56 char host[NI_MAXHOST];
57 char serv[NI_MAXSERV];
61 if ((err = getnameinfo((struct sockaddr *)sa, salen,
64 NI_NUMERICHOST | NI_NUMERICSERV)) != 0) {
65 VNC_DEBUG("Cannot resolve address %d: %s\n",
66 err, gai_strerror(err));
70 /* Enough for the existing format + the 2 vars we're
72 addrlen = strlen(format) + strlen(host) + strlen(serv);
73 addr = qemu_malloc(addrlen + 1);
74 snprintf(addr, addrlen, format, host, serv);
81 char *vnc_socket_local_addr(const char *format, int fd) {
82 struct sockaddr_storage sa;
86 if (getsockname(fd, (struct sockaddr*)&sa, &salen) < 0)
89 return addr_to_string(format, &sa, salen);
92 char *vnc_socket_remote_addr(const char *format, int fd) {
93 struct sockaddr_storage sa;
97 if (getpeername(fd, (struct sockaddr*)&sa, &salen) < 0)
100 return addr_to_string(format, &sa, salen);
103 static int put_addr_qdict(QDict *qdict, struct sockaddr_storage *sa,
106 char host[NI_MAXHOST];
107 char serv[NI_MAXSERV];
110 if ((err = getnameinfo((struct sockaddr *)sa, salen,
113 NI_NUMERICHOST | NI_NUMERICSERV)) != 0) {
114 VNC_DEBUG("Cannot resolve address %d: %s\n",
115 err, gai_strerror(err));
119 qdict_put(qdict, "host", qstring_from_str(host));
120 qdict_put(qdict, "service", qstring_from_str(serv));
121 qdict_put(qdict, "family",qstring_from_str(inet_strfamily(sa->ss_family)));
126 static int vnc_server_addr_put(QDict *qdict, int fd)
128 struct sockaddr_storage sa;
132 if (getsockname(fd, (struct sockaddr*)&sa, &salen) < 0) {
136 return put_addr_qdict(qdict, &sa, salen);
139 static int vnc_qdict_remote_addr(QDict *qdict, int fd)
141 struct sockaddr_storage sa;
145 if (getpeername(fd, (struct sockaddr*)&sa, &salen) < 0) {
149 return put_addr_qdict(qdict, &sa, salen);
152 static const char *vnc_auth_name(VncDisplay *vd) {
154 case VNC_AUTH_INVALID:
170 case VNC_AUTH_VENCRYPT:
171 #ifdef CONFIG_VNC_TLS
172 switch (vd->subauth) {
173 case VNC_AUTH_VENCRYPT_PLAIN:
174 return "vencrypt+plain";
175 case VNC_AUTH_VENCRYPT_TLSNONE:
176 return "vencrypt+tls+none";
177 case VNC_AUTH_VENCRYPT_TLSVNC:
178 return "vencrypt+tls+vnc";
179 case VNC_AUTH_VENCRYPT_TLSPLAIN:
180 return "vencrypt+tls+plain";
181 case VNC_AUTH_VENCRYPT_X509NONE:
182 return "vencrypt+x509+none";
183 case VNC_AUTH_VENCRYPT_X509VNC:
184 return "vencrypt+x509+vnc";
185 case VNC_AUTH_VENCRYPT_X509PLAIN:
186 return "vencrypt+x509+plain";
187 case VNC_AUTH_VENCRYPT_TLSSASL:
188 return "vencrypt+tls+sasl";
189 case VNC_AUTH_VENCRYPT_X509SASL:
190 return "vencrypt+x509+sasl";
203 static int vnc_server_info_put(QDict *qdict)
205 if (vnc_server_addr_put(qdict, vnc_display->lsock) < 0) {
209 qdict_put(qdict, "auth", qstring_from_str(vnc_auth_name(vnc_display)));
213 static void vnc_client_cache_auth(VncState *client)
221 qdict = qobject_to_qdict(client->info);
223 #ifdef CONFIG_VNC_TLS
224 if (client->tls.session &&
226 qdict_put(qdict, "x509_dname", qstring_from_str(client->tls.dname));
229 #ifdef CONFIG_VNC_SASL
230 if (client->sasl.conn &&
231 client->sasl.username) {
232 qdict_put(qdict, "sasl_username",
233 qstring_from_str(client->sasl.username));
238 static void vnc_client_cache_addr(VncState *client)
243 if (vnc_qdict_remote_addr(qdict, client->csock) < 0) {
245 /* XXX: how to report the error? */
249 client->info = QOBJECT(qdict);
252 static void vnc_qmp_event(VncState *vs, MonitorEvent event)
261 server = qdict_new();
262 if (vnc_server_info_put(server) < 0) {
267 data = qobject_from_jsonf("{ 'client': %p, 'server': %p }",
268 vs->info, QOBJECT(server));
270 monitor_protocol_event(event, data);
272 qobject_incref(vs->info);
273 qobject_decref(data);
276 static void info_vnc_iter(QObject *obj, void *opaque)
279 Monitor *mon = opaque;
281 client = qobject_to_qdict(obj);
282 monitor_printf(mon, "Client:\n");
283 monitor_printf(mon, " address: %s:%s\n",
284 qdict_get_str(client, "host"),
285 qdict_get_str(client, "service"));
287 #ifdef CONFIG_VNC_TLS
288 monitor_printf(mon, " x509_dname: %s\n",
289 qdict_haskey(client, "x509_dname") ?
290 qdict_get_str(client, "x509_dname") : "none");
292 #ifdef CONFIG_VNC_SASL
293 monitor_printf(mon, " username: %s\n",
294 qdict_haskey(client, "sasl_username") ?
295 qdict_get_str(client, "sasl_username") : "none");
299 void do_info_vnc_print(Monitor *mon, const QObject *data)
304 server = qobject_to_qdict(data);
305 if (qdict_get_bool(server, "enabled") == 0) {
306 monitor_printf(mon, "Server: disabled\n");
310 monitor_printf(mon, "Server:\n");
311 monitor_printf(mon, " address: %s:%s\n",
312 qdict_get_str(server, "host"),
313 qdict_get_str(server, "service"));
314 monitor_printf(mon, " auth: %s\n", qdict_get_str(server, "auth"));
316 clients = qdict_get_qlist(server, "clients");
317 if (qlist_empty(clients)) {
318 monitor_printf(mon, "Client: none\n");
320 qlist_iter(clients, info_vnc_iter, mon);
325 * do_info_vnc(): Show VNC server information
327 * Return a QDict with server information. Connected clients are returned
328 * as a QList of QDicts.
330 * The main QDict contains the following:
332 * - "enabled": true or false
333 * - "host": server's IP address
334 * - "family": address family ("ipv4" or "ipv6")
335 * - "service": server's port number
336 * - "auth": authentication method
337 * - "clients": a QList of all connected clients
339 * Clients are described by a QDict, with the following information:
341 * - "host": client's IP address
342 * - "family": address family ("ipv4" or "ipv6")
343 * - "service": client's port number
344 * - "x509_dname": TLS dname (optional)
345 * - "sasl_username": SASL username (optional)
349 * { "enabled": true, "host": "0.0.0.0", "service": "50402", "auth": "vnc",
351 * "clients": [{ "host": "127.0.0.1", "service": "50401", "family": "ipv4" }]}
353 void do_info_vnc(Monitor *mon, QObject **ret_data)
355 if (vnc_display == NULL || vnc_display->display == NULL) {
356 *ret_data = qobject_from_jsonf("{ 'enabled': false }");
361 if (vnc_display->clients) {
362 VncState *client = vnc_display->clients;
365 /* incref so that it's not freed by upper layers */
366 qobject_incref(client->info);
367 qlist_append_obj(clist, client->info);
369 client = client->next;
373 *ret_data = qobject_from_jsonf("{ 'enabled': true, 'clients': %p }",
375 assert(*ret_data != NULL);
377 if (vnc_server_info_put(qobject_to_qdict(*ret_data)) < 0) {
378 qobject_decref(*ret_data);
384 static inline uint32_t vnc_has_feature(VncState *vs, int feature) {
385 return (vs->features & (1 << feature));
389 1) Get the queue working for IO.
390 2) there is some weirdness when using the -S option (the screen is grey
391 and not totally invalidated
392 3) resolutions > 1024
395 static int vnc_update_client(VncState *vs, int has_dirty);
396 static void vnc_disconnect_start(VncState *vs);
397 static void vnc_disconnect_finish(VncState *vs);
398 static void vnc_init_timer(VncDisplay *vd);
399 static void vnc_remove_timer(VncDisplay *vd);
401 static void vnc_colordepth(VncState *vs);
402 static void framebuffer_update_request(VncState *vs, int incremental,
403 int x_position, int y_position,
405 static void vnc_refresh(void *opaque);
406 static int vnc_refresh_server_surface(VncDisplay *vd);
408 static inline void vnc_set_bit(uint32_t *d, int k)
410 d[k >> 5] |= 1 << (k & 0x1f);
413 static inline void vnc_clear_bit(uint32_t *d, int k)
415 d[k >> 5] &= ~(1 << (k & 0x1f));
418 static inline void vnc_set_bits(uint32_t *d, int n, int nb_words)
428 d[j++] = (1 << n) - 1;
433 static inline int vnc_get_bit(const uint32_t *d, int k)
435 return (d[k >> 5] >> (k & 0x1f)) & 1;
438 static inline int vnc_and_bits(const uint32_t *d1, const uint32_t *d2,
442 for(i = 0; i < nb_words; i++) {
443 if ((d1[i] & d2[i]) != 0)
449 static void vnc_dpy_update(DisplayState *ds, int x, int y, int w, int h)
452 VncDisplay *vd = ds->opaque;
453 struct VncSurface *s = &vd->guest;
457 /* round x down to ensure the loop only spans one 16-pixel block per,
458 iteration. otherwise, if (x % 16) != 0, the last iteration may span
459 two 16-pixel blocks but we only mark the first as dirty
464 x = MIN(x, s->ds->width);
465 y = MIN(y, s->ds->height);
466 w = MIN(x + w, s->ds->width) - x;
467 h = MIN(h, s->ds->height);
470 for (i = 0; i < w; i += 16)
471 vnc_set_bit(s->dirty[y], (x + i) / 16);
474 static void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h,
477 vnc_write_u16(vs, x);
478 vnc_write_u16(vs, y);
479 vnc_write_u16(vs, w);
480 vnc_write_u16(vs, h);
482 vnc_write_s32(vs, encoding);
485 void buffer_reserve(Buffer *buffer, size_t len)
487 if ((buffer->capacity - buffer->offset) < len) {
488 buffer->capacity += (len + 1024);
489 buffer->buffer = qemu_realloc(buffer->buffer, buffer->capacity);
490 if (buffer->buffer == NULL) {
491 fprintf(stderr, "vnc: out of memory\n");
497 int buffer_empty(Buffer *buffer)
499 return buffer->offset == 0;
502 uint8_t *buffer_end(Buffer *buffer)
504 return buffer->buffer + buffer->offset;
507 void buffer_reset(Buffer *buffer)
512 void buffer_append(Buffer *buffer, const void *data, size_t len)
514 memcpy(buffer->buffer + buffer->offset, data, len);
515 buffer->offset += len;
518 static void vnc_dpy_resize(DisplayState *ds)
521 VncDisplay *vd = ds->opaque;
522 VncState *vs = vd->clients;
526 vd->server = qemu_mallocz(sizeof(*vd->server));
527 if (vd->server->data)
528 qemu_free(vd->server->data);
529 *(vd->server) = *(ds->surface);
530 vd->server->data = qemu_mallocz(vd->server->linesize *
535 vd->guest.ds = qemu_mallocz(sizeof(*vd->guest.ds));
536 if (ds_get_bytes_per_pixel(ds) != vd->guest.ds->pf.bytes_per_pixel)
537 console_color_init(ds);
538 size_changed = ds_get_width(ds) != vd->guest.ds->width ||
539 ds_get_height(ds) != vd->guest.ds->height;
540 *(vd->guest.ds) = *(ds->surface);
541 memset(vd->guest.dirty, 0xFF, sizeof(vd->guest.dirty));
546 if (vs->csock != -1 && vnc_has_feature(vs, VNC_FEATURE_RESIZE)) {
547 vnc_write_u8(vs, 0); /* msg id */
549 vnc_write_u16(vs, 1); /* number of rects */
550 vnc_framebuffer_update(vs, 0, 0, ds_get_width(ds), ds_get_height(ds),
551 VNC_ENCODING_DESKTOPRESIZE);
555 memset(vs->dirty, 0xFF, sizeof(vs->dirty));
561 static void vnc_write_pixels_copy(VncState *vs, void *pixels, int size)
563 vnc_write(vs, pixels, size);
566 /* slowest but generic code. */
567 static void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v)
570 VncDisplay *vd = vs->vd;
572 r = ((((v & vd->server->pf.rmask) >> vd->server->pf.rshift) << vs->clientds.pf.rbits) >>
573 vd->server->pf.rbits);
574 g = ((((v & vd->server->pf.gmask) >> vd->server->pf.gshift) << vs->clientds.pf.gbits) >>
575 vd->server->pf.gbits);
576 b = ((((v & vd->server->pf.bmask) >> vd->server->pf.bshift) << vs->clientds.pf.bbits) >>
577 vd->server->pf.bbits);
578 v = (r << vs->clientds.pf.rshift) |
579 (g << vs->clientds.pf.gshift) |
580 (b << vs->clientds.pf.bshift);
581 switch(vs->clientds.pf.bytes_per_pixel) {
586 if (vs->clientds.flags & QEMU_BIG_ENDIAN_FLAG) {
596 if (vs->clientds.flags & QEMU_BIG_ENDIAN_FLAG) {
611 static void vnc_write_pixels_generic(VncState *vs, void *pixels1, int size)
614 VncDisplay *vd = vs->vd;
616 if (vd->server->pf.bytes_per_pixel == 4) {
617 uint32_t *pixels = pixels1;
620 for(i = 0; i < n; i++) {
621 vnc_convert_pixel(vs, buf, pixels[i]);
622 vnc_write(vs, buf, vs->clientds.pf.bytes_per_pixel);
624 } else if (vd->server->pf.bytes_per_pixel == 2) {
625 uint16_t *pixels = pixels1;
628 for(i = 0; i < n; i++) {
629 vnc_convert_pixel(vs, buf, pixels[i]);
630 vnc_write(vs, buf, vs->clientds.pf.bytes_per_pixel);
632 } else if (vd->server->pf.bytes_per_pixel == 1) {
633 uint8_t *pixels = pixels1;
636 for(i = 0; i < n; i++) {
637 vnc_convert_pixel(vs, buf, pixels[i]);
638 vnc_write(vs, buf, vs->clientds.pf.bytes_per_pixel);
641 fprintf(stderr, "vnc_write_pixels_generic: VncState color depth not supported\n");
645 static void send_framebuffer_update_raw(VncState *vs, int x, int y, int w, int h)
649 VncDisplay *vd = vs->vd;
651 row = vd->server->data + y * ds_get_linesize(vs->ds) + x * ds_get_bytes_per_pixel(vs->ds);
652 for (i = 0; i < h; i++) {
653 vs->write_pixels(vs, row, w * ds_get_bytes_per_pixel(vs->ds));
654 row += ds_get_linesize(vs->ds);
658 static void hextile_enc_cord(uint8_t *ptr, int x, int y, int w, int h)
660 ptr[0] = ((x & 0x0F) << 4) | (y & 0x0F);
661 ptr[1] = (((w - 1) & 0x0F) << 4) | ((h - 1) & 0x0F);
665 #include "vnchextile.h"
669 #include "vnchextile.h"
673 #include "vnchextile.h"
678 #include "vnchextile.h"
684 #include "vnchextile.h"
690 #include "vnchextile.h"
694 static void send_framebuffer_update_hextile(VncState *vs, int x, int y, int w, int h)
698 uint8_t *last_fg, *last_bg;
699 VncDisplay *vd = vs->vd;
701 last_fg = (uint8_t *) qemu_malloc(vd->server->pf.bytes_per_pixel);
702 last_bg = (uint8_t *) qemu_malloc(vd->server->pf.bytes_per_pixel);
704 for (j = y; j < (y + h); j += 16) {
705 for (i = x; i < (x + w); i += 16) {
706 vs->send_hextile_tile(vs, i, j,
707 MIN(16, x + w - i), MIN(16, y + h - j),
708 last_bg, last_fg, &has_bg, &has_fg);
716 #define ZALLOC_ALIGNMENT 16
718 static void *zalloc(void *x, unsigned items, unsigned size)
723 size = (size + ZALLOC_ALIGNMENT - 1) & ~(ZALLOC_ALIGNMENT - 1);
725 p = qemu_mallocz(size);
730 static void zfree(void *x, void *addr)
735 static void vnc_zlib_init(VncState *vs)
738 for (i=0; i<(sizeof(vs->zlib_stream) / sizeof(z_stream)); i++)
739 vs->zlib_stream[i].opaque = NULL;
742 static void vnc_zlib_start(VncState *vs)
744 buffer_reset(&vs->zlib);
746 // make the output buffer be the zlib buffer, so we can compress it later
747 vs->zlib_tmp = vs->output;
748 vs->output = vs->zlib;
751 static int vnc_zlib_stop(VncState *vs, int stream_id)
753 z_streamp zstream = &vs->zlib_stream[stream_id];
756 // switch back to normal output/zlib buffers
757 vs->zlib = vs->output;
758 vs->output = vs->zlib_tmp;
760 // compress the zlib buffer
762 // initialize the stream
763 // XXX need one stream per session
764 if (zstream->opaque != vs) {
767 VNC_DEBUG("VNC: initializing zlib stream %d\n", stream_id);
768 VNC_DEBUG("VNC: opaque = %p | vs = %p\n", zstream->opaque, vs);
769 zstream->zalloc = zalloc;
770 zstream->zfree = zfree;
772 err = deflateInit2(zstream, vs->tight_compression, Z_DEFLATED, MAX_WBITS,
773 MAX_MEM_LEVEL, Z_DEFAULT_STRATEGY);
776 fprintf(stderr, "VNC: error initializing zlib\n");
780 zstream->opaque = vs;
783 // XXX what to do if tight_compression changed in between?
785 // reserve memory in output buffer
786 buffer_reserve(&vs->output, vs->zlib.offset + 64);
789 zstream->next_in = vs->zlib.buffer;
790 zstream->avail_in = vs->zlib.offset;
791 zstream->next_out = vs->output.buffer + vs->output.offset;
792 zstream->avail_out = vs->output.capacity - vs->output.offset;
793 zstream->data_type = Z_BINARY;
794 previous_out = zstream->total_out;
797 if (deflate(zstream, Z_SYNC_FLUSH) != Z_OK) {
798 fprintf(stderr, "VNC: error during zlib compression\n");
802 vs->output.offset = vs->output.capacity - zstream->avail_out;
803 return zstream->total_out - previous_out;
806 static void send_framebuffer_update_zlib(VncState *vs, int x, int y, int w, int h)
808 int old_offset, new_offset, bytes_written;
810 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_ZLIB);
812 // remember where we put in the follow-up size
813 old_offset = vs->output.offset;
814 vnc_write_s32(vs, 0);
816 // compress the stream
818 send_framebuffer_update_raw(vs, x, y, w, h);
819 bytes_written = vnc_zlib_stop(vs, 0);
821 if (bytes_written == -1)
825 new_offset = vs->output.offset;
826 vs->output.offset = old_offset;
827 vnc_write_u32(vs, bytes_written);
828 vs->output.offset = new_offset;
831 static void send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
833 switch(vs->vnc_encoding) {
834 case VNC_ENCODING_ZLIB:
835 send_framebuffer_update_zlib(vs, x, y, w, h);
837 case VNC_ENCODING_HEXTILE:
838 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE);
839 send_framebuffer_update_hextile(vs, x, y, w, h);
842 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW);
843 send_framebuffer_update_raw(vs, x, y, w, h);
848 static void vnc_copy(VncState *vs, int src_x, int src_y, int dst_x, int dst_y, int w, int h)
850 /* send bitblit op to the vnc client */
851 vnc_write_u8(vs, 0); /* msg id */
853 vnc_write_u16(vs, 1); /* number of rects */
854 vnc_framebuffer_update(vs, dst_x, dst_y, w, h, VNC_ENCODING_COPYRECT);
855 vnc_write_u16(vs, src_x);
856 vnc_write_u16(vs, src_y);
860 static void vnc_dpy_copy(DisplayState *ds, int src_x, int src_y, int dst_x, int dst_y, int w, int h)
862 VncDisplay *vd = ds->opaque;
866 int i,x,y,pitch,depth,inc,w_lim,s;
869 vnc_refresh_server_surface(vd);
870 for (vs = vd->clients; vs != NULL; vs = vn) {
872 if (vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
873 vs->force_update = 1;
874 vnc_update_client(vs, 1);
875 /* vs might be free()ed here */
879 /* do bitblit op on the local surface too */
880 pitch = ds_get_linesize(vd->ds);
881 depth = ds_get_bytes_per_pixel(vd->ds);
882 src_row = vd->server->data + pitch * src_y + depth * src_x;
883 dst_row = vd->server->data + pitch * dst_y + depth * dst_x;
888 src_row += pitch * (h-1);
889 dst_row += pitch * (h-1);
894 w_lim = w - (16 - (dst_x % 16));
898 w_lim = w - (w_lim % 16);
899 for (i = 0; i < h; i++) {
900 for (x = 0; x <= w_lim;
901 x += s, src_row += cmp_bytes, dst_row += cmp_bytes) {
903 if ((s = w - w_lim) == 0)
906 s = (16 - (dst_x % 16));
911 cmp_bytes = s * depth;
912 if (memcmp(src_row, dst_row, cmp_bytes) == 0)
914 memmove(dst_row, src_row, cmp_bytes);
917 if (!vnc_has_feature(vs, VNC_FEATURE_COPYRECT))
918 vnc_set_bit(vs->dirty[y], ((x + dst_x) / 16));
922 src_row += pitch - w * depth;
923 dst_row += pitch - w * depth;
927 for (vs = vd->clients; vs != NULL; vs = vs->next) {
928 if (vnc_has_feature(vs, VNC_FEATURE_COPYRECT))
929 vnc_copy(vs, src_x, src_y, dst_x, dst_y, w, h);
933 static int find_and_clear_dirty_height(struct VncState *vs,
934 int y, int last_x, int x)
937 VncDisplay *vd = vs->vd;
939 for (h = 1; h < (vd->server->height - y); h++) {
941 if (!vnc_get_bit(vs->dirty[y + h], last_x))
943 for (tmp_x = last_x; tmp_x < x; tmp_x++)
944 vnc_clear_bit(vs->dirty[y + h], tmp_x);
950 static int vnc_update_client(VncState *vs, int has_dirty)
952 if (vs->need_update && vs->csock != -1) {
953 VncDisplay *vd = vs->vd;
958 if (vs->output.offset && !vs->audio_cap && !vs->force_update)
959 /* kernel send buffers are full -> drop frames to throttle */
962 if (!has_dirty && !vs->audio_cap && !vs->force_update)
966 * Send screen updates to the vnc client using the server
967 * surface and server dirty map. guest surface updates
968 * happening in parallel don't disturb us, the next pass will
969 * send them to the client.
972 vnc_write_u8(vs, 0); /* msg id */
974 saved_offset = vs->output.offset;
975 vnc_write_u16(vs, 0);
977 for (y = 0; y < vd->server->height; y++) {
980 for (x = 0; x < vd->server->width / 16; x++) {
981 if (vnc_get_bit(vs->dirty[y], x)) {
985 vnc_clear_bit(vs->dirty[y], x);
988 int h = find_and_clear_dirty_height(vs, y, last_x, x);
989 send_framebuffer_update(vs, last_x * 16, y, (x - last_x) * 16, h);
996 int h = find_and_clear_dirty_height(vs, y, last_x, x);
997 send_framebuffer_update(vs, last_x * 16, y, (x - last_x) * 16, h);
1001 vs->output.buffer[saved_offset] = (n_rectangles >> 8) & 0xFF;
1002 vs->output.buffer[saved_offset + 1] = n_rectangles & 0xFF;
1004 vs->force_update = 0;
1005 return n_rectangles;
1008 if (vs->csock == -1)
1009 vnc_disconnect_finish(vs);
1015 static void audio_capture_notify(void *opaque, audcnotification_e cmd)
1017 VncState *vs = opaque;
1020 case AUD_CNOTIFY_DISABLE:
1021 vnc_write_u8(vs, 255);
1022 vnc_write_u8(vs, 1);
1023 vnc_write_u16(vs, 0);
1027 case AUD_CNOTIFY_ENABLE:
1028 vnc_write_u8(vs, 255);
1029 vnc_write_u8(vs, 1);
1030 vnc_write_u16(vs, 1);
1036 static void audio_capture_destroy(void *opaque)
1040 static void audio_capture(void *opaque, void *buf, int size)
1042 VncState *vs = opaque;
1044 vnc_write_u8(vs, 255);
1045 vnc_write_u8(vs, 1);
1046 vnc_write_u16(vs, 2);
1047 vnc_write_u32(vs, size);
1048 vnc_write(vs, buf, size);
1052 static void audio_add(VncState *vs)
1054 Monitor *mon = cur_mon;
1055 struct audio_capture_ops ops;
1057 if (vs->audio_cap) {
1058 monitor_printf(mon, "audio already running\n");
1062 ops.notify = audio_capture_notify;
1063 ops.destroy = audio_capture_destroy;
1064 ops.capture = audio_capture;
1066 vs->audio_cap = AUD_add_capture(&vs->as, &ops, vs);
1067 if (!vs->audio_cap) {
1068 monitor_printf(mon, "Failed to add audio capture\n");
1072 static void audio_del(VncState *vs)
1074 if (vs->audio_cap) {
1075 AUD_del_capture(vs->audio_cap, vs);
1076 vs->audio_cap = NULL;
1080 static void vnc_disconnect_start(VncState *vs)
1082 if (vs->csock == -1)
1084 qemu_set_fd_handler2(vs->csock, NULL, NULL, NULL, NULL);
1085 closesocket(vs->csock);
1089 static void vnc_disconnect_finish(VncState *vs)
1091 vnc_qmp_event(vs, QEVENT_VNC_DISCONNECTED);
1093 if (vs->input.buffer) {
1094 qemu_free(vs->input.buffer);
1095 vs->input.buffer = NULL;
1097 if (vs->output.buffer) {
1098 qemu_free(vs->output.buffer);
1099 vs->output.buffer = NULL;
1102 qobject_decref(vs->info);
1104 #ifdef CONFIG_VNC_TLS
1105 vnc_tls_client_cleanup(vs);
1106 #endif /* CONFIG_VNC_TLS */
1107 #ifdef CONFIG_VNC_SASL
1108 vnc_sasl_client_cleanup(vs);
1109 #endif /* CONFIG_VNC_SASL */
1112 VncState *p, *parent = NULL;
1113 for (p = vs->vd->clients; p != NULL; p = p->next) {
1116 parent->next = p->next;
1118 vs->vd->clients = p->next;
1123 if (!vs->vd->clients)
1126 vnc_remove_timer(vs->vd);
1130 int vnc_client_io_error(VncState *vs, int ret, int last_errno)
1132 if (ret == 0 || ret == -1) {
1134 switch (last_errno) {
1138 case WSAEWOULDBLOCK:
1146 VNC_DEBUG("Closing down client sock: ret %d, errno %d\n",
1147 ret, ret < 0 ? last_errno : 0);
1148 vnc_disconnect_start(vs);
1156 void vnc_client_error(VncState *vs)
1158 VNC_DEBUG("Closing down client sock: protocol error\n");
1159 vnc_disconnect_start(vs);
1164 * Called to write a chunk of data to the client socket. The data may
1165 * be the raw data, or may have already been encoded by SASL.
1166 * The data will be written either straight onto the socket, or
1167 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled
1169 * NB, it is theoretically possible to have 2 layers of encryption,
1170 * both SASL, and this TLS layer. It is highly unlikely in practice
1171 * though, since SASL encryption will typically be a no-op if TLS
1174 * Returns the number of bytes written, which may be less than
1175 * the requested 'datalen' if the socket would block. Returns
1176 * -1 on error, and disconnects the client socket.
1178 long vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen)
1181 #ifdef CONFIG_VNC_TLS
1182 if (vs->tls.session) {
1183 ret = gnutls_write(vs->tls.session, data, datalen);
1185 if (ret == GNUTLS_E_AGAIN)
1192 #endif /* CONFIG_VNC_TLS */
1193 ret = send(vs->csock, (const void *)data, datalen, 0);
1194 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret);
1195 return vnc_client_io_error(vs, ret, socket_error());
1200 * Called to write buffered data to the client socket, when not
1201 * using any SASL SSF encryption layers. Will write as much data
1202 * as possible without blocking. If all buffered data is written,
1203 * will switch the FD poll() handler back to read monitoring.
1205 * Returns the number of bytes written, which may be less than
1206 * the buffered output data if the socket would block. Returns
1207 * -1 on error, and disconnects the client socket.
1209 static long vnc_client_write_plain(VncState *vs)
1213 #ifdef CONFIG_VNC_SASL
1214 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n",
1215 vs->output.buffer, vs->output.capacity, vs->output.offset,
1216 vs->sasl.waitWriteSSF);
1218 if (vs->sasl.conn &&
1220 vs->sasl.waitWriteSSF) {
1221 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF);
1223 vs->sasl.waitWriteSSF -= ret;
1225 #endif /* CONFIG_VNC_SASL */
1226 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset);
1230 memmove(vs->output.buffer, vs->output.buffer + ret, (vs->output.offset - ret));
1231 vs->output.offset -= ret;
1233 if (vs->output.offset == 0) {
1234 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
1242 * First function called whenever there is data to be written to
1243 * the client socket. Will delegate actual work according to whether
1244 * SASL SSF layers are enabled (thus requiring encryption calls)
1246 void vnc_client_write(void *opaque)
1249 VncState *vs = opaque;
1251 #ifdef CONFIG_VNC_SASL
1252 if (vs->sasl.conn &&
1254 !vs->sasl.waitWriteSSF)
1255 ret = vnc_client_write_sasl(vs);
1257 #endif /* CONFIG_VNC_SASL */
1258 ret = vnc_client_write_plain(vs);
1261 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting)
1263 vs->read_handler = func;
1264 vs->read_handler_expect = expecting;
1269 * Called to read a chunk of data from the client socket. The data may
1270 * be the raw data, or may need to be further decoded by SASL.
1271 * The data will be read either straight from to the socket, or
1272 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled
1274 * NB, it is theoretically possible to have 2 layers of encryption,
1275 * both SASL, and this TLS layer. It is highly unlikely in practice
1276 * though, since SASL encryption will typically be a no-op if TLS
1279 * Returns the number of bytes read, which may be less than
1280 * the requested 'datalen' if the socket would block. Returns
1281 * -1 on error, and disconnects the client socket.
1283 long vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen)
1286 #ifdef CONFIG_VNC_TLS
1287 if (vs->tls.session) {
1288 ret = gnutls_read(vs->tls.session, data, datalen);
1290 if (ret == GNUTLS_E_AGAIN)
1297 #endif /* CONFIG_VNC_TLS */
1298 ret = recv(vs->csock, (void *)data, datalen, 0);
1299 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret);
1300 return vnc_client_io_error(vs, ret, socket_error());
1305 * Called to read data from the client socket to the input buffer,
1306 * when not using any SASL SSF encryption layers. Will read as much
1307 * data as possible without blocking.
1309 * Returns the number of bytes read. Returns -1 on error, and
1310 * disconnects the client socket.
1312 static long vnc_client_read_plain(VncState *vs)
1315 VNC_DEBUG("Read plain %p size %zd offset %zd\n",
1316 vs->input.buffer, vs->input.capacity, vs->input.offset);
1317 buffer_reserve(&vs->input, 4096);
1318 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096);
1321 vs->input.offset += ret;
1327 * First function called whenever there is more data to be read from
1328 * the client socket. Will delegate actual work according to whether
1329 * SASL SSF layers are enabled (thus requiring decryption calls)
1331 void vnc_client_read(void *opaque)
1333 VncState *vs = opaque;
1336 #ifdef CONFIG_VNC_SASL
1337 if (vs->sasl.conn && vs->sasl.runSSF)
1338 ret = vnc_client_read_sasl(vs);
1340 #endif /* CONFIG_VNC_SASL */
1341 ret = vnc_client_read_plain(vs);
1343 if (vs->csock == -1)
1344 vnc_disconnect_finish(vs);
1348 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) {
1349 size_t len = vs->read_handler_expect;
1352 ret = vs->read_handler(vs, vs->input.buffer, len);
1353 if (vs->csock == -1) {
1354 vnc_disconnect_finish(vs);
1359 memmove(vs->input.buffer, vs->input.buffer + len, (vs->input.offset - len));
1360 vs->input.offset -= len;
1362 vs->read_handler_expect = ret;
1367 void vnc_write(VncState *vs, const void *data, size_t len)
1369 buffer_reserve(&vs->output, len);
1371 if (vs->csock != -1 && buffer_empty(&vs->output)) {
1372 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, vnc_client_write, vs);
1375 buffer_append(&vs->output, data, len);
1378 void vnc_write_s32(VncState *vs, int32_t value)
1380 vnc_write_u32(vs, *(uint32_t *)&value);
1383 void vnc_write_u32(VncState *vs, uint32_t value)
1387 buf[0] = (value >> 24) & 0xFF;
1388 buf[1] = (value >> 16) & 0xFF;
1389 buf[2] = (value >> 8) & 0xFF;
1390 buf[3] = value & 0xFF;
1392 vnc_write(vs, buf, 4);
1395 void vnc_write_u16(VncState *vs, uint16_t value)
1399 buf[0] = (value >> 8) & 0xFF;
1400 buf[1] = value & 0xFF;
1402 vnc_write(vs, buf, 2);
1405 void vnc_write_u8(VncState *vs, uint8_t value)
1407 vnc_write(vs, (char *)&value, 1);
1410 void vnc_flush(VncState *vs)
1412 if (vs->csock != -1 && vs->output.offset)
1413 vnc_client_write(vs);
1416 uint8_t read_u8(uint8_t *data, size_t offset)
1418 return data[offset];
1421 uint16_t read_u16(uint8_t *data, size_t offset)
1423 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF);
1426 int32_t read_s32(uint8_t *data, size_t offset)
1428 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) |
1429 (data[offset + 2] << 8) | data[offset + 3]);
1432 uint32_t read_u32(uint8_t *data, size_t offset)
1434 return ((data[offset] << 24) | (data[offset + 1] << 16) |
1435 (data[offset + 2] << 8) | data[offset + 3]);
1438 static void client_cut_text(VncState *vs, size_t len, uint8_t *text)
1442 static void check_pointer_type_change(VncState *vs, int absolute)
1444 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) {
1445 vnc_write_u8(vs, 0);
1446 vnc_write_u8(vs, 0);
1447 vnc_write_u16(vs, 1);
1448 vnc_framebuffer_update(vs, absolute, 0,
1449 ds_get_width(vs->ds), ds_get_height(vs->ds),
1450 VNC_ENCODING_POINTER_TYPE_CHANGE);
1453 vs->absolute = absolute;
1456 static void pointer_event(VncState *vs, int button_mask, int x, int y)
1461 if (button_mask & 0x01)
1462 buttons |= MOUSE_EVENT_LBUTTON;
1463 if (button_mask & 0x02)
1464 buttons |= MOUSE_EVENT_MBUTTON;
1465 if (button_mask & 0x04)
1466 buttons |= MOUSE_EVENT_RBUTTON;
1467 if (button_mask & 0x08)
1469 if (button_mask & 0x10)
1473 kbd_mouse_event(x * 0x7FFF / (ds_get_width(vs->ds) - 1),
1474 y * 0x7FFF / (ds_get_height(vs->ds) - 1),
1476 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) {
1480 kbd_mouse_event(x, y, dz, buttons);
1482 if (vs->last_x != -1)
1483 kbd_mouse_event(x - vs->last_x,
1490 check_pointer_type_change(vs, kbd_mouse_is_absolute());
1493 static void reset_keys(VncState *vs)
1496 for(i = 0; i < 256; i++) {
1497 if (vs->modifiers_state[i]) {
1499 kbd_put_keycode(0xe0);
1500 kbd_put_keycode(i | 0x80);
1501 vs->modifiers_state[i] = 0;
1506 static void press_key(VncState *vs, int keysym)
1508 kbd_put_keycode(keysym2scancode(vs->vd->kbd_layout, keysym) & 0x7f);
1509 kbd_put_keycode(keysym2scancode(vs->vd->kbd_layout, keysym) | 0x80);
1512 static void do_key_event(VncState *vs, int down, int keycode, int sym)
1514 /* QEMU console switch */
1516 case 0x2a: /* Left Shift */
1517 case 0x36: /* Right Shift */
1518 case 0x1d: /* Left CTRL */
1519 case 0x9d: /* Right CTRL */
1520 case 0x38: /* Left ALT */
1521 case 0xb8: /* Right ALT */
1523 vs->modifiers_state[keycode] = 1;
1525 vs->modifiers_state[keycode] = 0;
1527 case 0x02 ... 0x0a: /* '1' to '9' keys */
1528 if (down && vs->modifiers_state[0x1d] && vs->modifiers_state[0x38]) {
1529 /* Reset the modifiers sent to the current console */
1531 console_select(keycode - 0x02);
1535 case 0x3a: /* CapsLock */
1536 case 0x45: /* NumLock */
1538 vs->modifiers_state[keycode] ^= 1;
1542 if (keycode_is_keypad(vs->vd->kbd_layout, keycode)) {
1543 /* If the numlock state needs to change then simulate an additional
1544 keypress before sending this one. This will happen if the user
1545 toggles numlock away from the VNC window.
1547 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) {
1548 if (!vs->modifiers_state[0x45]) {
1549 vs->modifiers_state[0x45] = 1;
1550 press_key(vs, 0xff7f);
1553 if (vs->modifiers_state[0x45]) {
1554 vs->modifiers_state[0x45] = 0;
1555 press_key(vs, 0xff7f);
1560 if ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z')) {
1561 /* If the capslock state needs to change then simulate an additional
1562 keypress before sending this one. This will happen if the user
1563 toggles capslock away from the VNC window.
1565 int uppercase = !!(sym >= 'A' && sym <= 'Z');
1566 int shift = !!(vs->modifiers_state[0x2a] | vs->modifiers_state[0x36]);
1567 int capslock = !!(vs->modifiers_state[0x3a]);
1569 if (uppercase == shift) {
1570 vs->modifiers_state[0x3a] = 0;
1571 press_key(vs, 0xffe5);
1574 if (uppercase != shift) {
1575 vs->modifiers_state[0x3a] = 1;
1576 press_key(vs, 0xffe5);
1581 if (is_graphic_console()) {
1583 kbd_put_keycode(0xe0);
1585 kbd_put_keycode(keycode & 0x7f);
1587 kbd_put_keycode(keycode | 0x80);
1589 /* QEMU console emulation */
1591 int numlock = vs->modifiers_state[0x45];
1593 case 0x2a: /* Left Shift */
1594 case 0x36: /* Right Shift */
1595 case 0x1d: /* Left CTRL */
1596 case 0x9d: /* Right CTRL */
1597 case 0x38: /* Left ALT */
1598 case 0xb8: /* Right ALT */
1601 kbd_put_keysym(QEMU_KEY_UP);
1604 kbd_put_keysym(QEMU_KEY_DOWN);
1607 kbd_put_keysym(QEMU_KEY_LEFT);
1610 kbd_put_keysym(QEMU_KEY_RIGHT);
1613 kbd_put_keysym(QEMU_KEY_DELETE);
1616 kbd_put_keysym(QEMU_KEY_HOME);
1619 kbd_put_keysym(QEMU_KEY_END);
1622 kbd_put_keysym(QEMU_KEY_PAGEUP);
1625 kbd_put_keysym(QEMU_KEY_PAGEDOWN);
1629 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME);
1632 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP);
1635 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP);
1638 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT);
1641 kbd_put_keysym('5');
1644 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT);
1647 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END);
1650 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN);
1653 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN);
1656 kbd_put_keysym('0');
1659 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE);
1663 kbd_put_keysym('/');
1666 kbd_put_keysym('*');
1669 kbd_put_keysym('-');
1672 kbd_put_keysym('+');
1675 kbd_put_keysym('\n');
1679 kbd_put_keysym(sym);
1686 static void key_event(VncState *vs, int down, uint32_t sym)
1691 if (lsym >= 'A' && lsym <= 'Z' && is_graphic_console()) {
1692 lsym = lsym - 'A' + 'a';
1695 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF);
1696 do_key_event(vs, down, keycode, sym);
1699 static void ext_key_event(VncState *vs, int down,
1700 uint32_t sym, uint16_t keycode)
1702 /* if the user specifies a keyboard layout, always use it */
1703 if (keyboard_layout)
1704 key_event(vs, down, sym);
1706 do_key_event(vs, down, keycode, sym);
1709 static void framebuffer_update_request(VncState *vs, int incremental,
1710 int x_position, int y_position,
1713 if (x_position > ds_get_width(vs->ds))
1714 x_position = ds_get_width(vs->ds);
1715 if (y_position > ds_get_height(vs->ds))
1716 y_position = ds_get_height(vs->ds);
1717 if (x_position + w >= ds_get_width(vs->ds))
1718 w = ds_get_width(vs->ds) - x_position;
1719 if (y_position + h >= ds_get_height(vs->ds))
1720 h = ds_get_height(vs->ds) - y_position;
1723 vs->need_update = 1;
1725 vs->force_update = 1;
1726 for (i = 0; i < h; i++) {
1727 vnc_set_bits(vs->dirty[y_position + i],
1728 (ds_get_width(vs->ds) / 16), VNC_DIRTY_WORDS);
1733 static void send_ext_key_event_ack(VncState *vs)
1735 vnc_write_u8(vs, 0);
1736 vnc_write_u8(vs, 0);
1737 vnc_write_u16(vs, 1);
1738 vnc_framebuffer_update(vs, 0, 0, ds_get_width(vs->ds), ds_get_height(vs->ds),
1739 VNC_ENCODING_EXT_KEY_EVENT);
1743 static void send_ext_audio_ack(VncState *vs)
1745 vnc_write_u8(vs, 0);
1746 vnc_write_u8(vs, 0);
1747 vnc_write_u16(vs, 1);
1748 vnc_framebuffer_update(vs, 0, 0, ds_get_width(vs->ds), ds_get_height(vs->ds),
1749 VNC_ENCODING_AUDIO);
1753 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings)
1756 unsigned int enc = 0;
1760 vs->vnc_encoding = 0;
1761 vs->tight_compression = 9;
1762 vs->tight_quality = 9;
1765 for (i = n_encodings - 1; i >= 0; i--) {
1768 case VNC_ENCODING_RAW:
1769 vs->vnc_encoding = enc;
1771 case VNC_ENCODING_COPYRECT:
1772 vs->features |= VNC_FEATURE_COPYRECT_MASK;
1774 case VNC_ENCODING_HEXTILE:
1775 vs->features |= VNC_FEATURE_HEXTILE_MASK;
1776 vs->vnc_encoding = enc;
1778 case VNC_ENCODING_ZLIB:
1779 vs->features |= VNC_FEATURE_ZLIB_MASK;
1780 vs->vnc_encoding = enc;
1782 case VNC_ENCODING_DESKTOPRESIZE:
1783 vs->features |= VNC_FEATURE_RESIZE_MASK;
1785 case VNC_ENCODING_POINTER_TYPE_CHANGE:
1786 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK;
1788 case VNC_ENCODING_EXT_KEY_EVENT:
1789 send_ext_key_event_ack(vs);
1791 case VNC_ENCODING_AUDIO:
1792 send_ext_audio_ack(vs);
1794 case VNC_ENCODING_WMVi:
1795 vs->features |= VNC_FEATURE_WMVI_MASK;
1797 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9:
1798 vs->tight_compression = (enc & 0x0F);
1800 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9:
1801 vs->tight_quality = (enc & 0x0F);
1804 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc);
1809 check_pointer_type_change(vs, kbd_mouse_is_absolute());
1812 static void set_pixel_conversion(VncState *vs)
1814 if ((vs->clientds.flags & QEMU_BIG_ENDIAN_FLAG) ==
1815 (vs->ds->surface->flags & QEMU_BIG_ENDIAN_FLAG) &&
1816 !memcmp(&(vs->clientds.pf), &(vs->ds->surface->pf), sizeof(PixelFormat))) {
1817 vs->write_pixels = vnc_write_pixels_copy;
1818 switch (vs->ds->surface->pf.bits_per_pixel) {
1820 vs->send_hextile_tile = send_hextile_tile_8;
1823 vs->send_hextile_tile = send_hextile_tile_16;
1826 vs->send_hextile_tile = send_hextile_tile_32;
1830 vs->write_pixels = vnc_write_pixels_generic;
1831 switch (vs->ds->surface->pf.bits_per_pixel) {
1833 vs->send_hextile_tile = send_hextile_tile_generic_8;
1836 vs->send_hextile_tile = send_hextile_tile_generic_16;
1839 vs->send_hextile_tile = send_hextile_tile_generic_32;
1845 static void set_pixel_format(VncState *vs,
1846 int bits_per_pixel, int depth,
1847 int big_endian_flag, int true_color_flag,
1848 int red_max, int green_max, int blue_max,
1849 int red_shift, int green_shift, int blue_shift)
1851 if (!true_color_flag) {
1852 vnc_client_error(vs);
1856 vs->clientds = *(vs->vd->guest.ds);
1857 vs->clientds.pf.rmax = red_max;
1858 count_bits(vs->clientds.pf.rbits, red_max);
1859 vs->clientds.pf.rshift = red_shift;
1860 vs->clientds.pf.rmask = red_max << red_shift;
1861 vs->clientds.pf.gmax = green_max;
1862 count_bits(vs->clientds.pf.gbits, green_max);
1863 vs->clientds.pf.gshift = green_shift;
1864 vs->clientds.pf.gmask = green_max << green_shift;
1865 vs->clientds.pf.bmax = blue_max;
1866 count_bits(vs->clientds.pf.bbits, blue_max);
1867 vs->clientds.pf.bshift = blue_shift;
1868 vs->clientds.pf.bmask = blue_max << blue_shift;
1869 vs->clientds.pf.bits_per_pixel = bits_per_pixel;
1870 vs->clientds.pf.bytes_per_pixel = bits_per_pixel / 8;
1871 vs->clientds.pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel;
1872 vs->clientds.flags = big_endian_flag ? QEMU_BIG_ENDIAN_FLAG : 0x00;
1874 set_pixel_conversion(vs);
1876 vga_hw_invalidate();
1880 static void pixel_format_message (VncState *vs) {
1881 char pad[3] = { 0, 0, 0 };
1883 vnc_write_u8(vs, vs->ds->surface->pf.bits_per_pixel); /* bits-per-pixel */
1884 vnc_write_u8(vs, vs->ds->surface->pf.depth); /* depth */
1886 #ifdef HOST_WORDS_BIGENDIAN
1887 vnc_write_u8(vs, 1); /* big-endian-flag */
1889 vnc_write_u8(vs, 0); /* big-endian-flag */
1891 vnc_write_u8(vs, 1); /* true-color-flag */
1892 vnc_write_u16(vs, vs->ds->surface->pf.rmax); /* red-max */
1893 vnc_write_u16(vs, vs->ds->surface->pf.gmax); /* green-max */
1894 vnc_write_u16(vs, vs->ds->surface->pf.bmax); /* blue-max */
1895 vnc_write_u8(vs, vs->ds->surface->pf.rshift); /* red-shift */
1896 vnc_write_u8(vs, vs->ds->surface->pf.gshift); /* green-shift */
1897 vnc_write_u8(vs, vs->ds->surface->pf.bshift); /* blue-shift */
1898 if (vs->ds->surface->pf.bits_per_pixel == 32)
1899 vs->send_hextile_tile = send_hextile_tile_32;
1900 else if (vs->ds->surface->pf.bits_per_pixel == 16)
1901 vs->send_hextile_tile = send_hextile_tile_16;
1902 else if (vs->ds->surface->pf.bits_per_pixel == 8)
1903 vs->send_hextile_tile = send_hextile_tile_8;
1904 vs->clientds = *(vs->ds->surface);
1905 vs->clientds.flags &= ~QEMU_ALLOCATED_FLAG;
1906 vs->write_pixels = vnc_write_pixels_copy;
1908 vnc_write(vs, pad, 3); /* padding */
1911 static void vnc_dpy_setdata(DisplayState *ds)
1913 /* We don't have to do anything */
1916 static void vnc_colordepth(VncState *vs)
1918 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) {
1919 /* Sending a WMVi message to notify the client*/
1920 vnc_write_u8(vs, 0); /* msg id */
1921 vnc_write_u8(vs, 0);
1922 vnc_write_u16(vs, 1); /* number of rects */
1923 vnc_framebuffer_update(vs, 0, 0, ds_get_width(vs->ds),
1924 ds_get_height(vs->ds), VNC_ENCODING_WMVi);
1925 pixel_format_message(vs);
1928 set_pixel_conversion(vs);
1932 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
1936 VncDisplay *vd = vs->vd;
1939 vd->timer_interval = VNC_REFRESH_INTERVAL_BASE;
1940 if (!qemu_timer_expired(vd->timer, qemu_get_clock(rt_clock) + vd->timer_interval))
1941 qemu_mod_timer(vd->timer, qemu_get_clock(rt_clock) + vd->timer_interval);
1949 set_pixel_format(vs, read_u8(data, 4), read_u8(data, 5),
1950 read_u8(data, 6), read_u8(data, 7),
1951 read_u16(data, 8), read_u16(data, 10),
1952 read_u16(data, 12), read_u8(data, 14),
1953 read_u8(data, 15), read_u8(data, 16));
1960 limit = read_u16(data, 2);
1962 return 4 + (limit * 4);
1964 limit = read_u16(data, 2);
1966 for (i = 0; i < limit; i++) {
1967 int32_t val = read_s32(data, 4 + (i * 4));
1968 memcpy(data + 4 + (i * 4), &val, sizeof(val));
1971 set_encodings(vs, (int32_t *)(data + 4), limit);
1977 framebuffer_update_request(vs,
1978 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4),
1979 read_u16(data, 6), read_u16(data, 8));
1985 key_event(vs, read_u8(data, 1), read_u32(data, 4));
1991 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4));
1998 uint32_t dlen = read_u32(data, 4);
2003 client_cut_text(vs, read_u32(data, 4), data + 8);
2009 switch (read_u8(data, 1)) {
2014 ext_key_event(vs, read_u16(data, 2),
2015 read_u32(data, 4), read_u32(data, 8));
2021 switch (read_u16 (data, 2)) {
2031 switch (read_u8(data, 4)) {
2032 case 0: vs->as.fmt = AUD_FMT_U8; break;
2033 case 1: vs->as.fmt = AUD_FMT_S8; break;
2034 case 2: vs->as.fmt = AUD_FMT_U16; break;
2035 case 3: vs->as.fmt = AUD_FMT_S16; break;
2036 case 4: vs->as.fmt = AUD_FMT_U32; break;
2037 case 5: vs->as.fmt = AUD_FMT_S32; break;
2039 printf("Invalid audio format %d\n", read_u8(data, 4));
2040 vnc_client_error(vs);
2043 vs->as.nchannels = read_u8(data, 5);
2044 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) {
2045 printf("Invalid audio channel coount %d\n",
2047 vnc_client_error(vs);
2050 vs->as.freq = read_u32(data, 6);
2053 printf ("Invalid audio message %d\n", read_u8(data, 4));
2054 vnc_client_error(vs);
2060 printf("Msg: %d\n", read_u16(data, 0));
2061 vnc_client_error(vs);
2066 printf("Msg: %d\n", data[0]);
2067 vnc_client_error(vs);
2071 vnc_read_when(vs, protocol_client_msg, 1);
2075 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len)
2080 vnc_write_u16(vs, ds_get_width(vs->ds));
2081 vnc_write_u16(vs, ds_get_height(vs->ds));
2083 pixel_format_message(vs);
2086 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name);
2088 size = snprintf(buf, sizeof(buf), "QEMU");
2090 vnc_write_u32(vs, size);
2091 vnc_write(vs, buf, size);
2094 vnc_client_cache_auth(vs);
2095 vnc_qmp_event(vs, QEVENT_VNC_INITIALIZED);
2097 vnc_read_when(vs, protocol_client_msg, 1);
2102 void start_client_init(VncState *vs)
2104 vnc_read_when(vs, protocol_client_init, 1);
2107 static void make_challenge(VncState *vs)
2111 srand(time(NULL)+getpid()+getpid()*987654+rand());
2113 for (i = 0 ; i < sizeof(vs->challenge) ; i++)
2114 vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
2117 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
2119 unsigned char response[VNC_AUTH_CHALLENGE_SIZE];
2121 unsigned char key[8];
2123 if (!vs->vd->password || !vs->vd->password[0]) {
2124 VNC_DEBUG("No password configured on server");
2125 vnc_write_u32(vs, 1); /* Reject auth */
2126 if (vs->minor >= 8) {
2127 static const char err[] = "Authentication failed";
2128 vnc_write_u32(vs, sizeof(err));
2129 vnc_write(vs, err, sizeof(err));
2132 vnc_client_error(vs);
2136 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE);
2138 /* Calculate the expected challenge response */
2139 pwlen = strlen(vs->vd->password);
2140 for (i=0; i<sizeof(key); i++)
2141 key[i] = i<pwlen ? vs->vd->password[i] : 0;
2143 for (j = 0; j < VNC_AUTH_CHALLENGE_SIZE; j += 8)
2144 des(response+j, response+j);
2146 /* Compare expected vs actual challenge response */
2147 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) {
2148 VNC_DEBUG("Client challenge reponse did not match\n");
2149 vnc_write_u32(vs, 1); /* Reject auth */
2150 if (vs->minor >= 8) {
2151 static const char err[] = "Authentication failed";
2152 vnc_write_u32(vs, sizeof(err));
2153 vnc_write(vs, err, sizeof(err));
2156 vnc_client_error(vs);
2158 VNC_DEBUG("Accepting VNC challenge response\n");
2159 vnc_write_u32(vs, 0); /* Accept auth */
2162 start_client_init(vs);
2167 void start_auth_vnc(VncState *vs)
2170 /* Send client a 'random' challenge */
2171 vnc_write(vs, vs->challenge, sizeof(vs->challenge));
2174 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge));
2178 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
2180 /* We only advertise 1 auth scheme at a time, so client
2181 * must pick the one we sent. Verify this */
2182 if (data[0] != vs->vd->auth) { /* Reject auth */
2183 VNC_DEBUG("Reject auth %d because it didn't match advertized\n", (int)data[0]);
2184 vnc_write_u32(vs, 1);
2185 if (vs->minor >= 8) {
2186 static const char err[] = "Authentication failed";
2187 vnc_write_u32(vs, sizeof(err));
2188 vnc_write(vs, err, sizeof(err));
2190 vnc_client_error(vs);
2191 } else { /* Accept requested auth */
2192 VNC_DEBUG("Client requested auth %d\n", (int)data[0]);
2193 switch (vs->vd->auth) {
2195 VNC_DEBUG("Accept auth none\n");
2196 if (vs->minor >= 8) {
2197 vnc_write_u32(vs, 0); /* Accept auth completion */
2200 start_client_init(vs);
2204 VNC_DEBUG("Start VNC auth\n");
2208 #ifdef CONFIG_VNC_TLS
2209 case VNC_AUTH_VENCRYPT:
2210 VNC_DEBUG("Accept VeNCrypt auth\n");;
2211 start_auth_vencrypt(vs);
2213 #endif /* CONFIG_VNC_TLS */
2215 #ifdef CONFIG_VNC_SASL
2217 VNC_DEBUG("Accept SASL auth\n");
2218 start_auth_sasl(vs);
2220 #endif /* CONFIG_VNC_SASL */
2222 default: /* Should not be possible, but just in case */
2223 VNC_DEBUG("Reject auth %d server code bug\n", vs->vd->auth);
2224 vnc_write_u8(vs, 1);
2225 if (vs->minor >= 8) {
2226 static const char err[] = "Authentication failed";
2227 vnc_write_u32(vs, sizeof(err));
2228 vnc_write(vs, err, sizeof(err));
2230 vnc_client_error(vs);
2236 static int protocol_version(VncState *vs, uint8_t *version, size_t len)
2240 memcpy(local, version, 12);
2243 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) {
2244 VNC_DEBUG("Malformed protocol version %s\n", local);
2245 vnc_client_error(vs);
2248 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor);
2249 if (vs->major != 3 ||
2255 VNC_DEBUG("Unsupported client version\n");
2256 vnc_write_u32(vs, VNC_AUTH_INVALID);
2258 vnc_client_error(vs);
2261 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated
2262 * as equivalent to v3.3 by servers
2264 if (vs->minor == 4 || vs->minor == 5)
2267 if (vs->minor == 3) {
2268 if (vs->vd->auth == VNC_AUTH_NONE) {
2269 VNC_DEBUG("Tell client auth none\n");
2270 vnc_write_u32(vs, vs->vd->auth);
2272 start_client_init(vs);
2273 } else if (vs->vd->auth == VNC_AUTH_VNC) {
2274 VNC_DEBUG("Tell client VNC auth\n");
2275 vnc_write_u32(vs, vs->vd->auth);
2279 VNC_DEBUG("Unsupported auth %d for protocol 3.3\n", vs->vd->auth);
2280 vnc_write_u32(vs, VNC_AUTH_INVALID);
2282 vnc_client_error(vs);
2285 VNC_DEBUG("Telling client we support auth %d\n", vs->vd->auth);
2286 vnc_write_u8(vs, 1); /* num auth */
2287 vnc_write_u8(vs, vs->vd->auth);
2288 vnc_read_when(vs, protocol_client_auth, 1);
2295 static int vnc_refresh_server_surface(VncDisplay *vd)
2299 uint8_t *server_row;
2301 uint32_t width_mask[VNC_DIRTY_WORDS];
2302 VncState *vs = NULL;
2306 * Walk through the guest dirty map.
2307 * Check and copy modified bits from guest to server surface.
2308 * Update server dirty map.
2310 vnc_set_bits(width_mask, (ds_get_width(vd->ds) / 16), VNC_DIRTY_WORDS);
2311 cmp_bytes = 16 * ds_get_bytes_per_pixel(vd->ds);
2312 guest_row = vd->guest.ds->data;
2313 server_row = vd->server->data;
2314 for (y = 0; y < vd->guest.ds->height; y++) {
2315 if (vnc_and_bits(vd->guest.dirty[y], width_mask, VNC_DIRTY_WORDS)) {
2318 uint8_t *server_ptr;
2320 guest_ptr = guest_row;
2321 server_ptr = server_row;
2323 for (x = 0; x < vd->guest.ds->width;
2324 x += 16, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) {
2325 if (!vnc_get_bit(vd->guest.dirty[y], (x / 16)))
2327 vnc_clear_bit(vd->guest.dirty[y], (x / 16));
2328 if (memcmp(server_ptr, guest_ptr, cmp_bytes) == 0)
2330 memcpy(server_ptr, guest_ptr, cmp_bytes);
2332 while (vs != NULL) {
2333 vnc_set_bit(vs->dirty[y], (x / 16));
2339 guest_row += ds_get_linesize(vd->ds);
2340 server_row += ds_get_linesize(vd->ds);
2345 static void vnc_refresh(void *opaque)
2347 VncDisplay *vd = opaque;
2348 VncState *vs = NULL, *vn = NULL;
2349 int has_dirty = 0, rects = 0;
2353 has_dirty = vnc_refresh_server_surface(vd);
2356 while (vs != NULL) {
2358 rects += vnc_update_client(vs, has_dirty);
2359 /* vs might be free()ed here */
2362 /* vd->timer could be NULL now if the last client disconnected,
2363 * in this case don't update the timer */
2364 if (vd->timer == NULL)
2367 if (has_dirty && rects) {
2368 vd->timer_interval /= 2;
2369 if (vd->timer_interval < VNC_REFRESH_INTERVAL_BASE)
2370 vd->timer_interval = VNC_REFRESH_INTERVAL_BASE;
2372 vd->timer_interval += VNC_REFRESH_INTERVAL_INC;
2373 if (vd->timer_interval > VNC_REFRESH_INTERVAL_MAX)
2374 vd->timer_interval = VNC_REFRESH_INTERVAL_MAX;
2376 qemu_mod_timer(vd->timer, qemu_get_clock(rt_clock) + vd->timer_interval);
2379 static void vnc_init_timer(VncDisplay *vd)
2381 vd->timer_interval = VNC_REFRESH_INTERVAL_BASE;
2382 if (vd->timer == NULL && vd->clients != NULL) {
2383 vd->timer = qemu_new_timer(rt_clock, vnc_refresh, vd);
2388 static void vnc_remove_timer(VncDisplay *vd)
2390 if (vd->timer != NULL && vd->clients == NULL) {
2391 qemu_del_timer(vd->timer);
2392 qemu_free_timer(vd->timer);
2397 static void vnc_connect(VncDisplay *vd, int csock)
2399 VncState *vs = qemu_mallocz(sizeof(VncState));
2402 VNC_DEBUG("New client on socket %d\n", csock);
2404 socket_set_nonblock(vs->csock);
2405 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
2407 vnc_client_cache_addr(vs);
2408 vnc_qmp_event(vs, QEVENT_VNC_CONNECTED);
2415 vs->as.freq = 44100;
2416 vs->as.nchannels = 2;
2417 vs->as.fmt = AUD_FMT_S16;
2418 vs->as.endianness = 0;
2420 vs->next = vd->clients;
2425 vnc_write(vs, "RFB 003.008\n", 12);
2427 vnc_read_when(vs, protocol_version, 12);
2432 /* vs might be free()ed here */
2435 static void vnc_listen_read(void *opaque)
2437 VncDisplay *vs = opaque;
2438 struct sockaddr_in addr;
2439 socklen_t addrlen = sizeof(addr);
2444 int csock = qemu_accept(vs->lsock, (struct sockaddr *)&addr, &addrlen);
2446 vnc_connect(vs, csock);
2450 void vnc_display_init(DisplayState *ds)
2452 VncDisplay *vs = qemu_mallocz(sizeof(*vs));
2454 dcl = qemu_mallocz(sizeof(DisplayChangeListener));
2464 if (keyboard_layout)
2465 vs->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout);
2467 vs->kbd_layout = init_keyboard_layout(name2keysym, "en-us");
2469 if (!vs->kbd_layout)
2472 dcl->dpy_copy = vnc_dpy_copy;
2473 dcl->dpy_update = vnc_dpy_update;
2474 dcl->dpy_resize = vnc_dpy_resize;
2475 dcl->dpy_setdata = vnc_dpy_setdata;
2476 register_displaychangelistener(ds, dcl);
2480 void vnc_display_close(DisplayState *ds)
2482 VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display;
2487 qemu_free(vs->display);
2490 if (vs->lsock != -1) {
2491 qemu_set_fd_handler2(vs->lsock, NULL, NULL, NULL, NULL);
2495 vs->auth = VNC_AUTH_INVALID;
2496 #ifdef CONFIG_VNC_TLS
2497 vs->subauth = VNC_AUTH_INVALID;
2498 vs->tls.x509verify = 0;
2502 int vnc_display_password(DisplayState *ds, const char *password)
2504 VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display;
2511 qemu_free(vs->password);
2512 vs->password = NULL;
2514 if (password && password[0]) {
2515 if (!(vs->password = qemu_strdup(password)))
2517 if (vs->auth == VNC_AUTH_NONE) {
2518 vs->auth = VNC_AUTH_VNC;
2521 vs->auth = VNC_AUTH_NONE;
2527 char *vnc_display_local_addr(DisplayState *ds)
2529 VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display;
2531 return vnc_socket_local_addr("%s:%s", vs->lsock);
2534 int vnc_display_open(DisplayState *ds, const char *display)
2536 VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display;
2537 const char *options;
2541 #ifdef CONFIG_VNC_TLS
2542 int tls = 0, x509 = 0;
2544 #ifdef CONFIG_VNC_SASL
2552 vnc_display_close(ds);
2553 if (strcmp(display, "none") == 0)
2556 if (!(vs->display = strdup(display)))
2560 while ((options = strchr(options, ','))) {
2562 if (strncmp(options, "password", 8) == 0) {
2563 password = 1; /* Require password auth */
2564 } else if (strncmp(options, "reverse", 7) == 0) {
2566 } else if (strncmp(options, "to=", 3) == 0) {
2567 to_port = atoi(options+3) + 5900;
2568 #ifdef CONFIG_VNC_SASL
2569 } else if (strncmp(options, "sasl", 4) == 0) {
2570 sasl = 1; /* Require SASL auth */
2572 #ifdef CONFIG_VNC_TLS
2573 } else if (strncmp(options, "tls", 3) == 0) {
2574 tls = 1; /* Require TLS */
2575 } else if (strncmp(options, "x509", 4) == 0) {
2577 x509 = 1; /* Require x509 certificates */
2578 if (strncmp(options, "x509verify", 10) == 0)
2579 vs->tls.x509verify = 1; /* ...and verify client certs */
2581 /* Now check for 'x509=/some/path' postfix
2582 * and use that to setup x509 certificate/key paths */
2583 start = strchr(options, '=');
2584 end = strchr(options, ',');
2585 if (start && (!end || (start < end))) {
2586 int len = end ? end-(start+1) : strlen(start+1);
2587 char *path = qemu_strndup(start + 1, len);
2589 VNC_DEBUG("Trying certificate path '%s'\n", path);
2590 if (vnc_tls_set_x509_creds_dir(vs, path) < 0) {
2591 fprintf(stderr, "Failed to find x509 certificates/keys in %s\n", path);
2593 qemu_free(vs->display);
2599 fprintf(stderr, "No certificate path provided\n");
2600 qemu_free(vs->display);
2605 } else if (strncmp(options, "acl", 3) == 0) {
2610 #ifdef CONFIG_VNC_TLS
2611 if (acl && x509 && vs->tls.x509verify) {
2612 if (!(vs->tls.acl = qemu_acl_init("vnc.x509dname"))) {
2613 fprintf(stderr, "Failed to create x509 dname ACL\n");
2618 #ifdef CONFIG_VNC_SASL
2620 if (!(vs->sasl.acl = qemu_acl_init("vnc.username"))) {
2621 fprintf(stderr, "Failed to create username ACL\n");
2628 * Combinations we support here:
2630 * - no-auth (clear text, no auth)
2631 * - password (clear text, weak auth)
2632 * - sasl (encrypt, good auth *IF* using Kerberos via GSSAPI)
2633 * - tls (encrypt, weak anonymous creds, no auth)
2634 * - tls + password (encrypt, weak anonymous creds, weak auth)
2635 * - tls + sasl (encrypt, weak anonymous creds, good auth)
2636 * - tls + x509 (encrypt, good x509 creds, no auth)
2637 * - tls + x509 + password (encrypt, good x509 creds, weak auth)
2638 * - tls + x509 + sasl (encrypt, good x509 creds, good auth)
2640 * NB1. TLS is a stackable auth scheme.
2641 * NB2. the x509 schemes have option to validate a client cert dname
2644 #ifdef CONFIG_VNC_TLS
2646 vs->auth = VNC_AUTH_VENCRYPT;
2648 VNC_DEBUG("Initializing VNC server with x509 password auth\n");
2649 vs->subauth = VNC_AUTH_VENCRYPT_X509VNC;
2651 VNC_DEBUG("Initializing VNC server with TLS password auth\n");
2652 vs->subauth = VNC_AUTH_VENCRYPT_TLSVNC;
2655 #endif /* CONFIG_VNC_TLS */
2656 VNC_DEBUG("Initializing VNC server with password auth\n");
2657 vs->auth = VNC_AUTH_VNC;
2658 #ifdef CONFIG_VNC_TLS
2659 vs->subauth = VNC_AUTH_INVALID;
2661 #endif /* CONFIG_VNC_TLS */
2662 #ifdef CONFIG_VNC_SASL
2664 #ifdef CONFIG_VNC_TLS
2666 vs->auth = VNC_AUTH_VENCRYPT;
2668 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n");
2669 vs->subauth = VNC_AUTH_VENCRYPT_X509SASL;
2671 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n");
2672 vs->subauth = VNC_AUTH_VENCRYPT_TLSSASL;
2675 #endif /* CONFIG_VNC_TLS */
2676 VNC_DEBUG("Initializing VNC server with SASL auth\n");
2677 vs->auth = VNC_AUTH_SASL;
2678 #ifdef CONFIG_VNC_TLS
2679 vs->subauth = VNC_AUTH_INVALID;
2681 #endif /* CONFIG_VNC_TLS */
2682 #endif /* CONFIG_VNC_SASL */
2684 #ifdef CONFIG_VNC_TLS
2686 vs->auth = VNC_AUTH_VENCRYPT;
2688 VNC_DEBUG("Initializing VNC server with x509 no auth\n");
2689 vs->subauth = VNC_AUTH_VENCRYPT_X509NONE;
2691 VNC_DEBUG("Initializing VNC server with TLS no auth\n");
2692 vs->subauth = VNC_AUTH_VENCRYPT_TLSNONE;
2696 VNC_DEBUG("Initializing VNC server with no auth\n");
2697 vs->auth = VNC_AUTH_NONE;
2698 #ifdef CONFIG_VNC_TLS
2699 vs->subauth = VNC_AUTH_INVALID;
2704 #ifdef CONFIG_VNC_SASL
2705 if ((saslErr = sasl_server_init(NULL, "qemu")) != SASL_OK) {
2706 fprintf(stderr, "Failed to initialize SASL auth %s",
2707 sasl_errstring(saslErr, NULL, NULL));
2715 /* connect to viewer */
2716 if (strncmp(display, "unix:", 5) == 0)
2717 vs->lsock = unix_connect(display+5);
2719 vs->lsock = inet_connect(display, SOCK_STREAM);
2720 if (-1 == vs->lsock) {
2725 int csock = vs->lsock;
2727 vnc_connect(vs, csock);
2732 /* listen for connects */
2734 dpy = qemu_malloc(256);
2735 if (strncmp(display, "unix:", 5) == 0) {
2736 pstrcpy(dpy, 256, "unix:");
2737 vs->lsock = unix_listen(display+5, dpy+5, 256-5);
2739 vs->lsock = inet_listen(display, dpy, 256, SOCK_STREAM, 5900);
2741 if (-1 == vs->lsock) {
2749 return qemu_set_fd_handler2(vs->lsock, NULL, vnc_listen_read, NULL, vs);
projects / qemu.git / blob