]> source.dussan.org Git - tigervnc.git/log
tigervnc.git
7 years agoFix shift state test in lock key heuristics
Pierre Ossman [Tue, 12 Sep 2017 14:44:44 +0000 (16:44 +0200)]
Fix shift state test in lock key heuristics

7 years agoMerge branch 'x0vncshift' of https://github.com/CendioOssman/tigervnc
Pierre Ossman [Fri, 15 Sep 2017 09:17:02 +0000 (11:17 +0200)]
Merge branch 'x0vncshift' of https://github.com/CendioOssman/tigervnc

7 years agoMerge branch 'securemsg' of https://github.com/CendioOssman/tigervnc
Pierre Ossman [Fri, 15 Sep 2017 09:07:53 +0000 (11:07 +0200)]
Merge branch 'securemsg' of https://github.com/CendioOssman/tigervnc

7 years agoMerge branch 'qemukbd-merge' of https://github.com/CendioOssman/tigervnc
Pierre Ossman [Fri, 15 Sep 2017 09:03:48 +0000 (11:03 +0200)]
Merge branch 'qemukbd-merge' of https://github.com/CendioOssman/tigervnc

7 years agoClear client cursor when switching to server side
Pierre Ossman [Fri, 15 Sep 2017 09:03:12 +0000 (11:03 +0200)]
Clear client cursor when switching to server side

Otherwise the client can end up with two visible cursors.

7 years agoRemove unused FLTKPixelBuffer files
Pierre Ossman [Tue, 12 Sep 2017 10:07:21 +0000 (12:07 +0200)]
Remove unused FLTKPixelBuffer files

These are unused since 403ac27d, but the files were never removed.

7 years agoAdd support for raw keyboard in vncviewer 513/head
Pierre Ossman [Thu, 13 Jul 2017 13:54:11 +0000 (15:54 +0200)]
Add support for raw keyboard in vncviewer

Make sure it can map between the key codes of the local system
in to the key codes used by the protocol.

7 years agoFix indentation bug
Pierre Ossman [Tue, 16 May 2017 15:00:34 +0000 (17:00 +0200)]
Fix indentation bug

7 years agoAdd support for raw key codes to Xvnc/libvnc.so
Pierre Ossman [Tue, 16 May 2017 12:42:07 +0000 (14:42 +0200)]
Add support for raw key codes to Xvnc/libvnc.so

7 years agorfb_win32: Use scan codes if available
Rahul Kale [Wed, 12 Jul 2017 22:35:58 +0000 (00:35 +0200)]
rfb_win32: Use scan codes if available

If scan codes are available using QEMU Extended Keyboard Messages
from clients, use that to inject scancodes directly into the
system using the SendInput API.

No conversion is needed as Windows uses the same scancode encoding.

Signed-off-by: Rahul Kale <Rahul.Kale@barco.com>
Signed-off-by: Peter Korsgaard <peter.korsgaard@barco.com>
7 years agox0vncserver: keyEvent(): use scancodes if available
Peter Korsgaard [Wed, 12 Jul 2017 22:35:57 +0000 (00:35 +0200)]
x0vncserver: keyEvent(): use scancodes if available

Use the client provided (using QEMU extendend key event) scancodes if
available instead of reverse mapping the keysym.

X11 unfortunately uses keyboard driver specific keycodes and provides
no direct way to query this, so guess based on the keyboard mapping.

Handle the two most likely keyboard drivers, the old xorgkbd and evdev.

Signed-off-by: Peter Korsgaard <peter.korsgaard@barco.com>
7 years agoInclude server name in TLS handshake for SNI
Pierre Ossman [Fri, 8 Sep 2017 13:28:39 +0000 (15:28 +0200)]
Include server name in TLS handshake for SNI

In case the server is a front-end to multiple systems and needs to
know which system we're after.

7 years agoUse better security method description when using VeNCrypt 506/head
Pierre Ossman [Fri, 1 Sep 2017 09:15:57 +0000 (11:15 +0200)]
Use better security method description when using VeNCrypt

The sub-modules generally provide a better description than just the
short security method name.

7 years agoAdd better error message for insecure certificate algorithms
Pierre Ossman [Fri, 1 Sep 2017 09:15:31 +0000 (11:15 +0200)]
Add better error message for insecure certificate algorithms

7 years agoDisplay security state when asking for password
Pierre Ossman [Fri, 1 Sep 2017 09:14:35 +0000 (11:14 +0200)]
Display security state when asking for password

Indicate to the user how secure the transport channel is so they
can avoid entering their password for untrusted sites.

7 years agoMerge authentication dialogs
Pierre Ossman [Fri, 1 Sep 2017 07:24:43 +0000 (09:24 +0200)]
Merge authentication dialogs

Avoid having two separate code paths for the user/password and
only password dialogs. Makes it easier to extend things in the future.

7 years agoTrack keys based on client supplied key codes
Pierre Ossman [Tue, 16 May 2017 12:33:43 +0000 (14:33 +0200)]
Track keys based on client supplied key codes

This makes it easier to provide more sane events to the backend code
even with crazy clients.

7 years agoRemove unused needsLastRect state variable
Pierre Ossman [Tue, 16 May 2017 12:32:58 +0000 (14:32 +0200)]
Remove unused needsLastRect state variable

7 years agoFix wrong argument for CMsgWriter::clientCutText()
Pierre Ossman [Tue, 16 May 2017 12:32:09 +0000 (14:32 +0200)]
Fix wrong argument for CMsgWriter::clientCutText()

As a result we weren't overloading properly.

7 years agoBasic support for QEMU Extended Key Events
Pierre Ossman [Tue, 16 May 2017 12:30:38 +0000 (14:30 +0200)]
Basic support for QEMU Extended Key Events

This adds the basic infrastructure and handshake for the QEMU
Extended Key Events extension. No viewer or server makes use of
the extra functionality yet though.

7 years agorfb_win32: Add support for LED state notifications
Rahul Kale [Wed, 12 Jul 2017 22:36:02 +0000 (00:36 +0200)]
rfb_win32: Add support for LED state notifications

LED support added using Windows GetKeyState() API call.

The state is polled for change in CapsLock/NumLock/ScrollLock
status in the same code block where chages to Cursor shape is polled.

Signed-off-by: Rahul Kale <Rahul.Kale@barco.com>
Signed-off-by: Peter Korsgaard <peter.korsgaard@barco.com>
7 years agox0vncserver: add support for led state notifications
Peter Korsgaard [Wed, 12 Jul 2017 22:36:01 +0000 (00:36 +0200)]
x0vncserver: add support for led state notifications

Listen for XKb XkbIndicatorStateNotify events for scroll/num/caps lock and
map them to the RFB protocol.

Signed-off-by: Peter Korsgaard <peter.korsgaard@barco.com>
7 years agoSend lock LED state from server to client
Pierre Ossman [Mon, 12 Dec 2016 15:59:15 +0000 (16:59 +0100)]
Send lock LED state from server to client

7 years agoAdd support for lock LED state to Xvnc/libvnc.so
Pierre Ossman [Mon, 12 Dec 2016 14:39:54 +0000 (15:39 +0100)]
Add support for lock LED state to Xvnc/libvnc.so

7 years agoAdd server side lock key sync heuristic
Pierre Ossman [Sun, 11 Dec 2016 11:41:26 +0000 (12:41 +0100)]
Add server side lock key sync heuristic

Based on QEMU's behaviour.

7 years agoSync LED state when gaining focus
Pierre Ossman [Sat, 10 Dec 2016 16:13:40 +0000 (17:13 +0100)]
Sync LED state when gaining focus

The state might have changed when we didn't have focus. Get
everything back in sync once we're back in control.

7 years agoAdd client support for LED state sync
Pierre Ossman [Mon, 5 Dec 2016 14:26:21 +0000 (15:26 +0100)]
Add client support for LED state sync

7 years agoAdd libpng as a dependency for freetype for static builds
Pierre Ossman [Thu, 24 Aug 2017 09:28:33 +0000 (11:28 +0200)]
Add libpng as a dependency for freetype for static builds

Newer versions of Freetype requires libpng as well.

7 years agoRespect modifiers in x0vncserver 496/head
Pierre Ossman [Wed, 16 Aug 2017 13:20:20 +0000 (15:20 +0200)]
Respect modifiers in x0vncserver

Using XKeysymToKeycode() often gives the incorrect keycode as it
doesn't respect the current modifier state. Use XKB to find the
proper key instead.

This however also means that we need to track the mapping for all
pressed keys to make sure we know the correct keycode when it is
time to release the key.

7 years agoSupport clients that only support alpha cursors
Pierre Ossman [Wed, 16 Aug 2017 14:26:11 +0000 (16:26 +0200)]
Support clients that only support alpha cursors

7 years agoSend cursor pseudo-encodings in order of preference
Pierre Ossman [Wed, 16 Aug 2017 14:25:24 +0000 (16:25 +0200)]
Send cursor pseudo-encodings in order of preference

Some servers respect the ordering of pseudo-encodings as well, so
make sure we list the best one first.

7 years agoFully implement support for alpha cursor pseudo encoding.
Brian P. Hinz [Sun, 13 Aug 2017 00:19:50 +0000 (20:19 -0400)]
Fully implement support for alpha cursor pseudo encoding.
Alpha cursors are not supported in java on Windows so disable
it in that case.  Ideally it would be nice to be able to test
whether or not the client OS supports it, but at the moment
MS Windows is the only one that I'm aware of that doesn't.

7 years agoUpdate min version of gettext required to build with .desktop files
Brian P. Hinz [Wed, 9 Aug 2017 02:21:14 +0000 (22:21 -0400)]
Update min version of gettext required to build with .desktop files

.desktop files support was not added to msgfmt until v0.19

7 years agoFixed issue where CLI paramters specified as "-param value" caused
Brian P. Hinz [Sun, 6 Aug 2017 19:00:09 +0000 (15:00 -0400)]
Fixed issue where CLI paramters specified as "-param value" caused
a java.nio.BufferOverflowException while the same parameter specified
as "-param=value" worked fine.

7 years agoFixed issue where -dotWhenNoCUrsor cli arg was not being honored
Brian P. Hinz [Sun, 6 Aug 2017 18:59:09 +0000 (14:59 -0400)]
Fixed issue where -dotWhenNoCUrsor cli arg was not being honored

7 years agoFix for NPE when zero width or height alpha cursor is sent
Brian P. Hinz [Fri, 4 Aug 2017 01:14:54 +0000 (21:14 -0400)]
Fix for NPE when zero width or height alpha cursor is sent

7 years agoHandle certificate verification for saved certs correctly
Brian P. Hinz [Thu, 20 Jul 2017 02:54:09 +0000 (22:54 -0400)]
Handle certificate verification for saved certs correctly

7 years agoAllow multiple certs with same DN in saved certs file.
Brian P. Hinz [Wed, 12 Jul 2017 03:23:01 +0000 (23:23 -0400)]
Allow multiple certs with same DN in saved certs file.

7 years agoAdd fallbacks for translating .desktop file
Pierre Ossman [Fri, 21 Jul 2017 12:07:15 +0000 (14:07 +0200)]
Add fallbacks for translating .desktop file

Only fairly recent versions of gettext can translate .desktop files.
So fall back to the older intltool on older systems, or just a plain
copy if intltool is also missing.

7 years agoIncrease default pointer event interval
Pierre Ossman [Wed, 19 Jul 2017 09:20:53 +0000 (11:20 +0200)]
Increase default pointer event interval

Some systems (e.g. macOS) send massive amounts of pointer events, so
we need to start rate limiting things to something sensible by default.
One event per screen refresh should be more than sufficient.

7 years agoAllow removal of GUI prompt on fatal errors
Dr. David Alan Gilbert [Tue, 11 Jul 2017 11:11:50 +0000 (12:11 +0100)]
Allow removal of GUI prompt on fatal errors

Add a new parameter 'alertOnFatalError' which guards
the displaying of the GUI alert on fatal errors, and
thus when false just gives the textual error.

Now I can do:

  while true
  do
    vncviewer alertOnFatalError=false vm:0
    sleep 1
  done

and it'll reappear when my VM appears without me getting error
dialogs.

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
--

7 years agoAdd generic name to .desktop file
Pierre Ossman [Wed, 19 Jul 2017 08:57:46 +0000 (10:57 +0200)]
Add generic name to .desktop file

This often gives the user more information about what kind of
application this is.

7 years agoGenerate translations in .desktop file from po files
Pierre Ossman [Wed, 19 Jul 2017 08:56:21 +0000 (10:56 +0200)]
Generate translations in .desktop file from po files

7 years agoMove languages to standard LINGUAS file
Pierre Ossman [Wed, 19 Jul 2017 08:57:00 +0000 (10:57 +0200)]
Move languages to standard LINGUAS file

This is necessary for other translation tools to work properly.

7 years agoMerge branch 'patch-1' of https://github.com/scootergrisen/tigervnc
Pierre Ossman [Wed, 19 Jul 2017 08:21:57 +0000 (10:21 +0200)]
Merge branch 'patch-1' of https://github.com/scootergrisen/tigervnc

7 years agoAdd danish translation 486/head
scootergrisen [Thu, 13 Jul 2017 22:57:07 +0000 (00:57 +0200)]
Add danish translation

7 years agossize_t must be signed even in windows 485/head
Sayed Adel [Tue, 11 Jul 2017 22:17:55 +0000 (00:17 +0200)]
ssize_t must be signed even in windows

7 years agoRemove "Print" from keys that can open F8 menu 470/head
Samuel Mannehed [Fri, 2 Jun 2017 09:18:35 +0000 (11:18 +0200)]
Remove "Print" from keys that can open F8 menu

Since it is caught by the local system on most platforms.

7 years agoMerge branches 'fix-fullscreen-scroll' and 'fix-scrollbar-visibility' of https:/...
Pierre Ossman [Wed, 31 May 2017 12:39:00 +0000 (14:39 +0200)]
Merge branches 'fix-fullscreen-scroll' and 'fix-scrollbar-visibility' of https://github.com/LukeShu/tigervnc

7 years agoVarious fixes for Region handling in java viewer
Brian P. Hinz [Thu, 25 May 2017 03:31:07 +0000 (23:31 -0400)]
Various fixes for Region handling in java viewer

7 years agoExtend JavaPixelBuffer to make further use of Graphics2D ops
Brian P. Hinz [Thu, 25 May 2017 03:17:37 +0000 (23:17 -0400)]
Extend JavaPixelBuffer to make further use of Graphics2D ops

7 years agoMinimize thread blocking and improve thread safety in java viewer
Brian P. Hinz [Thu, 25 May 2017 03:07:03 +0000 (23:07 -0400)]
Minimize thread blocking and improve thread safety in java viewer

7 years agoName threads for easier profiling
Brian P. Hinz [Thu, 25 May 2017 02:48:19 +0000 (22:48 -0400)]
Name threads for easier profiling

7 years agoBetter checks for object equality, remove redundant initializer
Brian P. Hinz [Thu, 25 May 2017 02:43:07 +0000 (22:43 -0400)]
Better checks for object equality, remove redundant initializer

7 years agoCopyRectDecoder missing getAffectedRegion method in java viewer
Brian P. Hinz [Thu, 25 May 2017 02:33:25 +0000 (22:33 -0400)]
CopyRectDecoder missing getAffectedRegion method in java viewer

7 years agovncviewer: Fix scrollbar visibility 466/head
Luke Shumaker [Tue, 23 May 2017 18:03:15 +0000 (14:03 -0400)]
vncviewer: Fix scrollbar visibility

Have a window that is sized to the remote screen.  Now shrink the window
vertically, making it shorter than the remote screen in one axis. The
vertical scrollbar appears. However, the horizontal scrollbar does not
appear, despite the rightmost ~24 pixels (Fl::scrollbar_size()) being
hidden by the vertical scroll bar.

Fix that.

For clarity, move the fullscreen checks into a separate `if` statement,
rather than keeping the size and fullscreen checks together.

I think the comment does a decent job of explaining and justifying the
check's logic, but if you require further convincing, perhaps this
alternate explanation will help:

  The check for the X-axis is

      if ((w() - (h() < viewport->h() ? Fl::scrollbar_size() : 0) < viewport->w())

  To be a bit more verbose and repetitive, we can split that ternary in to
  two separate checks, and add some comments:

      if (
             (w() -  < viewport->w()) // X needs a scrollbar
          ||
             ( (w() - Fl::scrollbar_size() < viewport->w()) && (h() < viewport->h()) )
             //( X doesn't need a scrollbar unless Y does ) && (  Y does need one  ) )
         )

  Within the "Y does need one" check, we don't need to worry about the
  case where `h() - Fl::scrollbar_size() < viewport-h()` is true,
  because if both axes are saying "I don't need a scrollbar unless
  you do", then neither needs one.

7 years agovncviewer: Fix fullscreen scrolling 464/head
Luke Shumaker [Tue, 23 May 2017 06:16:27 +0000 (02:16 -0400)]
vncviewer: Fix fullscreen scrolling

7 years agoUpdate Danish translation
Joe Hansen [Mon, 22 May 2017 15:00:00 +0000 (15:00 +0000)]
Update Danish translation

7 years agoCompatibility with macOS 10.12 SDK
Pierre Ossman [Wed, 24 May 2017 13:16:32 +0000 (15:16 +0200)]
Compatibility with macOS 10.12 SDK

They finally added kVK_RightCommand, so our workaround needs to be
conditional.

7 years agoUpdate Swedish translation
Göran Uddeborg [Sat, 13 May 2017 11:59:00 +0000 (13:59 +0200)]
Update Swedish translation

7 years agoMerge branch 'master' of https://github.com/grulja/tigervnc
Pierre Ossman [Tue, 9 May 2017 12:48:34 +0000 (14:48 +0200)]
Merge branch 'master' of https://github.com/grulja/tigervnc

7 years agoUpdate Serbian translation
Мирослав Николић [Sun, 7 May 2017 13:17:00 +0000 (15:17 +0200)]
Update Serbian translation

7 years agoRemove INITARGS from xserver119.patch 456/head
Vishal Biswas [Mon, 8 May 2017 05:36:11 +0000 (11:06 +0530)]
Remove INITARGS from xserver119.patch

7 years agoMake sure install path for java classes is properly defined (re:#295)
Brian P. Hinz [Sun, 7 May 2017 13:33:54 +0000 (09:33 -0400)]
Make sure install path for java classes is properly defined (re:#295)

7 years agoFix for issue #455
Brian P. Hinz [Sat, 6 May 2017 18:35:38 +0000 (14:35 -0400)]
Fix for issue #455

7 years agoSet gateway host correctly when -via is used
Brian P. Hinz [Sat, 6 May 2017 15:24:11 +0000 (11:24 -0400)]
Set gateway host correctly when -via is used

7 years agoMultithreaded decoder improvements (java viewer)
Brian P. Hinz [Sat, 6 May 2017 14:55:41 +0000 (10:55 -0400)]
Multithreaded decoder improvements (java viewer)

7 years agoUpdate Dutch translation
Benno Schulenberg [Wed, 3 May 2017 18:34:00 +0000 (20:34 +0200)]
Update Dutch translation

7 years agoMake RandR callbacks optional as they were before 453/head
Jan Grulich [Thu, 4 May 2017 06:58:37 +0000 (08:58 +0200)]
Make RandR callbacks optional as they were before

7 years agoMerge branch 'master' of https://github.com/alshopov/tigervnc
Pierre Ossman [Tue, 2 May 2017 12:13:38 +0000 (14:13 +0200)]
Merge branch 'master' of https://github.com/alshopov/tigervnc

7 years agoAdd Hungarian translation
Balázs Úr [Sat, 29 Apr 2017 21:20:00 +0000 (23:20 +0200)]
Add Hungarian translation

7 years agoUpdate French translation
Stéphane Aulery [Sat, 29 Apr 2017 18:04:00 +0000 (20:04 +0200)]
Update French translation

7 years agoUpdate Turkish translation
Volkan Gezer [Fri, 28 Apr 2017 14:00:00 +0000 (15:00 +0100)]
Update Turkish translation

7 years agoUpdate Bulgarian translation
Alexander Shopov [Sat, 29 Apr 2017 08:34:00 +0000 (10:34 +0200)]
Update Bulgarian translation

7 years agoUpdated Vietnamese translation
Trần Ngọc Quân [Sat, 29 Apr 2017 01:02:00 +0000 (08:02 +0700)]
Updated Vietnamese translation

7 years agoUpdate Russian translation
Yuri Kozlov [Fri, 28 Apr 2017 14:58:00 +0000 (17:58 +0300)]
Update Russian translation

7 years agoUpdate Brazilian Portuguese translation
Rafael Fontenelle [Fri, 28 Apr 2017 12:02:00 +0000 (09:02 -0300)]
Update Brazilian Portuguese translation

7 years agoUpdate Ukrainian translation
Yuri Chornoivan [Fri, 28 Apr 2017 11:54:00 +0000 (14:54 +0300)]
Update Ukrainian translation

7 years agoMark strings for translation 450/head
Alexander Shopov [Sat, 29 Apr 2017 09:35:30 +0000 (11:35 +0200)]
Mark strings for translation

7 years agoFilter out alpha channel for normal draw() operation 449/head
Pierre Ossman [Fri, 28 Apr 2017 09:40:02 +0000 (11:40 +0200)]
Filter out alpha channel for normal draw() operation

macOS actually uses the alpha channel on windows, so we can get visual
artifacts if we feed it bogus alpha data. This filtering unfortunately
causes some CPU usage, but it's necessary until we can make sure the
framebuffer always contains proper 0xff for alpha.

7 years agoUse correct color space for current monitor
Pierre Ossman [Fri, 28 Apr 2017 09:37:12 +0000 (11:37 +0200)]
Use correct color space for current monitor

We won't always be on the primary monitor, so check which color space
we're actually using right now. For offscreen stuff we assume a standard
sRGB color space.

7 years agoCreate new CGImage for each draw
Pierre Ossman [Fri, 28 Apr 2017 09:33:28 +0000 (11:33 +0200)]
Create new CGImage for each draw

The system expects these to be immutable, so changing the data after
creation only works in some special cases. We need to recreate the
CGImage object each time we've changed something.

7 years agoUse sub-image instead of clipping
Pierre Ossman [Thu, 27 Apr 2017 11:28:49 +0000 (13:28 +0200)]
Use sub-image instead of clipping

It seems to be more efficient.

7 years agoOnly draw overlays when needed
Pierre Ossman [Fri, 28 Apr 2017 08:20:29 +0000 (10:20 +0200)]
Only draw overlays when needed

Some backends don't like empty draw operations, so have an early check.

7 years agoChange development version to 1.8.80
Pierre Ossman [Wed, 19 Apr 2017 13:25:23 +0000 (15:25 +0200)]
Change development version to 1.8.80

7 years agoUpdate translation template file
Pierre Ossman [Wed, 19 Apr 2017 13:07:06 +0000 (15:07 +0200)]
Update translation template file

7 years agoMore fixes for java viewer performance regression
Brian P. Hinz [Mon, 17 Apr 2017 10:46:59 +0000 (06:46 -0400)]
More fixes for java viewer performance regression

7 years agoLimit size of cursor accepted by client. 444/head
Michal Srb [Thu, 6 Apr 2017 20:52:22 +0000 (23:52 +0300)]
Limit size of cursor accepted by client.

Width and height of a cursor are received as U16 from network. Accepting full range of U16 values can cause integer overflows in multiple places.

The worst is probably VLA in CMsgReader::readSetXCursor:
  rdr::U8 buf[width*height*4];

The width*height*4 can be too big to fit on stack or it can overflow into negative numbers. Both cases are undefined behaviour. Following writes to buf can overwrite other data on stack.

7 years agoPartial fix for java viewer performance regression
Brian P. Hinz [Wed, 5 Apr 2017 01:10:00 +0000 (21:10 -0400)]
Partial fix for java viewer performance regression

7 years agoMerge branches 'fix-vencrypt-leak' and 'fixes-ssecurityplain' of https://github.com...
Pierre Ossman [Thu, 30 Mar 2017 14:23:11 +0000 (16:23 +0200)]
Merge branches 'fix-vencrypt-leak' and 'fixes-ssecurityplain' of https://github.com/michalsrb/tigervnc

7 years agoLimit max username/password size in SSecurityPlain. 440/head
Michal Srb [Wed, 29 Mar 2017 14:05:45 +0000 (17:05 +0300)]
Limit max username/password size in SSecurityPlain.

Setting the limit to 1024 which should be still more than enough.

Unlimited ulen and plen can cause various security problems:
  * Overflow in `is->checkNoWait(ulen + plen)` causing it to contine when there is not enough data and then wait forever.
  * Overflow in `new char[plen + 1]` that would allocate zero sized array which succeeds but returns pointer that should not be written into.
  * Allocation failure in `new char[plen + 1]` from trying to allocate too much and crashing the whole server.

All those issues can be triggered by a client before authentication.

7 years agoFix checkNoWait logic in SSecurityPlain.
Michal Srb [Wed, 29 Mar 2017 14:00:30 +0000 (17:00 +0300)]
Fix checkNoWait logic in SSecurityPlain.

Currently it proceeds only if there aren't enough data in queue and then it blocks waiting.
Also the required amount to receive from network is (ulen + plen), not (ulen + plen + 2).

This allowed not authenticated clients to deny service to everyone.

7 years agoDelete underlying ssecurity in SSecurityVeNCrypt. 441/head
Michal Srb [Wed, 29 Mar 2017 13:23:18 +0000 (16:23 +0300)]
Delete underlying ssecurity in SSecurityVeNCrypt.

Otherwise it gets leaked which would allow even not authenticated clients to exhaust server memory.

7 years agoBe more restrictive with shared memory mode bits
Pierre Ossman [Wed, 29 Mar 2017 11:28:55 +0000 (13:28 +0200)]
Be more restrictive with shared memory mode bits

Everyone else seems to get by with using 0600, so let's do the same.

7 years agoAvoid leaking shared memory via X server
Pierre Ossman [Wed, 29 Mar 2017 11:27:32 +0000 (13:27 +0200)]
Avoid leaking shared memory via X server

It's not enough that we detach from the shared memory, we must also
tell the X server to do so for it to be freed properly.

7 years agoMerge branches 'fix' and 'fix-double-free-fences' of https://github.com/michalsrb...
Pierre Ossman [Wed, 29 Mar 2017 09:09:49 +0000 (11:09 +0200)]
Merge branches 'fix' and 'fix-double-free-fences' of https://github.com/michalsrb/tigervnc

7 years agoPrevent double free by crafted fences. 438/head
Michal Srb [Mon, 27 Mar 2017 16:02:15 +0000 (19:02 +0300)]
Prevent double free by crafted fences.

If client sent fence with some data, followed by fence with no data (length 0), the original fence data were freed, but the pointer kept pointing at them. Sending one more fence would attempt to free them again.

7 years agoPrevent leak of SecurityServer and ClientServer. 436/head
Michal Srb [Mon, 27 Mar 2017 10:55:46 +0000 (13:55 +0300)]
Prevent leak of SecurityServer and ClientServer.

They are created in SConnection's and CConnection's constructors but never destroyed.

There is no reason for the indirection, so lets make them direct members.

7 years agoFix crash from integer overflow in SMsgReader::readClientCutText
Michal Srb [Mon, 27 Mar 2017 10:37:11 +0000 (13:37 +0300)]
Fix crash from integer overflow in SMsgReader::readClientCutText

The length sent by client is U32, but is converted into int. If it was bigger than 0x7fffffff the resulting int is negative, it passes the check against maxCutText and later throws std::bad_alloc from CharArray which takes down the whole server.

All the Streaming API deals with lengths in ints, so we can't tell it to skip that big amount of data. And it is not realistic to expect more than 2GB of clipboard data anyway. So lets just throw rdr::Exception that will disconnect this client and keep the server alive.

7 years agoUpdate visible copyright year to 2017 433/head
Samuel Mannehed [Mon, 20 Mar 2017 12:07:30 +0000 (13:07 +0100)]
Update visible copyright year to 2017