TLS v1.0 is now considered insecure.
The protocol is already disabled on the server side (cfr commit commit
fac12737d "reds: Disable TLS 1.0").
To avoid downgrade attacks disable it even on the client.

Related: https://bugzilla.redhat.com/show_bug.cgi?id=1521053



Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
Acked-by: Victor Toso <victortoso@redhat.com>

The get_stream_id_by_stream() was introduced in 141c2d82 to debug
GStreamer's pipeline. But with previous patch, we are moving the ID to
the display_stream structure and can be accessible directly.

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

This patch renames destroy_display_stream() to
display_stream_destroy() to keep compatibility with
display_stream_create()

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

Instead of passing the id parameter for destroy_display_stream() which
is only used for debug, let's store the id when creating the stream at
display_stream_create().

With the removal of Id parameter, we are using a gpointer for
display_stream struct to comply with GDestroyNotify type and use this,
for instance in g_clear_pointer() without warnings.

Benefits of this patch:
* We can drop a helper function in a follow up patch;
* Function is now a GDestroyNotify type;

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

No valgrind on this one but a leak similar to previous patch.
This one was introduced in e691954b

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

Detected while testing valgrind on migration.

> malloc (vg_replace_malloc.c:299)
> g_malloc (in /usr/lib/libglib-2.0.so.0.5400.3)
> spice_cursor_shape_copy (channel-cursor.c:99)
> ??? (in /usr/lib/libgobject-2.0.so.0.5400.3)
> g_object_get_valist (in /usr/lib/libgobject-2.0.so.0.5400.3)
> g_object_get (in /usr/lib/libgobject-2.0.so.0.5400.3)
> cursor_set (spice-widget.c:2653)
> g_closure_invoke (in /usr/lib/libgobject-2.0.so.0.5400.3)
> ??? (in /usr/lib/libgobject-2.0.so.0.5400.3)
> g_signal_emit_valist (in /usr/lib/libgobject-2.0.so.0.5400.3)
> g_signal_emit (in /usr/lib/libgobject-2.0.so.0.5400.3)
> ??? (in /usr/lib/libgobject-2.0.so.0.5400.3)

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

This became obsolete after 93b213eb 'spicy-*: Remove translation support'

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>

When running on Xwayland, the keycode mapping property is not available,
which causes unknown keycode mapping errors and the keyboard doesn't
work.

Check for a known scancode (“XK_Page_Up”) which differs to distinguish
between “xfree86” and “evdev” when the there is no keycode name.

Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Acked-by: Christophe Fergeau <cfergeau@redhat.com>

They couldn't not be introduced before, because the test needs both
parsing and generation.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

spice:// has a weird scheme encoding, where it can accept both plain
and tls ports with URI query parameters. However, it's not very
convenient nor very common to use (who really want to mix plain & tls
channels?).

Instead, let's introduce the more readable form spice+tls://host:port
This form will not accept 'port' or 'tls-port' query string parameter.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

Cosmetic change. One break was dropped on _default:_ label of switch

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>

Code built with address sanitizer has runtime error:
 > channel-usbredir.c:642:5: runtime error: null pointer passed
 > as argument 2, which is declared to never be null

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

Address sanitizer runtime error:
 > spice-widget.c:1433:12: runtime error: left shift of
 > 1 by 31 places cannot be represented in type 'int'

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

Before:
(lt-spicy:18372): GSpice-WARNING **: 10:57:21.246: Double set of 'port' in URI 'spice://foo'

After:
(lt-spicy:18654): GSpice-WARNING **: 10:57:21.246: Double set of 'port' in URI 'spice://foo:23?port=24

'

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

For some reason, the URIs test didn't include spice+unix:// checks,
probably because they came about the same time.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

Import some fixes.

Frediano Ziglio (2):
      canvas: Fix some semi transparent drawing
      canvas: Use SPICE_UNALIGNED_CAST to avoid -Wcast-align warnings

Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
Acked-by: Victor Toso <victortoso@redhat.com>

The "max-bytes" property of the appsrc GStreamer element expects a
64-bit value. Calling:
g_object_set(source, "max-bytes", 0, NULL);
in a 32-bit architecture ends up with a wrong value, it must be cast to
a gint64:
g_object_set(source, "max-bytes", G_GINT64_CONSTANT(0), NULL);

Acked-by: Frediano Ziglio <fziglio@redhat.com>

This was used by GDI canvas rendering which has been removed from
spice-common.

Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
Acked-by: Christophe de Dinechin <dinechin@redhat.com>

GDI canvas support was removed from spice-common as not even
compiling for a long time.
This requires some changed to spice-gtk too.

Frediano Ziglio (14):
      canvas: Simplify code using spice_memdup
      canvas: Remove possible leak on LZ decompression failure
      lz: Avoid temporary variable
      lz: Simplify code
      lz: Remove unused encode_level and only assigned io_start
      canvas: Move PixmanData to C file
      canvas: Remove mutex field from PixmanData
      canvas: Remove Windows bitmap allocation
      canvas: Remove unused dc parameter from surface_create
      canvas: Remove dc parameter from SwCanvas::put_image
      canvas: Remove dc fields from CanvasBase and LzDecodeUsrData
      canvas: Unify __surface_create_stride and surface_create_stride
      canvas: Remove unused include header
      canvas: Prevent some error compiling spice-gtk

Pavel Grunt (1):
      Remove GDI canvas

Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
Acked-by: Snir Sheriber <ssheribe@redhat.com>

Some FreeBSD configurations can use LibreSSL instead of OpenSSL.
The two libraries are really similar but need some minimal adjustment.

Signed-off-by: Paweł Pękala <pawelbsd@gmail.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

This includes a LZ fix for paletted images.

Frediano Ziglio (10):
      quic: avoid crash on specific images
      Make the compiler work out better way to write unaligned memory
      test-marshallers: Use unaligned structure
      test-marshallers: Test demarshalling
      ring: Remove __ring_remove function
      ring: Remove short living temporary variable
      canvas_base: Allow to specify constant operations
      proto: Add some documentation to stream_report message
      protocol: Allow to specify a surface will be streamed
      canvas-base: Fix width computation for palette images

Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>

FreeBSD has OpenSSL installed in base, but .pc files are not available.
We can still successfully build spice-gtk by setting SSL_CFLAGS and
SSL_LIBS variables manually, but openssl will still be recorded to
Requires.private field of spice-client-glib-2.0.pc, causing problems for
applications using spice-gtk. To workaround the issue, we do the check
again without using SSL_CFLAGS and SSL_LIBS variables and put SSL_LIBS
into Libs.private field when openssl.pc cannot be found.

https://bugs.freedesktop.org/show_bug.cgi?id=104524

sys/acl.h works on both FreeBSD and Linux, so we should use it instead
of acl/libacl.h, which only works on Linux.

FreeBSD puts ACL functions in libc, so we should check whether ACL
functions are available in libc before doing the check with -lacl.

https://bugs.freedesktop.org/show_bug.cgi?id=104525

A few classes are implementing GObject::constructor, which is more
cumbersome to use than ::constructed. Other classes use ::constructed
rather than ::constructor. This commit removes the last uses of
::constructor.

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>

There is no such function implemented anywhere in the codebase.
This was mistakenly added in 222e25a0.

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>

Casting to gdouble instead to float to avoid the warning and perhaps
increase the precision.

spice-widget-egl.c:573:28: error: implicit conversion increases
floating-point precision: 'float' to 'gdouble' (aka 'double')
    tx = ((float)d->area.x / (float)d->egl.scanout.width);
       ~  ~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~

spice-widget-egl.c:574:28: error: implicit conversion increases
floating-point precision: 'float' to 'gdouble' (aka 'double')
    ty = ((float)d->area.y / (float)d->egl.scanout.height);
       ~  ~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

spice-widget-egl.c:575:32: error: implicit conversion increases
floating-point precision: 'float' to 'gdouble' (aka 'double')
    tw = ((float)d->area.width / (float)d->egl.scanout.width);
       ~  ~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~

spice-widget-egl.c:576:33: error: implicit conversion increases
floating-point precision: 'float' to 'gdouble' (aka 'double')
    th = ((float)d->area.height / (float)d->egl.scanout.height);
       ~  ~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

The gst_opts[] array was moved to the -priv.h header
inc96af50e2dd16b02b189e8 - Let's use it to improve debug messages.

Signed-off-by: Victor Toso <victortoso@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

This function is used in server mode, and
spice_inputs_channel_position() is used in client mode.

Acked-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Victor Toso <victortoso@redhat.com>

Both spice_main_set_display() and spice_main_set_display_enabled() were
deprecated in favor of the same functions with the spice_main_channel_
prefix. However, these new functions were never introduced. Since these
functions merely call spice_main_channel_update_display() with a
constant TRUE argument for the last parameter, this is probably a good
time to simply drop the _set_display* functions in favor of the
nearly-identical _update_display* functions (which have one additional
parameter which determines whether to send the update to the guest).

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Acked-by: Victor Toso <victortoso@redhat.com>

This is useful for some instrumentation, e.g. the leaks tracer,
that perform some of their operations within gst_deinit.

Without this patch, if you run spicy with
	GST_DEBUG="GST_TRACER:7" GST_TRACERS="leaks" spicy ...
the leak tracer does not show any output, because it runs in gst_deinit.

Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>

Also use --enable-python-checks in autogen.sh to check python2/3-pyparsing
requirement for rebuilds from GIT.

Signed-off-by: Marie Stephanie Alesna <istephielicious@gmail.com>
Acked-by: Christophe Fergeau <cfergeau@redhat.com>

Signed-off-by: Matthew Francis <mjay.francis@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1505831641-28134-6-git-send-email-mjay.francis@gmail.com>

Signed-off-by: Matthew Francis <mjay.francis@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1505831641-28134-5-git-send-email-mjay.francis@gmail.com>

Signed-off-by: Matthew Francis <mjay.francis@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1505831641-28134-4-git-send-email-mjay.francis@gmail.com>

Signed-off-by: Matthew Francis <mjay.francis@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1505831641-28134-3-git-send-email-mjay.francis@gmail.com>

Signed-off-by: Matthew Francis <mjay.francis@gmail.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <1505831641-28134-2-git-send-email-mjay.francis@gmail.com>

Instead of printing a warning when trying to read from a closed
stream. It can happen that libsoup closes the pipe output stream while
the input stream had no pending operation, in which case the close is
successful and we shouldn't try to read from the stream anymore.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Victor Toso <victortoso@redhat.com>

And a few cleanups.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Victor Toso <victortoso@redhat.com>

Similar to input is_readable(), return writable after a close, so an
error is reported to the async write.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Victor Toso <victortoso@redhat.com>