summaryrefslogtreecommitdiffstats
path: root/libvncserver
Commit message (Collapse)AuthorAgeFilesLines
* crypto: move to commonChristian Beier2018-06-295-190/+0
| | | | | | As of now, only LibVNCServer makes uses of these digest functions _and_ they depend on sys/uio.h, but in the future LibVNCClient will need those as well.
* Tight: export SendCompressedData and SendTightHeader functionsEddie James2018-06-201-14/+11
| | | | | | | | | These functions can be used to send already compressed jpegs to a client, circumventing the usual rect/region update methods which operate on a raw rgb framebuffer. Rename the functions with the usual rfb prefix and add the prototypes in rfb.h. Signed-off-by: Eddie James <eajames@us.ibm.com>
* rfbserver: fix a typoChristian Beier2018-03-241-1/+1
|
* rfbserver: get rid of inttypes.h againChristian Beier2018-03-241-4/+1
|
* Limit client cut text length to 1 MBPetr Písař2018-03-081-1/+19
| | | | | | | | | | | | | | | | This patch constrains a client cut text length to 1 MB. Otherwise a client could make server allocate 2 GB of memory and that seems to be to much to classify it as a denial of service. The limit also prevents from an integer overflow followed by copying an uninitilized memory when processing msg.cct.length value larger than SIZE_MAX or INT_MAX - sz_rfbClientCutTextMsg. This patch also corrects accepting length value of zero (malloc(0) is interpreted on differnet systems differently). CVE-2018-7225 <https://github.com/LibVNC/libvncserver/issues/218>
* fix: the function should not return a valueWu Zongyong2017-06-251-1/+1
|
* Fixed compilation of websockets on system where there is no implementation ↵Jocelyn Le Sage2017-06-133-8/+6
| | | | of base64 functions.
* Merge pull request #158 from kempniu/gtk-vnc-0.7.0-compatChristian Beier2017-05-151-1/+4
|\ | | | | websockets: Ensure compatibility with gtk-vnc 0.7.0+
| * Ensure compatibility with gtk-vnc 0.7.0+Michał Kępień2017-02-141-1/+4
| |
* | websockets: hide decode debug output per defaultChristian Beier2017-05-151-32/+41
| |
* | websockets: restore webSocketCheckDisconnect() to keep API compatibilityChristian Beier2017-05-141-0/+11
| |
* | remove potential 64 bit len overflow calculationAndreas Weigel2017-05-142-38/+31
| |
* | add decode support for continuation framesAndreas Weigel2017-05-143-46/+126
| | | | | | | | | | | | use FIN bit and implement opcode 0x00 make consistent use of uint64_t for big frame sizes
* | remove Hixie-specific MD5 and check functionsAndreas Weigel2017-05-142-68/+0
| |
* | add generation wstest to cmakeAndreas Weigel2017-05-142-25/+26
| | | | | | | | | | | | | | | | | | add wstestdata.c, because the python data generation script has too many dependencies remove some redundance from jpeg test creation add support for decoding close messages
* | add ws_decode testsAndreas Weigel2017-05-143-41/+41
| | | | | | | | | | | | | | | | | | modify automake to include ws_decode test add python frame generator for decode tests modify configure to only include ws_decode test if preconditions are fulfilled
* | remove obsolete hixie protocol supportAndreas Weigel2017-05-141-246/+51
| |
* | factor out hybi decode part to make it testableAndreas Weigel2017-05-143-580/+631
| | | | | | | | | | remove direct dependency on rfbClientPtr structure in hybi decode function(s)
* | fix overflow and refactor websockets decode (Hybi)Andreas Weigel2017-05-141-132/+463
| | | | | | | | | | | | | | | | | | | | | | fix critical heap-based buffer overflow which allowed easy modification of a return address via an overwritten function pointer fix bug causing connections to fail due a "one websocket frame = one ws_read" assumption, which failed with LibVNCServer-0.9.11 refactor websocket Hybi decode to use a simple state machine for decoding of websocket frames
* | font: Fix a small resource leak in a failure case in rfbLoadConsoleFont()Lioncash2017-05-101-0/+1
| | | | | | | | The file handle wouldn't be closed in this instance.
* | rfbInitServer: only init Winsock onceChristian Beier2017-02-211-1/+9
| |
* | Add an rfbLogPError that shows something on WIN32Christian Beier2017-02-211-0/+9
| |
* | Merge pull request #156 from The-42/drop-autotoolsChristian Beier2017-02-211-80/+0
|\ \ | | | | | | drop autotools
| * | drop autotoolsBert van Hall2017-02-131-80/+0
| |/ | | | | | | | | | | | | | | Since autotools officially is no longer supported (see various github issues), drop the related infrastructure to stop tempting people to use it for building. Signed-off-by: Bert van Hall <bert.vanhall@gmx.de>
* | Fix building in C89 modeChristian Beier2017-02-201-1/+12
|/ | | | FIXME: this should probably be refactored into a common header.
* Fix building websockets with GnuTLS.Christian Beier2017-01-281-3/+3
|
* Fix typoChristian Beier2017-01-281-1/+1
|
* Fix websockets buildingChristian Beier2017-01-281-0/+2
|
* Various #ifdef fixes to allow building with MSVC2014Christian Beier2017-01-286-3/+27
|
* Make websockets code build on OSX without SSL.Christian Beier2016-12-301-0/+13
|
* Use unprefixed b64_* functions in websockets code.Christian Beier2016-12-301-5/+5
|
* LibVNCServer: fix starting of an onHold-client in threaded mode.Christian Beier2016-12-281-9/+6
| | | | | | | | Discovered by madscientist159 on 11 Jan 2015: "noted in testing with the threaded server build, whereby if newClientHook() returned RFB_CLIENT_ON_HOLD there was no way to release the hold when the server became ready"
* websockets: Don't supply Sec-WebSocket-Protocol if not in requestKyle Russell2016-12-081-2/+11
|
* Write the correct length for end of headerSamuel Mannehed2016-12-021-1/+1
| | | | Fix for commit 65106d39627499ace4f1ed8701d3ab6c7f97f56f
* httpd: rework mime type handling to recognise more typesChristian Beier2016-11-251-7/+13
|
* Merge pull request #128 from zmedico/autoprobe-selectiveChristian Beier2016-11-201-7/+9
|\ | | | | Support autoPort with ipv4 or ipv6 disabled
| * Support autoPort with ipv4 or ipv6 disabledZac Medico2016-08-141-7/+9
| | | | | | | | | | | | | | | | | | Make it possible to get autoPort behavior with either ipv4 or ipv6 disabled, by setting rfbScreen->ipv6port or rfbScreen->port to a negative number. This will make it possible for x11vnc to enforce its -noipv6 option, as discussed in the following bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672449
* | Fix some typos (found by codespell)Stefan Weil2016-11-181-1/+1
| | | | | | | | Signed-off-by: Stefan Weil <sw@weilnetz.de>
* | Support systemd socket activationKyle Russell2016-09-212-44/+74
|/
* Merge pull request #84 from plettix/masterChristian Beier2016-06-051-15/+17
|\ | | | | fix for issue 81
| * fix for issue 81plettix2015-07-071-15/+17
| | | | | | use different buffers for decode and encode
* | Avoid calling SSL_pending when connection is already closedGeorge Fleury2016-05-131-1/+1
| | | | | | | | Avoid calling SSL_pending when connection is already closed, calling SSL_pending with connection already closed is crashing. To reproduce, open a secure websocket binay protocol connection with libvncserver compiled with OpenSSL, and when libvncserver is waiting for rfbProcessClientProtocolVersion send any invalid char, it will fail and call rfbCloseClient whith destroy all SSL context, calling SSL_pending after that will generate a invalid access.
* | Merge pull request #103 from rdieter/masterChristian Beier2016-04-243-6/+6
|\ \ | | | | | | use namespaced vnc_max macro (issue #102)
| * | use namespaced rfbMax macro (issue #102)Rex Dieter2016-04-183-6/+6
| | | | | | | | | | | | Not using generic 'max', avoids conflicts with stl_algobase.h
* | | Enable AF_UNIX socket: ignore setsockopt TCP_NODELAY failure.Wen Shuguang2016-04-152-11/+4
|/ /
* | Fix some typos (found by codespell)Stefan Weil2015-10-0910-12/+12
|/ | | | Signed-off-by: Stefan Weil <sw@weilnetz.de>
* Do away with rfbint.h generation and use stdint.h directly instead.Christian Beier2015-05-281-2/+1
|
* Merge pull request #70 from maxnet/masterChristian Beier2015-04-171-0/+8
|\ | | | | httpd: disallow directory traversal
| * httpd: disallow directory traversalFloris Bos2015-03-291-0/+8
| | | | | | | | Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
* | Changed C++ style comments to C onesBenjamin Dürholt2015-04-132-2/+2
| |