publicWagsHome
/
KasmVNC
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: publicWagsHome:release/1.1.0
Branches Tags
publicWagsHome:master
publicWagsHome:release/1.3.3
publicWagsHome:release/1.3.2
publicWagsHome:release/1.2.1
publicWagsHome:release/1.3.1
publicWagsHome:release/1.3.0
publicWagsHome:release/1.2.0
publicWagsHome:release/1.1.1
publicWagsHome:release/1.1.0
publicWagsHome:release/1.0.1
publicWagsHome:release/1.0.0
publicWagsHome:release/0.9.3.2
publicWagsHome:release/0.9.3.1
publicWagsHome:innovation/session_recording
publicWagsHome:release/0.9.3
publicWagsHome:KASM-1810_yaml_config
publicWagsHome:httpblacklist
publicWagsHome:feature/KASM-2119_ubuntu_2004_default
publicWagsHome:video
publicWagsHome:bugfix/KASM-2021_kali_stable
publicWagsHome:feature/KASM-2083_ARM_Neon
publicWagsHome:configchecks
publicWagsHome:bugfix/KASM-2034_mobile_audio
publicWagsHome:bugfix/KASM-2053_video_quality
publicWagsHome:KASM-1609_select_de_to_run
publicWagsHome:feature/KASM-1883_x_proxy
publicWagsHome:KASM-1910-fix_pipeline
publicWagsHome:easy-start-select-de-to-run
publicWagsHome:xdg-portal-kde-firefox
publicWagsHome:toggle-game-mode
publicWagsHome:relativemotion
publicWagsHome:pointer_lock_api
publicWagsHome:v1.3.3
publicWagsHome:v1.3.2
publicWagsHome:v1.2.1
publicWagsHome:v1.3.1
publicWagsHome:v1.3.0
publicWagsHome:v1.2.0
publicWagsHome:v1.1.0
publicWagsHome:v1.0.1
publicWagsHome:v1.0.0
publicWagsHome:v0.9.3-beta
publicWagsHome:temporary
publicWagsHome:temporary2
publicWagsHome:v0.9.0-beta
publicWagsHome:v0.9.1-beta
publicWagsHome:v0.9.2-beta
..
compare: publicWagsHome:master
Branches Tags
publicWagsHome:master
publicWagsHome:release/1.3.3
publicWagsHome:release/1.3.2
publicWagsHome:release/1.2.1
publicWagsHome:release/1.3.1
publicWagsHome:release/1.3.0
publicWagsHome:release/1.2.0
publicWagsHome:release/1.1.1
publicWagsHome:release/1.1.0
publicWagsHome:release/1.0.1
publicWagsHome:release/1.0.0
publicWagsHome:release/0.9.3.2
publicWagsHome:release/0.9.3.1
publicWagsHome:innovation/session_recording
publicWagsHome:release/0.9.3
publicWagsHome:KASM-1810_yaml_config
publicWagsHome:httpblacklist
publicWagsHome:feature/KASM-2119_ubuntu_2004_default
publicWagsHome:video
publicWagsHome:bugfix/KASM-2021_kali_stable
publicWagsHome:feature/KASM-2083_ARM_Neon
publicWagsHome:configchecks
publicWagsHome:bugfix/KASM-2034_mobile_audio
publicWagsHome:bugfix/KASM-2053_video_quality
publicWagsHome:KASM-1609_select_de_to_run
publicWagsHome:feature/KASM-1883_x_proxy
publicWagsHome:KASM-1910-fix_pipeline
publicWagsHome:easy-start-select-de-to-run
publicWagsHome:xdg-portal-kde-firefox
publicWagsHome:toggle-game-mode
publicWagsHome:relativemotion
publicWagsHome:pointer_lock_api
publicWagsHome:v1.3.3
publicWagsHome:v1.3.2
publicWagsHome:v1.2.1
publicWagsHome:v1.3.1
publicWagsHome:v1.3.0
publicWagsHome:v1.2.0
publicWagsHome:v1.1.0
publicWagsHome:v1.0.1
publicWagsHome:v1.0.0
publicWagsHome:v0.9.3-beta
publicWagsHome:temporary
publicWagsHome:temporary2
publicWagsHome:v0.9.0-beta
publicWagsHome:v0.9.1-beta
publicWagsHome:v0.9.2-beta

139 Commits
release/1. ... master

Author SHA1 Message Date
Matthew McClaskey 5ea11df3c0 Merge branch 'feature/KASM-6852-fedora-41' into 'master' 
Resolve KASM-6852 "Feature/ fedora 41"

Closes KASM-6852

See merge request kasm-technologies/internal/KasmVNC!156
 5 months ago
ryan.kuba e8f1787dc2
KASM-6852 fix 41 5 months ago
ryan.kuba ed5592ed6b
KASM-6852 fix 41 5 months ago
ryan.kuba 4290a9e73c
KASM-6852 add Fedora 41 buiild logic 5 months ago
Matthew McClaskey e04731870b Merge branch 'feature/KASM-6760-latest-xorg' into 'master' 
Resolve KASM-6760 "Feature/ latest xorg"

Closes KASM-6760

See merge request kasm-technologies/internal/KasmVNC!152
 7 months ago
Ryan Kuba 586c33a454 Resolve KASM-6760 "Feature/ latest xorg" 7 months ago
Matthew McClaskey b3c93327d9 Merge branch 'feature/KASM-6756-Alpine-321' into 'master' 
Resolve KASM-6756 "Feature/ alpine 321"

Closes KASM-6756

See merge request kasm-technologies/internal/KasmVNC!151
 7 months ago
Ryan Kuba fa925b9f2c Resolve KASM-6756 "Feature/ alpine 321" 7 months ago
Matthew McClaskey 0ebbbc6412 Merge branch 'feature/KASM-6637_kasmvnc_1.3.3' into 'master' 
KASM-6637 kasmvnc 1.3.3

Closes KASM-6637

See merge request kasm-technologies/internal/KasmVNC!148
 8 months ago
Matthew McClaskey f6a8afda9d KASM-6637 kasmvnc 1.3.3 8 months ago
Matthew McClaskey 3a8517d7dc Merge branch 'feature/KASM-6519_disable_blacklist' into 'master' 
Allow setting -BlacklistThreshold to 0 to disable it

Closes KASM-6519

See merge request kasm-technologies/internal/KasmVNC!144
 8 months ago
Matthew McClaskey f54aa68ee7 Merge branch 'feature/KASM-6482_downloads_file_attributes' into 'master' 
Resolve KASM-6482 "Feature/ downloads file attributes"

Closes KASM-6482

See merge request kasm-technologies/internal/KasmVNC!145
 8 months ago
Matthew McClaskey a89f71d98d Merge branch 'feature/KASM-6531_bump_package_versions' into 'master' 
bump kasmvnc version

Closes KASM-6531

See merge request kasm-technologies/internal/KasmVNC!146
 9 months ago
Matt McClaskey c46ec68877
bump kasmvnc version 9 months ago
Lauri Kasanen 73e28f7d62
Add size to downloads json 9 months ago
Lauri Kasanen 17ec8c2e35
Tune perm printing format 9 months ago
Lauri Kasanen 0cc4a4f128
Warning fix 9 months ago
Lauri Kasanen 7659765116
Implement /api/downloads 9 months ago
Lauri Kasanen e7b758465f
Allow setting -BlacklistThreshold to 0 to disable it 9 months ago
Matt McClaskey e5404b10e1
point noVNC to tip of 1.2.2 release 10 months ago
Matthew McClaskey 515a62e0b9 Merge branch 'feature/KASM-6279_downloads_mimetype' into 'master' 
Set the mimetype of everything under Downloads/ to binary

Closes KASM-6279

See merge request kasm-technologies/internal/KasmVNC!141
 11 months ago
Matthew McClaskey e4db0eb9a7 Merge branch 'bugfix/xproxy-memleak' into 'master' 
kasmxproxy: Fix cursor mem leak

See merge request kasm-technologies/internal/KasmVNC!140
 11 months ago
Lauri Kasanen a6bc1e4b76
Set the mimetype of everything under Downloads/ to binary 11 months ago
Lauri Kasanen cc1bb0c79f
kasmxproxy: Fix cursor mem leak 12 months ago
Matt McClaskey bc580857c6
update novnc ref 12 months ago
Matthew McClaskey e535430a2c Merge branch 'bugfix/rpi32bit' into 'master' 
32-bit changes for rpi, from lgultgithub

See merge request kasm-technologies/internal/KasmVNC!139
 12 months ago
Lauri Kasanen 6a2c2c82a1
32-bit changes for rpi, from lgultgithub 1 year ago
Matthew McClaskey 3c7555d2f9 Merge branch 'bugfix/KASM-6122_fix_oracle_9' into 'master' 
KASM-6122 fix oracle build

Closes KASM-6122

See merge request kasm-technologies/internal/KasmVNC!138
 1 year ago
matt 75b3cb8065
KASM-6122 fix oracle build 1 year ago
Matthew McClaskey 4d4516f727 Merge branch 'bugfix/large-headers' into 'master' 
Bugfix/large headers

See merge request kasm-technologies/internal/KasmVNC!137
 1 year ago
Matthew McClaskey 202ac98cf4 Merge branch 'bugfix/KASM-6090_directory_traversal' into 'master' 
Fix dir traversal by percent-encoding dots

Closes KASM-6090

See merge request kasm-technologies/internal/KasmVNC!136
 1 year ago
Matthew McClaskey edf4dcac59 Merge branch 'feature/KASM-5754_dri3_linked_lists' into 'master' 
dri3: Switch texmaps to a linked list, from DRC/TurboVNC

Closes KASM-5754

See merge request kasm-technologies/internal/KasmVNC!129
 1 year ago
Lauri Kasanen 79ca2ee054
Increase the request buffer to 16k 1 year ago
Lauri Kasanen ba6226e308
Send a 400 bad request for too large requests 1 year ago
Lauri Kasanen 4b18320984
Fix dir traversal by percent-encoding dots 1 year ago
Matthew McClaskey 9f7a6b58ce Merge branch 'feature/KASM-6027-alpine-320' into 'master' 
KASM-6027 build KasmVNC for Alpine 3.20

See merge request kasm-technologies/internal/KasmVNC!135
 1 year ago
ryan.kuba d67e5288e3
KASM-6027 build KasmVNC for Alpine 3.20 1 year ago
Richard Koliser 5199a98ac4 Merge branch 'feature/KASM-5617_merge_github_pull_requests_201' into 'master' 
Resolve KASM-5617 "Feature/ merge github pull requests 201"

Closes KASM-5617

See merge request kasm-technologies/internal/KasmVNC!126
 1 year ago
Richard Koliser 0963a1e10f
KASM-5617 Correct capitalization. 1 year ago
Richard Koliser 9fe714d910 Merge branch 'feature/KASM-5617_merge_github_pull_requests_89' into 'master' 
Resolve KASM-5617 "Feature/ merge github pull requests 89"

Closes KASM-5617

See merge request kasm-technologies/internal/KasmVNC!125
 1 year ago
Richard Koliser eba4c7dae4 Merge branch 'feature/KASM-5617_merge_github_pull_requests' into 'master' 
Update debian user setup command

Closes KASM-5617

See merge request kasm-technologies/internal/KasmVNC!124
 1 year ago
Matt McClaskey 7927b7e57b
update novnc ref 1 year ago
Richard Koliser ce645b39dc Merge branch 'bugfix/KASM-5989_multi_monitor_invalid_syntax' into 'master' 
KASM-5989 update to latest novnc commit

Closes KASM-5989

See merge request kasm-technologies/internal/KasmVNC!134
 1 year ago
matt 16e365747a
KASM-5989 update to latest novnc commit 1 year ago
Matthew McClaskey 511e2ae542 Merge branch 'feature/KASM-5907-fedora-40' into 'master' 
Resolve KASM-5907 "Feature/ fedora 40"

Closes KASM-5907

See merge request kasm-technologies/internal/KasmVNC!133
 1 year ago
Ryan Kuba 67eab1b6d4 Resolve KASM-5907 "Feature/ fedora 40" 1 year ago
Matthew McClaskey 574954611c Merge branch 'feature/KASM-5854-ubuntu-noble' into 'master' 
Resolve KASM-5854 "Feature/ ubuntu noble"

Closes KASM-5854

See merge request kasm-technologies/internal/KasmVNC!132
 1 year ago
Ryan Kuba 6eeb2445e8 Resolve KASM-5854 "Feature/ ubuntu noble" 1 year ago
Richard Koliser b8763c5afd Merge branch 'bugfix/KASM-5761_fix_failed_pipeline' into 'master' 
Resolve KASM-5761 "Bugfix/ fix failed pipeline"

Closes KASM-5761

See merge request kasm-technologies/internal/KasmVNC!131
 1 year ago
Matthew McClaskey d74f7102f9 changed logic 1 year ago
Matthew McClaskey 3f28ee9d3d KASM-5761 fix failing pipeline on MRs 1 year ago
Lauri Kasanen 766a55d08f
dri3: Switch texmaps to a linked list, from DRC/TurboVNC 1 year ago
Matthew McClaskey bb2d903113 Merge branch 'bugfix/KASM-5699_clipboard_exception' into 'master' 
KASM-5699 Firefox Nightly throwing clipboard related exception on startup

Closes KASM-5699

See merge request kasm-technologies/internal/KasmVNC!127
 1 year ago
Matt McClaskey 27b3a28a56
updated to latest commit 1 year ago
Mariusz Marciniak aa6ae266b9
KASM-5699 noVNC commit 1 year ago
Matt McClaskey 3ffb8f93f0
update novnc ref 1 year ago
Matt McClaskey fe2d67e462
update novnc ref 1 year ago
Matt McClaskey 2dd5a54524
fix merge conflicts 1 year ago
Matt McClaskey 4ec39572fc
Merge remote-tracking branch 'mirror/pr/201' into feature/KASM-5617_merge_github_pull_requests_201 1 year ago
hunicus d74f7c6ce7
Update debian user setup command 1 year ago
Justin Travis a10358b5ca Merge branch 'bugfix/KASM-5524_watermark_rotation_negative_number' into 'master' 
KASM-5524 negative numbers on text rotation watermark

Closes KASM-5524

See merge request kasm-technologies/internal/KasmVNC!123
 1 year ago
Matthew McClaskey 124d36a981 Merge branch 'feature/KASM-5523_always_return_desktopSize' into 'master' 
Send back an ExtendedDesktopSize to a SetDesktopSize request even when resize is not allowed

Closes KASM-5523

See merge request kasm-technologies/internal/KasmVNC!122
 1 year ago
Matt McClaskey f02fbb0e2d
update novnc ref to master 1 year ago
Matthew McClaskey 8c7dd2ed30 KASM-5524 negative numbers on text rotation watermark 1 year ago
Matt McClaskey ae70375afe
KASM-5523 update novnc ref 1 year ago
Lauri Kasanen 127ab45329
Send back an ExtendedDesktopSize to a SetDesktopSize request even when resize is not allowed 1 year ago
Matt McClaskey 3bc1024e7f
update novnc ref 1 year ago
Matt McClaskey 228eb87db1
update novnc ref 1 year ago
Matthew McClaskey 4f726e3654 Merge branch 'feature/KASM-5466_watermark_rotation' into 'master' 
Implement rotated watermark text support

Closes KASM-5466

See merge request kasm-technologies/internal/KasmVNC!121
 1 year ago
Matt McClaskey ed9fbcbec2
[skip CI] correct example config 1 year ago
Matt McClaskey 659a4198fc
KASM-5466 add text rotation yaml config 1 year ago
Lauri Kasanen 5456ccc072
Implement rotated watermark text support 1 year ago
Matthew McClaskey fddaab5124 Merge branch 'bugfix/KASM-5417_watermark_zlib_incomplete' into 'master' 
Watermark refactoring, don't handle changes, only send when necessary

Closes KASM-5417

See merge request kasm-technologies/internal/KasmVNC!120
 1 year ago
Matt McClaskey 7be7e34b51
[skip CI] update noVNC ref to master 1 year ago
Matt McClaskey 5b64eb32f8
pointed novnc ref to branch 1 year ago
Lauri Kasanen eef8e7264f
Watermark refactoring, don't handle changes, only send when necessary 1 year ago
Matt McClaskey e8b54db6bf
update novnc ref 1 year ago
Matt McClaskey 7b442658e1
update novnc ref 2 years ago
Matthew McClaskey 408fcd3415 Merge branch 'feature/KASM-5403-fedora-39' into 'master' 
Resolve KASM-5403 "Feature/ fedora 39"

Closes KASM-5403

See merge request kasm-technologies/internal/KasmVNC!119
 2 years ago
Ryan Kuba 7cdb7e1f3e Resolve KASM-5403 "Feature/ fedora 39" 2 years ago
Matthew McClaskey b595c0bce8 Merge branch 'feature/KASM-5399-alpine-319' into 'master' 
Resolve KASM-5399 "Feature/ alpine 319"

Closes KASM-5399

See merge request kasm-technologies/internal/KasmVNC!118
 2 years ago
Ryan Kuba 4c9b065c31 Resolve KASM-5399 "Feature/ alpine 319" 2 years ago
Matt McClaskey 8b5ee59ae2
update novnc ref 2 years ago
Richard Koliser 4114d73ed6 Merge branch 'feature/KASM-5078_multi_monitor' into 'master' 
Resolve KASM-5078 "Feature/ multi monitor"

Closes KASM-5078

See merge request kasm-technologies/internal/KasmVNC!117
 2 years ago
Richard Koliser 1d8a2ed59a
KASM-5078 Update NoVNC commit 2 years ago
Richard Koliser c055920348
KASM-5078 Update noVNC branch 2 years ago
Matthew McClaskey b2d965b58d Merge branch 'feature/KASM-5213_email_username' into 'master' 
Allow emails as usernames

Closes KASM-5213

See merge request kasm-technologies/internal/KasmVNC!115
 2 years ago
Ben Hildred 07f015e68e
Update README.md to fix duplicate/missing link 2 years ago
Matthew McClaskey 446497ad06 Merge branch 'feature/KASM-5214_log_render_settings_applied' into 'master' 
Log client settings

Closes KASM-5214

See merge request kasm-technologies/internal/KasmVNC!116
 2 years ago
Matthew McClaskey 0de752f65e Merge branch 'feature/KASM-3380_udp_frame_id' into 'master' 
Resolve KASM-3380 "Feature/ udp frame"

Closes KASM-3380

See merge request kasm-technologies/internal/KasmVNC!114
 2 years ago
Matt McClaskey f712f5e7f8
update novnc ref 2 years ago
Matt McClaskey d090e1b707
update novNC ref 2 years ago
Lauri Kasanen fb7570709a
Extend username limit to 128-1 2 years ago
Lauri Kasanen 73c3bda8cd
Fix off-by-one in username length check 2 years ago
Lauri Kasanen 9a73cb4a60
Log client settings 2 years ago
Lauri Kasanen 6cd50869c2
Allow emails as usernames 2 years ago
Lauri Kasanen 5823b550a4
Count data rects separately for UDP flip 2 years ago
Lauri Kasanen 29c48a8679
Move frame id updating to a better location 2 years ago
Lauri Kasanen c88b683354
Write rect count in udp lastrect's X 2 years ago
Lauri Kasanen 7399e5dc62
Add frame number to udp packets 2 years ago
Matt McClaskey e4a5004f4b
update novnc ref 2 years ago
Matt McClaskey da7c481fc8
update novnc ref 2 years ago
Matt McClaskey 32f4398115
update novnc ref 2 years ago
Matthew McClaskey 7350b12b3d Merge branch 'bugfix/KASM-5006-improve-xstartup-debug-output' into 'master' 
vncserver: more debug output for xstartup

Closes KASM-5006

See merge request kasm-technologies/internal/KasmVNC!113
 2 years ago
mattmcclaskey 1b25ad8e54
update novnc ref 2 years ago
mattmcclaskey 2165c3e1ba
KASM-5078 multi-monitor 2 years ago
Matthew McClaskey d390d187b4 Merge branch 'feature/KASM-5027-document-bypassing-select-de-prompt' into 'master' 
vncserver: document bypassing DE selection prompt

Closes KASM-5027

See merge request kasm-technologies/internal/KasmVNC!112
 2 years ago
Dmitry Maksyoma a4034865e6
vncserver: document bypassing DE selection prompt 2 years ago
Dmitry Maksyoma 7d6244fe1c
vncserver: more debug output for xstartup 
- Use "set -x" in generated xstartup.
- Announce running xstartup in logs.
 2 years ago
Matt McClaskey 21d2ae5018
update novnc ref 2 years ago
Matthew McClaskey dcea208d73 Merge branch 'bugfix/KASM-4971-bump-packages-to-1.2.0' into 'master' 
Resolve KASM-4971 "Bugfix/ bump packages to 1.2.0"

Closes KASM-4971

See merge request kasm-technologies/internal/KasmVNC!110
 2 years ago
Dmitry Maksyoma 44555f9581
CI: fix git fetch 2 years ago
Dmitry Maksyoma 561ea86e85
Bump package versions to 1.2.0 2 years ago
Matthew McClaskey 446d03d479 Merge branch 'master' into 'release/1.2.0' 
Update release with latest changes

See merge request kasm-technologies/internal/KasmVNC!109
 2 years ago
Matthew McClaskey 04f95d2b62 Merge branch 'feature/KASM-4796-add-unix-relay-to-config' into 'master' 
Add network.unix_relay to yaml config

Closes KASM-4796

See merge request kasm-technologies/internal/KasmVNC!108
 2 years ago
Dmitry Maksyoma c0ed7d7b1a
Add network.unix_relay to yaml config 2 years ago
Matt McClaskey dda29172c1
update novnc ref 2 years ago
Matthew McClaskey fa88480914 Merge branch 'bugfix/KASM-4765-fix-opensuse-datetime-dependency' into 'master' 
OpenSuse: add missing dependency

Closes KASM-4765

See merge request kasm-technologies/internal/KasmVNC!107
 2 years ago
Matt McClaskey b4f6fafd73
update novnc ref 2 years ago
Dmitry Maksyoma 6a73d1cb49
OpenSuse: add missing dependency 2 years ago
Matthew McClaskey 6207b1b60f Merge branch 'bugfix/KASM-4757_watermark_default' into 'master' 
KASM-4757 change KasmVNC defaults for watermark

Closes KASM-4757

See merge request kasm-technologies/internal/KasmVNC!105
 2 years ago
mattmcclaskey 0923f300a0
KASM-4757 change KasmVNC defaults for watermark 2 years ago
Matthew McClaskey 7b8a4e8388 Merge branch 'feature/KASM-4034_unix_sockets' into 'master' 
Add support for relaying unix sockets

Closes KASM-4034

See merge request kasm-technologies/internal/KasmVNC!90
 2 years ago
Matthew McClaskey b9e9a2d2a0 Merge branch 'feature/KASM-4489_watermark_time' into 'master' 
Resolve KASM-4489 "Feature/ watermark time"

Closes KASM-4489

See merge request kasm-technologies/internal/KasmVNC!103
 2 years ago
Lauri Kasanen 25a996cb97 Resolve KASM-4489 "Feature/ watermark time" 2 years ago
mattmcclaskey 6774cbf3a2
Merge branch 'master' into feature/KASM-4034_unix_sockets 2 years ago
Matthew McClaskey fc0f2a3192 Merge branch 'bugfix/restart-crash' into 'master' 
Blind guess at the reported crash

See merge request kasm-technologies/internal/KasmVNC!104
 2 years ago
Ryan Kuba 9a14b07ba4 Merge branch 'bugfix/KASM-4151_gnome_blank' into 'master' 
Implement the pixmaps-to-textures path so that mutter is happy. Note: tearing

Closes KASM-4151

See merge request kasm-technologies/internal/KasmVNC!96
 2 years ago
Lauri Kasanen 0527c9f76e Add support for compositing 2 years ago
Lauri Kasanen e41bc997a6
Blind guess at the reported crash 2 years ago
mattmcclaskey 75c51c1e93
rebase and fix merge conflicts 2 years ago
Matthew McClaskey 9450157af1 Merge branch 'feature/KASM-4421-new-distros' into 'master' 
KASM-4421 update opensuse to 15.5, add bookworm Alpine 3.18 and Fedora 38

Closes KASM-4421

See merge request kasm-technologies/internal/KasmVNC!102
 2 years ago
ryan.kuba f9e46f5a13
KASM-4421 update opensuse to 15.5, add bookworm Alpine 3.18 and Fedora 38 2 years ago
Matthew McClaskey 13bafe3759 Merge branch 'feature/KASM-3663-host-tip-of-master-preview-builds' into 'master' 
Resolve KASM-3663 "Feature/ host tip of master preview builds"

Closes KASM-3663

See merge request kasm-technologies/internal/KasmVNC!101
 2 years ago
Dmitry Maksyoma d5080eca8f Resolve KASM-3663 "Feature/ host tip of master preview builds" 2 years ago
Matthew McClaskey 4d3a9b749a Merge branch 'bump-version-bumps-xvnc-binary' into 'master' 
bump-package-version: bump version emitted by Xvnc -version

See merge request kasm-technologies/internal/KasmVNC!100
 2 years ago
Dmitry Maksyoma 12ba00f939
bump-package-version: bump version emitted by Xvnc -version 2 years ago
Lauri Kasanen 3bae812364 Add support for relaying unix sockets 2 years ago
h0x0er 0b5513873c
fixed a typo 3 years ago
101 changed files with 6536 additions and 159 deletions
Show Stats

23
.ci/upload.sh
Unescape Escape View File

@ -89,3 +89,26 @@ detect_revision() {
REVISION=$(echo "$package" | sed "s/_${arch}.\+//" | sed 's/.\++//')
}
make_index_html() {
local body=""
local bname
for f in "$@"; do
bname=$(basename "$f")
body="${body}<a href=/$f>$bname</a><br>"
done
cat <<EOF
<!doctype html>
<html lang=en>
<head>
<meta charset=utf-8>
<title>KasmVNC preview build</title>
</head>
<body>
$body
</body>
</html>
EOF
}

459
.gitlab-ci.yml
Unescape Escape View File

@ -6,17 +6,18 @@ variables:
KASMVNC_COMMIT_ID: $CI_COMMIT_SHA
GITLAB_SHARED_DIND_DIR: /builds/$CI_PROJECT_PATH/shared
GIT_SUBMODULE_STRATEGY: normal
GIT_FETCH_EXTRA_FLAGS: --tags
GIT_FETCH_EXTRA_FLAGS: --tags --force
# E.g. BUILD_JOBS: build_debian_buster,build_ubuntu_bionic. This will include
# arm builds, because build_debian_buster_arm matches build_debian_buster.
# "BUILD_JOBS: none" won't build any build jobs, nor www.
BUILD_JOBS: all
DOCKER_HOST: unix://
DOCKER_HOST: tcp://docker:2375
DOCKER_TLS_CERTDIR: ""
workflow:
rules:
# Disable tag builds.
- if: $CI_COMMIT_TAG != $CI_COMMIT_REF_NAME
- if: $CI_COMMIT_TAG != $CI_COMMIT_REF_NAME && $CI_PIPELINE_SOURCE != "merge_request_event"
stages:
- www
@ -38,11 +39,13 @@ stages:
default:
tags:
- oci-fixed-amd64
- oci-fixed-amd
build_www:
stage: www
allow_failure: false
tags:
- oci-fixed-amd
before_script:
- *prepare_build
script:
@ -66,6 +69,8 @@ build_www:
build_ubuntu_bionic:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -84,7 +89,7 @@ build_ubuntu_bionic_arm:
stage: build
allow_failure: false
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
@ -102,6 +107,8 @@ build_ubuntu_bionic_arm:
build_ubuntu_focal:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -120,7 +127,7 @@ build_ubuntu_focal_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
@ -138,6 +145,8 @@ build_ubuntu_focal_arm:
build_ubuntu_jammy:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -156,7 +165,7 @@ build_ubuntu_jammy_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
@ -171,9 +180,49 @@ build_ubuntu_jammy_arm:
paths:
- output/
build_ubuntu_noble:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package ubuntu noble;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_ubuntu_noble_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package ubuntu noble;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_debian_buster:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -192,7 +241,7 @@ build_debian_buster_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
@ -210,6 +259,8 @@ build_debian_buster_arm:
build_debian_bullseye:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -228,7 +279,7 @@ build_debian_bullseye_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
@ -243,16 +294,19 @@ build_debian_bullseye_arm:
paths:
- output/
build_kali_rolling:
build_debian_bookworm:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package kali kali-rolling;
- bash builder/build-package debian bookworm;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
@ -260,11 +314,30 @@ build_kali_rolling:
paths:
- output/
build_kali_rolling_arm:
build_debian_bookworm_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package debian bookworm;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_kali_rolling:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -279,16 +352,18 @@ build_kali_rolling_arm:
paths:
- output/
build_centos7:
build_kali_rolling_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package centos core
- bash builder/build-package kali kali-rolling;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
@ -299,6 +374,8 @@ build_centos7:
build_oracle_8:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -317,7 +394,7 @@ build_oracle_8_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
@ -335,6 +412,8 @@ build_oracle_8_arm:
build_oracle_9:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -353,7 +432,7 @@ build_oracle_9_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
@ -371,6 +450,8 @@ build_oracle_9_arm:
build_opensuse_15:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -389,7 +470,7 @@ build_opensuse_15_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
@ -407,6 +488,8 @@ build_opensuse_15_arm:
build_fedora_thirtyseven:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -425,7 +508,7 @@ build_fedora_thirtyseven_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
@ -440,9 +523,163 @@ build_fedora_thirtyseven_arm:
paths:
- output/
build_fedora_thirtyeight:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package fedora thirtyeight;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_fedora_thirtyeight_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package fedora thirtyeight;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_fedora_thirtynine:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package fedora thirtynine;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_fedora_thirtynine_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package fedora thirtynine;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_fedora_forty:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package fedora forty;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_fedora_forty_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package fedora forty;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_fedora_fortyone:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package fedora fortyone;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_fedora_fortyone_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package fedora fortyone;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_alpine_317:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
@ -461,7 +698,7 @@ build_alpine_317_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm64
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
@ -478,14 +715,174 @@ build_alpine_317_arm:
test:
stage: test
tags:
- oci-fixed-amd
before_script:
- *prepare_build
script:
- bash builder/test-vncserver
build_alpine_318:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package alpine 318;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_alpine_318_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package alpine 318;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_alpine_319:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package alpine 319;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_alpine_319_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package alpine 319;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_alpine_320:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package alpine 320;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_alpine_320_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package alpine 320;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_alpine_321:
stage: build
allow_failure: true
tags:
- oci-fixed-amd
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package alpine 321;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
build_alpine_321_arm:
stage: build
allow_failure: true
tags:
- oci-fixed-arm
before_script:
- *prepare_build
- *prepare_www
after_script:
- *prepare_artfacts
script:
- bash builder/build-package alpine 321;
only:
variables:
- $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
artifacts:
paths:
- output/
upload:
stage: upload
image: ubuntu:focal
tags:
- oci-fixed-amd
artifacts:
paths:
- output/
before_script:
- . .ci/upload.sh
script:
@ -502,6 +899,7 @@ upload:
done
- export S3_BUILD_DIRECTORY="kasmvnc/${CI_COMMIT_SHA}"
- export RELEASE_VERSION=$(.ci/next_release_version "$CI_COMMIT_REF_NAME")
- uploaded_files=()
- for package in `find output/ -type f -name '*.deb' -or -name '*.rpm' -or -name '*.tgz'`; do
prepare_upload_filename "$package";
upload_filename="${S3_BUILD_DIRECTORY}/$upload_filename";
@ -510,4 +908,25 @@ upload:
upload_to_s3 "$package" "$upload_filename" "$S3_BUCKET";
UPLOAD_NAME=$(basename $upload_filename | sed 's#kasmvncserver_##' | sed -r 's#_([0-9]{1,3}\.){2}[0-9]{1,2}_\S+?([a-f0-9]{6})##' | sed -r 's#\.(deb|rpm|tgz)##');
curl --request POST --header "PRIVATE-TOKEN:${GITLAB_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/statuses/${CI_COMMIT_SHA}?state=success&name=${UPLOAD_NAME}&target_url=${S3_URL}";
uploaded_files+=("$upload_filename");
done
- make_index_html "${uploaded_files[@]}" > output/index.html;
upload_build_preview:
stage: upload
needs: ["upload"]
dependencies: ["upload"]
image: ubuntu:focal
tags:
- oci-fixed-amd
before_script:
- . .ci/upload.sh
resource_group: upload_build_preview
only:
variables:
- $CI_COMMIT_BRANCH == 'master'
script:
- prepare_to_run_scripts_and_s3_uploads
- preview_builds_dir=kasmvnc/preview-builds
- upload_to_s3 "output/index.html" "$preview_builds_dir/index.html" "$S3_BUCKET"
- curl --request POST --header "PRIVATE-TOKEN:${GITLAB_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/statuses/${CI_COMMIT_SHA}?state=success&name=index.html&target_url=${S3_URL}";

2
.gitmodules vendored
Unescape Escape View File

@ -1,4 +1,4 @@
[submodule "kasmweb"]
path = kasmweb
url = https://github.com/kasmtech/noVNC.git
branch = release/1.1.0
branch = release/1.2.2

3
CMakeLists.txt
Unescape Escape View File

@ -154,6 +154,9 @@ find_package(PNG REQUIRED)
# Check for libjpeg
find_package(JPEG REQUIRED)
find_package(Freetype REQUIRED)
include_directories(${FREETYPE_INCLUDE_DIRS})
# Staticly link libjpeg-turbo
set(JPEG_LIBRARIES "-Wl,-Bstatic -lturbojpeg -Wl,-Bdynamic")
# Warn if it doesn't seem to be the accelerated libjpeg that's found

6
README.md
Unescape Escape View File

@ -4,7 +4,7 @@
KasmVNC provides remote web-based access to a Desktop or application. While VNC is in the name, KasmVNC differs from other VNC variants such as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB specification which defines VNC, in order to support modern technologies and increase security. KasmVNC is accessed by users from any modern browser and does not support legacy VNC viewer applications. KasmVNC uses a modern YAML based configuration at the server and user level, allowing for ease of management.
[Kasm Technologies](https://www.kasmweb.com) developed Kasm Workspaces, the Containerized Streaming Platform. Kasm has open-sourced the Workspace docker images, which include containerized [full desktops and apps](https://github.com/kasmtech/workspaces-images) and [base images](https://github.com/kasmtech/workspaces-core-images) intended for developers to create custimized streaming containers. These containers can be used standalone or within the [Kasm Workspaces Platform](https://www.kasmweb.com) which provides a full Enterprise feature set.
[Kasm Technologies](https://www.kasmweb.com) developed Kasm Workspaces, the Containerized Streaming Platform. Kasm has open-sourced the Workspace docker images, which include containerized [full desktops and apps](https://github.com/kasmtech/workspaces-images) and [base images](https://github.com/kasmtech/workspaces-core-images) intended for developers to create customized streaming containers. These containers can be used standalone or within the [Kasm Workspaces Platform](https://www.kasmweb.com) which provides a full Enterprise feature set.
## Documentation
@ -27,7 +27,7 @@ wget <package_url>
sudo apt-get install ./kasmvncserver_*.deb
# Add your user to the ssl-cert group
sudo addgroup $USER ssl-cert
sudo adduser $USER ssl-cert
```
### Oracle 8
@ -269,4 +269,4 @@ Future Goals:
See the [builder/README.md](https://github.com/kasmtech/KasmVNC/blob/master/builder/README.md). We containerize our build systems to ensure highly repeatable builds.
### License and Acknowledgements
See the [LICENSE.TXT](https://github.com/kasmtech/KasmVNC/blob/master/LICENSE.TXT) and [ACKNOWLEDGEMENTS.MD](https://github.com/kasmtech/KasmVNC/blob/master/LICENSE.TXT)
See the [LICENSE.TXT](https://github.com/kasmtech/KasmVNC/blob/master/LICENSE.TXT) and [ACKNOWLEDGEMENTS.md](https://github.com/kasmtech/KasmVNC/blob/master/ACKNOWLEDGEMENTS.md)

6
builder/build.sh
Unescape Escape View File

@ -46,7 +46,11 @@ EOF
cd /tmp
# default to the version of x in Ubuntu 18.04, otherwise caller will need to specify
XORG_VER=${XORG_VER:-"1.19.6"}
if [[ "${XORG_VER}" == 21* ]]; then
XORG_PATCH=21
else
XORG_PATCH=$(echo "$XORG_VER" | grep -Po '^\d.\d+' | sed 's#\.##')
fi
wget --no-check-certificate https://www.x.org/archive/individual/xserver/xorg-server-${XORG_VER}.tar.gz
#git clone https://kasmweb@bitbucket.org/kasmtech/kasmvnc.git
@ -139,6 +143,8 @@ if [ -d /usr/lib/x86_64-linux-gnu/dri ]; then
ln -s /usr/lib/x86_64-linux-gnu/dri dri
elif [ -d /usr/lib/aarch64-linux-gnu/dri ]; then
ln -s /usr/lib/aarch64-linux-gnu/dri dri
elif [ -d /usr/lib/arm-linux-gnueabihf/dri ]; then
ln -s /usr/lib/arm-linux-gnueabihf/dri dri
elif [ -d /usr/lib/xorg/modules/dri ]; then
ln -s /usr/lib/xorg/modules/dri dri
else

6
builder/bump-package-version
Unescape Escape View File

@ -15,6 +15,11 @@ bump_deb() {
builder/bump-package-version-deb "$new_version"
}
bump_xvnc_binary() {
local cmd="s/#define XVNCVERSION.\+$/#define XVNCVERSION \"KasmVNC $new_version\"/"
sed -i -e "$cmd" unix/xserver/hw/vnc/xvnc.c
}
new_version="$1"
if [[ -z "$new_version" ]]; then
@ -25,5 +30,6 @@ fi
cd "$(dirname "$0")/.."
update_version_to_meet_packaging_standards
bump_xvnc_binary
bump_rpm
bump_deb

2
builder/dockerfile.alpine_317.build
Unescape Escape View File

@ -2,7 +2,7 @@ FROM alpine:3.17
ENV KASMVNC_BUILD_OS alpine
ENV KASMVNC_BUILD_OS_CODENAME 317
ENV XORG_VER 1.20.14
ENV XORG_VER 21.1.8
RUN \
echo "**** install build deps ****" && \

7
builder/dockerfile.alpine_318.apk.build
Unescape Escape View File

@ -0,0 +1,7 @@
FROM alpine:3.18
RUN apk add shadow bash
RUN useradd -m docker && echo "docker:docker" | chpasswd
USER docker

82
builder/dockerfile.alpine_318.build
Unescape Escape View File

@ -0,0 +1,82 @@
FROM alpine:3.18
ENV KASMVNC_BUILD_OS alpine
ENV KASMVNC_BUILD_OS_CODENAME 318
ENV XORG_VER 21.1.10
RUN \
echo "**** install build deps ****" && \
apk add \
alpine-release \
alpine-sdk \
autoconf \
automake \
bash \
ca-certificates \
cmake \
coreutils \
curl \
eudev-dev \
font-cursor-misc \
font-misc-misc \
font-util-dev \
git \
grep \
jq \
libdrm-dev \
libepoxy-dev \
libjpeg-turbo-dev \
libjpeg-turbo-static \
libpciaccess-dev \
libtool \
libwebp-dev \
libx11-dev \
libxau-dev \
libxcb-dev \
libxcursor-dev \
libxcvt-dev \
libxdmcp-dev \
libxext-dev \
libxfont2-dev \
libxkbfile-dev \
libxrandr-dev \
libxshmfence-dev \
libxtst-dev \
mesa-dev \
mesa-dri-gallium \
meson \
nettle-dev \
openssl-dev \
pixman-dev \
procps \
shadow \
tar \
tzdata \
wayland-dev \
wayland-protocols \
xcb-util-dev \
xcb-util-image-dev \
xcb-util-keysyms-dev \
xcb-util-renderutil-dev \
xcb-util-wm-dev \
xinit \
xkbcomp \
xkbcomp-dev \
xkeyboard-config \
xorgproto \
xorg-server-common \
xorg-server-dev \
xtrans
ENV SCRIPTS_DIR=/tmp/scripts
COPY builder/scripts $SCRIPTS_DIR
RUN $SCRIPTS_DIR/build-webp
RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd
COPY --chown=docker:docker . /src/
USER docker
ENTRYPOINT ["/src/builder/build.sh"]

7
builder/dockerfile.alpine_319.apk.build
Unescape Escape View File

@ -0,0 +1,7 @@
FROM alpine:3.19
RUN apk add shadow bash
RUN useradd -m docker && echo "docker:docker" | chpasswd
USER docker

82
builder/dockerfile.alpine_319.build
Unescape Escape View File

@ -0,0 +1,82 @@
FROM alpine:3.19
ENV KASMVNC_BUILD_OS alpine
ENV KASMVNC_BUILD_OS_CODENAME 319
ENV XORG_VER 21.1.12
RUN \
echo "**** install build deps ****" && \
apk add \
alpine-release \
alpine-sdk \
autoconf \
automake \
bash \
ca-certificates \
cmake \
coreutils \
curl \
eudev-dev \
font-cursor-misc \
font-misc-misc \
font-util-dev \
git \
grep \
jq \
libdrm-dev \
libepoxy-dev \
libjpeg-turbo-dev \
libjpeg-turbo-static \
libpciaccess-dev \
libtool \
libwebp-dev \
libx11-dev \
libxau-dev \
libxcb-dev \
libxcursor-dev \
libxcvt-dev \
libxdmcp-dev \
libxext-dev \
libxfont2-dev \
libxkbfile-dev \
libxrandr-dev \
libxshmfence-dev \
libxtst-dev \
mesa-dev \
mesa-dri-gallium \
meson \
nettle-dev \
openssl-dev \
pixman-dev \
procps \
shadow \
tar \
tzdata \
wayland-dev \
wayland-protocols \
xcb-util-dev \
xcb-util-image-dev \
xcb-util-keysyms-dev \
xcb-util-renderutil-dev \
xcb-util-wm-dev \
xinit \
xkbcomp \
xkbcomp-dev \
xkeyboard-config \
xorgproto \
xorg-server-common \
xorg-server-dev \
xtrans
ENV SCRIPTS_DIR=/tmp/scripts
COPY builder/scripts $SCRIPTS_DIR
RUN $SCRIPTS_DIR/build-webp
RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd
COPY --chown=docker:docker . /src/
USER docker
ENTRYPOINT ["/src/builder/build.sh"]

7
builder/dockerfile.alpine_320.apk.build
Unescape Escape View File

@ -0,0 +1,7 @@
FROM alpine:3.20
RUN apk add shadow bash
RUN useradd -m docker && echo "docker:docker" | chpasswd
USER docker

82
builder/dockerfile.alpine_320.build
Unescape Escape View File

@ -0,0 +1,82 @@
FROM alpine:3.20
ENV KASMVNC_BUILD_OS alpine
ENV KASMVNC_BUILD_OS_CODENAME 320
ENV XORG_VER 21.1.14
RUN \
echo "**** install build deps ****" && \
apk add \
alpine-release \
alpine-sdk \
autoconf \
automake \
bash \
ca-certificates \
cmake \
coreutils \
curl \
eudev-dev \
font-cursor-misc \
font-misc-misc \
font-util-dev \
git \
grep \
jq \
libdrm-dev \
libepoxy-dev \
libjpeg-turbo-dev \
libjpeg-turbo-static \
libpciaccess-dev \
libtool \
libwebp-dev \
libx11-dev \
libxau-dev \
libxcb-dev \
libxcursor-dev \
libxcvt-dev \
libxdmcp-dev \
libxext-dev \
libxfont2-dev \
libxkbfile-dev \
libxrandr-dev \
libxshmfence-dev \
libxtst-dev \
mesa-dev \
mesa-dri-gallium \
meson \
nettle-dev \
openssl-dev \
pixman-dev \
procps \
shadow \
tar \
tzdata \
wayland-dev \
wayland-protocols \
xcb-util-dev \
xcb-util-image-dev \
xcb-util-keysyms-dev \
xcb-util-renderutil-dev \
xcb-util-wm-dev \
xinit \
xkbcomp \
xkbcomp-dev \
xkeyboard-config \
xorgproto \
xorg-server-common \
xorg-server-dev \
xtrans
ENV SCRIPTS_DIR=/tmp/scripts
COPY builder/scripts $SCRIPTS_DIR
RUN $SCRIPTS_DIR/build-webp
RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd
COPY --chown=docker:docker . /src/
USER docker
ENTRYPOINT ["/src/builder/build.sh"]

7
builder/dockerfile.alpine_321.apk.build
Unescape Escape View File

@ -0,0 +1,7 @@
FROM alpine:3.21
RUN apk add shadow bash
RUN useradd -m docker && echo "docker:docker" | chpasswd
USER docker

82
builder/dockerfile.alpine_321.build
Unescape Escape View File

@ -0,0 +1,82 @@
FROM alpine:3.21
ENV KASMVNC_BUILD_OS alpine
ENV KASMVNC_BUILD_OS_CODENAME 321
ENV XORG_VER 21.1.14
RUN \
echo "**** install build deps ****" && \
apk add \
alpine-release \
alpine-sdk \
autoconf \
automake \
bash \
ca-certificates \
cmake \
coreutils \
curl \
eudev-dev \
font-cursor-misc \
font-misc-misc \
font-util-dev \
git \
grep \
jq \
libdrm-dev \
libepoxy-dev \
libjpeg-turbo-dev \
libjpeg-turbo-static \
libpciaccess-dev \
libtool \
libwebp-dev \
libx11-dev \
libxau-dev \
libxcb-dev \
libxcursor-dev \
libxcvt-dev \
libxdmcp-dev \
libxext-dev \
libxfont2-dev \
libxkbfile-dev \
libxrandr-dev \
libxshmfence-dev \
libxtst-dev \
mesa-dev \
mesa-dri-gallium \
meson \
nettle-dev \
openssl-dev \
pixman-dev \
procps \
shadow \
tar \
tzdata \
wayland-dev \
wayland-protocols \
xcb-util-dev \
xcb-util-image-dev \
xcb-util-keysyms-dev \
xcb-util-renderutil-dev \
xcb-util-wm-dev \
xinit \
xkbcomp \
xkbcomp-dev \
xkeyboard-config \
xorgproto \
xorg-server-common \
xorg-server-dev \
xtrans
ENV SCRIPTS_DIR=/tmp/scripts
COPY builder/scripts $SCRIPTS_DIR
RUN $SCRIPTS_DIR/build-webp
RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd
COPY --chown=docker:docker . /src/
USER docker
ENTRYPOINT ["/src/builder/build.sh"]

38
builder/dockerfile.debian_bookworm.build
Unescape Escape View File

@ -0,0 +1,38 @@
FROM debian:bookworm-slim
ENV KASMVNC_BUILD_OS debian
ENV KASMVNC_BUILD_OS_CODENAME bookworm
ENV XORG_VER 21.1.7
ENV DEBIAN_FRONTEND noninteractive
RUN \
echo "**** add all sources ****" && \
echo "deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list && \
echo "deb-src http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
echo "deb-src http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
rm -f /etc/apt/sources.list.d/debian.sources
RUN apt-get update && \
apt-get -y install sudo
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata
RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget tightvncserver curl
RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev
ENV SCRIPTS_DIR=/tmp/scripts
COPY builder/scripts $SCRIPTS_DIR
RUN $SCRIPTS_DIR/build-webp
RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
COPY --chown=docker:docker . /src/
USER docker
ENTRYPOINT ["/src/builder/build.sh"]

19
builder/dockerfile.debian_bookworm.deb.build
Unescape Escape View File

@ -0,0 +1,19 @@
FROM debian:bookworm
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && \
apt-get -y install vim build-essential devscripts equivs
# Install build-deps for the package.
COPY ./debian/control /tmp
RUN apt-get update && echo YYY | mk-build-deps --install --remove /tmp/control
ARG L_UID
RUN if [ "$L_UID" -eq 0 ]; then \
useradd -m docker; \
else \
useradd -m docker -u $L_UID;\
fi
USER docker

57
builder/dockerfile.debian_bookworm.deb.test
Unescape Escape View File

@ -0,0 +1,57 @@
FROM debian:bookworm-slim
ENV DISPLAY=:1 \
VNC_PORT=8443 \
VNC_RESOLUTION=1280x720 \
MAX_FRAME_RATE=24 \
VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \
HOME=/home/user \
TERM=xterm \
STARTUPDIR=/dockerstartup \
INST_SCRIPTS=/dockerstartup/install \
KASM_RX_HOME=/dockerstartup/kasmrx \
DEBIAN_FRONTEND=noninteractive \
VNC_COL_DEPTH=24 \
VNC_RESOLUTION=1280x1024 \
VNC_PW=vncpassword \
VNC_USER=user \
VNC_VIEW_ONLY_PW=vncviewonlypassword \
LD_LIBRARY_PATH=/usr/local/lib/ \
OMP_WAIT_POLICY=PASSIVE \
SHELL=/bin/bash \
SINGLE_APPLICATION=0 \
KASMVNC_BUILD_OS=debian \
KASMVNC_BUILD_OS_CODENAME=buster
EXPOSE $VNC_PORT
WORKDIR $HOME
### REQUIRED STUFF ###
RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal dbus-x11 xterm libnss-wrapper gettext wget
RUN apt-get purge -y pm-utils xscreensaver*
RUN apt-get update && apt-get install -y vim less
RUN apt-get update && apt-get -y install lsb-release
RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc
RUN mkdir -p $STARTUPDIR
COPY builder/startup/ $STARTUPDIR
### START CUSTOM STUFF ####
COPY ./builder/scripts/ /tmp/scripts/
COPY ./debian/changelog /tmp
ARG KASMVNC_PACKAGE_DIR
COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp/
RUN /tmp/scripts/install_kasmvncserver_package
### END CUSTOM STUFF ###
RUN chown -R 1000:0 $HOME
USER 1000:ssl-cert
WORKDIR $HOME
ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ]

86
builder/dockerfile.fedora_forty.build
Unescape Escape View File

@ -0,0 +1,86 @@
FROM fedora:40
ENV KASMVNC_BUILD_OS fedora
ENV KASMVNC_BUILD_OS_CODENAME forty
ENV XORG_VER 1.20.14
RUN \
echo "**** install build deps ****" && \
dnf group install -y \
"C Development Tools and Libraries" \
"Development Tools" && \
dnf install -y \
autoconf \
automake \
bison \
byacc \
bzip2 \
cmake \
diffutils \
doxygen \
file \
flex \
fop \
gcc \
gcc-c++ \
git \
glibc-devel \
libdrm-devel \
libepoxy-devel \
libmd-devel \
libpciaccess-devel \
libtool \
libwebp-devel \
libX11-devel \
libXau-devel \
libxcb-devel \
libXcursor-devel \
libxcvt-devel \
libXdmcp-devel \
libXext-devel \
libXfont2-devel \
libxkbfile-devel \
libXrandr-devel \
libxshmfence-devel \
libXtst-devel \
mesa-libEGL-devel \
mesa-libgbm-devel \
mesa-libGL-devel \
meson \
mingw64-binutils \
mt-st \
nettle-devel \
openssl-devel \
patch \
pixman-devel \
wayland-devel \
wget \
which \
xcb-util-devel \
xcb-util-image-devel \
xcb-util-keysyms-devel \
xcb-util-renderutil-devel \
xcb-util-wm-devel \
xinit \
xkbcomp \
xkbcomp-devel \
xkeyboard-config \
xmlto \
xorg-x11-font-utils \
xorg-x11-proto-devel \
xorg-x11-server-common \
xorg-x11-server-devel \
xorg-x11-xtrans-devel \
xsltproc
ENV SCRIPTS_DIR=/tmp/scripts
COPY builder/scripts $SCRIPTS_DIR
RUN $SCRIPTS_DIR/build-webp
RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd
COPY --chown=docker:docker . /src/
USER docker
ENTRYPOINT ["/src/builder/build.sh"]

13
builder/dockerfile.fedora_forty.rpm.build
Unescape Escape View File

@ -0,0 +1,13 @@
FROM fedora:40
RUN dnf install -y fedora-packager fedora-review
RUN dnf install -y tree vim less
RUN dnf install -y redhat-lsb-core
RUN dnf install -y dnf-plugins-core
COPY fedora/*.spec /tmp
RUN dnf builddep -y /tmp/*.spec
RUN useradd -m docker && echo "docker:docker" | chpasswd
USER docker

87
builder/dockerfile.fedora_fortyone.build
Unescape Escape View File

@ -0,0 +1,87 @@
FROM fedora:41
ENV KASMVNC_BUILD_OS fedora
ENV KASMVNC_BUILD_OS_CODENAME fortyone
ENV XORG_VER 21.1.15
RUN \
echo "**** install build deps ****" && \
dnf group install -y \
c-development \
development-tools \
development-libs && \
dnf install -y \
autoconf \
automake \
bison \
byacc \
bzip2 \
cmake \
diffutils \
doxygen \
file \
flex \
fop \
gcc \
gcc-c++ \
git \
glibc-devel \
libdrm-devel \
libepoxy-devel \
libmd-devel \
libpciaccess-devel \
libtool \
libwebp-devel \
libX11-devel \
libXau-devel \
libxcb-devel \
libXcursor-devel \
libxcvt-devel \
libXdmcp-devel \
libXext-devel \
libXfont2-devel \
libxkbfile-devel \
libXrandr-devel \
libxshmfence-devel \
libXtst-devel \
mesa-libEGL-devel \
mesa-libgbm-devel \
mesa-libGL-devel \
meson \
mingw64-binutils \
mt-st \
nettle-devel \
openssl-devel \
patch \
pixman-devel \
wayland-devel \
wget \
which \
xcb-util-devel \
xcb-util-image-devel \
xcb-util-keysyms-devel \
xcb-util-renderutil-devel \
xcb-util-wm-devel \
xinit \
xkbcomp \
xkbcomp-devel \
xkeyboard-config \
xmlto \
xorg-x11-font-utils \
xorg-x11-proto-devel \
xorg-x11-server-common \
xorg-x11-server-devel \
xorg-x11-xtrans-devel \
xsltproc
ENV SCRIPTS_DIR=/tmp/scripts
COPY builder/scripts $SCRIPTS_DIR
RUN $SCRIPTS_DIR/build-webp
RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd
COPY --chown=docker:docker . /src/
USER docker
ENTRYPOINT ["/src/builder/build.sh"]

13
builder/dockerfile.fedora_fortyone.rpm.build
Unescape Escape View File

@ -0,0 +1,13 @@
FROM fedora:41
RUN dnf install -y fedora-packager fedora-review
RUN dnf install -y tree vim less
RUN dnf install -y redhat-lsb-core
RUN dnf install -y dnf-plugins-core
COPY fedora/*.spec /tmp
RUN dnf builddep -y /tmp/*.spec
RUN useradd -m docker && echo "docker:docker" | chpasswd
USER docker

19
builder/dockerfile.fedora_thirtyeight.barebones.rpm.test
Unescape Escape View File

@ -0,0 +1,19 @@
FROM fedora:38
ENV STARTUPDIR=/dockerstartup
RUN dnf install -y xterm
RUN dnf install -y vim less
RUN yum install -y redhat-lsb-core
ARG KASMVNC_PACKAGE_DIR
COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp/
RUN dnf localinstall -y /tmp/*.rpm
RUN mkdir -p $STARTUPDIR
COPY startup/vnc_startup_barebones.sh $STARTUPDIR
RUN useradd -m foo
USER foo:kasmvnc-cert
ENTRYPOINT "/$STARTUPDIR/vnc_startup_barebones.sh"

86
builder/dockerfile.fedora_thirtyeight.build
Unescape Escape View File

@ -0,0 +1,86 @@
FROM fedora:38
ENV KASMVNC_BUILD_OS fedora
ENV KASMVNC_BUILD_OS_CODENAME thirtyeight
ENV XORG_VER 1.20.14
RUN \
echo "**** install build deps ****" && \
dnf group install -y \
"C Development Tools and Libraries" \
"Development Tools" && \
dnf install -y \
autoconf \
automake \
bison \
byacc \
bzip2 \
cmake \
diffutils \
doxygen \
file \
flex \
fop \
gcc \
gcc-c++ \
git \
glibc-devel \
libdrm-devel \
libepoxy-devel \
libmd-devel \
libpciaccess-devel \
libtool \
libwebp-devel \
libX11-devel \
libXau-devel \
libxcb-devel \
libXcursor-devel \
libxcvt-devel \
libXdmcp-devel \
libXext-devel \
libXfont2-devel \
libxkbfile-devel \
libXrandr-devel \
libxshmfence-devel \
libXtst-devel \
mesa-libEGL-devel \
mesa-libgbm-devel \
mesa-libGL-devel \
meson \
mingw64-binutils \
mt-st \
nettle-devel \
openssl-devel \
patch \
pixman-devel \
wayland-devel \
wget \
which \
xcb-util-devel \
xcb-util-image-devel \
xcb-util-keysyms-devel \
xcb-util-renderutil-devel \
xcb-util-wm-devel \
xinit \
xkbcomp \
xkbcomp-devel \
xkeyboard-config \
xmlto \
xorg-x11-font-utils \
xorg-x11-proto-devel \
xorg-x11-server-common \
xorg-x11-server-devel \
xorg-x11-xtrans-devel \
xsltproc
ENV SCRIPTS_DIR=/tmp/scripts
COPY builder/scripts $SCRIPTS_DIR
RUN $SCRIPTS_DIR/build-webp
RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd
COPY --chown=docker:docker . /src/
USER docker
ENTRYPOINT ["/src/builder/build.sh"]

13
builder/dockerfile.fedora_thirtyeight.rpm.build
Unescape Escape View File

@ -0,0 +1,13 @@
FROM fedora:38
RUN dnf install -y fedora-packager fedora-review
RUN dnf install -y tree vim less
RUN dnf install -y redhat-lsb-core
RUN dnf install -y dnf-plugins-core
COPY fedora/*.spec /tmp
RUN dnf builddep -y /tmp/*.spec
RUN useradd -m docker && echo "docker:docker" | chpasswd
USER docker

62
builder/dockerfile.fedora_thirtyeight.rpm.test
Unescape Escape View File

@ -0,0 +1,62 @@
FROM fedora:38
ENV DISPLAY=:1 \
VNC_PORT=8443 \
VNC_RESOLUTION=1280x720 \
MAX_FRAME_RATE=24 \
VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \
HOME=/home/user \
TERM=xterm \
STARTUPDIR=/dockerstartup \
INST_SCRIPTS=/dockerstartup/install \
KASM_RX_HOME=/dockerstartup/kasmrx \
DEBIAN_FRONTEND=noninteractive \
VNC_COL_DEPTH=24 \
VNC_RESOLUTION=1280x1024 \
VNC_PW=vncpassword \
VNC_USER=user \
VNC_VIEW_ONLY_PW=vncviewonlypassword \
LD_LIBRARY_PATH=/usr/local/lib/ \
OMP_WAIT_POLICY=PASSIVE \
SHELL=/bin/bash \
SINGLE_APPLICATION=0 \
KASMVNC_BUILD_OS=fedora \
KASMVNC_BUILD_OS_CODENAME=thirtythree
EXPOSE $VNC_PORT
WORKDIR $HOME
### REQUIRED STUFF ###
RUN dnf install -y openssl xterm gettext wget
RUN dnf install -y nss_wrapper
RUN dnf install -y xorg-x11-xauth xkeyboard-config
# xorg-x11-server-Xorg
# RUN dnf install -y @xfce-desktop-environment
RUN dnf erase -y pm-utils xscreensaver*
RUN dnf install -y redhat-lsb-core
RUN dnf install -y vim less
RUN dnf install -y @xfce-desktop-environment
RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc
RUN mkdir -p $STARTUPDIR
COPY builder/startup/ $STARTUPDIR
### START CUSTOM STUFF ####
COPY ./builder/scripts/ /tmp/scripts/
COPY ./fedora/kasmvncserver.spec /tmp
ARG KASMVNC_PACKAGE_DIR
COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp/
# RUN dnf remove -y tigervnc-server-minimal
RUN /tmp/scripts/install_kasmvncserver_package
### END CUSTOM STUFF ###
RUN chown -R 1000:0 $HOME
USER 1000:kasmvnc-cert
WORKDIR $HOME
ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ]

86
builder/dockerfile.fedora_thirtynine.build
Unescape Escape View File

@ -0,0 +1,86 @@
FROM fedora:39
ENV KASMVNC_BUILD_OS fedora
ENV KASMVNC_BUILD_OS_CODENAME thirtynine
ENV XORG_VER 1.20.14
RUN \
echo "**** install build deps ****" && \
dnf group install -y \
"C Development Tools and Libraries" \
"Development Tools" && \
dnf install -y \
autoconf \
automake \
bison \
byacc \
bzip2 \
cmake \
diffutils \
doxygen \
file \
flex \
fop \
gcc \
gcc-c++ \
git \
glibc-devel \
libdrm-devel \
libepoxy-devel \
libmd-devel \
libpciaccess-devel \
libtool \
libwebp-devel \
libX11-devel \
libXau-devel \
libxcb-devel \
libXcursor-devel \
libxcvt-devel \
libXdmcp-devel \
libXext-devel \
libXfont2-devel \
libxkbfile-devel \
libXrandr-devel \
libxshmfence-devel \
libXtst-devel \
mesa-libEGL-devel \
mesa-libgbm-devel \
mesa-libGL-devel \
meson \
mingw64-binutils \
mt-st \
nettle-devel \
openssl-devel \
patch \
pixman-devel \
wayland-devel \
wget \
which \
xcb-util-devel \
xcb-util-image-devel \
xcb-util-keysyms-devel \
xcb-util-renderutil-devel \
xcb-util-wm-devel \
xinit \
xkbcomp \
xkbcomp-devel \
xkeyboard-config \
xmlto \
xorg-x11-font-utils \
xorg-x11-proto-devel \
xorg-x11-server-common \
xorg-x11-server-devel \
xorg-x11-xtrans-devel \
xsltproc
ENV SCRIPTS_DIR=/tmp/scripts
COPY builder/scripts $SCRIPTS_DIR
RUN $SCRIPTS_DIR/build-webp
RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd
COPY --chown=docker:docker . /src/
USER docker
ENTRYPOINT ["/src/builder/build.sh"]

13
builder/dockerfile.fedora_thirtynine.rpm.build
Unescape Escape View File

@ -0,0 +1,13 @@
FROM fedora:39
RUN dnf install -y fedora-packager fedora-review
RUN dnf install -y tree vim less
RUN dnf install -y redhat-lsb-core
RUN dnf install -y dnf-plugins-core
COPY fedora/*.spec /tmp
RUN dnf builddep -y /tmp/*.spec
RUN useradd -m docker && echo "docker:docker" | chpasswd
USER docker

6
builder/dockerfile.kali_kali-rolling.build
Unescape Escape View File

@ -2,10 +2,8 @@ FROM kalilinux/kali-rolling:latest
ENV KASMVNC_BUILD_OS kali
ENV KASMVNC_BUILD_OS_CODENAME kali-rolling
ENV XORG_VER 1.20.10
ENV XORG_VER 21.1.14
ENV DEBIAN_FRONTEND noninteractive
ENV CC=gcc-11
ENV CXX=g++-11
RUN grep '^deb' /etc/apt/sources.list | sed 's#^deb#deb-src#' >> /etc/apt/sources.list
@ -14,7 +12,7 @@ RUN apt-get update && \
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata
RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
RUN apt-get update && apt-get -y install gcc-11 g++-11 curl
RUN apt-get update && apt-get -y install gcc g++ curl
RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget tightvncserver
RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev

2
builder/dockerfile.opensuse_15.barebones.rpm.test
Unescape Escape View File

@ -1,4 +1,4 @@
FROM opensuse/leap:15.3
FROM opensuse/leap:15.5
ENV STARTUPDIR=/dockerstartup

2
builder/dockerfile.opensuse_15.build
Unescape Escape View File

@ -1,4 +1,4 @@
FROM opensuse/leap:15.3
FROM opensuse/leap:15.5
ENV KASMVNC_BUILD_OS opensuse
ENV KASMVNC_BUILD_OS_CODENAME 15

2
builder/dockerfile.opensuse_15.rpm.build
Unescape Escape View File

@ -1,4 +1,4 @@
FROM opensuse/leap:15.3
FROM opensuse/leap:15.5
ENV KASMVNC_BUILD_OS opensuse
ENV KASMVNC_BUILD_OS_CODENAME 15

2
builder/dockerfile.oracle_8.build
Unescape Escape View File

@ -2,7 +2,7 @@ FROM oraclelinux:8
ENV KASMVNC_BUILD_OS oracle
ENV KASMVNC_BUILD_OS_CODENAME 8
ENV XORG_VER 1.20.10
ENV XORG_VER 1.20.11
# Install from stock repos
RUN \

2
builder/dockerfile.oracle_9.build
Unescape Escape View File

@ -2,7 +2,7 @@ FROM oraclelinux:9
ENV KASMVNC_BUILD_OS oracle
ENV KASMVNC_BUILD_OS_CODENAME 9
ENV XORG_VER 1.20.10
ENV XORG_VER 1.20.11
# Install from stock repos
RUN \

4
builder/dockerfile.oracle_9.rpm.build
Unescape Escape View File

@ -4,8 +4,8 @@ ENV KASMVNC_BUILD_OS oracle
ENV KASMVNC_BUILD_OS_CODENAME 9
RUN dnf config-manager --set-enabled ol9_codeready_builder
RUN dnf config-manager --set-enabled ol9_distro_builder
RUN dnf install -y \
RUN dnf config-manager --nobest --set-enabled ol9_distro_builder
RUN dnf install --nobest -y \
gpg* \
less \
redhat-lsb-core \

3
builder/dockerfile.ubuntu_focal.vncserver_devenv.test
Unescape Escape View File

@ -58,7 +58,8 @@ RUN echo 'alias tv="./run-specs spec/vncserver_yaml_validation_spec.py"' >> ~/.b
RUN echo 'alias ty="./run-specs spec/vncserver_*spec.py"' >> ~/.bashrc
RUN echo 'alias ta="./run-specs"' >> ~/.bashrc
RUN echo 'alias vd="vncserver -dry-run"' >> ~/.bashrc
ENV SET_PASSWORD_FUNC 'sp() { echo -e "$VNC_PW\\n$VNC_PW\\n" | kasmvncpasswd -w -u $USER $HOME/.kasmpasswd; }'
RUN echo 'alias ss="sp; vncserver -select-de xfce"' >> ~/.bashrc
ENV SET_PASSWORD_FUNC 'sp() { echo -e "$VNC_PW\\n$VNC_PW\\n" | kasmvncpasswd -w -u $VNC_USER $HOME/.kasmpasswd; }'
RUN echo $SET_PASSWORD_FUNC >> ~/.bashrc
ENV LC_ALL=C.UTF-8

2
builder/dockerfile.ubuntu_jammy.build
Unescape Escape View File

@ -2,7 +2,7 @@ FROM ubuntu:jammy
ENV KASMVNC_BUILD_OS ubuntu
ENV KASMVNC_BUILD_OS_CODENAME jammy
ENV XORG_VER 1.20.8
ENV XORG_VER 21.1.3
ENV DEBIAN_FRONTEND noninteractive
RUN sed -i 's$# deb-src$deb-src$' /etc/apt/sources.list

28
builder/dockerfile.ubuntu_noble.build
Unescape Escape View File

@ -0,0 +1,28 @@
FROM ubuntu:noble
ENV KASMVNC_BUILD_OS ubuntu
ENV KASMVNC_BUILD_OS_CODENAME noble
ENV XORG_VER 21.1.12
ENV DEBIAN_FRONTEND noninteractive
RUN sed -i 's$Types: deb$Types: deb deb-src$' /etc/apt/sources.list.d/ubuntu.sources
RUN apt-get update && \
apt-get -y install sudo
RUN apt-get update && apt-get install -y --no-install-recommends tzdata
RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget curl
RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev
ENV SCRIPTS_DIR=/tmp/scripts
COPY builder/scripts $SCRIPTS_DIR
RUN $SCRIPTS_DIR/build-webp
RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
COPY --chown=docker:docker . /src/
USER docker
ENTRYPOINT ["/src/builder/build.sh"]

19
builder/dockerfile.ubuntu_noble.deb.build
Unescape Escape View File

@ -0,0 +1,19 @@
FROM ubuntu:noble
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && \
apt-get -y install vim build-essential devscripts equivs
# Install build-deps for the package.
COPY ./debian/control /tmp
RUN apt-get update && echo YYY | mk-build-deps --install --remove /tmp/control
ARG L_UID
RUN if [ "$L_UID" -eq 0 ]; then \
useradd -m docker; \
else \
useradd -m docker -u $L_UID;\
fi
USER docker

57
builder/dockerfile.ubuntu_noble.deb.test
Unescape Escape View File

@ -0,0 +1,57 @@
FROM ubuntu:noble
ENV DISPLAY=:1 \
VNC_PORT=8443 \
VNC_RESOLUTION=1280x720 \
MAX_FRAME_RATE=24 \
VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \
HOME=/home/user \
TERM=xterm \
STARTUPDIR=/dockerstartup \
INST_SCRIPTS=/dockerstartup/install \
KASM_RX_HOME=/dockerstartup/kasmrx \
DEBIAN_FRONTEND=noninteractive \
VNC_COL_DEPTH=24 \
VNC_RESOLUTION=1280x1024 \
VNC_PW=vncpassword \
VNC_USER=user \
VNC_VIEW_ONLY_PW=vncviewonlypassword \
LD_LIBRARY_PATH=/usr/local/lib/ \
OMP_WAIT_POLICY=PASSIVE \
SHELL=/bin/bash \
SINGLE_APPLICATION=0 \
KASMVNC_BUILD_OS=ubuntu \
KASMVNC_BUILD_OS_CODENAME=noble
EXPOSE $VNC_PORT
WORKDIR $HOME
### REQUIRED STUFF ###
RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget
RUN apt-get purge -y pm-utils xscreensaver*
RUN apt-get update && apt-get install -y vim less
RUN apt-get update && apt-get -y install lsb-release
RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc
RUN mkdir -p $STARTUPDIR
COPY builder/startup/ $STARTUPDIR
### START CUSTOM STUFF ####
ARG KASMVNC_PACKAGE_DIR
COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp/
RUN rm -f /tmp/kasmvncserver_*+*.deb; dpkg -i /tmp/*.deb; apt-get -yf install
RUN mkdir ~/.vnc && echo '/usr/bin/xfce4-session &' >> ~/.vnc/xstartup && \
chmod +x ~/.vnc/xstartup
### END CUSTOM STUFF ###
RUN chown -R 1000:0 $HOME
USER 1000:ssl-cert
WORKDIR $HOME
ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ]

51
builder/dockerfile.ubuntu_noble.test
Unescape Escape View File

@ -0,0 +1,51 @@
FROM ubuntu:noble
ENV DISPLAY=:1 \
VNC_PORT=8443 \
VNC_RESOLUTION=1280x720 \
MAX_FRAME_RATE=24 \
VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \
HOME=/home/user \
TERM=xterm \
STARTUPDIR=/dockerstartup \
INST_SCRIPTS=/dockerstartup/install \
KASM_RX_HOME=/dockerstartup/kasmrx \
DEBIAN_FRONTEND=noninteractive \
VNC_COL_DEPTH=24 \
VNC_RESOLUTION=1280x1024 \
VNC_PW=vncpassword \
VNC_USER=user \
VNC_VIEW_ONLY_PW=vncviewonlypassword \
LD_LIBRARY_PATH=/usr/local/lib/ \
OMP_WAIT_POLICY=PASSIVE \
SHELL=/bin/bash \
SINGLE_APPLICATION=0 \
KASMVNC_BUILD_OS=ubuntu \
KASMVNC_BUILD_OS_CODENAME=noble
EXPOSE $VNC_PORT
WORKDIR $HOME
### REQUIRED STUFF ###
RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget
RUN apt-get purge -y pm-utils xscreensaver*
RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc
RUN mkdir -p $STARTUPDIR
COPY startup/ $STARTUPDIR
### START CUSTOM STUFF ####
COPY build/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz /tmp/
RUN tar -xzvf /tmp/kasmvnc.${KASMVNC_BUILD_OS}_${KASMVNC_BUILD_OS_CODENAME}.tar.gz --strip 1 -C /
### END CUSTOM STUFF ###
RUN chown -R 1000:0 $HOME
USER 1000
WORKDIR $HOME
ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ]

1
builder/startup/deb/select-de.sh
Unescape Escape View File

@ -198,6 +198,7 @@ generate_xstartup() {
cat <<-SCRIPT > "$xstartup_script"
#!/bin/sh
set -x
$de_cmd
SCRIPT
chmod +x "$xstartup_script"

36
centos/kasmvncserver.spec
Unescape Escape View File

@ -1,5 +1,5 @@
Name: kasmvncserver
Version: 1.1.0
Version: 1.3.3
Release: 1%{?dist}
Summary: VNC server accessible from a web browser
@ -7,7 +7,7 @@ License: GPLv2+
URL: https://github.com/kasmtech/KasmVNC
BuildRequires: rsync
Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny
Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, perl-DateTime-TimeZone
Conflicts: tigervnc-server, tigervnc-server-minimal
%description
@ -83,6 +83,38 @@ cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
%doc /usr/share/doc/kasmvncserver/README.md
%changelog
* Fri Oct 25 2024 KasmTech <info@kasmweb.com> - 1.3.3-1
- Allow disabling IP blacklist
- Downloads API for detailed file downloads information
* Tue Sep 24 2024 KasmTech <info@kasmweb.com> - 1.3.2-1
- Disable seamless clipboard on Firefox by default, due to the Firefox overlaying a Paste menu over the canvas.
- Fixed CVE-2024-38449, directory traversal bug in built-in web server.
- Allow for larger header sizes, up to 16k. Provide better logging and handling for requests that contain HTTP headers that are larger than the 16k limit.
- Fixed memory leak in kasmproxy.
- Fixed mime types of downloads to ensure the browser interprets them as downloads.
* Tue Mar 12 2024 KasmTech <info@kasmweb.com> - 1.3.1-1
- Fix exception thrown on Firefox 124 and higher
- Fix artifacts on high resolution secondary screens
- Fixes for touch support on primary and secondary screens
- Fix for Oculus keyboard input
* Mon Feb 05 2024 KasmTech <info@kasmweb.com> - 1.3.0-1
- Multi-monitor support.
- Increased performance with watermark enabled.
- Added support for Fedora 39 and Alpine 319.
- Allow special characters in usernames.
- Better logging of client settings when client connects or changes settings.
- Add support for rotation of text-based watermark.
* Fri Aug 25 2023 KasmTech <info@kasmweb.com> - 1.2.0-1
- Add support for Unix relays for bidirectional communication between noVNC
and containerized applications.
- Text based watermark overlays with date and time support.
- New builds for Bookworm, Alpine 3.18, and Fedora 38.
- Multi-language support.
- Add support for rendering pixmaps via DRI3 GPU acceleration allowing
compositing and other 3d accelerated workloads in a KasmVNC session.
- Fix crash that can occur.
- Fixed tearing when compositing is enabled with DRI3 hardware acceleration.
- Fix stuck command key on MacOS clients.
* Wed Apr 05 2023 KasmTech <info@kasmweb.com> - 1.1.0-1
- Upstream release
* Tue Nov 29 2022 KasmTech <info@kasmweb.com> - 1.0.0-1

17
cmake/Modules/FindFreetype.cmake
Unescape Escape View File

@ -0,0 +1,17 @@
# - Find freetype
# Find the freetype libraries
#
# This module defines the following variables:
# FREETYPE_FOUND - True if freetype is found
# FREETYPE_INCLUDE_DIRS - include directories
#
find_package(PkgConfig)
pkg_check_modules(PC_FREETYPE freetype2)
find_path(FREETYPE_INCLUDE_DIRS NAMES ft2build.h HINTS ${PC_FREETYPE_INCLUDE_DIRS})
include(FindPackageHandleStandardArgs)
set(FPHSA_NAME_MISMATCHED 1)
find_package_handle_standard_args(freetype DEFAULT_MSG FREETYPE_INCLUDE_DIRS)
unset(FPHSA_NAME_MISMATCHED)
mark_as_advanced(FREETYPE_INCLUDE_DIRS)

2
common/network/GetAPIMessager.cxx
Unescape Escape View File

@ -550,7 +550,7 @@ void GetAPIMessager::netGetBottleneckStats(char *buf, uint32_t len) {
const char *id = it->first.c_str();
const char *data = it->second.c_str();
const char *at = strchr(id, '@');
const char *at = strrchr(id, '@');
if (!at)
continue;

17
common/network/Udp.cxx
Unescape Escape View File

@ -40,7 +40,7 @@ using namespace network;
static rfb::LogWriter vlog("WebUdp");
static WuHost *host = NULL;
rfb::IntParameter udpSize("udpSize", "UDP packet data size", 1300, 500, 1400);
rfb::IntParameter udpSize("udpSize", "UDP packet data size", 1296, 500, 1400);
extern settings_t settings;
@ -95,10 +95,11 @@ void *udpserver(void *nport) {
}
// Send one packet, split into N UDP-sized pieces
static uint8_t udpsend(WuClient *client, const uint8_t *data, unsigned len, uint32_t *id) {
static uint8_t udpsend(WuClient *client, const uint8_t *data, unsigned len, uint32_t *id,
const uint32_t *frame) {
const uint32_t DATA_MAX = udpSize;
uint8_t buf[1400 + sizeof(uint32_t) * 4];
uint8_t buf[1400 + sizeof(uint32_t) * 5];
const uint32_t pieces = (len / DATA_MAX) + ((len % DATA_MAX) ? 1 : 0);
uint32_t i;
@ -111,12 +112,13 @@ static uint8_t udpsend(WuClient *client, const uint8_t *data, unsigned len, uint
memcpy(&buf[4], &i, sizeof(uint32_t));
memcpy(&buf[8], &pieces, sizeof(uint32_t));
memcpy(&buf[12], &hash, sizeof(uint32_t));
memcpy(&buf[16], frame, sizeof(uint32_t));
memcpy(&buf[16], data, curlen);
memcpy(&buf[20], data, curlen);
data += curlen;
len -= curlen;
if (WuHostSendBinary(host, client, buf, curlen + sizeof(uint32_t) * 4) < 0)
if (WuHostSendBinary(host, client, buf, curlen + sizeof(uint32_t) * 5) < 0)
return 1;
}
@ -125,7 +127,8 @@ static uint8_t udpsend(WuClient *client, const uint8_t *data, unsigned len, uint
return 0;
}
UdpStream::UdpStream(): OutStream(), client(NULL), total_len(0), id(0), failed(false) {
UdpStream::UdpStream(): OutStream(), client(NULL), total_len(0), id(0), failed(false),
frame(0) {
ptr = data;
end = data + UDPSTREAM_BUFSIZE;
@ -137,7 +140,7 @@ void UdpStream::flush() {
total_len += len;
if (client) {
if (udpsend(client, data, len, &id)) {
if (udpsend(client, data, len, &id, &frame)) {
vlog.error("Error sending udp, client gone?");
failed = true;
}

5
common/network/Udp.h
Unescape Escape View File

@ -40,6 +40,10 @@ namespace network {
client = cli;
}
void setFrameNumber(const unsigned in) {
frame = in;
}
bool isFailed() const;
void clearFailed();
private:
@ -48,6 +52,7 @@ namespace network {
size_t total_len;
uint32_t id;
bool failed;
uint32_t frame;
};
}

139
common/network/websocket.c
Unescape Escape View File

@ -18,6 +18,7 @@
#include <errno.h>
#include <string.h>
#include <dirent.h>
#include <inttypes.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/stat.h>
@ -26,6 +27,9 @@
#include <arpa/inet.h>
#include <netdb.h>
#include <fcntl.h> // daemonizing
#include <pwd.h>
#include <grp.h>
#include <wordexp.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <openssl/bio.h> /* base64 encode/decode */
@ -33,7 +37,6 @@
#include <openssl/sha.h> /* sha1 hash */
#include "websocket.h"
#include "jsonescape.h"
#include "kasmpasswd.h"
#include <network/Blacklist.h>
/*
@ -783,6 +786,10 @@ static const char *name2mime(const char *name) {
goto def;
end++;
// Everything under Downloads/ should be treated as binary
if (strcasestr(name, "Downloads/"))
goto def;
#define CMP(s) if (!strncmp(end, s, sizeof(s) - 1))
CMP("htm")
@ -918,6 +925,12 @@ static void servefile(ws_ctx_t *ws_ctx, const char *in, const char * const user,
percent_decode(path, buf, 1);
// in case they percent-encoded dots
if (strstr(buf, "../")) {
handler_msg("Attempted dir traversal attack, rejecting\n");
goto nope;
}
handler_msg("Requested file '%s'\n", buf);
sprintf(fullpath, "%s/%s", settings.httpdir, buf);
@ -934,15 +947,15 @@ static void servefile(ws_ctx_t *ws_ctx, const char *in, const char * const user,
goto nope;
}
fseek(f, 0, SEEK_END);
const uint64_t filesize = ftell(f);
fseeko(f, 0, SEEK_END);
const uint64_t filesize = ftello(f);
rewind(f);
sprintf(buf, "HTTP/1.1 200 OK\r\n"
"Server: KasmVNC/4.0\r\n"
"Connection: close\r\n"
"Content-type: %s\r\n"
"Content-length: %lu\r\n"
"Content-length: %" PRIu64 "\r\n"
"%s"
"\r\n",
name2mime(path), filesize, extra_headers ? extra_headers : "");
@ -1019,6 +1032,20 @@ static void send403(ws_ctx_t *ws_ctx, const char * const origip, const char * co
weblog(403, wsthread_handler_id, 0, origip, ip, "-", 1, "-", strlen(buf));
}
static void send400(ws_ctx_t *ws_ctx, const char * const origip, const char * const ip,
const char *info) {
char buf[4096];
sprintf(buf, "HTTP/1.1 400 Bad Request\r\n"
"Server: KasmVNC/4.0\r\n"
"Connection: close\r\n"
"Content-type: text/plain\r\n"
"%s"
"\r\n"
"400 Bad Request%s", extra_headers ? extra_headers : "", info);
ws_send(ws_ctx, buf, strlen(buf));
weblog(400, wsthread_handler_id, 0, origip, ip, "-", 1, "-", strlen(buf));
}
static uint8_t ownerapi_post(ws_ctx_t *ws_ctx, const char *in, const char * const user,
const char * const ip, const char * const origip) {
char buf[4096], path[4096];
@ -1612,6 +1639,103 @@ static uint8_t ownerapi(ws_ctx_t *ws_ctx, const char *in, const char * const use
ws_send(ws_ctx, buf, strlen(buf));
weblog(200, wsthread_handler_id, 0, origip, ip, user, 1, origpath, strlen(buf));
ret = 1;
} else entry("/api/downloads") {
char subpath[PATH_MAX] = "", startpath[PATH_MAX] = "~/Downloads", allpath[PATH_MAX];
param = parse_get(args, "path", &len);
if (len) {
memcpy(buf, param, len);
buf[len] = '\0';
percent_decode(buf, subpath, 0);
if (strstr(subpath, "../")) {
handler_msg("Attempted directory traversal in /api/downloads\n");
goto nope;
}
}
wordexp_t wexp;
if (!wordexp(startpath, &wexp, WRDE_NOCMD))
strcpy(startpath, wexp.we_wordv[0]);
else
goto nope;
wordfree(&wexp);
snprintf(allpath, PATH_MAX, "%s/%s", startpath, subpath);
allpath[PATH_MAX - 1] = '\0';
DIR *dir = opendir(allpath);
if (!dir) {
handler_msg("Requested dir does not exist\n");
goto nope;
}
sprintf(buf, "HTTP/1.1 200 OK\r\n"
"Server: KasmVNC/4.0\r\n"
"Connection: close\r\n"
"Content-type: text/json\r\n"
"%s"
"\r\n", extra_headers ? extra_headers : "");
ws_send(ws_ctx, buf, strlen(buf));
len = 15;
ws_send(ws_ctx, "{ \"files\": [\n", 13);
struct dirent *ent;
unsigned char sent = 0;
while ((ent = readdir(dir))) {
if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, ".."))
continue;
sprintf(path, "%s/%s", allpath, ent->d_name);
struct stat st;
if (lstat(path, &st))
continue;
char own[LOGIN_NAME_MAX], grp[LOGIN_NAME_MAX], perms[32];
sprintf(perms, "%03o", st.st_mode & 0777);
struct passwd pwdt, *pwdptr;
if (getpwuid_r(st.st_uid, &pwdt, buf, sizeof(buf), &pwdptr)) {
sprintf(own, "(unknown uid %u)", st.st_uid);
} else {
strcpy(own, pwdt.pw_name);
}
struct group grpt, *grpptr;
if (getgrgid_r(st.st_gid, &grpt, buf, sizeof(buf), &grpptr)) {
sprintf(grp, "(unknown gid %u)", st.st_gid);
} else {
strcpy(grp, grpt.gr_name);
}
sprintf(buf, "%s{ \"filename\": \"%s\", "
"\"date_modified\": %lu, "
"\"date_created\": %lu, "
"\"is_dir\": %s, "
"\"size\": %lu, "
"\"owner\": \"%s\", "
"\"group\": \"%s\", "
"\"perms\": \"%s\" }",
sent ? ",\n" : "",
ent->d_name,
st.st_mtime,
st.st_ctime,
S_ISDIR(st.st_mode) ? "true" : "false",
S_ISDIR(st.st_mode) ? 0 : st.st_size,
own,
grp,
perms);
sent = 1;
ws_send(ws_ctx, buf, strlen(buf));
len += strlen(buf);
}
ws_send(ws_ctx, "]}", 2);
closedir(dir);
weblog(200, wsthread_handler_id, 0, origip, ip, user, 1, origpath, len);
ret = 1;
}
@ -1645,7 +1769,7 @@ timeout:
}
ws_ctx_t *do_handshake(int sock, char * const ip) {
char handshake[4096], response[4096], sha1[29], trailer[17];
char handshake[16 * 1024], response[4096], sha1[29], trailer[17];
char *scheme, *pre;
headers_t *headers;
int len, i, offset;
@ -1702,6 +1826,7 @@ ws_ctx_t *do_handshake(int sock, char * const ip) {
break;
} else if (sizeof(handshake) <= (size_t)(offset + 1)) {
handler_emsg("Oversized handshake\n");
send400(ws_ctx, "-", ip, ", too large");
free_ws_ctx(ws_ctx);
return NULL;
} else if (9 == i) {
@ -1756,7 +1881,7 @@ ws_ctx_t *do_handshake(int sock, char * const ip) {
}
unsigned char owner = 0;
char inuser[32] = "-";
char inuser[USERNAME_LEN] = "-";
if (!settings.disablebasicauth) {
const char *hdr = strstr(handshake, "Authorization: Basic ");
if (!hdr) {
@ -1794,7 +1919,7 @@ ws_ctx_t *do_handshake(int sock, char * const ip) {
if (resppw && *resppw)
resppw++;
if (settings.passwdfile) {
if (resppw && *resppw && resppw - response < 32) {
if (resppw && *resppw && resppw - response < USERNAME_LEN + 1) {
char pwbuf[4096];
struct kasmpasswd_t *set = readkasmpasswd(settings.passwdfile);
if (!set->num) {

3
common/network/websocket.h
Unescape Escape View File

@ -2,6 +2,7 @@
#include <stdint.h>
#include "GetAPIEnums.h"
#include "datelog.h"
#include "kasmpasswd.h"
#define BUFSIZE 65536
#define DBUFSIZE (BUFSIZE * 3) / 4 - 20
@ -57,7 +58,7 @@ typedef struct {
char *tin_buf;
char *tout_buf;
char user[32];
char user[USERNAME_LEN];
char ip[64];
} ws_ctx_t;

3
common/rfb/Blacklist.cxx
Unescape Escape View File

@ -42,6 +42,9 @@ Blacklist::~Blacklist() {
}
bool Blacklist::isBlackmarked(const char* name) {
if (!threshold)
return false;
BlacklistMap::iterator i = blm.find(name);
if (i == blm.end()) {
// Entry is not already black-marked.

139
common/rfb/ConnParams.cxx
Unescape Escape View File

@ -24,6 +24,7 @@
#include <rfb/Exception.h>
#include <rfb/encodings.h>
#include <rfb/ledStates.h>
#include <rfb/LogWriter.h>
#include <rfb/clipboardTypes.h>
#include <rfb/ConnParams.h>
#include <rfb/ServerCore.h>
@ -32,6 +33,19 @@
using namespace rfb;
static LogWriter vlog("CP");
static void clientparlog(const char name[], const bool applied) {
vlog.debug("Client sent config param %s, %s",
name,
applied ? "applied" : "ignored due to -IgnoreClientSettingsKasm/lacking perms");
}
static void clientparlog(const char name[], int val, const bool applied) {
vlog.debug("Client sent config param %s %d, %s",
name, val,
applied ? "applied" : "ignored due to -IgnoreClientSettingsKasm/lacking perms");
}
ConnParams::ConnParams()
: majorVersion(0), minorVersion(0),
width(0), height(0), useCopyRect(false),
@ -147,54 +161,71 @@ void ConnParams::setEncodings(int nEncodings, const rdr::S32* encodings)
switch (encodings[i]) {
case encodingCopyRect:
useCopyRect = true;
clientparlog("copyrect", true);
break;
case pseudoEncodingCursor:
supportsLocalCursor = true;
clientparlog("cursor", true);
break;
case pseudoEncodingXCursor:
supportsLocalXCursor = true;
clientparlog("xcursor", true);
break;
case pseudoEncodingCursorWithAlpha:
supportsLocalCursorWithAlpha = true;
clientparlog("cursorWithAlpha", true);
break;
case pseudoEncodingVMwareCursor:
supportsVMWareCursor = true;
clientparlog("vmwareCursor", true);
break;
case pseudoEncodingDesktopSize:
supportsDesktopResize = true;
clientparlog("desktopSize", true);
break;
case pseudoEncodingExtendedDesktopSize:
supportsExtendedDesktopSize = true;
clientparlog("extendedDesktopSize", true);
break;
case pseudoEncodingVMwareCursorPosition:
supportsCursorPosition = true;
clientparlog("vmwareCursorPosition", true);
break;
case pseudoEncodingDesktopName:
supportsDesktopRename = true;
clientparlog("desktopRename", true);
break;
case pseudoEncodingLastRect:
supportsLastRect = true;
clientparlog("lastRect", true);
break;
case pseudoEncodingLEDState:
supportsLEDState = true;
clientparlog("ledState", true);
break;
case pseudoEncodingQEMUKeyEvent:
supportsQEMUKeyEvent = true;
clientparlog("qemuKeyEvent", true);
break;
case pseudoEncodingWEBP:
supportsWEBP = true;
clientparlog("webp", true);
break;
case pseudoEncodingQOI:
supportsQOI = true;
clientparlog("qoi", true);
break;
case pseudoEncodingFence:
supportsFence = true;
clientparlog("fence", true);
break;
case pseudoEncodingContinuousUpdates:
supportsContinuousUpdates = true;
clientparlog("continuousUpdates", true);
break;
case pseudoEncodingExtendedClipboard:
supportsExtendedClipboard = true;
clientparlog("extendedClipboard", true);
break;
case pseudoEncodingSubsamp1X:
subsampling = subsampleNone;
@ -215,8 +246,12 @@ void ConnParams::setEncodings(int nEncodings, const rdr::S32* encodings)
subsampling = subsample16X;
break;
case pseudoEncodingPreferBandwidth:
if (!rfb::Server::ignoreClientSettingsKasm && canChangeSettings)
if (!rfb::Server::ignoreClientSettingsKasm && canChangeSettings) {
Server::preferBandwidth.setParam(true);
clientparlog("preferBandwidth", true);
} else {
clientparlog("preferBandwidth", false);
}
break;
case pseudoEncodingMaxVideoResolution:
if (!rfb::Server::ignoreClientSettingsKasm && canChangeSettings)
@ -225,57 +260,133 @@ void ConnParams::setEncodings(int nEncodings, const rdr::S32* encodings)
}
if (encodings[i] >= pseudoEncodingCompressLevel0 &&
encodings[i] <= pseudoEncodingCompressLevel9)
encodings[i] <= pseudoEncodingCompressLevel9) {
compressLevel = encodings[i] - pseudoEncodingCompressLevel0;
clientparlog("compressLevel", compressLevel, true);
}
if (encodings[i] >= pseudoEncodingQualityLevel0 &&
encodings[i] <= pseudoEncodingQualityLevel9)
encodings[i] <= pseudoEncodingQualityLevel9) {
qualityLevel = encodings[i] - pseudoEncodingQualityLevel0;
clientparlog("qualityLevel", qualityLevel, true);
}
if (encodings[i] >= pseudoEncodingFineQualityLevel0 &&
encodings[i] <= pseudoEncodingFineQualityLevel100)
encodings[i] <= pseudoEncodingFineQualityLevel100) {
fineQualityLevel = encodings[i] - pseudoEncodingFineQualityLevel0;
clientparlog("fineQualityLevel", fineQualityLevel, true);
}
if (!rfb::Server::ignoreClientSettingsKasm && canChangeSettings) {
if (encodings[i] >= pseudoEncodingJpegVideoQualityLevel0 &&
encodings[i] <= pseudoEncodingJpegVideoQualityLevel9)
encodings[i] <= pseudoEncodingJpegVideoQualityLevel9) {
Server::jpegVideoQuality.setParam(encodings[i] - pseudoEncodingJpegVideoQualityLevel0);
clientparlog("jpegVideoQuality", encodings[i] - pseudoEncodingJpegVideoQualityLevel0, true);
}
if (encodings[i] >= pseudoEncodingWebpVideoQualityLevel0 &&
encodings[i] <= pseudoEncodingWebpVideoQualityLevel9)
encodings[i] <= pseudoEncodingWebpVideoQualityLevel9) {
Server::webpVideoQuality.setParam(encodings[i] - pseudoEncodingWebpVideoQualityLevel0);
clientparlog("webpVideoQuality", encodings[i] - pseudoEncodingWebpVideoQualityLevel0, true);
}
if (encodings[i] >= pseudoEncodingTreatLosslessLevel0 &&
encodings[i] <= pseudoEncodingTreatLosslessLevel10)
encodings[i] <= pseudoEncodingTreatLosslessLevel10) {
Server::treatLossless.setParam(encodings[i] - pseudoEncodingTreatLosslessLevel0);
clientparlog("treatLossless", encodings[i] - pseudoEncodingTreatLosslessLevel0, true);
}
if (encodings[i] >= pseudoEncodingDynamicQualityMinLevel0 &&
encodings[i] <= pseudoEncodingDynamicQualityMinLevel9)
encodings[i] <= pseudoEncodingDynamicQualityMinLevel9) {
Server::dynamicQualityMin.setParam(encodings[i] - pseudoEncodingDynamicQualityMinLevel0);
clientparlog("dynamicQualityMin", encodings[i] - pseudoEncodingDynamicQualityMinLevel0, true);
}
if (encodings[i] >= pseudoEncodingDynamicQualityMaxLevel0 &&
encodings[i] <= pseudoEncodingDynamicQualityMaxLevel9)
encodings[i] <= pseudoEncodingDynamicQualityMaxLevel9) {
Server::dynamicQualityMax.setParam(encodings[i] - pseudoEncodingDynamicQualityMaxLevel0);
clientparlog("dynamicQualityMax", encodings[i] - pseudoEncodingDynamicQualityMaxLevel0, true);
}
if (encodings[i] >= pseudoEncodingVideoAreaLevel1 &&
encodings[i] <= pseudoEncodingVideoAreaLevel100)
encodings[i] <= pseudoEncodingVideoAreaLevel100) {
Server::videoArea.setParam(encodings[i] - pseudoEncodingVideoAreaLevel1 + 1);
clientparlog("videoArea", encodings[i] - pseudoEncodingVideoAreaLevel1 + 1, true);
}
if (encodings[i] >= pseudoEncodingVideoTimeLevel0 &&
encodings[i] <= pseudoEncodingVideoTimeLevel100)
encodings[i] <= pseudoEncodingVideoTimeLevel100) {
Server::videoTime.setParam(encodings[i] - pseudoEncodingVideoTimeLevel0);
clientparlog("videoTime", encodings[i] - pseudoEncodingVideoTimeLevel0, true);
}
if (encodings[i] >= pseudoEncodingVideoOutTimeLevel1 &&
encodings[i] <= pseudoEncodingVideoOutTimeLevel100)
encodings[i] <= pseudoEncodingVideoOutTimeLevel100) {
Server::videoOutTime.setParam(encodings[i] - pseudoEncodingVideoOutTimeLevel1 + 1);
clientparlog("videoOutTime", encodings[i] - pseudoEncodingVideoOutTimeLevel1 + 1, true);
}
if (encodings[i] >= pseudoEncodingFrameRateLevel10 &&
encodings[i] <= pseudoEncodingFrameRateLevel60)
encodings[i] <= pseudoEncodingFrameRateLevel60) {
Server::frameRate.setParam(encodings[i] - pseudoEncodingFrameRateLevel10 + 10);
clientparlog("frameRate", encodings[i] - pseudoEncodingFrameRateLevel10 + 10, true);
}
if (encodings[i] >= pseudoEncodingVideoScalingLevel0 &&
encodings[i] <= pseudoEncodingVideoScalingLevel9)
encodings[i] <= pseudoEncodingVideoScalingLevel9) {
Server::videoScaling.setParam(encodings[i] - pseudoEncodingVideoScalingLevel0);
clientparlog("videoScaling", encodings[i] - pseudoEncodingVideoScalingLevel0, true);
}
} else {
if (encodings[i] >= pseudoEncodingJpegVideoQualityLevel0 &&
encodings[i] <= pseudoEncodingJpegVideoQualityLevel9) {
clientparlog("jpegVideoQuality", encodings[i] - pseudoEncodingJpegVideoQualityLevel0, false);
}
if (encodings[i] >= pseudoEncodingWebpVideoQualityLevel0 &&
encodings[i] <= pseudoEncodingWebpVideoQualityLevel9) {
clientparlog("webpVideoQuality", encodings[i] - pseudoEncodingWebpVideoQualityLevel0, false);
}
if (encodings[i] >= pseudoEncodingTreatLosslessLevel0 &&
encodings[i] <= pseudoEncodingTreatLosslessLevel10) {
clientparlog("treatLossless", encodings[i] - pseudoEncodingTreatLosslessLevel0, false);
}
if (encodings[i] >= pseudoEncodingDynamicQualityMinLevel0 &&
encodings[i] <= pseudoEncodingDynamicQualityMinLevel9) {
clientparlog("dynamicQualityMin", encodings[i] - pseudoEncodingDynamicQualityMinLevel0, false);
}
if (encodings[i] >= pseudoEncodingDynamicQualityMaxLevel0 &&
encodings[i] <= pseudoEncodingDynamicQualityMaxLevel9) {
clientparlog("dynamicQualityMax", encodings[i] - pseudoEncodingDynamicQualityMaxLevel0, false);
}
if (encodings[i] >= pseudoEncodingVideoAreaLevel1 &&
encodings[i] <= pseudoEncodingVideoAreaLevel100) {
clientparlog("videoArea", encodings[i] - pseudoEncodingVideoAreaLevel1 + 1, false);
}
if (encodings[i] >= pseudoEncodingVideoTimeLevel0 &&
encodings[i] <= pseudoEncodingVideoTimeLevel100) {
clientparlog("videoTime", encodings[i] - pseudoEncodingVideoTimeLevel0, false);
}
if (encodings[i] >= pseudoEncodingVideoOutTimeLevel1 &&
encodings[i] <= pseudoEncodingVideoOutTimeLevel100) {
clientparlog("videoOutTime", encodings[i] - pseudoEncodingVideoOutTimeLevel1 + 1, false);
}
if (encodings[i] >= pseudoEncodingFrameRateLevel10 &&
encodings[i] <= pseudoEncodingFrameRateLevel60) {
clientparlog("frameRate", encodings[i] - pseudoEncodingFrameRateLevel10 + 10, false);
}
if (encodings[i] >= pseudoEncodingVideoScalingLevel0 &&
encodings[i] <= pseudoEncodingVideoScalingLevel9) {
clientparlog("videoScaling", encodings[i] - pseudoEncodingVideoScalingLevel0, false);
}
}
if (encodings[i] > 0)

8
common/rfb/EncodeManager.cxx
Unescape Escape View File

@ -363,6 +363,9 @@ void EncodeManager::doUpdate(bool allowLossy, const Region& changed_,
unsigned screenArea;
updates++;
if (conn->cp.supportsUdp)
((network::UdpStream *) conn->getOutStream(conn->cp.supportsUdp))->setFrameNumber(updates);
// The video resolution may have changed, check it
if (conn->cp.kasmPassed[ConnParams::KASM_MAX_VIDEO_RESOLUTION])
@ -420,9 +423,6 @@ void EncodeManager::doUpdate(bool allowLossy, const Region& changed_,
nRects++;
}
if (watermarkData)
packWatermark(changed);
conn->writer()->writeFramebufferUpdateStart(nRects);
writeCopyRects(copied, copyDelta);
@ -440,7 +440,7 @@ void EncodeManager::doUpdate(bool allowLossy, const Region& changed_,
if (!videoDetected) // In case detection happened between the calls
writeRects(cursorRegion, renderedCursor);
if (watermarkData) {
if (watermarkData && conn->sendWatermark()) {
beforeLength = conn->getOutStream(conn->cp.supportsUdp)->length();
const Rect rect(0, 0, pb->width(), pb->height());

4
common/rfb/SConnection.h
Unescape Escape View File

@ -198,6 +198,10 @@ namespace rfb {
std::vector<unsigned char> data;
};
virtual bool sendWatermark() const {
return false;
}
protected:
void setState(stateEnum s) { state_ = s; }

3
common/rfb/SDesktop.h
Unescape Escape View File

@ -88,6 +88,9 @@ namespace rfb {
virtual void clearLocalClipboards() {}
virtual void receivedUnixRelayData(const char name[], const unsigned char *buf,
const unsigned len) {}
protected:
virtual ~SDesktop() {}
};

3
common/rfb/SMsgHandler.h
Unescape Escape View File

@ -98,6 +98,9 @@ namespace rfb {
virtual void udpUpgrade(const char *resp) = 0;
virtual void udpDowngrade(const bool) = 0;
virtual void subscribeUnixRelay(const char *name) = 0;
virtual void unixRelay(const char *name, const rdr::U8 *buf, const unsigned len) = 0;
ConnParams cp;
};
}

48
common/rfb/SMsgReader.cxx
Unescape Escape View File

@ -100,6 +100,12 @@ void SMsgReader::readMsg()
case msgTypeUpgradeToUdp:
readUpgradeToUdp();
break;
case msgTypeSubscribeUnixRelay:
readSubscribeUnixRelay();
break;
case msgTypeUnixRelay:
readUnixRelay();
break;
default:
fprintf(stderr, "unknown message type %d\n", msgType);
throw Exception("unknown message type");
@ -165,6 +171,9 @@ void SMsgReader::readSetMaxVideoResolution()
if (!rfb::Server::ignoreClientSettingsKasm && handler->canChangeKasmSettings()) {
sprintf(tmp, "%ux%u", width, height);
rfb::Server::maxVideoResolution.setParam(tmp);
vlog.debug("Client sent config param maxVideoResolution %ux%u, applied", width, height);
} else {
vlog.debug("Client sent config param maxVideoResolution %ux%u, ignored due to -IgnoreClientSettingsKasm/lacking perms", width, height);
}
}
@ -357,3 +366,42 @@ void SMsgReader::readUpgradeToUdp()
handler->udpUpgrade(resp);
}
void SMsgReader::readSubscribeUnixRelay()
{
const rdr::U8 namelen = is->readU8();
char name[64];
if (namelen >= sizeof(name)) {
vlog.error("Ignoring subscribe with too large name");
is->skip(namelen);
return;
}
is->readBytes(name, namelen);
name[namelen] = '\0';
handler->subscribeUnixRelay(name);
}
void SMsgReader::readUnixRelay()
{
const rdr::U8 namelen = is->readU8();
char name[64];
if (namelen >= sizeof(name)) {
vlog.error("Ignoring relay packet with too large name");
is->skip(namelen);
return;
}
is->readBytes(name, namelen);
name[namelen] = '\0';
const rdr::U32 len = is->readU32();
rdr::U8 buf[1024 * 1024];
if (len >= sizeof(buf)) {
vlog.error("Ignoring relay packet with too large data");
is->skip(len);
return ;
}
is->readBytes(buf, len);
handler->unixRelay(name, buf, len);
}

3
common/rfb/SMsgReader.h
Unescape Escape View File

@ -65,6 +65,9 @@ namespace rfb {
void readUpgradeToUdp();
void readSubscribeUnixRelay();
void readUnixRelay();
SMsgHandler* handler;
rdr::InStream* is;
};

33
common/rfb/SMsgWriter.cxx
Unescape Escape View File

@ -39,7 +39,7 @@ static LogWriter vlog("SMsgWriter");
SMsgWriter::SMsgWriter(ConnParams* cp_, rdr::OutStream* os_, rdr::OutStream* udps_)
: cp(cp_), os(os_), udps(udps_),
nRectsInUpdate(0), nRectsInHeader(0),
nRectsInUpdate(0), dataRectsInUpdate(0), nRectsInHeader(0),
needSetDesktopSize(false), needExtendedDesktopSize(false),
needSetDesktopName(false), needSetCursor(false),
needSetXCursor(false), needSetCursorWithAlpha(false),
@ -340,7 +340,7 @@ void SMsgWriter::writeFramebufferUpdateStart(int nRects)
os->writeU16(nRects);
nRectsInUpdate = 0;
nRectsInUpdate = dataRectsInUpdate = 0;
if (nRects == 0xFFFF)
nRectsInHeader = 0;
else
@ -365,7 +365,7 @@ void SMsgWriter::writeFramebufferUpdateEnd()
// Send an UDP flip marker, if needed
if (cp->supportsUdp) {
udps->writeS16(0);
udps->writeS16(dataRectsInUpdate);
udps->writeS16(0);
udps->writeU16(0);
udps->writeU16(0);
@ -394,6 +394,7 @@ void SMsgWriter::startRect(const Rect& r, int encoding)
{
if (++nRectsInUpdate > nRectsInHeader && nRectsInHeader)
throw Exception("SMsgWriter::startRect: nRects out of sync");
++dataRectsInUpdate;
if (cp->supportsUdp) {
udps->writeS16(r.tl.x);
@ -749,3 +750,29 @@ void SMsgWriter::writeUdpUpgrade(const char *resp)
endMsg();
}
void SMsgWriter::writeSubscribeUnixRelay(const bool success, const char *msg)
{
startMsg(msgTypeSubscribeUnixRelay);
const rdr::U8 len = strlen(msg);
os->writeU8(success);
os->writeU8(len);
os->writeBytes(msg, len);
endMsg();
}
void SMsgWriter::writeUnixRelay(const char *name, const rdr::U8 *buf, const unsigned len)
{
startMsg(msgTypeUnixRelay);
const rdr::U8 namelen = strlen(name);
os->writeU8(namelen);
os->writeBytes(name, namelen);
os->writeU32(len);
os->writeBytes(buf, len);
endMsg();
}

4
common/rfb/SMsgWriter.h
Unescape Escape View File

@ -129,6 +129,9 @@ namespace rfb {
void writeUdpUpgrade(const char *resp);
void writeSubscribeUnixRelay(const bool success, const char *msg);
void writeUnixRelay(const char *name, const rdr::U8 *buf, const unsigned len);
protected:
void startMsg(int type);
void endMsg();
@ -162,6 +165,7 @@ namespace rfb {
rdr::OutStream* udps;
int nRectsInUpdate;
int dataRectsInUpdate;
int nRectsInHeader;
bool needSetDesktopSize;

24
common/rfb/ServerCore.cxx
Unescape Escape View File

@ -189,6 +189,22 @@ rfb::IntParameter rfb::Server::DLP_WatermarkRepeatSpace
("DLP_WatermarkRepeatSpace",
"Number of pixels between repeats of the watermark",
0, 0, 4096);
rfb::IntParameter rfb::Server::DLP_WatermarkFontSize
("DLP_WatermarkFontSize",
"Font size for -DLP_WatermarkText",
48, 8, 256);
rfb::IntParameter rfb::Server::DLP_WatermarkTimeOffset
("DLP_WatermarkTimeOffset",
"Offset from UTC for -DLP_WatermarkText",
0, -24, 24);
rfb::IntParameter rfb::Server::DLP_WatermarkTimeOffsetMinutes
("DLP_WatermarkTimeOffsetMinutes",
"Offset from UTC for -DLP_WatermarkText, minutes",
0, -24 * 60, 24 * 60);
rfb::IntParameter rfb::Server::DLP_WatermarkTextAngle
("DLP_WatermarkTextAngle",
"Angle for -DLP_WatermarkText rotation",
0, -359, 359);
rfb::StringParameter rfb::Server::DLP_WatermarkImage
("DLP_WatermarkImage",
"PNG file to use as a watermark",
@ -201,6 +217,14 @@ rfb::StringParameter rfb::Server::DLP_WatermarkTint
("DLP_WatermarkTint",
"Tint the greyscale watermark by this color.",
"255,255,255,255");
rfb::StringParameter rfb::Server::DLP_WatermarkText
("DLP_WatermarkText",
"Use this text instead of an image for the watermark, with strftime time formatting",
"");
rfb::StringParameter rfb::Server::DLP_WatermarkFont
("DLP_WatermarkFont",
"Use this font for -DLP_WatermarkText instead of the bundled one",
"");
rfb::StringParameter rfb::Server::maxVideoResolution
("MaxVideoResolution",

6
common/rfb/ServerCore.h
Unescape Escape View File

@ -49,12 +49,18 @@ namespace rfb {
static IntParameter DLP_ClipDelay;
static IntParameter DLP_KeyRateLimit;
static IntParameter DLP_WatermarkRepeatSpace;
static IntParameter DLP_WatermarkFontSize;
static IntParameter DLP_WatermarkTimeOffset;
static IntParameter DLP_WatermarkTimeOffsetMinutes;
static IntParameter DLP_WatermarkTextAngle;
static StringParameter DLP_ClipLog;
static StringParameter DLP_Region;
static StringParameter DLP_Clip_Types;
static StringParameter DLP_WatermarkImage;
static StringParameter DLP_WatermarkLocation;
static StringParameter DLP_WatermarkTint;
static StringParameter DLP_WatermarkText;
static StringParameter DLP_WatermarkFont;
static BoolParameter DLP_RegionAllowClick;
static BoolParameter DLP_RegionAllowRelease;
static IntParameter jpegVideoQuality;

75
common/rfb/VNCSConnectionST.cxx
Unescape Escape View File

@ -51,6 +51,8 @@ static Cursor emptyCursor(0, 0, Point(0, 0), NULL);
extern rfb::BoolParameter disablebasicauth;
extern "C" char unixrelaynames[MAX_UNIX_RELAYS][MAX_UNIX_RELAY_NAME_LEN];
VNCSConnectionST::VNCSConnectionST(VNCServerST* server_, network::Socket *s,
bool reverse)
: upgradingToUdp(false), sock(s), reverseConnection(reverse),
@ -73,6 +75,10 @@ VNCSConnectionST::VNCSConnectionST(VNCServerST* server_, network::Socket *s,
memset(bstats_total, 0, sizeof(bstats_total));
gettimeofday(&connStart, NULL);
unsigned i;
for (i = 0; i < MAX_UNIX_RELAYS; i++)
unixRelaySubscriptions[i][0] = '\0';
// Check their permissions, if applicable
kasmpasswdpath[0] = '\0';
wordexp_t wexp;
@ -82,8 +88,8 @@ VNCSConnectionST::VNCSConnectionST(VNCServerST* server_, network::Socket *s,
wordfree(&wexp);
user[0] = '\0';
const char *at = strchr(peerEndpoint.buf, '@');
if (at && at - peerEndpoint.buf > 1 && at - peerEndpoint.buf < 32) {
const char *at = strrchr(peerEndpoint.buf, '@');
if (at && at - peerEndpoint.buf > 1 && at - peerEndpoint.buf < USERNAME_LEN) {
memcpy(user, peerEndpoint.buf, at - peerEndpoint.buf);
user[at - peerEndpoint.buf] = '\0';
}
@ -991,8 +997,8 @@ void VNCSConnectionST::setDesktopSize(int fb_width, int fb_height,
{
unsigned int result;
if (!(accessRights & AccessSetDesktopSize)) return;
if (!rfb::Server::acceptSetDesktopSize) return;
if (!(accessRights & AccessSetDesktopSize)) goto justnotify;
if (!rfb::Server::acceptSetDesktopSize) goto justnotify;
// Don't bother the desktop with an invalid configuration
if (!layout.validate(fb_width, fb_height)) {
@ -1015,6 +1021,14 @@ void VNCSConnectionST::setDesktopSize(int fb_width, int fb_height,
throw Exception("Desktop configured a different screen layout than requested");
server->notifyScreenLayoutChange(this);
}
return;
justnotify:
writer()->writeExtendedDesktopSize(reasonClient, resultProhibited,
server->pb->getRect().width(),
server->pb->getRect().height(),
server->screenLayout);
}
void VNCSConnectionST::fence(rdr::U32 flags, unsigned len, const char data[])
@ -1629,7 +1643,7 @@ void VNCSConnectionST::sendStats(const bool toClient) {
void VNCSConnectionST::handleFrameStats(rdr::U32 all, rdr::U32 render)
{
if (server->apimessager) {
const char *at = strchr(peerEndpoint.buf, '@');
const char *at = strrchr(peerEndpoint.buf, '@');
if (!at)
at = peerEndpoint.buf;
else
@ -1789,3 +1803,54 @@ void VNCSConnectionST::udpDowngrade(const bool byServer)
vlog.info("Client %s downgrading from udp by %s", sock->getPeerAddress(),
byServer ? "the server" : "its own request");
}
void VNCSConnectionST::subscribeUnixRelay(const char *name)
{
bool read, write, owner;
if (!getPerms(read, write, owner) || !write) {
// Need write permissions to subscribe
writer()->writeSubscribeUnixRelay(false, "No permissions");
vlog.info("Client tried to subscribe to unix channel %s without permissions", name);
return;
}
unsigned i;
bool found = false;
for (i = 0; i < MAX_UNIX_RELAYS; i++) {
if (!strcmp(name, unixrelaynames[i])) {
found = true;
break;
}
}
if (!found) {
writer()->writeSubscribeUnixRelay(false, "No such unix channel");
vlog.info("Client tried to subscribe to nonexistent unix channel %s", name);
return;
}
writer()->writeSubscribeUnixRelay(true, "Ok");
for (i = 0; i < MAX_UNIX_RELAYS; i++) {
if (!unixRelaySubscriptions[i][0]) {
strcpy(unixRelaySubscriptions[i], name);
break;
}
}
}
void VNCSConnectionST::unixRelay(const char *name, const rdr::U8 *buf, const unsigned len)
{
unsigned i;
for (i = 0; i < MAX_UNIX_RELAYS; i++) {
if (!strcmp(unixRelaySubscriptions[i], name)) {
server->desktop->receivedUnixRelayData(name, buf, len);
return;
}
}
}
void VNCSConnectionST::sendUnixRelayData(const char name[], const unsigned char *buf,
const unsigned len)
{
writer()->writeUnixRelay(name, buf, len);
}

25
common/rfb/VNCSConnectionST.h
Unescape Escape View File

@ -33,6 +33,9 @@
#include <rfb/EncodeManager.h>
#include <rfb/SConnection.h>
#include <rfb/Timer.h>
#include <rfb/unixRelayLimits.h>
#include "kasmpasswd.h"
namespace rfb {
class VNCServerST;
@ -200,6 +203,22 @@ namespace rfb {
bool upgradingToUdp;
bool isSubscribedToUnixRelay(const char *name) const {
unsigned i;
for (i = 0; i < MAX_UNIX_RELAYS; i++) {
if (!strcmp(unixRelaySubscriptions[i], name))
return true;
}
return false;
}
virtual void sendUnixRelayData(const char name[], const unsigned char *buf,
const unsigned len);
bool sendWatermark() const {
return server->sendWatermark;
}
private:
// SConnection callbacks
@ -222,6 +241,8 @@ namespace rfb {
virtual void handleClipboardAnnounce(bool available);
virtual void handleClipboardAnnounceBinary(const unsigned num, const char mimes[][32]);
virtual void udpUpgrade(const char *resp);
virtual void subscribeUnixRelay(const char *name);
virtual void unixRelay(const char *name, const rdr::U8 *buf, const unsigned len);
virtual void supportsLocalCursor();
virtual void supportsFence();
virtual void supportsContinuousUpdates();
@ -303,7 +324,7 @@ namespace rfb {
rdr::U64 bstats_total[BS_NUM];
struct timeval connStart;
char user[32];
char user[USERNAME_LEN];
char kasmpasswdpath[4096];
bool needsPermCheck;
@ -324,6 +345,8 @@ namespace rfb {
bool frameTracking;
uint32_t udpFramesSinceFull;
char unixRelaySubscriptions[MAX_UNIX_RELAYS][MAX_UNIX_RELAY_NAME_LEN];
bool complainedAboutNoViewRights;
};
}

29
common/rfb/VNCServerST.cxx
Unescape Escape View File

@ -135,7 +135,7 @@ VNCServerST::VNCServerST(const char* name_, SDesktop* desktop_)
queryConnectionHandler(0), keyRemapper(&KeyRemapper::defInstance),
lastConnectionTime(0), disableclients(false),
frameTimer(this), apimessager(NULL), trackingFrameStats(0),
clipboardId(0)
clipboardId(0), sendWatermark(false)
{
lastUserInputTime = lastDisconnectTime = time(0);
slog.debug("creating single-threaded server %s", name.buf);
@ -223,6 +223,9 @@ VNCServerST::VNCServerST(const char* name_, SDesktop* desktop_)
trackingClient[0] = 0;
if (watermarkData)
sendWatermark = true;
if (Server::selfBench)
SelfBench();
}
@ -279,6 +282,9 @@ void VNCServerST::addSocket(network::Socket* sock, bool outgoing)
VNCSConnectionST* client = new VNCSConnectionST(this, sock, outgoing);
client->init();
if (watermarkData)
sendWatermark = true;
}
void VNCServerST::removeSocket(network::Socket* sock) {
@ -814,7 +820,7 @@ static void upgradeClientToUdp(const network::GetAPIMessager::action_data &act,
inet_ntop(AF_INET, &act.udp.ip, buf, 32);
const char * const who = (*ci)->getPeerEndpoint();
const char *start = strchr(who, '@');
const char *start = strrchr(who, '@');
if (!start)
continue;
start++;
@ -974,6 +980,11 @@ void VNCServerST::writeUpdate()
blackOut();
}
if (watermarkData && Server::DLP_WatermarkText[0] && watermarkTextNeedsUpdate(true)) {
// The text may have changed
sendWatermark = true;
}
comparer->getUpdateInfo(&ui, pb->getRect());
toCheck = ui.changed.union_(ui.copied);
@ -1099,6 +1110,8 @@ void VNCServerST::writeUpdate()
}
}
sendWatermark = false; // the client now caches it, only send once
if (trackingFrameStats) {
if (enctime) {
const unsigned totalMs = msSince(&start);
@ -1248,3 +1261,15 @@ void VNCServerST::refreshClients()
(*i)->add_changed_all();
}
}
void VNCServerST::sendUnixRelayData(const char name[],
const unsigned char *buf, const unsigned len)
{
// For each client subscribed to this channel, send the data to them
std::list<VNCSConnectionST*>::iterator i;
for (i = clients.begin(); i != clients.end(); i++) {
if ((*i)->isSubscribedToUnixRelay(name)) {
(*i)->sendUnixRelayData(name, buf, len);
}
}
}

3
common/rfb/VNCServerST.h
Unescape Escape View File

@ -198,6 +198,7 @@ namespace rfb {
const char mimes[][32]);
void refreshClients();
void sendUnixRelayData(const char name[], const unsigned char *buf, const unsigned len);
protected:
@ -289,6 +290,8 @@ namespace rfb {
void checkAPIMessages(network::GetAPIMessager *apimessager,
rdr::U8 &trackingFrameStats, char trackingClient[]);
bool sendWatermark;
};
};

397
common/rfb/Watermark.cxx
Unescape Escape View File

@ -16,14 +16,20 @@
* USA.
*/
#include <math.h>
#include <png.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <zlib.h>
#include <rfb/LogWriter.h>
#include <rfb/ServerCore.h>
#include <rfb/VNCServerST.h>
#include "font.h"
#include <ft2build.h>
#include FT_FREETYPE_H
#include FT_GLYPH_H
#include "Watermark.h"
@ -36,6 +42,10 @@ watermarkInfo_t watermarkInfo;
uint8_t *watermarkData, *watermarkUnpacked, *watermarkTmp;
uint32_t watermarkDataLen;
static uint16_t rw, rh;
static time_t lastUpdate;
static FT_Library ft = NULL;
static FT_Face face;
#define MAXW 4096
#define MAXH 4096
@ -92,15 +102,313 @@ static bool loadimage(const char path[]) {
return true;
}
// Note: w and h are absolute
static void str(uint8_t *buf, const char *txt, const uint32_t x_, const uint32_t y_,
const uint32_t w, const uint32_t h,
const uint32_t stride) {
unsigned ucs[256], i, ucslen;
unsigned len = strlen(txt);
i = 0;
ucslen = 0;
while (len > 0 && txt[i]) {
size_t ret = rfb::utf8ToUCS4(&txt[i], len, &ucs[ucslen]);
i += ret;
len -= ret;
ucslen++;
}
uint32_t x, y;
x = x_;
y = y_;
for (i = 0; i < ucslen; i++) {
if (FT_Load_Char(face, ucs[i], FT_LOAD_RENDER))
continue;
const FT_Bitmap * const map = &(face->glyph->bitmap);
if (FT_HAS_KERNING(face) && i) {
FT_Vector delta;
FT_Get_Kerning(face, ucs[i - 1], ucs[i], ft_kerning_default, &delta);
x += delta.x >> 6;
}
uint32_t row, col;
for (row = 0; row < (uint32_t) map->rows; row++) {
int ny = row + y - face->glyph->bitmap_top;
if (ny < 0)
continue;
if ((unsigned) ny >= h)
continue;
uint8_t *dst = (uint8_t *) buf;
dst += ny * stride + x;
const uint8_t *src = map->buffer + map->pitch * row;
for (col = 0; col < (uint32_t) map->width; col++) {
if (col + x >= w)
continue;
const uint8_t out = (src[col] + 8) >> 4;
dst[col] = out < 16 ? out : 15;
}
}
x += face->glyph->advance.x >> 6;
}
}
static uint32_t drawnwidth(const char *txt) {
unsigned ucs[256], i, ucslen;
unsigned len = strlen(txt);
i = 0;
ucslen = 0;
while (len > 0 && txt[i]) {
size_t ret = rfb::utf8ToUCS4(&txt[i], len, &ucs[ucslen]);
i += ret;
len -= ret;
ucslen++;
}
uint32_t x;
x = 0;
for (i = 0; i < ucslen; i++) {
if (FT_Load_Char(face, ucs[i], FT_LOAD_DEFAULT))
continue;
if (FT_HAS_KERNING(face) && i) {
FT_Vector delta;
FT_Get_Kerning(face, ucs[i - 1], ucs[i], ft_kerning_default, &delta);
x += delta.x >> 6;
}
x += face->glyph->advance.x >> 6;
}
return x;
}
static void angle2mat(FT_Matrix &mat) {
const float angle = Server::DLP_WatermarkTextAngle / 360.f * 2 * -3.14159f;
mat.xx = (FT_Fixed)( cosf(angle) * 0x10000L);
mat.xy = (FT_Fixed)(-sinf(angle) * 0x10000L);
mat.yx = (FT_Fixed)( sinf(angle) * 0x10000L);
mat.yy = (FT_Fixed)( cosf(angle) * 0x10000L);
}
// Note: w and h are absolute
static void angledstr(uint8_t *buf, const char *txt, const uint32_t x_, const uint32_t y_,
const uint32_t w, const uint32_t h,
const uint32_t stride, const bool invx, const bool invy) {
unsigned ucs[256], i, ucslen;
unsigned len = strlen(txt);
i = 0;
ucslen = 0;
while (len > 0 && txt[i]) {
size_t ret = rfb::utf8ToUCS4(&txt[i], len, &ucs[ucslen]);
i += ret;
len -= ret;
ucslen++;
}
FT_Matrix mat;
FT_Vector pen;
angle2mat(mat);
pen.x = 0;
pen.y = 0;
uint32_t x, y;
x = x_;
y = y_;
for (i = 0; i < ucslen; i++) {
FT_Set_Transform(face, &mat, &pen);
if (FT_Load_Char(face, ucs[i], FT_LOAD_RENDER))
continue;
const FT_Bitmap * const map = &(face->glyph->bitmap);
uint32_t row, col;
for (row = 0; row < (uint32_t) map->rows; row++) {
int ny = row + y - face->glyph->bitmap_top;
if (ny < 0)
continue;
if ((unsigned) ny >= h)
continue;
uint8_t *dst = (uint8_t *) buf;
dst += ny * stride + x;
const uint8_t *src = map->buffer + map->pitch * row;
for (col = 0; col < (uint32_t) map->width; col++) {
if (col + x >= w)
continue;
const uint8_t out = (src[col] + 8) >> 4;
dst[col] |= out < 16 ? out : 15;
}
}
x += face->glyph->advance.x >> 6;
pen.x += face->glyph->advance.x;
pen.y += face->glyph->advance.y;
}
}
static void angledsize(const char *txt, uint32_t &w, uint32_t &h,
uint32_t &recw, uint32_t &recy,
bool &invx, bool &invy) {
unsigned ucs[256], i, ucslen;
unsigned len = strlen(txt);
i = 0;
ucslen = 0;
while (len > 0 && txt[i]) {
size_t ret = rfb::utf8ToUCS4(&txt[i], len, &ucs[ucslen]);
i += ret;
len -= ret;
ucslen++;
}
FT_Matrix mat;
FT_Vector pen;
angle2mat(mat);
pen.x = 0;
pen.y = 0;
FT_BBox firstbox, lastbox;
for (i = 0; i < ucslen; i++) {
FT_Set_Transform(face, &mat, &pen);
if (FT_Load_Char(face, ucs[i], FT_LOAD_DEFAULT))
continue;
if (i == 0) {
FT_Glyph glyph;
FT_Get_Glyph(face->glyph, &glyph);
FT_Glyph_Get_CBox(glyph, FT_GLYPH_BBOX_PIXELS, &firstbox);
FT_Done_Glyph(glyph);
// recommended y; if the angle is steep enough, use the X bearing
#define EDGE 22
const int angle = abs(Server::DLP_WatermarkTextAngle);
if ((angle > (45 + EDGE) && angle < (135 - EDGE)) ||
(angle > (225 + EDGE) && angle < (315 - EDGE)))
recy = face->glyph->metrics.horiBearingX >> 6;
else
recy = face->glyph->metrics.horiBearingY >> 6;
#undef EDGE
} else if (i == ucslen - 1) {
FT_Glyph glyph;
FT_Get_Glyph(face->glyph, &glyph);
FT_Glyph_Get_CBox(glyph, FT_GLYPH_BBOX_PIXELS, &lastbox);
FT_Done_Glyph(glyph);
}
if (i != ucslen - 1) {
pen.x += face->glyph->advance.x;
pen.y += face->glyph->advance.y;
}
}
// recommended width, used when X is inverted
recw = face->size->metrics.max_advance >> 6;
// The used area is an union of first box, last box, and their relative distance
invx = pen.x < 0;
invy = pen.y > 0;
w = (firstbox.xMax - firstbox.xMin) + (lastbox.xMax - lastbox.xMin) + abs(pen.x >> 6);
h = (firstbox.yMax - firstbox.yMin) + (lastbox.yMax - lastbox.yMin) + abs(pen.y >> 6);
}
static bool drawtext(const char fmt[], const int16_t utcOff, const char fontpath[],
const uint8_t fontsize) {
char buf[PATH_MAX];
if (!ft) {
if (FT_Init_FreeType(&ft))
abort();
if (fontpath[0]) {
if (FT_New_Face(ft, fontpath, 0, &face))
abort();
} else {
if (FT_New_Memory_Face(ft, font_otf, sizeof(font_otf), 0, &face))
abort();
}
FT_Set_Pixel_Sizes(face, fontsize, fontsize);
}
time_t now = lastUpdate = time(NULL);
now += utcOff * 60;
struct tm *tm = gmtime(&now);
size_t len = strftime(buf, PATH_MAX, fmt, tm);
if (!len)
return false;
free(watermarkInfo.src);
if (Server::DLP_WatermarkTextAngle) {
uint32_t w, h, recw, recy = fontsize;
bool invx, invy;
angledsize(buf, w, h, recw, recy, invx, invy);
// The max is because a rotated text with the time can change size.
// With the max op, at least it will only grow instead of bouncing.
w = __rfbmax(w, watermarkInfo.w);
h = __rfbmax(h, watermarkInfo.h);
watermarkInfo.w = w;
watermarkInfo.h = h;
watermarkInfo.src = (uint8_t *) calloc(w, h);
angledstr(watermarkInfo.src, buf,
invx ? w - recw: 0, invy ? h - recy : recy,
w, h, w, invx, invy);
} else {
const uint32_t h = fontsize + 4;
const uint32_t w = drawnwidth(buf);
watermarkInfo.w = w;
watermarkInfo.h = h;
watermarkInfo.src = (uint8_t *) calloc(w, h);
str(watermarkInfo.src, buf, 0, fontsize, w, h, w);
}
return true;
}
bool watermarkInit() {
memset(&watermarkInfo, 0, sizeof(watermarkInfo_t));
watermarkData = watermarkUnpacked = watermarkTmp = NULL;
rw = rh = 0;
if (!Server::DLP_WatermarkImage[0])
if (!Server::DLP_WatermarkImage[0] && !Server::DLP_WatermarkText[0])
return true;
if (!loadimage(Server::DLP_WatermarkImage))
if (Server::DLP_WatermarkImage[0] && Server::DLP_WatermarkText[0]) {
vlog.error("WatermarkImage and WatermarkText can't be used together");
return false;
}
if (Server::DLP_WatermarkImage[0] && !loadimage(Server::DLP_WatermarkImage))
return false;
if (Server::DLP_WatermarkText[0] &&
!drawtext(Server::DLP_WatermarkText,
Server::DLP_WatermarkTimeOffset * 60 + Server::DLP_WatermarkTimeOffsetMinutes,
Server::DLP_WatermarkFont, Server::DLP_WatermarkFontSize))
return false;
if (Server::DLP_WatermarkRepeatSpace && Server::DLP_WatermarkLocation[0]) {
@ -135,11 +443,48 @@ bool watermarkInit() {
return true;
}
static void packWatermark() {
// Take the expanded 4-bit data, filter it by the changed rects, pack
// to shared bytes, and compress with zlib
uint16_t x, y;
uint8_t pix[2], cur = 0;
uint8_t *dst = watermarkTmp;
for (y = 0; y < rh; y++) {
for (x = 0; x < rw; x++) {
pix[cur] = watermarkUnpacked[y * rw + x];
if (cur || (y == rh - 1 && x == rw - 1))
*dst++ = pix[0] | (pix[1] << 4);
cur ^= 1;
}
}
uLong destLen = MAXW * MAXH / 2;
if (compress2(watermarkData, &destLen, watermarkTmp, rw * rh / 2 + 1, 1) != Z_OK)
vlog.error("Zlib compression error");
watermarkDataLen = destLen;
}
// update the screen-size rendered watermark whenever the screen is resized
// or if using text, every frame
void VNCServerST::updateWatermark() {
if (rw == pb->width() &&
rh == pb->height())
rh == pb->height()) {
if (Server::DLP_WatermarkImage[0])
return;
if (!watermarkTextNeedsUpdate(false))
return;
}
if (Server::DLP_WatermarkText[0] && watermarkTextNeedsUpdate(false)) {
drawtext(Server::DLP_WatermarkText,
Server::DLP_WatermarkTimeOffset * 60 + Server::DLP_WatermarkTimeOffsetMinutes,
Server::DLP_WatermarkFont, Server::DLP_WatermarkFontSize);
}
rw = pb->width();
rh = pb->height();
@ -203,46 +548,20 @@ void VNCServerST::updateWatermark() {
rw - sx);
}
}
}
void packWatermark(const Region &changed) {
// Take the expanded 4-bit data, filter it by the changed rects, pack
// to shared bytes, and compress with zlib
uint16_t x, y;
uint8_t pix[2], cur = 0;
uint8_t *dst = watermarkTmp;
const Rect &bounding = changed.get_bounding_rect();
for (y = 0; y < rh; y++) {
// Is the entire line outside the changed area?
if (bounding.tl.y > y || bounding.br.y < y) {
for (x = 0; x < rw; x++) {
pix[cur] = 0;
if (cur || (y == rh - 1 && x == rw - 1))
*dst++ = pix[0] | (pix[1] << 4);
packWatermark();
cur ^= 1;
sendWatermark = true;
}
} else {
for (x = 0; x < rw; x++) {
pix[cur] = 0;
if (bounding.contains(Point(x, y)) && changed.contains(x, y))
pix[cur] = watermarkUnpacked[y * rw + x];
if (cur || (y == rh - 1 && x == rw - 1))
*dst++ = pix[0] | (pix[1] << 4);
cur ^= 1;
}
}
}
// Limit changes to once per second
bool watermarkTextNeedsUpdate(const bool early) {
static time_t now;
uLong destLen = MAXW * MAXH / 2;
if (compress2(watermarkData, &destLen, watermarkTmp, rw * rh / 2 + 1, 1) != Z_OK)
vlog.error("Zlib compression error");
// We're called a couple times per frame, only grab the
// time on the first time so it doesn't change inside a frame
if (early)
now = time(NULL);
watermarkDataLen = destLen;
return now != lastUpdate && strchr(Server::DLP_WatermarkText, '%');
}

2
common/rfb/Watermark.h
Unescape Escape View File

@ -35,7 +35,7 @@ struct watermarkInfo_t {
extern watermarkInfo_t watermarkInfo;
bool watermarkInit();
void packWatermark(const rfb::Region &changed); // filter and pack the watermark for sending
bool watermarkTextNeedsUpdate(const bool early);
extern uint8_t *watermarkData;
extern uint32_t watermarkDataLen;

3107
common/rfb/font.h
View File

File diff suppressed because it is too large Load Diff

4
common/rfb/msgTypes.h
Unescape Escape View File

@ -33,6 +33,8 @@ namespace rfb {
const int msgTypeRequestFrameStats = 179;
const int msgTypeBinaryClipboard = 180;
const int msgTypeUpgradeToUdp = 181;
const int msgTypeSubscribeUnixRelay = 182;
const int msgTypeUnixRelay = 183;
const int msgTypeServerFence = 248;
@ -54,6 +56,8 @@ namespace rfb {
// same as the other direction
//const int msgTypeBinaryClipboard = 180;
//const int msgTypeUpgradeToUdp = 181;
//const int msgTypeSubscribeUnixRelay = 182;
//const int msgTypeUnixRelay = 183;
const int msgTypeClientFence = 248;

7
common/rfb/unixRelayLimits.h
Unescape Escape View File

@ -0,0 +1,7 @@
#ifndef UNIX_RELAY_LIMITS_H
#define UNIX_RELAY_LIMITS_H
#define MAX_UNIX_RELAYS 4
#define MAX_UNIX_RELAY_NAME_LEN 64
#endif

52
debian/changelog vendored
Unescape Escape View File

@ -1,3 +1,55 @@
kasmvnc (1.3.3-1) unstable; urgency=medium
* Allow disabling IP blacklist
* Downloads API for detailed file downloads information
-- Kasm Technologies LLC <info@kasmweb.com> Fri, 25 Oct 2024 11:23:00 +0000
kasmvnc (1.3.2-1) unstable; urgency=medium
* Disable seamless clipboard on Firefox by default, due to the Firefox overlaying a Paste menu over the canvas.
* Fixed CVE-2024-38449, directory traversal bug in built-in web server.
* Allow for larger header sizes, up to 16k. Provide better logging and handling for requests that contain HTTP headers that are larger than the 16k limit.
* Fixed memory leak in kasmproxy.
* Fixed mime types of downloads to ensure the browser interprets them as downloads.
-- Kasm Technologies LLC <info@kasmweb.com> Tue, 24 Sep 2024 11:23:00 +0000
kasmvnc (1.3.1-1) unstable; urgency=medium
* Fix exception thrown on Firefox 124 and higher
* Fix artifacts on high resolution secondary screens
* Fixes for touch support on primary and secondary screens
* Fix for Oculus keyboard input
-- Kasm Technologies LLC <info@kasmweb.com> Mon, 12 Mar 2024 11:23:00 +0000
kasmvnc (1.3.0-1) unstable; urgency=medium
* Multi-monitor support.
* Increased performance with watermark enabled.
* Added support for Fedora 39 and Alpine 319.
* Allow special characters in usernames.
* Better logging of client settings when client connects or changes settings.
* Add support for rotation of text-based watermark.
-- Kasm Technologies LLC <info@kasmweb.com> Mon, 02 Feb 2024 14:33:00 +0000
kasmvnc (1.2.0-1) unstable; urgency=medium
* Add support for Unix relays for bidirectional communication between noVNC
and containerized applications.
* Text based watermark overlays with date and time support.
* New builds for Bookworm, Alpine 3.18, and Fedora 38.
* Multi-language support.
* Add support for rendering pixmaps via DRI3 GPU acceleration allowing
compositing and other 3d accelerated workloads in a KasmVNC session.
* Fix crash that can occur.
* Fixed tearing when compositing is enabled with DRI3 hardware acceleration.
* Fix stuck command key on MacOS clients.
-- Kasm Technologies LLC <info@kasmweb.com> Fri, 25 Aug 2023 05:23:19 +0000
kasmvnc (1.1.0-1) unstable; urgency=medium
* New upstream release.

2
debian/control vendored
Unescape Escape View File

@ -14,7 +14,7 @@ Architecture: amd64 arm64
Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends}, ssl-cert, xauth,
x11-xkb-utils, xkb-data, procps, libswitch-perl, libyaml-tiny-perl,
libhash-merge-simple-perl, libscalar-list-utils-perl, liblist-moreutils-perl,
libtry-tiny-perl, libgbm1
libtry-tiny-perl, libdatetime-timezone-perl, libgbm1
Provides: vnc-server
Description: KasmVNC provides remote web-based access to a Desktop or application.
While VNC is in the name, KasmVNC differs from other VNC variants such

36
fedora/kasmvncserver.spec
Unescape Escape View File

@ -1,5 +1,5 @@
Name: kasmvncserver
Version: 1.1.0
Version: 1.3.3
Release: 1%{?dist}
Summary: VNC server accessible from a web browser
@ -7,7 +7,7 @@ License: GPLv2+
URL: https://github.com/kasmtech/KasmVNC
BuildRequires: rsync
Requires: xorg-x11-xauth, xkeyboard-config, xkbcomp, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, mesa-libgbm, libxshmfence
Requires: xorg-x11-xauth, xkeyboard-config, xkbcomp, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, perl-DateTime-TimeZone, mesa-libgbm, libxshmfence
Conflicts: tigervnc-server, tigervnc-server-minimal
%description
@ -83,6 +83,38 @@ cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
%doc /usr/share/doc/kasmvncserver/README.md
%changelog
* Fri Oct 25 2024 KasmTech <info@kasmweb.com> - 1.3.3-1
- Allow disabling IP blacklist
- Downloads API for detailed file downloads information
* Tue Sep 24 2024 KasmTech <info@kasmweb.com> - 1.3.2-1
- Disable seamless clipboard on Firefox by default, due to the Firefox overlaying a Paste menu over the canvas.
- Fixed CVE-2024-38449, directory traversal bug in built-in web server.
- Allow for larger header sizes, up to 16k. Provide better logging and handling for requests that contain HTTP headers that are larger than the 16k limit.
- Fixed memory leak in kasmproxy.
- Fixed mime types of downloads to ensure the browser interprets them as downloads.
* Tue Mar 12 2024 KasmTech <info@kasmweb.com> - 1.3.1-1
- Fix exception thrown on Firefox 124 and higher
- Fix artifacts on high resolution secondary screens
- Fixes for touch support on primary and secondary screens
- Fix for Oculus keyboard input
* Mon Feb 05 2024 KasmTech <info@kasmweb.com> - 1.3.0-1
- Multi-monitor support.
- Increased performance with watermark enabled.
- Added support for Fedora 39 and Alpine 319.
- Allow special characters in usernames.
- Better logging of client settings when client connects or changes settings.
- Add support for rotation of text-based watermark.
* Fri Aug 25 2023 KasmTech <info@kasmweb.com> - 1.2.0-1
- Add support for Unix relays for bidirectional communication between noVNC
and containerized applications.
- Text based watermark overlays with date and time support.
- New builds for Bookworm, Alpine 3.18, and Fedora 38.
- Multi-language support.
- Add support for rendering pixmaps via DRI3 GPU acceleration allowing
compositing and other 3d accelerated workloads in a KasmVNC session.
- Fix crash that can occur.
- Fixed tearing when compositing is enabled with DRI3 hardware acceleration.
- Fix stuck command key on MacOS clients.
* Wed Apr 05 2023 KasmTech <info@kasmweb.com> - 1.1.0-1
- Upstream release
* Tue Nov 29 2022 KasmTech <info@kasmweb.com> - 1.0.0-1

2
kasmweb

@ -1 +1 @@
Subproject commit 3873a5994171f39c4acc92e2e05630584332d72d
Subproject commit bce2d6a7048025c6e6c05df9d98b206c23f6dbab

36
opensuse/kasmvncserver.spec
Unescape Escape View File

@ -1,5 +1,5 @@
Name: kasmvncserver
Version: 1.1.0
Version: 1.3.3
Release: leap15
Summary: VNC server accessible from a web browser
@ -7,7 +7,7 @@ License: GPLv2+
URL: https://github.com/kasmtech/KasmVNC
BuildRequires: rsync
Requires: xauth, hostname, libxkbcommon-x11-0, xkeyboard-config, x11-tools, openssl, perl, libpixman-1-0, libjpeg8, libgomp1, libXfont2-2, libXdmcp6, libglvnd, xkbcomp, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, libgbm1, libxshmfence1
Requires: xauth, hostname, libxkbcommon-x11-0, xkeyboard-config, x11-tools, openssl, perl, libpixman-1-0, libjpeg8, libgomp1, libXfont2-2, libXdmcp6, libglvnd, xkbcomp, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, perl-DateTime, perl-DateTime-TimeZone, libgbm1, libxshmfence1
Conflicts: tigervnc, tigervnc-x11vnc
%description
@ -81,6 +81,38 @@ cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
%doc /usr/share/doc/kasmvncserver/README.md
%changelog
* Fri Oct 25 2024 KasmTech <info@kasmweb.com> - 1.3.3-1
- Allow disabling IP blacklist
- Downloads API for detailed file downloads information
* Tue Sep 24 2024 KasmTech <info@kasmweb.com> - 1.3.2-1
- Disable seamless clipboard on Firefox by default, due to the Firefox overlaying a Paste menu over the canvas.
- Fixed CVE-2024-38449, directory traversal bug in built-in web server.
- Allow for larger header sizes, up to 16k. Provide better logging and handling for requests that contain HTTP headers that are larger than the 16k limit.
- Fixed memory leak in kasmproxy.
- Fixed mime types of downloads to ensure the browser interprets them as downloads.
* Tue Mar 12 2024 KasmTech <info@kasmweb.com> - 1.3.1-1
- Fix exception thrown on Firefox 124 and higher
- Fix artifacts on high resolution secondary screens
- Fixes for touch support on primary and secondary screens
- Fix for Oculus keyboard input
* Mon Feb 05 2024 KasmTech <info@kasmweb.com> - 1.3.0-1
- Multi-monitor support.
- Increased performance with watermark enabled.
- Added support for Fedora 39 and Alpine 319.
- Allow special characters in usernames.
- Better logging of client settings when client connects or changes settings.
- Add support for rotation of text-based watermark.
* Fri Aug 25 2023 KasmTech <info@kasmweb.com> - 1.2.0-leap15
- Add support for Unix relays for bidirectional communication between noVNC
and containerized applications.
- Text based watermark overlays with date and time support.
- New builds for Bookworm, Alpine 3.18, and Fedora 38.
- Multi-language support.
- Add support for rendering pixmaps via DRI3 GPU acceleration allowing
compositing and other 3d accelerated workloads in a KasmVNC session.
- Fix crash that can occur.
- Fixed tearing when compositing is enabled with DRI3 hardware acceleration.
- Fix stuck command key on MacOS clients.
* Wed Apr 05 2023 KasmTech <info@kasmweb.com> - 1.1.0-leap15
- Upstream release
* Tue Nov 29 2022 KasmTech <info@kasmweb.com> - 1.0.0-leap15

36
oracle/kasmvncserver.spec
Unescape Escape View File

@ -1,5 +1,5 @@
Name: kasmvncserver
Version: 1.1.0
Version: 1.3.3
Release: 1%{?dist}
Summary: VNC server accessible from a web browser
@ -7,7 +7,7 @@ License: GPLv2+
URL: https://github.com/kasmtech/KasmVNC
BuildRequires: rsync
Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, hostname, mesa-libgbm, libxshmfence
Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, perl-DateTime-TimeZone, hostname, mesa-libgbm, libxshmfence
Conflicts: tigervnc-server, tigervnc-server-minimal
%description
@ -82,6 +82,38 @@ cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
%doc /usr/share/doc/kasmvncserver/README.md
%changelog
* Fri Oct 25 2024 KasmTech <info@kasmweb.com> - 1.3.3-1
- Allow disabling IP blacklist
- Downloads API for detailed file downloads information
* Tue Sep 24 2024 KasmTech <info@kasmweb.com> - 1.3.2-1
- Disable seamless clipboard on Firefox by default, due to the Firefox overlaying a Paste menu over the canvas.
- Fixed CVE-2024-38449, directory traversal bug in built-in web server.
- Allow for larger header sizes, up to 16k. Provide better logging and handling for requests that contain HTTP headers that are larger than the 16k limit.
- Fixed memory leak in kasmproxy.
- Fixed mime types of downloads to ensure the browser interprets them as downloads.
* Tue Mar 12 2024 KasmTech <info@kasmweb.com> - 1.3.1-1
- Fix exception thrown on Firefox 124 and higher
- Fix artifacts on high resolution secondary screens
- Fixes for touch support on primary and secondary screens
- Fix for Oculus keyboard input
* Mon Feb 05 2024 KasmTech <info@kasmweb.com> - 1.3.0-1
- Multi-monitor support.
- Increased performance with watermark enabled.
- Added support for Fedora 39 and Alpine 319.
- Allow special characters in usernames.
- Better logging of client settings when client connects or changes settings.
- Add support for rotation of text-based watermark.
* Fri Aug 25 2023 KasmTech <info@kasmweb.com> - 1.2.0-1
- Add support for Unix relays for bidirectional communication between noVNC
and containerized applications.
- Text based watermark overlays with date and time support.
- New builds for Bookworm, Alpine 3.18, and Fedora 38.
- Multi-language support.
- Add support for rendering pixmaps via DRI3 GPU acceleration allowing
compositing and other 3d accelerated workloads in a KasmVNC session.
- Fix crash that can occur.
- Fixed tearing when compositing is enabled with DRI3 hardware acceleration.
- Fix stuck command key on MacOS clients.
* Wed Apr 05 2023 KasmTech <info@kasmweb.com> - 1.1.0-1
- Upstream release
* Tue Nov 29 2022 KasmTech <info@kasmweb.com> - 1.0.0-1

36
oracle/kasmvncserver9.spec
Unescape Escape View File

@ -1,5 +1,5 @@
Name: kasmvncserver
Version: 1.1.0
Version: 1.3.3
Release: 1%{?dist}
Summary: VNC server accessible from a web browser
@ -7,7 +7,7 @@ License: GPLv2+
URL: https://github.com/kasmtech/KasmVNC
BuildRequires: rsync
Requires: xorg-x11-xauth, xkeyboard-config, xorg-x11-server-utils, xkbcomp, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, hostname, mesa-libgbm, libxshmfence
Requires: xorg-x11-xauth, xkeyboard-config, xorg-x11-server-utils, xkbcomp, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, perl-DateTime-TimeZone, hostname, mesa-libgbm, libxshmfence
Conflicts: tigervnc-server, tigervnc-server-minimal
%description
@ -82,6 +82,38 @@ cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
%doc /usr/share/doc/kasmvncserver/README.md
%changelog
* Fri Oct 25 2024 KasmTech <info@kasmweb.com> - 1.3.3-1
- Allow disabling IP blacklist
- Downloads API for detailed file downloads information
* Tue Sep 24 2024 KasmTech <info@kasmweb.com> - 1.3.2-1
- Disable seamless clipboard on Firefox by default, due to the Firefox overlaying a Paste menu over the canvas.
- Fixed CVE-2024-38449, directory traversal bug in built-in web server.
- Allow for larger header sizes, up to 16k. Provide better logging and handling for requests that contain HTTP headers that are larger than the 16k limit.
- Fixed memory leak in kasmproxy.
- Fixed mime types of downloads to ensure the browser interprets them as downloads.
* Tue Mar 12 2024 KasmTech <info@kasmweb.com> - 1.3.1-1
- Fix exception thrown on Firefox 124 and higher
- Fix artifacts on high resolution secondary screens
- Fixes for touch support on primary and secondary screens
- Fix for Oculus keyboard input
* Mon Feb 05 2024 KasmTech <info@kasmweb.com> - 1.3.0-1
- Multi-monitor support.
- Increased performance with watermark enabled.
- Added support for Fedora 39 and Alpine 319.
- Allow special characters in usernames.
- Better logging of client settings when client connects or changes settings.
- Add support for rotation of text-based watermark.
* Fri Aug 25 2023 KasmTech <info@kasmweb.com> - 1.2.0-1
- Add support for Unix relays for bidirectional communication between noVNC
and containerized applications.
- Text based watermark overlays with date and time support.
- New builds for Bookworm, Alpine 3.18, and Fedora 38.
- Multi-language support.
- Add support for rendering pixmaps via DRI3 GPU acceleration allowing
compositing and other 3d accelerated workloads in a KasmVNC session.
- Fix crash that can occur.
- Fixed tearing when compositing is enabled with DRI3 hardware acceleration.
- Fix stuck command key on MacOS clients.
* Wed Apr 05 2023 KasmTech <info@kasmweb.com> - 1.1.0-1
- Upstream release
* Tue Nov 29 2022 KasmTech <info@kasmweb.com> - 1.0.0-1

6
spec/fixtures/defaults_config.yaml vendored
Unescape Escape View File

@ -50,6 +50,12 @@ data_loss_prevention:
# location: 10,10
# tint: 255,20,20,128
# repeat_spacing: 10
#text:
# template: "${USER} %H:%M"
# font: auto
# font_size: 48
# timezone_name: Australia/Adelaide
# angle: 0
logging:
level: off

14
spec/vncserver_yaml_to_cli_spec.py
Unescape Escape View File

@ -2,7 +2,7 @@ import os
import re
import shutil
from os.path import expanduser
from mamba import description, context, fcontext, it, fit, before, after
from mamba import description, context, fcontext, it, fit, _it, before, after
from expects import expect, equal, contain, match
from helper.spec_helper import start_xvnc, kill_xvnc, run_cmd, clean_env, \
@ -268,6 +268,18 @@ with description('YAML to CLI') as self:
completed_process.stdout)
expect(cli_option).to(equal("-geometry '1024x768'"))
with it("allows wide utf characters"):
write_config('''
data_loss_prevention:
watermark:
text:
template: "星街すいせい"
''')
completed_process = run_vncserver()
cli_option = pick_cli_option('DLP_WatermarkText',
completed_process.stdout)
expect(cli_option).to(equal("-DLP_WatermarkText '星街すいせい'"))
with it("ignores empty section override"):
write_config('''
security:

9
t
Unescape Escape View File

@ -0,0 +1,9 @@
use DateTime::TimeZone;
my $timezone = $ARGV[0];
if (DateTime::TimeZone->is_valid_name($timezone)) {
print "Valid timezone\n";
} else {
print "Invalid timezone\n";
}

11
t2
Unescape Escape View File

@ -0,0 +1,11 @@
use DateTime;
use DateTime::TimeZone;
#my $timezone_name = 'America/New_York';
my $timezone_name = 'UTC';
my $dt = DateTime->now(time_zone => $timezone_name);
my $offset = $dt->offset();
print "Timezone: $timezone_name\n";
print "Offset: $offset seconds\n";

37
unix/KasmVNC/CallbackValidator.pm
Unescape Escape View File

@ -0,0 +1,37 @@
package KasmVNC::CallbackValidator;
use strict;
use warnings;
use v5.10;
use Data::Dumper;
use KasmVNC::Utils;
sub new {
my ($class, $args) = @_;
my $self = bless {
isValidCallback => $args->{isValidCallback},
errorMessage => $args->{errorMessage}
}, $class;
}
sub validate {
my $self = shift;
$self->{configKey} = shift;
my @values = @{ listify($self->{configKey}->value()) };
foreach my $value (@values) {
$self->validateValue($value);
}
}
sub validateValue {
my $self = shift;
my $value = shift;
unless ($self->{isValidCallback}($value)) {
$self->{configKey}->addErrorMessage($self->{errorMessage});
}
}
1;

10
unix/KasmVNC/Utils.pm
Unescape Escape View File

@ -45,6 +45,8 @@ sub isPresent {
sub deriveBoolean {
my $value = shift;
return $value if containsWideSymbols($value);
switch($value) {
case 'true' {
return 1;
@ -63,4 +65,12 @@ sub printStackTrace {
print { *STDERR } $trace->as_string;
}
sub containsWideSymbols {
my $string = shift;
return 1 unless defined($string);
$string =~ /[^\x00-\xFF]/;
}
1;

9
unix/kasmvnc_defaults.yaml
Unescape Escape View File

@ -23,6 +23,9 @@ network:
pem_certificate: /etc/ssl/certs/ssl-cert-snakeoil.pem
pem_key: /etc/ssl/private/ssl-cert-snakeoil.key
require_ssl: true
# unix_relay:
# name:
# path:
user_session:
# session_type: shared
@ -92,6 +95,12 @@ data_loss_prevention:
# location: 10,10
# tint: 255,20,20,128
# repeat_spacing: 10
#text:
# template: "${USER} %H:%M"
# font: auto
# font_size: 48
# timezone_name: Australia/Adelaide
# angle: 0
logging:
# "verbose" SETTING LOGS YOUR PRIVATE INFORMATION. Keypresses and clipboard content
level: off

2
unix/kasmvncpasswd/kasmpasswd.h
Unescape Escape View File

@ -6,7 +6,7 @@ extern "C" {
#endif
struct kasmpasswd_entry_t {
char user[32];
char user[128];
char password[128];
unsigned char read : 1;
unsigned char write : 1;

2
unix/kasmxproxy/kasmxproxy.c
Unescape Escape View File

@ -520,6 +520,8 @@ int main(int argc, char **argv) {
cursorhash = newhash;
}
XFree(cursor);
usleep(sleeptime);
}

125
unix/vncserver
Unescape Escape View File

@ -27,6 +27,7 @@
use v5.10;
use warnings;
use utf8;
sub DEVENV() { $ENV{KASMVNC_DEVELOPMENT} };
use if DEVENV, Devel::StackTrace;
@ -38,11 +39,14 @@ use List::Util qw(first);
use List::MoreUtils qw(any uniq);
use Data::Dumper;
use Try::Tiny;
use DateTime;
use DateTime::TimeZone;
use KasmVNC::CliOption;
use KasmVNC::ConfigKey;
use KasmVNC::PatternValidator;
use KasmVNC::EnumValidator;
use KasmVNC::CallbackValidator;
use KasmVNC::Config;
use KasmVNC::Users;
use KasmVNC::TextOption;
@ -56,6 +60,7 @@ use constant {
OPTIONAL_ARG_VALUE => 2
};
UseUtfStdio();
InitLogger();
CheckWeCanRunInThisEnvironment();
@ -664,9 +669,10 @@ sub RunXstartup {
DetectAndExportDisplay();
$ENV{VNCDESKTOP}= $desktopName;
my $xstartupCmd = "{ echo 'Running $xstartupFile'; $xstartupFile; }";
if ($opt{'-fg'}) {
if (! $skipxstartup) {
system("$xstartupFile >> " . quotedString($desktopLog) . " 2>&1");
system("$xstartupCmd >> " . quotedString($desktopLog) . " 2>&1");
}
if (IsXvncRunning()) {
$opt{'-kill'} = ':'.$displayNumber;
@ -675,12 +681,12 @@ sub RunXstartup {
} else {
if ($opt{'-autokill'}) {
if (! $skipxstartup) {
system("($xstartupFile; $0 -kill :$displayNumber) >> "
system("($xstartupCmd; $0 -kill :$displayNumber) >> "
. quotedString($desktopLog) . " 2>&1 &");
}
} else {
if (! $skipxstartup) {
system("$xstartupFile >> " . quotedString($desktopLog)
system("$xstartupCmd >> " . quotedString($desktopLog)
. " 2>&1 &");
}
}
@ -1397,6 +1403,24 @@ sub DefineConfigToCLIConversion {
})
]
}),
KasmVNC::CliOption->new({
name => 'UnixRelay',
configKeys => [
KasmVNC::ConfigKey->new({
name => "network.unix_relay.name",
type => KasmVNC::ConfigKey::ANY
}),
KasmVNC::ConfigKey->new({
name => "network.unix_relay.path",
type => KasmVNC::ConfigKey::ANY
})
],
deriveValueSub => sub {
my $self = shift;
$self->{"network.unix_relay.name"} . ":" . $self->{"network.unix_relay.path"};
},
}),
KasmVNC::CliOption->new({
name => 'AlwaysShared',
configKeys => [
@ -1765,6 +1789,97 @@ sub DefineConfigToCLIConversion {
})
]
}),
KasmVNC::CliOption->new({
name => 'DLP_WatermarkText',
configKeys => [
KasmVNC::ConfigKey->new({
name => "data_loss_prevention.watermark.text.template",
validator => KasmVNC::CallbackValidator->new({
isValidCallback => sub {
my $value = shift;
isBlank(ConfigValue("data_loss_prevention.watermark.image"));
},
errorMessage => "Watermark image and text can't be used at the same time"
}),
})
]
}),
KasmVNC::CliOption->new({
name => 'DLP_WatermarkFont',
configKeys => [
KasmVNC::ConfigKey->new({
name => "data_loss_prevention.watermark.text.font",
type => KasmVNC::ConfigKey::ANY
})
],
isActiveSub => sub {
$self = shift;
my $value = $self->configValue();
isPresent($value) && $value ne "auto";
}
}),
KasmVNC::CliOption->new({
name => 'DLP_WatermarkFontSize',
configKeys => [
KasmVNC::ConfigKey->new({
name => "data_loss_prevention.watermark.text.font_size",
validator => KasmVNC::CallbackValidator->new({
isValidCallback => sub {
my $value = shift;
return 0 unless $value =~ /^\d+$/;
$value >= 8 && $value <= 256;
},
errorMessage => "must be in range 8..256"
}),
})
]
}),
KasmVNC::CliOption->new({
name => 'DLP_WatermarkTimeOffsetMinutes',
configKeys => [
KasmVNC::ConfigKey->new({
name => "data_loss_prevention.watermark.text.timezone_name",
validator => KasmVNC::CallbackValidator->new({
isValidCallback => sub {
my $timezone_name = shift;
DateTime::TimeZone->is_valid_name($timezone_name);
},
errorMessage => "must be a valid timezone name like Australia/Adelaide"
})
})
],
deriveValueSub => sub {
my $self = shift;
my $timezone_name = $self->configValue();
my $dt = DateTime->now(time_zone => $timezone_name);
my $offset_in_seconds = $dt->offset();
$offset_in_seconds/60;
}
}),
KasmVNC::CliOption->new({
name => 'DLP_WatermarkTextAngle',
configKeys => [
KasmVNC::ConfigKey->new({
name => "data_loss_prevention.watermark.text.angle",
validator => KasmVNC::CallbackValidator->new({
isValidCallback => sub {
my $value = shift;
return 0 unless $value =~ /^-?\d+$/;
$value >= -359 && $value <= 359;
},
errorMessage => "must be in range -359..359"
}),
})
]
}),
KasmVNC::CliOption->new({
name => 'DLP_Log',
configKeys => [
@ -2835,3 +2950,7 @@ sub InitLogger {
my $debugEnabled = any { $_ eq "-debug" } @ARGV;
$logger = KasmVNC::Logger->new({ level => $debugEnabled ? "debug" : "warn" });
}
sub UseUtfStdio {
use open qw( :std :encoding(UTF-8) );
}

13
unix/vncserver.man
Unescape Escape View File

@ -54,11 +54,18 @@ passed to Xvnc - see the Xvnc man page, or "Xvnc \-help", for details.
.TP
.B \-select-de [\fIde_name\fP]
Select Desktop Enviromnent to run. Cinnamon, Mate, LXDE, LXQT, KDE, Gnome, XFCE
are supported. If \fIde_name\fP isn't specified, a text UI prompt to select a
Desktop Enviromnent will be shown.
Select Desktop Enviromnent to run. Cinnamon, Mate, LXDE, LXQT, KDE, Gnome, XFCE,
are supported.
To trigger a text UI prompt to select a Desktop Enviromnent, run \fBvncserver\fP
for the first time, or pass this option without arguments. To bypass the prompt,
pass this option with the Desktop Enviromnent argument.
Warning: $HOME/.vnc/xstartup will be overwritten.
To run a custom setup (not one of the supported Desktop Enviromnents), create
$HOME/.vnc/xstartup executable and specify \fB\-select-de manual\fP to signify you
don't want its contents to be auto-generated.
.TP
.B \-geometry \fIwidth\fPx\fIheight\fP
Specify the size of the VNC desktop to be created. Default is 1024x768.

3
unix/xserver/hw/vnc/Makefile.am
Unescape Escape View File

@ -52,7 +52,8 @@ Xvnc_CPPFLAGS = $(XVNC_CPPFLAGS) -DKASMVNC -DNO_MODULE_EXTS \
-I$(top_srcdir)/dri3 @LIBDRM_CFLAGS@
Xvnc_LDADD = $(XVNC_LIBS) libvnccommon.la $(COMMON_LIBS) \
$(XSERVER_LIBS) $(XSERVER_SYS_LIBS) $(XVNC_SYS_LIBS) -lX11 -lwebp -lssl -lcrypto -lcrypt
$(XSERVER_LIBS) $(XSERVER_SYS_LIBS) $(XVNC_SYS_LIBS) -lX11 -lwebp -lssl -lcrypto -lcrypt \
-lfreetype
Xvnc_LDFLAGS = $(LD_EXPORT_SYMBOLS_FLAG) -fopenmp

41
unix/xserver/hw/vnc/XserverDesktop.cc
Unescape Escape View File

@ -29,6 +29,8 @@
#include <pwd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <fcntl.h>
#include <sys/utsname.h>
@ -51,6 +53,7 @@ extern "C" {
void vncSetGlueContext(int screenIndex);
extern int wakeuppipe[2];
extern struct sockaddr_un unixrelayclients[MAX_UNIX_RELAYS];
}
using namespace rfb;
@ -323,6 +326,26 @@ void XserverDesktop::handleSocketEvent(int fd, bool read, bool write)
return;
}
unsigned i;
for (i = 0; i < MAX_UNIX_RELAYS; i++) {
if (unixrelays[i] == -1)
break;
if (fd == unixrelays[i]) {
do {
struct sockaddr_un client;
socklen_t addrlen = sizeof(struct sockaddr_un);
const ssize_t len = recvfrom(unixrelays[i], unixbuf, sizeof(unixbuf),
MSG_DONTWAIT,
(struct sockaddr *) &client, &addrlen);
if (len <= 0)
break;
memcpy(&unixrelayclients[i], &client, addrlen);
server->sendUnixRelayData(unixrelaynames[i], unixbuf, len);
} while (1);
return;
}
}
if (handleListenerEvent(fd, &listeners, server))
return;
}
@ -557,3 +580,21 @@ bool XserverDesktop::handleTimeout(Timer* t)
return false;
}
void XserverDesktop::receivedUnixRelayData(const char name[], const unsigned char *buf,
const unsigned len)
{
unsigned i;
for (i = 0; i < MAX_UNIX_RELAYS; i++) {
if (unixrelays[i] == -1)
break;
if (strcmp(name, unixrelaynames[i]))
continue;
if (sendto(unixrelays[i], buf, len, 0,
(struct sockaddr *) &unixrelayclients[i], sizeof(struct sockaddr_un)) == -1)
vlog.error("Error writing unix relay data to %s", name);
break;
}
}

5
unix/xserver/hw/vnc/XserverDesktop.h
Unescape Escape View File

@ -110,6 +110,9 @@ public:
const char* userName,
char** reason);
virtual void receivedUnixRelayData(const char name[], const unsigned char *buf,
const unsigned len);
protected:
bool handleListenerEvent(int fd,
std::list<network::SocketListener*>* sockets,
@ -138,5 +141,7 @@ private:
rfb::Point oldCursorPos;
bool resizing;
uint8_t unixbuf[1024 * 1024];
};
#endif

35
unix/xserver/hw/vnc/Xvnc.man
Unescape Escape View File

@ -89,6 +89,11 @@ Use IPv4 for incoming and outgoing connections. Default is on.
Use IPv6 for incoming and outgoing connections. Default is on.
.
.TP
.B \-UnixRelay \fIname:path\fP
Create a local named unix socket, for relaying data. May be given multiple times.
Example: -UnixRelay audio:/tmp/audiosock
.
.TP
.B \-rfbunixpath \fIpath\fP
Specifies the path of a Unix domain socket on which Xvnc listens for
connections from viewers, instead of listening on a TCP port.
@ -243,6 +248,8 @@ Default \fB-1\fP.
.B \-WebpVideoQuality \fInum\fP
The WEBP quality to use when in video mode.
Default \fB-1\fP.
.
.TP
.B \-MaxVideoResolution \fI1920x1080\fP
When in video mode, downscale the screen to max this size. Keeps aspect ratio.
Default \fB1920x1080\fP.
@ -372,6 +379,32 @@ The color components can be used to colorize the greyscale watermark, and the al
can be used to make it fainter.
.
.TP
.B \-DLP_WatermarkText \fI"foo %H:%M"\fP
Instead of an image, render this text as the watermark. Takes time formatting options
for \fBstrftime\fP.
.
.TP
.B \-DLP_WatermarkTextAngle \fIangle\fP
Rotate the text by this many degrees, increasing clockwise. Default \fB0\fP.
.
.TP
.B \-DLP_WatermarkFont \fI/path/to/font.ttf\fP
Use a different font for -DLP_WatermarkText than the bundled one. TTF and OTF fonts
are accepted.
.
.TP
.B \-DLP_WatermarkFontSize \fI48\fP
Font size for -DLP_WatermarkText. Default \fI48\fP.
.
.TP
.B \-DLP_WatermarkTimeOffset \fI0\fP
Time offset from UTC, hours. Default \fI0\fP.
.
.TP
.B \-DLP_WatermarkTimeOffsetMinutes \fI0\fP
Time offset from UTC, minutes. Default \fI0\fP.
.
.TP
.B \-selfBench
Run a set of self-benchmarks and exit.
.
@ -445,7 +478,7 @@ See the GnuTLS manual for possible values. Default is \fBNORMAL\fP.
.TP
.B \-BlacklistThreshold \fIcount\fP
The number of unauthenticated connection attempts allowed from any individual
host before that host is black-listed. Default is 5.
host before that host is black-listed. Default is 5. Set to 0 to disable.
.
.TP
.B \-BlacklistTimeout \fIseconds\fP

121
unix/xserver/hw/vnc/dri3.c
Unescape Escape View File

@ -55,6 +55,18 @@ typedef struct gbm_pixmap gbm_pixmap;
static DevPrivateKeyRec dri3_pixmap_private_key;
static struct timeval start;
struct texpixmap {
PixmapPtr pixmap;
struct xorg_list entry;
};
static struct xorg_list texpixmaps;
static CARD32 update_texpixmaps(OsTimerPtr timer, CARD32 time, void *arg);
static OsTimerPtr texpixmaptimer;
void xvnc_sync_dri3_textures(void);
void xvnc_sync_dri3_pixmap(PixmapPtr pixmap);
void xvnc_init_dri3(void);
static int
@ -99,6 +111,25 @@ static gbm_pixmap *gbm_pixmap_get(PixmapPtr pixmap)
return dixLookupPrivate(&pixmap->devPrivates, &dri3_pixmap_private_key);
}
static void add_texpixmap(PixmapPtr pix)
{
struct texpixmap *ptr;
xorg_list_for_each_entry(ptr, &texpixmaps, entry) {
if (ptr->pixmap == pix)
return;
}
ptr = calloc(1, sizeof(struct texpixmap));
ptr->pixmap = pix;
pix->refcnt++;
xorg_list_append(&ptr->entry, &texpixmaps);
// start if not running
if (!texpixmaptimer)
texpixmaptimer = TimerSet(NULL, 0, 16, update_texpixmaps, NULL);
}
static PixmapPtr
create_pixmap_for_bo(ScreenPtr screen, struct gbm_bo *bo, CARD8 depth)
{
@ -164,14 +195,33 @@ xvnc_fds_from_pixmap(ScreenPtr screen, PixmapPtr pixmap, int *fds,
uint64_t *modifier)
{
gbm_pixmap *gp = gbm_pixmap_get(pixmap);
if (!gp) {
gp = calloc(1, sizeof(gbm_pixmap));
if (!gp)
return 0;
gp->bo = gbm_bo_create(priv.gbm,
pixmap->drawable.width,
pixmap->drawable.height,
gbm_format_for_depth(pixmap->drawable.depth),
(pixmap->usage_hint == CREATE_PIXMAP_USAGE_SHARED ?
GBM_BO_USE_LINEAR : 0) |
GBM_BO_USE_RENDERING | GBM_BO_USE_SCANOUT);
if (!gp->bo) {
ErrorF("Failed to create bo\n");
return 0;
}
dri3_pixmap_set_private(pixmap, gp);
}
fds[0] = gbm_bo_get_fd(gp->bo);
strides[0] = gbm_bo_get_stride(gp->bo);
offsets[0] = 0;
*modifier = DRM_FORMAT_MOD_INVALID;
add_texpixmap(pixmap);
return 1;
}
@ -219,12 +269,13 @@ void xvnc_sync_dri3_pixmap(PixmapPtr pixmap)
void *ptr;
uint32_t stride, w, h;
void *opaque = NULL;
gbm_pixmap *gp;
// We may not be running on hw if there's a compositor using PRESENT on llvmpipe
if (!driNode)
return;
gbm_pixmap *gp = gbm_pixmap_get(pixmap);
gp = gbm_pixmap_get(pixmap);
if (!gp) {
//ErrorF("Present tried to copy from a non-dri3 pixmap\n");
return;
@ -252,6 +303,72 @@ void xvnc_sync_dri3_pixmap(PixmapPtr pixmap)
gbm_bo_unmap(gp->bo, opaque);
}
void xvnc_sync_dri3_textures(void)
{
// Sync the tracked pixmaps into their textures (bos)
// This is a bit of an ugly solution, but we don't know
// when the pixmaps have changed nor when the textures are read.
//
// This is called both from the global damage report and the timer,
// to account for cases that do not use the damage report.
uint32_t y;
gbm_pixmap *gp;
uint8_t *src, *dst;
uint32_t srcstride, dststride;
void *opaque = NULL;
struct texpixmap *ptr, *tmpptr;
// We may not be running on hw if there's a compositor using PRESENT on llvmpipe
if (!driNode)
return;
xorg_list_for_each_entry_safe(ptr, tmpptr, &texpixmaps, entry) {
if (ptr->pixmap->refcnt == 1) {
// We are the only user left, delete it
ptr->pixmap->drawable.pScreen->DestroyPixmap(ptr->pixmap);
xorg_list_del(&ptr->entry);
free(ptr);
continue;
}
gp = gbm_pixmap_get(ptr->pixmap);
opaque = NULL;
dst = gbm_bo_map(gp->bo, 0, 0,
ptr->pixmap->drawable.width,
ptr->pixmap->drawable.height,
GBM_BO_TRANSFER_WRITE, &dststride, &opaque);
if (!dst) {
ErrorF("gbm map failed, errno %d\n", errno);
continue;
}
srcstride = ptr->pixmap->devKind;
src = ptr->pixmap->devPrivate.ptr;
for (y = 0; y < ptr->pixmap->drawable.height; y++) {
memcpy(dst, src, srcstride);
dst += dststride;
src += srcstride;
}
gbm_bo_unmap(gp->bo, opaque);
}
}
static CARD32 update_texpixmaps(OsTimerPtr timer, CARD32 time, void *arg)
{
xvnc_sync_dri3_textures();
if (xorg_list_is_empty(&texpixmaps)) {
TimerFree(texpixmaptimer);
texpixmaptimer = NULL;
return 0;
}
return 16; // Reschedule next tick
}
void xvnc_init_dri3(void)
{
memset(&priv, 0, sizeof(priv));
@ -272,6 +389,8 @@ void xvnc_init_dri3(void)
if (!priv.gbm)
FatalError("Failed to create gbm\n");
xorg_list_init(&texpixmaps);
if (!dri3_screen_init(screenInfo.screens[0], &xvnc_dri3_info))
FatalError("Couldn't init dri3\n");
}

8
unix/xserver/hw/vnc/vncExtInit.cc
Unescape Escape View File

@ -241,6 +241,14 @@ void vncExtensionInit(void)
fcntl(wakeuppipe[0], F_SETFL, flags | O_NONBLOCK);
vncSetNotifyFd(wakeuppipe[0], 0, true, false);
unsigned i;
for (i = 0; i < MAX_UNIX_RELAYS; i++) {
if (unixrelays[i] == -1)
break;
vncSetNotifyFd(unixrelays[i], 0, true, false);
vlog.info("Listening to unix relay socket %s", unixrelaynames[i]);
}
initialised = true;
}

5
unix/xserver/hw/vnc/vncExtInit.h
Unescape Escape View File

@ -23,6 +23,8 @@
#include <stddef.h>
#include <sys/select.h>
#include <rfb/unixRelayLimits.h>
// Only from C++
#ifdef __cplusplus
namespace rfb { class StringParameter; };
@ -106,6 +108,9 @@ void vncRefreshScreenLayout(int scrIdx);
int vncOverrideParam(const char *nameAndValue);
extern int unixrelays[MAX_UNIX_RELAYS];
extern char unixrelaynames[MAX_UNIX_RELAYS][MAX_UNIX_RELAY_NAME_LEN];
#ifdef __cplusplus
}
#endif

4
unix/xserver/hw/vnc/xorg-version.h
Unescape Escape View File

@ -54,8 +54,10 @@
#define XORG 119
#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (20 * 100000) + (99 * 1000))
#define XORG 120
#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (21 * 100000) + (99 * 1000))
#define XORG 121
#else
#error "X.Org newer than 1.20 is not supported"
#error "X.Org newer than 21 is not supported"
#endif
#endif

100
unix/xserver/hw/vnc/xvnc.c
Unescape Escape View File

@ -61,8 +61,11 @@ from the X Consortium.
#include "input.h"
#include "mipointer.h"
#include "micmap.h"
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
#include <errno.h>
#ifndef WIN32
#include <sys/param.h>
@ -91,9 +94,8 @@ from the X Consortium.
#undef VENDOR_RELEASE
#undef VENDOR_STRING
#include "version-config.h"
#include "site.h"
#define XVNCVERSION "KasmVNC 1.1.0"
#define XVNCVERSION "KasmVNC 1.3.3"
#define XVNCCOPYRIGHT ("Copyright (C) 1999-2018 KasmVNC Team and many others (see README.me)\n" \
"See http://kasmweb.com for information on KasmVNC.\n")
@ -161,7 +163,74 @@ const char *driNode = NULL;
static Bool displaySpecified = FALSE;
static char displayNumStr[16];
static int vncVerbose = DEFAULT_LOG_VERBOSITY;
static int vncVerbose = 0;
int unixrelays[MAX_UNIX_RELAYS];
char unixrelaynames[MAX_UNIX_RELAYS][MAX_UNIX_RELAY_NAME_LEN];
struct sockaddr_un unixrelayclients[MAX_UNIX_RELAYS];
static unsigned addrelay(const char * const arg)
{
const char *ptr = strchr(arg, ':');
if (!ptr) {
ErrorF("Invalid unixrelay\n");
return 1;
}
const unsigned namelen = ptr - arg;
if (namelen >= MAX_UNIX_RELAY_NAME_LEN) {
ErrorF("Unix relay name too long\n");
return 1;
}
unsigned i;
unsigned char found = 0;
for (i = 0; i < MAX_UNIX_RELAYS; i++) {
if (unixrelays[i] == -1) {
found = 1;
break;
}
}
if (!found) {
ErrorF("Too many unix relays\n");
return 1;
}
memcpy(unixrelaynames[i], arg, namelen);
unixrelaynames[i][namelen] = '\0';
unixrelays[i] = socket(AF_UNIX, SOCK_DGRAM, 0);
if (unixrelays[i] < 0) {
ErrorF("Failed to create unix sock\n");
return 1;
}
ptr++;
struct sockaddr_un sa;
if (strlen(ptr) >= sizeof(sa.sun_path)) {
ErrorF("Unix relay path too long\n");
return 1;
}
sa.sun_family = AF_UNIX;
strcpy(sa.sun_path, ptr);
// SO_REUSEADDR doesn't exist for unix sockets, if the socket exists
// (from our previous run), we need to delete it first. Check it's a
// socket so we don't delete wrong files
struct stat st;
if (stat(ptr, &st) == 0) {
if (S_ISSOCK(st.st_mode))
unlink(ptr);
}
if (bind(unixrelays[i], (struct sockaddr *) &sa, sizeof(struct sockaddr_un))) {
ErrorF("Failed to bind unix sock\n");
return 1;
}
return 0;
}
char *extra_headers = NULL;
unsigned extra_headers_len = 0;
@ -213,8 +282,13 @@ vncPrintBanner(void)
ErrorF("\nXvnc %s%s - built %s\n%s", XVNCVERSION,
sizeof(XVNCEXTRAVERSION) > 2 ? XVNCEXTRAVERSION : "",
buildtime, XVNCCOPYRIGHT);
// VENDOR_STRING was removed in 21
#ifdef VENDOR_STRING
ErrorF("Underlying X server release %d, %s\n\n", VENDOR_RELEASE,
VENDOR_STRING);
#else
ErrorF("Underlying X server release %d\n\n", VENDOR_RELEASE);
#endif
}
static void
@ -374,6 +448,7 @@ void ddxUseMsg(void)
ErrorF("-inetd has been launched from inetd\n");
ErrorF("-http-header name=val append this header to all HTTP responses\n");
ErrorF("-noclipboard disable clipboard settings modification via vncconfig utility\n");
ErrorF("-unixrelay name:path create a local named unix relay socket\n");
ErrorF("-verbose [n] verbose startup messages\n");
ErrorF("-quiet minimal startup messages\n");
ErrorF("-version show the server version\n");
@ -426,6 +501,13 @@ ddxProcessArgument(int argc, char *argv[], int i)
vfbInitializeDefaultScreens();
vfbInitializePixmapDepths();
unsigned r;
for (r = 0; r < MAX_UNIX_RELAYS; r++) {
unixrelays[r] = -1;
unixrelaynames[r][0] = '\0';
}
firstTime = FALSE;
vncInitRFB();
}
@ -692,6 +774,16 @@ ddxProcessArgument(int argc, char *argv[], int i)
return 1;
}
if (strcasecmp(argv[i], "-unixrelay") == 0)
{
fail_unless_args(argc, i, 1);
++i;
if (addrelay(argv[i]))
return 0;
return 2;
}
if (!strcmp(argv[i], "-verbose")) {
if (++i < argc && argv[i]) {
char *end;
@ -1916,6 +2008,8 @@ InitOutput(ScreenInfo *scrInfo, int argc, char **argv)
#else
FatalError("DRI3 disabled at compile time\n");
#endif
} else {
driNode = NULL;
}
} /* end InitOutput */

20
unix/xserver120.patch
Unescape Escape View File

@ -111,3 +111,23 @@ Index: xserver/mi/miinitext.c
gc = GetScratchGC(drawable->depth, screen);
if (update) {
ChangeGCVal changes[2];
--- xserver.orig/damageext/damageext.c 2019-02-26 21:28:50.000000000 +0200
+++ xserver/damageext/damageext.c 2023-03-21 12:52:58.411647186 +0200
@@ -87,6 +87,8 @@
*h = draw->height;
}
+void xvnc_sync_dri3_textures(void);
+
static void
DamageExtNotify(DamageExtPtr pDamageExt, BoxPtr pBoxes, int nBoxes)
{
@@ -97,6 +99,8 @@
damageGetGeometry(pDrawable, &x, &y, &w, &h);
+ xvnc_sync_dri3_textures();
+
UpdateCurrentTimeIf();
ev = (xDamageNotifyEvent) {
.type = DamageEventBase + XDamageNotify,

115
unix/xserver21.patch
Unescape Escape View File

@ -0,0 +1,115 @@
diff -urpN xorg-server-1.20.0/configure.ac xorg-server-1.20.0/configure.ac
--- xorg-server-1.20.0/configure.ac 2018-05-10 09:32:34.000000000 -0700
+++ xorg-server-1.20.0/configure.ac 2018-06-13 19:04:47.536413626 -0700
@@ -74,6 +74,7 @@ dnl forcing an entire recompile.x
AC_CONFIG_HEADERS(include/version-config.h)
AM_PROG_AS
+AC_PROG_CXX
AC_PROG_LN_S
LT_PREREQ([2.2])
LT_INIT([disable-static win32-dll])
@@ -1777,6 +1778,10 @@ if test "x$XVFB" = xyes; then
AC_SUBST([XVFB_SYS_LIBS])
fi
+dnl Xvnc DDX
+AC_SUBST([XVNC_CPPFLAGS], ["-DHAVE_DIX_CONFIG_H $XSERVER_CFLAGS"])
+AC_SUBST([XVNC_LIBS], ["$FB_LIB $FIXES_LIB $XEXT_LIB $CONFIG_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $DRI3_LIB $PRESENT_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB"])
+AC_SUBST([XVNC_SYS_LIBS], ["$GLX_SYS_LIBS"])
dnl Xnest DDX
@@ -1812,6 +1817,8 @@ if test "x$XORG" = xauto; then
fi
AC_MSG_RESULT([$XORG])
+AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version])
+
if test "x$XORG" = xyes; then
XORG_DDXINCS='-I$(top_srcdir)/hw/xfree86 -I$(top_srcdir)/hw/xfree86/include -I$(top_srcdir)/hw/xfree86/common'
XORG_OSINCS='-I$(top_srcdir)/hw/xfree86/os-support -I$(top_srcdir)/hw/xfree86/os-support/bus -I$(top_srcdir)/os'
@@ -2029,7 +2036,6 @@ if test "x$XORG" = xyes; then
AC_DEFINE(XORG_SERVER, 1, [Building Xorg server])
AC_DEFINE(XORGSERVER, 1, [Building Xorg server])
AC_DEFINE(XFree86Server, 1, [Building XFree86 server])
- AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version])
AC_DEFINE(NEED_XF86_TYPES, 1, [Need XFree86 typedefs])
AC_DEFINE(NEED_XF86_PROTOTYPES, 1, [Need XFree86 helper functions])
AC_DEFINE(__XSERVERNAME__, "Xorg", [Name of X server])
@@ -2565,6 +2571,7 @@ hw/dmx/Makefile
hw/dmx/man/Makefile
hw/vfb/Makefile
hw/vfb/man/Makefile
+hw/vnc/Makefile
hw/xnest/Makefile
hw/xnest/man/Makefile
hw/xwin/Makefile
diff -urpN xorg-server-1.20.0/hw/Makefile.am xorg-server-1.20.0/hw/Makefile.am
--- xorg-server-1.20.0/hw/Makefile.am 2018-05-10 09:32:34.000000000 -0700
+++ xorg-server-1.20.0/hw/Makefile.am 2018-06-13 19:04:47.536413626 -0700
@@ -44,3 +44,5 @@
relink:
$(AM_V_at)for i in $(SUBDIRS) ; do $(MAKE) -C $$i relink || exit 1 ; done
+
+SUBDIRS += vnc
diff -urpN xorg-server-1.20.0/mi/miinitext.c xorg-server-1.20.0/mi/miinitext.c
--- xorg-server-1.20.0/mi/miinitext.c 2018-05-10 09:32:37.000000000 -0700
+++ xorg-server-1.20.0/mi/miinitext.c 2018-06-13 19:05:14.742200675 -0700
@@ -107,8 +107,15 @@ SOFTWARE.
#include "os.h"
#include "globals.h"
+#ifdef KASMVNC
+extern void vncExtensionInit(void);
+#endif
+
/* List of built-in (statically linked) extensions */
static const ExtensionModule staticExtensions[] = {
+#ifdef KASMVNC
+ {vncExtensionInit, "VNC-EXTENSION", NULL},
+#endif
{GEExtensionInit, "Generic Event Extension", &noGEExtension},
{ShapeExtensionInit, "SHAPE", NULL},
#ifdef MITSHM
--- xserver.orig/present/present.c 2019-02-26 21:28:50.000000000 +0200
+++ xserver/present/present.c 2023-01-20 11:32:27.175493594 +0200
@@ -27,6 +27,8 @@
#include "present_priv.h"
#include <gcstruct.h>
+void xvnc_sync_dri3_pixmap(PixmapPtr pixmap);
+
/*
* Returns:
* TRUE if the first MSC value is equal to or after the second one
@@ -79,6 +81,8 @@
ScreenPtr screen = drawable->pScreen;
GCPtr gc;
+ xvnc_sync_dri3_pixmap(pixmap);
+
gc = GetScratchGC(drawable->depth, screen);
if (update) {
ChangeGCVal changes[2];
--- xserver.orig/damageext/damageext.c 2019-02-26 21:28:50.000000000 +0200
+++ xserver/damageext/damageext.c 2023-03-21 12:52:58.411647186 +0200
@@ -87,6 +87,8 @@
*h = draw->height;
}
+void xvnc_sync_dri3_textures(void);
+
static void
DamageExtNotify(DamageExtPtr pDamageExt, BoxPtr pBoxes, int nBoxes)
{
@@ -97,6 +99,8 @@
damageGetGeometry(pDrawable, &x, &y, &w, &h);
+ xvnc_sync_dri3_textures();
+
UpdateCurrentTimeIf();
ev = (xDamageNotifyEvent) {
.type = DamageEventBase + XDamageNotify,
Write Preview
Loading…
Cancel
Save