Allow blacklist to be disabled

There might be multiple clients using a single IP (e.g. NAT), which
can make the blacklist do more harm than good. So add a setting to
disable it if needed.

common/rfb/Blacklist.cxx

@@ -20,6 +20,10 @@
 
 using namespace rfb;
 
+BoolParameter enabled("UseBlacklist",
+                      "Temporarily reject connections from a host if it "
+                      "repeatedly fails to authenticate.",
+                      true);
 IntParameter threshold("BlacklistThreshold",
                        "The number of unauthenticated connection attempts "
                        "allowed from any individual host before that host "
@@ -44,6 +48,9 @@ Blacklist::~Blacklist() {
 }
 
 bool Blacklist::isBlackmarked(const char* name) {
+  if (!enabled)
+    return false;
+
   BlacklistMap::iterator i = blm.find(name);
   if (i == blm.end()) {
     // Entry is not already black-marked.

unix/x0vncserver/x0vncserver.man

@@ -142,6 +142,11 @@ GnuTLS priority string that controls the TLS session’s handshake algorithms.
 See the GnuTLS manual for possible values. Default is \fBNORMAL\fP.
 .
 .TP
+.B \-UseBlacklist
+Temporarily reject connections from a host if it repeatedly fails to
+authenticate. Default is on.
+.
+.TP
 .B \-BlacklistThreshold \fIcount\fP
 The number of unauthenticated connection attempts allowed from any individual
 host before that host is black-listed.  Default is 5.

unix/xserver/hw/vnc/Xvnc.man

@@ -231,6 +231,11 @@ GnuTLS priority string that controls the TLS session’s handshake algorithms.
 See the GnuTLS manual for possible values. Default is \fBNORMAL\fP.
 .
 .TP
+.B \-UseBlacklist
+Temporarily reject connections from a host if it repeatedly fails to
+authenticate. Default is on.
+.
+.TP
 .B \-BlacklistThreshold \fIcount\fP
 The number of unauthenticated connection attempts allowed from any individual
 host before that host is black-listed.  Default is 5.