avoid TABs in files that only contain a few

[qemu.git] / ui / vnc.c
diff --git a/ui/vnc.c b/ui/vnc.c

index e53e84587a1936ae0d05593f949d7e8314e2b4c6..9e4b2beb711a37585f69bd8fedab7cbfcc23b479 100644 (file)
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -30,15 +30,15 @@
  #include "trace.h"
  #include "sysemu/sysemu.h"
  #include "qemu/error-report.h"
+#include "qemu/option.h"
  #include "qemu/sockets.h"
  #include "qemu/timer.h"
  #include "qemu/acl.h"
  #include "qemu/config-file.h"
-#include "qapi/qmp/qerror.h"
-#include "qapi/qmp/types.h"
-#include "qmp-commands.h"
+#include "qapi/qapi-events.h"
+#include "qapi/error.h"
+#include "qapi/qapi-commands-ui.h"
  #include "ui/input.h"
-#include "qapi-event.h"
  #include "crypto/hash.h"
  #include "crypto/tlscredsanon.h"
  #include "crypto/tlscredsx509.h"
@@ -228,12 +228,12 @@ static VncServerInfo *vnc_server_info_get(VncDisplay *vd)
      VncServerInfo *info;
      Error *err = NULL;
  
-    if (!vd->nlsock) {
+    if (!vd->listener || !vd->listener->nsioc) {
          return NULL;
      }
  
      info = g_malloc0(sizeof(*info));
-    vnc_init_basic_info_from_server_addr(vd->lsock[0],
+    vnc_init_basic_info_from_server_addr(vd->listener->sioc[0],
                                           qapi_VncServerInfo_base(info), &err);
      info->has_auth = true;
      info->auth = g_strdup(vnc_auth_name(vd));
@@ -296,14 +296,13 @@ static void vnc_qmp_event(VncState *vs, QAPIEvent event)
  
      switch (event) {
      case QAPI_EVENT_VNC_CONNECTED:
-        qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info),
-                                      &error_abort);
+        qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info));
          break;
      case QAPI_EVENT_VNC_INITIALIZED:
-        qapi_event_send_vnc_initialized(si, vs->info, &error_abort);
+        qapi_event_send_vnc_initialized(si, vs->info);
          break;
      case QAPI_EVENT_VNC_DISCONNECTED:
-        qapi_event_send_vnc_disconnected(si, vs->info, &error_abort);
+        qapi_event_send_vnc_disconnected(si, vs->info);
          break;
      default:
          break;
@@ -379,7 +378,7 @@ VncInfo *qmp_query_vnc(Error **errp)
      VncDisplay *vd = vnc_display_find(NULL);
      SocketAddress *addr = NULL;
  
-    if (vd == NULL || !vd->nlsock) {
+    if (vd == NULL || !vd->listener || !vd->listener->nsioc) {
          info->enabled = false;
      } else {
          info->enabled = true;
@@ -388,11 +387,8 @@ VncInfo *qmp_query_vnc(Error **errp)
          info->has_clients = true;
          info->clients = qmp_query_client_list(vd);
  
-        if (vd->lsock == NULL) {
-            return info;
-        }
-
-        addr = qio_channel_socket_get_local_address(vd->lsock[0], errp);
+        addr = qio_channel_socket_get_local_address(vd->listener->sioc[0],
+                                                    errp);
          if (!addr) {
              goto out_error;
          }
@@ -572,13 +568,14 @@ VncInfo2List *qmp_query_vnc_servers(Error **errp)
              info->has_display = true;
              info->display = g_strdup(dev->id);
          }
-        for (i = 0; i < vd->nlsock; i++) {
+        for (i = 0; vd->listener != NULL && i < vd->listener->nsioc; i++) {
              info->server = qmp_query_server_entry(
-                vd->lsock[i], false, vd->auth, vd->subauth, info->server);
+                vd->listener->sioc[i], false, vd->auth, vd->subauth,
+                info->server);
          }
-        for (i = 0; i < vd->nlwebsock; i++) {
+        for (i = 0; vd->wslistener != NULL && i < vd->wslistener->nsioc; i++) {
              info->server = qmp_query_server_entry(
-                vd->lwebsock[i], true, vd->ws_auth,
+                vd->wslistener->sioc[i], true, vd->ws_auth,
                  vd->ws_subauth, info->server);
          }
  
@@ -672,6 +669,11 @@ static void vnc_desktop_resize(VncState *vs)
          vs->client_height == pixman_image_get_height(vs->vd->server)) {
          return;
      }
+
+    assert(pixman_image_get_width(vs->vd->server) < 65536 &&
+           pixman_image_get_width(vs->vd->server) >= 0);
+    assert(pixman_image_get_height(vs->vd->server) < 65536 &&
+           pixman_image_get_height(vs->vd->server) >= 0);
      vs->client_width = pixman_image_get_width(vs->vd->server);
      vs->client_height = pixman_image_get_height(vs->vd->server);
      vnc_lock_output(vs);
@@ -743,9 +745,19 @@ static void vnc_update_server_surface(VncDisplay *vd)
  static void vnc_dpy_switch(DisplayChangeListener *dcl,
                             DisplaySurface *surface)
  {
+    static const char placeholder_msg[] =
+        "Display output is not active.";
+    static DisplaySurface *placeholder;
      VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
      VncState *vs;
  
+    if (surface == NULL) {
+        if (placeholder == NULL) {
+            placeholder = qemu_create_message_surface(640, 480, placeholder_msg);
+        }
+        surface = placeholder;
+    }
+
      vnc_abort_display_jobs(vd);
      vd->ds = surface;
  
@@ -979,14 +991,7 @@ static void vnc_update_throttle_offset(VncState *vs)
          vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel;
  
      if (vs->audio_cap) {
-        int freq = vs->as.freq;
-        /* We don't limit freq when reading settings from client, so
-         * it could be upto MAX_INT in size. 48khz is a sensible
-         * upper bound for trustworthy clients */
          int bps;
-        if (freq > 48000) {
-            freq = 48000;
-        }
          switch (vs->as.fmt) {
          default:
          case  AUD_FMT_U8:
@@ -1002,7 +1007,7 @@ static void vnc_update_throttle_offset(VncState *vs)
              bps = 4;
              break;
          }
-        offset += freq * bps * vs->as.nchannels;
+        offset += vs->as.freq * bps * vs->as.nchannels;
      }
  
      /* Put a floor of 1MB on offset, so that if we have a large pending
@@ -1011,6 +1016,12 @@ static void vnc_update_throttle_offset(VncState *vs)
       */
      offset = MAX(offset, 1024 * 1024);
  
+    if (vs->throttle_output_offset != offset) {
+        trace_vnc_client_throttle_threshold(
+            vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_width,
+            vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_cap);
+    }
+
      vs->throttle_output_offset = offset;
  }
  
@@ -1028,6 +1039,8 @@ static bool vnc_should_update(VncState *vs)
              vs->job_update == VNC_STATE_UPDATE_NONE) {
              return true;
          }
+        trace_vnc_client_throttle_incremental(
+            vs, vs->ioc, vs->job_update, vs->output.offset);
          break;
      case VNC_STATE_UPDATE_FORCE:
          /* Only allow forced updates if the pending send queue
@@ -1042,6 +1055,8 @@ static bool vnc_should_update(VncState *vs)
              vs->job_update == VNC_STATE_UPDATE_NONE) {
              return true;
          }
+        trace_vnc_client_throttle_forced(
+            vs, vs->ioc, vs->job_update, vs->force_update_offset);
          break;
      }
      return false;
@@ -1122,6 +1137,7 @@ static void audio_capture_notify(void *opaque, audcnotification_e cmd)
  {
      VncState *vs = opaque;
  
+    assert(vs->magic == VNC_MAGIC);
      switch (cmd) {
      case AUD_CNOTIFY_DISABLE:
          vnc_lock_output(vs);
@@ -1151,6 +1167,7 @@ static void audio_capture(void *opaque, void *buf, int size)
  {
      VncState *vs = opaque;
  
+    assert(vs->magic == VNC_MAGIC);
      vnc_lock_output(vs);
      if (vs->output.offset < vs->throttle_output_offset) {
          vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
@@ -1158,6 +1175,8 @@ static void audio_capture(void *opaque, void *buf, int size)
          vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA);
          vnc_write_u32(vs, size);
          vnc_write(vs, buf, size);
+    } else {
+        trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset);
      }
      vnc_unlock_output(vs);
      vnc_flush(vs);
@@ -1257,10 +1276,11 @@ void vnc_disconnect_finish(VncState *vs)
      vs->ioc = NULL;
      object_unref(OBJECT(vs->sioc));
      vs->sioc = NULL;
+    vs->magic = 0;
      g_free(vs);
  }
  
-ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp)
+size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp)
  {
      if (ret <= 0) {
          if (ret == 0) {
@@ -1303,9 +1323,9 @@ void vnc_client_error(VncState *vs)
   *
   * Returns the number of bytes written, which may be less than
   * the requested 'datalen' if the socket would block. Returns
- * -1 on error, and disconnects the client socket.
+ * 0 on I/O error, and disconnects the client socket.
   */
-ssize_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen)
+size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen)
  {
      Error *err = NULL;
      ssize_t ret;
@@ -1323,12 +1343,13 @@ ssize_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen)
   * will switch the FD poll() handler back to read monitoring.
   *
   * Returns the number of bytes written, which may be less than
- * the buffered output data if the socket would block. Returns
- * -1 on error, and disconnects the client socket.
+ * the buffered output data if the socket would block.  Returns
+ * 0 on I/O error, and disconnects the client socket.
   */
-static ssize_t vnc_client_write_plain(VncState *vs)
+static size_t vnc_client_write_plain(VncState *vs)
  {
-    ssize_t ret;
+    size_t offset;
+    size_t ret;
  
  #ifdef CONFIG_VNC_SASL
      VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n",
@@ -1348,11 +1369,19 @@ static ssize_t vnc_client_write_plain(VncState *vs)
          return 0;
  
      if (ret >= vs->force_update_offset) {
+        if (vs->force_update_offset != 0) {
+            trace_vnc_client_unthrottle_forced(vs, vs->ioc);
+        }
          vs->force_update_offset = 0;
      } else {
          vs->force_update_offset -= ret;
      }
+    offset = vs->output.offset;
      buffer_advance(&vs->output, ret);
+    if (offset >= vs->throttle_output_offset &&
+        vs->output.offset < vs->throttle_output_offset) {
+        trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.offset);
+    }
  
      if (vs->output.offset == 0) {
          if (vs->ioc_tag) {
@@ -1387,7 +1416,7 @@ static void vnc_client_write_locked(VncState *vs)
  
  static void vnc_client_write(VncState *vs)
  {
-
+    assert(vs->magic == VNC_MAGIC);
      vnc_lock_output(vs);
      if (vs->output.offset) {
          vnc_client_write_locked(vs);
@@ -1421,9 +1450,9 @@ void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting)
   *
   * Returns the number of bytes read, which may be less than
   * the requested 'datalen' if the socket would block. Returns
- * -1 on error, and disconnects the client socket.
+ * 0 on I/O error or EOF, and disconnects the client socket.
   */
-ssize_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen)
+size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen)
  {
      ssize_t ret;
      Error *err = NULL;
@@ -1439,12 +1468,13 @@ ssize_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen)
   * when not using any SASL SSF encryption layers. Will read as much
   * data as possible without blocking.
   *
- * Returns the number of bytes read. Returns -1 on error, and
- * disconnects the client socket.
+ * Returns the number of bytes read, which may be less than
+ * the requested 'datalen' if the socket would block. Returns
+ * 0 on I/O error or EOF, and disconnects the client socket.
   */
-static ssize_t vnc_client_read_plain(VncState *vs)
+static size_t vnc_client_read_plain(VncState *vs)
  {
-    ssize_t ret;
+    size_t ret;
      VNC_DEBUG("Read plain %p size %zd offset %zd\n",
                vs->input.buffer, vs->input.capacity, vs->input.offset);
      buffer_reserve(&vs->input, 4096);
@@ -1459,6 +1489,7 @@ static void vnc_jobs_bh(void *opaque)
  {
      VncState *vs = opaque;
  
+    assert(vs->magic == VNC_MAGIC);
      vnc_jobs_consume_buffer(vs);
  }
  
@@ -1470,7 +1501,7 @@ static void vnc_jobs_bh(void *opaque)
   */
  static int vnc_client_read(VncState *vs)
  {
-    ssize_t ret;
+    size_t ret;
  
  #ifdef CONFIG_VNC_SASL
      if (vs->sasl.conn && vs->sasl.runSSF)
@@ -1509,14 +1540,24 @@ gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED,
                         GIOCondition condition, void *opaque)
  {
      VncState *vs = opaque;
+
+    assert(vs->magic == VNC_MAGIC);
      if (condition & G_IO_IN) {
          if (vnc_client_read(vs) < 0) {
+            /* vs is free()ed here */
              return TRUE;
          }
      }
      if (condition & G_IO_OUT) {
          vnc_client_write(vs);
      }
+
+    if (vs->disconnecting) {
+        if (vs->ioc_tag != 0) {
+            g_source_remove(vs->ioc_tag);
+        }
+        vs->ioc_tag = 0;
+    }
      return TRUE;
  }
  
@@ -1532,6 +1573,7 @@ gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED,
  
  void vnc_write(VncState *vs, const void *data, size_t len)
  {
+    assert(vs->magic == VNC_MAGIC);
      if (vs->disconnecting) {
          return;
      }
@@ -1547,8 +1589,10 @@ void vnc_write(VncState *vs, const void *data, size_t len)
       * handshake, or from the job thread's VncState clone
       */
      if (vs->throttle_output_offset != 0 &&
-        vs->output.offset > (vs->throttle_output_offset *
-                             VNC_THROTTLE_OUTPUT_LIMIT_SCALE)) {
+        (vs->output.offset / VNC_THROTTLE_OUTPUT_LIMIT_SCALE) >
+        vs->throttle_output_offset) {
+        trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset,
+                                      vs->throttle_output_offset);
          vnc_disconnect_start(vs);
          return;
      }
@@ -1603,6 +1647,12 @@ void vnc_flush(VncState *vs)
      if (vs->ioc != NULL && vs->output.offset) {
          vnc_client_write_locked(vs);
      }
+    if (vs->disconnecting) {
+        if (vs->ioc_tag != 0) {
+            g_source_remove(vs->ioc_tag);
+        }
+        vs->ioc_tag = 0;
+    }
      vnc_unlock_output(vs);
  }
  
@@ -1701,7 +1751,8 @@ static void reset_keys(VncState *vs)
  
  static void press_key(VncState *vs, int keysym)
  {
-    int keycode = keysym2scancode(vs->vd->kbd_layout, keysym) & SCANCODE_KEYMASK;
+    int keycode = keysym2scancode(vs->vd->kbd_layout, keysym,
+                                  false, false, false) & SCANCODE_KEYMASK;
      qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, true);
      qemu_input_event_send_key_delay(vs->vd->key_delay_ms);
      qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false);
@@ -1960,6 +2011,9 @@ static const char *code2name(int keycode)
  
  static void key_event(VncState *vs, int down, uint32_t sym)
  {
+    bool shift = vs->modifiers_state[0x2a] || vs->modifiers_state[0x36];
+    bool altgr = vs->modifiers_state[0xb8];
+    bool ctrl  = vs->modifiers_state[0x1d] || vs->modifiers_state[0x9d];
      int keycode;
      int lsym = sym;
  
@@ -1967,7 +2021,8 @@ static void key_event(VncState *vs, int down, uint32_t sym)
          lsym = lsym - 'A' + 'a';
      }
  
-    keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF) & SCANCODE_KEYMASK;
+    keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF,
+                              shift, altgr, ctrl) & SCANCODE_KEYMASK;
      trace_vnc_key_event_map(down, sym, keycode, code2name(keycode));
      do_key_event(vs, down, keycode, sym);
  }
@@ -2252,6 +2307,7 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
  {
      int i;
      uint16_t limit;
+    uint32_t freq;
      VncDisplay *vd = vs->vd;
  
      if (data[0] > 3) {
@@ -2371,7 +2427,17 @@ static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
                      vnc_client_error(vs);
                      break;
                  }
-                vs->as.freq = read_u32(data, 6);
+                freq = read_u32(data, 6);
+                /* No official limit for protocol, but 48khz is a sensible
+                 * upper bound for trustworthy clients, and this limit
+                 * protects calculations involving 'vs->as.freq' later.
+                 */
+                if (freq > 48000) {
+                    VNC_DEBUG("Invalid audio frequency %u > 48000", freq);
+                    vnc_client_error(vs);
+                    break;
+                }
+                vs->as.freq = freq;
                  break;
              default:
                  VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4));
@@ -2466,6 +2532,10 @@ static int protocol_client_init(VncState *vs, uint8_t *data, size_t len)
          return 0;
      }
  
+    assert(pixman_image_get_width(vs->vd->server) < 65536 &&
+           pixman_image_get_width(vs->vd->server) >= 0);
+    assert(pixman_image_get_height(vs->vd->server) < 65536 &&
+           pixman_image_get_height(vs->vd->server) >= 0);
      vs->client_width = pixman_image_get_width(vs->vd->server);
      vs->client_height = pixman_image_get_height(vs->vd->server);
      vnc_write_u16(vs, vs->client_width);
@@ -2896,7 +2966,8 @@ static int vnc_refresh_server_surface(VncDisplay *vd)
              PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb));
          guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb);
          guest_stride = pixman_image_get_stride(vd->guest.fb);
-        guest_ll = pixman_image_get_width(vd->guest.fb) * (DIV_ROUND_UP(guest_bpp, 8));
+        guest_ll = pixman_image_get_width(vd->guest.fb)
+                   * DIV_ROUND_UP(guest_bpp, 8);
      }
      line_bytes = MIN(server_stride, guest_ll);
  
@@ -3000,6 +3071,7 @@ static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc,
      int i;
  
      trace_vnc_client_connect(vs, sioc);
+    vs->magic = VNC_MAGIC;
      vs->sioc = sioc;
      object_ref(OBJECT(vs->sioc));
      vs->ioc = QIO_CHANNEL(sioc);
@@ -3025,8 +3097,8 @@ static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc,
      buffer_init(&vs->zrle.zlib,      "vnc-zrle-zlib/%p", sioc);
  
      if (skipauth) {
-       vs->auth = VNC_AUTH_NONE;
-       vs->subauth = VNC_AUTH_INVALID;
+        vs->auth = VNC_AUTH_NONE;
+        vs->subauth = VNC_AUTH_INVALID;
      } else {
          if (websocket) {
              vs->auth = vd->ws_auth;
@@ -3110,36 +3182,17 @@ void vnc_start_protocol(VncState *vs)
      qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
  }
  
-static gboolean vnc_listen_io(QIOChannel *ioc,
-                              GIOCondition condition,
-                              void *opaque)
+static void vnc_listen_io(QIONetListener *listener,
+                          QIOChannelSocket *cioc,
+                          void *opaque)
  {
      VncDisplay *vd = opaque;
-    QIOChannelSocket *sioc = NULL;
-    Error *err = NULL;
-    bool isWebsock = false;
-    size_t i;
-
-    for (i = 0; i < vd->nlwebsock; i++) {
-        if (ioc == QIO_CHANNEL(vd->lwebsock[i])) {
-            isWebsock = true;
-            break;
-        }
-    }
-
-    sioc = qio_channel_socket_accept(QIO_CHANNEL_SOCKET(ioc), &err);
-    if (sioc != NULL) {
-        qio_channel_set_name(QIO_CHANNEL(sioc),
-                             isWebsock ? "vnc-ws-server" : "vnc-server");
-        qio_channel_set_delay(QIO_CHANNEL(sioc), false);
-        vnc_connect(vd, sioc, false, isWebsock);
-        object_unref(OBJECT(sioc));
-    } else {
-        /* client probably closed connection before we got there */
-        error_free(err);
-    }
+    bool isWebsock = listener == vd->wslistener;
  
-    return TRUE;
+    qio_channel_set_name(QIO_CHANNEL(cioc),
+                         isWebsock ? "vnc-ws-server" : "vnc-server");
+    qio_channel_set_delay(QIO_CHANNEL(cioc), false);
+    vnc_connect(vd, cioc, false, isWebsock);
  }
  
  static const DisplayChangeListenerOps dcl_ops = {
@@ -3152,7 +3205,7 @@ static const DisplayChangeListenerOps dcl_ops = {
      .dpy_cursor_define    = vnc_dpy_cursor_define,
  };
  
-void vnc_display_init(const char *id)
+void vnc_display_init(const char *id, Error **errp)
  {
      VncDisplay *vd;
  
@@ -3169,13 +3222,14 @@ void vnc_display_init(const char *id)
  
      if (keyboard_layout) {
          trace_vnc_key_map_init(keyboard_layout);
-        vd->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout);
+        vd->kbd_layout = init_keyboard_layout(name2keysym,
+                                              keyboard_layout, errp);
      } else {
-        vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us");
+        vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us", errp);
      }
  
      if (!vd->kbd_layout) {
-        exit(1);
+        return;
      }
  
      vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
@@ -3191,34 +3245,22 @@ void vnc_display_init(const char *id)
  
  static void vnc_display_close(VncDisplay *vd)
  {
-    size_t i;
      if (!vd) {
          return;
      }
      vd->is_unix = false;
-    for (i = 0; i < vd->nlsock; i++) {
-        if (vd->lsock_tag[i]) {
-            g_source_remove(vd->lsock_tag[i]);
-        }
-        object_unref(OBJECT(vd->lsock[i]));
+
+    if (vd->listener) {
+        qio_net_listener_disconnect(vd->listener);
+        object_unref(OBJECT(vd->listener));
      }
-    g_free(vd->lsock);
-    g_free(vd->lsock_tag);
-    vd->lsock = NULL;
-    vd->lsock_tag = NULL;
-    vd->nlsock = 0;
+    vd->listener = NULL;
  
-    for (i = 0; i < vd->nlwebsock; i++) {
-        if (vd->lwebsock_tag[i]) {
-            g_source_remove(vd->lwebsock_tag[i]);
-        }
-        object_unref(OBJECT(vd->lwebsock[i]));
+    if (vd->wslistener) {
+        qio_net_listener_disconnect(vd->wslistener);
+        object_unref(OBJECT(vd->wslistener));
      }
-    g_free(vd->lwebsock);
-    g_free(vd->lwebsock_tag);
-    vd->lwebsock = NULL;
-    vd->lwebsock_tag = NULL;
-    vd->nlwebsock = 0;
+    vd->wslistener = NULL;
  
      vd->auth = VNC_AUTH_INVALID;
      vd->subauth = VNC_AUTH_INVALID;
@@ -3270,11 +3312,11 @@ static void vnc_display_print_local_addr(VncDisplay *vd)
      SocketAddress *addr;
      Error *err = NULL;
  
-    if (!vd->nlsock) {
+    if (!vd->listener || !vd->listener->nsioc) {
          return;
      }
  
-    addr = qio_channel_socket_get_local_address(vd->lsock[0], &err);
+    addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], &err);
      if (!addr) {
          return;
      }
@@ -3303,10 +3345,6 @@ static QemuOptsList qemu_vnc_opts = {
          },{
              .name = "tls-creds",
              .type = QEMU_OPT_STRING,
-        },{
-            /* Deprecated in favour of tls-creds */
-            .name = "x509",
-            .type = QEMU_OPT_STRING,
          },{
              .name = "share",
              .type = QEMU_OPT_STRING,
@@ -3343,14 +3381,6 @@ static QemuOptsList qemu_vnc_opts = {
          },{
              .name = "sasl",
              .type = QEMU_OPT_BOOL,
-        },{
-            /* Deprecated in favour of tls-creds */
-            .name = "tls",
-            .type = QEMU_OPT_BOOL,
-        },{
-            /* Deprecated in favour of tls-creds */
-            .name = "x509verify",
-            .type = QEMU_OPT_STRING,
          },{
              .name = "acl",
              .type = QEMU_OPT_BOOL,
@@ -3478,51 +3508,6 @@ vnc_display_setup_auth(int *auth,
  }
  
  
-/*
- * Handle back compat with old CLI syntax by creating some
- * suitable QCryptoTLSCreds objects
- */
-static QCryptoTLSCreds *
-vnc_display_create_creds(bool x509,
-                         bool x509verify,
-                         const char *dir,
-                         const char *id,
-                         Error **errp)
-{
-    gchar *credsid = g_strdup_printf("tlsvnc%s", id);
-    Object *parent = object_get_objects_root();
-    Object *creds;
-    Error *err = NULL;
-
-    if (x509) {
-        creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_X509,
-                                      parent,
-                                      credsid,
-                                      &err,
-                                      "endpoint", "server",
-                                      "dir", dir,
-                                      "verify-peer", x509verify ? "yes" : "no",
-                                      NULL);
-    } else {
-        creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON,
-                                      parent,
-                                      credsid,
-                                      &err,
-                                      "endpoint", "server",
-                                      NULL);
-    }
-
-    g_free(credsid);
-
-    if (err) {
-        error_propagate(errp, err);
-        return NULL;
-    }
-
-    return QCRYPTO_TLS_CREDS(creds);
-}
-
-
  static int vnc_display_get_address(const char *addrstr,
                                     bool websocket,
                                     bool reverse,
@@ -3782,68 +3767,6 @@ static int vnc_display_connect(VncDisplay *vd,
  }
  
  
-static int vnc_display_listen_addr(VncDisplay *vd,
-                                   SocketAddress *addr,
-                                   const char *name,
-                                   QIOChannelSocket ***lsock,
-                                   guint **lsock_tag,
-                                   size_t *nlsock,
-                                   Error **errp)
-{
-    QIODNSResolver *resolver = qio_dns_resolver_get_instance();
-    SocketAddress **rawaddrs = NULL;
-    size_t nrawaddrs = 0;
-    Error *listenerr = NULL;
-    bool listening = false;
-    size_t i;
-
-    if (qio_dns_resolver_lookup_sync(resolver, addr, &nrawaddrs,
-                                     &rawaddrs, errp) < 0) {
-        return -1;
-    }
-
-    for (i = 0; i < nrawaddrs; i++) {
-        QIOChannelSocket *sioc = qio_channel_socket_new();
-
-        qio_channel_set_name(QIO_CHANNEL(sioc), name);
-        if (qio_channel_socket_listen_sync(
-                sioc, rawaddrs[i], listenerr == NULL ? &listenerr : NULL) < 0) {
-            object_unref(OBJECT(sioc));
-            continue;
-        }
-        listening = true;
-        (*nlsock)++;
-        *lsock = g_renew(QIOChannelSocket *, *lsock, *nlsock);
-        *lsock_tag = g_renew(guint, *lsock_tag, *nlsock);
-
-        (*lsock)[*nlsock - 1] = sioc;
-        (*lsock_tag)[*nlsock - 1] = 0;
-    }
-
-    for (i = 0; i < nrawaddrs; i++) {
-        qapi_free_SocketAddress(rawaddrs[i]);
-    }
-    g_free(rawaddrs);
-
-    if (listenerr) {
-        if (!listening) {
-            error_propagate(errp, listenerr);
-            return -1;
-        } else {
-            error_free(listenerr);
-        }
-    }
-
-    for (i = 0; i < *nlsock; i++) {
-        (*lsock_tag)[i] = qio_channel_add_watch(
-            QIO_CHANNEL((*lsock)[i]),
-            G_IO_IN, vnc_listen_io, vd, NULL);
-    }
-
-    return 0;
-}
-
-
  static int vnc_display_listen(VncDisplay *vd,
                                SocketAddress **saddr,
                                size_t nsaddr,
@@ -3853,25 +3776,34 @@ static int vnc_display_listen(VncDisplay *vd,
  {
      size_t i;
  
-    for (i = 0; i < nsaddr; i++) {
-        if (vnc_display_listen_addr(vd, saddr[i],
-                                    "vnc-listen",
-                                    &vd->lsock,
-                                    &vd->lsock_tag,
-                                    &vd->nlsock,
-                                    errp) < 0) {
-            return -1;
+    if (nsaddr) {
+        vd->listener = qio_net_listener_new();
+        qio_net_listener_set_name(vd->listener, "vnc-listen");
+        for (i = 0; i < nsaddr; i++) {
+            if (qio_net_listener_open_sync(vd->listener,
+                                           saddr[i],
+                                           errp) < 0)  {
+                return -1;
+            }
          }
+
+        qio_net_listener_set_client_func(vd->listener,
+                                         vnc_listen_io, vd, NULL);
      }
-    for (i = 0; i < nwsaddr; i++) {
-        if (vnc_display_listen_addr(vd, wsaddr[i],
-                                    "vnc-ws-listen",
-                                    &vd->lwebsock,
-                                    &vd->lwebsock_tag,
-                                    &vd->nlwebsock,
-                                    errp) < 0) {
-            return -1;
+
+    if (nwsaddr) {
+        vd->wslistener = qio_net_listener_new();
+        qio_net_listener_set_name(vd->wslistener, "vnc-ws-listen");
+        for (i = 0; i < nwsaddr; i++) {
+            if (qio_net_listener_open_sync(vd->wslistener,
+                                           wsaddr[i],
+                                           errp) < 0)  {
+                return -1;
+            }
          }
+
+        qio_net_listener_set_client_func(vd->wslistener,
+                                         vnc_listen_io, vd, NULL);
      }
  
      return 0;
@@ -3890,9 +3822,6 @@ void vnc_display_open(const char *id, Error **errp)
      bool reverse = false;
      const char *credid;
      bool sasl = false;
-#ifdef CONFIG_VNC_SASL
-    int saslErr;
-#endif
      int acl = 0;
      int lock_key_sync = 1;
      int key_delay_ms;
@@ -3942,15 +3871,6 @@ void vnc_display_open(const char *id, Error **errp)
      credid = qemu_opt_get(opts, "tls-creds");
      if (credid) {
          Object *creds;
-        if (qemu_opt_get(opts, "tls") ||
-            qemu_opt_get(opts, "x509") ||
-            qemu_opt_get(opts, "x509verify")) {
-            error_setg(errp,
-                       "'tls-creds' parameter is mutually exclusive with "
-                       "'tls', 'x509' and 'x509verify' parameters");
-            goto fail;
-        }
-
          creds = object_resolve_path_component(
              object_get_objects_root(), credid);
          if (!creds) {
@@ -3973,31 +3893,6 @@ void vnc_display_open(const char *id, Error **errp)
                         "Expecting TLS credentials with a server endpoint");
              goto fail;
          }
-    } else {
-        const char *path;
-        bool tls = false, x509 = false, x509verify = false;
-        tls  = qemu_opt_get_bool(opts, "tls", false);
-        if (tls) {
-            path = qemu_opt_get(opts, "x509");
-
-            if (path) {
-                x509 = true;
-            } else {
-                path = qemu_opt_get(opts, "x509verify");
-                if (path) {
-                    x509 = true;
-                    x509verify = true;
-                }
-            }
-            vd->tlscreds = vnc_display_create_creds(x509,
-                                                    x509verify,
-                                                    path,
-                                                    vd->id,
-                                                    errp);
-            if (!vd->tlscreds) {
-                goto fail;
-            }
-        }
      }
      acl = qemu_opt_get_bool(opts, "acl", false);
  
@@ -4066,10 +3961,14 @@ void vnc_display_open(const char *id, Error **errp)
      trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth);
  
  #ifdef CONFIG_VNC_SASL
-    if ((saslErr = sasl_server_init(NULL, "qemu")) != SASL_OK) {
-        error_setg(errp, "Failed to initialize SASL auth: %s",
-                   sasl_errstring(saslErr, NULL, NULL));
-        goto fail;
+    if (sasl) {
+        int saslErr = sasl_server_init(NULL, "qemu");
+
+        if (saslErr != SASL_OK) {
+            error_setg(errp, "Failed to initialize SASL auth: %s",
+                       sasl_errstring(saslErr, NULL, NULL));
+            goto fail;
+        }
      }
  #endif
      vd->lock_key_sync = lock_key_sync;
@@ -4181,11 +4080,15 @@ int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp)
      char *id = (char *)qemu_opts_id(opts);
  
      assert(id);
-    vnc_display_init(id);
+    vnc_display_init(id, &local_err);
+    if (local_err) {
+        error_propagate(errp, local_err);
+        return -1;
+    }
      vnc_display_open(id, &local_err);
      if (local_err != NULL) {
-        error_reportf_err(local_err, "Failed to start VNC server: ");
-        exit(1);
+        error_propagate(errp, local_err);
+        return -1;
      }
      return 0;
  }