diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..24473de --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: '' +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/installation-issue.md b/.github/ISSUE_TEMPLATE/installation-issue.md new file mode 100644 index 0000000..5754dcc --- /dev/null +++ b/.github/ISSUE_TEMPLATE/installation-issue.md @@ -0,0 +1,27 @@ +--- +name: Installation Issue +about: Create a report about an installation issue +title: '' +labels: '' +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the issue is. + +**System Description** +Provide the output of +```bash +cat /etc/os-release +uname -a +``` + +**KasmVNC Details** +Provide the filename of the package you installed KasmVNC with. The filename includes important details like the OS, architecture, and commit sha. + +**Installation Details** +Provide the commands used to install the KasmVNC package and the output of those commands. + +**Additional context** +Add any other context about the problem here. \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/report-a-bug-or-issue-with-kasmvnc.md b/.github/ISSUE_TEMPLATE/report-a-bug-or-issue-with-kasmvnc.md new file mode 100644 index 0000000..0b2a7c3 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/report-a-bug-or-issue-with-kasmvnc.md @@ -0,0 +1,46 @@ +--- +name: Report a bug or issue with KasmVNC +about: Create a bug/issue report on KasmVNC +title: '' +labels: '' +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the issue is. + +**System Description** +Provide the output of +```bash +cat /etc/os-release +uname -a +``` + +**KasmVNC Details** +Provide the filename of the package you installed KasmVNC with. The filename includes important details like the OS, architecture, and commit sha. + +Provide the output of this command. +```bash +Xvnc -version +``` + +**To Reproduce** +Steps to reproduce the behavior (for non-installation issues): +1. Go to '...' +2. Click on '....' +3. Scroll down to '....' +4. See error + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Browser** +If this is a problem with the KasmVNC client, provide details about the browser you are accessing KasmVNC from. + - Device: [e.g. iPhone6] + - OS: [e.g. Windows 11] + - Browser [e.g. chrome, safari, edge] + - Version [e.g. 22] + +**Additional context** +Add any other context about the problem here. \ No newline at end of file diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9f99342..9148f7b 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -11,6 +11,7 @@ variables: # arm builds, because build_debian_buster_arm matches build_debian_buster. # "BUILD_JOBS: none" won't build any build jobs, nor www. BUILD_JOBS: all + DOCKER_HOST: unix:// workflow: rules: @@ -35,6 +36,10 @@ stages: - cp -r builder/build/* output/ - rm output/*.tar.gz +default: + tags: + - oci-fixed-amd64 + build_www: stage: www allow_failure: false @@ -47,6 +52,9 @@ build_www: - docker run --rm -v $PWD/builder/www:/build kasmweb/www:latest - mkdir -p output/www - cd builder + - echo $PWD + - ls -l + - ls -l ../output - tar -zcvf ../output/www/kasm_www.tar.gz www only: variables: @@ -76,7 +84,7 @@ build_ubuntu_bionic_arm: stage: build allow_failure: false tags: - - arm + - oci-fixed-arm64 before_script: - *prepare_build - *prepare_www @@ -129,7 +137,7 @@ build_ubuntu_focal_arm: stage: build allow_failure: true tags: - - arm + - oci-fixed-arm64 before_script: - *prepare_build - *prepare_www @@ -165,7 +173,7 @@ build_ubuntu_jammy_arm: stage: build allow_failure: true tags: - - arm + - oci-fixed-arm64 before_script: - *prepare_build - *prepare_www @@ -192,7 +200,7 @@ build_debian_buster: - bash builder/build-package debian buster; only: variables: - - $CI_COMMIT_MESSAGE =~ /\[full [cC][Ii]\]/ || $BUILD_JOBS =~ $CI_JOB_NAME + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME artifacts: paths: - output/ @@ -201,7 +209,7 @@ build_debian_buster_arm: stage: build allow_failure: true tags: - - arm + - oci-fixed-arm64 before_script: - *prepare_build - *prepare_www @@ -211,7 +219,7 @@ build_debian_buster_arm: - bash builder/build-package debian buster; only: variables: - - $CI_COMMIT_MESSAGE =~ /\[full [cC][Ii]\]/ || $BUILD_JOBS =~ $CI_JOB_NAME + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME artifacts: paths: - output/ @@ -228,7 +236,7 @@ build_debian_bullseye: - bash builder/build-package debian bullseye; only: variables: - - $CI_COMMIT_MESSAGE =~ /\[full [cC][Ii]\]/ || $BUILD_JOBS =~ $CI_JOB_NAME + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME artifacts: paths: - output/ @@ -237,7 +245,7 @@ build_debian_bullseye_arm: stage: build allow_failure: true tags: - - arm + - oci-fixed-arm64 before_script: - *prepare_build - *prepare_www @@ -247,7 +255,7 @@ build_debian_bullseye_arm: - bash builder/build-package debian bullseye; only: variables: - - $CI_COMMIT_MESSAGE =~ /\[full [cC][Ii]\]/ || $BUILD_JOBS =~ $CI_JOB_NAME + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME artifacts: paths: - output/ @@ -273,7 +281,7 @@ build_kali_rolling_arm: stage: build allow_failure: true tags: - - arm + - oci-fixed-arm64 before_script: - *prepare_build - *prepare_www @@ -326,7 +334,7 @@ build_oracle_8_arm: stage: build allow_failure: true tags: - - arm + - oci-fixed-arm64 before_script: - *prepare_build - *prepare_www @@ -362,7 +370,7 @@ build_opensuse_15_arm: stage: build allow_failure: true tags: - - arm + - oci-fixed-arm64 before_script: - *prepare_build - *prepare_www @@ -377,6 +385,42 @@ build_opensuse_15_arm: paths: - output/ +build_fedora_thirtyseven: + stage: build + allow_failure: true + before_script: + - *prepare_build + - *prepare_www + after_script: + - *prepare_artfacts + script: + - bash builder/build-package fedora thirtyseven; + only: + variables: + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME + artifacts: + paths: + - output/ + +build_fedora_thirtyseven_arm: + stage: build + allow_failure: true + tags: + - oci-fixed-arm64 + before_script: + - *prepare_build + - *prepare_www + after_script: + - *prepare_artfacts + script: + - bash builder/build-package fedora thirtyseven; + only: + variables: + - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME + artifacts: + paths: + - output/ + test: stage: test before_script: diff --git a/builder/build.sh b/builder/build.sh index ad16d0a..86965d0 100755 --- a/builder/build.sh +++ b/builder/build.sh @@ -40,7 +40,7 @@ EOF #sudo apt-get install cmake git libjpeg-dev libgnutls-dev # Gcc12 builds fail due to bug -fail_on_gcc_12 +#fail_on_gcc_12 # Ubuntu applies a million patches, but here we use upstream to simplify matters cd /tmp @@ -90,29 +90,31 @@ if [ "${KASMVNC_BUILD_OS}" == "opensuse" ]; then sed -i 's/LIBGL="gl >= 7.1.0"/LIBGL="gl >= 1.1"/g' configure fi ./configure \ - --disable-config-hal \ - --disable-config-udev \ - --disable-dmx \ - --disable-dri \ - --disable-dri2 \ - --disable-kdrive \ - --disable-static \ - --disable-xephyr \ - --disable-xinerama \ - --disable-xnest \ - --disable-xorg \ - --disable-xvfb \ - --disable-xwayland \ - --disable-xwin \ - --enable-dri3 \ - --enable-glx \ - --prefix=/opt/kasmweb \ - --with-default-font-path="/usr/share/fonts/X11/misc,/usr/share/fonts/X11/cyrillic,/usr/share/fonts/X11/100dpi/:unscaled,/usr/share/fonts/X11/75dpi/:unscaled,/usr/share/fonts/X11/Type1,/usr/share/fonts/X11/100dpi,/usr/share/fonts/X11/75dpi,built-ins" \ - --without-dtrace \ - --with-sha1=libcrypto \ - --with-xkb-bin-directory=/usr/bin \ - --with-xkb-output=/var/lib/xkb \ - --with-xkb-path=/usr/share/X11/xkb + --disable-config-hal \ + --disable-config-udev \ + --disable-dmx \ + --disable-dri \ + --disable-dri2 \ + --disable-kdrive \ + --disable-static \ + --disable-xephyr \ + --disable-xinerama \ + --disable-xnest \ + --disable-xorg \ + --disable-xvfb \ + --disable-xwayland \ + --disable-xwin \ + --enable-dri3 \ + --enable-glx \ + --prefix=/opt/kasmweb \ + --with-default-font-path="/usr/share/fonts/X11/misc,/usr/share/fonts/X11/cyrillic,/usr/share/fonts/X11/100dpi/:unscaled,/usr/share/fonts/X11/75dpi/:unscaled,/usr/share/fonts/X11/Type1,/usr/share/fonts/X11/100dpi,/usr/share/fonts/X11/75dpi,built-ins" \ + --without-dtrace \ + --with-sha1=libcrypto \ + --with-xkb-bin-directory=/usr/bin \ + --with-xkb-output=/var/lib/xkb \ + --with-xkb-path=/usr/share/X11/xkb +# remove array bounds errors for new versions of GCC +find . -name "Makefile" -exec sed -i 's/-Werror=array-bounds//g' {} \; make -j5 # modifications for the servertarball diff --git a/builder/dockerfile.fedora_thirtythree.barebones.rpm.test b/builder/dockerfile.fedora_thirtyseven.barebones.rpm.test similarity index 96% rename from builder/dockerfile.fedora_thirtythree.barebones.rpm.test rename to builder/dockerfile.fedora_thirtyseven.barebones.rpm.test index 07f215c..ba97bf8 100644 --- a/builder/dockerfile.fedora_thirtythree.barebones.rpm.test +++ b/builder/dockerfile.fedora_thirtyseven.barebones.rpm.test @@ -1,4 +1,4 @@ -FROM fedora:33 +FROM fedora:37 ENV STARTUPDIR=/dockerstartup diff --git a/builder/dockerfile.fedora_thirtyseven.build b/builder/dockerfile.fedora_thirtyseven.build new file mode 100644 index 0000000..b83db05 --- /dev/null +++ b/builder/dockerfile.fedora_thirtyseven.build @@ -0,0 +1,65 @@ +FROM fedora:37 + +ENV KASMVNC_BUILD_OS fedora +ENV KASMVNC_BUILD_OS_CODENAME thirtyseven +ENV XORG_VER 1.20.7 + +RUN \ + echo "**** install build deps ****" && \ + dnf install -y \ + autoconf \ + automake \ + bzip2 \ + cmake \ + gcc \ + gcc-c++ \ + git \ + libdrm-devel \ + libepoxy-devel \ + libjpeg-turbo-devel \ + libjpeg-turbo-static \ + libpciaccess-devel \ + libtool \ + libwebp-devel \ + libX11-devel \ + libXau-devel \ + libxcb-devel \ + libXcursor-devel \ + libxcvt-devel \ + libXdmcp-devel \ + libXext-devel \ + libXfont2-devel \ + libxkbfile-devel \ + libXrandr-devel \ + libxshmfence-devel \ + libXtst-devel \ + mesa-libEGL-devel \ + mesa-libGL-devel \ + meson \ + nettle-devel \ + openssl-devel \ + patch \ + pixman-devel \ + wayland-devel \ + wget \ + xcb-util-devel \ + xcb-util-image-devel \ + xcb-util-keysyms-devel \ + xcb-util-renderutil-devel \ + xcb-util-wm-devel \ + xinit \ + xkbcomp \ + xkbcomp-devel \ + xkeyboard-config \ + xorg-x11-font-utils \ + xorg-x11-proto-devel \ + xorg-x11-server-common \ + xorg-x11-server-devel \ + xorg-x11-xtrans-devel + +RUN useradd -m docker && echo "docker:docker" | chpasswd + +COPY --chown=docker:docker . /src/ + +USER docker +ENTRYPOINT ["/src/builder/build.sh"] diff --git a/builder/dockerfile.fedora_thirtythree.rpm.build b/builder/dockerfile.fedora_thirtyseven.rpm.build similarity index 86% rename from builder/dockerfile.fedora_thirtythree.rpm.build rename to builder/dockerfile.fedora_thirtyseven.rpm.build index ae92ec7..8384b10 100644 --- a/builder/dockerfile.fedora_thirtythree.rpm.build +++ b/builder/dockerfile.fedora_thirtyseven.rpm.build @@ -1,11 +1,11 @@ -FROM fedora:33 +FROM fedora:37 RUN dnf install -y fedora-packager fedora-review RUN dnf install -y tree vim less RUN dnf install -y redhat-lsb-core RUN dnf install -y dnf-plugins-core -COPY centos/*.spec /tmp +COPY fedora/*.spec /tmp RUN dnf builddep -y /tmp/*.spec RUN useradd -m docker && echo "docker:docker" | chpasswd diff --git a/builder/dockerfile.fedora_thirtythree.rpm.test b/builder/dockerfile.fedora_thirtyseven.rpm.test similarity index 96% rename from builder/dockerfile.fedora_thirtythree.rpm.test rename to builder/dockerfile.fedora_thirtyseven.rpm.test index fdbcd9c..2bce89f 100644 --- a/builder/dockerfile.fedora_thirtythree.rpm.test +++ b/builder/dockerfile.fedora_thirtyseven.rpm.test @@ -1,4 +1,4 @@ -FROM fedora:33 +FROM fedora:37 ENV DISPLAY=:1 \ VNC_PORT=8443 \ @@ -47,7 +47,7 @@ COPY builder/startup/ $STARTUPDIR ### START CUSTOM STUFF #### COPY ./builder/scripts/ /tmp/scripts/ -COPY ./centos/kasmvncserver.spec /tmp +COPY ./fedora/kasmvncserver.spec /tmp ARG KASMVNC_PACKAGE_DIR COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp/ diff --git a/builder/dockerfile.fedora_thirtythree.build b/builder/dockerfile.fedora_thirtythree.build deleted file mode 100644 index b9f5720..0000000 --- a/builder/dockerfile.fedora_thirtythree.build +++ /dev/null @@ -1,38 +0,0 @@ -FROM fedora:33 - -ENV KASMVNC_BUILD_OS fedora -ENV KASMVNC_BUILD_OS_CODENAME thirtythree -ENV XORG_VER 1.20.10 - -# RUN dnf install -y build-dep xorg-server libxfont-dev sudo -RUN dnf install -y gcc cmake git gnutls-devel vim wget -#tightvncserver -RUN dnf install -y libjpeg-turbo-devel libpng-devel libtiff-devel giflib-devel openssl-devel - -#libavcodec-dev -RUN dnf -y install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm -RUN dnf -y install https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm -RUN dnf -y install ffmpeg-devel - -RUN dnf install -y make -RUN dnf group install -y "Development Tools" -RUN dnf install -y xorg-x11-server-devel zlib-devel libjpeg-turbo-devel -RUN dnf install -y libxkbfile-devel libXfont2-devel xorg-x11-font-utils \ - xorg-x11-xtrans-devel xorg-x11-xkb-utils-devel libXrandr-devel libXtst-devel \ - libXcursor-devel -RUN dnf install -y mesa-dri-drivers -RUN dnf install -y bzip2 redhat-lsb-core - -# Additions for webp -RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz -RUN cd /tmp && tar -xzf /tmp/libwebp-* -RUN cd /tmp/libwebp-1.0.2 && \ - ./configure --enable-static --disable-shared && \ - make && make install - -RUN useradd -m docker && echo "docker:docker" | chpasswd - -COPY --chown=docker:docker . /src/ - -USER docker -ENTRYPOINT ["/src/builder/build.sh"] diff --git a/common/network/GetAPI.h b/common/network/GetAPI.h index f02c75e..5b6c7ed 100644 --- a/common/network/GetAPI.h +++ b/common/network/GetAPI.h @@ -66,6 +66,7 @@ namespace network { void netResetFrameStatsCall(); uint8_t netServerFrameStatsReady(); void netUdpUpgrade(void *client, uint32_t ip); + void netClearClipboard(); enum USER_ACTION { NONE, @@ -73,7 +74,8 @@ namespace network { WANT_FRAME_STATS_ALL, WANT_FRAME_STATS_OWNER, WANT_FRAME_STATS_SPECIFIC, - UDP_UPGRADE + UDP_UPGRADE, + CLEAR_CLIPBOARD, }; uint8_t netRequestFrameStats(USER_ACTION what, const char *client); diff --git a/common/network/GetAPIMessager.cxx b/common/network/GetAPIMessager.cxx index 0fb2ee0..17e53cd 100644 --- a/common/network/GetAPIMessager.cxx +++ b/common/network/GetAPIMessager.cxx @@ -806,3 +806,16 @@ void GetAPIMessager::netUdpUpgrade(void *client, uint32_t ip) { pthread_mutex_unlock(&userMutex); } + +void GetAPIMessager::netClearClipboard() { + action_data act; + act.action = CLEAR_CLIPBOARD; + + // Send it in + if (pthread_mutex_lock(&userMutex)) + return; + + actionQueue.push_back(act); + + pthread_mutex_unlock(&userMutex); +} diff --git a/common/network/TcpSocket.cxx b/common/network/TcpSocket.cxx index faa80f1..db13ec7 100644 --- a/common/network/TcpSocket.cxx +++ b/common/network/TcpSocket.cxx @@ -545,6 +545,12 @@ static uint8_t serverFrameStatsReadyCb(void *messager) return msgr->netServerFrameStatsReady(); } +static void clearClipboardCb(void *messager) +{ + GetAPIMessager *msgr = (GetAPIMessager *) messager; + msgr->netClearClipboard(); +} + #if OPENSSL_VERSION_NUMBER < 0x1010000f static pthread_mutex_t *sslmutex; @@ -693,6 +699,8 @@ WebsocketListener::WebsocketListener(const struct sockaddr *listenaddr, settings.getClientFrameStatsNumCb = getClientFrameStatsNumCb; settings.serverFrameStatsReadyCb = serverFrameStatsReadyCb; + settings.clearClipboardCb = clearClipboardCb; + openssl_threads(); pthread_t tid; diff --git a/common/network/websocket.c b/common/network/websocket.c index 52c5183..816eb2e 100644 --- a/common/network/websocket.c +++ b/common/network/websocket.c @@ -1596,6 +1596,22 @@ static uint8_t ownerapi(ws_ctx_t *ws_ctx, const char *in, const char * const use ws_send(ws_ctx, buf, strlen(buf)); weblog(200, wsthread_handler_id, 0, origip, ip, user, 1, origpath, strlen(buf)); + ret = 1; + } else entry("/api/clear_clipboard") { + settings.clearClipboardCb(settings.messager); + write(wakeuppipe[1], "", 1); + + sprintf(buf, "HTTP/1.1 200 OK\r\n" + "Server: KasmVNC/4.0\r\n" + "Connection: close\r\n" + "Content-type: text/plain\r\n" + "Content-length: 6\r\n" + "%s" + "\r\n" + "200 OK", extra_headers ? extra_headers : ""); + ws_send(ws_ctx, buf, strlen(buf)); + weblog(200, wsthread_handler_id, 0, origip, ip, user, 1, origpath, strlen(buf)); + ret = 1; } diff --git a/common/network/websocket.h b/common/network/websocket.h index 00d72e2..b5fc674 100644 --- a/common/network/websocket.h +++ b/common/network/websocket.h @@ -105,6 +105,8 @@ typedef struct { void (*getUsersCb)(void *messager, const char **buf); uint8_t (*getClientFrameStatsNumCb)(void *messager); uint8_t (*serverFrameStatsReadyCb)(void *messager); + + void (*clearClipboardCb)(void *messager); } settings_t; #ifdef __cplusplus diff --git a/common/rfb/SDesktop.h b/common/rfb/SDesktop.h index 5696cfd..7afc14c 100644 --- a/common/rfb/SDesktop.h +++ b/common/rfb/SDesktop.h @@ -86,6 +86,8 @@ namespace rfb { virtual void handleClipboardAnnounceBinary(const unsigned __unused_attr num, const char __unused_attr mimes[][32]) {} + virtual void clearLocalClipboards() {} + protected: virtual ~SDesktop() {} }; diff --git a/common/rfb/VNCServerST.cxx b/common/rfb/VNCServerST.cxx index 419e543..7abd972 100644 --- a/common/rfb/VNCServerST.cxx +++ b/common/rfb/VNCServerST.cxx @@ -832,9 +832,8 @@ static void upgradeClientToUdp(const network::GetAPIMessager::action_data &act, } } -static void checkAPIMessages(network::GetAPIMessager *apimessager, - rdr::U8 &trackingFrameStats, char trackingClient[], - std::list &clients) +void VNCServerST::checkAPIMessages(network::GetAPIMessager *apimessager, + rdr::U8 &trackingFrameStats, char trackingClient[]) { if (pthread_mutex_lock(&apimessager->userMutex)) return; @@ -866,6 +865,15 @@ static void checkAPIMessages(network::GetAPIMessager *apimessager, case network::GetAPIMessager::UDP_UPGRADE: upgradeClientToUdp(act, clients); break; + case network::GetAPIMessager::CLEAR_CLIPBOARD: + clearBinaryClipboardData(); + clipboardClient = NULL; + desktop->handleClipboardAnnounceBinary(0, NULL); + + sendBinaryClipboardData("text/plain", NULL, 0); + + desktop->clearLocalClipboards(); + break; } } @@ -1031,7 +1039,7 @@ void VNCServerST::writeUpdate() shottime = msSince(&shotstart); trackingFrameStats = 0; - checkAPIMessages(apimessager, trackingFrameStats, trackingClient, clients); + checkAPIMessages(apimessager, trackingFrameStats, trackingClient); } const rdr::U8 origtrackingFrameStats = trackingFrameStats; diff --git a/common/rfb/VNCServerST.h b/common/rfb/VNCServerST.h index e36412a..bdd43b0 100644 --- a/common/rfb/VNCServerST.h +++ b/common/rfb/VNCServerST.h @@ -284,6 +284,9 @@ namespace rfb { void translateDLPRegion(rdr::U16 &x1, rdr::U16 &y1, rdr::U16 &x2, rdr::U16 &y2) const; rdr::U32 clipboardId; + + void checkAPIMessages(network::GetAPIMessager *apimessager, + rdr::U8 &trackingFrameStats, char trackingClient[]); }; }; diff --git a/fedora/kasmvncserver.spec b/fedora/kasmvncserver.spec new file mode 100644 index 0000000..412cbf4 --- /dev/null +++ b/fedora/kasmvncserver.spec @@ -0,0 +1,124 @@ +Name: kasmvncserver +Version: 1.0.0 +Release: 1%{?dist} +Summary: VNC server accessible from a web browser + +License: GPLv2+ +URL: https://github.com/kasmtech/KasmVNC + +BuildRequires: rsync +Requires: xorg-x11-xauth, xkeyboard-config, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny +Conflicts: tigervnc-server, tigervnc-server-minimal + +%description +KasmVNC provides remote web-based access to a Desktop or application. +While VNC is in the name, KasmVNC differs from other VNC variants such +as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB +specification which defines VNC, in order to support modern technologies +and increase security. KasmVNC is accessed by users from any modern +browser and does not support legacy VNC viewer applications. KasmVNC +uses a modern YAML based configuration at the server and user level, +allowing for ease of management. KasmVNC is maintained by Kasm +Technologies Corp, www.kasmweb.com. + +WARNING: this package requires EPEL. + +%prep + +%install +rm -rf $RPM_BUILD_ROOT + +TARGET_OS=$(lsb_release -is | tr '[:upper:]' '[:lower:]') +TARGET_OS_CODENAME=$(lsb_release -cs | tr '[:upper:]' '[:lower:]') +TARBALL=$RPM_SOURCE_DIR/kasmvnc.${TARGET_OS}_${TARGET_OS_CODENAME}.tar.gz +TAR_DATA=$(mktemp -d) +tar -xzf "$TARBALL" -C "$TAR_DATA" + +SRC=$TAR_DATA/usr/local +SRC_BIN=$SRC/bin +DESTDIR=$RPM_BUILD_ROOT +DST_MAN=$DESTDIR/usr/share/man/man1 + +mkdir -p $DESTDIR/usr/bin $DESTDIR/usr/share/man/man1 \ + $DESTDIR/usr/share/doc/kasmvncserver $DESTDIR/usr/lib \ + $DESTDIR/usr/share/perl5 $DESTDIR/etc/kasmvnc + +cp $SRC_BIN/Xvnc $DESTDIR/usr/bin; +cp $SRC_BIN/vncserver $DESTDIR/usr/bin; +cp -a $SRC_BIN/KasmVNC $DESTDIR/usr/share/perl5/ +cp $SRC_BIN/vncconfig $DESTDIR/usr/bin; +cp $SRC_BIN/kasmvncpasswd $DESTDIR/usr/bin; +cp $SRC_BIN/kasmxproxy $DESTDIR/usr/bin; +cp -r $SRC/lib/kasmvnc/ $DESTDIR/usr/lib/kasmvncserver +cd $DESTDIR/usr/bin && ln -s kasmvncpasswd vncpasswd; +cp -r $SRC/share/doc/kasmvnc*/* $DESTDIR/usr/share/doc/kasmvncserver/ +rsync -r --exclude '.git*' --exclude po2js --exclude xgettext-html \ + --exclude www/utils/ --exclude .eslintrc --exclude configure \ + $SRC/share/kasmvnc $DESTDIR/usr/share + +sed -i -e 's!pem_certificate: .\+$!pem_certificate: /etc/pki/tls/private/kasmvnc.pem!' \ + $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml +sed -i -e 's!pem_key: .\+$!pem_key: /etc/pki/tls/private/kasmvnc.pem!' \ + $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml +sed -e 's/^\([^#]\)/# \1/' $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml > \ + $DESTDIR/etc/kasmvnc/kasmvnc.yaml +cp $SRC/man/man1/Xvnc.1 $DESTDIR/usr/share/man/man1/; +cp $SRC/share/man/man1/vncserver.1 $DST_MAN; +cp $SRC/share/man/man1/vncconfig.1 $DST_MAN; +cp $SRC/share/man/man1/vncpasswd.1 $DST_MAN; +cp $SRC/share/man/man1/kasmxproxy.1 $DST_MAN; +cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1; + + +%files +%config(noreplace) /etc/kasmvnc + +/usr/bin/* +/usr/lib/kasmvncserver +/usr/share/man/man1/* +/usr/share/perl5/KasmVNC +/usr/share/kasmvnc + +%license /usr/share/doc/kasmvncserver/LICENSE.TXT +%doc /usr/share/doc/kasmvncserver/README.md + +%changelog +* Tue Nov 29 2022 KasmTech - 1.0.0-1 +- WebRTC UDP transit support with support of STUN servers +- Lossless compression using multi-threaded WASM QOI decoder client side +- New yaml based configuration +- Significantly improved FPS through both client-side and server-side improvements. +- Support for the admin to define arbitrary http response headers for the built in web server +- Support for additional mouse buttons +- Refinement of vncserver checks and user prompts +- Added send_full_frame to developer API, forces full frame to be sent to all connected users that have at least read permission. +* Tue Mar 22 2022 KasmTech - 0.9.3~beta-1 +* Fri Feb 12 2021 KasmTech - 0.9.1~beta-1 +- Initial release of the rpm package. + +%post + kasmvnc_group="kasmvnc-cert" + + create_kasmvnc_group() { + if ! getent group "$kasmvnc_group" >/dev/null; then + groupadd --system "$kasmvnc_group" + fi + } + + make_self_signed_certificate() { + local cert_file=/etc/pki/tls/private/kasmvnc.pem + [ -f "$cert_file" ] && return 0 + + openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \ + -keyout "$cert_file" \ + -out "$cert_file" -subj \ + "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none" + chgrp "$kasmvnc_group" "$cert_file" + chmod 640 "$cert_file" + } + + create_kasmvnc_group + make_self_signed_certificate + +%postun + rm -f /etc/pki/tls/private/kasmvnc.pem diff --git a/kasmweb b/kasmweb index f223cfc..31b1a93 160000 --- a/kasmweb +++ b/kasmweb @@ -1 +1 @@ -Subproject commit f223cfcafee67c0544c7f7d887c787422299c285 +Subproject commit 31b1a93335c1cb4947d4eac06dd1311bb18f5022 diff --git a/unix/xserver/hw/vnc/XserverDesktop.cc b/unix/xserver/hw/vnc/XserverDesktop.cc index a3aa73a..605e228 100644 --- a/unix/xserver/hw/vnc/XserverDesktop.cc +++ b/unix/xserver/hw/vnc/XserverDesktop.cc @@ -182,6 +182,11 @@ XserverDesktop::queryConnection(network::Socket* sock, return rfb::VNCServerST::PENDING; } +void XserverDesktop::clearLocalClipboards() +{ + vncClearLocalClipboards(); +} + void XserverDesktop::announceClipboard(bool available) { try { diff --git a/unix/xserver/hw/vnc/XserverDesktop.h b/unix/xserver/hw/vnc/XserverDesktop.h index 32a204b..de9baa7 100644 --- a/unix/xserver/hw/vnc/XserverDesktop.h +++ b/unix/xserver/hw/vnc/XserverDesktop.h @@ -61,6 +61,7 @@ public: void setFramebuffer(int w, int h, void* fbptr, int stride); void refreshScreenLayout(); void requestClipboard(); + void clearLocalClipboards(); void announceClipboard(bool available); void clearBinaryClipboardData(); void sendBinaryClipboardData(const char* mime, const unsigned char *data, diff --git a/unix/xserver/hw/vnc/vncSelection.c b/unix/xserver/hw/vnc/vncSelection.c index c4a90bf..103535f 100644 --- a/unix/xserver/hw/vnc/vncSelection.c +++ b/unix/xserver/hw/vnc/vncSelection.c @@ -763,3 +763,42 @@ static void vncClientStateCallback(CallbackListPtr * l, } } } + +static void vncClearLocalClipboard(Atom selection) +{ + SelectionInfoRec info; + Selection *pSel; + int rc; + + rc = dixLookupSelection(&pSel, selection, serverClient, DixSetAttrAccess); + if (rc != Success) + return; + + if (pSel->client && (pSel->client != serverClient)) { + xEvent event = { + .u.selectionClear.time = currentTime.milliseconds, + .u.selectionClear.window = pSel->window, + .u.selectionClear.atom = pSel->selection + }; + event.u.u.type = SelectionClear; + WriteEventsToClient(pSel->client, 1, &event); + } + + pSel->lastTimeChanged = currentTime; + pSel->window = None; + pSel->pWin = NULL; + pSel->client = NullClient; + + LOG_DEBUG("Cleared %s selection", NameForAtom(selection)); + + info.selection = pSel; + info.client = serverClient; + info.kind = SelectionSetOwner; + CallCallbacks(&SelectionCallback, &info); +} + +void vncClearLocalClipboards() +{ + vncClearLocalClipboard(xaPRIMARY); + vncClearLocalClipboard(xaCLIPBOARD); +} diff --git a/unix/xserver/hw/vnc/vncSelection.h b/unix/xserver/hw/vnc/vncSelection.h index 68266bf..f929c18 100644 --- a/unix/xserver/hw/vnc/vncSelection.h +++ b/unix/xserver/hw/vnc/vncSelection.h @@ -26,6 +26,7 @@ void vncSelectionInit(void); void vncHandleClipboardAnnounce(int available); void vncHandleClipboardAnnounceBinary(const unsigned num, const char mimes[][32]); +void vncClearLocalClipboards(); #ifdef __cplusplus }