git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4383 3789f03b-4d11-0410-bbf8-ca57d06f2519tags/v1.1.90
@@ -37,7 +37,7 @@ Build Requirements | |||
* zlib v1.2 or later | |||
* OpenSSL v0.9.7 or later | |||
-- If building TLS support: | |||
* GnuTLS and its dependencies (libgcrypt, libtasn1, libgpg-error) | |||
@@ -113,9 +113,9 @@ will clean both the Xvnc and vncviewer builds without destroying any of the | |||
build configuration or module dependencies. | |||
========================= | |||
Building VeNCrypt support | |||
========================= | |||
==================== | |||
Building TLS support | |||
==================== | |||
VeNCrypt (the TigerVNC security and authentication extensions) can be built | |||
with TLS support, which provides built-in encryption for VNC sessions. This | |||
@@ -268,7 +268,7 @@ Build Requirements | |||
C:\Program Files\Inno Setup 5) to the system or user PATH environment | |||
variable prior to building TigerVNC. | |||
-- If building TLS support: | |||
* GnuTLS and its dependencies (libgcrypt, libtasn1, libgpg-error) | |||
@@ -331,7 +331,7 @@ WinVNC. | |||
Debug Build | |||
----------- | |||
Add "-DCMAKE_BUILD_TYPE=Debug" to the cmake command line. Or, if building with | |||
Add "-DCMAKE_BUILD_TYPE=Debug" to the CMake command line. Or, if building with | |||
NMake, remove "-DCMAKE_BUILD_TYPE=Release" (Debug builds are the default with | |||
NMake.) | |||
@@ -344,46 +344,81 @@ To eliminate this dependency, add | |||
-DCMAKE_C_FLAGS=-static-libgcc -DCMAKE_CXX_FLAGS=-static-libgcc | |||
to the cmake command line. | |||
to the CMake command line. | |||
========================= | |||
Building VeNCrypt support | |||
========================= | |||
==================== | |||
Building TLS support | |||
==================== | |||
VeNCrypt (the TigerVNC security and authentication extensions) can be built | |||
with TLS support, which provides built-in encryption for VNC sessions. This | |||
requires GnuTLS, which is not Microsoft-friendly. There is generally no | |||
sane way to build GnuTLS and its dependencies using Visual C++. Those with | |||
a lot of time on their hands can build the GnuTLS DLLs using MinGW (or download | |||
32-bit versions of these from the link below), generate Visual C++ import | |||
libraries from the DLLs, then link TigerVNC against the Visual C++ import | |||
libraries. However, this creates a version of TigerVNC that depends on | |||
the GnuTLS DLLs. The TigerVNC packaging system currently is not designed to | |||
handle DLL dependencies, so really the only way to build and package a | |||
self-contained, VeNCrypt-enabled version of TigerVNC for Windows is to use | |||
MinGW and the static GnuTLS libraries. The use of MinGW means that only the | |||
viewer can be built, not the server. | |||
requires GnuTLS, which is not Microsoft-friendly. This section describes the | |||
issues associated with building a Windows version of TigerVNC with TLS support | |||
and how to work around those issues. | |||
Building with MinGW | |||
------------------- | |||
An installer containing the GnuTLS header files, as well as static and dynamic | |||
link libraries for 32-bit MinGW, is available from the following site: | |||
link libraries for 32-bit MinGW, can be downloaded from the following site: | |||
http://josefsson.org/gnutls4win/ | |||
Whether you choose to use the above installer or build GnuTLS from source, | |||
make sure that you install the libraries and headers into a pathname that | |||
doesn't contain spaces (the installer will try to install under | |||
c:\Program Files unless you tell it otherwise.) If the GnuTLS include path | |||
contains spaces, then the MinGW resource compiler will barf. | |||
As of this writing, GnuTLS cannot be built cleanly with MinGW64 due to the fact | |||
that portions of the code assume an LP64 data model (Windows uses LLP64.) | |||
Thus, it is not possible at this time to produce a Win64 version of TigerVNC | |||
with TLS support. | |||
Whether you use the above installer or build GnuTLS from source, make sure that | |||
you install the libraries and headers into a pathname that doesn't contain | |||
spaces (the installer will try to install under c:\Program Files unless you | |||
tell it otherwise.) If the GnuTLS include path contains spaces, then the MinGW | |||
resource compiler will barf when you try to build TigerVNC. | |||
You can manipulate the GNUTLS_INCLUDE_DIR and GNUTLS_LIBRARY cmake variables to | |||
You can manipulate the GNUTLS_INCLUDE_DIR and GNUTLS_LIBRARY CMake variables to | |||
specify the directory under which you installed GnuTLS. For instance, adding | |||
-DGNUTLS_INCLUDE_DIR=/c/gnutls/include \ | |||
-DGNUTLS_LIBRARY=/c/gnutls/lib/libgnutls.dll.a | |||
to the CMake command line when using MinGW will cause TigerVNC to be linked | |||
against GnuTLS DLLs that are installed under c:\gnutls. | |||
Adding | |||
-DGNUTLS_INCLUDE_DIR=/c/gnutls/include \ | |||
-DGNUTLS_LIBRARY='/c/gnutls/lib/libgnutls.a;/c/gnutls/lib/libgcrypt.a;/c/gnutls/lib/libtasn1.a;/c/gnutls/lib/libgpg-error.a' | |||
to the cmake command line when using MinGW will cause TigerVNC to be statically | |||
linked against an installation of GnuTLS that resides under c:\gnutls. | |||
to the CMake command line will cause TigerVNC to be statically linked against | |||
GnuTLS libraries that are installed under c:\gnutls. | |||
Note that the use of MinGW means that only the TigerVNC viewer can be built, | |||
not the server. | |||
Visual C++ | |||
---------- | |||
There is generally no sane way to build GnuTLS and its dependencies using | |||
Visual C++. Thus, it is necessary to either build the libraries with MinGW (or | |||
download 32-bit versions of these from the link above), generate Visual C++ | |||
import libraries from the DLLs, then link TigerVNC against the Visual C++ | |||
import libraries. | |||
In the instructions below, {gnutls_path} indicates the path under which GnuTLS | |||
is installed (Example: c:\Program Files\GnuTLS-2.10.1). | |||
To generate Visual C++ import libraries: | |||
cd {gnutls_path}\lib | |||
lib /def:..\bin\libgnutls-{version}.def /out:libgnutls.lib | |||
Now, you can add the following arguments to the CMake command line: | |||
-DGNUTLS_INCLUDE_DIR={gnutls_path}\include \ | |||
-DGNUTLS_LIBRARY={gnutls_path}\lib\libgnutls.lib | |||
to build TigerVNC against the GnuTLS DLLs installed under {gnutls_path}. | |||
=================== | |||
@@ -395,7 +430,7 @@ choosing (as opposed to creating an installer.) To do this, add: | |||
-DCMAKE_INSTALL_PREFIX={install_directory} | |||
to the cmake command line. | |||
to the CMake command line. | |||
For example, | |||
@@ -531,3 +566,7 @@ The installer package (TigerVNC[64].exe) will be located under | |||
package will be located in a subdirectory with the same name as the | |||
configuration you built (such as {build_directory}\Debug\ or | |||
{build_directory}\Release\). | |||
NOTE: If TigerVNC is built with TLS support, then the build system will | |||
attempt to package the GnuTLS DLLs into the Windows installer. It looks for | |||
these DLLs in a directory called "bin" one level up from GNUTLS_INCLUDE_DIR. |
@@ -160,17 +160,48 @@ if (!(-e $vncUserDir)) { | |||
} | |||
} | |||
# Make sure the user has a password. | |||
($z,$z,$mode) = stat("$vncUserDir/passwd"); | |||
if (!(-e "$vncUserDir/passwd") || ($mode & 077)) { | |||
warn "\nYou will require a password to access your desktops.\n\n"; | |||
system($exedir."vncpasswd -q $vncUserDir/passwd"); | |||
if (($? >> 8) != 0) { | |||
exit 1; | |||
# Check whether VNC authentication is enabled, and if so, prompt the user to | |||
# create a VNC password if they don't already have one. | |||
$securityTypeArgSpecified = 0; | |||
$vncAuthEnabled = 0; | |||
$passwordArgSpecified = 0; | |||
for ($i = 0; $i < @ARGV; ++$i) { | |||
# -SecurityTypes can be followed by a space or "=" | |||
my @splitargs = split('=', $ARGV[$i]); | |||
if (@splitargs <= 1 && $i < @ARGV - 1) { | |||
push(@splitargs, $ARGV[$i + 1]); | |||
} | |||
if (lc(@splitargs[0]) eq "-securitytypes") { | |||
if (@splitargs > 1) { | |||
$securityTypeArgSpecified = 1; | |||
} | |||
foreach $arg2 (split(',', @splitargs[1])) { | |||
if (lc($arg2) eq "vncauth" || lc($arg2) eq "tlsvnc" | |||
|| lc($arg2) eq "x509vnc") { | |||
$vncAuthEnabled = 1; | |||
} | |||
} | |||
} | |||
if ((lc(@splitargs[0]) eq "-password") | |||
|| (lc(@splitargs[0]) eq "-passwordfile" | |||
|| (lc(@splitargs[0]) eq "-rfbauth"))) { | |||
$passwordArgSpecified = 1; | |||
} | |||
} | |||
if ((!$securityTypeArgSpecified || $vncAuthEnabled) && !$passwordArgSpecified) { | |||
($z,$z,$mode) = stat("$vncUserDir/passwd"); | |||
if (!(-e "$vncUserDir/passwd") || ($mode & 077)) { | |||
warn "\nYou will require a password to access your desktops.\n\n"; | |||
system($exedir."vncpasswd -q $vncUserDir/passwd"); | |||
if (($? >> 8) != 0) { | |||
exit 1; | |||
} | |||
} | |||
} | |||
# Find display number. | |||
if ((@ARGV > 0) && ($ARGV[0] =~ /^:(\d+)$/)) { | |||
@@ -307,13 +338,10 @@ if (-e "/tmp/.X11-unix/X$displayNumber" || | |||
$ENV{VNCDESKTOP}= $desktopName; | |||
if ($opt{'-fg'}) { | |||
system("$vncUserDir/xstartup >> " . "edString($desktopLog) . " 2>&1"); | |||
if (kill 0, `cat $pidFile`) { | |||
$opt{'-kill'} = ':'.$displayNumber; | |||
&Kill(); | |||
} | |||
close(STDIN); | |||
system("($vncUserDir/xstartup; $0 -kill :$displayNumber) >> " . "edString($desktopLog) . " 2>&1"); | |||
} else { | |||
system("($vncUserDir/xstartup; $0 -kill :$displayNumber) >> " . "edString($desktopLog) . " 2>&1 &"); | |||
system("$vncUserDir/xstartup >> " . "edString($desktopLog) . " 2>&1 &"); | |||
} | |||
exit; |
@@ -1,4 +1,4 @@ | |||
.TH vncserver 1 "15 Apr 2009" "TigerVNC" "Virtual Network Computing" | |||
.TH vncserver 1 "13 Mar 2011" "TigerVNC" "Virtual Network Computing" | |||
.SH NAME | |||
vncserver \- start or stop a VNC server | |||
.SH SYNOPSIS | |||
@@ -108,11 +108,10 @@ path for Xvnc to use. | |||
.TP | |||
.B \-fg | |||
This version of vncserver will always launch Xvnc in such a way that, when the | |||
user exits the window manager in their VNC session, Xvnc will terminate. | |||
Specifying this option will additionally make Xvnc run as a foreground process, | |||
which means that it can be aborted with CTRL-C. This may be necessary when | |||
launching TigerVNC from within certain grid computing environments. | |||
Runs Xvnc as a foreground process. This has two effects: (1) The VNC server | |||
can be aborted with CTRL-C, and (2) the VNC server will exit as soon as the | |||
user logs out of the window manager in the VNC session. This may be necessary | |||
when launching TigerVNC from within certain grid computing environments. | |||
.SH FILES | |||
Several VNC-related files are found in the directory $HOME/.vnc: |
@@ -21,8 +21,8 @@ if(BUILD_WINVNC) | |||
set(INST_DEPS ${INST_DEPS} winvnc4 wm_hooks vncconfig) | |||
endif() | |||
if(GNUTLS_FOUND AND NOT GNUTLS_STATIC) | |||
set(INST_DEFS ${INST_DEFS}) | |||
if(GNUTLS_FOUND) | |||
set(INST_DEFS ${INST_DEFS} -DHAVE_GNUTLS) | |||
endif() | |||
configure_file(tigervnc.iss.in tigervnc.iss) |
@@ -80,7 +80,7 @@ CConn::CConn() | |||
: window(0), sameMachine(false), encodingChange(false), formatChange(false), | |||
lastUsedEncoding_(encodingRaw), sock(0), sockEvent(CreateEvent(0, TRUE, FALSE, 0)), | |||
reverseConnection(false), requestUpdate(false), firstUpdate(true), | |||
isClosed_(false) { | |||
pendingUpdate(false), isClosed_(false) { | |||
} | |||
CConn::~CConn() { | |||
@@ -184,11 +184,6 @@ CConn::displayChanged() { | |||
calculateFullColourPF(); | |||
} | |||
void | |||
CConn::paintCompleted() { | |||
// A repaint message has just completed - request next update if necessary | |||
requestNewUpdate(); | |||
} | |||
bool | |||
CConn::sysCommand(WPARAM wParam, LPARAM lParam) { | |||
@@ -362,10 +357,7 @@ CConn::blockCallback() { | |||
// Wait for socket data, or a message to process | |||
DWORD result = MsgWaitForMultipleObjects(1, &sockEvent.h, FALSE, INFINITE, QS_ALLINPUT); | |||
if (result == WAIT_OBJECT_0) { | |||
// - Network event notification. Return control to I/O routine. | |||
break; | |||
} else if (result == WAIT_FAILED) { | |||
if (result == WAIT_FAILED) { | |||
// - The wait operation failed - raise an exception | |||
throw rdr::SystemException("blockCallback wait error", GetLastError()); | |||
} | |||
@@ -380,6 +372,10 @@ CConn::blockCallback() { | |||
// ToAscii() internally). | |||
DispatchMessage(&msg); | |||
} | |||
if (result == WAIT_OBJECT_0) | |||
// - Network event notification. Return control to I/O routine. | |||
break; | |||
} | |||
// Before we return control to the InStream, reset the network event | |||
@@ -521,6 +517,16 @@ CConn::showOptionsDialog() { | |||
} | |||
void | |||
CConn::framebufferUpdateStart() { | |||
if (!formatChange) { | |||
requestUpdate = pendingUpdate = true; | |||
requestNewUpdate(); | |||
} else | |||
pendingUpdate = false; | |||
} | |||
void | |||
CConn::framebufferUpdateEnd() { | |||
if (debugDelay != 0) { | |||
@@ -571,12 +577,17 @@ CConn::framebufferUpdateEnd() { | |||
firstUpdate = false; | |||
} | |||
if (options.autoSelect) | |||
autoSelectFormatAndEncoding(); | |||
// Always request the next update | |||
requestUpdate = true; | |||
// A format change prevented us from sending this before the update, | |||
// so make sure to send it now. | |||
if (formatChange && !pendingUpdate) | |||
requestNewUpdate(); | |||
if (options.autoSelect) | |||
autoSelectFormatAndEncoding(); | |||
// Check that at least part of the window has changed | |||
if (!GetUpdateRect(window->getHandle(), 0, FALSE)) { | |||
if (!(GetWindowLong(window->getHandle(), GWL_STYLE) & WS_MINIMIZE)) | |||
@@ -662,6 +673,10 @@ CConn::requestNewUpdate() { | |||
if (!requestUpdate) return; | |||
if (formatChange) { | |||
/* Catch incorrect requestNewUpdate calls */ | |||
assert(pendingUpdate == false); | |||
// Select the required pixel format | |||
if (options.fullColour) { | |||
window->setPF(fullColourPF); |
@@ -93,7 +93,7 @@ namespace rfb { | |||
// DesktopWindow::Callback interface | |||
void displayChanged(); | |||
void paintCompleted(); | |||
void paintCompleted() {} | |||
bool sysCommand(WPARAM wParam, LPARAM lParam); | |||
void closeWindow(); | |||
void refreshMenu(bool enableSysCommands); | |||
@@ -101,7 +101,7 @@ namespace rfb { | |||
// CConnection interface | |||
void setColourMapEntries(int firstColour, int nColours, rdr::U16* rgbs); | |||
void bell(); | |||
void framebufferUpdateStart() {} | |||
void framebufferUpdateStart(); | |||
void framebufferUpdateEnd(); | |||
void setDesktopSize(int w, int h); | |||
void setExtendedDesktopSize(int reason, int result, int w, int h, | |||
@@ -152,6 +152,7 @@ namespace rfb { | |||
bool reverseConnection; | |||
bool requestUpdate; | |||
bool firstUpdate; | |||
bool pendingUpdate; | |||
// Debugging/logging | |||
std::list<Rect> debugRects; |
@@ -725,9 +725,6 @@ DesktopWindow::processFrameMessage(UINT msg, WPARAM wParam, LPARAM lParam) { | |||
} | |||
EndPaint(frameHandle, &ps); | |||
// - Notify the callback that a paint message has finished processing | |||
callback->paintCompleted(); | |||
} | |||
return 0; | |||