1 /* 2 * QEMU VNC display driver 3 * 4 * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws> 5 * Copyright (C) 2006 Fabrice Bellard 6 * Copyright (C) 2009 Red Hat, Inc 7 * 8 * Permission is hereby granted, free of charge, to any person obtaining a copy 9 * of this software and associated documentation files (the "Software"), to deal 10 * in the Software without restriction, including without limitation the rights 11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 * copies of the Software, and to permit persons to whom the Software is 13 * furnished to do so, subject to the following conditions: 14 * 15 * The above copyright notice and this permission notice shall be included in 16 * all copies or substantial portions of the Software. 17 * 18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 24 * THE SOFTWARE. 25 */ 26 27 #include "qemu/osdep.h" 28 #include "vnc.h" 29 #include "vnc-jobs.h" 30 #include "trace.h" 31 #include "sysemu/sysemu.h" 32 #include "qemu/error-report.h" 33 #include "qemu/sockets.h" 34 #include "qemu/timer.h" 35 #include "qemu/acl.h" 36 #include "qemu/config-file.h" 37 #include "qapi/qmp/qerror.h" 38 #include "qapi/qmp/types.h" 39 #include "qmp-commands.h" 40 #include "ui/input.h" 41 #include "qapi-event.h" 42 #include "crypto/hash.h" 43 #include "crypto/tlscredsanon.h" 44 #include "crypto/tlscredsx509.h" 45 #include "qom/object_interfaces.h" 46 #include "qemu/cutils.h" 47 #include "io/dns-resolver.h" 48 49 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT 50 #define VNC_REFRESH_INTERVAL_INC 50 51 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE 52 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 }; 53 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 }; 54 55 #include "vnc_keysym.h" 56 #include "crypto/cipher.h" 57 58 static QTAILQ_HEAD(, VncDisplay) vnc_displays = 59 QTAILQ_HEAD_INITIALIZER(vnc_displays); 60 61 static int vnc_cursor_define(VncState *vs); 62 static void vnc_release_modifiers(VncState *vs); 63 static void vnc_update_throttle_offset(VncState *vs); 64 65 static void vnc_set_share_mode(VncState *vs, VncShareMode mode) 66 { 67 #ifdef _VNC_DEBUG 68 static const char *mn[] = { 69 [0] = "undefined", 70 [VNC_SHARE_MODE_CONNECTING] = "connecting", 71 [VNC_SHARE_MODE_SHARED] = "shared", 72 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive", 73 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected", 74 }; 75 fprintf(stderr, "%s/%p: %s -> %s\n", __func__, 76 vs->ioc, mn[vs->share_mode], mn[mode]); 77 #endif 78 79 switch (vs->share_mode) { 80 case VNC_SHARE_MODE_CONNECTING: 81 vs->vd->num_connecting--; 82 break; 83 case VNC_SHARE_MODE_SHARED: 84 vs->vd->num_shared--; 85 break; 86 case VNC_SHARE_MODE_EXCLUSIVE: 87 vs->vd->num_exclusive--; 88 break; 89 default: 90 break; 91 } 92 93 vs->share_mode = mode; 94 95 switch (vs->share_mode) { 96 case VNC_SHARE_MODE_CONNECTING: 97 vs->vd->num_connecting++; 98 break; 99 case VNC_SHARE_MODE_SHARED: 100 vs->vd->num_shared++; 101 break; 102 case VNC_SHARE_MODE_EXCLUSIVE: 103 vs->vd->num_exclusive++; 104 break; 105 default: 106 break; 107 } 108 } 109 110 111 static void vnc_init_basic_info(SocketAddress *addr, 112 VncBasicInfo *info, 113 Error **errp) 114 { 115 switch (addr->type) { 116 case SOCKET_ADDRESS_TYPE_INET: 117 info->host = g_strdup(addr->u.inet.host); 118 info->service = g_strdup(addr->u.inet.port); 119 if (addr->u.inet.ipv6) { 120 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 121 } else { 122 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 123 } 124 break; 125 126 case SOCKET_ADDRESS_TYPE_UNIX: 127 info->host = g_strdup(""); 128 info->service = g_strdup(addr->u.q_unix.path); 129 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 130 break; 131 132 case SOCKET_ADDRESS_TYPE_VSOCK: 133 case SOCKET_ADDRESS_TYPE_FD: 134 error_setg(errp, "Unsupported socket address type %s", 135 SocketAddressType_str(addr->type)); 136 break; 137 default: 138 abort(); 139 } 140 141 return; 142 } 143 144 static void vnc_init_basic_info_from_server_addr(QIOChannelSocket *ioc, 145 VncBasicInfo *info, 146 Error **errp) 147 { 148 SocketAddress *addr = NULL; 149 150 if (!ioc) { 151 error_setg(errp, "No listener socket available"); 152 return; 153 } 154 155 addr = qio_channel_socket_get_local_address(ioc, errp); 156 if (!addr) { 157 return; 158 } 159 160 vnc_init_basic_info(addr, info, errp); 161 qapi_free_SocketAddress(addr); 162 } 163 164 static void vnc_init_basic_info_from_remote_addr(QIOChannelSocket *ioc, 165 VncBasicInfo *info, 166 Error **errp) 167 { 168 SocketAddress *addr = NULL; 169 170 addr = qio_channel_socket_get_remote_address(ioc, errp); 171 if (!addr) { 172 return; 173 } 174 175 vnc_init_basic_info(addr, info, errp); 176 qapi_free_SocketAddress(addr); 177 } 178 179 static const char *vnc_auth_name(VncDisplay *vd) { 180 switch (vd->auth) { 181 case VNC_AUTH_INVALID: 182 return "invalid"; 183 case VNC_AUTH_NONE: 184 return "none"; 185 case VNC_AUTH_VNC: 186 return "vnc"; 187 case VNC_AUTH_RA2: 188 return "ra2"; 189 case VNC_AUTH_RA2NE: 190 return "ra2ne"; 191 case VNC_AUTH_TIGHT: 192 return "tight"; 193 case VNC_AUTH_ULTRA: 194 return "ultra"; 195 case VNC_AUTH_TLS: 196 return "tls"; 197 case VNC_AUTH_VENCRYPT: 198 switch (vd->subauth) { 199 case VNC_AUTH_VENCRYPT_PLAIN: 200 return "vencrypt+plain"; 201 case VNC_AUTH_VENCRYPT_TLSNONE: 202 return "vencrypt+tls+none"; 203 case VNC_AUTH_VENCRYPT_TLSVNC: 204 return "vencrypt+tls+vnc"; 205 case VNC_AUTH_VENCRYPT_TLSPLAIN: 206 return "vencrypt+tls+plain"; 207 case VNC_AUTH_VENCRYPT_X509NONE: 208 return "vencrypt+x509+none"; 209 case VNC_AUTH_VENCRYPT_X509VNC: 210 return "vencrypt+x509+vnc"; 211 case VNC_AUTH_VENCRYPT_X509PLAIN: 212 return "vencrypt+x509+plain"; 213 case VNC_AUTH_VENCRYPT_TLSSASL: 214 return "vencrypt+tls+sasl"; 215 case VNC_AUTH_VENCRYPT_X509SASL: 216 return "vencrypt+x509+sasl"; 217 default: 218 return "vencrypt"; 219 } 220 case VNC_AUTH_SASL: 221 return "sasl"; 222 } 223 return "unknown"; 224 } 225 226 static VncServerInfo *vnc_server_info_get(VncDisplay *vd) 227 { 228 VncServerInfo *info; 229 Error *err = NULL; 230 231 if (!vd->nlsock) { 232 return NULL; 233 } 234 235 info = g_malloc0(sizeof(*info)); 236 vnc_init_basic_info_from_server_addr(vd->lsock[0], 237 qapi_VncServerInfo_base(info), &err); 238 info->has_auth = true; 239 info->auth = g_strdup(vnc_auth_name(vd)); 240 if (err) { 241 qapi_free_VncServerInfo(info); 242 info = NULL; 243 error_free(err); 244 } 245 return info; 246 } 247 248 static void vnc_client_cache_auth(VncState *client) 249 { 250 if (!client->info) { 251 return; 252 } 253 254 if (client->tls) { 255 client->info->x509_dname = 256 qcrypto_tls_session_get_peer_name(client->tls); 257 client->info->has_x509_dname = 258 client->info->x509_dname != NULL; 259 } 260 #ifdef CONFIG_VNC_SASL 261 if (client->sasl.conn && 262 client->sasl.username) { 263 client->info->has_sasl_username = true; 264 client->info->sasl_username = g_strdup(client->sasl.username); 265 } 266 #endif 267 } 268 269 static void vnc_client_cache_addr(VncState *client) 270 { 271 Error *err = NULL; 272 273 client->info = g_malloc0(sizeof(*client->info)); 274 vnc_init_basic_info_from_remote_addr(client->sioc, 275 qapi_VncClientInfo_base(client->info), 276 &err); 277 if (err) { 278 qapi_free_VncClientInfo(client->info); 279 client->info = NULL; 280 error_free(err); 281 } 282 } 283 284 static void vnc_qmp_event(VncState *vs, QAPIEvent event) 285 { 286 VncServerInfo *si; 287 288 if (!vs->info) { 289 return; 290 } 291 292 si = vnc_server_info_get(vs->vd); 293 if (!si) { 294 return; 295 } 296 297 switch (event) { 298 case QAPI_EVENT_VNC_CONNECTED: 299 qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info), 300 &error_abort); 301 break; 302 case QAPI_EVENT_VNC_INITIALIZED: 303 qapi_event_send_vnc_initialized(si, vs->info, &error_abort); 304 break; 305 case QAPI_EVENT_VNC_DISCONNECTED: 306 qapi_event_send_vnc_disconnected(si, vs->info, &error_abort); 307 break; 308 default: 309 break; 310 } 311 312 qapi_free_VncServerInfo(si); 313 } 314 315 static VncClientInfo *qmp_query_vnc_client(const VncState *client) 316 { 317 VncClientInfo *info; 318 Error *err = NULL; 319 320 info = g_malloc0(sizeof(*info)); 321 322 vnc_init_basic_info_from_remote_addr(client->sioc, 323 qapi_VncClientInfo_base(info), 324 &err); 325 if (err) { 326 error_free(err); 327 qapi_free_VncClientInfo(info); 328 return NULL; 329 } 330 331 info->websocket = client->websocket; 332 333 if (client->tls) { 334 info->x509_dname = qcrypto_tls_session_get_peer_name(client->tls); 335 info->has_x509_dname = info->x509_dname != NULL; 336 } 337 #ifdef CONFIG_VNC_SASL 338 if (client->sasl.conn && client->sasl.username) { 339 info->has_sasl_username = true; 340 info->sasl_username = g_strdup(client->sasl.username); 341 } 342 #endif 343 344 return info; 345 } 346 347 static VncDisplay *vnc_display_find(const char *id) 348 { 349 VncDisplay *vd; 350 351 if (id == NULL) { 352 return QTAILQ_FIRST(&vnc_displays); 353 } 354 QTAILQ_FOREACH(vd, &vnc_displays, next) { 355 if (strcmp(id, vd->id) == 0) { 356 return vd; 357 } 358 } 359 return NULL; 360 } 361 362 static VncClientInfoList *qmp_query_client_list(VncDisplay *vd) 363 { 364 VncClientInfoList *cinfo, *prev = NULL; 365 VncState *client; 366 367 QTAILQ_FOREACH(client, &vd->clients, next) { 368 cinfo = g_new0(VncClientInfoList, 1); 369 cinfo->value = qmp_query_vnc_client(client); 370 cinfo->next = prev; 371 prev = cinfo; 372 } 373 return prev; 374 } 375 376 VncInfo *qmp_query_vnc(Error **errp) 377 { 378 VncInfo *info = g_malloc0(sizeof(*info)); 379 VncDisplay *vd = vnc_display_find(NULL); 380 SocketAddress *addr = NULL; 381 382 if (vd == NULL || !vd->nlsock) { 383 info->enabled = false; 384 } else { 385 info->enabled = true; 386 387 /* for compatibility with the original command */ 388 info->has_clients = true; 389 info->clients = qmp_query_client_list(vd); 390 391 if (vd->lsock == NULL) { 392 return info; 393 } 394 395 addr = qio_channel_socket_get_local_address(vd->lsock[0], errp); 396 if (!addr) { 397 goto out_error; 398 } 399 400 switch (addr->type) { 401 case SOCKET_ADDRESS_TYPE_INET: 402 info->host = g_strdup(addr->u.inet.host); 403 info->service = g_strdup(addr->u.inet.port); 404 if (addr->u.inet.ipv6) { 405 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 406 } else { 407 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 408 } 409 break; 410 411 case SOCKET_ADDRESS_TYPE_UNIX: 412 info->host = g_strdup(""); 413 info->service = g_strdup(addr->u.q_unix.path); 414 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 415 break; 416 417 case SOCKET_ADDRESS_TYPE_VSOCK: 418 case SOCKET_ADDRESS_TYPE_FD: 419 error_setg(errp, "Unsupported socket address type %s", 420 SocketAddressType_str(addr->type)); 421 goto out_error; 422 default: 423 abort(); 424 } 425 426 info->has_host = true; 427 info->has_service = true; 428 info->has_family = true; 429 430 info->has_auth = true; 431 info->auth = g_strdup(vnc_auth_name(vd)); 432 } 433 434 qapi_free_SocketAddress(addr); 435 return info; 436 437 out_error: 438 qapi_free_SocketAddress(addr); 439 qapi_free_VncInfo(info); 440 return NULL; 441 } 442 443 444 static void qmp_query_auth(int auth, int subauth, 445 VncPrimaryAuth *qmp_auth, 446 VncVencryptSubAuth *qmp_vencrypt, 447 bool *qmp_has_vencrypt); 448 449 static VncServerInfo2List *qmp_query_server_entry(QIOChannelSocket *ioc, 450 bool websocket, 451 int auth, 452 int subauth, 453 VncServerInfo2List *prev) 454 { 455 VncServerInfo2List *list; 456 VncServerInfo2 *info; 457 Error *err = NULL; 458 SocketAddress *addr; 459 460 addr = qio_channel_socket_get_local_address(ioc, &err); 461 if (!addr) { 462 error_free(err); 463 return prev; 464 } 465 466 info = g_new0(VncServerInfo2, 1); 467 vnc_init_basic_info(addr, qapi_VncServerInfo2_base(info), &err); 468 qapi_free_SocketAddress(addr); 469 if (err) { 470 qapi_free_VncServerInfo2(info); 471 error_free(err); 472 return prev; 473 } 474 info->websocket = websocket; 475 476 qmp_query_auth(auth, subauth, &info->auth, 477 &info->vencrypt, &info->has_vencrypt); 478 479 list = g_new0(VncServerInfo2List, 1); 480 list->value = info; 481 list->next = prev; 482 return list; 483 } 484 485 static void qmp_query_auth(int auth, int subauth, 486 VncPrimaryAuth *qmp_auth, 487 VncVencryptSubAuth *qmp_vencrypt, 488 bool *qmp_has_vencrypt) 489 { 490 switch (auth) { 491 case VNC_AUTH_VNC: 492 *qmp_auth = VNC_PRIMARY_AUTH_VNC; 493 break; 494 case VNC_AUTH_RA2: 495 *qmp_auth = VNC_PRIMARY_AUTH_RA2; 496 break; 497 case VNC_AUTH_RA2NE: 498 *qmp_auth = VNC_PRIMARY_AUTH_RA2NE; 499 break; 500 case VNC_AUTH_TIGHT: 501 *qmp_auth = VNC_PRIMARY_AUTH_TIGHT; 502 break; 503 case VNC_AUTH_ULTRA: 504 *qmp_auth = VNC_PRIMARY_AUTH_ULTRA; 505 break; 506 case VNC_AUTH_TLS: 507 *qmp_auth = VNC_PRIMARY_AUTH_TLS; 508 break; 509 case VNC_AUTH_VENCRYPT: 510 *qmp_auth = VNC_PRIMARY_AUTH_VENCRYPT; 511 *qmp_has_vencrypt = true; 512 switch (subauth) { 513 case VNC_AUTH_VENCRYPT_PLAIN: 514 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN; 515 break; 516 case VNC_AUTH_VENCRYPT_TLSNONE: 517 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE; 518 break; 519 case VNC_AUTH_VENCRYPT_TLSVNC: 520 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC; 521 break; 522 case VNC_AUTH_VENCRYPT_TLSPLAIN: 523 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN; 524 break; 525 case VNC_AUTH_VENCRYPT_X509NONE: 526 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE; 527 break; 528 case VNC_AUTH_VENCRYPT_X509VNC: 529 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC; 530 break; 531 case VNC_AUTH_VENCRYPT_X509PLAIN: 532 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN; 533 break; 534 case VNC_AUTH_VENCRYPT_TLSSASL: 535 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL; 536 break; 537 case VNC_AUTH_VENCRYPT_X509SASL: 538 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL; 539 break; 540 default: 541 *qmp_has_vencrypt = false; 542 break; 543 } 544 break; 545 case VNC_AUTH_SASL: 546 *qmp_auth = VNC_PRIMARY_AUTH_SASL; 547 break; 548 case VNC_AUTH_NONE: 549 default: 550 *qmp_auth = VNC_PRIMARY_AUTH_NONE; 551 break; 552 } 553 } 554 555 VncInfo2List *qmp_query_vnc_servers(Error **errp) 556 { 557 VncInfo2List *item, *prev = NULL; 558 VncInfo2 *info; 559 VncDisplay *vd; 560 DeviceState *dev; 561 size_t i; 562 563 QTAILQ_FOREACH(vd, &vnc_displays, next) { 564 info = g_new0(VncInfo2, 1); 565 info->id = g_strdup(vd->id); 566 info->clients = qmp_query_client_list(vd); 567 qmp_query_auth(vd->auth, vd->subauth, &info->auth, 568 &info->vencrypt, &info->has_vencrypt); 569 if (vd->dcl.con) { 570 dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con), 571 "device", NULL)); 572 info->has_display = true; 573 info->display = g_strdup(dev->id); 574 } 575 for (i = 0; i < vd->nlsock; i++) { 576 info->server = qmp_query_server_entry( 577 vd->lsock[i], false, vd->auth, vd->subauth, info->server); 578 } 579 for (i = 0; i < vd->nlwebsock; i++) { 580 info->server = qmp_query_server_entry( 581 vd->lwebsock[i], true, vd->ws_auth, 582 vd->ws_subauth, info->server); 583 } 584 585 item = g_new0(VncInfo2List, 1); 586 item->value = info; 587 item->next = prev; 588 prev = item; 589 } 590 return prev; 591 } 592 593 /* TODO 594 1) Get the queue working for IO. 595 2) there is some weirdness when using the -S option (the screen is grey 596 and not totally invalidated 597 3) resolutions > 1024 598 */ 599 600 static int vnc_update_client(VncState *vs, int has_dirty); 601 static void vnc_disconnect_start(VncState *vs); 602 603 static void vnc_colordepth(VncState *vs); 604 static void framebuffer_update_request(VncState *vs, int incremental, 605 int x_position, int y_position, 606 int w, int h); 607 static void vnc_refresh(DisplayChangeListener *dcl); 608 static int vnc_refresh_server_surface(VncDisplay *vd); 609 610 static int vnc_width(VncDisplay *vd) 611 { 612 return MIN(VNC_MAX_WIDTH, ROUND_UP(surface_width(vd->ds), 613 VNC_DIRTY_PIXELS_PER_BIT)); 614 } 615 616 static int vnc_height(VncDisplay *vd) 617 { 618 return MIN(VNC_MAX_HEIGHT, surface_height(vd->ds)); 619 } 620 621 static void vnc_set_area_dirty(DECLARE_BITMAP(dirty[VNC_MAX_HEIGHT], 622 VNC_MAX_WIDTH / VNC_DIRTY_PIXELS_PER_BIT), 623 VncDisplay *vd, 624 int x, int y, int w, int h) 625 { 626 int width = vnc_width(vd); 627 int height = vnc_height(vd); 628 629 /* this is needed this to ensure we updated all affected 630 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */ 631 w += (x % VNC_DIRTY_PIXELS_PER_BIT); 632 x -= (x % VNC_DIRTY_PIXELS_PER_BIT); 633 634 x = MIN(x, width); 635 y = MIN(y, height); 636 w = MIN(x + w, width) - x; 637 h = MIN(y + h, height); 638 639 for (; y < h; y++) { 640 bitmap_set(dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT, 641 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT)); 642 } 643 } 644 645 static void vnc_dpy_update(DisplayChangeListener *dcl, 646 int x, int y, int w, int h) 647 { 648 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 649 struct VncSurface *s = &vd->guest; 650 651 vnc_set_area_dirty(s->dirty, vd, x, y, w, h); 652 } 653 654 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h, 655 int32_t encoding) 656 { 657 vnc_write_u16(vs, x); 658 vnc_write_u16(vs, y); 659 vnc_write_u16(vs, w); 660 vnc_write_u16(vs, h); 661 662 vnc_write_s32(vs, encoding); 663 } 664 665 666 static void vnc_desktop_resize(VncState *vs) 667 { 668 if (vs->ioc == NULL || !vnc_has_feature(vs, VNC_FEATURE_RESIZE)) { 669 return; 670 } 671 if (vs->client_width == pixman_image_get_width(vs->vd->server) && 672 vs->client_height == pixman_image_get_height(vs->vd->server)) { 673 return; 674 } 675 vs->client_width = pixman_image_get_width(vs->vd->server); 676 vs->client_height = pixman_image_get_height(vs->vd->server); 677 vnc_lock_output(vs); 678 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 679 vnc_write_u8(vs, 0); 680 vnc_write_u16(vs, 1); /* number of rects */ 681 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height, 682 VNC_ENCODING_DESKTOPRESIZE); 683 vnc_unlock_output(vs); 684 vnc_flush(vs); 685 } 686 687 static void vnc_abort_display_jobs(VncDisplay *vd) 688 { 689 VncState *vs; 690 691 QTAILQ_FOREACH(vs, &vd->clients, next) { 692 vnc_lock_output(vs); 693 vs->abort = true; 694 vnc_unlock_output(vs); 695 } 696 QTAILQ_FOREACH(vs, &vd->clients, next) { 697 vnc_jobs_join(vs); 698 } 699 QTAILQ_FOREACH(vs, &vd->clients, next) { 700 vnc_lock_output(vs); 701 vs->abort = false; 702 vnc_unlock_output(vs); 703 } 704 } 705 706 int vnc_server_fb_stride(VncDisplay *vd) 707 { 708 return pixman_image_get_stride(vd->server); 709 } 710 711 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y) 712 { 713 uint8_t *ptr; 714 715 ptr = (uint8_t *)pixman_image_get_data(vd->server); 716 ptr += y * vnc_server_fb_stride(vd); 717 ptr += x * VNC_SERVER_FB_BYTES; 718 return ptr; 719 } 720 721 static void vnc_update_server_surface(VncDisplay *vd) 722 { 723 int width, height; 724 725 qemu_pixman_image_unref(vd->server); 726 vd->server = NULL; 727 728 if (QTAILQ_EMPTY(&vd->clients)) { 729 return; 730 } 731 732 width = vnc_width(vd); 733 height = vnc_height(vd); 734 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT, 735 width, height, 736 NULL, 0); 737 738 memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty)); 739 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 740 width, height); 741 } 742 743 static void vnc_dpy_switch(DisplayChangeListener *dcl, 744 DisplaySurface *surface) 745 { 746 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 747 VncState *vs; 748 749 vnc_abort_display_jobs(vd); 750 vd->ds = surface; 751 752 /* server surface */ 753 vnc_update_server_surface(vd); 754 755 /* guest surface */ 756 qemu_pixman_image_unref(vd->guest.fb); 757 vd->guest.fb = pixman_image_ref(surface->image); 758 vd->guest.format = surface->format; 759 760 QTAILQ_FOREACH(vs, &vd->clients, next) { 761 vnc_colordepth(vs); 762 vnc_desktop_resize(vs); 763 if (vs->vd->cursor) { 764 vnc_cursor_define(vs); 765 } 766 memset(vs->dirty, 0x00, sizeof(vs->dirty)); 767 vnc_set_area_dirty(vs->dirty, vd, 0, 0, 768 vnc_width(vd), 769 vnc_height(vd)); 770 vnc_update_throttle_offset(vs); 771 } 772 } 773 774 /* fastest code */ 775 static void vnc_write_pixels_copy(VncState *vs, 776 void *pixels, int size) 777 { 778 vnc_write(vs, pixels, size); 779 } 780 781 /* slowest but generic code. */ 782 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v) 783 { 784 uint8_t r, g, b; 785 786 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8) 787 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8; 788 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8; 789 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8; 790 #else 791 # error need some bits here if you change VNC_SERVER_FB_FORMAT 792 #endif 793 v = (r << vs->client_pf.rshift) | 794 (g << vs->client_pf.gshift) | 795 (b << vs->client_pf.bshift); 796 switch (vs->client_pf.bytes_per_pixel) { 797 case 1: 798 buf[0] = v; 799 break; 800 case 2: 801 if (vs->client_be) { 802 buf[0] = v >> 8; 803 buf[1] = v; 804 } else { 805 buf[1] = v >> 8; 806 buf[0] = v; 807 } 808 break; 809 default: 810 case 4: 811 if (vs->client_be) { 812 buf[0] = v >> 24; 813 buf[1] = v >> 16; 814 buf[2] = v >> 8; 815 buf[3] = v; 816 } else { 817 buf[3] = v >> 24; 818 buf[2] = v >> 16; 819 buf[1] = v >> 8; 820 buf[0] = v; 821 } 822 break; 823 } 824 } 825 826 static void vnc_write_pixels_generic(VncState *vs, 827 void *pixels1, int size) 828 { 829 uint8_t buf[4]; 830 831 if (VNC_SERVER_FB_BYTES == 4) { 832 uint32_t *pixels = pixels1; 833 int n, i; 834 n = size >> 2; 835 for (i = 0; i < n; i++) { 836 vnc_convert_pixel(vs, buf, pixels[i]); 837 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel); 838 } 839 } 840 } 841 842 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 843 { 844 int i; 845 uint8_t *row; 846 VncDisplay *vd = vs->vd; 847 848 row = vnc_server_fb_ptr(vd, x, y); 849 for (i = 0; i < h; i++) { 850 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES); 851 row += vnc_server_fb_stride(vd); 852 } 853 return 1; 854 } 855 856 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 857 { 858 int n = 0; 859 bool encode_raw = false; 860 size_t saved_offs = vs->output.offset; 861 862 switch(vs->vnc_encoding) { 863 case VNC_ENCODING_ZLIB: 864 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h); 865 break; 866 case VNC_ENCODING_HEXTILE: 867 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE); 868 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h); 869 break; 870 case VNC_ENCODING_TIGHT: 871 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h); 872 break; 873 case VNC_ENCODING_TIGHT_PNG: 874 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h); 875 break; 876 case VNC_ENCODING_ZRLE: 877 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h); 878 break; 879 case VNC_ENCODING_ZYWRLE: 880 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h); 881 break; 882 default: 883 encode_raw = true; 884 break; 885 } 886 887 /* If the client has the same pixel format as our internal buffer and 888 * a RAW encoding would need less space fall back to RAW encoding to 889 * save bandwidth and processing power in the client. */ 890 if (!encode_raw && vs->write_pixels == vnc_write_pixels_copy && 891 12 + h * w * VNC_SERVER_FB_BYTES <= (vs->output.offset - saved_offs)) { 892 vs->output.offset = saved_offs; 893 encode_raw = true; 894 } 895 896 if (encode_raw) { 897 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW); 898 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h); 899 } 900 901 return n; 902 } 903 904 static void vnc_mouse_set(DisplayChangeListener *dcl, 905 int x, int y, int visible) 906 { 907 /* can we ask the client(s) to move the pointer ??? */ 908 } 909 910 static int vnc_cursor_define(VncState *vs) 911 { 912 QEMUCursor *c = vs->vd->cursor; 913 int isize; 914 915 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) { 916 vnc_lock_output(vs); 917 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 918 vnc_write_u8(vs, 0); /* padding */ 919 vnc_write_u16(vs, 1); /* # of rects */ 920 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height, 921 VNC_ENCODING_RICH_CURSOR); 922 isize = c->width * c->height * vs->client_pf.bytes_per_pixel; 923 vnc_write_pixels_generic(vs, c->data, isize); 924 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize); 925 vnc_unlock_output(vs); 926 return 0; 927 } 928 return -1; 929 } 930 931 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl, 932 QEMUCursor *c) 933 { 934 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 935 VncState *vs; 936 937 cursor_put(vd->cursor); 938 g_free(vd->cursor_mask); 939 940 vd->cursor = c; 941 cursor_get(vd->cursor); 942 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height; 943 vd->cursor_mask = g_malloc0(vd->cursor_msize); 944 cursor_get_mono_mask(c, 0, vd->cursor_mask); 945 946 QTAILQ_FOREACH(vs, &vd->clients, next) { 947 vnc_cursor_define(vs); 948 } 949 } 950 951 static int find_and_clear_dirty_height(VncState *vs, 952 int y, int last_x, int x, int height) 953 { 954 int h; 955 956 for (h = 1; h < (height - y); h++) { 957 if (!test_bit(last_x, vs->dirty[y + h])) { 958 break; 959 } 960 bitmap_clear(vs->dirty[y + h], last_x, x - last_x); 961 } 962 963 return h; 964 } 965 966 /* 967 * Figure out how much pending data we should allow in the output 968 * buffer before we throttle incremental display updates, and/or 969 * drop audio samples. 970 * 971 * We allow for equiv of 1 full display's worth of FB updates, 972 * and 1 second of audio samples. If audio backlog was larger 973 * than that the client would already suffering awful audio 974 * glitches, so dropping samples is no worse really). 975 */ 976 static void vnc_update_throttle_offset(VncState *vs) 977 { 978 size_t offset = 979 vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel; 980 981 if (vs->audio_cap) { 982 int freq = vs->as.freq; 983 /* We don't limit freq when reading settings from client, so 984 * it could be upto MAX_INT in size. 48khz is a sensible 985 * upper bound for trustworthy clients */ 986 int bps; 987 if (freq > 48000) { 988 freq = 48000; 989 } 990 switch (vs->as.fmt) { 991 default: 992 case AUD_FMT_U8: 993 case AUD_FMT_S8: 994 bps = 1; 995 break; 996 case AUD_FMT_U16: 997 case AUD_FMT_S16: 998 bps = 2; 999 break; 1000 case AUD_FMT_U32: 1001 case AUD_FMT_S32: 1002 bps = 4; 1003 break; 1004 } 1005 offset += freq * bps * vs->as.nchannels; 1006 } 1007 1008 /* Put a floor of 1MB on offset, so that if we have a large pending 1009 * buffer and the display is resized to a small size & back again 1010 * we don't suddenly apply a tiny send limit 1011 */ 1012 offset = MAX(offset, 1024 * 1024); 1013 1014 if (vs->throttle_output_offset != offset) { 1015 trace_vnc_client_throttle_threshold( 1016 vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_width, 1017 vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_cap); 1018 } 1019 1020 vs->throttle_output_offset = offset; 1021 } 1022 1023 static bool vnc_should_update(VncState *vs) 1024 { 1025 switch (vs->update) { 1026 case VNC_STATE_UPDATE_NONE: 1027 break; 1028 case VNC_STATE_UPDATE_INCREMENTAL: 1029 /* Only allow incremental updates if the pending send queue 1030 * is less than the permitted threshold, and the job worker 1031 * is completely idle. 1032 */ 1033 if (vs->output.offset < vs->throttle_output_offset && 1034 vs->job_update == VNC_STATE_UPDATE_NONE) { 1035 return true; 1036 } 1037 trace_vnc_client_throttle_incremental( 1038 vs, vs->ioc, vs->job_update, vs->output.offset); 1039 break; 1040 case VNC_STATE_UPDATE_FORCE: 1041 /* Only allow forced updates if the pending send queue 1042 * does not contain a previous forced update, and the 1043 * job worker is completely idle. 1044 * 1045 * Note this means we'll queue a forced update, even if 1046 * the output buffer size is otherwise over the throttle 1047 * output limit. 1048 */ 1049 if (vs->force_update_offset == 0 && 1050 vs->job_update == VNC_STATE_UPDATE_NONE) { 1051 return true; 1052 } 1053 trace_vnc_client_throttle_forced( 1054 vs, vs->ioc, vs->job_update, vs->force_update_offset); 1055 break; 1056 } 1057 return false; 1058 } 1059 1060 static int vnc_update_client(VncState *vs, int has_dirty) 1061 { 1062 VncDisplay *vd = vs->vd; 1063 VncJob *job; 1064 int y; 1065 int height, width; 1066 int n = 0; 1067 1068 if (vs->disconnecting) { 1069 vnc_disconnect_finish(vs); 1070 return 0; 1071 } 1072 1073 vs->has_dirty += has_dirty; 1074 if (!vnc_should_update(vs)) { 1075 return 0; 1076 } 1077 1078 if (!vs->has_dirty && vs->update != VNC_STATE_UPDATE_FORCE) { 1079 return 0; 1080 } 1081 1082 /* 1083 * Send screen updates to the vnc client using the server 1084 * surface and server dirty map. guest surface updates 1085 * happening in parallel don't disturb us, the next pass will 1086 * send them to the client. 1087 */ 1088 job = vnc_job_new(vs); 1089 1090 height = pixman_image_get_height(vd->server); 1091 width = pixman_image_get_width(vd->server); 1092 1093 y = 0; 1094 for (;;) { 1095 int x, h; 1096 unsigned long x2; 1097 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty, 1098 height * VNC_DIRTY_BPL(vs), 1099 y * VNC_DIRTY_BPL(vs)); 1100 if (offset == height * VNC_DIRTY_BPL(vs)) { 1101 /* no more dirty bits */ 1102 break; 1103 } 1104 y = offset / VNC_DIRTY_BPL(vs); 1105 x = offset % VNC_DIRTY_BPL(vs); 1106 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y], 1107 VNC_DIRTY_BPL(vs), x); 1108 bitmap_clear(vs->dirty[y], x, x2 - x); 1109 h = find_and_clear_dirty_height(vs, y, x, x2, height); 1110 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT); 1111 if (x2 > x) { 1112 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y, 1113 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h); 1114 } 1115 if (!x && x2 == width / VNC_DIRTY_PIXELS_PER_BIT) { 1116 y += h; 1117 if (y == height) { 1118 break; 1119 } 1120 } 1121 } 1122 1123 vs->job_update = vs->update; 1124 vs->update = VNC_STATE_UPDATE_NONE; 1125 vnc_job_push(job); 1126 vs->has_dirty = 0; 1127 return n; 1128 } 1129 1130 /* audio */ 1131 static void audio_capture_notify(void *opaque, audcnotification_e cmd) 1132 { 1133 VncState *vs = opaque; 1134 1135 switch (cmd) { 1136 case AUD_CNOTIFY_DISABLE: 1137 vnc_lock_output(vs); 1138 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1139 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1140 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END); 1141 vnc_unlock_output(vs); 1142 vnc_flush(vs); 1143 break; 1144 1145 case AUD_CNOTIFY_ENABLE: 1146 vnc_lock_output(vs); 1147 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1148 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1149 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN); 1150 vnc_unlock_output(vs); 1151 vnc_flush(vs); 1152 break; 1153 } 1154 } 1155 1156 static void audio_capture_destroy(void *opaque) 1157 { 1158 } 1159 1160 static void audio_capture(void *opaque, void *buf, int size) 1161 { 1162 VncState *vs = opaque; 1163 1164 vnc_lock_output(vs); 1165 if (vs->output.offset < vs->throttle_output_offset) { 1166 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1167 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1168 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA); 1169 vnc_write_u32(vs, size); 1170 vnc_write(vs, buf, size); 1171 } else { 1172 trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset); 1173 } 1174 vnc_unlock_output(vs); 1175 vnc_flush(vs); 1176 } 1177 1178 static void audio_add(VncState *vs) 1179 { 1180 struct audio_capture_ops ops; 1181 1182 if (vs->audio_cap) { 1183 error_report("audio already running"); 1184 return; 1185 } 1186 1187 ops.notify = audio_capture_notify; 1188 ops.destroy = audio_capture_destroy; 1189 ops.capture = audio_capture; 1190 1191 vs->audio_cap = AUD_add_capture(&vs->as, &ops, vs); 1192 if (!vs->audio_cap) { 1193 error_report("Failed to add audio capture"); 1194 } 1195 } 1196 1197 static void audio_del(VncState *vs) 1198 { 1199 if (vs->audio_cap) { 1200 AUD_del_capture(vs->audio_cap, vs); 1201 vs->audio_cap = NULL; 1202 } 1203 } 1204 1205 static void vnc_disconnect_start(VncState *vs) 1206 { 1207 if (vs->disconnecting) { 1208 return; 1209 } 1210 trace_vnc_client_disconnect_start(vs, vs->ioc); 1211 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED); 1212 if (vs->ioc_tag) { 1213 g_source_remove(vs->ioc_tag); 1214 vs->ioc_tag = 0; 1215 } 1216 qio_channel_close(vs->ioc, NULL); 1217 vs->disconnecting = TRUE; 1218 } 1219 1220 void vnc_disconnect_finish(VncState *vs) 1221 { 1222 int i; 1223 1224 trace_vnc_client_disconnect_finish(vs, vs->ioc); 1225 1226 vnc_jobs_join(vs); /* Wait encoding jobs */ 1227 1228 vnc_lock_output(vs); 1229 vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED); 1230 1231 buffer_free(&vs->input); 1232 buffer_free(&vs->output); 1233 1234 qapi_free_VncClientInfo(vs->info); 1235 1236 vnc_zlib_clear(vs); 1237 vnc_tight_clear(vs); 1238 vnc_zrle_clear(vs); 1239 1240 #ifdef CONFIG_VNC_SASL 1241 vnc_sasl_client_cleanup(vs); 1242 #endif /* CONFIG_VNC_SASL */ 1243 audio_del(vs); 1244 vnc_release_modifiers(vs); 1245 1246 if (vs->mouse_mode_notifier.notify != NULL) { 1247 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 1248 } 1249 QTAILQ_REMOVE(&vs->vd->clients, vs, next); 1250 if (QTAILQ_EMPTY(&vs->vd->clients)) { 1251 /* last client gone */ 1252 vnc_update_server_surface(vs->vd); 1253 } 1254 1255 vnc_unlock_output(vs); 1256 1257 qemu_mutex_destroy(&vs->output_mutex); 1258 if (vs->bh != NULL) { 1259 qemu_bh_delete(vs->bh); 1260 } 1261 buffer_free(&vs->jobs_buffer); 1262 1263 for (i = 0; i < VNC_STAT_ROWS; ++i) { 1264 g_free(vs->lossy_rect[i]); 1265 } 1266 g_free(vs->lossy_rect); 1267 1268 object_unref(OBJECT(vs->ioc)); 1269 vs->ioc = NULL; 1270 object_unref(OBJECT(vs->sioc)); 1271 vs->sioc = NULL; 1272 g_free(vs); 1273 } 1274 1275 size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp) 1276 { 1277 if (ret <= 0) { 1278 if (ret == 0) { 1279 trace_vnc_client_eof(vs, vs->ioc); 1280 vnc_disconnect_start(vs); 1281 } else if (ret != QIO_CHANNEL_ERR_BLOCK) { 1282 trace_vnc_client_io_error(vs, vs->ioc, 1283 errp ? error_get_pretty(*errp) : 1284 "Unknown"); 1285 vnc_disconnect_start(vs); 1286 } 1287 1288 if (errp) { 1289 error_free(*errp); 1290 *errp = NULL; 1291 } 1292 return 0; 1293 } 1294 return ret; 1295 } 1296 1297 1298 void vnc_client_error(VncState *vs) 1299 { 1300 VNC_DEBUG("Closing down client sock: protocol error\n"); 1301 vnc_disconnect_start(vs); 1302 } 1303 1304 1305 /* 1306 * Called to write a chunk of data to the client socket. The data may 1307 * be the raw data, or may have already been encoded by SASL. 1308 * The data will be written either straight onto the socket, or 1309 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1310 * 1311 * NB, it is theoretically possible to have 2 layers of encryption, 1312 * both SASL, and this TLS layer. It is highly unlikely in practice 1313 * though, since SASL encryption will typically be a no-op if TLS 1314 * is active 1315 * 1316 * Returns the number of bytes written, which may be less than 1317 * the requested 'datalen' if the socket would block. Returns 1318 * 0 on I/O error, and disconnects the client socket. 1319 */ 1320 size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen) 1321 { 1322 Error *err = NULL; 1323 ssize_t ret; 1324 ret = qio_channel_write( 1325 vs->ioc, (const char *)data, datalen, &err); 1326 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret); 1327 return vnc_client_io_error(vs, ret, &err); 1328 } 1329 1330 1331 /* 1332 * Called to write buffered data to the client socket, when not 1333 * using any SASL SSF encryption layers. Will write as much data 1334 * as possible without blocking. If all buffered data is written, 1335 * will switch the FD poll() handler back to read monitoring. 1336 * 1337 * Returns the number of bytes written, which may be less than 1338 * the buffered output data if the socket would block. Returns 1339 * 0 on I/O error, and disconnects the client socket. 1340 */ 1341 static size_t vnc_client_write_plain(VncState *vs) 1342 { 1343 size_t offset; 1344 size_t ret; 1345 1346 #ifdef CONFIG_VNC_SASL 1347 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n", 1348 vs->output.buffer, vs->output.capacity, vs->output.offset, 1349 vs->sasl.waitWriteSSF); 1350 1351 if (vs->sasl.conn && 1352 vs->sasl.runSSF && 1353 vs->sasl.waitWriteSSF) { 1354 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF); 1355 if (ret) 1356 vs->sasl.waitWriteSSF -= ret; 1357 } else 1358 #endif /* CONFIG_VNC_SASL */ 1359 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset); 1360 if (!ret) 1361 return 0; 1362 1363 if (ret >= vs->force_update_offset) { 1364 if (vs->force_update_offset != 0) { 1365 trace_vnc_client_unthrottle_forced(vs, vs->ioc); 1366 } 1367 vs->force_update_offset = 0; 1368 } else { 1369 vs->force_update_offset -= ret; 1370 } 1371 offset = vs->output.offset; 1372 buffer_advance(&vs->output, ret); 1373 if (offset >= vs->throttle_output_offset && 1374 vs->output.offset < vs->throttle_output_offset) { 1375 trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.offset); 1376 } 1377 1378 if (vs->output.offset == 0) { 1379 if (vs->ioc_tag) { 1380 g_source_remove(vs->ioc_tag); 1381 } 1382 vs->ioc_tag = qio_channel_add_watch( 1383 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 1384 } 1385 1386 return ret; 1387 } 1388 1389 1390 /* 1391 * First function called whenever there is data to be written to 1392 * the client socket. Will delegate actual work according to whether 1393 * SASL SSF layers are enabled (thus requiring encryption calls) 1394 */ 1395 static void vnc_client_write_locked(VncState *vs) 1396 { 1397 #ifdef CONFIG_VNC_SASL 1398 if (vs->sasl.conn && 1399 vs->sasl.runSSF && 1400 !vs->sasl.waitWriteSSF) { 1401 vnc_client_write_sasl(vs); 1402 } else 1403 #endif /* CONFIG_VNC_SASL */ 1404 { 1405 vnc_client_write_plain(vs); 1406 } 1407 } 1408 1409 static void vnc_client_write(VncState *vs) 1410 { 1411 1412 vnc_lock_output(vs); 1413 if (vs->output.offset) { 1414 vnc_client_write_locked(vs); 1415 } else if (vs->ioc != NULL) { 1416 if (vs->ioc_tag) { 1417 g_source_remove(vs->ioc_tag); 1418 } 1419 vs->ioc_tag = qio_channel_add_watch( 1420 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 1421 } 1422 vnc_unlock_output(vs); 1423 } 1424 1425 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting) 1426 { 1427 vs->read_handler = func; 1428 vs->read_handler_expect = expecting; 1429 } 1430 1431 1432 /* 1433 * Called to read a chunk of data from the client socket. The data may 1434 * be the raw data, or may need to be further decoded by SASL. 1435 * The data will be read either straight from to the socket, or 1436 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1437 * 1438 * NB, it is theoretically possible to have 2 layers of encryption, 1439 * both SASL, and this TLS layer. It is highly unlikely in practice 1440 * though, since SASL encryption will typically be a no-op if TLS 1441 * is active 1442 * 1443 * Returns the number of bytes read, which may be less than 1444 * the requested 'datalen' if the socket would block. Returns 1445 * 0 on I/O error or EOF, and disconnects the client socket. 1446 */ 1447 size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen) 1448 { 1449 ssize_t ret; 1450 Error *err = NULL; 1451 ret = qio_channel_read( 1452 vs->ioc, (char *)data, datalen, &err); 1453 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret); 1454 return vnc_client_io_error(vs, ret, &err); 1455 } 1456 1457 1458 /* 1459 * Called to read data from the client socket to the input buffer, 1460 * when not using any SASL SSF encryption layers. Will read as much 1461 * data as possible without blocking. 1462 * 1463 * Returns the number of bytes read, which may be less than 1464 * the requested 'datalen' if the socket would block. Returns 1465 * 0 on I/O error or EOF, and disconnects the client socket. 1466 */ 1467 static size_t vnc_client_read_plain(VncState *vs) 1468 { 1469 size_t ret; 1470 VNC_DEBUG("Read plain %p size %zd offset %zd\n", 1471 vs->input.buffer, vs->input.capacity, vs->input.offset); 1472 buffer_reserve(&vs->input, 4096); 1473 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096); 1474 if (!ret) 1475 return 0; 1476 vs->input.offset += ret; 1477 return ret; 1478 } 1479 1480 static void vnc_jobs_bh(void *opaque) 1481 { 1482 VncState *vs = opaque; 1483 1484 vnc_jobs_consume_buffer(vs); 1485 } 1486 1487 /* 1488 * First function called whenever there is more data to be read from 1489 * the client socket. Will delegate actual work according to whether 1490 * SASL SSF layers are enabled (thus requiring decryption calls) 1491 * Returns 0 on success, -1 if client disconnected 1492 */ 1493 static int vnc_client_read(VncState *vs) 1494 { 1495 size_t ret; 1496 1497 #ifdef CONFIG_VNC_SASL 1498 if (vs->sasl.conn && vs->sasl.runSSF) 1499 ret = vnc_client_read_sasl(vs); 1500 else 1501 #endif /* CONFIG_VNC_SASL */ 1502 ret = vnc_client_read_plain(vs); 1503 if (!ret) { 1504 if (vs->disconnecting) { 1505 vnc_disconnect_finish(vs); 1506 return -1; 1507 } 1508 return 0; 1509 } 1510 1511 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) { 1512 size_t len = vs->read_handler_expect; 1513 int ret; 1514 1515 ret = vs->read_handler(vs, vs->input.buffer, len); 1516 if (vs->disconnecting) { 1517 vnc_disconnect_finish(vs); 1518 return -1; 1519 } 1520 1521 if (!ret) { 1522 buffer_advance(&vs->input, len); 1523 } else { 1524 vs->read_handler_expect = ret; 1525 } 1526 } 1527 return 0; 1528 } 1529 1530 gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED, 1531 GIOCondition condition, void *opaque) 1532 { 1533 VncState *vs = opaque; 1534 if (condition & G_IO_IN) { 1535 if (vnc_client_read(vs) < 0) { 1536 return TRUE; 1537 } 1538 } 1539 if (condition & G_IO_OUT) { 1540 vnc_client_write(vs); 1541 } 1542 return TRUE; 1543 } 1544 1545 1546 /* 1547 * Scale factor to apply to vs->throttle_output_offset when checking for 1548 * hard limit. Worst case normal usage could be x2, if we have a complete 1549 * incremental update and complete forced update in the output buffer. 1550 * So x3 should be good enough, but we pick x5 to be conservative and thus 1551 * (hopefully) never trigger incorrectly. 1552 */ 1553 #define VNC_THROTTLE_OUTPUT_LIMIT_SCALE 5 1554 1555 void vnc_write(VncState *vs, const void *data, size_t len) 1556 { 1557 if (vs->disconnecting) { 1558 return; 1559 } 1560 /* Protection against malicious client/guest to prevent our output 1561 * buffer growing without bound if client stops reading data. This 1562 * should rarely trigger, because we have earlier throttling code 1563 * which stops issuing framebuffer updates and drops audio data 1564 * if the throttle_output_offset value is exceeded. So we only reach 1565 * this higher level if a huge number of pseudo-encodings get 1566 * triggered while data can't be sent on the socket. 1567 * 1568 * NB throttle_output_offset can be zero during early protocol 1569 * handshake, or from the job thread's VncState clone 1570 */ 1571 if (vs->throttle_output_offset != 0 && 1572 vs->output.offset > (vs->throttle_output_offset * 1573 VNC_THROTTLE_OUTPUT_LIMIT_SCALE)) { 1574 trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset, 1575 vs->throttle_output_offset); 1576 vnc_disconnect_start(vs); 1577 return; 1578 } 1579 buffer_reserve(&vs->output, len); 1580 1581 if (vs->ioc != NULL && buffer_empty(&vs->output)) { 1582 if (vs->ioc_tag) { 1583 g_source_remove(vs->ioc_tag); 1584 } 1585 vs->ioc_tag = qio_channel_add_watch( 1586 vs->ioc, G_IO_IN | G_IO_OUT, vnc_client_io, vs, NULL); 1587 } 1588 1589 buffer_append(&vs->output, data, len); 1590 } 1591 1592 void vnc_write_s32(VncState *vs, int32_t value) 1593 { 1594 vnc_write_u32(vs, *(uint32_t *)&value); 1595 } 1596 1597 void vnc_write_u32(VncState *vs, uint32_t value) 1598 { 1599 uint8_t buf[4]; 1600 1601 buf[0] = (value >> 24) & 0xFF; 1602 buf[1] = (value >> 16) & 0xFF; 1603 buf[2] = (value >> 8) & 0xFF; 1604 buf[3] = value & 0xFF; 1605 1606 vnc_write(vs, buf, 4); 1607 } 1608 1609 void vnc_write_u16(VncState *vs, uint16_t value) 1610 { 1611 uint8_t buf[2]; 1612 1613 buf[0] = (value >> 8) & 0xFF; 1614 buf[1] = value & 0xFF; 1615 1616 vnc_write(vs, buf, 2); 1617 } 1618 1619 void vnc_write_u8(VncState *vs, uint8_t value) 1620 { 1621 vnc_write(vs, (char *)&value, 1); 1622 } 1623 1624 void vnc_flush(VncState *vs) 1625 { 1626 vnc_lock_output(vs); 1627 if (vs->ioc != NULL && vs->output.offset) { 1628 vnc_client_write_locked(vs); 1629 } 1630 vnc_unlock_output(vs); 1631 } 1632 1633 static uint8_t read_u8(uint8_t *data, size_t offset) 1634 { 1635 return data[offset]; 1636 } 1637 1638 static uint16_t read_u16(uint8_t *data, size_t offset) 1639 { 1640 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF); 1641 } 1642 1643 static int32_t read_s32(uint8_t *data, size_t offset) 1644 { 1645 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) | 1646 (data[offset + 2] << 8) | data[offset + 3]); 1647 } 1648 1649 uint32_t read_u32(uint8_t *data, size_t offset) 1650 { 1651 return ((data[offset] << 24) | (data[offset + 1] << 16) | 1652 (data[offset + 2] << 8) | data[offset + 3]); 1653 } 1654 1655 static void client_cut_text(VncState *vs, size_t len, uint8_t *text) 1656 { 1657 } 1658 1659 static void check_pointer_type_change(Notifier *notifier, void *data) 1660 { 1661 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier); 1662 int absolute = qemu_input_is_absolute(); 1663 1664 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) { 1665 vnc_lock_output(vs); 1666 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1667 vnc_write_u8(vs, 0); 1668 vnc_write_u16(vs, 1); 1669 vnc_framebuffer_update(vs, absolute, 0, 1670 pixman_image_get_width(vs->vd->server), 1671 pixman_image_get_height(vs->vd->server), 1672 VNC_ENCODING_POINTER_TYPE_CHANGE); 1673 vnc_unlock_output(vs); 1674 vnc_flush(vs); 1675 } 1676 vs->absolute = absolute; 1677 } 1678 1679 static void pointer_event(VncState *vs, int button_mask, int x, int y) 1680 { 1681 static uint32_t bmap[INPUT_BUTTON__MAX] = { 1682 [INPUT_BUTTON_LEFT] = 0x01, 1683 [INPUT_BUTTON_MIDDLE] = 0x02, 1684 [INPUT_BUTTON_RIGHT] = 0x04, 1685 [INPUT_BUTTON_WHEEL_UP] = 0x08, 1686 [INPUT_BUTTON_WHEEL_DOWN] = 0x10, 1687 }; 1688 QemuConsole *con = vs->vd->dcl.con; 1689 int width = pixman_image_get_width(vs->vd->server); 1690 int height = pixman_image_get_height(vs->vd->server); 1691 1692 if (vs->last_bmask != button_mask) { 1693 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask); 1694 vs->last_bmask = button_mask; 1695 } 1696 1697 if (vs->absolute) { 1698 qemu_input_queue_abs(con, INPUT_AXIS_X, x, 0, width); 1699 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, 0, height); 1700 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) { 1701 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF); 1702 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF); 1703 } else { 1704 if (vs->last_x != -1) { 1705 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x); 1706 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y); 1707 } 1708 vs->last_x = x; 1709 vs->last_y = y; 1710 } 1711 qemu_input_event_sync(); 1712 } 1713 1714 static void reset_keys(VncState *vs) 1715 { 1716 int i; 1717 for(i = 0; i < 256; i++) { 1718 if (vs->modifiers_state[i]) { 1719 qemu_input_event_send_key_number(vs->vd->dcl.con, i, false); 1720 qemu_input_event_send_key_delay(vs->vd->key_delay_ms); 1721 vs->modifiers_state[i] = 0; 1722 } 1723 } 1724 } 1725 1726 static void press_key(VncState *vs, int keysym) 1727 { 1728 int keycode = keysym2scancode(vs->vd->kbd_layout, keysym) & SCANCODE_KEYMASK; 1729 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, true); 1730 qemu_input_event_send_key_delay(vs->vd->key_delay_ms); 1731 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false); 1732 qemu_input_event_send_key_delay(vs->vd->key_delay_ms); 1733 } 1734 1735 static void vnc_led_state_change(VncState *vs) 1736 { 1737 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) { 1738 return; 1739 } 1740 1741 vnc_lock_output(vs); 1742 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1743 vnc_write_u8(vs, 0); 1744 vnc_write_u16(vs, 1); 1745 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE); 1746 vnc_write_u8(vs, vs->vd->ledstate); 1747 vnc_unlock_output(vs); 1748 vnc_flush(vs); 1749 } 1750 1751 static void kbd_leds(void *opaque, int ledstate) 1752 { 1753 VncDisplay *vd = opaque; 1754 VncState *client; 1755 1756 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED), 1757 (ledstate & QEMU_NUM_LOCK_LED), 1758 (ledstate & QEMU_SCROLL_LOCK_LED)); 1759 1760 if (ledstate == vd->ledstate) { 1761 return; 1762 } 1763 1764 vd->ledstate = ledstate; 1765 1766 QTAILQ_FOREACH(client, &vd->clients, next) { 1767 vnc_led_state_change(client); 1768 } 1769 } 1770 1771 static void do_key_event(VncState *vs, int down, int keycode, int sym) 1772 { 1773 /* QEMU console switch */ 1774 switch(keycode) { 1775 case 0x2a: /* Left Shift */ 1776 case 0x36: /* Right Shift */ 1777 case 0x1d: /* Left CTRL */ 1778 case 0x9d: /* Right CTRL */ 1779 case 0x38: /* Left ALT */ 1780 case 0xb8: /* Right ALT */ 1781 if (down) 1782 vs->modifiers_state[keycode] = 1; 1783 else 1784 vs->modifiers_state[keycode] = 0; 1785 break; 1786 case 0x02 ... 0x0a: /* '1' to '9' keys */ 1787 if (vs->vd->dcl.con == NULL && 1788 down && vs->modifiers_state[0x1d] && vs->modifiers_state[0x38]) { 1789 /* Reset the modifiers sent to the current console */ 1790 reset_keys(vs); 1791 console_select(keycode - 0x02); 1792 return; 1793 } 1794 break; 1795 case 0x3a: /* CapsLock */ 1796 case 0x45: /* NumLock */ 1797 if (down) 1798 vs->modifiers_state[keycode] ^= 1; 1799 break; 1800 } 1801 1802 /* Turn off the lock state sync logic if the client support the led 1803 state extension. 1804 */ 1805 if (down && vs->vd->lock_key_sync && 1806 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1807 keycode_is_keypad(vs->vd->kbd_layout, keycode)) { 1808 /* If the numlock state needs to change then simulate an additional 1809 keypress before sending this one. This will happen if the user 1810 toggles numlock away from the VNC window. 1811 */ 1812 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) { 1813 if (!vs->modifiers_state[0x45]) { 1814 trace_vnc_key_sync_numlock(true); 1815 vs->modifiers_state[0x45] = 1; 1816 press_key(vs, 0xff7f); 1817 } 1818 } else { 1819 if (vs->modifiers_state[0x45]) { 1820 trace_vnc_key_sync_numlock(false); 1821 vs->modifiers_state[0x45] = 0; 1822 press_key(vs, 0xff7f); 1823 } 1824 } 1825 } 1826 1827 if (down && vs->vd->lock_key_sync && 1828 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1829 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) { 1830 /* If the capslock state needs to change then simulate an additional 1831 keypress before sending this one. This will happen if the user 1832 toggles capslock away from the VNC window. 1833 */ 1834 int uppercase = !!(sym >= 'A' && sym <= 'Z'); 1835 int shift = !!(vs->modifiers_state[0x2a] | vs->modifiers_state[0x36]); 1836 int capslock = !!(vs->modifiers_state[0x3a]); 1837 if (capslock) { 1838 if (uppercase == shift) { 1839 trace_vnc_key_sync_capslock(false); 1840 vs->modifiers_state[0x3a] = 0; 1841 press_key(vs, 0xffe5); 1842 } 1843 } else { 1844 if (uppercase != shift) { 1845 trace_vnc_key_sync_capslock(true); 1846 vs->modifiers_state[0x3a] = 1; 1847 press_key(vs, 0xffe5); 1848 } 1849 } 1850 } 1851 1852 if (qemu_console_is_graphic(NULL)) { 1853 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, down); 1854 qemu_input_event_send_key_delay(vs->vd->key_delay_ms); 1855 } else { 1856 bool numlock = vs->modifiers_state[0x45]; 1857 bool control = (vs->modifiers_state[0x1d] || 1858 vs->modifiers_state[0x9d]); 1859 /* QEMU console emulation */ 1860 if (down) { 1861 switch (keycode) { 1862 case 0x2a: /* Left Shift */ 1863 case 0x36: /* Right Shift */ 1864 case 0x1d: /* Left CTRL */ 1865 case 0x9d: /* Right CTRL */ 1866 case 0x38: /* Left ALT */ 1867 case 0xb8: /* Right ALT */ 1868 break; 1869 case 0xc8: 1870 kbd_put_keysym(QEMU_KEY_UP); 1871 break; 1872 case 0xd0: 1873 kbd_put_keysym(QEMU_KEY_DOWN); 1874 break; 1875 case 0xcb: 1876 kbd_put_keysym(QEMU_KEY_LEFT); 1877 break; 1878 case 0xcd: 1879 kbd_put_keysym(QEMU_KEY_RIGHT); 1880 break; 1881 case 0xd3: 1882 kbd_put_keysym(QEMU_KEY_DELETE); 1883 break; 1884 case 0xc7: 1885 kbd_put_keysym(QEMU_KEY_HOME); 1886 break; 1887 case 0xcf: 1888 kbd_put_keysym(QEMU_KEY_END); 1889 break; 1890 case 0xc9: 1891 kbd_put_keysym(QEMU_KEY_PAGEUP); 1892 break; 1893 case 0xd1: 1894 kbd_put_keysym(QEMU_KEY_PAGEDOWN); 1895 break; 1896 1897 case 0x47: 1898 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME); 1899 break; 1900 case 0x48: 1901 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP); 1902 break; 1903 case 0x49: 1904 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP); 1905 break; 1906 case 0x4b: 1907 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT); 1908 break; 1909 case 0x4c: 1910 kbd_put_keysym('5'); 1911 break; 1912 case 0x4d: 1913 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT); 1914 break; 1915 case 0x4f: 1916 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END); 1917 break; 1918 case 0x50: 1919 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN); 1920 break; 1921 case 0x51: 1922 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN); 1923 break; 1924 case 0x52: 1925 kbd_put_keysym('0'); 1926 break; 1927 case 0x53: 1928 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE); 1929 break; 1930 1931 case 0xb5: 1932 kbd_put_keysym('/'); 1933 break; 1934 case 0x37: 1935 kbd_put_keysym('*'); 1936 break; 1937 case 0x4a: 1938 kbd_put_keysym('-'); 1939 break; 1940 case 0x4e: 1941 kbd_put_keysym('+'); 1942 break; 1943 case 0x9c: 1944 kbd_put_keysym('\n'); 1945 break; 1946 1947 default: 1948 if (control) { 1949 kbd_put_keysym(sym & 0x1f); 1950 } else { 1951 kbd_put_keysym(sym); 1952 } 1953 break; 1954 } 1955 } 1956 } 1957 } 1958 1959 static void vnc_release_modifiers(VncState *vs) 1960 { 1961 static const int keycodes[] = { 1962 /* shift, control, alt keys, both left & right */ 1963 0x2a, 0x36, 0x1d, 0x9d, 0x38, 0xb8, 1964 }; 1965 int i, keycode; 1966 1967 if (!qemu_console_is_graphic(NULL)) { 1968 return; 1969 } 1970 for (i = 0; i < ARRAY_SIZE(keycodes); i++) { 1971 keycode = keycodes[i]; 1972 if (!vs->modifiers_state[keycode]) { 1973 continue; 1974 } 1975 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false); 1976 qemu_input_event_send_key_delay(vs->vd->key_delay_ms); 1977 } 1978 } 1979 1980 static const char *code2name(int keycode) 1981 { 1982 return QKeyCode_str(qemu_input_key_number_to_qcode(keycode)); 1983 } 1984 1985 static void key_event(VncState *vs, int down, uint32_t sym) 1986 { 1987 int keycode; 1988 int lsym = sym; 1989 1990 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) { 1991 lsym = lsym - 'A' + 'a'; 1992 } 1993 1994 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF) & SCANCODE_KEYMASK; 1995 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode)); 1996 do_key_event(vs, down, keycode, sym); 1997 } 1998 1999 static void ext_key_event(VncState *vs, int down, 2000 uint32_t sym, uint16_t keycode) 2001 { 2002 /* if the user specifies a keyboard layout, always use it */ 2003 if (keyboard_layout) { 2004 key_event(vs, down, sym); 2005 } else { 2006 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode)); 2007 do_key_event(vs, down, keycode, sym); 2008 } 2009 } 2010 2011 static void framebuffer_update_request(VncState *vs, int incremental, 2012 int x, int y, int w, int h) 2013 { 2014 if (incremental) { 2015 if (vs->update != VNC_STATE_UPDATE_FORCE) { 2016 vs->update = VNC_STATE_UPDATE_INCREMENTAL; 2017 } 2018 } else { 2019 vs->update = VNC_STATE_UPDATE_FORCE; 2020 vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h); 2021 } 2022 } 2023 2024 static void send_ext_key_event_ack(VncState *vs) 2025 { 2026 vnc_lock_output(vs); 2027 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2028 vnc_write_u8(vs, 0); 2029 vnc_write_u16(vs, 1); 2030 vnc_framebuffer_update(vs, 0, 0, 2031 pixman_image_get_width(vs->vd->server), 2032 pixman_image_get_height(vs->vd->server), 2033 VNC_ENCODING_EXT_KEY_EVENT); 2034 vnc_unlock_output(vs); 2035 vnc_flush(vs); 2036 } 2037 2038 static void send_ext_audio_ack(VncState *vs) 2039 { 2040 vnc_lock_output(vs); 2041 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2042 vnc_write_u8(vs, 0); 2043 vnc_write_u16(vs, 1); 2044 vnc_framebuffer_update(vs, 0, 0, 2045 pixman_image_get_width(vs->vd->server), 2046 pixman_image_get_height(vs->vd->server), 2047 VNC_ENCODING_AUDIO); 2048 vnc_unlock_output(vs); 2049 vnc_flush(vs); 2050 } 2051 2052 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings) 2053 { 2054 int i; 2055 unsigned int enc = 0; 2056 2057 vs->features = 0; 2058 vs->vnc_encoding = 0; 2059 vs->tight.compression = 9; 2060 vs->tight.quality = -1; /* Lossless by default */ 2061 vs->absolute = -1; 2062 2063 /* 2064 * Start from the end because the encodings are sent in order of preference. 2065 * This way the preferred encoding (first encoding defined in the array) 2066 * will be set at the end of the loop. 2067 */ 2068 for (i = n_encodings - 1; i >= 0; i--) { 2069 enc = encodings[i]; 2070 switch (enc) { 2071 case VNC_ENCODING_RAW: 2072 vs->vnc_encoding = enc; 2073 break; 2074 case VNC_ENCODING_COPYRECT: 2075 vs->features |= VNC_FEATURE_COPYRECT_MASK; 2076 break; 2077 case VNC_ENCODING_HEXTILE: 2078 vs->features |= VNC_FEATURE_HEXTILE_MASK; 2079 vs->vnc_encoding = enc; 2080 break; 2081 case VNC_ENCODING_TIGHT: 2082 vs->features |= VNC_FEATURE_TIGHT_MASK; 2083 vs->vnc_encoding = enc; 2084 break; 2085 #ifdef CONFIG_VNC_PNG 2086 case VNC_ENCODING_TIGHT_PNG: 2087 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK; 2088 vs->vnc_encoding = enc; 2089 break; 2090 #endif 2091 case VNC_ENCODING_ZLIB: 2092 vs->features |= VNC_FEATURE_ZLIB_MASK; 2093 vs->vnc_encoding = enc; 2094 break; 2095 case VNC_ENCODING_ZRLE: 2096 vs->features |= VNC_FEATURE_ZRLE_MASK; 2097 vs->vnc_encoding = enc; 2098 break; 2099 case VNC_ENCODING_ZYWRLE: 2100 vs->features |= VNC_FEATURE_ZYWRLE_MASK; 2101 vs->vnc_encoding = enc; 2102 break; 2103 case VNC_ENCODING_DESKTOPRESIZE: 2104 vs->features |= VNC_FEATURE_RESIZE_MASK; 2105 break; 2106 case VNC_ENCODING_POINTER_TYPE_CHANGE: 2107 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK; 2108 break; 2109 case VNC_ENCODING_RICH_CURSOR: 2110 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK; 2111 if (vs->vd->cursor) { 2112 vnc_cursor_define(vs); 2113 } 2114 break; 2115 case VNC_ENCODING_EXT_KEY_EVENT: 2116 send_ext_key_event_ack(vs); 2117 break; 2118 case VNC_ENCODING_AUDIO: 2119 send_ext_audio_ack(vs); 2120 break; 2121 case VNC_ENCODING_WMVi: 2122 vs->features |= VNC_FEATURE_WMVI_MASK; 2123 break; 2124 case VNC_ENCODING_LED_STATE: 2125 vs->features |= VNC_FEATURE_LED_STATE_MASK; 2126 break; 2127 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9: 2128 vs->tight.compression = (enc & 0x0F); 2129 break; 2130 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9: 2131 if (vs->vd->lossy) { 2132 vs->tight.quality = (enc & 0x0F); 2133 } 2134 break; 2135 default: 2136 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc); 2137 break; 2138 } 2139 } 2140 vnc_desktop_resize(vs); 2141 check_pointer_type_change(&vs->mouse_mode_notifier, NULL); 2142 vnc_led_state_change(vs); 2143 } 2144 2145 static void set_pixel_conversion(VncState *vs) 2146 { 2147 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf); 2148 2149 if (fmt == VNC_SERVER_FB_FORMAT) { 2150 vs->write_pixels = vnc_write_pixels_copy; 2151 vnc_hextile_set_pixel_conversion(vs, 0); 2152 } else { 2153 vs->write_pixels = vnc_write_pixels_generic; 2154 vnc_hextile_set_pixel_conversion(vs, 1); 2155 } 2156 } 2157 2158 static void send_color_map(VncState *vs) 2159 { 2160 int i; 2161 2162 vnc_write_u8(vs, VNC_MSG_SERVER_SET_COLOUR_MAP_ENTRIES); 2163 vnc_write_u8(vs, 0); /* padding */ 2164 vnc_write_u16(vs, 0); /* first color */ 2165 vnc_write_u16(vs, 256); /* # of colors */ 2166 2167 for (i = 0; i < 256; i++) { 2168 PixelFormat *pf = &vs->client_pf; 2169 2170 vnc_write_u16(vs, (((i >> pf->rshift) & pf->rmax) << (16 - pf->rbits))); 2171 vnc_write_u16(vs, (((i >> pf->gshift) & pf->gmax) << (16 - pf->gbits))); 2172 vnc_write_u16(vs, (((i >> pf->bshift) & pf->bmax) << (16 - pf->bbits))); 2173 } 2174 } 2175 2176 static void set_pixel_format(VncState *vs, int bits_per_pixel, 2177 int big_endian_flag, int true_color_flag, 2178 int red_max, int green_max, int blue_max, 2179 int red_shift, int green_shift, int blue_shift) 2180 { 2181 if (!true_color_flag) { 2182 /* Expose a reasonable default 256 color map */ 2183 bits_per_pixel = 8; 2184 red_max = 7; 2185 green_max = 7; 2186 blue_max = 3; 2187 red_shift = 0; 2188 green_shift = 3; 2189 blue_shift = 6; 2190 } 2191 2192 switch (bits_per_pixel) { 2193 case 8: 2194 case 16: 2195 case 32: 2196 break; 2197 default: 2198 vnc_client_error(vs); 2199 return; 2200 } 2201 2202 vs->client_pf.rmax = red_max ? red_max : 0xFF; 2203 vs->client_pf.rbits = ctpopl(red_max); 2204 vs->client_pf.rshift = red_shift; 2205 vs->client_pf.rmask = red_max << red_shift; 2206 vs->client_pf.gmax = green_max ? green_max : 0xFF; 2207 vs->client_pf.gbits = ctpopl(green_max); 2208 vs->client_pf.gshift = green_shift; 2209 vs->client_pf.gmask = green_max << green_shift; 2210 vs->client_pf.bmax = blue_max ? blue_max : 0xFF; 2211 vs->client_pf.bbits = ctpopl(blue_max); 2212 vs->client_pf.bshift = blue_shift; 2213 vs->client_pf.bmask = blue_max << blue_shift; 2214 vs->client_pf.bits_per_pixel = bits_per_pixel; 2215 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8; 2216 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel; 2217 vs->client_be = big_endian_flag; 2218 2219 if (!true_color_flag) { 2220 send_color_map(vs); 2221 } 2222 2223 set_pixel_conversion(vs); 2224 2225 graphic_hw_invalidate(vs->vd->dcl.con); 2226 graphic_hw_update(vs->vd->dcl.con); 2227 } 2228 2229 static void pixel_format_message (VncState *vs) { 2230 char pad[3] = { 0, 0, 0 }; 2231 2232 vs->client_pf = qemu_default_pixelformat(32); 2233 2234 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */ 2235 vnc_write_u8(vs, vs->client_pf.depth); /* depth */ 2236 2237 #ifdef HOST_WORDS_BIGENDIAN 2238 vnc_write_u8(vs, 1); /* big-endian-flag */ 2239 #else 2240 vnc_write_u8(vs, 0); /* big-endian-flag */ 2241 #endif 2242 vnc_write_u8(vs, 1); /* true-color-flag */ 2243 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */ 2244 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */ 2245 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */ 2246 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */ 2247 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */ 2248 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */ 2249 vnc_write(vs, pad, 3); /* padding */ 2250 2251 vnc_hextile_set_pixel_conversion(vs, 0); 2252 vs->write_pixels = vnc_write_pixels_copy; 2253 } 2254 2255 static void vnc_colordepth(VncState *vs) 2256 { 2257 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) { 2258 /* Sending a WMVi message to notify the client*/ 2259 vnc_lock_output(vs); 2260 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2261 vnc_write_u8(vs, 0); 2262 vnc_write_u16(vs, 1); /* number of rects */ 2263 vnc_framebuffer_update(vs, 0, 0, 2264 pixman_image_get_width(vs->vd->server), 2265 pixman_image_get_height(vs->vd->server), 2266 VNC_ENCODING_WMVi); 2267 pixel_format_message(vs); 2268 vnc_unlock_output(vs); 2269 vnc_flush(vs); 2270 } else { 2271 set_pixel_conversion(vs); 2272 } 2273 } 2274 2275 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len) 2276 { 2277 int i; 2278 uint16_t limit; 2279 VncDisplay *vd = vs->vd; 2280 2281 if (data[0] > 3) { 2282 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 2283 } 2284 2285 switch (data[0]) { 2286 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT: 2287 if (len == 1) 2288 return 20; 2289 2290 set_pixel_format(vs, read_u8(data, 4), 2291 read_u8(data, 6), read_u8(data, 7), 2292 read_u16(data, 8), read_u16(data, 10), 2293 read_u16(data, 12), read_u8(data, 14), 2294 read_u8(data, 15), read_u8(data, 16)); 2295 break; 2296 case VNC_MSG_CLIENT_SET_ENCODINGS: 2297 if (len == 1) 2298 return 4; 2299 2300 if (len == 4) { 2301 limit = read_u16(data, 2); 2302 if (limit > 0) 2303 return 4 + (limit * 4); 2304 } else 2305 limit = read_u16(data, 2); 2306 2307 for (i = 0; i < limit; i++) { 2308 int32_t val = read_s32(data, 4 + (i * 4)); 2309 memcpy(data + 4 + (i * 4), &val, sizeof(val)); 2310 } 2311 2312 set_encodings(vs, (int32_t *)(data + 4), limit); 2313 break; 2314 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST: 2315 if (len == 1) 2316 return 10; 2317 2318 framebuffer_update_request(vs, 2319 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4), 2320 read_u16(data, 6), read_u16(data, 8)); 2321 break; 2322 case VNC_MSG_CLIENT_KEY_EVENT: 2323 if (len == 1) 2324 return 8; 2325 2326 key_event(vs, read_u8(data, 1), read_u32(data, 4)); 2327 break; 2328 case VNC_MSG_CLIENT_POINTER_EVENT: 2329 if (len == 1) 2330 return 6; 2331 2332 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4)); 2333 break; 2334 case VNC_MSG_CLIENT_CUT_TEXT: 2335 if (len == 1) { 2336 return 8; 2337 } 2338 if (len == 8) { 2339 uint32_t dlen = read_u32(data, 4); 2340 if (dlen > (1 << 20)) { 2341 error_report("vnc: client_cut_text msg payload has %u bytes" 2342 " which exceeds our limit of 1MB.", dlen); 2343 vnc_client_error(vs); 2344 break; 2345 } 2346 if (dlen > 0) { 2347 return 8 + dlen; 2348 } 2349 } 2350 2351 client_cut_text(vs, read_u32(data, 4), data + 8); 2352 break; 2353 case VNC_MSG_CLIENT_QEMU: 2354 if (len == 1) 2355 return 2; 2356 2357 switch (read_u8(data, 1)) { 2358 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT: 2359 if (len == 2) 2360 return 12; 2361 2362 ext_key_event(vs, read_u16(data, 2), 2363 read_u32(data, 4), read_u32(data, 8)); 2364 break; 2365 case VNC_MSG_CLIENT_QEMU_AUDIO: 2366 if (len == 2) 2367 return 4; 2368 2369 switch (read_u16 (data, 2)) { 2370 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE: 2371 audio_add(vs); 2372 break; 2373 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE: 2374 audio_del(vs); 2375 break; 2376 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT: 2377 if (len == 4) 2378 return 10; 2379 switch (read_u8(data, 4)) { 2380 case 0: vs->as.fmt = AUD_FMT_U8; break; 2381 case 1: vs->as.fmt = AUD_FMT_S8; break; 2382 case 2: vs->as.fmt = AUD_FMT_U16; break; 2383 case 3: vs->as.fmt = AUD_FMT_S16; break; 2384 case 4: vs->as.fmt = AUD_FMT_U32; break; 2385 case 5: vs->as.fmt = AUD_FMT_S32; break; 2386 default: 2387 VNC_DEBUG("Invalid audio format %d\n", read_u8(data, 4)); 2388 vnc_client_error(vs); 2389 break; 2390 } 2391 vs->as.nchannels = read_u8(data, 5); 2392 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) { 2393 VNC_DEBUG("Invalid audio channel count %d\n", 2394 read_u8(data, 5)); 2395 vnc_client_error(vs); 2396 break; 2397 } 2398 vs->as.freq = read_u32(data, 6); 2399 break; 2400 default: 2401 VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4)); 2402 vnc_client_error(vs); 2403 break; 2404 } 2405 break; 2406 2407 default: 2408 VNC_DEBUG("Msg: %d\n", read_u16(data, 0)); 2409 vnc_client_error(vs); 2410 break; 2411 } 2412 break; 2413 default: 2414 VNC_DEBUG("Msg: %d\n", data[0]); 2415 vnc_client_error(vs); 2416 break; 2417 } 2418 2419 vnc_update_throttle_offset(vs); 2420 vnc_read_when(vs, protocol_client_msg, 1); 2421 return 0; 2422 } 2423 2424 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len) 2425 { 2426 char buf[1024]; 2427 VncShareMode mode; 2428 int size; 2429 2430 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE; 2431 switch (vs->vd->share_policy) { 2432 case VNC_SHARE_POLICY_IGNORE: 2433 /* 2434 * Ignore the shared flag. Nothing to do here. 2435 * 2436 * Doesn't conform to the rfb spec but is traditional qemu 2437 * behavior, thus left here as option for compatibility 2438 * reasons. 2439 */ 2440 break; 2441 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE: 2442 /* 2443 * Policy: Allow clients ask for exclusive access. 2444 * 2445 * Implementation: When a client asks for exclusive access, 2446 * disconnect all others. Shared connects are allowed as long 2447 * as no exclusive connection exists. 2448 * 2449 * This is how the rfb spec suggests to handle the shared flag. 2450 */ 2451 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2452 VncState *client; 2453 QTAILQ_FOREACH(client, &vs->vd->clients, next) { 2454 if (vs == client) { 2455 continue; 2456 } 2457 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE && 2458 client->share_mode != VNC_SHARE_MODE_SHARED) { 2459 continue; 2460 } 2461 vnc_disconnect_start(client); 2462 } 2463 } 2464 if (mode == VNC_SHARE_MODE_SHARED) { 2465 if (vs->vd->num_exclusive > 0) { 2466 vnc_disconnect_start(vs); 2467 return 0; 2468 } 2469 } 2470 break; 2471 case VNC_SHARE_POLICY_FORCE_SHARED: 2472 /* 2473 * Policy: Shared connects only. 2474 * Implementation: Disallow clients asking for exclusive access. 2475 * 2476 * Useful for shared desktop sessions where you don't want 2477 * someone forgetting to say -shared when running the vnc 2478 * client disconnect everybody else. 2479 */ 2480 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2481 vnc_disconnect_start(vs); 2482 return 0; 2483 } 2484 break; 2485 } 2486 vnc_set_share_mode(vs, mode); 2487 2488 if (vs->vd->num_shared > vs->vd->connections_limit) { 2489 vnc_disconnect_start(vs); 2490 return 0; 2491 } 2492 2493 vs->client_width = pixman_image_get_width(vs->vd->server); 2494 vs->client_height = pixman_image_get_height(vs->vd->server); 2495 vnc_write_u16(vs, vs->client_width); 2496 vnc_write_u16(vs, vs->client_height); 2497 2498 pixel_format_message(vs); 2499 2500 if (qemu_name) { 2501 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name); 2502 if (size > sizeof(buf)) { 2503 size = sizeof(buf); 2504 } 2505 } else { 2506 size = snprintf(buf, sizeof(buf), "QEMU"); 2507 } 2508 2509 vnc_write_u32(vs, size); 2510 vnc_write(vs, buf, size); 2511 vnc_flush(vs); 2512 2513 vnc_client_cache_auth(vs); 2514 vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED); 2515 2516 vnc_read_when(vs, protocol_client_msg, 1); 2517 2518 return 0; 2519 } 2520 2521 void start_client_init(VncState *vs) 2522 { 2523 vnc_read_when(vs, protocol_client_init, 1); 2524 } 2525 2526 static void make_challenge(VncState *vs) 2527 { 2528 int i; 2529 2530 srand(time(NULL)+getpid()+getpid()*987654+rand()); 2531 2532 for (i = 0 ; i < sizeof(vs->challenge) ; i++) 2533 vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0)); 2534 } 2535 2536 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) 2537 { 2538 unsigned char response[VNC_AUTH_CHALLENGE_SIZE]; 2539 size_t i, pwlen; 2540 unsigned char key[8]; 2541 time_t now = time(NULL); 2542 QCryptoCipher *cipher = NULL; 2543 Error *err = NULL; 2544 2545 if (!vs->vd->password) { 2546 trace_vnc_auth_fail(vs, vs->auth, "password is not set", ""); 2547 goto reject; 2548 } 2549 if (vs->vd->expires < now) { 2550 trace_vnc_auth_fail(vs, vs->auth, "password is expired", ""); 2551 goto reject; 2552 } 2553 2554 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE); 2555 2556 /* Calculate the expected challenge response */ 2557 pwlen = strlen(vs->vd->password); 2558 for (i=0; i<sizeof(key); i++) 2559 key[i] = i<pwlen ? vs->vd->password[i] : 0; 2560 2561 cipher = qcrypto_cipher_new( 2562 QCRYPTO_CIPHER_ALG_DES_RFB, 2563 QCRYPTO_CIPHER_MODE_ECB, 2564 key, G_N_ELEMENTS(key), 2565 &err); 2566 if (!cipher) { 2567 trace_vnc_auth_fail(vs, vs->auth, "cannot create cipher", 2568 error_get_pretty(err)); 2569 error_free(err); 2570 goto reject; 2571 } 2572 2573 if (qcrypto_cipher_encrypt(cipher, 2574 vs->challenge, 2575 response, 2576 VNC_AUTH_CHALLENGE_SIZE, 2577 &err) < 0) { 2578 trace_vnc_auth_fail(vs, vs->auth, "cannot encrypt challenge response", 2579 error_get_pretty(err)); 2580 error_free(err); 2581 goto reject; 2582 } 2583 2584 /* Compare expected vs actual challenge response */ 2585 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) { 2586 trace_vnc_auth_fail(vs, vs->auth, "mis-matched challenge response", ""); 2587 goto reject; 2588 } else { 2589 trace_vnc_auth_pass(vs, vs->auth); 2590 vnc_write_u32(vs, 0); /* Accept auth */ 2591 vnc_flush(vs); 2592 2593 start_client_init(vs); 2594 } 2595 2596 qcrypto_cipher_free(cipher); 2597 return 0; 2598 2599 reject: 2600 vnc_write_u32(vs, 1); /* Reject auth */ 2601 if (vs->minor >= 8) { 2602 static const char err[] = "Authentication failed"; 2603 vnc_write_u32(vs, sizeof(err)); 2604 vnc_write(vs, err, sizeof(err)); 2605 } 2606 vnc_flush(vs); 2607 vnc_client_error(vs); 2608 qcrypto_cipher_free(cipher); 2609 return 0; 2610 } 2611 2612 void start_auth_vnc(VncState *vs) 2613 { 2614 make_challenge(vs); 2615 /* Send client a 'random' challenge */ 2616 vnc_write(vs, vs->challenge, sizeof(vs->challenge)); 2617 vnc_flush(vs); 2618 2619 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge)); 2620 } 2621 2622 2623 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len) 2624 { 2625 /* We only advertise 1 auth scheme at a time, so client 2626 * must pick the one we sent. Verify this */ 2627 if (data[0] != vs->auth) { /* Reject auth */ 2628 trace_vnc_auth_reject(vs, vs->auth, (int)data[0]); 2629 vnc_write_u32(vs, 1); 2630 if (vs->minor >= 8) { 2631 static const char err[] = "Authentication failed"; 2632 vnc_write_u32(vs, sizeof(err)); 2633 vnc_write(vs, err, sizeof(err)); 2634 } 2635 vnc_client_error(vs); 2636 } else { /* Accept requested auth */ 2637 trace_vnc_auth_start(vs, vs->auth); 2638 switch (vs->auth) { 2639 case VNC_AUTH_NONE: 2640 if (vs->minor >= 8) { 2641 vnc_write_u32(vs, 0); /* Accept auth completion */ 2642 vnc_flush(vs); 2643 } 2644 trace_vnc_auth_pass(vs, vs->auth); 2645 start_client_init(vs); 2646 break; 2647 2648 case VNC_AUTH_VNC: 2649 start_auth_vnc(vs); 2650 break; 2651 2652 case VNC_AUTH_VENCRYPT: 2653 start_auth_vencrypt(vs); 2654 break; 2655 2656 #ifdef CONFIG_VNC_SASL 2657 case VNC_AUTH_SASL: 2658 start_auth_sasl(vs); 2659 break; 2660 #endif /* CONFIG_VNC_SASL */ 2661 2662 default: /* Should not be possible, but just in case */ 2663 trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", ""); 2664 vnc_write_u8(vs, 1); 2665 if (vs->minor >= 8) { 2666 static const char err[] = "Authentication failed"; 2667 vnc_write_u32(vs, sizeof(err)); 2668 vnc_write(vs, err, sizeof(err)); 2669 } 2670 vnc_client_error(vs); 2671 } 2672 } 2673 return 0; 2674 } 2675 2676 static int protocol_version(VncState *vs, uint8_t *version, size_t len) 2677 { 2678 char local[13]; 2679 2680 memcpy(local, version, 12); 2681 local[12] = 0; 2682 2683 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) { 2684 VNC_DEBUG("Malformed protocol version %s\n", local); 2685 vnc_client_error(vs); 2686 return 0; 2687 } 2688 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor); 2689 if (vs->major != 3 || 2690 (vs->minor != 3 && 2691 vs->minor != 4 && 2692 vs->minor != 5 && 2693 vs->minor != 7 && 2694 vs->minor != 8)) { 2695 VNC_DEBUG("Unsupported client version\n"); 2696 vnc_write_u32(vs, VNC_AUTH_INVALID); 2697 vnc_flush(vs); 2698 vnc_client_error(vs); 2699 return 0; 2700 } 2701 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated 2702 * as equivalent to v3.3 by servers 2703 */ 2704 if (vs->minor == 4 || vs->minor == 5) 2705 vs->minor = 3; 2706 2707 if (vs->minor == 3) { 2708 trace_vnc_auth_start(vs, vs->auth); 2709 if (vs->auth == VNC_AUTH_NONE) { 2710 vnc_write_u32(vs, vs->auth); 2711 vnc_flush(vs); 2712 trace_vnc_auth_pass(vs, vs->auth); 2713 start_client_init(vs); 2714 } else if (vs->auth == VNC_AUTH_VNC) { 2715 VNC_DEBUG("Tell client VNC auth\n"); 2716 vnc_write_u32(vs, vs->auth); 2717 vnc_flush(vs); 2718 start_auth_vnc(vs); 2719 } else { 2720 trace_vnc_auth_fail(vs, vs->auth, 2721 "Unsupported auth method for v3.3", ""); 2722 vnc_write_u32(vs, VNC_AUTH_INVALID); 2723 vnc_flush(vs); 2724 vnc_client_error(vs); 2725 } 2726 } else { 2727 vnc_write_u8(vs, 1); /* num auth */ 2728 vnc_write_u8(vs, vs->auth); 2729 vnc_read_when(vs, protocol_client_auth, 1); 2730 vnc_flush(vs); 2731 } 2732 2733 return 0; 2734 } 2735 2736 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y) 2737 { 2738 struct VncSurface *vs = &vd->guest; 2739 2740 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT]; 2741 } 2742 2743 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h) 2744 { 2745 int i, j; 2746 2747 w = (x + w) / VNC_STAT_RECT; 2748 h = (y + h) / VNC_STAT_RECT; 2749 x /= VNC_STAT_RECT; 2750 y /= VNC_STAT_RECT; 2751 2752 for (j = y; j <= h; j++) { 2753 for (i = x; i <= w; i++) { 2754 vs->lossy_rect[j][i] = 1; 2755 } 2756 } 2757 } 2758 2759 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y) 2760 { 2761 VncState *vs; 2762 int sty = y / VNC_STAT_RECT; 2763 int stx = x / VNC_STAT_RECT; 2764 int has_dirty = 0; 2765 2766 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2767 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2768 2769 QTAILQ_FOREACH(vs, &vd->clients, next) { 2770 int j; 2771 2772 /* kernel send buffers are full -> refresh later */ 2773 if (vs->output.offset) { 2774 continue; 2775 } 2776 2777 if (!vs->lossy_rect[sty][stx]) { 2778 continue; 2779 } 2780 2781 vs->lossy_rect[sty][stx] = 0; 2782 for (j = 0; j < VNC_STAT_RECT; ++j) { 2783 bitmap_set(vs->dirty[y + j], 2784 x / VNC_DIRTY_PIXELS_PER_BIT, 2785 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT); 2786 } 2787 has_dirty++; 2788 } 2789 2790 return has_dirty; 2791 } 2792 2793 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv) 2794 { 2795 int width = MIN(pixman_image_get_width(vd->guest.fb), 2796 pixman_image_get_width(vd->server)); 2797 int height = MIN(pixman_image_get_height(vd->guest.fb), 2798 pixman_image_get_height(vd->server)); 2799 int x, y; 2800 struct timeval res; 2801 int has_dirty = 0; 2802 2803 for (y = 0; y < height; y += VNC_STAT_RECT) { 2804 for (x = 0; x < width; x += VNC_STAT_RECT) { 2805 VncRectStat *rect = vnc_stat_rect(vd, x, y); 2806 2807 rect->updated = false; 2808 } 2809 } 2810 2811 qemu_timersub(tv, &VNC_REFRESH_STATS, &res); 2812 2813 if (timercmp(&vd->guest.last_freq_check, &res, >)) { 2814 return has_dirty; 2815 } 2816 vd->guest.last_freq_check = *tv; 2817 2818 for (y = 0; y < height; y += VNC_STAT_RECT) { 2819 for (x = 0; x < width; x += VNC_STAT_RECT) { 2820 VncRectStat *rect= vnc_stat_rect(vd, x, y); 2821 int count = ARRAY_SIZE(rect->times); 2822 struct timeval min, max; 2823 2824 if (!timerisset(&rect->times[count - 1])) { 2825 continue ; 2826 } 2827 2828 max = rect->times[(rect->idx + count - 1) % count]; 2829 qemu_timersub(tv, &max, &res); 2830 2831 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) { 2832 rect->freq = 0; 2833 has_dirty += vnc_refresh_lossy_rect(vd, x, y); 2834 memset(rect->times, 0, sizeof (rect->times)); 2835 continue ; 2836 } 2837 2838 min = rect->times[rect->idx]; 2839 max = rect->times[(rect->idx + count - 1) % count]; 2840 qemu_timersub(&max, &min, &res); 2841 2842 rect->freq = res.tv_sec + res.tv_usec / 1000000.; 2843 rect->freq /= count; 2844 rect->freq = 1. / rect->freq; 2845 } 2846 } 2847 return has_dirty; 2848 } 2849 2850 double vnc_update_freq(VncState *vs, int x, int y, int w, int h) 2851 { 2852 int i, j; 2853 double total = 0; 2854 int num = 0; 2855 2856 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2857 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2858 2859 for (j = y; j <= y + h; j += VNC_STAT_RECT) { 2860 for (i = x; i <= x + w; i += VNC_STAT_RECT) { 2861 total += vnc_stat_rect(vs->vd, i, j)->freq; 2862 num++; 2863 } 2864 } 2865 2866 if (num) { 2867 return total / num; 2868 } else { 2869 return 0; 2870 } 2871 } 2872 2873 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv) 2874 { 2875 VncRectStat *rect; 2876 2877 rect = vnc_stat_rect(vd, x, y); 2878 if (rect->updated) { 2879 return ; 2880 } 2881 rect->times[rect->idx] = *tv; 2882 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times); 2883 rect->updated = true; 2884 } 2885 2886 static int vnc_refresh_server_surface(VncDisplay *vd) 2887 { 2888 int width = MIN(pixman_image_get_width(vd->guest.fb), 2889 pixman_image_get_width(vd->server)); 2890 int height = MIN(pixman_image_get_height(vd->guest.fb), 2891 pixman_image_get_height(vd->server)); 2892 int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0; 2893 uint8_t *guest_row0 = NULL, *server_row0; 2894 VncState *vs; 2895 int has_dirty = 0; 2896 pixman_image_t *tmpbuf = NULL; 2897 2898 struct timeval tv = { 0, 0 }; 2899 2900 if (!vd->non_adaptive) { 2901 gettimeofday(&tv, NULL); 2902 has_dirty = vnc_update_stats(vd, &tv); 2903 } 2904 2905 /* 2906 * Walk through the guest dirty map. 2907 * Check and copy modified bits from guest to server surface. 2908 * Update server dirty map. 2909 */ 2910 server_row0 = (uint8_t *)pixman_image_get_data(vd->server); 2911 server_stride = guest_stride = guest_ll = 2912 pixman_image_get_stride(vd->server); 2913 cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES, 2914 server_stride); 2915 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 2916 int width = pixman_image_get_width(vd->server); 2917 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width); 2918 } else { 2919 int guest_bpp = 2920 PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb)); 2921 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb); 2922 guest_stride = pixman_image_get_stride(vd->guest.fb); 2923 guest_ll = pixman_image_get_width(vd->guest.fb) * (DIV_ROUND_UP(guest_bpp, 8)); 2924 } 2925 line_bytes = MIN(server_stride, guest_ll); 2926 2927 for (;;) { 2928 int x; 2929 uint8_t *guest_ptr, *server_ptr; 2930 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty, 2931 height * VNC_DIRTY_BPL(&vd->guest), 2932 y * VNC_DIRTY_BPL(&vd->guest)); 2933 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) { 2934 /* no more dirty bits */ 2935 break; 2936 } 2937 y = offset / VNC_DIRTY_BPL(&vd->guest); 2938 x = offset % VNC_DIRTY_BPL(&vd->guest); 2939 2940 server_ptr = server_row0 + y * server_stride + x * cmp_bytes; 2941 2942 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 2943 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y); 2944 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf); 2945 } else { 2946 guest_ptr = guest_row0 + y * guest_stride; 2947 } 2948 guest_ptr += x * cmp_bytes; 2949 2950 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT); 2951 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) { 2952 int _cmp_bytes = cmp_bytes; 2953 if (!test_and_clear_bit(x, vd->guest.dirty[y])) { 2954 continue; 2955 } 2956 if ((x + 1) * cmp_bytes > line_bytes) { 2957 _cmp_bytes = line_bytes - x * cmp_bytes; 2958 } 2959 assert(_cmp_bytes >= 0); 2960 if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) { 2961 continue; 2962 } 2963 memcpy(server_ptr, guest_ptr, _cmp_bytes); 2964 if (!vd->non_adaptive) { 2965 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT, 2966 y, &tv); 2967 } 2968 QTAILQ_FOREACH(vs, &vd->clients, next) { 2969 set_bit(x, vs->dirty[y]); 2970 } 2971 has_dirty++; 2972 } 2973 2974 y++; 2975 } 2976 qemu_pixman_image_unref(tmpbuf); 2977 return has_dirty; 2978 } 2979 2980 static void vnc_refresh(DisplayChangeListener *dcl) 2981 { 2982 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 2983 VncState *vs, *vn; 2984 int has_dirty, rects = 0; 2985 2986 if (QTAILQ_EMPTY(&vd->clients)) { 2987 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX); 2988 return; 2989 } 2990 2991 graphic_hw_update(vd->dcl.con); 2992 2993 if (vnc_trylock_display(vd)) { 2994 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 2995 return; 2996 } 2997 2998 has_dirty = vnc_refresh_server_surface(vd); 2999 vnc_unlock_display(vd); 3000 3001 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) { 3002 rects += vnc_update_client(vs, has_dirty); 3003 /* vs might be free()ed here */ 3004 } 3005 3006 if (has_dirty && rects) { 3007 vd->dcl.update_interval /= 2; 3008 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) { 3009 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE; 3010 } 3011 } else { 3012 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC; 3013 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) { 3014 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX; 3015 } 3016 } 3017 } 3018 3019 static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc, 3020 bool skipauth, bool websocket) 3021 { 3022 VncState *vs = g_new0(VncState, 1); 3023 bool first_client = QTAILQ_EMPTY(&vd->clients); 3024 int i; 3025 3026 trace_vnc_client_connect(vs, sioc); 3027 vs->sioc = sioc; 3028 object_ref(OBJECT(vs->sioc)); 3029 vs->ioc = QIO_CHANNEL(sioc); 3030 object_ref(OBJECT(vs->ioc)); 3031 vs->vd = vd; 3032 3033 buffer_init(&vs->input, "vnc-input/%p", sioc); 3034 buffer_init(&vs->output, "vnc-output/%p", sioc); 3035 buffer_init(&vs->jobs_buffer, "vnc-jobs_buffer/%p", sioc); 3036 3037 buffer_init(&vs->tight.tight, "vnc-tight/%p", sioc); 3038 buffer_init(&vs->tight.zlib, "vnc-tight-zlib/%p", sioc); 3039 buffer_init(&vs->tight.gradient, "vnc-tight-gradient/%p", sioc); 3040 #ifdef CONFIG_VNC_JPEG 3041 buffer_init(&vs->tight.jpeg, "vnc-tight-jpeg/%p", sioc); 3042 #endif 3043 #ifdef CONFIG_VNC_PNG 3044 buffer_init(&vs->tight.png, "vnc-tight-png/%p", sioc); 3045 #endif 3046 buffer_init(&vs->zlib.zlib, "vnc-zlib/%p", sioc); 3047 buffer_init(&vs->zrle.zrle, "vnc-zrle/%p", sioc); 3048 buffer_init(&vs->zrle.fb, "vnc-zrle-fb/%p", sioc); 3049 buffer_init(&vs->zrle.zlib, "vnc-zrle-zlib/%p", sioc); 3050 3051 if (skipauth) { 3052 vs->auth = VNC_AUTH_NONE; 3053 vs->subauth = VNC_AUTH_INVALID; 3054 } else { 3055 if (websocket) { 3056 vs->auth = vd->ws_auth; 3057 vs->subauth = VNC_AUTH_INVALID; 3058 } else { 3059 vs->auth = vd->auth; 3060 vs->subauth = vd->subauth; 3061 } 3062 } 3063 VNC_DEBUG("Client sioc=%p ws=%d auth=%d subauth=%d\n", 3064 sioc, websocket, vs->auth, vs->subauth); 3065 3066 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect)); 3067 for (i = 0; i < VNC_STAT_ROWS; ++i) { 3068 vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS); 3069 } 3070 3071 VNC_DEBUG("New client on socket %p\n", vs->sioc); 3072 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3073 qio_channel_set_blocking(vs->ioc, false, NULL); 3074 if (vs->ioc_tag) { 3075 g_source_remove(vs->ioc_tag); 3076 } 3077 if (websocket) { 3078 vs->websocket = 1; 3079 if (vd->tlscreds) { 3080 vs->ioc_tag = qio_channel_add_watch( 3081 vs->ioc, G_IO_IN, vncws_tls_handshake_io, vs, NULL); 3082 } else { 3083 vs->ioc_tag = qio_channel_add_watch( 3084 vs->ioc, G_IO_IN, vncws_handshake_io, vs, NULL); 3085 } 3086 } else { 3087 vs->ioc_tag = qio_channel_add_watch( 3088 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 3089 } 3090 3091 vnc_client_cache_addr(vs); 3092 vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED); 3093 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING); 3094 3095 vs->last_x = -1; 3096 vs->last_y = -1; 3097 3098 vs->as.freq = 44100; 3099 vs->as.nchannels = 2; 3100 vs->as.fmt = AUD_FMT_S16; 3101 vs->as.endianness = 0; 3102 3103 qemu_mutex_init(&vs->output_mutex); 3104 vs->bh = qemu_bh_new(vnc_jobs_bh, vs); 3105 3106 QTAILQ_INSERT_TAIL(&vd->clients, vs, next); 3107 if (first_client) { 3108 vnc_update_server_surface(vd); 3109 } 3110 3111 graphic_hw_update(vd->dcl.con); 3112 3113 if (!vs->websocket) { 3114 vnc_start_protocol(vs); 3115 } 3116 3117 if (vd->num_connecting > vd->connections_limit) { 3118 QTAILQ_FOREACH(vs, &vd->clients, next) { 3119 if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) { 3120 vnc_disconnect_start(vs); 3121 return; 3122 } 3123 } 3124 } 3125 } 3126 3127 void vnc_start_protocol(VncState *vs) 3128 { 3129 vnc_write(vs, "RFB 003.008\n", 12); 3130 vnc_flush(vs); 3131 vnc_read_when(vs, protocol_version, 12); 3132 3133 vs->mouse_mode_notifier.notify = check_pointer_type_change; 3134 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 3135 } 3136 3137 static gboolean vnc_listen_io(QIOChannel *ioc, 3138 GIOCondition condition, 3139 void *opaque) 3140 { 3141 VncDisplay *vd = opaque; 3142 QIOChannelSocket *sioc = NULL; 3143 Error *err = NULL; 3144 bool isWebsock = false; 3145 size_t i; 3146 3147 for (i = 0; i < vd->nlwebsock; i++) { 3148 if (ioc == QIO_CHANNEL(vd->lwebsock[i])) { 3149 isWebsock = true; 3150 break; 3151 } 3152 } 3153 3154 sioc = qio_channel_socket_accept(QIO_CHANNEL_SOCKET(ioc), &err); 3155 if (sioc != NULL) { 3156 qio_channel_set_name(QIO_CHANNEL(sioc), 3157 isWebsock ? "vnc-ws-server" : "vnc-server"); 3158 qio_channel_set_delay(QIO_CHANNEL(sioc), false); 3159 vnc_connect(vd, sioc, false, isWebsock); 3160 object_unref(OBJECT(sioc)); 3161 } else { 3162 /* client probably closed connection before we got there */ 3163 error_free(err); 3164 } 3165 3166 return TRUE; 3167 } 3168 3169 static const DisplayChangeListenerOps dcl_ops = { 3170 .dpy_name = "vnc", 3171 .dpy_refresh = vnc_refresh, 3172 .dpy_gfx_update = vnc_dpy_update, 3173 .dpy_gfx_switch = vnc_dpy_switch, 3174 .dpy_gfx_check_format = qemu_pixman_check_format, 3175 .dpy_mouse_set = vnc_mouse_set, 3176 .dpy_cursor_define = vnc_dpy_cursor_define, 3177 }; 3178 3179 void vnc_display_init(const char *id) 3180 { 3181 VncDisplay *vd; 3182 3183 if (vnc_display_find(id) != NULL) { 3184 return; 3185 } 3186 vd = g_malloc0(sizeof(*vd)); 3187 3188 vd->id = strdup(id); 3189 QTAILQ_INSERT_TAIL(&vnc_displays, vd, next); 3190 3191 QTAILQ_INIT(&vd->clients); 3192 vd->expires = TIME_MAX; 3193 3194 if (keyboard_layout) { 3195 trace_vnc_key_map_init(keyboard_layout); 3196 vd->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout); 3197 } else { 3198 vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us"); 3199 } 3200 3201 if (!vd->kbd_layout) { 3202 exit(1); 3203 } 3204 3205 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3206 vd->connections_limit = 32; 3207 3208 qemu_mutex_init(&vd->mutex); 3209 vnc_start_worker_thread(); 3210 3211 vd->dcl.ops = &dcl_ops; 3212 register_displaychangelistener(&vd->dcl); 3213 } 3214 3215 3216 static void vnc_display_close(VncDisplay *vd) 3217 { 3218 size_t i; 3219 if (!vd) { 3220 return; 3221 } 3222 vd->is_unix = false; 3223 for (i = 0; i < vd->nlsock; i++) { 3224 if (vd->lsock_tag[i]) { 3225 g_source_remove(vd->lsock_tag[i]); 3226 } 3227 object_unref(OBJECT(vd->lsock[i])); 3228 } 3229 g_free(vd->lsock); 3230 g_free(vd->lsock_tag); 3231 vd->lsock = NULL; 3232 vd->lsock_tag = NULL; 3233 vd->nlsock = 0; 3234 3235 for (i = 0; i < vd->nlwebsock; i++) { 3236 if (vd->lwebsock_tag[i]) { 3237 g_source_remove(vd->lwebsock_tag[i]); 3238 } 3239 object_unref(OBJECT(vd->lwebsock[i])); 3240 } 3241 g_free(vd->lwebsock); 3242 g_free(vd->lwebsock_tag); 3243 vd->lwebsock = NULL; 3244 vd->lwebsock_tag = NULL; 3245 vd->nlwebsock = 0; 3246 3247 vd->auth = VNC_AUTH_INVALID; 3248 vd->subauth = VNC_AUTH_INVALID; 3249 if (vd->tlscreds) { 3250 object_unparent(OBJECT(vd->tlscreds)); 3251 vd->tlscreds = NULL; 3252 } 3253 g_free(vd->tlsaclname); 3254 vd->tlsaclname = NULL; 3255 if (vd->lock_key_sync) { 3256 qemu_remove_led_event_handler(vd->led); 3257 vd->led = NULL; 3258 } 3259 } 3260 3261 int vnc_display_password(const char *id, const char *password) 3262 { 3263 VncDisplay *vd = vnc_display_find(id); 3264 3265 if (!vd) { 3266 return -EINVAL; 3267 } 3268 if (vd->auth == VNC_AUTH_NONE) { 3269 error_printf_unless_qmp("If you want use passwords please enable " 3270 "password auth using '-vnc ${dpy},password'.\n"); 3271 return -EINVAL; 3272 } 3273 3274 g_free(vd->password); 3275 vd->password = g_strdup(password); 3276 3277 return 0; 3278 } 3279 3280 int vnc_display_pw_expire(const char *id, time_t expires) 3281 { 3282 VncDisplay *vd = vnc_display_find(id); 3283 3284 if (!vd) { 3285 return -EINVAL; 3286 } 3287 3288 vd->expires = expires; 3289 return 0; 3290 } 3291 3292 static void vnc_display_print_local_addr(VncDisplay *vd) 3293 { 3294 SocketAddress *addr; 3295 Error *err = NULL; 3296 3297 if (!vd->nlsock) { 3298 return; 3299 } 3300 3301 addr = qio_channel_socket_get_local_address(vd->lsock[0], &err); 3302 if (!addr) { 3303 return; 3304 } 3305 3306 if (addr->type != SOCKET_ADDRESS_TYPE_INET) { 3307 qapi_free_SocketAddress(addr); 3308 return; 3309 } 3310 error_printf_unless_qmp("VNC server running on %s:%s\n", 3311 addr->u.inet.host, 3312 addr->u.inet.port); 3313 qapi_free_SocketAddress(addr); 3314 } 3315 3316 static QemuOptsList qemu_vnc_opts = { 3317 .name = "vnc", 3318 .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head), 3319 .implied_opt_name = "vnc", 3320 .desc = { 3321 { 3322 .name = "vnc", 3323 .type = QEMU_OPT_STRING, 3324 },{ 3325 .name = "websocket", 3326 .type = QEMU_OPT_STRING, 3327 },{ 3328 .name = "tls-creds", 3329 .type = QEMU_OPT_STRING, 3330 },{ 3331 /* Deprecated in favour of tls-creds */ 3332 .name = "x509", 3333 .type = QEMU_OPT_STRING, 3334 },{ 3335 .name = "share", 3336 .type = QEMU_OPT_STRING, 3337 },{ 3338 .name = "display", 3339 .type = QEMU_OPT_STRING, 3340 },{ 3341 .name = "head", 3342 .type = QEMU_OPT_NUMBER, 3343 },{ 3344 .name = "connections", 3345 .type = QEMU_OPT_NUMBER, 3346 },{ 3347 .name = "to", 3348 .type = QEMU_OPT_NUMBER, 3349 },{ 3350 .name = "ipv4", 3351 .type = QEMU_OPT_BOOL, 3352 },{ 3353 .name = "ipv6", 3354 .type = QEMU_OPT_BOOL, 3355 },{ 3356 .name = "password", 3357 .type = QEMU_OPT_BOOL, 3358 },{ 3359 .name = "reverse", 3360 .type = QEMU_OPT_BOOL, 3361 },{ 3362 .name = "lock-key-sync", 3363 .type = QEMU_OPT_BOOL, 3364 },{ 3365 .name = "key-delay-ms", 3366 .type = QEMU_OPT_NUMBER, 3367 },{ 3368 .name = "sasl", 3369 .type = QEMU_OPT_BOOL, 3370 },{ 3371 /* Deprecated in favour of tls-creds */ 3372 .name = "tls", 3373 .type = QEMU_OPT_BOOL, 3374 },{ 3375 /* Deprecated in favour of tls-creds */ 3376 .name = "x509verify", 3377 .type = QEMU_OPT_STRING, 3378 },{ 3379 .name = "acl", 3380 .type = QEMU_OPT_BOOL, 3381 },{ 3382 .name = "lossy", 3383 .type = QEMU_OPT_BOOL, 3384 },{ 3385 .name = "non-adaptive", 3386 .type = QEMU_OPT_BOOL, 3387 }, 3388 { /* end of list */ } 3389 }, 3390 }; 3391 3392 3393 static int 3394 vnc_display_setup_auth(int *auth, 3395 int *subauth, 3396 QCryptoTLSCreds *tlscreds, 3397 bool password, 3398 bool sasl, 3399 bool websocket, 3400 Error **errp) 3401 { 3402 /* 3403 * We have a choice of 3 authentication options 3404 * 3405 * 1. none 3406 * 2. vnc 3407 * 3. sasl 3408 * 3409 * The channel can be run in 2 modes 3410 * 3411 * 1. clear 3412 * 2. tls 3413 * 3414 * And TLS can use 2 types of credentials 3415 * 3416 * 1. anon 3417 * 2. x509 3418 * 3419 * We thus have 9 possible logical combinations 3420 * 3421 * 1. clear + none 3422 * 2. clear + vnc 3423 * 3. clear + sasl 3424 * 4. tls + anon + none 3425 * 5. tls + anon + vnc 3426 * 6. tls + anon + sasl 3427 * 7. tls + x509 + none 3428 * 8. tls + x509 + vnc 3429 * 9. tls + x509 + sasl 3430 * 3431 * These need to be mapped into the VNC auth schemes 3432 * in an appropriate manner. In regular VNC, all the 3433 * TLS options get mapped into VNC_AUTH_VENCRYPT 3434 * sub-auth types. 3435 * 3436 * In websockets, the https:// protocol already provides 3437 * TLS support, so there is no need to make use of the 3438 * VeNCrypt extension. Furthermore, websockets browser 3439 * clients could not use VeNCrypt even if they wanted to, 3440 * as they cannot control when the TLS handshake takes 3441 * place. Thus there is no option but to rely on https://, 3442 * meaning combinations 4->6 and 7->9 will be mapped to 3443 * VNC auth schemes in the same way as combos 1->3. 3444 * 3445 * Regardless of fact that we have a different mapping to 3446 * VNC auth mechs for plain VNC vs websockets VNC, the end 3447 * result has the same security characteristics. 3448 */ 3449 if (websocket || !tlscreds) { 3450 if (password) { 3451 VNC_DEBUG("Initializing VNC server with password auth\n"); 3452 *auth = VNC_AUTH_VNC; 3453 } else if (sasl) { 3454 VNC_DEBUG("Initializing VNC server with SASL auth\n"); 3455 *auth = VNC_AUTH_SASL; 3456 } else { 3457 VNC_DEBUG("Initializing VNC server with no auth\n"); 3458 *auth = VNC_AUTH_NONE; 3459 } 3460 *subauth = VNC_AUTH_INVALID; 3461 } else { 3462 bool is_x509 = object_dynamic_cast(OBJECT(tlscreds), 3463 TYPE_QCRYPTO_TLS_CREDS_X509) != NULL; 3464 bool is_anon = object_dynamic_cast(OBJECT(tlscreds), 3465 TYPE_QCRYPTO_TLS_CREDS_ANON) != NULL; 3466 3467 if (!is_x509 && !is_anon) { 3468 error_setg(errp, 3469 "Unsupported TLS cred type %s", 3470 object_get_typename(OBJECT(tlscreds))); 3471 return -1; 3472 } 3473 *auth = VNC_AUTH_VENCRYPT; 3474 if (password) { 3475 if (is_x509) { 3476 VNC_DEBUG("Initializing VNC server with x509 password auth\n"); 3477 *subauth = VNC_AUTH_VENCRYPT_X509VNC; 3478 } else { 3479 VNC_DEBUG("Initializing VNC server with TLS password auth\n"); 3480 *subauth = VNC_AUTH_VENCRYPT_TLSVNC; 3481 } 3482 3483 } else if (sasl) { 3484 if (is_x509) { 3485 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n"); 3486 *subauth = VNC_AUTH_VENCRYPT_X509SASL; 3487 } else { 3488 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n"); 3489 *subauth = VNC_AUTH_VENCRYPT_TLSSASL; 3490 } 3491 } else { 3492 if (is_x509) { 3493 VNC_DEBUG("Initializing VNC server with x509 no auth\n"); 3494 *subauth = VNC_AUTH_VENCRYPT_X509NONE; 3495 } else { 3496 VNC_DEBUG("Initializing VNC server with TLS no auth\n"); 3497 *subauth = VNC_AUTH_VENCRYPT_TLSNONE; 3498 } 3499 } 3500 } 3501 return 0; 3502 } 3503 3504 3505 /* 3506 * Handle back compat with old CLI syntax by creating some 3507 * suitable QCryptoTLSCreds objects 3508 */ 3509 static QCryptoTLSCreds * 3510 vnc_display_create_creds(bool x509, 3511 bool x509verify, 3512 const char *dir, 3513 const char *id, 3514 Error **errp) 3515 { 3516 gchar *credsid = g_strdup_printf("tlsvnc%s", id); 3517 Object *parent = object_get_objects_root(); 3518 Object *creds; 3519 Error *err = NULL; 3520 3521 if (x509) { 3522 creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_X509, 3523 parent, 3524 credsid, 3525 &err, 3526 "endpoint", "server", 3527 "dir", dir, 3528 "verify-peer", x509verify ? "yes" : "no", 3529 NULL); 3530 } else { 3531 creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON, 3532 parent, 3533 credsid, 3534 &err, 3535 "endpoint", "server", 3536 NULL); 3537 } 3538 3539 g_free(credsid); 3540 3541 if (err) { 3542 error_propagate(errp, err); 3543 return NULL; 3544 } 3545 3546 return QCRYPTO_TLS_CREDS(creds); 3547 } 3548 3549 3550 static int vnc_display_get_address(const char *addrstr, 3551 bool websocket, 3552 bool reverse, 3553 int displaynum, 3554 int to, 3555 bool has_ipv4, 3556 bool has_ipv6, 3557 bool ipv4, 3558 bool ipv6, 3559 SocketAddress **retaddr, 3560 Error **errp) 3561 { 3562 int ret = -1; 3563 SocketAddress *addr = NULL; 3564 3565 addr = g_new0(SocketAddress, 1); 3566 3567 if (strncmp(addrstr, "unix:", 5) == 0) { 3568 addr->type = SOCKET_ADDRESS_TYPE_UNIX; 3569 addr->u.q_unix.path = g_strdup(addrstr + 5); 3570 3571 if (websocket) { 3572 error_setg(errp, "UNIX sockets not supported with websock"); 3573 goto cleanup; 3574 } 3575 3576 if (to) { 3577 error_setg(errp, "Port range not support with UNIX socket"); 3578 goto cleanup; 3579 } 3580 ret = 0; 3581 } else { 3582 const char *port; 3583 size_t hostlen; 3584 unsigned long long baseport = 0; 3585 InetSocketAddress *inet; 3586 3587 port = strrchr(addrstr, ':'); 3588 if (!port) { 3589 if (websocket) { 3590 hostlen = 0; 3591 port = addrstr; 3592 } else { 3593 error_setg(errp, "no vnc port specified"); 3594 goto cleanup; 3595 } 3596 } else { 3597 hostlen = port - addrstr; 3598 port++; 3599 if (*port == '\0') { 3600 error_setg(errp, "vnc port cannot be empty"); 3601 goto cleanup; 3602 } 3603 } 3604 3605 addr->type = SOCKET_ADDRESS_TYPE_INET; 3606 inet = &addr->u.inet; 3607 if (addrstr[0] == '[' && addrstr[hostlen - 1] == ']') { 3608 inet->host = g_strndup(addrstr + 1, hostlen - 2); 3609 } else { 3610 inet->host = g_strndup(addrstr, hostlen); 3611 } 3612 /* plain VNC port is just an offset, for websocket 3613 * port is absolute */ 3614 if (websocket) { 3615 if (g_str_equal(addrstr, "") || 3616 g_str_equal(addrstr, "on")) { 3617 if (displaynum == -1) { 3618 error_setg(errp, "explicit websocket port is required"); 3619 goto cleanup; 3620 } 3621 inet->port = g_strdup_printf( 3622 "%d", displaynum + 5700); 3623 if (to) { 3624 inet->has_to = true; 3625 inet->to = to + 5700; 3626 } 3627 } else { 3628 inet->port = g_strdup(port); 3629 } 3630 } else { 3631 int offset = reverse ? 0 : 5900; 3632 if (parse_uint_full(port, &baseport, 10) < 0) { 3633 error_setg(errp, "can't convert to a number: %s", port); 3634 goto cleanup; 3635 } 3636 if (baseport > 65535 || 3637 baseport + offset > 65535) { 3638 error_setg(errp, "port %s out of range", port); 3639 goto cleanup; 3640 } 3641 inet->port = g_strdup_printf( 3642 "%d", (int)baseport + offset); 3643 3644 if (to) { 3645 inet->has_to = true; 3646 inet->to = to + offset; 3647 } 3648 } 3649 3650 inet->ipv4 = ipv4; 3651 inet->has_ipv4 = has_ipv4; 3652 inet->ipv6 = ipv6; 3653 inet->has_ipv6 = has_ipv6; 3654 3655 ret = baseport; 3656 } 3657 3658 *retaddr = addr; 3659 3660 cleanup: 3661 if (ret < 0) { 3662 qapi_free_SocketAddress(addr); 3663 } 3664 return ret; 3665 } 3666 3667 static void vnc_free_addresses(SocketAddress ***retsaddr, 3668 size_t *retnsaddr) 3669 { 3670 size_t i; 3671 3672 for (i = 0; i < *retnsaddr; i++) { 3673 qapi_free_SocketAddress((*retsaddr)[i]); 3674 } 3675 g_free(*retsaddr); 3676 3677 *retsaddr = NULL; 3678 *retnsaddr = 0; 3679 } 3680 3681 static int vnc_display_get_addresses(QemuOpts *opts, 3682 bool reverse, 3683 SocketAddress ***retsaddr, 3684 size_t *retnsaddr, 3685 SocketAddress ***retwsaddr, 3686 size_t *retnwsaddr, 3687 Error **errp) 3688 { 3689 SocketAddress *saddr = NULL; 3690 SocketAddress *wsaddr = NULL; 3691 QemuOptsIter addriter; 3692 const char *addr; 3693 int to = qemu_opt_get_number(opts, "to", 0); 3694 bool has_ipv4 = qemu_opt_get(opts, "ipv4"); 3695 bool has_ipv6 = qemu_opt_get(opts, "ipv6"); 3696 bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false); 3697 bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false); 3698 int displaynum = -1; 3699 int ret = -1; 3700 3701 *retsaddr = NULL; 3702 *retnsaddr = 0; 3703 *retwsaddr = NULL; 3704 *retnwsaddr = 0; 3705 3706 addr = qemu_opt_get(opts, "vnc"); 3707 if (addr == NULL || g_str_equal(addr, "none")) { 3708 ret = 0; 3709 goto cleanup; 3710 } 3711 if (qemu_opt_get(opts, "websocket") && 3712 !qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) { 3713 error_setg(errp, 3714 "SHA1 hash support is required for websockets"); 3715 goto cleanup; 3716 } 3717 3718 qemu_opt_iter_init(&addriter, opts, "vnc"); 3719 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3720 int rv; 3721 rv = vnc_display_get_address(addr, false, reverse, 0, to, 3722 has_ipv4, has_ipv6, 3723 ipv4, ipv6, 3724 &saddr, errp); 3725 if (rv < 0) { 3726 goto cleanup; 3727 } 3728 /* Historical compat - first listen address can be used 3729 * to set the default websocket port 3730 */ 3731 if (displaynum == -1) { 3732 displaynum = rv; 3733 } 3734 *retsaddr = g_renew(SocketAddress *, *retsaddr, *retnsaddr + 1); 3735 (*retsaddr)[(*retnsaddr)++] = saddr; 3736 } 3737 3738 /* If we had multiple primary displays, we don't do defaults 3739 * for websocket, and require explicit config instead. */ 3740 if (*retnsaddr > 1) { 3741 displaynum = -1; 3742 } 3743 3744 qemu_opt_iter_init(&addriter, opts, "websocket"); 3745 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3746 if (vnc_display_get_address(addr, true, reverse, displaynum, to, 3747 has_ipv4, has_ipv6, 3748 ipv4, ipv6, 3749 &wsaddr, errp) < 0) { 3750 goto cleanup; 3751 } 3752 3753 /* Historical compat - if only a single listen address was 3754 * provided, then this is used to set the default listen 3755 * address for websocket too 3756 */ 3757 if (*retnsaddr == 1 && 3758 (*retsaddr)[0]->type == SOCKET_ADDRESS_TYPE_INET && 3759 wsaddr->type == SOCKET_ADDRESS_TYPE_INET && 3760 g_str_equal(wsaddr->u.inet.host, "") && 3761 !g_str_equal((*retsaddr)[0]->u.inet.host, "")) { 3762 g_free(wsaddr->u.inet.host); 3763 wsaddr->u.inet.host = g_strdup((*retsaddr)[0]->u.inet.host); 3764 } 3765 3766 *retwsaddr = g_renew(SocketAddress *, *retwsaddr, *retnwsaddr + 1); 3767 (*retwsaddr)[(*retnwsaddr)++] = wsaddr; 3768 } 3769 3770 ret = 0; 3771 cleanup: 3772 if (ret < 0) { 3773 vnc_free_addresses(retsaddr, retnsaddr); 3774 vnc_free_addresses(retwsaddr, retnwsaddr); 3775 } 3776 return ret; 3777 } 3778 3779 static int vnc_display_connect(VncDisplay *vd, 3780 SocketAddress **saddr, 3781 size_t nsaddr, 3782 SocketAddress **wsaddr, 3783 size_t nwsaddr, 3784 Error **errp) 3785 { 3786 /* connect to viewer */ 3787 QIOChannelSocket *sioc = NULL; 3788 if (nwsaddr != 0) { 3789 error_setg(errp, "Cannot use websockets in reverse mode"); 3790 return -1; 3791 } 3792 if (nsaddr != 1) { 3793 error_setg(errp, "Expected a single address in reverse mode"); 3794 return -1; 3795 } 3796 /* TODO SOCKET_ADDRESS_TYPE_FD when fd has AF_UNIX */ 3797 vd->is_unix = saddr[0]->type == SOCKET_ADDRESS_TYPE_UNIX; 3798 sioc = qio_channel_socket_new(); 3799 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse"); 3800 if (qio_channel_socket_connect_sync(sioc, saddr[0], errp) < 0) { 3801 return -1; 3802 } 3803 vnc_connect(vd, sioc, false, false); 3804 object_unref(OBJECT(sioc)); 3805 return 0; 3806 } 3807 3808 3809 static int vnc_display_listen_addr(VncDisplay *vd, 3810 SocketAddress *addr, 3811 const char *name, 3812 QIOChannelSocket ***lsock, 3813 guint **lsock_tag, 3814 size_t *nlsock, 3815 Error **errp) 3816 { 3817 QIODNSResolver *resolver = qio_dns_resolver_get_instance(); 3818 SocketAddress **rawaddrs = NULL; 3819 size_t nrawaddrs = 0; 3820 Error *listenerr = NULL; 3821 bool listening = false; 3822 size_t i; 3823 3824 if (qio_dns_resolver_lookup_sync(resolver, addr, &nrawaddrs, 3825 &rawaddrs, errp) < 0) { 3826 return -1; 3827 } 3828 3829 for (i = 0; i < nrawaddrs; i++) { 3830 QIOChannelSocket *sioc = qio_channel_socket_new(); 3831 3832 qio_channel_set_name(QIO_CHANNEL(sioc), name); 3833 if (qio_channel_socket_listen_sync( 3834 sioc, rawaddrs[i], listenerr == NULL ? &listenerr : NULL) < 0) { 3835 object_unref(OBJECT(sioc)); 3836 continue; 3837 } 3838 listening = true; 3839 (*nlsock)++; 3840 *lsock = g_renew(QIOChannelSocket *, *lsock, *nlsock); 3841 *lsock_tag = g_renew(guint, *lsock_tag, *nlsock); 3842 3843 (*lsock)[*nlsock - 1] = sioc; 3844 (*lsock_tag)[*nlsock - 1] = 0; 3845 } 3846 3847 for (i = 0; i < nrawaddrs; i++) { 3848 qapi_free_SocketAddress(rawaddrs[i]); 3849 } 3850 g_free(rawaddrs); 3851 3852 if (listenerr) { 3853 if (!listening) { 3854 error_propagate(errp, listenerr); 3855 return -1; 3856 } else { 3857 error_free(listenerr); 3858 } 3859 } 3860 3861 for (i = 0; i < *nlsock; i++) { 3862 (*lsock_tag)[i] = qio_channel_add_watch( 3863 QIO_CHANNEL((*lsock)[i]), 3864 G_IO_IN, vnc_listen_io, vd, NULL); 3865 } 3866 3867 return 0; 3868 } 3869 3870 3871 static int vnc_display_listen(VncDisplay *vd, 3872 SocketAddress **saddr, 3873 size_t nsaddr, 3874 SocketAddress **wsaddr, 3875 size_t nwsaddr, 3876 Error **errp) 3877 { 3878 size_t i; 3879 3880 for (i = 0; i < nsaddr; i++) { 3881 if (vnc_display_listen_addr(vd, saddr[i], 3882 "vnc-listen", 3883 &vd->lsock, 3884 &vd->lsock_tag, 3885 &vd->nlsock, 3886 errp) < 0) { 3887 return -1; 3888 } 3889 } 3890 for (i = 0; i < nwsaddr; i++) { 3891 if (vnc_display_listen_addr(vd, wsaddr[i], 3892 "vnc-ws-listen", 3893 &vd->lwebsock, 3894 &vd->lwebsock_tag, 3895 &vd->nlwebsock, 3896 errp) < 0) { 3897 return -1; 3898 } 3899 } 3900 3901 return 0; 3902 } 3903 3904 3905 void vnc_display_open(const char *id, Error **errp) 3906 { 3907 VncDisplay *vd = vnc_display_find(id); 3908 QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id); 3909 SocketAddress **saddr = NULL, **wsaddr = NULL; 3910 size_t nsaddr, nwsaddr; 3911 const char *share, *device_id; 3912 QemuConsole *con; 3913 bool password = false; 3914 bool reverse = false; 3915 const char *credid; 3916 bool sasl = false; 3917 #ifdef CONFIG_VNC_SASL 3918 int saslErr; 3919 #endif 3920 int acl = 0; 3921 int lock_key_sync = 1; 3922 int key_delay_ms; 3923 3924 if (!vd) { 3925 error_setg(errp, "VNC display not active"); 3926 return; 3927 } 3928 vnc_display_close(vd); 3929 3930 if (!opts) { 3931 return; 3932 } 3933 3934 reverse = qemu_opt_get_bool(opts, "reverse", false); 3935 if (vnc_display_get_addresses(opts, reverse, &saddr, &nsaddr, 3936 &wsaddr, &nwsaddr, errp) < 0) { 3937 goto fail; 3938 } 3939 3940 password = qemu_opt_get_bool(opts, "password", false); 3941 if (password) { 3942 if (fips_get_state()) { 3943 error_setg(errp, 3944 "VNC password auth disabled due to FIPS mode, " 3945 "consider using the VeNCrypt or SASL authentication " 3946 "methods as an alternative"); 3947 goto fail; 3948 } 3949 if (!qcrypto_cipher_supports( 3950 QCRYPTO_CIPHER_ALG_DES_RFB, QCRYPTO_CIPHER_MODE_ECB)) { 3951 error_setg(errp, 3952 "Cipher backend does not support DES RFB algorithm"); 3953 goto fail; 3954 } 3955 } 3956 3957 lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true); 3958 key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10); 3959 sasl = qemu_opt_get_bool(opts, "sasl", false); 3960 #ifndef CONFIG_VNC_SASL 3961 if (sasl) { 3962 error_setg(errp, "VNC SASL auth requires cyrus-sasl support"); 3963 goto fail; 3964 } 3965 #endif /* CONFIG_VNC_SASL */ 3966 credid = qemu_opt_get(opts, "tls-creds"); 3967 if (credid) { 3968 Object *creds; 3969 if (qemu_opt_get(opts, "tls") || 3970 qemu_opt_get(opts, "x509") || 3971 qemu_opt_get(opts, "x509verify")) { 3972 error_setg(errp, 3973 "'tls-creds' parameter is mutually exclusive with " 3974 "'tls', 'x509' and 'x509verify' parameters"); 3975 goto fail; 3976 } 3977 3978 creds = object_resolve_path_component( 3979 object_get_objects_root(), credid); 3980 if (!creds) { 3981 error_setg(errp, "No TLS credentials with id '%s'", 3982 credid); 3983 goto fail; 3984 } 3985 vd->tlscreds = (QCryptoTLSCreds *) 3986 object_dynamic_cast(creds, 3987 TYPE_QCRYPTO_TLS_CREDS); 3988 if (!vd->tlscreds) { 3989 error_setg(errp, "Object with id '%s' is not TLS credentials", 3990 credid); 3991 goto fail; 3992 } 3993 object_ref(OBJECT(vd->tlscreds)); 3994 3995 if (vd->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 3996 error_setg(errp, 3997 "Expecting TLS credentials with a server endpoint"); 3998 goto fail; 3999 } 4000 } else { 4001 const char *path; 4002 bool tls = false, x509 = false, x509verify = false; 4003 tls = qemu_opt_get_bool(opts, "tls", false); 4004 if (tls) { 4005 path = qemu_opt_get(opts, "x509"); 4006 4007 if (path) { 4008 x509 = true; 4009 } else { 4010 path = qemu_opt_get(opts, "x509verify"); 4011 if (path) { 4012 x509 = true; 4013 x509verify = true; 4014 } 4015 } 4016 vd->tlscreds = vnc_display_create_creds(x509, 4017 x509verify, 4018 path, 4019 vd->id, 4020 errp); 4021 if (!vd->tlscreds) { 4022 goto fail; 4023 } 4024 } 4025 } 4026 acl = qemu_opt_get_bool(opts, "acl", false); 4027 4028 share = qemu_opt_get(opts, "share"); 4029 if (share) { 4030 if (strcmp(share, "ignore") == 0) { 4031 vd->share_policy = VNC_SHARE_POLICY_IGNORE; 4032 } else if (strcmp(share, "allow-exclusive") == 0) { 4033 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 4034 } else if (strcmp(share, "force-shared") == 0) { 4035 vd->share_policy = VNC_SHARE_POLICY_FORCE_SHARED; 4036 } else { 4037 error_setg(errp, "unknown vnc share= option"); 4038 goto fail; 4039 } 4040 } else { 4041 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 4042 } 4043 vd->connections_limit = qemu_opt_get_number(opts, "connections", 32); 4044 4045 #ifdef CONFIG_VNC_JPEG 4046 vd->lossy = qemu_opt_get_bool(opts, "lossy", false); 4047 #endif 4048 vd->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false); 4049 /* adaptive updates are only used with tight encoding and 4050 * if lossy updates are enabled so we can disable all the 4051 * calculations otherwise */ 4052 if (!vd->lossy) { 4053 vd->non_adaptive = true; 4054 } 4055 4056 if (acl) { 4057 if (strcmp(vd->id, "default") == 0) { 4058 vd->tlsaclname = g_strdup("vnc.x509dname"); 4059 } else { 4060 vd->tlsaclname = g_strdup_printf("vnc.%s.x509dname", vd->id); 4061 } 4062 qemu_acl_init(vd->tlsaclname); 4063 } 4064 #ifdef CONFIG_VNC_SASL 4065 if (acl && sasl) { 4066 char *aclname; 4067 4068 if (strcmp(vd->id, "default") == 0) { 4069 aclname = g_strdup("vnc.username"); 4070 } else { 4071 aclname = g_strdup_printf("vnc.%s.username", vd->id); 4072 } 4073 vd->sasl.acl = qemu_acl_init(aclname); 4074 g_free(aclname); 4075 } 4076 #endif 4077 4078 if (vnc_display_setup_auth(&vd->auth, &vd->subauth, 4079 vd->tlscreds, password, 4080 sasl, false, errp) < 0) { 4081 goto fail; 4082 } 4083 trace_vnc_auth_init(vd, 0, vd->auth, vd->subauth); 4084 4085 if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth, 4086 vd->tlscreds, password, 4087 sasl, true, errp) < 0) { 4088 goto fail; 4089 } 4090 trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth); 4091 4092 #ifdef CONFIG_VNC_SASL 4093 if ((saslErr = sasl_server_init(NULL, "qemu")) != SASL_OK) { 4094 error_setg(errp, "Failed to initialize SASL auth: %s", 4095 sasl_errstring(saslErr, NULL, NULL)); 4096 goto fail; 4097 } 4098 #endif 4099 vd->lock_key_sync = lock_key_sync; 4100 if (lock_key_sync) { 4101 vd->led = qemu_add_led_event_handler(kbd_leds, vd); 4102 } 4103 vd->ledstate = 0; 4104 vd->key_delay_ms = key_delay_ms; 4105 4106 device_id = qemu_opt_get(opts, "display"); 4107 if (device_id) { 4108 int head = qemu_opt_get_number(opts, "head", 0); 4109 Error *err = NULL; 4110 4111 con = qemu_console_lookup_by_device_name(device_id, head, &err); 4112 if (err) { 4113 error_propagate(errp, err); 4114 goto fail; 4115 } 4116 } else { 4117 con = NULL; 4118 } 4119 4120 if (con != vd->dcl.con) { 4121 unregister_displaychangelistener(&vd->dcl); 4122 vd->dcl.con = con; 4123 register_displaychangelistener(&vd->dcl); 4124 } 4125 4126 if (saddr == NULL) { 4127 goto cleanup; 4128 } 4129 4130 if (reverse) { 4131 if (vnc_display_connect(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4132 goto fail; 4133 } 4134 } else { 4135 if (vnc_display_listen(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4136 goto fail; 4137 } 4138 } 4139 4140 if (qemu_opt_get(opts, "to")) { 4141 vnc_display_print_local_addr(vd); 4142 } 4143 4144 cleanup: 4145 vnc_free_addresses(&saddr, &nsaddr); 4146 vnc_free_addresses(&wsaddr, &nwsaddr); 4147 return; 4148 4149 fail: 4150 vnc_display_close(vd); 4151 goto cleanup; 4152 } 4153 4154 void vnc_display_add_client(const char *id, int csock, bool skipauth) 4155 { 4156 VncDisplay *vd = vnc_display_find(id); 4157 QIOChannelSocket *sioc; 4158 4159 if (!vd) { 4160 return; 4161 } 4162 4163 sioc = qio_channel_socket_new_fd(csock, NULL); 4164 if (sioc) { 4165 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-server"); 4166 vnc_connect(vd, sioc, skipauth, false); 4167 object_unref(OBJECT(sioc)); 4168 } 4169 } 4170 4171 static void vnc_auto_assign_id(QemuOptsList *olist, QemuOpts *opts) 4172 { 4173 int i = 2; 4174 char *id; 4175 4176 id = g_strdup("default"); 4177 while (qemu_opts_find(olist, id)) { 4178 g_free(id); 4179 id = g_strdup_printf("vnc%d", i++); 4180 } 4181 qemu_opts_set_id(opts, id); 4182 } 4183 4184 QemuOpts *vnc_parse(const char *str, Error **errp) 4185 { 4186 QemuOptsList *olist = qemu_find_opts("vnc"); 4187 QemuOpts *opts = qemu_opts_parse(olist, str, true, errp); 4188 const char *id; 4189 4190 if (!opts) { 4191 return NULL; 4192 } 4193 4194 id = qemu_opts_id(opts); 4195 if (!id) { 4196 /* auto-assign id if not present */ 4197 vnc_auto_assign_id(olist, opts); 4198 } 4199 return opts; 4200 } 4201 4202 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp) 4203 { 4204 Error *local_err = NULL; 4205 char *id = (char *)qemu_opts_id(opts); 4206 4207 assert(id); 4208 vnc_display_init(id); 4209 vnc_display_open(id, &local_err); 4210 if (local_err != NULL) { 4211 error_reportf_err(local_err, "Failed to start VNC server: "); 4212 exit(1); 4213 } 4214 return 0; 4215 } 4216 4217 static void vnc_register_config(void) 4218 { 4219 qemu_add_opts(&qemu_vnc_opts); 4220 } 4221 opts_init(vnc_register_config); 4222