diff --git a/.ci/upload.sh b/.ci/upload.sh
index 44b0d4e..fc6aeb1 100644
--- a/.ci/upload.sh
+++ b/.ci/upload.sh
@@ -89,3 +89,26 @@ detect_revision() {
REVISION=$(echo "$package" | sed "s/_${arch}.\+//" | sed 's/.\++//')
}
+
+make_index_html() {
+ local body=""
+ local bname
+
+ for f in "$@"; do
+ bname=$(basename "$f")
+ body="${body}$bname
"
+ done
+
+ cat <
+
+
+
+ KasmVNC preview build
+
+
+$body
+
+
+EOF
+}
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b7fb76b..982522f 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -99,23 +99,6 @@ build_ubuntu_bionic_arm:
paths:
- output/
-build_ubuntu_bionic_libjpeg_turbo:
- stage: build
- allow_failure: false
- before_script:
- - *prepare_build
- - *prepare_www
- after_script:
- - *prepare_artfacts
- script:
- - bash builder/build-package ubuntu bionic +libjpeg-turbo_latest
- only:
- variables:
- - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
- artifacts:
- paths:
- - output/
-
build_ubuntu_focal:
stage: build
allow_failure: true
@@ -260,6 +243,43 @@ build_debian_bullseye_arm:
paths:
- output/
+
+build_debian_bookworm:
+ stage: build
+ allow_failure: true
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package debian bookworm;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
+build_debian_bookworm_arm:
+ stage: build
+ allow_failure: true
+ tags:
+ - oci-fixed-arm64
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package debian bookworm;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
build_kali_rolling:
stage: build
allow_failure: true
@@ -349,6 +369,42 @@ build_oracle_8_arm:
paths:
- output/
+build_oracle_9:
+ stage: build
+ allow_failure: true
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package oracle 9;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
+build_oracle_9_arm:
+ stage: build
+ allow_failure: true
+ tags:
+ - oci-fixed-arm64
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package oracle 9;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
build_opensuse_15:
stage: build
allow_failure: true
@@ -385,6 +441,114 @@ build_opensuse_15_arm:
paths:
- output/
+build_fedora_thirtyseven:
+ stage: build
+ allow_failure: true
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package fedora thirtyseven;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
+build_fedora_thirtyseven_arm:
+ stage: build
+ allow_failure: true
+ tags:
+ - oci-fixed-arm64
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package fedora thirtyseven;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
+build_fedora_thirtyeight:
+ stage: build
+ allow_failure: true
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package fedora thirtyeight;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
+build_fedora_thirtyeight_arm:
+ stage: build
+ allow_failure: true
+ tags:
+ - oci-fixed-arm64
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package fedora thirtyeight;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
+build_alpine_317:
+ stage: build
+ allow_failure: true
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package alpine 317;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
+build_alpine_317_arm:
+ stage: build
+ allow_failure: true
+ tags:
+ - oci-fixed-arm64
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package alpine 317;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
test:
stage: test
before_script:
@@ -392,9 +556,49 @@ test:
script:
- bash builder/test-vncserver
+
+build_alpine_318:
+ stage: build
+ allow_failure: true
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package alpine 318;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
+build_alpine_318_arm:
+ stage: build
+ allow_failure: true
+ tags:
+ - oci-fixed-arm64
+ before_script:
+ - *prepare_build
+ - *prepare_www
+ after_script:
+ - *prepare_artfacts
+ script:
+ - bash builder/build-package alpine 318;
+ only:
+ variables:
+ - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+ artifacts:
+ paths:
+ - output/
+
upload:
stage: upload
image: ubuntu:focal
+ artifacts:
+ paths:
+ - output/
before_script:
- . .ci/upload.sh
script:
@@ -411,12 +615,32 @@ upload:
done
- export S3_BUILD_DIRECTORY="kasmvnc/${CI_COMMIT_SHA}"
- export RELEASE_VERSION=$(.ci/next_release_version "$CI_COMMIT_REF_NAME")
- - for package in `find output/ -type f -name '*.deb' -or -name '*.rpm'`; do
+ - uploaded_files=()
+ - for package in `find output/ -type f -name '*.deb' -or -name '*.rpm' -or -name '*.tgz'`; do
prepare_upload_filename "$package";
upload_filename="${S3_BUILD_DIRECTORY}/$upload_filename";
echo;
echo "File to upload $upload_filename";
upload_to_s3 "$package" "$upload_filename" "$S3_BUCKET";
- UPLOAD_NAME=$(basename $upload_filename | sed 's#kasmvncserver_##' | sed -r 's#_([0-9]{1,3}\.){2}[0-9]{1,2}_\S+?([a-f0-9]{6})##' | sed -r 's#\.(deb|rpm)##');
+ UPLOAD_NAME=$(basename $upload_filename | sed 's#kasmvncserver_##' | sed -r 's#_([0-9]{1,3}\.){2}[0-9]{1,2}_\S+?([a-f0-9]{6})##' | sed -r 's#\.(deb|rpm|tgz)##');
curl --request POST --header "PRIVATE-TOKEN:${GITLAB_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/statuses/${CI_COMMIT_SHA}?state=success&name=${UPLOAD_NAME}&target_url=${S3_URL}";
+ uploaded_files+=("$upload_filename");
done
+ - make_index_html "${uploaded_files[@]}" > output/index.html;
+
+upload_build_preview:
+ stage: upload
+ needs: ["upload"]
+ dependencies: ["upload"]
+ image: ubuntu:focal
+ before_script:
+ - . .ci/upload.sh
+ resource_group: upload_build_preview
+ only:
+ variables:
+ - $CI_COMMIT_BRANCH == 'master'
+ script:
+ - prepare_to_run_scripts_and_s3_uploads
+ - preview_builds_dir=kasmvnc/preview-builds
+ - upload_to_s3 "output/index.html" "$preview_builds_dir/index.html" "$S3_BUCKET"
+ - curl --request POST --header "PRIVATE-TOKEN:${GITLAB_API_TOKEN}" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/statuses/${CI_COMMIT_SHA}?state=success&name=index.html&target_url=${S3_URL}";
diff --git a/CMakeLists.txt b/CMakeLists.txt
index ab5725d..aac6aff 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -148,9 +148,14 @@ endif()
# Check for zlib
find_package(ZLIB REQUIRED)
+# Check for libpng
+find_package(PNG REQUIRED)
+
# Check for libjpeg
find_package(JPEG REQUIRED)
+# Staticly link libjpeg-turbo
+set(JPEG_LIBRARIES "-Wl,-Bstatic -lturbojpeg -Wl,-Bdynamic")
# Warn if it doesn't seem to be the accelerated libjpeg that's found
set(CMAKE_REQUIRED_LIBRARIES ${JPEG_LIBRARIES})
set(CMAKE_REQUIRED_FLAGS -I${JPEG_INCLUDE_DIR})
diff --git a/README.md b/README.md
index cec0a57..f226003 100644
--- a/README.md
+++ b/README.md
@@ -101,6 +101,9 @@ desktop:
height: 768
allow_resize: true
pixel_depth: 24
+ gpu:
+ hw3d: false
+ drinode: /dev/dri/renderD128
network:
protocol: http
@@ -228,6 +231,7 @@ command_line:
# New Features!
+ - Faster jpeg compression (via statically linked libjpeg-turbo)
- Webp image compression for better bandwidth usage
- Automatic mixing of webp and jpeg based on CPU availability on server
- Multi-threaded image encoding for smoother frame rate for servers with more cores
@@ -255,6 +259,7 @@ command_line:
- Cursor lock
- IME support for languages with extended characters
- Better mobile support
+ - DRI3 GPU acceleration with open source drivers (AMDGPU,Intel,ATI,ARM)
Future Goals:
diff --git a/builder/README.md b/builder/README.md
index 2687777..ea05cc1 100644
--- a/builder/README.md
+++ b/builder/README.md
@@ -48,6 +48,18 @@ It will install the package inside a new container and run KasmVNC.
Open browser and point to https://localhost:443/ or https://\:443/
+## Debugging
+
+To debug a test container, run `test-deb ubuntu focal -s` or `test-deb ubuntu
+focal --shell`. It runs a shell instead of starting KasmVNC.
+
+## Testing performance
+
+To run a performance test, add `-p` option:
+```
+builder/test-deb ubuntu focal -p
+```
+
# Package development
## deb/rpm package building and testing
diff --git a/builder/build-apk b/builder/build-apk
new file mode 100755
index 0000000..73fa677
--- /dev/null
+++ b/builder/build-apk
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+set -e
+
+. builder/os_ver_cli.sh
+
+cd "$(dirname "$0")/.."
+
+docker build -t kasmvnc_apkbuilder_${os}:${os_codename} -f \
+ builder/dockerfile.${os}_${os_codename}.apk.build .
+
+source_dir=$(echo $PWD)
+L_UID=$(id -u)
+L_GID=$(id -g)
+docker run --rm -v "$source_dir":/src --user $L_UID:$L_GID \
+ kasmvnc_apkbuilder_${os}:${os_codename} /bin/bash -c \
+ '/src/builder/build-apk-inside-docker'
diff --git a/builder/build-apk-inside-docker b/builder/build-apk-inside-docker
new file mode 100755
index 0000000..08617f7
--- /dev/null
+++ b/builder/build-apk-inside-docker
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+set -e
+
+os=alpine
+os_codename=$(cat /etc/os-release | awk '/VERSION_ID/' | grep -o '[[:digit:]]' | tr -d '\n' | head -c 3)
+
+mkdir -p /src/builder/build/${os}_${os_codename}
+mv \
+ /src/builder/build/kasmvnc.${os}_${os_codename}.tar.gz \
+ /src/builder/build/${os}_${os_codename}/kasmvnc.${os}_${os_codename}_$(uname -m).tgz
diff --git a/builder/build-package b/builder/build-package
index 9718846..598230d 100755
--- a/builder/build-package
+++ b/builder/build-package
@@ -10,6 +10,8 @@ detect_package_format() {
package_format=rpm
if ls builder/dockerfile*"$os"* | grep -q .deb.build; then
package_format=deb
+ elif ls builder/dockerfile*"$os"* | grep -q .apk.build; then
+ package_format=apk
fi
}
diff --git a/builder/build-rpm-inside-docker b/builder/build-rpm-inside-docker
index 7839dba..69cf978 100755
--- a/builder/build-rpm-inside-docker
+++ b/builder/build-rpm-inside-docker
@@ -8,7 +8,7 @@ prepare_build_env() {
}
copy_spec_and_tar_with_binaries() {
- cp /tmp/kasmvncserver.spec ~/rpmbuild/SPECS/
+ cp /tmp/*.spec ~/rpmbuild/SPECS/
cp /src/builder/build/kasmvnc.${os}_${os_codename}.tar.gz \
~/rpmbuild/SOURCES/
}
@@ -30,6 +30,6 @@ fi
os_dir="build/${os}_${os_codename}"
prepare_build_env
-rpmbuild -ba ~/rpmbuild/SPECS/kasmvncserver.spec
+rpmbuild -ba ~/rpmbuild/SPECS/*.spec
copy_rpm_to_build_dir
rpmlint "$os_dir"/*.rpm || true
diff --git a/builder/build.sh b/builder/build.sh
index 52d80c0..9cee060 100755
--- a/builder/build.sh
+++ b/builder/build.sh
@@ -40,14 +40,14 @@ EOF
#sudo apt-get install cmake git libjpeg-dev libgnutls-dev
# Gcc12 builds fail due to bug
-fail_on_gcc_12
+#fail_on_gcc_12
# Ubuntu applies a million patches, but here we use upstream to simplify matters
cd /tmp
# default to the version of x in Ubuntu 18.04, otherwise caller will need to specify
XORG_VER=${XORG_VER:-"1.19.6"}
XORG_PATCH=$(echo "$XORG_VER" | grep -Po '^\d.\d+' | sed 's#\.##')
-wget --no-check-certificate https://www.x.org/archive/individual/xserver/xorg-server-${XORG_VER}.tar.bz2
+wget --no-check-certificate https://www.x.org/archive/individual/xserver/xorg-server-${XORG_VER}.tar.gz
#git clone https://kasmweb@bitbucket.org/kasmtech/kasmvnc.git
#cd kasmvnc
@@ -64,9 +64,10 @@ cmake -D CMAKE_BUILD_TYPE=RelWithDebInfo . -DBUILD_VIEWER:BOOL=OFF \
-DENABLE_GNUTLS:BOOL=OFF
make -j5
-tar -C unix/xserver -xf /tmp/xorg-server-${XORG_VER}.tar.bz2 --strip-components=1
+tar -C unix/xserver -xf /tmp/xorg-server-${XORG_VER}.tar.gz --strip-components=1
cd unix/xserver
+# Apply patches
patch -Np1 -i ../xserver${XORG_PATCH}.patch
case "$XORG_VER" in
1.20.*)
@@ -85,22 +86,42 @@ autoreconf -i
# everything after that is based on BUILDING.txt to remove unneeded
# components.
ensure_crashpad_can_fetch_line_number_by_address
+# Centos7 is too old for dri3
+if [ ! "${KASMVNC_BUILD_OS}" == "centos" ]; then
+ CONFIG_OPTIONS="--enable-dri3"
+fi
# remove gl check for opensuse
-if [ "${KASMVNC_BUILD_OS}" == "opensuse" ]; then
+if [ "${KASMVNC_BUILD_OS}" == "opensuse" ] || ([ "${KASMVNC_BUILD_OS}" == "oracle" ] && [ "${KASMVNC_BUILD_OS_CODENAME}" == 9 ]); then
sed -i 's/LIBGL="gl >= 7.1.0"/LIBGL="gl >= 1.1"/g' configure
fi
-./configure --prefix=/opt/kasmweb \
- --with-xkb-path=/usr/share/X11/xkb \
- --with-xkb-output=/var/lib/xkb \
- --with-xkb-bin-directory=/usr/bin \
- --with-default-font-path="/usr/share/fonts/X11/misc,/usr/share/fonts/X11/cyrillic,/usr/share/fonts/X11/100dpi/:unscaled,/usr/share/fonts/X11/75dpi/:unscaled,/usr/share/fonts/X11/Type1,/usr/share/fonts/X11/100dpi,/usr/share/fonts/X11/75dpi,built-ins" \
- --with-sha1=libcrypto \
- --without-dtrace --disable-dri \
- --disable-static \
- --disable-xinerama --disable-xvfb --disable-xnest --disable-xorg \
- --disable-dmx --disable-xwin --disable-xephyr --disable-kdrive \
- --disable-config-hal --disable-config-udev \
- --disable-dri2 --enable-glx --disable-xwayland --disable-dri3
+
+# build X11
+./configure \
+ --disable-config-hal \
+ --disable-config-udev \
+ --disable-dmx \
+ --disable-dri \
+ --disable-dri2 \
+ --disable-kdrive \
+ --disable-static \
+ --disable-xephyr \
+ --disable-xinerama \
+ --disable-xnest \
+ --disable-xorg \
+ --disable-xvfb \
+ --disable-xwayland \
+ --disable-xwin \
+ --enable-glx \
+ --prefix=/opt/kasmweb \
+ --with-default-font-path="/usr/share/fonts/X11/misc,/usr/share/fonts/X11/cyrillic,/usr/share/fonts/X11/100dpi/:unscaled,/usr/share/fonts/X11/75dpi/:unscaled,/usr/share/fonts/X11/Type1,/usr/share/fonts/X11/100dpi,/usr/share/fonts/X11/75dpi,built-ins" \
+ --without-dtrace \
+ --with-sha1=libcrypto \
+ --with-xkb-bin-directory=/usr/bin \
+ --with-xkb-output=/var/lib/xkb \
+ --with-xkb-path=/usr/share/X11/xkb ${CONFIG_OPTIONS}
+
+# remove array bounds errors for new versions of GCC
+find . -name "Makefile" -exec sed -i 's/-Werror=array-bounds//g' {} \;
make -j5
# modifications for the servertarball
@@ -118,6 +139,8 @@ if [ -d /usr/lib/x86_64-linux-gnu/dri ]; then
ln -s /usr/lib/x86_64-linux-gnu/dri dri
elif [ -d /usr/lib/aarch64-linux-gnu/dri ]; then
ln -s /usr/lib/aarch64-linux-gnu/dri dri
+elif [ -d /usr/lib/xorg/modules/dri ]; then
+ ln -s /usr/lib/xorg/modules/dri dri
else
ln -s /usr/lib64/dri dri
fi
diff --git a/builder/build_www.sh b/builder/build_www.sh
index 1d4c7ad..ec54f6c 100755
--- a/builder/build_www.sh
+++ b/builder/build_www.sh
@@ -15,3 +15,4 @@ cd /build
rm *.md
rm AUTHORS
rm vnc.html
+ln -s index.html vnc.html
diff --git a/builder/bump-package-version b/builder/bump-package-version
index ff4fd29..4e09e42 100755
--- a/builder/bump-package-version
+++ b/builder/bump-package-version
@@ -15,6 +15,11 @@ bump_deb() {
builder/bump-package-version-deb "$new_version"
}
+bump_xvnc_binary() {
+ local cmd="s/#define XVNCVERSION.\+$/#define XVNCVERSION \"KasmVNC $new_version\"/"
+ sed -i -e "$cmd" unix/xserver/hw/vnc/xvnc.c
+}
+
new_version="$1"
if [[ -z "$new_version" ]]; then
@@ -25,5 +30,6 @@ fi
cd "$(dirname "$0")/.."
update_version_to_meet_packaging_standards
+bump_xvnc_binary
bump_rpm
bump_deb
diff --git a/builder/bump-package-version-rpm b/builder/bump-package-version-rpm
index d2066d7..fe3fc4d 100755
--- a/builder/bump-package-version-rpm
+++ b/builder/bump-package-version-rpm
@@ -3,9 +3,13 @@
set -eo pipefail
new_version="$1"
-specs="centos/kasmvncserver.spec
-oracle/kasmvncserver.spec
-opensuse/kasmvncserver.spec"
+spec_dirs=(centos oracle opensuse fedora)
+
+spec_files() {
+ for d in "${spec_dirs[@]}"; do
+ ls "$d"/*.spec
+ done
+}
bump_version() {
sed -i "s/^Version:.\+/Version: $new_version/" "$1"
@@ -25,8 +29,7 @@ bump_changelog() {
sed -i -e "s/%changelog/%changelog\n$new_changelog_entry/" "$1"
}
-IFS=$'\n'
-for spec_file in $specs; do
+for spec_file in $(spec_files); do
bump_version $spec_file
bump_changelog $spec_file
done
diff --git a/builder/dockerfile.alpine_317.apk.build b/builder/dockerfile.alpine_317.apk.build
new file mode 100644
index 0000000..732f5f0
--- /dev/null
+++ b/builder/dockerfile.alpine_317.apk.build
@@ -0,0 +1,7 @@
+FROM alpine:3.17
+
+RUN apk add shadow bash
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+USER docker
diff --git a/builder/dockerfile.alpine_317.build b/builder/dockerfile.alpine_317.build
new file mode 100644
index 0000000..2fdecd3
--- /dev/null
+++ b/builder/dockerfile.alpine_317.build
@@ -0,0 +1,82 @@
+FROM alpine:3.17
+
+ENV KASMVNC_BUILD_OS alpine
+ENV KASMVNC_BUILD_OS_CODENAME 317
+ENV XORG_VER 1.20.14
+
+RUN \
+ echo "**** install build deps ****" && \
+ apk add \
+ alpine-release \
+ alpine-sdk \
+ autoconf \
+ automake \
+ bash \
+ ca-certificates \
+ cmake \
+ coreutils \
+ curl \
+ eudev-dev \
+ font-cursor-misc \
+ font-misc-misc \
+ font-util-dev \
+ git \
+ grep \
+ jq \
+ libdrm-dev \
+ libepoxy-dev \
+ libjpeg-turbo-dev \
+ libjpeg-turbo-static \
+ libpciaccess-dev \
+ libtool \
+ libwebp-dev \
+ libx11-dev \
+ libxau-dev \
+ libxcb-dev \
+ libxcursor-dev \
+ libxcvt-dev \
+ libxdmcp-dev \
+ libxext-dev \
+ libxfont2-dev \
+ libxkbfile-dev \
+ libxrandr-dev \
+ libxshmfence-dev \
+ libxtst-dev \
+ mesa-dev \
+ mesa-dri-gallium \
+ meson \
+ nettle-dev \
+ openssl-dev \
+ pixman-dev \
+ procps \
+ shadow \
+ tar \
+ tzdata \
+ wayland-dev \
+ wayland-protocols \
+ xcb-util-dev \
+ xcb-util-image-dev \
+ xcb-util-keysyms-dev \
+ xcb-util-renderutil-dev \
+ xcb-util-wm-dev \
+ xinit \
+ xkbcomp \
+ xkbcomp-dev \
+ xkeyboard-config \
+ xorgproto \
+ xorg-server-common \
+ xorg-server-dev \
+ xtrans
+
+
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+COPY --chown=docker:docker . /src/
+
+USER docker
+ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/builder/dockerfile.alpine_318.apk.build b/builder/dockerfile.alpine_318.apk.build
new file mode 100644
index 0000000..9504897
--- /dev/null
+++ b/builder/dockerfile.alpine_318.apk.build
@@ -0,0 +1,7 @@
+FROM alpine:3.18
+
+RUN apk add shadow bash
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+USER docker
diff --git a/builder/dockerfile.alpine_318.build b/builder/dockerfile.alpine_318.build
new file mode 100644
index 0000000..f446764
--- /dev/null
+++ b/builder/dockerfile.alpine_318.build
@@ -0,0 +1,82 @@
+FROM alpine:3.18
+
+ENV KASMVNC_BUILD_OS alpine
+ENV KASMVNC_BUILD_OS_CODENAME 318
+ENV XORG_VER 1.20.14
+
+RUN \
+ echo "**** install build deps ****" && \
+ apk add \
+ alpine-release \
+ alpine-sdk \
+ autoconf \
+ automake \
+ bash \
+ ca-certificates \
+ cmake \
+ coreutils \
+ curl \
+ eudev-dev \
+ font-cursor-misc \
+ font-misc-misc \
+ font-util-dev \
+ git \
+ grep \
+ jq \
+ libdrm-dev \
+ libepoxy-dev \
+ libjpeg-turbo-dev \
+ libjpeg-turbo-static \
+ libpciaccess-dev \
+ libtool \
+ libwebp-dev \
+ libx11-dev \
+ libxau-dev \
+ libxcb-dev \
+ libxcursor-dev \
+ libxcvt-dev \
+ libxdmcp-dev \
+ libxext-dev \
+ libxfont2-dev \
+ libxkbfile-dev \
+ libxrandr-dev \
+ libxshmfence-dev \
+ libxtst-dev \
+ mesa-dev \
+ mesa-dri-gallium \
+ meson \
+ nettle-dev \
+ openssl-dev \
+ pixman-dev \
+ procps \
+ shadow \
+ tar \
+ tzdata \
+ wayland-dev \
+ wayland-protocols \
+ xcb-util-dev \
+ xcb-util-image-dev \
+ xcb-util-keysyms-dev \
+ xcb-util-renderutil-dev \
+ xcb-util-wm-dev \
+ xinit \
+ xkbcomp \
+ xkbcomp-dev \
+ xkeyboard-config \
+ xorgproto \
+ xorg-server-common \
+ xorg-server-dev \
+ xtrans
+
+
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+COPY --chown=docker:docker . /src/
+
+USER docker
+ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/builder/dockerfile.centos_core.build b/builder/dockerfile.centos_core.build
index 476c1e4..cb6d4fa 100644
--- a/builder/dockerfile.centos_core.build
+++ b/builder/dockerfile.centos_core.build
@@ -5,11 +5,11 @@ ENV KASMVNC_BUILD_OS_CODENAME core
RUN yum install -y ca-certificates
RUN yum install -y build-dep xorg-server libxfont-dev sudo
-RUN yum install -y gcc cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver
-RUN yum install -y libjpeg-dev libpng-dev libtiff-dev libgif-dev libavcodec-dev openssl-devel
+RUN yum install -y gcc cmake git libgnutls28-dev vim wget tightvncserver
+RUN yum install -y libpng-dev libtiff-dev libgif-dev libavcodec-dev openssl-devel
RUN yum install -y make
RUN yum group install -y "Development Tools"
-RUN yum install -y xorg-x11-server-devel zlib-devel libjpeg-turbo-devel
+RUN yum install -y xorg-x11-server-devel zlib-devel
RUN yum install -y libxkbfile-devel libXfont2-devel xorg-x11-font-utils \
xorg-x11-xtrans-devel xorg-x11-xkb-utils-devel libXrandr-devel pam-devel \
gnutls-devel libX11-devel libXtst-devel libXcursor-devel
@@ -23,6 +23,10 @@ RUN cd /tmp/libwebp-1.0.2 && \
./configure --enable-static --disable-shared && \
make && make install
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
+
RUN useradd -m docker && echo "docker:docker" | chpasswd
COPY --chown=docker:docker . /src/
diff --git a/builder/dockerfile.debian_bookworm.build b/builder/dockerfile.debian_bookworm.build
new file mode 100644
index 0000000..6c9b412
--- /dev/null
+++ b/builder/dockerfile.debian_bookworm.build
@@ -0,0 +1,38 @@
+FROM debian:bookworm-slim
+
+ENV KASMVNC_BUILD_OS debian
+ENV KASMVNC_BUILD_OS_CODENAME bookworm
+ENV XORG_VER 1.20.10
+ENV DEBIAN_FRONTEND noninteractive
+
+RUN \
+ echo "**** add all sources ****" && \
+ echo "deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" > /etc/apt/sources.list && \
+ echo "deb-src http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
+ echo "deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
+ echo "deb-src http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
+ echo "deb http://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
+ echo "deb-src http://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
+ echo "deb http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
+ echo "deb-src http://security.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware" >> /etc/apt/sources.list && \
+ rm -f /etc/apt/sources.list.d/debian.sources
+
+RUN apt-get update && \
+ apt-get -y install sudo
+
+RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata
+RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
+RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget tightvncserver curl
+RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev
+
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
+
+COPY --chown=docker:docker . /src/
+
+USER docker
+ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.build b/builder/dockerfile.debian_bookworm.deb.build
similarity index 64%
rename from builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.build
rename to builder/dockerfile.debian_bookworm.deb.build
index 7782f10..2e61fbb 100644
--- a/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.build
+++ b/builder/dockerfile.debian_bookworm.deb.build
@@ -1,18 +1,14 @@
-FROM ubuntu:bionic
+FROM debian:bookworm
+
+ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && \
apt-get -y install vim build-essential devscripts equivs
-ARG KASMVNC_PACKAGE_DIR
-COPY $KASMVNC_PACKAGE_DIR/libjpeg-turbo*deb /tmp/
-RUN apt-get install /tmp/libjpeg-turbo*deb
-
# Install build-deps for the package.
COPY ./debian/control /tmp
RUN apt-get update && echo YYY | mk-build-deps --install --remove /tmp/control
-ENV LD_LIBRARY_PATH="/opt/libjpeg-turbo/lib64/:$LD_LIBRARY_PATH"
-
ARG L_UID
RUN if [ "$L_UID" -eq 0 ]; then \
useradd -m docker; \
diff --git a/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.test b/builder/dockerfile.debian_bookworm.deb.test
similarity index 72%
rename from builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.test
rename to builder/dockerfile.debian_bookworm.deb.test
index 635ee0f..4224f7b 100644
--- a/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.test
+++ b/builder/dockerfile.debian_bookworm.deb.test
@@ -1,4 +1,4 @@
-FROM ubuntu:bionic
+FROM debian:bookworm-slim
ENV DISPLAY=:1 \
VNC_PORT=8443 \
@@ -16,12 +16,12 @@ ENV DISPLAY=:1 \
VNC_PW=vncpassword \
VNC_USER=user \
VNC_VIEW_ONLY_PW=vncviewonlypassword \
- LD_LIBRARY_PATH=/opt/libjpeg-turbo/lib64/:/usr/local/lib/ \
+ LD_LIBRARY_PATH=/usr/local/lib/ \
OMP_WAIT_POLICY=PASSIVE \
SHELL=/bin/bash \
SINGLE_APPLICATION=0 \
- KASMVNC_BUILD_OS=ubuntu \
- KASMVNC_BUILD_OS_CODENAME=bionic
+ KASMVNC_BUILD_OS=debian \
+ KASMVNC_BUILD_OS_CODENAME=buster
EXPOSE $VNC_PORT
@@ -29,7 +29,7 @@ WORKDIR $HOME
### REQUIRED STUFF ###
-RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget
+RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal dbus-x11 xterm libnss-wrapper gettext wget
RUN apt-get purge -y pm-utils xscreensaver*
RUN apt-get update && apt-get install -y vim less
RUN apt-get update && apt-get -y install lsb-release
@@ -40,16 +40,13 @@ RUN mkdir -p $STARTUPDIR
COPY builder/startup/ $STARTUPDIR
### START CUSTOM STUFF ####
+
COPY ./builder/scripts/ /tmp/scripts/
COPY ./debian/changelog /tmp
ARG KASMVNC_PACKAGE_DIR
-COPY $KASMVNC_PACKAGE_DIR/libjpeg-turbo_*.deb /tmp/
-RUN apt-get install /tmp/libjpeg-turbo*deb
-
-ARG BUILD_DEBIAN_REVISION
-COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*$BUILD_DEBIAN_REVISION*.deb /tmp/
-RUN /tmp/scripts/install_kasmvncserver_package "$BUILD_DEBIAN_REVISION"
+COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp/
+RUN /tmp/scripts/install_kasmvncserver_package
### END CUSTOM STUFF ###
diff --git a/builder/dockerfile.debian_bullseye.build b/builder/dockerfile.debian_bullseye.build
index b1a1908..f626bb7 100644
--- a/builder/dockerfile.debian_bullseye.build
+++ b/builder/dockerfile.debian_bullseye.build
@@ -12,15 +12,13 @@ RUN apt-get update && \
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata
RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
-RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver
+RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget tightvncserver curl
RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
- ./configure --enable-static --disable-shared && \
- make && make install
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
diff --git a/builder/dockerfile.debian_buster.build b/builder/dockerfile.debian_buster.build
index 9849856..c8f8008 100644
--- a/builder/dockerfile.debian_buster.build
+++ b/builder/dockerfile.debian_buster.build
@@ -12,15 +12,13 @@ RUN apt-get update && \
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata
RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
-RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver
+RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget tightvncserver curl
RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
- ./configure --enable-static --disable-shared && \
- make && make install
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
diff --git a/builder/dockerfile.debian_buster.deb.test b/builder/dockerfile.debian_buster.deb.test
index 7193650..416e9fc 100644
--- a/builder/dockerfile.debian_buster.deb.test
+++ b/builder/dockerfile.debian_buster.deb.test
@@ -34,14 +34,6 @@ RUN apt-get purge -y pm-utils xscreensaver*
RUN apt-get update && apt-get install -y vim less
RUN apt-get update && apt-get -y install lsb-release
-RUN apt-get update && apt-get install -y task-cinnamon-desktop
-RUN apt-get update && apt-get install -y task-gnome-desktop
-RUN mkdir -p /usr/share/man/man1
-RUN apt-get update && apt-get install -y apt-utils openjdk-11-jre
-RUN apt-get update && apt-get install -y task-lxde-desktop
-RUN apt-get update && apt-get install -y task-mate-desktop
-RUN apt-get update && apt-get install -y task-kde-desktop
-
RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc
RUN mkdir -p $STARTUPDIR
diff --git a/builder/dockerfile.fedora_thirtythree.barebones.rpm.test b/builder/dockerfile.fedora_thirtyeight.barebones.rpm.test
similarity index 96%
rename from builder/dockerfile.fedora_thirtythree.barebones.rpm.test
rename to builder/dockerfile.fedora_thirtyeight.barebones.rpm.test
index 07f215c..4252609 100644
--- a/builder/dockerfile.fedora_thirtythree.barebones.rpm.test
+++ b/builder/dockerfile.fedora_thirtyeight.barebones.rpm.test
@@ -1,4 +1,4 @@
-FROM fedora:33
+FROM fedora:38
ENV STARTUPDIR=/dockerstartup
diff --git a/builder/dockerfile.fedora_thirtyeight.build b/builder/dockerfile.fedora_thirtyeight.build
new file mode 100644
index 0000000..dbfae34
--- /dev/null
+++ b/builder/dockerfile.fedora_thirtyeight.build
@@ -0,0 +1,86 @@
+FROM fedora:38
+
+ENV KASMVNC_BUILD_OS fedora
+ENV KASMVNC_BUILD_OS_CODENAME thirtyeight
+ENV XORG_VER 1.20.14
+
+RUN \
+ echo "**** install build deps ****" && \
+ dnf group install -y \
+ "C Development Tools and Libraries" \
+ "Development Tools" && \
+ dnf install -y \
+ autoconf \
+ automake \
+ bison \
+ byacc \
+ bzip2 \
+ cmake \
+ diffutils \
+ doxygen \
+ file \
+ flex \
+ fop \
+ gcc \
+ gcc-c++ \
+ git \
+ glibc-devel \
+ libdrm-devel \
+ libepoxy-devel \
+ libmd-devel \
+ libpciaccess-devel \
+ libtool \
+ libwebp-devel \
+ libX11-devel \
+ libXau-devel \
+ libxcb-devel \
+ libXcursor-devel \
+ libxcvt-devel \
+ libXdmcp-devel \
+ libXext-devel \
+ libXfont2-devel \
+ libxkbfile-devel \
+ libXrandr-devel \
+ libxshmfence-devel \
+ libXtst-devel \
+ mesa-libEGL-devel \
+ mesa-libgbm-devel \
+ mesa-libGL-devel \
+ meson \
+ mingw64-binutils \
+ mt-st \
+ nettle-devel \
+ openssl-devel \
+ patch \
+ pixman-devel \
+ wayland-devel \
+ wget \
+ which \
+ xcb-util-devel \
+ xcb-util-image-devel \
+ xcb-util-keysyms-devel \
+ xcb-util-renderutil-devel \
+ xcb-util-wm-devel \
+ xinit \
+ xkbcomp \
+ xkbcomp-devel \
+ xkeyboard-config \
+ xmlto \
+ xorg-x11-font-utils \
+ xorg-x11-proto-devel \
+ xorg-x11-server-common \
+ xorg-x11-server-devel \
+ xorg-x11-xtrans-devel \
+ xsltproc
+
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+COPY --chown=docker:docker . /src/
+
+USER docker
+ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/builder/dockerfile.fedora_thirtythree.rpm.build b/builder/dockerfile.fedora_thirtyeight.rpm.build
similarity index 86%
rename from builder/dockerfile.fedora_thirtythree.rpm.build
rename to builder/dockerfile.fedora_thirtyeight.rpm.build
index ae92ec7..8fc556f 100644
--- a/builder/dockerfile.fedora_thirtythree.rpm.build
+++ b/builder/dockerfile.fedora_thirtyeight.rpm.build
@@ -1,11 +1,11 @@
-FROM fedora:33
+FROM fedora:38
RUN dnf install -y fedora-packager fedora-review
RUN dnf install -y tree vim less
RUN dnf install -y redhat-lsb-core
RUN dnf install -y dnf-plugins-core
-COPY centos/*.spec /tmp
+COPY fedora/*.spec /tmp
RUN dnf builddep -y /tmp/*.spec
RUN useradd -m docker && echo "docker:docker" | chpasswd
diff --git a/builder/dockerfile.fedora_thirtythree.rpm.test b/builder/dockerfile.fedora_thirtyeight.rpm.test
similarity index 91%
rename from builder/dockerfile.fedora_thirtythree.rpm.test
rename to builder/dockerfile.fedora_thirtyeight.rpm.test
index fdbcd9c..16975a0 100644
--- a/builder/dockerfile.fedora_thirtythree.rpm.test
+++ b/builder/dockerfile.fedora_thirtyeight.rpm.test
@@ -1,4 +1,4 @@
-FROM fedora:33
+FROM fedora:38
ENV DISPLAY=:1 \
VNC_PORT=8443 \
@@ -31,8 +31,7 @@ WORKDIR $HOME
RUN dnf install -y openssl xterm gettext wget
RUN dnf install -y nss_wrapper
-RUN dnf install -y xorg-x11-xauth xorg-x11-xkb-utils \
- xkeyboard-config xorg-x11-server-utils
+RUN dnf install -y xorg-x11-xauth xkeyboard-config
# xorg-x11-server-Xorg
# RUN dnf install -y @xfce-desktop-environment
RUN dnf erase -y pm-utils xscreensaver*
@@ -47,7 +46,7 @@ COPY builder/startup/ $STARTUPDIR
### START CUSTOM STUFF ####
COPY ./builder/scripts/ /tmp/scripts/
-COPY ./centos/kasmvncserver.spec /tmp
+COPY ./fedora/kasmvncserver.spec /tmp
ARG KASMVNC_PACKAGE_DIR
COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp/
diff --git a/builder/dockerfile.fedora_thirtyseven.barebones.rpm.test b/builder/dockerfile.fedora_thirtyseven.barebones.rpm.test
new file mode 100644
index 0000000..ba97bf8
--- /dev/null
+++ b/builder/dockerfile.fedora_thirtyseven.barebones.rpm.test
@@ -0,0 +1,19 @@
+FROM fedora:37
+
+ENV STARTUPDIR=/dockerstartup
+
+RUN dnf install -y xterm
+RUN dnf install -y vim less
+RUN yum install -y redhat-lsb-core
+
+ARG KASMVNC_PACKAGE_DIR
+COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp/
+RUN dnf localinstall -y /tmp/*.rpm
+
+RUN mkdir -p $STARTUPDIR
+COPY startup/vnc_startup_barebones.sh $STARTUPDIR
+
+RUN useradd -m foo
+USER foo:kasmvnc-cert
+
+ENTRYPOINT "/$STARTUPDIR/vnc_startup_barebones.sh"
diff --git a/builder/dockerfile.fedora_thirtyseven.build b/builder/dockerfile.fedora_thirtyseven.build
new file mode 100644
index 0000000..4557431
--- /dev/null
+++ b/builder/dockerfile.fedora_thirtyseven.build
@@ -0,0 +1,86 @@
+FROM fedora:37
+
+ENV KASMVNC_BUILD_OS fedora
+ENV KASMVNC_BUILD_OS_CODENAME thirtyseven
+ENV XORG_VER 1.20.14
+
+RUN \
+ echo "**** install build deps ****" && \
+ dnf group install -y \
+ "C Development Tools and Libraries" \
+ "Development Tools" && \
+ dnf install -y \
+ autoconf \
+ automake \
+ bison \
+ byacc \
+ bzip2 \
+ cmake \
+ diffutils \
+ doxygen \
+ file \
+ flex \
+ fop \
+ gcc \
+ gcc-c++ \
+ git \
+ glibc-devel \
+ libdrm-devel \
+ libepoxy-devel \
+ libmd-devel \
+ libpciaccess-devel \
+ libtool \
+ libwebp-devel \
+ libX11-devel \
+ libXau-devel \
+ libxcb-devel \
+ libXcursor-devel \
+ libxcvt-devel \
+ libXdmcp-devel \
+ libXext-devel \
+ libXfont2-devel \
+ libxkbfile-devel \
+ libXrandr-devel \
+ libxshmfence-devel \
+ libXtst-devel \
+ mesa-libEGL-devel \
+ mesa-libgbm-devel \
+ mesa-libGL-devel \
+ meson \
+ mingw64-binutils \
+ mt-st \
+ nettle-devel \
+ openssl-devel \
+ patch \
+ pixman-devel \
+ wayland-devel \
+ wget \
+ which \
+ xcb-util-devel \
+ xcb-util-image-devel \
+ xcb-util-keysyms-devel \
+ xcb-util-renderutil-devel \
+ xcb-util-wm-devel \
+ xinit \
+ xkbcomp \
+ xkbcomp-devel \
+ xkeyboard-config \
+ xmlto \
+ xorg-x11-font-utils \
+ xorg-x11-proto-devel \
+ xorg-x11-server-common \
+ xorg-x11-server-devel \
+ xorg-x11-xtrans-devel \
+ xsltproc
+
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+COPY --chown=docker:docker . /src/
+
+USER docker
+ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/builder/dockerfile.fedora_thirtyseven.rpm.build b/builder/dockerfile.fedora_thirtyseven.rpm.build
new file mode 100644
index 0000000..8384b10
--- /dev/null
+++ b/builder/dockerfile.fedora_thirtyseven.rpm.build
@@ -0,0 +1,13 @@
+FROM fedora:37
+
+RUN dnf install -y fedora-packager fedora-review
+RUN dnf install -y tree vim less
+RUN dnf install -y redhat-lsb-core
+RUN dnf install -y dnf-plugins-core
+
+COPY fedora/*.spec /tmp
+RUN dnf builddep -y /tmp/*.spec
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+USER docker
diff --git a/builder/dockerfile.fedora_thirtyseven.rpm.test b/builder/dockerfile.fedora_thirtyseven.rpm.test
new file mode 100644
index 0000000..5c7dea3
--- /dev/null
+++ b/builder/dockerfile.fedora_thirtyseven.rpm.test
@@ -0,0 +1,62 @@
+FROM fedora:37
+
+ENV DISPLAY=:1 \
+ VNC_PORT=8443 \
+ VNC_RESOLUTION=1280x720 \
+ MAX_FRAME_RATE=24 \
+ VNCOPTIONS="-PreferBandwidth -DynamicQualityMin=4 -DynamicQualityMax=7" \
+ HOME=/home/user \
+ TERM=xterm \
+ STARTUPDIR=/dockerstartup \
+ INST_SCRIPTS=/dockerstartup/install \
+ KASM_RX_HOME=/dockerstartup/kasmrx \
+ DEBIAN_FRONTEND=noninteractive \
+ VNC_COL_DEPTH=24 \
+ VNC_RESOLUTION=1280x1024 \
+ VNC_PW=vncpassword \
+ VNC_USER=user \
+ VNC_VIEW_ONLY_PW=vncviewonlypassword \
+ LD_LIBRARY_PATH=/usr/local/lib/ \
+ OMP_WAIT_POLICY=PASSIVE \
+ SHELL=/bin/bash \
+ SINGLE_APPLICATION=0 \
+ KASMVNC_BUILD_OS=fedora \
+ KASMVNC_BUILD_OS_CODENAME=thirtythree
+
+EXPOSE $VNC_PORT
+
+WORKDIR $HOME
+
+### REQUIRED STUFF ###
+
+RUN dnf install -y openssl xterm gettext wget
+RUN dnf install -y nss_wrapper
+RUN dnf install -y xorg-x11-xauth xkeyboard-config
+# xorg-x11-server-Xorg
+# RUN dnf install -y @xfce-desktop-environment
+RUN dnf erase -y pm-utils xscreensaver*
+RUN dnf install -y redhat-lsb-core
+RUN dnf install -y vim less
+RUN dnf install -y @xfce-desktop-environment
+
+RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc
+
+RUN mkdir -p $STARTUPDIR
+COPY builder/startup/ $STARTUPDIR
+
+### START CUSTOM STUFF ####
+COPY ./builder/scripts/ /tmp/scripts/
+COPY ./fedora/kasmvncserver.spec /tmp
+
+ARG KASMVNC_PACKAGE_DIR
+COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp/
+# RUN dnf remove -y tigervnc-server-minimal
+RUN /tmp/scripts/install_kasmvncserver_package
+
+### END CUSTOM STUFF ###
+
+RUN chown -R 1000:0 $HOME
+USER 1000:kasmvnc-cert
+WORKDIR $HOME
+
+ENTRYPOINT [ "/dockerstartup/vnc_startup.sh" ]
diff --git a/builder/dockerfile.fedora_thirtythree.build b/builder/dockerfile.fedora_thirtythree.build
deleted file mode 100644
index b9f5720..0000000
--- a/builder/dockerfile.fedora_thirtythree.build
+++ /dev/null
@@ -1,38 +0,0 @@
-FROM fedora:33
-
-ENV KASMVNC_BUILD_OS fedora
-ENV KASMVNC_BUILD_OS_CODENAME thirtythree
-ENV XORG_VER 1.20.10
-
-# RUN dnf install -y build-dep xorg-server libxfont-dev sudo
-RUN dnf install -y gcc cmake git gnutls-devel vim wget
-#tightvncserver
-RUN dnf install -y libjpeg-turbo-devel libpng-devel libtiff-devel giflib-devel openssl-devel
-
-#libavcodec-dev
-RUN dnf -y install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
-RUN dnf -y install https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
-RUN dnf -y install ffmpeg-devel
-
-RUN dnf install -y make
-RUN dnf group install -y "Development Tools"
-RUN dnf install -y xorg-x11-server-devel zlib-devel libjpeg-turbo-devel
-RUN dnf install -y libxkbfile-devel libXfont2-devel xorg-x11-font-utils \
- xorg-x11-xtrans-devel xorg-x11-xkb-utils-devel libXrandr-devel libXtst-devel \
- libXcursor-devel
-RUN dnf install -y mesa-dri-drivers
-RUN dnf install -y bzip2 redhat-lsb-core
-
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
- ./configure --enable-static --disable-shared && \
- make && make install
-
-RUN useradd -m docker && echo "docker:docker" | chpasswd
-
-COPY --chown=docker:docker . /src/
-
-USER docker
-ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/builder/dockerfile.kali_kali-rolling.build b/builder/dockerfile.kali_kali-rolling.build
index 2123440..d3ce176 100644
--- a/builder/dockerfile.kali_kali-rolling.build
+++ b/builder/dockerfile.kali_kali-rolling.build
@@ -14,16 +14,14 @@ RUN apt-get update && \
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends tzdata
RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
-RUN apt-get update && apt-get -y install gcc-11 g++-11
-RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver
+RUN apt-get update && apt-get -y install gcc-11 g++-11 curl
+RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget tightvncserver
RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
- ./configure --enable-static --disable-shared && \
- make -j$(nproc) && make install
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
diff --git a/builder/dockerfile.opensuse_15.barebones.rpm.test b/builder/dockerfile.opensuse_15.barebones.rpm.test
index d30eabb..3501b64 100644
--- a/builder/dockerfile.opensuse_15.barebones.rpm.test
+++ b/builder/dockerfile.opensuse_15.barebones.rpm.test
@@ -1,4 +1,4 @@
-FROM opensuse/leap:15.3
+FROM opensuse/leap:15.5
ENV STARTUPDIR=/dockerstartup
diff --git a/builder/dockerfile.opensuse_15.build b/builder/dockerfile.opensuse_15.build
index b3d5e56..db2f130 100644
--- a/builder/dockerfile.opensuse_15.build
+++ b/builder/dockerfile.opensuse_15.build
@@ -1,4 +1,4 @@
-FROM opensuse/leap:15.3
+FROM opensuse/leap:15.5
ENV KASMVNC_BUILD_OS opensuse
ENV KASMVNC_BUILD_OS_CODENAME 15
@@ -9,6 +9,7 @@ RUN zypper install -ny \
bdftopcf \
bigreqsproto-devel \
cmake \
+ curl \
ffmpeg-4-libavcodec-devel \
fonttosfnt \
font-util \
@@ -19,14 +20,17 @@ RUN zypper install -ny \
gzip \
lbzip2 \
libbz2-devel \
+ libgbm-devel \
libGLw-devel \
libgnutls-devel \
- libjpeg8-devel \
libopenssl-devel \
libpng16-devel \
+ libpnglite0 \
+ png++-devel \
libtiff-devel \
libXfont2-devel \
libxkbcommon-x11-devel \
+ libxshmfence-devel \
make \
Mesa-dri \
Mesa-libglapi-devel \
@@ -41,12 +45,10 @@ RUN zypper install -ny \
xorg-x11-util-devel \
zlib-devel
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
- ./configure --enable-static --disable-shared && \
- make && make install
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -u 1000 docker && \
groupadd -g 1000 docker && \
diff --git a/builder/dockerfile.opensuse_15.rpm.build b/builder/dockerfile.opensuse_15.rpm.build
index d646c8a..35670c4 100644
--- a/builder/dockerfile.opensuse_15.rpm.build
+++ b/builder/dockerfile.opensuse_15.rpm.build
@@ -1,4 +1,4 @@
-FROM opensuse/leap:15.3
+FROM opensuse/leap:15.5
ENV KASMVNC_BUILD_OS opensuse
ENV KASMVNC_BUILD_OS_CODENAME 15
diff --git a/builder/dockerfile.oracle_8.build b/builder/dockerfile.oracle_8.build
index 60fc801..d3cc907 100644
--- a/builder/dockerfile.oracle_8.build
+++ b/builder/dockerfile.oracle_8.build
@@ -5,27 +5,31 @@ ENV KASMVNC_BUILD_OS_CODENAME 8
ENV XORG_VER 1.20.10
# Install from stock repos
-RUN dnf install -y \
- bzip2-devel \
- ca-certificates \
- cmake \
- dnf-plugins-core \
- gcc \
- gcc-c++ \
- git \
- gnutls-devel \
- libjpeg-turbo-devel \
- libpng-devel \
- libtiff-devel \
- make \
- mesa-dri-drivers \
- openssl-devel \
- openssl-devel \
- patch \
- tigervnc-server \
- wget \
- xorg-x11-font-utils \
- zlib-devel
+RUN \
+ dnf install -y 'dnf-command(config-manager)' && \
+ dnf config-manager --set-enabled ol8_codeready_builder && \
+ dnf install -y \
+ bzip2-devel \
+ ca-certificates \
+ cmake \
+ dnf-plugins-core \
+ gcc \
+ gcc-c++ \
+ git \
+ gnutls-devel \
+ libjpeg-turbo-devel \
+ libpng-devel \
+ libtiff-devel \
+ libxshmfence-devel \
+ make \
+ mesa-dri-drivers \
+ mesa-libgbm-devel \
+ openssl-devel \
+ patch \
+ tigervnc-server \
+ wget \
+ xorg-x11-font-utils \
+ zlib-devel
# Enable additional repos (epel, powertools, and fusion)
RUN dnf config-manager --set-enabled ol8_codeready_builder
@@ -46,12 +50,10 @@ RUN dnf install -y \
libXtst-devel \
libXcursor-devel
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
- ./configure --enable-static --disable-shared && \
- make && make install
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd
diff --git a/builder/dockerfile.oracle_8.rpm.build b/builder/dockerfile.oracle_8.rpm.build
index edc637d..d9e814f 100644
--- a/builder/dockerfile.oracle_8.rpm.build
+++ b/builder/dockerfile.oracle_8.rpm.build
@@ -13,7 +13,7 @@ RUN dnf install -y \
tree \
vim
-COPY oracle/*.spec /tmp
+COPY oracle/kasmvncserver.spec /tmp
RUN dnf builddep -y /tmp/*.spec
RUN useradd -m docker && echo "docker:docker" | chpasswd
diff --git a/builder/dockerfile.oracle_9.barebones.rpm.test b/builder/dockerfile.oracle_9.barebones.rpm.test
new file mode 100644
index 0000000..2e8f3b5
--- /dev/null
+++ b/builder/dockerfile.oracle_9.barebones.rpm.test
@@ -0,0 +1,25 @@
+FROM oraclelinux:9
+
+ENV STARTUPDIR=/dockerstartup
+
+RUN dnf install -y \
+ less \
+ vim \
+ xterm
+RUN dnf config-manager --set-enabled ol9_codeready_builder
+RUN dnf install -y oracle-epel-release-el9
+
+ARG KASMVNC_PACKAGE_DIR
+COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp
+RUN dnf localinstall -y /tmp/*.rpm
+
+RUN dnf install -y crypto-policies-scripts
+RUN update-crypto-policies --set FIPS:SHA1
+
+RUN mkdir -p $STARTUPDIR
+COPY startup/vnc_startup_barebones.sh $STARTUPDIR
+
+RUN useradd -m foo
+USER foo:kasmvnc-cert
+
+ENTRYPOINT "/$STARTUPDIR/vnc_startup_barebones.sh"
diff --git a/builder/dockerfile.oracle_9.build b/builder/dockerfile.oracle_9.build
new file mode 100644
index 0000000..2b4a102
--- /dev/null
+++ b/builder/dockerfile.oracle_9.build
@@ -0,0 +1,63 @@
+FROM oraclelinux:9
+
+ENV KASMVNC_BUILD_OS oracle
+ENV KASMVNC_BUILD_OS_CODENAME 9
+ENV XORG_VER 1.20.10
+
+# Install from stock repos
+RUN \
+ dnf config-manager --set-enabled ol9_codeready_builder && \
+ dnf config-manager --set-enabled ol9_distro_builder && \
+ dnf install -y \
+ bzip2-devel \
+ ca-certificates \
+ cmake \
+ dnf-plugins-core \
+ gcc \
+ gcc-c++ \
+ git \
+ gnutls-devel \
+ libjpeg-turbo-devel \
+ libpng-devel \
+ libtiff-devel \
+ libxshmfence-devel \
+ make \
+ mesa-dri-drivers \
+ mesa-libGL-devel \
+ mesa-libgbm-devel \
+ openssl-devel \
+ openssl-devel \
+ patch \
+ tigervnc-server \
+ wget \
+ xorg-x11-font-utils \
+ zlib-devel
+
+# Enable additional repos (epel, powertools, and fusion)
+RUN dnf install -y oracle-epel-release-el9
+RUN dnf install -y --nogpgcheck https://mirrors.rpmfusion.org/free/el/rpmfusion-free-release-9.noarch.rpm
+
+# Install from new repos
+RUN dnf install -y \
+ giflib-devel \
+ lbzip2 \
+ libXfont2-devel \
+ libxkbfile-devel \
+ xorg-x11-server-devel \
+ xorg-x11-xtrans-devel \
+ libXrandr-devel \
+ libXtst-devel \
+ libXcursor-devel
+
+
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+COPY --chown=docker:docker . /src/
+
+USER docker
+ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/builder/dockerfile.oracle_9.rpm.build b/builder/dockerfile.oracle_9.rpm.build
new file mode 100644
index 0000000..50f504d
--- /dev/null
+++ b/builder/dockerfile.oracle_9.rpm.build
@@ -0,0 +1,23 @@
+FROM oraclelinux:9
+
+ENV KASMVNC_BUILD_OS oracle
+ENV KASMVNC_BUILD_OS_CODENAME 9
+
+RUN dnf config-manager --set-enabled ol9_codeready_builder
+RUN dnf config-manager --set-enabled ol9_distro_builder
+RUN dnf install -y \
+ gpg* \
+ less \
+ redhat-lsb-core \
+ rng-tools \
+ rpm* \
+ rpmlint \
+ rsync \
+ tree \
+ vim
+
+COPY oracle/kasmvncserver9.spec /tmp
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+USER docker
diff --git a/builder/dockerfile.ubuntu1604.build b/builder/dockerfile.ubuntu1604.build
deleted file mode 100644
index 8ca3260..0000000
--- a/builder/dockerfile.ubuntu1604.build
+++ /dev/null
@@ -1,21 +0,0 @@
-FROM ubuntu:16.04
-
-RUN sed -i 's$# deb-src$deb-src$' /etc/apt/sources.list
-
-RUN apt-get update && \
- apt-get -y install sudo
-
-RUN apt-get -y build-dep xorg-server
-RUN apt-get -y install cmake git libjpeg-dev libgnutls-dev vim wget tightvncserver
-RUN apt-get -y install libjpeg-dev libpng-dev libtiff-dev libgif-dev
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzvf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && ./configure && make && make install
-
-RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
-
-COPY --chown=docker:docker . /src/
-
-
-USER docker
-ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.build b/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.build
deleted file mode 100644
index 2615bff..0000000
--- a/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.build
+++ /dev/null
@@ -1,39 +0,0 @@
-FROM ubuntu:18.04
-
-ENV KASMVNC_BUILD_OS ubuntu
-ENV KASMVNC_BUILD_OS_CODENAME bionic
-ENV XORG_VER 1.20.10
-
-RUN sed -i 's$# deb-src$deb-src$' /etc/apt/sources.list
-
-RUN apt-get update && \
- apt-get -y install sudo
-
-RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
-RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget tightvncserver
-RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev
-
-RUN apt-get update && apt-get install -y cmake nasm gcc
-RUN git clone https://github.com/libjpeg-turbo/libjpeg-turbo.git
-RUN export MAKEFLAGS=-j`nproc`; cd libjpeg-turbo && cmake -G"Unix Makefiles" && make deb
-RUN export MAKEFLAGS=-j`nproc`; cd libjpeg-turbo && cmake -DCMAKE_INSTALL_PREFIX=/usr/local -G"Unix Makefiles" && make && make install
-
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
- ./configure --enable-static --disable-shared && \
- make && make install
-
-# Fix for older required libs
-#RUN cd /tmp && wget http://launchpadlibrarian.net/347526424/libxfont1-dev_1.5.2-4ubuntu2_amd64.deb && \
-# wget http://launchpadlibrarian.net/347526425/libxfont1_1.5.2-4ubuntu2_amd64.deb && \
-# dpkg -i libxfont1_1.5.2-4ubuntu2_amd64.deb && \
-# dpkg -i libxfont1-dev_1.5.2-4ubuntu2_amd64.deb
-
-RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
-
-COPY --chown=docker:docker . /src
-
-USER docker
-ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/builder/dockerfile.ubuntu_bionic.build b/builder/dockerfile.ubuntu_bionic.build
index f54123b..c76b4eb 100644
--- a/builder/dockerfile.ubuntu_bionic.build
+++ b/builder/dockerfile.ubuntu_bionic.build
@@ -10,15 +10,13 @@ RUN apt-get update && \
apt-get -y install sudo
RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
-RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver
+RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget tightvncserver curl
RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
- ./configure --enable-static --disable-shared && \
- make && make install
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
# Fix for older required libs
#RUN cd /tmp && wget http://launchpadlibrarian.net/347526424/libxfont1-dev_1.5.2-4ubuntu2_amd64.deb && \
diff --git a/builder/dockerfile.ubuntu_bionic.test b/builder/dockerfile.ubuntu_bionic.test
index de10bd1..a9c2049 100644
--- a/builder/dockerfile.ubuntu_bionic.test
+++ b/builder/dockerfile.ubuntu_bionic.test
@@ -29,7 +29,7 @@ WORKDIR $HOME
### REQUIRED STUFF ###
-RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext libjpeg-dev wget
+RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget
RUN apt-get purge -y pm-utils xscreensaver*
RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc
diff --git a/builder/dockerfile.ubuntu_focal.barebones.deb.test b/builder/dockerfile.ubuntu_focal.barebones.deb.test
index 9b16154..d9effe0 100644
--- a/builder/dockerfile.ubuntu_focal.barebones.deb.test
+++ b/builder/dockerfile.ubuntu_focal.barebones.deb.test
@@ -2,9 +2,13 @@ FROM ubuntu:focal
ENV STARTUPDIR=/dockerstartup
+COPY ./builder/scripts/ /tmp/scripts/
+COPY ./debian/changelog /tmp
+
ARG KASMVNC_PACKAGE_DIR
COPY $KASMVNC_PACKAGE_DIR/kasmvncserver_*.deb /tmp/
-RUN rm -f /tmp/kasmvncserver_*+*.deb; apt-get update && dpkg -i /tmp/*.deb; apt-get -yf install
+RUN /tmp/scripts/install_kasmvncserver_package
+
RUN apt-get update && apt-get -y install xterm lsb-release
RUN mkdir -p $STARTUPDIR
diff --git a/builder/dockerfile.ubuntu_focal.build b/builder/dockerfile.ubuntu_focal.build
index 5925c92..c734715 100644
--- a/builder/dockerfile.ubuntu_focal.build
+++ b/builder/dockerfile.ubuntu_focal.build
@@ -12,15 +12,13 @@ RUN apt-get update && \
RUN apt-get update && apt-get install -y --no-install-recommends tzdata
RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
-RUN apt-get update && apt-get -y install cmake git libjpeg-dev vim wget
+RUN apt-get update && apt-get -y install cmake git vim wget curl
RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
- ./configure --enable-static --disable-shared && \
- make && make install
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
diff --git a/builder/dockerfile.ubuntu_focal.test b/builder/dockerfile.ubuntu_focal.test
index 7cf307b..3002fb5 100644
--- a/builder/dockerfile.ubuntu_focal.test
+++ b/builder/dockerfile.ubuntu_focal.test
@@ -29,7 +29,7 @@ WORKDIR $HOME
### REQUIRED STUFF ###
-RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext libjpeg-dev wget
+RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget
RUN apt-get purge -y pm-utils xscreensaver*
RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc
diff --git a/builder/dockerfile.ubuntu_jammy.build b/builder/dockerfile.ubuntu_jammy.build
index 4ca442f..ee120cb 100644
--- a/builder/dockerfile.ubuntu_jammy.build
+++ b/builder/dockerfile.ubuntu_jammy.build
@@ -12,15 +12,13 @@ RUN apt-get update && \
RUN apt-get update && apt-get install -y --no-install-recommends tzdata
RUN apt-get update && apt-get -y build-dep xorg-server libxfont-dev
-RUN apt-get update && apt-get -y install cmake git libjpeg-dev libgnutls28-dev vim wget tightvncserver
+RUN apt-get update && apt-get -y install cmake git libgnutls28-dev vim wget tightvncserver curl
RUN apt-get update && apt-get -y install libpng-dev libtiff-dev libgif-dev libavcodec-dev libssl-dev libxrandr-dev libxcursor-dev
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
- ./configure --enable-static --disable-shared && \
- make && make install
+ENV SCRIPTS_DIR=/tmp/scripts
+COPY builder/scripts $SCRIPTS_DIR
+RUN $SCRIPTS_DIR/build-webp
+RUN $SCRIPTS_DIR/build-libjpeg-turbo
RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo
diff --git a/builder/dockerfile.ubuntu_jammy.test b/builder/dockerfile.ubuntu_jammy.test
index 9adc1b5..a4fb5d7 100644
--- a/builder/dockerfile.ubuntu_jammy.test
+++ b/builder/dockerfile.ubuntu_jammy.test
@@ -29,7 +29,7 @@ WORKDIR $HOME
### REQUIRED STUFF ###
-RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext libjpeg-dev wget
+RUN apt-get update && apt-get install -y supervisor xfce4 xfce4-terminal xterm libnss-wrapper gettext wget
RUN apt-get purge -y pm-utils xscreensaver*
RUN echo 'source $STARTUPDIR/generate_container_user' >> $HOME/.bashrc
diff --git a/builder/os_ver_cli.sh b/builder/os_ver_cli.sh
index f23fb9e..534810d 100644
--- a/builder/os_ver_cli.sh
+++ b/builder/os_ver_cli.sh
@@ -1,3 +1,5 @@
+#!/bin/bash
+
default_os=${default_os:-ubuntu}
default_os_codename=${default_os_codename:-bionic}
diff --git a/builder/process_test_options.sh b/builder/process_test_options.sh
new file mode 100644
index 0000000..da8b55c
--- /dev/null
+++ b/builder/process_test_options.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+usage() {
+ echo >&2 "Usage: $(basename "$0") [-s|--shell] [-p|--perf-test] [-h|--help] "
+ exit
+}
+
+process_options() {
+ local sorted_options=$(getopt -o psh --long perf-test --long shell --long help -- "$@")
+ eval set -- $sorted_options
+
+ while : ; do
+ case "$1" in
+ -p|--perf-test)
+ entrypoint_args='-interface 0.0.0.0 -selfBench :1'
+ entrypoint_executable="--entrypoint=/usr/bin/Xvnc"
+ shift
+ ;;
+ -s|--shell)
+ entrypoint_executable="--entrypoint=bash"
+ shift
+ ;;
+ -h|--help)
+ print_usage=1
+ ;;
+ --)
+ shift
+ break
+ ;;
+ esac
+ done
+
+ leftover_options=("$@")
+}
+
+declare -a leftover_options
+
+if [ "$#" -eq 0 ]; then
+ usage
+ exit
+fi
+
+process_options "$@"
+set -- "${leftover_options[@]}"
+
+if [ -n "$print_usage" ]; then
+ usage
+ exit
+fi
diff --git a/builder/scripts/build-libjpeg-turbo b/builder/scripts/build-libjpeg-turbo
new file mode 100755
index 0000000..1510f24
--- /dev/null
+++ b/builder/scripts/build-libjpeg-turbo
@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+build_and_install() {
+ export MAKEFLAGS=-j`nproc`
+ export CFLAGS="-fpic"
+ cmake -DCMAKE_INSTALL_PREFIX=/usr/local -G"Unix Makefiles"
+ make
+ make install
+}
+
+install_build_dependencies() {
+ install_packages cmake gcc
+ ensure_libjpeg_is_fast
+}
+
+ensure_libjpeg_is_fast() {
+ install_packages nasm
+}
+
+prepare_libjpeg_source() {
+ export JPEG_TURBO_RELEASE=$(curl -sX GET "https://api.github.com/repos/libjpeg-turbo/libjpeg-turbo/releases/latest" \
+ | awk '/tag_name/{print $4;exit}' FS='[""]')
+ mkdir libjpeg-turbo
+ curl -Ls "https://github.com/libjpeg-turbo/libjpeg-turbo/archive/${JPEG_TURBO_RELEASE}.tar.gz" | \
+ tar xzvf - -C libjpeg-turbo/ --strip-components=1
+ cd libjpeg-turbo
+}
+
+source_dir=$(dirname "$0")
+. "$source_dir/common.sh"
+
+install_build_dependencies
+prepare_libjpeg_source
+build_and_install
diff --git a/builder/scripts/build-webp b/builder/scripts/build-webp
new file mode 100755
index 0000000..82b07ba
--- /dev/null
+++ b/builder/scripts/build-webp
@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+webp_tar_url=https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.2.4.tar.gz
+
+prepare_source() {
+ cd /tmp
+ wget "$webp_tar_url"
+ tar -xzf /tmp/libwebp-*
+ rm /tmp/libwebp-*.tar.gz
+ cd /tmp/libwebp-*
+}
+
+build_and_install() {
+ export MAKEFLAGS=-j`nproc`
+ ./configure --enable-static --disable-shared
+ make
+ make install
+}
+
+prepare_source
+build_and_install
diff --git a/builder/scripts/common.sh b/builder/scripts/common.sh
new file mode 100644
index 0000000..4440b66
--- /dev/null
+++ b/builder/scripts/common.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+detect_distro() {
+ if [ -f /etc/centos-release ]; then
+ DISTRO=centos
+ elif [ -f /etc/oracle-release ]; then
+ DISTRO=oracle
+ elif [ -f /etc/fedora-release ]; then
+ DISTRO=fedora
+ elif [ -f /usr/bin/zypper ]; then
+ DISTRO=opensuse
+ elif [ -f /etc/alpine-release ]; then
+ DISTRO=alpine
+ else
+ DISTRO=debian
+ fi
+}
+
+install_packages() {
+ local install_cmd=no-command-defined
+
+ case "$DISTRO" in
+ centos) install_cmd="yum install -y" ;;
+ oracle) install_cmd="dnf install -y" ;;
+ fedora) install_cmd="dnf install -y" ;;
+ opensuse) install_cmd="zypper install -y" ;;
+ alpine) install_cmd="apk add" ;;
+ *) install_cmd="apt-get update && apt-get install -y"
+ esac
+
+ eval "$install_cmd $*"
+}
+
+detect_distro
diff --git a/builder/test-deb b/builder/test-deb
index 50accfa..9a8c11d 100755
--- a/builder/test-deb
+++ b/builder/test-deb
@@ -3,6 +3,7 @@
set -e
cd "$(dirname "$0")/.."
+. ./builder/process_test_options.sh
. ./builder/os_ver_cli.sh
. ./builder/common.sh
@@ -11,8 +12,11 @@ docker build --build-arg KASMVNC_PACKAGE_DIR="builder/build/${os_codename}" \
--build-arg BUILD_DEBIAN_REVISION="$build_debian_revision" \
-t "$tester_image" \
-f "builder/dockerfile.${os}_${os_codename}${build_tag}.deb.test" .
+
docker run -it -p "443:$VNC_PORT" --rm \
-e KASMVNC_VERBOSE_LOGGING=$KASMVNC_VERBOSE_LOGGING \
-e "VNC_USER=foo" -e "VNC_PW=foobar" \
-e "VNC_PORT=$VNC_PORT" \
- "$tester_image"
+ $entrypoint_executable \
+ "$tester_image" \
+ $entrypoint_args
diff --git a/builder/test-deb-barebones b/builder/test-deb-barebones
index d29978e..9ffdb5d 100755
--- a/builder/test-deb-barebones
+++ b/builder/test-deb-barebones
@@ -3,6 +3,7 @@
set -e
cd "$(dirname "$0")/.."
+. ./builder/process_test_options.sh
. ./builder/common.sh
os="${1:-debian}"
os_codename="${2:-buster}"
@@ -13,4 +14,6 @@ docker build --build-arg KASMVNC_PACKAGE_DIR="builder/build/${os_codename}" \
echo
docker run -it -p "443:$VNC_PORT" --rm -e "VNC_USER=foo" -e "VNC_PW=foobar" \
-e "VNC_PORT=$VNC_PORT" \
- kasmvnctester_barebones_${os}:$os_codename
+ $entrypoint_executable \
+ kasmvnctester_barebones_${os}:$os_codename \
+ $entrypoint_args
diff --git a/builder/test-rpm b/builder/test-rpm
index fbf731e..aed8652 100755
--- a/builder/test-rpm
+++ b/builder/test-rpm
@@ -3,6 +3,7 @@
set -e
cd "$(dirname "$0")/.."
+. ./builder/process_test_options.sh
. ./builder/os_ver_cli.sh
. ./builder/common.sh
@@ -16,4 +17,6 @@ docker run -it -p "443:$VNC_PORT" --rm \
-e KASMVNC_VERBOSE_LOGGING=$KASMVNC_VERBOSE_LOGGING \
-e "VNC_USER=foo" -e "VNC_PW=foobar" \
-e "VNC_PORT=$VNC_PORT" \
- kasmvnctester_${os}:$os_codename
+ $entrypoint_executable \
+ kasmvnctester_${os}:$os_codename \
+ $entrypoint_args
diff --git a/builder/test-rpm-barebones b/builder/test-rpm-barebones
index b804a75..6318bda 100755
--- a/builder/test-rpm-barebones
+++ b/builder/test-rpm-barebones
@@ -3,6 +3,7 @@
set -e
cd "$(dirname "$0")"
+. ./process_test_options.sh
. ./common.sh
os="${1:-centos}"
os_codename="${2:-core}"
@@ -12,4 +13,6 @@ docker build --build-arg KASMVNC_PACKAGE_DIR="build/${os}_${os_codename}" \
-f dockerfile.${os}_${os_codename}.barebones.rpm.test .
docker run -it -p "443:$VNC_PORT" --rm -e "VNC_USER=foo" -e "VNC_PW=foobar" \
-e "VNC_PORT=$VNC_PORT" \
- kasmvnctester_barebones_${os}:$os_codename
+ $entrypoint_executable \
+ kasmvnctester_barebones_${os}:$os_codename \
+ $entrypoint_args
diff --git a/centos/kasmvncserver.spec b/centos/kasmvncserver.spec
index 9395eff..4de4ef6 100644
--- a/centos/kasmvncserver.spec
+++ b/centos/kasmvncserver.spec
@@ -1,5 +1,5 @@
Name: kasmvncserver
-Version: 1.0.0
+Version: 1.1.0
Release: 1%{?dist}
Summary: VNC server accessible from a web browser
@@ -11,14 +11,14 @@ Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-
Conflicts: tigervnc-server, tigervnc-server-minimal
%description
-KasmVNC provides remote web-based access to a Desktop or application.
-While VNC is in the name, KasmVNC differs from other VNC variants such
-as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB
-specification which defines VNC, in order to support modern technologies
-and increase security. KasmVNC is accessed by users from any modern
-browser and does not support legacy VNC viewer applications. KasmVNC
-uses a modern YAML based configuration at the server and user level,
-allowing for ease of management. KasmVNC is maintained by Kasm
+KasmVNC provides remote web-based access to a Desktop or application.
+While VNC is in the name, KasmVNC differs from other VNC variants such
+as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB
+specification which defines VNC, in order to support modern technologies
+and increase security. KasmVNC is accessed by users from any modern
+browser and does not support legacy VNC viewer applications. KasmVNC
+uses a modern YAML based configuration at the server and user level,
+allowing for ease of management. KasmVNC is maintained by Kasm
Technologies Corp, www.kasmweb.com.
WARNING: this package requires EPEL.
@@ -52,7 +52,7 @@ cp $SRC_BIN/kasmxproxy $DESTDIR/usr/bin;
cp -r $SRC/lib/kasmvnc/ $DESTDIR/usr/lib/kasmvncserver
cd $DESTDIR/usr/bin && ln -s kasmvncpasswd vncpasswd;
cp -r $SRC/share/doc/kasmvnc*/* $DESTDIR/usr/share/doc/kasmvncserver/
-rsync -r --exclude '.git*' --exclude po2js --exclude xgettext-html \
+rsync -r --links --safe-links --exclude '.git*' --exclude po2js --exclude xgettext-html \
--exclude www/utils/ --exclude .eslintrc --exclude configure \
$SRC/share/kasmvnc $DESTDIR/usr/share
@@ -83,6 +83,8 @@ cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
%doc /usr/share/doc/kasmvncserver/README.md
%changelog
+* Wed Apr 05 2023 KasmTech - 1.1.0-1
+- Upstream release
* Tue Nov 29 2022 KasmTech - 1.0.0-1
- WebRTC UDP transit support with support of STUN servers
- Lossless compression using multi-threaded WASM QOI decoder client side
diff --git a/common/rfb/CMakeLists.txt b/common/rfb/CMakeLists.txt
index 01ce5cb..905e76e 100644
--- a/common/rfb/CMakeLists.txt
+++ b/common/rfb/CMakeLists.txt
@@ -1,4 +1,4 @@
-include_directories(${CMAKE_SOURCE_DIR}/common ${JPEG_INCLUDE_DIR}
+include_directories(${CMAKE_SOURCE_DIR}/common ${JPEG_INCLUDE_DIR} ${PNG_INCLUDE_DIR}
${CMAKE_SOURCE_DIR}/unix/kasmvncpasswd)
set(RFB_SOURCES
@@ -65,6 +65,7 @@ set(RFB_SOURCES
VNCServerST.cxx
ZRLEEncoder.cxx
ZRLEDecoder.cxx
+ Watermark.cxx
cpuid.cxx
encodings.cxx
util.cxx
@@ -79,7 +80,7 @@ if(WIN32)
set(RFB_SOURCES ${RFB_SOURCES} WinPasswdValidator.cxx)
endif(WIN32)
-set(RFB_LIBRARIES ${JPEG_LIBRARIES} os rdr Xregion)
+set(RFB_LIBRARIES ${JPEG_LIBRARIES} ${PNG_LIBRARIES} os rdr Xregion)
if(HAVE_PAM)
set(RFB_SOURCES ${RFB_SOURCES} UnixPasswordValidator.cxx
diff --git a/common/rfb/ConnParams.cxx b/common/rfb/ConnParams.cxx
index 177ab73..77269db 100644
--- a/common/rfb/ConnParams.cxx
+++ b/common/rfb/ConnParams.cxx
@@ -285,6 +285,8 @@ void ConnParams::setEncodings(int nEncodings, const rdr::S32* encodings)
// QOI-specific overrides
if (supportsQOI)
useCopyRect = false;
+ if (Server::DLP_WatermarkImage[0])
+ useCopyRect = false;
}
void ConnParams::setLEDState(unsigned int state)
diff --git a/common/rfb/EncodeManager.cxx b/common/rfb/EncodeManager.cxx
index bcc9772..cc6f571 100644
--- a/common/rfb/EncodeManager.cxx
+++ b/common/rfb/EncodeManager.cxx
@@ -34,6 +34,7 @@
#include
#include
#include
+#include
#include
#include
@@ -162,6 +163,7 @@ static void updateMaxVideoRes(uint16_t *x, uint16_t *y) {
EncodeManager::EncodeManager(SConnection* conn_, EncCache *encCache_) : conn(conn_),
dynamicQualityMin(-1), dynamicQualityOff(-1),
areaCur(0), videoDetected(false), videoTimer(this),
+ watermarkStats(0),
maxEncodingTime(0), framesSinceEncPrint(0),
encCache(encCache_)
{
@@ -299,6 +301,11 @@ void EncodeManager::logStats()
vlog.info(" Total: %s, %s", a, b);
iecPrefix(bytes, "B", a, sizeof(a));
vlog.info(" %s (1:%g ratio)", a, ratio);
+
+ if (watermarkData) {
+ siPrefix(watermarkStats, "B", a, sizeof(a));
+ vlog.info(" Watermark data sent: %s", a);
+ }
}
bool EncodeManager::supported(int encoding)
@@ -408,8 +415,14 @@ void EncodeManager::doUpdate(bool allowLossy, const Region& changed_,
nRects += copypassed.size();
nRects += computeNumRects(changed);
nRects += computeNumRects(cursorRegion);
+
+ if (watermarkData)
+ nRects++;
}
+ if (watermarkData)
+ packWatermark(changed);
+
conn->writer()->writeFramebufferUpdateStart(nRects);
writeCopyRects(copied, copyDelta);
@@ -427,6 +440,23 @@ void EncodeManager::doUpdate(bool allowLossy, const Region& changed_,
if (!videoDetected) // In case detection happened between the calls
writeRects(cursorRegion, renderedCursor);
+ if (watermarkData) {
+ beforeLength = conn->getOutStream(conn->cp.supportsUdp)->length();
+
+ const Rect rect(0, 0, pb->width(), pb->height());
+ TightEncoder *encoder = ((TightEncoder *) encoders[encoderTight]);
+
+ conn->writer()->startRect(rect, encoder->encoding);
+ encoder->writeWatermarkRect(watermarkData, watermarkDataLen,
+ watermarkInfo.r,
+ watermarkInfo.g,
+ watermarkInfo.b,
+ watermarkInfo.a);
+ conn->writer()->endRect();
+
+ watermarkStats += conn->getOutStream(conn->cp.supportsUdp)->length() - beforeLength;
+ }
+
updateQualities();
conn->writer()->writeFramebufferUpdateEnd();
diff --git a/common/rfb/EncodeManager.h b/common/rfb/EncodeManager.h
index dfa5e53..20ba837 100644
--- a/common/rfb/EncodeManager.h
+++ b/common/rfb/EncodeManager.h
@@ -193,6 +193,7 @@ namespace rfb {
unsigned updates;
EncoderStats copyStats;
StatsVector stats;
+ unsigned long long watermarkStats;
int activeType;
int beforeLength;
size_t curMaxUpdateSize;
diff --git a/common/rfb/Region.cxx b/common/rfb/Region.cxx
index ed0ddb6..98ca2c6 100644
--- a/common/rfb/Region.cxx
+++ b/common/rfb/Region.cxx
@@ -239,3 +239,8 @@ void rfb::Region::debug_print(const char* prefix) const
xrgn->rects[i].y2-xrgn->rects[i].y1);
}
}
+
+bool rfb::Region::contains(int x, int y) const
+{
+ return XPointInRegion(xrgn, x, y);
+}
diff --git a/common/rfb/Region.h b/common/rfb/Region.h
index 7cc0eaa..7f10708 100644
--- a/common/rfb/Region.h
+++ b/common/rfb/Region.h
@@ -73,6 +73,8 @@ namespace rfb {
void debug_print(const char *prefix) const;
+ bool contains(int x, int y) const;
+
protected:
struct _XRegion* xrgn;
diff --git a/common/rfb/ServerCore.cxx b/common/rfb/ServerCore.cxx
index c95bca4..2af90bb 100644
--- a/common/rfb/ServerCore.cxx
+++ b/common/rfb/ServerCore.cxx
@@ -185,6 +185,23 @@ rfb::BoolParameter rfb::Server::DLP_RegionAllowRelease
"Allow click releases inside the blacked-out region",
true);
+rfb::IntParameter rfb::Server::DLP_WatermarkRepeatSpace
+("DLP_WatermarkRepeatSpace",
+ "Number of pixels between repeats of the watermark",
+ 0, 0, 4096);
+rfb::StringParameter rfb::Server::DLP_WatermarkImage
+("DLP_WatermarkImage",
+ "PNG file to use as a watermark",
+ "");
+rfb::StringParameter rfb::Server::DLP_WatermarkLocation
+("DLP_WatermarkLocation",
+ "Place the watermark at this position from the corner.",
+ "");
+rfb::StringParameter rfb::Server::DLP_WatermarkTint
+("DLP_WatermarkTint",
+ "Tint the greyscale watermark by this color.",
+ "255,255,255,255");
+
rfb::StringParameter rfb::Server::maxVideoResolution
("MaxVideoResolution",
"When in video mode, downscale the screen to max this size.",
diff --git a/common/rfb/ServerCore.h b/common/rfb/ServerCore.h
index 46db780..a33e7aa 100644
--- a/common/rfb/ServerCore.h
+++ b/common/rfb/ServerCore.h
@@ -48,9 +48,13 @@ namespace rfb {
static IntParameter DLP_ClipAcceptMax;
static IntParameter DLP_ClipDelay;
static IntParameter DLP_KeyRateLimit;
+ static IntParameter DLP_WatermarkRepeatSpace;
static StringParameter DLP_ClipLog;
static StringParameter DLP_Region;
static StringParameter DLP_Clip_Types;
+ static StringParameter DLP_WatermarkImage;
+ static StringParameter DLP_WatermarkLocation;
+ static StringParameter DLP_WatermarkTint;
static BoolParameter DLP_RegionAllowClick;
static BoolParameter DLP_RegionAllowRelease;
static IntParameter jpegVideoQuality;
diff --git a/common/rfb/TightConstants.h b/common/rfb/TightConstants.h
index 70f0ea2..fa89d23 100644
--- a/common/rfb/TightConstants.h
+++ b/common/rfb/TightConstants.h
@@ -25,7 +25,8 @@ namespace rfb {
const unsigned int tightPng = 0x0a;
const unsigned int tightWebp = 0x0b;
const unsigned int tightQoi = 0x0c;
- const unsigned int tightMaxSubencoding = 0x0c;
+ const unsigned int tightIT = 0x0d;
+ const unsigned int tightMaxSubencoding = 0x0d;
// Filters to improve compression efficiency
const unsigned int tightFilterCopy = 0x00;
diff --git a/common/rfb/TightEncoder.cxx b/common/rfb/TightEncoder.cxx
index fadabfa..dc28e0c 100644
--- a/common/rfb/TightEncoder.cxx
+++ b/common/rfb/TightEncoder.cxx
@@ -277,6 +277,28 @@ void TightEncoder::resetZlib()
zlibNeedsReset = true;
}
+void TightEncoder::writeWatermarkRect(const rdr::U8 *data, const unsigned len,
+ const rdr::U8 r,
+ const rdr::U8 g,
+ const rdr::U8 b,
+ const rdr::U8 a)
+{
+ rdr::OutStream* os;
+
+ os = conn->getOutStream(conn->cp.supportsUdp);
+
+ os->writeU8(tightIT << 4);
+
+ writeCompact(os, len + 4);
+
+ os->writeU8(r);
+ os->writeU8(g);
+ os->writeU8(b);
+ os->writeU8(a);
+
+ os->writeBytes(data, len);
+}
+
//
// Including BPP-dependent implementation of the encoder.
//
diff --git a/common/rfb/TightEncoder.h b/common/rfb/TightEncoder.h
index 370b50c..222b636 100644
--- a/common/rfb/TightEncoder.h
+++ b/common/rfb/TightEncoder.h
@@ -39,6 +39,11 @@ namespace rfb {
virtual void writeSolidRect(int width, int height,
const PixelFormat& pf,
const rdr::U8* colour);
+ void writeWatermarkRect(const rdr::U8 *data, const unsigned len,
+ const rdr::U8 r,
+ const rdr::U8 g,
+ const rdr::U8 b,
+ const rdr::U8 a);
void resetZlib();
protected:
diff --git a/common/rfb/VNCSConnectionST.cxx b/common/rfb/VNCSConnectionST.cxx
index 49a039a..3c0f3a9 100644
--- a/common/rfb/VNCSConnectionST.cxx
+++ b/common/rfb/VNCSConnectionST.cxx
@@ -66,7 +66,7 @@ VNCSConnectionST::VNCSConnectionST(VNCServerST* server_, network::Socket *s,
needsPermCheck(false), pointerEventTime(0),
clientHasCursor(false),
accessRights(AccessDefault), startTime(time(0)), frameTracking(false),
- udpFramesSinceFull(0)
+ udpFramesSinceFull(0), complainedAboutNoViewRights(false)
{
setStreams(&sock->inStream(), &sock->outStream());
peerEndpoint.buf = sock->getPeerEndpoint();
@@ -1314,8 +1314,14 @@ void VNCSConnectionST::writeFramebufferUpdate()
}
}
- if (!(accessRights & AccessView))
+ if (!(accessRights & AccessView)) {
+ if (!complainedAboutNoViewRights) {
+ complainedAboutNoViewRights = true;
+ vlog.error("User %s has no read permissions. If this is not intended, grant them permissions with kasmvncpasswd or via the API",
+ user);
+ }
return;
+ }
// Updates often consists of many small writes, and in continuous
// mode, we will also have small fence messages around the update. We
@@ -1783,6 +1789,9 @@ void VNCSConnectionST::udpDowngrade(const bool byServer)
cp.useCopyRect = true;
encodeManager.resetZlib();
+ if (Server::DLP_WatermarkImage[0])
+ cp.useCopyRect = false;
+
vlog.info("Client %s downgrading from udp by %s", sock->getPeerAddress(),
byServer ? "the server" : "its own request");
}
diff --git a/common/rfb/VNCSConnectionST.h b/common/rfb/VNCSConnectionST.h
index 55c20cd..654f44e 100644
--- a/common/rfb/VNCSConnectionST.h
+++ b/common/rfb/VNCSConnectionST.h
@@ -341,6 +341,7 @@ namespace rfb {
uint32_t udpFramesSinceFull;
char unixRelaySubscriptions[MAX_UNIX_RELAYS][MAX_UNIX_RELAY_NAME_LEN];
+ bool complainedAboutNoViewRights;
};
}
#endif
diff --git a/common/rfb/VNCServerST.cxx b/common/rfb/VNCServerST.cxx
index 198b695..b6a0123 100644
--- a/common/rfb/VNCServerST.cxx
+++ b/common/rfb/VNCServerST.cxx
@@ -62,6 +62,7 @@
#include
#include
#include
+#include
#include
#include
@@ -1048,6 +1049,9 @@ void VNCServerST::writeUpdate()
memset(&jpegstats, 0, sizeof(EncodeManager::codecstats_t));
memset(&webpstats, 0, sizeof(EncodeManager::codecstats_t));
+ if (watermarkData)
+ updateWatermark();
+
for (ci = clients.begin(); ci != clients.end(); ci = ci_next) {
ci_next = ci; ci_next++;
diff --git a/common/rfb/VNCServerST.h b/common/rfb/VNCServerST.h
index 805a07f..2bb61b3 100644
--- a/common/rfb/VNCServerST.h
+++ b/common/rfb/VNCServerST.h
@@ -257,6 +257,8 @@ namespace rfb {
bool getComparerState();
+ void updateWatermark();
+
QueryConnectionHandler* queryConnectionHandler;
KeyRemapper* keyRemapper;
diff --git a/common/rfb/Watermark.cxx b/common/rfb/Watermark.cxx
new file mode 100644
index 0000000..6a21dc1
--- /dev/null
+++ b/common/rfb/Watermark.cxx
@@ -0,0 +1,248 @@
+/* Copyright (C) 2023 Kasm
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "Watermark.h"
+
+using namespace rfb;
+
+static LogWriter vlog("watermark");
+
+watermarkInfo_t watermarkInfo;
+
+uint8_t *watermarkData, *watermarkUnpacked, *watermarkTmp;
+uint32_t watermarkDataLen;
+static uint16_t rw, rh;
+
+#define MAXW 4096
+#define MAXH 4096
+
+static bool loadimage(const char path[]) {
+
+ FILE *f = fopen(path, "r");
+ if (!f) {
+ vlog.error("Can't open %s", path);
+ return false;
+ }
+
+ png_structp png_ptr = png_create_read_struct(PNG_LIBPNG_VER_STRING,NULL,NULL,NULL);
+ if (!png_ptr) return false;
+ png_infop info = png_create_info_struct(png_ptr);
+ if (!info) return false;
+ if (setjmp(png_jmpbuf(png_ptr))) return false;
+
+ png_init_io(png_ptr, f);
+ png_read_png(png_ptr, info,
+ PNG_TRANSFORM_PACKING |
+ PNG_TRANSFORM_STRIP_16 |
+ PNG_TRANSFORM_STRIP_ALPHA |
+ PNG_TRANSFORM_EXPAND, NULL);
+
+ uint8_t **rows = png_get_rows(png_ptr, info);
+ const unsigned imgw = png_get_image_width(png_ptr, info);
+ const unsigned imgh = png_get_image_height(png_ptr, info);
+
+ watermarkInfo.w = imgw;
+ watermarkInfo.h = imgh;
+ watermarkInfo.src = (uint8_t *) calloc(imgw, imgh);
+
+ unsigned x, y;
+ for (y = 0; y < imgh; y++) {
+ for (x = 0; x < imgw; x++) {
+ const uint8_t r = rows[y][x * 3 + 0];
+ const uint8_t g = rows[y][x * 3 + 1];
+ const uint8_t b = rows[y][x * 3 + 2];
+
+ const uint8_t grey = r * .2126f +
+ g * .7152f +
+ b * .0722f;
+
+ const uint8_t out = (grey + 8) >> 4;
+ watermarkInfo.src[y * imgw + x] = out < 16 ? out : 15;
+ }
+ }
+
+ fclose(f);
+ png_destroy_info_struct(png_ptr, &info);
+ png_destroy_read_struct(&png_ptr, NULL, NULL);
+
+ return true;
+}
+
+bool watermarkInit() {
+ memset(&watermarkInfo, 0, sizeof(watermarkInfo_t));
+ watermarkData = watermarkUnpacked = watermarkTmp = NULL;
+ rw = rh = 0;
+
+ if (!Server::DLP_WatermarkImage[0])
+ return true;
+
+ if (!loadimage(Server::DLP_WatermarkImage))
+ return false;
+
+ if (Server::DLP_WatermarkRepeatSpace && Server::DLP_WatermarkLocation[0]) {
+ vlog.error("Repeat and location can't be used together");
+ return false;
+ }
+
+ if (sscanf(Server::DLP_WatermarkTint, "%hhu,%hhu,%hhu,%hhu",
+ &watermarkInfo.r,
+ &watermarkInfo.g,
+ &watermarkInfo.b,
+ &watermarkInfo.a) != 4) {
+ vlog.error("Invalid tint");
+ return false;
+ }
+
+ watermarkInfo.repeat = Server::DLP_WatermarkRepeatSpace;
+
+ if (Server::DLP_WatermarkLocation[0]) {
+ if (sscanf(Server::DLP_WatermarkLocation, "%hd,%hd",
+ &watermarkInfo.x,
+ &watermarkInfo.y) != 2) {
+ vlog.error("Invalid location");
+ return false;
+ }
+ }
+
+ watermarkUnpacked = (uint8_t *) calloc(MAXW, MAXH);
+ watermarkTmp = (uint8_t *) calloc(MAXW, MAXH / 2);
+ watermarkData = (uint8_t *) calloc(MAXW, MAXH / 2);
+
+ return true;
+}
+
+// update the screen-size rendered watermark whenever the screen is resized
+void VNCServerST::updateWatermark() {
+ if (rw == pb->width() &&
+ rh == pb->height())
+ return;
+
+ rw = pb->width();
+ rh = pb->height();
+
+ memset(watermarkUnpacked, 0, rw * rh);
+
+ uint16_t x, y, srcy;
+
+ if (watermarkInfo.repeat) {
+ for (y = 0, srcy = 0; y < rh; y++) {
+ for (x = 0; x < rw;) {
+ if (x + watermarkInfo.w < rw)
+ memcpy(&watermarkUnpacked[y * rw + x],
+ &watermarkInfo.src[srcy * watermarkInfo.w],
+ watermarkInfo.w);
+ else
+ memcpy(&watermarkUnpacked[y * rw + x],
+ &watermarkInfo.src[srcy * watermarkInfo.w],
+ rw - x);
+
+ x += watermarkInfo.w + watermarkInfo.repeat;
+ }
+
+ srcy++;
+ if (srcy == watermarkInfo.h) {
+ srcy = 0;
+ y += watermarkInfo.repeat;
+ }
+ }
+ } else {
+ int16_t sx, sy;
+
+ if (!watermarkInfo.x)
+ sx = (rw - watermarkInfo.w) / 2;
+ else if (watermarkInfo.x > 0)
+ sx = watermarkInfo.x;
+ else
+ sx = rw - watermarkInfo.w + watermarkInfo.x;
+
+ if (sx < 0)
+ sx = 0;
+
+ if (!watermarkInfo.y)
+ sy = (rh - watermarkInfo.h) / 2;
+ else if (watermarkInfo.y > 0)
+ sy = watermarkInfo.y;
+ else
+ sy = rh - watermarkInfo.h + watermarkInfo.y;
+
+ if (sy < 0)
+ sy = 0;
+
+ for (y = 0; y < watermarkInfo.h; y++) {
+ if (sx + watermarkInfo.w < rw)
+ memcpy(&watermarkUnpacked[(sy + y) * rw + sx],
+ &watermarkInfo.src[y * watermarkInfo.w],
+ watermarkInfo.w);
+ else
+ memcpy(&watermarkUnpacked[(sy + y) * rw + sx],
+ &watermarkInfo.src[y * watermarkInfo.w],
+ rw - sx);
+ }
+ }
+}
+
+void packWatermark(const Region &changed) {
+ // Take the expanded 4-bit data, filter it by the changed rects, pack
+ // to shared bytes, and compress with zlib
+
+ uint16_t x, y;
+ uint8_t pix[2], cur = 0;
+ uint8_t *dst = watermarkTmp;
+
+ const Rect &bounding = changed.get_bounding_rect();
+
+ for (y = 0; y < rh; y++) {
+ // Is the entire line outside the changed area?
+ if (bounding.tl.y > y || bounding.br.y < y) {
+ for (x = 0; x < rw; x++) {
+ pix[cur] = 0;
+
+ if (cur || (y == rh - 1 && x == rw - 1))
+ *dst++ = pix[0] | (pix[1] << 4);
+
+ cur ^= 1;
+ }
+ } else {
+ for (x = 0; x < rw; x++) {
+ pix[cur] = 0;
+ if (bounding.contains(Point(x, y)) && changed.contains(x, y))
+ pix[cur] = watermarkUnpacked[y * rw + x];
+
+ if (cur || (y == rh - 1 && x == rw - 1))
+ *dst++ = pix[0] | (pix[1] << 4);
+
+ cur ^= 1;
+ }
+ }
+ }
+
+ uLong destLen = MAXW * MAXH / 2;
+ if (compress2(watermarkData, &destLen, watermarkTmp, rw * rh / 2 + 1, 1) != Z_OK)
+ vlog.error("Zlib compression error");
+
+ watermarkDataLen = destLen;
+}
diff --git a/common/rfb/Watermark.h b/common/rfb/Watermark.h
new file mode 100644
index 0000000..6cb493d
--- /dev/null
+++ b/common/rfb/Watermark.h
@@ -0,0 +1,43 @@
+/* Copyright (C) 2023 Kasm
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#ifndef WATERMARK_H
+#define WATERMARK_H
+
+#include
+#include
+
+struct watermarkInfo_t {
+ uint8_t *src;
+ uint16_t w, h;
+
+ int16_t x, y;
+ uint16_t repeat;
+
+ uint8_t r, g, b, a;
+};
+
+extern watermarkInfo_t watermarkInfo;
+
+bool watermarkInit();
+void packWatermark(const rfb::Region &changed); // filter and pack the watermark for sending
+
+extern uint8_t *watermarkData;
+extern uint32_t watermarkDataLen;
+
+#endif
diff --git a/debian/Makefile.to_fakebuild_tar_package b/debian/Makefile.to_fakebuild_tar_package
index c963323..a8f476c 100644
--- a/debian/Makefile.to_fakebuild_tar_package
+++ b/debian/Makefile.to_fakebuild_tar_package
@@ -22,8 +22,8 @@ install: unpack_tarball
cp $(SRC_BIN)/kasmxproxy $(DESTDIR)/usr/bin/
cp -r $(SRC)/lib/kasmvnc/ $(DESTDIR)/usr/lib/kasmvncserver
cp -r $(SRC)/share/doc/kasmvnc*/* $(DESTDIR)/usr/share/doc/kasmvncserver/
- rsync -r --exclude '.git*' --exclude po2js --exclude xgettext-html \
- --exclude www/utils/ --exclude .eslintrc \
+ rsync -r --links --safe-links --exclude '.git*' --exclude po2js \
+ --exclude xgettext-html --exclude www/utils/ --exclude .eslintrc \
$(SRC)/share/kasmvnc $(DESTDIR)/usr/share
sed -e 's/^\([^#]\)/# \1/' $(SRC)/share/kasmvnc/kasmvnc_defaults.yaml > \
$(DESTDIR)/etc/kasmvnc/kasmvnc.yaml
diff --git a/debian/changelog b/debian/changelog
index c5b92c2..9ec5a09 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+kasmvnc (1.1.0-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Kasm Technologies LLC Tue, 04 Apr 2023 13:52:14 +0000
+
kasmvnc (1.0.0-1) unstable; urgency=medium
* WebRTC UDP transit support with support of STUN servers
diff --git a/debian/control b/debian/control
index 55bba16..2c860c5 100644
--- a/debian/control
+++ b/debian/control
@@ -3,7 +3,7 @@ Section: x11
Priority: optional
Maintainer: Kasm Technologies LLC
Build-Depends: debhelper (>= 11), rsync, libjpeg-dev, libjpeg-dev, libpng-dev,
- libtiff-dev, libgif-dev, libavcodec-dev, libssl-dev, libgl1, libxfont2, libsm6, libxext-dev, libxrandr-dev, libxtst-dev, libxcursor-dev, libunwind8
+ libtiff-dev, libgif-dev, libavcodec-dev, libssl-dev, libgl1, libxfont2, libsm6, libxext-dev, libxrandr-dev, libxtst-dev, libxcursor-dev, libunwind8, libgbm-dev
Standards-Version: 4.1.3
Homepage: https://github.com/kasmtech/KasmVNC
#Vcs-Browser: https://salsa.debian.org/debian/kasmvnc
@@ -14,14 +14,14 @@ Architecture: amd64 arm64
Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends}, ssl-cert, xauth,
x11-xkb-utils, xkb-data, procps, libswitch-perl, libyaml-tiny-perl,
libhash-merge-simple-perl, libscalar-list-utils-perl, liblist-moreutils-perl,
- libtry-tiny-perl
+ libtry-tiny-perl, libgbm1
Provides: vnc-server
-Description: KasmVNC provides remote web-based access to a Desktop or application.
- While VNC is in the name, KasmVNC differs from other VNC variants such
- as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB
- specification which defines VNC, in order to support modern technologies
- and increase security. KasmVNC is accessed by users from any modern
- browser and does not support legacy VNC viewer applications. KasmVNC
- uses a modern YAML based configuration at the server and user level,
- allowing for ease of management. KasmVNC is maintained by Kasm
- Technologies Corp, www.kasmweb.com.
+Description: KasmVNC provides remote web-based access to a Desktop or application.
+ While VNC is in the name, KasmVNC differs from other VNC variants such
+ as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB
+ specification which defines VNC, in order to support modern technologies
+ and increase security. KasmVNC is accessed by users from any modern
+ browser and does not support legacy VNC viewer applications. KasmVNC
+ uses a modern YAML based configuration at the server and user level,
+ allowing for ease of management. KasmVNC is maintained by Kasm
+ Technologies Corp, www.kasmweb.com.
diff --git a/fedora/kasmvncserver.spec b/fedora/kasmvncserver.spec
new file mode 100644
index 0000000..7164c63
--- /dev/null
+++ b/fedora/kasmvncserver.spec
@@ -0,0 +1,126 @@
+Name: kasmvncserver
+Version: 1.1.0
+Release: 1%{?dist}
+Summary: VNC server accessible from a web browser
+
+License: GPLv2+
+URL: https://github.com/kasmtech/KasmVNC
+
+BuildRequires: rsync
+Requires: xorg-x11-xauth, xkeyboard-config, xkbcomp, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, mesa-libgbm, libxshmfence
+Conflicts: tigervnc-server, tigervnc-server-minimal
+
+%description
+KasmVNC provides remote web-based access to a Desktop or application.
+While VNC is in the name, KasmVNC differs from other VNC variants such
+as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB
+specification which defines VNC, in order to support modern technologies
+and increase security. KasmVNC is accessed by users from any modern
+browser and does not support legacy VNC viewer applications. KasmVNC
+uses a modern YAML based configuration at the server and user level,
+allowing for ease of management. KasmVNC is maintained by Kasm
+Technologies Corp, www.kasmweb.com.
+
+WARNING: this package requires EPEL.
+
+%prep
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+TARGET_OS=$(lsb_release -is | tr '[:upper:]' '[:lower:]')
+TARGET_OS_CODENAME=$(lsb_release -cs | tr '[:upper:]' '[:lower:]')
+TARBALL=$RPM_SOURCE_DIR/kasmvnc.${TARGET_OS}_${TARGET_OS_CODENAME}.tar.gz
+TAR_DATA=$(mktemp -d)
+tar -xzf "$TARBALL" -C "$TAR_DATA"
+
+SRC=$TAR_DATA/usr/local
+SRC_BIN=$SRC/bin
+DESTDIR=$RPM_BUILD_ROOT
+DST_MAN=$DESTDIR/usr/share/man/man1
+
+mkdir -p $DESTDIR/usr/bin $DESTDIR/usr/share/man/man1 \
+ $DESTDIR/usr/share/doc/kasmvncserver $DESTDIR/usr/lib \
+ $DESTDIR/usr/share/perl5 $DESTDIR/etc/kasmvnc
+
+cp $SRC_BIN/Xvnc $DESTDIR/usr/bin;
+cp $SRC_BIN/vncserver $DESTDIR/usr/bin;
+cp -a $SRC_BIN/KasmVNC $DESTDIR/usr/share/perl5/
+cp $SRC_BIN/vncconfig $DESTDIR/usr/bin;
+cp $SRC_BIN/kasmvncpasswd $DESTDIR/usr/bin;
+cp $SRC_BIN/kasmxproxy $DESTDIR/usr/bin;
+cp -r $SRC/lib/kasmvnc/ $DESTDIR/usr/lib/kasmvncserver
+cd $DESTDIR/usr/bin && ln -s kasmvncpasswd vncpasswd;
+cp -r $SRC/share/doc/kasmvnc*/* $DESTDIR/usr/share/doc/kasmvncserver/
+rsync -r --links --safe-links --exclude '.git*' --exclude po2js --exclude xgettext-html \
+ --exclude www/utils/ --exclude .eslintrc --exclude configure \
+ $SRC/share/kasmvnc $DESTDIR/usr/share
+
+sed -i -e 's!pem_certificate: .\+$!pem_certificate: /etc/pki/tls/private/kasmvnc.pem!' \
+ $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml
+sed -i -e 's!pem_key: .\+$!pem_key: /etc/pki/tls/private/kasmvnc.pem!' \
+ $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml
+sed -e 's/^\([^#]\)/# \1/' $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml > \
+ $DESTDIR/etc/kasmvnc/kasmvnc.yaml
+cp $SRC/man/man1/Xvnc.1 $DESTDIR/usr/share/man/man1/;
+cp $SRC/share/man/man1/vncserver.1 $DST_MAN;
+cp $SRC/share/man/man1/vncconfig.1 $DST_MAN;
+cp $SRC/share/man/man1/vncpasswd.1 $DST_MAN;
+cp $SRC/share/man/man1/kasmxproxy.1 $DST_MAN;
+cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
+
+
+%files
+%config(noreplace) /etc/kasmvnc
+
+/usr/bin/*
+/usr/lib/kasmvncserver
+/usr/share/man/man1/*
+/usr/share/perl5/KasmVNC
+/usr/share/kasmvnc
+
+%license /usr/share/doc/kasmvncserver/LICENSE.TXT
+%doc /usr/share/doc/kasmvncserver/README.md
+
+%changelog
+* Wed Apr 05 2023 KasmTech - 1.1.0-1
+- Upstream release
+* Tue Nov 29 2022 KasmTech - 1.0.0-1
+- WebRTC UDP transit support with support of STUN servers
+- Lossless compression using multi-threaded WASM QOI decoder client side
+- New yaml based configuration
+- Significantly improved FPS through both client-side and server-side improvements.
+- Support for the admin to define arbitrary http response headers for the built in web server
+- Support for additional mouse buttons
+- Refinement of vncserver checks and user prompts
+- Added send_full_frame to developer API, forces full frame to be sent to all connected users that have at least read permission.
+* Tue Mar 22 2022 KasmTech - 0.9.3~beta-1
+* Fri Feb 12 2021 KasmTech - 0.9.1~beta-1
+- Initial release of the rpm package.
+
+%post
+ kasmvnc_group="kasmvnc-cert"
+
+ create_kasmvnc_group() {
+ if ! getent group "$kasmvnc_group" >/dev/null; then
+ groupadd --system "$kasmvnc_group"
+ fi
+ }
+
+ make_self_signed_certificate() {
+ local cert_file=/etc/pki/tls/private/kasmvnc.pem
+ [ -f "$cert_file" ] && return 0
+
+ openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
+ -keyout "$cert_file" \
+ -out "$cert_file" -subj \
+ "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none"
+ chgrp "$kasmvnc_group" "$cert_file"
+ chmod 640 "$cert_file"
+ }
+
+ create_kasmvnc_group
+ make_self_signed_certificate
+
+%postun
+ rm -f /etc/pki/tls/private/kasmvnc.pem
diff --git a/kasmweb b/kasmweb
index 31b1a93..3873a59 160000
--- a/kasmweb
+++ b/kasmweb
@@ -1 +1 @@
-Subproject commit 31b1a93335c1cb4947d4eac06dd1311bb18f5022
+Subproject commit 3873a5994171f39c4acc92e2e05630584332d72d
diff --git a/opensuse/kasmvncserver.spec b/opensuse/kasmvncserver.spec
index 97bcaac..64b6a56 100644
--- a/opensuse/kasmvncserver.spec
+++ b/opensuse/kasmvncserver.spec
@@ -1,5 +1,5 @@
Name: kasmvncserver
-Version: 1.0.0
+Version: 1.1.0
Release: leap15
Summary: VNC server accessible from a web browser
@@ -7,18 +7,18 @@ License: GPLv2+
URL: https://github.com/kasmtech/KasmVNC
BuildRequires: rsync
-Requires: xauth, hostname, libxkbcommon-x11-0, xkeyboard-config, x11-tools, openssl, perl, libpixman-1-0, libjpeg8, libgomp1, libXfont2-2, libXdmcp6, libglvnd, xkbcomp, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny
+Requires: xauth, hostname, libxkbcommon-x11-0, xkeyboard-config, x11-tools, openssl, perl, libpixman-1-0, libjpeg8, libgomp1, libXfont2-2, libXdmcp6, libglvnd, xkbcomp, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, libgbm1, libxshmfence1
Conflicts: tigervnc, tigervnc-x11vnc
%description
-KasmVNC provides remote web-based access to a Desktop or application.
-While VNC is in the name, KasmVNC differs from other VNC variants such
-as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB
-specification which defines VNC, in order to support modern technologies
-and increase security. KasmVNC is accessed by users from any modern
-browser and does not support legacy VNC viewer applications. KasmVNC
-uses a modern YAML based configuration at the server and user level,
-allowing for ease of management. KasmVNC is maintained by Kasm
+KasmVNC provides remote web-based access to a Desktop or application.
+While VNC is in the name, KasmVNC differs from other VNC variants such
+as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB
+specification which defines VNC, in order to support modern technologies
+and increase security. KasmVNC is accessed by users from any modern
+browser and does not support legacy VNC viewer applications. KasmVNC
+uses a modern YAML based configuration at the server and user level,
+allowing for ease of management. KasmVNC is maintained by Kasm
Technologies Corp, www.kasmweb.com.
%prep
@@ -50,7 +50,7 @@ cp $SRC_BIN/kasmxproxy $DESTDIR/usr/bin;
cp -r $SRC/lib/kasmvnc/ $DESTDIR/usr/lib/kasmvncserver
cd $DESTDIR/usr/bin && ln -s kasmvncpasswd vncpasswd;
cp -r $SRC/share/doc/kasmvnc*/* $DESTDIR/usr/share/doc/kasmvncserver/
-rsync -r --exclude '.git*' --exclude po2js --exclude xgettext-html \
+rsync -r --links --safe-links --exclude '.git*' --exclude po2js --exclude xgettext-html \
--exclude www/utils/ --exclude .eslintrc --exclude configure \
$SRC/share/kasmvnc $DESTDIR/usr/share
@@ -81,6 +81,8 @@ cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
%doc /usr/share/doc/kasmvncserver/README.md
%changelog
+* Wed Apr 05 2023 KasmTech - 1.1.0-leap15
+- Upstream release
* Tue Nov 29 2022 KasmTech - 1.0.0-leap15
- WebRTC UDP transit support with support of STUN servers
- Lossless compression using multi-threaded WASM QOI decoder client side
diff --git a/oracle/kasmvncserver.spec b/oracle/kasmvncserver.spec
index ac8484b..5a0295f 100644
--- a/oracle/kasmvncserver.spec
+++ b/oracle/kasmvncserver.spec
@@ -1,5 +1,5 @@
Name: kasmvncserver
-Version: 1.0.0
+Version: 1.1.0
Release: 1%{?dist}
Summary: VNC server accessible from a web browser
@@ -7,18 +7,18 @@ License: GPLv2+
URL: https://github.com/kasmtech/KasmVNC
BuildRequires: rsync
-Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, hostname
+Requires: xorg-x11-xauth, xorg-x11-xkb-utils, xkeyboard-config, xorg-x11-server-utils, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, hostname, mesa-libgbm, libxshmfence
Conflicts: tigervnc-server, tigervnc-server-minimal
%description
-KasmVNC provides remote web-based access to a Desktop or application.
-While VNC is in the name, KasmVNC differs from other VNC variants such
-as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB
-specification which defines VNC, in order to support modern technologies
-and increase security. KasmVNC is accessed by users from any modern
-browser and does not support legacy VNC viewer applications. KasmVNC
-uses a modern YAML based configuration at the server and user level,
-allowing for ease of management. KasmVNC is maintained by Kasm
+KasmVNC provides remote web-based access to a Desktop or application.
+While VNC is in the name, KasmVNC differs from other VNC variants such
+as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB
+specification which defines VNC, in order to support modern technologies
+and increase security. KasmVNC is accessed by users from any modern
+browser and does not support legacy VNC viewer applications. KasmVNC
+uses a modern YAML based configuration at the server and user level,
+allowing for ease of management. KasmVNC is maintained by Kasm
Technologies Corp, www.kasmweb.com.
WARNING: this package requires EPEL and CodeReady builder.
@@ -51,7 +51,7 @@ cp $SRC_BIN/kasmxproxy $DESTDIR/usr/bin;
cp -r $SRC/lib/kasmvnc/ $DESTDIR/usr/lib/kasmvncserver
cd $DESTDIR/usr/bin && ln -s kasmvncpasswd vncpasswd;
cp -r $SRC/share/doc/kasmvnc*/* $DESTDIR/usr/share/doc/kasmvncserver/
-rsync -r --exclude '.git*' --exclude po2js --exclude xgettext-html \
+rsync -r --links --safe-links --exclude '.git*' --exclude po2js --exclude xgettext-html \
--exclude www/utils/ --exclude .eslintrc --exclude configure \
$SRC/share/kasmvnc $DESTDIR/usr/share
@@ -82,6 +82,8 @@ cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
%doc /usr/share/doc/kasmvncserver/README.md
%changelog
+* Wed Apr 05 2023 KasmTech - 1.1.0-1
+- Upstream release
* Tue Nov 29 2022 KasmTech - 1.0.0-1
- WebRTC UDP transit support with support of STUN servers
- Lossless compression using multi-threaded WASM QOI decoder client side
diff --git a/oracle/kasmvncserver9.spec b/oracle/kasmvncserver9.spec
new file mode 100644
index 0000000..780554c
--- /dev/null
+++ b/oracle/kasmvncserver9.spec
@@ -0,0 +1,125 @@
+Name: kasmvncserver
+Version: 1.1.0
+Release: 1%{?dist}
+Summary: VNC server accessible from a web browser
+
+License: GPLv2+
+URL: https://github.com/kasmtech/KasmVNC
+
+BuildRequires: rsync
+Requires: xorg-x11-xauth, xkeyboard-config, xorg-x11-server-utils, xkbcomp, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny, hostname, mesa-libgbm, libxshmfence
+Conflicts: tigervnc-server, tigervnc-server-minimal
+
+%description
+KasmVNC provides remote web-based access to a Desktop or application.
+While VNC is in the name, KasmVNC differs from other VNC variants such
+as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB
+specification which defines VNC, in order to support modern technologies
+and increase security. KasmVNC is accessed by users from any modern
+browser and does not support legacy VNC viewer applications. KasmVNC
+uses a modern YAML based configuration at the server and user level,
+allowing for ease of management. KasmVNC is maintained by Kasm
+Technologies Corp, www.kasmweb.com.
+
+WARNING: this package requires EPEL and CodeReady builder.
+
+%prep
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+TARGET_OS=$KASMVNC_BUILD_OS
+TARGET_OS_CODENAME=$KASMVNC_BUILD_OS_CODENAME
+TARBALL=$RPM_SOURCE_DIR/kasmvnc.${TARGET_OS}_${TARGET_OS_CODENAME}.tar.gz
+TAR_DATA=$(mktemp -d)
+tar -xzf "$TARBALL" -C "$TAR_DATA"
+
+SRC=$TAR_DATA/usr/local
+SRC_BIN=$SRC/bin
+DESTDIR=$RPM_BUILD_ROOT
+DST_MAN=$DESTDIR/usr/share/man/man1
+
+mkdir -p $DESTDIR/usr/bin $DESTDIR/usr/share/man/man1 \
+ $DESTDIR/usr/share/doc/kasmvncserver $DESTDIR/usr/lib \
+ $DESTDIR/usr/share/perl5 $DESTDIR/etc/kasmvnc
+cp $SRC_BIN/Xvnc $DESTDIR/usr/bin;
+cp $SRC_BIN/vncserver $DESTDIR/usr/bin;
+cp -a $SRC_BIN/KasmVNC $DESTDIR/usr/share/perl5
+cp $SRC_BIN/vncconfig $DESTDIR/usr/bin;
+cp $SRC_BIN/kasmvncpasswd $DESTDIR/usr/bin;
+cp $SRC_BIN/kasmxproxy $DESTDIR/usr/bin;
+cp -r $SRC/lib/kasmvnc/ $DESTDIR/usr/lib/kasmvncserver
+cd $DESTDIR/usr/bin && ln -s kasmvncpasswd vncpasswd;
+cp -r $SRC/share/doc/kasmvnc*/* $DESTDIR/usr/share/doc/kasmvncserver/
+rsync -r --links --safe-links --exclude '.git*' --exclude po2js --exclude xgettext-html \
+ --exclude www/utils/ --exclude .eslintrc --exclude configure \
+ $SRC/share/kasmvnc $DESTDIR/usr/share
+
+sed -i -e 's!pem_certificate: .\+$!pem_certificate: /etc/pki/tls/private/kasmvnc.pem!' \
+ $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml
+sed -i -e 's!pem_key: .\+$!pem_key: /etc/pki/tls/private/kasmvnc.pem!' \
+ $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml
+sed -e 's/^\([^#]\)/# \1/' $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml > \
+ $DESTDIR/etc/kasmvnc/kasmvnc.yaml
+cp $SRC/man/man1/Xvnc.1 $DESTDIR/usr/share/man/man1/;
+cp $SRC/share/man/man1/vncserver.1 $DST_MAN;
+cp $SRC/share/man/man1/vncconfig.1 $DST_MAN;
+cp $SRC/share/man/man1/vncpasswd.1 $DST_MAN;
+cp $SRC/share/man/man1/kasmxproxy.1 $DST_MAN;
+cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
+
+
+%files
+%config(noreplace) /etc/kasmvnc
+
+/usr/bin/*
+/usr/lib/kasmvncserver
+/usr/share/man/man1/*
+/usr/share/perl5/KasmVNC
+/usr/share/kasmvnc
+
+%license /usr/share/doc/kasmvncserver/LICENSE.TXT
+%doc /usr/share/doc/kasmvncserver/README.md
+
+%changelog
+* Wed Apr 05 2023 KasmTech - 1.1.0-1
+- Upstream release
+* Tue Nov 29 2022 KasmTech - 1.0.0-1
+- WebRTC UDP transit support with support of STUN servers
+- Lossless compression using multi-threaded WASM QOI decoder client side
+- New yaml based configuration
+- Significantly improved FPS through both client-side and server-side improvements.
+- Support for the admin to define arbitrary http response headers for the built in web server
+- Support for additional mouse buttons
+- Refinement of vncserver checks and user prompts
+- Added send_full_frame to developer API, forces full frame to be sent to all connected users that have at least read permission.
+* Tue Mar 22 2022 KasmTech - 0.9.3~beta-1
+* Fri Feb 12 2021 KasmTech - 0.9.1~beta-1
+- Initial release of the rpm package.
+
+%post
+ kasmvnc_group="kasmvnc-cert"
+
+ create_kasmvnc_group() {
+ if ! getent group "$kasmvnc_group" >/dev/null; then
+ groupadd --system "$kasmvnc_group"
+ fi
+ }
+
+ make_self_signed_certificate() {
+ local cert_file=/etc/pki/tls/private/kasmvnc.pem
+ [ -f "$cert_file" ] && return 0
+
+ openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
+ -keyout "$cert_file" \
+ -out "$cert_file" -subj \
+ "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none"
+ chgrp "$kasmvnc_group" "$cert_file"
+ chmod 640 "$cert_file"
+ }
+
+ create_kasmvnc_group
+ make_self_signed_certificate
+
+%postun
+ rm -f /etc/pki/tls/private/kasmvnc.pem
diff --git a/spec/fixtures/defaults_config.yaml b/spec/fixtures/defaults_config.yaml
index 71b57fe..b40d6de 100644
--- a/spec/fixtures/defaults_config.yaml
+++ b/spec/fixtures/defaults_config.yaml
@@ -4,6 +4,9 @@ desktop:
height: 768
allow_resize: true
pixel_depth: 24
+ gpu:
+ hw3d: false
+ drinode: /dev/dri/renderD128
network:
protocol: http
@@ -42,6 +45,11 @@ data_loss_prevention:
keyboard:
enabled: true
rate_limit: unlimited
+ watermark:
+ # image: /etc/kasmvnc/picture.png
+ # location: 10,10
+ # tint: 255,20,20,128
+ # repeat_spacing: 10
logging:
level: off
diff --git a/unix/KasmVNC/Config.pm b/unix/KasmVNC/Config.pm
index 7bcfdc2..78d49d3 100644
--- a/unix/KasmVNC/Config.pm
+++ b/unix/KasmVNC/Config.pm
@@ -8,6 +8,8 @@ use Data::Dumper;
use Hash::Merge::Simple;
use KasmVNC::Utils;
+our $logger;
+
sub merge {
my @configsToMerge = map { $_->{data} } @_;
my $mergedConfig = Hash::Merge::Simple::merge(@configsToMerge) // {};
@@ -31,7 +33,13 @@ sub load {
failIfConfigNotReadable($self->{filename});
- $self->{data} = YAML::Tiny->read($self->{filename})->[0];
+ $logger->debug("Loading config " . $self->{filename});
+ my $yamlDocuments = YAML::Tiny->read($self->{filename});
+ unless (defined $yamlDocuments) {
+ die "Couldn't load config: $self->{filename}. Probable reason: No newline at end of file\n";
+ }
+
+ $self->{data} = $yamlDocuments->[0];
}
sub get {
diff --git a/unix/KasmVNC/Logger.pm b/unix/KasmVNC/Logger.pm
index b8e64af..e5ab497 100644
--- a/unix/KasmVNC/Logger.pm
+++ b/unix/KasmVNC/Logger.pm
@@ -8,9 +8,18 @@ use Data::Dumper;
sub new {
my ($class, $args) = @_;
my $self = bless {
+ level => $args->{level} // "warn"
}, $class;
}
+sub debug {
+ my $self = shift;
+
+ return unless ($self->{level} eq "debug");
+
+ say { *STDERR } @_;
+}
+
sub warn {
my $self = shift;
diff --git a/unix/kasmvnc_defaults.yaml b/unix/kasmvnc_defaults.yaml
index a4997e2..f498364 100644
--- a/unix/kasmvnc_defaults.yaml
+++ b/unix/kasmvnc_defaults.yaml
@@ -5,6 +5,9 @@ desktop:
height: 768
allow_resize: true
pixel_depth: 24
+ gpu:
+ hw3d: false
+ drinode: /dev/dri/renderD128
network:
protocol: http
@@ -84,9 +87,13 @@ data_loss_prevention:
keyboard:
enabled: true
rate_limit: unlimited
- # "verbose" SETTING LOGS YOUR PRIVATE INFORMATION. Keypresses and clipboard
- # content.
+ watermark:
+ # image: /etc/kasmvnc/picture.png
+ # location: 10,10
+ # tint: 255,20,20,128
+ # repeat_spacing: 10
logging:
+ # "verbose" SETTING LOGS YOUR PRIVATE INFORMATION. Keypresses and clipboard content
level: off
encoding:
diff --git a/unix/vncserver b/unix/vncserver
index cae50ac..cfb0e0e 100755
--- a/unix/vncserver
+++ b/unix/vncserver
@@ -1171,6 +1171,7 @@ sub DefineFilePathsAndStuff {
$KasmVNC::Users::vncPasswdBin = $exedir . "kasmvncpasswd";
$KasmVNC::Users::logger = $logger;
+ $KasmVNC::Config::logger = $logger;
$vncSystemConfigDir = "/etc/kasmvnc";
if ($ENV{KASMVNC_DEVELOPMENT}) {
@@ -1720,6 +1721,50 @@ sub DefineConfigToCLIConversion {
$value;
}
}),
+ KasmVNC::CliOption->new({
+ name => 'DLP_WatermarkImage',
+ configKeys => [
+ KasmVNC::ConfigKey->new({
+ name => "data_loss_prevention.watermark.image",
+ type => KasmVNC::ConfigKey::ANY
+ })
+ ]
+ }),
+ KasmVNC::CliOption->new({
+ name => 'DLP_WatermarkLocation',
+ configKeys => [
+ KasmVNC::ConfigKey->new({
+ name => "data_loss_prevention.watermark.location",
+ type => KasmVNC::ConfigKey::ANY,
+ validator => KasmVNC::PatternValidator->new({
+ pattern => qr/^\d+,\d+$/,
+ errorMessage => "Must be an x and y offset separated by a comma: 10,10"
+ })
+ })
+ ]
+ }),
+ KasmVNC::CliOption->new({
+ name => 'DLP_WatermarkTint',
+ configKeys => [
+ KasmVNC::ConfigKey->new({
+ name => "data_loss_prevention.watermark.tint",
+ type => KasmVNC::ConfigKey::ANY,
+ validator => KasmVNC::PatternValidator->new({
+ pattern => qr/^\d{1,3},\d{1,3},\d{1,3},\d{1,3}$/,
+ errorMessage => "Must be RBGA formatted: 255,255,255,128"
+ })
+ })
+ ]
+ }),
+ KasmVNC::CliOption->new({
+ name => 'DLP_WatermarkRepeatSpace',
+ configKeys => [
+ KasmVNC::ConfigKey->new({
+ name => "data_loss_prevention.watermark.repeat_spacing",
+ type => KasmVNC::ConfigKey::INT
+ })
+ ]
+ }),
KasmVNC::CliOption->new({
name => 'DLP_Log',
configKeys => [
@@ -1979,7 +2024,7 @@ sub DefineConfigToCLIConversion {
$self = shift;
my @values = @{ listify($self->configValues()) };
-
+
my $valuesStr = "";
foreach $value (@values) {
$valuesStr = $valuesStr . "-http-header '$value' "
@@ -2242,6 +2287,39 @@ sub DefineConfigToCLIConversion {
isPresent($value) && $value ne 'auto';
}
}),
+ KasmVNC::CliOption->new({
+ name => 'hw3d',
+ configKeys => [
+ KasmVNC::ConfigKey->new({
+ name => "desktop.gpu.hw3d",
+ type => KasmVNC::ConfigKey::BOOLEAN
+ })
+ ],
+ toStringSub => sub {
+ $self = shift;
+ my $value = $self->configValue();
+
+ switch($value) {
+ case 'true' {
+ $valuesStr = '-hw3d ';
+ }
+ case 'false' {
+ $valuesStr = ' ';
+ }
+ }
+
+ return $valuesStr;
+ }
+ }),
+ KasmVNC::CliOption->new({
+ name => 'drinode',
+ configKeys => [
+ KasmVNC::ConfigKey->new({
+ name => "desktop.gpu.drinode",
+ type => KasmVNC::ConfigKey::ANY
+ })
+ ]
+ }),
);
%cliArgMap = map { ("-" . $_->{name}) => $_ } @xvncOptions;
@@ -2754,5 +2832,6 @@ sub SetAppSettingsFromConfigAndCli {
}
sub InitLogger {
- $logger = KasmVNC::Logger->new();
+ my $debugEnabled = any { $_ eq "-debug" } @ARGV;
+ $logger = KasmVNC::Logger->new({ level => $debugEnabled ? "debug" : "warn" });
}
diff --git a/unix/xserver/.gitignore b/unix/xserver/.gitignore
new file mode 100644
index 0000000..9bfed6b
--- /dev/null
+++ b/unix/xserver/.gitignore
@@ -0,0 +1,4 @@
+/*
+!/hw
+/hw/*
+!/hw/vnc
diff --git a/unix/xserver/hw/vnc/Makefile.am b/unix/xserver/hw/vnc/Makefile.am
index 4a4958e..0a2f93d 100644
--- a/unix/xserver/hw/vnc/Makefile.am
+++ b/unix/xserver/hw/vnc/Makefile.am
@@ -30,10 +30,14 @@ bin_PROGRAMS = Xvnc
man1_MANS = Xvnc.man
-Xvnc_SOURCES = xvnc.c \
+Xvnc_SOURCES = xvnc.c dri3.c \
$(top_srcdir)/Xi/stubs.c $(top_srcdir)/mi/miinitext.c \
$(top_srcdir)/fb/fbcmap_mi.c buildtime.c
+if DRI3
+XVNC_SYS_LIBS += -lgbm
+endif
+
# Xvnc contains no C++ sources so automake doesn't understand that we
# need to use the C++ compiler to link things. This is the upstream
# recommendation for coaxing automake.
@@ -44,7 +48,8 @@ Xvnc_CPPFLAGS = $(XVNC_CPPFLAGS) -DKASMVNC -DNO_MODULE_EXTS \
-DXVNCEXTRAVERSION="\".$(KASMVNC_COMMIT_ID)\"" \
-DXFree86Server -DVENDOR_RELEASE="$(VENDOR_RELEASE)" \
-DVENDOR_STRING="\"$(VENDOR_STRING)\"" -I$(KASMVNC_SRCDIR)/common -I$(KASMVNC_SRCDIR)/unix/common \
- -I$(top_srcdir)/include ${XSERVERLIBS_CFLAGS} -I$(includedir)
+ -I$(top_srcdir)/include ${XSERVERLIBS_CFLAGS} -I$(includedir) \
+ -I$(top_srcdir)/dri3 @LIBDRM_CFLAGS@
Xvnc_LDADD = $(XVNC_LIBS) libvnccommon.la $(COMMON_LIBS) \
$(XSERVER_LIBS) $(XSERVER_SYS_LIBS) $(XVNC_SYS_LIBS) -lX11 -lwebp -lssl -lcrypto -lcrypt
diff --git a/unix/xserver/hw/vnc/Xvnc.man b/unix/xserver/hw/vnc/Xvnc.man
index 798481a..286d1df 100644
--- a/unix/xserver/hw/vnc/Xvnc.man
+++ b/unix/xserver/hw/vnc/Xvnc.man
@@ -286,6 +286,15 @@ be either \fB0\fP (off), \fB1\fP (always) or \fB2\fP (auto). Default is
\fB2\fP.
.
.TP
+.B \-hw3d
+Enable hardware 3d acceleration. Default is software (llvmpipe usually).
+.
+.TP
+.B \-drinode \fIpath\fP
+Use another path instead of /dev/dri/renderD128. You may need this if you have
+more than one GPU.
+.
+.TP
.B \-ZlibLevel \fIlevel\fP
Zlib compression level for ZRLE encoding (it does not affect Tight encoding).
Acceptable values are between 0 and 9. Default is to use the standard
@@ -346,6 +355,28 @@ Log clipboard and keyboard actions. Info logs just clipboard direction and size,
verbose adds the contents for both.
.
.TP
+.B \-DLP_WatermarkImage \fIpath/to/file.png\fP
+Add a watermark. The PNG file should be greyscale, black is treated as transparent
+and white as opaque.
+.
+.TP
+.B \-DLP_WatermarkLocation \fIx,y\fP
+Place the watermark at this position from the corner. Positive numbers are from top-left,
+negative from bottom-right. Negative numbers count from the bottom-right edge of the image.
+If not set, the watermark will be centered. Cannot be used together with repeat.
+.
+.TP
+.B \-DLP_WatermarkRepeatSpace \fInum\fP
+If set, repeat the watermark over the entire image, with \fBnum\fP pixels between
+repetitions. Cannot be used together with location.
+.
+.TP
+.B \-DLP_WatermarkTint \fIr,g,b,a\fP
+Tint the greyscale watermark by this color. Default is 255,255,255,255 - full white.
+The color components can be used to colorize the greyscale watermark, and the alpha
+can be used to make it fainter.
+.
+.TP
.B \-selfBench
Run a set of self-benchmarks and exit.
.
diff --git a/unix/xserver/hw/vnc/dri3.c b/unix/xserver/hw/vnc/dri3.c
new file mode 100644
index 0000000..d0540de
--- /dev/null
+++ b/unix/xserver/hw/vnc/dri3.c
@@ -0,0 +1,279 @@
+/* Copyright (c) 2023 Kasm
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+*/
+
+#ifdef HAVE_DIX_CONFIG_H
+#include
+#endif
+
+#ifdef DRI3
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+extern const char *driNode;
+
+static struct priv_t {
+ struct gbm_device *gbm;
+ int fd;
+} priv;
+
+struct gbm_pixmap {
+ struct gbm_bo *bo;
+};
+
+typedef struct gbm_pixmap gbm_pixmap;
+
+static DevPrivateKeyRec dri3_pixmap_private_key;
+static struct timeval start;
+
+
+
+static int
+xvnc_dri3_open_client(ClientPtr client,
+ ScreenPtr screen,
+ RRProviderPtr provider,
+ int *pfd)
+{
+ int fd = open(driNode, O_RDWR | O_CLOEXEC);
+ if (fd < 0)
+ return BadAlloc;
+ *pfd = fd;
+ return Success;
+}
+
+static uint32_t
+gbm_format_for_depth(CARD8 depth)
+{
+ switch (depth) {
+ case 16:
+ return GBM_FORMAT_RGB565;
+ case 24:
+ return GBM_FORMAT_XRGB8888;
+ case 30:
+ return GBM_FORMAT_ARGB2101010;
+ default:
+ ErrorF("unexpected depth: %d\n", depth);
+ /* fallthrough */
+ case 32:
+ return GBM_FORMAT_ARGB8888;
+ }
+
+}
+
+static void dri3_pixmap_set_private(PixmapPtr pixmap, gbm_pixmap *gp)
+{
+ dixSetPrivate(&pixmap->devPrivates, &dri3_pixmap_private_key, gp);
+}
+
+static gbm_pixmap *gbm_pixmap_get(PixmapPtr pixmap)
+{
+ return dixLookupPrivate(&pixmap->devPrivates, &dri3_pixmap_private_key);
+}
+
+static PixmapPtr
+create_pixmap_for_bo(ScreenPtr screen, struct gbm_bo *bo, CARD8 depth)
+{
+ PixmapPtr pixmap;
+
+ gbm_pixmap *gp = calloc(1, sizeof(gbm_pixmap));
+ if (!gp)
+ return NULL;
+
+ pixmap = screen->CreatePixmap(screen, gbm_bo_get_width(bo), gbm_bo_get_height(bo),
+ depth, CREATE_PIXMAP_USAGE_SCRATCH);
+ if (!pixmap)
+ return NULL;
+
+ gp->bo = bo;
+ dri3_pixmap_set_private(pixmap, gp);
+
+ return pixmap;
+}
+
+static PixmapPtr
+xvnc_pixmap_from_fds(ScreenPtr screen, CARD8 num_fds, const int *fds,
+ CARD16 width, CARD16 height,
+ const CARD32 *strides, const CARD32 *offsets,
+ CARD8 depth, CARD8 bpp, uint64_t modifier)
+{
+ struct gbm_bo *bo = NULL;
+ PixmapPtr pixmap;
+
+ if (width == 0 || height == 0 || num_fds == 0 ||
+ depth < 15 || bpp != BitsPerPixel(depth) ||
+ strides[0] < width * bpp / 8)
+ return NULL;
+
+ if (num_fds == 1) {
+ struct gbm_import_fd_data data;
+
+ data.fd = fds[0];
+ data.width = width;
+ data.height = height;
+ data.stride = strides[0];
+ data.format = gbm_format_for_depth(depth);
+ bo = gbm_bo_import(priv.gbm, GBM_BO_IMPORT_FD, &data,
+ GBM_BO_USE_RENDERING);
+ if (!bo)
+ return NULL;
+ } else {
+ return NULL;
+ }
+
+ pixmap = create_pixmap_for_bo(screen, bo, depth);
+ if (pixmap == NULL) {
+ gbm_bo_destroy(bo);
+ return NULL;
+ }
+
+ return pixmap;
+}
+
+static int
+xvnc_fds_from_pixmap(ScreenPtr screen, PixmapPtr pixmap, int *fds,
+ uint32_t *strides, uint32_t *offsets,
+ uint64_t *modifier)
+{
+ gbm_pixmap *gp = gbm_pixmap_get(pixmap);
+ if (!gp)
+ return 0;
+
+ fds[0] = gbm_bo_get_fd(gp->bo);
+ strides[0] = gbm_bo_get_stride(gp->bo);
+ offsets[0] = 0;
+ *modifier = DRM_FORMAT_MOD_INVALID;
+
+ return 1;
+}
+
+static Bool
+xvnc_get_formats(ScreenPtr screen,
+ CARD32 *num_formats, CARD32 **formats)
+{
+ ErrorF("xvnc_get_formats\n");
+ return FALSE;
+}
+
+static Bool
+xvnc_get_modifiers(ScreenPtr screen, uint32_t format,
+ uint32_t *num_modifiers, uint64_t **modifiers)
+{
+ ErrorF("xvnc_get_modifiers\n");
+ return FALSE;
+}
+
+static Bool
+xvnc_get_drawable_modifiers(DrawablePtr draw, uint32_t format,
+ uint32_t *num_modifiers, uint64_t **modifiers)
+{
+ ErrorF("xvnc_get_drawable_modifiers\n");
+ return FALSE;
+}
+
+static const dri3_screen_info_rec xvnc_dri3_info = {
+ .version = 2,
+ .open = NULL,
+ .pixmap_from_fds = xvnc_pixmap_from_fds,
+ .fds_from_pixmap = xvnc_fds_from_pixmap,
+ .open_client = xvnc_dri3_open_client,
+ .get_formats = xvnc_get_formats,
+ .get_modifiers = xvnc_get_modifiers,
+ .get_drawable_modifiers = xvnc_get_drawable_modifiers,
+};
+
+void xvnc_sync_dri3_pixmap(PixmapPtr pixmap)
+{
+ // There doesn't seem to be a good hook or sync point, so we do it manually
+ // here, right before Present copies from the pixmap
+ DrawablePtr pDraw;
+ GCPtr gc;
+ void *ptr;
+ uint32_t stride, w, h;
+ void *opaque = NULL;
+
+ // We may not be running on hw if there's a compositor using PRESENT on llvmpipe
+ if (!driNode)
+ return;
+
+ gbm_pixmap *gp = gbm_pixmap_get(pixmap);
+ if (!gp) {
+ //ErrorF("Present tried to copy from a non-dri3 pixmap\n");
+ return;
+ }
+
+ w = gbm_bo_get_width(gp->bo);
+ h = gbm_bo_get_height(gp->bo);
+
+ ptr = gbm_bo_map(gp->bo, 0, 0, w, h,
+ GBM_BO_TRANSFER_READ, &stride, &opaque);
+ if (!ptr) {
+ ErrorF("gbm map failed, errno %d\n", errno);
+ return;
+ }
+
+ pDraw = &pixmap->drawable;
+ if ((gc = GetScratchGC(pDraw->depth, pDraw->pScreen))) {
+ ValidateGC(pDraw, gc);
+ //gc->ops->PutImage(pDraw, gc, pDraw->depth, 0, 0, w, h, 0, ZPixmap, data);
+ fbPutZImage(pDraw, fbGetCompositeClip(gc), gc->alu, fbGetGCPrivate(gc)->pm,
+ 0, 0, w, h, ptr, stride / sizeof(FbStip));
+ FreeScratchGC(gc);
+ }
+
+ gbm_bo_unmap(gp->bo, opaque);
+}
+
+void xvnc_init_dri3(void)
+{
+ memset(&priv, 0, sizeof(priv));
+
+ gettimeofday(&start, NULL);
+
+ if (!dixRegisterPrivateKey(&dri3_pixmap_private_key, PRIVATE_PIXMAP, 0))
+ FatalError("dix\n");
+
+ if (!driNode)
+ driNode = "/dev/dri/renderD128";
+
+ priv.fd = open(driNode, O_RDWR | O_CLOEXEC);
+ if (!priv.fd)
+ FatalError("Failed to open %s\n", driNode);
+
+ priv.gbm = gbm_create_device(priv.fd);
+ if (!priv.gbm)
+ FatalError("Failed to create gbm\n");
+
+ if (!dri3_screen_init(screenInfo.screens[0], &xvnc_dri3_info))
+ FatalError("Couldn't init dri3\n");
+}
+
+#endif // DRI3
diff --git a/unix/xserver/hw/vnc/vncExtInit.cc b/unix/xserver/hw/vnc/vncExtInit.cc
index b676d32..c8ea188 100644
--- a/unix/xserver/hw/vnc/vncExtInit.cc
+++ b/unix/xserver/hw/vnc/vncExtInit.cc
@@ -37,6 +37,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -232,6 +233,9 @@ void vncExtensionInit(void)
dummyY < 16)
vncFatalError("Invalid value to %s", Server::maxVideoResolution.getName());
+ if (!watermarkInit())
+ vncFatalError("Invalid watermark params");
+
pipe(wakeuppipe);
const int flags = fcntl(wakeuppipe[0], F_GETFL, 0);
fcntl(wakeuppipe[0], F_SETFL, flags | O_NONBLOCK);
diff --git a/unix/xserver/hw/vnc/vncExtInit.h b/unix/xserver/hw/vnc/vncExtInit.h
index 3dfb44a..f9934cc 100644
--- a/unix/xserver/hw/vnc/vncExtInit.h
+++ b/unix/xserver/hw/vnc/vncExtInit.h
@@ -51,7 +51,7 @@ struct dlp_mimetype_t {
char mime[32];
};
-unsigned dlp_num_mimetypes();
+unsigned dlp_num_mimetypes(void);
const char *dlp_get_mimetype(const unsigned i);
extern int vncInetdSock;
@@ -70,7 +70,7 @@ int vncGetSendPrimary(void);
void vncUpdateDesktopName(void);
void vncAnnounceClipboard(int available);
-void vncClearBinaryClipboardData();
+void vncClearBinaryClipboardData(void);
void vncSendBinaryClipboardData(const char* mime, const unsigned char *data,
const unsigned len);
void vncGetBinaryClipboardData(const char *mime, const unsigned char **ptr,
diff --git a/unix/xserver/hw/vnc/xvnc.c b/unix/xserver/hw/vnc/xvnc.c
index 473ef81..f96de12 100644
--- a/unix/xserver/hw/vnc/xvnc.c
+++ b/unix/xserver/hw/vnc/xvnc.c
@@ -75,6 +75,12 @@ from the X Consortium.
#include
#include
#endif /* HAS_SHM */
+#ifdef MITSHM
+#include "shmint.h"
+#endif
+#ifdef HAVE_XSHMFENCE
+#include
+#endif
#include "dix.h"
#include "os.h"
#include "miline.h"
@@ -90,7 +96,7 @@ from the X Consortium.
#include "version-config.h"
#include "site.h"
-#define XVNCVERSION "KasmVNC 0.9"
+#define XVNCVERSION "KasmVNC 1.1.0"
#define XVNCCOPYRIGHT ("Copyright (C) 1999-2018 KasmVNC Team and many others (see README.me)\n" \
"See http://kasmweb.com for information on KasmVNC.\n")
@@ -152,6 +158,8 @@ typedef enum { NORMAL_MEMORY_FB, SHARED_MEMORY_FB } fbMemType;
static fbMemType fbmemtype = NORMAL_MEMORY_FB;
static int lastScreen = -1;
static Bool Render = TRUE;
+static Bool hw3d = FALSE;
+const char *driNode = NULL;
static Bool displaySpecified = FALSE;
static char displayNumStr[16];
@@ -420,6 +428,8 @@ void ddxUseMsg(void)
ErrorF("+/-render turn on/off RENDER extension support"
"(default on)\n");
#endif
+ ErrorF("-hw3d enable hardware 3d acceleration\n");
+ ErrorF("-drinode path use another card than /dev/dri/renderD128\n");
ErrorF("-linebias n adjust thin line pixelization\n");
ErrorF("-blackpixel n pixel value for black\n");
ErrorF("-whitepixel n pixel value for white\n");
@@ -560,6 +570,20 @@ ddxProcessArgument(int argc, char *argv[], int i)
return 1;
}
+ if (strcmp (argv[i], "-hw3d") == 0)
+ {
+ hw3d = TRUE;
+ return 1;
+ }
+
+ if (strcmp (argv[i], "-drinode") == 0)
+ {
+ fail_unless_args(argc, i, 1);
+ ++i;
+ driNode = argv[i];
+ return 2;
+ }
+
if (strcmp (argv[i], "-blackpixel") == 0) /* -blackpixel n */
{
Pixel pix;
@@ -1563,7 +1587,7 @@ int vncRandRCreateScreenOutputs(int scrIdx, int extraOutputs)
/* Creating and modifying modes, used by XserverDesktop and init here */
-int vncRandRCanCreateModes()
+int vncRandRCanCreateModes(void)
{
return 1;
}
@@ -1772,6 +1796,15 @@ vfbScreenInit(ScreenPtr pScreen, int argc, char **argv)
ret = fbPictureInit (pScreen, 0, 0);
#endif
+#ifdef MITSHM
+ ShmRegisterFbFuncs(pScreen);
+#endif
+
+#ifdef HAVE_XSHMFENCE
+ if (!miSyncShmScreenInit(pScreen))
+ return FALSE;
+#endif
+
if (!ret) return FALSE;
#if XORG < 110
@@ -1871,8 +1904,8 @@ static void vfbClientStateChange(CallbackListPtr *a, void *b, void *c) {
dispatchException &= ~DE_RESET;
}
}
-
-#if XORG >= 113
+
+#if XORG >= 113 && XORG < 120
#ifdef GLXEXT
extern void GlxExtensionInit(void);
@@ -1884,6 +1917,10 @@ static ExtensionModule glxExt = {
#endif
#endif
+#ifdef DRI3
+extern void xvnc_init_dri3(void);
+#endif
+
void
InitOutput(ScreenInfo *scrInfo, int argc, char **argv)
{
@@ -1960,6 +1997,14 @@ InitOutput(ScreenInfo *scrInfo, int argc, char **argv)
if (!AddCallback(&ClientStateCallback, vfbClientStateChange, 0)) {
FatalError("AddCallback failed\n");
}
+
+ if (hw3d) {
+#ifdef DRI3
+ xvnc_init_dri3();
+#else
+ FatalError("DRI3 disabled at compile time\n");
+#endif
+ }
} /* end InitOutput */
/* this is just to get the server to link on AIX */
diff --git a/unix/xserver120.patch b/unix/xserver120.patch
index 237e1e3..bd9f3ea 100644
--- a/unix/xserver120.patch
+++ b/unix/xserver120.patch
@@ -80,3 +80,34 @@ Index: xserver/mi/miinitext.c
{GEExtensionInit, "Generic Event Extension", &noGEExtension},
{ShapeExtensionInit, "SHAPE", NULL},
#ifdef MITSHM
+--- xserver.orig/dri3/Makefile.am 2019-02-26 21:28:50.000000000 +0200
++++ xserver/dri3/Makefile.am 2023-01-18 11:55:45.315851638 +0200
+@@ -1,7 +1,7 @@
+ noinst_LTLIBRARIES = libdri3.la
+ AM_CFLAGS = \
+ -DHAVE_XORG_CONFIG_H \
+- @DIX_CFLAGS@ @XORG_CFLAGS@
++ @DIX_CFLAGS@ @XORG_CFLAGS@ @LIBDRM_CFLAGS@
+
+ libdri3_la_SOURCES = \
+ dri3.h \
+--- xserver.orig/present/present.c 2019-02-26 21:28:50.000000000 +0200
++++ xserver/present/present.c 2023-01-20 11:32:27.175493594 +0200
+@@ -27,6 +27,8 @@
+ #include "present_priv.h"
+ #include
+
++void xvnc_sync_dri3_pixmap(PixmapPtr pixmap);
++
+ /*
+ * Returns:
+ * TRUE if the first MSC value is equal to or after the second one
+@@ -79,6 +81,8 @@
+ ScreenPtr screen = drawable->pScreen;
+ GCPtr gc;
+
++ xvnc_sync_dri3_pixmap(pixmap);
++
+ gc = GetScratchGC(drawable->depth, screen);
+ if (update) {
+ ChangeGCVal changes[2];