Releases: any1/neatvnc
Releases · any1/neatvnc
v0.9.2
This patch release adds missing bounds checks.
Two buffer overflow vulnerabilities were reported by Frederik Reiter who also provided patches to fix them.
There are potential security implications, but only authenticated clients would be able to exploit these vulnerabilities, if at all. Nevertheless, it is prudent to update as soon as possible.
Andri Yngvason (3):
server: Clamp damage to fb size
server: Turn read buffer bounds assert into panic
Release v0.9.2
Frederik Reiter (3):
Fix integer underflow in encodings_to_string_list
Add size validation to on_client_set_desktop_size_event
Add size validation to on_client_set_encodings
v0.9.1
v0.9.0
Highlights
- A v4l2m2m based H.264 encoder that works on Raspberry Pi 1 to 4,
sponsored by Raspberry Pi Ltd. - Extended clipboard for UTF-8 text was implemented by Attila Fidan.
- Listening on a pre-bound file descriptor, implemented by Attila Fidan.
- The continuous updates extension was implemented by Philipp Zabel.
- We now have simple bandwidth estimation and improved frame pacing.
- Methods for rating pixel formats and modifiers have according to Neat VNC's
preferences have been added. - The Qemu/VMWare LED state extensions have been implemented.
- H.264 encoders will now encode the correct colour space into the elementary
stream.
Bug fixes
- Some memory leaks and reference counting errors have been eradicated.
- A race between resizing events and framebuffer updates that would cause a
buffer with the previous size to be sent after a resize event has been fixed. - Buffers with 24 bits per pixel will now result in 32 bpp being reported to
the client because 24 bpp is not allowed by the protocol. Nvidia users should
now be able to use a wider selection of clients as a result of this change.
Breaking changes
There are no breaking changes this release.
Shortlog
Alfred Wingate (1):
server: Remove undeclared variable from tracing macro
Andri Yngvason (72):
meson: Bump minor version to 0.9
Rename h264-encoder.c -> h264-encoder-ffmpeg-impl.c
Create abstract h264 encoder interface
Implement v4l2m2m h264 encoder
h264-v4l2m2m: Update copyright
FUNDING.yml: Add github sponsors
Implement qemu/vmware LED state
Split up crypto code
stream-tcp: Remove unused function prototype
Move stream implementations into directory
Move websocket code into stream/ws
Move encoders into src/enc
Move stream headers into own directory
Move encoder headers into own directory
crypto: Add copyright notices
Extract rsa-aes out of server.c
Extract apple-dh out of server.c
Extract vencrypt out of server.c
Lose Lena
test-images: Add madrill.png to replace Lena
Add sanity check for chosen security type
Check if h264 encoder exists before using it
resampler: Use PIXMAN_OP_SRC instead of PIXMAN_OP_OVER
enc: raw: Keep reference to encoder in worker
enc: h264: ffmpeg: Specify sRGB colorspace
enc: h264: ffmpeg: Convert to BT.709
enc: h264: encoder: Make destroy idempotent
Move continuous update check out of switch-cases
enc: h264: v4l2m2m: Free self on failure
stream: tcp: Don't flush recursively
stream: gnutls: Don't flush recursively
Revert "stream: gnutls: Don't flush recursively"
enc: Add fb hold for raw, tight and zrle
server: Don't hold ref client in encoder
enc: h264: ffmpeg: Remove redundant vec_destroy
fb: Make unref & release idempotent
server: Don't hold onto buffer in client
Don't reference count client objects
server: Wait for encoder to finish on nvnc_close
Implement fence messages
Estimate min_rtt during initial handshake
Create a bandwidth estimator
Drop frames when client falls too far behind
server: Estimate client's bandwidth
Limit rate based on in-flight data and bandwidth estimate
server: Don't set SO_SNDBUF
enc: h264: ffmpeg: Fix comment
enc: h264: ffmpeg: Set color space on buffersrc
enc: h264: ffmpeg: Remove sample_aspect_ratio from struct
enc: h264: ffmpeg: Use sanctioned method for getting hw_frames_ctx
enc: zrle: Make room for palette
enc: zrle: Discard oversized packed tiles
enc: h264: ffmpeg: Add version ifdefs for buffersrc params
server: Return request-forwarded from resize request
Wrap encoder results into single object
Attach resize events to outgoing video frames
Send ping instead of dummy fence when client connects
enc: Remove n_rects from encoder struct
server: Use correct op for cont'd damage check
server: Extract client damage check into function
Add methods to rate pixel formats
Derive depth from pixfmt max values
Only allow a curated set of modifiers
Don't wait forever for encoder to finish
Allow tls XOR crypto to be enabled
server: Fix pixman const errors
pixels: Define fourcc_mod_is_vendor
Clean up release build compiler warnings
meson: Add run_command check argument
Nudge 24 bpp to 32 bpp when reporting to client
Keep reported pixel format
server: Fix find_highest_client_depth
Attila Fidan (2):
server: Support opening from a bound socket fd
server: Implement Extended Clipboard (UTF-8 text)
Jeroen Hofstee (2):
enc: tight: Fix the size of the tile
Send queued message when switching to continues updates
Ontje Lünsdorf (1):
server: Do not unlink an externally managed fd
Philipp Zabel (1):
Add continuous update support
v0.8.1
v0.8.0
Highlights
- The colour map pixel format as described in RFC 6143 has been implemented. Before, the client would just get disconnected if they requested it. Now they get a map that emulates RGB332.
- Momentary interception of log messages. The user can now set a thread-local log hander and then set it back to the default.
- Philipp Zabel made the code more consistent with the style guide.
Breaking Changes
nvnc_client_get_hostnamehas been replaced withnvnc_client_get_address
Bugfixes
These have already been released as part of the v0.7 branch, but they will also be enumerated here.
- Apple's Diffie-Hellman authentication (security type 30) has been fixed.
- A new client connection no longer causes a DNS lookup.
- Clients are now allowed to request more than 32 encodings (#108)
- Zlib streams are now preserved when a client switches between encodings (#109)
Shortlog
Andri Yngvason (24):
Set version for next release
README: Enumerate dependencies for crypto
Don't use tag for git version
server: Fix double-free on failed Apple DH
crypto: Initialise AES-ECB decode context correctly
server: Remove DNS lookup
server: Don't complete fb update more than once
logging: Export default log function
logging: Add method to set thread local log function
logging: Set log function to default when unset
Replace nvnc_client_get_hostname with nvnc_client_get_address
h264-encoder: Use AV_FRAME_FLAG_KEY instead of key_frame
server: Allow server to request more than 32 encodings
Warn when client chooses non-true-color pixel format
Keep zlib streams when switching encodings
pixels: Add strings for RGB222 and BGR222
server: Log pixel format choice
server: Log encodings reported by client
server: Drop current frame if formats change
server: Extract encoder initialisation function
Consolidate security handshake result handling
Implement colour map
Add option to enable experimental features
Release v0.8.0
Philipp Zabel (3):
Indent wrapped argument lists with two tabs (function definitions)
Indent wrapped argument lists with two tabs (function calls)
Remove superfluous whitespace
v0.7.2
This release fixes a couple of bugs:
- Clients are now allowed to request more than 32 encodings (#108)
- Zlib streams are now preserved when a client switches between encodings (#109)
Changes
Andri Yngvason (2):
server: Allow server to request more than 32 encodings
Keep zlib streams when switching encodings
v0.7.1
This release fixes a couple of bugs.
- Apple's Diffie-Hellman authentication (security type 30) has been fixed.
- A new client connection no longer causes a DNS lookup.
Changes
Andri Yngvason (4):
server: Fix double-free on failed Apple DH
crypto: Initialise AES-ECB decode context correctly
server: Remove DNS lookup
Release v0.7.1
v0.7.0
Highlights
- Desktop resizing
- Software pixel buffers with less than 32 bits per pixel are now supported
- The server may now choose to open a websocket instead of a regular TCP socket
- The RSA-AES and RSA-AES-256 security types have now been implemented
- A Diffie-Hellman based security type from Apple is also implemented, although not recommended
- Murmurhash in the damage refinery has been replaced with xxHash, which performs much better in my tests so far
Bugfixes
- Users should now get proper feedback when authentication fails
Changes
Andri Yngvason (69):
Remove _clang-format
Add a CONTRIBUTING.md
.github: Add a pull request template
test: pixels: Use unsigned numeric literals
test: pixels: Revert accidental change
Turn stream into abstract interface class
stream: Add a cork to pause sending
Implement websocket
Add NTP inspired latency tracking and time sync
stream: Add exec_and_send function
server: Use stream_exec_and_send for ntp
server: Reduce SO_SNDBUF to 4096
stream-tcp: EAGAIN is not an error
stream: Add a TODO about cleaning up struct
stream-gnutls: Fix use after free
stream-gnutls: Handle EAGAIN correctly
server: Set SO_SNDBUF to 65536
meson: Ignore format-truncation warnings
ws-handshake: Handle protocol & version fields
stream-ws: Sanitise handshake input
http: Remove unused code
http: Re-order includes
http: Stop memory leak in failure path
http: Only support GET method
stream: Move tls specific member into tls impl
stream: Allocate enough for tls upgrade
server: Actually send a reason when handshake fails
server: Defer client_unref in close_after_write
Add abstract interface for low level crypto
stream: Integrate cipher
Implement Apple's Diffie-Hellman based security type 30
crypto: Add RSA and AES-EAX
crypto: Integrate message handling into cipher
Implement RSA-AES
Add temporary api function to enable auth without tls
stream-ws: Inherit stream-tcp
stream-ws: Clean up exec-and-send resources
Create dedicated RSA-AES stream
crypto: Add helper functions for hashing
server: Use hash_{one,many}
crypto: Add AES256-EAX cipher
crypto: Remove unused code
crypto: Add sha256
server: Define rsa-aes server key length constant
crypto: Make deleting NULL pointers noop
server: Clean up crypto resources on disconnect
Implement RSA-AES-256 security type
Add base64 encoder & decoder
ws-handshake: Use own base64 and SHA1 implementations
Export base64 encoder and decoder
crypto: Add method to import RSA private keys
API: Add method to set RSA credentials
server: Allow arbitrary RSA key length
Remove logging of sensitive information
API: Consolidate setup of security constraints
websocket: Add some missing copyright notices
Replace strlcpy with strncpy
Notify client about NTP support
server: Use memcpy instead of strncpy for username/password
stream: rsa-aes: Unref payload after encoding
Revert "Export base64 encoder and decoder"
server: Use uint32_t for security result failure path
damage-refinery: Replace murmurhash with XXH3
crypto-nettle: Fix use after free
server: Free RSA creds on close
server: Defer cleaning up client resources on close
damage-refinery: Use scalar xxh3 implementation
MazTheMan (2):
Implement 24 bit pixel formats for raw and tight
zrle: fix for source format of 24 bits
Philipp Zabel (3):
Implement desktop resizing
examples: draw: Demonstrate desktop resizing
meson: Fix Meson warning about missing check kwarg in run_command() calls
v0.6.0
Highlights
- The client now has control over h264 quality settings
- Left & right scrolling is now supported
- A custom framebuffer allocator function can now be assigned
- The following functions have been added
- A function for querying client side cursor support
- A function to get the hostname of a connected client
- A function to get the credentials of an authenticated client
- A function for listing connected clients
- A function for disconnecting a client
Bug fixes
- A race condition when a client tries to resize the display before it has an encoder
- Cursor buffers are now freed on close
- Various race conditions in encoders
- Spurious exits due to
SIGPIPE - Occasional leaked buffers when clients disconnect
- Clients no longer linger on exit with TLS
Changes
Andri Yngvason (36):
Fix jpeg quality setting
h264: Set quality according to client's wishes
stream: Remove stray ampersand in tls handshake failure code path
Add constants for left and right scroll
README: Remove client compatibility table
README: Reorder dependencies
README: Upgrade dependency list
examples: draw: Fix cursor setter argument order
resampler: Use transformed width as destination stride
Revert "h264-encoder: Add 30 bit color depth formats"
server: Fix encoding selection for sw frames
h264-encoder: Set async_depth=1
tight: Disable chroma subsampling at q=9
server: Replace abort() with NVNC_LOG_PANIC
Add debug logging for tcp address binding
meson: Ack aml API changes
fb-pool: Add setter for fb allocator
server: Free cursor buffers on close
Reference count encoders
server: Make encoder inert when closing client
tight: Keep reference to encoder while encoding
raw: Keep reference to encoder while encoding
zrle: Keep reference to encoder while encoding
stream: Use MSG_NOSIGNAL
raw: Unref result in destroy
zrle: Unref result in destroy
Remove push/pull encoder interface
raw: Fix worker data dependencies
server: Properly handle stream write errors
enc-util: Add function to calculate region area
raw: Allocate conservatively sized buffers
Add functions for listing clients
Pass nvnc_client to cut-text callback
meson: Set default warning level to 2
meson: Require specific version of aml
Release v0.6.0
Jeroen Hofstee (1):
don't resize an encoder if it is not set
Jim Ramsay (3):
Record hostname for each connected client
Record authenticated username for each connected client
Add nvnc_client_close API
Philipp Zabel (4):
Allow to query client-side cursor support
Only set HAVE_LIBAVUTIL if libav is actually used
Fix fallthrough warnings in murmurhash
stream: Fix remote closing TLS connection