xref: /openbmc/qemu/ui/vnc.c (revision e0d03b8ceb52e390b8b0a5db1762a8435dd8a44e)
13e230dd2SCorentin Chary /*
23e230dd2SCorentin Chary  * QEMU VNC display driver
33e230dd2SCorentin Chary  *
43e230dd2SCorentin Chary  * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws>
53e230dd2SCorentin Chary  * Copyright (C) 2006 Fabrice Bellard
63e230dd2SCorentin Chary  * Copyright (C) 2009 Red Hat, Inc
73e230dd2SCorentin Chary  *
83e230dd2SCorentin Chary  * Permission is hereby granted, free of charge, to any person obtaining a copy
93e230dd2SCorentin Chary  * of this software and associated documentation files (the "Software"), to deal
103e230dd2SCorentin Chary  * in the Software without restriction, including without limitation the rights
113e230dd2SCorentin Chary  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
123e230dd2SCorentin Chary  * copies of the Software, and to permit persons to whom the Software is
133e230dd2SCorentin Chary  * furnished to do so, subject to the following conditions:
143e230dd2SCorentin Chary  *
153e230dd2SCorentin Chary  * The above copyright notice and this permission notice shall be included in
163e230dd2SCorentin Chary  * all copies or substantial portions of the Software.
173e230dd2SCorentin Chary  *
183e230dd2SCorentin Chary  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
193e230dd2SCorentin Chary  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
203e230dd2SCorentin Chary  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
213e230dd2SCorentin Chary  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
223e230dd2SCorentin Chary  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
233e230dd2SCorentin Chary  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
243e230dd2SCorentin Chary  * THE SOFTWARE.
253e230dd2SCorentin Chary  */
263e230dd2SCorentin Chary 
273e230dd2SCorentin Chary #include "vnc.h"
28bd023f95SCorentin Chary #include "vnc-jobs.h"
2940066175SGerd Hoffmann #include "trace.h"
301d0d59feSGerd Hoffmann #include "hw/qdev.h"
319c17d615SPaolo Bonzini #include "sysemu/sysemu.h"
32d49b6836SMarkus Armbruster #include "qemu/error-report.h"
331de7afc9SPaolo Bonzini #include "qemu/sockets.h"
341de7afc9SPaolo Bonzini #include "qemu/timer.h"
351de7afc9SPaolo Bonzini #include "qemu/acl.h"
364db14629SGerd Hoffmann #include "qemu/config-file.h"
37cc7a8ea7SMarkus Armbruster #include "qapi/qmp/qerror.h"
387b1b5d19SPaolo Bonzini #include "qapi/qmp/types.h"
392b54aa87SLuiz Capitulino #include "qmp-commands.h"
401de7afc9SPaolo Bonzini #include "qemu/osdep.h"
418d447d10SGerd Hoffmann #include "ui/input.h"
42fb6ba0d5SWenchao Xia #include "qapi-event.h"
438e9b0d24SDaniel P. Berrange #include "crypto/hash.h"
443e305e4aSDaniel P. Berrange #include "crypto/tlscredsanon.h"
453e305e4aSDaniel P. Berrange #include "crypto/tlscredsx509.h"
463e305e4aSDaniel P. Berrange #include "qom/object_interfaces.h"
473e230dd2SCorentin Chary 
480f7b2864SGerd Hoffmann #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT
493e230dd2SCorentin Chary #define VNC_REFRESH_INTERVAL_INC  50
500f7b2864SGerd Hoffmann #define VNC_REFRESH_INTERVAL_MAX  GUI_REFRESH_INTERVAL_IDLE
51999342a0SCorentin Chary static const struct timeval VNC_REFRESH_STATS = { 0, 500000 };
52999342a0SCorentin Chary static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
533e230dd2SCorentin Chary 
543e230dd2SCorentin Chary #include "vnc_keysym.h"
55800567a6SDaniel P. Berrange #include "crypto/cipher.h"
563e230dd2SCorentin Chary 
57d616ccc5SGerd Hoffmann static QTAILQ_HEAD(, VncDisplay) vnc_displays =
58d616ccc5SGerd Hoffmann     QTAILQ_HEAD_INITIALIZER(vnc_displays);
593e230dd2SCorentin Chary 
603e230dd2SCorentin Chary static int vnc_cursor_define(VncState *vs);
617bc9318bSGerd Hoffmann static void vnc_release_modifiers(VncState *vs);
623e230dd2SCorentin Chary 
638cf36489SGerd Hoffmann static void vnc_set_share_mode(VncState *vs, VncShareMode mode)
648cf36489SGerd Hoffmann {
658cf36489SGerd Hoffmann #ifdef _VNC_DEBUG
668cf36489SGerd Hoffmann     static const char *mn[] = {
678cf36489SGerd Hoffmann         [0]                           = "undefined",
688cf36489SGerd Hoffmann         [VNC_SHARE_MODE_CONNECTING]   = "connecting",
698cf36489SGerd Hoffmann         [VNC_SHARE_MODE_SHARED]       = "shared",
708cf36489SGerd Hoffmann         [VNC_SHARE_MODE_EXCLUSIVE]    = "exclusive",
718cf36489SGerd Hoffmann         [VNC_SHARE_MODE_DISCONNECTED] = "disconnected",
728cf36489SGerd Hoffmann     };
738cf36489SGerd Hoffmann     fprintf(stderr, "%s/%d: %s -> %s\n", __func__,
748cf36489SGerd Hoffmann             vs->csock, mn[vs->share_mode], mn[mode]);
758cf36489SGerd Hoffmann #endif
768cf36489SGerd Hoffmann 
77e5f34cddSGerd Hoffmann     switch (vs->share_mode) {
78e5f34cddSGerd Hoffmann     case VNC_SHARE_MODE_CONNECTING:
79e5f34cddSGerd Hoffmann         vs->vd->num_connecting--;
80e5f34cddSGerd Hoffmann         break;
81e5f34cddSGerd Hoffmann     case VNC_SHARE_MODE_SHARED:
82e5f34cddSGerd Hoffmann         vs->vd->num_shared--;
83e5f34cddSGerd Hoffmann         break;
84e5f34cddSGerd Hoffmann     case VNC_SHARE_MODE_EXCLUSIVE:
858cf36489SGerd Hoffmann         vs->vd->num_exclusive--;
86e5f34cddSGerd Hoffmann         break;
87e5f34cddSGerd Hoffmann     default:
88e5f34cddSGerd Hoffmann         break;
898cf36489SGerd Hoffmann     }
90e5f34cddSGerd Hoffmann 
918cf36489SGerd Hoffmann     vs->share_mode = mode;
92e5f34cddSGerd Hoffmann 
93e5f34cddSGerd Hoffmann     switch (vs->share_mode) {
94e5f34cddSGerd Hoffmann     case VNC_SHARE_MODE_CONNECTING:
95e5f34cddSGerd Hoffmann         vs->vd->num_connecting++;
96e5f34cddSGerd Hoffmann         break;
97e5f34cddSGerd Hoffmann     case VNC_SHARE_MODE_SHARED:
98e5f34cddSGerd Hoffmann         vs->vd->num_shared++;
99e5f34cddSGerd Hoffmann         break;
100e5f34cddSGerd Hoffmann     case VNC_SHARE_MODE_EXCLUSIVE:
1018cf36489SGerd Hoffmann         vs->vd->num_exclusive++;
102e5f34cddSGerd Hoffmann         break;
103e5f34cddSGerd Hoffmann     default:
104e5f34cddSGerd Hoffmann         break;
1058cf36489SGerd Hoffmann     }
1068cf36489SGerd Hoffmann }
1078cf36489SGerd Hoffmann 
1083e230dd2SCorentin Chary static char *addr_to_string(const char *format,
1093e230dd2SCorentin Chary                             struct sockaddr_storage *sa,
1103e230dd2SCorentin Chary                             socklen_t salen) {
1113e230dd2SCorentin Chary     char *addr;
1123e230dd2SCorentin Chary     char host[NI_MAXHOST];
1133e230dd2SCorentin Chary     char serv[NI_MAXSERV];
1143e230dd2SCorentin Chary     int err;
1153e230dd2SCorentin Chary     size_t addrlen;
1163e230dd2SCorentin Chary 
1173e230dd2SCorentin Chary     if ((err = getnameinfo((struct sockaddr *)sa, salen,
1183e230dd2SCorentin Chary                            host, sizeof(host),
1193e230dd2SCorentin Chary                            serv, sizeof(serv),
1203e230dd2SCorentin Chary                            NI_NUMERICHOST | NI_NUMERICSERV)) != 0) {
1213e230dd2SCorentin Chary         VNC_DEBUG("Cannot resolve address %d: %s\n",
1223e230dd2SCorentin Chary                   err, gai_strerror(err));
1233e230dd2SCorentin Chary         return NULL;
1243e230dd2SCorentin Chary     }
1253e230dd2SCorentin Chary 
1263e230dd2SCorentin Chary     /* Enough for the existing format + the 2 vars we're
1273e230dd2SCorentin Chary      * substituting in. */
1283e230dd2SCorentin Chary     addrlen = strlen(format) + strlen(host) + strlen(serv);
1297267c094SAnthony Liguori     addr = g_malloc(addrlen + 1);
1303e230dd2SCorentin Chary     snprintf(addr, addrlen, format, host, serv);
1313e230dd2SCorentin Chary     addr[addrlen] = '\0';
1323e230dd2SCorentin Chary 
1333e230dd2SCorentin Chary     return addr;
1343e230dd2SCorentin Chary }
1353e230dd2SCorentin Chary 
1363e230dd2SCorentin Chary 
1373e230dd2SCorentin Chary char *vnc_socket_local_addr(const char *format, int fd) {
1383e230dd2SCorentin Chary     struct sockaddr_storage sa;
1393e230dd2SCorentin Chary     socklen_t salen;
1403e230dd2SCorentin Chary 
1413e230dd2SCorentin Chary     salen = sizeof(sa);
1423e230dd2SCorentin Chary     if (getsockname(fd, (struct sockaddr*)&sa, &salen) < 0)
1433e230dd2SCorentin Chary         return NULL;
1443e230dd2SCorentin Chary 
1453e230dd2SCorentin Chary     return addr_to_string(format, &sa, salen);
1463e230dd2SCorentin Chary }
1473e230dd2SCorentin Chary 
1483e230dd2SCorentin Chary char *vnc_socket_remote_addr(const char *format, int fd) {
1493e230dd2SCorentin Chary     struct sockaddr_storage sa;
1503e230dd2SCorentin Chary     socklen_t salen;
1513e230dd2SCorentin Chary 
1523e230dd2SCorentin Chary     salen = sizeof(sa);
1533e230dd2SCorentin Chary     if (getpeername(fd, (struct sockaddr*)&sa, &salen) < 0)
1543e230dd2SCorentin Chary         return NULL;
1553e230dd2SCorentin Chary 
1563e230dd2SCorentin Chary     return addr_to_string(format, &sa, salen);
1573e230dd2SCorentin Chary }
1583e230dd2SCorentin Chary 
159fb6ba0d5SWenchao Xia static VncBasicInfo *vnc_basic_info_get(struct sockaddr_storage *sa,
1603e230dd2SCorentin Chary                                         socklen_t salen)
1613e230dd2SCorentin Chary {
162fb6ba0d5SWenchao Xia     VncBasicInfo *info;
1633e230dd2SCorentin Chary     char host[NI_MAXHOST];
1643e230dd2SCorentin Chary     char serv[NI_MAXSERV];
1653e230dd2SCorentin Chary     int err;
1663e230dd2SCorentin Chary 
1673e230dd2SCorentin Chary     if ((err = getnameinfo((struct sockaddr *)sa, salen,
1683e230dd2SCorentin Chary                            host, sizeof(host),
1693e230dd2SCorentin Chary                            serv, sizeof(serv),
1703e230dd2SCorentin Chary                            NI_NUMERICHOST | NI_NUMERICSERV)) != 0) {
1713e230dd2SCorentin Chary         VNC_DEBUG("Cannot resolve address %d: %s\n",
1723e230dd2SCorentin Chary                   err, gai_strerror(err));
173fb6ba0d5SWenchao Xia         return NULL;
1743e230dd2SCorentin Chary     }
1753e230dd2SCorentin Chary 
176fb6ba0d5SWenchao Xia     info = g_malloc0(sizeof(VncBasicInfo));
177fb6ba0d5SWenchao Xia     info->host = g_strdup(host);
178fb6ba0d5SWenchao Xia     info->service = g_strdup(serv);
179fb6ba0d5SWenchao Xia     info->family = inet_netfamily(sa->ss_family);
180fb6ba0d5SWenchao Xia     return info;
1813e230dd2SCorentin Chary }
1823e230dd2SCorentin Chary 
183fb6ba0d5SWenchao Xia static VncBasicInfo *vnc_basic_info_get_from_server_addr(int fd)
1843e230dd2SCorentin Chary {
1853e230dd2SCorentin Chary     struct sockaddr_storage sa;
1863e230dd2SCorentin Chary     socklen_t salen;
1873e230dd2SCorentin Chary 
1883e230dd2SCorentin Chary     salen = sizeof(sa);
1893e230dd2SCorentin Chary     if (getsockname(fd, (struct sockaddr*)&sa, &salen) < 0) {
190fb6ba0d5SWenchao Xia         return NULL;
1913e230dd2SCorentin Chary     }
1923e230dd2SCorentin Chary 
193fb6ba0d5SWenchao Xia     return vnc_basic_info_get(&sa, salen);
1943e230dd2SCorentin Chary }
1953e230dd2SCorentin Chary 
196fb6ba0d5SWenchao Xia static VncBasicInfo *vnc_basic_info_get_from_remote_addr(int fd)
1973e230dd2SCorentin Chary {
1983e230dd2SCorentin Chary     struct sockaddr_storage sa;
1993e230dd2SCorentin Chary     socklen_t salen;
2003e230dd2SCorentin Chary 
2013e230dd2SCorentin Chary     salen = sizeof(sa);
2023e230dd2SCorentin Chary     if (getpeername(fd, (struct sockaddr*)&sa, &salen) < 0) {
203fb6ba0d5SWenchao Xia         return NULL;
2043e230dd2SCorentin Chary     }
2053e230dd2SCorentin Chary 
206fb6ba0d5SWenchao Xia     return vnc_basic_info_get(&sa, salen);
2073e230dd2SCorentin Chary }
2083e230dd2SCorentin Chary 
2093e230dd2SCorentin Chary static const char *vnc_auth_name(VncDisplay *vd) {
2103e230dd2SCorentin Chary     switch (vd->auth) {
2113e230dd2SCorentin Chary     case VNC_AUTH_INVALID:
2123e230dd2SCorentin Chary         return "invalid";
2133e230dd2SCorentin Chary     case VNC_AUTH_NONE:
2143e230dd2SCorentin Chary         return "none";
2153e230dd2SCorentin Chary     case VNC_AUTH_VNC:
2163e230dd2SCorentin Chary         return "vnc";
2173e230dd2SCorentin Chary     case VNC_AUTH_RA2:
2183e230dd2SCorentin Chary         return "ra2";
2193e230dd2SCorentin Chary     case VNC_AUTH_RA2NE:
2203e230dd2SCorentin Chary         return "ra2ne";
2213e230dd2SCorentin Chary     case VNC_AUTH_TIGHT:
2223e230dd2SCorentin Chary         return "tight";
2233e230dd2SCorentin Chary     case VNC_AUTH_ULTRA:
2243e230dd2SCorentin Chary         return "ultra";
2253e230dd2SCorentin Chary     case VNC_AUTH_TLS:
2263e230dd2SCorentin Chary         return "tls";
2273e230dd2SCorentin Chary     case VNC_AUTH_VENCRYPT:
2283e230dd2SCorentin Chary         switch (vd->subauth) {
2293e230dd2SCorentin Chary         case VNC_AUTH_VENCRYPT_PLAIN:
2303e230dd2SCorentin Chary             return "vencrypt+plain";
2313e230dd2SCorentin Chary         case VNC_AUTH_VENCRYPT_TLSNONE:
2323e230dd2SCorentin Chary             return "vencrypt+tls+none";
2333e230dd2SCorentin Chary         case VNC_AUTH_VENCRYPT_TLSVNC:
2343e230dd2SCorentin Chary             return "vencrypt+tls+vnc";
2353e230dd2SCorentin Chary         case VNC_AUTH_VENCRYPT_TLSPLAIN:
2363e230dd2SCorentin Chary             return "vencrypt+tls+plain";
2373e230dd2SCorentin Chary         case VNC_AUTH_VENCRYPT_X509NONE:
2383e230dd2SCorentin Chary             return "vencrypt+x509+none";
2393e230dd2SCorentin Chary         case VNC_AUTH_VENCRYPT_X509VNC:
2403e230dd2SCorentin Chary             return "vencrypt+x509+vnc";
2413e230dd2SCorentin Chary         case VNC_AUTH_VENCRYPT_X509PLAIN:
2423e230dd2SCorentin Chary             return "vencrypt+x509+plain";
2433e230dd2SCorentin Chary         case VNC_AUTH_VENCRYPT_TLSSASL:
2443e230dd2SCorentin Chary             return "vencrypt+tls+sasl";
2453e230dd2SCorentin Chary         case VNC_AUTH_VENCRYPT_X509SASL:
2463e230dd2SCorentin Chary             return "vencrypt+x509+sasl";
2473e230dd2SCorentin Chary         default:
2483e230dd2SCorentin Chary             return "vencrypt";
2493e230dd2SCorentin Chary         }
2503e230dd2SCorentin Chary     case VNC_AUTH_SASL:
2513e230dd2SCorentin Chary         return "sasl";
2523e230dd2SCorentin Chary     }
2533e230dd2SCorentin Chary     return "unknown";
2543e230dd2SCorentin Chary }
2553e230dd2SCorentin Chary 
256d616ccc5SGerd Hoffmann static VncServerInfo *vnc_server_info_get(VncDisplay *vd)
2573e230dd2SCorentin Chary {
258fb6ba0d5SWenchao Xia     VncServerInfo *info;
259d616ccc5SGerd Hoffmann     VncBasicInfo *bi = vnc_basic_info_get_from_server_addr(vd->lsock);
260fb6ba0d5SWenchao Xia     if (!bi) {
261fb6ba0d5SWenchao Xia         return NULL;
2623e230dd2SCorentin Chary     }
2633e230dd2SCorentin Chary 
264fb6ba0d5SWenchao Xia     info = g_malloc(sizeof(*info));
265fb6ba0d5SWenchao Xia     info->base = bi;
266fb6ba0d5SWenchao Xia     info->has_auth = true;
267d616ccc5SGerd Hoffmann     info->auth = g_strdup(vnc_auth_name(vd));
268fb6ba0d5SWenchao Xia     return info;
2693e230dd2SCorentin Chary }
2703e230dd2SCorentin Chary 
2713e230dd2SCorentin Chary static void vnc_client_cache_auth(VncState *client)
2723e230dd2SCorentin Chary {
2733e230dd2SCorentin Chary     if (!client->info) {
2743e230dd2SCorentin Chary         return;
2753e230dd2SCorentin Chary     }
2763e230dd2SCorentin Chary 
2773e305e4aSDaniel P. Berrange     if (client->tls) {
2783e305e4aSDaniel P. Berrange         client->info->x509_dname =
2793e305e4aSDaniel P. Berrange             qcrypto_tls_session_get_peer_name(client->tls);
2803e305e4aSDaniel P. Berrange         client->info->has_x509_dname =
2813e305e4aSDaniel P. Berrange             client->info->x509_dname != NULL;
2823e230dd2SCorentin Chary     }
2833e230dd2SCorentin Chary #ifdef CONFIG_VNC_SASL
2843e230dd2SCorentin Chary     if (client->sasl.conn &&
2853e230dd2SCorentin Chary         client->sasl.username) {
286fb6ba0d5SWenchao Xia         client->info->has_sasl_username = true;
287fb6ba0d5SWenchao Xia         client->info->sasl_username = g_strdup(client->sasl.username);
2883e230dd2SCorentin Chary     }
2893e230dd2SCorentin Chary #endif
2903e230dd2SCorentin Chary }
2913e230dd2SCorentin Chary 
2923e230dd2SCorentin Chary static void vnc_client_cache_addr(VncState *client)
2933e230dd2SCorentin Chary {
294fb6ba0d5SWenchao Xia     VncBasicInfo *bi = vnc_basic_info_get_from_remote_addr(client->csock);
2953e230dd2SCorentin Chary 
296fb6ba0d5SWenchao Xia     if (bi) {
297fb6ba0d5SWenchao Xia         client->info = g_malloc0(sizeof(*client->info));
298fb6ba0d5SWenchao Xia         client->info->base = bi;
299fb6ba0d5SWenchao Xia     }
3003e230dd2SCorentin Chary }
3013e230dd2SCorentin Chary 
302fb6ba0d5SWenchao Xia static void vnc_qmp_event(VncState *vs, QAPIEvent event)
3033e230dd2SCorentin Chary {
304fb6ba0d5SWenchao Xia     VncServerInfo *si;
3053e230dd2SCorentin Chary 
3063e230dd2SCorentin Chary     if (!vs->info) {
3073e230dd2SCorentin Chary         return;
3083e230dd2SCorentin Chary     }
309fb6ba0d5SWenchao Xia     g_assert(vs->info->base);
3103e230dd2SCorentin Chary 
311d616ccc5SGerd Hoffmann     si = vnc_server_info_get(vs->vd);
312fb6ba0d5SWenchao Xia     if (!si) {
3133e230dd2SCorentin Chary         return;
3143e230dd2SCorentin Chary     }
3153e230dd2SCorentin Chary 
316fb6ba0d5SWenchao Xia     switch (event) {
317fb6ba0d5SWenchao Xia     case QAPI_EVENT_VNC_CONNECTED:
318fb6ba0d5SWenchao Xia         qapi_event_send_vnc_connected(si, vs->info->base, &error_abort);
319fb6ba0d5SWenchao Xia         break;
320fb6ba0d5SWenchao Xia     case QAPI_EVENT_VNC_INITIALIZED:
321fb6ba0d5SWenchao Xia         qapi_event_send_vnc_initialized(si, vs->info, &error_abort);
322fb6ba0d5SWenchao Xia         break;
323fb6ba0d5SWenchao Xia     case QAPI_EVENT_VNC_DISCONNECTED:
324fb6ba0d5SWenchao Xia         qapi_event_send_vnc_disconnected(si, vs->info, &error_abort);
325fb6ba0d5SWenchao Xia         break;
326fb6ba0d5SWenchao Xia     default:
327fb6ba0d5SWenchao Xia         break;
328fb6ba0d5SWenchao Xia     }
3293e230dd2SCorentin Chary 
330fb6ba0d5SWenchao Xia     qapi_free_VncServerInfo(si);
3313e230dd2SCorentin Chary }
3323e230dd2SCorentin Chary 
3332b54aa87SLuiz Capitulino static VncClientInfo *qmp_query_vnc_client(const VncState *client)
3343e230dd2SCorentin Chary {
3352b54aa87SLuiz Capitulino     struct sockaddr_storage sa;
3362b54aa87SLuiz Capitulino     socklen_t salen = sizeof(sa);
3372b54aa87SLuiz Capitulino     char host[NI_MAXHOST];
3382b54aa87SLuiz Capitulino     char serv[NI_MAXSERV];
3392b54aa87SLuiz Capitulino     VncClientInfo *info;
3403e230dd2SCorentin Chary 
3412b54aa87SLuiz Capitulino     if (getpeername(client->csock, (struct sockaddr *)&sa, &salen) < 0) {
3422b54aa87SLuiz Capitulino         return NULL;
3432b54aa87SLuiz Capitulino     }
3442b54aa87SLuiz Capitulino 
3452b54aa87SLuiz Capitulino     if (getnameinfo((struct sockaddr *)&sa, salen,
3462b54aa87SLuiz Capitulino                     host, sizeof(host),
3472b54aa87SLuiz Capitulino                     serv, sizeof(serv),
3482b54aa87SLuiz Capitulino                     NI_NUMERICHOST | NI_NUMERICSERV) < 0) {
3492b54aa87SLuiz Capitulino         return NULL;
3502b54aa87SLuiz Capitulino     }
3512b54aa87SLuiz Capitulino 
3522b54aa87SLuiz Capitulino     info = g_malloc0(sizeof(*info));
353a589569fSWenchao Xia     info->base = g_malloc0(sizeof(*info->base));
354a589569fSWenchao Xia     info->base->host = g_strdup(host);
355a589569fSWenchao Xia     info->base->service = g_strdup(serv);
356a589569fSWenchao Xia     info->base->family = inet_netfamily(sa.ss_family);
3574478aa76SGerd Hoffmann     info->base->websocket = client->websocket;
3583e230dd2SCorentin Chary 
3593e305e4aSDaniel P. Berrange     if (client->tls) {
3603e305e4aSDaniel P. Berrange         info->x509_dname = qcrypto_tls_session_get_peer_name(client->tls);
3613e305e4aSDaniel P. Berrange         info->has_x509_dname = info->x509_dname != NULL;
3622b54aa87SLuiz Capitulino     }
3633e230dd2SCorentin Chary #ifdef CONFIG_VNC_SASL
3642b54aa87SLuiz Capitulino     if (client->sasl.conn && client->sasl.username) {
3652b54aa87SLuiz Capitulino         info->has_sasl_username = true;
3662b54aa87SLuiz Capitulino         info->sasl_username = g_strdup(client->sasl.username);
3672b54aa87SLuiz Capitulino     }
3683e230dd2SCorentin Chary #endif
3692b54aa87SLuiz Capitulino 
3702b54aa87SLuiz Capitulino     return info;
3713e230dd2SCorentin Chary }
3723e230dd2SCorentin Chary 
373d616ccc5SGerd Hoffmann static VncDisplay *vnc_display_find(const char *id)
374d616ccc5SGerd Hoffmann {
375d616ccc5SGerd Hoffmann     VncDisplay *vd;
376d616ccc5SGerd Hoffmann 
377d616ccc5SGerd Hoffmann     if (id == NULL) {
378d616ccc5SGerd Hoffmann         return QTAILQ_FIRST(&vnc_displays);
379d616ccc5SGerd Hoffmann     }
380d616ccc5SGerd Hoffmann     QTAILQ_FOREACH(vd, &vnc_displays, next) {
381d616ccc5SGerd Hoffmann         if (strcmp(id, vd->id) == 0) {
382d616ccc5SGerd Hoffmann             return vd;
383d616ccc5SGerd Hoffmann         }
384d616ccc5SGerd Hoffmann     }
385d616ccc5SGerd Hoffmann     return NULL;
386d616ccc5SGerd Hoffmann }
387d616ccc5SGerd Hoffmann 
3882d29a436SGerd Hoffmann static VncClientInfoList *qmp_query_client_list(VncDisplay *vd)
3892d29a436SGerd Hoffmann {
3902d29a436SGerd Hoffmann     VncClientInfoList *cinfo, *prev = NULL;
3912d29a436SGerd Hoffmann     VncState *client;
3922d29a436SGerd Hoffmann 
3932d29a436SGerd Hoffmann     QTAILQ_FOREACH(client, &vd->clients, next) {
3942d29a436SGerd Hoffmann         cinfo = g_new0(VncClientInfoList, 1);
3952d29a436SGerd Hoffmann         cinfo->value = qmp_query_vnc_client(client);
3962d29a436SGerd Hoffmann         cinfo->next = prev;
3972d29a436SGerd Hoffmann         prev = cinfo;
3982d29a436SGerd Hoffmann     }
3992d29a436SGerd Hoffmann     return prev;
4002d29a436SGerd Hoffmann }
4012d29a436SGerd Hoffmann 
4022b54aa87SLuiz Capitulino VncInfo *qmp_query_vnc(Error **errp)
4033e230dd2SCorentin Chary {
4042b54aa87SLuiz Capitulino     VncInfo *info = g_malloc0(sizeof(*info));
405d616ccc5SGerd Hoffmann     VncDisplay *vd = vnc_display_find(NULL);
4063e230dd2SCorentin Chary 
407bf7aa45eSGerd Hoffmann     if (vd == NULL || !vd->enabled) {
4082b54aa87SLuiz Capitulino         info->enabled = false;
4093e230dd2SCorentin Chary     } else {
4102b54aa87SLuiz Capitulino         struct sockaddr_storage sa;
4112b54aa87SLuiz Capitulino         socklen_t salen = sizeof(sa);
4122b54aa87SLuiz Capitulino         char host[NI_MAXHOST];
4132b54aa87SLuiz Capitulino         char serv[NI_MAXSERV];
4143e230dd2SCorentin Chary 
4152b54aa87SLuiz Capitulino         info->enabled = true;
4162b54aa87SLuiz Capitulino 
4172b54aa87SLuiz Capitulino         /* for compatibility with the original command */
4182b54aa87SLuiz Capitulino         info->has_clients = true;
4192d29a436SGerd Hoffmann         info->clients = qmp_query_client_list(vd);
4203e230dd2SCorentin Chary 
421d616ccc5SGerd Hoffmann         if (vd->lsock == -1) {
422417b0b88SPaolo Bonzini             return info;
423417b0b88SPaolo Bonzini         }
424417b0b88SPaolo Bonzini 
425d616ccc5SGerd Hoffmann         if (getsockname(vd->lsock, (struct sockaddr *)&sa,
4262b54aa87SLuiz Capitulino                         &salen) == -1) {
427c6bd8c70SMarkus Armbruster             error_setg(errp, QERR_UNDEFINED_ERROR);
4282b54aa87SLuiz Capitulino             goto out_error;
4292b54aa87SLuiz Capitulino         }
4303e230dd2SCorentin Chary 
4312b54aa87SLuiz Capitulino         if (getnameinfo((struct sockaddr *)&sa, salen,
4322b54aa87SLuiz Capitulino                         host, sizeof(host),
4332b54aa87SLuiz Capitulino                         serv, sizeof(serv),
4342b54aa87SLuiz Capitulino                         NI_NUMERICHOST | NI_NUMERICSERV) < 0) {
435c6bd8c70SMarkus Armbruster             error_setg(errp, QERR_UNDEFINED_ERROR);
4362b54aa87SLuiz Capitulino             goto out_error;
4373e230dd2SCorentin Chary         }
4382b54aa87SLuiz Capitulino 
4392b54aa87SLuiz Capitulino         info->has_host = true;
4402b54aa87SLuiz Capitulino         info->host = g_strdup(host);
4412b54aa87SLuiz Capitulino 
4422b54aa87SLuiz Capitulino         info->has_service = true;
4432b54aa87SLuiz Capitulino         info->service = g_strdup(serv);
4442b54aa87SLuiz Capitulino 
4452b54aa87SLuiz Capitulino         info->has_family = true;
446a589569fSWenchao Xia         info->family = inet_netfamily(sa.ss_family);
4472b54aa87SLuiz Capitulino 
4482b54aa87SLuiz Capitulino         info->has_auth = true;
449d616ccc5SGerd Hoffmann         info->auth = g_strdup(vnc_auth_name(vd));
4503e230dd2SCorentin Chary     }
4512b54aa87SLuiz Capitulino 
4522b54aa87SLuiz Capitulino     return info;
4532b54aa87SLuiz Capitulino 
4542b54aa87SLuiz Capitulino out_error:
4552b54aa87SLuiz Capitulino     qapi_free_VncInfo(info);
4562b54aa87SLuiz Capitulino     return NULL;
4573e230dd2SCorentin Chary }
4583e230dd2SCorentin Chary 
459df887684SGerd Hoffmann static VncBasicInfoList *qmp_query_server_entry(int socket,
4604478aa76SGerd Hoffmann                                                 bool websocket,
461df887684SGerd Hoffmann                                                 VncBasicInfoList *prev)
462df887684SGerd Hoffmann {
463df887684SGerd Hoffmann     VncBasicInfoList *list;
464df887684SGerd Hoffmann     VncBasicInfo *info;
465df887684SGerd Hoffmann     struct sockaddr_storage sa;
466df887684SGerd Hoffmann     socklen_t salen = sizeof(sa);
467df887684SGerd Hoffmann     char host[NI_MAXHOST];
468df887684SGerd Hoffmann     char serv[NI_MAXSERV];
469df887684SGerd Hoffmann 
470df887684SGerd Hoffmann     if (getsockname(socket, (struct sockaddr *)&sa, &salen) < 0 ||
471df887684SGerd Hoffmann         getnameinfo((struct sockaddr *)&sa, salen,
472df887684SGerd Hoffmann                     host, sizeof(host), serv, sizeof(serv),
473df887684SGerd Hoffmann                     NI_NUMERICHOST | NI_NUMERICSERV) < 0) {
474df887684SGerd Hoffmann         return prev;
475df887684SGerd Hoffmann     }
476df887684SGerd Hoffmann 
477df887684SGerd Hoffmann     info = g_new0(VncBasicInfo, 1);
478df887684SGerd Hoffmann     info->host = g_strdup(host);
479df887684SGerd Hoffmann     info->service = g_strdup(serv);
480df887684SGerd Hoffmann     info->family = inet_netfamily(sa.ss_family);
4814478aa76SGerd Hoffmann     info->websocket = websocket;
482df887684SGerd Hoffmann 
483df887684SGerd Hoffmann     list = g_new0(VncBasicInfoList, 1);
484df887684SGerd Hoffmann     list->value = info;
485df887684SGerd Hoffmann     list->next = prev;
486df887684SGerd Hoffmann     return list;
487df887684SGerd Hoffmann }
488df887684SGerd Hoffmann 
489df887684SGerd Hoffmann static void qmp_query_auth(VncDisplay *vd, VncInfo2 *info)
490df887684SGerd Hoffmann {
491df887684SGerd Hoffmann     switch (vd->auth) {
492df887684SGerd Hoffmann     case VNC_AUTH_VNC:
493df887684SGerd Hoffmann         info->auth = VNC_PRIMARY_AUTH_VNC;
494df887684SGerd Hoffmann         break;
495df887684SGerd Hoffmann     case VNC_AUTH_RA2:
496df887684SGerd Hoffmann         info->auth = VNC_PRIMARY_AUTH_RA2;
497df887684SGerd Hoffmann         break;
498df887684SGerd Hoffmann     case VNC_AUTH_RA2NE:
499df887684SGerd Hoffmann         info->auth = VNC_PRIMARY_AUTH_RA2NE;
500df887684SGerd Hoffmann         break;
501df887684SGerd Hoffmann     case VNC_AUTH_TIGHT:
502df887684SGerd Hoffmann         info->auth = VNC_PRIMARY_AUTH_TIGHT;
503df887684SGerd Hoffmann         break;
504df887684SGerd Hoffmann     case VNC_AUTH_ULTRA:
505df887684SGerd Hoffmann         info->auth = VNC_PRIMARY_AUTH_ULTRA;
506df887684SGerd Hoffmann         break;
507df887684SGerd Hoffmann     case VNC_AUTH_TLS:
508df887684SGerd Hoffmann         info->auth = VNC_PRIMARY_AUTH_TLS;
509df887684SGerd Hoffmann         break;
510df887684SGerd Hoffmann     case VNC_AUTH_VENCRYPT:
511df887684SGerd Hoffmann         info->auth = VNC_PRIMARY_AUTH_VENCRYPT;
512df887684SGerd Hoffmann         info->has_vencrypt = true;
513df887684SGerd Hoffmann         switch (vd->subauth) {
514df887684SGerd Hoffmann         case VNC_AUTH_VENCRYPT_PLAIN:
515df887684SGerd Hoffmann             info->vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN;
516df887684SGerd Hoffmann             break;
517df887684SGerd Hoffmann         case VNC_AUTH_VENCRYPT_TLSNONE:
518df887684SGerd Hoffmann             info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE;
519df887684SGerd Hoffmann             break;
520df887684SGerd Hoffmann         case VNC_AUTH_VENCRYPT_TLSVNC:
521df887684SGerd Hoffmann             info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC;
522df887684SGerd Hoffmann             break;
523df887684SGerd Hoffmann         case VNC_AUTH_VENCRYPT_TLSPLAIN:
524df887684SGerd Hoffmann             info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN;
525df887684SGerd Hoffmann             break;
526df887684SGerd Hoffmann         case VNC_AUTH_VENCRYPT_X509NONE:
527df887684SGerd Hoffmann             info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE;
528df887684SGerd Hoffmann             break;
529df887684SGerd Hoffmann         case VNC_AUTH_VENCRYPT_X509VNC:
530df887684SGerd Hoffmann             info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC;
531df887684SGerd Hoffmann             break;
532df887684SGerd Hoffmann         case VNC_AUTH_VENCRYPT_X509PLAIN:
533df887684SGerd Hoffmann             info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN;
534df887684SGerd Hoffmann             break;
535df887684SGerd Hoffmann         case VNC_AUTH_VENCRYPT_TLSSASL:
536df887684SGerd Hoffmann             info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL;
537df887684SGerd Hoffmann             break;
538df887684SGerd Hoffmann         case VNC_AUTH_VENCRYPT_X509SASL:
539df887684SGerd Hoffmann             info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL;
540df887684SGerd Hoffmann             break;
541df887684SGerd Hoffmann         default:
542df887684SGerd Hoffmann             info->has_vencrypt = false;
543df887684SGerd Hoffmann             break;
544df887684SGerd Hoffmann         }
545df887684SGerd Hoffmann         break;
546df887684SGerd Hoffmann     case VNC_AUTH_SASL:
547df887684SGerd Hoffmann         info->auth = VNC_PRIMARY_AUTH_SASL;
548df887684SGerd Hoffmann         break;
549df887684SGerd Hoffmann     case VNC_AUTH_NONE:
550df887684SGerd Hoffmann     default:
551df887684SGerd Hoffmann         info->auth = VNC_PRIMARY_AUTH_NONE;
552df887684SGerd Hoffmann         break;
553df887684SGerd Hoffmann     }
554df887684SGerd Hoffmann }
555df887684SGerd Hoffmann 
556df887684SGerd Hoffmann VncInfo2List *qmp_query_vnc_servers(Error **errp)
557df887684SGerd Hoffmann {
558df887684SGerd Hoffmann     VncInfo2List *item, *prev = NULL;
559df887684SGerd Hoffmann     VncInfo2 *info;
560df887684SGerd Hoffmann     VncDisplay *vd;
561df887684SGerd Hoffmann     DeviceState *dev;
562df887684SGerd Hoffmann 
563df887684SGerd Hoffmann     QTAILQ_FOREACH(vd, &vnc_displays, next) {
564df887684SGerd Hoffmann         info = g_new0(VncInfo2, 1);
565df887684SGerd Hoffmann         info->id = g_strdup(vd->id);
566df887684SGerd Hoffmann         info->clients = qmp_query_client_list(vd);
567df887684SGerd Hoffmann         qmp_query_auth(vd, info);
568df887684SGerd Hoffmann         if (vd->dcl.con) {
569df887684SGerd Hoffmann             dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con),
570df887684SGerd Hoffmann                                                   "device", NULL));
571df887684SGerd Hoffmann             info->has_display = true;
572df887684SGerd Hoffmann             info->display = g_strdup(dev->id);
573df887684SGerd Hoffmann         }
574df887684SGerd Hoffmann         if (vd->lsock != -1) {
5754478aa76SGerd Hoffmann             info->server = qmp_query_server_entry(vd->lsock, false,
576df887684SGerd Hoffmann                                                   info->server);
577df887684SGerd Hoffmann         }
578df887684SGerd Hoffmann         if (vd->lwebsock != -1) {
5794478aa76SGerd Hoffmann             info->server = qmp_query_server_entry(vd->lwebsock, true,
5804478aa76SGerd Hoffmann                                                   info->server);
581df887684SGerd Hoffmann         }
582df887684SGerd Hoffmann 
583df887684SGerd Hoffmann         item = g_new0(VncInfo2List, 1);
584df887684SGerd Hoffmann         item->value = info;
585df887684SGerd Hoffmann         item->next = prev;
586df887684SGerd Hoffmann         prev = item;
587df887684SGerd Hoffmann     }
588df887684SGerd Hoffmann     return prev;
589df887684SGerd Hoffmann }
590df887684SGerd Hoffmann 
5913e230dd2SCorentin Chary /* TODO
5923e230dd2SCorentin Chary    1) Get the queue working for IO.
5933e230dd2SCorentin Chary    2) there is some weirdness when using the -S option (the screen is grey
5943e230dd2SCorentin Chary       and not totally invalidated
5953e230dd2SCorentin Chary    3) resolutions > 1024
5963e230dd2SCorentin Chary */
5973e230dd2SCorentin Chary 
59838ee14f4SGerd Hoffmann static int vnc_update_client(VncState *vs, int has_dirty, bool sync);
5993e230dd2SCorentin Chary static void vnc_disconnect_start(VncState *vs);
6003e230dd2SCorentin Chary 
6013e230dd2SCorentin Chary static void vnc_colordepth(VncState *vs);
6023e230dd2SCorentin Chary static void framebuffer_update_request(VncState *vs, int incremental,
6033e230dd2SCorentin Chary                                        int x_position, int y_position,
6043e230dd2SCorentin Chary                                        int w, int h);
6050f7b2864SGerd Hoffmann static void vnc_refresh(DisplayChangeListener *dcl);
6063e230dd2SCorentin Chary static int vnc_refresh_server_surface(VncDisplay *vd);
6073e230dd2SCorentin Chary 
608bea60dd7SPeter Lieven static void vnc_set_area_dirty(DECLARE_BITMAP(dirty[VNC_MAX_HEIGHT],
609bea60dd7SPeter Lieven                                VNC_MAX_WIDTH / VNC_DIRTY_PIXELS_PER_BIT),
610bea60dd7SPeter Lieven                                int width, int height,
611bea60dd7SPeter Lieven                                int x, int y, int w, int h) {
61291937225SPeter Lieven     /* this is needed this to ensure we updated all affected
61391937225SPeter Lieven      * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */
614b4c85ddcSPeter Lieven     w += (x % VNC_DIRTY_PIXELS_PER_BIT);
615b4c85ddcSPeter Lieven     x -= (x % VNC_DIRTY_PIXELS_PER_BIT);
6163e230dd2SCorentin Chary 
6179f64916dSGerd Hoffmann     x = MIN(x, width);
6189f64916dSGerd Hoffmann     y = MIN(y, height);
6199f64916dSGerd Hoffmann     w = MIN(x + w, width) - x;
62091937225SPeter Lieven     h = MIN(y + h, height);
6213e230dd2SCorentin Chary 
622b4c85ddcSPeter Lieven     for (; y < h; y++) {
623bea60dd7SPeter Lieven         bitmap_set(dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT,
62491937225SPeter Lieven                    DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT));
625b4c85ddcSPeter Lieven     }
6263e230dd2SCorentin Chary }
6273e230dd2SCorentin Chary 
628bea60dd7SPeter Lieven static void vnc_dpy_update(DisplayChangeListener *dcl,
629bea60dd7SPeter Lieven                            int x, int y, int w, int h)
630bea60dd7SPeter Lieven {
631bea60dd7SPeter Lieven     VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
632bea60dd7SPeter Lieven     struct VncSurface *s = &vd->guest;
633bea60dd7SPeter Lieven     int width = pixman_image_get_width(vd->server);
634bea60dd7SPeter Lieven     int height = pixman_image_get_height(vd->server);
635bea60dd7SPeter Lieven 
636bea60dd7SPeter Lieven     vnc_set_area_dirty(s->dirty, width, height, x, y, w, h);
637bea60dd7SPeter Lieven }
638bea60dd7SPeter Lieven 
6393e230dd2SCorentin Chary void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h,
6403e230dd2SCorentin Chary                             int32_t encoding)
6413e230dd2SCorentin Chary {
6423e230dd2SCorentin Chary     vnc_write_u16(vs, x);
6433e230dd2SCorentin Chary     vnc_write_u16(vs, y);
6443e230dd2SCorentin Chary     vnc_write_u16(vs, w);
6453e230dd2SCorentin Chary     vnc_write_u16(vs, h);
6463e230dd2SCorentin Chary 
6473e230dd2SCorentin Chary     vnc_write_s32(vs, encoding);
6483e230dd2SCorentin Chary }
6493e230dd2SCorentin Chary 
6503e230dd2SCorentin Chary void buffer_reserve(Buffer *buffer, size_t len)
6513e230dd2SCorentin Chary {
6523e230dd2SCorentin Chary     if ((buffer->capacity - buffer->offset) < len) {
6533e230dd2SCorentin Chary         buffer->capacity += (len + 1024);
6547267c094SAnthony Liguori         buffer->buffer = g_realloc(buffer->buffer, buffer->capacity);
6553e230dd2SCorentin Chary     }
6563e230dd2SCorentin Chary }
6573e230dd2SCorentin Chary 
65871a8cdecSBlue Swirl static int buffer_empty(Buffer *buffer)
6593e230dd2SCorentin Chary {
6603e230dd2SCorentin Chary     return buffer->offset == 0;
6613e230dd2SCorentin Chary }
6623e230dd2SCorentin Chary 
6637536ee4bSTim Hardeck uint8_t *buffer_end(Buffer *buffer)
6643e230dd2SCorentin Chary {
6653e230dd2SCorentin Chary     return buffer->buffer + buffer->offset;
6663e230dd2SCorentin Chary }
6673e230dd2SCorentin Chary 
6683e230dd2SCorentin Chary void buffer_reset(Buffer *buffer)
6693e230dd2SCorentin Chary {
6703e230dd2SCorentin Chary         buffer->offset = 0;
6713e230dd2SCorentin Chary }
6723e230dd2SCorentin Chary 
6733e230dd2SCorentin Chary void buffer_free(Buffer *buffer)
6743e230dd2SCorentin Chary {
6757267c094SAnthony Liguori     g_free(buffer->buffer);
6763e230dd2SCorentin Chary     buffer->offset = 0;
6773e230dd2SCorentin Chary     buffer->capacity = 0;
6783e230dd2SCorentin Chary     buffer->buffer = NULL;
6793e230dd2SCorentin Chary }
6803e230dd2SCorentin Chary 
6813e230dd2SCorentin Chary void buffer_append(Buffer *buffer, const void *data, size_t len)
6823e230dd2SCorentin Chary {
6833e230dd2SCorentin Chary     memcpy(buffer->buffer + buffer->offset, data, len);
6843e230dd2SCorentin Chary     buffer->offset += len;
6853e230dd2SCorentin Chary }
6863e230dd2SCorentin Chary 
68732ed2680STim Hardeck void buffer_advance(Buffer *buf, size_t len)
68832ed2680STim Hardeck {
68932ed2680STim Hardeck     memmove(buf->buffer, buf->buffer + len,
69032ed2680STim Hardeck             (buf->offset - len));
69132ed2680STim Hardeck     buf->offset -= len;
69232ed2680STim Hardeck }
69332ed2680STim Hardeck 
6943e230dd2SCorentin Chary static void vnc_desktop_resize(VncState *vs)
6953e230dd2SCorentin Chary {
6963e230dd2SCorentin Chary     if (vs->csock == -1 || !vnc_has_feature(vs, VNC_FEATURE_RESIZE)) {
6973e230dd2SCorentin Chary         return;
6983e230dd2SCorentin Chary     }
699bea60dd7SPeter Lieven     if (vs->client_width == pixman_image_get_width(vs->vd->server) &&
700bea60dd7SPeter Lieven         vs->client_height == pixman_image_get_height(vs->vd->server)) {
7013e230dd2SCorentin Chary         return;
7023e230dd2SCorentin Chary     }
703bea60dd7SPeter Lieven     vs->client_width = pixman_image_get_width(vs->vd->server);
704bea60dd7SPeter Lieven     vs->client_height = pixman_image_get_height(vs->vd->server);
705bd023f95SCorentin Chary     vnc_lock_output(vs);
7063e230dd2SCorentin Chary     vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
7073e230dd2SCorentin Chary     vnc_write_u8(vs, 0);
7083e230dd2SCorentin Chary     vnc_write_u16(vs, 1); /* number of rects */
7093e230dd2SCorentin Chary     vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height,
7103e230dd2SCorentin Chary                            VNC_ENCODING_DESKTOPRESIZE);
711bd023f95SCorentin Chary     vnc_unlock_output(vs);
7123e230dd2SCorentin Chary     vnc_flush(vs);
7133e230dd2SCorentin Chary }
7143e230dd2SCorentin Chary 
715bd023f95SCorentin Chary static void vnc_abort_display_jobs(VncDisplay *vd)
716bd023f95SCorentin Chary {
717bd023f95SCorentin Chary     VncState *vs;
718bd023f95SCorentin Chary 
719bd023f95SCorentin Chary     QTAILQ_FOREACH(vs, &vd->clients, next) {
720bd023f95SCorentin Chary         vnc_lock_output(vs);
721bd023f95SCorentin Chary         vs->abort = true;
722bd023f95SCorentin Chary         vnc_unlock_output(vs);
723bd023f95SCorentin Chary     }
724bd023f95SCorentin Chary     QTAILQ_FOREACH(vs, &vd->clients, next) {
725bd023f95SCorentin Chary         vnc_jobs_join(vs);
726bd023f95SCorentin Chary     }
727bd023f95SCorentin Chary     QTAILQ_FOREACH(vs, &vd->clients, next) {
728bd023f95SCorentin Chary         vnc_lock_output(vs);
729bd023f95SCorentin Chary         vs->abort = false;
730bd023f95SCorentin Chary         vnc_unlock_output(vs);
731bd023f95SCorentin Chary     }
732bd023f95SCorentin Chary }
733bd023f95SCorentin Chary 
7349f64916dSGerd Hoffmann int vnc_server_fb_stride(VncDisplay *vd)
7359f64916dSGerd Hoffmann {
7369f64916dSGerd Hoffmann     return pixman_image_get_stride(vd->server);
7379f64916dSGerd Hoffmann }
7389f64916dSGerd Hoffmann 
7399f64916dSGerd Hoffmann void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y)
7409f64916dSGerd Hoffmann {
7419f64916dSGerd Hoffmann     uint8_t *ptr;
7429f64916dSGerd Hoffmann 
7439f64916dSGerd Hoffmann     ptr  = (uint8_t *)pixman_image_get_data(vd->server);
7449f64916dSGerd Hoffmann     ptr += y * vnc_server_fb_stride(vd);
7459f64916dSGerd Hoffmann     ptr += x * VNC_SERVER_FB_BYTES;
7469f64916dSGerd Hoffmann     return ptr;
7479f64916dSGerd Hoffmann }
7489f64916dSGerd Hoffmann 
749c12aeb86SGerd Hoffmann static void vnc_dpy_switch(DisplayChangeListener *dcl,
750c12aeb86SGerd Hoffmann                            DisplaySurface *surface)
7513e230dd2SCorentin Chary {
75221ef45d7SGerd Hoffmann     VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
7533e230dd2SCorentin Chary     VncState *vs;
754bea60dd7SPeter Lieven     int width, height;
7553e230dd2SCorentin Chary 
756bd023f95SCorentin Chary     vnc_abort_display_jobs(vd);
757bd023f95SCorentin Chary 
7583e230dd2SCorentin Chary     /* server surface */
7599f64916dSGerd Hoffmann     qemu_pixman_image_unref(vd->server);
760d39fa6d8SGerd Hoffmann     vd->ds = surface;
761bea60dd7SPeter Lieven     width = MIN(VNC_MAX_WIDTH, ROUND_UP(surface_width(vd->ds),
762bea60dd7SPeter Lieven                                         VNC_DIRTY_PIXELS_PER_BIT));
763bea60dd7SPeter Lieven     height = MIN(VNC_MAX_HEIGHT, surface_height(vd->ds));
7649f64916dSGerd Hoffmann     vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT,
765bea60dd7SPeter Lieven                                           width, height, NULL, 0);
7663e230dd2SCorentin Chary 
7673e230dd2SCorentin Chary     /* guest surface */
7689f64916dSGerd Hoffmann #if 0 /* FIXME */
7693e230dd2SCorentin Chary     if (ds_get_bytes_per_pixel(ds) != vd->guest.ds->pf.bytes_per_pixel)
7703e230dd2SCorentin Chary         console_color_init(ds);
7719f64916dSGerd Hoffmann #endif
7729f64916dSGerd Hoffmann     qemu_pixman_image_unref(vd->guest.fb);
773d39fa6d8SGerd Hoffmann     vd->guest.fb = pixman_image_ref(surface->image);
774d39fa6d8SGerd Hoffmann     vd->guest.format = surface->format;
775bea60dd7SPeter Lieven     memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty));
776bea60dd7SPeter Lieven     vnc_set_area_dirty(vd->guest.dirty, width, height, 0, 0,
777bea60dd7SPeter Lieven                        width, height);
7783e230dd2SCorentin Chary 
7793e230dd2SCorentin Chary     QTAILQ_FOREACH(vs, &vd->clients, next) {
7803e230dd2SCorentin Chary         vnc_colordepth(vs);
7813e230dd2SCorentin Chary         vnc_desktop_resize(vs);
7823e230dd2SCorentin Chary         if (vs->vd->cursor) {
7833e230dd2SCorentin Chary             vnc_cursor_define(vs);
7843e230dd2SCorentin Chary         }
785bea60dd7SPeter Lieven         memset(vs->dirty, 0x00, sizeof(vs->dirty));
786bea60dd7SPeter Lieven         vnc_set_area_dirty(vs->dirty, width, height, 0, 0,
787bea60dd7SPeter Lieven                            width, height);
7883e230dd2SCorentin Chary     }
7893e230dd2SCorentin Chary }
7903e230dd2SCorentin Chary 
7913e230dd2SCorentin Chary /* fastest code */
7929f64916dSGerd Hoffmann static void vnc_write_pixels_copy(VncState *vs,
7933e230dd2SCorentin Chary                                   void *pixels, int size)
7943e230dd2SCorentin Chary {
7953e230dd2SCorentin Chary     vnc_write(vs, pixels, size);
7963e230dd2SCorentin Chary }
7973e230dd2SCorentin Chary 
7983e230dd2SCorentin Chary /* slowest but generic code. */
7993e230dd2SCorentin Chary void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v)
8003e230dd2SCorentin Chary {
8013e230dd2SCorentin Chary     uint8_t r, g, b;
8023e230dd2SCorentin Chary 
8039f64916dSGerd Hoffmann #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8)
8049f64916dSGerd Hoffmann     r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8;
8059f64916dSGerd Hoffmann     g = (((v & 0x0000ff00) >>  8) << vs->client_pf.gbits) >> 8;
8069f64916dSGerd Hoffmann     b = (((v & 0x000000ff) >>  0) << vs->client_pf.bbits) >> 8;
8079f64916dSGerd Hoffmann #else
8089f64916dSGerd Hoffmann # error need some bits here if you change VNC_SERVER_FB_FORMAT
8099f64916dSGerd Hoffmann #endif
8109f64916dSGerd Hoffmann     v = (r << vs->client_pf.rshift) |
8119f64916dSGerd Hoffmann         (g << vs->client_pf.gshift) |
8129f64916dSGerd Hoffmann         (b << vs->client_pf.bshift);
8139f64916dSGerd Hoffmann     switch (vs->client_pf.bytes_per_pixel) {
8143e230dd2SCorentin Chary     case 1:
8153e230dd2SCorentin Chary         buf[0] = v;
8163e230dd2SCorentin Chary         break;
8173e230dd2SCorentin Chary     case 2:
8189f64916dSGerd Hoffmann         if (vs->client_be) {
8193e230dd2SCorentin Chary             buf[0] = v >> 8;
8203e230dd2SCorentin Chary             buf[1] = v;
8213e230dd2SCorentin Chary         } else {
8223e230dd2SCorentin Chary             buf[1] = v >> 8;
8233e230dd2SCorentin Chary             buf[0] = v;
8243e230dd2SCorentin Chary         }
8253e230dd2SCorentin Chary         break;
8263e230dd2SCorentin Chary     default:
8273e230dd2SCorentin Chary     case 4:
8289f64916dSGerd Hoffmann         if (vs->client_be) {
8293e230dd2SCorentin Chary             buf[0] = v >> 24;
8303e230dd2SCorentin Chary             buf[1] = v >> 16;
8313e230dd2SCorentin Chary             buf[2] = v >> 8;
8323e230dd2SCorentin Chary             buf[3] = v;
8333e230dd2SCorentin Chary         } else {
8343e230dd2SCorentin Chary             buf[3] = v >> 24;
8353e230dd2SCorentin Chary             buf[2] = v >> 16;
8363e230dd2SCorentin Chary             buf[1] = v >> 8;
8373e230dd2SCorentin Chary             buf[0] = v;
8383e230dd2SCorentin Chary         }
8393e230dd2SCorentin Chary         break;
8403e230dd2SCorentin Chary     }
8413e230dd2SCorentin Chary }
8423e230dd2SCorentin Chary 
8439f64916dSGerd Hoffmann static void vnc_write_pixels_generic(VncState *vs,
8443e230dd2SCorentin Chary                                      void *pixels1, int size)
8453e230dd2SCorentin Chary {
8463e230dd2SCorentin Chary     uint8_t buf[4];
8473e230dd2SCorentin Chary 
8489f64916dSGerd Hoffmann     if (VNC_SERVER_FB_BYTES == 4) {
8493e230dd2SCorentin Chary         uint32_t *pixels = pixels1;
8503e230dd2SCorentin Chary         int n, i;
8513e230dd2SCorentin Chary         n = size >> 2;
8523e230dd2SCorentin Chary         for (i = 0; i < n; i++) {
8533e230dd2SCorentin Chary             vnc_convert_pixel(vs, buf, pixels[i]);
8549f64916dSGerd Hoffmann             vnc_write(vs, buf, vs->client_pf.bytes_per_pixel);
8553e230dd2SCorentin Chary         }
8563e230dd2SCorentin Chary     }
8573e230dd2SCorentin Chary }
8583e230dd2SCorentin Chary 
8593e230dd2SCorentin Chary int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
8603e230dd2SCorentin Chary {
8613e230dd2SCorentin Chary     int i;
8623e230dd2SCorentin Chary     uint8_t *row;
8633e230dd2SCorentin Chary     VncDisplay *vd = vs->vd;
8643e230dd2SCorentin Chary 
8659f64916dSGerd Hoffmann     row = vnc_server_fb_ptr(vd, x, y);
8663e230dd2SCorentin Chary     for (i = 0; i < h; i++) {
8679f64916dSGerd Hoffmann         vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES);
8689f64916dSGerd Hoffmann         row += vnc_server_fb_stride(vd);
8693e230dd2SCorentin Chary     }
8703e230dd2SCorentin Chary     return 1;
8713e230dd2SCorentin Chary }
8723e230dd2SCorentin Chary 
873bd023f95SCorentin Chary int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
8743e230dd2SCorentin Chary {
8753e230dd2SCorentin Chary     int n = 0;
8763e230dd2SCorentin Chary 
8773e230dd2SCorentin Chary     switch(vs->vnc_encoding) {
8783e230dd2SCorentin Chary         case VNC_ENCODING_ZLIB:
8793e230dd2SCorentin Chary             n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h);
8803e230dd2SCorentin Chary             break;
8813e230dd2SCorentin Chary         case VNC_ENCODING_HEXTILE:
8823e230dd2SCorentin Chary             vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE);
8833e230dd2SCorentin Chary             n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h);
8843e230dd2SCorentin Chary             break;
8853e230dd2SCorentin Chary         case VNC_ENCODING_TIGHT:
8863e230dd2SCorentin Chary             n = vnc_tight_send_framebuffer_update(vs, x, y, w, h);
8873e230dd2SCorentin Chary             break;
888efe556adSCorentin Chary         case VNC_ENCODING_TIGHT_PNG:
889efe556adSCorentin Chary             n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h);
890efe556adSCorentin Chary             break;
891148954faSCorentin Chary         case VNC_ENCODING_ZRLE:
892148954faSCorentin Chary             n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h);
893148954faSCorentin Chary             break;
894148954faSCorentin Chary         case VNC_ENCODING_ZYWRLE:
895148954faSCorentin Chary             n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h);
896148954faSCorentin Chary             break;
8973e230dd2SCorentin Chary         default:
8983e230dd2SCorentin Chary             vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW);
8993e230dd2SCorentin Chary             n = vnc_raw_send_framebuffer_update(vs, x, y, w, h);
9003e230dd2SCorentin Chary             break;
9013e230dd2SCorentin Chary     }
9023e230dd2SCorentin Chary     return n;
9033e230dd2SCorentin Chary }
9043e230dd2SCorentin Chary 
9053e230dd2SCorentin Chary static void vnc_copy(VncState *vs, int src_x, int src_y, int dst_x, int dst_y, int w, int h)
9063e230dd2SCorentin Chary {
9073e230dd2SCorentin Chary     /* send bitblit op to the vnc client */
908bd023f95SCorentin Chary     vnc_lock_output(vs);
9093e230dd2SCorentin Chary     vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
9103e230dd2SCorentin Chary     vnc_write_u8(vs, 0);
9113e230dd2SCorentin Chary     vnc_write_u16(vs, 1); /* number of rects */
9123e230dd2SCorentin Chary     vnc_framebuffer_update(vs, dst_x, dst_y, w, h, VNC_ENCODING_COPYRECT);
9133e230dd2SCorentin Chary     vnc_write_u16(vs, src_x);
9143e230dd2SCorentin Chary     vnc_write_u16(vs, src_y);
915bd023f95SCorentin Chary     vnc_unlock_output(vs);
9163e230dd2SCorentin Chary     vnc_flush(vs);
9173e230dd2SCorentin Chary }
9183e230dd2SCorentin Chary 
9197c20b4a3SGerd Hoffmann static void vnc_dpy_copy(DisplayChangeListener *dcl,
9207c20b4a3SGerd Hoffmann                          int src_x, int src_y,
9217c20b4a3SGerd Hoffmann                          int dst_x, int dst_y, int w, int h)
9223e230dd2SCorentin Chary {
92321ef45d7SGerd Hoffmann     VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
9243e230dd2SCorentin Chary     VncState *vs, *vn;
9253e230dd2SCorentin Chary     uint8_t *src_row;
9263e230dd2SCorentin Chary     uint8_t *dst_row;
9279f64916dSGerd Hoffmann     int i, x, y, pitch, inc, w_lim, s;
9283e230dd2SCorentin Chary     int cmp_bytes;
9293e230dd2SCorentin Chary 
9303e230dd2SCorentin Chary     vnc_refresh_server_surface(vd);
9313e230dd2SCorentin Chary     QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) {
9323e230dd2SCorentin Chary         if (vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
9333e230dd2SCorentin Chary             vs->force_update = 1;
93438ee14f4SGerd Hoffmann             vnc_update_client(vs, 1, true);
9353e230dd2SCorentin Chary             /* vs might be free()ed here */
9363e230dd2SCorentin Chary         }
9373e230dd2SCorentin Chary     }
9383e230dd2SCorentin Chary 
9393e230dd2SCorentin Chary     /* do bitblit op on the local surface too */
9409f64916dSGerd Hoffmann     pitch = vnc_server_fb_stride(vd);
9419f64916dSGerd Hoffmann     src_row = vnc_server_fb_ptr(vd, src_x, src_y);
9429f64916dSGerd Hoffmann     dst_row = vnc_server_fb_ptr(vd, dst_x, dst_y);
9433e230dd2SCorentin Chary     y = dst_y;
9443e230dd2SCorentin Chary     inc = 1;
9453e230dd2SCorentin Chary     if (dst_y > src_y) {
9463e230dd2SCorentin Chary         /* copy backwards */
9473e230dd2SCorentin Chary         src_row += pitch * (h-1);
9483e230dd2SCorentin Chary         dst_row += pitch * (h-1);
9493e230dd2SCorentin Chary         pitch = -pitch;
9503e230dd2SCorentin Chary         y = dst_y + h - 1;
9513e230dd2SCorentin Chary         inc = -1;
9523e230dd2SCorentin Chary     }
953b4c85ddcSPeter Lieven     w_lim = w - (VNC_DIRTY_PIXELS_PER_BIT - (dst_x % VNC_DIRTY_PIXELS_PER_BIT));
954b4c85ddcSPeter Lieven     if (w_lim < 0) {
9553e230dd2SCorentin Chary         w_lim = w;
956b4c85ddcSPeter Lieven     } else {
957b4c85ddcSPeter Lieven         w_lim = w - (w_lim % VNC_DIRTY_PIXELS_PER_BIT);
958b4c85ddcSPeter Lieven     }
9593e230dd2SCorentin Chary     for (i = 0; i < h; i++) {
9603e230dd2SCorentin Chary         for (x = 0; x <= w_lim;
9613e230dd2SCorentin Chary                 x += s, src_row += cmp_bytes, dst_row += cmp_bytes) {
9623e230dd2SCorentin Chary             if (x == w_lim) {
9633e230dd2SCorentin Chary                 if ((s = w - w_lim) == 0)
9643e230dd2SCorentin Chary                     break;
9653e230dd2SCorentin Chary             } else if (!x) {
966b4c85ddcSPeter Lieven                 s = (VNC_DIRTY_PIXELS_PER_BIT -
967b4c85ddcSPeter Lieven                     (dst_x % VNC_DIRTY_PIXELS_PER_BIT));
9683e230dd2SCorentin Chary                 s = MIN(s, w_lim);
9693e230dd2SCorentin Chary             } else {
970b4c85ddcSPeter Lieven                 s = VNC_DIRTY_PIXELS_PER_BIT;
9713e230dd2SCorentin Chary             }
9729f64916dSGerd Hoffmann             cmp_bytes = s * VNC_SERVER_FB_BYTES;
9733e230dd2SCorentin Chary             if (memcmp(src_row, dst_row, cmp_bytes) == 0)
9743e230dd2SCorentin Chary                 continue;
9753e230dd2SCorentin Chary             memmove(dst_row, src_row, cmp_bytes);
9763e230dd2SCorentin Chary             QTAILQ_FOREACH(vs, &vd->clients, next) {
9773e230dd2SCorentin Chary                 if (!vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
978b4c85ddcSPeter Lieven                     set_bit(((x + dst_x) / VNC_DIRTY_PIXELS_PER_BIT),
979b4c85ddcSPeter Lieven                             vs->dirty[y]);
9803e230dd2SCorentin Chary                 }
9813e230dd2SCorentin Chary             }
9823e230dd2SCorentin Chary         }
9839f64916dSGerd Hoffmann         src_row += pitch - w * VNC_SERVER_FB_BYTES;
9849f64916dSGerd Hoffmann         dst_row += pitch - w * VNC_SERVER_FB_BYTES;
9853e230dd2SCorentin Chary         y += inc;
9863e230dd2SCorentin Chary     }
9873e230dd2SCorentin Chary 
9883e230dd2SCorentin Chary     QTAILQ_FOREACH(vs, &vd->clients, next) {
9893e230dd2SCorentin Chary         if (vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
9903e230dd2SCorentin Chary             vnc_copy(vs, src_x, src_y, dst_x, dst_y, w, h);
9913e230dd2SCorentin Chary         }
9923e230dd2SCorentin Chary     }
9933e230dd2SCorentin Chary }
9943e230dd2SCorentin Chary 
9957c20b4a3SGerd Hoffmann static void vnc_mouse_set(DisplayChangeListener *dcl,
9967c20b4a3SGerd Hoffmann                           int x, int y, int visible)
9973e230dd2SCorentin Chary {
9983e230dd2SCorentin Chary     /* can we ask the client(s) to move the pointer ??? */
9993e230dd2SCorentin Chary }
10003e230dd2SCorentin Chary 
10013e230dd2SCorentin Chary static int vnc_cursor_define(VncState *vs)
10023e230dd2SCorentin Chary {
10033e230dd2SCorentin Chary     QEMUCursor *c = vs->vd->cursor;
10043e230dd2SCorentin Chary     int isize;
10053e230dd2SCorentin Chary 
10063e230dd2SCorentin Chary     if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) {
1007d01f9595SCorentin Chary         vnc_lock_output(vs);
10083e230dd2SCorentin Chary         vnc_write_u8(vs,  VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
10093e230dd2SCorentin Chary         vnc_write_u8(vs,  0);  /*  padding     */
10103e230dd2SCorentin Chary         vnc_write_u16(vs, 1);  /*  # of rects  */
10113e230dd2SCorentin Chary         vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height,
10123e230dd2SCorentin Chary                                VNC_ENCODING_RICH_CURSOR);
10139f64916dSGerd Hoffmann         isize = c->width * c->height * vs->client_pf.bytes_per_pixel;
10149f64916dSGerd Hoffmann         vnc_write_pixels_generic(vs, c->data, isize);
10153e230dd2SCorentin Chary         vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize);
1016d01f9595SCorentin Chary         vnc_unlock_output(vs);
10173e230dd2SCorentin Chary         return 0;
10183e230dd2SCorentin Chary     }
10193e230dd2SCorentin Chary     return -1;
10203e230dd2SCorentin Chary }
10213e230dd2SCorentin Chary 
10227c20b4a3SGerd Hoffmann static void vnc_dpy_cursor_define(DisplayChangeListener *dcl,
10237c20b4a3SGerd Hoffmann                                   QEMUCursor *c)
10243e230dd2SCorentin Chary {
1025d616ccc5SGerd Hoffmann     VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
10263e230dd2SCorentin Chary     VncState *vs;
10273e230dd2SCorentin Chary 
10283e230dd2SCorentin Chary     cursor_put(vd->cursor);
10297267c094SAnthony Liguori     g_free(vd->cursor_mask);
10303e230dd2SCorentin Chary 
10313e230dd2SCorentin Chary     vd->cursor = c;
10323e230dd2SCorentin Chary     cursor_get(vd->cursor);
10333e230dd2SCorentin Chary     vd->cursor_msize = cursor_get_mono_bpl(c) * c->height;
10347267c094SAnthony Liguori     vd->cursor_mask = g_malloc0(vd->cursor_msize);
10353e230dd2SCorentin Chary     cursor_get_mono_mask(c, 0, vd->cursor_mask);
10363e230dd2SCorentin Chary 
10373e230dd2SCorentin Chary     QTAILQ_FOREACH(vs, &vd->clients, next) {
10383e230dd2SCorentin Chary         vnc_cursor_define(vs);
10393e230dd2SCorentin Chary     }
10403e230dd2SCorentin Chary }
10413e230dd2SCorentin Chary 
10424769a881SChih-Min Chao static int find_and_clear_dirty_height(VncState *vs,
10436c71a539SCorentin Chary                                        int y, int last_x, int x, int height)
10443e230dd2SCorentin Chary {
10453e230dd2SCorentin Chary     int h;
10463e230dd2SCorentin Chary 
10476c71a539SCorentin Chary     for (h = 1; h < (height - y); h++) {
1048bc2429b9SCorentin Chary         if (!test_bit(last_x, vs->dirty[y + h])) {
10493e230dd2SCorentin Chary             break;
1050bc2429b9SCorentin Chary         }
1051863d7c91SPeter Lieven         bitmap_clear(vs->dirty[y + h], last_x, x - last_x);
10523e230dd2SCorentin Chary     }
10533e230dd2SCorentin Chary 
10543e230dd2SCorentin Chary     return h;
10553e230dd2SCorentin Chary }
10563e230dd2SCorentin Chary 
105738ee14f4SGerd Hoffmann static int vnc_update_client(VncState *vs, int has_dirty, bool sync)
10583e230dd2SCorentin Chary {
105963658280SGerd Hoffmann     vs->has_dirty += has_dirty;
10603e230dd2SCorentin Chary     if (vs->need_update && vs->csock != -1) {
10613e230dd2SCorentin Chary         VncDisplay *vd = vs->vd;
1062bd023f95SCorentin Chary         VncJob *job;
10633e230dd2SCorentin Chary         int y;
10642f487a3dSPeter Lieven         int height, width;
1065bd023f95SCorentin Chary         int n = 0;
1066bd023f95SCorentin Chary 
10673e230dd2SCorentin Chary         if (vs->output.offset && !vs->audio_cap && !vs->force_update)
10683e230dd2SCorentin Chary             /* kernel send buffers are full -> drop frames to throttle */
10693e230dd2SCorentin Chary             return 0;
10703e230dd2SCorentin Chary 
107163658280SGerd Hoffmann         if (!vs->has_dirty && !vs->audio_cap && !vs->force_update)
10723e230dd2SCorentin Chary             return 0;
10733e230dd2SCorentin Chary 
10743e230dd2SCorentin Chary         /*
10753e230dd2SCorentin Chary          * Send screen updates to the vnc client using the server
10763e230dd2SCorentin Chary          * surface and server dirty map.  guest surface updates
10773e230dd2SCorentin Chary          * happening in parallel don't disturb us, the next pass will
10783e230dd2SCorentin Chary          * send them to the client.
10793e230dd2SCorentin Chary          */
1080bd023f95SCorentin Chary         job = vnc_job_new(vs);
10813e230dd2SCorentin Chary 
1082bea60dd7SPeter Lieven         height = pixman_image_get_height(vd->server);
1083bea60dd7SPeter Lieven         width = pixman_image_get_width(vd->server);
10843e230dd2SCorentin Chary 
108512b316d4SPeter Lieven         y = 0;
108612b316d4SPeter Lieven         for (;;) {
108712b316d4SPeter Lieven             int x, h;
108812b316d4SPeter Lieven             unsigned long x2;
108912b316d4SPeter Lieven             unsigned long offset = find_next_bit((unsigned long *) &vs->dirty,
109012b316d4SPeter Lieven                                                  height * VNC_DIRTY_BPL(vs),
109112b316d4SPeter Lieven                                                  y * VNC_DIRTY_BPL(vs));
109212b316d4SPeter Lieven             if (offset == height * VNC_DIRTY_BPL(vs)) {
109312b316d4SPeter Lieven                 /* no more dirty bits */
109412b316d4SPeter Lieven                 break;
10953e230dd2SCorentin Chary             }
109612b316d4SPeter Lieven             y = offset / VNC_DIRTY_BPL(vs);
109712b316d4SPeter Lieven             x = offset % VNC_DIRTY_BPL(vs);
109812b316d4SPeter Lieven             x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y],
109912b316d4SPeter Lieven                                     VNC_DIRTY_BPL(vs), x);
110012b316d4SPeter Lieven             bitmap_clear(vs->dirty[y], x, x2 - x);
110112b316d4SPeter Lieven             h = find_and_clear_dirty_height(vs, y, x, x2, height);
11022f487a3dSPeter Lieven             x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT);
11032f487a3dSPeter Lieven             if (x2 > x) {
110412b316d4SPeter Lieven                 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y,
110512b316d4SPeter Lieven                                       (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h);
11063e230dd2SCorentin Chary             }
11070e7d6f60SPeter Lieven             if (!x && x2 == width / VNC_DIRTY_PIXELS_PER_BIT) {
11080e7d6f60SPeter Lieven                 y += h;
11090e7d6f60SPeter Lieven                 if (y == height) {
11100e7d6f60SPeter Lieven                     break;
11110e7d6f60SPeter Lieven                 }
11120e7d6f60SPeter Lieven             }
11132f487a3dSPeter Lieven         }
1114bd023f95SCorentin Chary 
1115bd023f95SCorentin Chary         vnc_job_push(job);
1116eb214ff8SGerd Hoffmann         if (sync) {
1117eb214ff8SGerd Hoffmann             vnc_jobs_join(vs);
1118eb214ff8SGerd Hoffmann         }
11193e230dd2SCorentin Chary         vs->force_update = 0;
112063658280SGerd Hoffmann         vs->has_dirty = 0;
1121bd023f95SCorentin Chary         return n;
11223e230dd2SCorentin Chary     }
11233e230dd2SCorentin Chary 
112438ee14f4SGerd Hoffmann     if (vs->csock == -1) {
11253e230dd2SCorentin Chary         vnc_disconnect_finish(vs);
112638ee14f4SGerd Hoffmann     } else if (sync) {
112738ee14f4SGerd Hoffmann         vnc_jobs_join(vs);
112838ee14f4SGerd Hoffmann     }
11293e230dd2SCorentin Chary 
11303e230dd2SCorentin Chary     return 0;
11313e230dd2SCorentin Chary }
11323e230dd2SCorentin Chary 
11333e230dd2SCorentin Chary /* audio */
11343e230dd2SCorentin Chary static void audio_capture_notify(void *opaque, audcnotification_e cmd)
11353e230dd2SCorentin Chary {
11363e230dd2SCorentin Chary     VncState *vs = opaque;
11373e230dd2SCorentin Chary 
11383e230dd2SCorentin Chary     switch (cmd) {
11393e230dd2SCorentin Chary     case AUD_CNOTIFY_DISABLE:
1140bd023f95SCorentin Chary         vnc_lock_output(vs);
11413e230dd2SCorentin Chary         vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
11423e230dd2SCorentin Chary         vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
11433e230dd2SCorentin Chary         vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END);
1144bd023f95SCorentin Chary         vnc_unlock_output(vs);
11453e230dd2SCorentin Chary         vnc_flush(vs);
11463e230dd2SCorentin Chary         break;
11473e230dd2SCorentin Chary 
11483e230dd2SCorentin Chary     case AUD_CNOTIFY_ENABLE:
1149bd023f95SCorentin Chary         vnc_lock_output(vs);
11503e230dd2SCorentin Chary         vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
11513e230dd2SCorentin Chary         vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
11523e230dd2SCorentin Chary         vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN);
1153bd023f95SCorentin Chary         vnc_unlock_output(vs);
11543e230dd2SCorentin Chary         vnc_flush(vs);
11553e230dd2SCorentin Chary         break;
11563e230dd2SCorentin Chary     }
11573e230dd2SCorentin Chary }
11583e230dd2SCorentin Chary 
11593e230dd2SCorentin Chary static void audio_capture_destroy(void *opaque)
11603e230dd2SCorentin Chary {
11613e230dd2SCorentin Chary }
11623e230dd2SCorentin Chary 
11633e230dd2SCorentin Chary static void audio_capture(void *opaque, void *buf, int size)
11643e230dd2SCorentin Chary {
11653e230dd2SCorentin Chary     VncState *vs = opaque;
11663e230dd2SCorentin Chary 
1167bd023f95SCorentin Chary     vnc_lock_output(vs);
11683e230dd2SCorentin Chary     vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
11693e230dd2SCorentin Chary     vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
11703e230dd2SCorentin Chary     vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA);
11713e230dd2SCorentin Chary     vnc_write_u32(vs, size);
11723e230dd2SCorentin Chary     vnc_write(vs, buf, size);
1173bd023f95SCorentin Chary     vnc_unlock_output(vs);
11743e230dd2SCorentin Chary     vnc_flush(vs);
11753e230dd2SCorentin Chary }
11763e230dd2SCorentin Chary 
11773e230dd2SCorentin Chary static void audio_add(VncState *vs)
11783e230dd2SCorentin Chary {
11793e230dd2SCorentin Chary     struct audio_capture_ops ops;
11803e230dd2SCorentin Chary 
11813e230dd2SCorentin Chary     if (vs->audio_cap) {
1182027a79c3SCole Robinson         error_report("audio already running");
11833e230dd2SCorentin Chary         return;
11843e230dd2SCorentin Chary     }
11853e230dd2SCorentin Chary 
11863e230dd2SCorentin Chary     ops.notify = audio_capture_notify;
11873e230dd2SCorentin Chary     ops.destroy = audio_capture_destroy;
11883e230dd2SCorentin Chary     ops.capture = audio_capture;
11893e230dd2SCorentin Chary 
11903e230dd2SCorentin Chary     vs->audio_cap = AUD_add_capture(&vs->as, &ops, vs);
11913e230dd2SCorentin Chary     if (!vs->audio_cap) {
1192027a79c3SCole Robinson         error_report("Failed to add audio capture");
11933e230dd2SCorentin Chary     }
11943e230dd2SCorentin Chary }
11953e230dd2SCorentin Chary 
11963e230dd2SCorentin Chary static void audio_del(VncState *vs)
11973e230dd2SCorentin Chary {
11983e230dd2SCorentin Chary     if (vs->audio_cap) {
11993e230dd2SCorentin Chary         AUD_del_capture(vs->audio_cap, vs);
12003e230dd2SCorentin Chary         vs->audio_cap = NULL;
12013e230dd2SCorentin Chary     }
12023e230dd2SCorentin Chary }
12033e230dd2SCorentin Chary 
12043e230dd2SCorentin Chary static void vnc_disconnect_start(VncState *vs)
12053e230dd2SCorentin Chary {
12063e230dd2SCorentin Chary     if (vs->csock == -1)
12073e230dd2SCorentin Chary         return;
12088cf36489SGerd Hoffmann     vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED);
120982e1cc4bSFam Zheng     qemu_set_fd_handler(vs->csock, NULL, NULL, NULL);
12103e230dd2SCorentin Chary     closesocket(vs->csock);
12113e230dd2SCorentin Chary     vs->csock = -1;
12123e230dd2SCorentin Chary }
12133e230dd2SCorentin Chary 
12147536ee4bSTim Hardeck void vnc_disconnect_finish(VncState *vs)
12153e230dd2SCorentin Chary {
12167d964c9dSCorentin Chary     int i;
12177d964c9dSCorentin Chary 
1218bd023f95SCorentin Chary     vnc_jobs_join(vs); /* Wait encoding jobs */
1219bd023f95SCorentin Chary 
1220bd023f95SCorentin Chary     vnc_lock_output(vs);
1221fb6ba0d5SWenchao Xia     vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED);
12223e230dd2SCorentin Chary 
12233e230dd2SCorentin Chary     buffer_free(&vs->input);
12243e230dd2SCorentin Chary     buffer_free(&vs->output);
12257536ee4bSTim Hardeck     buffer_free(&vs->ws_input);
12267536ee4bSTim Hardeck     buffer_free(&vs->ws_output);
12273e230dd2SCorentin Chary 
1228fb6ba0d5SWenchao Xia     qapi_free_VncClientInfo(vs->info);
12293e230dd2SCorentin Chary 
12303e230dd2SCorentin Chary     vnc_zlib_clear(vs);
12313e230dd2SCorentin Chary     vnc_tight_clear(vs);
1232148954faSCorentin Chary     vnc_zrle_clear(vs);
12333e230dd2SCorentin Chary 
12343e305e4aSDaniel P. Berrange     qcrypto_tls_session_free(vs->tls);
12353e230dd2SCorentin Chary #ifdef CONFIG_VNC_SASL
12363e230dd2SCorentin Chary     vnc_sasl_client_cleanup(vs);
12373e230dd2SCorentin Chary #endif /* CONFIG_VNC_SASL */
12383e230dd2SCorentin Chary     audio_del(vs);
12397bc9318bSGerd Hoffmann     vnc_release_modifiers(vs);
12403e230dd2SCorentin Chary 
12416fd8e79aSTim Hardeck     if (vs->initialized) {
12423e230dd2SCorentin Chary         QTAILQ_REMOVE(&vs->vd->clients, vs, next);
12436fd8e79aSTim Hardeck         qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
12446fd8e79aSTim Hardeck     }
12453e230dd2SCorentin Chary 
12463e230dd2SCorentin Chary     if (vs->vd->lock_key_sync)
12473e230dd2SCorentin Chary         qemu_remove_led_event_handler(vs->led);
1248bd023f95SCorentin Chary     vnc_unlock_output(vs);
1249bd023f95SCorentin Chary 
1250bd023f95SCorentin Chary     qemu_mutex_destroy(&vs->output_mutex);
12516fd8e79aSTim Hardeck     if (vs->bh != NULL) {
1252175b2a6eSCorentin Chary         qemu_bh_delete(vs->bh);
12536fd8e79aSTim Hardeck     }
1254175b2a6eSCorentin Chary     buffer_free(&vs->jobs_buffer);
1255175b2a6eSCorentin Chary 
12567d964c9dSCorentin Chary     for (i = 0; i < VNC_STAT_ROWS; ++i) {
12577267c094SAnthony Liguori         g_free(vs->lossy_rect[i]);
12587d964c9dSCorentin Chary     }
12597267c094SAnthony Liguori     g_free(vs->lossy_rect);
12607267c094SAnthony Liguori     g_free(vs);
12613e230dd2SCorentin Chary }
12623e230dd2SCorentin Chary 
1263fdd1ab6aSDaniel P. Berrange ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, int last_errno)
12643e230dd2SCorentin Chary {
12653e230dd2SCorentin Chary     if (ret == 0 || ret == -1) {
12663e230dd2SCorentin Chary         if (ret == -1) {
12673e230dd2SCorentin Chary             switch (last_errno) {
12683e230dd2SCorentin Chary                 case EINTR:
12693e230dd2SCorentin Chary                 case EAGAIN:
12703e230dd2SCorentin Chary #ifdef _WIN32
12713e230dd2SCorentin Chary                 case WSAEWOULDBLOCK:
12723e230dd2SCorentin Chary #endif
12733e230dd2SCorentin Chary                     return 0;
12743e230dd2SCorentin Chary                 default:
12753e230dd2SCorentin Chary                     break;
12763e230dd2SCorentin Chary             }
12773e230dd2SCorentin Chary         }
12783e230dd2SCorentin Chary 
1279fdd1ab6aSDaniel P. Berrange         VNC_DEBUG("Closing down client sock: ret %zd, errno %d\n",
12803e230dd2SCorentin Chary                   ret, ret < 0 ? last_errno : 0);
12813e230dd2SCorentin Chary         vnc_disconnect_start(vs);
12823e230dd2SCorentin Chary 
12833e230dd2SCorentin Chary         return 0;
12843e230dd2SCorentin Chary     }
12853e230dd2SCorentin Chary     return ret;
12863e230dd2SCorentin Chary }
12873e230dd2SCorentin Chary 
12883e230dd2SCorentin Chary 
12893e230dd2SCorentin Chary void vnc_client_error(VncState *vs)
12903e230dd2SCorentin Chary {
12913e230dd2SCorentin Chary     VNC_DEBUG("Closing down client sock: protocol error\n");
12923e230dd2SCorentin Chary     vnc_disconnect_start(vs);
12933e230dd2SCorentin Chary }
12943e230dd2SCorentin Chary 
12953e305e4aSDaniel P. Berrange 
12963e305e4aSDaniel P. Berrange ssize_t vnc_tls_pull(char *buf, size_t len, void *opaque)
12970057a0d5STim Hardeck {
12983e305e4aSDaniel P. Berrange     VncState *vs = opaque;
12993e305e4aSDaniel P. Berrange     ssize_t ret;
13003e305e4aSDaniel P. Berrange 
13013e305e4aSDaniel P. Berrange  retry:
13023e305e4aSDaniel P. Berrange     ret = qemu_recv(vs->csock, buf, len, 0);
13030057a0d5STim Hardeck     if (ret < 0) {
13043e305e4aSDaniel P. Berrange         if (errno == EINTR) {
13053e305e4aSDaniel P. Berrange             goto retry;
13060057a0d5STim Hardeck         }
13073e305e4aSDaniel P. Berrange         return -1;
13080057a0d5STim Hardeck     }
13090057a0d5STim Hardeck     return ret;
13100057a0d5STim Hardeck }
13113e305e4aSDaniel P. Berrange 
13123e305e4aSDaniel P. Berrange 
13133e305e4aSDaniel P. Berrange ssize_t vnc_tls_push(const char *buf, size_t len, void *opaque)
13143e305e4aSDaniel P. Berrange {
13153e305e4aSDaniel P. Berrange     VncState *vs = opaque;
13163e305e4aSDaniel P. Berrange     ssize_t ret;
13173e305e4aSDaniel P. Berrange 
13183e305e4aSDaniel P. Berrange  retry:
13193e305e4aSDaniel P. Berrange     ret = send(vs->csock, buf, len, 0);
13203e305e4aSDaniel P. Berrange     if (ret < 0) {
13213e305e4aSDaniel P. Berrange         if (errno == EINTR) {
13223e305e4aSDaniel P. Berrange             goto retry;
13233e305e4aSDaniel P. Berrange         }
13243e305e4aSDaniel P. Berrange         return -1;
13253e305e4aSDaniel P. Berrange     }
13263e305e4aSDaniel P. Berrange     return ret;
13273e305e4aSDaniel P. Berrange }
13283e305e4aSDaniel P. Berrange 
13293e230dd2SCorentin Chary 
13303e230dd2SCorentin Chary /*
13313e230dd2SCorentin Chary  * Called to write a chunk of data to the client socket. The data may
13323e230dd2SCorentin Chary  * be the raw data, or may have already been encoded by SASL.
13333e230dd2SCorentin Chary  * The data will be written either straight onto the socket, or
13343e230dd2SCorentin Chary  * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled
13353e230dd2SCorentin Chary  *
13363e230dd2SCorentin Chary  * NB, it is theoretically possible to have 2 layers of encryption,
13373e230dd2SCorentin Chary  * both SASL, and this TLS layer. It is highly unlikely in practice
13383e230dd2SCorentin Chary  * though, since SASL encryption will typically be a no-op if TLS
13393e230dd2SCorentin Chary  * is active
13403e230dd2SCorentin Chary  *
13413e230dd2SCorentin Chary  * Returns the number of bytes written, which may be less than
13423e230dd2SCorentin Chary  * the requested 'datalen' if the socket would block. Returns
13433e230dd2SCorentin Chary  * -1 on error, and disconnects the client socket.
13443e230dd2SCorentin Chary  */
1345fdd1ab6aSDaniel P. Berrange ssize_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen)
13463e230dd2SCorentin Chary {
1347fdd1ab6aSDaniel P. Berrange     ssize_t ret;
13483e305e4aSDaniel P. Berrange     int err = 0;
13493e305e4aSDaniel P. Berrange     if (vs->tls) {
13503e305e4aSDaniel P. Berrange         ret = qcrypto_tls_session_write(vs->tls, (const char *)data, datalen);
13513e305e4aSDaniel P. Berrange         if (ret < 0) {
13523e305e4aSDaniel P. Berrange             err = errno;
13530057a0d5STim Hardeck         }
13543e305e4aSDaniel P. Berrange     } else {
13553e305e4aSDaniel P. Berrange         ret = send(vs->csock, (const void *)data, datalen, 0);
13563e305e4aSDaniel P. Berrange         if (ret < 0) {
13573e305e4aSDaniel P. Berrange             err = socket_error();
13583e305e4aSDaniel P. Berrange         }
13593e305e4aSDaniel P. Berrange     }
13603e230dd2SCorentin Chary     VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret);
13613e305e4aSDaniel P. Berrange     return vnc_client_io_error(vs, ret, err);
13623e230dd2SCorentin Chary }
13633e230dd2SCorentin Chary 
13643e230dd2SCorentin Chary 
13653e230dd2SCorentin Chary /*
13663e230dd2SCorentin Chary  * Called to write buffered data to the client socket, when not
13673e230dd2SCorentin Chary  * using any SASL SSF encryption layers. Will write as much data
13683e230dd2SCorentin Chary  * as possible without blocking. If all buffered data is written,
13693e230dd2SCorentin Chary  * will switch the FD poll() handler back to read monitoring.
13703e230dd2SCorentin Chary  *
13713e230dd2SCorentin Chary  * Returns the number of bytes written, which may be less than
13723e230dd2SCorentin Chary  * the buffered output data if the socket would block. Returns
13733e230dd2SCorentin Chary  * -1 on error, and disconnects the client socket.
13743e230dd2SCorentin Chary  */
1375fdd1ab6aSDaniel P. Berrange static ssize_t vnc_client_write_plain(VncState *vs)
13763e230dd2SCorentin Chary {
1377fdd1ab6aSDaniel P. Berrange     ssize_t ret;
13783e230dd2SCorentin Chary 
13793e230dd2SCorentin Chary #ifdef CONFIG_VNC_SASL
13803e230dd2SCorentin Chary     VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n",
13813e230dd2SCorentin Chary               vs->output.buffer, vs->output.capacity, vs->output.offset,
13823e230dd2SCorentin Chary               vs->sasl.waitWriteSSF);
13833e230dd2SCorentin Chary 
13843e230dd2SCorentin Chary     if (vs->sasl.conn &&
13853e230dd2SCorentin Chary         vs->sasl.runSSF &&
13863e230dd2SCorentin Chary         vs->sasl.waitWriteSSF) {
13873e230dd2SCorentin Chary         ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF);
13883e230dd2SCorentin Chary         if (ret)
13893e230dd2SCorentin Chary             vs->sasl.waitWriteSSF -= ret;
13903e230dd2SCorentin Chary     } else
13913e230dd2SCorentin Chary #endif /* CONFIG_VNC_SASL */
13923e230dd2SCorentin Chary         ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset);
13933e230dd2SCorentin Chary     if (!ret)
13943e230dd2SCorentin Chary         return 0;
13953e230dd2SCorentin Chary 
139632ed2680STim Hardeck     buffer_advance(&vs->output, ret);
13973e230dd2SCorentin Chary 
13983e230dd2SCorentin Chary     if (vs->output.offset == 0) {
139982e1cc4bSFam Zheng         qemu_set_fd_handler(vs->csock, vnc_client_read, NULL, vs);
14003e230dd2SCorentin Chary     }
14013e230dd2SCorentin Chary 
14023e230dd2SCorentin Chary     return ret;
14033e230dd2SCorentin Chary }
14043e230dd2SCorentin Chary 
14053e230dd2SCorentin Chary 
14063e230dd2SCorentin Chary /*
14073e230dd2SCorentin Chary  * First function called whenever there is data to be written to
14083e230dd2SCorentin Chary  * the client socket. Will delegate actual work according to whether
14093e230dd2SCorentin Chary  * SASL SSF layers are enabled (thus requiring encryption calls)
14103e230dd2SCorentin Chary  */
1411bd023f95SCorentin Chary static void vnc_client_write_locked(void *opaque)
14123e230dd2SCorentin Chary {
14133e230dd2SCorentin Chary     VncState *vs = opaque;
14143e230dd2SCorentin Chary 
14153e230dd2SCorentin Chary #ifdef CONFIG_VNC_SASL
14163e230dd2SCorentin Chary     if (vs->sasl.conn &&
14173e230dd2SCorentin Chary         vs->sasl.runSSF &&
14183e230dd2SCorentin Chary         !vs->sasl.waitWriteSSF) {
14193e230dd2SCorentin Chary         vnc_client_write_sasl(vs);
14203e230dd2SCorentin Chary     } else
14213e230dd2SCorentin Chary #endif /* CONFIG_VNC_SASL */
14227536ee4bSTim Hardeck     {
14237536ee4bSTim Hardeck         if (vs->encode_ws) {
14247536ee4bSTim Hardeck             vnc_client_write_ws(vs);
14258e9b0d24SDaniel P. Berrange         } else {
14263e230dd2SCorentin Chary             vnc_client_write_plain(vs);
14273e230dd2SCorentin Chary         }
14287536ee4bSTim Hardeck     }
14297536ee4bSTim Hardeck }
14303e230dd2SCorentin Chary 
1431bd023f95SCorentin Chary void vnc_client_write(void *opaque)
1432bd023f95SCorentin Chary {
1433bd023f95SCorentin Chary     VncState *vs = opaque;
1434bd023f95SCorentin Chary 
1435bd023f95SCorentin Chary     vnc_lock_output(vs);
14368e9b0d24SDaniel P. Berrange     if (vs->output.offset || vs->ws_output.offset) {
1437bd023f95SCorentin Chary         vnc_client_write_locked(opaque);
1438ac71103dSYoshiaki Tamura     } else if (vs->csock != -1) {
143982e1cc4bSFam Zheng         qemu_set_fd_handler(vs->csock, vnc_client_read, NULL, vs);
1440bd023f95SCorentin Chary     }
1441bd023f95SCorentin Chary     vnc_unlock_output(vs);
1442bd023f95SCorentin Chary }
1443bd023f95SCorentin Chary 
14443e230dd2SCorentin Chary void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting)
14453e230dd2SCorentin Chary {
14463e230dd2SCorentin Chary     vs->read_handler = func;
14473e230dd2SCorentin Chary     vs->read_handler_expect = expecting;
14483e230dd2SCorentin Chary }
14493e230dd2SCorentin Chary 
14503e230dd2SCorentin Chary 
14513e230dd2SCorentin Chary /*
14523e230dd2SCorentin Chary  * Called to read a chunk of data from the client socket. The data may
14533e230dd2SCorentin Chary  * be the raw data, or may need to be further decoded by SASL.
14543e230dd2SCorentin Chary  * The data will be read either straight from to the socket, or
14553e230dd2SCorentin Chary  * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled
14563e230dd2SCorentin Chary  *
14573e230dd2SCorentin Chary  * NB, it is theoretically possible to have 2 layers of encryption,
14583e230dd2SCorentin Chary  * both SASL, and this TLS layer. It is highly unlikely in practice
14593e230dd2SCorentin Chary  * though, since SASL encryption will typically be a no-op if TLS
14603e230dd2SCorentin Chary  * is active
14613e230dd2SCorentin Chary  *
14623e230dd2SCorentin Chary  * Returns the number of bytes read, which may be less than
14633e230dd2SCorentin Chary  * the requested 'datalen' if the socket would block. Returns
14643e230dd2SCorentin Chary  * -1 on error, and disconnects the client socket.
14653e230dd2SCorentin Chary  */
1466fdd1ab6aSDaniel P. Berrange ssize_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen)
14673e230dd2SCorentin Chary {
1468fdd1ab6aSDaniel P. Berrange     ssize_t ret;
14693e305e4aSDaniel P. Berrange     int err = -1;
14703e305e4aSDaniel P. Berrange     if (vs->tls) {
14713e305e4aSDaniel P. Berrange         ret = qcrypto_tls_session_read(vs->tls, (char *)data, datalen);
14723e305e4aSDaniel P. Berrange         if (ret < 0) {
14733e305e4aSDaniel P. Berrange             err = errno;
14740057a0d5STim Hardeck         }
14753e305e4aSDaniel P. Berrange     } else {
14763e305e4aSDaniel P. Berrange         ret = qemu_recv(vs->csock, data, datalen, 0);
14773e305e4aSDaniel P. Berrange         if (ret < 0) {
14783e305e4aSDaniel P. Berrange             err = socket_error();
14793e305e4aSDaniel P. Berrange         }
14803e305e4aSDaniel P. Berrange     }
14813e230dd2SCorentin Chary     VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret);
14823e305e4aSDaniel P. Berrange     return vnc_client_io_error(vs, ret, err);
14833e230dd2SCorentin Chary }
14843e230dd2SCorentin Chary 
14853e230dd2SCorentin Chary 
14863e230dd2SCorentin Chary /*
14873e230dd2SCorentin Chary  * Called to read data from the client socket to the input buffer,
14883e230dd2SCorentin Chary  * when not using any SASL SSF encryption layers. Will read as much
14893e230dd2SCorentin Chary  * data as possible without blocking.
14903e230dd2SCorentin Chary  *
14913e230dd2SCorentin Chary  * Returns the number of bytes read. Returns -1 on error, and
14923e230dd2SCorentin Chary  * disconnects the client socket.
14933e230dd2SCorentin Chary  */
1494fdd1ab6aSDaniel P. Berrange static ssize_t vnc_client_read_plain(VncState *vs)
14953e230dd2SCorentin Chary {
1496fdd1ab6aSDaniel P. Berrange     ssize_t ret;
14973e230dd2SCorentin Chary     VNC_DEBUG("Read plain %p size %zd offset %zd\n",
14983e230dd2SCorentin Chary               vs->input.buffer, vs->input.capacity, vs->input.offset);
14993e230dd2SCorentin Chary     buffer_reserve(&vs->input, 4096);
15003e230dd2SCorentin Chary     ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096);
15013e230dd2SCorentin Chary     if (!ret)
15023e230dd2SCorentin Chary         return 0;
15033e230dd2SCorentin Chary     vs->input.offset += ret;
15043e230dd2SCorentin Chary     return ret;
15053e230dd2SCorentin Chary }
15063e230dd2SCorentin Chary 
1507175b2a6eSCorentin Chary static void vnc_jobs_bh(void *opaque)
1508175b2a6eSCorentin Chary {
1509175b2a6eSCorentin Chary     VncState *vs = opaque;
1510175b2a6eSCorentin Chary 
1511175b2a6eSCorentin Chary     vnc_jobs_consume_buffer(vs);
1512175b2a6eSCorentin Chary }
15133e230dd2SCorentin Chary 
15143e230dd2SCorentin Chary /*
15153e230dd2SCorentin Chary  * First function called whenever there is more data to be read from
15163e230dd2SCorentin Chary  * the client socket. Will delegate actual work according to whether
15173e230dd2SCorentin Chary  * SASL SSF layers are enabled (thus requiring decryption calls)
15183e230dd2SCorentin Chary  */
15193e230dd2SCorentin Chary void vnc_client_read(void *opaque)
15203e230dd2SCorentin Chary {
15213e230dd2SCorentin Chary     VncState *vs = opaque;
1522fdd1ab6aSDaniel P. Berrange     ssize_t ret;
15233e230dd2SCorentin Chary 
15243e230dd2SCorentin Chary #ifdef CONFIG_VNC_SASL
15253e230dd2SCorentin Chary     if (vs->sasl.conn && vs->sasl.runSSF)
15263e230dd2SCorentin Chary         ret = vnc_client_read_sasl(vs);
15273e230dd2SCorentin Chary     else
15283e230dd2SCorentin Chary #endif /* CONFIG_VNC_SASL */
15297536ee4bSTim Hardeck         if (vs->encode_ws) {
15307536ee4bSTim Hardeck             ret = vnc_client_read_ws(vs);
15317536ee4bSTim Hardeck             if (ret == -1) {
15327536ee4bSTim Hardeck                 vnc_disconnect_start(vs);
15337536ee4bSTim Hardeck                 return;
15347536ee4bSTim Hardeck             } else if (ret == -2) {
15357536ee4bSTim Hardeck                 vnc_client_error(vs);
15367536ee4bSTim Hardeck                 return;
15377536ee4bSTim Hardeck             }
15388e9b0d24SDaniel P. Berrange         } else {
15393e230dd2SCorentin Chary             ret = vnc_client_read_plain(vs);
15407536ee4bSTim Hardeck         }
15413e230dd2SCorentin Chary     if (!ret) {
15423e230dd2SCorentin Chary         if (vs->csock == -1)
15433e230dd2SCorentin Chary             vnc_disconnect_finish(vs);
15443e230dd2SCorentin Chary         return;
15453e230dd2SCorentin Chary     }
15463e230dd2SCorentin Chary 
15473e230dd2SCorentin Chary     while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) {
15483e230dd2SCorentin Chary         size_t len = vs->read_handler_expect;
15493e230dd2SCorentin Chary         int ret;
15503e230dd2SCorentin Chary 
15513e230dd2SCorentin Chary         ret = vs->read_handler(vs, vs->input.buffer, len);
15523e230dd2SCorentin Chary         if (vs->csock == -1) {
15533e230dd2SCorentin Chary             vnc_disconnect_finish(vs);
15543e230dd2SCorentin Chary             return;
15553e230dd2SCorentin Chary         }
15563e230dd2SCorentin Chary 
15573e230dd2SCorentin Chary         if (!ret) {
155832ed2680STim Hardeck             buffer_advance(&vs->input, len);
15593e230dd2SCorentin Chary         } else {
15603e230dd2SCorentin Chary             vs->read_handler_expect = ret;
15613e230dd2SCorentin Chary         }
15623e230dd2SCorentin Chary     }
15633e230dd2SCorentin Chary }
15643e230dd2SCorentin Chary 
15653e230dd2SCorentin Chary void vnc_write(VncState *vs, const void *data, size_t len)
15663e230dd2SCorentin Chary {
15673e230dd2SCorentin Chary     buffer_reserve(&vs->output, len);
15683e230dd2SCorentin Chary 
15693e230dd2SCorentin Chary     if (vs->csock != -1 && buffer_empty(&vs->output)) {
157082e1cc4bSFam Zheng         qemu_set_fd_handler(vs->csock, vnc_client_read, vnc_client_write, vs);
15713e230dd2SCorentin Chary     }
15723e230dd2SCorentin Chary 
15733e230dd2SCorentin Chary     buffer_append(&vs->output, data, len);
15743e230dd2SCorentin Chary }
15753e230dd2SCorentin Chary 
15763e230dd2SCorentin Chary void vnc_write_s32(VncState *vs, int32_t value)
15773e230dd2SCorentin Chary {
15783e230dd2SCorentin Chary     vnc_write_u32(vs, *(uint32_t *)&value);
15793e230dd2SCorentin Chary }
15803e230dd2SCorentin Chary 
15813e230dd2SCorentin Chary void vnc_write_u32(VncState *vs, uint32_t value)
15823e230dd2SCorentin Chary {
15833e230dd2SCorentin Chary     uint8_t buf[4];
15843e230dd2SCorentin Chary 
15853e230dd2SCorentin Chary     buf[0] = (value >> 24) & 0xFF;
15863e230dd2SCorentin Chary     buf[1] = (value >> 16) & 0xFF;
15873e230dd2SCorentin Chary     buf[2] = (value >>  8) & 0xFF;
15883e230dd2SCorentin Chary     buf[3] = value & 0xFF;
15893e230dd2SCorentin Chary 
15903e230dd2SCorentin Chary     vnc_write(vs, buf, 4);
15913e230dd2SCorentin Chary }
15923e230dd2SCorentin Chary 
15933e230dd2SCorentin Chary void vnc_write_u16(VncState *vs, uint16_t value)
15943e230dd2SCorentin Chary {
15953e230dd2SCorentin Chary     uint8_t buf[2];
15963e230dd2SCorentin Chary 
15973e230dd2SCorentin Chary     buf[0] = (value >> 8) & 0xFF;
15983e230dd2SCorentin Chary     buf[1] = value & 0xFF;
15993e230dd2SCorentin Chary 
16003e230dd2SCorentin Chary     vnc_write(vs, buf, 2);
16013e230dd2SCorentin Chary }
16023e230dd2SCorentin Chary 
16033e230dd2SCorentin Chary void vnc_write_u8(VncState *vs, uint8_t value)
16043e230dd2SCorentin Chary {
16053e230dd2SCorentin Chary     vnc_write(vs, (char *)&value, 1);
16063e230dd2SCorentin Chary }
16073e230dd2SCorentin Chary 
16083e230dd2SCorentin Chary void vnc_flush(VncState *vs)
16093e230dd2SCorentin Chary {
1610bd023f95SCorentin Chary     vnc_lock_output(vs);
16118e9b0d24SDaniel P. Berrange     if (vs->csock != -1 && (vs->output.offset ||
16128e9b0d24SDaniel P. Berrange                             vs->ws_output.offset)) {
1613bd023f95SCorentin Chary         vnc_client_write_locked(vs);
1614bd023f95SCorentin Chary     }
1615bd023f95SCorentin Chary     vnc_unlock_output(vs);
16163e230dd2SCorentin Chary }
16173e230dd2SCorentin Chary 
161871a8cdecSBlue Swirl static uint8_t read_u8(uint8_t *data, size_t offset)
16193e230dd2SCorentin Chary {
16203e230dd2SCorentin Chary     return data[offset];
16213e230dd2SCorentin Chary }
16223e230dd2SCorentin Chary 
162371a8cdecSBlue Swirl static uint16_t read_u16(uint8_t *data, size_t offset)
16243e230dd2SCorentin Chary {
16253e230dd2SCorentin Chary     return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF);
16263e230dd2SCorentin Chary }
16273e230dd2SCorentin Chary 
162871a8cdecSBlue Swirl static int32_t read_s32(uint8_t *data, size_t offset)
16293e230dd2SCorentin Chary {
16303e230dd2SCorentin Chary     return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) |
16313e230dd2SCorentin Chary                      (data[offset + 2] << 8) | data[offset + 3]);
16323e230dd2SCorentin Chary }
16333e230dd2SCorentin Chary 
16343e230dd2SCorentin Chary uint32_t read_u32(uint8_t *data, size_t offset)
16353e230dd2SCorentin Chary {
16363e230dd2SCorentin Chary     return ((data[offset] << 24) | (data[offset + 1] << 16) |
16373e230dd2SCorentin Chary             (data[offset + 2] << 8) | data[offset + 3]);
16383e230dd2SCorentin Chary }
16393e230dd2SCorentin Chary 
16403e230dd2SCorentin Chary static void client_cut_text(VncState *vs, size_t len, uint8_t *text)
16413e230dd2SCorentin Chary {
16423e230dd2SCorentin Chary }
16433e230dd2SCorentin Chary 
16449e8dd451SJan Kiszka static void check_pointer_type_change(Notifier *notifier, void *data)
16453e230dd2SCorentin Chary {
16463e230dd2SCorentin Chary     VncState *vs = container_of(notifier, VncState, mouse_mode_notifier);
164714768ebaSGerd Hoffmann     int absolute = qemu_input_is_absolute();
16483e230dd2SCorentin Chary 
16493e230dd2SCorentin Chary     if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) {
1650bd023f95SCorentin Chary         vnc_lock_output(vs);
16513e230dd2SCorentin Chary         vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
16523e230dd2SCorentin Chary         vnc_write_u8(vs, 0);
16533e230dd2SCorentin Chary         vnc_write_u16(vs, 1);
16543e230dd2SCorentin Chary         vnc_framebuffer_update(vs, absolute, 0,
1655bea60dd7SPeter Lieven                                pixman_image_get_width(vs->vd->server),
1656bea60dd7SPeter Lieven                                pixman_image_get_height(vs->vd->server),
16573e230dd2SCorentin Chary                                VNC_ENCODING_POINTER_TYPE_CHANGE);
1658bd023f95SCorentin Chary         vnc_unlock_output(vs);
16593e230dd2SCorentin Chary         vnc_flush(vs);
16603e230dd2SCorentin Chary     }
16613e230dd2SCorentin Chary     vs->absolute = absolute;
16623e230dd2SCorentin Chary }
16633e230dd2SCorentin Chary 
16643e230dd2SCorentin Chary static void pointer_event(VncState *vs, int button_mask, int x, int y)
16653e230dd2SCorentin Chary {
166614768ebaSGerd Hoffmann     static uint32_t bmap[INPUT_BUTTON_MAX] = {
166714768ebaSGerd Hoffmann         [INPUT_BUTTON_LEFT]       = 0x01,
166814768ebaSGerd Hoffmann         [INPUT_BUTTON_MIDDLE]     = 0x02,
166914768ebaSGerd Hoffmann         [INPUT_BUTTON_RIGHT]      = 0x04,
167014768ebaSGerd Hoffmann         [INPUT_BUTTON_WHEEL_UP]   = 0x08,
167114768ebaSGerd Hoffmann         [INPUT_BUTTON_WHEEL_DOWN] = 0x10,
167214768ebaSGerd Hoffmann     };
167314768ebaSGerd Hoffmann     QemuConsole *con = vs->vd->dcl.con;
1674bea60dd7SPeter Lieven     int width = pixman_image_get_width(vs->vd->server);
1675bea60dd7SPeter Lieven     int height = pixman_image_get_height(vs->vd->server);
16763e230dd2SCorentin Chary 
167714768ebaSGerd Hoffmann     if (vs->last_bmask != button_mask) {
167814768ebaSGerd Hoffmann         qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask);
167914768ebaSGerd Hoffmann         vs->last_bmask = button_mask;
168014768ebaSGerd Hoffmann     }
16813e230dd2SCorentin Chary 
16823e230dd2SCorentin Chary     if (vs->absolute) {
168314768ebaSGerd Hoffmann         qemu_input_queue_abs(con, INPUT_AXIS_X, x, width);
168414768ebaSGerd Hoffmann         qemu_input_queue_abs(con, INPUT_AXIS_Y, y, height);
16853e230dd2SCorentin Chary     } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) {
168614768ebaSGerd Hoffmann         qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF);
168714768ebaSGerd Hoffmann         qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF);
16883e230dd2SCorentin Chary     } else {
168914768ebaSGerd Hoffmann         if (vs->last_x != -1) {
169014768ebaSGerd Hoffmann             qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x);
169114768ebaSGerd Hoffmann             qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y);
169214768ebaSGerd Hoffmann         }
16933e230dd2SCorentin Chary         vs->last_x = x;
16943e230dd2SCorentin Chary         vs->last_y = y;
16953e230dd2SCorentin Chary     }
169614768ebaSGerd Hoffmann     qemu_input_event_sync();
16973e230dd2SCorentin Chary }
16983e230dd2SCorentin Chary 
16993e230dd2SCorentin Chary static void reset_keys(VncState *vs)
17003e230dd2SCorentin Chary {
17013e230dd2SCorentin Chary     int i;
17023e230dd2SCorentin Chary     for(i = 0; i < 256; i++) {
17033e230dd2SCorentin Chary         if (vs->modifiers_state[i]) {
17048d447d10SGerd Hoffmann             qemu_input_event_send_key_number(vs->vd->dcl.con, i, false);
17053e230dd2SCorentin Chary             vs->modifiers_state[i] = 0;
17063e230dd2SCorentin Chary         }
17073e230dd2SCorentin Chary     }
17083e230dd2SCorentin Chary }
17093e230dd2SCorentin Chary 
17103e230dd2SCorentin Chary static void press_key(VncState *vs, int keysym)
17113e230dd2SCorentin Chary {
17123e230dd2SCorentin Chary     int keycode = keysym2scancode(vs->vd->kbd_layout, keysym) & SCANCODE_KEYMASK;
17138d447d10SGerd Hoffmann     qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, true);
17142deb4accSGerd Hoffmann     qemu_input_event_send_key_delay(0);
17158d447d10SGerd Hoffmann     qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false);
17162deb4accSGerd Hoffmann     qemu_input_event_send_key_delay(0);
17173e230dd2SCorentin Chary }
17183e230dd2SCorentin Chary 
1719ab99e5c1SLei Li static int current_led_state(VncState *vs)
1720ab99e5c1SLei Li {
1721ab99e5c1SLei Li     int ledstate = 0;
1722ab99e5c1SLei Li 
1723ab99e5c1SLei Li     if (vs->modifiers_state[0x46]) {
1724ab99e5c1SLei Li         ledstate |= QEMU_SCROLL_LOCK_LED;
1725ab99e5c1SLei Li     }
1726ab99e5c1SLei Li     if (vs->modifiers_state[0x45]) {
1727ab99e5c1SLei Li         ledstate |= QEMU_NUM_LOCK_LED;
1728ab99e5c1SLei Li     }
1729ab99e5c1SLei Li     if (vs->modifiers_state[0x3a]) {
1730ab99e5c1SLei Li         ledstate |= QEMU_CAPS_LOCK_LED;
1731ab99e5c1SLei Li     }
1732ab99e5c1SLei Li 
1733ab99e5c1SLei Li     return ledstate;
1734ab99e5c1SLei Li }
1735ab99e5c1SLei Li 
1736ab99e5c1SLei Li static void vnc_led_state_change(VncState *vs)
1737ab99e5c1SLei Li {
1738ab99e5c1SLei Li     int ledstate = 0;
1739ab99e5c1SLei Li 
1740ab99e5c1SLei Li     if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) {
1741ab99e5c1SLei Li         return;
1742ab99e5c1SLei Li     }
1743ab99e5c1SLei Li 
1744ab99e5c1SLei Li     ledstate = current_led_state(vs);
1745ab99e5c1SLei Li     vnc_lock_output(vs);
1746ab99e5c1SLei Li     vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1747ab99e5c1SLei Li     vnc_write_u8(vs, 0);
1748ab99e5c1SLei Li     vnc_write_u16(vs, 1);
1749ab99e5c1SLei Li     vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE);
1750ab99e5c1SLei Li     vnc_write_u8(vs, ledstate);
1751ab99e5c1SLei Li     vnc_unlock_output(vs);
1752ab99e5c1SLei Li     vnc_flush(vs);
1753ab99e5c1SLei Li }
1754ab99e5c1SLei Li 
17553e230dd2SCorentin Chary static void kbd_leds(void *opaque, int ledstate)
17563e230dd2SCorentin Chary {
17573e230dd2SCorentin Chary     VncState *vs = opaque;
175896f3d174SLei Li     int caps, num, scr;
17591483adcfSLei Li     bool has_changed = (ledstate != current_led_state(vs));
17603e230dd2SCorentin Chary 
176140066175SGerd Hoffmann     trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED),
176240066175SGerd Hoffmann                              (ledstate & QEMU_NUM_LOCK_LED),
176340066175SGerd Hoffmann                              (ledstate & QEMU_SCROLL_LOCK_LED));
176440066175SGerd Hoffmann 
17653e230dd2SCorentin Chary     caps = ledstate & QEMU_CAPS_LOCK_LED ? 1 : 0;
17663e230dd2SCorentin Chary     num  = ledstate & QEMU_NUM_LOCK_LED  ? 1 : 0;
176796f3d174SLei Li     scr  = ledstate & QEMU_SCROLL_LOCK_LED ? 1 : 0;
17683e230dd2SCorentin Chary 
17693e230dd2SCorentin Chary     if (vs->modifiers_state[0x3a] != caps) {
17703e230dd2SCorentin Chary         vs->modifiers_state[0x3a] = caps;
17713e230dd2SCorentin Chary     }
17723e230dd2SCorentin Chary     if (vs->modifiers_state[0x45] != num) {
17733e230dd2SCorentin Chary         vs->modifiers_state[0x45] = num;
17743e230dd2SCorentin Chary     }
177596f3d174SLei Li     if (vs->modifiers_state[0x46] != scr) {
177696f3d174SLei Li         vs->modifiers_state[0x46] = scr;
177796f3d174SLei Li     }
1778ab99e5c1SLei Li 
1779ab99e5c1SLei Li     /* Sending the current led state message to the client */
17801483adcfSLei Li     if (has_changed) {
1781ab99e5c1SLei Li         vnc_led_state_change(vs);
1782ab99e5c1SLei Li     }
17833e230dd2SCorentin Chary }
17843e230dd2SCorentin Chary 
17853e230dd2SCorentin Chary static void do_key_event(VncState *vs, int down, int keycode, int sym)
17863e230dd2SCorentin Chary {
17873e230dd2SCorentin Chary     /* QEMU console switch */
17883e230dd2SCorentin Chary     switch(keycode) {
17893e230dd2SCorentin Chary     case 0x2a:                          /* Left Shift */
17903e230dd2SCorentin Chary     case 0x36:                          /* Right Shift */
17913e230dd2SCorentin Chary     case 0x1d:                          /* Left CTRL */
17923e230dd2SCorentin Chary     case 0x9d:                          /* Right CTRL */
17933e230dd2SCorentin Chary     case 0x38:                          /* Left ALT */
17943e230dd2SCorentin Chary     case 0xb8:                          /* Right ALT */
17953e230dd2SCorentin Chary         if (down)
17963e230dd2SCorentin Chary             vs->modifiers_state[keycode] = 1;
17973e230dd2SCorentin Chary         else
17983e230dd2SCorentin Chary             vs->modifiers_state[keycode] = 0;
17993e230dd2SCorentin Chary         break;
18003e230dd2SCorentin Chary     case 0x02 ... 0x0a: /* '1' to '9' keys */
18011d0d59feSGerd Hoffmann         if (vs->vd->dcl.con == NULL &&
18021d0d59feSGerd Hoffmann             down && vs->modifiers_state[0x1d] && vs->modifiers_state[0x38]) {
18033e230dd2SCorentin Chary             /* Reset the modifiers sent to the current console */
18043e230dd2SCorentin Chary             reset_keys(vs);
18053e230dd2SCorentin Chary             console_select(keycode - 0x02);
18063e230dd2SCorentin Chary             return;
18073e230dd2SCorentin Chary         }
18083e230dd2SCorentin Chary         break;
18093e230dd2SCorentin Chary     case 0x3a:                        /* CapsLock */
18103e230dd2SCorentin Chary     case 0x45:                        /* NumLock */
18113e230dd2SCorentin Chary         if (down)
18123e230dd2SCorentin Chary             vs->modifiers_state[keycode] ^= 1;
18133e230dd2SCorentin Chary         break;
18143e230dd2SCorentin Chary     }
18153e230dd2SCorentin Chary 
1816e7b2aaccSLei Li     /* Turn off the lock state sync logic if the client support the led
1817e7b2aaccSLei Li        state extension.
1818e7b2aaccSLei Li     */
18199892088bSGerd Hoffmann     if (down && vs->vd->lock_key_sync &&
1820e7b2aaccSLei Li         !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) &&
18213e230dd2SCorentin Chary         keycode_is_keypad(vs->vd->kbd_layout, keycode)) {
18223e230dd2SCorentin Chary         /* If the numlock state needs to change then simulate an additional
18233e230dd2SCorentin Chary            keypress before sending this one.  This will happen if the user
18243e230dd2SCorentin Chary            toggles numlock away from the VNC window.
18253e230dd2SCorentin Chary         */
18263e230dd2SCorentin Chary         if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) {
18273e230dd2SCorentin Chary             if (!vs->modifiers_state[0x45]) {
182840066175SGerd Hoffmann                 trace_vnc_key_sync_numlock(true);
18293e230dd2SCorentin Chary                 vs->modifiers_state[0x45] = 1;
18303e230dd2SCorentin Chary                 press_key(vs, 0xff7f);
18313e230dd2SCorentin Chary             }
18323e230dd2SCorentin Chary         } else {
18333e230dd2SCorentin Chary             if (vs->modifiers_state[0x45]) {
183440066175SGerd Hoffmann                 trace_vnc_key_sync_numlock(false);
18353e230dd2SCorentin Chary                 vs->modifiers_state[0x45] = 0;
18363e230dd2SCorentin Chary                 press_key(vs, 0xff7f);
18373e230dd2SCorentin Chary             }
18383e230dd2SCorentin Chary         }
18393e230dd2SCorentin Chary     }
18403e230dd2SCorentin Chary 
18419892088bSGerd Hoffmann     if (down && vs->vd->lock_key_sync &&
1842e7b2aaccSLei Li         !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) &&
18433e230dd2SCorentin Chary         ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) {
18443e230dd2SCorentin Chary         /* If the capslock state needs to change then simulate an additional
18453e230dd2SCorentin Chary            keypress before sending this one.  This will happen if the user
18463e230dd2SCorentin Chary            toggles capslock away from the VNC window.
18473e230dd2SCorentin Chary         */
18483e230dd2SCorentin Chary         int uppercase = !!(sym >= 'A' && sym <= 'Z');
18493e230dd2SCorentin Chary         int shift = !!(vs->modifiers_state[0x2a] | vs->modifiers_state[0x36]);
18503e230dd2SCorentin Chary         int capslock = !!(vs->modifiers_state[0x3a]);
18513e230dd2SCorentin Chary         if (capslock) {
18523e230dd2SCorentin Chary             if (uppercase == shift) {
185340066175SGerd Hoffmann                 trace_vnc_key_sync_capslock(false);
18543e230dd2SCorentin Chary                 vs->modifiers_state[0x3a] = 0;
18553e230dd2SCorentin Chary                 press_key(vs, 0xffe5);
18563e230dd2SCorentin Chary             }
18573e230dd2SCorentin Chary         } else {
18583e230dd2SCorentin Chary             if (uppercase != shift) {
185940066175SGerd Hoffmann                 trace_vnc_key_sync_capslock(true);
18603e230dd2SCorentin Chary                 vs->modifiers_state[0x3a] = 1;
18613e230dd2SCorentin Chary                 press_key(vs, 0xffe5);
18623e230dd2SCorentin Chary             }
18633e230dd2SCorentin Chary         }
18643e230dd2SCorentin Chary     }
18653e230dd2SCorentin Chary 
186681c0d5a6SGerd Hoffmann     if (qemu_console_is_graphic(NULL)) {
18678d447d10SGerd Hoffmann         qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, down);
18683e230dd2SCorentin Chary     } else {
1869e26437c2SGerd Hoffmann         bool numlock = vs->modifiers_state[0x45];
1870e26437c2SGerd Hoffmann         bool control = (vs->modifiers_state[0x1d] ||
1871e26437c2SGerd Hoffmann                         vs->modifiers_state[0x9d]);
18723e230dd2SCorentin Chary         /* QEMU console emulation */
18733e230dd2SCorentin Chary         if (down) {
18743e230dd2SCorentin Chary             switch (keycode) {
18753e230dd2SCorentin Chary             case 0x2a:                          /* Left Shift */
18763e230dd2SCorentin Chary             case 0x36:                          /* Right Shift */
18773e230dd2SCorentin Chary             case 0x1d:                          /* Left CTRL */
18783e230dd2SCorentin Chary             case 0x9d:                          /* Right CTRL */
18793e230dd2SCorentin Chary             case 0x38:                          /* Left ALT */
18803e230dd2SCorentin Chary             case 0xb8:                          /* Right ALT */
18813e230dd2SCorentin Chary                 break;
18823e230dd2SCorentin Chary             case 0xc8:
18833e230dd2SCorentin Chary                 kbd_put_keysym(QEMU_KEY_UP);
18843e230dd2SCorentin Chary                 break;
18853e230dd2SCorentin Chary             case 0xd0:
18863e230dd2SCorentin Chary                 kbd_put_keysym(QEMU_KEY_DOWN);
18873e230dd2SCorentin Chary                 break;
18883e230dd2SCorentin Chary             case 0xcb:
18893e230dd2SCorentin Chary                 kbd_put_keysym(QEMU_KEY_LEFT);
18903e230dd2SCorentin Chary                 break;
18913e230dd2SCorentin Chary             case 0xcd:
18923e230dd2SCorentin Chary                 kbd_put_keysym(QEMU_KEY_RIGHT);
18933e230dd2SCorentin Chary                 break;
18943e230dd2SCorentin Chary             case 0xd3:
18953e230dd2SCorentin Chary                 kbd_put_keysym(QEMU_KEY_DELETE);
18963e230dd2SCorentin Chary                 break;
18973e230dd2SCorentin Chary             case 0xc7:
18983e230dd2SCorentin Chary                 kbd_put_keysym(QEMU_KEY_HOME);
18993e230dd2SCorentin Chary                 break;
19003e230dd2SCorentin Chary             case 0xcf:
19013e230dd2SCorentin Chary                 kbd_put_keysym(QEMU_KEY_END);
19023e230dd2SCorentin Chary                 break;
19033e230dd2SCorentin Chary             case 0xc9:
19043e230dd2SCorentin Chary                 kbd_put_keysym(QEMU_KEY_PAGEUP);
19053e230dd2SCorentin Chary                 break;
19063e230dd2SCorentin Chary             case 0xd1:
19073e230dd2SCorentin Chary                 kbd_put_keysym(QEMU_KEY_PAGEDOWN);
19083e230dd2SCorentin Chary                 break;
19093e230dd2SCorentin Chary 
19103e230dd2SCorentin Chary             case 0x47:
19113e230dd2SCorentin Chary                 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME);
19123e230dd2SCorentin Chary                 break;
19133e230dd2SCorentin Chary             case 0x48:
19143e230dd2SCorentin Chary                 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP);
19153e230dd2SCorentin Chary                 break;
19163e230dd2SCorentin Chary             case 0x49:
19173e230dd2SCorentin Chary                 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP);
19183e230dd2SCorentin Chary                 break;
19193e230dd2SCorentin Chary             case 0x4b:
19203e230dd2SCorentin Chary                 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT);
19213e230dd2SCorentin Chary                 break;
19223e230dd2SCorentin Chary             case 0x4c:
19233e230dd2SCorentin Chary                 kbd_put_keysym('5');
19243e230dd2SCorentin Chary                 break;
19253e230dd2SCorentin Chary             case 0x4d:
19263e230dd2SCorentin Chary                 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT);
19273e230dd2SCorentin Chary                 break;
19283e230dd2SCorentin Chary             case 0x4f:
19293e230dd2SCorentin Chary                 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END);
19303e230dd2SCorentin Chary                 break;
19313e230dd2SCorentin Chary             case 0x50:
19323e230dd2SCorentin Chary                 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN);
19333e230dd2SCorentin Chary                 break;
19343e230dd2SCorentin Chary             case 0x51:
19353e230dd2SCorentin Chary                 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN);
19363e230dd2SCorentin Chary                 break;
19373e230dd2SCorentin Chary             case 0x52:
19383e230dd2SCorentin Chary                 kbd_put_keysym('0');
19393e230dd2SCorentin Chary                 break;
19403e230dd2SCorentin Chary             case 0x53:
19413e230dd2SCorentin Chary                 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE);
19423e230dd2SCorentin Chary                 break;
19433e230dd2SCorentin Chary 
19443e230dd2SCorentin Chary             case 0xb5:
19453e230dd2SCorentin Chary                 kbd_put_keysym('/');
19463e230dd2SCorentin Chary                 break;
19473e230dd2SCorentin Chary             case 0x37:
19483e230dd2SCorentin Chary                 kbd_put_keysym('*');
19493e230dd2SCorentin Chary                 break;
19503e230dd2SCorentin Chary             case 0x4a:
19513e230dd2SCorentin Chary                 kbd_put_keysym('-');
19523e230dd2SCorentin Chary                 break;
19533e230dd2SCorentin Chary             case 0x4e:
19543e230dd2SCorentin Chary                 kbd_put_keysym('+');
19553e230dd2SCorentin Chary                 break;
19563e230dd2SCorentin Chary             case 0x9c:
19573e230dd2SCorentin Chary                 kbd_put_keysym('\n');
19583e230dd2SCorentin Chary                 break;
19593e230dd2SCorentin Chary 
19603e230dd2SCorentin Chary             default:
1961e26437c2SGerd Hoffmann                 if (control) {
1962e26437c2SGerd Hoffmann                     kbd_put_keysym(sym & 0x1f);
1963e26437c2SGerd Hoffmann                 } else {
19643e230dd2SCorentin Chary                     kbd_put_keysym(sym);
1965e26437c2SGerd Hoffmann                 }
19663e230dd2SCorentin Chary                 break;
19673e230dd2SCorentin Chary             }
19683e230dd2SCorentin Chary         }
19693e230dd2SCorentin Chary     }
19703e230dd2SCorentin Chary }
19713e230dd2SCorentin Chary 
19727bc9318bSGerd Hoffmann static void vnc_release_modifiers(VncState *vs)
19737bc9318bSGerd Hoffmann {
19747bc9318bSGerd Hoffmann     static const int keycodes[] = {
19757bc9318bSGerd Hoffmann         /* shift, control, alt keys, both left & right */
19767bc9318bSGerd Hoffmann         0x2a, 0x36, 0x1d, 0x9d, 0x38, 0xb8,
19777bc9318bSGerd Hoffmann     };
19787bc9318bSGerd Hoffmann     int i, keycode;
19797bc9318bSGerd Hoffmann 
198081c0d5a6SGerd Hoffmann     if (!qemu_console_is_graphic(NULL)) {
19817bc9318bSGerd Hoffmann         return;
19827bc9318bSGerd Hoffmann     }
19837bc9318bSGerd Hoffmann     for (i = 0; i < ARRAY_SIZE(keycodes); i++) {
19847bc9318bSGerd Hoffmann         keycode = keycodes[i];
19857bc9318bSGerd Hoffmann         if (!vs->modifiers_state[keycode]) {
19867bc9318bSGerd Hoffmann             continue;
19877bc9318bSGerd Hoffmann         }
19888d447d10SGerd Hoffmann         qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false);
19897bc9318bSGerd Hoffmann     }
19907bc9318bSGerd Hoffmann }
19917bc9318bSGerd Hoffmann 
199240066175SGerd Hoffmann static const char *code2name(int keycode)
199340066175SGerd Hoffmann {
199440066175SGerd Hoffmann     return QKeyCode_lookup[qemu_input_key_number_to_qcode(keycode)];
199540066175SGerd Hoffmann }
199640066175SGerd Hoffmann 
19973e230dd2SCorentin Chary static void key_event(VncState *vs, int down, uint32_t sym)
19983e230dd2SCorentin Chary {
19993e230dd2SCorentin Chary     int keycode;
20003e230dd2SCorentin Chary     int lsym = sym;
20013e230dd2SCorentin Chary 
200281c0d5a6SGerd Hoffmann     if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) {
20033e230dd2SCorentin Chary         lsym = lsym - 'A' + 'a';
20043e230dd2SCorentin Chary     }
20053e230dd2SCorentin Chary 
20063e230dd2SCorentin Chary     keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF) & SCANCODE_KEYMASK;
200740066175SGerd Hoffmann     trace_vnc_key_event_map(down, sym, keycode, code2name(keycode));
20083e230dd2SCorentin Chary     do_key_event(vs, down, keycode, sym);
20093e230dd2SCorentin Chary }
20103e230dd2SCorentin Chary 
20113e230dd2SCorentin Chary static void ext_key_event(VncState *vs, int down,
20123e230dd2SCorentin Chary                           uint32_t sym, uint16_t keycode)
20133e230dd2SCorentin Chary {
20143e230dd2SCorentin Chary     /* if the user specifies a keyboard layout, always use it */
201540066175SGerd Hoffmann     if (keyboard_layout) {
20163e230dd2SCorentin Chary         key_event(vs, down, sym);
201740066175SGerd Hoffmann     } else {
201840066175SGerd Hoffmann         trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode));
20193e230dd2SCorentin Chary         do_key_event(vs, down, keycode, sym);
20203e230dd2SCorentin Chary     }
202140066175SGerd Hoffmann }
20223e230dd2SCorentin Chary 
20233e230dd2SCorentin Chary static void framebuffer_update_request(VncState *vs, int incremental,
2024bea60dd7SPeter Lieven                                        int x, int y, int w, int h)
20253e230dd2SCorentin Chary {
2026bea60dd7SPeter Lieven     int width = pixman_image_get_width(vs->vd->server);
2027bea60dd7SPeter Lieven     int height = pixman_image_get_height(vs->vd->server);
20283e230dd2SCorentin Chary 
20293e230dd2SCorentin Chary     vs->need_update = 1;
2030bea60dd7SPeter Lieven 
2031bea60dd7SPeter Lieven     if (incremental) {
2032bea60dd7SPeter Lieven         return;
20333e230dd2SCorentin Chary     }
2034bea60dd7SPeter Lieven 
203507535a89SStephan Kulow     vs->force_update = 1;
2036bea60dd7SPeter Lieven     vnc_set_area_dirty(vs->dirty, width, height, x, y, w, h);
20373e230dd2SCorentin Chary }
20383e230dd2SCorentin Chary 
20393e230dd2SCorentin Chary static void send_ext_key_event_ack(VncState *vs)
20403e230dd2SCorentin Chary {
2041bd023f95SCorentin Chary     vnc_lock_output(vs);
20423e230dd2SCorentin Chary     vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
20433e230dd2SCorentin Chary     vnc_write_u8(vs, 0);
20443e230dd2SCorentin Chary     vnc_write_u16(vs, 1);
2045d39fa6d8SGerd Hoffmann     vnc_framebuffer_update(vs, 0, 0,
2046bea60dd7SPeter Lieven                            pixman_image_get_width(vs->vd->server),
2047bea60dd7SPeter Lieven                            pixman_image_get_height(vs->vd->server),
20483e230dd2SCorentin Chary                            VNC_ENCODING_EXT_KEY_EVENT);
2049bd023f95SCorentin Chary     vnc_unlock_output(vs);
20503e230dd2SCorentin Chary     vnc_flush(vs);
20513e230dd2SCorentin Chary }
20523e230dd2SCorentin Chary 
20533e230dd2SCorentin Chary static void send_ext_audio_ack(VncState *vs)
20543e230dd2SCorentin Chary {
2055bd023f95SCorentin Chary     vnc_lock_output(vs);
20563e230dd2SCorentin Chary     vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
20573e230dd2SCorentin Chary     vnc_write_u8(vs, 0);
20583e230dd2SCorentin Chary     vnc_write_u16(vs, 1);
2059d39fa6d8SGerd Hoffmann     vnc_framebuffer_update(vs, 0, 0,
2060bea60dd7SPeter Lieven                            pixman_image_get_width(vs->vd->server),
2061bea60dd7SPeter Lieven                            pixman_image_get_height(vs->vd->server),
20623e230dd2SCorentin Chary                            VNC_ENCODING_AUDIO);
2063bd023f95SCorentin Chary     vnc_unlock_output(vs);
20643e230dd2SCorentin Chary     vnc_flush(vs);
20653e230dd2SCorentin Chary }
20663e230dd2SCorentin Chary 
20673e230dd2SCorentin Chary static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings)
20683e230dd2SCorentin Chary {
20693e230dd2SCorentin Chary     int i;
20703e230dd2SCorentin Chary     unsigned int enc = 0;
20713e230dd2SCorentin Chary 
20723e230dd2SCorentin Chary     vs->features = 0;
20733e230dd2SCorentin Chary     vs->vnc_encoding = 0;
2074d1af0e05SCorentin Chary     vs->tight.compression = 9;
2075d1af0e05SCorentin Chary     vs->tight.quality = -1; /* Lossless by default */
20763e230dd2SCorentin Chary     vs->absolute = -1;
20773e230dd2SCorentin Chary 
20783e230dd2SCorentin Chary     /*
20793e230dd2SCorentin Chary      * Start from the end because the encodings are sent in order of preference.
2080e5bed759SDong Xu Wang      * This way the preferred encoding (first encoding defined in the array)
20813e230dd2SCorentin Chary      * will be set at the end of the loop.
20823e230dd2SCorentin Chary      */
20833e230dd2SCorentin Chary     for (i = n_encodings - 1; i >= 0; i--) {
20843e230dd2SCorentin Chary         enc = encodings[i];
20853e230dd2SCorentin Chary         switch (enc) {
20863e230dd2SCorentin Chary         case VNC_ENCODING_RAW:
20873e230dd2SCorentin Chary             vs->vnc_encoding = enc;
20883e230dd2SCorentin Chary             break;
20893e230dd2SCorentin Chary         case VNC_ENCODING_COPYRECT:
20903e230dd2SCorentin Chary             vs->features |= VNC_FEATURE_COPYRECT_MASK;
20913e230dd2SCorentin Chary             break;
20923e230dd2SCorentin Chary         case VNC_ENCODING_HEXTILE:
20933e230dd2SCorentin Chary             vs->features |= VNC_FEATURE_HEXTILE_MASK;
20943e230dd2SCorentin Chary             vs->vnc_encoding = enc;
20953e230dd2SCorentin Chary             break;
20963e230dd2SCorentin Chary         case VNC_ENCODING_TIGHT:
20973e230dd2SCorentin Chary             vs->features |= VNC_FEATURE_TIGHT_MASK;
20983e230dd2SCorentin Chary             vs->vnc_encoding = enc;
20993e230dd2SCorentin Chary             break;
2100fe3e7f2dSJoel Martin #ifdef CONFIG_VNC_PNG
2101efe556adSCorentin Chary         case VNC_ENCODING_TIGHT_PNG:
2102efe556adSCorentin Chary             vs->features |= VNC_FEATURE_TIGHT_PNG_MASK;
2103efe556adSCorentin Chary             vs->vnc_encoding = enc;
2104efe556adSCorentin Chary             break;
2105fe3e7f2dSJoel Martin #endif
21063e230dd2SCorentin Chary         case VNC_ENCODING_ZLIB:
21073e230dd2SCorentin Chary             vs->features |= VNC_FEATURE_ZLIB_MASK;
21083e230dd2SCorentin Chary             vs->vnc_encoding = enc;
21093e230dd2SCorentin Chary             break;
2110148954faSCorentin Chary         case VNC_ENCODING_ZRLE:
2111148954faSCorentin Chary             vs->features |= VNC_FEATURE_ZRLE_MASK;
2112148954faSCorentin Chary             vs->vnc_encoding = enc;
2113148954faSCorentin Chary             break;
2114148954faSCorentin Chary         case VNC_ENCODING_ZYWRLE:
2115148954faSCorentin Chary             vs->features |= VNC_FEATURE_ZYWRLE_MASK;
2116148954faSCorentin Chary             vs->vnc_encoding = enc;
2117148954faSCorentin Chary             break;
21183e230dd2SCorentin Chary         case VNC_ENCODING_DESKTOPRESIZE:
21193e230dd2SCorentin Chary             vs->features |= VNC_FEATURE_RESIZE_MASK;
21203e230dd2SCorentin Chary             break;
21213e230dd2SCorentin Chary         case VNC_ENCODING_POINTER_TYPE_CHANGE:
21223e230dd2SCorentin Chary             vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK;
21233e230dd2SCorentin Chary             break;
21243e230dd2SCorentin Chary         case VNC_ENCODING_RICH_CURSOR:
21253e230dd2SCorentin Chary             vs->features |= VNC_FEATURE_RICH_CURSOR_MASK;
21263e230dd2SCorentin Chary             break;
21273e230dd2SCorentin Chary         case VNC_ENCODING_EXT_KEY_EVENT:
21283e230dd2SCorentin Chary             send_ext_key_event_ack(vs);
21293e230dd2SCorentin Chary             break;
21303e230dd2SCorentin Chary         case VNC_ENCODING_AUDIO:
21313e230dd2SCorentin Chary             send_ext_audio_ack(vs);
21323e230dd2SCorentin Chary             break;
21333e230dd2SCorentin Chary         case VNC_ENCODING_WMVi:
21343e230dd2SCorentin Chary             vs->features |= VNC_FEATURE_WMVI_MASK;
21353e230dd2SCorentin Chary             break;
2136ab99e5c1SLei Li         case VNC_ENCODING_LED_STATE:
2137ab99e5c1SLei Li             vs->features |= VNC_FEATURE_LED_STATE_MASK;
2138ab99e5c1SLei Li             break;
21393e230dd2SCorentin Chary         case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9:
2140d1af0e05SCorentin Chary             vs->tight.compression = (enc & 0x0F);
21413e230dd2SCorentin Chary             break;
21423e230dd2SCorentin Chary         case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9:
2143b31f519eSCorentin Chary             if (vs->vd->lossy) {
2144d1af0e05SCorentin Chary                 vs->tight.quality = (enc & 0x0F);
2145b31f519eSCorentin Chary             }
21463e230dd2SCorentin Chary             break;
21473e230dd2SCorentin Chary         default:
21483e230dd2SCorentin Chary             VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc);
21493e230dd2SCorentin Chary             break;
21503e230dd2SCorentin Chary         }
21513e230dd2SCorentin Chary     }
21523e230dd2SCorentin Chary     vnc_desktop_resize(vs);
21539e8dd451SJan Kiszka     check_pointer_type_change(&vs->mouse_mode_notifier, NULL);
2154ab99e5c1SLei Li     vnc_led_state_change(vs);
21553e230dd2SCorentin Chary }
21563e230dd2SCorentin Chary 
21573e230dd2SCorentin Chary static void set_pixel_conversion(VncState *vs)
21583e230dd2SCorentin Chary {
21599f64916dSGerd Hoffmann     pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf);
21609f64916dSGerd Hoffmann 
21619f64916dSGerd Hoffmann     if (fmt == VNC_SERVER_FB_FORMAT) {
21623e230dd2SCorentin Chary         vs->write_pixels = vnc_write_pixels_copy;
21633e230dd2SCorentin Chary         vnc_hextile_set_pixel_conversion(vs, 0);
21643e230dd2SCorentin Chary     } else {
21653e230dd2SCorentin Chary         vs->write_pixels = vnc_write_pixels_generic;
21663e230dd2SCorentin Chary         vnc_hextile_set_pixel_conversion(vs, 1);
21673e230dd2SCorentin Chary     }
21683e230dd2SCorentin Chary }
21693e230dd2SCorentin Chary 
21703e230dd2SCorentin Chary static void set_pixel_format(VncState *vs,
21713e230dd2SCorentin Chary                              int bits_per_pixel, int depth,
21723e230dd2SCorentin Chary                              int big_endian_flag, int true_color_flag,
21733e230dd2SCorentin Chary                              int red_max, int green_max, int blue_max,
21743e230dd2SCorentin Chary                              int red_shift, int green_shift, int blue_shift)
21753e230dd2SCorentin Chary {
21763e230dd2SCorentin Chary     if (!true_color_flag) {
21773e230dd2SCorentin Chary         vnc_client_error(vs);
21783e230dd2SCorentin Chary         return;
21793e230dd2SCorentin Chary     }
21803e230dd2SCorentin Chary 
2181e6908bfeSPetr Matousek     switch (bits_per_pixel) {
2182e6908bfeSPetr Matousek     case 8:
2183e6908bfeSPetr Matousek     case 16:
2184e6908bfeSPetr Matousek     case 32:
2185e6908bfeSPetr Matousek         break;
2186e6908bfeSPetr Matousek     default:
2187e6908bfeSPetr Matousek         vnc_client_error(vs);
2188e6908bfeSPetr Matousek         return;
2189e6908bfeSPetr Matousek     }
2190e6908bfeSPetr Matousek 
21919f64916dSGerd Hoffmann     vs->client_pf.rmax = red_max;
21929f64916dSGerd Hoffmann     vs->client_pf.rbits = hweight_long(red_max);
21939f64916dSGerd Hoffmann     vs->client_pf.rshift = red_shift;
21949f64916dSGerd Hoffmann     vs->client_pf.rmask = red_max << red_shift;
21959f64916dSGerd Hoffmann     vs->client_pf.gmax = green_max;
21969f64916dSGerd Hoffmann     vs->client_pf.gbits = hweight_long(green_max);
21979f64916dSGerd Hoffmann     vs->client_pf.gshift = green_shift;
21989f64916dSGerd Hoffmann     vs->client_pf.gmask = green_max << green_shift;
21999f64916dSGerd Hoffmann     vs->client_pf.bmax = blue_max;
22009f64916dSGerd Hoffmann     vs->client_pf.bbits = hweight_long(blue_max);
22019f64916dSGerd Hoffmann     vs->client_pf.bshift = blue_shift;
22029f64916dSGerd Hoffmann     vs->client_pf.bmask = blue_max << blue_shift;
22039f64916dSGerd Hoffmann     vs->client_pf.bits_per_pixel = bits_per_pixel;
22049f64916dSGerd Hoffmann     vs->client_pf.bytes_per_pixel = bits_per_pixel / 8;
22059f64916dSGerd Hoffmann     vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel;
22069f64916dSGerd Hoffmann     vs->client_be = big_endian_flag;
22073e230dd2SCorentin Chary 
22083e230dd2SCorentin Chary     set_pixel_conversion(vs);
22093e230dd2SCorentin Chary 
22101d0d59feSGerd Hoffmann     graphic_hw_invalidate(vs->vd->dcl.con);
22111d0d59feSGerd Hoffmann     graphic_hw_update(vs->vd->dcl.con);
22123e230dd2SCorentin Chary }
22133e230dd2SCorentin Chary 
22143e230dd2SCorentin Chary static void pixel_format_message (VncState *vs) {
22153e230dd2SCorentin Chary     char pad[3] = { 0, 0, 0 };
22163e230dd2SCorentin Chary 
22179f64916dSGerd Hoffmann     vs->client_pf = qemu_default_pixelformat(32);
22189f64916dSGerd Hoffmann 
22199f64916dSGerd Hoffmann     vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */
22209f64916dSGerd Hoffmann     vnc_write_u8(vs, vs->client_pf.depth); /* depth */
22213e230dd2SCorentin Chary 
22223e230dd2SCorentin Chary #ifdef HOST_WORDS_BIGENDIAN
22233e230dd2SCorentin Chary     vnc_write_u8(vs, 1);             /* big-endian-flag */
22243e230dd2SCorentin Chary #else
22253e230dd2SCorentin Chary     vnc_write_u8(vs, 0);             /* big-endian-flag */
22263e230dd2SCorentin Chary #endif
22273e230dd2SCorentin Chary     vnc_write_u8(vs, 1);             /* true-color-flag */
22289f64916dSGerd Hoffmann     vnc_write_u16(vs, vs->client_pf.rmax);     /* red-max */
22299f64916dSGerd Hoffmann     vnc_write_u16(vs, vs->client_pf.gmax);     /* green-max */
22309f64916dSGerd Hoffmann     vnc_write_u16(vs, vs->client_pf.bmax);     /* blue-max */
22319f64916dSGerd Hoffmann     vnc_write_u8(vs, vs->client_pf.rshift);    /* red-shift */
22329f64916dSGerd Hoffmann     vnc_write_u8(vs, vs->client_pf.gshift);    /* green-shift */
22339f64916dSGerd Hoffmann     vnc_write_u8(vs, vs->client_pf.bshift);    /* blue-shift */
22349f64916dSGerd Hoffmann     vnc_write(vs, pad, 3);           /* padding */
22353e230dd2SCorentin Chary 
22363e230dd2SCorentin Chary     vnc_hextile_set_pixel_conversion(vs, 0);
22373e230dd2SCorentin Chary     vs->write_pixels = vnc_write_pixels_copy;
22383e230dd2SCorentin Chary }
22393e230dd2SCorentin Chary 
22403e230dd2SCorentin Chary static void vnc_colordepth(VncState *vs)
22413e230dd2SCorentin Chary {
22423e230dd2SCorentin Chary     if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) {
22433e230dd2SCorentin Chary         /* Sending a WMVi message to notify the client*/
2244bd023f95SCorentin Chary         vnc_lock_output(vs);
22453e230dd2SCorentin Chary         vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
22463e230dd2SCorentin Chary         vnc_write_u8(vs, 0);
22473e230dd2SCorentin Chary         vnc_write_u16(vs, 1); /* number of rects */
2248d39fa6d8SGerd Hoffmann         vnc_framebuffer_update(vs, 0, 0,
2249bea60dd7SPeter Lieven                                pixman_image_get_width(vs->vd->server),
2250bea60dd7SPeter Lieven                                pixman_image_get_height(vs->vd->server),
2251d39fa6d8SGerd Hoffmann                                VNC_ENCODING_WMVi);
22523e230dd2SCorentin Chary         pixel_format_message(vs);
2253bd023f95SCorentin Chary         vnc_unlock_output(vs);
22543e230dd2SCorentin Chary         vnc_flush(vs);
22553e230dd2SCorentin Chary     } else {
22563e230dd2SCorentin Chary         set_pixel_conversion(vs);
22573e230dd2SCorentin Chary     }
22583e230dd2SCorentin Chary }
22593e230dd2SCorentin Chary 
22603e230dd2SCorentin Chary static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
22613e230dd2SCorentin Chary {
22623e230dd2SCorentin Chary     int i;
22633e230dd2SCorentin Chary     uint16_t limit;
22643e230dd2SCorentin Chary     VncDisplay *vd = vs->vd;
22653e230dd2SCorentin Chary 
22663e230dd2SCorentin Chary     if (data[0] > 3) {
22670f7b2864SGerd Hoffmann         update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
22683e230dd2SCorentin Chary     }
22693e230dd2SCorentin Chary 
22703e230dd2SCorentin Chary     switch (data[0]) {
22713e230dd2SCorentin Chary     case VNC_MSG_CLIENT_SET_PIXEL_FORMAT:
22723e230dd2SCorentin Chary         if (len == 1)
22733e230dd2SCorentin Chary             return 20;
22743e230dd2SCorentin Chary 
22753e230dd2SCorentin Chary         set_pixel_format(vs, read_u8(data, 4), read_u8(data, 5),
22763e230dd2SCorentin Chary                          read_u8(data, 6), read_u8(data, 7),
22773e230dd2SCorentin Chary                          read_u16(data, 8), read_u16(data, 10),
22783e230dd2SCorentin Chary                          read_u16(data, 12), read_u8(data, 14),
22793e230dd2SCorentin Chary                          read_u8(data, 15), read_u8(data, 16));
22803e230dd2SCorentin Chary         break;
22813e230dd2SCorentin Chary     case VNC_MSG_CLIENT_SET_ENCODINGS:
22823e230dd2SCorentin Chary         if (len == 1)
22833e230dd2SCorentin Chary             return 4;
22843e230dd2SCorentin Chary 
22853e230dd2SCorentin Chary         if (len == 4) {
22863e230dd2SCorentin Chary             limit = read_u16(data, 2);
22873e230dd2SCorentin Chary             if (limit > 0)
22883e230dd2SCorentin Chary                 return 4 + (limit * 4);
22893e230dd2SCorentin Chary         } else
22903e230dd2SCorentin Chary             limit = read_u16(data, 2);
22913e230dd2SCorentin Chary 
22923e230dd2SCorentin Chary         for (i = 0; i < limit; i++) {
22933e230dd2SCorentin Chary             int32_t val = read_s32(data, 4 + (i * 4));
22943e230dd2SCorentin Chary             memcpy(data + 4 + (i * 4), &val, sizeof(val));
22953e230dd2SCorentin Chary         }
22963e230dd2SCorentin Chary 
22973e230dd2SCorentin Chary         set_encodings(vs, (int32_t *)(data + 4), limit);
22983e230dd2SCorentin Chary         break;
22993e230dd2SCorentin Chary     case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST:
23003e230dd2SCorentin Chary         if (len == 1)
23013e230dd2SCorentin Chary             return 10;
23023e230dd2SCorentin Chary 
23033e230dd2SCorentin Chary         framebuffer_update_request(vs,
23043e230dd2SCorentin Chary                                    read_u8(data, 1), read_u16(data, 2), read_u16(data, 4),
23053e230dd2SCorentin Chary                                    read_u16(data, 6), read_u16(data, 8));
23063e230dd2SCorentin Chary         break;
23073e230dd2SCorentin Chary     case VNC_MSG_CLIENT_KEY_EVENT:
23083e230dd2SCorentin Chary         if (len == 1)
23093e230dd2SCorentin Chary             return 8;
23103e230dd2SCorentin Chary 
23113e230dd2SCorentin Chary         key_event(vs, read_u8(data, 1), read_u32(data, 4));
23123e230dd2SCorentin Chary         break;
23133e230dd2SCorentin Chary     case VNC_MSG_CLIENT_POINTER_EVENT:
23143e230dd2SCorentin Chary         if (len == 1)
23153e230dd2SCorentin Chary             return 6;
23163e230dd2SCorentin Chary 
23173e230dd2SCorentin Chary         pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4));
23183e230dd2SCorentin Chary         break;
23193e230dd2SCorentin Chary     case VNC_MSG_CLIENT_CUT_TEXT:
2320f9a70e79SPeter Lieven         if (len == 1) {
23213e230dd2SCorentin Chary             return 8;
2322f9a70e79SPeter Lieven         }
23233e230dd2SCorentin Chary         if (len == 8) {
23243e230dd2SCorentin Chary             uint32_t dlen = read_u32(data, 4);
2325f9a70e79SPeter Lieven             if (dlen > (1 << 20)) {
2326f9a70e79SPeter Lieven                 error_report("vnc: client_cut_text msg payload has %u bytes"
2327f9a70e79SPeter Lieven                              " which exceeds our limit of 1MB.", dlen);
2328f9a70e79SPeter Lieven                 vnc_client_error(vs);
2329f9a70e79SPeter Lieven                 break;
2330f9a70e79SPeter Lieven             }
2331f9a70e79SPeter Lieven             if (dlen > 0) {
23323e230dd2SCorentin Chary                 return 8 + dlen;
23333e230dd2SCorentin Chary             }
2334f9a70e79SPeter Lieven         }
23353e230dd2SCorentin Chary 
23363e230dd2SCorentin Chary         client_cut_text(vs, read_u32(data, 4), data + 8);
23373e230dd2SCorentin Chary         break;
23383e230dd2SCorentin Chary     case VNC_MSG_CLIENT_QEMU:
23393e230dd2SCorentin Chary         if (len == 1)
23403e230dd2SCorentin Chary             return 2;
23413e230dd2SCorentin Chary 
23423e230dd2SCorentin Chary         switch (read_u8(data, 1)) {
23433e230dd2SCorentin Chary         case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT:
23443e230dd2SCorentin Chary             if (len == 2)
23453e230dd2SCorentin Chary                 return 12;
23463e230dd2SCorentin Chary 
23473e230dd2SCorentin Chary             ext_key_event(vs, read_u16(data, 2),
23483e230dd2SCorentin Chary                           read_u32(data, 4), read_u32(data, 8));
23493e230dd2SCorentin Chary             break;
23503e230dd2SCorentin Chary         case VNC_MSG_CLIENT_QEMU_AUDIO:
23513e230dd2SCorentin Chary             if (len == 2)
23523e230dd2SCorentin Chary                 return 4;
23533e230dd2SCorentin Chary 
23543e230dd2SCorentin Chary             switch (read_u16 (data, 2)) {
23553e230dd2SCorentin Chary             case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE:
23563e230dd2SCorentin Chary                 audio_add(vs);
23573e230dd2SCorentin Chary                 break;
23583e230dd2SCorentin Chary             case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE:
23593e230dd2SCorentin Chary                 audio_del(vs);
23603e230dd2SCorentin Chary                 break;
23613e230dd2SCorentin Chary             case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT:
23623e230dd2SCorentin Chary                 if (len == 4)
23633e230dd2SCorentin Chary                     return 10;
23643e230dd2SCorentin Chary                 switch (read_u8(data, 4)) {
23653e230dd2SCorentin Chary                 case 0: vs->as.fmt = AUD_FMT_U8; break;
23663e230dd2SCorentin Chary                 case 1: vs->as.fmt = AUD_FMT_S8; break;
23673e230dd2SCorentin Chary                 case 2: vs->as.fmt = AUD_FMT_U16; break;
23683e230dd2SCorentin Chary                 case 3: vs->as.fmt = AUD_FMT_S16; break;
23693e230dd2SCorentin Chary                 case 4: vs->as.fmt = AUD_FMT_U32; break;
23703e230dd2SCorentin Chary                 case 5: vs->as.fmt = AUD_FMT_S32; break;
23713e230dd2SCorentin Chary                 default:
2372153130cdSDaniel P. Berrange                     VNC_DEBUG("Invalid audio format %d\n", read_u8(data, 4));
23733e230dd2SCorentin Chary                     vnc_client_error(vs);
23743e230dd2SCorentin Chary                     break;
23753e230dd2SCorentin Chary                 }
23763e230dd2SCorentin Chary                 vs->as.nchannels = read_u8(data, 5);
23773e230dd2SCorentin Chary                 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) {
2378153130cdSDaniel P. Berrange                     VNC_DEBUG("Invalid audio channel coount %d\n",
23793e230dd2SCorentin Chary                               read_u8(data, 5));
23803e230dd2SCorentin Chary                     vnc_client_error(vs);
23813e230dd2SCorentin Chary                     break;
23823e230dd2SCorentin Chary                 }
23833e230dd2SCorentin Chary                 vs->as.freq = read_u32(data, 6);
23843e230dd2SCorentin Chary                 break;
23853e230dd2SCorentin Chary             default:
2386153130cdSDaniel P. Berrange                 VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4));
23873e230dd2SCorentin Chary                 vnc_client_error(vs);
23883e230dd2SCorentin Chary                 break;
23893e230dd2SCorentin Chary             }
23903e230dd2SCorentin Chary             break;
23913e230dd2SCorentin Chary 
23923e230dd2SCorentin Chary         default:
2393153130cdSDaniel P. Berrange             VNC_DEBUG("Msg: %d\n", read_u16(data, 0));
23943e230dd2SCorentin Chary             vnc_client_error(vs);
23953e230dd2SCorentin Chary             break;
23963e230dd2SCorentin Chary         }
23973e230dd2SCorentin Chary         break;
23983e230dd2SCorentin Chary     default:
2399153130cdSDaniel P. Berrange         VNC_DEBUG("Msg: %d\n", data[0]);
24003e230dd2SCorentin Chary         vnc_client_error(vs);
24013e230dd2SCorentin Chary         break;
24023e230dd2SCorentin Chary     }
24033e230dd2SCorentin Chary 
24043e230dd2SCorentin Chary     vnc_read_when(vs, protocol_client_msg, 1);
24053e230dd2SCorentin Chary     return 0;
24063e230dd2SCorentin Chary }
24073e230dd2SCorentin Chary 
24083e230dd2SCorentin Chary static int protocol_client_init(VncState *vs, uint8_t *data, size_t len)
24093e230dd2SCorentin Chary {
24103e230dd2SCorentin Chary     char buf[1024];
24118cf36489SGerd Hoffmann     VncShareMode mode;
24123e230dd2SCorentin Chary     int size;
24133e230dd2SCorentin Chary 
24148cf36489SGerd Hoffmann     mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE;
24158cf36489SGerd Hoffmann     switch (vs->vd->share_policy) {
24168cf36489SGerd Hoffmann     case VNC_SHARE_POLICY_IGNORE:
24178cf36489SGerd Hoffmann         /*
24188cf36489SGerd Hoffmann          * Ignore the shared flag.  Nothing to do here.
24198cf36489SGerd Hoffmann          *
24208cf36489SGerd Hoffmann          * Doesn't conform to the rfb spec but is traditional qemu
24218cf36489SGerd Hoffmann          * behavior, thus left here as option for compatibility
24228cf36489SGerd Hoffmann          * reasons.
24238cf36489SGerd Hoffmann          */
24248cf36489SGerd Hoffmann         break;
24258cf36489SGerd Hoffmann     case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE:
24268cf36489SGerd Hoffmann         /*
24278cf36489SGerd Hoffmann          * Policy: Allow clients ask for exclusive access.
24288cf36489SGerd Hoffmann          *
24298cf36489SGerd Hoffmann          * Implementation: When a client asks for exclusive access,
24308cf36489SGerd Hoffmann          * disconnect all others. Shared connects are allowed as long
24318cf36489SGerd Hoffmann          * as no exclusive connection exists.
24328cf36489SGerd Hoffmann          *
24338cf36489SGerd Hoffmann          * This is how the rfb spec suggests to handle the shared flag.
24348cf36489SGerd Hoffmann          */
24358cf36489SGerd Hoffmann         if (mode == VNC_SHARE_MODE_EXCLUSIVE) {
24368cf36489SGerd Hoffmann             VncState *client;
24378cf36489SGerd Hoffmann             QTAILQ_FOREACH(client, &vs->vd->clients, next) {
24388cf36489SGerd Hoffmann                 if (vs == client) {
24398cf36489SGerd Hoffmann                     continue;
24408cf36489SGerd Hoffmann                 }
24418cf36489SGerd Hoffmann                 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE &&
24428cf36489SGerd Hoffmann                     client->share_mode != VNC_SHARE_MODE_SHARED) {
24438cf36489SGerd Hoffmann                     continue;
24448cf36489SGerd Hoffmann                 }
24458cf36489SGerd Hoffmann                 vnc_disconnect_start(client);
24468cf36489SGerd Hoffmann             }
24478cf36489SGerd Hoffmann         }
24488cf36489SGerd Hoffmann         if (mode == VNC_SHARE_MODE_SHARED) {
24498cf36489SGerd Hoffmann             if (vs->vd->num_exclusive > 0) {
24508cf36489SGerd Hoffmann                 vnc_disconnect_start(vs);
24518cf36489SGerd Hoffmann                 return 0;
24528cf36489SGerd Hoffmann             }
24538cf36489SGerd Hoffmann         }
24548cf36489SGerd Hoffmann         break;
24558cf36489SGerd Hoffmann     case VNC_SHARE_POLICY_FORCE_SHARED:
24568cf36489SGerd Hoffmann         /*
24578cf36489SGerd Hoffmann          * Policy: Shared connects only.
24588cf36489SGerd Hoffmann          * Implementation: Disallow clients asking for exclusive access.
24598cf36489SGerd Hoffmann          *
24608cf36489SGerd Hoffmann          * Useful for shared desktop sessions where you don't want
24618cf36489SGerd Hoffmann          * someone forgetting to say -shared when running the vnc
24628cf36489SGerd Hoffmann          * client disconnect everybody else.
24638cf36489SGerd Hoffmann          */
24648cf36489SGerd Hoffmann         if (mode == VNC_SHARE_MODE_EXCLUSIVE) {
24658cf36489SGerd Hoffmann             vnc_disconnect_start(vs);
24668cf36489SGerd Hoffmann             return 0;
24678cf36489SGerd Hoffmann         }
24688cf36489SGerd Hoffmann         break;
24698cf36489SGerd Hoffmann     }
24708cf36489SGerd Hoffmann     vnc_set_share_mode(vs, mode);
24718cf36489SGerd Hoffmann 
2472e5f34cddSGerd Hoffmann     if (vs->vd->num_shared > vs->vd->connections_limit) {
2473e5f34cddSGerd Hoffmann         vnc_disconnect_start(vs);
2474e5f34cddSGerd Hoffmann         return 0;
2475e5f34cddSGerd Hoffmann     }
2476e5f34cddSGerd Hoffmann 
2477bea60dd7SPeter Lieven     vs->client_width = pixman_image_get_width(vs->vd->server);
2478bea60dd7SPeter Lieven     vs->client_height = pixman_image_get_height(vs->vd->server);
24793e230dd2SCorentin Chary     vnc_write_u16(vs, vs->client_width);
24803e230dd2SCorentin Chary     vnc_write_u16(vs, vs->client_height);
24813e230dd2SCorentin Chary 
24823e230dd2SCorentin Chary     pixel_format_message(vs);
24833e230dd2SCorentin Chary 
24843e230dd2SCorentin Chary     if (qemu_name)
24853e230dd2SCorentin Chary         size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name);
24863e230dd2SCorentin Chary     else
24873e230dd2SCorentin Chary         size = snprintf(buf, sizeof(buf), "QEMU");
24883e230dd2SCorentin Chary 
24893e230dd2SCorentin Chary     vnc_write_u32(vs, size);
24903e230dd2SCorentin Chary     vnc_write(vs, buf, size);
24913e230dd2SCorentin Chary     vnc_flush(vs);
24923e230dd2SCorentin Chary 
24933e230dd2SCorentin Chary     vnc_client_cache_auth(vs);
2494fb6ba0d5SWenchao Xia     vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED);
24953e230dd2SCorentin Chary 
24963e230dd2SCorentin Chary     vnc_read_when(vs, protocol_client_msg, 1);
24973e230dd2SCorentin Chary 
24983e230dd2SCorentin Chary     return 0;
24993e230dd2SCorentin Chary }
25003e230dd2SCorentin Chary 
25013e230dd2SCorentin Chary void start_client_init(VncState *vs)
25023e230dd2SCorentin Chary {
25033e230dd2SCorentin Chary     vnc_read_when(vs, protocol_client_init, 1);
25043e230dd2SCorentin Chary }
25053e230dd2SCorentin Chary 
25063e230dd2SCorentin Chary static void make_challenge(VncState *vs)
25073e230dd2SCorentin Chary {
25083e230dd2SCorentin Chary     int i;
25093e230dd2SCorentin Chary 
25103e230dd2SCorentin Chary     srand(time(NULL)+getpid()+getpid()*987654+rand());
25113e230dd2SCorentin Chary 
25123e230dd2SCorentin Chary     for (i = 0 ; i < sizeof(vs->challenge) ; i++)
25133e230dd2SCorentin Chary         vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
25143e230dd2SCorentin Chary }
25153e230dd2SCorentin Chary 
25163e230dd2SCorentin Chary static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
25173e230dd2SCorentin Chary {
25183e230dd2SCorentin Chary     unsigned char response[VNC_AUTH_CHALLENGE_SIZE];
2519800567a6SDaniel P. Berrange     size_t i, pwlen;
25203e230dd2SCorentin Chary     unsigned char key[8];
25213c9405a0SGerd Hoffmann     time_t now = time(NULL);
252260928458SGonglei     QCryptoCipher *cipher = NULL;
2523800567a6SDaniel P. Berrange     Error *err = NULL;
25243e230dd2SCorentin Chary 
25251cd20f8bSAnthony Liguori     if (!vs->vd->password) {
25263e230dd2SCorentin Chary         VNC_DEBUG("No password configured on server");
25276bffdf0fSGerd Hoffmann         goto reject;
25283e230dd2SCorentin Chary     }
25293c9405a0SGerd Hoffmann     if (vs->vd->expires < now) {
25303c9405a0SGerd Hoffmann         VNC_DEBUG("Password is expired");
25313c9405a0SGerd Hoffmann         goto reject;
25323c9405a0SGerd Hoffmann     }
25333e230dd2SCorentin Chary 
25343e230dd2SCorentin Chary     memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE);
25353e230dd2SCorentin Chary 
25363e230dd2SCorentin Chary     /* Calculate the expected challenge response */
25373e230dd2SCorentin Chary     pwlen = strlen(vs->vd->password);
25383e230dd2SCorentin Chary     for (i=0; i<sizeof(key); i++)
25393e230dd2SCorentin Chary         key[i] = i<pwlen ? vs->vd->password[i] : 0;
2540800567a6SDaniel P. Berrange 
2541800567a6SDaniel P. Berrange     cipher = qcrypto_cipher_new(
2542800567a6SDaniel P. Berrange         QCRYPTO_CIPHER_ALG_DES_RFB,
2543800567a6SDaniel P. Berrange         QCRYPTO_CIPHER_MODE_ECB,
2544800567a6SDaniel P. Berrange         key, G_N_ELEMENTS(key),
2545800567a6SDaniel P. Berrange         &err);
2546800567a6SDaniel P. Berrange     if (!cipher) {
2547800567a6SDaniel P. Berrange         VNC_DEBUG("Cannot initialize cipher %s",
2548800567a6SDaniel P. Berrange                   error_get_pretty(err));
2549800567a6SDaniel P. Berrange         error_free(err);
2550800567a6SDaniel P. Berrange         goto reject;
2551800567a6SDaniel P. Berrange     }
2552800567a6SDaniel P. Berrange 
2553a1695137SWolfgang Bumiller     if (qcrypto_cipher_encrypt(cipher,
2554800567a6SDaniel P. Berrange                                vs->challenge,
2555800567a6SDaniel P. Berrange                                response,
2556800567a6SDaniel P. Berrange                                VNC_AUTH_CHALLENGE_SIZE,
2557800567a6SDaniel P. Berrange                                &err) < 0) {
2558800567a6SDaniel P. Berrange         VNC_DEBUG("Cannot encrypt challenge %s",
2559800567a6SDaniel P. Berrange                   error_get_pretty(err));
2560800567a6SDaniel P. Berrange         error_free(err);
2561800567a6SDaniel P. Berrange         goto reject;
2562800567a6SDaniel P. Berrange     }
25633e230dd2SCorentin Chary 
25643e230dd2SCorentin Chary     /* Compare expected vs actual challenge response */
25653e230dd2SCorentin Chary     if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) {
2566e5bed759SDong Xu Wang         VNC_DEBUG("Client challenge response did not match\n");
25676bffdf0fSGerd Hoffmann         goto reject;
25686bffdf0fSGerd Hoffmann     } else {
25696bffdf0fSGerd Hoffmann         VNC_DEBUG("Accepting VNC challenge response\n");
25706bffdf0fSGerd Hoffmann         vnc_write_u32(vs, 0); /* Accept auth */
25716bffdf0fSGerd Hoffmann         vnc_flush(vs);
25726bffdf0fSGerd Hoffmann 
25736bffdf0fSGerd Hoffmann         start_client_init(vs);
25746bffdf0fSGerd Hoffmann     }
257560928458SGonglei 
257660928458SGonglei     qcrypto_cipher_free(cipher);
25776bffdf0fSGerd Hoffmann     return 0;
25786bffdf0fSGerd Hoffmann 
25796bffdf0fSGerd Hoffmann reject:
25803e230dd2SCorentin Chary     vnc_write_u32(vs, 1); /* Reject auth */
25813e230dd2SCorentin Chary     if (vs->minor >= 8) {
25823e230dd2SCorentin Chary         static const char err[] = "Authentication failed";
25833e230dd2SCorentin Chary         vnc_write_u32(vs, sizeof(err));
25843e230dd2SCorentin Chary         vnc_write(vs, err, sizeof(err));
25853e230dd2SCorentin Chary     }
25863e230dd2SCorentin Chary     vnc_flush(vs);
25873e230dd2SCorentin Chary     vnc_client_error(vs);
258860928458SGonglei     qcrypto_cipher_free(cipher);
25893e230dd2SCorentin Chary     return 0;
25903e230dd2SCorentin Chary }
25913e230dd2SCorentin Chary 
25923e230dd2SCorentin Chary void start_auth_vnc(VncState *vs)
25933e230dd2SCorentin Chary {
25943e230dd2SCorentin Chary     make_challenge(vs);
25953e230dd2SCorentin Chary     /* Send client a 'random' challenge */
25963e230dd2SCorentin Chary     vnc_write(vs, vs->challenge, sizeof(vs->challenge));
25973e230dd2SCorentin Chary     vnc_flush(vs);
25983e230dd2SCorentin Chary 
25993e230dd2SCorentin Chary     vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge));
26003e230dd2SCorentin Chary }
26013e230dd2SCorentin Chary 
26023e230dd2SCorentin Chary 
26033e230dd2SCorentin Chary static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
26043e230dd2SCorentin Chary {
26053e230dd2SCorentin Chary     /* We only advertise 1 auth scheme at a time, so client
26063e230dd2SCorentin Chary      * must pick the one we sent. Verify this */
26077e7e2ebcSDaniel P. Berrange     if (data[0] != vs->auth) { /* Reject auth */
26083e230dd2SCorentin Chary        VNC_DEBUG("Reject auth %d because it didn't match advertized\n", (int)data[0]);
26093e230dd2SCorentin Chary        vnc_write_u32(vs, 1);
26103e230dd2SCorentin Chary        if (vs->minor >= 8) {
26113e230dd2SCorentin Chary            static const char err[] = "Authentication failed";
26123e230dd2SCorentin Chary            vnc_write_u32(vs, sizeof(err));
26133e230dd2SCorentin Chary            vnc_write(vs, err, sizeof(err));
26143e230dd2SCorentin Chary        }
26153e230dd2SCorentin Chary        vnc_client_error(vs);
26163e230dd2SCorentin Chary     } else { /* Accept requested auth */
26173e230dd2SCorentin Chary        VNC_DEBUG("Client requested auth %d\n", (int)data[0]);
26187e7e2ebcSDaniel P. Berrange        switch (vs->auth) {
26193e230dd2SCorentin Chary        case VNC_AUTH_NONE:
26203e230dd2SCorentin Chary            VNC_DEBUG("Accept auth none\n");
26213e230dd2SCorentin Chary            if (vs->minor >= 8) {
26223e230dd2SCorentin Chary                vnc_write_u32(vs, 0); /* Accept auth completion */
26233e230dd2SCorentin Chary                vnc_flush(vs);
26243e230dd2SCorentin Chary            }
26253e230dd2SCorentin Chary            start_client_init(vs);
26263e230dd2SCorentin Chary            break;
26273e230dd2SCorentin Chary 
26283e230dd2SCorentin Chary        case VNC_AUTH_VNC:
26293e230dd2SCorentin Chary            VNC_DEBUG("Start VNC auth\n");
26303e230dd2SCorentin Chary            start_auth_vnc(vs);
26313e230dd2SCorentin Chary            break;
26323e230dd2SCorentin Chary 
26333e230dd2SCorentin Chary        case VNC_AUTH_VENCRYPT:
26343a93113aSDong Xu Wang            VNC_DEBUG("Accept VeNCrypt auth\n");
26353e230dd2SCorentin Chary            start_auth_vencrypt(vs);
26363e230dd2SCorentin Chary            break;
26373e230dd2SCorentin Chary 
26383e230dd2SCorentin Chary #ifdef CONFIG_VNC_SASL
26393e230dd2SCorentin Chary        case VNC_AUTH_SASL:
26403e230dd2SCorentin Chary            VNC_DEBUG("Accept SASL auth\n");
26413e230dd2SCorentin Chary            start_auth_sasl(vs);
26423e230dd2SCorentin Chary            break;
26433e230dd2SCorentin Chary #endif /* CONFIG_VNC_SASL */
26443e230dd2SCorentin Chary 
26453e230dd2SCorentin Chary        default: /* Should not be possible, but just in case */
26467e7e2ebcSDaniel P. Berrange            VNC_DEBUG("Reject auth %d server code bug\n", vs->auth);
26473e230dd2SCorentin Chary            vnc_write_u8(vs, 1);
26483e230dd2SCorentin Chary            if (vs->minor >= 8) {
26493e230dd2SCorentin Chary                static const char err[] = "Authentication failed";
26503e230dd2SCorentin Chary                vnc_write_u32(vs, sizeof(err));
26513e230dd2SCorentin Chary                vnc_write(vs, err, sizeof(err));
26523e230dd2SCorentin Chary            }
26533e230dd2SCorentin Chary            vnc_client_error(vs);
26543e230dd2SCorentin Chary        }
26553e230dd2SCorentin Chary     }
26563e230dd2SCorentin Chary     return 0;
26573e230dd2SCorentin Chary }
26583e230dd2SCorentin Chary 
26593e230dd2SCorentin Chary static int protocol_version(VncState *vs, uint8_t *version, size_t len)
26603e230dd2SCorentin Chary {
26613e230dd2SCorentin Chary     char local[13];
26623e230dd2SCorentin Chary 
26633e230dd2SCorentin Chary     memcpy(local, version, 12);
26643e230dd2SCorentin Chary     local[12] = 0;
26653e230dd2SCorentin Chary 
26663e230dd2SCorentin Chary     if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) {
26673e230dd2SCorentin Chary         VNC_DEBUG("Malformed protocol version %s\n", local);
26683e230dd2SCorentin Chary         vnc_client_error(vs);
26693e230dd2SCorentin Chary         return 0;
26703e230dd2SCorentin Chary     }
26713e230dd2SCorentin Chary     VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor);
26723e230dd2SCorentin Chary     if (vs->major != 3 ||
26733e230dd2SCorentin Chary         (vs->minor != 3 &&
26743e230dd2SCorentin Chary          vs->minor != 4 &&
26753e230dd2SCorentin Chary          vs->minor != 5 &&
26763e230dd2SCorentin Chary          vs->minor != 7 &&
26773e230dd2SCorentin Chary          vs->minor != 8)) {
26783e230dd2SCorentin Chary         VNC_DEBUG("Unsupported client version\n");
26793e230dd2SCorentin Chary         vnc_write_u32(vs, VNC_AUTH_INVALID);
26803e230dd2SCorentin Chary         vnc_flush(vs);
26813e230dd2SCorentin Chary         vnc_client_error(vs);
26823e230dd2SCorentin Chary         return 0;
26833e230dd2SCorentin Chary     }
26843e230dd2SCorentin Chary     /* Some broken clients report v3.4 or v3.5, which spec requires to be treated
26853e230dd2SCorentin Chary      * as equivalent to v3.3 by servers
26863e230dd2SCorentin Chary      */
26873e230dd2SCorentin Chary     if (vs->minor == 4 || vs->minor == 5)
26883e230dd2SCorentin Chary         vs->minor = 3;
26893e230dd2SCorentin Chary 
26903e230dd2SCorentin Chary     if (vs->minor == 3) {
26917e7e2ebcSDaniel P. Berrange         if (vs->auth == VNC_AUTH_NONE) {
26923e230dd2SCorentin Chary             VNC_DEBUG("Tell client auth none\n");
26937e7e2ebcSDaniel P. Berrange             vnc_write_u32(vs, vs->auth);
26943e230dd2SCorentin Chary             vnc_flush(vs);
26953e230dd2SCorentin Chary             start_client_init(vs);
26967e7e2ebcSDaniel P. Berrange        } else if (vs->auth == VNC_AUTH_VNC) {
26973e230dd2SCorentin Chary             VNC_DEBUG("Tell client VNC auth\n");
26987e7e2ebcSDaniel P. Berrange             vnc_write_u32(vs, vs->auth);
26993e230dd2SCorentin Chary             vnc_flush(vs);
27003e230dd2SCorentin Chary             start_auth_vnc(vs);
27013e230dd2SCorentin Chary        } else {
27027e7e2ebcSDaniel P. Berrange             VNC_DEBUG("Unsupported auth %d for protocol 3.3\n", vs->auth);
27033e230dd2SCorentin Chary             vnc_write_u32(vs, VNC_AUTH_INVALID);
27043e230dd2SCorentin Chary             vnc_flush(vs);
27053e230dd2SCorentin Chary             vnc_client_error(vs);
27063e230dd2SCorentin Chary        }
27073e230dd2SCorentin Chary     } else {
27087e7e2ebcSDaniel P. Berrange         VNC_DEBUG("Telling client we support auth %d\n", vs->auth);
27093e230dd2SCorentin Chary         vnc_write_u8(vs, 1); /* num auth */
27107e7e2ebcSDaniel P. Berrange         vnc_write_u8(vs, vs->auth);
27113e230dd2SCorentin Chary         vnc_read_when(vs, protocol_client_auth, 1);
27123e230dd2SCorentin Chary         vnc_flush(vs);
27133e230dd2SCorentin Chary     }
27143e230dd2SCorentin Chary 
27153e230dd2SCorentin Chary     return 0;
27163e230dd2SCorentin Chary }
27173e230dd2SCorentin Chary 
2718999342a0SCorentin Chary static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y)
2719999342a0SCorentin Chary {
2720999342a0SCorentin Chary     struct VncSurface *vs = &vd->guest;
2721999342a0SCorentin Chary 
2722999342a0SCorentin Chary     return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT];
2723999342a0SCorentin Chary }
2724999342a0SCorentin Chary 
27257d964c9dSCorentin Chary void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h)
27267d964c9dSCorentin Chary {
27277d964c9dSCorentin Chary     int i, j;
27287d964c9dSCorentin Chary 
27297d964c9dSCorentin Chary     w = (x + w) / VNC_STAT_RECT;
27307d964c9dSCorentin Chary     h = (y + h) / VNC_STAT_RECT;
27317d964c9dSCorentin Chary     x /= VNC_STAT_RECT;
27327d964c9dSCorentin Chary     y /= VNC_STAT_RECT;
27337d964c9dSCorentin Chary 
2734207f328aSCorentin Chary     for (j = y; j <= h; j++) {
2735207f328aSCorentin Chary         for (i = x; i <= w; i++) {
27367d964c9dSCorentin Chary             vs->lossy_rect[j][i] = 1;
27377d964c9dSCorentin Chary         }
27387d964c9dSCorentin Chary     }
27397d964c9dSCorentin Chary }
27407d964c9dSCorentin Chary 
27417d964c9dSCorentin Chary static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y)
27427d964c9dSCorentin Chary {
27437d964c9dSCorentin Chary     VncState *vs;
27447d964c9dSCorentin Chary     int sty = y / VNC_STAT_RECT;
27457d964c9dSCorentin Chary     int stx = x / VNC_STAT_RECT;
27467d964c9dSCorentin Chary     int has_dirty = 0;
27477d964c9dSCorentin Chary 
27487d964c9dSCorentin Chary     y = y / VNC_STAT_RECT * VNC_STAT_RECT;
27497d964c9dSCorentin Chary     x = x / VNC_STAT_RECT * VNC_STAT_RECT;
27507d964c9dSCorentin Chary 
27517d964c9dSCorentin Chary     QTAILQ_FOREACH(vs, &vd->clients, next) {
2752bc2429b9SCorentin Chary         int j;
27537d964c9dSCorentin Chary 
27547d964c9dSCorentin Chary         /* kernel send buffers are full -> refresh later */
27557d964c9dSCorentin Chary         if (vs->output.offset) {
27567d964c9dSCorentin Chary             continue;
27577d964c9dSCorentin Chary         }
27587d964c9dSCorentin Chary 
27597d964c9dSCorentin Chary         if (!vs->lossy_rect[sty][stx]) {
27607d964c9dSCorentin Chary             continue;
27617d964c9dSCorentin Chary         }
2762207f328aSCorentin Chary 
27637d964c9dSCorentin Chary         vs->lossy_rect[sty][stx] = 0;
27647d964c9dSCorentin Chary         for (j = 0; j < VNC_STAT_RECT; ++j) {
2765b4c85ddcSPeter Lieven             bitmap_set(vs->dirty[y + j],
2766b4c85ddcSPeter Lieven                        x / VNC_DIRTY_PIXELS_PER_BIT,
2767b4c85ddcSPeter Lieven                        VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT);
27687d964c9dSCorentin Chary         }
27697d964c9dSCorentin Chary         has_dirty++;
27707d964c9dSCorentin Chary     }
2771207f328aSCorentin Chary 
27727d964c9dSCorentin Chary     return has_dirty;
27737d964c9dSCorentin Chary }
27747d964c9dSCorentin Chary 
27757d964c9dSCorentin Chary static int vnc_update_stats(VncDisplay *vd,  struct timeval * tv)
2776999342a0SCorentin Chary {
27779f64916dSGerd Hoffmann     int width = pixman_image_get_width(vd->guest.fb);
27789f64916dSGerd Hoffmann     int height = pixman_image_get_height(vd->guest.fb);
2779999342a0SCorentin Chary     int x, y;
2780999342a0SCorentin Chary     struct timeval res;
27817d964c9dSCorentin Chary     int has_dirty = 0;
2782999342a0SCorentin Chary 
27839f64916dSGerd Hoffmann     for (y = 0; y < height; y += VNC_STAT_RECT) {
27849f64916dSGerd Hoffmann         for (x = 0; x < width; x += VNC_STAT_RECT) {
2785999342a0SCorentin Chary             VncRectStat *rect = vnc_stat_rect(vd, x, y);
2786999342a0SCorentin Chary 
2787999342a0SCorentin Chary             rect->updated = false;
2788999342a0SCorentin Chary         }
2789999342a0SCorentin Chary     }
2790999342a0SCorentin Chary 
2791ad620c29SBlue Swirl     qemu_timersub(tv, &VNC_REFRESH_STATS, &res);
2792999342a0SCorentin Chary 
2793999342a0SCorentin Chary     if (timercmp(&vd->guest.last_freq_check, &res, >)) {
27947d964c9dSCorentin Chary         return has_dirty;
2795999342a0SCorentin Chary     }
2796999342a0SCorentin Chary     vd->guest.last_freq_check = *tv;
2797999342a0SCorentin Chary 
27989f64916dSGerd Hoffmann     for (y = 0; y < height; y += VNC_STAT_RECT) {
27999f64916dSGerd Hoffmann         for (x = 0; x < width; x += VNC_STAT_RECT) {
2800999342a0SCorentin Chary             VncRectStat *rect= vnc_stat_rect(vd, x, y);
2801999342a0SCorentin Chary             int count = ARRAY_SIZE(rect->times);
2802999342a0SCorentin Chary             struct timeval min, max;
2803999342a0SCorentin Chary 
2804999342a0SCorentin Chary             if (!timerisset(&rect->times[count - 1])) {
2805999342a0SCorentin Chary                 continue ;
2806999342a0SCorentin Chary             }
2807999342a0SCorentin Chary 
2808999342a0SCorentin Chary             max = rect->times[(rect->idx + count - 1) % count];
2809ad620c29SBlue Swirl             qemu_timersub(tv, &max, &res);
2810999342a0SCorentin Chary 
2811999342a0SCorentin Chary             if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) {
2812999342a0SCorentin Chary                 rect->freq = 0;
28137d964c9dSCorentin Chary                 has_dirty += vnc_refresh_lossy_rect(vd, x, y);
2814999342a0SCorentin Chary                 memset(rect->times, 0, sizeof (rect->times));
2815999342a0SCorentin Chary                 continue ;
2816999342a0SCorentin Chary             }
2817999342a0SCorentin Chary 
2818999342a0SCorentin Chary             min = rect->times[rect->idx];
2819999342a0SCorentin Chary             max = rect->times[(rect->idx + count - 1) % count];
2820ad620c29SBlue Swirl             qemu_timersub(&max, &min, &res);
2821999342a0SCorentin Chary 
2822999342a0SCorentin Chary             rect->freq = res.tv_sec + res.tv_usec / 1000000.;
2823999342a0SCorentin Chary             rect->freq /= count;
2824999342a0SCorentin Chary             rect->freq = 1. / rect->freq;
2825999342a0SCorentin Chary         }
2826999342a0SCorentin Chary     }
28277d964c9dSCorentin Chary     return has_dirty;
2828999342a0SCorentin Chary }
2829999342a0SCorentin Chary 
2830999342a0SCorentin Chary double vnc_update_freq(VncState *vs, int x, int y, int w, int h)
2831999342a0SCorentin Chary {
2832999342a0SCorentin Chary     int i, j;
2833999342a0SCorentin Chary     double total = 0;
2834999342a0SCorentin Chary     int num = 0;
2835999342a0SCorentin Chary 
2836999342a0SCorentin Chary     x =  (x / VNC_STAT_RECT) * VNC_STAT_RECT;
2837999342a0SCorentin Chary     y =  (y / VNC_STAT_RECT) * VNC_STAT_RECT;
2838999342a0SCorentin Chary 
2839999342a0SCorentin Chary     for (j = y; j <= y + h; j += VNC_STAT_RECT) {
2840999342a0SCorentin Chary         for (i = x; i <= x + w; i += VNC_STAT_RECT) {
2841999342a0SCorentin Chary             total += vnc_stat_rect(vs->vd, i, j)->freq;
2842999342a0SCorentin Chary             num++;
2843999342a0SCorentin Chary         }
2844999342a0SCorentin Chary     }
2845999342a0SCorentin Chary 
2846999342a0SCorentin Chary     if (num) {
2847999342a0SCorentin Chary         return total / num;
2848999342a0SCorentin Chary     } else {
2849999342a0SCorentin Chary         return 0;
2850999342a0SCorentin Chary     }
2851999342a0SCorentin Chary }
2852999342a0SCorentin Chary 
2853999342a0SCorentin Chary static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv)
2854999342a0SCorentin Chary {
2855999342a0SCorentin Chary     VncRectStat *rect;
2856999342a0SCorentin Chary 
2857999342a0SCorentin Chary     rect = vnc_stat_rect(vd, x, y);
2858999342a0SCorentin Chary     if (rect->updated) {
2859999342a0SCorentin Chary         return ;
2860999342a0SCorentin Chary     }
2861999342a0SCorentin Chary     rect->times[rect->idx] = *tv;
2862999342a0SCorentin Chary     rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times);
2863999342a0SCorentin Chary     rect->updated = true;
2864999342a0SCorentin Chary }
2865999342a0SCorentin Chary 
28663e230dd2SCorentin Chary static int vnc_refresh_server_surface(VncDisplay *vd)
28673e230dd2SCorentin Chary {
2868bea60dd7SPeter Lieven     int width = MIN(pixman_image_get_width(vd->guest.fb),
2869bea60dd7SPeter Lieven                     pixman_image_get_width(vd->server));
2870bea60dd7SPeter Lieven     int height = MIN(pixman_image_get_height(vd->guest.fb),
2871bea60dd7SPeter Lieven                      pixman_image_get_height(vd->server));
2872eb8934b0SGerd Hoffmann     int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0;
287312b316d4SPeter Lieven     uint8_t *guest_row0 = NULL, *server_row0;
28743e230dd2SCorentin Chary     VncState *vs;
28753e230dd2SCorentin Chary     int has_dirty = 0;
28769f64916dSGerd Hoffmann     pixman_image_t *tmpbuf = NULL;
28773e230dd2SCorentin Chary 
287880e0c8c3SCorentin Chary     struct timeval tv = { 0, 0 };
2879999342a0SCorentin Chary 
288080e0c8c3SCorentin Chary     if (!vd->non_adaptive) {
2881999342a0SCorentin Chary         gettimeofday(&tv, NULL);
28827d964c9dSCorentin Chary         has_dirty = vnc_update_stats(vd, &tv);
288380e0c8c3SCorentin Chary     }
2884999342a0SCorentin Chary 
28853e230dd2SCorentin Chary     /*
28863e230dd2SCorentin Chary      * Walk through the guest dirty map.
28873e230dd2SCorentin Chary      * Check and copy modified bits from guest to server surface.
28883e230dd2SCorentin Chary      * Update server dirty map.
28893e230dd2SCorentin Chary      */
2890bea60dd7SPeter Lieven     server_row0 = (uint8_t *)pixman_image_get_data(vd->server);
2891eb8934b0SGerd Hoffmann     server_stride = guest_stride = guest_ll =
2892eb8934b0SGerd Hoffmann         pixman_image_get_stride(vd->server);
2893bea60dd7SPeter Lieven     cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES,
2894bea60dd7SPeter Lieven                     server_stride);
28959f64916dSGerd Hoffmann     if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
28969f64916dSGerd Hoffmann         int width = pixman_image_get_width(vd->server);
28979f64916dSGerd Hoffmann         tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width);
289812b316d4SPeter Lieven     } else {
2899eb8934b0SGerd Hoffmann         int guest_bpp =
2900eb8934b0SGerd Hoffmann             PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb));
290112b316d4SPeter Lieven         guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb);
290212b316d4SPeter Lieven         guest_stride = pixman_image_get_stride(vd->guest.fb);
2903eb8934b0SGerd Hoffmann         guest_ll = pixman_image_get_width(vd->guest.fb) * ((guest_bpp + 7) / 8);
29049f64916dSGerd Hoffmann     }
2905eb8934b0SGerd Hoffmann     line_bytes = MIN(server_stride, guest_ll);
290612b316d4SPeter Lieven 
290712b316d4SPeter Lieven     for (;;) {
29083e230dd2SCorentin Chary         int x;
290912b316d4SPeter Lieven         uint8_t *guest_ptr, *server_ptr;
291012b316d4SPeter Lieven         unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty,
291112b316d4SPeter Lieven                                              height * VNC_DIRTY_BPL(&vd->guest),
291212b316d4SPeter Lieven                                              y * VNC_DIRTY_BPL(&vd->guest));
291312b316d4SPeter Lieven         if (offset == height * VNC_DIRTY_BPL(&vd->guest)) {
291412b316d4SPeter Lieven             /* no more dirty bits */
291512b316d4SPeter Lieven             break;
291612b316d4SPeter Lieven         }
291712b316d4SPeter Lieven         y = offset / VNC_DIRTY_BPL(&vd->guest);
291812b316d4SPeter Lieven         x = offset % VNC_DIRTY_BPL(&vd->guest);
291912b316d4SPeter Lieven 
292012b316d4SPeter Lieven         server_ptr = server_row0 + y * server_stride + x * cmp_bytes;
29213e230dd2SCorentin Chary 
29229f64916dSGerd Hoffmann         if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
2923bc210eb1SGerd Hoffmann             qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y);
29249f64916dSGerd Hoffmann             guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf);
29259f64916dSGerd Hoffmann         } else {
292612b316d4SPeter Lieven             guest_ptr = guest_row0 + y * guest_stride;
29279f64916dSGerd Hoffmann         }
292812b316d4SPeter Lieven         guest_ptr += x * cmp_bytes;
29293e230dd2SCorentin Chary 
293012b316d4SPeter Lieven         for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT);
293112b316d4SPeter Lieven              x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) {
2932bea60dd7SPeter Lieven             int _cmp_bytes = cmp_bytes;
293312b316d4SPeter Lieven             if (!test_and_clear_bit(x, vd->guest.dirty[y])) {
29343e230dd2SCorentin Chary                 continue;
2935b4c85ddcSPeter Lieven             }
2936eb8934b0SGerd Hoffmann             if ((x + 1) * cmp_bytes > line_bytes) {
2937eb8934b0SGerd Hoffmann                 _cmp_bytes = line_bytes - x * cmp_bytes;
2938bea60dd7SPeter Lieven             }
2939eb8934b0SGerd Hoffmann             assert(_cmp_bytes >= 0);
2940bea60dd7SPeter Lieven             if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) {
29413e230dd2SCorentin Chary                 continue;
2942b4c85ddcSPeter Lieven             }
2943bea60dd7SPeter Lieven             memcpy(server_ptr, guest_ptr, _cmp_bytes);
294412b316d4SPeter Lieven             if (!vd->non_adaptive) {
294512b316d4SPeter Lieven                 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT,
294612b316d4SPeter Lieven                                  y, &tv);
294712b316d4SPeter Lieven             }
29483e230dd2SCorentin Chary             QTAILQ_FOREACH(vs, &vd->clients, next) {
294912b316d4SPeter Lieven                 set_bit(x, vs->dirty[y]);
29503e230dd2SCorentin Chary             }
29513e230dd2SCorentin Chary             has_dirty++;
29523e230dd2SCorentin Chary         }
295312b316d4SPeter Lieven 
295412b316d4SPeter Lieven         y++;
29553e230dd2SCorentin Chary     }
29569f64916dSGerd Hoffmann     qemu_pixman_image_unref(tmpbuf);
29573e230dd2SCorentin Chary     return has_dirty;
29583e230dd2SCorentin Chary }
29593e230dd2SCorentin Chary 
29600f7b2864SGerd Hoffmann static void vnc_refresh(DisplayChangeListener *dcl)
29613e230dd2SCorentin Chary {
29620f7b2864SGerd Hoffmann     VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
29633e230dd2SCorentin Chary     VncState *vs, *vn;
29643e230dd2SCorentin Chary     int has_dirty, rects = 0;
29653e230dd2SCorentin Chary 
29669d6b2070SChenLiang     if (QTAILQ_EMPTY(&vd->clients)) {
29679d6b2070SChenLiang         update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX);
29689d6b2070SChenLiang         return;
29699d6b2070SChenLiang     }
29709d6b2070SChenLiang 
29711d0d59feSGerd Hoffmann     graphic_hw_update(vd->dcl.con);
29723e230dd2SCorentin Chary 
2973bd023f95SCorentin Chary     if (vnc_trylock_display(vd)) {
29740f7b2864SGerd Hoffmann         update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
2975bd023f95SCorentin Chary         return;
2976bd023f95SCorentin Chary     }
2977bd023f95SCorentin Chary 
29783e230dd2SCorentin Chary     has_dirty = vnc_refresh_server_surface(vd);
2979bd023f95SCorentin Chary     vnc_unlock_display(vd);
29803e230dd2SCorentin Chary 
29813e230dd2SCorentin Chary     QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) {
298238ee14f4SGerd Hoffmann         rects += vnc_update_client(vs, has_dirty, false);
29833e230dd2SCorentin Chary         /* vs might be free()ed here */
29843e230dd2SCorentin Chary     }
2985bd023f95SCorentin Chary 
29863e230dd2SCorentin Chary     if (has_dirty && rects) {
29870f7b2864SGerd Hoffmann         vd->dcl.update_interval /= 2;
29880f7b2864SGerd Hoffmann         if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) {
29890f7b2864SGerd Hoffmann             vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE;
29900f7b2864SGerd Hoffmann         }
29913e230dd2SCorentin Chary     } else {
29920f7b2864SGerd Hoffmann         vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC;
29930f7b2864SGerd Hoffmann         if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) {
29940f7b2864SGerd Hoffmann             vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX;
29953e230dd2SCorentin Chary         }
29963e230dd2SCorentin Chary     }
29973e230dd2SCorentin Chary }
29983e230dd2SCorentin Chary 
29992c8cf549SMichael Tokarev static void vnc_connect(VncDisplay *vd, int csock,
30002c8cf549SMichael Tokarev                         bool skipauth, bool websocket)
30013e230dd2SCorentin Chary {
30027267c094SAnthony Liguori     VncState *vs = g_malloc0(sizeof(VncState));
30037d964c9dSCorentin Chary     int i;
30047d964c9dSCorentin Chary 
30053e230dd2SCorentin Chary     vs->csock = csock;
3006d616ccc5SGerd Hoffmann     vs->vd = vd;
30077e7e2ebcSDaniel P. Berrange 
30087e7e2ebcSDaniel P. Berrange     if (skipauth) {
30097e7e2ebcSDaniel P. Berrange 	vs->auth = VNC_AUTH_NONE;
30107e7e2ebcSDaniel P. Berrange 	vs->subauth = VNC_AUTH_INVALID;
30117e7e2ebcSDaniel P. Berrange     } else {
3012f9148c8aSDaniel P. Berrange         if (websocket) {
3013f9148c8aSDaniel P. Berrange             vs->auth = vd->ws_auth;
3014f9148c8aSDaniel P. Berrange             vs->subauth = VNC_AUTH_INVALID;
3015f9148c8aSDaniel P. Berrange         } else {
30167e7e2ebcSDaniel P. Berrange             vs->auth = vd->auth;
30177e7e2ebcSDaniel P. Berrange             vs->subauth = vd->subauth;
30187e7e2ebcSDaniel P. Berrange         }
3019f9148c8aSDaniel P. Berrange     }
3020f9148c8aSDaniel P. Berrange     VNC_DEBUG("Client sock=%d ws=%d auth=%d subauth=%d\n",
3021f9148c8aSDaniel P. Berrange               csock, websocket, vs->auth, vs->subauth);
30227e7e2ebcSDaniel P. Berrange 
30237267c094SAnthony Liguori     vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect));
30247d964c9dSCorentin Chary     for (i = 0; i < VNC_STAT_ROWS; ++i) {
30257267c094SAnthony Liguori         vs->lossy_rect[i] = g_malloc0(VNC_STAT_COLS * sizeof (uint8_t));
30267d964c9dSCorentin Chary     }
30273e230dd2SCorentin Chary 
30283e230dd2SCorentin Chary     VNC_DEBUG("New client on socket %d\n", csock);
30290f7b2864SGerd Hoffmann     update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
3030f9e8caccSStefan Hajnoczi     qemu_set_nonblock(vs->csock);
30317536ee4bSTim Hardeck     if (websocket) {
30327536ee4bSTim Hardeck         vs->websocket = 1;
3033f9148c8aSDaniel P. Berrange         if (vd->ws_tls) {
303482e1cc4bSFam Zheng             qemu_set_fd_handler(vs->csock, vncws_tls_handshake_io, NULL, vs);
30353e305e4aSDaniel P. Berrange         } else {
303682e1cc4bSFam Zheng             qemu_set_fd_handler(vs->csock, vncws_handshake_read, NULL, vs);
30370057a0d5STim Hardeck         }
30387536ee4bSTim Hardeck     } else
30397536ee4bSTim Hardeck     {
304082e1cc4bSFam Zheng         qemu_set_fd_handler(vs->csock, vnc_client_read, NULL, vs);
30417536ee4bSTim Hardeck     }
30423e230dd2SCorentin Chary 
30433e230dd2SCorentin Chary     vnc_client_cache_addr(vs);
3044fb6ba0d5SWenchao Xia     vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED);
30458cf36489SGerd Hoffmann     vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING);
30463e230dd2SCorentin Chary 
30478e9b0d24SDaniel P. Berrange     if (!vs->websocket) {
30487536ee4bSTim Hardeck         vnc_init_state(vs);
30497536ee4bSTim Hardeck     }
3050e5f34cddSGerd Hoffmann 
3051e5f34cddSGerd Hoffmann     if (vd->num_connecting > vd->connections_limit) {
3052e5f34cddSGerd Hoffmann         QTAILQ_FOREACH(vs, &vd->clients, next) {
3053e5f34cddSGerd Hoffmann             if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) {
3054e5f34cddSGerd Hoffmann                 vnc_disconnect_start(vs);
3055e5f34cddSGerd Hoffmann                 return;
3056e5f34cddSGerd Hoffmann             }
3057e5f34cddSGerd Hoffmann         }
3058e5f34cddSGerd Hoffmann     }
30597536ee4bSTim Hardeck }
30607536ee4bSTim Hardeck 
30617536ee4bSTim Hardeck void vnc_init_state(VncState *vs)
30627536ee4bSTim Hardeck {
30636fd8e79aSTim Hardeck     vs->initialized = true;
30647536ee4bSTim Hardeck     VncDisplay *vd = vs->vd;
30657536ee4bSTim Hardeck 
30663e230dd2SCorentin Chary     vs->last_x = -1;
30673e230dd2SCorentin Chary     vs->last_y = -1;
30683e230dd2SCorentin Chary 
30693e230dd2SCorentin Chary     vs->as.freq = 44100;
30703e230dd2SCorentin Chary     vs->as.nchannels = 2;
30713e230dd2SCorentin Chary     vs->as.fmt = AUD_FMT_S16;
30723e230dd2SCorentin Chary     vs->as.endianness = 0;
30733e230dd2SCorentin Chary 
3074bd023f95SCorentin Chary     qemu_mutex_init(&vs->output_mutex);
3075175b2a6eSCorentin Chary     vs->bh = qemu_bh_new(vnc_jobs_bh, vs);
3076bd023f95SCorentin Chary 
3077e5f34cddSGerd Hoffmann     QTAILQ_INSERT_TAIL(&vd->clients, vs, next);
30783e230dd2SCorentin Chary 
30791d0d59feSGerd Hoffmann     graphic_hw_update(vd->dcl.con);
30803e230dd2SCorentin Chary 
30813e230dd2SCorentin Chary     vnc_write(vs, "RFB 003.008\n", 12);
30823e230dd2SCorentin Chary     vnc_flush(vs);
30833e230dd2SCorentin Chary     vnc_read_when(vs, protocol_version, 12);
30843e230dd2SCorentin Chary     reset_keys(vs);
30853e230dd2SCorentin Chary     if (vs->vd->lock_key_sync)
30863e230dd2SCorentin Chary         vs->led = qemu_add_led_event_handler(kbd_leds, vs);
30873e230dd2SCorentin Chary 
30883e230dd2SCorentin Chary     vs->mouse_mode_notifier.notify = check_pointer_type_change;
30893e230dd2SCorentin Chary     qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
30903e230dd2SCorentin Chary 
30913e230dd2SCorentin Chary     /* vs might be free()ed here */
30923e230dd2SCorentin Chary }
30933e230dd2SCorentin Chary 
30947536ee4bSTim Hardeck static void vnc_listen_read(void *opaque, bool websocket)
30953e230dd2SCorentin Chary {
30963e230dd2SCorentin Chary     VncDisplay *vs = opaque;
30973e230dd2SCorentin Chary     struct sockaddr_in addr;
30983e230dd2SCorentin Chary     socklen_t addrlen = sizeof(addr);
30997536ee4bSTim Hardeck     int csock;
31003e230dd2SCorentin Chary 
31013e230dd2SCorentin Chary     /* Catch-up */
31021d0d59feSGerd Hoffmann     graphic_hw_update(vs->dcl.con);
31037536ee4bSTim Hardeck     if (websocket) {
31047536ee4bSTim Hardeck         csock = qemu_accept(vs->lwebsock, (struct sockaddr *)&addr, &addrlen);
31058e9b0d24SDaniel P. Berrange     } else {
31067536ee4bSTim Hardeck         csock = qemu_accept(vs->lsock, (struct sockaddr *)&addr, &addrlen);
31077536ee4bSTim Hardeck     }
31083e230dd2SCorentin Chary 
31093e230dd2SCorentin Chary     if (csock != -1) {
311086152436SPeter Lieven         socket_set_nodelay(csock);
31112c8cf549SMichael Tokarev         vnc_connect(vs, csock, false, websocket);
31123e230dd2SCorentin Chary     }
31133e230dd2SCorentin Chary }
31143e230dd2SCorentin Chary 
31157536ee4bSTim Hardeck static void vnc_listen_regular_read(void *opaque)
31167536ee4bSTim Hardeck {
31172c8cf549SMichael Tokarev     vnc_listen_read(opaque, false);
31187536ee4bSTim Hardeck }
31197536ee4bSTim Hardeck 
31207536ee4bSTim Hardeck static void vnc_listen_websocket_read(void *opaque)
31217536ee4bSTim Hardeck {
31222c8cf549SMichael Tokarev     vnc_listen_read(opaque, true);
31237536ee4bSTim Hardeck }
31247536ee4bSTim Hardeck 
31257c20b4a3SGerd Hoffmann static const DisplayChangeListenerOps dcl_ops = {
31267c20b4a3SGerd Hoffmann     .dpy_name             = "vnc",
31270f7b2864SGerd Hoffmann     .dpy_refresh          = vnc_refresh,
31287c20b4a3SGerd Hoffmann     .dpy_gfx_copy         = vnc_dpy_copy,
31297c20b4a3SGerd Hoffmann     .dpy_gfx_update       = vnc_dpy_update,
3130c12aeb86SGerd Hoffmann     .dpy_gfx_switch       = vnc_dpy_switch,
313134da30afSBenjamin Herrenschmidt     .dpy_gfx_check_format = qemu_pixman_check_format,
31327c20b4a3SGerd Hoffmann     .dpy_mouse_set        = vnc_mouse_set,
31337c20b4a3SGerd Hoffmann     .dpy_cursor_define    = vnc_dpy_cursor_define,
31347c20b4a3SGerd Hoffmann };
31357c20b4a3SGerd Hoffmann 
313614f7143eSGerd Hoffmann void vnc_display_init(const char *id)
31373e230dd2SCorentin Chary {
31384db14629SGerd Hoffmann     VncDisplay *vs;
31394db14629SGerd Hoffmann 
31404db14629SGerd Hoffmann     if (vnc_display_find(id) != NULL) {
31414db14629SGerd Hoffmann         return;
31424db14629SGerd Hoffmann     }
31434db14629SGerd Hoffmann     vs = g_malloc0(sizeof(*vs));
31443e230dd2SCorentin Chary 
314514f7143eSGerd Hoffmann     vs->id = strdup(id);
3146d616ccc5SGerd Hoffmann     QTAILQ_INSERT_TAIL(&vnc_displays, vs, next);
31473e230dd2SCorentin Chary 
31483e230dd2SCorentin Chary     vs->lsock = -1;
31497536ee4bSTim Hardeck     vs->lwebsock = -1;
31503e230dd2SCorentin Chary 
31513e230dd2SCorentin Chary     QTAILQ_INIT(&vs->clients);
31523c9405a0SGerd Hoffmann     vs->expires = TIME_MAX;
31533e230dd2SCorentin Chary 
315440066175SGerd Hoffmann     if (keyboard_layout) {
315540066175SGerd Hoffmann         trace_vnc_key_map_init(keyboard_layout);
31563e230dd2SCorentin Chary         vs->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout);
315740066175SGerd Hoffmann     } else {
31583e230dd2SCorentin Chary         vs->kbd_layout = init_keyboard_layout(name2keysym, "en-us");
315940066175SGerd Hoffmann     }
31603e230dd2SCorentin Chary 
31613e230dd2SCorentin Chary     if (!vs->kbd_layout)
31623e230dd2SCorentin Chary         exit(1);
31633e230dd2SCorentin Chary 
3164bd023f95SCorentin Chary     qemu_mutex_init(&vs->mutex);
3165bd023f95SCorentin Chary     vnc_start_worker_thread();
3166bd023f95SCorentin Chary 
316721ef45d7SGerd Hoffmann     vs->dcl.ops = &dcl_ops;
31685209089fSGerd Hoffmann     register_displaychangelistener(&vs->dcl);
31693e230dd2SCorentin Chary }
31703e230dd2SCorentin Chary 
31713e230dd2SCorentin Chary 
317214f7143eSGerd Hoffmann static void vnc_display_close(VncDisplay *vs)
31733e230dd2SCorentin Chary {
31743e230dd2SCorentin Chary     if (!vs)
31753e230dd2SCorentin Chary         return;
3176bf7aa45eSGerd Hoffmann     vs->enabled = false;
3177bf7aa45eSGerd Hoffmann     vs->is_unix = false;
31783e230dd2SCorentin Chary     if (vs->lsock != -1) {
317982e1cc4bSFam Zheng         qemu_set_fd_handler(vs->lsock, NULL, NULL, NULL);
31803e230dd2SCorentin Chary         close(vs->lsock);
31813e230dd2SCorentin Chary         vs->lsock = -1;
31823e230dd2SCorentin Chary     }
3183bf7aa45eSGerd Hoffmann     vs->ws_enabled = false;
31847536ee4bSTim Hardeck     if (vs->lwebsock != -1) {
318582e1cc4bSFam Zheng         qemu_set_fd_handler(vs->lwebsock, NULL, NULL, NULL);
31867536ee4bSTim Hardeck         close(vs->lwebsock);
31877536ee4bSTim Hardeck         vs->lwebsock = -1;
31887536ee4bSTim Hardeck     }
31893e230dd2SCorentin Chary     vs->auth = VNC_AUTH_INVALID;
31903e230dd2SCorentin Chary     vs->subauth = VNC_AUTH_INVALID;
31913e305e4aSDaniel P. Berrange     if (vs->tlscreds) {
31923e305e4aSDaniel P. Berrange         object_unparent(OBJECT(vs->tlscreds));
31933e305e4aSDaniel P. Berrange     }
31943e305e4aSDaniel P. Berrange     g_free(vs->tlsaclname);
31953e305e4aSDaniel P. Berrange     vs->tlsaclname = NULL;
31963e230dd2SCorentin Chary }
31973e230dd2SCorentin Chary 
319814f7143eSGerd Hoffmann int vnc_display_password(const char *id, const char *password)
31991cd20f8bSAnthony Liguori {
320014f7143eSGerd Hoffmann     VncDisplay *vs = vnc_display_find(id);
32011cd20f8bSAnthony Liguori 
32021cd20f8bSAnthony Liguori     if (!vs) {
3203a6aa9d3eSLuiz Capitulino         return -EINVAL;
32041cd20f8bSAnthony Liguori     }
3205cf864569SGerd Hoffmann     if (vs->auth == VNC_AUTH_NONE) {
3206cf864569SGerd Hoffmann         error_printf_unless_qmp("If you want use passwords please enable "
3207cf864569SGerd Hoffmann                                 "password auth using '-vnc ${dpy},password'.");
3208cf864569SGerd Hoffmann         return -EINVAL;
32091cd20f8bSAnthony Liguori     }
32101cd20f8bSAnthony Liguori 
32117267c094SAnthony Liguori     g_free(vs->password);
32127267c094SAnthony Liguori     vs->password = g_strdup(password);
3213a6aa9d3eSLuiz Capitulino 
3214a6aa9d3eSLuiz Capitulino     return 0;
32153e230dd2SCorentin Chary }
32163e230dd2SCorentin Chary 
321714f7143eSGerd Hoffmann int vnc_display_pw_expire(const char *id, time_t expires)
32183c9405a0SGerd Hoffmann {
321914f7143eSGerd Hoffmann     VncDisplay *vs = vnc_display_find(id);
32203c9405a0SGerd Hoffmann 
32211643f2b2SGerd Hoffmann     if (!vs) {
32221643f2b2SGerd Hoffmann         return -EINVAL;
32231643f2b2SGerd Hoffmann     }
32241643f2b2SGerd Hoffmann 
32253c9405a0SGerd Hoffmann     vs->expires = expires;
32263c9405a0SGerd Hoffmann     return 0;
32273c9405a0SGerd Hoffmann }
32283c9405a0SGerd Hoffmann 
322914f7143eSGerd Hoffmann char *vnc_display_local_addr(const char *id)
32303e230dd2SCorentin Chary {
323114f7143eSGerd Hoffmann     VncDisplay *vs = vnc_display_find(id);
32323e230dd2SCorentin Chary 
32339e0ff75eSGerd Hoffmann     assert(vs);
32343e230dd2SCorentin Chary     return vnc_socket_local_addr("%s:%s", vs->lsock);
32353e230dd2SCorentin Chary }
32363e230dd2SCorentin Chary 
32374db14629SGerd Hoffmann static QemuOptsList qemu_vnc_opts = {
32384db14629SGerd Hoffmann     .name = "vnc",
32394db14629SGerd Hoffmann     .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
32404db14629SGerd Hoffmann     .implied_opt_name = "vnc",
32414db14629SGerd Hoffmann     .desc = {
32424db14629SGerd Hoffmann         {
32434db14629SGerd Hoffmann             .name = "vnc",
32444db14629SGerd Hoffmann             .type = QEMU_OPT_STRING,
32454db14629SGerd Hoffmann         },{
32464db14629SGerd Hoffmann             .name = "websocket",
32474db14629SGerd Hoffmann             .type = QEMU_OPT_STRING,
32484db14629SGerd Hoffmann         },{
32493e305e4aSDaniel P. Berrange             .name = "tls-creds",
32503e305e4aSDaniel P. Berrange             .type = QEMU_OPT_STRING,
32513e305e4aSDaniel P. Berrange         },{
32523e305e4aSDaniel P. Berrange             /* Deprecated in favour of tls-creds */
32534db14629SGerd Hoffmann             .name = "x509",
32544db14629SGerd Hoffmann             .type = QEMU_OPT_STRING,
32554db14629SGerd Hoffmann         },{
32564db14629SGerd Hoffmann             .name = "share",
32574db14629SGerd Hoffmann             .type = QEMU_OPT_STRING,
32584db14629SGerd Hoffmann         },{
32591d0d59feSGerd Hoffmann             .name = "display",
32601d0d59feSGerd Hoffmann             .type = QEMU_OPT_STRING,
32611d0d59feSGerd Hoffmann         },{
32621d0d59feSGerd Hoffmann             .name = "head",
32631d0d59feSGerd Hoffmann             .type = QEMU_OPT_NUMBER,
32641d0d59feSGerd Hoffmann         },{
3265e5f34cddSGerd Hoffmann             .name = "connections",
3266e5f34cddSGerd Hoffmann             .type = QEMU_OPT_NUMBER,
3267e5f34cddSGerd Hoffmann         },{
326888428b7aSGonglei             .name = "to",
326988428b7aSGonglei             .type = QEMU_OPT_NUMBER,
327088428b7aSGonglei         },{
327188428b7aSGonglei             .name = "ipv4",
327288428b7aSGonglei             .type = QEMU_OPT_BOOL,
327388428b7aSGonglei         },{
327488428b7aSGonglei             .name = "ipv6",
327588428b7aSGonglei             .type = QEMU_OPT_BOOL,
327688428b7aSGonglei         },{
32774db14629SGerd Hoffmann             .name = "password",
32784db14629SGerd Hoffmann             .type = QEMU_OPT_BOOL,
32794db14629SGerd Hoffmann         },{
32804db14629SGerd Hoffmann             .name = "reverse",
32814db14629SGerd Hoffmann             .type = QEMU_OPT_BOOL,
32824db14629SGerd Hoffmann         },{
32834db14629SGerd Hoffmann             .name = "lock-key-sync",
32844db14629SGerd Hoffmann             .type = QEMU_OPT_BOOL,
32854db14629SGerd Hoffmann         },{
32864db14629SGerd Hoffmann             .name = "sasl",
32874db14629SGerd Hoffmann             .type = QEMU_OPT_BOOL,
32884db14629SGerd Hoffmann         },{
32893e305e4aSDaniel P. Berrange             /* Deprecated in favour of tls-creds */
32904db14629SGerd Hoffmann             .name = "tls",
32914db14629SGerd Hoffmann             .type = QEMU_OPT_BOOL,
32924db14629SGerd Hoffmann         },{
32933e305e4aSDaniel P. Berrange             /* Deprecated in favour of tls-creds */
32944db14629SGerd Hoffmann             .name = "x509verify",
32958c7d0645SDaniel P. Berrange             .type = QEMU_OPT_STRING,
32964db14629SGerd Hoffmann         },{
32974db14629SGerd Hoffmann             .name = "acl",
32984db14629SGerd Hoffmann             .type = QEMU_OPT_BOOL,
32994db14629SGerd Hoffmann         },{
33004db14629SGerd Hoffmann             .name = "lossy",
33014db14629SGerd Hoffmann             .type = QEMU_OPT_BOOL,
33024db14629SGerd Hoffmann         },{
33034db14629SGerd Hoffmann             .name = "non-adaptive",
33044db14629SGerd Hoffmann             .type = QEMU_OPT_BOOL,
33054db14629SGerd Hoffmann         },
33064db14629SGerd Hoffmann         { /* end of list */ }
33074db14629SGerd Hoffmann     },
33084db14629SGerd Hoffmann };
33094db14629SGerd Hoffmann 
33100dd72e15SDaniel P. Berrange 
33113e305e4aSDaniel P. Berrange static int
33120dd72e15SDaniel P. Berrange vnc_display_setup_auth(VncDisplay *vs,
33130dd72e15SDaniel P. Berrange                        bool password,
33140dd72e15SDaniel P. Berrange                        bool sasl,
33153e305e4aSDaniel P. Berrange                        bool websocket,
33163e305e4aSDaniel P. Berrange                        Error **errp)
33170dd72e15SDaniel P. Berrange {
33180dd72e15SDaniel P. Berrange     /*
33190dd72e15SDaniel P. Berrange      * We have a choice of 3 authentication options
33200dd72e15SDaniel P. Berrange      *
33210dd72e15SDaniel P. Berrange      *   1. none
33220dd72e15SDaniel P. Berrange      *   2. vnc
33230dd72e15SDaniel P. Berrange      *   3. sasl
33240dd72e15SDaniel P. Berrange      *
33250dd72e15SDaniel P. Berrange      * The channel can be run in 2 modes
33260dd72e15SDaniel P. Berrange      *
33270dd72e15SDaniel P. Berrange      *   1. clear
33280dd72e15SDaniel P. Berrange      *   2. tls
33290dd72e15SDaniel P. Berrange      *
33300dd72e15SDaniel P. Berrange      * And TLS can use 2 types of credentials
33310dd72e15SDaniel P. Berrange      *
33320dd72e15SDaniel P. Berrange      *   1. anon
33330dd72e15SDaniel P. Berrange      *   2. x509
33340dd72e15SDaniel P. Berrange      *
33350dd72e15SDaniel P. Berrange      * We thus have 9 possible logical combinations
33360dd72e15SDaniel P. Berrange      *
33370dd72e15SDaniel P. Berrange      *   1. clear + none
33380dd72e15SDaniel P. Berrange      *   2. clear + vnc
33390dd72e15SDaniel P. Berrange      *   3. clear + sasl
33400dd72e15SDaniel P. Berrange      *   4. tls + anon + none
33410dd72e15SDaniel P. Berrange      *   5. tls + anon + vnc
33420dd72e15SDaniel P. Berrange      *   6. tls + anon + sasl
33430dd72e15SDaniel P. Berrange      *   7. tls + x509 + none
33440dd72e15SDaniel P. Berrange      *   8. tls + x509 + vnc
33450dd72e15SDaniel P. Berrange      *   9. tls + x509 + sasl
33460dd72e15SDaniel P. Berrange      *
33470dd72e15SDaniel P. Berrange      * These need to be mapped into the VNC auth schemes
33480dd72e15SDaniel P. Berrange      * in an appropriate manner. In regular VNC, all the
33490dd72e15SDaniel P. Berrange      * TLS options get mapped into VNC_AUTH_VENCRYPT
33500dd72e15SDaniel P. Berrange      * sub-auth types.
3351f9148c8aSDaniel P. Berrange      *
3352f9148c8aSDaniel P. Berrange      * In websockets, the https:// protocol already provides
3353f9148c8aSDaniel P. Berrange      * TLS support, so there is no need to make use of the
3354f9148c8aSDaniel P. Berrange      * VeNCrypt extension. Furthermore, websockets browser
3355f9148c8aSDaniel P. Berrange      * clients could not use VeNCrypt even if they wanted to,
3356f9148c8aSDaniel P. Berrange      * as they cannot control when the TLS handshake takes
3357f9148c8aSDaniel P. Berrange      * place. Thus there is no option but to rely on https://,
3358f9148c8aSDaniel P. Berrange      * meaning combinations 4->6 and 7->9 will be mapped to
3359f9148c8aSDaniel P. Berrange      * VNC auth schemes in the same way as combos 1->3.
3360f9148c8aSDaniel P. Berrange      *
3361f9148c8aSDaniel P. Berrange      * Regardless of fact that we have a different mapping to
3362f9148c8aSDaniel P. Berrange      * VNC auth mechs for plain VNC vs websockets VNC, the end
3363f9148c8aSDaniel P. Berrange      * result has the same security characteristics.
33640dd72e15SDaniel P. Berrange      */
33650dd72e15SDaniel P. Berrange     if (password) {
33663e305e4aSDaniel P. Berrange         if (vs->tlscreds) {
33670dd72e15SDaniel P. Berrange             vs->auth = VNC_AUTH_VENCRYPT;
3368f9148c8aSDaniel P. Berrange             if (websocket) {
3369f9148c8aSDaniel P. Berrange                 vs->ws_tls = true;
3370f9148c8aSDaniel P. Berrange             }
33713e305e4aSDaniel P. Berrange             if (object_dynamic_cast(OBJECT(vs->tlscreds),
33723e305e4aSDaniel P. Berrange                                     TYPE_QCRYPTO_TLS_CREDS_X509)) {
33730dd72e15SDaniel P. Berrange                 VNC_DEBUG("Initializing VNC server with x509 password auth\n");
33740dd72e15SDaniel P. Berrange                 vs->subauth = VNC_AUTH_VENCRYPT_X509VNC;
33753e305e4aSDaniel P. Berrange             } else if (object_dynamic_cast(OBJECT(vs->tlscreds),
33763e305e4aSDaniel P. Berrange                                            TYPE_QCRYPTO_TLS_CREDS_ANON)) {
33770dd72e15SDaniel P. Berrange                 VNC_DEBUG("Initializing VNC server with TLS password auth\n");
33780dd72e15SDaniel P. Berrange                 vs->subauth = VNC_AUTH_VENCRYPT_TLSVNC;
33793e305e4aSDaniel P. Berrange             } else {
33803e305e4aSDaniel P. Berrange                 error_setg(errp,
33813e305e4aSDaniel P. Berrange                            "Unsupported TLS cred type %s",
33823e305e4aSDaniel P. Berrange                            object_get_typename(OBJECT(vs->tlscreds)));
33833e305e4aSDaniel P. Berrange                 return -1;
33840dd72e15SDaniel P. Berrange             }
33850dd72e15SDaniel P. Berrange         } else {
33860dd72e15SDaniel P. Berrange             VNC_DEBUG("Initializing VNC server with password auth\n");
33870dd72e15SDaniel P. Berrange             vs->auth = VNC_AUTH_VNC;
33880dd72e15SDaniel P. Berrange             vs->subauth = VNC_AUTH_INVALID;
33890dd72e15SDaniel P. Berrange         }
3390f9148c8aSDaniel P. Berrange         if (websocket) {
3391f9148c8aSDaniel P. Berrange             vs->ws_auth = VNC_AUTH_VNC;
3392f9148c8aSDaniel P. Berrange         } else {
3393f9148c8aSDaniel P. Berrange             vs->ws_auth = VNC_AUTH_INVALID;
3394f9148c8aSDaniel P. Berrange         }
33950dd72e15SDaniel P. Berrange     } else if (sasl) {
33963e305e4aSDaniel P. Berrange         if (vs->tlscreds) {
33970dd72e15SDaniel P. Berrange             vs->auth = VNC_AUTH_VENCRYPT;
3398f9148c8aSDaniel P. Berrange             if (websocket) {
3399f9148c8aSDaniel P. Berrange                 vs->ws_tls = true;
3400f9148c8aSDaniel P. Berrange             }
34013e305e4aSDaniel P. Berrange             if (object_dynamic_cast(OBJECT(vs->tlscreds),
34023e305e4aSDaniel P. Berrange                                     TYPE_QCRYPTO_TLS_CREDS_X509)) {
34030dd72e15SDaniel P. Berrange                 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n");
34040dd72e15SDaniel P. Berrange                 vs->subauth = VNC_AUTH_VENCRYPT_X509SASL;
34053e305e4aSDaniel P. Berrange             } else if (object_dynamic_cast(OBJECT(vs->tlscreds),
34063e305e4aSDaniel P. Berrange                                            TYPE_QCRYPTO_TLS_CREDS_ANON)) {
34070dd72e15SDaniel P. Berrange                 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n");
34080dd72e15SDaniel P. Berrange                 vs->subauth = VNC_AUTH_VENCRYPT_TLSSASL;
34093e305e4aSDaniel P. Berrange             } else {
34103e305e4aSDaniel P. Berrange                 error_setg(errp,
34113e305e4aSDaniel P. Berrange                            "Unsupported TLS cred type %s",
34123e305e4aSDaniel P. Berrange                            object_get_typename(OBJECT(vs->tlscreds)));
34133e305e4aSDaniel P. Berrange                 return -1;
34140dd72e15SDaniel P. Berrange             }
34150dd72e15SDaniel P. Berrange         } else {
34160dd72e15SDaniel P. Berrange             VNC_DEBUG("Initializing VNC server with SASL auth\n");
34170dd72e15SDaniel P. Berrange             vs->auth = VNC_AUTH_SASL;
34180dd72e15SDaniel P. Berrange             vs->subauth = VNC_AUTH_INVALID;
34190dd72e15SDaniel P. Berrange         }
3420f9148c8aSDaniel P. Berrange         if (websocket) {
3421f9148c8aSDaniel P. Berrange             vs->ws_auth = VNC_AUTH_SASL;
3422f9148c8aSDaniel P. Berrange         } else {
3423f9148c8aSDaniel P. Berrange             vs->ws_auth = VNC_AUTH_INVALID;
3424f9148c8aSDaniel P. Berrange         }
34250dd72e15SDaniel P. Berrange     } else {
34263e305e4aSDaniel P. Berrange         if (vs->tlscreds) {
34270dd72e15SDaniel P. Berrange             vs->auth = VNC_AUTH_VENCRYPT;
3428f9148c8aSDaniel P. Berrange             if (websocket) {
3429f9148c8aSDaniel P. Berrange                 vs->ws_tls = true;
3430f9148c8aSDaniel P. Berrange             }
34313e305e4aSDaniel P. Berrange             if (object_dynamic_cast(OBJECT(vs->tlscreds),
34323e305e4aSDaniel P. Berrange                                     TYPE_QCRYPTO_TLS_CREDS_X509)) {
34330dd72e15SDaniel P. Berrange                 VNC_DEBUG("Initializing VNC server with x509 no auth\n");
34340dd72e15SDaniel P. Berrange                 vs->subauth = VNC_AUTH_VENCRYPT_X509NONE;
34353e305e4aSDaniel P. Berrange             } else if (object_dynamic_cast(OBJECT(vs->tlscreds),
34363e305e4aSDaniel P. Berrange                                            TYPE_QCRYPTO_TLS_CREDS_ANON)) {
34370dd72e15SDaniel P. Berrange                 VNC_DEBUG("Initializing VNC server with TLS no auth\n");
34380dd72e15SDaniel P. Berrange                 vs->subauth = VNC_AUTH_VENCRYPT_TLSNONE;
34393e305e4aSDaniel P. Berrange             } else {
34403e305e4aSDaniel P. Berrange                 error_setg(errp,
34413e305e4aSDaniel P. Berrange                            "Unsupported TLS cred type %s",
34423e305e4aSDaniel P. Berrange                            object_get_typename(OBJECT(vs->tlscreds)));
34433e305e4aSDaniel P. Berrange                 return -1;
34440dd72e15SDaniel P. Berrange             }
34450dd72e15SDaniel P. Berrange         } else {
34460dd72e15SDaniel P. Berrange             VNC_DEBUG("Initializing VNC server with no auth\n");
34470dd72e15SDaniel P. Berrange             vs->auth = VNC_AUTH_NONE;
34480dd72e15SDaniel P. Berrange             vs->subauth = VNC_AUTH_INVALID;
34490dd72e15SDaniel P. Berrange         }
3450f9148c8aSDaniel P. Berrange         if (websocket) {
3451f9148c8aSDaniel P. Berrange             vs->ws_auth = VNC_AUTH_NONE;
3452f9148c8aSDaniel P. Berrange         } else {
3453f9148c8aSDaniel P. Berrange             vs->ws_auth = VNC_AUTH_INVALID;
3454f9148c8aSDaniel P. Berrange         }
34550dd72e15SDaniel P. Berrange     }
34563e305e4aSDaniel P. Berrange     return 0;
34570dd72e15SDaniel P. Berrange }
34580dd72e15SDaniel P. Berrange 
34593e305e4aSDaniel P. Berrange 
34603e305e4aSDaniel P. Berrange /*
34613e305e4aSDaniel P. Berrange  * Handle back compat with old CLI syntax by creating some
34623e305e4aSDaniel P. Berrange  * suitable QCryptoTLSCreds objects
34633e305e4aSDaniel P. Berrange  */
34643e305e4aSDaniel P. Berrange static QCryptoTLSCreds *
34653e305e4aSDaniel P. Berrange vnc_display_create_creds(bool x509,
34663e305e4aSDaniel P. Berrange                          bool x509verify,
34673e305e4aSDaniel P. Berrange                          const char *dir,
34683e305e4aSDaniel P. Berrange                          const char *id,
34693e305e4aSDaniel P. Berrange                          Error **errp)
34703e305e4aSDaniel P. Berrange {
34713e305e4aSDaniel P. Berrange     gchar *credsid = g_strdup_printf("tlsvnc%s", id);
34723e305e4aSDaniel P. Berrange     Object *parent = object_get_objects_root();
34733e305e4aSDaniel P. Berrange     Object *creds;
34743e305e4aSDaniel P. Berrange     Error *err = NULL;
34753e305e4aSDaniel P. Berrange 
34763e305e4aSDaniel P. Berrange     if (x509) {
34773e305e4aSDaniel P. Berrange         creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_X509,
34783e305e4aSDaniel P. Berrange                                       parent,
34793e305e4aSDaniel P. Berrange                                       credsid,
34803e305e4aSDaniel P. Berrange                                       &err,
34813e305e4aSDaniel P. Berrange                                       "endpoint", "server",
34823e305e4aSDaniel P. Berrange                                       "dir", dir,
34833e305e4aSDaniel P. Berrange                                       "verify-peer", x509verify ? "yes" : "no",
34843e305e4aSDaniel P. Berrange                                       NULL);
34853e305e4aSDaniel P. Berrange     } else {
34863e305e4aSDaniel P. Berrange         creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON,
34873e305e4aSDaniel P. Berrange                                       parent,
34883e305e4aSDaniel P. Berrange                                       credsid,
34893e305e4aSDaniel P. Berrange                                       &err,
34903e305e4aSDaniel P. Berrange                                       "endpoint", "server",
34913e305e4aSDaniel P. Berrange                                       NULL);
34923e305e4aSDaniel P. Berrange     }
34933e305e4aSDaniel P. Berrange 
34943e305e4aSDaniel P. Berrange     g_free(credsid);
34953e305e4aSDaniel P. Berrange 
34963e305e4aSDaniel P. Berrange     if (err) {
34973e305e4aSDaniel P. Berrange         error_propagate(errp, err);
34983e305e4aSDaniel P. Berrange         return NULL;
34993e305e4aSDaniel P. Berrange     }
35003e305e4aSDaniel P. Berrange 
35013e305e4aSDaniel P. Berrange     return QCRYPTO_TLS_CREDS(creds);
35023e305e4aSDaniel P. Berrange }
35033e305e4aSDaniel P. Berrange 
35043e305e4aSDaniel P. Berrange 
35054db14629SGerd Hoffmann void vnc_display_open(const char *id, Error **errp)
35063e230dd2SCorentin Chary {
350714f7143eSGerd Hoffmann     VncDisplay *vs = vnc_display_find(id);
35084db14629SGerd Hoffmann     QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id);
3509*e0d03b8cSDaniel P. Berrange     SocketAddress *saddr = NULL, *wsaddr = NULL;
3510e2a11d9dSGonglei     const char *share, *device_id;
35111d0d59feSGerd Hoffmann     QemuConsole *con;
3512a2c72de0SGonglei     bool password = false;
3513a2c72de0SGonglei     bool reverse = false;
3514e2a11d9dSGonglei     const char *vnc;
3515e5560329SGerd Hoffmann     char *h;
35163e305e4aSDaniel P. Berrange     const char *credid;
3517a2c72de0SGonglei     bool sasl = false;
3518d169f04bSDaniel P. Berrange #ifdef CONFIG_VNC_SASL
35193e230dd2SCorentin Chary     int saslErr;
35203e230dd2SCorentin Chary #endif
35213e230dd2SCorentin Chary     int acl = 0;
35223e230dd2SCorentin Chary     int lock_key_sync = 1;
35233e230dd2SCorentin Chary 
3524d616ccc5SGerd Hoffmann     if (!vs) {
35252d55f0e8SPaolo Bonzini         error_setg(errp, "VNC display not active");
35262d55f0e8SPaolo Bonzini         return;
35272d55f0e8SPaolo Bonzini     }
352814f7143eSGerd Hoffmann     vnc_display_close(vs);
35294db14629SGerd Hoffmann 
35304db14629SGerd Hoffmann     if (!opts) {
35312d55f0e8SPaolo Bonzini         return;
35324db14629SGerd Hoffmann     }
3533e2a11d9dSGonglei     vnc = qemu_opt_get(opts, "vnc");
3534e2a11d9dSGonglei     if (!vnc || strcmp(vnc, "none") == 0) {
35354db14629SGerd Hoffmann         return;
35364db14629SGerd Hoffmann     }
3537e2a11d9dSGonglei 
3538e5560329SGerd Hoffmann     h = strrchr(vnc, ':');
3539e5560329SGerd Hoffmann     if (h) {
3540274c3b52SJán Tomko         size_t hlen = h - vnc;
3541274c3b52SJán Tomko 
3542*e0d03b8cSDaniel P. Berrange         const char *websocket = qemu_opt_get(opts, "websocket");
3543*e0d03b8cSDaniel P. Berrange         int to = qemu_opt_get_number(opts, "to", 0);
3544*e0d03b8cSDaniel P. Berrange         bool has_ipv4 = qemu_opt_get_bool(opts, "ipv4", false);
3545*e0d03b8cSDaniel P. Berrange         bool has_ipv6 = qemu_opt_get_bool(opts, "ipv6", false);
3546*e0d03b8cSDaniel P. Berrange 
3547*e0d03b8cSDaniel P. Berrange         saddr = g_new0(SocketAddress, 1);
3548*e0d03b8cSDaniel P. Berrange         if (websocket) {
3549*e0d03b8cSDaniel P. Berrange             if (!qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) {
3550*e0d03b8cSDaniel P. Berrange                 error_setg(errp,
3551*e0d03b8cSDaniel P. Berrange                            "SHA1 hash support is required for websockets");
3552e5560329SGerd Hoffmann                 goto fail;
3553e2a11d9dSGonglei             }
3554e5560329SGerd Hoffmann 
3555*e0d03b8cSDaniel P. Berrange             wsaddr = g_new0(SocketAddress, 1);
3556*e0d03b8cSDaniel P. Berrange             vs->ws_enabled = true;
3557e5560329SGerd Hoffmann         }
3558*e0d03b8cSDaniel P. Berrange 
3559*e0d03b8cSDaniel P. Berrange         if (strncmp(vnc, "unix:", 5) == 0) {
3560*e0d03b8cSDaniel P. Berrange             saddr->kind = SOCKET_ADDRESS_KIND_UNIX;
3561*e0d03b8cSDaniel P. Berrange             saddr->q_unix = g_new0(UnixSocketAddress, 1);
3562*e0d03b8cSDaniel P. Berrange             saddr->q_unix->path = g_strdup(vnc + 5);
3563*e0d03b8cSDaniel P. Berrange 
3564*e0d03b8cSDaniel P. Berrange             if (vs->ws_enabled) {
3565*e0d03b8cSDaniel P. Berrange                 error_setg(errp, "UNIX sockets not supported with websock");
3566*e0d03b8cSDaniel P. Berrange                 goto fail;
3567e5560329SGerd Hoffmann             }
3568*e0d03b8cSDaniel P. Berrange         } else {
3569*e0d03b8cSDaniel P. Berrange             unsigned long long baseport;
3570*e0d03b8cSDaniel P. Berrange             saddr->kind = SOCKET_ADDRESS_KIND_INET;
3571*e0d03b8cSDaniel P. Berrange             saddr->inet = g_new0(InetSocketAddress, 1);
3572*e0d03b8cSDaniel P. Berrange             if (vnc[0] == '[' && vnc[hlen - 1] == ']') {
3573*e0d03b8cSDaniel P. Berrange                 saddr->inet->host = g_strndup(vnc + 1, hlen - 2);
3574*e0d03b8cSDaniel P. Berrange             } else {
3575*e0d03b8cSDaniel P. Berrange                 saddr->inet->host = g_strndup(vnc, hlen);
3576*e0d03b8cSDaniel P. Berrange             }
3577*e0d03b8cSDaniel P. Berrange             if (parse_uint_full(h + 1, &baseport, 10) < 0) {
3578*e0d03b8cSDaniel P. Berrange                 error_setg(errp, "can't convert to a number: %s", h + 1);
3579*e0d03b8cSDaniel P. Berrange                 goto fail;
3580*e0d03b8cSDaniel P. Berrange             }
3581*e0d03b8cSDaniel P. Berrange             if (baseport > 65535 ||
3582*e0d03b8cSDaniel P. Berrange                 baseport + 5900 > 65535) {
3583*e0d03b8cSDaniel P. Berrange                 error_setg(errp, "port %s out of range", h + 1);
3584*e0d03b8cSDaniel P. Berrange                 goto fail;
3585*e0d03b8cSDaniel P. Berrange             }
3586*e0d03b8cSDaniel P. Berrange             saddr->inet->port = g_strdup_printf(
3587*e0d03b8cSDaniel P. Berrange                 "%d", (int)baseport + 5900);
3588*e0d03b8cSDaniel P. Berrange 
3589*e0d03b8cSDaniel P. Berrange             if (to) {
3590*e0d03b8cSDaniel P. Berrange                 saddr->inet->has_to = true;
3591*e0d03b8cSDaniel P. Berrange                 saddr->inet->to = to;
3592*e0d03b8cSDaniel P. Berrange             }
3593*e0d03b8cSDaniel P. Berrange             saddr->inet->ipv4 = saddr->inet->has_ipv4 = has_ipv4;
3594*e0d03b8cSDaniel P. Berrange             saddr->inet->ipv6 = saddr->inet->has_ipv6 = has_ipv6;
3595*e0d03b8cSDaniel P. Berrange 
3596*e0d03b8cSDaniel P. Berrange             if (vs->ws_enabled) {
3597*e0d03b8cSDaniel P. Berrange                 wsaddr->kind = SOCKET_ADDRESS_KIND_INET;
3598*e0d03b8cSDaniel P. Berrange                 wsaddr->inet = g_new0(InetSocketAddress, 1);
3599*e0d03b8cSDaniel P. Berrange                 wsaddr->inet->host = g_strdup(saddr->inet->host);
3600*e0d03b8cSDaniel P. Berrange                 wsaddr->inet->port = g_strdup(websocket);
3601*e0d03b8cSDaniel P. Berrange 
3602*e0d03b8cSDaniel P. Berrange                 if (to) {
3603*e0d03b8cSDaniel P. Berrange                     wsaddr->inet->has_to = true;
3604*e0d03b8cSDaniel P. Berrange                     wsaddr->inet->to = to;
3605*e0d03b8cSDaniel P. Berrange                 }
3606*e0d03b8cSDaniel P. Berrange                 wsaddr->inet->ipv4 = wsaddr->inet->has_ipv4 = has_ipv4;
3607*e0d03b8cSDaniel P. Berrange                 wsaddr->inet->ipv6 = wsaddr->inet->has_ipv6 = has_ipv6;
3608*e0d03b8cSDaniel P. Berrange             }
3609*e0d03b8cSDaniel P. Berrange         }
3610*e0d03b8cSDaniel P. Berrange     } else {
3611*e0d03b8cSDaniel P. Berrange         error_setg(errp, "no vnc port specified");
3612*e0d03b8cSDaniel P. Berrange         goto fail;
3613e5560329SGerd Hoffmann     }
36143e230dd2SCorentin Chary 
36154db14629SGerd Hoffmann     password = qemu_opt_get_bool(opts, "password", false);
3616800567a6SDaniel P. Berrange     if (password) {
3617800567a6SDaniel P. Berrange         if (fips_get_state()) {
36182d55f0e8SPaolo Bonzini             error_setg(errp,
36190f66998fSPaul Moore                        "VNC password auth disabled due to FIPS mode, "
36200f66998fSPaul Moore                        "consider using the VeNCrypt or SASL authentication "
36212d55f0e8SPaolo Bonzini                        "methods as an alternative");
36221ce52c78SPaolo Bonzini             goto fail;
36230f66998fSPaul Moore         }
3624800567a6SDaniel P. Berrange         if (!qcrypto_cipher_supports(
3625800567a6SDaniel P. Berrange                 QCRYPTO_CIPHER_ALG_DES_RFB)) {
3626800567a6SDaniel P. Berrange             error_setg(errp,
3627800567a6SDaniel P. Berrange                        "Cipher backend does not support DES RFB algorithm");
3628800567a6SDaniel P. Berrange             goto fail;
3629800567a6SDaniel P. Berrange         }
3630800567a6SDaniel P. Berrange     }
36314db14629SGerd Hoffmann 
36324db14629SGerd Hoffmann     reverse = qemu_opt_get_bool(opts, "reverse", false);
36334db14629SGerd Hoffmann     lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
36344db14629SGerd Hoffmann     sasl = qemu_opt_get_bool(opts, "sasl", false);
3635d169f04bSDaniel P. Berrange #ifndef CONFIG_VNC_SASL
3636d169f04bSDaniel P. Berrange     if (sasl) {
3637d169f04bSDaniel P. Berrange         error_setg(errp, "VNC SASL auth requires cyrus-sasl support");
3638d169f04bSDaniel P. Berrange         goto fail;
3639d169f04bSDaniel P. Berrange     }
3640d169f04bSDaniel P. Berrange #endif /* CONFIG_VNC_SASL */
36413e305e4aSDaniel P. Berrange     credid = qemu_opt_get(opts, "tls-creds");
36423e305e4aSDaniel P. Berrange     if (credid) {
36433e305e4aSDaniel P. Berrange         Object *creds;
36443e305e4aSDaniel P. Berrange         if (qemu_opt_get(opts, "tls") ||
36453e305e4aSDaniel P. Berrange             qemu_opt_get(opts, "x509") ||
36463e305e4aSDaniel P. Berrange             qemu_opt_get(opts, "x509verify")) {
36473e305e4aSDaniel P. Berrange             error_setg(errp,
36483e305e4aSDaniel P. Berrange                        "'credid' parameter is mutually exclusive with "
36493e305e4aSDaniel P. Berrange                        "'tls', 'x509' and 'x509verify' parameters");
36503e305e4aSDaniel P. Berrange             goto fail;
36513e305e4aSDaniel P. Berrange         }
36523e305e4aSDaniel P. Berrange 
36533e305e4aSDaniel P. Berrange         creds = object_resolve_path_component(
36543e305e4aSDaniel P. Berrange             object_get_objects_root(), credid);
36553e305e4aSDaniel P. Berrange         if (!creds) {
36563e305e4aSDaniel P. Berrange             error_setg(errp, "No TLS credentials with id '%s'",
36573e305e4aSDaniel P. Berrange                        credid);
36583e305e4aSDaniel P. Berrange             goto fail;
36593e305e4aSDaniel P. Berrange         }
36603e305e4aSDaniel P. Berrange         vs->tlscreds = (QCryptoTLSCreds *)
36613e305e4aSDaniel P. Berrange             object_dynamic_cast(creds,
36623e305e4aSDaniel P. Berrange                                 TYPE_QCRYPTO_TLS_CREDS);
36633e305e4aSDaniel P. Berrange         if (!vs->tlscreds) {
36643e305e4aSDaniel P. Berrange             error_setg(errp, "Object with id '%s' is not TLS credentials",
36653e305e4aSDaniel P. Berrange                        credid);
36663e305e4aSDaniel P. Berrange             goto fail;
36673e305e4aSDaniel P. Berrange         }
36683e305e4aSDaniel P. Berrange         object_ref(OBJECT(vs->tlscreds));
36693e305e4aSDaniel P. Berrange 
36703e305e4aSDaniel P. Berrange         if (vs->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
36713e305e4aSDaniel P. Berrange             error_setg(errp,
36723e305e4aSDaniel P. Berrange                        "Expecting TLS credentials with a server endpoint");
36733e305e4aSDaniel P. Berrange             goto fail;
36743e305e4aSDaniel P. Berrange         }
36753e305e4aSDaniel P. Berrange     } else {
36763e305e4aSDaniel P. Berrange         const char *path;
36773e305e4aSDaniel P. Berrange         bool tls = false, x509 = false, x509verify = false;
36784db14629SGerd Hoffmann         tls  = qemu_opt_get_bool(opts, "tls", false);
36793e305e4aSDaniel P. Berrange         if (tls) {
36804db14629SGerd Hoffmann             path = qemu_opt_get(opts, "x509");
36813e305e4aSDaniel P. Berrange 
36824db14629SGerd Hoffmann             if (path) {
3683a2c72de0SGonglei                 x509 = true;
36843e305e4aSDaniel P. Berrange             } else {
36853e305e4aSDaniel P. Berrange                 path = qemu_opt_get(opts, "x509verify");
36863e305e4aSDaniel P. Berrange                 if (path) {
36873e305e4aSDaniel P. Berrange                     x509 = true;
36883e305e4aSDaniel P. Berrange                     x509verify = true;
36893e305e4aSDaniel P. Berrange                 }
36903e305e4aSDaniel P. Berrange             }
36913e305e4aSDaniel P. Berrange             vs->tlscreds = vnc_display_create_creds(x509,
36923e305e4aSDaniel P. Berrange                                                     x509verify,
36933e305e4aSDaniel P. Berrange                                                     path,
36943e305e4aSDaniel P. Berrange                                                     vs->id,
36953e305e4aSDaniel P. Berrange                                                     errp);
36963e305e4aSDaniel P. Berrange             if (!vs->tlscreds) {
36971ce52c78SPaolo Bonzini                 goto fail;
36983e230dd2SCorentin Chary             }
36993e230dd2SCorentin Chary         }
3700d169f04bSDaniel P. Berrange     }
37014db14629SGerd Hoffmann     acl = qemu_opt_get_bool(opts, "acl", false);
37024db14629SGerd Hoffmann 
37034db14629SGerd Hoffmann     share = qemu_opt_get(opts, "share");
37044db14629SGerd Hoffmann     if (share) {
37054db14629SGerd Hoffmann         if (strcmp(share, "ignore") == 0) {
37068cf36489SGerd Hoffmann             vs->share_policy = VNC_SHARE_POLICY_IGNORE;
37074db14629SGerd Hoffmann         } else if (strcmp(share, "allow-exclusive") == 0) {
37088cf36489SGerd Hoffmann             vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
37094db14629SGerd Hoffmann         } else if (strcmp(share, "force-shared") == 0) {
37108cf36489SGerd Hoffmann             vs->share_policy = VNC_SHARE_POLICY_FORCE_SHARED;
37118cf36489SGerd Hoffmann         } else {
37122d55f0e8SPaolo Bonzini             error_setg(errp, "unknown vnc share= option");
37131ce52c78SPaolo Bonzini             goto fail;
37148cf36489SGerd Hoffmann         }
37154db14629SGerd Hoffmann     } else {
37164db14629SGerd Hoffmann         vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
37173e230dd2SCorentin Chary     }
3718e5f34cddSGerd Hoffmann     vs->connections_limit = qemu_opt_get_number(opts, "connections", 32);
37193e230dd2SCorentin Chary 
37204db14629SGerd Hoffmann #ifdef CONFIG_VNC_JPEG
37214db14629SGerd Hoffmann     vs->lossy = qemu_opt_get_bool(opts, "lossy", false);
37224db14629SGerd Hoffmann #endif
37234db14629SGerd Hoffmann     vs->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false);
3724e22492d3SPeter Lieven     /* adaptive updates are only used with tight encoding and
3725e22492d3SPeter Lieven      * if lossy updates are enabled so we can disable all the
3726e22492d3SPeter Lieven      * calculations otherwise */
3727e22492d3SPeter Lieven     if (!vs->lossy) {
3728e22492d3SPeter Lieven         vs->non_adaptive = true;
3729e22492d3SPeter Lieven     }
3730e22492d3SPeter Lieven 
37313e305e4aSDaniel P. Berrange     if (acl) {
3732c8496408SGerd Hoffmann         if (strcmp(vs->id, "default") == 0) {
37333e305e4aSDaniel P. Berrange             vs->tlsaclname = g_strdup("vnc.x509dname");
3734c8496408SGerd Hoffmann         } else {
37353e305e4aSDaniel P. Berrange             vs->tlsaclname = g_strdup_printf("vnc.%s.x509dname", vs->id);
3736c8496408SGerd Hoffmann         }
37373e305e4aSDaniel P. Berrange         qemu_acl_init(vs->tlsaclname);
37383e230dd2SCorentin Chary      }
37393e230dd2SCorentin Chary #ifdef CONFIG_VNC_SASL
37403e230dd2SCorentin Chary     if (acl && sasl) {
3741c8496408SGerd Hoffmann         char *aclname;
3742c8496408SGerd Hoffmann 
3743c8496408SGerd Hoffmann         if (strcmp(vs->id, "default") == 0) {
3744c8496408SGerd Hoffmann             aclname = g_strdup("vnc.username");
3745c8496408SGerd Hoffmann         } else {
3746c8496408SGerd Hoffmann             aclname = g_strdup_printf("vnc.%s.username", vs->id);
3747c8496408SGerd Hoffmann         }
3748c8496408SGerd Hoffmann         vs->sasl.acl = qemu_acl_init(aclname);
3749c8496408SGerd Hoffmann         g_free(aclname);
37503e230dd2SCorentin Chary     }
37513e230dd2SCorentin Chary #endif
37523e230dd2SCorentin Chary 
3753*e0d03b8cSDaniel P. Berrange     if (vnc_display_setup_auth(vs, password, sasl, vs->ws_enabled, errp) < 0) {
37543e305e4aSDaniel P. Berrange         goto fail;
37553e305e4aSDaniel P. Berrange     }
37563e230dd2SCorentin Chary 
37573e230dd2SCorentin Chary #ifdef CONFIG_VNC_SASL
37583e230dd2SCorentin Chary     if ((saslErr = sasl_server_init(NULL, "qemu")) != SASL_OK) {
37592d55f0e8SPaolo Bonzini         error_setg(errp, "Failed to initialize SASL auth: %s",
37603e230dd2SCorentin Chary                    sasl_errstring(saslErr, NULL, NULL));
37611ce52c78SPaolo Bonzini         goto fail;
37623e230dd2SCorentin Chary     }
37633e230dd2SCorentin Chary #endif
37643e230dd2SCorentin Chary     vs->lock_key_sync = lock_key_sync;
37653e230dd2SCorentin Chary 
37661d0d59feSGerd Hoffmann     device_id = qemu_opt_get(opts, "display");
37671d0d59feSGerd Hoffmann     if (device_id) {
37681d0d59feSGerd Hoffmann         DeviceState *dev;
37691d0d59feSGerd Hoffmann         int head = qemu_opt_get_number(opts, "head", 0);
37701d0d59feSGerd Hoffmann 
37711d0d59feSGerd Hoffmann         dev = qdev_find_recursive(sysbus_get_default(), device_id);
37721d0d59feSGerd Hoffmann         if (dev == NULL) {
3773f3cf80e8SMarkus Armbruster             error_setg(errp, "Device '%s' not found", device_id);
37741d0d59feSGerd Hoffmann             goto fail;
37751d0d59feSGerd Hoffmann         }
37761d0d59feSGerd Hoffmann 
37771d0d59feSGerd Hoffmann         con = qemu_console_lookup_by_device(dev, head);
37781d0d59feSGerd Hoffmann         if (con == NULL) {
37791d0d59feSGerd Hoffmann             error_setg(errp, "Device %s is not bound to a QemuConsole",
37801d0d59feSGerd Hoffmann                        device_id);
37811d0d59feSGerd Hoffmann             goto fail;
37821d0d59feSGerd Hoffmann         }
37831d0d59feSGerd Hoffmann     } else {
37841d0d59feSGerd Hoffmann         con = NULL;
37851d0d59feSGerd Hoffmann     }
37861d0d59feSGerd Hoffmann 
37871d0d59feSGerd Hoffmann     if (con != vs->dcl.con) {
37881d0d59feSGerd Hoffmann         unregister_displaychangelistener(&vs->dcl);
37891d0d59feSGerd Hoffmann         vs->dcl.con = con;
37901d0d59feSGerd Hoffmann         register_displaychangelistener(&vs->dcl);
37911d0d59feSGerd Hoffmann     }
37921d0d59feSGerd Hoffmann 
37933e230dd2SCorentin Chary     if (reverse) {
37943e230dd2SCorentin Chary         /* connect to viewer */
3795007fcd3eSPaolo Bonzini         int csock;
37963e230dd2SCorentin Chary         vs->lsock = -1;
37977536ee4bSTim Hardeck         vs->lwebsock = -1;
3798*e0d03b8cSDaniel P. Berrange         if (vs->ws_enabled) {
3799*e0d03b8cSDaniel P. Berrange             error_setg(errp, "Cannot use websockets in reverse mode");
3800*e0d03b8cSDaniel P. Berrange             goto fail;
38013e230dd2SCorentin Chary         }
3802*e0d03b8cSDaniel P. Berrange         csock = socket_connect(saddr, errp, NULL, NULL);
3803007fcd3eSPaolo Bonzini         if (csock < 0) {
3804007fcd3eSPaolo Bonzini             goto fail;
3805007fcd3eSPaolo Bonzini         }
3806*e0d03b8cSDaniel P. Berrange         vs->is_unix = saddr->kind == SOCKET_ADDRESS_KIND_UNIX;
38072c8cf549SMichael Tokarev         vnc_connect(vs, csock, false, false);
38083e230dd2SCorentin Chary     } else {
38093e230dd2SCorentin Chary         /* listen for connects */
3810*e0d03b8cSDaniel P. Berrange         vs->lsock = socket_listen(saddr, errp);
38113d00ac1aSCole Robinson         if (vs->lsock < 0) {
38123d00ac1aSCole Robinson             goto fail;
38133d00ac1aSCole Robinson         }
3814*e0d03b8cSDaniel P. Berrange         vs->is_unix = saddr->kind == SOCKET_ADDRESS_KIND_UNIX;
3815bf7aa45eSGerd Hoffmann         if (vs->ws_enabled) {
3816*e0d03b8cSDaniel P. Berrange             vs->lwebsock = socket_listen(wsaddr, errp);
38177536ee4bSTim Hardeck             if (vs->lwebsock < 0) {
3818b3c33f91SGonglei                 if (vs->lsock != -1) {
38197536ee4bSTim Hardeck                     close(vs->lsock);
38207536ee4bSTim Hardeck                     vs->lsock = -1;
38217536ee4bSTim Hardeck                 }
38227536ee4bSTim Hardeck                 goto fail;
38237536ee4bSTim Hardeck             }
38247536ee4bSTim Hardeck         }
3825bf7aa45eSGerd Hoffmann         vs->enabled = true;
382682e1cc4bSFam Zheng         qemu_set_fd_handler(vs->lsock, vnc_listen_regular_read, NULL, vs);
3827bf7aa45eSGerd Hoffmann         if (vs->ws_enabled) {
382882e1cc4bSFam Zheng             qemu_set_fd_handler(vs->lwebsock, vnc_listen_websocket_read,
382982e1cc4bSFam Zheng                                 NULL, vs);
38307536ee4bSTim Hardeck         }
38313e230dd2SCorentin Chary     }
3832*e0d03b8cSDaniel P. Berrange 
3833*e0d03b8cSDaniel P. Berrange     qapi_free_SocketAddress(saddr);
3834*e0d03b8cSDaniel P. Berrange     qapi_free_SocketAddress(wsaddr);
38352d55f0e8SPaolo Bonzini     return;
38361ce52c78SPaolo Bonzini 
38371ce52c78SPaolo Bonzini fail:
3838*e0d03b8cSDaniel P. Berrange     qapi_free_SocketAddress(saddr);
3839*e0d03b8cSDaniel P. Berrange     qapi_free_SocketAddress(wsaddr);
3840bf7aa45eSGerd Hoffmann     vs->enabled = false;
3841bf7aa45eSGerd Hoffmann     vs->ws_enabled = false;
38423e230dd2SCorentin Chary }
384313661089SDaniel P. Berrange 
384414f7143eSGerd Hoffmann void vnc_display_add_client(const char *id, int csock, bool skipauth)
384513661089SDaniel P. Berrange {
384614f7143eSGerd Hoffmann     VncDisplay *vs = vnc_display_find(id);
384713661089SDaniel P. Berrange 
3848d616ccc5SGerd Hoffmann     if (!vs) {
3849d616ccc5SGerd Hoffmann         return;
3850d616ccc5SGerd Hoffmann     }
38512c8cf549SMichael Tokarev     vnc_connect(vs, csock, skipauth, false);
385213661089SDaniel P. Berrange }
38534db14629SGerd Hoffmann 
38549634f4e3SGerd Hoffmann static void vnc_auto_assign_id(QemuOptsList *olist, QemuOpts *opts)
38552779672fSGonglei {
38562779672fSGonglei     int i = 2;
38572779672fSGonglei     char *id;
38582779672fSGonglei 
38592779672fSGonglei     id = g_strdup("default");
38602779672fSGonglei     while (qemu_opts_find(olist, id)) {
38612779672fSGonglei         g_free(id);
38622779672fSGonglei         id = g_strdup_printf("vnc%d", i++);
38632779672fSGonglei     }
38642779672fSGonglei     qemu_opts_set_id(opts, id);
38652779672fSGonglei }
38662779672fSGonglei 
386770b94331SMarkus Armbruster QemuOpts *vnc_parse(const char *str, Error **errp)
38684db14629SGerd Hoffmann {
38694db14629SGerd Hoffmann     QemuOptsList *olist = qemu_find_opts("vnc");
387070b94331SMarkus Armbruster     QemuOpts *opts = qemu_opts_parse(olist, str, true, errp);
387181607cbfSGonglei     const char *id;
38724db14629SGerd Hoffmann 
387381607cbfSGonglei     if (!opts) {
387481607cbfSGonglei         return NULL;
387581607cbfSGonglei     }
387681607cbfSGonglei 
387781607cbfSGonglei     id = qemu_opts_id(opts);
38784db14629SGerd Hoffmann     if (!id) {
38794db14629SGerd Hoffmann         /* auto-assign id if not present */
38802779672fSGonglei         vnc_auto_assign_id(olist, opts);
38819634f4e3SGerd Hoffmann     }
38829634f4e3SGerd Hoffmann     return opts;
38834db14629SGerd Hoffmann }
38844db14629SGerd Hoffmann 
388528d0de7aSMarkus Armbruster int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp)
38869634f4e3SGerd Hoffmann {
38879634f4e3SGerd Hoffmann     Error *local_err = NULL;
38889634f4e3SGerd Hoffmann     char *id = (char *)qemu_opts_id(opts);
38899634f4e3SGerd Hoffmann 
38909634f4e3SGerd Hoffmann     assert(id);
38914db14629SGerd Hoffmann     vnc_display_init(id);
38924db14629SGerd Hoffmann     vnc_display_open(id, &local_err);
38934db14629SGerd Hoffmann     if (local_err != NULL) {
3894bc119048SCole Robinson         error_report("Failed to start VNC server: %s",
38954db14629SGerd Hoffmann                      error_get_pretty(local_err));
38964db14629SGerd Hoffmann         error_free(local_err);
38974db14629SGerd Hoffmann         exit(1);
38984db14629SGerd Hoffmann     }
38994db14629SGerd Hoffmann     return 0;
39004db14629SGerd Hoffmann }
39014db14629SGerd Hoffmann 
39024db14629SGerd Hoffmann static void vnc_register_config(void)
39034db14629SGerd Hoffmann {
39044db14629SGerd Hoffmann     qemu_add_opts(&qemu_vnc_opts);
39054db14629SGerd Hoffmann }
39064db14629SGerd Hoffmann machine_init(vnc_register_config);
3907