Merge remote-tracking branch 'remotes/berrange/tags/pull-io-channel-vnc-2015-12-18-1' into staging (b06f904f) · Commits · SUMMER2020 / students / proj-2021291

ui/vnc-auth-sasl.c

+45 −12

Original line number	Diff line number	Diff line
		@@ -62,7 +62,7 @@ long vnc_client_write_sasl(VncState *vs)
		(const char **)&vs->sasl.encoded,
		&vs->sasl.encodedLength);
		if (err != SASL_OK)
		return vnc_client_io_error(vs, -1, EIO);
		return vnc_client_io_error(vs, -1, NULL);

		vs->sasl.encodedOffset = 0;
		}
		@@ -86,7 +86,11 @@ long vnc_client_write_sasl(VncState *vs)
		* SASL encoded output
		*/
		if (vs->output.offset == 0) {
		qemu_set_fd_handler(vs->csock, vnc_client_read, NULL, vs);
		if (vs->ioc_tag) {
		g_source_remove(vs->ioc_tag);
		}
		vs->ioc_tag = qio_channel_add_watch(
		vs->ioc, G_IO_IN, vnc_client_io, vs, NULL);
		}

		return ret;
		@@ -110,7 +114,7 @@ long vnc_client_read_sasl(VncState *vs)
		&decoded, &decodedLen);

		if (err != SASL_OK)
		return vnc_client_io_error(vs, -1, -EIO);
		return vnc_client_io_error(vs, -1, NULL);
		VNC_DEBUG("Read SASL Encoded %p size %ld Decoded %p size %d\n",
		encoded, ret, decoded, decodedLen);
		buffer_reserve(&vs->input, decodedLen);
		@@ -255,17 +259,17 @@ static int protocol_client_auth_sasl_step(VncState vs, uint8_t data, size_t le
		vnc_read_when(vs, protocol_client_auth_sasl_step_len, 4);
		} else {
		if (!vnc_auth_sasl_check_ssf(vs)) {
		VNC_DEBUG("Authentication rejected for weak SSF %d\n", vs->csock);
		VNC_DEBUG("Authentication rejected for weak SSF %p\n", vs->ioc);
		goto authreject;
		}

		/* Check username whitelist ACL */
		if (vnc_auth_sasl_check_access(vs) < 0) {
		VNC_DEBUG("Authentication rejected for ACL %d\n", vs->csock);
		VNC_DEBUG("Authentication rejected for ACL %p\n", vs->ioc);
		goto authreject;
		}

		VNC_DEBUG("Authentication successful %d\n", vs->csock);
		VNC_DEBUG("Authentication successful %p\n", vs->ioc);
		vnc_write_u32(vs, 0); /* Accept auth */
		/*
		* Delay writing in SSF encoded mode until pending output
		@@ -383,17 +387,17 @@ static int protocol_client_auth_sasl_start(VncState vs, uint8_t data, size_t l
		vnc_read_when(vs, protocol_client_auth_sasl_step_len, 4);
		} else {
		if (!vnc_auth_sasl_check_ssf(vs)) {
		VNC_DEBUG("Authentication rejected for weak SSF %d\n", vs->csock);
		VNC_DEBUG("Authentication rejected for weak SSF %p\n", vs->ioc);
		goto authreject;
		}

		/* Check username whitelist ACL */
		if (vnc_auth_sasl_check_access(vs) < 0) {
		VNC_DEBUG("Authentication rejected for ACL %d\n", vs->csock);
		VNC_DEBUG("Authentication rejected for ACL %p\n", vs->ioc);
		goto authreject;
		}

		VNC_DEBUG("Authentication successful %d\n", vs->csock);
		VNC_DEBUG("Authentication successful %p\n", vs->ioc);
		vnc_write_u32(vs, 0); /* Accept auth */
		start_client_init(vs);
		}
		@@ -487,6 +491,32 @@ static int protocol_client_auth_sasl_mechname_len(VncState vs, uint8_t data, s
		return 0;
		}

		static char *
		vnc_socket_ip_addr_string(QIOChannelSocket *ioc,
		bool local,
		Error **errp)
		{
		SocketAddress *addr;
		char *ret;

		if (local) {
		addr = qio_channel_socket_get_local_address(ioc, errp);
		} else {
		addr = qio_channel_socket_get_remote_address(ioc, errp);
		}
		if (!addr) {
		return NULL;
		}

		if (addr->type != SOCKET_ADDRESS_KIND_INET) {
		error_setg(errp, "Not an inet socket type");
		return NULL;
		}
		ret = g_strdup_printf("%s;%s", addr->u.inet->host, addr->u.inet->port);
		qapi_free_SocketAddress(addr);
		return ret;
		}

		void start_auth_sasl(VncState *vs)
		{
		const char *mechlist = NULL;
		@@ -495,13 +525,16 @@ void start_auth_sasl(VncState *vs)
		char localAddr, remoteAddr;
		int mechlistlen;

		VNC_DEBUG("Initialize SASL auth %d\n", vs->csock);
		VNC_DEBUG("Initialize SASL auth %p\n", vs->ioc);

		/* Get local & remote client addresses in form IPADDR;PORT */
		if (!(localAddr = vnc_socket_local_addr("%s;%s", vs->csock)))
		localAddr = vnc_socket_ip_addr_string(vs->sioc, true, NULL);
		if (!localAddr) {
		goto authabort;
		}

		if (!(remoteAddr = vnc_socket_remote_addr("%s;%s", vs->csock))) {
		remoteAddr = vnc_socket_ip_addr_string(vs->sioc, false, NULL);
		if (!remoteAddr) {
		g_free(localAddr);
		goto authabort;
		}

ui/vnc-auth-vencrypt.c

+32 −61

Original line number	Diff line number	Diff line
		@@ -63,54 +63,21 @@ static void start_auth_vencrypt_subauth(VncState *vs)
		}
		}

		static void vnc_tls_handshake_io(void *opaque);

		static int vnc_start_vencrypt_handshake(VncState *vs)
		static void vnc_tls_handshake_done(Object *source,
		Error *err,
		gpointer user_data)
		{
		Error *err = NULL;

		if (qcrypto_tls_session_handshake(vs->tls, &err) < 0) {
		goto error;
		}
		VncState *vs = user_data;

		switch (qcrypto_tls_session_get_handshake_status(vs->tls)) {
		case QCRYPTO_TLS_HANDSHAKE_COMPLETE:
		VNC_DEBUG("Handshake done, checking credentials\n");
		if (qcrypto_tls_session_check_credentials(vs->tls, &err) < 0) {
		goto error;
		}
		VNC_DEBUG("Client verification passed, starting TLS I/O\n");
		qemu_set_fd_handler(vs->csock, vnc_client_read, vnc_client_write, vs);

		start_auth_vencrypt_subauth(vs);
		break;

		case QCRYPTO_TLS_HANDSHAKE_RECVING:
		VNC_DEBUG("Handshake interrupted (blocking read)\n");
		qemu_set_fd_handler(vs->csock, vnc_tls_handshake_io, NULL, vs);
		break;

		case QCRYPTO_TLS_HANDSHAKE_SENDING:
		VNC_DEBUG("Handshake interrupted (blocking write)\n");
		qemu_set_fd_handler(vs->csock, NULL, vnc_tls_handshake_io, vs);
		break;
		}

		return 0;

		error:
		VNC_DEBUG("Handshake failed %s\n", error_get_pretty(err));
		error_free(err);
		if (err) {
		VNC_DEBUG("Handshake failed %s\n",
		error_get_pretty(err));
		vnc_client_error(vs);
		return -1;
		} else {
		vs->ioc_tag = qio_channel_add_watch(
		vs->ioc, G_IO_IN \| G_IO_OUT, vnc_client_io, vs, NULL);
		start_auth_vencrypt_subauth(vs);
		}

		static void vnc_tls_handshake_io(void *opaque)
		{
		VncState vs = (VncState )opaque;

		VNC_DEBUG("Handshake IO continue\n");
		vnc_start_vencrypt_handshake(vs);
		}


		@@ -125,33 +92,37 @@ static int protocol_client_vencrypt_auth(VncState vs, uint8_t data, size_t len
		vnc_client_error(vs);
		} else {
		Error *err = NULL;
		QIOChannelTLS *tls;
		VNC_DEBUG("Accepting auth %d, setting up TLS for handshake\n", auth);
		vnc_write_u8(vs, 1); /* Accept auth */
		vnc_flush(vs);

		vs->tls = qcrypto_tls_session_new(vs->vd->tlscreds,
		NULL,
		if (vs->ioc_tag) {
		g_source_remove(vs->ioc_tag);
		vs->ioc_tag = 0;
		}

		tls = qio_channel_tls_new_server(
		vs->ioc,
		vs->vd->tlscreds,
		vs->vd->tlsaclname,
		QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,
		&err);
		if (!vs->tls) {
		VNC_DEBUG("Failed to setup TLS %s\n",
		error_get_pretty(err));
		if (!tls) {
		VNC_DEBUG("Failed to setup TLS %s\n", error_get_pretty(err));
		error_free(err);
		vnc_client_error(vs);
		return 0;
		}

		qcrypto_tls_session_set_callbacks(vs->tls,
		vnc_tls_push,
		vnc_tls_pull,
		vs);

		VNC_DEBUG("Start TLS VeNCrypt handshake process\n");
		if (vnc_start_vencrypt_handshake(vs) < 0) {
		VNC_DEBUG("Failed to start TLS handshake\n");
		return 0;
		}
		object_unref(OBJECT(vs->ioc));
		vs->ioc = QIO_CHANNEL(tls);
		vs->tls = qio_channel_tls_get_session(tls);

		qio_channel_tls_handshake(tls,
		vnc_tls_handshake_done,
		vs,
		NULL);
		}
		return 0;
		}

ui/vnc-jobs.c

+12 −8

Original line number	Diff line number	Diff line
		@@ -166,13 +166,16 @@ void vnc_jobs_consume_buffer(VncState *vs)

		vnc_lock_output(vs);
		if (vs->jobs_buffer.offset) {
		if (vs->csock != -1 && buffer_empty(&vs->output)) {
		qemu_set_fd_handler(vs->csock, vnc_client_read,
		vnc_client_write, vs);
		if (vs->ioc != NULL && buffer_empty(&vs->output)) {
		if (vs->ioc_tag) {
		g_source_remove(vs->ioc_tag);
		}
		vs->ioc_tag = qio_channel_add_watch(
		vs->ioc, G_IO_IN \| G_IO_OUT, vnc_client_io, vs, NULL);
		}
		buffer_move(&vs->output, &vs->jobs_buffer);
		}
		flush = vs->csock != -1 && vs->abort != true;
		flush = vs->ioc != NULL && vs->abort != true;
		vnc_unlock_output(vs);

		if (flush) {
		@@ -186,7 +189,8 @@ void vnc_jobs_consume_buffer(VncState *vs)
		static void vnc_async_encoding_start(VncState orig, VncState local)
		{
		buffer_init(&local->output, "vnc-worker-output");
		local->csock = -1; /* Don't do any network work on this thread */
		local->sioc = NULL; /* Don't do any network work on this thread */
		local->ioc = NULL; /* Don't do any network work on this thread */

		local->vnc_encoding = orig->vnc_encoding;
		local->features = orig->features;
		@@ -231,7 +235,7 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
		}

		vnc_lock_output(job->vs);
		if (job->vs->csock == -1 \|\| job->vs->abort == true) {
		if (job->vs->ioc == NULL \|\| job->vs->abort == true) {
		vnc_unlock_output(job->vs);
		goto disconnected;
		}
		@@ -259,7 +263,7 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
		QLIST_FOREACH_SAFE(entry, &job->rectangles, next, tmp) {
		int n;

		if (job->vs->csock == -1) {
		if (job->vs->ioc == NULL) {
		vnc_unlock_display(job->vs->vd);
		/* Copy persistent encoding data */
		vnc_async_encoding_end(job->vs, &vs);
		@@ -281,7 +285,7 @@ static int vnc_worker_thread_loop(VncJobQueue *queue)
		vs.output.buffer[saved_offset + 1] = n_rectangles & 0xFF;

		vnc_lock_output(job->vs);
		if (job->vs->csock != -1) {
		if (job->vs->ioc != NULL) {
		buffer_move(&job->vs->jobs_buffer, &vs.output);
		/* Copy persistent encoding data */
		vnc_async_encoding_end(job->vs, &vs);

ui/vnc-ws.c

+66 −334

Original line number	Diff line number	Diff line
		@@ -19,373 +19,105 @@
		*/

		#include "vnc.h"
		#include "qemu/main-loop.h"
		#include "crypto/hash.h"
		#include "io/channel-websock.h"

		static int vncws_start_tls_handshake(VncState *vs)
		static void vncws_tls_handshake_done(Object *source,
		Error *err,
		gpointer user_data)
		{
		Error *err = NULL;

		if (qcrypto_tls_session_handshake(vs->tls, &err) < 0) {
		goto error;
		}

		switch (qcrypto_tls_session_get_handshake_status(vs->tls)) {
		case QCRYPTO_TLS_HANDSHAKE_COMPLETE:
		VNC_DEBUG("Handshake done, checking credentials\n");
		if (qcrypto_tls_session_check_credentials(vs->tls, &err) < 0) {
		goto error;
		}
		VNC_DEBUG("Client verification passed, starting TLS I/O\n");
		qemu_set_fd_handler(vs->csock, vncws_handshake_read, NULL, vs);
		break;

		case QCRYPTO_TLS_HANDSHAKE_RECVING:
		VNC_DEBUG("Handshake interrupted (blocking read)\n");
		qemu_set_fd_handler(vs->csock, vncws_tls_handshake_io, NULL, vs);
		break;
		VncState *vs = user_data;

		case QCRYPTO_TLS_HANDSHAKE_SENDING:
		VNC_DEBUG("Handshake interrupted (blocking write)\n");
		qemu_set_fd_handler(vs->csock, NULL, vncws_tls_handshake_io, vs);
		break;
		}

		return 0;

		error:
		if (err) {
		VNC_DEBUG("Handshake failed %s\n", error_get_pretty(err));
		error_free(err);
		vnc_client_error(vs);
		return -1;
		} else {
		VNC_DEBUG("TLS handshake complete, starting websocket handshake\n");
		vs->ioc_tag = qio_channel_add_watch(
		QIO_CHANNEL(vs->ioc), G_IO_IN, vncws_handshake_io, vs, NULL);
		}

		void vncws_tls_handshake_io(void *opaque)
		{
		VncState vs = (VncState )opaque;
		Error *err = NULL;

		vs->tls = qcrypto_tls_session_new(vs->vd->tlscreds,
		NULL,
		vs->vd->tlsaclname,
		QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,
		&err);
		if (!vs->tls) {
		VNC_DEBUG("Failed to setup TLS %s\n",
		error_get_pretty(err));
		error_free(err);
		vnc_client_error(vs);
		return;
		}

		qcrypto_tls_session_set_callbacks(vs->tls,
		vnc_tls_push,
		vnc_tls_pull,
		vs);

		VNC_DEBUG("Start TLS WS handshake process\n");
		vncws_start_tls_handshake(vs);
		}

		void vncws_handshake_read(void *opaque)
		gboolean vncws_tls_handshake_io(QIOChannel *ioc G_GNUC_UNUSED,
		GIOCondition condition G_GNUC_UNUSED,
		void *opaque)
		{
		VncState *vs = opaque;
		uint8_t *handshake_end;
		long ret;
		/* Typical HTTP headers from novnc are 512 bytes, so limiting
		* total header size to 4096 is easily enough. */
		size_t want = 4096 - vs->ws_input.offset;
		buffer_reserve(&vs->ws_input, want);
		ret = vnc_client_read_buf(vs, buffer_end(&vs->ws_input), want);
		QIOChannelTLS *tls;
		Error *err = NULL;

		if (!ret) {
		if (vs->csock == -1) {
		vnc_disconnect_finish(vs);
		}
		return;
		VNC_DEBUG("TLS Websocket connection required\n");
		if (vs->ioc_tag) {
		g_source_remove(vs->ioc_tag);
		vs->ioc_tag = 0;
		}
		vs->ws_input.offset += ret;

		handshake_end = (uint8_t )g_strstr_len((char )vs->ws_input.buffer,
		vs->ws_input.offset, WS_HANDSHAKE_END);
		if (handshake_end) {
		qemu_set_fd_handler(vs->csock, vnc_client_read, NULL, vs);
		vncws_process_handshake(vs, vs->ws_input.buffer, vs->ws_input.offset);
		buffer_advance(&vs->ws_input, handshake_end - vs->ws_input.buffer +
		strlen(WS_HANDSHAKE_END));
		} else if (vs->ws_input.offset >= 4096) {
		VNC_DEBUG("End of headers not found in first 4096 bytes\n");
		tls = qio_channel_tls_new_server(
		vs->ioc,
		vs->vd->tlscreds,
		vs->vd->tlsaclname,
		&err);
		if (!tls) {
		VNC_DEBUG("Failed to setup TLS %s\n", error_get_pretty(err));
		error_free(err);
		vnc_client_error(vs);
		}
		}


		long vnc_client_read_ws(VncState *vs)
		{
		int ret, err;
		uint8_t *payload;
		size_t payload_size, header_size;
		VNC_DEBUG("Read websocket %p size %zd offset %zd\n", vs->ws_input.buffer,
		vs->ws_input.capacity, vs->ws_input.offset);
		buffer_reserve(&vs->ws_input, 4096);
		ret = vnc_client_read_buf(vs, buffer_end(&vs->ws_input), 4096);
		if (!ret) {
		return 0;
		}
		vs->ws_input.offset += ret;

		ret = 0;
		/* consume as much of ws_input buffer as possible */
		do {
		if (vs->ws_payload_remain == 0) {
		err = vncws_decode_frame_header(&vs->ws_input,
		&header_size,
		&vs->ws_payload_remain,
		&vs->ws_payload_mask);
		if (err <= 0) {
		return err;
		return TRUE;
		}

		buffer_advance(&vs->ws_input, header_size);
		}
		if (vs->ws_payload_remain != 0) {
		err = vncws_decode_frame_payload(&vs->ws_input,
		&vs->ws_payload_remain,
		&vs->ws_payload_mask,
		&payload,
		&payload_size);
		if (err < 0) {
		return err;
		}
		if (err == 0) {
		return ret;
		}
		ret += err;

		buffer_reserve(&vs->input, payload_size);
		buffer_append(&vs->input, payload, payload_size);

		buffer_advance(&vs->ws_input, payload_size);
		}
		} while (vs->ws_input.offset > 0);

		return ret;
		}

		long vnc_client_write_ws(VncState *vs)
		{
		long ret;
		VNC_DEBUG("Write WS: Pending output %p size %zd offset %zd\n",
		vs->output.buffer, vs->output.capacity, vs->output.offset);
		vncws_encode_frame(&vs->ws_output, vs->output.buffer, vs->output.offset);
		buffer_reset(&vs->output);
		ret = vnc_client_write_buf(vs, vs->ws_output.buffer, vs->ws_output.offset);
		if (!ret) {
		return 0;
		}

		buffer_advance(&vs->ws_output, ret);
		VNC_DEBUG("Start TLS WS handshake process\n");
		object_unref(OBJECT(vs->ioc));
		vs->ioc = QIO_CHANNEL(tls);
		vs->tls = qio_channel_tls_get_session(tls);

		if (vs->ws_output.offset == 0) {
		qemu_set_fd_handler(vs->csock, vnc_client_read, NULL, vs);
		}
		qio_channel_tls_handshake(tls,
		vncws_tls_handshake_done,
		vs,
		NULL);

		return ret;
		return TRUE;
		}

		static char vncws_extract_handshake_entry(const char handshake,
		size_t handshake_len, const char *name)
		{
		char begin, end, *ret = NULL;
		char *line = g_strdup_printf("%s%s: ", WS_HANDSHAKE_DELIM, name);
		begin = g_strstr_len(handshake, handshake_len, line);
		if (begin != NULL) {
		begin += strlen(line);
		end = g_strstr_len(begin, handshake_len - (begin - handshake),
		WS_HANDSHAKE_DELIM);
		if (end != NULL) {
		ret = g_strndup(begin, end - begin);
		}
		}
		g_free(line);
		return ret;
		}

		static void vncws_send_handshake_response(VncState vs, const char key)
		static void vncws_handshake_done(Object *source,
		Error *err,
		gpointer user_data)
		{
		char combined_key[WS_CLIENT_KEY_LEN + WS_GUID_LEN + 1];
		char accept = NULL, response = NULL;
		Error *err = NULL;
		VncState *vs = user_data;

		g_strlcpy(combined_key, key, WS_CLIENT_KEY_LEN + 1);
		g_strlcat(combined_key, WS_GUID, WS_CLIENT_KEY_LEN + WS_GUID_LEN + 1);

		/* hash and encode it */
		if (qcrypto_hash_base64(QCRYPTO_HASH_ALG_SHA1,
		combined_key,
		WS_CLIENT_KEY_LEN + WS_GUID_LEN,
		&accept,
		&err) < 0) {
		VNC_DEBUG("Hashing Websocket combined key failed %s\n",
		error_get_pretty(err));
		error_free(err);
		if (err) {
		VNC_DEBUG("Websock handshake failed %s\n", error_get_pretty(err));
		vnc_client_error(vs);
		return;
		}

		response = g_strdup_printf(WS_HANDSHAKE, accept);
		vnc_client_write_buf(vs, (const uint8_t *)response, strlen(response));

		g_free(accept);
		g_free(response);

		vs->encode_ws = 1;
		vnc_init_state(vs);
		}

		void vncws_process_handshake(VncState vs, uint8_t line, size_t size)
		{
		char protocols = vncws_extract_handshake_entry((const char )line, size,
		"Sec-WebSocket-Protocol");
		char version = vncws_extract_handshake_entry((const char )line, size,
		"Sec-WebSocket-Version");
		char key = vncws_extract_handshake_entry((const char )line, size,
		"Sec-WebSocket-Key");

		if (protocols && version && key
		&& g_strrstr(protocols, "binary")
		&& !strcmp(version, WS_SUPPORTED_VERSION)
		&& strlen(key) == WS_CLIENT_KEY_LEN) {
		vncws_send_handshake_response(vs, key);
		} else {
		VNC_DEBUG("Defective Websockets header or unsupported protocol\n");
		vnc_client_error(vs);
		}

		g_free(protocols);
		g_free(version);
		g_free(key);
		}

		void vncws_encode_frame(Buffer output, const void payload,
		const size_t payload_size)
		{
		size_t header_size = 0;
		unsigned char opcode = WS_OPCODE_BINARY_FRAME;
		union {
		char buf[WS_HEAD_MAX_LEN];
		WsHeader ws;
		} header;

		if (!payload_size) {
		return;
		VNC_DEBUG("Websock handshake complete, starting VNC protocol\n");
		vnc_init_state(vs);
		vs->ioc_tag = qio_channel_add_watch(
		vs->ioc, G_IO_IN, vnc_client_io, vs, NULL);
		}

		header.ws.b0 = 0x80 \| (opcode & 0x0f);
		if (payload_size <= 125) {
		header.ws.b1 = (uint8_t)payload_size;
		header_size = 2;
		} else if (payload_size < 65536) {
		header.ws.b1 = 0x7e;
		header.ws.u.s16.l16 = cpu_to_be16((uint16_t)payload_size);
		header_size = 4;
		} else {
		header.ws.b1 = 0x7f;
		header.ws.u.s64.l64 = cpu_to_be64(payload_size);
		header_size = 10;
		}

		buffer_reserve(output, header_size + payload_size);
		buffer_append(output, header.buf, header_size);
		buffer_append(output, payload, payload_size);
		}

		int vncws_decode_frame_header(Buffer *input,
		size_t *header_size,
		size_t *payload_remain,
		WsMask *payload_mask)
		gboolean vncws_handshake_io(QIOChannel *ioc G_GNUC_UNUSED,
		GIOCondition condition G_GNUC_UNUSED,
		void *opaque)
		{
		unsigned char opcode = 0, fin = 0, has_mask = 0;
		size_t payload_len;
		WsHeader header = (WsHeader )input->buffer;

		if (input->offset < WS_HEAD_MIN_LEN + 4) {
		/* header not complete */
		return 0;
		}

		fin = (header->b0 & 0x80) >> 7;
		opcode = header->b0 & 0x0f;
		has_mask = (header->b1 & 0x80) >> 7;
		payload_len = header->b1 & 0x7f;

		if (opcode == WS_OPCODE_CLOSE) {
		/* disconnect */
		return -1;
		}

		/* Websocket frame sanity check:
		* * Websocket fragmentation is not supported.
		* * All websockets frames sent by a client have to be masked.
		* * Only binary encoding is supported.
		*/
		if (!fin \|\| !has_mask \|\| opcode != WS_OPCODE_BINARY_FRAME) {
		VNC_DEBUG("Received faulty/unsupported Websocket frame\n");
		return -2;
		}
		VncState *vs = opaque;
		QIOChannelWebsock *wioc;

		if (payload_len < 126) {
		*payload_remain = payload_len;
		*header_size = 6;
		*payload_mask = header->u.m;
		} else if (payload_len == 126 && input->offset >= 8) {
		*payload_remain = be16_to_cpu(header->u.s16.l16);
		*header_size = 8;
		*payload_mask = header->u.s16.m16;
		} else if (payload_len == 127 && input->offset >= 14) {
		*payload_remain = be64_to_cpu(header->u.s64.l64);
		*header_size = 14;
		*payload_mask = header->u.s64.m64;
		} else {
		/* header not complete */
		return 0;
		VNC_DEBUG("Websocket negotiate starting\n");
		if (vs->ioc_tag) {
		g_source_remove(vs->ioc_tag);
		vs->ioc_tag = 0;
		}

		return 1;
		}
		wioc = qio_channel_websock_new_server(vs->ioc);

		int vncws_decode_frame_payload(Buffer *input,
		size_t payload_remain, WsMask payload_mask,
		uint8_t *payload, size_t payload_size)
		{
		size_t i;
		uint32_t *payload32;
		object_unref(OBJECT(vs->ioc));
		vs->ioc = QIO_CHANNEL(wioc);

		*payload = input->buffer;
		/* If we aren't at the end of the payload, then drop
		* off the last bytes, so we're always multiple of 4
		* for purpose of unmasking, except at end of payload
		*/
		if (input->offset < *payload_remain) {
		*payload_size = input->offset - (input->offset % 4);
		} else {
		payload_size = payload_remain;
		}
		if (*payload_size == 0) {
		return 0;
		}
		payload_remain -= payload_size;

		/* unmask frame */
		/* process 1 frame (32 bit op) */
		payload32 = (uint32_t )(payload);
		for (i = 0; i < *payload_size / 4; i++) {
		payload32[i] ^= payload_mask->u;
		}
		/* process the remaining bytes (if any) */
		for (i = 4; i < payload_size; i++) {
		(*payload)[i] ^= payload_mask->c[i % 4];
		}
		qio_channel_websock_handshake(wioc,
		vncws_handshake_done,
		vs,
		NULL);

		return 1;
		return TRUE;
		}

ui/vnc-ws.h

+6 −65

File changed.

Preview size limit exceeded, changes collapsed.