2 * QEMU VNC display driver
5 * Copyright (C) 2006 Fabrice Bellard
6 * Copyright (C) 2009 Red Hat, Inc
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
9 * of this software and associated documentation files (the "Software"), to deal
10 * in the Software without restriction, including without limitation the rights
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 * copies of the Software, and to permit persons to whom the Software is
13 * furnished to do so, subject to the following conditions:
15 * The above copyright notice and this permission notice shall be included in
16 * all copies or substantial portions of the Software.
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
30 #include "sysemu/sysemu.h"
31 #include "qemu/sockets.h"
32 #include "qemu/timer.h"
34 #include "qapi/qmp/types.h"
35 #include "qmp-commands.h"
36 #include "qemu/osdep.h"
38 #include "qapi-event.h"
40 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT
41 #define VNC_REFRESH_INTERVAL_INC 50
42 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE
43 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 };
44 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
46 #include "vnc_keysym.h"
49 static VncDisplay *vnc_display; /* needed for info vnc */
51 static int vnc_cursor_define(VncState *vs);
52 static void vnc_release_modifiers(VncState *vs);
54 static void vnc_set_share_mode(VncState *vs, VncShareMode mode)
57 static const char *mn[] = {
59 [VNC_SHARE_MODE_CONNECTING] = "connecting",
60 [VNC_SHARE_MODE_SHARED] = "shared",
61 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive",
62 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected",
64 fprintf(stderr, "%s/%d: %s -> %s\n", __func__,
65 vs->csock, mn[vs->share_mode], mn[mode]);
68 if (vs->share_mode == VNC_SHARE_MODE_EXCLUSIVE) {
69 vs->vd->num_exclusive--;
71 vs->share_mode = mode;
72 if (vs->share_mode == VNC_SHARE_MODE_EXCLUSIVE) {
73 vs->vd->num_exclusive++;
77 static char *addr_to_string(const char *format,
78 struct sockaddr_storage *sa,
81 char host[NI_MAXHOST];
82 char serv[NI_MAXSERV];
86 if ((err = getnameinfo((struct sockaddr *)sa, salen,
89 NI_NUMERICHOST | NI_NUMERICSERV)) != 0) {
90 VNC_DEBUG("Cannot resolve address %d: %s\n",
91 err, gai_strerror(err));
95 /* Enough for the existing format + the 2 vars we're
97 addrlen = strlen(format) + strlen(host) + strlen(serv);
98 addr = g_malloc(addrlen + 1);
99 snprintf(addr, addrlen, format, host, serv);
100 addr[addrlen] = '\0';
106 char *vnc_socket_local_addr(const char *format, int fd) {
107 struct sockaddr_storage sa;
111 if (getsockname(fd, (struct sockaddr*)&sa, &salen) < 0)
114 return addr_to_string(format, &sa, salen);
117 char *vnc_socket_remote_addr(const char *format, int fd) {
118 struct sockaddr_storage sa;
122 if (getpeername(fd, (struct sockaddr*)&sa, &salen) < 0)
125 return addr_to_string(format, &sa, salen);
128 static VncBasicInfo *vnc_basic_info_get(struct sockaddr_storage *sa,
132 char host[NI_MAXHOST];
133 char serv[NI_MAXSERV];
136 if ((err = getnameinfo((struct sockaddr *)sa, salen,
139 NI_NUMERICHOST | NI_NUMERICSERV)) != 0) {
140 VNC_DEBUG("Cannot resolve address %d: %s\n",
141 err, gai_strerror(err));
145 info = g_malloc0(sizeof(VncBasicInfo));
146 info->host = g_strdup(host);
147 info->service = g_strdup(serv);
148 info->family = inet_netfamily(sa->ss_family);
152 static VncBasicInfo *vnc_basic_info_get_from_server_addr(int fd)
154 struct sockaddr_storage sa;
158 if (getsockname(fd, (struct sockaddr*)&sa, &salen) < 0) {
162 return vnc_basic_info_get(&sa, salen);
165 static VncBasicInfo *vnc_basic_info_get_from_remote_addr(int fd)
167 struct sockaddr_storage sa;
171 if (getpeername(fd, (struct sockaddr*)&sa, &salen) < 0) {
175 return vnc_basic_info_get(&sa, salen);
178 static const char *vnc_auth_name(VncDisplay *vd) {
180 case VNC_AUTH_INVALID:
196 case VNC_AUTH_VENCRYPT:
197 #ifdef CONFIG_VNC_TLS
198 switch (vd->subauth) {
199 case VNC_AUTH_VENCRYPT_PLAIN:
200 return "vencrypt+plain";
201 case VNC_AUTH_VENCRYPT_TLSNONE:
202 return "vencrypt+tls+none";
203 case VNC_AUTH_VENCRYPT_TLSVNC:
204 return "vencrypt+tls+vnc";
205 case VNC_AUTH_VENCRYPT_TLSPLAIN:
206 return "vencrypt+tls+plain";
207 case VNC_AUTH_VENCRYPT_X509NONE:
208 return "vencrypt+x509+none";
209 case VNC_AUTH_VENCRYPT_X509VNC:
210 return "vencrypt+x509+vnc";
211 case VNC_AUTH_VENCRYPT_X509PLAIN:
212 return "vencrypt+x509+plain";
213 case VNC_AUTH_VENCRYPT_TLSSASL:
214 return "vencrypt+tls+sasl";
215 case VNC_AUTH_VENCRYPT_X509SASL:
216 return "vencrypt+x509+sasl";
229 static VncServerInfo *vnc_server_info_get(void)
232 VncBasicInfo *bi = vnc_basic_info_get_from_server_addr(vnc_display->lsock);
237 info = g_malloc(sizeof(*info));
239 info->has_auth = true;
240 info->auth = g_strdup(vnc_auth_name(vnc_display));
244 static void vnc_client_cache_auth(VncState *client)
250 #ifdef CONFIG_VNC_TLS
251 if (client->tls.session &&
253 client->info->has_x509_dname = true;
254 client->info->x509_dname = g_strdup(client->tls.dname);
257 #ifdef CONFIG_VNC_SASL
258 if (client->sasl.conn &&
259 client->sasl.username) {
260 client->info->has_sasl_username = true;
261 client->info->sasl_username = g_strdup(client->sasl.username);
266 static void vnc_client_cache_addr(VncState *client)
268 VncBasicInfo *bi = vnc_basic_info_get_from_remote_addr(client->csock);
271 client->info = g_malloc0(sizeof(*client->info));
272 client->info->base = bi;
276 static void vnc_qmp_event(VncState *vs, QAPIEvent event)
283 g_assert(vs->info->base);
285 si = vnc_server_info_get();
291 case QAPI_EVENT_VNC_CONNECTED:
292 qapi_event_send_vnc_connected(si, vs->info->base, &error_abort);
294 case QAPI_EVENT_VNC_INITIALIZED:
295 qapi_event_send_vnc_initialized(si, vs->info, &error_abort);
297 case QAPI_EVENT_VNC_DISCONNECTED:
298 qapi_event_send_vnc_disconnected(si, vs->info, &error_abort);
304 qapi_free_VncServerInfo(si);
307 static VncClientInfo *qmp_query_vnc_client(const VncState *client)
309 struct sockaddr_storage sa;
310 socklen_t salen = sizeof(sa);
311 char host[NI_MAXHOST];
312 char serv[NI_MAXSERV];
315 if (getpeername(client->csock, (struct sockaddr *)&sa, &salen) < 0) {
319 if (getnameinfo((struct sockaddr *)&sa, salen,
322 NI_NUMERICHOST | NI_NUMERICSERV) < 0) {
326 info = g_malloc0(sizeof(*info));
327 info->base = g_malloc0(sizeof(*info->base));
328 info->base->host = g_strdup(host);
329 info->base->service = g_strdup(serv);
330 info->base->family = inet_netfamily(sa.ss_family);
332 #ifdef CONFIG_VNC_TLS
333 if (client->tls.session && client->tls.dname) {
334 info->has_x509_dname = true;
335 info->x509_dname = g_strdup(client->tls.dname);
338 #ifdef CONFIG_VNC_SASL
339 if (client->sasl.conn && client->sasl.username) {
340 info->has_sasl_username = true;
341 info->sasl_username = g_strdup(client->sasl.username);
348 VncInfo *qmp_query_vnc(Error **errp)
350 VncInfo *info = g_malloc0(sizeof(*info));
352 if (vnc_display == NULL || vnc_display->display == NULL) {
353 info->enabled = false;
355 VncClientInfoList *cur_item = NULL;
356 struct sockaddr_storage sa;
357 socklen_t salen = sizeof(sa);
358 char host[NI_MAXHOST];
359 char serv[NI_MAXSERV];
362 info->enabled = true;
364 /* for compatibility with the original command */
365 info->has_clients = true;
367 QTAILQ_FOREACH(client, &vnc_display->clients, next) {
368 VncClientInfoList *cinfo = g_malloc0(sizeof(*info));
369 cinfo->value = qmp_query_vnc_client(client);
371 /* XXX: waiting for the qapi to support GSList */
373 info->clients = cur_item = cinfo;
375 cur_item->next = cinfo;
380 if (vnc_display->lsock == -1) {
384 if (getsockname(vnc_display->lsock, (struct sockaddr *)&sa,
386 error_set(errp, QERR_UNDEFINED_ERROR);
390 if (getnameinfo((struct sockaddr *)&sa, salen,
393 NI_NUMERICHOST | NI_NUMERICSERV) < 0) {
394 error_set(errp, QERR_UNDEFINED_ERROR);
398 info->has_host = true;
399 info->host = g_strdup(host);
401 info->has_service = true;
402 info->service = g_strdup(serv);
404 info->has_family = true;
405 info->family = inet_netfamily(sa.ss_family);
407 info->has_auth = true;
408 info->auth = g_strdup(vnc_auth_name(vnc_display));
414 qapi_free_VncInfo(info);
419 1) Get the queue working for IO.
420 2) there is some weirdness when using the -S option (the screen is grey
421 and not totally invalidated
422 3) resolutions > 1024
425 static int vnc_update_client(VncState *vs, int has_dirty, bool sync);
426 static void vnc_disconnect_start(VncState *vs);
428 static void vnc_colordepth(VncState *vs);
429 static void framebuffer_update_request(VncState *vs, int incremental,
430 int x_position, int y_position,
432 static void vnc_refresh(DisplayChangeListener *dcl);
433 static int vnc_refresh_server_surface(VncDisplay *vd);
435 static void vnc_dpy_update(DisplayChangeListener *dcl,
436 int x, int y, int w, int h)
438 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
439 struct VncSurface *s = &vd->guest;
440 int width = surface_width(vd->ds);
441 int height = surface_height(vd->ds);
443 /* this is needed this to ensure we updated all affected
444 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */
445 w += (x % VNC_DIRTY_PIXELS_PER_BIT);
446 x -= (x % VNC_DIRTY_PIXELS_PER_BIT);
450 w = MIN(x + w, width) - x;
451 h = MIN(y + h, height);
454 bitmap_set(s->dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT,
455 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT));
459 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h,
462 vnc_write_u16(vs, x);
463 vnc_write_u16(vs, y);
464 vnc_write_u16(vs, w);
465 vnc_write_u16(vs, h);
467 vnc_write_s32(vs, encoding);
470 void buffer_reserve(Buffer *buffer, size_t len)
472 if ((buffer->capacity - buffer->offset) < len) {
473 buffer->capacity += (len + 1024);
474 buffer->buffer = g_realloc(buffer->buffer, buffer->capacity);
475 if (buffer->buffer == NULL) {
476 fprintf(stderr, "vnc: out of memory\n");
482 static int buffer_empty(Buffer *buffer)
484 return buffer->offset == 0;
487 uint8_t *buffer_end(Buffer *buffer)
489 return buffer->buffer + buffer->offset;
492 void buffer_reset(Buffer *buffer)
497 void buffer_free(Buffer *buffer)
499 g_free(buffer->buffer);
501 buffer->capacity = 0;
502 buffer->buffer = NULL;
505 void buffer_append(Buffer *buffer, const void *data, size_t len)
507 memcpy(buffer->buffer + buffer->offset, data, len);
508 buffer->offset += len;
511 void buffer_advance(Buffer *buf, size_t len)
513 memmove(buf->buffer, buf->buffer + len,
514 (buf->offset - len));
518 static void vnc_desktop_resize(VncState *vs)
520 DisplaySurface *ds = vs->vd->ds;
522 if (vs->csock == -1 || !vnc_has_feature(vs, VNC_FEATURE_RESIZE)) {
525 if (vs->client_width == surface_width(ds) &&
526 vs->client_height == surface_height(ds)) {
529 vs->client_width = surface_width(ds);
530 vs->client_height = surface_height(ds);
532 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
534 vnc_write_u16(vs, 1); /* number of rects */
535 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height,
536 VNC_ENCODING_DESKTOPRESIZE);
537 vnc_unlock_output(vs);
541 static void vnc_abort_display_jobs(VncDisplay *vd)
545 QTAILQ_FOREACH(vs, &vd->clients, next) {
548 vnc_unlock_output(vs);
550 QTAILQ_FOREACH(vs, &vd->clients, next) {
553 QTAILQ_FOREACH(vs, &vd->clients, next) {
556 vnc_unlock_output(vs);
560 int vnc_server_fb_stride(VncDisplay *vd)
562 return pixman_image_get_stride(vd->server);
565 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y)
569 ptr = (uint8_t *)pixman_image_get_data(vd->server);
570 ptr += y * vnc_server_fb_stride(vd);
571 ptr += x * VNC_SERVER_FB_BYTES;
574 /* this sets only the visible pixels of a dirty bitmap */
575 #define VNC_SET_VISIBLE_PIXELS_DIRTY(bitmap, w, h) {\
577 memset(bitmap, 0x00, sizeof(bitmap));\
578 for (y = 0; y < h; y++) {\
579 bitmap_set(bitmap[y], 0,\
580 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT));\
584 static void vnc_dpy_switch(DisplayChangeListener *dcl,
585 DisplaySurface *surface)
587 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
590 vnc_abort_display_jobs(vd);
593 qemu_pixman_image_unref(vd->server);
595 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT,
596 surface_width(vd->ds),
597 surface_height(vd->ds),
602 if (ds_get_bytes_per_pixel(ds) != vd->guest.ds->pf.bytes_per_pixel)
603 console_color_init(ds);
605 qemu_pixman_image_unref(vd->guest.fb);
606 vd->guest.fb = pixman_image_ref(surface->image);
607 vd->guest.format = surface->format;
608 VNC_SET_VISIBLE_PIXELS_DIRTY(vd->guest.dirty,
609 surface_width(vd->ds),
610 surface_height(vd->ds));
612 QTAILQ_FOREACH(vs, &vd->clients, next) {
614 vnc_desktop_resize(vs);
615 if (vs->vd->cursor) {
616 vnc_cursor_define(vs);
618 VNC_SET_VISIBLE_PIXELS_DIRTY(vs->dirty,
619 surface_width(vd->ds),
620 surface_height(vd->ds));
625 static void vnc_write_pixels_copy(VncState *vs,
626 void *pixels, int size)
628 vnc_write(vs, pixels, size);
631 /* slowest but generic code. */
632 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v)
636 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8)
637 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8;
638 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8;
639 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8;
641 # error need some bits here if you change VNC_SERVER_FB_FORMAT
643 v = (r << vs->client_pf.rshift) |
644 (g << vs->client_pf.gshift) |
645 (b << vs->client_pf.bshift);
646 switch (vs->client_pf.bytes_per_pixel) {
676 static void vnc_write_pixels_generic(VncState *vs,
677 void *pixels1, int size)
681 if (VNC_SERVER_FB_BYTES == 4) {
682 uint32_t *pixels = pixels1;
685 for (i = 0; i < n; i++) {
686 vnc_convert_pixel(vs, buf, pixels[i]);
687 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel);
692 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
696 VncDisplay *vd = vs->vd;
698 row = vnc_server_fb_ptr(vd, x, y);
699 for (i = 0; i < h; i++) {
700 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES);
701 row += vnc_server_fb_stride(vd);
706 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
710 switch(vs->vnc_encoding) {
711 case VNC_ENCODING_ZLIB:
712 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h);
714 case VNC_ENCODING_HEXTILE:
715 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE);
716 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h);
718 case VNC_ENCODING_TIGHT:
719 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h);
721 case VNC_ENCODING_TIGHT_PNG:
722 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h);
724 case VNC_ENCODING_ZRLE:
725 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h);
727 case VNC_ENCODING_ZYWRLE:
728 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h);
731 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW);
732 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h);
738 static void vnc_copy(VncState *vs, int src_x, int src_y, int dst_x, int dst_y, int w, int h)
740 /* send bitblit op to the vnc client */
742 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
744 vnc_write_u16(vs, 1); /* number of rects */
745 vnc_framebuffer_update(vs, dst_x, dst_y, w, h, VNC_ENCODING_COPYRECT);
746 vnc_write_u16(vs, src_x);
747 vnc_write_u16(vs, src_y);
748 vnc_unlock_output(vs);
752 static void vnc_dpy_copy(DisplayChangeListener *dcl,
753 int src_x, int src_y,
754 int dst_x, int dst_y, int w, int h)
756 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
760 int i, x, y, pitch, inc, w_lim, s;
763 vnc_refresh_server_surface(vd);
764 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) {
765 if (vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
766 vs->force_update = 1;
767 vnc_update_client(vs, 1, true);
768 /* vs might be free()ed here */
772 /* do bitblit op on the local surface too */
773 pitch = vnc_server_fb_stride(vd);
774 src_row = vnc_server_fb_ptr(vd, src_x, src_y);
775 dst_row = vnc_server_fb_ptr(vd, dst_x, dst_y);
780 src_row += pitch * (h-1);
781 dst_row += pitch * (h-1);
786 w_lim = w - (VNC_DIRTY_PIXELS_PER_BIT - (dst_x % VNC_DIRTY_PIXELS_PER_BIT));
790 w_lim = w - (w_lim % VNC_DIRTY_PIXELS_PER_BIT);
792 for (i = 0; i < h; i++) {
793 for (x = 0; x <= w_lim;
794 x += s, src_row += cmp_bytes, dst_row += cmp_bytes) {
796 if ((s = w - w_lim) == 0)
799 s = (VNC_DIRTY_PIXELS_PER_BIT -
800 (dst_x % VNC_DIRTY_PIXELS_PER_BIT));
803 s = VNC_DIRTY_PIXELS_PER_BIT;
805 cmp_bytes = s * VNC_SERVER_FB_BYTES;
806 if (memcmp(src_row, dst_row, cmp_bytes) == 0)
808 memmove(dst_row, src_row, cmp_bytes);
809 QTAILQ_FOREACH(vs, &vd->clients, next) {
810 if (!vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
811 set_bit(((x + dst_x) / VNC_DIRTY_PIXELS_PER_BIT),
816 src_row += pitch - w * VNC_SERVER_FB_BYTES;
817 dst_row += pitch - w * VNC_SERVER_FB_BYTES;
821 QTAILQ_FOREACH(vs, &vd->clients, next) {
822 if (vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
823 vnc_copy(vs, src_x, src_y, dst_x, dst_y, w, h);
828 static void vnc_mouse_set(DisplayChangeListener *dcl,
829 int x, int y, int visible)
831 /* can we ask the client(s) to move the pointer ??? */
834 static int vnc_cursor_define(VncState *vs)
836 QEMUCursor *c = vs->vd->cursor;
839 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) {
841 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
842 vnc_write_u8(vs, 0); /* padding */
843 vnc_write_u16(vs, 1); /* # of rects */
844 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height,
845 VNC_ENCODING_RICH_CURSOR);
846 isize = c->width * c->height * vs->client_pf.bytes_per_pixel;
847 vnc_write_pixels_generic(vs, c->data, isize);
848 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize);
849 vnc_unlock_output(vs);
855 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl,
858 VncDisplay *vd = vnc_display;
861 cursor_put(vd->cursor);
862 g_free(vd->cursor_mask);
865 cursor_get(vd->cursor);
866 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height;
867 vd->cursor_mask = g_malloc0(vd->cursor_msize);
868 cursor_get_mono_mask(c, 0, vd->cursor_mask);
870 QTAILQ_FOREACH(vs, &vd->clients, next) {
871 vnc_cursor_define(vs);
875 static int find_and_clear_dirty_height(struct VncState *vs,
876 int y, int last_x, int x, int height)
880 for (h = 1; h < (height - y); h++) {
881 if (!test_bit(last_x, vs->dirty[y + h])) {
884 bitmap_clear(vs->dirty[y + h], last_x, x - last_x);
890 static int vnc_update_client(VncState *vs, int has_dirty, bool sync)
892 if (vs->need_update && vs->csock != -1) {
893 VncDisplay *vd = vs->vd;
899 if (vs->output.offset && !vs->audio_cap && !vs->force_update)
900 /* kernel send buffers are full -> drop frames to throttle */
903 if (!has_dirty && !vs->audio_cap && !vs->force_update)
907 * Send screen updates to the vnc client using the server
908 * surface and server dirty map. guest surface updates
909 * happening in parallel don't disturb us, the next pass will
910 * send them to the client.
912 job = vnc_job_new(vs);
914 height = MIN(pixman_image_get_height(vd->server), vs->client_height);
915 width = MIN(pixman_image_get_width(vd->server), vs->client_width);
921 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty,
922 height * VNC_DIRTY_BPL(vs),
923 y * VNC_DIRTY_BPL(vs));
924 if (offset == height * VNC_DIRTY_BPL(vs)) {
925 /* no more dirty bits */
928 y = offset / VNC_DIRTY_BPL(vs);
929 x = offset % VNC_DIRTY_BPL(vs);
930 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y],
931 VNC_DIRTY_BPL(vs), x);
932 bitmap_clear(vs->dirty[y], x, x2 - x);
933 h = find_and_clear_dirty_height(vs, y, x, x2, height);
934 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT);
936 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y,
937 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h);
945 vs->force_update = 0;
949 if (vs->csock == -1) {
950 vnc_disconnect_finish(vs);
959 static void audio_capture_notify(void *opaque, audcnotification_e cmd)
961 VncState *vs = opaque;
964 case AUD_CNOTIFY_DISABLE:
966 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
967 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
968 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END);
969 vnc_unlock_output(vs);
973 case AUD_CNOTIFY_ENABLE:
975 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
976 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
977 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN);
978 vnc_unlock_output(vs);
984 static void audio_capture_destroy(void *opaque)
988 static void audio_capture(void *opaque, void *buf, int size)
990 VncState *vs = opaque;
993 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
994 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
995 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA);
996 vnc_write_u32(vs, size);
997 vnc_write(vs, buf, size);
998 vnc_unlock_output(vs);
1002 static void audio_add(VncState *vs)
1004 struct audio_capture_ops ops;
1006 if (vs->audio_cap) {
1007 error_report("audio already running");
1011 ops.notify = audio_capture_notify;
1012 ops.destroy = audio_capture_destroy;
1013 ops.capture = audio_capture;
1015 vs->audio_cap = AUD_add_capture(&vs->as, &ops, vs);
1016 if (!vs->audio_cap) {
1017 error_report("Failed to add audio capture");
1021 static void audio_del(VncState *vs)
1023 if (vs->audio_cap) {
1024 AUD_del_capture(vs->audio_cap, vs);
1025 vs->audio_cap = NULL;
1029 static void vnc_disconnect_start(VncState *vs)
1031 if (vs->csock == -1)
1033 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED);
1034 qemu_set_fd_handler2(vs->csock, NULL, NULL, NULL, NULL);
1035 closesocket(vs->csock);
1039 void vnc_disconnect_finish(VncState *vs)
1043 vnc_jobs_join(vs); /* Wait encoding jobs */
1045 vnc_lock_output(vs);
1046 vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED);
1048 buffer_free(&vs->input);
1049 buffer_free(&vs->output);
1050 #ifdef CONFIG_VNC_WS
1051 buffer_free(&vs->ws_input);
1052 buffer_free(&vs->ws_output);
1053 #endif /* CONFIG_VNC_WS */
1055 qapi_free_VncClientInfo(vs->info);
1058 vnc_tight_clear(vs);
1061 #ifdef CONFIG_VNC_TLS
1062 vnc_tls_client_cleanup(vs);
1063 #endif /* CONFIG_VNC_TLS */
1064 #ifdef CONFIG_VNC_SASL
1065 vnc_sasl_client_cleanup(vs);
1066 #endif /* CONFIG_VNC_SASL */
1068 vnc_release_modifiers(vs);
1070 if (vs->initialized) {
1071 QTAILQ_REMOVE(&vs->vd->clients, vs, next);
1072 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
1075 if (vs->vd->lock_key_sync)
1076 qemu_remove_led_event_handler(vs->led);
1077 vnc_unlock_output(vs);
1079 qemu_mutex_destroy(&vs->output_mutex);
1080 if (vs->bh != NULL) {
1081 qemu_bh_delete(vs->bh);
1083 buffer_free(&vs->jobs_buffer);
1085 for (i = 0; i < VNC_STAT_ROWS; ++i) {
1086 g_free(vs->lossy_rect[i]);
1088 g_free(vs->lossy_rect);
1092 int vnc_client_io_error(VncState *vs, int ret, int last_errno)
1094 if (ret == 0 || ret == -1) {
1096 switch (last_errno) {
1100 case WSAEWOULDBLOCK:
1108 VNC_DEBUG("Closing down client sock: ret %d, errno %d\n",
1109 ret, ret < 0 ? last_errno : 0);
1110 vnc_disconnect_start(vs);
1118 void vnc_client_error(VncState *vs)
1120 VNC_DEBUG("Closing down client sock: protocol error\n");
1121 vnc_disconnect_start(vs);
1124 #ifdef CONFIG_VNC_TLS
1125 static long vnc_client_write_tls(gnutls_session_t *session,
1126 const uint8_t *data,
1129 long ret = gnutls_write(*session, data, datalen);
1131 if (ret == GNUTLS_E_AGAIN) {
1140 #endif /* CONFIG_VNC_TLS */
1143 * Called to write a chunk of data to the client socket. The data may
1144 * be the raw data, or may have already been encoded by SASL.
1145 * The data will be written either straight onto the socket, or
1146 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled
1148 * NB, it is theoretically possible to have 2 layers of encryption,
1149 * both SASL, and this TLS layer. It is highly unlikely in practice
1150 * though, since SASL encryption will typically be a no-op if TLS
1153 * Returns the number of bytes written, which may be less than
1154 * the requested 'datalen' if the socket would block. Returns
1155 * -1 on error, and disconnects the client socket.
1157 long vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen)
1160 #ifdef CONFIG_VNC_TLS
1161 if (vs->tls.session) {
1162 ret = vnc_client_write_tls(&vs->tls.session, data, datalen);
1164 #ifdef CONFIG_VNC_WS
1165 if (vs->ws_tls.session) {
1166 ret = vnc_client_write_tls(&vs->ws_tls.session, data, datalen);
1168 #endif /* CONFIG_VNC_WS */
1169 #endif /* CONFIG_VNC_TLS */
1171 ret = send(vs->csock, (const void *)data, datalen, 0);
1173 #ifdef CONFIG_VNC_TLS
1175 #endif /* CONFIG_VNC_TLS */
1176 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret);
1177 return vnc_client_io_error(vs, ret, socket_error());
1182 * Called to write buffered data to the client socket, when not
1183 * using any SASL SSF encryption layers. Will write as much data
1184 * as possible without blocking. If all buffered data is written,
1185 * will switch the FD poll() handler back to read monitoring.
1187 * Returns the number of bytes written, which may be less than
1188 * the buffered output data if the socket would block. Returns
1189 * -1 on error, and disconnects the client socket.
1191 static long vnc_client_write_plain(VncState *vs)
1195 #ifdef CONFIG_VNC_SASL
1196 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n",
1197 vs->output.buffer, vs->output.capacity, vs->output.offset,
1198 vs->sasl.waitWriteSSF);
1200 if (vs->sasl.conn &&
1202 vs->sasl.waitWriteSSF) {
1203 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF);
1205 vs->sasl.waitWriteSSF -= ret;
1207 #endif /* CONFIG_VNC_SASL */
1208 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset);
1212 buffer_advance(&vs->output, ret);
1214 if (vs->output.offset == 0) {
1215 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
1223 * First function called whenever there is data to be written to
1224 * the client socket. Will delegate actual work according to whether
1225 * SASL SSF layers are enabled (thus requiring encryption calls)
1227 static void vnc_client_write_locked(void *opaque)
1229 VncState *vs = opaque;
1231 #ifdef CONFIG_VNC_SASL
1232 if (vs->sasl.conn &&
1234 !vs->sasl.waitWriteSSF) {
1235 vnc_client_write_sasl(vs);
1237 #endif /* CONFIG_VNC_SASL */
1239 #ifdef CONFIG_VNC_WS
1240 if (vs->encode_ws) {
1241 vnc_client_write_ws(vs);
1243 #endif /* CONFIG_VNC_WS */
1245 vnc_client_write_plain(vs);
1250 void vnc_client_write(void *opaque)
1252 VncState *vs = opaque;
1254 vnc_lock_output(vs);
1255 if (vs->output.offset
1256 #ifdef CONFIG_VNC_WS
1257 || vs->ws_output.offset
1260 vnc_client_write_locked(opaque);
1261 } else if (vs->csock != -1) {
1262 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
1264 vnc_unlock_output(vs);
1267 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting)
1269 vs->read_handler = func;
1270 vs->read_handler_expect = expecting;
1273 #ifdef CONFIG_VNC_TLS
1274 static long vnc_client_read_tls(gnutls_session_t *session, uint8_t *data,
1277 long ret = gnutls_read(*session, data, datalen);
1279 if (ret == GNUTLS_E_AGAIN) {
1288 #endif /* CONFIG_VNC_TLS */
1291 * Called to read a chunk of data from the client socket. The data may
1292 * be the raw data, or may need to be further decoded by SASL.
1293 * The data will be read either straight from to the socket, or
1294 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled
1296 * NB, it is theoretically possible to have 2 layers of encryption,
1297 * both SASL, and this TLS layer. It is highly unlikely in practice
1298 * though, since SASL encryption will typically be a no-op if TLS
1301 * Returns the number of bytes read, which may be less than
1302 * the requested 'datalen' if the socket would block. Returns
1303 * -1 on error, and disconnects the client socket.
1305 long vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen)
1308 #ifdef CONFIG_VNC_TLS
1309 if (vs->tls.session) {
1310 ret = vnc_client_read_tls(&vs->tls.session, data, datalen);
1312 #ifdef CONFIG_VNC_WS
1313 if (vs->ws_tls.session) {
1314 ret = vnc_client_read_tls(&vs->ws_tls.session, data, datalen);
1316 #endif /* CONFIG_VNC_WS */
1317 #endif /* CONFIG_VNC_TLS */
1319 ret = qemu_recv(vs->csock, data, datalen, 0);
1321 #ifdef CONFIG_VNC_TLS
1323 #endif /* CONFIG_VNC_TLS */
1324 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret);
1325 return vnc_client_io_error(vs, ret, socket_error());
1330 * Called to read data from the client socket to the input buffer,
1331 * when not using any SASL SSF encryption layers. Will read as much
1332 * data as possible without blocking.
1334 * Returns the number of bytes read. Returns -1 on error, and
1335 * disconnects the client socket.
1337 static long vnc_client_read_plain(VncState *vs)
1340 VNC_DEBUG("Read plain %p size %zd offset %zd\n",
1341 vs->input.buffer, vs->input.capacity, vs->input.offset);
1342 buffer_reserve(&vs->input, 4096);
1343 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096);
1346 vs->input.offset += ret;
1350 static void vnc_jobs_bh(void *opaque)
1352 VncState *vs = opaque;
1354 vnc_jobs_consume_buffer(vs);
1358 * First function called whenever there is more data to be read from
1359 * the client socket. Will delegate actual work according to whether
1360 * SASL SSF layers are enabled (thus requiring decryption calls)
1362 void vnc_client_read(void *opaque)
1364 VncState *vs = opaque;
1367 #ifdef CONFIG_VNC_SASL
1368 if (vs->sasl.conn && vs->sasl.runSSF)
1369 ret = vnc_client_read_sasl(vs);
1371 #endif /* CONFIG_VNC_SASL */
1372 #ifdef CONFIG_VNC_WS
1373 if (vs->encode_ws) {
1374 ret = vnc_client_read_ws(vs);
1376 vnc_disconnect_start(vs);
1378 } else if (ret == -2) {
1379 vnc_client_error(vs);
1383 #endif /* CONFIG_VNC_WS */
1385 ret = vnc_client_read_plain(vs);
1388 if (vs->csock == -1)
1389 vnc_disconnect_finish(vs);
1393 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) {
1394 size_t len = vs->read_handler_expect;
1397 ret = vs->read_handler(vs, vs->input.buffer, len);
1398 if (vs->csock == -1) {
1399 vnc_disconnect_finish(vs);
1404 buffer_advance(&vs->input, len);
1406 vs->read_handler_expect = ret;
1411 void vnc_write(VncState *vs, const void *data, size_t len)
1413 buffer_reserve(&vs->output, len);
1415 if (vs->csock != -1 && buffer_empty(&vs->output)) {
1416 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, vnc_client_write, vs);
1419 buffer_append(&vs->output, data, len);
1422 void vnc_write_s32(VncState *vs, int32_t value)
1424 vnc_write_u32(vs, *(uint32_t *)&value);
1427 void vnc_write_u32(VncState *vs, uint32_t value)
1431 buf[0] = (value >> 24) & 0xFF;
1432 buf[1] = (value >> 16) & 0xFF;
1433 buf[2] = (value >> 8) & 0xFF;
1434 buf[3] = value & 0xFF;
1436 vnc_write(vs, buf, 4);
1439 void vnc_write_u16(VncState *vs, uint16_t value)
1443 buf[0] = (value >> 8) & 0xFF;
1444 buf[1] = value & 0xFF;
1446 vnc_write(vs, buf, 2);
1449 void vnc_write_u8(VncState *vs, uint8_t value)
1451 vnc_write(vs, (char *)&value, 1);
1454 void vnc_flush(VncState *vs)
1456 vnc_lock_output(vs);
1457 if (vs->csock != -1 && (vs->output.offset
1458 #ifdef CONFIG_VNC_WS
1459 || vs->ws_output.offset
1462 vnc_client_write_locked(vs);
1464 vnc_unlock_output(vs);
1467 static uint8_t read_u8(uint8_t *data, size_t offset)
1469 return data[offset];
1472 static uint16_t read_u16(uint8_t *data, size_t offset)
1474 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF);
1477 static int32_t read_s32(uint8_t *data, size_t offset)
1479 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) |
1480 (data[offset + 2] << 8) | data[offset + 3]);
1483 uint32_t read_u32(uint8_t *data, size_t offset)
1485 return ((data[offset] << 24) | (data[offset + 1] << 16) |
1486 (data[offset + 2] << 8) | data[offset + 3]);
1489 static void client_cut_text(VncState *vs, size_t len, uint8_t *text)
1493 static void check_pointer_type_change(Notifier *notifier, void *data)
1495 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier);
1496 int absolute = qemu_input_is_absolute();
1498 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) {
1499 vnc_lock_output(vs);
1500 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1501 vnc_write_u8(vs, 0);
1502 vnc_write_u16(vs, 1);
1503 vnc_framebuffer_update(vs, absolute, 0,
1504 surface_width(vs->vd->ds),
1505 surface_height(vs->vd->ds),
1506 VNC_ENCODING_POINTER_TYPE_CHANGE);
1507 vnc_unlock_output(vs);
1510 vs->absolute = absolute;
1513 static void pointer_event(VncState *vs, int button_mask, int x, int y)
1515 static uint32_t bmap[INPUT_BUTTON_MAX] = {
1516 [INPUT_BUTTON_LEFT] = 0x01,
1517 [INPUT_BUTTON_MIDDLE] = 0x02,
1518 [INPUT_BUTTON_RIGHT] = 0x04,
1519 [INPUT_BUTTON_WHEEL_UP] = 0x08,
1520 [INPUT_BUTTON_WHEEL_DOWN] = 0x10,
1522 QemuConsole *con = vs->vd->dcl.con;
1523 int width = surface_width(vs->vd->ds);
1524 int height = surface_height(vs->vd->ds);
1526 if (vs->last_bmask != button_mask) {
1527 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask);
1528 vs->last_bmask = button_mask;
1532 qemu_input_queue_abs(con, INPUT_AXIS_X, x, width);
1533 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, height);
1534 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) {
1535 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF);
1536 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF);
1538 if (vs->last_x != -1) {
1539 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x);
1540 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y);
1545 qemu_input_event_sync();
1548 static void reset_keys(VncState *vs)
1551 for(i = 0; i < 256; i++) {
1552 if (vs->modifiers_state[i]) {
1553 qemu_input_event_send_key_number(vs->vd->dcl.con, i, false);
1554 vs->modifiers_state[i] = 0;
1559 static void press_key(VncState *vs, int keysym)
1561 int keycode = keysym2scancode(vs->vd->kbd_layout, keysym) & SCANCODE_KEYMASK;
1562 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, true);
1563 qemu_input_event_send_key_delay(0);
1564 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false);
1565 qemu_input_event_send_key_delay(0);
1568 static int current_led_state(VncState *vs)
1572 if (vs->modifiers_state[0x46]) {
1573 ledstate |= QEMU_SCROLL_LOCK_LED;
1575 if (vs->modifiers_state[0x45]) {
1576 ledstate |= QEMU_NUM_LOCK_LED;
1578 if (vs->modifiers_state[0x3a]) {
1579 ledstate |= QEMU_CAPS_LOCK_LED;
1585 static void vnc_led_state_change(VncState *vs)
1589 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) {
1593 ledstate = current_led_state(vs);
1594 vnc_lock_output(vs);
1595 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1596 vnc_write_u8(vs, 0);
1597 vnc_write_u16(vs, 1);
1598 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE);
1599 vnc_write_u8(vs, ledstate);
1600 vnc_unlock_output(vs);
1604 static void kbd_leds(void *opaque, int ledstate)
1606 VncState *vs = opaque;
1608 bool has_changed = (ledstate != current_led_state(vs));
1610 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED),
1611 (ledstate & QEMU_NUM_LOCK_LED),
1612 (ledstate & QEMU_SCROLL_LOCK_LED));
1614 caps = ledstate & QEMU_CAPS_LOCK_LED ? 1 : 0;
1615 num = ledstate & QEMU_NUM_LOCK_LED ? 1 : 0;
1616 scr = ledstate & QEMU_SCROLL_LOCK_LED ? 1 : 0;
1618 if (vs->modifiers_state[0x3a] != caps) {
1619 vs->modifiers_state[0x3a] = caps;
1621 if (vs->modifiers_state[0x45] != num) {
1622 vs->modifiers_state[0x45] = num;
1624 if (vs->modifiers_state[0x46] != scr) {
1625 vs->modifiers_state[0x46] = scr;
1628 /* Sending the current led state message to the client */
1630 vnc_led_state_change(vs);
1634 static void do_key_event(VncState *vs, int down, int keycode, int sym)
1636 /* QEMU console switch */
1638 case 0x2a: /* Left Shift */
1639 case 0x36: /* Right Shift */
1640 case 0x1d: /* Left CTRL */
1641 case 0x9d: /* Right CTRL */
1642 case 0x38: /* Left ALT */
1643 case 0xb8: /* Right ALT */
1645 vs->modifiers_state[keycode] = 1;
1647 vs->modifiers_state[keycode] = 0;
1649 case 0x02 ... 0x0a: /* '1' to '9' keys */
1650 if (down && vs->modifiers_state[0x1d] && vs->modifiers_state[0x38]) {
1651 /* Reset the modifiers sent to the current console */
1653 console_select(keycode - 0x02);
1657 case 0x3a: /* CapsLock */
1658 case 0x45: /* NumLock */
1660 vs->modifiers_state[keycode] ^= 1;
1664 /* Turn off the lock state sync logic if the client support the led
1667 if (down && vs->vd->lock_key_sync &&
1668 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) &&
1669 keycode_is_keypad(vs->vd->kbd_layout, keycode)) {
1670 /* If the numlock state needs to change then simulate an additional
1671 keypress before sending this one. This will happen if the user
1672 toggles numlock away from the VNC window.
1674 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) {
1675 if (!vs->modifiers_state[0x45]) {
1676 trace_vnc_key_sync_numlock(true);
1677 vs->modifiers_state[0x45] = 1;
1678 press_key(vs, 0xff7f);
1681 if (vs->modifiers_state[0x45]) {
1682 trace_vnc_key_sync_numlock(false);
1683 vs->modifiers_state[0x45] = 0;
1684 press_key(vs, 0xff7f);
1689 if (down && vs->vd->lock_key_sync &&
1690 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) &&
1691 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) {
1692 /* If the capslock state needs to change then simulate an additional
1693 keypress before sending this one. This will happen if the user
1694 toggles capslock away from the VNC window.
1696 int uppercase = !!(sym >= 'A' && sym <= 'Z');
1697 int shift = !!(vs->modifiers_state[0x2a] | vs->modifiers_state[0x36]);
1698 int capslock = !!(vs->modifiers_state[0x3a]);
1700 if (uppercase == shift) {
1701 trace_vnc_key_sync_capslock(false);
1702 vs->modifiers_state[0x3a] = 0;
1703 press_key(vs, 0xffe5);
1706 if (uppercase != shift) {
1707 trace_vnc_key_sync_capslock(true);
1708 vs->modifiers_state[0x3a] = 1;
1709 press_key(vs, 0xffe5);
1714 if (qemu_console_is_graphic(NULL)) {
1715 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, down);
1717 bool numlock = vs->modifiers_state[0x45];
1718 bool control = (vs->modifiers_state[0x1d] ||
1719 vs->modifiers_state[0x9d]);
1720 /* QEMU console emulation */
1723 case 0x2a: /* Left Shift */
1724 case 0x36: /* Right Shift */
1725 case 0x1d: /* Left CTRL */
1726 case 0x9d: /* Right CTRL */
1727 case 0x38: /* Left ALT */
1728 case 0xb8: /* Right ALT */
1731 kbd_put_keysym(QEMU_KEY_UP);
1734 kbd_put_keysym(QEMU_KEY_DOWN);
1737 kbd_put_keysym(QEMU_KEY_LEFT);
1740 kbd_put_keysym(QEMU_KEY_RIGHT);
1743 kbd_put_keysym(QEMU_KEY_DELETE);
1746 kbd_put_keysym(QEMU_KEY_HOME);
1749 kbd_put_keysym(QEMU_KEY_END);
1752 kbd_put_keysym(QEMU_KEY_PAGEUP);
1755 kbd_put_keysym(QEMU_KEY_PAGEDOWN);
1759 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME);
1762 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP);
1765 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP);
1768 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT);
1771 kbd_put_keysym('5');
1774 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT);
1777 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END);
1780 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN);
1783 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN);
1786 kbd_put_keysym('0');
1789 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE);
1793 kbd_put_keysym('/');
1796 kbd_put_keysym('*');
1799 kbd_put_keysym('-');
1802 kbd_put_keysym('+');
1805 kbd_put_keysym('\n');
1810 kbd_put_keysym(sym & 0x1f);
1812 kbd_put_keysym(sym);
1820 static void vnc_release_modifiers(VncState *vs)
1822 static const int keycodes[] = {
1823 /* shift, control, alt keys, both left & right */
1824 0x2a, 0x36, 0x1d, 0x9d, 0x38, 0xb8,
1828 if (!qemu_console_is_graphic(NULL)) {
1831 for (i = 0; i < ARRAY_SIZE(keycodes); i++) {
1832 keycode = keycodes[i];
1833 if (!vs->modifiers_state[keycode]) {
1836 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false);
1840 static const char *code2name(int keycode)
1842 return QKeyCode_lookup[qemu_input_key_number_to_qcode(keycode)];
1845 static void key_event(VncState *vs, int down, uint32_t sym)
1850 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) {
1851 lsym = lsym - 'A' + 'a';
1854 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF) & SCANCODE_KEYMASK;
1855 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode));
1856 do_key_event(vs, down, keycode, sym);
1859 static void ext_key_event(VncState *vs, int down,
1860 uint32_t sym, uint16_t keycode)
1862 /* if the user specifies a keyboard layout, always use it */
1863 if (keyboard_layout) {
1864 key_event(vs, down, sym);
1866 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode));
1867 do_key_event(vs, down, keycode, sym);
1871 static void framebuffer_update_request(VncState *vs, int incremental,
1872 int x_position, int y_position,
1876 const size_t width = surface_width(vs->vd->ds) / VNC_DIRTY_PIXELS_PER_BIT;
1877 const size_t height = surface_height(vs->vd->ds);
1879 if (y_position > height) {
1880 y_position = height;
1882 if (y_position + h >= height) {
1883 h = height - y_position;
1886 vs->need_update = 1;
1888 vs->force_update = 1;
1889 for (i = 0; i < h; i++) {
1890 bitmap_set(vs->dirty[y_position + i], 0, width);
1891 bitmap_clear(vs->dirty[y_position + i], width,
1892 VNC_DIRTY_BITS - width);
1897 static void send_ext_key_event_ack(VncState *vs)
1899 vnc_lock_output(vs);
1900 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1901 vnc_write_u8(vs, 0);
1902 vnc_write_u16(vs, 1);
1903 vnc_framebuffer_update(vs, 0, 0,
1904 surface_width(vs->vd->ds),
1905 surface_height(vs->vd->ds),
1906 VNC_ENCODING_EXT_KEY_EVENT);
1907 vnc_unlock_output(vs);
1911 static void send_ext_audio_ack(VncState *vs)
1913 vnc_lock_output(vs);
1914 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1915 vnc_write_u8(vs, 0);
1916 vnc_write_u16(vs, 1);
1917 vnc_framebuffer_update(vs, 0, 0,
1918 surface_width(vs->vd->ds),
1919 surface_height(vs->vd->ds),
1920 VNC_ENCODING_AUDIO);
1921 vnc_unlock_output(vs);
1925 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings)
1928 unsigned int enc = 0;
1931 vs->vnc_encoding = 0;
1932 vs->tight.compression = 9;
1933 vs->tight.quality = -1; /* Lossless by default */
1937 * Start from the end because the encodings are sent in order of preference.
1938 * This way the preferred encoding (first encoding defined in the array)
1939 * will be set at the end of the loop.
1941 for (i = n_encodings - 1; i >= 0; i--) {
1944 case VNC_ENCODING_RAW:
1945 vs->vnc_encoding = enc;
1947 case VNC_ENCODING_COPYRECT:
1948 vs->features |= VNC_FEATURE_COPYRECT_MASK;
1950 case VNC_ENCODING_HEXTILE:
1951 vs->features |= VNC_FEATURE_HEXTILE_MASK;
1952 vs->vnc_encoding = enc;
1954 case VNC_ENCODING_TIGHT:
1955 vs->features |= VNC_FEATURE_TIGHT_MASK;
1956 vs->vnc_encoding = enc;
1958 #ifdef CONFIG_VNC_PNG
1959 case VNC_ENCODING_TIGHT_PNG:
1960 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK;
1961 vs->vnc_encoding = enc;
1964 case VNC_ENCODING_ZLIB:
1965 vs->features |= VNC_FEATURE_ZLIB_MASK;
1966 vs->vnc_encoding = enc;
1968 case VNC_ENCODING_ZRLE:
1969 vs->features |= VNC_FEATURE_ZRLE_MASK;
1970 vs->vnc_encoding = enc;
1972 case VNC_ENCODING_ZYWRLE:
1973 vs->features |= VNC_FEATURE_ZYWRLE_MASK;
1974 vs->vnc_encoding = enc;
1976 case VNC_ENCODING_DESKTOPRESIZE:
1977 vs->features |= VNC_FEATURE_RESIZE_MASK;
1979 case VNC_ENCODING_POINTER_TYPE_CHANGE:
1980 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK;
1982 case VNC_ENCODING_RICH_CURSOR:
1983 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK;
1985 case VNC_ENCODING_EXT_KEY_EVENT:
1986 send_ext_key_event_ack(vs);
1988 case VNC_ENCODING_AUDIO:
1989 send_ext_audio_ack(vs);
1991 case VNC_ENCODING_WMVi:
1992 vs->features |= VNC_FEATURE_WMVI_MASK;
1994 case VNC_ENCODING_LED_STATE:
1995 vs->features |= VNC_FEATURE_LED_STATE_MASK;
1997 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9:
1998 vs->tight.compression = (enc & 0x0F);
2000 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9:
2001 if (vs->vd->lossy) {
2002 vs->tight.quality = (enc & 0x0F);
2006 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc);
2010 vnc_desktop_resize(vs);
2011 check_pointer_type_change(&vs->mouse_mode_notifier, NULL);
2012 vnc_led_state_change(vs);
2015 static void set_pixel_conversion(VncState *vs)
2017 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf);
2019 if (fmt == VNC_SERVER_FB_FORMAT) {
2020 vs->write_pixels = vnc_write_pixels_copy;
2021 vnc_hextile_set_pixel_conversion(vs, 0);
2023 vs->write_pixels = vnc_write_pixels_generic;
2024 vnc_hextile_set_pixel_conversion(vs, 1);
2028 static void set_pixel_format(VncState *vs,
2029 int bits_per_pixel, int depth,
2030 int big_endian_flag, int true_color_flag,
2031 int red_max, int green_max, int blue_max,
2032 int red_shift, int green_shift, int blue_shift)
2034 if (!true_color_flag) {
2035 vnc_client_error(vs);
2039 vs->client_pf.rmax = red_max;
2040 vs->client_pf.rbits = hweight_long(red_max);
2041 vs->client_pf.rshift = red_shift;
2042 vs->client_pf.rmask = red_max << red_shift;
2043 vs->client_pf.gmax = green_max;
2044 vs->client_pf.gbits = hweight_long(green_max);
2045 vs->client_pf.gshift = green_shift;
2046 vs->client_pf.gmask = green_max << green_shift;
2047 vs->client_pf.bmax = blue_max;
2048 vs->client_pf.bbits = hweight_long(blue_max);
2049 vs->client_pf.bshift = blue_shift;
2050 vs->client_pf.bmask = blue_max << blue_shift;
2051 vs->client_pf.bits_per_pixel = bits_per_pixel;
2052 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8;
2053 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel;
2054 vs->client_be = big_endian_flag;
2056 set_pixel_conversion(vs);
2058 graphic_hw_invalidate(NULL);
2059 graphic_hw_update(NULL);
2062 static void pixel_format_message (VncState *vs) {
2063 char pad[3] = { 0, 0, 0 };
2065 vs->client_pf = qemu_default_pixelformat(32);
2067 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */
2068 vnc_write_u8(vs, vs->client_pf.depth); /* depth */
2070 #ifdef HOST_WORDS_BIGENDIAN
2071 vnc_write_u8(vs, 1); /* big-endian-flag */
2073 vnc_write_u8(vs, 0); /* big-endian-flag */
2075 vnc_write_u8(vs, 1); /* true-color-flag */
2076 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */
2077 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */
2078 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */
2079 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */
2080 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */
2081 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */
2082 vnc_write(vs, pad, 3); /* padding */
2084 vnc_hextile_set_pixel_conversion(vs, 0);
2085 vs->write_pixels = vnc_write_pixels_copy;
2088 static void vnc_colordepth(VncState *vs)
2090 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) {
2091 /* Sending a WMVi message to notify the client*/
2092 vnc_lock_output(vs);
2093 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
2094 vnc_write_u8(vs, 0);
2095 vnc_write_u16(vs, 1); /* number of rects */
2096 vnc_framebuffer_update(vs, 0, 0,
2097 surface_width(vs->vd->ds),
2098 surface_height(vs->vd->ds),
2100 pixel_format_message(vs);
2101 vnc_unlock_output(vs);
2104 set_pixel_conversion(vs);
2108 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
2112 VncDisplay *vd = vs->vd;
2115 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
2119 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT:
2123 set_pixel_format(vs, read_u8(data, 4), read_u8(data, 5),
2124 read_u8(data, 6), read_u8(data, 7),
2125 read_u16(data, 8), read_u16(data, 10),
2126 read_u16(data, 12), read_u8(data, 14),
2127 read_u8(data, 15), read_u8(data, 16));
2129 case VNC_MSG_CLIENT_SET_ENCODINGS:
2134 limit = read_u16(data, 2);
2136 return 4 + (limit * 4);
2138 limit = read_u16(data, 2);
2140 for (i = 0; i < limit; i++) {
2141 int32_t val = read_s32(data, 4 + (i * 4));
2142 memcpy(data + 4 + (i * 4), &val, sizeof(val));
2145 set_encodings(vs, (int32_t *)(data + 4), limit);
2147 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST:
2151 framebuffer_update_request(vs,
2152 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4),
2153 read_u16(data, 6), read_u16(data, 8));
2155 case VNC_MSG_CLIENT_KEY_EVENT:
2159 key_event(vs, read_u8(data, 1), read_u32(data, 4));
2161 case VNC_MSG_CLIENT_POINTER_EVENT:
2165 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4));
2167 case VNC_MSG_CLIENT_CUT_TEXT:
2172 uint32_t dlen = read_u32(data, 4);
2173 if (dlen > (1 << 20)) {
2174 error_report("vnc: client_cut_text msg payload has %u bytes"
2175 " which exceeds our limit of 1MB.", dlen);
2176 vnc_client_error(vs);
2184 client_cut_text(vs, read_u32(data, 4), data + 8);
2186 case VNC_MSG_CLIENT_QEMU:
2190 switch (read_u8(data, 1)) {
2191 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT:
2195 ext_key_event(vs, read_u16(data, 2),
2196 read_u32(data, 4), read_u32(data, 8));
2198 case VNC_MSG_CLIENT_QEMU_AUDIO:
2202 switch (read_u16 (data, 2)) {
2203 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE:
2206 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE:
2209 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT:
2212 switch (read_u8(data, 4)) {
2213 case 0: vs->as.fmt = AUD_FMT_U8; break;
2214 case 1: vs->as.fmt = AUD_FMT_S8; break;
2215 case 2: vs->as.fmt = AUD_FMT_U16; break;
2216 case 3: vs->as.fmt = AUD_FMT_S16; break;
2217 case 4: vs->as.fmt = AUD_FMT_U32; break;
2218 case 5: vs->as.fmt = AUD_FMT_S32; break;
2220 printf("Invalid audio format %d\n", read_u8(data, 4));
2221 vnc_client_error(vs);
2224 vs->as.nchannels = read_u8(data, 5);
2225 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) {
2226 printf("Invalid audio channel coount %d\n",
2228 vnc_client_error(vs);
2231 vs->as.freq = read_u32(data, 6);
2234 printf ("Invalid audio message %d\n", read_u8(data, 4));
2235 vnc_client_error(vs);
2241 printf("Msg: %d\n", read_u16(data, 0));
2242 vnc_client_error(vs);
2247 printf("Msg: %d\n", data[0]);
2248 vnc_client_error(vs);
2252 vnc_read_when(vs, protocol_client_msg, 1);
2256 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len)
2262 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE;
2263 switch (vs->vd->share_policy) {
2264 case VNC_SHARE_POLICY_IGNORE:
2266 * Ignore the shared flag. Nothing to do here.
2268 * Doesn't conform to the rfb spec but is traditional qemu
2269 * behavior, thus left here as option for compatibility
2273 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE:
2275 * Policy: Allow clients ask for exclusive access.
2277 * Implementation: When a client asks for exclusive access,
2278 * disconnect all others. Shared connects are allowed as long
2279 * as no exclusive connection exists.
2281 * This is how the rfb spec suggests to handle the shared flag.
2283 if (mode == VNC_SHARE_MODE_EXCLUSIVE) {
2285 QTAILQ_FOREACH(client, &vs->vd->clients, next) {
2289 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE &&
2290 client->share_mode != VNC_SHARE_MODE_SHARED) {
2293 vnc_disconnect_start(client);
2296 if (mode == VNC_SHARE_MODE_SHARED) {
2297 if (vs->vd->num_exclusive > 0) {
2298 vnc_disconnect_start(vs);
2303 case VNC_SHARE_POLICY_FORCE_SHARED:
2305 * Policy: Shared connects only.
2306 * Implementation: Disallow clients asking for exclusive access.
2308 * Useful for shared desktop sessions where you don't want
2309 * someone forgetting to say -shared when running the vnc
2310 * client disconnect everybody else.
2312 if (mode == VNC_SHARE_MODE_EXCLUSIVE) {
2313 vnc_disconnect_start(vs);
2318 vnc_set_share_mode(vs, mode);
2320 vs->client_width = surface_width(vs->vd->ds);
2321 vs->client_height = surface_height(vs->vd->ds);
2322 vnc_write_u16(vs, vs->client_width);
2323 vnc_write_u16(vs, vs->client_height);
2325 pixel_format_message(vs);
2328 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name);
2330 size = snprintf(buf, sizeof(buf), "QEMU");
2332 vnc_write_u32(vs, size);
2333 vnc_write(vs, buf, size);
2336 vnc_client_cache_auth(vs);
2337 vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED);
2339 vnc_read_when(vs, protocol_client_msg, 1);
2344 void start_client_init(VncState *vs)
2346 vnc_read_when(vs, protocol_client_init, 1);
2349 static void make_challenge(VncState *vs)
2353 srand(time(NULL)+getpid()+getpid()*987654+rand());
2355 for (i = 0 ; i < sizeof(vs->challenge) ; i++)
2356 vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
2359 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
2361 unsigned char response[VNC_AUTH_CHALLENGE_SIZE];
2363 unsigned char key[8];
2364 time_t now = time(NULL);
2366 if (!vs->vd->password) {
2367 VNC_DEBUG("No password configured on server");
2370 if (vs->vd->expires < now) {
2371 VNC_DEBUG("Password is expired");
2375 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE);
2377 /* Calculate the expected challenge response */
2378 pwlen = strlen(vs->vd->password);
2379 for (i=0; i<sizeof(key); i++)
2380 key[i] = i<pwlen ? vs->vd->password[i] : 0;
2382 for (j = 0; j < VNC_AUTH_CHALLENGE_SIZE; j += 8)
2383 des(response+j, response+j);
2385 /* Compare expected vs actual challenge response */
2386 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) {
2387 VNC_DEBUG("Client challenge response did not match\n");
2390 VNC_DEBUG("Accepting VNC challenge response\n");
2391 vnc_write_u32(vs, 0); /* Accept auth */
2394 start_client_init(vs);
2399 vnc_write_u32(vs, 1); /* Reject auth */
2400 if (vs->minor >= 8) {
2401 static const char err[] = "Authentication failed";
2402 vnc_write_u32(vs, sizeof(err));
2403 vnc_write(vs, err, sizeof(err));
2406 vnc_client_error(vs);
2410 void start_auth_vnc(VncState *vs)
2413 /* Send client a 'random' challenge */
2414 vnc_write(vs, vs->challenge, sizeof(vs->challenge));
2417 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge));
2421 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
2423 /* We only advertise 1 auth scheme at a time, so client
2424 * must pick the one we sent. Verify this */
2425 if (data[0] != vs->auth) { /* Reject auth */
2426 VNC_DEBUG("Reject auth %d because it didn't match advertized\n", (int)data[0]);
2427 vnc_write_u32(vs, 1);
2428 if (vs->minor >= 8) {
2429 static const char err[] = "Authentication failed";
2430 vnc_write_u32(vs, sizeof(err));
2431 vnc_write(vs, err, sizeof(err));
2433 vnc_client_error(vs);
2434 } else { /* Accept requested auth */
2435 VNC_DEBUG("Client requested auth %d\n", (int)data[0]);
2438 VNC_DEBUG("Accept auth none\n");
2439 if (vs->minor >= 8) {
2440 vnc_write_u32(vs, 0); /* Accept auth completion */
2443 start_client_init(vs);
2447 VNC_DEBUG("Start VNC auth\n");
2451 #ifdef CONFIG_VNC_TLS
2452 case VNC_AUTH_VENCRYPT:
2453 VNC_DEBUG("Accept VeNCrypt auth\n");
2454 start_auth_vencrypt(vs);
2456 #endif /* CONFIG_VNC_TLS */
2458 #ifdef CONFIG_VNC_SASL
2460 VNC_DEBUG("Accept SASL auth\n");
2461 start_auth_sasl(vs);
2463 #endif /* CONFIG_VNC_SASL */
2465 default: /* Should not be possible, but just in case */
2466 VNC_DEBUG("Reject auth %d server code bug\n", vs->auth);
2467 vnc_write_u8(vs, 1);
2468 if (vs->minor >= 8) {
2469 static const char err[] = "Authentication failed";
2470 vnc_write_u32(vs, sizeof(err));
2471 vnc_write(vs, err, sizeof(err));
2473 vnc_client_error(vs);
2479 static int protocol_version(VncState *vs, uint8_t *version, size_t len)
2483 memcpy(local, version, 12);
2486 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) {
2487 VNC_DEBUG("Malformed protocol version %s\n", local);
2488 vnc_client_error(vs);
2491 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor);
2492 if (vs->major != 3 ||
2498 VNC_DEBUG("Unsupported client version\n");
2499 vnc_write_u32(vs, VNC_AUTH_INVALID);
2501 vnc_client_error(vs);
2504 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated
2505 * as equivalent to v3.3 by servers
2507 if (vs->minor == 4 || vs->minor == 5)
2510 if (vs->minor == 3) {
2511 if (vs->auth == VNC_AUTH_NONE) {
2512 VNC_DEBUG("Tell client auth none\n");
2513 vnc_write_u32(vs, vs->auth);
2515 start_client_init(vs);
2516 } else if (vs->auth == VNC_AUTH_VNC) {
2517 VNC_DEBUG("Tell client VNC auth\n");
2518 vnc_write_u32(vs, vs->auth);
2522 VNC_DEBUG("Unsupported auth %d for protocol 3.3\n", vs->auth);
2523 vnc_write_u32(vs, VNC_AUTH_INVALID);
2525 vnc_client_error(vs);
2528 VNC_DEBUG("Telling client we support auth %d\n", vs->auth);
2529 vnc_write_u8(vs, 1); /* num auth */
2530 vnc_write_u8(vs, vs->auth);
2531 vnc_read_when(vs, protocol_client_auth, 1);
2538 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y)
2540 struct VncSurface *vs = &vd->guest;
2542 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT];
2545 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h)
2549 w = (x + w) / VNC_STAT_RECT;
2550 h = (y + h) / VNC_STAT_RECT;
2554 for (j = y; j <= h; j++) {
2555 for (i = x; i <= w; i++) {
2556 vs->lossy_rect[j][i] = 1;
2561 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y)
2564 int sty = y / VNC_STAT_RECT;
2565 int stx = x / VNC_STAT_RECT;
2568 y = y / VNC_STAT_RECT * VNC_STAT_RECT;
2569 x = x / VNC_STAT_RECT * VNC_STAT_RECT;
2571 QTAILQ_FOREACH(vs, &vd->clients, next) {
2574 /* kernel send buffers are full -> refresh later */
2575 if (vs->output.offset) {
2579 if (!vs->lossy_rect[sty][stx]) {
2583 vs->lossy_rect[sty][stx] = 0;
2584 for (j = 0; j < VNC_STAT_RECT; ++j) {
2585 bitmap_set(vs->dirty[y + j],
2586 x / VNC_DIRTY_PIXELS_PER_BIT,
2587 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT);
2595 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv)
2597 int width = pixman_image_get_width(vd->guest.fb);
2598 int height = pixman_image_get_height(vd->guest.fb);
2603 for (y = 0; y < height; y += VNC_STAT_RECT) {
2604 for (x = 0; x < width; x += VNC_STAT_RECT) {
2605 VncRectStat *rect = vnc_stat_rect(vd, x, y);
2607 rect->updated = false;
2611 qemu_timersub(tv, &VNC_REFRESH_STATS, &res);
2613 if (timercmp(&vd->guest.last_freq_check, &res, >)) {
2616 vd->guest.last_freq_check = *tv;
2618 for (y = 0; y < height; y += VNC_STAT_RECT) {
2619 for (x = 0; x < width; x += VNC_STAT_RECT) {
2620 VncRectStat *rect= vnc_stat_rect(vd, x, y);
2621 int count = ARRAY_SIZE(rect->times);
2622 struct timeval min, max;
2624 if (!timerisset(&rect->times[count - 1])) {
2628 max = rect->times[(rect->idx + count - 1) % count];
2629 qemu_timersub(tv, &max, &res);
2631 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) {
2633 has_dirty += vnc_refresh_lossy_rect(vd, x, y);
2634 memset(rect->times, 0, sizeof (rect->times));
2638 min = rect->times[rect->idx];
2639 max = rect->times[(rect->idx + count - 1) % count];
2640 qemu_timersub(&max, &min, &res);
2642 rect->freq = res.tv_sec + res.tv_usec / 1000000.;
2643 rect->freq /= count;
2644 rect->freq = 1. / rect->freq;
2650 double vnc_update_freq(VncState *vs, int x, int y, int w, int h)
2656 x = (x / VNC_STAT_RECT) * VNC_STAT_RECT;
2657 y = (y / VNC_STAT_RECT) * VNC_STAT_RECT;
2659 for (j = y; j <= y + h; j += VNC_STAT_RECT) {
2660 for (i = x; i <= x + w; i += VNC_STAT_RECT) {
2661 total += vnc_stat_rect(vs->vd, i, j)->freq;
2673 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv)
2677 rect = vnc_stat_rect(vd, x, y);
2678 if (rect->updated) {
2681 rect->times[rect->idx] = *tv;
2682 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times);
2683 rect->updated = true;
2686 static int vnc_refresh_server_surface(VncDisplay *vd)
2688 int width = pixman_image_get_width(vd->guest.fb);
2689 int height = pixman_image_get_height(vd->guest.fb);
2691 uint8_t *guest_row0 = NULL, *server_row0;
2692 int guest_stride = 0, server_stride;
2696 pixman_image_t *tmpbuf = NULL;
2698 struct timeval tv = { 0, 0 };
2700 if (!vd->non_adaptive) {
2701 gettimeofday(&tv, NULL);
2702 has_dirty = vnc_update_stats(vd, &tv);
2706 * Walk through the guest dirty map.
2707 * Check and copy modified bits from guest to server surface.
2708 * Update server dirty map.
2710 cmp_bytes = VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES;
2711 if (cmp_bytes > vnc_server_fb_stride(vd)) {
2712 cmp_bytes = vnc_server_fb_stride(vd);
2714 if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
2715 int width = pixman_image_get_width(vd->server);
2716 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width);
2718 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb);
2719 guest_stride = pixman_image_get_stride(vd->guest.fb);
2721 server_row0 = (uint8_t *)pixman_image_get_data(vd->server);
2722 server_stride = pixman_image_get_stride(vd->server);
2727 uint8_t *guest_ptr, *server_ptr;
2728 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty,
2729 height * VNC_DIRTY_BPL(&vd->guest),
2730 y * VNC_DIRTY_BPL(&vd->guest));
2731 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) {
2732 /* no more dirty bits */
2735 y = offset / VNC_DIRTY_BPL(&vd->guest);
2736 x = offset % VNC_DIRTY_BPL(&vd->guest);
2738 server_ptr = server_row0 + y * server_stride + x * cmp_bytes;
2740 if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
2741 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y);
2742 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf);
2744 guest_ptr = guest_row0 + y * guest_stride;
2746 guest_ptr += x * cmp_bytes;
2748 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT);
2749 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) {
2750 if (!test_and_clear_bit(x, vd->guest.dirty[y])) {
2753 if (memcmp(server_ptr, guest_ptr, cmp_bytes) == 0) {
2756 memcpy(server_ptr, guest_ptr, cmp_bytes);
2757 if (!vd->non_adaptive) {
2758 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT,
2761 QTAILQ_FOREACH(vs, &vd->clients, next) {
2762 set_bit(x, vs->dirty[y]);
2769 qemu_pixman_image_unref(tmpbuf);
2773 static void vnc_refresh(DisplayChangeListener *dcl)
2775 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
2777 int has_dirty, rects = 0;
2779 graphic_hw_update(NULL);
2781 if (vnc_trylock_display(vd)) {
2782 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
2786 has_dirty = vnc_refresh_server_surface(vd);
2787 vnc_unlock_display(vd);
2789 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) {
2790 rects += vnc_update_client(vs, has_dirty, false);
2791 /* vs might be free()ed here */
2794 if (QTAILQ_EMPTY(&vd->clients)) {
2795 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX);
2799 if (has_dirty && rects) {
2800 vd->dcl.update_interval /= 2;
2801 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) {
2802 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE;
2805 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC;
2806 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) {
2807 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX;
2812 static void vnc_connect(VncDisplay *vd, int csock,
2813 bool skipauth, bool websocket)
2815 VncState *vs = g_malloc0(sizeof(VncState));
2821 vs->auth = VNC_AUTH_NONE;
2822 #ifdef CONFIG_VNC_TLS
2823 vs->subauth = VNC_AUTH_INVALID;
2826 vs->auth = vd->auth;
2827 #ifdef CONFIG_VNC_TLS
2828 vs->subauth = vd->subauth;
2832 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect));
2833 for (i = 0; i < VNC_STAT_ROWS; ++i) {
2834 vs->lossy_rect[i] = g_malloc0(VNC_STAT_COLS * sizeof (uint8_t));
2837 VNC_DEBUG("New client on socket %d\n", csock);
2838 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
2839 qemu_set_nonblock(vs->csock);
2840 #ifdef CONFIG_VNC_WS
2843 #ifdef CONFIG_VNC_TLS
2844 if (vd->tls.x509cert) {
2845 qemu_set_fd_handler2(vs->csock, NULL, vncws_tls_handshake_peek,
2848 #endif /* CONFIG_VNC_TLS */
2850 qemu_set_fd_handler2(vs->csock, NULL, vncws_handshake_read,
2854 #endif /* CONFIG_VNC_WS */
2856 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
2859 vnc_client_cache_addr(vs);
2860 vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED);
2861 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING);
2865 #ifdef CONFIG_VNC_WS
2873 void vnc_init_state(VncState *vs)
2875 vs->initialized = true;
2876 VncDisplay *vd = vs->vd;
2881 vs->as.freq = 44100;
2882 vs->as.nchannels = 2;
2883 vs->as.fmt = AUD_FMT_S16;
2884 vs->as.endianness = 0;
2886 qemu_mutex_init(&vs->output_mutex);
2887 vs->bh = qemu_bh_new(vnc_jobs_bh, vs);
2889 QTAILQ_INSERT_HEAD(&vd->clients, vs, next);
2891 graphic_hw_update(NULL);
2893 vnc_write(vs, "RFB 003.008\n", 12);
2895 vnc_read_when(vs, protocol_version, 12);
2897 if (vs->vd->lock_key_sync)
2898 vs->led = qemu_add_led_event_handler(kbd_leds, vs);
2900 vs->mouse_mode_notifier.notify = check_pointer_type_change;
2901 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
2903 /* vs might be free()ed here */
2906 static void vnc_listen_read(void *opaque, bool websocket)
2908 VncDisplay *vs = opaque;
2909 struct sockaddr_in addr;
2910 socklen_t addrlen = sizeof(addr);
2914 graphic_hw_update(NULL);
2915 #ifdef CONFIG_VNC_WS
2917 csock = qemu_accept(vs->lwebsock, (struct sockaddr *)&addr, &addrlen);
2919 #endif /* CONFIG_VNC_WS */
2921 csock = qemu_accept(vs->lsock, (struct sockaddr *)&addr, &addrlen);
2925 vnc_connect(vs, csock, false, websocket);
2929 static void vnc_listen_regular_read(void *opaque)
2931 vnc_listen_read(opaque, false);
2934 #ifdef CONFIG_VNC_WS
2935 static void vnc_listen_websocket_read(void *opaque)
2937 vnc_listen_read(opaque, true);
2939 #endif /* CONFIG_VNC_WS */
2941 static const DisplayChangeListenerOps dcl_ops = {
2943 .dpy_refresh = vnc_refresh,
2944 .dpy_gfx_copy = vnc_dpy_copy,
2945 .dpy_gfx_update = vnc_dpy_update,
2946 .dpy_gfx_switch = vnc_dpy_switch,
2947 .dpy_mouse_set = vnc_mouse_set,
2948 .dpy_cursor_define = vnc_dpy_cursor_define,
2951 void vnc_display_init(DisplayState *ds)
2953 VncDisplay *vs = g_malloc0(sizeof(*vs));
2958 #ifdef CONFIG_VNC_WS
2962 QTAILQ_INIT(&vs->clients);
2963 vs->expires = TIME_MAX;
2965 if (keyboard_layout) {
2966 trace_vnc_key_map_init(keyboard_layout);
2967 vs->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout);
2969 vs->kbd_layout = init_keyboard_layout(name2keysym, "en-us");
2972 if (!vs->kbd_layout)
2975 qemu_mutex_init(&vs->mutex);
2976 vnc_start_worker_thread();
2978 vs->dcl.ops = &dcl_ops;
2979 register_displaychangelistener(&vs->dcl);
2983 static void vnc_display_close(DisplayState *ds)
2985 VncDisplay *vs = vnc_display;
2989 g_free(vs->display);
2991 if (vs->lsock != -1) {
2992 qemu_set_fd_handler2(vs->lsock, NULL, NULL, NULL, NULL);
2996 #ifdef CONFIG_VNC_WS
2997 g_free(vs->ws_display);
2998 vs->ws_display = NULL;
2999 if (vs->lwebsock != -1) {
3000 qemu_set_fd_handler2(vs->lwebsock, NULL, NULL, NULL, NULL);
3001 close(vs->lwebsock);
3004 #endif /* CONFIG_VNC_WS */
3005 vs->auth = VNC_AUTH_INVALID;
3006 #ifdef CONFIG_VNC_TLS
3007 vs->subauth = VNC_AUTH_INVALID;
3008 vs->tls.x509verify = 0;
3012 int vnc_display_password(DisplayState *ds, const char *password)
3014 VncDisplay *vs = vnc_display;
3019 if (vs->auth == VNC_AUTH_NONE) {
3020 error_printf_unless_qmp("If you want use passwords please enable "
3021 "password auth using '-vnc ${dpy},password'.");
3025 g_free(vs->password);
3026 vs->password = g_strdup(password);
3031 int vnc_display_pw_expire(DisplayState *ds, time_t expires)
3033 VncDisplay *vs = vnc_display;
3039 vs->expires = expires;
3043 char *vnc_display_local_addr(DisplayState *ds)
3045 VncDisplay *vs = vnc_display;
3047 return vnc_socket_local_addr("%s:%s", vs->lsock);
3050 void vnc_display_open(DisplayState *ds, const char *display, Error **errp)
3052 VncDisplay *vs = vnc_display;
3053 const char *options;
3056 #ifdef CONFIG_VNC_TLS
3057 int tls = 0, x509 = 0;
3059 #ifdef CONFIG_VNC_SASL
3063 #if defined(CONFIG_VNC_TLS) || defined(CONFIG_VNC_SASL)
3066 int lock_key_sync = 1;
3069 error_setg(errp, "VNC display not active");
3072 vnc_display_close(ds);
3073 if (strcmp(display, "none") == 0)
3076 vs->display = g_strdup(display);
3077 vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
3080 while ((options = strchr(options, ','))) {
3082 if (strncmp(options, "password", 8) == 0) {
3083 if (fips_get_state()) {
3085 "VNC password auth disabled due to FIPS mode, "
3086 "consider using the VeNCrypt or SASL authentication "
3087 "methods as an alternative");
3090 password = 1; /* Require password auth */
3091 } else if (strncmp(options, "reverse", 7) == 0) {
3093 } else if (strncmp(options, "no-lock-key-sync", 16) == 0) {
3095 #ifdef CONFIG_VNC_SASL
3096 } else if (strncmp(options, "sasl", 4) == 0) {
3097 sasl = 1; /* Require SASL auth */
3099 #ifdef CONFIG_VNC_WS
3100 } else if (strncmp(options, "websocket", 9) == 0) {
3104 /* Check for 'websocket=<port>' */
3105 start = strchr(options, '=');
3106 end = strchr(options, ',');
3107 if (start && (!end || (start < end))) {
3108 int len = end ? end-(start+1) : strlen(start+1);
3110 /* extract the host specification from display */
3111 char *host = NULL, *port = NULL, *host_end = NULL;
3112 port = g_strndup(start + 1, len);
3114 /* ipv6 hosts have colons */
3115 end = strchr(display, ',');
3116 host_end = g_strrstr_len(display, end - display, ":");
3119 host = g_strndup(display, host_end - display + 1);
3121 host = g_strndup(":", 1);
3123 vs->ws_display = g_strconcat(host, port, NULL);
3128 #endif /* CONFIG_VNC_WS */
3129 #ifdef CONFIG_VNC_TLS
3130 } else if (strncmp(options, "tls", 3) == 0) {
3131 tls = 1; /* Require TLS */
3132 } else if (strncmp(options, "x509", 4) == 0) {
3134 x509 = 1; /* Require x509 certificates */
3135 if (strncmp(options, "x509verify", 10) == 0)
3136 vs->tls.x509verify = 1; /* ...and verify client certs */
3138 /* Now check for 'x509=/some/path' postfix
3139 * and use that to setup x509 certificate/key paths */
3140 start = strchr(options, '=');
3141 end = strchr(options, ',');
3142 if (start && (!end || (start < end))) {
3143 int len = end ? end-(start+1) : strlen(start+1);
3144 char *path = g_strndup(start + 1, len);
3146 VNC_DEBUG("Trying certificate path '%s'\n", path);
3147 if (vnc_tls_set_x509_creds_dir(vs, path) < 0) {
3148 error_setg(errp, "Failed to find x509 certificates/keys in %s", path);
3154 error_setg(errp, "No certificate path provided");
3158 #if defined(CONFIG_VNC_TLS) || defined(CONFIG_VNC_SASL)
3159 } else if (strncmp(options, "acl", 3) == 0) {
3162 } else if (strncmp(options, "lossy", 5) == 0) {
3163 #ifdef CONFIG_VNC_JPEG
3166 } else if (strncmp(options, "non-adaptive", 12) == 0) {
3167 vs->non_adaptive = true;
3168 } else if (strncmp(options, "share=", 6) == 0) {
3169 if (strncmp(options+6, "ignore", 6) == 0) {
3170 vs->share_policy = VNC_SHARE_POLICY_IGNORE;
3171 } else if (strncmp(options+6, "allow-exclusive", 15) == 0) {
3172 vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
3173 } else if (strncmp(options+6, "force-shared", 12) == 0) {
3174 vs->share_policy = VNC_SHARE_POLICY_FORCE_SHARED;
3176 error_setg(errp, "unknown vnc share= option");
3182 /* adaptive updates are only used with tight encoding and
3183 * if lossy updates are enabled so we can disable all the
3184 * calculations otherwise */
3186 vs->non_adaptive = true;
3189 #ifdef CONFIG_VNC_TLS
3190 if (acl && x509 && vs->tls.x509verify) {
3191 if (!(vs->tls.acl = qemu_acl_init("vnc.x509dname"))) {
3192 fprintf(stderr, "Failed to create x509 dname ACL\n");
3197 #ifdef CONFIG_VNC_SASL
3199 if (!(vs->sasl.acl = qemu_acl_init("vnc.username"))) {
3200 fprintf(stderr, "Failed to create username ACL\n");
3207 * Combinations we support here:
3209 * - no-auth (clear text, no auth)
3210 * - password (clear text, weak auth)
3211 * - sasl (encrypt, good auth *IF* using Kerberos via GSSAPI)
3212 * - tls (encrypt, weak anonymous creds, no auth)
3213 * - tls + password (encrypt, weak anonymous creds, weak auth)
3214 * - tls + sasl (encrypt, weak anonymous creds, good auth)
3215 * - tls + x509 (encrypt, good x509 creds, no auth)
3216 * - tls + x509 + password (encrypt, good x509 creds, weak auth)
3217 * - tls + x509 + sasl (encrypt, good x509 creds, good auth)
3219 * NB1. TLS is a stackable auth scheme.
3220 * NB2. the x509 schemes have option to validate a client cert dname
3223 #ifdef CONFIG_VNC_TLS
3225 vs->auth = VNC_AUTH_VENCRYPT;
3227 VNC_DEBUG("Initializing VNC server with x509 password auth\n");
3228 vs->subauth = VNC_AUTH_VENCRYPT_X509VNC;
3230 VNC_DEBUG("Initializing VNC server with TLS password auth\n");
3231 vs->subauth = VNC_AUTH_VENCRYPT_TLSVNC;
3234 #endif /* CONFIG_VNC_TLS */
3235 VNC_DEBUG("Initializing VNC server with password auth\n");
3236 vs->auth = VNC_AUTH_VNC;
3237 #ifdef CONFIG_VNC_TLS
3238 vs->subauth = VNC_AUTH_INVALID;
3240 #endif /* CONFIG_VNC_TLS */
3241 #ifdef CONFIG_VNC_SASL
3243 #ifdef CONFIG_VNC_TLS
3245 vs->auth = VNC_AUTH_VENCRYPT;
3247 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n");
3248 vs->subauth = VNC_AUTH_VENCRYPT_X509SASL;
3250 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n");
3251 vs->subauth = VNC_AUTH_VENCRYPT_TLSSASL;
3254 #endif /* CONFIG_VNC_TLS */
3255 VNC_DEBUG("Initializing VNC server with SASL auth\n");
3256 vs->auth = VNC_AUTH_SASL;
3257 #ifdef CONFIG_VNC_TLS
3258 vs->subauth = VNC_AUTH_INVALID;
3260 #endif /* CONFIG_VNC_TLS */
3261 #endif /* CONFIG_VNC_SASL */
3263 #ifdef CONFIG_VNC_TLS
3265 vs->auth = VNC_AUTH_VENCRYPT;
3267 VNC_DEBUG("Initializing VNC server with x509 no auth\n");
3268 vs->subauth = VNC_AUTH_VENCRYPT_X509NONE;
3270 VNC_DEBUG("Initializing VNC server with TLS no auth\n");
3271 vs->subauth = VNC_AUTH_VENCRYPT_TLSNONE;
3275 VNC_DEBUG("Initializing VNC server with no auth\n");
3276 vs->auth = VNC_AUTH_NONE;
3277 #ifdef CONFIG_VNC_TLS
3278 vs->subauth = VNC_AUTH_INVALID;
3283 #ifdef CONFIG_VNC_SASL
3284 if ((saslErr = sasl_server_init(NULL, "qemu")) != SASL_OK) {
3285 error_setg(errp, "Failed to initialize SASL auth: %s",
3286 sasl_errstring(saslErr, NULL, NULL));
3290 vs->lock_key_sync = lock_key_sync;
3293 /* connect to viewer */
3296 #ifdef CONFIG_VNC_WS
3299 if (strncmp(display, "unix:", 5) == 0) {
3300 csock = unix_connect(display+5, errp);
3302 csock = inet_connect(display, errp);
3307 vnc_connect(vs, csock, false, false);
3309 /* listen for connects */
3311 dpy = g_malloc(256);
3312 if (strncmp(display, "unix:", 5) == 0) {
3313 pstrcpy(dpy, 256, "unix:");
3314 vs->lsock = unix_listen(display+5, dpy+5, 256-5, errp);
3316 vs->lsock = inet_listen(display, dpy, 256,
3317 SOCK_STREAM, 5900, errp);
3318 if (vs->lsock < 0) {
3322 #ifdef CONFIG_VNC_WS
3323 if (vs->websocket) {
3324 if (vs->ws_display) {
3325 vs->lwebsock = inet_listen(vs->ws_display, NULL, 256,
3326 SOCK_STREAM, 0, errp);
3328 vs->lwebsock = inet_listen(vs->display, NULL, 256,
3329 SOCK_STREAM, 5700, errp);
3332 if (vs->lwebsock < 0) {
3341 #endif /* CONFIG_VNC_WS */
3343 g_free(vs->display);
3345 qemu_set_fd_handler2(vs->lsock, NULL,
3346 vnc_listen_regular_read, NULL, vs);
3347 #ifdef CONFIG_VNC_WS
3348 if (vs->websocket) {
3349 qemu_set_fd_handler2(vs->lwebsock, NULL,
3350 vnc_listen_websocket_read, NULL, vs);
3352 #endif /* CONFIG_VNC_WS */
3357 g_free(vs->display);
3359 #ifdef CONFIG_VNC_WS
3360 g_free(vs->ws_display);
3361 vs->ws_display = NULL;
3362 #endif /* CONFIG_VNC_WS */
3365 void vnc_display_add_client(DisplayState *ds, int csock, bool skipauth)
3367 VncDisplay *vs = vnc_display;
3369 vnc_connect(vs, csock, skipauth, false);
projects / qemu.git / blob