Avoid duplicating this complexity in too many places.

At the same time make the interface more identical to regular mkdir(),
for familiarity.

This is an often changed database, so it is better suited for
$XDG_STATE_HOME rather than the more static $XDG_DATA_HOME.

This is only needed because of an historical type change of the legacy
directory, so avoid doing it anywhere else.

The syslog file descriptor will be closed when we are cleaning up in
preparation for running the vncserver script, so we need to explicitly
reopen things in case we need to log errors.

At the same time, try to be polite and explicitly close the log when
appropriate.

E.g. pam_env.so might modify this variable, so we should see what we get
out of PAM when building a log file path.

There is too much variation between distributions for us to have a good
PAM configuration that works everywhere. Try to make this more obvious
by having a comment at the top of the file.

It's perfectly fine to give a NULL pointer if the length has explicitly
been specified as zero.

Allow for alternative user config locations, deprecate `~/.vnc` in favour of XDG Base Directory Specification paths

Specifies that the server must ignore all keyboard or mouse events sent
by the client.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2180903
Signed-off-by: Carlos Santos <casantos@redhat.com>

Move these RFB specific things to rfb::VNCServer, for clarity.

Signed-off-by: Pierre Ossman <ossman@cendio.se>
Signed-off-by: Carlos Santos <casantos@redhat.com>

The norm is that the install target is read only from the point of view
of the source and build directory, so avoid accidentally triggering any
build.

Make it easier to work iteratively by not having to remove the output
file each time.

They must belong to the rfb namespace, not to the SConnection class.

Also add an AccessNone constant, since it's better to use a mnemonic
symbol rather than zero to initialize the accessRights members.

Signed-off-by: Carlos Santos <casantos@redhat.com>

FLTK can send events with fl_xevent pointing to random memory, which
means that we cannot trust that structure. XQueryPointer() can give us
what we need, at the cost of an extra round trip.

That extra add_fd() only set the read notification, overwriting any
write notification set up in the lines just above.

Primarily to avoid the versions that are now deprecated.

Fix for issue 843

GnuTLS seems to have dropped grypt support ages ago, so let's not
confuse things by assuming it might be needed when linking GnuTLS
statically.

Although unlikely, there might be other parts of the X server that are
also interested in this call. Make sure we propagate things on properly.

It doesn't just control button events, but all types of pointer events,
including movement.

The MIT-SHM documentation:
  https://www.x.org/releases/X11R7.7/doc/xextproto/shm.html
says to run XShmDetach() first, and then to destroy the segment.

(cherry picked from commit 585ee24d4c)

Mouse events in shared connections are locked to one viewer at a time.
If the a mouse drag is happening in the first viewer, the second viewer
can't interfere unless the first viewer has been inactive for a set
amount of time. This timeout was put in place in
71c83b4793 to handle the case where the
first viewer disconnects while the mouse drag is happening. Prior to the
timeout, this resulted in all input being blocked.

This commit increases this timeout from 3 seconds to 10 seconds. This is
to minimize the risk of this happening during "normal" use. With this
change, the first viewer has to be inactive for 10 seconds before the
second viewer can take control again.

In the case where the first viewer disconnects, a waiting time of 10
seconds for the second viewer seems very reasonable.

VNCServerST: Add a timeout to pointer button ownership

This keep everything consistent.

It is REQUIRED in this context, so we can assume X11 has been found.

The common use case is probably to only listem to the systemd provided
socket when using socket activation, but it might not be the only use
case. Make sure things can be combined if explicitly requested.

Avoid magical numbers as it makes it hard to understand the code.

We don't need to look for this on Windows or macOS, and we need to be
able to gracefully handle systems without pkg-config.

When one clients holds down a button on the pointer device (probably
dragging something), other clients' attempts at pointer operations
are denied. This yields a sane user experience, but with limits.

When one clients starts dragging, and then his network connection fails,
other clients are denied access to the pointer until the VNC server
finally discovers that the connection is dead and closes it. This can
take about 15 minutes.

Add a timeout to this policy: If we don't hear from the client for 3
seconds, other clients are allowed to control the pointer once more.

This solves the problem that one failing network could make the server
completely deaf to other clients for a long time.

Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>

When the connection is severed, release all mouse buttons.

This fixes an issue with x0vncserver where the local display
would stop responding to mouse events if the connection closes
while the remote user was holding down a mouse button.

To reproduce, start a VNC client, press and hold a mouse button
and then kill the connection (e.g. close client, kill server,
yank network cable). This caused the local screen to no longer
respond to any mouse-down events until a VNC client reconnects
and clicks anywhere.

This may inject a "mouse release" event while closing, however,
if you click on your screen and then yank the mouse cable, a mouse
release event also would not come unexpectedly, so the cure's
side effects aren't as bad as the disease.

Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>

systemd can pass in sockets as file descriptors 3 and beyond. Allows
the server to use socket activation.

When triggered by systemd, no other listening sockets (e.g. rfbport) will
be activated.

Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>

This affects the ordering of visuals, which breaks some buggy
applications that assume the first visual is the root window visual.

Use dup() instead to get an available file descriptor to avoid hijacking
already existing descriptor.

Fixes #1709

It's a reoccurring issue that users try to build individual components
by pointing cmake at a specific subdirectory, e.g. 'cmake vncviewer'.
CMake, unfortunately, has insufficient protection against this so we'll
need to add a manual check.

This commit only adds it to the most likely places for misuse so we
don't have to pollute every CMakeLists.txt.

Some of the flags have been removed and we don't need to consider 32-bit
libraries anymore.