This is mainly a copy of XKeysymToString() from libX11. We've also added
a wrapper that still gives a string, even if there is no name for the
requested keysym.

This grows the binaries a bit, but not with any extreme amount so is
hopefully worth it to get better debug logging.

These will always be byte streams at heart, so let's try to keep them
with a proper type. Should make it clearer how they will be used.

Clipboard functions may run on connections that are not yet at
RFBSTATE_NORMAL. Due to recent hardening of the accessCheck() function,
it is important to validate that the state is RFBSTATE_NORMAL before
calling accessCheck().

Fixes #1599.

It is much more natural than custom methods for this very common
operation.

It doesn't use any exceptions, so stop including the header for it.

These files don't use anything from this header, so remove the include.

This exposes some missing includes in other places, though. So add an
explicit include in the files that were relying on an indirect
inclusion.

Let's use a more common type instead of something homegrown. Should be
more familiar to new developers.

This mimics how some system functions (like inet_ntop()) work, and
avoids complexity around ownership of the returned string buffer.

The downside is that the string must be consumed directly as it will be
overwritten on the next call, but that is not an issue with the current
usage.

Avoid having our own custom stuff and instead use the modern, standard
types, for familiarity.

Avoid duplication, and add logging for some more error conditions so
it's possible to see in the logs why a resize has failed or produced
unexpected results.

The generally recommended way is to include it from source files, not
headers. We had a mix of both. Let's try to be consistent and follow the
recommended way.

This change adds support for the VMware Mouse Position
pseudo-encoding[1], which is used to notify VNC clients when X11 clients
call `XWarpPointer()`[2]. This function is called by SDL (and other
similar libraries)  when they detect that the server does not support
native relative motion, like some RFB clients.

With this, RFB clients can choose to adjust the local cursor position
under certain circumstances to match what the server has set. For
instance, if pointer lock has been enabled on the client's machine and
the cursor is not being drawn locally, the local position of the cursor
is irrelevant, so the RFB client can use what the server sends as the
canonical absolute position of the cursor. This ultimately enables the
possibility of games (especially FPS games) to behave how users expect
(if the clients implement the corresponding change).

Part of: #619

1: https://github.com/rfbproto/rfbproto/blob/master/rfbproto.rst#vmware-cursor-position-pseudo-encoding
2: https://tronche.com/gui/x/xlib/input/XWarpPointer.html
3: https://hg.libsdl.org/SDL/file/28e3b60e2131/src/events/SDL_mouse.c#l804

We computed a safe area if a client gave us a bogus one, but we didn't
actually use it. Fix this properly and make sure we don't pass on bad
coordinates further.

Sends response for SetDesktopSize as per the community wiki
specification

Major restructuring of how streams work. Neither input nor output
streams are now blocking. This avoids stalling the rest of the client or
server when a peer is slow or unresponsive.

Note that this puts an extra burden on users of streams to make sure
they are allowed to do their work once the underlying transports are
ready (e.g. monitoring fds).

Some systems (like TLS) need to send some final data before closing
a connection. Make sure this is properly handled by cleaning up the
security object before closing the underlying network socket.

External callers don't need to know the exact details, only if there is
data that needs to be flushed or not.

The principle can be used in a more general fashion than just TCP
streams.

There might be some final handshake data that is still stuck in the
buffers, so make a best effort attempt at getting it to the client.

It's a generic feature that is better handled as part of SConnection's
state machine.

Otherwise such clients cannot use Scroll Lock at all, and that is
probably worse than any effects we might get from getting out of sync.

Change the internal clipboard API to use a request based model in
order to be prepared for more advanced clipboard transfers.

We now filter incoming data, which means we can start assuming the
clipboard data is always null terminated. This allows us to clean
up a lot of the internal handling.

This provides some basic rate limiting that will make it difficult
for an attacker to brute force passwords. Only relevant when the
blacklist is disabled as otherwise the attacker only gets a very
limited number of attempts.

Make the API consisitent by requiring the caller to check what the client
supports before calling any of the write* functions. This avoids the
confusion that the functions might not always do anything.

Avoid having the callers need to know about the different variants
of these functions and instead have the writer pick the most appropriate
extension.

This is what the protocol requires, rather than sending what the
client specified in the request. This should be the same in practice
except for failures and possibly some races.

We need to check earlier if we are going to send this refresh or
not. Otherwise we send out pings pointlessly, and we also stall
the request loop with a client as we clear the requested region
without actually sending an update message.

It makes the logic a bit easier to follow, and also fixes the
case where just a fake update is needed.

Get this timeout in to the timer system as well to make things
simpler and more robust.

It is functionality specific to WinVNC, so move the code there
to make things more clear.

Better to check the actual list of supported encodings directly.
Makes parts more readable, and no risk of getting out of sync.

No need to spread things out. Keep all of the handling in a single
place to make things clearer.

Now that we've split out server state to ServerParams, ConnParams
only contains state for a client. Rename the class and variables
to reflect this.

Avoid direct access to the screen dimensions and layout so that we
can make sure it stays sane. This also makes sure the layout is
properly updated when we only get the screen dimensions from the
server.

Removed the last parts of VNCSConnectionST's back door in to
VNCServerST and let the parent class fully handle coordination of
clients, and access to the desktop.

This makes it generally useful and other code doesn't have to
know of the specific sub-class.

More encapsulation of functions that require coordinate between
clients.

There is some client coordination needed which is better encapsulated
inside VNCServerST. This also helps hiding the desktop from the
individual clients.

Avoid having VNCSConnectionST poking around in VNCServerST's internals
and instead access things via safer methods.

Make things simpler by making this a part of the SDesktop interface
that always needs to be implemented.

Force queryConnection() to always call back to approveConnection()
rather than return special values. This makes the flow easier to
follow as it will be the same in all cases.

If we have plenty of bandwidth then CPU might be the limiting resource.
Unfortunately we don't have a good number for that limit, so add a
conservative hard coded value.

If we're out of time then we will definitely overshoot, so don't even
try.

If an area recently changed then we can guess that it will most likely
change again very soon. In such a case it is meaningless to send a
lossless refresh as it will directly be overwritten. Keep track of
such areas and avoid refreshing them until we no longer see any
changes to them.

There might be parts of the screen that haven't changed and can
therefore be refreshed. Figure which parts these are and send just
those.

We don't want to waste bandwidth on the lossless refresh if we might
need that bandwidth for a normal update. Try to estimate how much
data we can safely send without interfering.

Resend pixel perfect copies of areas that were previously sent
using a lossy encoder. This is done when there is no normal update
to send, and no congestion.

We already have an assignment operator, so no need for this method.