aboutsummaryrefslogtreecommitdiff
path: root/ui/vnc.c
AgeCommit message (Collapse)AuthorFilesLines
2016-07-15vnc: make sure we finish disconnectGerd Hoffmann1-0/+5
It may happen that vnc connections linger in disconnecting state forever because VncState happens to be in a state where vnc_update_client() exists early and never reaches the vnc_disconnect_finish() call at the bottom of the function. Fix that by doing an additinal check at the start of the function. https://bugzilla.redhat.com/show_bug.cgi?id=1352799 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1468405280-2571-1-git-send-email-kraxel@redhat.com
2016-07-12ui: avoid crash if vnc client disconnects with writes pendingDaniel P. Berrange1-4/+9
The vnc_client_read() function is called from the vnc_client_io() event handler callback when there is incoming data to process. If it detects that the client has disconnected, then it will trigger cleanup and free'ing of the VncState client struct at a safe time. Unfortunately, the vnc_client_io() event handler will also call vnc_client_write() to handle any outgoing data writes. So if vnc_client_io() was invoked with both G_IO_IN and G_IO_OUT events set, and the client disconnects, we may try to write to a client which has just been freed. https://bugs.launchpad.net/qemu/+bug/1594861 Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1467042529-3372-1-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-07-12vnc: fix incorrect checking condition when updating clientGonglei1-1/+1
vs->disconnecting is set to TRUE and vs->ioc is closed, but vs->ioc isn't set to NULL, so that the vnc_disconnect_finish() isn't invoked when you update client in vnc_update_client() after vnc_disconnect_start invoked. Let's using change the checking condition to avoid resource leak. Signed-off-by: Haibin Wang <wanghaibin.wang@huawei.com> Signed-off-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1467949056-81208-1-git-send-email-arei.gonglei@huawei.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-06-29vnc: generalize "VNC server running on ..." messagePaolo Bonzini1-11/+12
The message is useful whenever the user specifies "-vnc to=XX". Move it to ui/vnc.c. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-10ui: fix regression in printing VNC host/port on startupDaniel P. Berrange1-1/+1
If VNC is chosen as the compile time default display backend, QEMU will print the host/port it listens on at startup. Previously this would look like VNC server running on '::1:5900' but in 04d2529da27db512dcbd5e99d0e26d333f16efcc the ':' was accidentally replaced with a ';'. This the ':' back. Reported-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 1465382576-25552-1-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-06-10vnc: drop unused depth arg for set_pixel_formatGerd Hoffmann1-4/+2
Spotted by Coverity. Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 1465204725-31562-1-git-send-email-kraxel@redhat.com
2016-06-03vnc: add configurable keyboard delayGerd Hoffmann1-2/+11
Limits the rate kbd events from the vnc server are forwarded to the guest, so input devices which are typically low-bandwidth can keep up even on bulky input. v2: update documentation too. v3: spell fixes. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Tested-by: Yang Hongyang <hongyang.yang@easystack.cn> Message-id: 1464762150-25817-1-git-send-email-kraxel@redhat.com
2016-06-03vnc: Add support for color mapAlexander Graf1-2/+31
Our current VNC code does not handle color maps (aka non-true-color) at all and aborts if a client requests them. There are 2 major issues with this: 1) A VNC viewer on an 8-bit X11 system may request color maps 2) RealVNC _always_ starts requesting color maps, then moves on to full color In order to support these 2 use cases, let's just create a fake color map that covers exactly our normal true color 8 bit color space. That way we don't lose anything over a client that wants true color. Reported-by: Sascha Wehnert <swehnert@suse.com> Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> Message-id: 1464099559-20789-1-git-send-email-den@openvz.org Actually this is a very old patch originally submitted in 2013 by Alexander. The situation is still the same with RealVNC, it does not connect by default to QEMU VNC. The problem is that this client is really popular. This is better to be kludged. Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> CC: Gerd Hoffmann <kraxel@redhat.com> CC: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-22util: move declarations out of qemu-common.hVeronia Bahaa1-0/+1
Move declarations out of qemu-common.h for functions declared in utils/ files: e.g. include/qemu/path.h for utils/path.c. Move inline functions out of qemu-common.h and into new files (e.g. include/qemu/bcd.h) Signed-off-by: Veronia Bahaa <veroniabahaa@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-18qapi: Don't special-case simple union wrappersEric Blake1-14/+15
Simple unions were carrying a special case that hid their 'data' QMP member from the resulting C struct, via the hack method QAPISchemaObjectTypeVariant.simple_union_type(). But by using the work we started by unboxing flat union and alternate branches, coupled with the ability to visit the members of an implicit type, we can now expose the simple union's implicit type in qapi-types.h: | struct q_obj_ImageInfoSpecificQCow2_wrapper { | ImageInfoSpecificQCow2 *data; | }; | | struct q_obj_ImageInfoSpecificVmdk_wrapper { | ImageInfoSpecificVmdk *data; | }; ... | struct ImageInfoSpecific { | ImageInfoSpecificKind type; | union { /* union tag is @type */ | void *data; |- ImageInfoSpecificQCow2 *qcow2; |- ImageInfoSpecificVmdk *vmdk; |+ q_obj_ImageInfoSpecificQCow2_wrapper qcow2; |+ q_obj_ImageInfoSpecificVmdk_wrapper vmdk; | } u; | }; Doing this removes asymmetry between QAPI's QMP side and its C side (both sides now expose 'data'), and means that the treatment of a simple union as sugar for a flat union is now equivalent in both languages (previously the two approaches used a different layer of dereferencing, where the simple union could be converted to a flat union with equivalent C layout but different {} on the wire, or to an equivalent QMP wire form but with different C representation). Using the implicit type also lets us get rid of the simple_union_type() hack. Of course, now all clients of simple unions have to adjust from using su->u.member to using su->u.member.data; while this touches a number of files in the tree, some earlier cleanup patches helped minimize the change to the initialization of a temporary variable rather than every single member access. The generated qapi-visit.c code is also affected by the layout change: |@@ -7393,10 +7393,10 @@ void visit_type_ImageInfoSpecific_member | } | switch (obj->type) { | case IMAGE_INFO_SPECIFIC_KIND_QCOW2: |- visit_type_ImageInfoSpecificQCow2(v, "data", &obj->u.qcow2, &err); |+ visit_type_q_obj_ImageInfoSpecificQCow2_wrapper_members(v, &obj->u.qcow2, &err); | break; | case IMAGE_INFO_SPECIFIC_KIND_VMDK: |- visit_type_ImageInfoSpecificVmdk(v, "data", &obj->u.vmdk, &err); |+ visit_type_q_obj_ImageInfoSpecificVmdk_wrapper_members(v, &obj->u.vmdk, &err); | break; | default: | abort(); Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1458254921-17042-13-git-send-email-eblake@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-03-16module: Rename machine_init() to opts_init()Eduardo Habkost1-1/+1
The only remaining users of machine_init() only call qemu_add_opts(). Rename machine_init() to opts_init() and move it closer to the qemu_add_opts() calls on vl.c. Cc: "Michael S. Tsirkin" <mst@redhat.com> Cc: Igor Mammedov <imammedo@redhat.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marcel Apfelbaum <marcel@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-03-08vnc: send cursor when a new client is connectingFrediano Ziglio1-0/+3
If you have hardware cursor and you are reconnecting the VNC client you need to send the cursor. Failing to do so make the cursor invisible till is changed. Signed-off-by: Frediano Ziglio <fziglio@redhat.com> Message-id: 1456929142-14033-1-git-send-email-fziglio@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-03-05util: Shorten references into SocketAddressEric Blake1-19/+20
An upcoming patch will alter how simple unions, like SocketAddress, are laid out, which will impact all lines of the form 'addr->u.XXX' (expanding it to the longer 'addr->u.XXX.data'). For better legibility in that patch, and less need for line wrapping, it's better to use a temporary variable to reduce the effect of a layout change to just the variable initializations, rather than every reference within a SocketAddress. Also, take advantage of some C99 initialization where it makes sense (simplifying g_new0() to g_new()). Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1457021813-10704-7-git-send-email-eblake@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2016-03-01qapi: rename input buttonsGerd Hoffmann1-2/+2
All lowercase, use-dash instead of CamelCase. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2016-03-01console: add & use qemu_console_lookup_by_device_nameGerd Hoffmann1-11/+4
We have two places needing this, and a third one will come shortly. So factor things out into a helper function to reduce code duplication. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com>
2016-02-04ui: Clean up includesPeter Maydell1-1/+1
Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1454089805-5470-2-git-send-email-peter.maydell@linaro.org
2016-01-21Merge remote-tracking branch 'remotes/kraxel/tags/pull-socket-20160120-1' ↵Peter Maydell1-6/+12
into staging Convert qemu-socket to use QAPI exclusively, update MAINTAINERS. # gpg: Signature made Wed 20 Jan 2016 06:49:07 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-socket-20160120-1: vnc: distiguish between ipv4/ipv6 omitted vs set to off sockets: remove use of QemuOpts from socket_dgram sockets: remove use of QemuOpts from socket_connect sockets: remove use of QemuOpts from socket_listen sockets: remove use of QemuOpts from header file add MAINTAINERS entry for qemu socket code Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-01-19vnc: distiguish between ipv4/ipv6 omitted vs set to offDaniel P. Berrange1-6/+12
The VNC code for interpreting QemuOpts does not currently distinguish between ipv4/ipv6 being omitted, and being set to 'off', because historically the 'ipv4' and 'ipv6' options were just flags which did not accept a value. The upshot is that if someone runs $QEMU -vnc localhost:1,ipv6=off QEMU still uses PF_UNSPEC and thus may still bind to IPv6, when it should use PF_INET. This is another instance of the problem previously fixed for chardevs in commit b77e7c8e99f9ac726c4eaa2fc3461fd886017dc0 Author: Paolo Bonzini <pbonzini@redhat.com> Date: Mon Oct 12 15:35:16 2015 +0200 qemu-sockets: fix conversion of ipv4/ipv6 JSON to QemuOpts Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1452518225-11751-6-git-send-email-berrange@redhat.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-18vnc: fix tls-creds error messageWolfgang Bumiller1-1/+1
The parameter is called 'tls-creds', 'credid' is just the variable name in the code. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1452681360-29239-1-git-send-email-w.bumiller@proxmox.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-18vnc: clear vs->tlscreds after unparenting itWolfgang Bumiller1-0/+1
This pointer should be cleared in vnc_display_close() otherwise a use-after-free can happen when when using the old style 'x509' and 'tls' options rather than a persistent tls-creds -object, by issuing monitor commands to change the vnc server like so: Start with: -vnc unix:test.socket,x509,tls Then use the following monitor command: change vnc unix:test.socket After this the pointer is still set but invalid and a crash can be triggered for instance by issuing the same command a second time which will try to object_unparent() the same pointer again. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-01-13error: Use error_reportf_err() where it makes obvious senseMarkus Armbruster1-3/+1
Done with this Coccinelle semantic patch @@ expression FMT, E, S; expression list ARGS; @@ - error_report(FMT, ARGS, error_get_pretty(E)); + error_reportf_err(E, FMT/*@@@*/, ARGS); ( - error_free(E); | exit(S); | abort(); ) followed by a replace of '%s"/*@@@*/' by '"' and some line rewrapping, because I can't figure out how to make Coccinelle transform strings. We now use the error whole instead of just its message obtained with error_get_pretty(). This avoids suppressing its hint (see commit 50b7b00), but I can't see how the errors touched in this commit could come with hints. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1450452927-8346-12-git-send-email-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2015-12-18ui: convert VNC server to use QIOChannelWebsockDaniel P. Berrange1-23/+4
Remove custom websock handling code from the VNC server and use the QIOChannelWebsock class instead. Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18ui: convert VNC server to use QIOChannelTLSDaniel P. Berrange1-64/+5
Switch VNC server over to using the QIOChannelTLS object for the TLS session. This removes all remaining VNC specific code for dealing with TLS handshakes. Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18ui: convert VNC server to use QIOChannelSocketDaniel P. Berrange1-280/+294
The minimal first step conversion to use QIOChannelSocket classes instead of directly using POSIX sockets API. This will later be extended to also cover the TLS, SASL and websockets code. Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-17qapi: Change munging of CamelCase enum valuesEric Blake1-2/+2
When munging enum values, the fact that we were passing the entire prefix + value through camel_to_upper() meant that enum values spelled with CamelCase could be turned into CAMEL_CASE. However, this provides a potential collision (both OneTwo and One-Two would munge into ONE_TWO) for enum types, when the same two names are valid side-by-side as QAPI member names. By changing the generation of enum constants to always be prefix + '_' + c_name(value, False).upper(), and ensuring that there are no case collisions (in the next patches), we no longer have to worry about names that would be distinct as QAPI members but collide as variant tag names, without having to think about what munging the heuristics in camel_to_upper() will actually perform on an enum value. Making the change will affect enums that did not follow coding conventions, using 'CamelCase' rather than desired 'lower-case'. Thankfully, there are only two culprits: InputButton and ErrorClass. We already tweaked ErrorClass to make it an alias of QapiErrorClass, where only the alias needs changing rather than the whole tree. So the bulk of this change is modifying INPUT_BUTTON_WHEEL_UP to the new INPUT_BUTTON_WHEELUP (and likewise for WHEELDOWN). That part of this commit may later need reverting if we rename the enum constants from 'WheelUp' to 'wheel-up' as part of moving x-input-send-event to a stable interface; but at least we have documentation bread crumbs in place to remind us (commit 513e7cd), and it matches the fact that SDL constants are also spelled SDL_BUTTON_WHEELUP. Suggested by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1447836791-369-27-git-send-email-eblake@redhat.com> [Commit message tweaked] Signed-off-by: Markus Armbruster <armbru@redhat.com>
2015-12-17qapi: Don't let implicit enum MAX member collideEric Blake1-1/+1
Now that we guarantee the user doesn't have any enum values beginning with a single underscore, we can use that for our own purposes. Renaming ENUM_MAX to ENUM__MAX makes it obvious that the sentinel is generated. This patch was mostly generated by applying a temporary patch: |diff --git a/scripts/qapi.py b/scripts/qapi.py |index e6d014b..b862ec9 100644 |--- a/scripts/qapi.py |+++ b/scripts/qapi.py |@@ -1570,6 +1570,7 @@ const char *const %(c_name)s_lookup[] = { | max_index = c_enum_const(name, 'MAX', prefix) | ret += mcgen(''' | [%(max_index)s] = NULL, |+// %(max_index)s | }; | ''', | max_index=max_index) then running: $ cat qapi-{types,event}.c tests/test-qapi-types.c | sed -n 's,^// \(.*\)MAX,s|\1MAX|\1_MAX|g,p' > list $ git grep -l _MAX | xargs sed -i -f list The only things not generated are the changes in scripts/qapi.py. Rejecting enum members named 'MAX' is now useless, and will be dropped in the next patch. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1447836791-369-23-git-send-email-eblake@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com> [Rebased to current master, commit message tweaked] Signed-off-by: Markus Armbruster <armbru@redhat.com>
2015-12-03ui: vnc: avoid floating point exceptionPrasad J Pandit1-3/+3
While sending 'SetPixelFormat' messages to a VNC server, the client could set the 'red-max', 'green-max' and 'blue-max' values to be zero. This leads to a floating point exception in write_png_palette while doing frame buffer updates. Reported-by: Lian Yihan <lianyihan@360.cn> Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-26vnc: fix segfaultGerd Hoffmann1-0/+5
Commit "c7628bf vnc: only alloc server surface with clients connected" missed one rarely used codepath (cirrus with guest drivers using 2d accel) where we have to check for the server surface being present, to avoid qemu crashing with a NULL pointer dereference. Add the check. Reported-by: Anthony PERARD <anthony.perard@citrix.com> Tested-by: Anthony PERARD <anthony.perard@citrix.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-11-17Merge remote-tracking branch 'remotes/kraxel/tags/pull-vnc-20151116-1' into ↵Peter Maydell1-24/+68
staging vnc: buffer code improvements, bugfixes. # gpg: Signature made Mon 16 Nov 2015 17:20:02 GMT using RSA key ID D3E87138 # gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" # gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" # gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" * remotes/kraxel/tags/pull-vnc-20151116-1: vnc: fix mismerge buffer: allow a buffer to shrink gracefully buffer: factor out buffer_adj_size buffer: factor out buffer_req_size vnc: recycle empty vs->output buffer vnc: fix local state init vnc: only alloc server surface with clients connected vnc: use vnc_{width,height} in vnc_set_area_dirty vnc: factor out vnc_update_server_surface vnc: add vnc_width+vnc_height helpers vnc: zap dead code vnc-jobs: move buffer reset, use new buffer move vnc: kill jobs queue buffer vnc: attach names to buffers buffer: add tracing buffer: add buffer_shrink buffer: add buffer_move buffer: add buffer_move_empty buffer: add buffer_init buffer: make the Buffer capacity increase in powers of two Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-06ui: Use g_new() & friends where that makes obvious senseMarkus Armbruster1-2/+2
g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Same Coccinelle semantic patch as in commit b45c03f. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-11-05vnc: fix mismergeGerd Hoffmann1-2/+0
Commit "4d77b1f vnc: fix bug: vnc server can't start when 'to' is specified" was rebased incorrectly, fix it. Reported-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Yang Hongyang <hongyang.yang@easystack.cn> Message-id: 1446714738-22400-1-git-send-email-kraxel@redhat.com
2015-11-05vnc: only alloc server surface with clients connectedGerd Hoffmann1-0/+12
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1446203414-4013-15-git-send-email-kraxel@redhat.com
2015-11-05vnc: use vnc_{width,height} in vnc_set_area_dirtyGerd Hoffmann1-11/+10
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1446203414-4013-14-git-send-email-kraxel@redhat.com
2015-11-05vnc: factor out vnc_update_server_surfaceGerd Hoffmann1-6/+15
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1446203414-4013-13-git-send-email-kraxel@redhat.com
2015-11-05vnc: add vnc_width+vnc_height helpersGerd Hoffmann1-3/+13
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1446203414-4013-12-git-send-email-kraxel@redhat.com
2015-11-05vnc: zap dead codeGerd Hoffmann1-4/+0
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1446203414-4013-11-git-send-email-kraxel@redhat.com
2015-11-05vnc: attach names to buffersGerd Hoffmann1-0/+20
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1446203414-4013-8-git-send-email-kraxel@redhat.com
2015-11-03vnc: fix bug: vnc server can't start when 'to' is specifiedYang Hongyang1-0/+2
commit e0d03b8ceb52 converted VNC startup to use SocketAddress, the interface socket_listen don't have a port_offset param, so we need to add the port offset (5900) to both 'port' and 'to' opts. currently only 'port' is added by offset. This patch add the port offset to 'to' opts. Signed-off-by: Yang Hongyang <hongyang.yang@easystack.cn> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 1445926252-14830-1-git-send-email-hongyang.yang@easystack.cn Cc: Daniel P. Berrange <berrange@redhat.com> Cc: Eric Blake <eblake@redhat.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-11-03vnc: allow fall back to RAW encodingPeter Lieven1-2/+18
I have observed that depending on the contents and the encoding it happens that sending data as RAW sometimes would take less space than the encoded data. This is especially the case for small updates or areas with high color images. If sending RAW encoded data is beneficial allow a fall back to RAW encoding for the framebuffer update. Signed-off-by: Peter Lieven <pl@kamp.de> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-11-02sockets: Convert to new qapi union layoutEric Blake1-22/+22
We have two issues with our qapi union layout: 1) Even though the QMP wire format spells the tag 'type', the C code spells it 'kind', requiring some hacks in the generator. 2) The C struct uses an anonymous union, which places all tag values in the same namespace as all non-variant members. This leads to spurious collisions if a tag value matches a non-variant member's name. Make the conversion to the new layout for socket-related code. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1445898903-12082-17-git-send-email-eblake@redhat.com> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@redhat.com>
2015-11-02qapi: Unbox base membersEric Blake1-11/+10
Rather than storing a base class as a pointer to a box, just store the fields of that base class in the same order, so that a child struct can be directly cast to its parent. This gives less malloc overhead, less pointer dereferencing, and even less generated code. Compare to the earlier commit 1e6c1616a "qapi: Generate a nicer struct for flat unions" (although that patch had fewer places to change, as less of qemu was directly using qapi structs for flat unions). It also allows us to turn on automatic type-safe wrappers for upcasting to the base class of a struct. Changes to the generated code look like this in qapi-types.h: | struct SpiceChannel { |- SpiceBasicInfo *base; |+ /* Members inherited from SpiceBasicInfo: */ |+ char *host; |+ char *port; |+ NetworkAddressFamily family; |+ /* Own members: */ | int64_t connection_id; as well as additional upcast functions like qapi_SpiceChannel_base(). Meanwhile, changes to qapi-visit.c look like: | static void visit_type_SpiceChannel_fields(Visitor *v, SpiceChannel **obj, Error **errp) | { | Error *err = NULL; | |- visit_type_implicit_SpiceBasicInfo(v, &(*obj)->base, &err); |+ visit_type_SpiceBasicInfo_fields(v, (SpiceBasicInfo **)obj, &err); | if (err) { (the cast is necessary, since our upcast wrappers only deal with a single pointer, not pointer-to-pointer); plus the wholesale elimination of some now-unused visit_type_implicit_FOO() functions. Without boxing, the corner case of one empty struct having another empty struct as its base type now requires inserting a dummy member (previously, the 'Base *base' member sufficed). And now that we no longer consume a 'base' member in the generated C struct, we can delete the former negative struct-base-clash-base test. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1445898903-12082-11-git-send-email-eblake@redhat.com> [Commit message tweaked slightly] Signed-off-by: Markus Armbruster <armbru@redhat.com>
2015-11-02vnc: Hoist allocation of VncBasicInfo to callersEric Blake1-23/+34
A future qapi patch will rework generated structs with a base class to be unboxed. In preparation for that, change the code that allocates then populates an info struct to instead merely populate the fields of an info field passed in as a parameter (renaming vnc_basic_info_get* to vnc_init_basic_info*). Add rudimentary Error handling at the lowest levels for cases where the old code returned NULL; but rather than plumb Error all the way through the stack, the callers drop the error and return NULL as before. Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <1445898903-12082-7-git-send-email-eblake@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
2015-10-20util: pull Buffer code out of VNC moduleDaniel P. Berrange1-43/+0
The Buffer code in the VNC server is useful for the IO channel code, so pull it out into a shared module, QIOBuffer. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-10-20ui: convert VNC startup code to use SocketAddressDaniel P. Berrange1-70/+90
The VNC code is currently using QemuOpts to configure the sockets connections / listeners it needs. Convert it to use SocketAddress to bring it in line with modern QAPI based code elsewhere in QEMU. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-09-15ui: convert VNC server to use QCryptoTLSSessionDaniel P. Berrange1-122/+218
Switch VNC server over to using the QCryptoTLSSession object for the TLS session. This removes the direct use of gnutls from the VNC server code. It also removes most knowledge about TLS certificate handling from the VNC server code. This has the nice effect that all the CONFIG_VNC_TLS conditionals go away and the user gets an actual error message when requesting TLS instead of it being silently ignored. With this change, the existing configuration options for enabling TLS with -vnc are deprecated. Old syntax for anon-DH credentials: -vnc hostname:0,tls New syntax: -object tls-creds-anon,id=tls0,endpoint=server \ -vnc hostname:0,tls-creds=tls0 Old syntax for x509 credentials, no client certs: -vnc hostname:0,tls,x509=/path/to/certs New syntax: -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=no \ -vnc hostname:0,tls-creds=tls0 Old syntax for x509 credentials, requiring client certs: -vnc hostname:0,tls,x509verify=/path/to/certs New syntax: -object tls-creds-x509,id=tls0,dir=/path/to/certs,endpoint=server,verify-peer=yes \ -vnc hostname:0,tls-creds=tls0 This aligns VNC with the way TLS credentials are to be configured in the future for chardev, nbd and migration backends. It also has the benefit that the same TLS credentials can be shared across multiple VNC server instances, if desired. If someone uses the deprecated syntax, it will internally result in the creation of a 'tls-creds' object with an ID based on the VNC server ID. This allows backwards compat with the CLI syntax, while still deleting all the original TLS code from the VNC server. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-09-15ui: fix return type for VNC I/O functions to be ssize_tDaniel P. Berrange1-18/+18
Various VNC server I/O functions return 'long' and then also pass this to a method accepting 'int'. All these should be ssize_t to match the signature of read/write APIs and thus avoid potential for integer truncation / wraparound. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2015-08-26vnc: fix memory corruption (CVE-2015-5225)Gerd Hoffmann1-5/+10
The _cmp_bytes variable added by commit "bea60dd ui/vnc: fix potential memory corruption issues" can become negative. Result is (possibly exploitable) memory corruption. Reason for that is it uses the stride instead of bytes per scanline to apply limits. For the server surface is is actually fine. vnc creates that itself, there is never any padding and thus scanline length always equals stride. For the guest surface scanline length and stride are typically identical too, but it doesn't has to be that way. So add and use a new variable (guest_ll) for the guest scanline length. Also rename min_stride to line_bytes to make more clear what it actually is. Finally sprinkle in an assert() to make sure we never use a negative _cmp_bytes again. Reported-by: 范祚至(库特) <zuozhi.fzz@alibaba-inc.com> Reviewed-by: P J P <ppandit@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-07-24vnc: fix memory leakGonglei1-1/+4
If vnc's password is configured, it will leak memory which cipher variable pointed on every vnc connection. Cc: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Gonglei <arei.gonglei@huawei.com> Message-Id: <1437556133-11268-1-git-send-email-arei.gonglei@huawei.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-14vnc: fix vnc client authenticationWolfgang Bumiller1-1/+1
Commit 800567a61 updated the code to the generic crypto API and mixed up encrypt and decrypt functions in procotol_client_auth_vnc. (Used to be: deskey(key, EN0) which encrypts, and was changed to qcrypto_cipher_decrypt in 800567a61.) Changed it to qcrypto_cipher_encrypt now. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2015-07-08ui: convert VNC to use generic cipher APIDaniel P. Berrange1-11/+41
Switch the VNC server over to use the generic cipher API, this allows it to use the pluggable DES implementations, instead of being hardcoded to use QEMU's built-in impl. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1435770638-25715-11-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>