It seems like many of the X11 operations can end up with no pixels
actually changing. So instead of discovering and adding workarounds for
each individually we'll just check very region added if it's empty.
Running as a service on a SELinux system requires rules so we can
transition to our own context. We also need the proper permissions
to start new user sessions.
This sets up a more correct session as there are key tasks that
need to be performed by PAM. E.g. systemd will allocate cgroups
and start base services.
In order to easily handle this as a system service the mapping of
displays is now done via a configuration file.
We need to be started as a system service for things to work correctly
anyway, so delegate the work of starting and stopping things to the
system service manager (e.g. systemd).
It is the most common init system these days so it should not be
hidden in the contrib/ directory.
This also removes all old SysV files from the contrib packages.
This allows Xvnc to build with xorg-server 1.20.7, which requires OS
layers to implement a ddxInputThreadInit function when configured with
--enable-input-thread (the default).
relevant xorg-server commit: e3f26605d8
When used with -fg we expect the startup script to remain running until
the session is over. This will not happen if the session command is put
in the background using &.
Don't allow subclasses to just override dimensions or buffer details
directly and instead force them to go via methods. This allows us
to do sanity checks on the new values and catch bugs and attacks.
We now filter incoming data, which means we can start assuming the
clipboard data is always null terminated. This allows us to clean
up a lot of the internal handling.
This is required by the protocol so we should make sure it is
enforced. We are tolerant of clients that violate this though and
convert incoming clipboard data.
There might be multiple clients using a single IP (e.g. NAT), which
can make the blacklist do more harm than good. So add a setting to
disable it if needed.
Don't build xserver with -I$(includedir) as it breaks cross-compiling
This is where to install headers to, not where to find headers to
build against. Toolchains should know where to locate their system
headers while non-system headers should be found using
pkg-config. Users with bizarre setups where the toolchain really
cannot find the system headers should set CPPFLAGS.
There is a range of key codes that are never sent by a real keyboard
and are therefore used by layouts to hide "fake" mappings. Make sure
to only use these as a fallback as some applications get confused
when they see these codes.
It doesn't belong on each socket server object as timers are global.
Force implementations to call the Timer system directly instead,
avoiding any middle men.
Do a proper cleanup when one of the termination timeouts trigger
rather than just exiting on the spot. This makes sure we don't leave
stray stuff around, e.g. unix socket files.
This makes VNCServer a sufficiently complete interface that callers
don't need to know about the specific implementation (VNCServerST
currently). And assuming that all servers will use sockets is not
that outrageous.
Removed the last parts of VNCSConnectionST's back door in to
VNCServerST and let the parent class fully handle coordination of
clients, and access to the desktop.
Force queryConnection() to always call back to approveConnection()
rather than return special values. This makes the flow easier to
follow as it will be the same in all cases.