Compare commits
No commits in common. "c8" and "c9s" have entirely different histories.
6
.gitignore
vendored
6
.gitignore
vendored
@ -1 +1,5 @@
|
||||
SOURCES/gnome-remote-desktop-0.1.8.tar.xz
|
||||
/gnome-remote-desktop-0.1.*.tar.xz
|
||||
/gnome-remote-desktop-40.beta.tar.xz
|
||||
/gnome-remote-desktop-40.rc.tar.xz
|
||||
/gnome-remote-desktop-40.0.tar.xz
|
||||
/LibVNCServer-0.9.13.tar.gz
|
||||
|
@ -1 +0,0 @@
|
||||
3347257bd906cd0ca86887c692befd8d412afab1 SOURCES/gnome-remote-desktop-0.1.8.tar.xz
|
@ -0,0 +1,92 @@
|
||||
From fdc71dd25c8505b3580e70afd4b4213cad8f8ebb Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Mon, 25 Oct 2021 16:14:26 +0200
|
||||
Subject: [PATCH] crypto: Don't compile SHA1 support when Websockets are
|
||||
disabled
|
||||
|
||||
SHA1 is not ideal, security wise. Let's make sure we don't even have it
|
||||
compiled when nothing depends on it, e.g. Websockets.
|
||||
---
|
||||
common/crypto.h | 2 ++
|
||||
common/crypto_included.c | 2 ++
|
||||
common/crypto_libgcrypt.c | 2 ++
|
||||
common/crypto_openssl.c | 2 ++
|
||||
4 files changed, 8 insertions(+)
|
||||
|
||||
diff --git a/common/crypto.h b/common/crypto.h
|
||||
index 04be9304..c1f32194 100644
|
||||
--- a/common/crypto.h
|
||||
+++ b/common/crypto.h
|
||||
@@ -11,7 +11,9 @@
|
||||
int hash_md5(void *out, const void *in, const size_t in_len);
|
||||
|
||||
/* Generates an SHA1 hash of 'in' and writes it to 'out', which must be 20 bytes in size. */
|
||||
+#ifdef LIBVNCSERVER_WITH_WEBSOCKETS
|
||||
int hash_sha1(void *out, const void *in, const size_t in_len);
|
||||
+#endif
|
||||
|
||||
/* Fill 'out' with 'len' random bytes. */
|
||||
void random_bytes(void *out, size_t len);
|
||||
diff --git a/common/crypto_included.c b/common/crypto_included.c
|
||||
index b359336f..cf8d43c2 100644
|
||||
--- a/common/crypto_included.c
|
||||
+++ b/common/crypto_included.c
|
||||
@@ -33,6 +33,7 @@ int hash_md5(void *out, const void *in, const size_t in_len)
|
||||
return 0;
|
||||
}
|
||||
|
||||
+#ifdef LIBVNCSERVER_WITH_WEBSOCKETS
|
||||
int hash_sha1(void *out, const void *in, const size_t in_len)
|
||||
{
|
||||
SHA1Context sha1;
|
||||
@@ -45,6 +46,7 @@ int hash_sha1(void *out, const void *in, const size_t in_len)
|
||||
|
||||
return 1;
|
||||
}
|
||||
+#endif /* LIBVNCSERVER_WITH_WEBSOCKETS */
|
||||
|
||||
void random_bytes(void *out, size_t len)
|
||||
{
|
||||
diff --git a/common/crypto_libgcrypt.c b/common/crypto_libgcrypt.c
|
||||
index 34d845b4..f62bdaf8 100644
|
||||
--- a/common/crypto_libgcrypt.c
|
||||
+++ b/common/crypto_libgcrypt.c
|
||||
@@ -74,6 +74,7 @@ int hash_md5(void *out, const void *in, const size_t in_len)
|
||||
return result;
|
||||
}
|
||||
|
||||
+#ifdef LIBVNCSERVER_WITH_WEBSOCKETS
|
||||
int hash_sha1(void *out, const void *in, const size_t in_len)
|
||||
{
|
||||
int result = 0;
|
||||
@@ -98,6 +99,7 @@ int hash_sha1(void *out, const void *in, const size_t in_len)
|
||||
gcry_md_close(sha1);
|
||||
return result;
|
||||
}
|
||||
+#endif /* LIBVNCSERVER_WITH_WEBSOCKETS */
|
||||
|
||||
void random_bytes(void *out, size_t len)
|
||||
{
|
||||
diff --git a/common/crypto_openssl.c b/common/crypto_openssl.c
|
||||
index 60d4bd4d..9816eb04 100644
|
||||
--- a/common/crypto_openssl.c
|
||||
+++ b/common/crypto_openssl.c
|
||||
@@ -49,6 +49,7 @@ int hash_md5(void *out, const void *in, const size_t in_len)
|
||||
return 1;
|
||||
}
|
||||
|
||||
+#ifdef LIBVNCSERVER_WITH_WEBSOCKETS
|
||||
int hash_sha1(void *out, const void *in, const size_t in_len)
|
||||
{
|
||||
SHA_CTX sha1;
|
||||
@@ -60,6 +61,7 @@ int hash_sha1(void *out, const void *in, const size_t in_len)
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
+#endif /* LIBVNCSERVER_WITH_WEBSOCKETS */
|
||||
|
||||
void random_bytes(void *out, size_t len)
|
||||
{
|
||||
--
|
||||
2.31.1
|
||||
|
241
0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
Normal file
241
0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
Normal file
@ -0,0 +1,241 @@
|
||||
From e4849b01fec4494057728d1aa3a165ed21705682 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Mon, 11 Jun 2018 23:47:02 +0200
|
||||
Subject: [PATCH 1/4] libvncserver: Add API to add custom I/O entry points
|
||||
|
||||
Add API to make it possible to channel RFB input and output through
|
||||
another layer, for example TLS. This is done by making it possible to
|
||||
override the default read/write/peek functions.
|
||||
---
|
||||
libvncserver/rfbserver.c | 4 ++
|
||||
libvncserver/sockets.c | 79 ++++++++++++++++++++++++++++++++++++----
|
||||
rfb/rfb.h | 17 +++++++++
|
||||
3 files changed, 93 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
|
||||
index e9eaa5fc..72e9ba79 100644
|
||||
--- a/libvncserver/rfbserver.c
|
||||
+++ b/libvncserver/rfbserver.c
|
||||
@@ -319,6 +319,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen,
|
||||
|
||||
cl->screen = rfbScreen;
|
||||
cl->sock = sock;
|
||||
+ cl->readFromSocket = rfbDefaultReadFromSocket;
|
||||
+ cl->peekAtSocket = rfbDefaultPeekAtSocket;
|
||||
+ cl->hasPendingOnSocket = rfbDefaultHasPendingOnSocket;
|
||||
+ cl->writeToSocket = rfbDefaultWriteToSocket;
|
||||
cl->viewOnly = FALSE;
|
||||
/* setup pseudo scaling */
|
||||
cl->scaledScreen = rfbScreen;
|
||||
diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c
|
||||
index 2c87376b..4bb881ec 100644
|
||||
--- a/libvncserver/sockets.c
|
||||
+++ b/libvncserver/sockets.c
|
||||
@@ -101,6 +101,9 @@ int deny_severity=LOG_WARNING;
|
||||
int rfbMaxClientWait = 20000; /* time (ms) after which we decide client has
|
||||
gone away - needed to stop us hanging */
|
||||
|
||||
+static rfbBool
|
||||
+rfbHasPendingOnSocket(rfbClientPtr cl);
|
||||
+
|
||||
static rfbBool
|
||||
rfbNewConnectionFromSock(rfbScreenInfoPtr rfbScreen, rfbSocket sock)
|
||||
{
|
||||
@@ -364,16 +367,20 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec)
|
||||
tv.tv_usec = usec;
|
||||
nfds = select(rfbScreen->maxFd + 1, &fds, NULL, NULL /* &fds */, &tv);
|
||||
if (nfds == 0) {
|
||||
+ rfbBool hasPendingData = FALSE;
|
||||
+
|
||||
/* timed out, check for async events */
|
||||
i = rfbGetClientIterator(rfbScreen);
|
||||
while((cl = rfbClientIteratorNext(i))) {
|
||||
if (cl->onHold)
|
||||
continue;
|
||||
+ hasPendingData |= rfbHasPendingOnSocket(cl);
|
||||
if (FD_ISSET(cl->sock, &(rfbScreen->allFds)))
|
||||
rfbSendFileTransferChunk(cl);
|
||||
}
|
||||
rfbReleaseClientIterator(i);
|
||||
- return result;
|
||||
+ if (!hasPendingData)
|
||||
+ return result;
|
||||
}
|
||||
|
||||
if (nfds < 0) {
|
||||
@@ -449,9 +456,11 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec)
|
||||
if (cl->onHold)
|
||||
continue;
|
||||
|
||||
- if (FD_ISSET(cl->sock, &(rfbScreen->allFds)))
|
||||
+ if (rfbHasPendingOnSocket (cl) ||
|
||||
+ FD_ISSET(cl->sock, &(rfbScreen->allFds)))
|
||||
{
|
||||
- if (FD_ISSET(cl->sock, &fds))
|
||||
+ if (rfbHasPendingOnSocket (cl) ||
|
||||
+ FD_ISSET(cl->sock, &fds))
|
||||
{
|
||||
#ifdef LIBVNCSERVER_WITH_WEBSOCKETS
|
||||
do {
|
||||
@@ -614,6 +623,30 @@ rfbConnect(rfbScreenInfoPtr rfbScreen,
|
||||
return sock;
|
||||
}
|
||||
|
||||
+int
|
||||
+rfbDefaultReadFromSocket(rfbClientPtr cl, char *buf, int len)
|
||||
+{
|
||||
+ return read(cl->sock, buf, len);
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+rfbReadFromSocket(rfbClientPtr cl, char *buf, int len)
|
||||
+{
|
||||
+ return cl->readFromSocket(cl, buf, len);
|
||||
+}
|
||||
+
|
||||
+rfbBool
|
||||
+rfbDefaultHasPendingOnSocket(rfbClientPtr cl)
|
||||
+{
|
||||
+ return FALSE;
|
||||
+}
|
||||
+
|
||||
+static rfbBool
|
||||
+rfbHasPendingOnSocket(rfbClientPtr cl)
|
||||
+{
|
||||
+ return cl->hasPendingOnSocket(cl);
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* ReadExact reads an exact number of bytes from a client. Returns 1 if
|
||||
* those bytes have been read, 0 if the other end has closed, or -1 if an error
|
||||
@@ -635,10 +668,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
|
||||
} else if (cl->sslctx) {
|
||||
n = rfbssl_read(cl, buf, len);
|
||||
} else {
|
||||
- n = read(sock, buf, len);
|
||||
+ n = rfbReadFromSocket(cl, buf, len);
|
||||
}
|
||||
#else
|
||||
- n = read(sock, buf, len);
|
||||
+ n = rfbReadFromSocket(cl, buf, len);
|
||||
#endif
|
||||
|
||||
if (n > 0) {
|
||||
@@ -670,6 +703,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
|
||||
continue;
|
||||
}
|
||||
#endif
|
||||
+
|
||||
+ if (rfbHasPendingOnSocket(cl))
|
||||
+ continue;
|
||||
+
|
||||
FD_ZERO(&fds);
|
||||
FD_SET(sock, &fds);
|
||||
tv.tv_sec = timeout / 1000;
|
||||
@@ -706,6 +743,18 @@ int rfbReadExact(rfbClientPtr cl,char* buf,int len)
|
||||
return(rfbReadExactTimeout(cl,buf,len,rfbMaxClientWait));
|
||||
}
|
||||
|
||||
+int
|
||||
+rfbDefaultPeekAtSocket(rfbClientPtr cl, char *buf, int len)
|
||||
+{
|
||||
+ return recv(cl->sock, buf, len, MSG_PEEK);
|
||||
+}
|
||||
+
|
||||
+int
|
||||
+rfbPeekAtSocket(rfbClientPtr cl, char *buf, int len)
|
||||
+{
|
||||
+ cl->peekAtSocket(cl, buf, len);
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* PeekExact peeks at an exact number of bytes from a client. Returns 1 if
|
||||
* those bytes have been read, 0 if the other end has closed, or -1 if an
|
||||
@@ -726,7 +775,7 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
|
||||
n = rfbssl_peek(cl, buf, len);
|
||||
else
|
||||
#endif
|
||||
- n = recv(sock, buf, len, MSG_PEEK);
|
||||
+ n = rfbPeekAtSocket(cl, buf, len);
|
||||
|
||||
if (n == len) {
|
||||
|
||||
@@ -782,6 +831,22 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
|
||||
return 1;
|
||||
}
|
||||
|
||||
+int
|
||||
+rfbDefaultWriteToSocket(rfbClientPtr cl,
|
||||
+ const char *buf,
|
||||
+ int len)
|
||||
+{
|
||||
+ return write(cl->sock, buf, len);
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+rfbWriteToSocket(rfbClientPtr cl,
|
||||
+ const char *buf,
|
||||
+ int len)
|
||||
+{
|
||||
+ return cl->writeToSocket(cl, buf, len);
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* WriteExact writes an exact number of bytes to a client. Returns 1 if
|
||||
* those bytes have been written, or -1 if an error occurred (errno is set to
|
||||
@@ -826,7 +891,7 @@ rfbWriteExact(rfbClientPtr cl,
|
||||
n = rfbssl_write(cl, buf, len);
|
||||
else
|
||||
#endif
|
||||
- n = write(sock, buf, len);
|
||||
+ n = rfbWriteToSocket(cl, buf, len);
|
||||
|
||||
if (n > 0) {
|
||||
|
||||
diff --git a/rfb/rfb.h b/rfb/rfb.h
|
||||
index 5e9ba86f..3c0b25a3 100644
|
||||
--- a/rfb/rfb.h
|
||||
+++ b/rfb/rfb.h
|
||||
@@ -387,6 +387,14 @@ typedef struct sraRegion* sraRegionPtr;
|
||||
typedef void (*ClientGoneHookPtr)(struct _rfbClientRec* cl);
|
||||
typedef void (*ClientFramebufferUpdateRequestHookPtr)(struct _rfbClientRec* cl, rfbFramebufferUpdateRequestMsg* furMsg);
|
||||
|
||||
+typedef int (*ClientReadFromSocket)(struct _rfbClientRec* cl,
|
||||
+ char *buf, int len);
|
||||
+typedef int (*ClientPeekAtSocket)(struct _rfbClientRec* cl,
|
||||
+ char *buf, int len);
|
||||
+typedef rfbBool (*ClientHasPendingOnSocket)(struct _rfbClientRec* cl);
|
||||
+typedef int (*ClientWriteToSocket)(struct _rfbClientRec* cl,
|
||||
+ const char *buf, int len);
|
||||
+
|
||||
typedef struct _rfbFileTransferData {
|
||||
int fd;
|
||||
int compressionEnabled;
|
||||
@@ -680,6 +688,11 @@ typedef struct _rfbClientRec {
|
||||
rfbBool useExtDesktopSize;
|
||||
int requestedDesktopSizeChange;
|
||||
int lastDesktopSizeChangeError;
|
||||
+
|
||||
+ ClientReadFromSocket readFromSocket; /* Read data from socket */
|
||||
+ ClientPeekAtSocket peekAtSocket; /* Peek at data from socket */
|
||||
+ ClientHasPendingOnSocket hasPendingOnSocket; /* Peek at data from socket */
|
||||
+ ClientWriteToSocket writeToSocket; /* Write data to socket */
|
||||
} rfbClientRec, *rfbClientPtr;
|
||||
|
||||
/**
|
||||
@@ -732,8 +745,12 @@ extern void rfbDisconnectUDPSock(rfbScreenInfoPtr rfbScreen);
|
||||
extern void rfbCloseClient(rfbClientPtr cl);
|
||||
extern int rfbReadExact(rfbClientPtr cl, char *buf, int len);
|
||||
extern int rfbReadExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout);
|
||||
+extern int rfbDefaultReadFromSocket(rfbClientPtr cl, char *buf, int len);
|
||||
extern int rfbPeekExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout);
|
||||
+extern int rfbDefaultPeekAtSocket(rfbClientPtr cl, char *buf, int len);
|
||||
+extern rfbBool rfbDefaultHasPendingOnSocket(rfbClientPtr cl);
|
||||
extern int rfbWriteExact(rfbClientPtr cl, const char *buf, int len);
|
||||
+extern int rfbDefaultWriteToSocket(rfbClientPtr cl, const char *buf, int len);
|
||||
extern int rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec);
|
||||
extern rfbSocket rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port);
|
||||
extern rfbSocket rfbConnectToTcpAddr(char* host, int port);
|
||||
--
|
||||
2.28.0
|
||||
|
@ -0,0 +1,28 @@
|
||||
From d138cf90130b0e8d5062f136ecdbcaa85e734d5d Mon Sep 17 00:00:00 2001
|
||||
From: Christian Beier <info@christianbeier.net>
|
||||
Date: Mon, 20 Jul 2020 22:33:29 +0200
|
||||
Subject: [PATCH] libvncserver: don't NULL out internal of the default cursor
|
||||
|
||||
...otherwise an rfbScreen created after rfbScreenCleanup() was called
|
||||
gets assigned an invalid cursor struct.
|
||||
---
|
||||
libvncserver/main.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libvncserver/main.c b/libvncserver/main.c
|
||||
index 9149fda3..a3a711e3 100644
|
||||
--- a/libvncserver/main.c
|
||||
+++ b/libvncserver/main.c
|
||||
@@ -1110,7 +1110,8 @@ void rfbScreenCleanup(rfbScreenInfoPtr screen)
|
||||
FREE_IF(underCursorBuffer);
|
||||
TINI_MUTEX(screen->cursorMutex);
|
||||
|
||||
- rfbFreeCursor(screen->cursor);
|
||||
+ if(screen->cursor != &myCursor)
|
||||
+ rfbFreeCursor(screen->cursor);
|
||||
|
||||
#ifdef LIBVNCSERVER_HAVE_LIBZ
|
||||
rfbZlibCleanup(screen);
|
||||
--
|
||||
2.28.0
|
||||
|
53
0001-pipewire-stream-Don-t-leak-GSource-s.patch
Normal file
53
0001-pipewire-stream-Don-t-leak-GSource-s.patch
Normal file
@ -0,0 +1,53 @@
|
||||
From 2fba1c597f272516759933ee439e6fef3f6142f3 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Tue, 6 Apr 2021 11:32:14 +0200
|
||||
Subject: [PATCH] pipewire-stream: Don't leak GSource's
|
||||
|
||||
The pipewire loop is owned by the source, and failing to free it means
|
||||
pipewire will keep file descriptors open indefinitely.
|
||||
|
||||
While we properly "destroy":ed the source, destroying it only removes it
|
||||
from the context, it doesn't destroy or unref it. To also free it, we
|
||||
also need to unref it.
|
||||
---
|
||||
src/grd-rdp-pipewire-stream.c | 6 +++++-
|
||||
src/grd-vnc-pipewire-stream.c | 6 +++++-
|
||||
2 files changed, 10 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/grd-rdp-pipewire-stream.c b/src/grd-rdp-pipewire-stream.c
|
||||
index 09015e7..6c79312 100644
|
||||
--- a/src/grd-rdp-pipewire-stream.c
|
||||
+++ b/src/grd-rdp-pipewire-stream.c
|
||||
@@ -577,7 +577,11 @@ grd_rdp_pipewire_stream_finalize (GObject *object)
|
||||
|
||||
g_clear_pointer (&stream->pipewire_core, pw_core_disconnect);
|
||||
g_clear_pointer (&stream->pipewire_context, pw_context_destroy);
|
||||
- g_clear_pointer (&stream->pipewire_source, g_source_destroy);
|
||||
+ if (stream->pipewire_source)
|
||||
+ {
|
||||
+ g_source_destroy (stream->pipewire_source);
|
||||
+ g_clear_pointer (&stream->pipewire_source, g_source_unref);
|
||||
+ }
|
||||
|
||||
G_OBJECT_CLASS (grd_rdp_pipewire_stream_parent_class)->finalize (object);
|
||||
}
|
||||
diff --git a/src/grd-vnc-pipewire-stream.c b/src/grd-vnc-pipewire-stream.c
|
||||
index 82ceb9b..5085062 100644
|
||||
--- a/src/grd-vnc-pipewire-stream.c
|
||||
+++ b/src/grd-vnc-pipewire-stream.c
|
||||
@@ -594,7 +594,11 @@ grd_vnc_pipewire_stream_finalize (GObject *object)
|
||||
|
||||
g_clear_pointer (&stream->pipewire_core, pw_core_disconnect);
|
||||
g_clear_pointer (&stream->pipewire_context, pw_context_destroy);
|
||||
- g_clear_pointer (&stream->pipewire_source, g_source_destroy);
|
||||
+ if (stream->pipewire_source)
|
||||
+ {
|
||||
+ g_source_destroy (stream->pipewire_source);
|
||||
+ g_clear_pointer (&stream->pipewire_source, g_source_unref);
|
||||
+ }
|
||||
|
||||
G_OBJECT_CLASS (grd_vnc_pipewire_stream_parent_class)->finalize (object);
|
||||
}
|
||||
--
|
||||
2.31.1
|
||||
|
@ -0,0 +1,71 @@
|
||||
From 81172effba7c70d3b2932c67be79a2924eae9d73 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Mon, 12 Oct 2020 17:34:30 +0200
|
||||
Subject: [PATCH] vnc: Copy pixels using the right destination stride
|
||||
|
||||
We're copying the pixels in a separate thread managed by PipeWire, and
|
||||
in this thread, accessing the VNC framebuffer dimension and stride is
|
||||
racy. Instead of fetching the dimension directly, pass the expected
|
||||
width and get the stride it will eventually have.
|
||||
|
||||
Already before this patch, when the copied pixel end up on the main
|
||||
thread and the dimension still doesn't match up, the frame will be
|
||||
dropped.
|
||||
---
|
||||
src/grd-session-vnc.c | 5 +++--
|
||||
src/grd-session-vnc.h | 3 ++-
|
||||
src/grd-vnc-pipewire-stream.c | 5 +++--
|
||||
3 files changed, 8 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/grd-session-vnc.c b/src/grd-session-vnc.c
|
||||
index 69fb33d..f4835aa 100644
|
||||
--- a/src/grd-session-vnc.c
|
||||
+++ b/src/grd-session-vnc.c
|
||||
@@ -535,9 +535,10 @@ grd_session_vnc_get_fd (GrdSessionVnc *session_vnc)
|
||||
}
|
||||
|
||||
int
|
||||
-grd_session_vnc_get_framebuffer_stride (GrdSessionVnc *session_vnc)
|
||||
+grd_session_vnc_get_stride_for_width (GrdSessionVnc *session_vnc,
|
||||
+ int width)
|
||||
{
|
||||
- return session_vnc->rfb_screen->paddedWidthInBytes;
|
||||
+ return width * BGRX_BYTES_PER_PIXEL;
|
||||
}
|
||||
|
||||
rfbClientPtr
|
||||
diff --git a/src/grd-session-vnc.h b/src/grd-session-vnc.h
|
||||
index 0d01ad3..ccd046c 100644
|
||||
--- a/src/grd-session-vnc.h
|
||||
+++ b/src/grd-session-vnc.h
|
||||
@@ -60,7 +60,8 @@ void grd_session_vnc_move_cursor (GrdSessionVnc *session_vnc,
|
||||
|
||||
int grd_session_vnc_get_fd (GrdSessionVnc *session_vnc);
|
||||
|
||||
-int grd_session_vnc_get_framebuffer_stride (GrdSessionVnc *session_vnc);
|
||||
+int grd_session_vnc_get_stride_for_width (GrdSessionVnc *session_vnc,
|
||||
+ int width);
|
||||
|
||||
gboolean grd_session_vnc_is_client_gone (GrdSessionVnc *session_vnc);
|
||||
|
||||
diff --git a/src/grd-vnc-pipewire-stream.c b/src/grd-vnc-pipewire-stream.c
|
||||
index 96dd7c9..82ceb9b 100644
|
||||
--- a/src/grd-vnc-pipewire-stream.c
|
||||
+++ b/src/grd-vnc-pipewire-stream.c
|
||||
@@ -326,10 +326,11 @@ process_buffer (GrdVncPipeWireStream *stream,
|
||||
int height;
|
||||
int y;
|
||||
|
||||
- src_stride = buffer->datas[0].chunk->stride;
|
||||
- dst_stride = grd_session_vnc_get_framebuffer_stride (stream->session);
|
||||
height = stream->spa_format.size.height;
|
||||
width = stream->spa_format.size.width;
|
||||
+ src_stride = buffer->datas[0].chunk->stride;
|
||||
+ dst_stride = grd_session_vnc_get_stride_for_width (stream->session,
|
||||
+ width);
|
||||
|
||||
frame->data = g_malloc (height * dst_stride);
|
||||
for (y = 0; y < height; y++)
|
||||
--
|
||||
2.28.0
|
||||
|
80
0001-vnc-Drop-frames-if-client-is-gone.patch
Normal file
80
0001-vnc-Drop-frames-if-client-is-gone.patch
Normal file
@ -0,0 +1,80 @@
|
||||
From ab97841629f5f3f4fab9993b6255b6ae04828b9c Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Wed, 9 Sep 2020 10:14:20 +0200
|
||||
Subject: [PATCH] vnc: Drop frames if client is gone
|
||||
|
||||
Frames from PipeWire are posted asynchronously from a I/O thread to the
|
||||
main thread where they are turned into VNC frame updates and cursor
|
||||
movements. On the other hand, sessions are closed asynchronously when
|
||||
the VNC client disappears. If a frame ended up on the main thread after
|
||||
a client disappeared but before the session and stream was closed, we'd
|
||||
try to turn the new frames into VNC updates without a client being
|
||||
available, causing use after free.
|
||||
|
||||
Fix this by dropping frames that happens during this time frame.
|
||||
|
||||
Closes: https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/43
|
||||
---
|
||||
src/grd-session-vnc.c | 7 +++++++
|
||||
src/grd-session-vnc.h | 2 ++
|
||||
src/grd-vnc-pipewire-stream.c | 8 ++++++++
|
||||
3 files changed, 17 insertions(+)
|
||||
|
||||
diff --git a/src/grd-session-vnc.c b/src/grd-session-vnc.c
|
||||
index 813838a..a06d34d 100644
|
||||
--- a/src/grd-session-vnc.c
|
||||
+++ b/src/grd-session-vnc.c
|
||||
@@ -209,6 +209,12 @@ maybe_queue_close_session_idle (GrdSessionVnc *session_vnc)
|
||||
g_idle_add (close_session_idle, session_vnc);
|
||||
}
|
||||
|
||||
+gboolean
|
||||
+grd_session_vnc_is_client_gone (GrdSessionVnc *session_vnc)
|
||||
+{
|
||||
+ return !session_vnc->rfb_client;
|
||||
+}
|
||||
+
|
||||
static void
|
||||
handle_client_gone (rfbClientPtr rfb_client)
|
||||
{
|
||||
@@ -218,6 +224,7 @@ handle_client_gone (rfbClientPtr rfb_client)
|
||||
|
||||
grd_session_vnc_detach_source (session_vnc);
|
||||
maybe_queue_close_session_idle (session_vnc);
|
||||
+ session_vnc->rfb_client = NULL;
|
||||
}
|
||||
|
||||
static void
|
||||
diff --git a/src/grd-session-vnc.h b/src/grd-session-vnc.h
|
||||
index 579a12a..07678c8 100644
|
||||
--- a/src/grd-session-vnc.h
|
||||
+++ b/src/grd-session-vnc.h
|
||||
@@ -57,4 +57,6 @@ void grd_session_vnc_move_cursor (GrdSessionVnc *session_vnc,
|
||||
|
||||
int grd_session_vnc_get_framebuffer_stride (GrdSessionVnc *session_vnc);
|
||||
|
||||
+gboolean grd_session_vnc_is_client_gone (GrdSessionVnc *session_vnc);
|
||||
+
|
||||
#endif /* GRD_SESSION_VNC_H */
|
||||
diff --git a/src/grd-vnc-pipewire-stream.c b/src/grd-vnc-pipewire-stream.c
|
||||
index 78793c4..96dd7c9 100644
|
||||
--- a/src/grd-vnc-pipewire-stream.c
|
||||
+++ b/src/grd-vnc-pipewire-stream.c
|
||||
@@ -234,6 +234,14 @@ do_render (struct spa_loop *loop,
|
||||
if (!frame)
|
||||
return 0;
|
||||
|
||||
+ if (grd_session_vnc_is_client_gone (stream->session))
|
||||
+ {
|
||||
+ g_free (frame->data);
|
||||
+ g_clear_pointer (&frame->rfb_cursor, rfbFreeCursor);
|
||||
+ g_free (frame);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
if (frame->rfb_cursor)
|
||||
grd_session_vnc_set_cursor (stream->session, frame->rfb_cursor);
|
||||
|
||||
--
|
||||
2.26.2
|
||||
|
@ -63,7 +63,7 @@ index 88c07be..261292a 100644
|
||||
+ {
|
||||
+ memcpy (((uint8_t *) frame->data) + y * dst_stride,
|
||||
+ ((uint8_t *) src_data) + y * src_stride,
|
||||
+ dst_stride);
|
||||
+ stream->spa_format.size.width * 4);
|
||||
+ }
|
||||
|
||||
if (map)
|
368
0002-libvncserver-Add-channel-security-handlers.patch
Normal file
368
0002-libvncserver-Add-channel-security-handlers.patch
Normal file
@ -0,0 +1,368 @@
|
||||
From c9131a78878a785c3de21e9d49521d7b68400ad7 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Mon, 11 Jun 2018 23:50:05 +0200
|
||||
Subject: [PATCH 2/4] libvncserver: Add channel security handlers
|
||||
|
||||
Add another type of security handler that is meant to be used initially
|
||||
to set up a secure channel. Regular security handlers would be
|
||||
advertised and processed after any channel security have succeeded.
|
||||
|
||||
For example, this, together with the custom I/O functions allows a
|
||||
LibVNCServer user to implement TLS in combination with VNCAuth. This is
|
||||
done by adding a single channel security handler with the rfbTLS (18)
|
||||
with a handler that initiates a TLS session, and when a TLS session is
|
||||
initiated, the regular security handler list is sent.
|
||||
---
|
||||
libvncserver/auth.c | 164 ++++++++++++++++++++++++++++++---------
|
||||
libvncserver/rfbserver.c | 1 +
|
||||
rfb/rfb.h | 15 +++-
|
||||
3 files changed, 142 insertions(+), 38 deletions(-)
|
||||
|
||||
diff --git a/libvncserver/auth.c b/libvncserver/auth.c
|
||||
index 814a8142..55e0b3c9 100644
|
||||
--- a/libvncserver/auth.c
|
||||
+++ b/libvncserver/auth.c
|
||||
@@ -37,18 +37,17 @@ void rfbClientSendString(rfbClientPtr cl, const char *reason);
|
||||
* Handle security types
|
||||
*/
|
||||
|
||||
+/* Channel security handlers to set up a secure channel, e.g. TLS. */
|
||||
+static rfbSecurityHandler* channelSecurityHandlers = NULL;
|
||||
+
|
||||
+/* Security handlers when channel security is established. */
|
||||
static rfbSecurityHandler* securityHandlers = NULL;
|
||||
|
||||
-/*
|
||||
- * This method registers a list of new security types.
|
||||
- * It avoids same security type getting registered multiple times.
|
||||
- * The order is not preserved if multiple security types are
|
||||
- * registered at one-go.
|
||||
- */
|
||||
void
|
||||
-rfbRegisterSecurityHandler(rfbSecurityHandler* handler)
|
||||
+rfbRegisterSecurityHandlerTo(rfbSecurityHandler* handler,
|
||||
+ rfbSecurityHandler** handlerList)
|
||||
{
|
||||
- rfbSecurityHandler *head = securityHandlers, *next = NULL;
|
||||
+ rfbSecurityHandler *head = *handlerList, *next = NULL;
|
||||
|
||||
if(handler == NULL)
|
||||
return;
|
||||
@@ -57,39 +56,35 @@ rfbRegisterSecurityHandler(rfbSecurityHandler* handler)
|
||||
|
||||
while(head != NULL) {
|
||||
if(head == handler) {
|
||||
- rfbRegisterSecurityHandler(next);
|
||||
+ rfbRegisterSecurityHandlerTo(next, handlerList);
|
||||
return;
|
||||
}
|
||||
|
||||
head = head->next;
|
||||
}
|
||||
|
||||
- handler->next = securityHandlers;
|
||||
- securityHandlers = handler;
|
||||
+ handler->next = *handlerList;
|
||||
+ *handlerList = handler;
|
||||
|
||||
- rfbRegisterSecurityHandler(next);
|
||||
+ rfbRegisterSecurityHandlerTo(next, handlerList);
|
||||
}
|
||||
|
||||
-/*
|
||||
- * This method unregisters a list of security types.
|
||||
- * These security types won't be available for any new
|
||||
- * client connection.
|
||||
- */
|
||||
-void
|
||||
-rfbUnregisterSecurityHandler(rfbSecurityHandler* handler)
|
||||
+static void
|
||||
+rfbUnregisterSecurityHandlerFrom(rfbSecurityHandler* handler,
|
||||
+ rfbSecurityHandler** handlerList)
|
||||
{
|
||||
rfbSecurityHandler *cur = NULL, *pre = NULL;
|
||||
|
||||
if(handler == NULL)
|
||||
return;
|
||||
|
||||
- if(securityHandlers == handler) {
|
||||
- securityHandlers = securityHandlers->next;
|
||||
- rfbUnregisterSecurityHandler(handler->next);
|
||||
+ if(*handlerList == handler) {
|
||||
+ *handlerList = (*handlerList)->next;
|
||||
+ rfbUnregisterSecurityHandlerFrom(handler->next, handlerList);
|
||||
return;
|
||||
}
|
||||
|
||||
- cur = pre = securityHandlers;
|
||||
+ cur = pre = *handlerList;
|
||||
|
||||
while(cur) {
|
||||
if(cur == handler) {
|
||||
@@ -99,7 +94,50 @@ rfbUnregisterSecurityHandler(rfbSecurityHandler* handler)
|
||||
pre = cur;
|
||||
cur = cur->next;
|
||||
}
|
||||
- rfbUnregisterSecurityHandler(handler->next);
|
||||
+ rfbUnregisterSecurityHandlerFrom(handler->next, handlerList);
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler)
|
||||
+{
|
||||
+ rfbRegisterSecurityHandlerTo(handler, &channelSecurityHandlers);
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * This method unregisters a list of security types.
|
||||
+ * These security types won't be available for any new
|
||||
+ * client connection.
|
||||
+ */
|
||||
+
|
||||
+void
|
||||
+rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler)
|
||||
+{
|
||||
+ rfbUnregisterSecurityHandlerFrom(handler, &channelSecurityHandlers);
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * This method registers a list of new security types.
|
||||
+ * It avoids same security type getting registered multiple times.
|
||||
+ * The order is not preserved if multiple security types are
|
||||
+ * registered at one-go.
|
||||
+ */
|
||||
+
|
||||
+void
|
||||
+rfbRegisterSecurityHandler(rfbSecurityHandler* handler)
|
||||
+{
|
||||
+ rfbRegisterSecurityHandlerTo(handler, &securityHandlers);
|
||||
+}
|
||||
+
|
||||
+/*
|
||||
+ * This method unregisters a list of security types.
|
||||
+ * These security types won't be available for any new
|
||||
+ * client connection.
|
||||
+ */
|
||||
+
|
||||
+void
|
||||
+rfbUnregisterSecurityHandler(rfbSecurityHandler* handler)
|
||||
+{
|
||||
+ rfbUnregisterSecurityHandlerFrom(handler, &securityHandlers);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -197,9 +235,22 @@ static rfbSecurityHandler VncSecurityHandlerNone = {
|
||||
NULL
|
||||
};
|
||||
|
||||
+static int32_t
|
||||
+determinePrimarySecurityType(rfbClientPtr cl)
|
||||
+{
|
||||
+ if (!cl->screen->authPasswdData || cl->reverseConnection) {
|
||||
+ /* chk if this condition is valid or not. */
|
||||
+ return rfbSecTypeNone;
|
||||
+ } else if (cl->screen->authPasswdData) {
|
||||
+ return rfbSecTypeVncAuth;
|
||||
+ } else {
|
||||
+ return rfbSecTypeInvalid;
|
||||
+ }
|
||||
+}
|
||||
|
||||
-static void
|
||||
-rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType)
|
||||
+void
|
||||
+rfbSendSecurityTypeList(rfbClientPtr cl,
|
||||
+ enum rfbSecurityTag exclude)
|
||||
{
|
||||
/* The size of the message is the count of security types +1,
|
||||
* since the first byte is the number of types. */
|
||||
@@ -207,9 +258,10 @@ rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType)
|
||||
rfbSecurityHandler* handler;
|
||||
#define MAX_SECURITY_TYPES 255
|
||||
uint8_t buffer[MAX_SECURITY_TYPES+1];
|
||||
-
|
||||
+ int32_t primaryType;
|
||||
|
||||
/* Fill in the list of security types in the client structure. (NOTE: Not really in the client structure) */
|
||||
+ primaryType = determinePrimarySecurityType(cl);
|
||||
switch (primaryType) {
|
||||
case rfbSecTypeNone:
|
||||
rfbRegisterSecurityHandler(&VncSecurityHandlerNone);
|
||||
@@ -221,6 +273,9 @@ rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType)
|
||||
|
||||
for (handler = securityHandlers;
|
||||
handler && size<MAX_SECURITY_TYPES; handler = handler->next) {
|
||||
+ if (exclude && (handler->securityTags & exclude))
|
||||
+ continue;
|
||||
+
|
||||
buffer[size] = handler->type;
|
||||
size++;
|
||||
}
|
||||
@@ -249,7 +304,29 @@ rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType)
|
||||
cl->state = RFB_SECURITY_TYPE;
|
||||
}
|
||||
|
||||
+static void
|
||||
+rfbSendChannelSecurityTypeList(rfbClientPtr cl)
|
||||
+{
|
||||
+ int size = 1;
|
||||
+ rfbSecurityHandler* handler;
|
||||
+ uint8_t buffer[MAX_SECURITY_TYPES+1];
|
||||
+
|
||||
+ for (handler = channelSecurityHandlers;
|
||||
+ handler && size<MAX_SECURITY_TYPES; handler = handler->next) {
|
||||
+ buffer[size] = handler->type;
|
||||
+ size++;
|
||||
+ }
|
||||
+ buffer[0] = (unsigned char)size-1;
|
||||
+
|
||||
+ if (rfbWriteExact(cl, (char *)buffer, size) < 0) {
|
||||
+ rfbLogPerror("rfbSendSecurityTypeList: write");
|
||||
+ rfbCloseClient(cl);
|
||||
+ return;
|
||||
+ }
|
||||
|
||||
+ /* Dispatch client input to rfbProcessClientChannelSecurityType. */
|
||||
+ cl->state = RFB_CHANNEL_SECURITY_TYPE;
|
||||
+}
|
||||
|
||||
|
||||
/*
|
||||
@@ -297,18 +374,19 @@ rfbSendSecurityType(rfbClientPtr cl, int32_t securityType)
|
||||
void
|
||||
rfbAuthNewClient(rfbClientPtr cl)
|
||||
{
|
||||
- int32_t securityType = rfbSecTypeInvalid;
|
||||
+ int32_t securityType;
|
||||
|
||||
- if (!cl->screen->authPasswdData || cl->reverseConnection) {
|
||||
- /* chk if this condition is valid or not. */
|
||||
- securityType = rfbSecTypeNone;
|
||||
- } else if (cl->screen->authPasswdData) {
|
||||
- securityType = rfbSecTypeVncAuth;
|
||||
- }
|
||||
+ securityType = determinePrimarySecurityType(cl);
|
||||
|
||||
if (cl->protocolMajorVersion==3 && cl->protocolMinorVersion < 7)
|
||||
{
|
||||
/* Make sure we use only RFB 3.3 compatible security types. */
|
||||
+ if (channelSecurityHandlers) {
|
||||
+ rfbLog("VNC channel security enabled - RFB 3.3 client rejected\n");
|
||||
+ rfbClientConnFailed(cl, "Your viewer cannot hnadler required "
|
||||
+ "security methods");
|
||||
+ return;
|
||||
+ }
|
||||
if (securityType == rfbSecTypeInvalid) {
|
||||
rfbLog("VNC authentication disabled - RFB 3.3 client rejected\n");
|
||||
rfbClientConnFailed(cl, "Your viewer cannot handle required "
|
||||
@@ -316,9 +394,13 @@ rfbAuthNewClient(rfbClientPtr cl)
|
||||
return;
|
||||
}
|
||||
rfbSendSecurityType(cl, securityType);
|
||||
+ } else if (channelSecurityHandlers) {
|
||||
+ rfbLog("Send channel security type list\n");
|
||||
+ rfbSendChannelSecurityTypeList(cl);
|
||||
} else {
|
||||
/* Here it's ok when securityType is set to rfbSecTypeInvalid. */
|
||||
- rfbSendSecurityTypeList(cl, securityType);
|
||||
+ rfbLog("Send channel security type 'none'\n");
|
||||
+ rfbSendSecurityTypeList(cl, RFB_SECURITY_TAG_NONE);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -332,6 +414,7 @@ rfbProcessClientSecurityType(rfbClientPtr cl)
|
||||
int n;
|
||||
uint8_t chosenType;
|
||||
rfbSecurityHandler* handler;
|
||||
+ rfbSecurityHandler* handlerListHead;
|
||||
|
||||
/* Read the security type. */
|
||||
n = rfbReadExact(cl, (char *)&chosenType, 1);
|
||||
@@ -344,8 +427,17 @@ rfbProcessClientSecurityType(rfbClientPtr cl)
|
||||
return;
|
||||
}
|
||||
|
||||
+ switch (cl->state) {
|
||||
+ case RFB_CHANNEL_SECURITY_TYPE:
|
||||
+ handlerListHead = channelSecurityHandlers;
|
||||
+ break;
|
||||
+ case RFB_SECURITY_TYPE:
|
||||
+ handlerListHead = securityHandlers;
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
/* Make sure it was present in the list sent by the server. */
|
||||
- for (handler = securityHandlers; handler; handler = handler->next) {
|
||||
+ for (handler = handlerListHead; handler; handler = handler->next) {
|
||||
if (chosenType == handler->type) {
|
||||
rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType);
|
||||
handler->handler(cl);
|
||||
diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
|
||||
index 72e9ba79..48eada64 100644
|
||||
--- a/libvncserver/rfbserver.c
|
||||
+++ b/libvncserver/rfbserver.c
|
||||
@@ -652,6 +652,7 @@ rfbProcessClientMessage(rfbClientPtr cl)
|
||||
case RFB_PROTOCOL_VERSION:
|
||||
rfbProcessClientProtocolVersion(cl);
|
||||
return;
|
||||
+ case RFB_CHANNEL_SECURITY_TYPE:
|
||||
case RFB_SECURITY_TYPE:
|
||||
rfbProcessClientSecurityType(cl);
|
||||
return;
|
||||
diff --git a/rfb/rfb.h b/rfb/rfb.h
|
||||
index 3c0b25a3..d136f884 100644
|
||||
--- a/rfb/rfb.h
|
||||
+++ b/rfb/rfb.h
|
||||
@@ -144,6 +144,11 @@ typedef struct {
|
||||
} data; /**< there have to be count*3 entries */
|
||||
} rfbColourMap;
|
||||
|
||||
+enum rfbSecurityTag {
|
||||
+ RFB_SECURITY_TAG_NONE = 0,
|
||||
+ RFB_SECURITY_TAG_CHANNEL = 1 << 0
|
||||
+};
|
||||
+
|
||||
/**
|
||||
* Security handling (RFB protocol version 3.7)
|
||||
*/
|
||||
@@ -152,6 +157,7 @@ typedef struct _rfbSecurity {
|
||||
uint8_t type;
|
||||
void (*handler)(struct _rfbClientRec* cl);
|
||||
struct _rfbSecurity* next;
|
||||
+ enum rfbSecurityTag securityTags;
|
||||
} rfbSecurityHandler;
|
||||
|
||||
/**
|
||||
@@ -480,7 +486,7 @@ typedef struct _rfbClientRec {
|
||||
/** Possible client states: */
|
||||
enum {
|
||||
RFB_PROTOCOL_VERSION, /**< establishing protocol version */
|
||||
- RFB_SECURITY_TYPE, /**< negotiating security (RFB v.3.7) */
|
||||
+ RFB_SECURITY_TYPE, /**< negotiating security (RFB v.3.7) */
|
||||
RFB_AUTHENTICATION, /**< authenticating */
|
||||
RFB_INITIALISATION, /**< sending initialisation messages */
|
||||
RFB_NORMAL, /**< normal protocol messages */
|
||||
@@ -488,7 +494,9 @@ typedef struct _rfbClientRec {
|
||||
/* Ephemeral internal-use states that will never be seen by software
|
||||
* using LibVNCServer to provide services: */
|
||||
|
||||
- RFB_INITIALISATION_SHARED /**< sending initialisation messages with implicit shared-flag already true */
|
||||
+ RFB_INITIALISATION_SHARED, /**< sending initialisation messages with implicit shared-flag already true */
|
||||
+
|
||||
+ RFB_CHANNEL_SECURITY_TYPE, /**< negotiating security (RFB v.3.7) */
|
||||
} state;
|
||||
|
||||
rfbBool reverseConnection;
|
||||
@@ -840,6 +848,9 @@ extern void rfbProcessClientSecurityType(rfbClientPtr cl);
|
||||
extern void rfbAuthProcessClientMessage(rfbClientPtr cl);
|
||||
extern void rfbRegisterSecurityHandler(rfbSecurityHandler* handler);
|
||||
extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler);
|
||||
+extern void rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler);
|
||||
+extern void rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler);
|
||||
+extern void rfbSendSecurityTypeList(rfbClientPtr cl, enum rfbSecurityTag exclude);
|
||||
|
||||
/* rre.c */
|
||||
|
||||
--
|
||||
2.28.0
|
||||
|
@ -0,0 +1,32 @@
|
||||
From 2a77dd86a97fa5f4735f678599cea839ba09009c Mon Sep 17 00:00:00 2001
|
||||
From: Christian Beier <info@christianbeier.net>
|
||||
Date: Sun, 9 Aug 2020 20:11:26 +0200
|
||||
Subject: [PATCH 3/4] libvncserver/auth: don't keep security handlers from
|
||||
previous runs
|
||||
|
||||
Whyohsoever security handlers are stored in a variable global to the
|
||||
application, not in the rfbScreen struct. This meant that security
|
||||
handlers registered once would stick around forever before this commit.
|
||||
---
|
||||
libvncserver/auth.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/libvncserver/auth.c b/libvncserver/auth.c
|
||||
index 55e0b3c9..fc74c800 100644
|
||||
--- a/libvncserver/auth.c
|
||||
+++ b/libvncserver/auth.c
|
||||
@@ -264,9 +264,11 @@ rfbSendSecurityTypeList(rfbClientPtr cl,
|
||||
primaryType = determinePrimarySecurityType(cl);
|
||||
switch (primaryType) {
|
||||
case rfbSecTypeNone:
|
||||
+ rfbUnregisterSecurityHandler(&VncSecurityHandlerVncAuth);
|
||||
rfbRegisterSecurityHandler(&VncSecurityHandlerNone);
|
||||
break;
|
||||
case rfbSecTypeVncAuth:
|
||||
+ rfbUnregisterSecurityHandler(&VncSecurityHandlerNone);
|
||||
rfbRegisterSecurityHandler(&VncSecurityHandlerVncAuth);
|
||||
break;
|
||||
}
|
||||
--
|
||||
2.28.0
|
||||
|
45
0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch
Normal file
45
0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch
Normal file
@ -0,0 +1,45 @@
|
||||
From 641610b961a732bb68f111536ebf8c42be20f05b Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Wed, 16 Sep 2020 17:35:49 +0200
|
||||
Subject: [PATCH 4/4] zlib: Clear buffer pointers on cleanup (#444)
|
||||
|
||||
The pointers to the buffers were freed, and the size fields were set to
|
||||
0, but the buffer pointers themsef was not set to NULL, when shutting
|
||||
down, meaning the next time used, NULL checks would not tell whether the
|
||||
pointer is valid. This caused crashes ending with
|
||||
|
||||
#0 0x00007ffff73729e5 in raise () from /lib64/libc.so.6
|
||||
#1 0x00007ffff735b895 in abort () from /lib64/libc.so.6
|
||||
#2 0x00007ffff73b6857 in __libc_message () from /lib64/libc.so.6
|
||||
#3 0x00007ffff73bdd7c in malloc_printerr () from /lib64/libc.so.6
|
||||
#4 0x00007ffff73c2f1a in realloc () from /lib64/libc.so.6
|
||||
#5 0x00007ffff78b558e in rfbSendOneRectEncodingZlib (cl=0x4a4b80, x=0, y=0, w=800, h=40) at /home/jonas/Dev/gnome/libvncserver/libvncserver/zlib.c:106
|
||||
#6 0x00007ffff78b5dec in rfbSendRectEncodingZlib (cl=0x4a4b80, x=0, y=0, w=800, h=600) at /home/jonas/Dev/gnome/libvncserver/libvncserver/zlib.c:308
|
||||
#7 0x00007ffff7899453 in rfbSendFramebufferUpdate (cl=0x4a4b80, givenUpdateRegion=0x49ef70) at /home/jonas/Dev/gnome/libvncserver/libvncserver/rfbserver.c:3264
|
||||
#8 0x00007ffff789079d in rfbUpdateClient (cl=0x4a4b80) at /home/jonas/Dev/gnome/libvncserver/libvncserver/main.c:1275
|
||||
#9 0x00007ffff78905f5 in rfbProcessEvents (screen=0x4d5790, usec=0) at /home/jonas/Dev/gnome/libvncserver/libvncserver/main.c:1251
|
||||
---
|
||||
libvncserver/zlib.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/libvncserver/zlib.c b/libvncserver/zlib.c
|
||||
index d24d7d15..5c3a8236 100644
|
||||
--- a/libvncserver/zlib.c
|
||||
+++ b/libvncserver/zlib.c
|
||||
@@ -64,11 +64,13 @@ void rfbZlibCleanup(rfbScreenInfoPtr screen)
|
||||
{
|
||||
if (zlibBeforeBufSize) {
|
||||
free(zlibBeforeBuf);
|
||||
+ zlibBeforeBuf = NULL;
|
||||
zlibBeforeBufSize=0;
|
||||
}
|
||||
if (zlibAfterBufSize) {
|
||||
zlibAfterBufSize=0;
|
||||
free(zlibAfterBuf);
|
||||
+ zlibAfterBuf = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
--
|
||||
2.28.0
|
||||
|
@ -1,52 +0,0 @@
|
||||
From 7670167e578eb5c6e032cff38112edf85df142ee Mon Sep 17 00:00:00 2001
|
||||
From: Wim Taymans <wtaymans@redhat.com>
|
||||
Date: Tue, 16 Jun 2020 11:44:52 +0200
|
||||
Subject: [PATCH 1/2] stream: log a warning on error
|
||||
|
||||
When we get an invalid buffer or we can't mmap() it, log a warning
|
||||
and exit instead of carying on with invalid pointers and segfault.
|
||||
---
|
||||
src/grd-vnc-pipewire-stream.c | 15 ++++++++++++---
|
||||
1 file changed, 12 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/grd-vnc-pipewire-stream.c b/src/grd-vnc-pipewire-stream.c
|
||||
index 261292a..91fb0a1 100644
|
||||
--- a/src/grd-vnc-pipewire-stream.c
|
||||
+++ b/src/grd-vnc-pipewire-stream.c
|
||||
@@ -323,14 +323,18 @@ process_buffer (GrdVncPipeWireStream *stream,
|
||||
|
||||
if (buffer->datas[0].chunk->size == 0)
|
||||
{
|
||||
- size = 0;
|
||||
- map = NULL;
|
||||
- src_data = NULL;
|
||||
+ g_warning ("Received empty buffer");
|
||||
+ return NULL;
|
||||
}
|
||||
else if (buffer->datas[0].type == SPA_DATA_MemFd)
|
||||
{
|
||||
size = buffer->datas[0].maxsize + buffer->datas[0].mapoffset;
|
||||
map = mmap (NULL, size, PROT_READ, MAP_PRIVATE, buffer->datas[0].fd, 0);
|
||||
+ if (map == MAP_FAILED)
|
||||
+ {
|
||||
+ g_warning ("Failed to mmap buffer: %s", g_strerror (errno));
|
||||
+ return NULL;
|
||||
+ }
|
||||
src_data = SPA_MEMBER (map, buffer->datas[0].mapoffset, uint8_t);
|
||||
}
|
||||
else if (buffer->datas[0].type == SPA_DATA_DmaBuf)
|
||||
@@ -341,6 +345,11 @@ process_buffer (GrdVncPipeWireStream *stream,
|
||||
size = buffer->datas[0].maxsize + buffer->datas[0].mapoffset;
|
||||
|
||||
map = mmap (NULL, size, PROT_READ, MAP_PRIVATE, fd, 0);
|
||||
+ if (map == MAP_FAILED)
|
||||
+ {
|
||||
+ g_warning ("Failed to mmap DMA buffer: %s", g_strerror (errno));
|
||||
+ return NULL;
|
||||
+ }
|
||||
sync_dma_buf (fd, DMA_BUF_SYNC_START);
|
||||
|
||||
src_data = SPA_MEMBER (map, buffer->datas[0].mapoffset, uint8_t);
|
||||
--
|
||||
2.26.2
|
||||
|
@ -1,25 +0,0 @@
|
||||
From 240d8694fbcdeb020e7f9c0f8f292a4679b88b30 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Thu, 18 Jun 2020 13:14:04 +0200
|
||||
Subject: [PATCH] vnc/pipewire-stream: Remove assert
|
||||
|
||||
Handle lack of frames gracefully.
|
||||
---
|
||||
src/grd-vnc-pipewire-stream.c | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/src/grd-vnc-pipewire-stream.c b/src/grd-vnc-pipewire-stream.c
|
||||
index ee8ad5d..a3f5fb6 100644
|
||||
--- a/src/grd-vnc-pipewire-stream.c
|
||||
+++ b/src/grd-vnc-pipewire-stream.c
|
||||
@@ -463,7 +463,6 @@ on_stream_process (void *user_data)
|
||||
|
||||
frame = process_buffer (stream, buffer->buffer);
|
||||
|
||||
- g_assert (frame);
|
||||
g_mutex_lock (&stream->frame_mutex);
|
||||
if (stream->pending_frame)
|
||||
{
|
||||
--
|
||||
2.26.2
|
||||
|
@ -1,62 +0,0 @@
|
||||
From f3efe25a5cb173bc63b380619b8673cd5ba99f6f Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Thu, 18 Jun 2020 11:35:44 +0200
|
||||
Subject: [PATCH 2/2] vnc/pipewire-stream: Only try to copy frame pixels if
|
||||
there are any
|
||||
|
||||
The producer might send empty frames with only cursor metadata, and in
|
||||
this case we shouldn't try to copy any pixels, as there are no.
|
||||
---
|
||||
src/grd-vnc-pipewire-stream.c | 28 ++++++++++++++++------------
|
||||
1 file changed, 16 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/src/grd-vnc-pipewire-stream.c b/src/grd-vnc-pipewire-stream.c
|
||||
index 91fb0a1..ee8ad5d 100644
|
||||
--- a/src/grd-vnc-pipewire-stream.c
|
||||
+++ b/src/grd-vnc-pipewire-stream.c
|
||||
@@ -312,9 +312,6 @@ process_buffer (GrdVncPipeWireStream *stream,
|
||||
size_t size;
|
||||
uint8_t *map;
|
||||
void *src_data;
|
||||
- int src_stride;
|
||||
- int dst_stride;
|
||||
- int height;
|
||||
int y;
|
||||
struct spa_meta_cursor *spa_meta_cursor;
|
||||
g_autofree GrdVncFrame *frame = NULL;
|
||||
@@ -365,16 +362,23 @@ process_buffer (GrdVncPipeWireStream *stream,
|
||||
return NULL;
|
||||
}
|
||||
|
||||
- src_stride = buffer->datas[0].chunk->stride;
|
||||
- dst_stride = grd_session_vnc_get_framebuffer_stride (stream->session);
|
||||
- height = stream->spa_format.size.height;
|
||||
-
|
||||
- frame->data = g_malloc (height * dst_stride);
|
||||
- for (y = 0; y < height; y++)
|
||||
+ if (src_data)
|
||||
{
|
||||
- memcpy (((uint8_t *) frame->data) + y * dst_stride,
|
||||
- ((uint8_t *) src_data) + y * src_stride,
|
||||
- dst_stride);
|
||||
+ int src_stride;
|
||||
+ int dst_stride;
|
||||
+ int height;
|
||||
+
|
||||
+ src_stride = buffer->datas[0].chunk->stride;
|
||||
+ dst_stride = grd_session_vnc_get_framebuffer_stride (stream->session);
|
||||
+ height = stream->spa_format.size.height;
|
||||
+
|
||||
+ frame->data = g_malloc (height * dst_stride);
|
||||
+ for (y = 0; y < height; y++)
|
||||
+ {
|
||||
+ memcpy (((uint8_t *) frame->data) + y * dst_stride,
|
||||
+ ((uint8_t *) src_data) + y * src_stride,
|
||||
+ dst_stride);
|
||||
+ }
|
||||
}
|
||||
|
||||
if (map)
|
||||
--
|
||||
2.26.2
|
||||
|
@ -1,127 +0,0 @@
|
||||
From f97b689c5c67cee36025a7b0a9210deb8b373b03 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Fri, 3 Jul 2020 17:03:52 +0200
|
||||
Subject: [PATCH 1/3] session-vnc: Add API to flush
|
||||
|
||||
When no damage is to be reported, but e.g. cursor moved, we need to
|
||||
flush, so add API to make this possible.
|
||||
|
||||
(cherry picked from commit 25e61a7ed3631687aed4310824e7810088e63b37)
|
||||
---
|
||||
src/grd-session-vnc.c | 6 ++++++
|
||||
src/grd-session-vnc.h | 2 ++
|
||||
2 files changed, 8 insertions(+)
|
||||
|
||||
diff --git a/src/grd-session-vnc.c b/src/grd-session-vnc.c
|
||||
index 9fcbb69..7950d1e 100644
|
||||
--- a/src/grd-session-vnc.c
|
||||
+++ b/src/grd-session-vnc.c
|
||||
@@ -179,6 +179,12 @@ grd_session_vnc_take_buffer (GrdSessionVnc *session_vnc,
|
||||
rfbProcessEvents (session_vnc->rfb_screen, 0);
|
||||
}
|
||||
|
||||
+void
|
||||
+grd_session_vnc_flush (GrdSessionVnc *session_vnc)
|
||||
+{
|
||||
+ rfbProcessEvents (session_vnc->rfb_screen, 0);
|
||||
+}
|
||||
+
|
||||
void
|
||||
grd_session_vnc_set_cursor (GrdSessionVnc *session_vnc,
|
||||
rfbCursorPtr rfb_cursor)
|
||||
diff --git a/src/grd-session-vnc.h b/src/grd-session-vnc.h
|
||||
index 294860e..a065857 100644
|
||||
--- a/src/grd-session-vnc.h
|
||||
+++ b/src/grd-session-vnc.h
|
||||
@@ -49,6 +49,8 @@ void grd_session_vnc_queue_resize_framebuffer (GrdSessionVnc *session_vnc,
|
||||
void grd_session_vnc_take_buffer (GrdSessionVnc *session_vnc,
|
||||
void *data);
|
||||
|
||||
+void grd_session_vnc_flush (GrdSessionVnc *session_vnc);
|
||||
+
|
||||
void grd_session_vnc_set_cursor (GrdSessionVnc *session_vnc,
|
||||
rfbCursorPtr rfb_cursor);
|
||||
|
||||
--
|
||||
2.26.2
|
||||
|
||||
|
||||
From 8a050b66be76d73725ac7665295160ab6c40b0f5 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Fri, 3 Jul 2020 17:12:58 +0200
|
||||
Subject: [PATCH 2/3] vnc-pipewire-stream: Properly process cursor-change-only
|
||||
frames
|
||||
|
||||
Such frames will have the buffer data size set to 0, as it is empty, but
|
||||
may contain metadata carrying the cursor update.
|
||||
|
||||
(cherry picked from commit c04762a450ea9a21730db26c296c1283e121dc08)
|
||||
---
|
||||
src/grd-vnc-pipewire-stream.c | 6 +++---
|
||||
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/grd-vnc-pipewire-stream.c b/src/grd-vnc-pipewire-stream.c
|
||||
index a3f5fb6..7519377 100644
|
||||
--- a/src/grd-vnc-pipewire-stream.c
|
||||
+++ b/src/grd-vnc-pipewire-stream.c
|
||||
@@ -312,7 +312,6 @@ process_buffer (GrdVncPipeWireStream *stream,
|
||||
size_t size;
|
||||
uint8_t *map;
|
||||
void *src_data;
|
||||
- int y;
|
||||
struct spa_meta_cursor *spa_meta_cursor;
|
||||
g_autofree GrdVncFrame *frame = NULL;
|
||||
|
||||
@@ -320,8 +319,8 @@ process_buffer (GrdVncPipeWireStream *stream,
|
||||
|
||||
if (buffer->datas[0].chunk->size == 0)
|
||||
{
|
||||
- g_warning ("Received empty buffer");
|
||||
- return NULL;
|
||||
+ map = NULL;
|
||||
+ src_data = NULL;
|
||||
}
|
||||
else if (buffer->datas[0].type == SPA_DATA_MemFd)
|
||||
{
|
||||
@@ -367,6 +366,7 @@ process_buffer (GrdVncPipeWireStream *stream,
|
||||
int src_stride;
|
||||
int dst_stride;
|
||||
int height;
|
||||
+ int y;
|
||||
|
||||
src_stride = buffer->datas[0].chunk->stride;
|
||||
dst_stride = grd_session_vnc_get_framebuffer_stride (stream->session);
|
||||
--
|
||||
2.26.2
|
||||
|
||||
|
||||
From eac6368d8411c586007df8b1a2d85df3da1b55c5 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Fri, 3 Jul 2020 17:13:58 +0200
|
||||
Subject: [PATCH 3/3] vnc-pipewire-stream: Flush connection if no new pixel
|
||||
buffer
|
||||
|
||||
Otherwise we'll wait on input until we flush out our new cursor move
|
||||
only output.
|
||||
|
||||
(cherry picked from commit 3394e34c3c502d63636bb852c062855c46736a6f)
|
||||
---
|
||||
src/grd-vnc-pipewire-stream.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/grd-vnc-pipewire-stream.c b/src/grd-vnc-pipewire-stream.c
|
||||
index 7519377..791b71d 100644
|
||||
--- a/src/grd-vnc-pipewire-stream.c
|
||||
+++ b/src/grd-vnc-pipewire-stream.c
|
||||
@@ -299,6 +299,8 @@ do_render (struct spa_loop *loop,
|
||||
|
||||
if (frame->data)
|
||||
grd_session_vnc_take_buffer (stream->session, frame->data);
|
||||
+ else
|
||||
+ grd_session_vnc_flush (stream->session);
|
||||
|
||||
g_free (frame);
|
||||
|
||||
--
|
||||
2.26.2
|
||||
|
@ -1,141 +0,0 @@
|
||||
%global systemd_unit gnome-remote-desktop.service
|
||||
|
||||
Name: gnome-remote-desktop
|
||||
Version: 0.1.8
|
||||
Release: 3%{?dist}
|
||||
Summary: GNOME Remote Desktop screen share service
|
||||
|
||||
License: GPLv2+
|
||||
URL: https://gitlab.gnome.org/jadahl/gnome-remote-desktop
|
||||
Source0: https://gitlab.gnome.org/jadahl/gnome-remote-desktop/uploads/20e4965351cdbd8dc32ff9801e884b91/gnome-remote-desktop-0.1.8.tar.xz
|
||||
|
||||
# Fix black screen on Wayland
|
||||
Patch1: 0001-vnc-pipewire-stream-Handle-stride-mismatch.patch
|
||||
|
||||
# Anon TLS encryption support
|
||||
Patch2: anon-tls-support.patch
|
||||
|
||||
# Don't crash on metadata only buffers (#1847062)
|
||||
Patch3: 0001-stream-log-a-warning-on-error.patch
|
||||
Patch4: 0002-vnc-pipewire-stream-Only-try-to-copy-frame-pixels-if.patch
|
||||
Patch5: 0001-vnc-pipewire-stream-Remove-assert.patch
|
||||
|
||||
# Cursor only frame fixes (#1837406)
|
||||
Patch6: cursor-only-frame-fixes.patch
|
||||
|
||||
BuildRequires: git
|
||||
BuildRequires: gcc
|
||||
BuildRequires: meson >= 0.36.0
|
||||
BuildRequires: pkgconfig
|
||||
BuildRequires: pkgconfig(glib-2.0) >= 2.32
|
||||
BuildRequires: pkgconfig(gio-unix-2.0) >= 2.32
|
||||
BuildRequires: pkgconfig(libpipewire-0.3) >= 0.3.4
|
||||
BuildRequires: pkgconfig(libvncserver) >= 0.9.11-7
|
||||
BuildRequires: pkgconfig(libsecret-1)
|
||||
BuildRequires: pkgconfig(libnotify)
|
||||
BuildRequires: pkgconfig(gnutls)
|
||||
BuildRequires: python3-devel
|
||||
|
||||
%{?systemd_requires}
|
||||
BuildRequires: systemd
|
||||
|
||||
Requires: pipewire >= 0.3.4
|
||||
|
||||
%description
|
||||
GNOME Remote Desktop is a remote desktop and screen sharing service for the
|
||||
GNOME desktop environment.
|
||||
|
||||
|
||||
%prep
|
||||
%autosetup -S git
|
||||
|
||||
|
||||
%build
|
||||
%meson
|
||||
%meson_build
|
||||
|
||||
|
||||
%install
|
||||
%meson_install
|
||||
|
||||
|
||||
%post
|
||||
%systemd_user_post %{systemd_unit}
|
||||
|
||||
|
||||
%preun
|
||||
%systemd_user_preun %{systemd_unit}
|
||||
|
||||
|
||||
%postun
|
||||
%systemd_user_postun_with_restart %{systemd_unit}
|
||||
|
||||
|
||||
%files
|
||||
%license COPYING
|
||||
%doc README
|
||||
%{_libexecdir}/gnome-remote-desktop-daemon
|
||||
%{_userunitdir}/gnome-remote-desktop.service
|
||||
%{_datadir}/glib-2.0/schemas/org.gnome.desktop.remote-desktop.gschema.xml
|
||||
%{_datadir}/glib-2.0/schemas/org.gnome.desktop.remote-desktop.enums.xml
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Jul 15 2020 Jonas Ådahl <jadahl@redhat.com> - 0.1.8-3
|
||||
- Backport cursor only frame fixes
|
||||
Related: #1837406
|
||||
|
||||
* Thu Jun 18 2020 Jonas Ådahl <jadahl@redhat.com> - 0.1.8-2
|
||||
- Don't crash on metadata only buffers
|
||||
Resolves: #1847062
|
||||
|
||||
* Wed May 20 2020 Jonas Ådahl <jadahl@redhat.com> - 0.1.8-1
|
||||
- Rebase to 0.1.8
|
||||
Resolves: #1837406
|
||||
|
||||
* Wed Nov 27 2019 Jonas Ådahl <jadahl@redhat.com> - 0.1.6-8
|
||||
- Update patch to handle older libvncserver at build time
|
||||
Resolves: #1684729
|
||||
|
||||
* Wed Nov 27 2019 Jonas Ådahl <jadahl@redhat.com> - 0.1.6-7
|
||||
- Handle auth settings changes
|
||||
Resolves: #1684729
|
||||
|
||||
* Wed Nov 27 2019 Jonas Ådahl <jadahl@redhat.com> - 0.1.6-6
|
||||
- Fix initial black content issue
|
||||
Resolves: #1765448
|
||||
|
||||
* Thu May 30 2019 Tomáš Popela <tpopela@redhat.com> - 0.1.6-5
|
||||
- Bump the version to make gating happy - that's bug 1681618
|
||||
- Resolves: rhbz#1713330
|
||||
|
||||
* Fri May 24 2019 Jonas Ådahl <jadahl@redhat.com> - 0.1.6-4
|
||||
- Backport password override test helper (rhbz#1713330)
|
||||
|
||||
* Thu Jan 3 2019 Jonas Ådahl <jadahl@redhat.com> - 0.1.6-3
|
||||
- Backport various fixes (rhbz#1659118)
|
||||
|
||||
* Mon Oct 1 2018 Jonas Ådahl <jadahl@redhat.com> - 0.1.6-2
|
||||
- Don't crash when PipeWire disconnects (rhbz#1627469)
|
||||
|
||||
* Tue Aug 7 2018 Jonas Ådahl <jadahl@redhat.com> - 0.1.6
|
||||
- Update to 0.1.6
|
||||
- Apply ANON-TLS patch
|
||||
- Depend on pipewire 0.2.2
|
||||
|
||||
* Tue Aug 29 2017 Jonas Ådahl <jadahl@redhat.com> - 0.1.2-3
|
||||
- Use %%autosetup
|
||||
- Install licence file
|
||||
|
||||
* Tue Aug 22 2017 Jonas Ådahl <jadahl@redhat.com> - 0.1.2-2
|
||||
- Remove gschema compilation step as that had been deprecated
|
||||
|
||||
* Mon Aug 21 2017 Jonas Ådahl <jadahl@redhat.com> - 0.1.2-1
|
||||
- Update to 0.1.2
|
||||
- Changed tabs to spaces
|
||||
- Added systemd user macros
|
||||
- Install to correct systemd user unit directory
|
||||
- Compile gsettings schemas after install and uninstall
|
||||
|
||||
* Mon Aug 21 2017 Jonas Ådahl <jadahl@redhat.com> - 0.1.1-1
|
||||
- First packaged version
|
6
gating.yaml
Normal file
6
gating.yaml
Normal file
@ -0,0 +1,6 @@
|
||||
--- !Policy
|
||||
product_versions:
|
||||
- rhel-9
|
||||
decision_context: osci_compose_gate
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: desktop-qe.desktop-ci.tier1-gating.functional}
|
316
gnome-remote-desktop.spec
Normal file
316
gnome-remote-desktop.spec
Normal file
@ -0,0 +1,316 @@
|
||||
%global systemd_unit gnome-remote-desktop.service
|
||||
|
||||
%global tarball_version %%(echo %{version} | tr '~' '.')
|
||||
|
||||
%if 0%{?rhel} >= 9
|
||||
%global bundle_libvncserver 1
|
||||
%global enable_rdp 0
|
||||
%else
|
||||
%global bundle_libvncserver 0
|
||||
%global enable_rdp 1
|
||||
%endif
|
||||
|
||||
%global libvncserver_name LibVNCServer
|
||||
%global libvncserver_version 0.9.13
|
||||
|
||||
Name: gnome-remote-desktop
|
||||
Version: 40.0
|
||||
Release: 10%{?dist}
|
||||
Summary: GNOME Remote Desktop screen share service
|
||||
|
||||
License: GPLv2+
|
||||
URL: https://gitlab.gnome.org/jadahl/gnome-remote-desktop
|
||||
Source0: https://download.gnome.org/sources/gnome-remote-desktop/40/%{name}-%{tarball_version}.tar.xz
|
||||
Source1: https://github.com/LibVNC/libvncserver/archive/refs/tags/%{libvncserver_name}-%{libvncserver_version}.tar.gz
|
||||
|
||||
### gnome-remote-desktop patches
|
||||
# Adds encryption support (requires patched LibVNCServer)
|
||||
Patch0: gnutls-anontls.patch
|
||||
|
||||
# Backport upstream leak fix (rhbz#1951129)
|
||||
Patch1: 0001-pipewire-stream-Don-t-leak-GSource-s.patch
|
||||
|
||||
### LibVNCServer patches
|
||||
## TLS security type enablement patches
|
||||
# https://github.com/LibVNC/libvncserver/pull/234
|
||||
Patch1000: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
|
||||
Patch1001: 0002-libvncserver-Add-channel-security-handlers.patch
|
||||
# https://github.com/LibVNC/libvncserver/commit/87c52ee0551b7c4e76855d270d475b9e3039fe08
|
||||
Patch1002: 0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch
|
||||
# Fix crash on all runs after the first
|
||||
# https://github.com/LibVNC/libvncserver/pull/444
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1882718
|
||||
Patch1003: 0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch
|
||||
# Fix another crasher
|
||||
# https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/45
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1882718
|
||||
Patch1004: 0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch
|
||||
|
||||
## downstream patches
|
||||
Patch2000: libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch
|
||||
Patch2001: libvncserver-LibVNCServer-0.9.13-static-library-link.patch
|
||||
|
||||
## Don't compile SHA1 support
|
||||
Patch2100: 0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch
|
||||
|
||||
|
||||
BuildRequires: git
|
||||
BuildRequires: gcc
|
||||
BuildRequires: meson >= 0.36.0
|
||||
BuildRequires: pkgconfig
|
||||
BuildRequires: pkgconfig(cairo)
|
||||
BuildRequires: pkgconfig(glib-2.0) >= 2.32
|
||||
BuildRequires: pkgconfig(gio-unix-2.0) >= 2.32
|
||||
BuildRequires: pkgconfig(libpipewire-0.3) >= 0.3.0
|
||||
%if 0%{?enable_rdp}
|
||||
BuildRequires: pkgconfig(freerdp2)
|
||||
BuildRequires: pkgconfig(winpr2)
|
||||
BuildRequires: pkgconfig(fuse3)
|
||||
%endif
|
||||
BuildRequires: pkgconfig(xkbcommon)
|
||||
BuildRequires: pkgconfig(libsecret-1)
|
||||
BuildRequires: pkgconfig(libnotify)
|
||||
BuildRequires: pkgconfig(gnutls)
|
||||
%if 0%{?bundle_libvncserver}
|
||||
BuildRequires: cmake
|
||||
BuildRequires: lzo-devel
|
||||
BuildRequires: lzo-minilzo
|
||||
%else
|
||||
BuildRequires: pkgconfig(libvncserver) >= 0.9.11-7
|
||||
%endif
|
||||
|
||||
%{?systemd_requires}
|
||||
BuildRequires: systemd
|
||||
|
||||
Requires: pipewire >= 0.3.0
|
||||
|
||||
Obsoletes: vino < 3.22.0-21
|
||||
%if 0%{?bundle_libvncserver}
|
||||
Provides: bundled(libvncserver) = %{libvncserver_version}
|
||||
%endif
|
||||
|
||||
%description
|
||||
GNOME Remote Desktop is a remote desktop and screen sharing service for the
|
||||
GNOME desktop environment.
|
||||
|
||||
|
||||
%prep
|
||||
|
||||
## Setup libvncserver
|
||||
|
||||
%if 0%{?bundle_libvncserver}
|
||||
%setup -b 1 -n libvncserver-%{libvncserver_name}-%{libvncserver_version}
|
||||
%patch1000 -p1 -b .tls-1
|
||||
%patch1001 -p1 -b .tls-2
|
||||
%patch1002 -p1 -b .handlers
|
||||
%patch1003 -p1 -b .pointers
|
||||
%patch1004 -p1 -b .cursor_null
|
||||
%patch2000 -p1 -b .crypto_policy
|
||||
%patch2001 -p1 -b .static
|
||||
%patch2100 -p1 -b .no-sha1
|
||||
|
||||
# Nuke bundled minilzo
|
||||
rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c
|
||||
|
||||
# Fix encoding
|
||||
for file in ChangeLog ; do
|
||||
mv ${file} ${file}.OLD && \
|
||||
iconv -f ISO_8859-1 -t UTF8 ${file}.OLD > ${file} && \
|
||||
touch --reference ${file}.OLD $file
|
||||
done
|
||||
%endif
|
||||
|
||||
## Setup gnome-remote-desktop
|
||||
|
||||
%setup -n %{name}-%{tarball_version}
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
|
||||
|
||||
%build
|
||||
|
||||
## Build libvncserver
|
||||
|
||||
%if 0%{?bundle_libvncserver}
|
||||
pushd ../libvncserver-%{libvncserver_name}-%{libvncserver_version}
|
||||
mkdir -p %{_builddir}/libvncserver/
|
||||
%global libvncserver_install_dir %{buildroot}%{_builddir}/libvncserver
|
||||
%cmake \
|
||||
-DCMAKE_INSTALL_PREFIX=%{libvncserver_install_dir} \
|
||||
-DINCLUDE_INSTALL_DIR=%{libvncserver_install_dir}/include \
|
||||
-DLIB_INSTALL_DIR:PATH=%{libvncserver_install_dir}/%{_lib} \
|
||||
-DSYSCONF_INSTALL_DIR=%{libvncserver_install_dir}/etc \
|
||||
-DWITH_FFMPEG=OFF -DWITH_GTK=OFF -DWITH_OPENSSL=OFF -DWITH_GNUTLS=ON \
|
||||
-DWITH_SDL=OFF -DWITH_X11=OFF -DWITH_WEBSOCKETS=OFF \
|
||||
-DLIBVNCSERVER_WITH_WEBSOCKETS=OFF -DBUILD_SHARED_LIBS=OFF
|
||||
%cmake_build
|
||||
%__cmake --install "%{__cmake_builddir}"
|
||||
popd
|
||||
%endif
|
||||
|
||||
## Build gnome-remote-desktop
|
||||
|
||||
%if 0%{?bundle_libvncserver}
|
||||
%global pkg_config_path_override --pkg-config-path %{buildroot}/%{_builddir}/libvncserver/%{_lib}/pkgconfig
|
||||
%endif
|
||||
|
||||
%if 0%{?enable_rdp}
|
||||
%global rdp_configuration -Drdp=true
|
||||
%else
|
||||
%global rdp_configuration -Drdp=false
|
||||
%endif
|
||||
|
||||
%meson %{?pkg_config_path_override} %{rdp_configuration}
|
||||
%meson_build
|
||||
|
||||
|
||||
%install
|
||||
%meson_install
|
||||
|
||||
%if 0%{?bundle_libvncserver}
|
||||
pushd ../libvncserver-%{libvncserver_name}-%{libvncserver_version}
|
||||
cp COPYING %{_builddir}/%{name}-%{tarball_version}/COPYING.libvncserver
|
||||
popd
|
||||
%endif
|
||||
|
||||
|
||||
%post
|
||||
%systemd_user_post %{systemd_unit}
|
||||
|
||||
|
||||
%preun
|
||||
%systemd_user_preun %{systemd_unit}
|
||||
|
||||
|
||||
%postun
|
||||
%systemd_user_postun_with_restart %{systemd_unit}
|
||||
|
||||
|
||||
%files
|
||||
%license COPYING
|
||||
%if 0%{?bundle_libvncserver}
|
||||
%license COPYING.libvncserver
|
||||
%endif
|
||||
%doc README
|
||||
%{_libexecdir}/gnome-remote-desktop-daemon
|
||||
%{_userunitdir}/gnome-remote-desktop.service
|
||||
%{_datadir}/glib-2.0/schemas/org.gnome.desktop.remote-desktop.gschema.xml
|
||||
%{_datadir}/glib-2.0/schemas/org.gnome.desktop.remote-desktop.enums.xml
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Jul 19 2023 Jonas Ådahl <jadahl@redhat.com> - 40.0-10
|
||||
- Don't compile in SHA1 support again
|
||||
Resolves: #2223925
|
||||
|
||||
* Wed Jul 19 2023 Jonas Ådahl <jadahl@redhat.com> - 40.0-9
|
||||
- Bump version number
|
||||
Related: rhbz#2188174
|
||||
|
||||
* Wed Apr 19 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 40.0-8
|
||||
- Do not provide libvncserver.so.1
|
||||
Resolves: rhbz#2188174
|
||||
|
||||
* Mon Oct 25 2021 Jonas Ådahl <jadahl@redhat.com> - 40.0-7
|
||||
- Don't compile in SHA1 support
|
||||
Resolves: #1936594
|
||||
|
||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 40.0-6
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
||||
* Tue Jun 15 2021 Jonas Ådahl <jadahl@redhat.com> - 40.0-5
|
||||
- Backport leak fix
|
||||
Resolves: #1951129
|
||||
|
||||
* Mon May 17 2021 Ondrej Holy <oholy@redhat.com> - 40.0-4
|
||||
- Rebuild for updated FreeRDP (#1951123).
|
||||
|
||||
* Thu Apr 22 2021 Jonas Ådahl <jadahl@redhat.com> - 40.0-3
|
||||
- Bundle libvncserver
|
||||
- Disable RDP support
|
||||
|
||||
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 40.0-2
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
* Mon Mar 22 2021 Kalev Lember <klember@redhat.com> - 40.0-1
|
||||
- Update to 40.0
|
||||
|
||||
* Thu Mar 18 2021 Michael Catanzaro <mcatanzaro@redhat.com> - 40.0~rc-2
|
||||
- Add Obsoletes: vino
|
||||
|
||||
* Mon Mar 15 2021 Kalev Lember <klember@redhat.com> - 40.0~rc-1
|
||||
- Update to 40.rc
|
||||
|
||||
* Thu Mar 04 2021 Jonas Ådahl <jadahl@redhat.com> - 40.0~beta-1
|
||||
- Bump to 40.beta
|
||||
|
||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.9-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Mon Sep 14 2020 Jonas Ådahl <jadahl@redhat.com> - 0.1.9-2
|
||||
- Copy using the right destination stride
|
||||
|
||||
* Mon Sep 14 2020 Jonas Ådahl <jadahl@redhat.com> - 0.1.9-1
|
||||
- Update to 0.1.9
|
||||
- Backport race condition crash fix
|
||||
- Rebase anon-tls patches
|
||||
|
||||
* Thu Aug 27 2020 Ray Strode <rstrode@redhat.com> - 0.1.8-3
|
||||
- Fix crash
|
||||
Related: #1844993
|
||||
|
||||
* Mon Jun 1 2020 Felipe Borges <feborges@redhat.com> - 0.1.8-2
|
||||
- Fix black screen issue in remote connections on Wayland
|
||||
|
||||
* Wed Mar 11 2020 Jonas Ådahl <jadahl@redhat.com> - 0.1.8-1
|
||||
- Update to 0.1.8
|
||||
|
||||
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.7-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.7-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Mon Mar 4 2019 Jonas Ådahl <jadahl@redhat.com> - 0.1.7-1
|
||||
- Update to 0.1.7
|
||||
|
||||
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.6-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Tue Oct 2 2018 Jonas Ådahl <jadahl@redhat.com> - 0.1.6-2
|
||||
- Don't crash when PipeWire disconnects (rhbz#1632781)
|
||||
|
||||
* Tue Aug 7 2018 Jonas Ådahl <jadahl@redhat.com> - 0.1.6
|
||||
- Update to 0.1.6
|
||||
- Apply ANON-TLS patch
|
||||
- Depend on pipewire 0.2.2
|
||||
|
||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.4-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Wed May 30 2018 Jonas Ådahl <jadahl@redhat.com> - 0.1.4-1
|
||||
- Update to new version
|
||||
|
||||
* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.1.2-5
|
||||
- Escape macros in %%changelog
|
||||
|
||||
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.1.2-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Tue Aug 29 2017 Jonas Ådahl <jadahl@redhat.com> - 0.1.2-3
|
||||
- Use %%autosetup
|
||||
- Install licence file
|
||||
|
||||
* Tue Aug 22 2017 Jonas Ådahl <jadahl@redhat.com> - 0.1.2-2
|
||||
- Remove gschema compilation step as that had been deprecated
|
||||
|
||||
* Mon Aug 21 2017 Jonas Ådahl <jadahl@redhat.com> - 0.1.2-1
|
||||
- Update to 0.1.2
|
||||
- Changed tabs to spaces
|
||||
- Added systemd user macros
|
||||
- Install to correct systemd user unit directory
|
||||
- Compile gsettings schemas after install and uninstall
|
||||
|
||||
* Mon Aug 21 2017 Jonas Ådahl <jadahl@redhat.com> - 0.1.1-1
|
||||
- First packaged version
|
@ -1,4 +1,4 @@
|
||||
From 10843a1f3edffbb475c01835451d39ebe6153e44 Mon Sep 17 00:00:00 2001
|
||||
From 8676ef6c32557234d08acb13d7524df5fa1f4bb2 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Thu, 14 Jun 2018 12:21:37 +0200
|
||||
Subject: [PATCH 1/7] vnc: Add anonymous TLS encryption support
|
||||
@ -11,31 +11,31 @@ VNC connection.
|
||||
---
|
||||
meson.build | 1 +
|
||||
src/grd-enums.h | 6 +
|
||||
src/grd-session-vnc.c | 98 +++-
|
||||
src/grd-session-vnc.h | 15 +
|
||||
src/grd-session-vnc.c | 120 ++++-
|
||||
src/grd-session-vnc.h | 17 +
|
||||
src/grd-settings.c | 28 ++
|
||||
src/grd-settings.h | 2 +
|
||||
src/grd-vnc-server.c | 45 ++
|
||||
src/grd-vnc-tls.c | 444 ++++++++++++++++++
|
||||
src/grd-vnc-tls.h | 28 ++
|
||||
src/meson.build | 5 +-
|
||||
src/meson.build | 3 +
|
||||
...nome.desktop.remote-desktop.gschema.xml.in | 10 +
|
||||
11 files changed, 666 insertions(+), 16 deletions(-)
|
||||
11 files changed, 678 insertions(+), 26 deletions(-)
|
||||
create mode 100644 src/grd-vnc-tls.c
|
||||
create mode 100644 src/grd-vnc-tls.h
|
||||
|
||||
diff --git a/meson.build b/meson.build
|
||||
index 1c96849..a24acfd 100644
|
||||
index 5e9ad04..9bbd5fc 100644
|
||||
--- a/meson.build
|
||||
+++ b/meson.build
|
||||
@@ -15,6 +15,7 @@ libvncserver_dep = dependency('libvncserver')
|
||||
libvncclient_dep = dependency('libvncclient')
|
||||
libsecret_dep = dependency('libsecret-1')
|
||||
libnotify_dep = dependency('libnotify')
|
||||
+gnutls_dep = dependency('gnutls')
|
||||
@@ -40,6 +40,7 @@ endif
|
||||
if have_vnc
|
||||
libvncserver_dep = dependency('libvncserver')
|
||||
libvncclient_dep = dependency('libvncclient')
|
||||
+ gnutls_dep = dependency('gnutls')
|
||||
endif
|
||||
|
||||
cdata = configuration_data()
|
||||
cdata.set_quoted('GETTEXT_PACKAGE', 'gnome-remote-desktop')
|
||||
diff --git a/src/grd-enums.h b/src/grd-enums.h
|
||||
index ffab821..4333863 100644
|
||||
--- a/src/grd-enums.h
|
||||
@ -52,10 +52,10 @@ index ffab821..4333863 100644
|
||||
+
|
||||
#endif /* GRD_ENUMS_H */
|
||||
diff --git a/src/grd-session-vnc.c b/src/grd-session-vnc.c
|
||||
index 1f3f0e2..0cc2ea2 100644
|
||||
index 0e520dc..0c189fd 100644
|
||||
--- a/src/grd-session-vnc.c
|
||||
+++ b/src/grd-session-vnc.c
|
||||
@@ -44,7 +44,9 @@ struct _GrdSessionVnc
|
||||
@@ -45,7 +45,9 @@ struct _GrdSessionVnc
|
||||
{
|
||||
GrdSession parent;
|
||||
|
||||
@ -65,7 +65,7 @@ index 1f3f0e2..0cc2ea2 100644
|
||||
GSource *source;
|
||||
rfbScreenInfoPtr rfb_screen;
|
||||
rfbClientPtr rfb_client;
|
||||
@@ -505,12 +507,30 @@ check_rfb_password (rfbClientPtr rfb_client,
|
||||
@@ -540,6 +542,12 @@ check_rfb_password (rfbClientPtr rfb_client,
|
||||
}
|
||||
}
|
||||
|
||||
@ -76,9 +76,10 @@ index 1f3f0e2..0cc2ea2 100644
|
||||
+}
|
||||
+
|
||||
int
|
||||
grd_session_vnc_get_framebuffer_stride (GrdSessionVnc *session_vnc)
|
||||
{
|
||||
return session_vnc->rfb_screen->paddedWidthInBytes;
|
||||
grd_session_vnc_get_stride_for_width (GrdSessionVnc *session_vnc,
|
||||
int width)
|
||||
@@ -547,6 +555,18 @@ grd_session_vnc_get_stride_for_width (GrdSessionVnc *session_vnc,
|
||||
return width * BGRX_BYTES_PER_PIXEL;
|
||||
}
|
||||
|
||||
+rfbClientPtr
|
||||
@ -96,7 +97,7 @@ index 1f3f0e2..0cc2ea2 100644
|
||||
static void
|
||||
init_vnc_session (GrdSessionVnc *session_vnc)
|
||||
{
|
||||
@@ -551,33 +571,74 @@ init_vnc_session (GrdSessionVnc *session_vnc)
|
||||
@@ -590,44 +610,85 @@ init_vnc_session (GrdSessionVnc *session_vnc)
|
||||
rfbProcessEvents (rfb_screen, 0);
|
||||
}
|
||||
|
||||
@ -131,6 +132,17 @@ index 1f3f0e2..0cc2ea2 100644
|
||||
+ session_vnc->pending_framebuffer_width,
|
||||
+ session_vnc->pending_framebuffer_height);
|
||||
+ session_vnc->pending_framebuffer_resize = FALSE;
|
||||
+
|
||||
+ /**
|
||||
+ * This is a workaround. libvncserver is unable to handle clipboard
|
||||
+ * changes early and either disconnects the client or crashes g-r-d
|
||||
+ * if it receives rfbSendServerCutText too early altough the
|
||||
+ * authentification process is already done.
|
||||
+ * Doing this after resizing the framebuffer, seems to work fine,
|
||||
+ * so enable the clipboard here and not when the remote desktop
|
||||
+ * session proxy is acquired.
|
||||
+ */
|
||||
+ grd_clipboard_vnc_maybe_enable_clipboard (session_vnc->clipboard_vnc);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
@ -172,6 +184,17 @@ index 1f3f0e2..0cc2ea2 100644
|
||||
- session_vnc->pending_framebuffer_width,
|
||||
- session_vnc->pending_framebuffer_height);
|
||||
- session_vnc->pending_framebuffer_resize = FALSE;
|
||||
-
|
||||
- /**
|
||||
- * This is a workaround. libvncserver is unable to handle clipboard
|
||||
- * changes early and either disconnects the client or crashes g-r-d
|
||||
- * if it receives rfbSendServerCutText too early altough the
|
||||
- * authentification process is already done.
|
||||
- * Doing this after resizing the framebuffer, seems to work fine,
|
||||
- * so enable the clipboard here and not when the remote desktop
|
||||
- * session proxy is acquired.
|
||||
- */
|
||||
- grd_clipboard_vnc_maybe_enable_clipboard (session_vnc->clipboard_vnc);
|
||||
- }
|
||||
+ grd_session_stop (session);
|
||||
}
|
||||
@ -185,7 +208,7 @@ index 1f3f0e2..0cc2ea2 100644
|
||||
}
|
||||
|
||||
return G_SOURCE_CONTINUE;
|
||||
@@ -590,7 +651,10 @@ grd_session_vnc_attach_source (GrdSessionVnc *session_vnc)
|
||||
@@ -640,7 +701,10 @@ grd_session_vnc_attach_source (GrdSessionVnc *session_vnc)
|
||||
|
||||
socket = g_socket_connection_get_socket (session_vnc->connection);
|
||||
session_vnc->source = g_socket_create_source (socket,
|
||||
@ -197,7 +220,7 @@ index 1f3f0e2..0cc2ea2 100644
|
||||
NULL);
|
||||
g_source_set_callback (session_vnc->source,
|
||||
(GSourceFunc) handle_socket_data,
|
||||
@@ -616,8 +680,10 @@ grd_session_vnc_new (GrdVncServer *vnc_server,
|
||||
@@ -666,8 +730,10 @@ grd_session_vnc_new (GrdVncServer *vnc_server,
|
||||
"context", context,
|
||||
NULL);
|
||||
|
||||
@ -208,7 +231,7 @@ index 1f3f0e2..0cc2ea2 100644
|
||||
grd_session_vnc_attach_source (session_vnc);
|
||||
|
||||
init_vnc_session (session_vnc);
|
||||
@@ -632,6 +698,8 @@ grd_session_vnc_dispose (GObject *object)
|
||||
@@ -682,6 +748,8 @@ grd_session_vnc_dispose (GObject *object)
|
||||
|
||||
g_assert (!session_vnc->rfb_screen);
|
||||
|
||||
@ -218,7 +241,7 @@ index 1f3f0e2..0cc2ea2 100644
|
||||
|
||||
G_OBJECT_CLASS (grd_session_vnc_parent_class)->dispose (object);
|
||||
diff --git a/src/grd-session-vnc.h b/src/grd-session-vnc.h
|
||||
index 14b5d12..46a8579 100644
|
||||
index a532567..4e7b33d 100644
|
||||
--- a/src/grd-session-vnc.h
|
||||
+++ b/src/grd-session-vnc.h
|
||||
@@ -36,6 +36,9 @@ G_DECLARE_FINAL_TYPE (GrdSessionVnc,
|
||||
@ -231,13 +254,15 @@ index 14b5d12..46a8579 100644
|
||||
GrdSessionVnc *grd_session_vnc_new (GrdVncServer *vnc_server,
|
||||
GSocketConnection *connection);
|
||||
|
||||
@@ -53,6 +56,18 @@ void grd_session_vnc_move_cursor (GrdSessionVnc *session_vnc,
|
||||
int x,
|
||||
int y);
|
||||
@@ -62,6 +65,20 @@ void grd_session_vnc_set_client_clipboard_text (GrdSessionVnc *session_vnc,
|
||||
int grd_session_vnc_get_stride_for_width (GrdSessionVnc *session_vnc,
|
||||
int width);
|
||||
|
||||
+int grd_session_vnc_get_fd (GrdSessionVnc *session_vnc);
|
||||
+
|
||||
int grd_session_vnc_get_framebuffer_stride (GrdSessionVnc *session_vnc);
|
||||
+int grd_session_vnc_get_framebuffer_stride (GrdSessionVnc *session_vnc);
|
||||
+
|
||||
gboolean grd_session_vnc_is_client_gone (GrdSessionVnc *session_vnc);
|
||||
|
||||
+rfbClientPtr grd_session_vnc_get_rfb_client (GrdSessionVnc *session_vnc);
|
||||
+
|
||||
@ -251,10 +276,10 @@ index 14b5d12..46a8579 100644
|
||||
+
|
||||
#endif /* GRD_SESSION_VNC_H */
|
||||
diff --git a/src/grd-settings.c b/src/grd-settings.c
|
||||
index bdf8211..7324310 100644
|
||||
index d2f31d2..12d8693 100644
|
||||
--- a/src/grd-settings.c
|
||||
+++ b/src/grd-settings.c
|
||||
@@ -48,6 +48,7 @@ struct _GrdSettings
|
||||
@@ -60,6 +60,7 @@ struct _GrdSettings
|
||||
gboolean view_only;
|
||||
GrdVncAuthMethod auth_method;
|
||||
int port;
|
||||
@ -262,7 +287,7 @@ index bdf8211..7324310 100644
|
||||
} vnc;
|
||||
};
|
||||
|
||||
@@ -120,6 +121,12 @@ grd_settings_get_vnc_auth_method (GrdSettings *settings)
|
||||
@@ -242,6 +243,12 @@ grd_settings_get_vnc_auth_method (GrdSettings *settings)
|
||||
return settings->vnc.auth_method;
|
||||
}
|
||||
|
||||
@ -273,9 +298,9 @@ index bdf8211..7324310 100644
|
||||
+}
|
||||
+
|
||||
static void
|
||||
update_vnc_view_only (GrdSettings *settings)
|
||||
update_rdp_tls_cert (GrdSettings *settings)
|
||||
{
|
||||
@@ -134,6 +141,13 @@ update_vnc_auth_method (GrdSettings *settings)
|
||||
@@ -277,6 +284,13 @@ update_vnc_auth_method (GrdSettings *settings)
|
||||
"auth-method");
|
||||
}
|
||||
|
||||
@ -287,9 +312,9 @@ index bdf8211..7324310 100644
|
||||
+}
|
||||
+
|
||||
static void
|
||||
on_vnc_settings_changed (GSettings *vnc_settings,
|
||||
on_rdp_settings_changed (GSettings *rdp_settings,
|
||||
const char *key,
|
||||
@@ -149,6 +163,11 @@ on_vnc_settings_changed (GSettings *vnc_settings,
|
||||
@@ -314,6 +328,11 @@ on_vnc_settings_changed (GSettings *vnc_settings,
|
||||
update_vnc_auth_method (settings);
|
||||
g_signal_emit (settings, signals[VNC_AUTH_METHOD_CHANGED], 0);
|
||||
}
|
||||
@ -301,16 +326,16 @@ index bdf8211..7324310 100644
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -172,6 +191,8 @@ grd_settings_init (GrdSettings *settings)
|
||||
update_vnc_auth_method (settings);
|
||||
@@ -345,6 +364,8 @@ grd_settings_init (GrdSettings *settings)
|
||||
|
||||
settings->rdp.port = GRD_RDP_SERVER_PORT;
|
||||
settings->vnc.port = GRD_VNC_SERVER_PORT;
|
||||
+
|
||||
+ update_vnc_encryption (settings);
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -195,4 +216,11 @@ grd_settings_class_init (GrdSettingsClass *klass)
|
||||
@@ -389,4 +410,11 @@ grd_settings_class_init (GrdSettingsClass *klass)
|
||||
0,
|
||||
NULL, NULL, NULL,
|
||||
G_TYPE_NONE, 0);
|
||||
@ -323,10 +348,10 @@ index bdf8211..7324310 100644
|
||||
+ G_TYPE_NONE, 0);
|
||||
}
|
||||
diff --git a/src/grd-settings.h b/src/grd-settings.h
|
||||
index e4e0c09..0575ec1 100644
|
||||
index e12e47e..b940fdb 100644
|
||||
--- a/src/grd-settings.h
|
||||
+++ b/src/grd-settings.h
|
||||
@@ -45,4 +45,6 @@ gboolean grd_settings_get_vnc_view_only (GrdSettings *settings);
|
||||
@@ -64,4 +64,6 @@ gboolean grd_settings_get_vnc_view_only (GrdSettings *settings);
|
||||
|
||||
GrdVncAuthMethod grd_settings_get_vnc_auth_method (GrdSettings *settings);
|
||||
|
||||
@ -899,33 +924,28 @@ index 0000000..135ef8c
|
||||
+
|
||||
+#endif /* GRD_VNC_TLS_H */
|
||||
diff --git a/src/meson.build b/src/meson.build
|
||||
index 0f76fab..9d2f1ce 100644
|
||||
index 843746d..133cc60 100644
|
||||
--- a/src/meson.build
|
||||
+++ b/src/meson.build
|
||||
@@ -21,6 +21,8 @@ daemon_sources = files([
|
||||
'grd-vnc-pipewire-stream.h',
|
||||
'grd-vnc-server.c',
|
||||
'grd-vnc-server.h',
|
||||
+ 'grd-vnc-tls.c',
|
||||
+ 'grd-vnc-tls.h',
|
||||
])
|
||||
@@ -72,10 +72,13 @@ if have_vnc
|
||||
'grd-vnc-pipewire-stream.h',
|
||||
'grd-vnc-server.c',
|
||||
'grd-vnc-server.h',
|
||||
+ 'grd-vnc-tls.c',
|
||||
+ 'grd-vnc-tls.h',
|
||||
])
|
||||
|
||||
deps += [
|
||||
libvncserver_dep,
|
||||
+ gnutls_dep,
|
||||
]
|
||||
endif
|
||||
|
||||
gen_daemon_sources = []
|
||||
@@ -51,7 +53,8 @@ executable('gnome-remote-desktop-daemon',
|
||||
pipewire_dep,
|
||||
libvncserver_dep,
|
||||
libsecret_dep,
|
||||
- libnotify_dep],
|
||||
+ libnotify_dep,
|
||||
+ gnutls_dep],
|
||||
include_directories: [configinc],
|
||||
install: true,
|
||||
install_dir: libexecdir)
|
||||
diff --git a/src/org.gnome.desktop.remote-desktop.gschema.xml.in b/src/org.gnome.desktop.remote-desktop.gschema.xml.in
|
||||
index a5c2022..846e65b 100644
|
||||
index 4b6e593..0086d99 100644
|
||||
--- a/src/org.gnome.desktop.remote-desktop.gschema.xml.in
|
||||
+++ b/src/org.gnome.desktop.remote-desktop.gschema.xml.in
|
||||
@@ -23,5 +23,15 @@
|
||||
@@ -49,5 +49,15 @@
|
||||
* password - by requiring the remote client to provide a known password
|
||||
</description>
|
||||
</key>
|
||||
@ -942,10 +962,10 @@ index a5c2022..846e65b 100644
|
||||
</schema>
|
||||
</schemalist>
|
||||
--
|
||||
2.26.2
|
||||
2.29.2
|
||||
|
||||
|
||||
From aa54aeb43938250a4d27a99e62eb5628d3b55076 Mon Sep 17 00:00:00 2001
|
||||
From 552e9c9add722e953a8da22bd54ba0fef7a9d6af Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Wed, 27 Nov 2019 11:02:09 +0100
|
||||
Subject: [PATCH 2/7] session-vnc: Add paused/resumed signals
|
||||
@ -958,10 +978,10 @@ out-of-socket source.
|
||||
1 file changed, 65 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/src/grd-session-vnc.c b/src/grd-session-vnc.c
|
||||
index 0cc2ea2..076e25f 100644
|
||||
index 0c189fd..596896d 100644
|
||||
--- a/src/grd-session-vnc.c
|
||||
+++ b/src/grd-session-vnc.c
|
||||
@@ -40,14 +40,27 @@
|
||||
@@ -41,14 +41,27 @@
|
||||
#define BGRX_SAMPLES_PER_PIXEL 3
|
||||
#define BGRX_BYTES_PER_PIXEL 4
|
||||
|
||||
@ -989,7 +1009,7 @@ index 0cc2ea2..076e25f 100644
|
||||
rfbScreenInfoPtr rfb_screen;
|
||||
rfbClientPtr rfb_client;
|
||||
|
||||
@@ -73,7 +86,7 @@ struct _GrdSessionVnc
|
||||
@@ -76,7 +89,7 @@ struct _GrdSessionVnc
|
||||
G_DEFINE_TYPE (GrdSessionVnc, grd_session_vnc, GRD_TYPE_SESSION);
|
||||
|
||||
static void
|
||||
@ -998,7 +1018,7 @@ index 0cc2ea2..076e25f 100644
|
||||
|
||||
static gboolean
|
||||
close_session_idle (gpointer user_data);
|
||||
@@ -212,7 +225,8 @@ handle_client_gone (rfbClientPtr rfb_client)
|
||||
@@ -235,7 +248,8 @@ handle_client_gone (rfbClientPtr rfb_client)
|
||||
|
||||
g_debug ("VNC client gone");
|
||||
|
||||
@ -1006,9 +1026,9 @@ index 0cc2ea2..076e25f 100644
|
||||
+ grd_session_vnc_pause (session_vnc);
|
||||
+
|
||||
maybe_queue_close_session_idle (session_vnc);
|
||||
session_vnc->rfb_client = NULL;
|
||||
}
|
||||
|
||||
@@ -280,7 +294,7 @@ handle_new_client (rfbClientPtr rfb_client)
|
||||
@@ -304,7 +318,7 @@ handle_new_client (rfbClientPtr rfb_client)
|
||||
session_vnc->prompt_cancellable,
|
||||
prompt_response_callback,
|
||||
session_vnc);
|
||||
@ -1017,7 +1037,7 @@ index 0cc2ea2..076e25f 100644
|
||||
return RFB_CLIENT_ON_HOLD;
|
||||
case GRD_VNC_AUTH_METHOD_PASSWORD:
|
||||
session_vnc->rfb_screen->passwordCheck = check_rfb_password;
|
||||
@@ -498,7 +512,7 @@ check_rfb_password (rfbClientPtr rfb_client,
|
||||
@@ -533,7 +547,7 @@ check_rfb_password (rfbClientPtr rfb_client,
|
||||
if (memcmp (challenge_encrypted, response_encrypted, len) == 0)
|
||||
{
|
||||
grd_session_start (GRD_SESSION (session_vnc));
|
||||
@ -1026,7 +1046,7 @@ index 0cc2ea2..076e25f 100644
|
||||
return TRUE;
|
||||
}
|
||||
else
|
||||
@@ -668,6 +682,36 @@ grd_session_vnc_detach_source (GrdSessionVnc *session_vnc)
|
||||
@@ -718,6 +732,36 @@ grd_session_vnc_detach_source (GrdSessionVnc *session_vnc)
|
||||
g_clear_pointer (&session_vnc->source, g_source_destroy);
|
||||
}
|
||||
|
||||
@ -1063,7 +1083,7 @@ index 0cc2ea2..076e25f 100644
|
||||
GrdSessionVnc *
|
||||
grd_session_vnc_new (GrdVncServer *vnc_server,
|
||||
GSocketConnection *connection)
|
||||
@@ -685,6 +729,7 @@ grd_session_vnc_new (GrdVncServer *vnc_server,
|
||||
@@ -735,6 +779,7 @@ grd_session_vnc_new (GrdVncServer *vnc_server,
|
||||
|
||||
grd_session_vnc_grab_socket (session_vnc, vnc_socket_grab_func);
|
||||
grd_session_vnc_attach_source (session_vnc);
|
||||
@ -1071,7 +1091,7 @@ index 0cc2ea2..076e25f 100644
|
||||
|
||||
init_vnc_session (session_vnc);
|
||||
|
||||
@@ -714,7 +759,7 @@ grd_session_vnc_stop (GrdSession *session)
|
||||
@@ -764,7 +809,7 @@ grd_session_vnc_stop (GrdSession *session)
|
||||
|
||||
g_clear_object (&session_vnc->pipewire_stream);
|
||||
|
||||
@ -1079,9 +1099,9 @@ index 0cc2ea2..076e25f 100644
|
||||
+ grd_session_vnc_pause (session_vnc);
|
||||
|
||||
g_clear_object (&session_vnc->connection);
|
||||
g_clear_pointer (&session_vnc->rfb_screen->frameBuffer, g_free);
|
||||
@@ -770,8 +815,8 @@ grd_session_vnc_stream_ready (GrdSession *session,
|
||||
G_CALLBACK (on_pipwire_stream_closed),
|
||||
g_clear_object (&session_vnc->clipboard_vnc);
|
||||
@@ -817,8 +862,8 @@ grd_session_vnc_stream_ready (GrdSession *session,
|
||||
G_CALLBACK (on_pipewire_stream_closed),
|
||||
session_vnc);
|
||||
|
||||
- if (!session_vnc->source)
|
||||
@ -1091,7 +1111,7 @@ index 0cc2ea2..076e25f 100644
|
||||
}
|
||||
|
||||
static void
|
||||
@@ -790,4 +835,17 @@ grd_session_vnc_class_init (GrdSessionVncClass *klass)
|
||||
@@ -837,4 +882,17 @@ grd_session_vnc_class_init (GrdSessionVncClass *klass)
|
||||
|
||||
session_class->stop = grd_session_vnc_stop;
|
||||
session_class->stream_ready = grd_session_vnc_stream_ready;
|
||||
@ -1110,10 +1130,10 @@ index 0cc2ea2..076e25f 100644
|
||||
+ G_TYPE_NONE, 0);
|
||||
}
|
||||
--
|
||||
2.26.2
|
||||
2.29.2
|
||||
|
||||
|
||||
From ed3d72cb8d08192831397903f0ba92f439751988 Mon Sep 17 00:00:00 2001
|
||||
From 3b33524046d299111cc150cc8d6d100f1e516485 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Wed, 27 Nov 2019 11:03:46 +0100
|
||||
Subject: [PATCH 3/7] session-vnc: Add grd_session_vnc_dispatch() helper
|
||||
@ -1126,10 +1146,10 @@ available that is not visible to the socket source.
|
||||
2 files changed, 18 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/src/grd-session-vnc.c b/src/grd-session-vnc.c
|
||||
index 076e25f..8b8ce1b 100644
|
||||
index 596896d..06b2cf7 100644
|
||||
--- a/src/grd-session-vnc.c
|
||||
+++ b/src/grd-session-vnc.c
|
||||
@@ -622,6 +622,21 @@ vnc_socket_grab_func (GrdSessionVnc *session_vnc,
|
||||
@@ -672,6 +672,21 @@ vnc_socket_grab_func (GrdSessionVnc *session_vnc,
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
@ -1151,7 +1171,7 @@ index 076e25f..8b8ce1b 100644
|
||||
static gboolean
|
||||
handle_socket_data (GSocket *socket,
|
||||
GIOCondition condition,
|
||||
@@ -638,16 +653,7 @@ handle_socket_data (GSocket *socket,
|
||||
@@ -688,16 +703,7 @@ handle_socket_data (GSocket *socket,
|
||||
}
|
||||
else if (condition & G_IO_IN)
|
||||
{
|
||||
@ -1170,10 +1190,10 @@ index 076e25f..8b8ce1b 100644
|
||||
else
|
||||
{
|
||||
diff --git a/src/grd-session-vnc.h b/src/grd-session-vnc.h
|
||||
index 46a8579..910b00c 100644
|
||||
index 4e7b33d..cf275af 100644
|
||||
--- a/src/grd-session-vnc.h
|
||||
+++ b/src/grd-session-vnc.h
|
||||
@@ -68,6 +68,8 @@ void grd_session_vnc_grab_socket (GrdSessionVnc *session_vnc,
|
||||
@@ -79,6 +79,8 @@ void grd_session_vnc_grab_socket (GrdSessionVnc *session_vnc,
|
||||
void grd_session_vnc_ungrab_socket (GrdSessionVnc *session_vnc,
|
||||
GrdVncSocketGrabFunc grab_func);
|
||||
|
||||
@ -1183,10 +1203,10 @@ index 46a8579..910b00c 100644
|
||||
|
||||
#endif /* GRD_SESSION_VNC_H */
|
||||
--
|
||||
2.26.2
|
||||
2.29.2
|
||||
|
||||
|
||||
From 44e6bec84a86064a7b3abbcbbcd07ebb525aca9f Mon Sep 17 00:00:00 2001
|
||||
From 3945af78cea858033d954bb1b071269687bdea85 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Wed, 27 Nov 2019 11:05:13 +0100
|
||||
Subject: [PATCH 4/7] vnc/tls: Add some logging
|
||||
@ -1260,10 +1280,10 @@ index ec4758e..ac6c35f 100644
|
||||
{
|
||||
g_warning ("TLS handshake failed: %s", error->message);
|
||||
--
|
||||
2.26.2
|
||||
2.29.2
|
||||
|
||||
|
||||
From fc07db3b6fafec47e02ff81f0f893dcaf64ba988 Mon Sep 17 00:00:00 2001
|
||||
From f5330797678f4c4db4a3fa19cebd30dd4d6bbb8c Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Wed, 27 Nov 2019 11:07:40 +0100
|
||||
Subject: [PATCH 5/7] vnc/tls: Dispatch also when data is pending outside of
|
||||
@ -1276,14 +1296,14 @@ epoll(). Deal with this by adding a custom source that dispatches as
|
||||
long as there is data to read in those buffers.
|
||||
---
|
||||
src/grd-session-vnc.h | 2 +
|
||||
src/grd-vnc-tls.c | 92 ++++++++++++++++++++++++++++++++++++++++---
|
||||
2 files changed, 88 insertions(+), 6 deletions(-)
|
||||
src/grd-vnc-tls.c | 90 ++++++++++++++++++++++++++++++++++++++++---
|
||||
2 files changed, 86 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/grd-session-vnc.h b/src/grd-session-vnc.h
|
||||
index 910b00c..294860e 100644
|
||||
index cf275af..efc0038 100644
|
||||
--- a/src/grd-session-vnc.h
|
||||
+++ b/src/grd-session-vnc.h
|
||||
@@ -68,6 +68,8 @@ void grd_session_vnc_grab_socket (GrdSessionVnc *session_vnc,
|
||||
@@ -79,6 +79,8 @@ void grd_session_vnc_grab_socket (GrdSessionVnc *session_vnc,
|
||||
void grd_session_vnc_ungrab_socket (GrdSessionVnc *session_vnc,
|
||||
GrdVncSocketGrabFunc grab_func);
|
||||
|
||||
@ -1293,7 +1313,7 @@ index 910b00c..294860e 100644
|
||||
|
||||
GrdVncServer * grd_session_vnc_get_vnc_server (GrdSessionVnc *session_vnc);
|
||||
diff --git a/src/grd-vnc-tls.c b/src/grd-vnc-tls.c
|
||||
index ac6c35f..8f65225 100644
|
||||
index ac6c35f..312b6b9 100644
|
||||
--- a/src/grd-vnc-tls.c
|
||||
+++ b/src/grd-vnc-tls.c
|
||||
@@ -41,6 +41,12 @@ typedef enum _GrdTlsHandshakeState
|
||||
@ -1318,12 +1338,7 @@ index ac6c35f..8f65225 100644
|
||||
} GrdVncTlsSession;
|
||||
|
||||
static gboolean
|
||||
@@ -296,16 +304,14 @@ grd_vnc_tls_peek_at_socket (rfbClientPtr rfb_client,
|
||||
peekable_len = MIN (len, tls_session->peek_buffer_len);
|
||||
memcpy (buf, tls_session->peek_buffer, peekable_len);
|
||||
|
||||
+ fprintf(stderr, ":::: %s:%d %s() - peeked %d bytes, can peek %d bytes\n", __FILE__, __LINE__, __func__,
|
||||
+ peekable_len, tls_session->peek_buffer_len);
|
||||
@@ -299,13 +307,9 @@ grd_vnc_tls_peek_at_socket (rfbClientPtr rfb_client,
|
||||
return peekable_len;
|
||||
}
|
||||
|
||||
@ -1339,7 +1354,7 @@ index ac6c35f..8f65225 100644
|
||||
if (tls_session->peek_buffer_len > 0)
|
||||
return TRUE;
|
||||
|
||||
@@ -315,6 +321,16 @@ grd_vnc_tls_has_pending_on_socket (rfbClientPtr rfb_client)
|
||||
@@ -315,6 +319,16 @@ grd_vnc_tls_has_pending_on_socket (rfbClientPtr rfb_client)
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
@ -1356,7 +1371,7 @@ index ac6c35f..8f65225 100644
|
||||
static int
|
||||
grd_vnc_tls_write_to_socket (rfbClientPtr rfb_client,
|
||||
const char *buf,
|
||||
@@ -403,6 +419,62 @@ tls_handshake_grab_func (GrdSessionVnc *session_vnc,
|
||||
@@ -403,6 +417,62 @@ tls_handshake_grab_func (GrdSessionVnc *session_vnc,
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
@ -1419,7 +1434,7 @@ index ac6c35f..8f65225 100644
|
||||
static void
|
||||
rfb_tls_security_handler (rfbClientPtr rfb_client)
|
||||
{
|
||||
@@ -429,6 +501,14 @@ rfb_tls_security_handler (rfbClientPtr rfb_client)
|
||||
@@ -429,6 +499,14 @@ rfb_tls_security_handler (rfbClientPtr rfb_client)
|
||||
rfb_client->hasPendingOnSocket = grd_vnc_tls_has_pending_on_socket;
|
||||
rfb_client->writeToSocket = grd_vnc_tls_write_to_socket;
|
||||
|
||||
@ -1435,10 +1450,10 @@ index ac6c35f..8f65225 100644
|
||||
}
|
||||
|
||||
--
|
||||
2.26.2
|
||||
2.29.2
|
||||
|
||||
|
||||
From c582baab12c1e2dd2b512329da42880c40993df6 Mon Sep 17 00:00:00 2001
|
||||
From fae9653965ddcc3d5684a056d9bdf46ef439d649 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Wed, 27 Nov 2019 16:48:00 +0100
|
||||
Subject: [PATCH 6/7] session-vnc: Set our own password handling function up
|
||||
@ -1457,10 +1472,10 @@ password prompt.
|
||||
1 file changed, 2 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/grd-session-vnc.c b/src/grd-session-vnc.c
|
||||
index 8b8ce1b..a93a2e3 100644
|
||||
index 06b2cf7..7a4c6b3 100644
|
||||
--- a/src/grd-session-vnc.c
|
||||
+++ b/src/grd-session-vnc.c
|
||||
@@ -91,11 +91,6 @@ grd_session_vnc_pause (GrdSessionVnc *session_vnc);
|
||||
@@ -94,11 +94,6 @@ grd_session_vnc_pause (GrdSessionVnc *session_vnc);
|
||||
static gboolean
|
||||
close_session_idle (gpointer user_data);
|
||||
|
||||
@ -1472,7 +1487,7 @@ index 8b8ce1b..a93a2e3 100644
|
||||
static void
|
||||
swap_uint8 (uint8_t *a,
|
||||
uint8_t *b)
|
||||
@@ -297,7 +292,6 @@ handle_new_client (rfbClientPtr rfb_client)
|
||||
@@ -321,7 +316,6 @@ handle_new_client (rfbClientPtr rfb_client)
|
||||
grd_session_vnc_pause (session_vnc);
|
||||
return RFB_CLIENT_ON_HOLD;
|
||||
case GRD_VNC_AUTH_METHOD_PASSWORD:
|
||||
@ -1480,7 +1495,7 @@ index 8b8ce1b..a93a2e3 100644
|
||||
/*
|
||||
* authPasswdData needs to be non NULL in libvncserver to trigger
|
||||
* password authentication.
|
||||
@@ -581,6 +575,8 @@ init_vnc_session (GrdSessionVnc *session_vnc)
|
||||
@@ -620,6 +614,8 @@ init_vnc_session (GrdSessionVnc *session_vnc)
|
||||
rfb_screen->frameBuffer = g_malloc0 (screen_width * screen_height * 4);
|
||||
memset (rfb_screen->frameBuffer, 0x1f, screen_width * screen_height * 4);
|
||||
|
||||
@ -1490,43 +1505,40 @@ index 8b8ce1b..a93a2e3 100644
|
||||
rfbProcessEvents (rfb_screen, 0);
|
||||
}
|
||||
--
|
||||
2.26.2
|
||||
2.29.2
|
||||
|
||||
|
||||
From b7fc232ee5272b430f28c33ebaacd501ff63a4dc Mon Sep 17 00:00:00 2001
|
||||
From 1ae1286b2cc868045f93c02b7a990638ca94b26d Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
|
||||
Date: Wed, 27 Nov 2019 16:53:42 +0100
|
||||
Subject: [PATCH 7/7] vnc: Unregister previously set security handlers on init
|
||||
Date: Mon, 12 Oct 2020 17:34:30 +0200
|
||||
Subject: [PATCH 7/7] vnc: Copy pixels using the right destination stride
|
||||
|
||||
When we're starting a session, we're going to handle a new client
|
||||
connection. However, any previous client that was ever run on in a
|
||||
previous session would still have their "security handler" registered,
|
||||
as such is a global permanent change in libvncserver right now.
|
||||
We're copying the pixels in a separate thread managed by PipeWire, and
|
||||
in this thread, accessing the VNC framebuffer dimension and stride is
|
||||
racy. Instead of fetching the dimension directly, pass the expected
|
||||
width and get the stride it will eventually have.
|
||||
|
||||
To work around this, unregister all primary security handler (i.e.
|
||||
'none' and 'password') when initializing the RFB screen. We'll set up
|
||||
the preferred one when handling the new client.
|
||||
Already before this patch, when the copied pixel end up on the main
|
||||
thread and the dimension still doesn't match up, the frame will be
|
||||
dropped.
|
||||
---
|
||||
src/grd-session-vnc.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
src/grd-session-vnc.h | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/grd-session-vnc.c b/src/grd-session-vnc.c
|
||||
index a93a2e3..9fcbb69 100644
|
||||
--- a/src/grd-session-vnc.c
|
||||
+++ b/src/grd-session-vnc.c
|
||||
@@ -555,6 +555,12 @@ init_vnc_session (GrdSessionVnc *session_vnc)
|
||||
8, 3, 4);
|
||||
session_vnc->rfb_screen = rfb_screen;
|
||||
diff --git a/src/grd-session-vnc.h b/src/grd-session-vnc.h
|
||||
index efc0038..f3a6314 100644
|
||||
--- a/src/grd-session-vnc.h
|
||||
+++ b/src/grd-session-vnc.h
|
||||
@@ -67,7 +67,8 @@ int grd_session_vnc_get_stride_for_width (GrdSessionVnc *session_vnc,
|
||||
|
||||
+ /*
|
||||
+ * Unregister whatever security handler was used the last time; we'll set
|
||||
+ * up new ones when authorizing the new client anyway.
|
||||
+ */
|
||||
+ rfbUnregisterPrimarySecurityHandlers ();
|
||||
+
|
||||
update_server_format (session_vnc);
|
||||
int grd_session_vnc_get_fd (GrdSessionVnc *session_vnc);
|
||||
|
||||
-int grd_session_vnc_get_framebuffer_stride (GrdSessionVnc *session_vnc);
|
||||
+int grd_session_vnc_get_stride_for_width (GrdSessionVnc *session_vnc,
|
||||
+ int width);
|
||||
|
||||
gboolean grd_session_vnc_is_client_gone (GrdSessionVnc *session_vnc);
|
||||
|
||||
socket = g_socket_connection_get_socket (session_vnc->connection);
|
||||
--
|
||||
2.26.2
|
||||
2.29.2
|
||||
|
47
libvncserver-LibVNCServer-0.9.13-static-library-link.patch
Normal file
47
libvncserver-LibVNCServer-0.9.13-static-library-link.patch
Normal file
@ -0,0 +1,47 @@
|
||||
diff --git a/CMakeLists.txt b/CMakeLists.txt
|
||||
index 0b6228a..20fec85 100644
|
||||
--- a/CMakeLists.txt
|
||||
+++ b/CMakeLists.txt
|
||||
@@ -495,7 +495,7 @@ if(WIN32)
|
||||
endif(WITH_TIGHTVNC_FILETRANSFER)
|
||||
endif(WIN32)
|
||||
|
||||
-target_link_libraries(vncclient
|
||||
+target_link_libraries(vncclient PUBLIC
|
||||
${ADDITIONAL_LIBS}
|
||||
${ZLIB_LIBRARIES}
|
||||
${LZO_LIBRARIES}
|
||||
@@ -504,7 +504,7 @@ target_link_libraries(vncclient
|
||||
${GNUTLS_LIBRARIES}
|
||||
${OPENSSL_LIBRARIES}
|
||||
)
|
||||
-target_link_libraries(vncserver
|
||||
+target_link_libraries(vncserver PUBLIC
|
||||
${ADDITIONAL_LIBS}
|
||||
${ZLIB_LIBRARIES}
|
||||
${LZO_LIBRARIES}
|
||||
diff --git a/libvncclient.pc.cmakein b/libvncclient.pc.cmakein
|
||||
index ceeda39..f131dca 100644
|
||||
--- a/libvncclient.pc.cmakein
|
||||
+++ b/libvncclient.pc.cmakein
|
||||
@@ -8,7 +8,6 @@ Description: A library for easy implementation of a VNC client.
|
||||
Version: @LibVNCServer_VERSION@
|
||||
Requires:
|
||||
Requires.private:
|
||||
-Libs: -L${libdir} -lvncclient
|
||||
-Libs.private: @PRIVATE_LIBS@
|
||||
+Libs: -L${libdir} -lvncclient @PRIVATE_LIBS@
|
||||
Cflags: -I${includedir}
|
||||
|
||||
diff --git a/libvncserver.pc.cmakein b/libvncserver.pc.cmakein
|
||||
index 33ec668..5ae98c9 100644
|
||||
--- a/libvncserver.pc.cmakein
|
||||
+++ b/libvncserver.pc.cmakein
|
||||
@@ -8,6 +8,5 @@ Description: A library for easy implementation of a VNC server.
|
||||
Version: @LibVNCServer_VERSION@
|
||||
Requires:
|
||||
Requires.private:
|
||||
-Libs: -L${libdir} -lvncserver
|
||||
-Libs.private: @PRIVATE_LIBS@
|
||||
+Libs: -L${libdir} -lvncserver @PRIVATE_LIBS@
|
||||
Cflags: -I${includedir}
|
15
libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch
Normal file
15
libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch
Normal file
@ -0,0 +1,15 @@
|
||||
diff -up libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c.crypto_policy libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c
|
||||
--- libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c.crypto_policy 2020-06-13 13:49:53.000000000 -0500
|
||||
+++ libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c 2020-07-02 08:00:54.304902893 -0500
|
||||
@@ -29,8 +29,8 @@
|
||||
#include "tls.h"
|
||||
|
||||
|
||||
-static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP";
|
||||
-static const char *rfbAnonTLSPriority= "NORMAL:+ANON-DH";
|
||||
+static const char *rfbTLSPriority = "@SYSTEM";
|
||||
+static const char *rfbAnonTLSPriority= "@SYSTEM:+ANON-DH";
|
||||
|
||||
#define DH_BITS 1024
|
||||
static gnutls_dh_params_t rfbDHParams;
|
||||
diff -up libvncserver-LibVNCServer-0.9.13/libvncserver/rfbssl_gnutls.c.crypto_policy libvncserver-LibVNCServer-0.9.13/libvncserver/rfbssl_gnutls.c
|
2
sources
Normal file
2
sources
Normal file
@ -0,0 +1,2 @@
|
||||
SHA512 (gnome-remote-desktop-40.0.tar.xz) = 557d5425a92cc50dfac60d9e5e39fba88bd3a653ece6490aae663913bc1df490b7d864ae0d6e8cc2c305e7c0fa5f77d7b1e63488bc51f38a0f897232b69edc89
|
||||
SHA512 (LibVNCServer-0.9.13.tar.gz) = 18b0a1698d32bbdbfe6f65f76130b2a95860e3cc76e8adb904269663698c7c0ae982f451fda1f25e5461f096045d40a89d9014258f439366d5b4feaa4999d643
|
Loading…
Reference in New Issue
Block a user