Merge branch 'master' into create_ubuntu20_package

4 years ago · c32137fa17
parent 0d47d4890a c1691b6895
commit c32137fa17
8 changed files with 47 additions and 38 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -0,0 +1,21 @@
+image: docker
+services:
+  - docker:dind
+
+stages:
+  - build
+  
+build:
+  stage: build
+  script:
+    - ls -l
+    - pwd
+    - apk add bash
+    - bash builder/build-tarball
+    - bash builder/build-deb
+    - mkdir output
+    - cp builder/build/kasmvncserver_*.deb output/
+    - cp builder/build/kasmvnc.*.tar.gz output/
+  artifacts:
+    paths:
+      - output/
--- a/common/network/TcpSocket.cxx
+++ b/common/network/TcpSocket.cxx
@ -423,7 +423,7 @@ extern settings_t settings;

 WebsocketListener::WebsocketListener(const struct sockaddr *listenaddr,
                         socklen_t listenaddrlen,
-                         bool sslonly, const char *cert,
+                         bool sslonly, const char *cert, const char *certkey,
                         const char *basicauth,
                         const char *httpdir)
 {
@ -496,7 +496,7 @@ WebsocketListener::WebsocketListener(const struct sockaddr *listenaddr,

  settings.basicauth = basicauth;
  settings.cert = cert;
-  settings.key = "";
+  settings.key = certkey;
  settings.ssl_only = sslonly;
  settings.verbose = vlog.getLevel() >= vlog.LEVEL_DEBUG;
  settings.httpdir = NULL;
@ -673,7 +673,7 @@ void network::createTcpListeners(std::list<SocketListener*> *listeners,

 void network::createWebsocketListeners(std::list<SocketListener*> *listeners,
                                 const struct addrinfo *ai,
-                                 bool sslonly, const char *cert,
+                                 bool sslonly, const char *cert, const char *certkey,
                                 const char *basicauth,
                                 const char *httpdir)
 {
@ -701,7 +701,7 @@ void network::createWebsocketListeners(std::list<SocketListener*> *listeners,
    try {
      new_listeners.push_back(new WebsocketListener(current->ai_addr,
                                              current->ai_addrlen,
-                                              sslonly, cert, basicauth,
+                                              sslonly, cert, certkey, basicauth,
                                              httpdir));
    } catch (SocketException& e) {
      // Ignore this if it is due to lack of address family support on
@ -729,6 +729,7 @@ void network::createWebsocketListeners(std::list<SocketListener*> *listeners,
                                 const char *addr,
                                 bool sslonly,
                                 const char *cert,
+                                 const char *certkey,
                                 const char *basicauth,
                                 const char *httpdir)
 {
@ -757,7 +758,7 @@ void network::createWebsocketListeners(std::list<SocketListener*> *listeners,
    ai[1].ai_addrlen = sizeof(sa[1].u.sin6);
    ai[1].ai_next = NULL;

-    createWebsocketListeners(listeners, ai, sslonly, cert, basicauth, httpdir);
+    createWebsocketListeners(listeners, ai, sslonly, cert, certkey, basicauth, httpdir);
  } else {
    struct addrinfo *ai, hints;
    char service[16];
@ -780,7 +781,7 @@ void network::createWebsocketListeners(std::list<SocketListener*> *listeners,
                           gai_strerror(result));

    try {
-      createWebsocketListeners(listeners, ai, sslonly, cert, basicauth, httpdir);
+      createWebsocketListeners(listeners, ai, sslonly, cert, certkey, basicauth, httpdir);
    } catch(...) {
      freeaddrinfo(ai);
      throw;
--- a/common/network/TcpSocket.h
+++ b/common/network/TcpSocket.h
@ -90,7 +90,8 @@ namespace network {
  class WebsocketListener : public SocketListener {
  public:
    WebsocketListener(const struct sockaddr *listenaddr, socklen_t listenaddrlen,
-                      bool sslonly, const char *cert, const char *basicauth,
+                      bool sslonly, const char *cert, const char *certkey,
+                      const char *basicauth,
                      const char *httpdir);

    virtual int getMyPort();
@ -110,6 +111,7 @@ namespace network {
                          const char *addr,
                          bool sslonly,
                          const char *cert,
+                          const char *certkey,
                          const char *basicauth,
                          const char *httpdir);
  void createTcpListeners(std::list<SocketListener*> *listeners,
@ -121,6 +123,7 @@ namespace network {
                          const struct addrinfo *ai,
                          bool sslonly,
                          const char *cert,
+                          const char *certkey,
                          const char *basicauth,
                          const char *httpdir);

--- a/common/rfb/EncodeManager.cxx
+++ b/common/rfb/EncodeManager.cxx
@ -1181,38 +1181,13 @@ uint8_t EncodeManager::getEncoderType(const Rect& rect, const PixelBuffer *pb,
                                      const PixelBuffer *scaledpb, const Rect& scaledrect) const
 {
  struct RectInfo info;
-  unsigned int divisor, maxColours;
+  unsigned int maxColours = 256;
  PixelBuffer *ppb;
  Encoder *encoder;

  bool useRLE;
  EncoderType type;

-  // FIXME: This is roughly the algorithm previously used by the Tight
-  //        encoder. It seems a bit backwards though, that higher
-  //        compression setting means spending less effort in building
-  //        a palette. It might be that they figured the increase in
-  //        zlib setting compensated for the loss.
-  if (conn->cp.compressLevel == -1)
-    divisor = 2 * 8;
-  else
-    divisor = conn->cp.compressLevel * 8;
-  if (divisor < 4)
-    divisor = 4;
-
-  maxColours = rect.area()/divisor;
-
-  // Special exception inherited from the Tight encoder
-  if (activeEncoders[encoderFullColour] == encoderTightJPEG) {
-    if ((conn->cp.compressLevel != -1) && (conn->cp.compressLevel < 2))
-      maxColours = 24;
-    else
-      maxColours = 96;
-  }
-
-  if (maxColours < 2)
-    maxColours = 2;
-
  encoder = encoders[activeEncoders[encoderIndexedRLE]];
  if (maxColours > encoder->maxPaletteSize)
    maxColours = encoder->maxPaletteSize;
--- a/kasmweb/app/ui.js
+++ b/kasmweb/app/ui.js
@ -13,7 +13,11 @@ window.addEventListener("load", function() {
    document.head.appendChild(loader);
 });
 window.addEventListener("load", function() {
-    document.getElementById("noVNC_connect_button").click();
+    var connect_btn_el = document.getElementById("noVNC_connect_button");
+    if (typeof(connect_btn_el) != 'undefined' && connect_btn_el != null)
+    {
+        connect_btn_el.click();
+    }
 });

 import * as Log from '../core/util/logging.js';
--- a/kasmweb/core/rfb.js
+++ b/kasmweb/core/rfb.js
@ -1076,9 +1076,7 @@ export default class RFB extends EventTargetMixin {
            return false;
        }
        */
-        if (!this._rfb_credentials.password) {
-            this._rfb_credentials.password = "";
-        }
+        this._rfb_credentials.password = "";

        // TODO(directxman12): make genDES not require an Array
        const challenge = Array.prototype.slice.call(this._sock.rQshiftBytes(16));
--- a/unix/xserver/hw/vnc/Xvnc.man
+++ b/unix/xserver/hw/vnc/Xvnc.man
@ -315,6 +315,12 @@ Listen for websocket connections on this port, default 6800.
 SSL pem cert to use for websocket connections, default empty/not used.
 .
 .TP
+.B \-key \fIpath\fP
+SSL pem key to use for websocket connections, default empty/not used.
+Only use this if you have the cert and key in separate files. If they
+are in the same file, use \fB-cert\fP.
+.
+.TP
 .B \-sslOnly
 Require SSL for websocket connections. Default off, non-SSL allowed.
 .
--- a/unix/xserver/hw/vnc/vncExtInit.cc
+++ b/unix/xserver/hw/vnc/vncExtInit.cc
@ -87,6 +87,7 @@ rfb::BoolParameter noWebsocket("noWebsocket",
                                 false);
 rfb::IntParameter websocketPort("websocketPort", "websocket port to listen for", 6800);
 rfb::StringParameter cert("cert", "SSL pem cert to use for websocket connections", "");
+rfb::StringParameter certkey("key", "SSL pem key to use for websocket connections (if separate)", "");
 rfb::BoolParameter sslonly("sslOnly", "Require SSL for websockets", false);
 rfb::StringParameter basicauth("BasicAuth", "user:pass for HTTP basic auth for websockets", "");
 rfb::StringParameter interface("interface",
@ -224,7 +225,7 @@ void vncExtensionInit(void)
          if (!noWebsocket)
            network::createWebsocketListeners(&listeners, websocketPort,
                                              localhostOnly ? "local" : addr,
-                                              sslonly, cert, basicauth, httpDir);
+                                              sslonly, cert, certkey, basicauth, httpDir);
          else if (localhostOnly)
            network::createLocalTcpListeners(&listeners, port);
          else