1 /* 2 * QEMU VNC display driver 3 * 4 * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws> 5 * Copyright (C) 2006 Fabrice Bellard 6 * Copyright (C) 2009 Red Hat, Inc 7 * 8 * Permission is hereby granted, free of charge, to any person obtaining a copy 9 * of this software and associated documentation files (the "Software"), to deal 10 * in the Software without restriction, including without limitation the rights 11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 * copies of the Software, and to permit persons to whom the Software is 13 * furnished to do so, subject to the following conditions: 14 * 15 * The above copyright notice and this permission notice shall be included in 16 * all copies or substantial portions of the Software. 17 * 18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 24 * THE SOFTWARE. 25 */ 26 27 #include "qemu/osdep.h" 28 #include "vnc.h" 29 #include "vnc-jobs.h" 30 #include "trace.h" 31 #include "sysemu/sysemu.h" 32 #include "qemu/error-report.h" 33 #include "qemu/sockets.h" 34 #include "qemu/timer.h" 35 #include "qemu/acl.h" 36 #include "qemu/config-file.h" 37 #include "qapi/qmp/qerror.h" 38 #include "qapi/qmp/types.h" 39 #include "qmp-commands.h" 40 #include "ui/input.h" 41 #include "qapi-event.h" 42 #include "crypto/hash.h" 43 #include "crypto/tlscredsanon.h" 44 #include "crypto/tlscredsx509.h" 45 #include "qom/object_interfaces.h" 46 #include "qemu/cutils.h" 47 #include "io/dns-resolver.h" 48 49 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT 50 #define VNC_REFRESH_INTERVAL_INC 50 51 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE 52 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 }; 53 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 }; 54 55 #include "vnc_keysym.h" 56 #include "crypto/cipher.h" 57 58 static QTAILQ_HEAD(, VncDisplay) vnc_displays = 59 QTAILQ_HEAD_INITIALIZER(vnc_displays); 60 61 static int vnc_cursor_define(VncState *vs); 62 static void vnc_release_modifiers(VncState *vs); 63 static void vnc_update_throttle_offset(VncState *vs); 64 65 static void vnc_set_share_mode(VncState *vs, VncShareMode mode) 66 { 67 #ifdef _VNC_DEBUG 68 static const char *mn[] = { 69 [0] = "undefined", 70 [VNC_SHARE_MODE_CONNECTING] = "connecting", 71 [VNC_SHARE_MODE_SHARED] = "shared", 72 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive", 73 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected", 74 }; 75 fprintf(stderr, "%s/%p: %s -> %s\n", __func__, 76 vs->ioc, mn[vs->share_mode], mn[mode]); 77 #endif 78 79 switch (vs->share_mode) { 80 case VNC_SHARE_MODE_CONNECTING: 81 vs->vd->num_connecting--; 82 break; 83 case VNC_SHARE_MODE_SHARED: 84 vs->vd->num_shared--; 85 break; 86 case VNC_SHARE_MODE_EXCLUSIVE: 87 vs->vd->num_exclusive--; 88 break; 89 default: 90 break; 91 } 92 93 vs->share_mode = mode; 94 95 switch (vs->share_mode) { 96 case VNC_SHARE_MODE_CONNECTING: 97 vs->vd->num_connecting++; 98 break; 99 case VNC_SHARE_MODE_SHARED: 100 vs->vd->num_shared++; 101 break; 102 case VNC_SHARE_MODE_EXCLUSIVE: 103 vs->vd->num_exclusive++; 104 break; 105 default: 106 break; 107 } 108 } 109 110 111 static void vnc_init_basic_info(SocketAddress *addr, 112 VncBasicInfo *info, 113 Error **errp) 114 { 115 switch (addr->type) { 116 case SOCKET_ADDRESS_TYPE_INET: 117 info->host = g_strdup(addr->u.inet.host); 118 info->service = g_strdup(addr->u.inet.port); 119 if (addr->u.inet.ipv6) { 120 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 121 } else { 122 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 123 } 124 break; 125 126 case SOCKET_ADDRESS_TYPE_UNIX: 127 info->host = g_strdup(""); 128 info->service = g_strdup(addr->u.q_unix.path); 129 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 130 break; 131 132 case SOCKET_ADDRESS_TYPE_VSOCK: 133 case SOCKET_ADDRESS_TYPE_FD: 134 error_setg(errp, "Unsupported socket address type %s", 135 SocketAddressType_str(addr->type)); 136 break; 137 default: 138 abort(); 139 } 140 141 return; 142 } 143 144 static void vnc_init_basic_info_from_server_addr(QIOChannelSocket *ioc, 145 VncBasicInfo *info, 146 Error **errp) 147 { 148 SocketAddress *addr = NULL; 149 150 if (!ioc) { 151 error_setg(errp, "No listener socket available"); 152 return; 153 } 154 155 addr = qio_channel_socket_get_local_address(ioc, errp); 156 if (!addr) { 157 return; 158 } 159 160 vnc_init_basic_info(addr, info, errp); 161 qapi_free_SocketAddress(addr); 162 } 163 164 static void vnc_init_basic_info_from_remote_addr(QIOChannelSocket *ioc, 165 VncBasicInfo *info, 166 Error **errp) 167 { 168 SocketAddress *addr = NULL; 169 170 addr = qio_channel_socket_get_remote_address(ioc, errp); 171 if (!addr) { 172 return; 173 } 174 175 vnc_init_basic_info(addr, info, errp); 176 qapi_free_SocketAddress(addr); 177 } 178 179 static const char *vnc_auth_name(VncDisplay *vd) { 180 switch (vd->auth) { 181 case VNC_AUTH_INVALID: 182 return "invalid"; 183 case VNC_AUTH_NONE: 184 return "none"; 185 case VNC_AUTH_VNC: 186 return "vnc"; 187 case VNC_AUTH_RA2: 188 return "ra2"; 189 case VNC_AUTH_RA2NE: 190 return "ra2ne"; 191 case VNC_AUTH_TIGHT: 192 return "tight"; 193 case VNC_AUTH_ULTRA: 194 return "ultra"; 195 case VNC_AUTH_TLS: 196 return "tls"; 197 case VNC_AUTH_VENCRYPT: 198 switch (vd->subauth) { 199 case VNC_AUTH_VENCRYPT_PLAIN: 200 return "vencrypt+plain"; 201 case VNC_AUTH_VENCRYPT_TLSNONE: 202 return "vencrypt+tls+none"; 203 case VNC_AUTH_VENCRYPT_TLSVNC: 204 return "vencrypt+tls+vnc"; 205 case VNC_AUTH_VENCRYPT_TLSPLAIN: 206 return "vencrypt+tls+plain"; 207 case VNC_AUTH_VENCRYPT_X509NONE: 208 return "vencrypt+x509+none"; 209 case VNC_AUTH_VENCRYPT_X509VNC: 210 return "vencrypt+x509+vnc"; 211 case VNC_AUTH_VENCRYPT_X509PLAIN: 212 return "vencrypt+x509+plain"; 213 case VNC_AUTH_VENCRYPT_TLSSASL: 214 return "vencrypt+tls+sasl"; 215 case VNC_AUTH_VENCRYPT_X509SASL: 216 return "vencrypt+x509+sasl"; 217 default: 218 return "vencrypt"; 219 } 220 case VNC_AUTH_SASL: 221 return "sasl"; 222 } 223 return "unknown"; 224 } 225 226 static VncServerInfo *vnc_server_info_get(VncDisplay *vd) 227 { 228 VncServerInfo *info; 229 Error *err = NULL; 230 231 if (!vd->nlsock) { 232 return NULL; 233 } 234 235 info = g_malloc0(sizeof(*info)); 236 vnc_init_basic_info_from_server_addr(vd->lsock[0], 237 qapi_VncServerInfo_base(info), &err); 238 info->has_auth = true; 239 info->auth = g_strdup(vnc_auth_name(vd)); 240 if (err) { 241 qapi_free_VncServerInfo(info); 242 info = NULL; 243 error_free(err); 244 } 245 return info; 246 } 247 248 static void vnc_client_cache_auth(VncState *client) 249 { 250 if (!client->info) { 251 return; 252 } 253 254 if (client->tls) { 255 client->info->x509_dname = 256 qcrypto_tls_session_get_peer_name(client->tls); 257 client->info->has_x509_dname = 258 client->info->x509_dname != NULL; 259 } 260 #ifdef CONFIG_VNC_SASL 261 if (client->sasl.conn && 262 client->sasl.username) { 263 client->info->has_sasl_username = true; 264 client->info->sasl_username = g_strdup(client->sasl.username); 265 } 266 #endif 267 } 268 269 static void vnc_client_cache_addr(VncState *client) 270 { 271 Error *err = NULL; 272 273 client->info = g_malloc0(sizeof(*client->info)); 274 vnc_init_basic_info_from_remote_addr(client->sioc, 275 qapi_VncClientInfo_base(client->info), 276 &err); 277 if (err) { 278 qapi_free_VncClientInfo(client->info); 279 client->info = NULL; 280 error_free(err); 281 } 282 } 283 284 static void vnc_qmp_event(VncState *vs, QAPIEvent event) 285 { 286 VncServerInfo *si; 287 288 if (!vs->info) { 289 return; 290 } 291 292 si = vnc_server_info_get(vs->vd); 293 if (!si) { 294 return; 295 } 296 297 switch (event) { 298 case QAPI_EVENT_VNC_CONNECTED: 299 qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info), 300 &error_abort); 301 break; 302 case QAPI_EVENT_VNC_INITIALIZED: 303 qapi_event_send_vnc_initialized(si, vs->info, &error_abort); 304 break; 305 case QAPI_EVENT_VNC_DISCONNECTED: 306 qapi_event_send_vnc_disconnected(si, vs->info, &error_abort); 307 break; 308 default: 309 break; 310 } 311 312 qapi_free_VncServerInfo(si); 313 } 314 315 static VncClientInfo *qmp_query_vnc_client(const VncState *client) 316 { 317 VncClientInfo *info; 318 Error *err = NULL; 319 320 info = g_malloc0(sizeof(*info)); 321 322 vnc_init_basic_info_from_remote_addr(client->sioc, 323 qapi_VncClientInfo_base(info), 324 &err); 325 if (err) { 326 error_free(err); 327 qapi_free_VncClientInfo(info); 328 return NULL; 329 } 330 331 info->websocket = client->websocket; 332 333 if (client->tls) { 334 info->x509_dname = qcrypto_tls_session_get_peer_name(client->tls); 335 info->has_x509_dname = info->x509_dname != NULL; 336 } 337 #ifdef CONFIG_VNC_SASL 338 if (client->sasl.conn && client->sasl.username) { 339 info->has_sasl_username = true; 340 info->sasl_username = g_strdup(client->sasl.username); 341 } 342 #endif 343 344 return info; 345 } 346 347 static VncDisplay *vnc_display_find(const char *id) 348 { 349 VncDisplay *vd; 350 351 if (id == NULL) { 352 return QTAILQ_FIRST(&vnc_displays); 353 } 354 QTAILQ_FOREACH(vd, &vnc_displays, next) { 355 if (strcmp(id, vd->id) == 0) { 356 return vd; 357 } 358 } 359 return NULL; 360 } 361 362 static VncClientInfoList *qmp_query_client_list(VncDisplay *vd) 363 { 364 VncClientInfoList *cinfo, *prev = NULL; 365 VncState *client; 366 367 QTAILQ_FOREACH(client, &vd->clients, next) { 368 cinfo = g_new0(VncClientInfoList, 1); 369 cinfo->value = qmp_query_vnc_client(client); 370 cinfo->next = prev; 371 prev = cinfo; 372 } 373 return prev; 374 } 375 376 VncInfo *qmp_query_vnc(Error **errp) 377 { 378 VncInfo *info = g_malloc0(sizeof(*info)); 379 VncDisplay *vd = vnc_display_find(NULL); 380 SocketAddress *addr = NULL; 381 382 if (vd == NULL || !vd->nlsock) { 383 info->enabled = false; 384 } else { 385 info->enabled = true; 386 387 /* for compatibility with the original command */ 388 info->has_clients = true; 389 info->clients = qmp_query_client_list(vd); 390 391 if (vd->lsock == NULL) { 392 return info; 393 } 394 395 addr = qio_channel_socket_get_local_address(vd->lsock[0], errp); 396 if (!addr) { 397 goto out_error; 398 } 399 400 switch (addr->type) { 401 case SOCKET_ADDRESS_TYPE_INET: 402 info->host = g_strdup(addr->u.inet.host); 403 info->service = g_strdup(addr->u.inet.port); 404 if (addr->u.inet.ipv6) { 405 info->family = NETWORK_ADDRESS_FAMILY_IPV6; 406 } else { 407 info->family = NETWORK_ADDRESS_FAMILY_IPV4; 408 } 409 break; 410 411 case SOCKET_ADDRESS_TYPE_UNIX: 412 info->host = g_strdup(""); 413 info->service = g_strdup(addr->u.q_unix.path); 414 info->family = NETWORK_ADDRESS_FAMILY_UNIX; 415 break; 416 417 case SOCKET_ADDRESS_TYPE_VSOCK: 418 case SOCKET_ADDRESS_TYPE_FD: 419 error_setg(errp, "Unsupported socket address type %s", 420 SocketAddressType_str(addr->type)); 421 goto out_error; 422 default: 423 abort(); 424 } 425 426 info->has_host = true; 427 info->has_service = true; 428 info->has_family = true; 429 430 info->has_auth = true; 431 info->auth = g_strdup(vnc_auth_name(vd)); 432 } 433 434 qapi_free_SocketAddress(addr); 435 return info; 436 437 out_error: 438 qapi_free_SocketAddress(addr); 439 qapi_free_VncInfo(info); 440 return NULL; 441 } 442 443 444 static void qmp_query_auth(int auth, int subauth, 445 VncPrimaryAuth *qmp_auth, 446 VncVencryptSubAuth *qmp_vencrypt, 447 bool *qmp_has_vencrypt); 448 449 static VncServerInfo2List *qmp_query_server_entry(QIOChannelSocket *ioc, 450 bool websocket, 451 int auth, 452 int subauth, 453 VncServerInfo2List *prev) 454 { 455 VncServerInfo2List *list; 456 VncServerInfo2 *info; 457 Error *err = NULL; 458 SocketAddress *addr; 459 460 addr = qio_channel_socket_get_local_address(ioc, &err); 461 if (!addr) { 462 error_free(err); 463 return prev; 464 } 465 466 info = g_new0(VncServerInfo2, 1); 467 vnc_init_basic_info(addr, qapi_VncServerInfo2_base(info), &err); 468 qapi_free_SocketAddress(addr); 469 if (err) { 470 qapi_free_VncServerInfo2(info); 471 error_free(err); 472 return prev; 473 } 474 info->websocket = websocket; 475 476 qmp_query_auth(auth, subauth, &info->auth, 477 &info->vencrypt, &info->has_vencrypt); 478 479 list = g_new0(VncServerInfo2List, 1); 480 list->value = info; 481 list->next = prev; 482 return list; 483 } 484 485 static void qmp_query_auth(int auth, int subauth, 486 VncPrimaryAuth *qmp_auth, 487 VncVencryptSubAuth *qmp_vencrypt, 488 bool *qmp_has_vencrypt) 489 { 490 switch (auth) { 491 case VNC_AUTH_VNC: 492 *qmp_auth = VNC_PRIMARY_AUTH_VNC; 493 break; 494 case VNC_AUTH_RA2: 495 *qmp_auth = VNC_PRIMARY_AUTH_RA2; 496 break; 497 case VNC_AUTH_RA2NE: 498 *qmp_auth = VNC_PRIMARY_AUTH_RA2NE; 499 break; 500 case VNC_AUTH_TIGHT: 501 *qmp_auth = VNC_PRIMARY_AUTH_TIGHT; 502 break; 503 case VNC_AUTH_ULTRA: 504 *qmp_auth = VNC_PRIMARY_AUTH_ULTRA; 505 break; 506 case VNC_AUTH_TLS: 507 *qmp_auth = VNC_PRIMARY_AUTH_TLS; 508 break; 509 case VNC_AUTH_VENCRYPT: 510 *qmp_auth = VNC_PRIMARY_AUTH_VENCRYPT; 511 *qmp_has_vencrypt = true; 512 switch (subauth) { 513 case VNC_AUTH_VENCRYPT_PLAIN: 514 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN; 515 break; 516 case VNC_AUTH_VENCRYPT_TLSNONE: 517 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE; 518 break; 519 case VNC_AUTH_VENCRYPT_TLSVNC: 520 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC; 521 break; 522 case VNC_AUTH_VENCRYPT_TLSPLAIN: 523 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN; 524 break; 525 case VNC_AUTH_VENCRYPT_X509NONE: 526 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE; 527 break; 528 case VNC_AUTH_VENCRYPT_X509VNC: 529 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC; 530 break; 531 case VNC_AUTH_VENCRYPT_X509PLAIN: 532 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN; 533 break; 534 case VNC_AUTH_VENCRYPT_TLSSASL: 535 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL; 536 break; 537 case VNC_AUTH_VENCRYPT_X509SASL: 538 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL; 539 break; 540 default: 541 *qmp_has_vencrypt = false; 542 break; 543 } 544 break; 545 case VNC_AUTH_SASL: 546 *qmp_auth = VNC_PRIMARY_AUTH_SASL; 547 break; 548 case VNC_AUTH_NONE: 549 default: 550 *qmp_auth = VNC_PRIMARY_AUTH_NONE; 551 break; 552 } 553 } 554 555 VncInfo2List *qmp_query_vnc_servers(Error **errp) 556 { 557 VncInfo2List *item, *prev = NULL; 558 VncInfo2 *info; 559 VncDisplay *vd; 560 DeviceState *dev; 561 size_t i; 562 563 QTAILQ_FOREACH(vd, &vnc_displays, next) { 564 info = g_new0(VncInfo2, 1); 565 info->id = g_strdup(vd->id); 566 info->clients = qmp_query_client_list(vd); 567 qmp_query_auth(vd->auth, vd->subauth, &info->auth, 568 &info->vencrypt, &info->has_vencrypt); 569 if (vd->dcl.con) { 570 dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con), 571 "device", NULL)); 572 info->has_display = true; 573 info->display = g_strdup(dev->id); 574 } 575 for (i = 0; i < vd->nlsock; i++) { 576 info->server = qmp_query_server_entry( 577 vd->lsock[i], false, vd->auth, vd->subauth, info->server); 578 } 579 for (i = 0; i < vd->nlwebsock; i++) { 580 info->server = qmp_query_server_entry( 581 vd->lwebsock[i], true, vd->ws_auth, 582 vd->ws_subauth, info->server); 583 } 584 585 item = g_new0(VncInfo2List, 1); 586 item->value = info; 587 item->next = prev; 588 prev = item; 589 } 590 return prev; 591 } 592 593 /* TODO 594 1) Get the queue working for IO. 595 2) there is some weirdness when using the -S option (the screen is grey 596 and not totally invalidated 597 3) resolutions > 1024 598 */ 599 600 static int vnc_update_client(VncState *vs, int has_dirty); 601 static void vnc_disconnect_start(VncState *vs); 602 603 static void vnc_colordepth(VncState *vs); 604 static void framebuffer_update_request(VncState *vs, int incremental, 605 int x_position, int y_position, 606 int w, int h); 607 static void vnc_refresh(DisplayChangeListener *dcl); 608 static int vnc_refresh_server_surface(VncDisplay *vd); 609 610 static int vnc_width(VncDisplay *vd) 611 { 612 return MIN(VNC_MAX_WIDTH, ROUND_UP(surface_width(vd->ds), 613 VNC_DIRTY_PIXELS_PER_BIT)); 614 } 615 616 static int vnc_height(VncDisplay *vd) 617 { 618 return MIN(VNC_MAX_HEIGHT, surface_height(vd->ds)); 619 } 620 621 static void vnc_set_area_dirty(DECLARE_BITMAP(dirty[VNC_MAX_HEIGHT], 622 VNC_MAX_WIDTH / VNC_DIRTY_PIXELS_PER_BIT), 623 VncDisplay *vd, 624 int x, int y, int w, int h) 625 { 626 int width = vnc_width(vd); 627 int height = vnc_height(vd); 628 629 /* this is needed this to ensure we updated all affected 630 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */ 631 w += (x % VNC_DIRTY_PIXELS_PER_BIT); 632 x -= (x % VNC_DIRTY_PIXELS_PER_BIT); 633 634 x = MIN(x, width); 635 y = MIN(y, height); 636 w = MIN(x + w, width) - x; 637 h = MIN(y + h, height); 638 639 for (; y < h; y++) { 640 bitmap_set(dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT, 641 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT)); 642 } 643 } 644 645 static void vnc_dpy_update(DisplayChangeListener *dcl, 646 int x, int y, int w, int h) 647 { 648 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 649 struct VncSurface *s = &vd->guest; 650 651 vnc_set_area_dirty(s->dirty, vd, x, y, w, h); 652 } 653 654 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h, 655 int32_t encoding) 656 { 657 vnc_write_u16(vs, x); 658 vnc_write_u16(vs, y); 659 vnc_write_u16(vs, w); 660 vnc_write_u16(vs, h); 661 662 vnc_write_s32(vs, encoding); 663 } 664 665 666 static void vnc_desktop_resize(VncState *vs) 667 { 668 if (vs->ioc == NULL || !vnc_has_feature(vs, VNC_FEATURE_RESIZE)) { 669 return; 670 } 671 if (vs->client_width == pixman_image_get_width(vs->vd->server) && 672 vs->client_height == pixman_image_get_height(vs->vd->server)) { 673 return; 674 } 675 676 assert(pixman_image_get_width(vs->vd->server) < 65536 && 677 pixman_image_get_width(vs->vd->server) >= 0); 678 assert(pixman_image_get_height(vs->vd->server) < 65536 && 679 pixman_image_get_height(vs->vd->server) >= 0); 680 vs->client_width = pixman_image_get_width(vs->vd->server); 681 vs->client_height = pixman_image_get_height(vs->vd->server); 682 vnc_lock_output(vs); 683 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 684 vnc_write_u8(vs, 0); 685 vnc_write_u16(vs, 1); /* number of rects */ 686 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height, 687 VNC_ENCODING_DESKTOPRESIZE); 688 vnc_unlock_output(vs); 689 vnc_flush(vs); 690 } 691 692 static void vnc_abort_display_jobs(VncDisplay *vd) 693 { 694 VncState *vs; 695 696 QTAILQ_FOREACH(vs, &vd->clients, next) { 697 vnc_lock_output(vs); 698 vs->abort = true; 699 vnc_unlock_output(vs); 700 } 701 QTAILQ_FOREACH(vs, &vd->clients, next) { 702 vnc_jobs_join(vs); 703 } 704 QTAILQ_FOREACH(vs, &vd->clients, next) { 705 vnc_lock_output(vs); 706 vs->abort = false; 707 vnc_unlock_output(vs); 708 } 709 } 710 711 int vnc_server_fb_stride(VncDisplay *vd) 712 { 713 return pixman_image_get_stride(vd->server); 714 } 715 716 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y) 717 { 718 uint8_t *ptr; 719 720 ptr = (uint8_t *)pixman_image_get_data(vd->server); 721 ptr += y * vnc_server_fb_stride(vd); 722 ptr += x * VNC_SERVER_FB_BYTES; 723 return ptr; 724 } 725 726 static void vnc_update_server_surface(VncDisplay *vd) 727 { 728 int width, height; 729 730 qemu_pixman_image_unref(vd->server); 731 vd->server = NULL; 732 733 if (QTAILQ_EMPTY(&vd->clients)) { 734 return; 735 } 736 737 width = vnc_width(vd); 738 height = vnc_height(vd); 739 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT, 740 width, height, 741 NULL, 0); 742 743 memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty)); 744 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0, 745 width, height); 746 } 747 748 static void vnc_dpy_switch(DisplayChangeListener *dcl, 749 DisplaySurface *surface) 750 { 751 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 752 VncState *vs; 753 754 vnc_abort_display_jobs(vd); 755 vd->ds = surface; 756 757 /* server surface */ 758 vnc_update_server_surface(vd); 759 760 /* guest surface */ 761 qemu_pixman_image_unref(vd->guest.fb); 762 vd->guest.fb = pixman_image_ref(surface->image); 763 vd->guest.format = surface->format; 764 765 QTAILQ_FOREACH(vs, &vd->clients, next) { 766 vnc_colordepth(vs); 767 vnc_desktop_resize(vs); 768 if (vs->vd->cursor) { 769 vnc_cursor_define(vs); 770 } 771 memset(vs->dirty, 0x00, sizeof(vs->dirty)); 772 vnc_set_area_dirty(vs->dirty, vd, 0, 0, 773 vnc_width(vd), 774 vnc_height(vd)); 775 vnc_update_throttle_offset(vs); 776 } 777 } 778 779 /* fastest code */ 780 static void vnc_write_pixels_copy(VncState *vs, 781 void *pixels, int size) 782 { 783 vnc_write(vs, pixels, size); 784 } 785 786 /* slowest but generic code. */ 787 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v) 788 { 789 uint8_t r, g, b; 790 791 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8) 792 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8; 793 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8; 794 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8; 795 #else 796 # error need some bits here if you change VNC_SERVER_FB_FORMAT 797 #endif 798 v = (r << vs->client_pf.rshift) | 799 (g << vs->client_pf.gshift) | 800 (b << vs->client_pf.bshift); 801 switch (vs->client_pf.bytes_per_pixel) { 802 case 1: 803 buf[0] = v; 804 break; 805 case 2: 806 if (vs->client_be) { 807 buf[0] = v >> 8; 808 buf[1] = v; 809 } else { 810 buf[1] = v >> 8; 811 buf[0] = v; 812 } 813 break; 814 default: 815 case 4: 816 if (vs->client_be) { 817 buf[0] = v >> 24; 818 buf[1] = v >> 16; 819 buf[2] = v >> 8; 820 buf[3] = v; 821 } else { 822 buf[3] = v >> 24; 823 buf[2] = v >> 16; 824 buf[1] = v >> 8; 825 buf[0] = v; 826 } 827 break; 828 } 829 } 830 831 static void vnc_write_pixels_generic(VncState *vs, 832 void *pixels1, int size) 833 { 834 uint8_t buf[4]; 835 836 if (VNC_SERVER_FB_BYTES == 4) { 837 uint32_t *pixels = pixels1; 838 int n, i; 839 n = size >> 2; 840 for (i = 0; i < n; i++) { 841 vnc_convert_pixel(vs, buf, pixels[i]); 842 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel); 843 } 844 } 845 } 846 847 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 848 { 849 int i; 850 uint8_t *row; 851 VncDisplay *vd = vs->vd; 852 853 row = vnc_server_fb_ptr(vd, x, y); 854 for (i = 0; i < h; i++) { 855 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES); 856 row += vnc_server_fb_stride(vd); 857 } 858 return 1; 859 } 860 861 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h) 862 { 863 int n = 0; 864 bool encode_raw = false; 865 size_t saved_offs = vs->output.offset; 866 867 switch(vs->vnc_encoding) { 868 case VNC_ENCODING_ZLIB: 869 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h); 870 break; 871 case VNC_ENCODING_HEXTILE: 872 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE); 873 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h); 874 break; 875 case VNC_ENCODING_TIGHT: 876 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h); 877 break; 878 case VNC_ENCODING_TIGHT_PNG: 879 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h); 880 break; 881 case VNC_ENCODING_ZRLE: 882 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h); 883 break; 884 case VNC_ENCODING_ZYWRLE: 885 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h); 886 break; 887 default: 888 encode_raw = true; 889 break; 890 } 891 892 /* If the client has the same pixel format as our internal buffer and 893 * a RAW encoding would need less space fall back to RAW encoding to 894 * save bandwidth and processing power in the client. */ 895 if (!encode_raw && vs->write_pixels == vnc_write_pixels_copy && 896 12 + h * w * VNC_SERVER_FB_BYTES <= (vs->output.offset - saved_offs)) { 897 vs->output.offset = saved_offs; 898 encode_raw = true; 899 } 900 901 if (encode_raw) { 902 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW); 903 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h); 904 } 905 906 return n; 907 } 908 909 static void vnc_mouse_set(DisplayChangeListener *dcl, 910 int x, int y, int visible) 911 { 912 /* can we ask the client(s) to move the pointer ??? */ 913 } 914 915 static int vnc_cursor_define(VncState *vs) 916 { 917 QEMUCursor *c = vs->vd->cursor; 918 int isize; 919 920 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) { 921 vnc_lock_output(vs); 922 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 923 vnc_write_u8(vs, 0); /* padding */ 924 vnc_write_u16(vs, 1); /* # of rects */ 925 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height, 926 VNC_ENCODING_RICH_CURSOR); 927 isize = c->width * c->height * vs->client_pf.bytes_per_pixel; 928 vnc_write_pixels_generic(vs, c->data, isize); 929 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize); 930 vnc_unlock_output(vs); 931 return 0; 932 } 933 return -1; 934 } 935 936 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl, 937 QEMUCursor *c) 938 { 939 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 940 VncState *vs; 941 942 cursor_put(vd->cursor); 943 g_free(vd->cursor_mask); 944 945 vd->cursor = c; 946 cursor_get(vd->cursor); 947 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height; 948 vd->cursor_mask = g_malloc0(vd->cursor_msize); 949 cursor_get_mono_mask(c, 0, vd->cursor_mask); 950 951 QTAILQ_FOREACH(vs, &vd->clients, next) { 952 vnc_cursor_define(vs); 953 } 954 } 955 956 static int find_and_clear_dirty_height(VncState *vs, 957 int y, int last_x, int x, int height) 958 { 959 int h; 960 961 for (h = 1; h < (height - y); h++) { 962 if (!test_bit(last_x, vs->dirty[y + h])) { 963 break; 964 } 965 bitmap_clear(vs->dirty[y + h], last_x, x - last_x); 966 } 967 968 return h; 969 } 970 971 /* 972 * Figure out how much pending data we should allow in the output 973 * buffer before we throttle incremental display updates, and/or 974 * drop audio samples. 975 * 976 * We allow for equiv of 1 full display's worth of FB updates, 977 * and 1 second of audio samples. If audio backlog was larger 978 * than that the client would already suffering awful audio 979 * glitches, so dropping samples is no worse really). 980 */ 981 static void vnc_update_throttle_offset(VncState *vs) 982 { 983 size_t offset = 984 vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel; 985 986 if (vs->audio_cap) { 987 int freq = vs->as.freq; 988 /* We don't limit freq when reading settings from client, so 989 * it could be upto MAX_INT in size. 48khz is a sensible 990 * upper bound for trustworthy clients */ 991 int bps; 992 if (freq > 48000) { 993 freq = 48000; 994 } 995 switch (vs->as.fmt) { 996 default: 997 case AUD_FMT_U8: 998 case AUD_FMT_S8: 999 bps = 1; 1000 break; 1001 case AUD_FMT_U16: 1002 case AUD_FMT_S16: 1003 bps = 2; 1004 break; 1005 case AUD_FMT_U32: 1006 case AUD_FMT_S32: 1007 bps = 4; 1008 break; 1009 } 1010 offset += freq * bps * vs->as.nchannels; 1011 } 1012 1013 /* Put a floor of 1MB on offset, so that if we have a large pending 1014 * buffer and the display is resized to a small size & back again 1015 * we don't suddenly apply a tiny send limit 1016 */ 1017 offset = MAX(offset, 1024 * 1024); 1018 1019 if (vs->throttle_output_offset != offset) { 1020 trace_vnc_client_throttle_threshold( 1021 vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_width, 1022 vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_cap); 1023 } 1024 1025 vs->throttle_output_offset = offset; 1026 } 1027 1028 static bool vnc_should_update(VncState *vs) 1029 { 1030 switch (vs->update) { 1031 case VNC_STATE_UPDATE_NONE: 1032 break; 1033 case VNC_STATE_UPDATE_INCREMENTAL: 1034 /* Only allow incremental updates if the pending send queue 1035 * is less than the permitted threshold, and the job worker 1036 * is completely idle. 1037 */ 1038 if (vs->output.offset < vs->throttle_output_offset && 1039 vs->job_update == VNC_STATE_UPDATE_NONE) { 1040 return true; 1041 } 1042 trace_vnc_client_throttle_incremental( 1043 vs, vs->ioc, vs->job_update, vs->output.offset); 1044 break; 1045 case VNC_STATE_UPDATE_FORCE: 1046 /* Only allow forced updates if the pending send queue 1047 * does not contain a previous forced update, and the 1048 * job worker is completely idle. 1049 * 1050 * Note this means we'll queue a forced update, even if 1051 * the output buffer size is otherwise over the throttle 1052 * output limit. 1053 */ 1054 if (vs->force_update_offset == 0 && 1055 vs->job_update == VNC_STATE_UPDATE_NONE) { 1056 return true; 1057 } 1058 trace_vnc_client_throttle_forced( 1059 vs, vs->ioc, vs->job_update, vs->force_update_offset); 1060 break; 1061 } 1062 return false; 1063 } 1064 1065 static int vnc_update_client(VncState *vs, int has_dirty) 1066 { 1067 VncDisplay *vd = vs->vd; 1068 VncJob *job; 1069 int y; 1070 int height, width; 1071 int n = 0; 1072 1073 if (vs->disconnecting) { 1074 vnc_disconnect_finish(vs); 1075 return 0; 1076 } 1077 1078 vs->has_dirty += has_dirty; 1079 if (!vnc_should_update(vs)) { 1080 return 0; 1081 } 1082 1083 if (!vs->has_dirty && vs->update != VNC_STATE_UPDATE_FORCE) { 1084 return 0; 1085 } 1086 1087 /* 1088 * Send screen updates to the vnc client using the server 1089 * surface and server dirty map. guest surface updates 1090 * happening in parallel don't disturb us, the next pass will 1091 * send them to the client. 1092 */ 1093 job = vnc_job_new(vs); 1094 1095 height = pixman_image_get_height(vd->server); 1096 width = pixman_image_get_width(vd->server); 1097 1098 y = 0; 1099 for (;;) { 1100 int x, h; 1101 unsigned long x2; 1102 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty, 1103 height * VNC_DIRTY_BPL(vs), 1104 y * VNC_DIRTY_BPL(vs)); 1105 if (offset == height * VNC_DIRTY_BPL(vs)) { 1106 /* no more dirty bits */ 1107 break; 1108 } 1109 y = offset / VNC_DIRTY_BPL(vs); 1110 x = offset % VNC_DIRTY_BPL(vs); 1111 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y], 1112 VNC_DIRTY_BPL(vs), x); 1113 bitmap_clear(vs->dirty[y], x, x2 - x); 1114 h = find_and_clear_dirty_height(vs, y, x, x2, height); 1115 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT); 1116 if (x2 > x) { 1117 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y, 1118 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h); 1119 } 1120 if (!x && x2 == width / VNC_DIRTY_PIXELS_PER_BIT) { 1121 y += h; 1122 if (y == height) { 1123 break; 1124 } 1125 } 1126 } 1127 1128 vs->job_update = vs->update; 1129 vs->update = VNC_STATE_UPDATE_NONE; 1130 vnc_job_push(job); 1131 vs->has_dirty = 0; 1132 return n; 1133 } 1134 1135 /* audio */ 1136 static void audio_capture_notify(void *opaque, audcnotification_e cmd) 1137 { 1138 VncState *vs = opaque; 1139 1140 switch (cmd) { 1141 case AUD_CNOTIFY_DISABLE: 1142 vnc_lock_output(vs); 1143 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1144 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1145 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END); 1146 vnc_unlock_output(vs); 1147 vnc_flush(vs); 1148 break; 1149 1150 case AUD_CNOTIFY_ENABLE: 1151 vnc_lock_output(vs); 1152 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1153 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1154 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN); 1155 vnc_unlock_output(vs); 1156 vnc_flush(vs); 1157 break; 1158 } 1159 } 1160 1161 static void audio_capture_destroy(void *opaque) 1162 { 1163 } 1164 1165 static void audio_capture(void *opaque, void *buf, int size) 1166 { 1167 VncState *vs = opaque; 1168 1169 vnc_lock_output(vs); 1170 if (vs->output.offset < vs->throttle_output_offset) { 1171 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU); 1172 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO); 1173 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA); 1174 vnc_write_u32(vs, size); 1175 vnc_write(vs, buf, size); 1176 } else { 1177 trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset); 1178 } 1179 vnc_unlock_output(vs); 1180 vnc_flush(vs); 1181 } 1182 1183 static void audio_add(VncState *vs) 1184 { 1185 struct audio_capture_ops ops; 1186 1187 if (vs->audio_cap) { 1188 error_report("audio already running"); 1189 return; 1190 } 1191 1192 ops.notify = audio_capture_notify; 1193 ops.destroy = audio_capture_destroy; 1194 ops.capture = audio_capture; 1195 1196 vs->audio_cap = AUD_add_capture(&vs->as, &ops, vs); 1197 if (!vs->audio_cap) { 1198 error_report("Failed to add audio capture"); 1199 } 1200 } 1201 1202 static void audio_del(VncState *vs) 1203 { 1204 if (vs->audio_cap) { 1205 AUD_del_capture(vs->audio_cap, vs); 1206 vs->audio_cap = NULL; 1207 } 1208 } 1209 1210 static void vnc_disconnect_start(VncState *vs) 1211 { 1212 if (vs->disconnecting) { 1213 return; 1214 } 1215 trace_vnc_client_disconnect_start(vs, vs->ioc); 1216 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED); 1217 if (vs->ioc_tag) { 1218 g_source_remove(vs->ioc_tag); 1219 vs->ioc_tag = 0; 1220 } 1221 qio_channel_close(vs->ioc, NULL); 1222 vs->disconnecting = TRUE; 1223 } 1224 1225 void vnc_disconnect_finish(VncState *vs) 1226 { 1227 int i; 1228 1229 trace_vnc_client_disconnect_finish(vs, vs->ioc); 1230 1231 vnc_jobs_join(vs); /* Wait encoding jobs */ 1232 1233 vnc_lock_output(vs); 1234 vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED); 1235 1236 buffer_free(&vs->input); 1237 buffer_free(&vs->output); 1238 1239 qapi_free_VncClientInfo(vs->info); 1240 1241 vnc_zlib_clear(vs); 1242 vnc_tight_clear(vs); 1243 vnc_zrle_clear(vs); 1244 1245 #ifdef CONFIG_VNC_SASL 1246 vnc_sasl_client_cleanup(vs); 1247 #endif /* CONFIG_VNC_SASL */ 1248 audio_del(vs); 1249 vnc_release_modifiers(vs); 1250 1251 if (vs->mouse_mode_notifier.notify != NULL) { 1252 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 1253 } 1254 QTAILQ_REMOVE(&vs->vd->clients, vs, next); 1255 if (QTAILQ_EMPTY(&vs->vd->clients)) { 1256 /* last client gone */ 1257 vnc_update_server_surface(vs->vd); 1258 } 1259 1260 vnc_unlock_output(vs); 1261 1262 qemu_mutex_destroy(&vs->output_mutex); 1263 if (vs->bh != NULL) { 1264 qemu_bh_delete(vs->bh); 1265 } 1266 buffer_free(&vs->jobs_buffer); 1267 1268 for (i = 0; i < VNC_STAT_ROWS; ++i) { 1269 g_free(vs->lossy_rect[i]); 1270 } 1271 g_free(vs->lossy_rect); 1272 1273 object_unref(OBJECT(vs->ioc)); 1274 vs->ioc = NULL; 1275 object_unref(OBJECT(vs->sioc)); 1276 vs->sioc = NULL; 1277 g_free(vs); 1278 } 1279 1280 size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp) 1281 { 1282 if (ret <= 0) { 1283 if (ret == 0) { 1284 trace_vnc_client_eof(vs, vs->ioc); 1285 vnc_disconnect_start(vs); 1286 } else if (ret != QIO_CHANNEL_ERR_BLOCK) { 1287 trace_vnc_client_io_error(vs, vs->ioc, 1288 errp ? error_get_pretty(*errp) : 1289 "Unknown"); 1290 vnc_disconnect_start(vs); 1291 } 1292 1293 if (errp) { 1294 error_free(*errp); 1295 *errp = NULL; 1296 } 1297 return 0; 1298 } 1299 return ret; 1300 } 1301 1302 1303 void vnc_client_error(VncState *vs) 1304 { 1305 VNC_DEBUG("Closing down client sock: protocol error\n"); 1306 vnc_disconnect_start(vs); 1307 } 1308 1309 1310 /* 1311 * Called to write a chunk of data to the client socket. The data may 1312 * be the raw data, or may have already been encoded by SASL. 1313 * The data will be written either straight onto the socket, or 1314 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1315 * 1316 * NB, it is theoretically possible to have 2 layers of encryption, 1317 * both SASL, and this TLS layer. It is highly unlikely in practice 1318 * though, since SASL encryption will typically be a no-op if TLS 1319 * is active 1320 * 1321 * Returns the number of bytes written, which may be less than 1322 * the requested 'datalen' if the socket would block. Returns 1323 * 0 on I/O error, and disconnects the client socket. 1324 */ 1325 size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen) 1326 { 1327 Error *err = NULL; 1328 ssize_t ret; 1329 ret = qio_channel_write( 1330 vs->ioc, (const char *)data, datalen, &err); 1331 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret); 1332 return vnc_client_io_error(vs, ret, &err); 1333 } 1334 1335 1336 /* 1337 * Called to write buffered data to the client socket, when not 1338 * using any SASL SSF encryption layers. Will write as much data 1339 * as possible without blocking. If all buffered data is written, 1340 * will switch the FD poll() handler back to read monitoring. 1341 * 1342 * Returns the number of bytes written, which may be less than 1343 * the buffered output data if the socket would block. Returns 1344 * 0 on I/O error, and disconnects the client socket. 1345 */ 1346 static size_t vnc_client_write_plain(VncState *vs) 1347 { 1348 size_t offset; 1349 size_t ret; 1350 1351 #ifdef CONFIG_VNC_SASL 1352 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n", 1353 vs->output.buffer, vs->output.capacity, vs->output.offset, 1354 vs->sasl.waitWriteSSF); 1355 1356 if (vs->sasl.conn && 1357 vs->sasl.runSSF && 1358 vs->sasl.waitWriteSSF) { 1359 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF); 1360 if (ret) 1361 vs->sasl.waitWriteSSF -= ret; 1362 } else 1363 #endif /* CONFIG_VNC_SASL */ 1364 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset); 1365 if (!ret) 1366 return 0; 1367 1368 if (ret >= vs->force_update_offset) { 1369 if (vs->force_update_offset != 0) { 1370 trace_vnc_client_unthrottle_forced(vs, vs->ioc); 1371 } 1372 vs->force_update_offset = 0; 1373 } else { 1374 vs->force_update_offset -= ret; 1375 } 1376 offset = vs->output.offset; 1377 buffer_advance(&vs->output, ret); 1378 if (offset >= vs->throttle_output_offset && 1379 vs->output.offset < vs->throttle_output_offset) { 1380 trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.offset); 1381 } 1382 1383 if (vs->output.offset == 0) { 1384 if (vs->ioc_tag) { 1385 g_source_remove(vs->ioc_tag); 1386 } 1387 vs->ioc_tag = qio_channel_add_watch( 1388 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 1389 } 1390 1391 return ret; 1392 } 1393 1394 1395 /* 1396 * First function called whenever there is data to be written to 1397 * the client socket. Will delegate actual work according to whether 1398 * SASL SSF layers are enabled (thus requiring encryption calls) 1399 */ 1400 static void vnc_client_write_locked(VncState *vs) 1401 { 1402 #ifdef CONFIG_VNC_SASL 1403 if (vs->sasl.conn && 1404 vs->sasl.runSSF && 1405 !vs->sasl.waitWriteSSF) { 1406 vnc_client_write_sasl(vs); 1407 } else 1408 #endif /* CONFIG_VNC_SASL */ 1409 { 1410 vnc_client_write_plain(vs); 1411 } 1412 } 1413 1414 static void vnc_client_write(VncState *vs) 1415 { 1416 1417 vnc_lock_output(vs); 1418 if (vs->output.offset) { 1419 vnc_client_write_locked(vs); 1420 } else if (vs->ioc != NULL) { 1421 if (vs->ioc_tag) { 1422 g_source_remove(vs->ioc_tag); 1423 } 1424 vs->ioc_tag = qio_channel_add_watch( 1425 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 1426 } 1427 vnc_unlock_output(vs); 1428 } 1429 1430 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting) 1431 { 1432 vs->read_handler = func; 1433 vs->read_handler_expect = expecting; 1434 } 1435 1436 1437 /* 1438 * Called to read a chunk of data from the client socket. The data may 1439 * be the raw data, or may need to be further decoded by SASL. 1440 * The data will be read either straight from to the socket, or 1441 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled 1442 * 1443 * NB, it is theoretically possible to have 2 layers of encryption, 1444 * both SASL, and this TLS layer. It is highly unlikely in practice 1445 * though, since SASL encryption will typically be a no-op if TLS 1446 * is active 1447 * 1448 * Returns the number of bytes read, which may be less than 1449 * the requested 'datalen' if the socket would block. Returns 1450 * 0 on I/O error or EOF, and disconnects the client socket. 1451 */ 1452 size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen) 1453 { 1454 ssize_t ret; 1455 Error *err = NULL; 1456 ret = qio_channel_read( 1457 vs->ioc, (char *)data, datalen, &err); 1458 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret); 1459 return vnc_client_io_error(vs, ret, &err); 1460 } 1461 1462 1463 /* 1464 * Called to read data from the client socket to the input buffer, 1465 * when not using any SASL SSF encryption layers. Will read as much 1466 * data as possible without blocking. 1467 * 1468 * Returns the number of bytes read, which may be less than 1469 * the requested 'datalen' if the socket would block. Returns 1470 * 0 on I/O error or EOF, and disconnects the client socket. 1471 */ 1472 static size_t vnc_client_read_plain(VncState *vs) 1473 { 1474 size_t ret; 1475 VNC_DEBUG("Read plain %p size %zd offset %zd\n", 1476 vs->input.buffer, vs->input.capacity, vs->input.offset); 1477 buffer_reserve(&vs->input, 4096); 1478 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096); 1479 if (!ret) 1480 return 0; 1481 vs->input.offset += ret; 1482 return ret; 1483 } 1484 1485 static void vnc_jobs_bh(void *opaque) 1486 { 1487 VncState *vs = opaque; 1488 1489 vnc_jobs_consume_buffer(vs); 1490 } 1491 1492 /* 1493 * First function called whenever there is more data to be read from 1494 * the client socket. Will delegate actual work according to whether 1495 * SASL SSF layers are enabled (thus requiring decryption calls) 1496 * Returns 0 on success, -1 if client disconnected 1497 */ 1498 static int vnc_client_read(VncState *vs) 1499 { 1500 size_t ret; 1501 1502 #ifdef CONFIG_VNC_SASL 1503 if (vs->sasl.conn && vs->sasl.runSSF) 1504 ret = vnc_client_read_sasl(vs); 1505 else 1506 #endif /* CONFIG_VNC_SASL */ 1507 ret = vnc_client_read_plain(vs); 1508 if (!ret) { 1509 if (vs->disconnecting) { 1510 vnc_disconnect_finish(vs); 1511 return -1; 1512 } 1513 return 0; 1514 } 1515 1516 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) { 1517 size_t len = vs->read_handler_expect; 1518 int ret; 1519 1520 ret = vs->read_handler(vs, vs->input.buffer, len); 1521 if (vs->disconnecting) { 1522 vnc_disconnect_finish(vs); 1523 return -1; 1524 } 1525 1526 if (!ret) { 1527 buffer_advance(&vs->input, len); 1528 } else { 1529 vs->read_handler_expect = ret; 1530 } 1531 } 1532 return 0; 1533 } 1534 1535 gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED, 1536 GIOCondition condition, void *opaque) 1537 { 1538 VncState *vs = opaque; 1539 if (condition & G_IO_IN) { 1540 if (vnc_client_read(vs) < 0) { 1541 return TRUE; 1542 } 1543 } 1544 if (condition & G_IO_OUT) { 1545 vnc_client_write(vs); 1546 } 1547 return TRUE; 1548 } 1549 1550 1551 /* 1552 * Scale factor to apply to vs->throttle_output_offset when checking for 1553 * hard limit. Worst case normal usage could be x2, if we have a complete 1554 * incremental update and complete forced update in the output buffer. 1555 * So x3 should be good enough, but we pick x5 to be conservative and thus 1556 * (hopefully) never trigger incorrectly. 1557 */ 1558 #define VNC_THROTTLE_OUTPUT_LIMIT_SCALE 5 1559 1560 void vnc_write(VncState *vs, const void *data, size_t len) 1561 { 1562 if (vs->disconnecting) { 1563 return; 1564 } 1565 /* Protection against malicious client/guest to prevent our output 1566 * buffer growing without bound if client stops reading data. This 1567 * should rarely trigger, because we have earlier throttling code 1568 * which stops issuing framebuffer updates and drops audio data 1569 * if the throttle_output_offset value is exceeded. So we only reach 1570 * this higher level if a huge number of pseudo-encodings get 1571 * triggered while data can't be sent on the socket. 1572 * 1573 * NB throttle_output_offset can be zero during early protocol 1574 * handshake, or from the job thread's VncState clone 1575 */ 1576 if (vs->throttle_output_offset != 0 && 1577 vs->output.offset > (vs->throttle_output_offset * 1578 VNC_THROTTLE_OUTPUT_LIMIT_SCALE)) { 1579 trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset, 1580 vs->throttle_output_offset); 1581 vnc_disconnect_start(vs); 1582 return; 1583 } 1584 buffer_reserve(&vs->output, len); 1585 1586 if (vs->ioc != NULL && buffer_empty(&vs->output)) { 1587 if (vs->ioc_tag) { 1588 g_source_remove(vs->ioc_tag); 1589 } 1590 vs->ioc_tag = qio_channel_add_watch( 1591 vs->ioc, G_IO_IN | G_IO_OUT, vnc_client_io, vs, NULL); 1592 } 1593 1594 buffer_append(&vs->output, data, len); 1595 } 1596 1597 void vnc_write_s32(VncState *vs, int32_t value) 1598 { 1599 vnc_write_u32(vs, *(uint32_t *)&value); 1600 } 1601 1602 void vnc_write_u32(VncState *vs, uint32_t value) 1603 { 1604 uint8_t buf[4]; 1605 1606 buf[0] = (value >> 24) & 0xFF; 1607 buf[1] = (value >> 16) & 0xFF; 1608 buf[2] = (value >> 8) & 0xFF; 1609 buf[3] = value & 0xFF; 1610 1611 vnc_write(vs, buf, 4); 1612 } 1613 1614 void vnc_write_u16(VncState *vs, uint16_t value) 1615 { 1616 uint8_t buf[2]; 1617 1618 buf[0] = (value >> 8) & 0xFF; 1619 buf[1] = value & 0xFF; 1620 1621 vnc_write(vs, buf, 2); 1622 } 1623 1624 void vnc_write_u8(VncState *vs, uint8_t value) 1625 { 1626 vnc_write(vs, (char *)&value, 1); 1627 } 1628 1629 void vnc_flush(VncState *vs) 1630 { 1631 vnc_lock_output(vs); 1632 if (vs->ioc != NULL && vs->output.offset) { 1633 vnc_client_write_locked(vs); 1634 } 1635 vnc_unlock_output(vs); 1636 } 1637 1638 static uint8_t read_u8(uint8_t *data, size_t offset) 1639 { 1640 return data[offset]; 1641 } 1642 1643 static uint16_t read_u16(uint8_t *data, size_t offset) 1644 { 1645 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF); 1646 } 1647 1648 static int32_t read_s32(uint8_t *data, size_t offset) 1649 { 1650 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) | 1651 (data[offset + 2] << 8) | data[offset + 3]); 1652 } 1653 1654 uint32_t read_u32(uint8_t *data, size_t offset) 1655 { 1656 return ((data[offset] << 24) | (data[offset + 1] << 16) | 1657 (data[offset + 2] << 8) | data[offset + 3]); 1658 } 1659 1660 static void client_cut_text(VncState *vs, size_t len, uint8_t *text) 1661 { 1662 } 1663 1664 static void check_pointer_type_change(Notifier *notifier, void *data) 1665 { 1666 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier); 1667 int absolute = qemu_input_is_absolute(); 1668 1669 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) { 1670 vnc_lock_output(vs); 1671 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1672 vnc_write_u8(vs, 0); 1673 vnc_write_u16(vs, 1); 1674 vnc_framebuffer_update(vs, absolute, 0, 1675 pixman_image_get_width(vs->vd->server), 1676 pixman_image_get_height(vs->vd->server), 1677 VNC_ENCODING_POINTER_TYPE_CHANGE); 1678 vnc_unlock_output(vs); 1679 vnc_flush(vs); 1680 } 1681 vs->absolute = absolute; 1682 } 1683 1684 static void pointer_event(VncState *vs, int button_mask, int x, int y) 1685 { 1686 static uint32_t bmap[INPUT_BUTTON__MAX] = { 1687 [INPUT_BUTTON_LEFT] = 0x01, 1688 [INPUT_BUTTON_MIDDLE] = 0x02, 1689 [INPUT_BUTTON_RIGHT] = 0x04, 1690 [INPUT_BUTTON_WHEEL_UP] = 0x08, 1691 [INPUT_BUTTON_WHEEL_DOWN] = 0x10, 1692 }; 1693 QemuConsole *con = vs->vd->dcl.con; 1694 int width = pixman_image_get_width(vs->vd->server); 1695 int height = pixman_image_get_height(vs->vd->server); 1696 1697 if (vs->last_bmask != button_mask) { 1698 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask); 1699 vs->last_bmask = button_mask; 1700 } 1701 1702 if (vs->absolute) { 1703 qemu_input_queue_abs(con, INPUT_AXIS_X, x, 0, width); 1704 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, 0, height); 1705 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) { 1706 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF); 1707 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF); 1708 } else { 1709 if (vs->last_x != -1) { 1710 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x); 1711 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y); 1712 } 1713 vs->last_x = x; 1714 vs->last_y = y; 1715 } 1716 qemu_input_event_sync(); 1717 } 1718 1719 static void reset_keys(VncState *vs) 1720 { 1721 int i; 1722 for(i = 0; i < 256; i++) { 1723 if (vs->modifiers_state[i]) { 1724 qemu_input_event_send_key_number(vs->vd->dcl.con, i, false); 1725 qemu_input_event_send_key_delay(vs->vd->key_delay_ms); 1726 vs->modifiers_state[i] = 0; 1727 } 1728 } 1729 } 1730 1731 static void press_key(VncState *vs, int keysym) 1732 { 1733 int keycode = keysym2scancode(vs->vd->kbd_layout, keysym) & SCANCODE_KEYMASK; 1734 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, true); 1735 qemu_input_event_send_key_delay(vs->vd->key_delay_ms); 1736 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false); 1737 qemu_input_event_send_key_delay(vs->vd->key_delay_ms); 1738 } 1739 1740 static void vnc_led_state_change(VncState *vs) 1741 { 1742 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) { 1743 return; 1744 } 1745 1746 vnc_lock_output(vs); 1747 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 1748 vnc_write_u8(vs, 0); 1749 vnc_write_u16(vs, 1); 1750 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE); 1751 vnc_write_u8(vs, vs->vd->ledstate); 1752 vnc_unlock_output(vs); 1753 vnc_flush(vs); 1754 } 1755 1756 static void kbd_leds(void *opaque, int ledstate) 1757 { 1758 VncDisplay *vd = opaque; 1759 VncState *client; 1760 1761 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED), 1762 (ledstate & QEMU_NUM_LOCK_LED), 1763 (ledstate & QEMU_SCROLL_LOCK_LED)); 1764 1765 if (ledstate == vd->ledstate) { 1766 return; 1767 } 1768 1769 vd->ledstate = ledstate; 1770 1771 QTAILQ_FOREACH(client, &vd->clients, next) { 1772 vnc_led_state_change(client); 1773 } 1774 } 1775 1776 static void do_key_event(VncState *vs, int down, int keycode, int sym) 1777 { 1778 /* QEMU console switch */ 1779 switch(keycode) { 1780 case 0x2a: /* Left Shift */ 1781 case 0x36: /* Right Shift */ 1782 case 0x1d: /* Left CTRL */ 1783 case 0x9d: /* Right CTRL */ 1784 case 0x38: /* Left ALT */ 1785 case 0xb8: /* Right ALT */ 1786 if (down) 1787 vs->modifiers_state[keycode] = 1; 1788 else 1789 vs->modifiers_state[keycode] = 0; 1790 break; 1791 case 0x02 ... 0x0a: /* '1' to '9' keys */ 1792 if (vs->vd->dcl.con == NULL && 1793 down && vs->modifiers_state[0x1d] && vs->modifiers_state[0x38]) { 1794 /* Reset the modifiers sent to the current console */ 1795 reset_keys(vs); 1796 console_select(keycode - 0x02); 1797 return; 1798 } 1799 break; 1800 case 0x3a: /* CapsLock */ 1801 case 0x45: /* NumLock */ 1802 if (down) 1803 vs->modifiers_state[keycode] ^= 1; 1804 break; 1805 } 1806 1807 /* Turn off the lock state sync logic if the client support the led 1808 state extension. 1809 */ 1810 if (down && vs->vd->lock_key_sync && 1811 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1812 keycode_is_keypad(vs->vd->kbd_layout, keycode)) { 1813 /* If the numlock state needs to change then simulate an additional 1814 keypress before sending this one. This will happen if the user 1815 toggles numlock away from the VNC window. 1816 */ 1817 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) { 1818 if (!vs->modifiers_state[0x45]) { 1819 trace_vnc_key_sync_numlock(true); 1820 vs->modifiers_state[0x45] = 1; 1821 press_key(vs, 0xff7f); 1822 } 1823 } else { 1824 if (vs->modifiers_state[0x45]) { 1825 trace_vnc_key_sync_numlock(false); 1826 vs->modifiers_state[0x45] = 0; 1827 press_key(vs, 0xff7f); 1828 } 1829 } 1830 } 1831 1832 if (down && vs->vd->lock_key_sync && 1833 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) && 1834 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) { 1835 /* If the capslock state needs to change then simulate an additional 1836 keypress before sending this one. This will happen if the user 1837 toggles capslock away from the VNC window. 1838 */ 1839 int uppercase = !!(sym >= 'A' && sym <= 'Z'); 1840 int shift = !!(vs->modifiers_state[0x2a] | vs->modifiers_state[0x36]); 1841 int capslock = !!(vs->modifiers_state[0x3a]); 1842 if (capslock) { 1843 if (uppercase == shift) { 1844 trace_vnc_key_sync_capslock(false); 1845 vs->modifiers_state[0x3a] = 0; 1846 press_key(vs, 0xffe5); 1847 } 1848 } else { 1849 if (uppercase != shift) { 1850 trace_vnc_key_sync_capslock(true); 1851 vs->modifiers_state[0x3a] = 1; 1852 press_key(vs, 0xffe5); 1853 } 1854 } 1855 } 1856 1857 if (qemu_console_is_graphic(NULL)) { 1858 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, down); 1859 qemu_input_event_send_key_delay(vs->vd->key_delay_ms); 1860 } else { 1861 bool numlock = vs->modifiers_state[0x45]; 1862 bool control = (vs->modifiers_state[0x1d] || 1863 vs->modifiers_state[0x9d]); 1864 /* QEMU console emulation */ 1865 if (down) { 1866 switch (keycode) { 1867 case 0x2a: /* Left Shift */ 1868 case 0x36: /* Right Shift */ 1869 case 0x1d: /* Left CTRL */ 1870 case 0x9d: /* Right CTRL */ 1871 case 0x38: /* Left ALT */ 1872 case 0xb8: /* Right ALT */ 1873 break; 1874 case 0xc8: 1875 kbd_put_keysym(QEMU_KEY_UP); 1876 break; 1877 case 0xd0: 1878 kbd_put_keysym(QEMU_KEY_DOWN); 1879 break; 1880 case 0xcb: 1881 kbd_put_keysym(QEMU_KEY_LEFT); 1882 break; 1883 case 0xcd: 1884 kbd_put_keysym(QEMU_KEY_RIGHT); 1885 break; 1886 case 0xd3: 1887 kbd_put_keysym(QEMU_KEY_DELETE); 1888 break; 1889 case 0xc7: 1890 kbd_put_keysym(QEMU_KEY_HOME); 1891 break; 1892 case 0xcf: 1893 kbd_put_keysym(QEMU_KEY_END); 1894 break; 1895 case 0xc9: 1896 kbd_put_keysym(QEMU_KEY_PAGEUP); 1897 break; 1898 case 0xd1: 1899 kbd_put_keysym(QEMU_KEY_PAGEDOWN); 1900 break; 1901 1902 case 0x47: 1903 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME); 1904 break; 1905 case 0x48: 1906 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP); 1907 break; 1908 case 0x49: 1909 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP); 1910 break; 1911 case 0x4b: 1912 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT); 1913 break; 1914 case 0x4c: 1915 kbd_put_keysym('5'); 1916 break; 1917 case 0x4d: 1918 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT); 1919 break; 1920 case 0x4f: 1921 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END); 1922 break; 1923 case 0x50: 1924 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN); 1925 break; 1926 case 0x51: 1927 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN); 1928 break; 1929 case 0x52: 1930 kbd_put_keysym('0'); 1931 break; 1932 case 0x53: 1933 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE); 1934 break; 1935 1936 case 0xb5: 1937 kbd_put_keysym('/'); 1938 break; 1939 case 0x37: 1940 kbd_put_keysym('*'); 1941 break; 1942 case 0x4a: 1943 kbd_put_keysym('-'); 1944 break; 1945 case 0x4e: 1946 kbd_put_keysym('+'); 1947 break; 1948 case 0x9c: 1949 kbd_put_keysym('\n'); 1950 break; 1951 1952 default: 1953 if (control) { 1954 kbd_put_keysym(sym & 0x1f); 1955 } else { 1956 kbd_put_keysym(sym); 1957 } 1958 break; 1959 } 1960 } 1961 } 1962 } 1963 1964 static void vnc_release_modifiers(VncState *vs) 1965 { 1966 static const int keycodes[] = { 1967 /* shift, control, alt keys, both left & right */ 1968 0x2a, 0x36, 0x1d, 0x9d, 0x38, 0xb8, 1969 }; 1970 int i, keycode; 1971 1972 if (!qemu_console_is_graphic(NULL)) { 1973 return; 1974 } 1975 for (i = 0; i < ARRAY_SIZE(keycodes); i++) { 1976 keycode = keycodes[i]; 1977 if (!vs->modifiers_state[keycode]) { 1978 continue; 1979 } 1980 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false); 1981 qemu_input_event_send_key_delay(vs->vd->key_delay_ms); 1982 } 1983 } 1984 1985 static const char *code2name(int keycode) 1986 { 1987 return QKeyCode_str(qemu_input_key_number_to_qcode(keycode)); 1988 } 1989 1990 static void key_event(VncState *vs, int down, uint32_t sym) 1991 { 1992 int keycode; 1993 int lsym = sym; 1994 1995 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) { 1996 lsym = lsym - 'A' + 'a'; 1997 } 1998 1999 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF) & SCANCODE_KEYMASK; 2000 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode)); 2001 do_key_event(vs, down, keycode, sym); 2002 } 2003 2004 static void ext_key_event(VncState *vs, int down, 2005 uint32_t sym, uint16_t keycode) 2006 { 2007 /* if the user specifies a keyboard layout, always use it */ 2008 if (keyboard_layout) { 2009 key_event(vs, down, sym); 2010 } else { 2011 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode)); 2012 do_key_event(vs, down, keycode, sym); 2013 } 2014 } 2015 2016 static void framebuffer_update_request(VncState *vs, int incremental, 2017 int x, int y, int w, int h) 2018 { 2019 if (incremental) { 2020 if (vs->update != VNC_STATE_UPDATE_FORCE) { 2021 vs->update = VNC_STATE_UPDATE_INCREMENTAL; 2022 } 2023 } else { 2024 vs->update = VNC_STATE_UPDATE_FORCE; 2025 vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h); 2026 } 2027 } 2028 2029 static void send_ext_key_event_ack(VncState *vs) 2030 { 2031 vnc_lock_output(vs); 2032 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2033 vnc_write_u8(vs, 0); 2034 vnc_write_u16(vs, 1); 2035 vnc_framebuffer_update(vs, 0, 0, 2036 pixman_image_get_width(vs->vd->server), 2037 pixman_image_get_height(vs->vd->server), 2038 VNC_ENCODING_EXT_KEY_EVENT); 2039 vnc_unlock_output(vs); 2040 vnc_flush(vs); 2041 } 2042 2043 static void send_ext_audio_ack(VncState *vs) 2044 { 2045 vnc_lock_output(vs); 2046 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2047 vnc_write_u8(vs, 0); 2048 vnc_write_u16(vs, 1); 2049 vnc_framebuffer_update(vs, 0, 0, 2050 pixman_image_get_width(vs->vd->server), 2051 pixman_image_get_height(vs->vd->server), 2052 VNC_ENCODING_AUDIO); 2053 vnc_unlock_output(vs); 2054 vnc_flush(vs); 2055 } 2056 2057 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings) 2058 { 2059 int i; 2060 unsigned int enc = 0; 2061 2062 vs->features = 0; 2063 vs->vnc_encoding = 0; 2064 vs->tight.compression = 9; 2065 vs->tight.quality = -1; /* Lossless by default */ 2066 vs->absolute = -1; 2067 2068 /* 2069 * Start from the end because the encodings are sent in order of preference. 2070 * This way the preferred encoding (first encoding defined in the array) 2071 * will be set at the end of the loop. 2072 */ 2073 for (i = n_encodings - 1; i >= 0; i--) { 2074 enc = encodings[i]; 2075 switch (enc) { 2076 case VNC_ENCODING_RAW: 2077 vs->vnc_encoding = enc; 2078 break; 2079 case VNC_ENCODING_COPYRECT: 2080 vs->features |= VNC_FEATURE_COPYRECT_MASK; 2081 break; 2082 case VNC_ENCODING_HEXTILE: 2083 vs->features |= VNC_FEATURE_HEXTILE_MASK; 2084 vs->vnc_encoding = enc; 2085 break; 2086 case VNC_ENCODING_TIGHT: 2087 vs->features |= VNC_FEATURE_TIGHT_MASK; 2088 vs->vnc_encoding = enc; 2089 break; 2090 #ifdef CONFIG_VNC_PNG 2091 case VNC_ENCODING_TIGHT_PNG: 2092 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK; 2093 vs->vnc_encoding = enc; 2094 break; 2095 #endif 2096 case VNC_ENCODING_ZLIB: 2097 vs->features |= VNC_FEATURE_ZLIB_MASK; 2098 vs->vnc_encoding = enc; 2099 break; 2100 case VNC_ENCODING_ZRLE: 2101 vs->features |= VNC_FEATURE_ZRLE_MASK; 2102 vs->vnc_encoding = enc; 2103 break; 2104 case VNC_ENCODING_ZYWRLE: 2105 vs->features |= VNC_FEATURE_ZYWRLE_MASK; 2106 vs->vnc_encoding = enc; 2107 break; 2108 case VNC_ENCODING_DESKTOPRESIZE: 2109 vs->features |= VNC_FEATURE_RESIZE_MASK; 2110 break; 2111 case VNC_ENCODING_POINTER_TYPE_CHANGE: 2112 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK; 2113 break; 2114 case VNC_ENCODING_RICH_CURSOR: 2115 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK; 2116 if (vs->vd->cursor) { 2117 vnc_cursor_define(vs); 2118 } 2119 break; 2120 case VNC_ENCODING_EXT_KEY_EVENT: 2121 send_ext_key_event_ack(vs); 2122 break; 2123 case VNC_ENCODING_AUDIO: 2124 send_ext_audio_ack(vs); 2125 break; 2126 case VNC_ENCODING_WMVi: 2127 vs->features |= VNC_FEATURE_WMVI_MASK; 2128 break; 2129 case VNC_ENCODING_LED_STATE: 2130 vs->features |= VNC_FEATURE_LED_STATE_MASK; 2131 break; 2132 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9: 2133 vs->tight.compression = (enc & 0x0F); 2134 break; 2135 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9: 2136 if (vs->vd->lossy) { 2137 vs->tight.quality = (enc & 0x0F); 2138 } 2139 break; 2140 default: 2141 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc); 2142 break; 2143 } 2144 } 2145 vnc_desktop_resize(vs); 2146 check_pointer_type_change(&vs->mouse_mode_notifier, NULL); 2147 vnc_led_state_change(vs); 2148 } 2149 2150 static void set_pixel_conversion(VncState *vs) 2151 { 2152 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf); 2153 2154 if (fmt == VNC_SERVER_FB_FORMAT) { 2155 vs->write_pixels = vnc_write_pixels_copy; 2156 vnc_hextile_set_pixel_conversion(vs, 0); 2157 } else { 2158 vs->write_pixels = vnc_write_pixels_generic; 2159 vnc_hextile_set_pixel_conversion(vs, 1); 2160 } 2161 } 2162 2163 static void send_color_map(VncState *vs) 2164 { 2165 int i; 2166 2167 vnc_write_u8(vs, VNC_MSG_SERVER_SET_COLOUR_MAP_ENTRIES); 2168 vnc_write_u8(vs, 0); /* padding */ 2169 vnc_write_u16(vs, 0); /* first color */ 2170 vnc_write_u16(vs, 256); /* # of colors */ 2171 2172 for (i = 0; i < 256; i++) { 2173 PixelFormat *pf = &vs->client_pf; 2174 2175 vnc_write_u16(vs, (((i >> pf->rshift) & pf->rmax) << (16 - pf->rbits))); 2176 vnc_write_u16(vs, (((i >> pf->gshift) & pf->gmax) << (16 - pf->gbits))); 2177 vnc_write_u16(vs, (((i >> pf->bshift) & pf->bmax) << (16 - pf->bbits))); 2178 } 2179 } 2180 2181 static void set_pixel_format(VncState *vs, int bits_per_pixel, 2182 int big_endian_flag, int true_color_flag, 2183 int red_max, int green_max, int blue_max, 2184 int red_shift, int green_shift, int blue_shift) 2185 { 2186 if (!true_color_flag) { 2187 /* Expose a reasonable default 256 color map */ 2188 bits_per_pixel = 8; 2189 red_max = 7; 2190 green_max = 7; 2191 blue_max = 3; 2192 red_shift = 0; 2193 green_shift = 3; 2194 blue_shift = 6; 2195 } 2196 2197 switch (bits_per_pixel) { 2198 case 8: 2199 case 16: 2200 case 32: 2201 break; 2202 default: 2203 vnc_client_error(vs); 2204 return; 2205 } 2206 2207 vs->client_pf.rmax = red_max ? red_max : 0xFF; 2208 vs->client_pf.rbits = ctpopl(red_max); 2209 vs->client_pf.rshift = red_shift; 2210 vs->client_pf.rmask = red_max << red_shift; 2211 vs->client_pf.gmax = green_max ? green_max : 0xFF; 2212 vs->client_pf.gbits = ctpopl(green_max); 2213 vs->client_pf.gshift = green_shift; 2214 vs->client_pf.gmask = green_max << green_shift; 2215 vs->client_pf.bmax = blue_max ? blue_max : 0xFF; 2216 vs->client_pf.bbits = ctpopl(blue_max); 2217 vs->client_pf.bshift = blue_shift; 2218 vs->client_pf.bmask = blue_max << blue_shift; 2219 vs->client_pf.bits_per_pixel = bits_per_pixel; 2220 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8; 2221 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel; 2222 vs->client_be = big_endian_flag; 2223 2224 if (!true_color_flag) { 2225 send_color_map(vs); 2226 } 2227 2228 set_pixel_conversion(vs); 2229 2230 graphic_hw_invalidate(vs->vd->dcl.con); 2231 graphic_hw_update(vs->vd->dcl.con); 2232 } 2233 2234 static void pixel_format_message (VncState *vs) { 2235 char pad[3] = { 0, 0, 0 }; 2236 2237 vs->client_pf = qemu_default_pixelformat(32); 2238 2239 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */ 2240 vnc_write_u8(vs, vs->client_pf.depth); /* depth */ 2241 2242 #ifdef HOST_WORDS_BIGENDIAN 2243 vnc_write_u8(vs, 1); /* big-endian-flag */ 2244 #else 2245 vnc_write_u8(vs, 0); /* big-endian-flag */ 2246 #endif 2247 vnc_write_u8(vs, 1); /* true-color-flag */ 2248 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */ 2249 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */ 2250 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */ 2251 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */ 2252 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */ 2253 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */ 2254 vnc_write(vs, pad, 3); /* padding */ 2255 2256 vnc_hextile_set_pixel_conversion(vs, 0); 2257 vs->write_pixels = vnc_write_pixels_copy; 2258 } 2259 2260 static void vnc_colordepth(VncState *vs) 2261 { 2262 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) { 2263 /* Sending a WMVi message to notify the client*/ 2264 vnc_lock_output(vs); 2265 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE); 2266 vnc_write_u8(vs, 0); 2267 vnc_write_u16(vs, 1); /* number of rects */ 2268 vnc_framebuffer_update(vs, 0, 0, 2269 pixman_image_get_width(vs->vd->server), 2270 pixman_image_get_height(vs->vd->server), 2271 VNC_ENCODING_WMVi); 2272 pixel_format_message(vs); 2273 vnc_unlock_output(vs); 2274 vnc_flush(vs); 2275 } else { 2276 set_pixel_conversion(vs); 2277 } 2278 } 2279 2280 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len) 2281 { 2282 int i; 2283 uint16_t limit; 2284 VncDisplay *vd = vs->vd; 2285 2286 if (data[0] > 3) { 2287 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 2288 } 2289 2290 switch (data[0]) { 2291 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT: 2292 if (len == 1) 2293 return 20; 2294 2295 set_pixel_format(vs, read_u8(data, 4), 2296 read_u8(data, 6), read_u8(data, 7), 2297 read_u16(data, 8), read_u16(data, 10), 2298 read_u16(data, 12), read_u8(data, 14), 2299 read_u8(data, 15), read_u8(data, 16)); 2300 break; 2301 case VNC_MSG_CLIENT_SET_ENCODINGS: 2302 if (len == 1) 2303 return 4; 2304 2305 if (len == 4) { 2306 limit = read_u16(data, 2); 2307 if (limit > 0) 2308 return 4 + (limit * 4); 2309 } else 2310 limit = read_u16(data, 2); 2311 2312 for (i = 0; i < limit; i++) { 2313 int32_t val = read_s32(data, 4 + (i * 4)); 2314 memcpy(data + 4 + (i * 4), &val, sizeof(val)); 2315 } 2316 2317 set_encodings(vs, (int32_t *)(data + 4), limit); 2318 break; 2319 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST: 2320 if (len == 1) 2321 return 10; 2322 2323 framebuffer_update_request(vs, 2324 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4), 2325 read_u16(data, 6), read_u16(data, 8)); 2326 break; 2327 case VNC_MSG_CLIENT_KEY_EVENT: 2328 if (len == 1) 2329 return 8; 2330 2331 key_event(vs, read_u8(data, 1), read_u32(data, 4)); 2332 break; 2333 case VNC_MSG_CLIENT_POINTER_EVENT: 2334 if (len == 1) 2335 return 6; 2336 2337 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4)); 2338 break; 2339 case VNC_MSG_CLIENT_CUT_TEXT: 2340 if (len == 1) { 2341 return 8; 2342 } 2343 if (len == 8) { 2344 uint32_t dlen = read_u32(data, 4); 2345 if (dlen > (1 << 20)) { 2346 error_report("vnc: client_cut_text msg payload has %u bytes" 2347 " which exceeds our limit of 1MB.", dlen); 2348 vnc_client_error(vs); 2349 break; 2350 } 2351 if (dlen > 0) { 2352 return 8 + dlen; 2353 } 2354 } 2355 2356 client_cut_text(vs, read_u32(data, 4), data + 8); 2357 break; 2358 case VNC_MSG_CLIENT_QEMU: 2359 if (len == 1) 2360 return 2; 2361 2362 switch (read_u8(data, 1)) { 2363 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT: 2364 if (len == 2) 2365 return 12; 2366 2367 ext_key_event(vs, read_u16(data, 2), 2368 read_u32(data, 4), read_u32(data, 8)); 2369 break; 2370 case VNC_MSG_CLIENT_QEMU_AUDIO: 2371 if (len == 2) 2372 return 4; 2373 2374 switch (read_u16 (data, 2)) { 2375 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE: 2376 audio_add(vs); 2377 break; 2378 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE: 2379 audio_del(vs); 2380 break; 2381 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT: 2382 if (len == 4) 2383 return 10; 2384 switch (read_u8(data, 4)) { 2385 case 0: vs->as.fmt = AUD_FMT_U8; break; 2386 case 1: vs->as.fmt = AUD_FMT_S8; break; 2387 case 2: vs->as.fmt = AUD_FMT_U16; break; 2388 case 3: vs->as.fmt = AUD_FMT_S16; break; 2389 case 4: vs->as.fmt = AUD_FMT_U32; break; 2390 case 5: vs->as.fmt = AUD_FMT_S32; break; 2391 default: 2392 VNC_DEBUG("Invalid audio format %d\n", read_u8(data, 4)); 2393 vnc_client_error(vs); 2394 break; 2395 } 2396 vs->as.nchannels = read_u8(data, 5); 2397 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) { 2398 VNC_DEBUG("Invalid audio channel count %d\n", 2399 read_u8(data, 5)); 2400 vnc_client_error(vs); 2401 break; 2402 } 2403 vs->as.freq = read_u32(data, 6); 2404 break; 2405 default: 2406 VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4)); 2407 vnc_client_error(vs); 2408 break; 2409 } 2410 break; 2411 2412 default: 2413 VNC_DEBUG("Msg: %d\n", read_u16(data, 0)); 2414 vnc_client_error(vs); 2415 break; 2416 } 2417 break; 2418 default: 2419 VNC_DEBUG("Msg: %d\n", data[0]); 2420 vnc_client_error(vs); 2421 break; 2422 } 2423 2424 vnc_update_throttle_offset(vs); 2425 vnc_read_when(vs, protocol_client_msg, 1); 2426 return 0; 2427 } 2428 2429 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len) 2430 { 2431 char buf[1024]; 2432 VncShareMode mode; 2433 int size; 2434 2435 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE; 2436 switch (vs->vd->share_policy) { 2437 case VNC_SHARE_POLICY_IGNORE: 2438 /* 2439 * Ignore the shared flag. Nothing to do here. 2440 * 2441 * Doesn't conform to the rfb spec but is traditional qemu 2442 * behavior, thus left here as option for compatibility 2443 * reasons. 2444 */ 2445 break; 2446 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE: 2447 /* 2448 * Policy: Allow clients ask for exclusive access. 2449 * 2450 * Implementation: When a client asks for exclusive access, 2451 * disconnect all others. Shared connects are allowed as long 2452 * as no exclusive connection exists. 2453 * 2454 * This is how the rfb spec suggests to handle the shared flag. 2455 */ 2456 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2457 VncState *client; 2458 QTAILQ_FOREACH(client, &vs->vd->clients, next) { 2459 if (vs == client) { 2460 continue; 2461 } 2462 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE && 2463 client->share_mode != VNC_SHARE_MODE_SHARED) { 2464 continue; 2465 } 2466 vnc_disconnect_start(client); 2467 } 2468 } 2469 if (mode == VNC_SHARE_MODE_SHARED) { 2470 if (vs->vd->num_exclusive > 0) { 2471 vnc_disconnect_start(vs); 2472 return 0; 2473 } 2474 } 2475 break; 2476 case VNC_SHARE_POLICY_FORCE_SHARED: 2477 /* 2478 * Policy: Shared connects only. 2479 * Implementation: Disallow clients asking for exclusive access. 2480 * 2481 * Useful for shared desktop sessions where you don't want 2482 * someone forgetting to say -shared when running the vnc 2483 * client disconnect everybody else. 2484 */ 2485 if (mode == VNC_SHARE_MODE_EXCLUSIVE) { 2486 vnc_disconnect_start(vs); 2487 return 0; 2488 } 2489 break; 2490 } 2491 vnc_set_share_mode(vs, mode); 2492 2493 if (vs->vd->num_shared > vs->vd->connections_limit) { 2494 vnc_disconnect_start(vs); 2495 return 0; 2496 } 2497 2498 assert(pixman_image_get_width(vs->vd->server) < 65536 && 2499 pixman_image_get_width(vs->vd->server) >= 0); 2500 assert(pixman_image_get_height(vs->vd->server) < 65536 && 2501 pixman_image_get_height(vs->vd->server) >= 0); 2502 vs->client_width = pixman_image_get_width(vs->vd->server); 2503 vs->client_height = pixman_image_get_height(vs->vd->server); 2504 vnc_write_u16(vs, vs->client_width); 2505 vnc_write_u16(vs, vs->client_height); 2506 2507 pixel_format_message(vs); 2508 2509 if (qemu_name) { 2510 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name); 2511 if (size > sizeof(buf)) { 2512 size = sizeof(buf); 2513 } 2514 } else { 2515 size = snprintf(buf, sizeof(buf), "QEMU"); 2516 } 2517 2518 vnc_write_u32(vs, size); 2519 vnc_write(vs, buf, size); 2520 vnc_flush(vs); 2521 2522 vnc_client_cache_auth(vs); 2523 vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED); 2524 2525 vnc_read_when(vs, protocol_client_msg, 1); 2526 2527 return 0; 2528 } 2529 2530 void start_client_init(VncState *vs) 2531 { 2532 vnc_read_when(vs, protocol_client_init, 1); 2533 } 2534 2535 static void make_challenge(VncState *vs) 2536 { 2537 int i; 2538 2539 srand(time(NULL)+getpid()+getpid()*987654+rand()); 2540 2541 for (i = 0 ; i < sizeof(vs->challenge) ; i++) 2542 vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0)); 2543 } 2544 2545 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) 2546 { 2547 unsigned char response[VNC_AUTH_CHALLENGE_SIZE]; 2548 size_t i, pwlen; 2549 unsigned char key[8]; 2550 time_t now = time(NULL); 2551 QCryptoCipher *cipher = NULL; 2552 Error *err = NULL; 2553 2554 if (!vs->vd->password) { 2555 trace_vnc_auth_fail(vs, vs->auth, "password is not set", ""); 2556 goto reject; 2557 } 2558 if (vs->vd->expires < now) { 2559 trace_vnc_auth_fail(vs, vs->auth, "password is expired", ""); 2560 goto reject; 2561 } 2562 2563 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE); 2564 2565 /* Calculate the expected challenge response */ 2566 pwlen = strlen(vs->vd->password); 2567 for (i=0; i<sizeof(key); i++) 2568 key[i] = i<pwlen ? vs->vd->password[i] : 0; 2569 2570 cipher = qcrypto_cipher_new( 2571 QCRYPTO_CIPHER_ALG_DES_RFB, 2572 QCRYPTO_CIPHER_MODE_ECB, 2573 key, G_N_ELEMENTS(key), 2574 &err); 2575 if (!cipher) { 2576 trace_vnc_auth_fail(vs, vs->auth, "cannot create cipher", 2577 error_get_pretty(err)); 2578 error_free(err); 2579 goto reject; 2580 } 2581 2582 if (qcrypto_cipher_encrypt(cipher, 2583 vs->challenge, 2584 response, 2585 VNC_AUTH_CHALLENGE_SIZE, 2586 &err) < 0) { 2587 trace_vnc_auth_fail(vs, vs->auth, "cannot encrypt challenge response", 2588 error_get_pretty(err)); 2589 error_free(err); 2590 goto reject; 2591 } 2592 2593 /* Compare expected vs actual challenge response */ 2594 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) { 2595 trace_vnc_auth_fail(vs, vs->auth, "mis-matched challenge response", ""); 2596 goto reject; 2597 } else { 2598 trace_vnc_auth_pass(vs, vs->auth); 2599 vnc_write_u32(vs, 0); /* Accept auth */ 2600 vnc_flush(vs); 2601 2602 start_client_init(vs); 2603 } 2604 2605 qcrypto_cipher_free(cipher); 2606 return 0; 2607 2608 reject: 2609 vnc_write_u32(vs, 1); /* Reject auth */ 2610 if (vs->minor >= 8) { 2611 static const char err[] = "Authentication failed"; 2612 vnc_write_u32(vs, sizeof(err)); 2613 vnc_write(vs, err, sizeof(err)); 2614 } 2615 vnc_flush(vs); 2616 vnc_client_error(vs); 2617 qcrypto_cipher_free(cipher); 2618 return 0; 2619 } 2620 2621 void start_auth_vnc(VncState *vs) 2622 { 2623 make_challenge(vs); 2624 /* Send client a 'random' challenge */ 2625 vnc_write(vs, vs->challenge, sizeof(vs->challenge)); 2626 vnc_flush(vs); 2627 2628 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge)); 2629 } 2630 2631 2632 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len) 2633 { 2634 /* We only advertise 1 auth scheme at a time, so client 2635 * must pick the one we sent. Verify this */ 2636 if (data[0] != vs->auth) { /* Reject auth */ 2637 trace_vnc_auth_reject(vs, vs->auth, (int)data[0]); 2638 vnc_write_u32(vs, 1); 2639 if (vs->minor >= 8) { 2640 static const char err[] = "Authentication failed"; 2641 vnc_write_u32(vs, sizeof(err)); 2642 vnc_write(vs, err, sizeof(err)); 2643 } 2644 vnc_client_error(vs); 2645 } else { /* Accept requested auth */ 2646 trace_vnc_auth_start(vs, vs->auth); 2647 switch (vs->auth) { 2648 case VNC_AUTH_NONE: 2649 if (vs->minor >= 8) { 2650 vnc_write_u32(vs, 0); /* Accept auth completion */ 2651 vnc_flush(vs); 2652 } 2653 trace_vnc_auth_pass(vs, vs->auth); 2654 start_client_init(vs); 2655 break; 2656 2657 case VNC_AUTH_VNC: 2658 start_auth_vnc(vs); 2659 break; 2660 2661 case VNC_AUTH_VENCRYPT: 2662 start_auth_vencrypt(vs); 2663 break; 2664 2665 #ifdef CONFIG_VNC_SASL 2666 case VNC_AUTH_SASL: 2667 start_auth_sasl(vs); 2668 break; 2669 #endif /* CONFIG_VNC_SASL */ 2670 2671 default: /* Should not be possible, but just in case */ 2672 trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", ""); 2673 vnc_write_u8(vs, 1); 2674 if (vs->minor >= 8) { 2675 static const char err[] = "Authentication failed"; 2676 vnc_write_u32(vs, sizeof(err)); 2677 vnc_write(vs, err, sizeof(err)); 2678 } 2679 vnc_client_error(vs); 2680 } 2681 } 2682 return 0; 2683 } 2684 2685 static int protocol_version(VncState *vs, uint8_t *version, size_t len) 2686 { 2687 char local[13]; 2688 2689 memcpy(local, version, 12); 2690 local[12] = 0; 2691 2692 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) { 2693 VNC_DEBUG("Malformed protocol version %s\n", local); 2694 vnc_client_error(vs); 2695 return 0; 2696 } 2697 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor); 2698 if (vs->major != 3 || 2699 (vs->minor != 3 && 2700 vs->minor != 4 && 2701 vs->minor != 5 && 2702 vs->minor != 7 && 2703 vs->minor != 8)) { 2704 VNC_DEBUG("Unsupported client version\n"); 2705 vnc_write_u32(vs, VNC_AUTH_INVALID); 2706 vnc_flush(vs); 2707 vnc_client_error(vs); 2708 return 0; 2709 } 2710 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated 2711 * as equivalent to v3.3 by servers 2712 */ 2713 if (vs->minor == 4 || vs->minor == 5) 2714 vs->minor = 3; 2715 2716 if (vs->minor == 3) { 2717 trace_vnc_auth_start(vs, vs->auth); 2718 if (vs->auth == VNC_AUTH_NONE) { 2719 vnc_write_u32(vs, vs->auth); 2720 vnc_flush(vs); 2721 trace_vnc_auth_pass(vs, vs->auth); 2722 start_client_init(vs); 2723 } else if (vs->auth == VNC_AUTH_VNC) { 2724 VNC_DEBUG("Tell client VNC auth\n"); 2725 vnc_write_u32(vs, vs->auth); 2726 vnc_flush(vs); 2727 start_auth_vnc(vs); 2728 } else { 2729 trace_vnc_auth_fail(vs, vs->auth, 2730 "Unsupported auth method for v3.3", ""); 2731 vnc_write_u32(vs, VNC_AUTH_INVALID); 2732 vnc_flush(vs); 2733 vnc_client_error(vs); 2734 } 2735 } else { 2736 vnc_write_u8(vs, 1); /* num auth */ 2737 vnc_write_u8(vs, vs->auth); 2738 vnc_read_when(vs, protocol_client_auth, 1); 2739 vnc_flush(vs); 2740 } 2741 2742 return 0; 2743 } 2744 2745 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y) 2746 { 2747 struct VncSurface *vs = &vd->guest; 2748 2749 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT]; 2750 } 2751 2752 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h) 2753 { 2754 int i, j; 2755 2756 w = (x + w) / VNC_STAT_RECT; 2757 h = (y + h) / VNC_STAT_RECT; 2758 x /= VNC_STAT_RECT; 2759 y /= VNC_STAT_RECT; 2760 2761 for (j = y; j <= h; j++) { 2762 for (i = x; i <= w; i++) { 2763 vs->lossy_rect[j][i] = 1; 2764 } 2765 } 2766 } 2767 2768 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y) 2769 { 2770 VncState *vs; 2771 int sty = y / VNC_STAT_RECT; 2772 int stx = x / VNC_STAT_RECT; 2773 int has_dirty = 0; 2774 2775 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2776 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2777 2778 QTAILQ_FOREACH(vs, &vd->clients, next) { 2779 int j; 2780 2781 /* kernel send buffers are full -> refresh later */ 2782 if (vs->output.offset) { 2783 continue; 2784 } 2785 2786 if (!vs->lossy_rect[sty][stx]) { 2787 continue; 2788 } 2789 2790 vs->lossy_rect[sty][stx] = 0; 2791 for (j = 0; j < VNC_STAT_RECT; ++j) { 2792 bitmap_set(vs->dirty[y + j], 2793 x / VNC_DIRTY_PIXELS_PER_BIT, 2794 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT); 2795 } 2796 has_dirty++; 2797 } 2798 2799 return has_dirty; 2800 } 2801 2802 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv) 2803 { 2804 int width = MIN(pixman_image_get_width(vd->guest.fb), 2805 pixman_image_get_width(vd->server)); 2806 int height = MIN(pixman_image_get_height(vd->guest.fb), 2807 pixman_image_get_height(vd->server)); 2808 int x, y; 2809 struct timeval res; 2810 int has_dirty = 0; 2811 2812 for (y = 0; y < height; y += VNC_STAT_RECT) { 2813 for (x = 0; x < width; x += VNC_STAT_RECT) { 2814 VncRectStat *rect = vnc_stat_rect(vd, x, y); 2815 2816 rect->updated = false; 2817 } 2818 } 2819 2820 qemu_timersub(tv, &VNC_REFRESH_STATS, &res); 2821 2822 if (timercmp(&vd->guest.last_freq_check, &res, >)) { 2823 return has_dirty; 2824 } 2825 vd->guest.last_freq_check = *tv; 2826 2827 for (y = 0; y < height; y += VNC_STAT_RECT) { 2828 for (x = 0; x < width; x += VNC_STAT_RECT) { 2829 VncRectStat *rect= vnc_stat_rect(vd, x, y); 2830 int count = ARRAY_SIZE(rect->times); 2831 struct timeval min, max; 2832 2833 if (!timerisset(&rect->times[count - 1])) { 2834 continue ; 2835 } 2836 2837 max = rect->times[(rect->idx + count - 1) % count]; 2838 qemu_timersub(tv, &max, &res); 2839 2840 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) { 2841 rect->freq = 0; 2842 has_dirty += vnc_refresh_lossy_rect(vd, x, y); 2843 memset(rect->times, 0, sizeof (rect->times)); 2844 continue ; 2845 } 2846 2847 min = rect->times[rect->idx]; 2848 max = rect->times[(rect->idx + count - 1) % count]; 2849 qemu_timersub(&max, &min, &res); 2850 2851 rect->freq = res.tv_sec + res.tv_usec / 1000000.; 2852 rect->freq /= count; 2853 rect->freq = 1. / rect->freq; 2854 } 2855 } 2856 return has_dirty; 2857 } 2858 2859 double vnc_update_freq(VncState *vs, int x, int y, int w, int h) 2860 { 2861 int i, j; 2862 double total = 0; 2863 int num = 0; 2864 2865 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT); 2866 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT); 2867 2868 for (j = y; j <= y + h; j += VNC_STAT_RECT) { 2869 for (i = x; i <= x + w; i += VNC_STAT_RECT) { 2870 total += vnc_stat_rect(vs->vd, i, j)->freq; 2871 num++; 2872 } 2873 } 2874 2875 if (num) { 2876 return total / num; 2877 } else { 2878 return 0; 2879 } 2880 } 2881 2882 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv) 2883 { 2884 VncRectStat *rect; 2885 2886 rect = vnc_stat_rect(vd, x, y); 2887 if (rect->updated) { 2888 return ; 2889 } 2890 rect->times[rect->idx] = *tv; 2891 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times); 2892 rect->updated = true; 2893 } 2894 2895 static int vnc_refresh_server_surface(VncDisplay *vd) 2896 { 2897 int width = MIN(pixman_image_get_width(vd->guest.fb), 2898 pixman_image_get_width(vd->server)); 2899 int height = MIN(pixman_image_get_height(vd->guest.fb), 2900 pixman_image_get_height(vd->server)); 2901 int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0; 2902 uint8_t *guest_row0 = NULL, *server_row0; 2903 VncState *vs; 2904 int has_dirty = 0; 2905 pixman_image_t *tmpbuf = NULL; 2906 2907 struct timeval tv = { 0, 0 }; 2908 2909 if (!vd->non_adaptive) { 2910 gettimeofday(&tv, NULL); 2911 has_dirty = vnc_update_stats(vd, &tv); 2912 } 2913 2914 /* 2915 * Walk through the guest dirty map. 2916 * Check and copy modified bits from guest to server surface. 2917 * Update server dirty map. 2918 */ 2919 server_row0 = (uint8_t *)pixman_image_get_data(vd->server); 2920 server_stride = guest_stride = guest_ll = 2921 pixman_image_get_stride(vd->server); 2922 cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES, 2923 server_stride); 2924 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 2925 int width = pixman_image_get_width(vd->server); 2926 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width); 2927 } else { 2928 int guest_bpp = 2929 PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb)); 2930 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb); 2931 guest_stride = pixman_image_get_stride(vd->guest.fb); 2932 guest_ll = pixman_image_get_width(vd->guest.fb) * (DIV_ROUND_UP(guest_bpp, 8)); 2933 } 2934 line_bytes = MIN(server_stride, guest_ll); 2935 2936 for (;;) { 2937 int x; 2938 uint8_t *guest_ptr, *server_ptr; 2939 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty, 2940 height * VNC_DIRTY_BPL(&vd->guest), 2941 y * VNC_DIRTY_BPL(&vd->guest)); 2942 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) { 2943 /* no more dirty bits */ 2944 break; 2945 } 2946 y = offset / VNC_DIRTY_BPL(&vd->guest); 2947 x = offset % VNC_DIRTY_BPL(&vd->guest); 2948 2949 server_ptr = server_row0 + y * server_stride + x * cmp_bytes; 2950 2951 if (vd->guest.format != VNC_SERVER_FB_FORMAT) { 2952 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y); 2953 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf); 2954 } else { 2955 guest_ptr = guest_row0 + y * guest_stride; 2956 } 2957 guest_ptr += x * cmp_bytes; 2958 2959 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT); 2960 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) { 2961 int _cmp_bytes = cmp_bytes; 2962 if (!test_and_clear_bit(x, vd->guest.dirty[y])) { 2963 continue; 2964 } 2965 if ((x + 1) * cmp_bytes > line_bytes) { 2966 _cmp_bytes = line_bytes - x * cmp_bytes; 2967 } 2968 assert(_cmp_bytes >= 0); 2969 if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) { 2970 continue; 2971 } 2972 memcpy(server_ptr, guest_ptr, _cmp_bytes); 2973 if (!vd->non_adaptive) { 2974 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT, 2975 y, &tv); 2976 } 2977 QTAILQ_FOREACH(vs, &vd->clients, next) { 2978 set_bit(x, vs->dirty[y]); 2979 } 2980 has_dirty++; 2981 } 2982 2983 y++; 2984 } 2985 qemu_pixman_image_unref(tmpbuf); 2986 return has_dirty; 2987 } 2988 2989 static void vnc_refresh(DisplayChangeListener *dcl) 2990 { 2991 VncDisplay *vd = container_of(dcl, VncDisplay, dcl); 2992 VncState *vs, *vn; 2993 int has_dirty, rects = 0; 2994 2995 if (QTAILQ_EMPTY(&vd->clients)) { 2996 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX); 2997 return; 2998 } 2999 3000 graphic_hw_update(vd->dcl.con); 3001 3002 if (vnc_trylock_display(vd)) { 3003 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3004 return; 3005 } 3006 3007 has_dirty = vnc_refresh_server_surface(vd); 3008 vnc_unlock_display(vd); 3009 3010 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) { 3011 rects += vnc_update_client(vs, has_dirty); 3012 /* vs might be free()ed here */ 3013 } 3014 3015 if (has_dirty && rects) { 3016 vd->dcl.update_interval /= 2; 3017 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) { 3018 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE; 3019 } 3020 } else { 3021 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC; 3022 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) { 3023 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX; 3024 } 3025 } 3026 } 3027 3028 static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc, 3029 bool skipauth, bool websocket) 3030 { 3031 VncState *vs = g_new0(VncState, 1); 3032 bool first_client = QTAILQ_EMPTY(&vd->clients); 3033 int i; 3034 3035 trace_vnc_client_connect(vs, sioc); 3036 vs->sioc = sioc; 3037 object_ref(OBJECT(vs->sioc)); 3038 vs->ioc = QIO_CHANNEL(sioc); 3039 object_ref(OBJECT(vs->ioc)); 3040 vs->vd = vd; 3041 3042 buffer_init(&vs->input, "vnc-input/%p", sioc); 3043 buffer_init(&vs->output, "vnc-output/%p", sioc); 3044 buffer_init(&vs->jobs_buffer, "vnc-jobs_buffer/%p", sioc); 3045 3046 buffer_init(&vs->tight.tight, "vnc-tight/%p", sioc); 3047 buffer_init(&vs->tight.zlib, "vnc-tight-zlib/%p", sioc); 3048 buffer_init(&vs->tight.gradient, "vnc-tight-gradient/%p", sioc); 3049 #ifdef CONFIG_VNC_JPEG 3050 buffer_init(&vs->tight.jpeg, "vnc-tight-jpeg/%p", sioc); 3051 #endif 3052 #ifdef CONFIG_VNC_PNG 3053 buffer_init(&vs->tight.png, "vnc-tight-png/%p", sioc); 3054 #endif 3055 buffer_init(&vs->zlib.zlib, "vnc-zlib/%p", sioc); 3056 buffer_init(&vs->zrle.zrle, "vnc-zrle/%p", sioc); 3057 buffer_init(&vs->zrle.fb, "vnc-zrle-fb/%p", sioc); 3058 buffer_init(&vs->zrle.zlib, "vnc-zrle-zlib/%p", sioc); 3059 3060 if (skipauth) { 3061 vs->auth = VNC_AUTH_NONE; 3062 vs->subauth = VNC_AUTH_INVALID; 3063 } else { 3064 if (websocket) { 3065 vs->auth = vd->ws_auth; 3066 vs->subauth = VNC_AUTH_INVALID; 3067 } else { 3068 vs->auth = vd->auth; 3069 vs->subauth = vd->subauth; 3070 } 3071 } 3072 VNC_DEBUG("Client sioc=%p ws=%d auth=%d subauth=%d\n", 3073 sioc, websocket, vs->auth, vs->subauth); 3074 3075 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect)); 3076 for (i = 0; i < VNC_STAT_ROWS; ++i) { 3077 vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS); 3078 } 3079 3080 VNC_DEBUG("New client on socket %p\n", vs->sioc); 3081 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE); 3082 qio_channel_set_blocking(vs->ioc, false, NULL); 3083 if (vs->ioc_tag) { 3084 g_source_remove(vs->ioc_tag); 3085 } 3086 if (websocket) { 3087 vs->websocket = 1; 3088 if (vd->tlscreds) { 3089 vs->ioc_tag = qio_channel_add_watch( 3090 vs->ioc, G_IO_IN, vncws_tls_handshake_io, vs, NULL); 3091 } else { 3092 vs->ioc_tag = qio_channel_add_watch( 3093 vs->ioc, G_IO_IN, vncws_handshake_io, vs, NULL); 3094 } 3095 } else { 3096 vs->ioc_tag = qio_channel_add_watch( 3097 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL); 3098 } 3099 3100 vnc_client_cache_addr(vs); 3101 vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED); 3102 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING); 3103 3104 vs->last_x = -1; 3105 vs->last_y = -1; 3106 3107 vs->as.freq = 44100; 3108 vs->as.nchannels = 2; 3109 vs->as.fmt = AUD_FMT_S16; 3110 vs->as.endianness = 0; 3111 3112 qemu_mutex_init(&vs->output_mutex); 3113 vs->bh = qemu_bh_new(vnc_jobs_bh, vs); 3114 3115 QTAILQ_INSERT_TAIL(&vd->clients, vs, next); 3116 if (first_client) { 3117 vnc_update_server_surface(vd); 3118 } 3119 3120 graphic_hw_update(vd->dcl.con); 3121 3122 if (!vs->websocket) { 3123 vnc_start_protocol(vs); 3124 } 3125 3126 if (vd->num_connecting > vd->connections_limit) { 3127 QTAILQ_FOREACH(vs, &vd->clients, next) { 3128 if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) { 3129 vnc_disconnect_start(vs); 3130 return; 3131 } 3132 } 3133 } 3134 } 3135 3136 void vnc_start_protocol(VncState *vs) 3137 { 3138 vnc_write(vs, "RFB 003.008\n", 12); 3139 vnc_flush(vs); 3140 vnc_read_when(vs, protocol_version, 12); 3141 3142 vs->mouse_mode_notifier.notify = check_pointer_type_change; 3143 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier); 3144 } 3145 3146 static gboolean vnc_listen_io(QIOChannel *ioc, 3147 GIOCondition condition, 3148 void *opaque) 3149 { 3150 VncDisplay *vd = opaque; 3151 QIOChannelSocket *sioc = NULL; 3152 Error *err = NULL; 3153 bool isWebsock = false; 3154 size_t i; 3155 3156 for (i = 0; i < vd->nlwebsock; i++) { 3157 if (ioc == QIO_CHANNEL(vd->lwebsock[i])) { 3158 isWebsock = true; 3159 break; 3160 } 3161 } 3162 3163 sioc = qio_channel_socket_accept(QIO_CHANNEL_SOCKET(ioc), &err); 3164 if (sioc != NULL) { 3165 qio_channel_set_name(QIO_CHANNEL(sioc), 3166 isWebsock ? "vnc-ws-server" : "vnc-server"); 3167 qio_channel_set_delay(QIO_CHANNEL(sioc), false); 3168 vnc_connect(vd, sioc, false, isWebsock); 3169 object_unref(OBJECT(sioc)); 3170 } else { 3171 /* client probably closed connection before we got there */ 3172 error_free(err); 3173 } 3174 3175 return TRUE; 3176 } 3177 3178 static const DisplayChangeListenerOps dcl_ops = { 3179 .dpy_name = "vnc", 3180 .dpy_refresh = vnc_refresh, 3181 .dpy_gfx_update = vnc_dpy_update, 3182 .dpy_gfx_switch = vnc_dpy_switch, 3183 .dpy_gfx_check_format = qemu_pixman_check_format, 3184 .dpy_mouse_set = vnc_mouse_set, 3185 .dpy_cursor_define = vnc_dpy_cursor_define, 3186 }; 3187 3188 void vnc_display_init(const char *id) 3189 { 3190 VncDisplay *vd; 3191 3192 if (vnc_display_find(id) != NULL) { 3193 return; 3194 } 3195 vd = g_malloc0(sizeof(*vd)); 3196 3197 vd->id = strdup(id); 3198 QTAILQ_INSERT_TAIL(&vnc_displays, vd, next); 3199 3200 QTAILQ_INIT(&vd->clients); 3201 vd->expires = TIME_MAX; 3202 3203 if (keyboard_layout) { 3204 trace_vnc_key_map_init(keyboard_layout); 3205 vd->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout); 3206 } else { 3207 vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us"); 3208 } 3209 3210 if (!vd->kbd_layout) { 3211 exit(1); 3212 } 3213 3214 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 3215 vd->connections_limit = 32; 3216 3217 qemu_mutex_init(&vd->mutex); 3218 vnc_start_worker_thread(); 3219 3220 vd->dcl.ops = &dcl_ops; 3221 register_displaychangelistener(&vd->dcl); 3222 } 3223 3224 3225 static void vnc_display_close(VncDisplay *vd) 3226 { 3227 size_t i; 3228 if (!vd) { 3229 return; 3230 } 3231 vd->is_unix = false; 3232 for (i = 0; i < vd->nlsock; i++) { 3233 if (vd->lsock_tag[i]) { 3234 g_source_remove(vd->lsock_tag[i]); 3235 } 3236 object_unref(OBJECT(vd->lsock[i])); 3237 } 3238 g_free(vd->lsock); 3239 g_free(vd->lsock_tag); 3240 vd->lsock = NULL; 3241 vd->lsock_tag = NULL; 3242 vd->nlsock = 0; 3243 3244 for (i = 0; i < vd->nlwebsock; i++) { 3245 if (vd->lwebsock_tag[i]) { 3246 g_source_remove(vd->lwebsock_tag[i]); 3247 } 3248 object_unref(OBJECT(vd->lwebsock[i])); 3249 } 3250 g_free(vd->lwebsock); 3251 g_free(vd->lwebsock_tag); 3252 vd->lwebsock = NULL; 3253 vd->lwebsock_tag = NULL; 3254 vd->nlwebsock = 0; 3255 3256 vd->auth = VNC_AUTH_INVALID; 3257 vd->subauth = VNC_AUTH_INVALID; 3258 if (vd->tlscreds) { 3259 object_unparent(OBJECT(vd->tlscreds)); 3260 vd->tlscreds = NULL; 3261 } 3262 g_free(vd->tlsaclname); 3263 vd->tlsaclname = NULL; 3264 if (vd->lock_key_sync) { 3265 qemu_remove_led_event_handler(vd->led); 3266 vd->led = NULL; 3267 } 3268 } 3269 3270 int vnc_display_password(const char *id, const char *password) 3271 { 3272 VncDisplay *vd = vnc_display_find(id); 3273 3274 if (!vd) { 3275 return -EINVAL; 3276 } 3277 if (vd->auth == VNC_AUTH_NONE) { 3278 error_printf_unless_qmp("If you want use passwords please enable " 3279 "password auth using '-vnc ${dpy},password'.\n"); 3280 return -EINVAL; 3281 } 3282 3283 g_free(vd->password); 3284 vd->password = g_strdup(password); 3285 3286 return 0; 3287 } 3288 3289 int vnc_display_pw_expire(const char *id, time_t expires) 3290 { 3291 VncDisplay *vd = vnc_display_find(id); 3292 3293 if (!vd) { 3294 return -EINVAL; 3295 } 3296 3297 vd->expires = expires; 3298 return 0; 3299 } 3300 3301 static void vnc_display_print_local_addr(VncDisplay *vd) 3302 { 3303 SocketAddress *addr; 3304 Error *err = NULL; 3305 3306 if (!vd->nlsock) { 3307 return; 3308 } 3309 3310 addr = qio_channel_socket_get_local_address(vd->lsock[0], &err); 3311 if (!addr) { 3312 return; 3313 } 3314 3315 if (addr->type != SOCKET_ADDRESS_TYPE_INET) { 3316 qapi_free_SocketAddress(addr); 3317 return; 3318 } 3319 error_printf_unless_qmp("VNC server running on %s:%s\n", 3320 addr->u.inet.host, 3321 addr->u.inet.port); 3322 qapi_free_SocketAddress(addr); 3323 } 3324 3325 static QemuOptsList qemu_vnc_opts = { 3326 .name = "vnc", 3327 .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head), 3328 .implied_opt_name = "vnc", 3329 .desc = { 3330 { 3331 .name = "vnc", 3332 .type = QEMU_OPT_STRING, 3333 },{ 3334 .name = "websocket", 3335 .type = QEMU_OPT_STRING, 3336 },{ 3337 .name = "tls-creds", 3338 .type = QEMU_OPT_STRING, 3339 },{ 3340 /* Deprecated in favour of tls-creds */ 3341 .name = "x509", 3342 .type = QEMU_OPT_STRING, 3343 },{ 3344 .name = "share", 3345 .type = QEMU_OPT_STRING, 3346 },{ 3347 .name = "display", 3348 .type = QEMU_OPT_STRING, 3349 },{ 3350 .name = "head", 3351 .type = QEMU_OPT_NUMBER, 3352 },{ 3353 .name = "connections", 3354 .type = QEMU_OPT_NUMBER, 3355 },{ 3356 .name = "to", 3357 .type = QEMU_OPT_NUMBER, 3358 },{ 3359 .name = "ipv4", 3360 .type = QEMU_OPT_BOOL, 3361 },{ 3362 .name = "ipv6", 3363 .type = QEMU_OPT_BOOL, 3364 },{ 3365 .name = "password", 3366 .type = QEMU_OPT_BOOL, 3367 },{ 3368 .name = "reverse", 3369 .type = QEMU_OPT_BOOL, 3370 },{ 3371 .name = "lock-key-sync", 3372 .type = QEMU_OPT_BOOL, 3373 },{ 3374 .name = "key-delay-ms", 3375 .type = QEMU_OPT_NUMBER, 3376 },{ 3377 .name = "sasl", 3378 .type = QEMU_OPT_BOOL, 3379 },{ 3380 /* Deprecated in favour of tls-creds */ 3381 .name = "tls", 3382 .type = QEMU_OPT_BOOL, 3383 },{ 3384 /* Deprecated in favour of tls-creds */ 3385 .name = "x509verify", 3386 .type = QEMU_OPT_STRING, 3387 },{ 3388 .name = "acl", 3389 .type = QEMU_OPT_BOOL, 3390 },{ 3391 .name = "lossy", 3392 .type = QEMU_OPT_BOOL, 3393 },{ 3394 .name = "non-adaptive", 3395 .type = QEMU_OPT_BOOL, 3396 }, 3397 { /* end of list */ } 3398 }, 3399 }; 3400 3401 3402 static int 3403 vnc_display_setup_auth(int *auth, 3404 int *subauth, 3405 QCryptoTLSCreds *tlscreds, 3406 bool password, 3407 bool sasl, 3408 bool websocket, 3409 Error **errp) 3410 { 3411 /* 3412 * We have a choice of 3 authentication options 3413 * 3414 * 1. none 3415 * 2. vnc 3416 * 3. sasl 3417 * 3418 * The channel can be run in 2 modes 3419 * 3420 * 1. clear 3421 * 2. tls 3422 * 3423 * And TLS can use 2 types of credentials 3424 * 3425 * 1. anon 3426 * 2. x509 3427 * 3428 * We thus have 9 possible logical combinations 3429 * 3430 * 1. clear + none 3431 * 2. clear + vnc 3432 * 3. clear + sasl 3433 * 4. tls + anon + none 3434 * 5. tls + anon + vnc 3435 * 6. tls + anon + sasl 3436 * 7. tls + x509 + none 3437 * 8. tls + x509 + vnc 3438 * 9. tls + x509 + sasl 3439 * 3440 * These need to be mapped into the VNC auth schemes 3441 * in an appropriate manner. In regular VNC, all the 3442 * TLS options get mapped into VNC_AUTH_VENCRYPT 3443 * sub-auth types. 3444 * 3445 * In websockets, the https:// protocol already provides 3446 * TLS support, so there is no need to make use of the 3447 * VeNCrypt extension. Furthermore, websockets browser 3448 * clients could not use VeNCrypt even if they wanted to, 3449 * as they cannot control when the TLS handshake takes 3450 * place. Thus there is no option but to rely on https://, 3451 * meaning combinations 4->6 and 7->9 will be mapped to 3452 * VNC auth schemes in the same way as combos 1->3. 3453 * 3454 * Regardless of fact that we have a different mapping to 3455 * VNC auth mechs for plain VNC vs websockets VNC, the end 3456 * result has the same security characteristics. 3457 */ 3458 if (websocket || !tlscreds) { 3459 if (password) { 3460 VNC_DEBUG("Initializing VNC server with password auth\n"); 3461 *auth = VNC_AUTH_VNC; 3462 } else if (sasl) { 3463 VNC_DEBUG("Initializing VNC server with SASL auth\n"); 3464 *auth = VNC_AUTH_SASL; 3465 } else { 3466 VNC_DEBUG("Initializing VNC server with no auth\n"); 3467 *auth = VNC_AUTH_NONE; 3468 } 3469 *subauth = VNC_AUTH_INVALID; 3470 } else { 3471 bool is_x509 = object_dynamic_cast(OBJECT(tlscreds), 3472 TYPE_QCRYPTO_TLS_CREDS_X509) != NULL; 3473 bool is_anon = object_dynamic_cast(OBJECT(tlscreds), 3474 TYPE_QCRYPTO_TLS_CREDS_ANON) != NULL; 3475 3476 if (!is_x509 && !is_anon) { 3477 error_setg(errp, 3478 "Unsupported TLS cred type %s", 3479 object_get_typename(OBJECT(tlscreds))); 3480 return -1; 3481 } 3482 *auth = VNC_AUTH_VENCRYPT; 3483 if (password) { 3484 if (is_x509) { 3485 VNC_DEBUG("Initializing VNC server with x509 password auth\n"); 3486 *subauth = VNC_AUTH_VENCRYPT_X509VNC; 3487 } else { 3488 VNC_DEBUG("Initializing VNC server with TLS password auth\n"); 3489 *subauth = VNC_AUTH_VENCRYPT_TLSVNC; 3490 } 3491 3492 } else if (sasl) { 3493 if (is_x509) { 3494 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n"); 3495 *subauth = VNC_AUTH_VENCRYPT_X509SASL; 3496 } else { 3497 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n"); 3498 *subauth = VNC_AUTH_VENCRYPT_TLSSASL; 3499 } 3500 } else { 3501 if (is_x509) { 3502 VNC_DEBUG("Initializing VNC server with x509 no auth\n"); 3503 *subauth = VNC_AUTH_VENCRYPT_X509NONE; 3504 } else { 3505 VNC_DEBUG("Initializing VNC server with TLS no auth\n"); 3506 *subauth = VNC_AUTH_VENCRYPT_TLSNONE; 3507 } 3508 } 3509 } 3510 return 0; 3511 } 3512 3513 3514 /* 3515 * Handle back compat with old CLI syntax by creating some 3516 * suitable QCryptoTLSCreds objects 3517 */ 3518 static QCryptoTLSCreds * 3519 vnc_display_create_creds(bool x509, 3520 bool x509verify, 3521 const char *dir, 3522 const char *id, 3523 Error **errp) 3524 { 3525 gchar *credsid = g_strdup_printf("tlsvnc%s", id); 3526 Object *parent = object_get_objects_root(); 3527 Object *creds; 3528 Error *err = NULL; 3529 3530 if (x509) { 3531 creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_X509, 3532 parent, 3533 credsid, 3534 &err, 3535 "endpoint", "server", 3536 "dir", dir, 3537 "verify-peer", x509verify ? "yes" : "no", 3538 NULL); 3539 } else { 3540 creds = object_new_with_props(TYPE_QCRYPTO_TLS_CREDS_ANON, 3541 parent, 3542 credsid, 3543 &err, 3544 "endpoint", "server", 3545 NULL); 3546 } 3547 3548 g_free(credsid); 3549 3550 if (err) { 3551 error_propagate(errp, err); 3552 return NULL; 3553 } 3554 3555 return QCRYPTO_TLS_CREDS(creds); 3556 } 3557 3558 3559 static int vnc_display_get_address(const char *addrstr, 3560 bool websocket, 3561 bool reverse, 3562 int displaynum, 3563 int to, 3564 bool has_ipv4, 3565 bool has_ipv6, 3566 bool ipv4, 3567 bool ipv6, 3568 SocketAddress **retaddr, 3569 Error **errp) 3570 { 3571 int ret = -1; 3572 SocketAddress *addr = NULL; 3573 3574 addr = g_new0(SocketAddress, 1); 3575 3576 if (strncmp(addrstr, "unix:", 5) == 0) { 3577 addr->type = SOCKET_ADDRESS_TYPE_UNIX; 3578 addr->u.q_unix.path = g_strdup(addrstr + 5); 3579 3580 if (websocket) { 3581 error_setg(errp, "UNIX sockets not supported with websock"); 3582 goto cleanup; 3583 } 3584 3585 if (to) { 3586 error_setg(errp, "Port range not support with UNIX socket"); 3587 goto cleanup; 3588 } 3589 ret = 0; 3590 } else { 3591 const char *port; 3592 size_t hostlen; 3593 unsigned long long baseport = 0; 3594 InetSocketAddress *inet; 3595 3596 port = strrchr(addrstr, ':'); 3597 if (!port) { 3598 if (websocket) { 3599 hostlen = 0; 3600 port = addrstr; 3601 } else { 3602 error_setg(errp, "no vnc port specified"); 3603 goto cleanup; 3604 } 3605 } else { 3606 hostlen = port - addrstr; 3607 port++; 3608 if (*port == '\0') { 3609 error_setg(errp, "vnc port cannot be empty"); 3610 goto cleanup; 3611 } 3612 } 3613 3614 addr->type = SOCKET_ADDRESS_TYPE_INET; 3615 inet = &addr->u.inet; 3616 if (addrstr[0] == '[' && addrstr[hostlen - 1] == ']') { 3617 inet->host = g_strndup(addrstr + 1, hostlen - 2); 3618 } else { 3619 inet->host = g_strndup(addrstr, hostlen); 3620 } 3621 /* plain VNC port is just an offset, for websocket 3622 * port is absolute */ 3623 if (websocket) { 3624 if (g_str_equal(addrstr, "") || 3625 g_str_equal(addrstr, "on")) { 3626 if (displaynum == -1) { 3627 error_setg(errp, "explicit websocket port is required"); 3628 goto cleanup; 3629 } 3630 inet->port = g_strdup_printf( 3631 "%d", displaynum + 5700); 3632 if (to) { 3633 inet->has_to = true; 3634 inet->to = to + 5700; 3635 } 3636 } else { 3637 inet->port = g_strdup(port); 3638 } 3639 } else { 3640 int offset = reverse ? 0 : 5900; 3641 if (parse_uint_full(port, &baseport, 10) < 0) { 3642 error_setg(errp, "can't convert to a number: %s", port); 3643 goto cleanup; 3644 } 3645 if (baseport > 65535 || 3646 baseport + offset > 65535) { 3647 error_setg(errp, "port %s out of range", port); 3648 goto cleanup; 3649 } 3650 inet->port = g_strdup_printf( 3651 "%d", (int)baseport + offset); 3652 3653 if (to) { 3654 inet->has_to = true; 3655 inet->to = to + offset; 3656 } 3657 } 3658 3659 inet->ipv4 = ipv4; 3660 inet->has_ipv4 = has_ipv4; 3661 inet->ipv6 = ipv6; 3662 inet->has_ipv6 = has_ipv6; 3663 3664 ret = baseport; 3665 } 3666 3667 *retaddr = addr; 3668 3669 cleanup: 3670 if (ret < 0) { 3671 qapi_free_SocketAddress(addr); 3672 } 3673 return ret; 3674 } 3675 3676 static void vnc_free_addresses(SocketAddress ***retsaddr, 3677 size_t *retnsaddr) 3678 { 3679 size_t i; 3680 3681 for (i = 0; i < *retnsaddr; i++) { 3682 qapi_free_SocketAddress((*retsaddr)[i]); 3683 } 3684 g_free(*retsaddr); 3685 3686 *retsaddr = NULL; 3687 *retnsaddr = 0; 3688 } 3689 3690 static int vnc_display_get_addresses(QemuOpts *opts, 3691 bool reverse, 3692 SocketAddress ***retsaddr, 3693 size_t *retnsaddr, 3694 SocketAddress ***retwsaddr, 3695 size_t *retnwsaddr, 3696 Error **errp) 3697 { 3698 SocketAddress *saddr = NULL; 3699 SocketAddress *wsaddr = NULL; 3700 QemuOptsIter addriter; 3701 const char *addr; 3702 int to = qemu_opt_get_number(opts, "to", 0); 3703 bool has_ipv4 = qemu_opt_get(opts, "ipv4"); 3704 bool has_ipv6 = qemu_opt_get(opts, "ipv6"); 3705 bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false); 3706 bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false); 3707 int displaynum = -1; 3708 int ret = -1; 3709 3710 *retsaddr = NULL; 3711 *retnsaddr = 0; 3712 *retwsaddr = NULL; 3713 *retnwsaddr = 0; 3714 3715 addr = qemu_opt_get(opts, "vnc"); 3716 if (addr == NULL || g_str_equal(addr, "none")) { 3717 ret = 0; 3718 goto cleanup; 3719 } 3720 if (qemu_opt_get(opts, "websocket") && 3721 !qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) { 3722 error_setg(errp, 3723 "SHA1 hash support is required for websockets"); 3724 goto cleanup; 3725 } 3726 3727 qemu_opt_iter_init(&addriter, opts, "vnc"); 3728 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3729 int rv; 3730 rv = vnc_display_get_address(addr, false, reverse, 0, to, 3731 has_ipv4, has_ipv6, 3732 ipv4, ipv6, 3733 &saddr, errp); 3734 if (rv < 0) { 3735 goto cleanup; 3736 } 3737 /* Historical compat - first listen address can be used 3738 * to set the default websocket port 3739 */ 3740 if (displaynum == -1) { 3741 displaynum = rv; 3742 } 3743 *retsaddr = g_renew(SocketAddress *, *retsaddr, *retnsaddr + 1); 3744 (*retsaddr)[(*retnsaddr)++] = saddr; 3745 } 3746 3747 /* If we had multiple primary displays, we don't do defaults 3748 * for websocket, and require explicit config instead. */ 3749 if (*retnsaddr > 1) { 3750 displaynum = -1; 3751 } 3752 3753 qemu_opt_iter_init(&addriter, opts, "websocket"); 3754 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) { 3755 if (vnc_display_get_address(addr, true, reverse, displaynum, to, 3756 has_ipv4, has_ipv6, 3757 ipv4, ipv6, 3758 &wsaddr, errp) < 0) { 3759 goto cleanup; 3760 } 3761 3762 /* Historical compat - if only a single listen address was 3763 * provided, then this is used to set the default listen 3764 * address for websocket too 3765 */ 3766 if (*retnsaddr == 1 && 3767 (*retsaddr)[0]->type == SOCKET_ADDRESS_TYPE_INET && 3768 wsaddr->type == SOCKET_ADDRESS_TYPE_INET && 3769 g_str_equal(wsaddr->u.inet.host, "") && 3770 !g_str_equal((*retsaddr)[0]->u.inet.host, "")) { 3771 g_free(wsaddr->u.inet.host); 3772 wsaddr->u.inet.host = g_strdup((*retsaddr)[0]->u.inet.host); 3773 } 3774 3775 *retwsaddr = g_renew(SocketAddress *, *retwsaddr, *retnwsaddr + 1); 3776 (*retwsaddr)[(*retnwsaddr)++] = wsaddr; 3777 } 3778 3779 ret = 0; 3780 cleanup: 3781 if (ret < 0) { 3782 vnc_free_addresses(retsaddr, retnsaddr); 3783 vnc_free_addresses(retwsaddr, retnwsaddr); 3784 } 3785 return ret; 3786 } 3787 3788 static int vnc_display_connect(VncDisplay *vd, 3789 SocketAddress **saddr, 3790 size_t nsaddr, 3791 SocketAddress **wsaddr, 3792 size_t nwsaddr, 3793 Error **errp) 3794 { 3795 /* connect to viewer */ 3796 QIOChannelSocket *sioc = NULL; 3797 if (nwsaddr != 0) { 3798 error_setg(errp, "Cannot use websockets in reverse mode"); 3799 return -1; 3800 } 3801 if (nsaddr != 1) { 3802 error_setg(errp, "Expected a single address in reverse mode"); 3803 return -1; 3804 } 3805 /* TODO SOCKET_ADDRESS_TYPE_FD when fd has AF_UNIX */ 3806 vd->is_unix = saddr[0]->type == SOCKET_ADDRESS_TYPE_UNIX; 3807 sioc = qio_channel_socket_new(); 3808 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse"); 3809 if (qio_channel_socket_connect_sync(sioc, saddr[0], errp) < 0) { 3810 return -1; 3811 } 3812 vnc_connect(vd, sioc, false, false); 3813 object_unref(OBJECT(sioc)); 3814 return 0; 3815 } 3816 3817 3818 static int vnc_display_listen_addr(VncDisplay *vd, 3819 SocketAddress *addr, 3820 const char *name, 3821 QIOChannelSocket ***lsock, 3822 guint **lsock_tag, 3823 size_t *nlsock, 3824 Error **errp) 3825 { 3826 QIODNSResolver *resolver = qio_dns_resolver_get_instance(); 3827 SocketAddress **rawaddrs = NULL; 3828 size_t nrawaddrs = 0; 3829 Error *listenerr = NULL; 3830 bool listening = false; 3831 size_t i; 3832 3833 if (qio_dns_resolver_lookup_sync(resolver, addr, &nrawaddrs, 3834 &rawaddrs, errp) < 0) { 3835 return -1; 3836 } 3837 3838 for (i = 0; i < nrawaddrs; i++) { 3839 QIOChannelSocket *sioc = qio_channel_socket_new(); 3840 3841 qio_channel_set_name(QIO_CHANNEL(sioc), name); 3842 if (qio_channel_socket_listen_sync( 3843 sioc, rawaddrs[i], listenerr == NULL ? &listenerr : NULL) < 0) { 3844 object_unref(OBJECT(sioc)); 3845 continue; 3846 } 3847 listening = true; 3848 (*nlsock)++; 3849 *lsock = g_renew(QIOChannelSocket *, *lsock, *nlsock); 3850 *lsock_tag = g_renew(guint, *lsock_tag, *nlsock); 3851 3852 (*lsock)[*nlsock - 1] = sioc; 3853 (*lsock_tag)[*nlsock - 1] = 0; 3854 } 3855 3856 for (i = 0; i < nrawaddrs; i++) { 3857 qapi_free_SocketAddress(rawaddrs[i]); 3858 } 3859 g_free(rawaddrs); 3860 3861 if (listenerr) { 3862 if (!listening) { 3863 error_propagate(errp, listenerr); 3864 return -1; 3865 } else { 3866 error_free(listenerr); 3867 } 3868 } 3869 3870 for (i = 0; i < *nlsock; i++) { 3871 (*lsock_tag)[i] = qio_channel_add_watch( 3872 QIO_CHANNEL((*lsock)[i]), 3873 G_IO_IN, vnc_listen_io, vd, NULL); 3874 } 3875 3876 return 0; 3877 } 3878 3879 3880 static int vnc_display_listen(VncDisplay *vd, 3881 SocketAddress **saddr, 3882 size_t nsaddr, 3883 SocketAddress **wsaddr, 3884 size_t nwsaddr, 3885 Error **errp) 3886 { 3887 size_t i; 3888 3889 for (i = 0; i < nsaddr; i++) { 3890 if (vnc_display_listen_addr(vd, saddr[i], 3891 "vnc-listen", 3892 &vd->lsock, 3893 &vd->lsock_tag, 3894 &vd->nlsock, 3895 errp) < 0) { 3896 return -1; 3897 } 3898 } 3899 for (i = 0; i < nwsaddr; i++) { 3900 if (vnc_display_listen_addr(vd, wsaddr[i], 3901 "vnc-ws-listen", 3902 &vd->lwebsock, 3903 &vd->lwebsock_tag, 3904 &vd->nlwebsock, 3905 errp) < 0) { 3906 return -1; 3907 } 3908 } 3909 3910 return 0; 3911 } 3912 3913 3914 void vnc_display_open(const char *id, Error **errp) 3915 { 3916 VncDisplay *vd = vnc_display_find(id); 3917 QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id); 3918 SocketAddress **saddr = NULL, **wsaddr = NULL; 3919 size_t nsaddr, nwsaddr; 3920 const char *share, *device_id; 3921 QemuConsole *con; 3922 bool password = false; 3923 bool reverse = false; 3924 const char *credid; 3925 bool sasl = false; 3926 #ifdef CONFIG_VNC_SASL 3927 int saslErr; 3928 #endif 3929 int acl = 0; 3930 int lock_key_sync = 1; 3931 int key_delay_ms; 3932 3933 if (!vd) { 3934 error_setg(errp, "VNC display not active"); 3935 return; 3936 } 3937 vnc_display_close(vd); 3938 3939 if (!opts) { 3940 return; 3941 } 3942 3943 reverse = qemu_opt_get_bool(opts, "reverse", false); 3944 if (vnc_display_get_addresses(opts, reverse, &saddr, &nsaddr, 3945 &wsaddr, &nwsaddr, errp) < 0) { 3946 goto fail; 3947 } 3948 3949 password = qemu_opt_get_bool(opts, "password", false); 3950 if (password) { 3951 if (fips_get_state()) { 3952 error_setg(errp, 3953 "VNC password auth disabled due to FIPS mode, " 3954 "consider using the VeNCrypt or SASL authentication " 3955 "methods as an alternative"); 3956 goto fail; 3957 } 3958 if (!qcrypto_cipher_supports( 3959 QCRYPTO_CIPHER_ALG_DES_RFB, QCRYPTO_CIPHER_MODE_ECB)) { 3960 error_setg(errp, 3961 "Cipher backend does not support DES RFB algorithm"); 3962 goto fail; 3963 } 3964 } 3965 3966 lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true); 3967 key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10); 3968 sasl = qemu_opt_get_bool(opts, "sasl", false); 3969 #ifndef CONFIG_VNC_SASL 3970 if (sasl) { 3971 error_setg(errp, "VNC SASL auth requires cyrus-sasl support"); 3972 goto fail; 3973 } 3974 #endif /* CONFIG_VNC_SASL */ 3975 credid = qemu_opt_get(opts, "tls-creds"); 3976 if (credid) { 3977 Object *creds; 3978 if (qemu_opt_get(opts, "tls") || 3979 qemu_opt_get(opts, "x509") || 3980 qemu_opt_get(opts, "x509verify")) { 3981 error_setg(errp, 3982 "'tls-creds' parameter is mutually exclusive with " 3983 "'tls', 'x509' and 'x509verify' parameters"); 3984 goto fail; 3985 } 3986 3987 creds = object_resolve_path_component( 3988 object_get_objects_root(), credid); 3989 if (!creds) { 3990 error_setg(errp, "No TLS credentials with id '%s'", 3991 credid); 3992 goto fail; 3993 } 3994 vd->tlscreds = (QCryptoTLSCreds *) 3995 object_dynamic_cast(creds, 3996 TYPE_QCRYPTO_TLS_CREDS); 3997 if (!vd->tlscreds) { 3998 error_setg(errp, "Object with id '%s' is not TLS credentials", 3999 credid); 4000 goto fail; 4001 } 4002 object_ref(OBJECT(vd->tlscreds)); 4003 4004 if (vd->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) { 4005 error_setg(errp, 4006 "Expecting TLS credentials with a server endpoint"); 4007 goto fail; 4008 } 4009 } else { 4010 const char *path; 4011 bool tls = false, x509 = false, x509verify = false; 4012 tls = qemu_opt_get_bool(opts, "tls", false); 4013 if (tls) { 4014 path = qemu_opt_get(opts, "x509"); 4015 4016 if (path) { 4017 x509 = true; 4018 } else { 4019 path = qemu_opt_get(opts, "x509verify"); 4020 if (path) { 4021 x509 = true; 4022 x509verify = true; 4023 } 4024 } 4025 vd->tlscreds = vnc_display_create_creds(x509, 4026 x509verify, 4027 path, 4028 vd->id, 4029 errp); 4030 if (!vd->tlscreds) { 4031 goto fail; 4032 } 4033 } 4034 } 4035 acl = qemu_opt_get_bool(opts, "acl", false); 4036 4037 share = qemu_opt_get(opts, "share"); 4038 if (share) { 4039 if (strcmp(share, "ignore") == 0) { 4040 vd->share_policy = VNC_SHARE_POLICY_IGNORE; 4041 } else if (strcmp(share, "allow-exclusive") == 0) { 4042 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 4043 } else if (strcmp(share, "force-shared") == 0) { 4044 vd->share_policy = VNC_SHARE_POLICY_FORCE_SHARED; 4045 } else { 4046 error_setg(errp, "unknown vnc share= option"); 4047 goto fail; 4048 } 4049 } else { 4050 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE; 4051 } 4052 vd->connections_limit = qemu_opt_get_number(opts, "connections", 32); 4053 4054 #ifdef CONFIG_VNC_JPEG 4055 vd->lossy = qemu_opt_get_bool(opts, "lossy", false); 4056 #endif 4057 vd->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false); 4058 /* adaptive updates are only used with tight encoding and 4059 * if lossy updates are enabled so we can disable all the 4060 * calculations otherwise */ 4061 if (!vd->lossy) { 4062 vd->non_adaptive = true; 4063 } 4064 4065 if (acl) { 4066 if (strcmp(vd->id, "default") == 0) { 4067 vd->tlsaclname = g_strdup("vnc.x509dname"); 4068 } else { 4069 vd->tlsaclname = g_strdup_printf("vnc.%s.x509dname", vd->id); 4070 } 4071 qemu_acl_init(vd->tlsaclname); 4072 } 4073 #ifdef CONFIG_VNC_SASL 4074 if (acl && sasl) { 4075 char *aclname; 4076 4077 if (strcmp(vd->id, "default") == 0) { 4078 aclname = g_strdup("vnc.username"); 4079 } else { 4080 aclname = g_strdup_printf("vnc.%s.username", vd->id); 4081 } 4082 vd->sasl.acl = qemu_acl_init(aclname); 4083 g_free(aclname); 4084 } 4085 #endif 4086 4087 if (vnc_display_setup_auth(&vd->auth, &vd->subauth, 4088 vd->tlscreds, password, 4089 sasl, false, errp) < 0) { 4090 goto fail; 4091 } 4092 trace_vnc_auth_init(vd, 0, vd->auth, vd->subauth); 4093 4094 if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth, 4095 vd->tlscreds, password, 4096 sasl, true, errp) < 0) { 4097 goto fail; 4098 } 4099 trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth); 4100 4101 #ifdef CONFIG_VNC_SASL 4102 if ((saslErr = sasl_server_init(NULL, "qemu")) != SASL_OK) { 4103 error_setg(errp, "Failed to initialize SASL auth: %s", 4104 sasl_errstring(saslErr, NULL, NULL)); 4105 goto fail; 4106 } 4107 #endif 4108 vd->lock_key_sync = lock_key_sync; 4109 if (lock_key_sync) { 4110 vd->led = qemu_add_led_event_handler(kbd_leds, vd); 4111 } 4112 vd->ledstate = 0; 4113 vd->key_delay_ms = key_delay_ms; 4114 4115 device_id = qemu_opt_get(opts, "display"); 4116 if (device_id) { 4117 int head = qemu_opt_get_number(opts, "head", 0); 4118 Error *err = NULL; 4119 4120 con = qemu_console_lookup_by_device_name(device_id, head, &err); 4121 if (err) { 4122 error_propagate(errp, err); 4123 goto fail; 4124 } 4125 } else { 4126 con = NULL; 4127 } 4128 4129 if (con != vd->dcl.con) { 4130 unregister_displaychangelistener(&vd->dcl); 4131 vd->dcl.con = con; 4132 register_displaychangelistener(&vd->dcl); 4133 } 4134 4135 if (saddr == NULL) { 4136 goto cleanup; 4137 } 4138 4139 if (reverse) { 4140 if (vnc_display_connect(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4141 goto fail; 4142 } 4143 } else { 4144 if (vnc_display_listen(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) { 4145 goto fail; 4146 } 4147 } 4148 4149 if (qemu_opt_get(opts, "to")) { 4150 vnc_display_print_local_addr(vd); 4151 } 4152 4153 cleanup: 4154 vnc_free_addresses(&saddr, &nsaddr); 4155 vnc_free_addresses(&wsaddr, &nwsaddr); 4156 return; 4157 4158 fail: 4159 vnc_display_close(vd); 4160 goto cleanup; 4161 } 4162 4163 void vnc_display_add_client(const char *id, int csock, bool skipauth) 4164 { 4165 VncDisplay *vd = vnc_display_find(id); 4166 QIOChannelSocket *sioc; 4167 4168 if (!vd) { 4169 return; 4170 } 4171 4172 sioc = qio_channel_socket_new_fd(csock, NULL); 4173 if (sioc) { 4174 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-server"); 4175 vnc_connect(vd, sioc, skipauth, false); 4176 object_unref(OBJECT(sioc)); 4177 } 4178 } 4179 4180 static void vnc_auto_assign_id(QemuOptsList *olist, QemuOpts *opts) 4181 { 4182 int i = 2; 4183 char *id; 4184 4185 id = g_strdup("default"); 4186 while (qemu_opts_find(olist, id)) { 4187 g_free(id); 4188 id = g_strdup_printf("vnc%d", i++); 4189 } 4190 qemu_opts_set_id(opts, id); 4191 } 4192 4193 QemuOpts *vnc_parse(const char *str, Error **errp) 4194 { 4195 QemuOptsList *olist = qemu_find_opts("vnc"); 4196 QemuOpts *opts = qemu_opts_parse(olist, str, true, errp); 4197 const char *id; 4198 4199 if (!opts) { 4200 return NULL; 4201 } 4202 4203 id = qemu_opts_id(opts); 4204 if (!id) { 4205 /* auto-assign id if not present */ 4206 vnc_auto_assign_id(olist, opts); 4207 } 4208 return opts; 4209 } 4210 4211 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp) 4212 { 4213 Error *local_err = NULL; 4214 char *id = (char *)qemu_opts_id(opts); 4215 4216 assert(id); 4217 vnc_display_init(id); 4218 vnc_display_open(id, &local_err); 4219 if (local_err != NULL) { 4220 error_reportf_err(local_err, "Failed to start VNC server: "); 4221 exit(1); 4222 } 4223 return 0; 4224 } 4225 4226 static void vnc_register_config(void) 4227 { 4228 qemu_add_opts(&qemu_vnc_opts); 4229 } 4230 opts_init(vnc_register_config); 4231