This is mainly a copy of XKeysymToString() from libX11. We've also added
a wrapper that still gives a string, even if there is no name for the
requested keysym.
This grows the binaries a bit, but not with any extreme amount so is
hopefully worth it to get better debug logging.
We user the real, not the effective user ID, to check if the user is
allowed to log in with the "Plain" security types. Otherwise it would be
necessary to log in as root when Xvnc is installed with the set-user-id
bit on.
Signed-off-by: Carlos Santos <casantos@redhat.com>
This permits to enable PAM for the effective user of the Xvnc process by
adding this to ~/.vnc/config or /etc/tigervnc/vncserver-config-defaults:
SecurityTypes=TLSPlain
PlainUsers=%u
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2233204
Signed-off-by: Carlos Santos <casantos@redhat.com>
We can get races with clipboard managers in the server that is very
confusing to the user.
When the clipboard changes locally, we tell the server to drop the old
clipboard (as it is now lost). But we don't send over the new clipboard
until we get focus again, in order to not leak more data than necessary.
This causes some clibpoard managers to take over ownership in order to
avoid an empty clipboard. And this takes precedence over the new client
clipboard as it happened later. Effectively reverting the clipboard the
user sees.
Avoid all of this by simply ignoring the server when we don't have
focus. This is likely what users expect anyway as they expect their
currently focused application to control the clipboard, not vncviewer in
the background.
Don't assume a lack of TCP listeners means the server will be
unreachable. There might be other methods of access, so let the higher
levels do that sanity check instead.
It was a poor choice of words to call these keysyms "unknown" as they
are likely perfectly normal keysyms, they just cannot be found in the
currently loaded keyboard layout. This log message has confused users,
so let's get rid of the "unknown" part.
We already use the verb "add" heavily in the other log messages, so
let's keep that rather than switch to some for of "map".
FLTK only allows 256 different box types, but it doesn't actually check
this when registering new ones.
Move our custom types to a valid range, and add an assert for good
measure to make sure we don't overflow FLTK's internal structures.
There is something broken with these FLTK draw routines on Windows. They
leave gaps at the start and end of the arc/pie rather than filling the
whole specified span. So we need to nudge the numbers a bit to work
around this.
Inspired by modern Windows appearance, and to some extent macOS. They
have flat boxes and use white, or very light, colors for interactive
elements. Unfortunately we can't directly control the colors of
widgets, so instead we just lighten everything that uses this box type.
GNOME uses a different design, both their older and newer style. But UI
look is less consistent on Linux, so hopefully our new look is decent
enough there as well.
gcc doesn't support -Wformat for the wide format versions of printf()
and friends yet:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=38308
Do what glibc does and have some commented out tags to show future
intent.
gettext replaces all *printf() functions on platforms that don't fully
conform to the POSIX behaviour. Unfortunately, gettext fails to tag
these replacement functions properly so that -Wformat can still do its
thing.
Resolve this by adding a redudant declaration of the relevant functions,
with the attribute tagging in place.
The size of size_t depends on the architecture, so we need to have
different conversion to and from strings. But we don't really need that
range, so avoid the issue by using a standard integer size.
We don't want to proceed unless we've made sure the user has approved
the issues with the certificate. So add an extra check that all status
flags have been dealt with.