This is mainly a copy of XKeysymToString() from libX11. We've also added
a wrapper that still gives a string, even if there is no name for the
requested keysym.
This grows the binaries a bit, but not with any extreme amount so is
hopefully worth it to get better debug logging.
VNCSConnectionST clipboard functions should check state before access.
Clipboard functions may run on connections that are not yet at
RFBSTATE_NORMAL. Due to recent hardening of the accessCheck() function,
it is important to validate that the state is RFBSTATE_NORMAL before
calling accessCheck().
Fixes #1599.
These files don't use anything from this header, so remove the include.
This exposes some missing includes in other places, though. So add an
explicit include in the files that were relying on an indirect
inclusion.
This mimics how some system functions (like inet_ntop()) work, and
avoids complexity around ownership of the returned string buffer.
The downside is that the string must be consumed directly as it will be
overwritten on the next call, but that is not an issue with the current
usage.
Avoid duplication, and add logging for some more error conditions so
it's possible to see in the logs why a resize has failed or produced
unexpected results.
The generally recommended way is to include it from source files, not
headers. We had a mix of both. Let's try to be consistent and follow the
recommended way.
Add support for notifying clients about pointer movements
This change adds support for the VMware Mouse Position
pseudo-encoding[1], which is used to notify VNC clients when X11 clients
call `XWarpPointer()`[2]. This function is called by SDL (and other
similar libraries) when they detect that the server does not support
native relative motion, like some RFB clients.
With this, RFB clients can choose to adjust the local cursor position
under certain circumstances to match what the server has set. For
instance, if pointer lock has been enabled on the client's machine and
the cursor is not being drawn locally, the local position of the cursor
is irrelevant, so the RFB client can use what the server sends as the
canonical absolute position of the cursor. This ultimately enables the
possibility of games (especially FPS games) to behave how users expect
(if the clients implement the corresponding change).
Part of: #619
1: https://github.com/rfbproto/rfbproto/blob/master/rfbproto.rst#vmware-cursor-position-pseudo-encoding
2: https://tronche.com/gui/x/xlib/input/XWarpPointer.html
3: https://hg.libsdl.org/SDL/file/28e3b60e2131/src/events/SDL_mouse.c#l804
We computed a safe area if a client gave us a bogus one, but we didn't
actually use it. Fix this properly and make sure we don't pass on bad
coordinates further.
Major restructuring of how streams work. Neither input nor output
streams are now blocking. This avoids stalling the rest of the client or
server when a peer is slow or unresponsive.
Note that this puts an extra burden on users of streams to make sure
they are allowed to do their work once the underlying transports are
ready (e.g. monitoring fds).
Some systems (like TLS) need to send some final data before closing
a connection. Make sure this is properly handled by cleaning up the
security object before closing the underlying network socket.
We now filter incoming data, which means we can start assuming the
clipboard data is always null terminated. This allows us to clean
up a lot of the internal handling.
This provides some basic rate limiting that will make it difficult
for an attacker to brute force passwords. Only relevant when the
blacklist is disabled as otherwise the attacker only gets a very
limited number of attempts.
Require all SMsgWriter caller to check capabilities
Make the API consisitent by requiring the caller to check what the client
supports before calling any of the write* functions. This avoids the
confusion that the functions might not always do anything.
This is what the protocol requires, rather than sending what the
client specified in the request. This should be the same in practice
except for failures and possibly some races.
We need to check earlier if we are going to send this refresh or
not. Otherwise we send out pings pointlessly, and we also stall
the request loop with a client as we clear the requested region
without actually sending an update message.
Avoid direct access to the screen dimensions and layout so that we
can make sure it stays sane. This also makes sure the layout is
properly updated when we only get the screen dimensions from the
server.
Removed the last parts of VNCSConnectionST's back door in to
VNCServerST and let the parent class fully handle coordination of
clients, and access to the desktop.
There is some client coordination needed which is better encapsulated
inside VNCServerST. This also helps hiding the desktop from the
individual clients.
Force queryConnection() to always call back to approveConnection()
rather than return special values. This makes the flow easier to
follow as it will be the same in all cases.
If we have plenty of bandwidth then CPU might be the limiting resource.
Unfortunately we don't have a good number for that limit, so add a
conservative hard coded value.
If an area recently changed then we can guess that it will most likely
change again very soon. In such a case it is meaningless to send a
lossless refresh as it will directly be overwritten. Keep track of
such areas and avoid refreshing them until we no longer see any
changes to them.
We don't want to waste bandwidth on the lossless refresh if we might
need that bandwidth for a normal update. Try to estimate how much
data we can safely send without interfering.
Resend pixel perfect copies of areas that were previously sent
using a lossy encoder. This is done when there is no normal update
to send, and no congestion.