From 1b25106c75d486865af70445f895a15444ae25aa Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 3 Dec 2024 13:50:53 +0100 Subject: [PATCH 01/34] Remove unused Configuration methods These never even had an implementation. --- common/rfb/Configuration.h | 9 --------- 1 file changed, 9 deletions(-) diff --git a/common/rfb/Configuration.h b/common/rfb/Configuration.h index ec8d789aa2..e46a7a4a28 100644 --- a/common/rfb/Configuration.h +++ b/common/rfb/Configuration.h @@ -89,15 +89,6 @@ namespace rfb { // - Remove a parameter from this Configuration group bool remove(const char* param); - // - readFromFile - // Read configuration parameters from the specified file. - void readFromFile(const char* filename); - - // - writeConfigToFile - // Write a new configuration parameters file, then mv it - // over the old file. - void writeToFile(const char* filename); - // - Get the Global Configuration object // NB: This call does NOT lock the Configuration system. From e5b64155b7ca4cd4c1a0e9de3f2c9c42997e3892 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 3 Dec 2024 13:52:20 +0100 Subject: [PATCH 02/34] Remove legacy X11 bitfield markers These were barely needed to begin with, and were purged from upstream ages ago. --- unix/vncconfig/vncExt.h | 148 ++++++++++++++++++++-------------------- 1 file changed, 74 insertions(+), 74 deletions(-) diff --git a/unix/vncconfig/vncExt.h b/unix/vncconfig/vncExt.h index 5de1685d4c..2fa88e0e6c 100644 --- a/unix/vncconfig/vncExt.h +++ b/unix/vncconfig/vncExt.h @@ -69,24 +69,24 @@ typedef struct { typedef struct { CARD8 reqType; /* always VncExtReqCode */ CARD8 vncExtReqType; /* always VncExtSetParam */ - CARD16 length B16; + CARD16 length; CARD8 paramLen; CARD8 pad0; - CARD16 pad1 B16; + CARD16 pad1; } xVncExtSetParamReq; #define sz_xVncExtSetParamReq 8 typedef struct { BYTE type; /* X_Reply */ BYTE success; - CARD16 sequenceNumber B16; - CARD32 length B32; - CARD32 pad0 B32; - CARD32 pad1 B32; - CARD32 pad2 B32; - CARD32 pad3 B32; - CARD32 pad4 B32; - CARD32 pad5 B32; + CARD16 sequenceNumber; + CARD32 length; + CARD32 pad0; + CARD32 pad1; + CARD32 pad2; + CARD32 pad3; + CARD32 pad4; + CARD32 pad5; } xVncExtSetParamReply; #define sz_xVncExtSetParamReply 32 @@ -94,25 +94,25 @@ typedef struct { typedef struct { CARD8 reqType; /* always VncExtReqCode */ CARD8 vncExtReqType; /* always VncExtGetParam */ - CARD16 length B16; + CARD16 length; CARD8 paramLen; CARD8 pad0; - CARD16 pad1 B16; + CARD16 pad1; } xVncExtGetParamReq; #define sz_xVncExtGetParamReq 8 typedef struct { BYTE type; /* X_Reply */ BYTE success; - CARD16 sequenceNumber B16; - CARD32 length B32; - CARD16 valueLen B16; - CARD16 pad0 B16; - CARD32 pad1 B32; - CARD32 pad2 B32; - CARD32 pad3 B32; - CARD32 pad4 B32; - CARD32 pad5 B32; + CARD16 sequenceNumber; + CARD32 length; + CARD16 valueLen; + CARD16 pad0; + CARD32 pad1; + CARD32 pad2; + CARD32 pad3; + CARD32 pad4; + CARD32 pad5; } xVncExtGetParamReply; #define sz_xVncExtGetParamReply 32 @@ -120,25 +120,25 @@ typedef struct { typedef struct { CARD8 reqType; /* always VncExtReqCode */ CARD8 vncExtReqType; /* always VncExtGetParamDesc */ - CARD16 length B16; + CARD16 length; CARD8 paramLen; CARD8 pad0; - CARD16 pad1 B16; + CARD16 pad1; } xVncExtGetParamDescReq; #define sz_xVncExtGetParamDescReq 8 typedef struct { BYTE type; /* X_Reply */ BYTE success; - CARD16 sequenceNumber B16; - CARD32 length B32; - CARD16 descLen B16; - CARD16 pad0 B16; - CARD32 pad1 B32; - CARD32 pad2 B32; - CARD32 pad3 B32; - CARD32 pad4 B32; - CARD32 pad5 B32; + CARD16 sequenceNumber; + CARD32 length; + CARD16 descLen; + CARD16 pad0; + CARD32 pad1; + CARD32 pad2; + CARD32 pad3; + CARD32 pad4; + CARD32 pad5; } xVncExtGetParamDescReply; #define sz_xVncExtGetParamDescReply 32 @@ -146,22 +146,22 @@ typedef struct { typedef struct { CARD8 reqType; /* always VncExtReqCode */ CARD8 vncExtReqType; /* always VncExtListParams */ - CARD16 length B16; + CARD16 length; } xVncExtListParamsReq; #define sz_xVncExtListParamsReq 4 typedef struct { BYTE type; /* X_Reply */ BYTE pad0; - CARD16 sequenceNumber B16; - CARD32 length B32; - CARD16 nParams B16; - CARD16 pad1 B16; - CARD32 pad2 B32; - CARD32 pad3 B32; - CARD32 pad4 B32; - CARD32 pad5 B32; - CARD32 pad6 B32; + CARD16 sequenceNumber; + CARD32 length; + CARD16 nParams; + CARD16 pad1; + CARD32 pad2; + CARD32 pad3; + CARD32 pad4; + CARD32 pad5; + CARD32 pad6; } xVncExtListParamsReply; #define sz_xVncExtListParamsReply 32 @@ -169,9 +169,9 @@ typedef struct { typedef struct { CARD8 reqType; /* always VncExtReqCode */ CARD8 vncExtReqType; /* always VncExtSelectInput */ - CARD16 length B16; - CARD32 window B32; - CARD32 mask B32; + CARD16 length; + CARD32 window; + CARD32 mask; } xVncExtSelectInputReq; #define sz_xVncExtSelectInputReq 12 @@ -179,24 +179,24 @@ typedef struct { typedef struct { CARD8 reqType; /* always VncExtReqCode */ CARD8 vncExtReqType; /* always VncExtConnect */ - CARD16 length B16; + CARD16 length; CARD8 strLen; CARD8 viewOnly; - CARD16 pad1 B16; + CARD16 pad1; } xVncExtConnectReq; #define sz_xVncExtConnectReq 8 typedef struct { BYTE type; /* X_Reply */ BYTE success; - CARD16 sequenceNumber B16; - CARD32 length B32; - CARD32 pad0 B32; - CARD32 pad1 B32; - CARD32 pad2 B32; - CARD32 pad3 B32; - CARD32 pad4 B32; - CARD32 pad5 B32; + CARD16 sequenceNumber; + CARD32 length; + CARD32 pad0; + CARD32 pad1; + CARD32 pad2; + CARD32 pad3; + CARD32 pad4; + CARD32 pad5; } xVncExtConnectReply; #define sz_xVncExtConnectReply 32 @@ -204,32 +204,32 @@ typedef struct { typedef struct { CARD8 reqType; /* always VncExtReqCode */ CARD8 vncExtReqType; /* always VncExtGetQueryConnect */ - CARD16 length B16; + CARD16 length; } xVncExtGetQueryConnectReq; #define sz_xVncExtGetQueryConnectReq 4 typedef struct { BYTE type; /* X_Reply */ BYTE pad0; - CARD16 sequenceNumber B16; - CARD32 length B32; - CARD32 addrLen B32; - CARD32 userLen B32; - CARD32 timeout B32; - CARD32 opaqueId B32; - CARD32 pad4 B32; - CARD32 pad5 B32; + CARD16 sequenceNumber; + CARD32 length; + CARD32 addrLen; + CARD32 userLen; + CARD32 timeout; + CARD32 opaqueId; + CARD32 pad4; + CARD32 pad5; } xVncExtGetQueryConnectReply; #define sz_xVncExtGetQueryConnectReply 32 typedef struct { CARD8 reqType; /* always VncExtReqCode */ CARD8 vncExtReqType; /* always VncExtApproveConnect */ - CARD16 length B16; + CARD16 length; CARD8 approve; CARD8 pad0; CARD16 pad1; - CARD32 opaqueId B32; + CARD32 opaqueId; } xVncExtApproveConnectReq; #define sz_xVncExtApproveConnectReq 12 @@ -238,14 +238,14 @@ typedef struct { typedef struct { BYTE type; /* always eventBase + VncExtQueryConnectNotify */ BYTE pad0; - CARD16 sequenceNumber B16; - CARD32 window B32; - CARD32 pad6 B32; - CARD32 pad1 B32; - CARD32 pad2 B32; - CARD32 pad3 B32; - CARD32 pad4 B32; - CARD32 pad5 B32; + CARD16 sequenceNumber; + CARD32 window; + CARD32 pad6; + CARD32 pad1; + CARD32 pad2; + CARD32 pad3; + CARD32 pad4; + CARD32 pad5; } xVncExtQueryConnectNotifyEvent; #define sz_xVncExtQueryConnectNotifyEvent 32 From 2ce0d58ff85ecda29acfbaa6961b95439cc64ff3 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 3 Dec 2024 15:50:09 +0100 Subject: [PATCH 03/34] Separate parameter name and value in VNC extension Let's avoid using special string formats when we can send this data structured instead. --- unix/vncconfig/vncExt.c | 10 +++++--- unix/vncconfig/vncExt.h | 7 +++--- unix/vncconfig/vncconfig.cxx | 39 ++++++++++++++++++++----------- unix/xserver/hw/vnc/vncExt.c | 23 +++++++++++++----- unix/xserver/hw/vnc/vncExtInit.cc | 11 +++------ unix/xserver/hw/vnc/vncExtInit.h | 2 +- 6 files changed, 57 insertions(+), 35 deletions(-) diff --git a/unix/vncconfig/vncExt.c b/unix/vncconfig/vncExt.c index 4ec671b885..482af829f5 100644 --- a/unix/vncconfig/vncExt.c +++ b/unix/vncconfig/vncExt.c @@ -55,22 +55,26 @@ Bool XVncExtQueryExtension(Display* dpy, int* event_basep, int* error_basep) return True; } -Bool XVncExtSetParam(Display* dpy, const char* param) +Bool XVncExtSetParam(Display* dpy, const char* param, const char* value) { xVncExtSetParamReq* req; xVncExtSetParamReply rep; int paramLen = strlen(param); - if (paramLen > 255) return False; + if (paramLen > 65535) return False; + int valueLen = strlen(value); + if (valueLen > 65535) return False; if (!checkExtension(dpy)) return False; LockDisplay(dpy); GetReq(VncExtSetParam, req); req->reqType = codes->major_opcode; req->vncExtReqType = X_VncExtSetParam; - req->length += (paramLen + 3) >> 2; + req->length += ((paramLen + 3) >> 2) + ((valueLen + 3) >> 2); req->paramLen = paramLen; + req->valueLen = valueLen; Data(dpy, param, paramLen); + Data(dpy, value, valueLen); if (!_XReply(dpy, (xReply *)&rep, 0, xFalse)) { UnlockDisplay(dpy); SyncHandle(); diff --git a/unix/vncconfig/vncExt.h b/unix/vncconfig/vncExt.h index 2fa88e0e6c..ca8df699bc 100644 --- a/unix/vncconfig/vncExt.h +++ b/unix/vncconfig/vncExt.h @@ -40,7 +40,7 @@ extern "C" { #ifndef _VNCEXT_SERVER_ Bool XVncExtQueryExtension(Display* dpy, int* event_basep, int* error_basep); -Bool XVncExtSetParam(Display* dpy, const char* param); +Bool XVncExtSetParam(Display* dpy, const char* param, const char* value); Bool XVncExtGetParam(Display* dpy, const char* param, char** value, int* len); char* XVncExtGetParamDesc(Display* dpy, const char* param); char** XVncExtListParams(Display* dpy, int* nParams); @@ -70,9 +70,8 @@ typedef struct { CARD8 reqType; /* always VncExtReqCode */ CARD8 vncExtReqType; /* always VncExtSetParam */ CARD16 length; - CARD8 paramLen; - CARD8 pad0; - CARD16 pad1; + CARD16 paramLen; + CARD16 valueLen; } xVncExtSetParamReq; #define sz_xVncExtSetParamReq 8 diff --git a/unix/vncconfig/vncconfig.cxx b/unix/vncconfig/vncconfig.cxx index bacbfb3f73..0fa016efac 100644 --- a/unix/vncconfig/vncconfig.cxx +++ b/unix/vncconfig/vncconfig.cxx @@ -141,19 +141,19 @@ class VncConfigWindow : public TXWindow, public TXEventHandler, // TXCheckboxCallback method void checkboxSelect(TXCheckbox* checkbox) override { if (checkbox == &acceptClipboard) { - XVncExtSetParam(dpy, (acceptClipboard.checked() - ? ACCEPT_CUT_TEXT "=1" : ACCEPT_CUT_TEXT "=0")); + XVncExtSetParam(dpy, ACCEPT_CUT_TEXT, + acceptClipboard.checked() ? "1" : "0"); setPrimaryCB.disabled(!acceptClipboard.checked()); } else if (checkbox == &sendClipboard) { - XVncExtSetParam(dpy, (sendClipboard.checked() - ? SEND_CUT_TEXT "=1" : SEND_CUT_TEXT "=0")); + XVncExtSetParam(dpy, SEND_CUT_TEXT, + sendClipboard.checked() ? "1" : "0"); sendPrimaryCB.disabled(!sendClipboard.checked()); } else if (checkbox == &setPrimaryCB) { - XVncExtSetParam(dpy, (setPrimaryCB.checked() - ? SET_PRIMARY "=1" : SET_PRIMARY "=0")); + XVncExtSetParam(dpy, SET_PRIMARY, + setPrimaryCB.checked() ? "1" : "0"); } else if (checkbox == &sendPrimaryCB) { - XVncExtSetParam(dpy, (sendPrimaryCB.checked() - ? SEND_PRIMARY "=1" : SEND_PRIMARY "=0")); + XVncExtSetParam(dpy, SEND_PRIMARY, + sendPrimaryCB.checked() ? "1" : "0"); } } @@ -285,13 +285,26 @@ int main(int argc, char** argv) } else if (strcmp(argv[i], "-set") == 0) { i++; if (i >= argc) usage(); - if (!XVncExtSetParam(dpy, argv[i])) { + + char* equal = strchr(argv[i], '='); + if (!equal) + usage(); + + std::string name(argv[i], equal-argv[i]); + std::string value(equal+1); + + if (!XVncExtSetParam(dpy, name.c_str(), value.c_str())) fprintf(stderr, "Setting param %s failed\n",argv[i]); - } - } else if (XVncExtSetParam(dpy, argv[i])) { - fprintf(stderr, "Set parameter %s\n",argv[i]); } else { - usage(); + char* equal = strchr(argv[i], '='); + if (!equal) + usage(); + + std::string name(argv[i], equal-argv[i]); + std::string value(equal+1); + + if (!XVncExtSetParam(dpy, name.c_str(), value.c_str())) + fprintf(stderr, "Setting param %s failed\n",argv[i]); } } diff --git a/unix/xserver/hw/vnc/vncExt.c b/unix/xserver/hw/vnc/vncExt.c index e98275c2c8..d664c74458 100644 --- a/unix/xserver/hw/vnc/vncExt.c +++ b/unix/xserver/hw/vnc/vncExt.c @@ -103,11 +103,13 @@ int vncNotifyQueryConnect(void) static int ProcVncExtSetParam(ClientPtr client) { - char *param; + char *param, *value; xVncExtSetParamReply rep; REQUEST(xVncExtSetParamReq); - REQUEST_FIXED_SIZE(xVncExtSetParamReq, stuff->paramLen); + REQUEST_FIXED_SIZE(xVncExtSetParamReq, + ((stuff->paramLen + 3) & ~3) + + ((stuff->valueLen + 3) & ~3)); param = malloc(stuff->paramLen+1); if (param == NULL) @@ -115,6 +117,14 @@ static int ProcVncExtSetParam(ClientPtr client) strncpy(param, (char*)&stuff[1], stuff->paramLen); param[stuff->paramLen] = '\0'; + value = malloc(stuff->valueLen+1); + if (value == NULL) { + free(param); + return BadAlloc; + } + strncpy(value, (char*)&stuff[1] + ((stuff->paramLen + 3) & ~3), stuff->valueLen); + value[stuff->valueLen] = '\0'; + rep.type = X_Reply; rep.length = 0; rep.success = 0; @@ -124,21 +134,22 @@ static int ProcVncExtSetParam(ClientPtr client) * Prevent change of clipboard related parameters if clipboard is disabled. */ if (vncNoClipboard && - (strncasecmp(param, "SendCutText", 11) == 0 || - strncasecmp(param, "AcceptCutText", 13) == 0)) + (strcasecmp(param, "SendCutText") == 0 || + strcasecmp(param, "AcceptCutText") == 0)) goto deny; - if (!vncOverrideParam(param)) + if (!vncOverrideParam(param, value)) goto deny; rep.success = 1; // Send DesktopName update if desktop name has been changed - if (strncasecmp(param, "desktop", 7) == 0) + if (strcasecmp(param, "desktop") == 0) vncUpdateDesktopName(); deny: free(param); + free(value); if (client->swapped) { swaps(&rep.sequenceNumber); diff --git a/unix/xserver/hw/vnc/vncExtInit.cc b/unix/xserver/hw/vnc/vncExtInit.cc index 367481ac29..10ff2f54d9 100644 --- a/unix/xserver/hw/vnc/vncExtInit.cc +++ b/unix/xserver/hw/vnc/vncExtInit.cc @@ -511,15 +511,10 @@ void vncAbortMsc(int scrIdx, uint64_t id) } } -int vncOverrideParam(const char *nameAndValue) +int vncOverrideParam(const char *param, const char *value) { - const char* equalSign = strchr(nameAndValue, '='); - if (!equalSign) + if (allowOverrideSet.find(param) == allowOverrideSet.end()) return 0; - std::string key(nameAndValue, equalSign); - if (allowOverrideSet.find(key) == allowOverrideSet.end()) - return 0; - - return rfb::Configuration::setParam(nameAndValue); + return rfb::Configuration::setParam(param, value); } diff --git a/unix/xserver/hw/vnc/vncExtInit.h b/unix/xserver/hw/vnc/vncExtInit.h index 6b37fe6274..425aa9b7b4 100644 --- a/unix/xserver/hw/vnc/vncExtInit.h +++ b/unix/xserver/hw/vnc/vncExtInit.h @@ -91,7 +91,7 @@ uint64_t vncGetMsc(int scrIdx); void vncQueueMsc(int scrIdx, uint64_t id, uint64_t msc); void vncAbortMsc(int scrIdx, uint64_t id); -int vncOverrideParam(const char *nameAndValue); +int vncOverrideParam(const char *param, const char *value); #ifdef __cplusplus } From 7d9bf64127b4ad4ac3b6588794331ca93dea829a Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Mon, 6 Jan 2025 14:06:36 +0100 Subject: [PATCH 04/34] Remove mutexes from H.264 decoder and friends The decodered is already flagged as strictly ordered, which means it will only be used from a single thread at a time. --- common/rfb/H264Decoder.cxx | 3 --- common/rfb/H264Decoder.h | 2 -- common/rfb/H264DecoderContext.cxx | 2 -- common/rfb/H264DecoderContext.h | 2 -- common/rfb/H264LibavDecoderContext.cxx | 5 ----- common/rfb/H264WinDecoderContext.cxx | 6 ------ 6 files changed, 20 deletions(-) diff --git a/common/rfb/H264Decoder.cxx b/common/rfb/H264Decoder.cxx index 89850ba470..44c0848df5 100644 --- a/common/rfb/H264Decoder.cxx +++ b/common/rfb/H264Decoder.cxx @@ -53,7 +53,6 @@ H264Decoder::~H264Decoder() void H264Decoder::resetContexts() { - os::AutoMutex lock(&mutex); for (H264DecoderContext* context : contexts) delete context; contexts.clear(); @@ -61,7 +60,6 @@ void H264Decoder::resetContexts() H264DecoderContext* H264Decoder::findContext(const Rect& r) { - os::AutoMutex m(&mutex); for (H264DecoderContext* context : contexts) if (context->isEqualRect(r)) return context; @@ -118,7 +116,6 @@ void H264Decoder::decodeRect(const Rect& r, const uint8_t* buffer, if (!ctx) { - os::AutoMutex lock(&mutex); if (contexts.size() >= MAX_H264_INSTANCES) { H264DecoderContext* excess_ctx = contexts.front(); diff --git a/common/rfb/H264Decoder.h b/common/rfb/H264Decoder.h index 8ba4779951..46d25e3365 100644 --- a/common/rfb/H264Decoder.h +++ b/common/rfb/H264Decoder.h @@ -23,7 +23,6 @@ #include -#include #include namespace rfb { @@ -44,7 +43,6 @@ namespace rfb { void resetContexts(); H264DecoderContext* findContext(const Rect& r); - os::Mutex mutex; std::deque contexts; }; } diff --git a/common/rfb/H264DecoderContext.cxx b/common/rfb/H264DecoderContext.cxx index b2054554e7..f2b1ff8a2e 100644 --- a/common/rfb/H264DecoderContext.cxx +++ b/common/rfb/H264DecoderContext.cxx @@ -24,7 +24,6 @@ #include -#include #include #include @@ -58,7 +57,6 @@ H264DecoderContext::~H264DecoderContext() bool H264DecoderContext::isReady() { - os::AutoMutex lock(&mutex); return initialized; } diff --git a/common/rfb/H264DecoderContext.h b/common/rfb/H264DecoderContext.h index 88c2396c0d..524f697191 100644 --- a/common/rfb/H264DecoderContext.h +++ b/common/rfb/H264DecoderContext.h @@ -23,7 +23,6 @@ #include -#include #include #include @@ -43,7 +42,6 @@ namespace rfb { bool isReady(); protected: - os::Mutex mutex; rfb::Rect rect; bool initialized; diff --git a/common/rfb/H264LibavDecoderContext.cxx b/common/rfb/H264LibavDecoderContext.cxx index 2d8d03e7d6..08edf95867 100644 --- a/common/rfb/H264LibavDecoderContext.cxx +++ b/common/rfb/H264LibavDecoderContext.cxx @@ -42,8 +42,6 @@ using namespace rfb; static LogWriter vlog("H264LibavDecoderContext"); bool H264LibavDecoderContext::initCodec() { - os::AutoMutex lock(&mutex); - sws = nullptr; h264WorkBuffer = nullptr; h264WorkBufferLength = 0; @@ -93,8 +91,6 @@ bool H264LibavDecoderContext::initCodec() { } void H264LibavDecoderContext::freeCodec() { - os::AutoMutex lock(&mutex); - if (!initialized) return; av_parser_close(parser); @@ -130,7 +126,6 @@ uint8_t* H264LibavDecoderContext::makeH264WorkBuffer(const uint8_t* buffer, uint void H264LibavDecoderContext::decode(const uint8_t* h264_in_buffer, uint32_t len, ModifiablePixelBuffer* pb) { - os::AutoMutex lock(&mutex); if (!initialized) return; uint8_t* h264_work_buffer = makeH264WorkBuffer(h264_in_buffer, len); diff --git a/common/rfb/H264WinDecoderContext.cxx b/common/rfb/H264WinDecoderContext.cxx index a9b139428d..63bc652fb9 100644 --- a/common/rfb/H264WinDecoderContext.cxx +++ b/common/rfb/H264WinDecoderContext.cxx @@ -27,7 +27,6 @@ #include #define SAFE_RELEASE(obj) if (obj) { obj->Release(); obj = nullptr; } -#include #include #include #include @@ -42,8 +41,6 @@ static GUID CLSID_VideoProcessorMFT = { 0x88753b26, 0x5b24, 0x49bd, { 0xb2, 0xe7 #endif bool H264WinDecoderContext::initCodec() { - os::AutoMutex lock(&mutex); - if (FAILED(MFStartup(MF_VERSION, MFSTARTUP_LITE))) { vlog.error("Could not initialize MediaFoundation"); @@ -146,8 +143,6 @@ bool H264WinDecoderContext::initCodec() { } void H264WinDecoderContext::freeCodec() { - os::AutoMutex lock(&mutex); - if (!initialized) return; SAFE_RELEASE(decoder) @@ -165,7 +160,6 @@ void H264WinDecoderContext::freeCodec() { void H264WinDecoderContext::decode(const uint8_t* h264_buffer, uint32_t len, ModifiablePixelBuffer* pb) { - os::AutoMutex lock(&mutex); if (!initialized) return; From 3323d238c4ad94b5d23c01c64b4a2f1afdb3448c Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Mon, 6 Jan 2025 14:28:36 +0100 Subject: [PATCH 05/34] Add missing stddef.h include to Decoder.h It uses the size_t type, which might not otherwise be defined. --- common/rfb/Decoder.h | 1 + 1 file changed, 1 insertion(+) diff --git a/common/rfb/Decoder.h b/common/rfb/Decoder.h index 7798773737..a5c2539891 100644 --- a/common/rfb/Decoder.h +++ b/common/rfb/Decoder.h @@ -19,6 +19,7 @@ #ifndef __RFB_DECODER_H__ #define __RFB_DECODER_H__ +#include #include namespace rdr { From f57dddb6143257d185ed665b7cfd24364db574dc Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Mon, 6 Jan 2025 14:29:50 +0100 Subject: [PATCH 06/34] Throw exceptions directly in H.264 init routines A false return value from these methods result in an exception anyway, so let's keep things simple and throw the exception right away. --- common/rfb/H264DecoderContext.cxx | 8 +------- common/rfb/H264DecoderContext.h | 4 ++-- common/rfb/H264LibavDecoderContext.cxx | 26 +++++++++--------------- common/rfb/H264LibavDecoderContext.h | 2 +- common/rfb/H264WinDecoderContext.cxx | 28 +++++++++----------------- common/rfb/H264WinDecoderContext.h | 2 +- 6 files changed, 25 insertions(+), 45 deletions(-) diff --git a/common/rfb/H264DecoderContext.cxx b/common/rfb/H264DecoderContext.cxx index f2b1ff8a2e..8d7a6a7b78 100644 --- a/common/rfb/H264DecoderContext.cxx +++ b/common/rfb/H264DecoderContext.cxx @@ -22,8 +22,6 @@ #include #endif -#include - #include #include @@ -43,11 +41,7 @@ static LogWriter vlog("H264DecoderContext"); H264DecoderContext *H264DecoderContext::createContext(const Rect &r) { H264DecoderContext *ret = new H264DecoderContextType(r); - if (!ret->initCodec()) - { - throw std::runtime_error("H264DecoderContext: Unable to create context"); - } - + ret->initCodec(); return ret; } diff --git a/common/rfb/H264DecoderContext.h b/common/rfb/H264DecoderContext.h index 524f697191..aa1931c879 100644 --- a/common/rfb/H264DecoderContext.h +++ b/common/rfb/H264DecoderContext.h @@ -47,8 +47,8 @@ namespace rfb { H264DecoderContext(const Rect &r) : rect(r) { initialized = false; } - virtual bool initCodec() { return false; } - virtual void freeCodec() {} + virtual void initCodec() = 0; + virtual void freeCodec() = 0; }; } diff --git a/common/rfb/H264LibavDecoderContext.cxx b/common/rfb/H264LibavDecoderContext.cxx index 08edf95867..dc0db1d605 100644 --- a/common/rfb/H264LibavDecoderContext.cxx +++ b/common/rfb/H264LibavDecoderContext.cxx @@ -22,6 +22,9 @@ #include #endif +#include +#include + extern "C" { #include #include @@ -41,31 +44,25 @@ using namespace rfb; static LogWriter vlog("H264LibavDecoderContext"); -bool H264LibavDecoderContext::initCodec() { +void H264LibavDecoderContext::initCodec() +{ sws = nullptr; h264WorkBuffer = nullptr; h264WorkBufferLength = 0; const AVCodec *codec = avcodec_find_decoder(AV_CODEC_ID_H264); if (!codec) - { - vlog.error("Codec not found"); - return false; - } + throw std::runtime_error("Codec not found"); parser = av_parser_init(codec->id); if (!parser) - { - vlog.error("Could not create H264 parser"); - return false; - } + throw std::runtime_error("Could not create H264 parser"); avctx = avcodec_alloc_context3(codec); if (!avctx) { av_parser_close(parser); - vlog.error("Could not allocate video codec context"); - return false; + throw std::runtime_error("Could not allocate video codec context"); } frame = av_frame_alloc(); @@ -73,8 +70,7 @@ bool H264LibavDecoderContext::initCodec() { { av_parser_close(parser); avcodec_free_context(&avctx); - vlog.error("Could not allocate video frame"); - return false; + throw std::runtime_error("Could not allocate video frame"); } if (avcodec_open2(avctx, codec, nullptr) < 0) @@ -82,12 +78,10 @@ bool H264LibavDecoderContext::initCodec() { av_parser_close(parser); avcodec_free_context(&avctx); av_frame_free(&frame); - vlog.error("Could not open codec"); - return false; + throw std::runtime_error("Could not open video codec"); } initialized = true; - return true; } void H264LibavDecoderContext::freeCodec() { diff --git a/common/rfb/H264LibavDecoderContext.h b/common/rfb/H264LibavDecoderContext.h index 96558bee90..d7067c6cad 100644 --- a/common/rfb/H264LibavDecoderContext.h +++ b/common/rfb/H264LibavDecoderContext.h @@ -38,7 +38,7 @@ namespace rfb { ModifiablePixelBuffer* pb) override; protected: - bool initCodec() override; + void initCodec() override; void freeCodec() override; private: diff --git a/common/rfb/H264WinDecoderContext.cxx b/common/rfb/H264WinDecoderContext.cxx index 63bc652fb9..18b9c9abaf 100644 --- a/common/rfb/H264WinDecoderContext.cxx +++ b/common/rfb/H264WinDecoderContext.cxx @@ -22,6 +22,8 @@ #include #endif +#include + #include #include #include @@ -40,18 +42,13 @@ static LogWriter vlog("H264WinDecoderContext"); static GUID CLSID_VideoProcessorMFT = { 0x88753b26, 0x5b24, 0x49bd, { 0xb2, 0xe7, 0xc, 0x44, 0x5c, 0x78, 0xc9, 0x82 } }; #endif -bool H264WinDecoderContext::initCodec() { +void H264WinDecoderContext::initCodec() +{ if (FAILED(MFStartup(MF_VERSION, MFSTARTUP_LITE))) - { - vlog.error("Could not initialize MediaFoundation"); - return false; - } + throw std::runtime_error("Could not initialize MediaFoundation"); if (FAILED(CoCreateInstance(CLSID_CMSH264DecoderMFT, nullptr, CLSCTX_INPROC_SERVER, IID_IMFTransform, (LPVOID*)&decoder))) - { - vlog.error("MediaFoundation H264 codec not found"); - return false; - } + throw std::runtime_error("MediaFoundation H264 codec not found"); if (FAILED(CoCreateInstance(CLSID_VideoProcessorMFT, nullptr, CLSCTX_INPROC_SERVER, IID_IMFTransform, (LPVOID*)&converter))) { @@ -59,8 +56,7 @@ bool H264WinDecoderContext::initCodec() { if (FAILED(CoCreateInstance(CLSID_CColorConvertDMO, nullptr, CLSCTX_INPROC_SERVER, IID_IMFTransform, (LPVOID*)&converter))) { decoder->Release(); - vlog.error("ColorConvert DMO not found"); - return false; + throw std::runtime_error("MediaFoundation H264 codec not found"); } } @@ -82,8 +78,7 @@ bool H264WinDecoderContext::initCodec() { { decoder->Release(); converter->Release(); - vlog.error("Could not create MF MediaType"); - return false; + throw std::runtime_error("Could not create MF MediaType"); } input_type->SetGUID(MF_MT_MAJOR_TYPE, MFMediaType_Video); input_type->SetGUID(MF_MT_SUBTYPE, MFVideoFormat_H264); @@ -110,8 +105,7 @@ bool H264WinDecoderContext::initCodec() { decoder->Release(); converter->Release(); input_type->Release(); - vlog.error("Could not start H264 decoder"); - return false; + throw std::runtime_error("Could not start H264 decoder"); } MFT_OUTPUT_STREAM_INFO info; @@ -131,15 +125,13 @@ bool H264WinDecoderContext::initCodec() { SAFE_RELEASE(converted_sample); SAFE_RELEASE(input_buffer); SAFE_RELEASE(decoded_buffer); - vlog.error("Could not allocate media samples/buffers"); - return false; + throw std::runtime_error("Could not allocate media samples/buffers"); } input_sample->AddBuffer(input_buffer); decoded_sample->AddBuffer(decoded_buffer); initialized = true; - return true; } void H264WinDecoderContext::freeCodec() { diff --git a/common/rfb/H264WinDecoderContext.h b/common/rfb/H264WinDecoderContext.h index 92041781be..3e349e1e1c 100644 --- a/common/rfb/H264WinDecoderContext.h +++ b/common/rfb/H264WinDecoderContext.h @@ -37,7 +37,7 @@ namespace rfb { ModifiablePixelBuffer* pb) override; protected: - bool initCodec() override; + void initCodec() override; void freeCodec() override; private: From 86f838c2fe9f26d3d25ee988d79bec0486dfc211 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 7 Jan 2025 21:40:17 +0100 Subject: [PATCH 07/34] Remove unused config isBool() method --- common/rfb/Configuration.cxx | 12 ------------ common/rfb/Configuration.h | 3 --- 2 files changed, 15 deletions(-) diff --git a/common/rfb/Configuration.cxx b/common/rfb/Configuration.cxx index 72947df12b..679ff5c001 100644 --- a/common/rfb/Configuration.cxx +++ b/common/rfb/Configuration.cxx @@ -231,10 +231,6 @@ bool VoidParameter::setParam() { return false; } -bool VoidParameter::isBool() const { - return false; -} - void VoidParameter::setImmutable() { vlog.debug("Set immutable %s", getName()); @@ -265,10 +261,6 @@ std::string AliasParameter::getValueStr() const { return param->getValueStr(); } -bool AliasParameter::isBool() const { - return param->isBool(); -} - void AliasParameter::setImmutable() { vlog.debug("Set immutable %s (Alias)", getName()); @@ -320,10 +312,6 @@ std::string BoolParameter::getValueStr() const { return value ? "1" : "0"; } -bool BoolParameter::isBool() const { - return true; -} - BoolParameter::operator bool() const { return value; } diff --git a/common/rfb/Configuration.h b/common/rfb/Configuration.h index ec8d789aa2..17b4b31ea9 100644 --- a/common/rfb/Configuration.h +++ b/common/rfb/Configuration.h @@ -176,7 +176,6 @@ namespace rfb { virtual bool setParam(); virtual std::string getDefaultStr() const = 0; virtual std::string getValueStr() const = 0; - virtual bool isBool() const; virtual void setImmutable(); @@ -200,7 +199,6 @@ namespace rfb { bool setParam() override; std::string getDefaultStr() const override; std::string getValueStr() const override; - bool isBool() const override; void setImmutable() override; private: VoidParameter* param; @@ -215,7 +213,6 @@ namespace rfb { virtual void setParam(bool b); std::string getDefaultStr() const override; std::string getValueStr() const override; - bool isBool() const override; operator bool() const; protected: bool value; From bf5bc0f76fc479ca7fbd1e63b4dd7cf85c6afa5f Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 20 Aug 2024 09:03:15 +0200 Subject: [PATCH 08/34] Remove legacy StringParameter code/comment This should have been cleaned up in adaedc9. --- common/rfb/Configuration.cxx | 3 --- common/rfb/Configuration.h | 3 --- 2 files changed, 6 deletions(-) diff --git a/common/rfb/Configuration.cxx b/common/rfb/Configuration.cxx index 679ff5c001..d7df154c39 100644 --- a/common/rfb/Configuration.cxx +++ b/common/rfb/Configuration.cxx @@ -369,9 +369,6 @@ StringParameter::StringParameter(const char* name_, const char* desc_, } } -StringParameter::~StringParameter() { -} - bool StringParameter::setParam(const char* v) { LOCK_CONFIG; if (immutable) return true; diff --git a/common/rfb/Configuration.h b/common/rfb/Configuration.h index 17b4b31ea9..d50d663916 100644 --- a/common/rfb/Configuration.h +++ b/common/rfb/Configuration.h @@ -238,11 +238,8 @@ namespace rfb { class StringParameter : public VoidParameter { public: - // StringParameter contains a null-terminated string, which CANNOT - // be Null, and so neither can the default value! StringParameter(const char* name_, const char* desc_, const char* v, ConfigurationObject co=ConfGlobal); - ~StringParameter() override; bool setParam(const char* value) override; std::string getDefaultStr() const override; std::string getValueStr() const override; From 47138a848594b039399b187ae0beacc9f0650326 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 7 Jan 2025 21:32:08 +0100 Subject: [PATCH 09/34] Don't duplicate encode/decode in parameters.cxx The configuration objects already now how to convert themselves to and from strings. Use that existing code, rather than poorly duplicate it. --- vncviewer/parameters.cxx | 51 +++++++++------------------------------- 1 file changed, 11 insertions(+), 40 deletions(-) diff --git a/vncviewer/parameters.cxx b/vncviewer/parameters.cxx index a6229a349c..b738dbc123 100644 --- a/vncviewer/parameters.cxx +++ b/vncviewer/parameters.cxx @@ -667,25 +667,14 @@ void saveViewerParameters(const char *filename, const char *servername) { fprintf(f, "ServerName=%s\n", encodingBuffer); for (VoidParameter* param : parameterArray) { - if (dynamic_cast(param) != nullptr) { - if (!encodeValue(*(StringParameter*)param, - encodingBuffer, buffersize)) { - fclose(f); - throw std::runtime_error(format(_("Failed to save \"%s\": %s"), - param->getName(), - _("Could not encode parameter"))); - } - fprintf(f, "%s=%s\n", ((StringParameter*)param)->getName(), encodingBuffer); - } else if (dynamic_cast(param) != nullptr) { - fprintf(f, "%s=%d\n", ((IntParameter*)param)->getName(), (int)*(IntParameter*)param); - } else if (dynamic_cast(param) != nullptr) { - fprintf(f, "%s=%d\n", ((BoolParameter*)param)->getName(), (int)*(BoolParameter*)param); - } else { + if (!encodeValue(param->getValueStr().c_str(), + encodingBuffer, buffersize)) { fclose(f); - throw std::logic_error(format(_("Failed to save \"%s\": %s"), - param->getName(), - _("Unknown parameter type"))); + throw std::runtime_error(format(_("Failed to save \"%s\": %s"), + param->getName(), + _("Could not encode parameter"))); } + fprintf(f, "%s=%s\n", param->getName(), encodingBuffer); } fclose(f); } @@ -699,29 +688,11 @@ static bool findAndSetViewerParameterFromValue( // Find and set the correct parameter for (size_t i = 0; i < parameters_len/sizeof(VoidParameter*); i++) { - - if (dynamic_cast(parameters[i]) != nullptr) { - if (strcasecmp(line, ((StringParameter*)parameters[i])->getName()) == 0) { - if(!decodeValue(value, decodingBuffer, sizeof(decodingBuffer))) - throw std::runtime_error(_("Invalid format or too large value")); - ((StringParameter*)parameters[i])->setParam(decodingBuffer); - return false; - } - - } else if (dynamic_cast(parameters[i]) != nullptr) { - if (strcasecmp(line, ((IntParameter*)parameters[i])->getName()) == 0) { - ((IntParameter*)parameters[i])->setParam(atoi(value)); - return false; - } - - } else if (dynamic_cast(parameters[i]) != nullptr) { - if (strcasecmp(line, ((BoolParameter*)parameters[i])->getName()) == 0) { - ((BoolParameter*)parameters[i])->setParam(atoi(value)); - return false; - } - - } else { - throw std::logic_error(_("Unknown parameter type")); + if (strcasecmp(line, parameters[i]->getName()) == 0) { + if(!decodeValue(value, decodingBuffer, sizeof(decodingBuffer))) + throw std::runtime_error(_("Invalid format or too large value")); + parameters[i]->setParam(decodingBuffer); + return false; } } From 4a0bb83852d1e44bac24cc0026905f4defecb248 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 7 Jan 2025 21:34:13 +0100 Subject: [PATCH 10/34] Use registry string type for complex parameters All parameters can be converted to and from strings, so this is a reasonable default for most settings. We don't need to bail out for complex types. --- vncviewer/parameters.cxx | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/vncviewer/parameters.cxx b/vncviewer/parameters.cxx index b738dbc123..d851ce45ee 100644 --- a/vncviewer/parameters.cxx +++ b/vncviewer/parameters.cxx @@ -473,14 +473,12 @@ static void saveToReg(const char* servername) { for (size_t i = 0; i < sizeof(parameterArray)/sizeof(VoidParameter*); i++) { try { - if (dynamic_cast(parameterArray[i]) != nullptr) { - setKeyString(parameterArray[i]->getName(), *(StringParameter*)parameterArray[i], &hKey); - } else if (dynamic_cast(parameterArray[i]) != nullptr) { + if (dynamic_cast(parameterArray[i]) != nullptr) { setKeyInt(parameterArray[i]->getName(), (int)*(IntParameter*)parameterArray[i], &hKey); } else if (dynamic_cast(parameterArray[i]) != nullptr) { setKeyInt(parameterArray[i]->getName(), (int)*(BoolParameter*)parameterArray[i], &hKey); } else { - throw std::logic_error(_("Unknown parameter type")); + setKeyString(parameterArray[i]->getName(), parameterArray[i]->getValueStr().c_str(), &hKey); } } catch (std::exception& e) { RegCloseKey(hKey); @@ -563,17 +561,15 @@ static void getParametersFromReg(VoidParameter* parameters[], for (size_t i = 0; i < parameters_len/sizeof(VoidParameter*); i++) { try { - if (dynamic_cast(parameters[i]) != nullptr) { - if (getKeyString(parameters[i]->getName(), stringValue, buffersize, hKey)) - parameters[i]->setParam(stringValue); - } else if (dynamic_cast(parameters[i]) != nullptr) { + if (dynamic_cast(parameters[i]) != nullptr) { if (getKeyInt(parameters[i]->getName(), &intValue, hKey)) ((IntParameter*)parameters[i])->setParam(intValue); } else if (dynamic_cast(parameters[i]) != nullptr) { if (getKeyInt(parameters[i]->getName(), &intValue, hKey)) ((BoolParameter*)parameters[i])->setParam(intValue); } else { - throw std::logic_error(_("Unknown parameter type")); + if (getKeyString(parameters[i]->getName(), stringValue, buffersize, hKey)) + parameters[i]->setParam(stringValue); } } catch(std::exception& e) { // Just ignore this entry and continue with the rest From ecbdf5fc048361a17fa6bea19e8c6e1cd772b80c Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 7 Jan 2025 21:45:48 +0100 Subject: [PATCH 11/34] Don't save parameters with default values This allows smooth upgrades for users if the defaults change in the future. --- common/rfb/Configuration.cxx | 4 ++++ common/rfb/Configuration.h | 2 ++ vncviewer/parameters.cxx | 14 ++++++++++++++ 3 files changed, 20 insertions(+) diff --git a/common/rfb/Configuration.cxx b/common/rfb/Configuration.cxx index d7df154c39..d3684173e9 100644 --- a/common/rfb/Configuration.cxx +++ b/common/rfb/Configuration.cxx @@ -231,6 +231,10 @@ bool VoidParameter::setParam() { return false; } +bool VoidParameter::isDefault() const { + return getDefaultStr() == getValueStr(); +} + void VoidParameter::setImmutable() { vlog.debug("Set immutable %s", getName()); diff --git a/common/rfb/Configuration.h b/common/rfb/Configuration.h index d50d663916..0f6969e4be 100644 --- a/common/rfb/Configuration.h +++ b/common/rfb/Configuration.h @@ -177,6 +177,8 @@ namespace rfb { virtual std::string getDefaultStr() const = 0; virtual std::string getValueStr() const = 0; + virtual bool isDefault() const; + virtual void setImmutable(); protected: diff --git a/vncviewer/parameters.cxx b/vncviewer/parameters.cxx index d851ce45ee..1df9d337ff 100644 --- a/vncviewer/parameters.cxx +++ b/vncviewer/parameters.cxx @@ -472,6 +472,18 @@ static void saveToReg(const char* servername) { } for (size_t i = 0; i < sizeof(parameterArray)/sizeof(VoidParameter*); i++) { + if (parameterArray[i]->isDefault()) { + try { + removeValue(parameterArray[i]->getName(), &hKey); + } catch (std::exception& e) { + RegCloseKey(hKey); + throw std::runtime_error(format(_("Failed to remove \"%s\": %s"), + parameterArray[i]->getName(), + e.what())); + } + continue; + } + try { if (dynamic_cast(parameterArray[i]) != nullptr) { setKeyInt(parameterArray[i]->getName(), (int)*(IntParameter*)parameterArray[i], &hKey); @@ -663,6 +675,8 @@ void saveViewerParameters(const char *filename, const char *servername) { fprintf(f, "ServerName=%s\n", encodingBuffer); for (VoidParameter* param : parameterArray) { + if (param->isDefault()) + continue; if (!encodeValue(param->getValueStr().c_str(), encodingBuffer, buffersize)) { fclose(f); From f6dab51b4f4e212c8a14f2833f996b76a4c1b8cd Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Fri, 16 Aug 2024 14:52:11 +0200 Subject: [PATCH 12/34] Remove server and viewer config types We don't consistently use these, so they are just confusing. Instead, we rely on the linker to not include unnecessary objects, and hence irrelevant configuration objects. --- common/rfb/CSecurityTLS.cxx | 6 +-- common/rfb/Configuration.cxx | 65 ++++++++++---------------------- common/rfb/Configuration.h | 59 +++++------------------------ common/rfb/SSecurityRSAAES.cxx | 4 +- common/rfb/SSecurityTLS.cxx | 4 +- common/rfb/SSecurityVncAuth.cxx | 6 +-- common/rfb/SecurityClient.cxx | 3 +- common/rfb/SecurityServer.cxx | 3 +- unix/x0vncserver/x0vncserver.cxx | 2 - unix/xserver/hw/vnc/RFBGlue.cc | 1 - vncviewer/vncviewer.cxx | 2 - win/vncconfig/vncconfig.cxx | 2 - win/winvnc/winvnc.cxx | 2 - 13 files changed, 39 insertions(+), 120 deletions(-) diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx index 0c10a85d61..95130f5aa6 100644 --- a/common/rfb/CSecurityTLS.cxx +++ b/common/rfb/CSecurityTLS.cxx @@ -51,11 +51,9 @@ using namespace rfb; static const char* configdirfn(const char* fn); StringParameter CSecurityTLS::X509CA("X509CA", "X509 CA certificate", - configdirfn("x509_ca.pem"), - ConfViewer); + configdirfn("x509_ca.pem")); StringParameter CSecurityTLS::X509CRL("X509CRL", "X509 CRL file", - configdirfn("x509_crl.pem"), - ConfViewer); + configdirfn("x509_crl.pem")); static LogWriter vlog("TLS"); diff --git a/common/rfb/Configuration.cxx b/common/rfb/Configuration.cxx index d3684173e9..f5ea2a829b 100644 --- a/common/rfb/Configuration.cxx +++ b/common/rfb/Configuration.cxx @@ -48,29 +48,15 @@ using namespace rfb; static LogWriter vlog("Config"); -// -=- The Global/server/viewer Configuration objects +// -=- The Global Configuration object Configuration* Configuration::global_ = nullptr; -Configuration* Configuration::server_ = nullptr; -Configuration* Configuration::viewer_ = nullptr; Configuration* Configuration::global() { if (!global_) - global_ = new Configuration("Global"); + global_ = new Configuration(); return global_; } -Configuration* Configuration::server() { - if (!server_) - server_ = new Configuration("Server"); - return server_; -} - -Configuration* Configuration::viewer() { - if (!viewer_) - viewer_ = new Configuration("Viewer"); - return viewer_; -} - // -=- Configuration implementation bool Configuration::set(const char* n, const char* v, bool immutable) { @@ -92,7 +78,7 @@ bool Configuration::set(const char* paramName, int len, } current = current->_next; } - return _next ? _next->set(paramName, len, val, immutable) : false; + return false; } bool Configuration::set(const char* config, bool immutable) { @@ -117,7 +103,7 @@ bool Configuration::set(const char* config, bool immutable) { current = current->_next; } } - return _next ? _next->set(config, immutable) : false; + return false; } VoidParameter* Configuration::get(const char* param) @@ -128,13 +114,12 @@ VoidParameter* Configuration::get(const char* param) return current; current = current->_next; } - return _next ? _next->get(param) : nullptr; + return nullptr; } void Configuration::list(int width, int nameWidth) { VoidParameter* current = head; - fprintf(stderr, "%s Parameters:\n", name.c_str()); while (current) { std::string def_str = current->getDefaultStr(); const char* desc = current->getDescription(); @@ -167,9 +152,6 @@ void Configuration::list(int width, int nameWidth) { } current = current->_next; } - - if (_next) - _next->list(width, nameWidth); } @@ -192,20 +174,12 @@ bool Configuration::remove(const char* param) { // -=- VoidParameter -VoidParameter::VoidParameter(const char* name_, const char* desc_, - ConfigurationObject co) +VoidParameter::VoidParameter(const char* name_, const char* desc_) : immutable(false), name(name_), description(desc_) { - Configuration *conf = nullptr; - - switch (co) { - case ConfGlobal: conf = Configuration::global(); - break; - case ConfServer: conf = Configuration::server(); - break; - case ConfViewer: conf = Configuration::viewer(); - break; - } + Configuration *conf; + + conf = Configuration::global(); _next = conf->head; conf->head = this; @@ -244,8 +218,8 @@ VoidParameter::setImmutable() { // -=- AliasParameter AliasParameter::AliasParameter(const char* name_, const char* desc_, - VoidParameter* param_, ConfigurationObject co) - : VoidParameter(name_, desc_, co), param(param_) { + VoidParameter* param_) + : VoidParameter(name_, desc_), param(param_) { } bool @@ -274,9 +248,8 @@ AliasParameter::setImmutable() { // -=- BoolParameter -BoolParameter::BoolParameter(const char* name_, const char* desc_, bool v, - ConfigurationObject co) -: VoidParameter(name_, desc_, co), value(v), def_value(v) { +BoolParameter::BoolParameter(const char* name_, const char* desc_, bool v) +: VoidParameter(name_, desc_), value(v), def_value(v) { } bool @@ -323,8 +296,8 @@ BoolParameter::operator bool() const { // -=- IntParameter IntParameter::IntParameter(const char* name_, const char* desc_, int v, - int minValue_, int maxValue_, ConfigurationObject co) - : VoidParameter(name_, desc_, co), value(v), def_value(v), + int minValue_, int maxValue_) + : VoidParameter(name_, desc_), value(v), def_value(v), minValue(minValue_), maxValue(maxValue_) { } @@ -364,8 +337,8 @@ IntParameter::operator int() const { // -=- StringParameter StringParameter::StringParameter(const char* name_, const char* desc_, - const char* v, ConfigurationObject co) - : VoidParameter(name_, desc_, co), value(v), def_value(v) + const char* v) + : VoidParameter(name_, desc_), value(v), def_value(v) { if (!v) { vlog.error("Default value for %s not allowed",name_); @@ -399,8 +372,8 @@ StringParameter::operator const char *() const { // -=- BinaryParameter BinaryParameter::BinaryParameter(const char* name_, const char* desc_, - const uint8_t* v, size_t l, ConfigurationObject co) -: VoidParameter(name_, desc_, co), + const uint8_t* v, size_t l) +: VoidParameter(name_, desc_), value(nullptr), length(0), def_value(nullptr), def_length(0) { if (l) { assert(v); diff --git a/common/rfb/Configuration.h b/common/rfb/Configuration.h index 0f6969e4be..8802b899f4 100644 --- a/common/rfb/Configuration.h +++ b/common/rfb/Configuration.h @@ -56,19 +56,14 @@ namespace rfb { class VoidParameter; struct ParameterIterator; - enum ConfigurationObject { ConfGlobal, ConfServer, ConfViewer }; - // -=- Configuration // Class used to access parameters. class Configuration { public: // - Create a new Configuration object - Configuration(const char* name_) - : name(name_), head(nullptr), _next(nullptr) {} - - // - Return the buffer containing the Configuration's name - const char* getName() const { return name.c_str(); } + Configuration() + : head(nullptr) {} // - Set named parameter to value bool set(const char* param, const char* value, bool immutable=false); @@ -106,10 +101,6 @@ namespace rfb { // global() is called when only the main thread is running. static Configuration* global(); - // Enable server/viewer specific parameters - static void enableServerParams() { global()->appendConfiguration(server()); } - static void enableViewerParams() { global()->appendConfiguration(viewer()); } - // - Container for process-wide Global parameters static bool setParam(const char* param, const char* value, bool immutable=false) { return global()->set(param, value, immutable); @@ -133,33 +124,11 @@ namespace rfb { friend class VoidParameter; friend struct ParameterIterator; - // Name for this Configuration - std::string name; - // - Pointer to first Parameter in this group VoidParameter* head; - // Pointer to next Configuration in this group - Configuration* _next; - // The process-wide, Global Configuration object static Configuration* global_; - - // The server only Configuration object - static Configuration* server_; - - // The viewer only Configuration object - static Configuration* viewer_; - - // Get server/viewer specific configuration object - static Configuration* server(); - static Configuration* viewer(); - - // Append configuration object to this instance. - // NOTE: conf instance can be only one configuration object - void appendConfiguration(Configuration *conf) { - conf->_next = _next; _next = conf; - } }; // -=- VoidParameter @@ -167,7 +136,7 @@ namespace rfb { class VoidParameter { public: - VoidParameter(const char* name_, const char* desc_, ConfigurationObject co=ConfGlobal); + VoidParameter(const char* name_, const char* desc_); virtual ~VoidParameter(); const char* getName() const; const char* getDescription() const; @@ -195,8 +164,7 @@ namespace rfb { class AliasParameter : public VoidParameter { public: - AliasParameter(const char* name_, const char* desc_,VoidParameter* param_, - ConfigurationObject co=ConfGlobal); + AliasParameter(const char* name_, const char* desc_,VoidParameter* param_); bool setParam(const char* value) override; bool setParam() override; std::string getDefaultStr() const override; @@ -208,8 +176,7 @@ namespace rfb { class BoolParameter : public VoidParameter { public: - BoolParameter(const char* name_, const char* desc_, bool v, - ConfigurationObject co=ConfGlobal); + BoolParameter(const char* name_, const char* desc_, bool v); bool setParam(const char* value) override; bool setParam() override; virtual void setParam(bool b); @@ -224,8 +191,7 @@ namespace rfb { class IntParameter : public VoidParameter { public: IntParameter(const char* name_, const char* desc_, int v, - int minValue=INT_MIN, int maxValue=INT_MAX, - ConfigurationObject co=ConfGlobal); + int minValue=INT_MIN, int maxValue=INT_MAX); using VoidParameter::setParam; bool setParam(const char* value) override; virtual bool setParam(int v); @@ -240,8 +206,7 @@ namespace rfb { class StringParameter : public VoidParameter { public: - StringParameter(const char* name_, const char* desc_, const char* v, - ConfigurationObject co=ConfGlobal); + StringParameter(const char* name_, const char* desc_, const char* v); bool setParam(const char* value) override; std::string getDefaultStr() const override; std::string getValueStr() const override; @@ -254,8 +219,7 @@ namespace rfb { class BinaryParameter : public VoidParameter { public: BinaryParameter(const char* name_, const char* desc_, - const uint8_t* v, size_t l, - ConfigurationObject co=ConfGlobal); + const uint8_t* v, size_t l); using VoidParameter::setParam; ~BinaryParameter() override; bool setParam(const char* value) override; @@ -273,7 +237,7 @@ namespace rfb { }; // -=- ParameterIterator - // Iterates over all enabled parameters (global + server/viewer). + // Iterates over all enabled parameters. // Current Parameter is accessed via param, the current Configuration // via config. The next() method moves on to the next Parameter. @@ -281,11 +245,6 @@ namespace rfb { ParameterIterator() : config(Configuration::global()), param(config->head) {} void next() { param = param->_next; - while (!param) { - config = config->_next; - if (!config) break; - param = config->head; - } } Configuration* config; VoidParameter* param; diff --git a/common/rfb/SSecurityRSAAES.cxx b/common/rfb/SSecurityRSAAES.cxx index d7e7cc4c31..14888535ae 100644 --- a/common/rfb/SSecurityRSAAES.cxx +++ b/common/rfb/SSecurityRSAAES.cxx @@ -69,10 +69,10 @@ using namespace rfb; StringParameter SSecurityRSAAES::keyFile ("RSAKey", "Path to the RSA key for the RSA-AES security types in " - "PEM format", "", ConfServer); + "PEM format", ""); BoolParameter SSecurityRSAAES::requireUsername ("RequireUsername", "Require username for the RSA-AES security types", - false, ConfServer); + false); static LogWriter vlog("SSecurityRSAAES"); diff --git a/common/rfb/SSecurityTLS.cxx b/common/rfb/SSecurityTLS.cxx index b297242b4f..3d956b370a 100644 --- a/common/rfb/SSecurityTLS.cxx +++ b/common/rfb/SSecurityTLS.cxx @@ -60,10 +60,10 @@ static const gnutls_datum_t ffdhe_pkcs3_param = { using namespace rfb; StringParameter SSecurityTLS::X509_CertFile -("X509Cert", "Path to the X509 certificate in PEM format", "", ConfServer); +("X509Cert", "Path to the X509 certificate in PEM format", ""); StringParameter SSecurityTLS::X509_KeyFile -("X509Key", "Path to the key of the X509 certificate in PEM format", "", ConfServer); +("X509Key", "Path to the key of the X509 certificate in PEM format", ""); static LogWriter vlog("TLS"); diff --git a/common/rfb/SSecurityVncAuth.cxx b/common/rfb/SSecurityVncAuth.cxx index 22d8807905..41f607fde9 100644 --- a/common/rfb/SSecurityVncAuth.cxx +++ b/common/rfb/SSecurityVncAuth.cxx @@ -45,9 +45,9 @@ using namespace rfb; static LogWriter vlog("SVncAuth"); StringParameter SSecurityVncAuth::vncAuthPasswdFile -("PasswordFile", "Password file for VNC authentication", "", ConfServer); +("PasswordFile", "Password file for VNC authentication", ""); AliasParameter rfbauth("rfbauth", "Alias for PasswordFile", - &SSecurityVncAuth::vncAuthPasswdFile, ConfServer); + &SSecurityVncAuth::vncAuthPasswdFile); VncAuthPasswdParameter SSecurityVncAuth::vncAuthPasswd ("Password", "Obfuscated binary encoding of the password which clients must supply to " "access the server", &SSecurityVncAuth::vncAuthPasswdFile); @@ -119,7 +119,7 @@ bool SSecurityVncAuth::processMsg() VncAuthPasswdParameter::VncAuthPasswdParameter(const char* name_, const char* desc, StringParameter* passwdFile_) -: BinaryParameter(name_, desc, nullptr, 0, ConfServer), +: BinaryParameter(name_, desc, nullptr, 0), passwdFile(passwdFile_) { } diff --git a/common/rfb/SecurityClient.cxx b/common/rfb/SecurityClient.cxx index 027d47df2d..03109ed045 100644 --- a/common/rfb/SecurityClient.cxx +++ b/common/rfb/SecurityClient.cxx @@ -58,8 +58,7 @@ StringParameter SecurityClient::secTypes #ifdef HAVE_NETTLE "RA2,RA2_256,RA2ne,RA2ne_256,DH,MSLogonII," #endif - "VncAuth,None", -ConfViewer); + "VncAuth,None"); CSecurity* SecurityClient::GetCSecurity(CConnection* cc, uint32_t secType) { diff --git a/common/rfb/SecurityServer.cxx b/common/rfb/SecurityServer.cxx index d692f4fc93..8dc7260e16 100644 --- a/common/rfb/SecurityServer.cxx +++ b/common/rfb/SecurityServer.cxx @@ -49,8 +49,7 @@ StringParameter SecurityServer::secTypes #ifdef HAVE_GNUTLS "TLSVnc," #endif - "VncAuth", -ConfServer); + "VncAuth"); SSecurity* SecurityServer::GetSSecurity(SConnection* sc, uint32_t secType) { diff --git a/unix/x0vncserver/x0vncserver.cxx b/unix/x0vncserver/x0vncserver.cxx index 7ea427ede3..68f5a19b38 100644 --- a/unix/x0vncserver/x0vncserver.cxx +++ b/unix/x0vncserver/x0vncserver.cxx @@ -279,8 +279,6 @@ int main(int argc, char** argv) programName = argv[0]; Display* dpy; - Configuration::enableServerParams(); - // Assume different defaults when socket activated if (hasSystemdListeners()) rfbport.setParam(-1); diff --git a/unix/xserver/hw/vnc/RFBGlue.cc b/unix/xserver/hw/vnc/RFBGlue.cc index 2295bee85d..6354b91b32 100644 --- a/unix/xserver/hw/vnc/RFBGlue.cc +++ b/unix/xserver/hw/vnc/RFBGlue.cc @@ -43,7 +43,6 @@ void vncInitRFB(void) rfb::initStdIOLoggers(); rfb::initSyslogLogger(); rfb::LogWriter::setLogParams("*:stderr:30"); - rfb::Configuration::enableServerParams(); } void vncLogError(const char *name, const char *format, ...) diff --git a/vncviewer/vncviewer.cxx b/vncviewer/vncviewer.cxx index 4efe6e931d..95650e869a 100644 --- a/vncviewer/vncviewer.cxx +++ b/vncviewer/vncviewer.cxx @@ -659,8 +659,6 @@ int main(int argc, char** argv) signal(SIGINT, CleanupSignalHandler); signal(SIGTERM, CleanupSignalHandler); - Configuration::enableViewerParams(); - /* Load the default parameter settings */ char defaultServerName[VNCSERVERNAMELEN] = ""; try { diff --git a/win/vncconfig/vncconfig.cxx b/win/vncconfig/vncconfig.cxx index fffdea186b..8817f0e1f2 100644 --- a/win/vncconfig/vncconfig.cxx +++ b/win/vncconfig/vncconfig.cxx @@ -90,8 +90,6 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE /*prev*/, char* /*cmdLine*/, int /* vlog.info("Starting vncconfig applet"); #endif - Configuration::enableServerParams(); - try { try { // Process command-line args diff --git a/win/winvnc/winvnc.cxx b/win/winvnc/winvnc.cxx index 299e1fa1cb..3494f0f231 100644 --- a/win/winvnc/winvnc.cxx +++ b/win/winvnc/winvnc.cxx @@ -260,8 +260,6 @@ int WINAPI WinMain(HINSTANCE /*inst*/, HINSTANCE /*prevInst*/, char* /*cmdLine*/ #endif rfb::win32::initEventLogLogger(VNCServerService::Name); - Configuration::enableServerParams(); - // - By default, just log errors to stderr From 28e35d058eac4d8f1b80914854552401d9fb15cd Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Fri, 16 Aug 2024 15:49:59 +0200 Subject: [PATCH 13/34] Use std::list for config parameters Avoid rolling our own linked list when we have the standard library. --- common/rfb/Configuration.cxx | 47 +++++++++++++++--------------------- common/rfb/Configuration.h | 20 ++++++++++----- 2 files changed, 34 insertions(+), 33 deletions(-) diff --git a/common/rfb/Configuration.cxx b/common/rfb/Configuration.cxx index f5ea2a829b..d40bedb881 100644 --- a/common/rfb/Configuration.cxx +++ b/common/rfb/Configuration.cxx @@ -30,6 +30,7 @@ #include #include +#include #include #include @@ -66,8 +67,7 @@ bool Configuration::set(const char* n, const char* v, bool immutable) { bool Configuration::set(const char* paramName, int len, const char* val, bool immutable) { - VoidParameter* current = head; - while (current) { + for (VoidParameter* current: params) { if ((int)strlen(current->getName()) == len && strncasecmp(current->getName(), paramName, len) == 0) { @@ -76,7 +76,6 @@ bool Configuration::set(const char* paramName, int len, current->setImmutable(); return b; } - current = current->_next; } return false; } @@ -92,15 +91,13 @@ bool Configuration::set(const char* config, bool immutable) { if (equal) { return set(config, equal-config, equal+1, immutable); } else if (hyphen) { - VoidParameter* current = head; - while (current) { + for (VoidParameter* current: params) { if (strcasecmp(current->getName(), config) == 0) { bool b = current->setParam(); if (b && immutable) current->setImmutable(); return b; } - current = current->_next; } } return false; @@ -108,19 +105,15 @@ bool Configuration::set(const char* config, bool immutable) { VoidParameter* Configuration::get(const char* param) { - VoidParameter* current = head; - while (current) { + for (VoidParameter* current: params) { if (strcasecmp(current->getName(), param) == 0) return current; - current = current->_next; } return nullptr; } void Configuration::list(int width, int nameWidth) { - VoidParameter* current = head; - - while (current) { + for (VoidParameter* current: params) { std::string def_str = current->getDefaultStr(); const char* desc = current->getDescription(); fprintf(stderr," %-*s -", nameWidth, current->getName()); @@ -150,25 +143,22 @@ void Configuration::list(int width, int nameWidth) { } else { fprintf(stderr,"\n"); } - current = current->_next; } } bool Configuration::remove(const char* param) { - VoidParameter *current = head; - VoidParameter **prevnext = &head; + std::list::iterator iter; - while (current) { - if (strcasecmp(current->getName(), param) == 0) { - *prevnext = current->_next; - return true; - } - prevnext = ¤t->_next; - current = current->_next; - } + iter = std::find_if(params.begin(), params.end(), + [param](VoidParameter* p) { + return strcasecmp(p->getName(), param) == 0; + }); + if (iter != params.end()) + return false; - return false; + params.erase(iter); + return true; } @@ -180,14 +170,17 @@ VoidParameter::VoidParameter(const char* name_, const char* desc_) Configuration *conf; conf = Configuration::global(); - - _next = conf->head; - conf->head = this; + conf->params.push_back(this); mutex = new os::Mutex(); } VoidParameter::~VoidParameter() { + Configuration *conf; + + conf = Configuration::global(); + conf->params.remove(this); + delete mutex; } diff --git a/common/rfb/Configuration.h b/common/rfb/Configuration.h index 8802b899f4..151d64ae45 100644 --- a/common/rfb/Configuration.h +++ b/common/rfb/Configuration.h @@ -47,6 +47,7 @@ #include #include +#include #include #include @@ -62,8 +63,7 @@ namespace rfb { class Configuration { public: // - Create a new Configuration object - Configuration() - : head(nullptr) {} + Configuration() {} // - Set named parameter to value bool set(const char* param, const char* value, bool immutable=false); @@ -124,8 +124,8 @@ namespace rfb { friend class VoidParameter; friend struct ParameterIterator; - // - Pointer to first Parameter in this group - VoidParameter* head; + // - List of Parameters + std::list params; // The process-wide, Global Configuration object static Configuration* global_; @@ -242,12 +242,20 @@ namespace rfb { // via config. The next() method moves on to the next Parameter. struct ParameterIterator { - ParameterIterator() : config(Configuration::global()), param(config->head) {} + ParameterIterator() + : config(Configuration::global()), + param(config->params.front()), + iter(config->params.begin()) {} void next() { - param = param->_next; + iter++; + if (iter == config->params.end()) + param = nullptr; + else + param = *iter; } Configuration* config; VoidParameter* param; + std::list::iterator iter; }; }; From 97842f6bdb9dfbf0e72dd8e6fb06012b83fb6680 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Fri, 16 Aug 2024 16:01:24 +0200 Subject: [PATCH 14/34] Use normal iterators for parameters Now that we are based on a normal std::list, we can use normal iterators to go through the parameters. --- common/rfb/Configuration.h | 30 +++++------------------------- unix/xserver/hw/vnc/RFBGlue.cc | 12 ++++++------ 2 files changed, 11 insertions(+), 31 deletions(-) diff --git a/common/rfb/Configuration.h b/common/rfb/Configuration.h index 151d64ae45..7115b25c74 100644 --- a/common/rfb/Configuration.h +++ b/common/rfb/Configuration.h @@ -55,7 +55,6 @@ namespace os { class Mutex; } namespace rfb { class VoidParameter; - struct ParameterIterator; // -=- Configuration // Class used to access parameters. @@ -94,6 +93,11 @@ namespace rfb { void writeToFile(const char* filename); + // - Iterate over all parameters + std::list::iterator begin() { return params.begin(); } + std::list::iterator end() { return params.end(); } + + // - Get the Global Configuration object // NB: This call does NOT lock the Configuration system. // ALWAYS ensure that if you have ANY global Parameters, @@ -122,7 +126,6 @@ namespace rfb { private: friend class VoidParameter; - friend struct ParameterIterator; // - List of Parameters std::list params; @@ -152,7 +155,6 @@ namespace rfb { protected: friend class Configuration; - friend struct ParameterIterator; VoidParameter* _next; bool immutable; @@ -236,28 +238,6 @@ namespace rfb { size_t def_length; }; - // -=- ParameterIterator - // Iterates over all enabled parameters. - // Current Parameter is accessed via param, the current Configuration - // via config. The next() method moves on to the next Parameter. - - struct ParameterIterator { - ParameterIterator() - : config(Configuration::global()), - param(config->params.front()), - iter(config->params.begin()) {} - void next() { - iter++; - if (iter == config->params.end()) - param = nullptr; - else - param = *iter; - } - Configuration* config; - VoidParameter* param; - std::list::iterator iter; - }; - }; #endif // __RFB_CONFIGURATION_H__ diff --git a/unix/xserver/hw/vnc/RFBGlue.cc b/unix/xserver/hw/vnc/RFBGlue.cc index 6354b91b32..0227bd8d11 100644 --- a/unix/xserver/hw/vnc/RFBGlue.cc +++ b/unix/xserver/hw/vnc/RFBGlue.cc @@ -158,7 +158,7 @@ int vncGetParamCount(void) int count; count = 0; - for (ParameterIterator i; i.param; i.next()) + for (VoidParameter *param: *rfb::Configuration::global()) count++; return count; @@ -171,8 +171,8 @@ char *vncGetParamList(void) len = 0; - for (ParameterIterator i; i.param; i.next()) { - int l = strlen(i.param->getName()); + for (VoidParameter *param: *rfb::Configuration::global()) { + int l = strlen(param->getName()); if (l <= 255) len += l + 1; } @@ -182,11 +182,11 @@ char *vncGetParamList(void) return nullptr; ptr = data; - for (ParameterIterator i; i.param; i.next()) { - int l = strlen(i.param->getName()); + for (VoidParameter *param: *rfb::Configuration::global()) { + int l = strlen(param->getName()); if (l <= 255) { *ptr++ = l; - memcpy(ptr, i.param->getName(), l); + memcpy(ptr, param->getName(), l); ptr += l; } } From 2cd415cdf9eab3f0d5283db89fc2954dc1e40948 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Mon, 19 Aug 2024 09:40:29 +0200 Subject: [PATCH 15/34] Move -interface argument to correct section This is a "parameter", not an "option", so let's make sure it's in the correct section. --- unix/xserver/hw/vnc/Xvnc.man | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/unix/xserver/hw/vnc/Xvnc.man b/unix/xserver/hw/vnc/Xvnc.man index 49b1dc8a74..5737ff24d9 100644 --- a/unix/xserver/hw/vnc/Xvnc.man +++ b/unix/xserver/hw/vnc/Xvnc.man @@ -52,10 +52,6 @@ disable DRI3. Default is \fBauto\fP which makes \fBXvnc\fP pick a suitable available render node. . .TP -.B \-interface \fIIP address\fP -Listen on interface. By default Xvnc listens on all available interfaces. -. -.TP .B \-inetd This significantly changes Xvnc's behaviour so that it can be launched from inetd. See the section below on usage with inetd. @@ -191,6 +187,10 @@ are a comma separated list of \fBNone\fP, \fBVncAuth\fP, \fBPlain\fP, Default is \fBTLSVnc,VncAuth\fP. . .TP +.B \-interface \fIIP address\fP +Listen on interface. By default Xvnc listens on all available interfaces. +. +.TP .B \-Password \fIpassword\fP Obfuscated binary encoding of the password which clients must supply to access the server. Using this parameter is insecure, use \fBPasswordFile\fP From e2d25bda133e4a60f564e0523bc1bcf026a2480d Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Mon, 19 Aug 2024 10:04:18 +0200 Subject: [PATCH 16/34] Prefer "PasswordFile" over "rfbauth" The latter is the legacy alias, so prefer the former in the documentation. --- unix/x0vncserver/x0vncserver.man | 2 +- unix/xserver/hw/vnc/Xvnc.man | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/unix/x0vncserver/x0vncserver.man b/unix/x0vncserver/x0vncserver.man index ce4bd6a933..c7ec342cfe 100644 --- a/unix/x0vncserver/x0vncserver.man +++ b/unix/x0vncserver/x0vncserver.man @@ -110,7 +110,7 @@ are a comma separated list of \fBNone\fP, \fBVncAuth\fP, \fBPlain\fP, Default is \fBTLSVnc,VncAuth\fP. . .TP -.B \-rfbauth \fIpasswd-file\fP, \-PasswordFile \fIpasswd-file\fP +.B \-PasswordFile \fIpasswd-file\fP, \-rfbauth \fIpasswd-file\fP Password file for VNC authentication. There is no default, you should specify the password file explicitly. Password file should be created with the \fBvncpasswd\fP(1) utility. The file is accessed each time a connection diff --git a/unix/xserver/hw/vnc/Xvnc.man b/unix/xserver/hw/vnc/Xvnc.man index 5737ff24d9..0a4c3f7835 100644 --- a/unix/xserver/hw/vnc/Xvnc.man +++ b/unix/xserver/hw/vnc/Xvnc.man @@ -101,7 +101,7 @@ connections from viewers. Specifies the mode of the Unix domain socket. The default is 0600. . .TP -.B \-rfbauth \fIpasswd-file\fP, \-PasswordFile \fIpasswd-file\fP +.B \-PasswordFile \fIpasswd-file\fP, \-rfbauth \fIpasswd-file\fP Password file for VNC authentication. There is no default, you should specify the password file explicitly. Password file should be created with the \fBvncpasswd\fP(1) utility. The file is accessed each time a connection From 42d62f2706c4422276d8d50582d50aab569cbc8b Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Fri, 16 Aug 2024 16:01:24 +0200 Subject: [PATCH 17/34] Sort parameters in -help and man pages Makes it much easier to find all the different options. --- common/rfb/Configuration.cxx | 3 + unix/vncconfig/vncconfig.man | 28 +-- unix/x0vncserver/x0vncserver.man | 320 +++++++++++++++--------------- unix/xserver/hw/vnc/Xvnc.man | 326 +++++++++++++++---------------- vncviewer/vncviewer.man | 239 +++++++++++----------- 5 files changed, 462 insertions(+), 454 deletions(-) diff --git a/common/rfb/Configuration.cxx b/common/rfb/Configuration.cxx index d40bedb881..4e4b27d2d5 100644 --- a/common/rfb/Configuration.cxx +++ b/common/rfb/Configuration.cxx @@ -171,6 +171,9 @@ VoidParameter::VoidParameter(const char* name_, const char* desc_) conf = Configuration::global(); conf->params.push_back(this); + conf->params.sort([](const VoidParameter* a, const VoidParameter* b) { + return strcasecmp(a->getName(), b->getName()) < 0; + }); mutex = new os::Mutex(); } diff --git a/unix/vncconfig/vncconfig.man b/unix/vncconfig/vncconfig.man index b07c02f463..7c26dff671 100644 --- a/unix/vncconfig/vncconfig.man +++ b/unix/vncconfig/vncconfig.man @@ -64,27 +64,27 @@ instead. The \fB-view-only\fP option specifies that the server must ignore all keyboard or mouse events sent by the client. . .TP +.B \-desc \fIXvnc-param\fP +Prints a short description of the given Xvnc parameter. +. +.TP .B \-disconnect This causes Xvnc to disconnect from all viewers so that the VNC desktop is not displayed anywhere. . .TP -[\fB-set\fP] \fIXvnc-param\fP=\fIvalue\fP -Sets an Xvnc parameter to the given value. Note that some of Xvnc's parameters -are read only once at startup so that changing them in this way may not have -any effect. +.B \-get \fIXvnc-param\fP +Prints the current value of the given Xvnc parameter. . .TP .B \-list Lists all the parameters supported by Xvnc. . .TP -.B \-get \fIXvnc-param\fP -Prints the current value of the given Xvnc parameter. -. -.TP -.B \-desc \fIXvnc-param\fP -Prints a short description of the given Xvnc parameter. +[\fB-set\fP] \fIXvnc-param\fP=\fIvalue\fP +Sets an Xvnc parameter to the given value. Note that some of Xvnc's parameters +are read only once at startup so that changing them in this way may not have +any effect. .SH PARAMETERS .B vncconfig @@ -102,12 +102,12 @@ Other valid forms are \fIparam\fP\fB=\fP\fIvalue\fP -\fIparam\fP=\fIvalue\fP Specifies the Xvnc server to control. . .TP -.B \-nowin -When run as a "helper" app, don't put up a window. -. -.TP .B \-iconic When run as a "helper" app, make the window iconified at startup. +. +.TP +.B \-nowin +When run as a "helper" app, don't put up a window. .SH SEE ALSO .BR vncpasswd (1), diff --git a/unix/x0vncserver/x0vncserver.man b/unix/x0vncserver/x0vncserver.man index c7ec342cfe..02cee04cf1 100644 --- a/unix/x0vncserver/x0vncserver.man +++ b/unix/x0vncserver/x0vncserver.man @@ -47,47 +47,76 @@ arbitrary. .SH PARAMETERS .TP -.B \-desktop \fIdesktop-name\fP -Each desktop has a name which may be displayed by the viewer. It defaults to -"@". +.B \-AcceptKeyEvents +Accept key press and release events from clients. Default is on. . .TP -.B \-display \fIdisplay\fP -The X display name. If not specified, it defaults to the value of the -DISPLAY environment variable. +.B \-AcceptPointerEvents +Accept pointer movement and button events from clients. Default is on. . .TP -.B \-rfbport \fIport\fP -Specifies the TCP port on which x0vncserver listens for connections from -viewers (the protocol used in VNC is called RFB - "remote framebuffer"). -Specify \fB-1\fP to disable listening on a TCP port. The default port is -5900 when started directly, and -1 when activated by a systemd socket. +.B \-AcceptSetDesktopSize +Accept requests to resize the size of the desktop. Default is on. . .TP -.B \-UseIPv4 -Use IPv4 for incoming and outgoing connections. Default is on. +.B \-AlwaysShared +Always treat incoming connections as shared, regardless of the client-specified +setting. Default is off. . .TP -.B \-UseIPv6 -Use IPv6 for incoming and outgoing connections. Default is on. +.B \-BlacklistThreshold \fIcount\fP +The number of unauthenticated connection attempts allowed from any individual +host before that host is black-listed. Default is 5. . .TP -.B \-rfbunixpath \fIpath\fP -Specifies the path of a Unix domain socket on which x0vncserver listens for -connections from viewers. Default is to not listen to any Unix domain -socket. +.B \-BlacklistTimeout \fIseconds\fP +The initial timeout applied when a host is first black-listed. The host +cannot re-attempt a connection until the timeout expires. Default is 10. . .TP -.B \-rfbunixmode \fImode\fP -Specifies the mode of the Unix domain socket. The default is 0600. +.B \-CompareFB \fImode\fP +Perform pixel comparison on framebuffer to reduce unnecessary updates. Can +be either \fB0\fP (off), \fB1\fP (always) or \fB2\fP (auto). Default is +\fB2\fP. . .TP -.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP -Configures the debug log settings. \fIdest\fP can currently be \fBstderr\fP, -\fBstdout\fP or \fBsyslog\fP, and \fIlevel\fP is between 0 and 100, 100 meaning -most verbose output. \fIlogname\fP is usually \fB*\fP meaning all, but you can -target a specific source file if you know the name of its "LogWriter". Default -is \fB*:stderr:30\fP. +.B \-desktop \fIdesktop-name\fP +Each desktop has a name which may be displayed by the viewer. It defaults to +"@". +. +.TP +.B \-DisconnectClients +Disconnect existing clients if an incoming connection is non-shared. Default is +on. If \fBDisconnectClients\fP is false, then a new non-shared connection will +be refused while there is a client active. When combined with +\fBNeverShared\fP this means only one client is allowed at a time. +. +.TP +.B \-display \fIdisplay\fP +The X display name. If not specified, it defaults to the value of the +DISPLAY environment variable. +. +.TP +.B \-FrameRate \fIfps\fP +The maximum number of updates per second sent to each client. If the screen +updates any faster then those changes will be aggregated and sent in a single +update to the client. Note that this only controls the maximum rate and a +client may get a lower rate when resources are limited. Default is \fB60\fP. +. +.TP +.B \-Geometry \fIgeometry\fP +This option specifies the screen area that will be shown to VNC clients. The +format is +.B \fIwidth\fPx\fIheight\fP+\fIxoffset\fP+\fIyoffset\fP +, where `+' signs can be replaced with `\-' signs to specify offsets from the +right and/or from the bottom of the screen. Offsets are optional, +0+0 is +assumed by default (top left corner). If the argument is empty, full screen +is shown to VNC clients (this is the default). +. +.TP +.B \-GnuTLSPriority \fIpriority\fP +GnuTLS priority string that controls the TLS session’s handshake algorithms. +See the GnuTLS manual for possible values. Default is \fBNORMAL\fP. . .TP .B \-HostsFile \fIfilename\fP @@ -102,124 +131,108 @@ include only an action sign (+, - or ?) will match any IP address. Default is to accept connections from any IP address. . .TP -.B \-SecurityTypes \fIsec-types\fP -Specify which security scheme to use for incoming connections. Valid values -are a comma separated list of \fBNone\fP, \fBVncAuth\fP, \fBPlain\fP, -\fBTLSNone\fP, \fBTLSVnc\fP, \fBTLSPlain\fP, \fBX509None\fP, \fBX509Vnc\fP, -\fBX509Plain\fP, \fBRA2\fP, \fBRA2ne\fP, \fBRA2_256\fP and \fBRA2ne_256\fP. -Default is \fBTLSVnc,VncAuth\fP. -. -.TP -.B \-PasswordFile \fIpasswd-file\fP, \-rfbauth \fIpasswd-file\fP -Password file for VNC authentication. There is no default, you should -specify the password file explicitly. Password file should be created with -the \fBvncpasswd\fP(1) utility. The file is accessed each time a connection -comes in, so it can be changed on the fly. -. -.TP -.B \-Password \fIpassword\fP -Obfuscated binary encoding of the password which clients must supply to -access the server. Using this parameter is insecure, use \fBPasswordFile\fP -parameter instead. -. -.TP -.B \-PlainUsers \fIuser-list\fP -A comma separated list of user names that are allowed to authenticate via -any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP -to allow any user to authenticate using this security type. Specify \fB%u\fP -to allow the user of the server process. Default is to deny all users. -. -.TP -.B \-pam_service \fIname\fP, \-PAMService \fIname\fP -PAM service name to use when authentication users using any of the "Plain" -security types. Default is \fBvnc\fP. +.B \-IdleTimeout \fIseconds\fP +The number of seconds after which an idle VNC connection will be dropped. +Default is 0, which means that idle connections will never be dropped. . .TP -.B \-X509Cert \fIpath\fP -Path to a X509 certificate in PEM format to be used for all X509 based -security types (X509None, X509Vnc, etc.). +.B \-ImprovedHextile +Use improved compression algorithm for Hextile encoding which achieves better +compression ratios by the cost of using slightly more CPU time. Default is +on. . .TP -.B \-X509Key \fIpath\fP -Private key counter part to the certificate given in \fBX509Cert\fP. Must -also be in PEM format. +.B \-interface \fIIP address\fP +Listen on interface. By default x0vncserver listens on all available interfaces. . .TP -.B \-GnuTLSPriority \fIpriority\fP -GnuTLS priority string that controls the TLS session’s handshake algorithms. -See the GnuTLS manual for possible values. Default is \fBNORMAL\fP. +.B \-localhost +Only allow connections from the same machine. Useful if you use SSH and want to +stop non-SSH connections from any other hosts. . .TP -.B \-RSAKey \fIpath\fP -Path to the RSA key for the RSA-AES security types (\fBRA2\fP, \fBRA2ne\fP, -\fBRA2_256\fP and \fBRA2ne_256\fP) in PEM format. +.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP +Configures the debug log settings. \fIdest\fP can currently be \fBstderr\fP, +\fBstdout\fP or \fBsyslog\fP, and \fIlevel\fP is between 0 and 100, 100 meaning +most verbose output. \fIlogname\fP is usually \fB*\fP meaning all, but you can +target a specific source file if you know the name of its "LogWriter". Default +is \fB*:stderr:30\fP. . .TP -.B \-RequireUsername -Require username for the RSA-AES security types. Default is off. +.B \-MaxConnectionTime \fIseconds\fP +Terminate when a client has been connected for \fIN\fP seconds. Default is +0. . .TP -.B \-UseBlacklist -Temporarily reject connections from a host if it repeatedly fails to -authenticate. Default is on. +.B \-MaxDisconnectionTime \fIseconds\fP +Terminate when no client has been connected for \fIN\fP seconds. Default is +0. . .TP -.B \-BlacklistThreshold \fIcount\fP -The number of unauthenticated connection attempts allowed from any individual -host before that host is black-listed. Default is 5. +.B \-MaxIdleTime \fIseconds\fP +Terminate after \fIN\fP seconds of user inactivity. Default is 0. . .TP -.B \-BlacklistTimeout \fIseconds\fP -The initial timeout applied when a host is first black-listed. The host -cannot re-attempt a connection until the timeout expires. Default is 10. +.B \-MaxProcessorUsage \fIpercent\fP +Maximum percentage of CPU time to be consumed when polling the +screen. Default is 35. . .TP -.B \-QueryConnect -Prompts the user of the desktop to explicitly accept or reject incoming -connections. Default is off. +.B \-NeverShared +Never treat incoming connections as shared, regardless of the client-specified +setting. Default is off. . .TP -.B \-QueryConnectTimeout \fIseconds\fP -Number of seconds to show the Accept connection dialog before rejecting the -connection. Default is \fB10\fP. +.B \-pam_service \fIname\fP, \-PAMService \fIname\fP +PAM service name to use when authentication users using any of the "Plain" +security types. Default is \fBvnc\fP. . .TP -.B \-localhost -Only allow connections from the same machine. Useful if you use SSH and want to -stop non-SSH connections from any other hosts. +.B \-Password \fIpassword\fP +Obfuscated binary encoding of the password which clients must supply to +access the server. Using this parameter is insecure, use \fBPasswordFile\fP +parameter instead. . .TP -.B \-interface \fIIP address\fP -Listen on interface. By default x0vncserver listens on all available interfaces. +.B \-PasswordFile \fIpasswd-file\fP, \-rfbauth \fIpasswd-file\fP +Password file for VNC authentication. There is no default, you should +specify the password file explicitly. Password file should be created with +the \fBvncpasswd\fP(1) utility. The file is accessed each time a connection +comes in, so it can be changed on the fly. . .TP -.B \-AlwaysShared -Always treat incoming connections as shared, regardless of the client-specified -setting. Default is off. +.B \-PlainUsers \fIuser-list\fP +A comma separated list of user names that are allowed to authenticate via +any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP +to allow any user to authenticate using this security type. Specify \fB%u\fP +to allow the user of the server process. Default is to deny all users. . .TP -.B \-NeverShared -Never treat incoming connections as shared, regardless of the client-specified -setting. Default is off. +.B \-PollingCycle \fImilliseconds\fP +Milliseconds per one polling cycle. Actual interval may be dynamically +adjusted to satisfy \fBMaxProcessorUsage\fP setting. Default is 30. . .TP -.B \-DisconnectClients -Disconnect existing clients if an incoming connection is non-shared. Default is -on. If \fBDisconnectClients\fP is false, then a new non-shared connection will -be refused while there is a client active. When combined with -\fBNeverShared\fP this means only one client is allowed at a time. +.B \-Protocol3.3 +Always use protocol version 3.3 for backwards compatibility with badly-behaved +clients. Default is off. . .TP -.B \-AcceptKeyEvents -Accept key press and release events from clients. Default is on. +.B \-QueryConnect +Prompts the user of the desktop to explicitly accept or reject incoming +connections. Default is off. . .TP -.B \-AcceptPointerEvents -Accept pointer movement and button events from clients. Default is on. +.B \-QueryConnectTimeout \fIseconds\fP +Number of seconds to show the Accept connection dialog before rejecting the +connection. Default is \fB10\fP. . .TP -.B \-AcceptSetDesktopSize -Accept requests to resize the size of the desktop. Default is on. +.B \-RawKeyboard +Send keyboard events straight through and avoid mapping them to the current +keyboard layout. This effectively makes the keyboard behave according to the +layout configured on the server instead of the layout configured on the +client. Default is off. . .TP .B \-AcceptCutText @@ -259,79 +272,66 @@ RemapKeys=0x22<>0x40 .RE . .TP -.B \-RawKeyboard -Send keyboard events straight through and avoid mapping them to the current -keyboard layout. This effectively makes the keyboard behave according to the -layout configured on the server instead of the layout configured on the -client. Default is off. -. -.TP -.B \-Protocol3.3 -Always use protocol version 3.3 for backwards compatibility with badly-behaved -clients. Default is off. +.B \-RequireUsername +Require username for the RSA-AES security types. Default is off. . .TP -.B \-Geometry \fIgeometry\fP -This option specifies the screen area that will be shown to VNC clients. The -format is -.B \fIwidth\fPx\fIheight\fP+\fIxoffset\fP+\fIyoffset\fP -, where `+' signs can be replaced with `\-' signs to specify offsets from the -right and/or from the bottom of the screen. Offsets are optional, +0+0 is -assumed by default (top left corner). If the argument is empty, full screen -is shown to VNC clients (this is the default). +.B \-rfbport \fIport\fP +Specifies the TCP port on which x0vncserver listens for connections from +viewers (the protocol used in VNC is called RFB - "remote framebuffer"). +Specify \fB-1\fP to disable listening on a TCP port. The default port is +5900 when started directly, and -1 when activated by a systemd socket. . .TP -.B \-MaxProcessorUsage \fIpercent\fP -Maximum percentage of CPU time to be consumed when polling the -screen. Default is 35. +.B \-rfbunixmode \fImode\fP +Specifies the mode of the Unix domain socket. The default is 0600. . .TP -.B \-PollingCycle \fImilliseconds\fP -Milliseconds per one polling cycle. Actual interval may be dynamically -adjusted to satisfy \fBMaxProcessorUsage\fP setting. Default is 30. +.B \-rfbunixpath \fIpath\fP +Specifies the path of a Unix domain socket on which x0vncserver listens for +connections from viewers. Default is to not listen to any Unix domain +socket. . .TP -.B \-FrameRate \fIfps\fP -The maximum number of updates per second sent to each client. If the screen -updates any faster then those changes will be aggregated and sent in a single -update to the client. Note that this only controls the maximum rate and a -client may get a lower rate when resources are limited. Default is \fB60\fP. +.B \-RSAKey \fIpath\fP +Path to the RSA key for the RSA-AES security types (\fBRA2\fP, \fBRA2ne\fP, +\fBRA2_256\fP and \fBRA2ne_256\fP) in PEM format. . .TP -.B \-CompareFB \fImode\fP -Perform pixel comparison on framebuffer to reduce unnecessary updates. Can -be either \fB0\fP (off), \fB1\fP (always) or \fB2\fP (auto). Default is -\fB2\fP. +.B \-SecurityTypes \fIsec-types\fP +Specify which security scheme to use for incoming connections. Valid values +are a comma separated list of \fBNone\fP, \fBVncAuth\fP, \fBPlain\fP, +\fBTLSNone\fP, \fBTLSVnc\fP, \fBTLSPlain\fP, \fBX509None\fP, \fBX509Vnc\fP, +\fBX509Plain\fP, \fBRA2\fP, \fBRA2ne\fP, \fBRA2_256\fP and \fBRA2ne_256\fP. +Default is \fBTLSVnc,VncAuth\fP. . .TP -.B \-UseSHM -Use MIT-SHM extension if available. Using that extension accelerates reading -the screen. Default is on. +.B \-UseBlacklist +Temporarily reject connections from a host if it repeatedly fails to +authenticate. Default is on. . .TP -.B \-ImprovedHextile -Use improved compression algorithm for Hextile encoding which achieves better -compression ratios by the cost of using slightly more CPU time. Default is -on. +.B \-UseIPv4 +Use IPv4 for incoming and outgoing connections. Default is on. . .TP -.B \-IdleTimeout \fIseconds\fP -The number of seconds after which an idle VNC connection will be dropped. -Default is 0, which means that idle connections will never be dropped. +.B \-UseIPv6 +Use IPv6 for incoming and outgoing connections. Default is on. . .TP -.B \-MaxDisconnectionTime \fIseconds\fP -Terminate when no client has been connected for \fIN\fP seconds. Default is -0. +.B \-UseSHM +Use MIT-SHM extension if available. Using that extension accelerates reading +the screen. Default is on. . .TP -.B \-MaxConnectionTime \fIseconds\fP -Terminate when a client has been connected for \fIN\fP seconds. Default is -0. +.B \-X509Cert \fIpath\fP +Path to a X509 certificate in PEM format to be used for all X509 based +security types (X509None, X509Vnc, etc.). . .TP -.B \-MaxIdleTime \fIseconds\fP -Terminate after \fIN\fP seconds of user inactivity. Default is 0. +.B \-X509Key \fIpath\fP +Private key counter part to the certificate given in \fBX509Cert\fP. Must +also be in PEM format. .SH SEE ALSO .BR Xvnc (1), diff --git a/unix/xserver/hw/vnc/Xvnc.man b/unix/xserver/hw/vnc/Xvnc.man index 0a4c3f7835..1f26611475 100644 --- a/unix/xserver/hw/vnc/Xvnc.man +++ b/unix/xserver/hw/vnc/Xvnc.man @@ -30,10 +30,6 @@ manual page. In addition to options which can only be set via the command-line, there are also "parameters" which can be set both via the command-line and through the \fBvncconfig\fP(1) program. -.TP -.B \-geometry \fIwidth\fPx\fIheight\fP -Specify the size of the desktop to be created. Default is 1024x768. -. .TP .B \-depth \fIdepth\fP Specify the pixel depth in bits of the desktop to be created. Default is 24, @@ -41,6 +37,19 @@ other possible values are 16 and 32. Anything else is likely to cause strange behaviour by applications and may prevent the server from starting at all. . .TP +.B \-geometry \fIwidth\fPx\fIheight\fP +Specify the size of the desktop to be created. Default is 1024x768. +. +.TP +.B \-help +List all the options and parameters +. +.TP +.B \-inetd +This significantly changes Xvnc's behaviour so that it can be launched from +inetd. See the section below on usage with inetd. +. +.TP .B \-pixelformat \fIformat\fP Specify pixel format for server to use (BGRnnn or RGBnnn). The default for depth 16 is RGB565 and for depth 24 and 32 is RGB888. @@ -50,15 +59,6 @@ depth 16 is RGB565 and for depth 24 and 32 is RGB888. DRM render node to use for DRI3 GPU acceleration. Specify an empty path to disable DRI3. Default is \fBauto\fP which makes \fBXvnc\fP pick a suitable available render node. -. -.TP -.B \-inetd -This significantly changes Xvnc's behaviour so that it can be launched from -inetd. See the section below on usage with inetd. -. -.TP -.B \-help -List all the options and parameters .SH PARAMETERS VNC parameters can be set both via the command-line and through the @@ -72,70 +72,59 @@ Parameters can be turned on with -\fIparam\fP or off with case-insensitive. .TP -.B \-desktop \fIdesktop-name\fP -Each desktop has a name which may be displayed by the viewer. It defaults to -"@". -. -.TP -.B \-rfbport \fIport\fP -Specifies the TCP port on which Xvnc listens for connections from viewers (the -protocol used in VNC is called RFB - "remote framebuffer"). The default is -5900 plus the display number. Specify \fB-1\fP to disable listening on a TCP -port. -. -.TP -.B \-UseIPv4 -Use IPv4 for incoming and outgoing connections. Default is on. -. -.TP -.B \-UseIPv6 -Use IPv6 for incoming and outgoing connections. Default is on. +.B \-AcceptCutText +Accept clipboard updates from clients. Default is on. . .TP -.B \-rfbunixpath \fIpath\fP -Specifies the path of a Unix domain socket on which Xvnc listens for -connections from viewers. +.B \-AcceptKeyEvents +Accept key press and release events from clients. Default is on. . .TP -.B \-rfbunixmode \fImode\fP -Specifies the mode of the Unix domain socket. The default is 0600. +.B \-AcceptPointerEvents +Accept pointer movement and button events from clients. Default is on. . .TP -.B \-PasswordFile \fIpasswd-file\fP, \-rfbauth \fIpasswd-file\fP -Password file for VNC authentication. There is no default, you should -specify the password file explicitly. Password file should be created with -the \fBvncpasswd\fP(1) utility. The file is accessed each time a connection -comes in, so it can be changed on the fly. +.B \-AcceptSetDesktopSize +Accept requests to resize the size of the desktop. Default is on. . .TP -.B \-AcceptCutText -Accept clipboard updates from clients. Default is on. +.B \-AllowOverride +Comma separated list of parameters that can be modified using VNC extension. +Parameters can be modified for example using \fBvncconfig\fP(1) program from +inside a running session. . .TP -.B \-MaxCutText \fIbytes\fP -The maximum size of a clipboard update that will be accepted from a client. -Default is \fB262144\fP. +.B \-AlwaysShared +Always treat incoming connections as shared, regardless of the client-specified +setting. Default is off. . .TP -.B \-SendCutText -Send clipboard changes to clients. Default is on. +.B \-AvoidShiftNumLock +Key affected by NumLock often require a fake Shift to be inserted in order +for the correct symbol to be generated. Turning on this option avoids these +extra fake Shift events but may result in a slightly different symbol +(e.g. a Return instead of a keypad Enter). . .TP -.B \-SendPrimary -Send the primary selection and cut buffer to the server as well as the -clipboard selection. Default is on. +.B \-BlacklistThreshold \fIcount\fP +The number of unauthenticated connection attempts allowed from any individual +host before that host is black-listed. Default is 5. . .TP -.B \-AcceptPointerEvents -Accept pointer movement and button events from clients. Default is on. +.B \-BlacklistTimeout \fIseconds\fP +The initial timeout applied when a host is first black-listed. The host +cannot re-attempt a connection until the timeout expires. Default is 10. . .TP -.B \-AcceptKeyEvents -Accept key press and release events from clients. Default is on. +.B \-CompareFB \fImode\fP +Perform pixel comparison on framebuffer to reduce unnecessary updates. Can +be either \fB0\fP (off), \fB1\fP (always) or \fB2\fP (auto). Default is +\fB2\fP. . .TP -.B \-AcceptSetDesktopSize -Accept requests to resize the size of the desktop. Default is on. +.B \-desktop \fIdesktop-name\fP +Each desktop has a name which may be displayed by the viewer. It defaults to +"@". . .TP .B \-DisconnectClients @@ -145,21 +134,6 @@ be refused while there is a client active. When combined with \fBNeverShared\fP this means only one client is allowed at a time. . .TP -.B \-NeverShared -Never treat incoming connections as shared, regardless of the client-specified -setting. Default is off. -. -.TP -.B \-AlwaysShared -Always treat incoming connections as shared, regardless of the client-specified -setting. Default is off. -. -.TP -.B \-Protocol3.3 -Always use protocol version 3.3 for backwards compatibility with badly-behaved -clients. Default is off. -. -.TP .B \-FrameRate \fIfps\fP The maximum number of updates per second sent to each client. If the screen updates any faster then those changes will be aggregated and sent in a single @@ -167,10 +141,16 @@ update to the client. Note that this only controls the maximum rate and a client may get a lower rate when resources are limited. Default is \fB60\fP. . .TP -.B \-CompareFB \fImode\fP -Perform pixel comparison on framebuffer to reduce unnecessary updates. Can -be either \fB0\fP (off), \fB1\fP (always) or \fB2\fP (auto). Default is -\fB2\fP. +.B \-GnuTLSPriority \fIpriority\fP +GnuTLS priority string that controls the TLS session’s handshake algorithms. +See the GnuTLS manual for possible values. For GnuTLS < 3.6.3 the default +value will be \fBNORMAL\fP to use upstream default. For newer versions +of GnuTLS system-wide crypto policy will be used. +. +.TP +.B \-IdleTimeout \fIseconds\fP +The number of seconds after which an idle VNC connection will be dropped. +Default is 0, which means that idle connections will never be dropped. . .TP .B \-ImprovedHextile @@ -179,94 +159,75 @@ compression ratios by the cost of using slightly more CPU time. Default is on. . .TP -.B \-SecurityTypes \fIsec-types\fP -Specify which security scheme to use for incoming connections. Valid values -are a comma separated list of \fBNone\fP, \fBVncAuth\fP, \fBPlain\fP, -\fBTLSNone\fP, \fBTLSVnc\fP, \fBTLSPlain\fP, \fBX509None\fP, \fBX509Vnc\fP, -\fBX509Plain\fP, \fBRA2\fP, \fBRA2ne\fP, \fBRA2_256\fP and \fBRA2ne_256\fP. -Default is \fBTLSVnc,VncAuth\fP. -. -.TP .B \-interface \fIIP address\fP Listen on interface. By default Xvnc listens on all available interfaces. . .TP -.B \-Password \fIpassword\fP -Obfuscated binary encoding of the password which clients must supply to -access the server. Using this parameter is insecure, use \fBPasswordFile\fP -parameter instead. -. -.TP -.B \-PlainUsers \fIuser-list\fP -A comma separated list of user names that are allowed to authenticate via -any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP -to allow any user to authenticate using this security type. Specify \fB%u\fP -to allow the user of the server process. Default is to deny all users. -. -.TP -.B \-pam_service \fIname\fP, \-PAMService \fIname\fP -PAM service name to use when authentication users using any of the "Plain" -security types. Default is \fBvnc\fP. -. -.TP -.B \-X509Cert \fIpath\fP -Path to a X509 certificate in PEM format to be used for all X509 based -security types (X509None, X509Vnc, etc.). +.B \-localhost +Only allow connections from the same machine. Useful if you use SSH and want to +stop non-SSH connections from any other hosts. . .TP -.B \-X509Key \fIpath\fP -Private key counter part to the certificate given in \fBX509Cert\fP. Must -also be in PEM format. +.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP +Configures the debug log settings. \fIdest\fP can currently be \fBstderr\fP, +\fBstdout\fP or \fBsyslog\fP, and \fIlevel\fP is between 0 and 100, 100 meaning +most verbose output. \fIlogname\fP is usually \fB*\fP meaning all, but you can +target a specific source file if you know the name of its "LogWriter". Default +is \fB*:stderr:30\fP. . .TP -.B \-GnuTLSPriority \fIpriority\fP -GnuTLS priority string that controls the TLS session’s handshake algorithms. -See the GnuTLS manual for possible values. For GnuTLS < 3.6.3 the default -value will be \fBNORMAL\fP to use upstream default. For newer versions -of GnuTLS system-wide crypto policy will be used. +.B \-MaxConnectionTime \fIseconds\fP +Terminate when a client has been connected for \fIN\fP seconds. Default is +0. . .TP -.B \-RSAKey \fIpath\fP -Path to the RSA key for the RSA-AES security types (\fBRA2\fP, \fBRA2ne\fP, -\fBRA2_256\fP and \fBRA2ne_256\fP) in PEM format. +.B \-MaxCutText \fIbytes\fP +The maximum size of a clipboard update that will be accepted from a client. +Default is \fB262144\fP. . .TP -.B \-RequireUsername -Require username for the RSA-AES security types. Default is off. +.B \-MaxDisconnectionTime \fIseconds\fP +Terminate when no client has been connected for \fIN\fP seconds. Default is +0. . .TP -.B \-UseBlacklist -Temporarily reject connections from a host if it repeatedly fails to -authenticate. Default is on. +.B \-MaxIdleTime \fIseconds\fP +Terminate after \fIN\fP seconds of user inactivity. Default is 0. . .TP -.B \-BlacklistThreshold \fIcount\fP -The number of unauthenticated connection attempts allowed from any individual -host before that host is black-listed. Default is 5. +.B \-NeverShared +Never treat incoming connections as shared, regardless of the client-specified +setting. Default is off. . .TP -.B \-BlacklistTimeout \fIseconds\fP -The initial timeout applied when a host is first black-listed. The host -cannot re-attempt a connection until the timeout expires. Default is 10. +.B \-pam_service \fIname\fP, \-PAMService \fIname\fP +PAM service name to use when authentication users using any of the "Plain" +security types. Default is \fBvnc\fP. . .TP -.B \-IdleTimeout \fIseconds\fP -The number of seconds after which an idle VNC connection will be dropped. -Default is 0, which means that idle connections will never be dropped. +.B \-Password \fIpassword\fP +Obfuscated binary encoding of the password which clients must supply to +access the server. Using this parameter is insecure, use \fBPasswordFile\fP +parameter instead. . .TP -.B \-MaxDisconnectionTime \fIseconds\fP -Terminate when no client has been connected for \fIN\fP seconds. Default is -0. +.B \-PasswordFile \fIpasswd-file\fP, \-rfbauth \fIpasswd-file\fP +Password file for VNC authentication. There is no default, you should +specify the password file explicitly. Password file should be created with +the \fBvncpasswd\fP(1) utility. The file is accessed each time a connection +comes in, so it can be changed on the fly. . .TP -.B \-MaxConnectionTime \fIseconds\fP -Terminate when a client has been connected for \fIN\fP seconds. Default is -0. +.B \-PlainUsers \fIuser-list\fP +A comma separated list of user names that are allowed to authenticate via +any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP +to allow any user to authenticate using this security type. Specify \fB%u\fP +to allow the user of the server process. Default is to deny all users. . .TP -.B \-MaxIdleTime \fIseconds\fP -Terminate after \fIN\fP seconds of user inactivity. Default is 0. +.B \-Protocol3.3 +Always use protocol version 3.3 for backwards compatibility with badly-behaved +clients. Default is off. . .TP .B \-QueryConnect @@ -282,17 +243,11 @@ Number of seconds to show the Accept connection dialog before rejecting the connection. Default is \fB10\fP. . .TP -.B \-localhost -Only allow connections from the same machine. Useful if you use SSH and want to -stop non-SSH connections from any other hosts. -. -.TP -.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP -Configures the debug log settings. \fIdest\fP can currently be \fBstderr\fP, -\fBstdout\fP or \fBsyslog\fP, and \fIlevel\fP is between 0 and 100, 100 meaning -most verbose output. \fIlogname\fP is usually \fB*\fP meaning all, but you can -target a specific source file if you know the name of its "LogWriter". Default -is \fB*:stderr:30\fP. +.B \-RawKeyboard +Send keyboard events straight through and avoid mapping them to the current +keyboard layout. This effectively makes the keyboard behave according to the +layout configured on the server instead of the layout configured on the +client. Default is off. . .TP .B \-RemapKeys \fImapping @@ -311,24 +266,69 @@ RemapKeys=0x22<>0x40 .RE . .TP -.B \-AvoidShiftNumLock -Key affected by NumLock often require a fake Shift to be inserted in order -for the correct symbol to be generated. Turning on this option avoids these -extra fake Shift events but may result in a slightly different symbol -(e.g. a Return instead of a keypad Enter). +.B \-RequireUsername +Require username for the RSA-AES security types. Default is off. . .TP -.B \-RawKeyboard -Send keyboard events straight through and avoid mapping them to the current -keyboard layout. This effectively makes the keyboard behave according to the -layout configured on the server instead of the layout configured on the -client. Default is off. +.B \-rfbport \fIport\fP +Specifies the TCP port on which Xvnc listens for connections from viewers (the +protocol used in VNC is called RFB - "remote framebuffer"). The default is +5900 plus the display number. Specify \fB-1\fP to disable listening on a TCP +port. . .TP -.B \-AllowOverride -Comma separated list of parameters that can be modified using VNC extension. -Parameters can be modified for example using \fBvncconfig\fP(1) program from -inside a running session. +.B \-rfbunixmode \fImode\fP +Specifies the mode of the Unix domain socket. The default is 0600. +. +.TP +.B \-rfbunixpath \fIpath\fP +Specifies the path of a Unix domain socket on which Xvnc listens for +connections from viewers. +. +.TP +.B \-RSAKey \fIpath\fP +Path to the RSA key for the RSA-AES security types (\fBRA2\fP, \fBRA2ne\fP, +\fBRA2_256\fP and \fBRA2ne_256\fP) in PEM format. +. +.TP +.B \-SecurityTypes \fIsec-types\fP +Specify which security scheme to use for incoming connections. Valid values +are a comma separated list of \fBNone\fP, \fBVncAuth\fP, \fBPlain\fP, +\fBTLSNone\fP, \fBTLSVnc\fP, \fBTLSPlain\fP, \fBX509None\fP, \fBX509Vnc\fP, +\fBX509Plain\fP, \fBRA2\fP, \fBRA2ne\fP, \fBRA2_256\fP and \fBRA2ne_256\fP. +Default is \fBTLSVnc,VncAuth\fP. +. +.TP +.B \-SendCutText +Send clipboard changes to clients. Default is on. +. +.TP +.B \-SendPrimary +Send the primary selection and cut buffer to the server as well as the +clipboard selection. Default is on. +. +.TP +.B \-UseBlacklist +Temporarily reject connections from a host if it repeatedly fails to +authenticate. Default is on. +. +.TP +.B \-UseIPv4 +Use IPv4 for incoming and outgoing connections. Default is on. +. +.TP +.B \-UseIPv6 +Use IPv6 for incoming and outgoing connections. Default is on. +. +.TP +.B \-X509Cert \fIpath\fP +Path to a X509 certificate in PEM format to be used for all X509 based +security types (X509None, X509Vnc, etc.). +. +.TP +.B \-X509Key \fIpath\fP +Private key counter part to the certificate given in \fBX509Cert\fP. Must +also be in PEM format. Allowing override of parameters such as \fBPAMService\fP or \fBPasswordFile\fP can negatively impact security if Xvnc runs under different user than the diff --git a/vncviewer/vncviewer.man b/vncviewer/vncviewer.man index ade45b78a8..6da2f1dc09 100644 --- a/vncviewer/vncviewer.man +++ b/vncviewer/vncviewer.man @@ -115,94 +115,50 @@ This can be accessed from the popup menu or from the "Connection details" dialog box. .TP -.B \-display \fIXdisplay\fP -Specifies the X display on which the VNC viewer window should appear. -. -.TP -.B \-geometry \fIgeometry\fP -Initial position of the main VNC viewer window. The format is -.B \fIwidth\fPx\fIheight\fP+\fIxoffset\fP+\fIyoffset\fP -, where `+' signs can be replaced with `\-' signs to specify offsets from the -right and/or from the bottom of the screen. Offsets are optional and the -window will be placed by the window manager by default. -. -.TP -.B \-listen \fI[port]\fP -Causes vncviewer to listen on the given port (default 5500) for reverse -connections from a VNC server. WinVNC supports reverse connections initiated -using the 'Add new client' menu option or the '\-connect' command-line option. -Xvnc supports reverse connections with a helper program called -.B vncconfig. -. -.TP -.B \-SecurityTypes \fIsec-types\fP -Specify which security schemes to attempt to use when authenticating with -the server. Valid values are a comma separated list of \fBNone\fP, -\fBVncAuth\fP, \fBPlain\fP, \fBTLSNone\fP, \fBTLSVnc\fP, \fBTLSPlain\fP, -\fBX509None\fP, \fBX509Vnc\fP, \fBX509Plain\fP, \fBRA2\fP, \fBRA2ne\fP, -\fBRA2_256\fP and \fBRA2ne_256\fP. Default is to attempt -every supported scheme. -. -.TP -.B \-passwd, \-PasswordFile \fIpassword-file\fP -If you are on a filesystem which gives you access to the password file used by -the server, you can specify it here to avoid typing it in. It will usually be -\fI$XDG_CONFIG_HOME/tigervnc/passwd\fP, or \fI~/.config/tigervnc/passwd\fP -if the former is unset. -. -.TP -.B \-X509CA \fIpath\fP -Path to CA certificate to use when authenticating remote servers using any -of the X509 security schemes (X509None, X509Vnc, etc.). Must be in PEM -format. Default is \fI$XDG_CONFIG_HOME/tigervnc/x509_ca.pem\fP, or -\fI~/.config/tigervnc/x509_ca.pem\fP. +.B \-AcceptClipboard +Accept clipboard changes from the server. Default is on. . .TP -.B \-X509CRL \fIpath\fP -Path to certificate revocation list to use in conjunction with -\fB-X509CA\fP. Must also be in PEM format. Default is -\fI$XDG_CONFIG_HOME/tigervnc/x509_crl.pem\fP, or -\fI~/.config/tigervnc/x509_crl.pem\fP. +.B \-AlertOnFatalError +Display a dialog with any fatal error before exiting. Default is on. . .TP -.B \-Shared -When you make a connection to a VNC server, all other existing connections are -normally closed. This option requests that they be left open, allowing you to -share the desktop with someone already using it. +.B \-AutoSelect +Use automatic selection of encoding and pixel format (default is on). Normally +the viewer tests the speed of the connection to the server and chooses the +encoding and pixel format appropriately. Turn it off with \fB-AutoSelect=0\fP. . .TP -.B \-ViewOnly -Specifies that no keyboard or mouse events should be sent to the server. -Useful if you want to view a desktop without interfering; often needs to be -combined with -.B \-Shared. +.B \-CompressLevel \fIlevel\fP +Use specified lossless compression level. 0 = Low, 9 = High. Default is 2. . .TP -.B \-AcceptClipboard -Accept clipboard changes from the server. Default is on. +.B \-CustomCompressLevel +Use custom compression level. Default if \fBCompressLevel\fP is specified. . .TP -.B \-SetPrimary -Set the primary selection as well as the clipboard selection. -Default is on. +.B \-DesktopSize \fIwidth\fPx\fIheight\fP +Instead of keeping the existing remote screen size, the client will attempt to +switch to the specified since when connecting. If the server does not support +the SetDesktopSize message then the screen will retain the original size. . .TP -.B \-MaxCutText \fIbytes\fP -The maximum size of a clipboard update that will be accepted from a server. -Default is \fB262144\fP. +.B \-display \fIXdisplay\fP +Specifies the X display on which the VNC viewer window should appear. . .TP -.B \-SendClipboard -Send clipboard changes to the server. Default is on. +.B \-DotWhenNoCursor +Show the dot cursor when the server sends an invisible cursor. Default is off. . .TP -.B \-SendPrimary -Send the primary selection to the server as well as the clipboard -selection. Default is on. +.B \-EmulateMiddleButton +Emulate middle mouse button by pressing left and right mouse buttons +simultaneously. Default is off. . .TP -.B \-Maximize -Maximize viewer window. +.B \-FullColor, \-FullColour +Tells the VNC server to send full-color pixels in the best format for this +display. This is default. . .TP .B \-FullScreen @@ -216,7 +172,7 @@ full-screen mode. Replaced by \fB-FullScreenMode=all\fP .TP .B \-FullScreenMode \fImode\fP Specify which monitors to use when in full screen. It should be either "Current", -"Selected" (specified by \fB-FullScreenSelectedMonitors\fP) or "All". +"Selected" (specified by \fB-FullScreenSelectedMonitors\fP) or "All". The default is "Current". . .TP @@ -233,26 +189,33 @@ Pass special keys (like Alt+Tab) directly to the server when in full-screen mode. . .TP -.B \-DesktopSize \fIwidth\fPx\fIheight\fP -Instead of keeping the existing remote screen size, the client will attempt to -switch to the specified since when connecting. If the server does not support -the SetDesktopSize message then the screen will retain the original size. +.B \-geometry \fIgeometry\fP +Initial position of the main VNC viewer window. The format is +.B \fIwidth\fPx\fIheight\fP+\fIxoffset\fP+\fIyoffset\fP +, where `+' signs can be replaced with `\-' signs to specify offsets from the +right and/or from the bottom of the screen. Offsets are optional and the +window will be placed by the window manager by default. . .TP -.B \-RemoteResize -Dynamically resize the remote desktop size as the size of the local client -window changes. Note that this may not work with all VNC servers. +.B \-GnuTLSPriority \fIpriority\fP +GnuTLS priority string that controls the TLS session’s handshake algorithms. +See the GnuTLS manual for possible values. Default is \fBNORMAL\fP. . .TP -.B \-AutoSelect -Use automatic selection of encoding and pixel format (default is on). Normally -the viewer tests the speed of the connection to the server and chooses the -encoding and pixel format appropriately. Turn it off with \fB-AutoSelect=0\fP. +.B \-listen \fI[port]\fP +Causes vncviewer to listen on the given port (default 5500) for reverse +connections from a VNC server. WinVNC supports reverse connections initiated +using the 'Add new client' menu option or the '\-connect' command-line option. +Xvnc supports reverse connections with a helper program called +.B vncconfig. . .TP -.B \-FullColor, \-FullColour -Tells the VNC server to send full-color pixels in the best format for this -display. This is default. +.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP +Configures the debug log settings. \fIdest\fP can currently be \fBstderr\fP or +\fBstdout\fP, and \fIlevel\fP is between 0 and 100, 100 meaning most verbose +output. \fIlogname\fP is usually \fB*\fP meaning all, but you can target a +specific source file if you know the name of its "LogWriter". Default is +\fB*:stderr:30\fP. . .TP .B \-LowColorLevel, \-LowColourLevel \fIlevel\fP @@ -263,54 +226,85 @@ vncviewer. If you would like to force vncviewer to use reduced color level use \fB-AutoSelect=0\fP parameter. . .TP -.B \-PreferredEncoding \fIencoding\fP -This option specifies the preferred encoding to use from one of "Tight", "ZRLE", -"hextile" or "raw". +.B \-MaxCutText \fIbytes\fP +The maximum size of a clipboard update that will be accepted from a server. +Default is \fB262144\fP. +. +.TP +.B \-Maximize +Maximize viewer window. +. +.TP +.B \-MenuKey \fIkeysym-name\fP +This option specifies the key which brings up the popup menu. The currently +supported list is: F1, F2, F3, F4, F5, F6, F7, F8, F9, F10, F11, F12, Pause, +Scroll_Lock, Escape, Insert, Delete, Home, Page_Up, Page_Down). Default is F8. . .TP .B \-NoJpeg Disable lossy JPEG compression in Tight encoding. Default is off. . .TP +.B \-passwd, \-PasswordFile \fIpassword-file\fP +If you are on a filesystem which gives you access to the password file used by +the server, you can specify it here to avoid typing it in. It will usually be +\fI$XDG_CONFIG_HOME/tigervnc/passwd\fP, or \fI~/.config/tigervnc/passwd\fP +if the former is unset. +. +.TP +.B \-PointerEventInterval \fItime\fP +Time in milliseconds to rate-limit successive pointer events. Default is +17 ms (60 Hz). +. +.TP +.B \-PreferredEncoding \fIencoding\fP +This option specifies the preferred encoding to use from one of "Tight", "ZRLE", +"hextile" or "raw". +. +.TP .B \-QualityLevel \fIlevel\fP JPEG quality level. 0 = Low, 9 = High. May be adjusted automatically if \fB-AutoSelect\fP is turned on. Default is 8. . .TP -.B \-CompressLevel \fIlevel\fP -Use specified lossless compression level. 0 = Low, 9 = High. Default is 2. +.B \-ReconnectOnError +Display a dialog with any error and offer the possibility to retry +establishing the connection. In case this is off no dialog to +re-connect will be offered. Default is on. . .TP -.B \-CustomCompressLevel -Use custom compression level. Default if \fBCompressLevel\fP is specified. +.B \-RemoteResize +Dynamically resize the remote desktop size as the size of the local client +window changes. Note that this may not work with all VNC servers. . .TP -.B \-DotWhenNoCursor -Show the dot cursor when the server sends an invisible cursor. Default is off. +.B \-SecurityTypes \fIsec-types\fP +Specify which security schemes to attempt to use when authenticating with +the server. Valid values are a comma separated list of \fBNone\fP, +\fBVncAuth\fP, \fBPlain\fP, \fBTLSNone\fP, \fBTLSVnc\fP, \fBTLSPlain\fP, +\fBX509None\fP, \fBX509Vnc\fP, \fBX509Plain\fP, \fBRA2\fP, \fBRA2ne\fP, +\fBRA2_256\fP and \fBRA2ne_256\fP. Default is to attempt +every supported scheme. . .TP -.B \-PointerEventInterval \fItime\fP -Time in milliseconds to rate-limit successive pointer events. Default is -17 ms (60 Hz). +.B \-SendClipboard +Send clipboard changes to the server. Default is on. . .TP -.B \-EmulateMiddleButton -Emulate middle mouse button by pressing left and right mouse buttons -simultaneously. Default is off. +.B \-SendPrimary +Send the primary selection to the server as well as the clipboard +selection. Default is on. . .TP -.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP -Configures the debug log settings. \fIdest\fP can currently be \fBstderr\fP or -\fBstdout\fP, and \fIlevel\fP is between 0 and 100, 100 meaning most verbose -output. \fIlogname\fP is usually \fB*\fP meaning all, but you can target a -specific source file if you know the name of its "LogWriter". Default is -\fB*:stderr:30\fP. +.B \-SetPrimary +Set the primary selection as well as the clipboard selection. +Default is on. . .TP -.B \-MenuKey \fIkeysym-name\fP -This option specifies the key which brings up the popup menu. The currently -supported list is: F1, F2, F3, F4, F5, F6, F7, F8, F9, F10, F11, F12, Pause, -Scroll_Lock, Escape, Insert, Delete, Home, Page_Up, Page_Down). Default is F8. +.B \-Shared +When you make a connection to a VNC server, all other existing connections are +normally closed. This option requests that they be left open, allowing you to +share the desktop with someone already using it. . .TP \fB\-via\fR \fIgateway\fR @@ -319,7 +313,7 @@ before connection, connect to the \fIhost\fR through that tunnel (TigerVNC\-specific). By default, this option invokes SSH local port forwarding, assuming that SSH client binary can be accessed as /usr/bin/ssh. Note that when using the \fB\-via\fR option, the host -machine name should be specified as known to the gateway machine, e.g. +machine name should be specified as known to the gateway machine, e.g. "localhost" denotes the \fIgateway\fR, not the machine where vncviewer was launched. The environment variable \fIVNC_VIA_CMD\fR can override the default tunnel command of @@ -330,14 +324,25 @@ host, the port number on the remote host, and the gateway machine respectively. . .TP -.B \-AlertOnFatalError -Display a dialog with any fatal error before exiting. Default is on. +.B \-ViewOnly +Specifies that no keyboard or mouse events should be sent to the server. +Useful if you want to view a desktop without interfering; often needs to be +combined with +.B \-Shared. . .TP -.B \-ReconnectOnError -Display a dialog with any error and offer the possibility to retry -establishing the connection. In case this is off no dialog to -re-connect will be offered. Default is on. +.B \-X509CA \fIpath\fP +Path to CA certificate to use when authenticating remote servers using any +of the X509 security schemes (X509None, X509Vnc, etc.). Must be in PEM +format. Default is \fI$XDG_CONFIG_HOME/tigervnc/x509_ca.pem\fP, or +\fI~/.config/tigervnc/x509_ca.pem\fP. +. +.TP +.B \-X509CRL \fIpath\fP +Path to certificate revocation list to use in conjunction with +\fB-X509CA\fP. Must also be in PEM format. Default is +\fI$XDG_CONFIG_HOME/tigervnc/x509_crl.pem\fP, or +\fI~/.config/tigervnc/x509_crl.pem\fP. .SH FILES .TP From 0d46303ba3dce036b4dda91611f1b4f930cf8dfa Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Mon, 19 Aug 2024 10:09:23 +0200 Subject: [PATCH 18/34] Document Xvnc "-SetPrimary" in man page --- unix/xserver/hw/vnc/Xvnc.man | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/unix/xserver/hw/vnc/Xvnc.man b/unix/xserver/hw/vnc/Xvnc.man index 1f26611475..38f3a04fa8 100644 --- a/unix/xserver/hw/vnc/Xvnc.man +++ b/unix/xserver/hw/vnc/Xvnc.man @@ -308,6 +308,11 @@ Send the primary selection and cut buffer to the server as well as the clipboard selection. Default is on. . .TP +.B \-SetPrimary +Set the primary selection as well as the clipboard selection. +Default is on. +. +.TP .B \-UseBlacklist Temporarily reject connections from a host if it repeatedly fails to authenticate. Default is on. From 823b646dc75c9b62d52590d12d818a2fa0df5409 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Mon, 19 Aug 2024 10:10:04 +0200 Subject: [PATCH 19/34] Document UseIPv4/UseIPv6 in viewer man page --- vncviewer/vncviewer.man | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/vncviewer/vncviewer.man b/vncviewer/vncviewer.man index 6da2f1dc09..4ec56cf8bf 100644 --- a/vncviewer/vncviewer.man +++ b/vncviewer/vncviewer.man @@ -307,6 +307,14 @@ normally closed. This option requests that they be left open, allowing you to share the desktop with someone already using it. . .TP +.B \-UseIPv4 +Use IPv4 for incoming and outgoing connections. Default is on. +. +.TP +.B \-UseIPv6 +Use IPv6 for incoming and outgoing connections. Default is on. +. +.TP \fB\-via\fR \fIgateway\fR Automatically create encrypted TCP tunnel to the \fIgateway\fR machine before connection, connect to the \fIhost\fR through that tunnel From 254a84c4789e6bc6c3a07ff437408f96b4d87d7f Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Mon, 6 Jan 2025 17:00:42 +0100 Subject: [PATCH 20/34] Describe multiple -Log entries in man pages It's possible to configure multiple loggers with different settings. This was properly described in the --help output, but not the man pages. --- unix/x0vncserver/x0vncserver.man | 2 +- unix/xserver/hw/vnc/Xvnc.man | 2 +- vncviewer/vncviewer.man | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/unix/x0vncserver/x0vncserver.man b/unix/x0vncserver/x0vncserver.man index 02cee04cf1..7391871e7e 100644 --- a/unix/x0vncserver/x0vncserver.man +++ b/unix/x0vncserver/x0vncserver.man @@ -151,7 +151,7 @@ Only allow connections from the same machine. Useful if you use SSH and want to stop non-SSH connections from any other hosts. . .TP -.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP +.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP[, ...] Configures the debug log settings. \fIdest\fP can currently be \fBstderr\fP, \fBstdout\fP or \fBsyslog\fP, and \fIlevel\fP is between 0 and 100, 100 meaning most verbose output. \fIlogname\fP is usually \fB*\fP meaning all, but you can diff --git a/unix/xserver/hw/vnc/Xvnc.man b/unix/xserver/hw/vnc/Xvnc.man index 38f3a04fa8..d6b1664dbb 100644 --- a/unix/xserver/hw/vnc/Xvnc.man +++ b/unix/xserver/hw/vnc/Xvnc.man @@ -168,7 +168,7 @@ Only allow connections from the same machine. Useful if you use SSH and want to stop non-SSH connections from any other hosts. . .TP -.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP +.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP[, ...] Configures the debug log settings. \fIdest\fP can currently be \fBstderr\fP, \fBstdout\fP or \fBsyslog\fP, and \fIlevel\fP is between 0 and 100, 100 meaning most verbose output. \fIlogname\fP is usually \fB*\fP meaning all, but you can diff --git a/vncviewer/vncviewer.man b/vncviewer/vncviewer.man index 4ec56cf8bf..c35ec93fec 100644 --- a/vncviewer/vncviewer.man +++ b/vncviewer/vncviewer.man @@ -210,7 +210,7 @@ Xvnc supports reverse connections with a helper program called .B vncconfig. . .TP -.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP +.B \-Log \fIlogname\fP:\fIdest\fP:\fIlevel\fP[, ...] Configures the debug log settings. \fIdest\fP can currently be \fBstderr\fP or \fBstdout\fP, and \fIlevel\fP is between 0 and 100, 100 meaning most verbose output. \fIlogname\fP is usually \fB*\fP meaning all, but you can target a From e97e225024fbf91a0f5dc78629e09fc9e56e3ba1 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 3 Dec 2024 16:10:11 +0100 Subject: [PATCH 21/34] Consolidate argument parsing in single function Avoid duplicating this complexity everywhere and make sure all commands get the same handling and fixes. --- common/rfb/Configuration.cxx | 89 ++++++--- common/rfb/Configuration.h | 14 +- tests/perf/encperf.cxx | 16 +- tests/unit/CMakeLists.txt | 3 + tests/unit/configargs.cxx | 326 +++++++++++++++++++++++++++++++ unix/vncconfig/vncconfig.cxx | 12 +- unix/x0vncserver/x0vncserver.cxx | 26 ++- unix/xserver/hw/vnc/RFBGlue.cc | 10 +- unix/xserver/hw/vnc/RFBGlue.h | 3 +- unix/xserver/hw/vnc/xvnc.c | 10 +- vncviewer/vncviewer.cxx | 35 +--- win/vncconfig/vncconfig.cxx | 13 +- win/winvnc/winvnc.cxx | 14 +- 13 files changed, 452 insertions(+), 119 deletions(-) create mode 100644 tests/unit/configargs.cxx diff --git a/common/rfb/Configuration.cxx b/common/rfb/Configuration.cxx index 72947df12b..53f308636b 100644 --- a/common/rfb/Configuration.cxx +++ b/common/rfb/Configuration.cxx @@ -95,31 +95,6 @@ bool Configuration::set(const char* paramName, int len, return _next ? _next->set(paramName, len, val, immutable) : false; } -bool Configuration::set(const char* config, bool immutable) { - bool hyphen = false; - if (config[0] == '-') { - hyphen = true; - config++; - if (config[0] == '-') config++; // allow gnu-style --