Merge branch 'sunweaver-pr/proxy-to-proxy-over-unix-socket' into 3.6.x

doc/examples/run-nxagent-over-sockets

+#!/bin/bash
+
+#/**************************************************************************/
+#/*                                                                        */
+#/* Copyright (c) 2001, 2011 NoMachine, http://www.nomachine.com/.         */
+#/* Copyright (c) 2015-2016 Mike Gabriel <mike.gabriel@das-netzwerkteam.de>*/
+#/*                                                                        */
+#/* NXSCRIPTS, NX protocol compression and NX extensions to this software  */
+#/* are copyright of NoMachine. Redistribution and use of the present      */
+#/* software is allowed according to terms specified in the file LICENSE   */
+#/* which comes in the source distribution.                                */
+#/*                                                                        */
+#/* Check http://www.nomachine.com/licensing.html for applicability.       */
+#/*                                                                        */
+#/* NX and NoMachine are trademarks of Medialogic S.p.A.                   */
+#/*                                                                        */
+#/* All rights reserved.                                                   */
+#/*                                                                        */
+#/**************************************************************************/
+
+#
+# Uncomment this to enable echo.
+#
+#set -x
+#
+
+ulimit -c unlimited
+
+NXPROXYBIN=nxproxy
+NXAGENTBIN=nxagent
+
+
+NX_PORT=7
+
+NX_SYSTEM=${HOME}/.nx
+
+NX_ROOT=${HOME}/.nx
+
+#
+# This should be randlomly generated.
+#
+#NX_COOKIE=`xauth list |grep "${HOSTNAME}/unix:\<${NX_PORT}\>" | grep MIT | cut -f 5 -d ' '`
+NX_COOKIE=123efa980d2cba234ef6f73deac810ff
+
+#
+# Create the directories for the NX session.
+#
+
+rm -rf ${NX_ROOT}/C-${NX_PORT} || exit
+mkdir -p ${NX_ROOT}/C-${NX_PORT} || exit
+
+rm -rf ${HOME}/.nx/S-${NX_PORT} || exit
+mkdir -p ${HOME}/.nx/S-${NX_PORT} || exit
+
+#
+# Set the path to libraries and NX executables.
+#
+
+LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${HOME}/NX/nxcomp:${HOME}/NX/nxcompext:${HOME}/NX/nx-X11/exports/lib"
+export LD_LIBRARY_PATH
+
+PATH="${PATH}:${HOME}/NX/nxclient/nxclient:${HOME}/NX/nx-X11/programs/Xserver/"
+export PATH
+
+#
+# Create the fake cookie for this display.
+#
+
+echo -ne "Creating the X authorization cookie.\n"
+
+xauth add ${HOSTNAME}/unix:${NX_PORT} MIT-MAGIC-COOKIE-1 ${NX_COOKIE}
+xauth add ${HOSTNAME}:${NX_PORT} MIT-MAGIC-COOKIE-1 ${NX_COOKIE}
+
+function urlencode() {
+
+  echo "$(perl -MURI::Escape -e 'print uri_escape($ARGV[0]);' "$1")"
+
+}
+
+#
+# Options are written in a file 'options' in the session
+# directory. The agent will use the DISPLAY settings, so
+# we pass in the DISPLAY the name of the options file.
+#
+# cache=8M,images=32M,link=modem,type=unix-kde,cleanup=0,
+# accept=62.98.198.1,cookie=$NX_COOKIE,
+# id=giulietta.nomachine.com-1098-6A4649FD0FCA57FAC275AF3F1C45B10F,
+# media=1:1098
+#
+
+NX_HOST=nx/nx,cache=8192k,link=modem,menu=1,keybd=1,samba=0,cups=0,limit=0,\
+listen=$(urlencode "unix:${NX_SYSTEM}/C-${NX_PORT}/proxy.socket"),cookie=$NX_COOKIE,errors=${NX_ROOT}/C-${NX_PORT}/session
+
+echo "${NX_HOST}:${NX_PORT}" >${NX_ROOT}/C-${NX_PORT}/options
+
+#
+# Run the agent. if you don't have a font server running,
+# remove the argument "-fp unix/:7100"
+#
+
+NX_AGENT=:${NX_PORT}
+
+echo -ne "Running the X client side NX agent.\n"
+
+SAVED_DISPLAY=$DISPLAY
+
+DISPLAY=nx/nx,options=${NX_ROOT}/C-${NX_PORT}/options:${NX_PORT} 
+export DISPLAY
+
+#valgrind -v --num-callers=8 --error-limit=no --trace-children=no \
+#valgrind --num-callers=8 --tool=memcheck --leak-check=yes --show-reachable=yes --track-fds=yes \
+#ldd ${NXAGENTBIN}
+${NXAGENTBIN} -name 'NX' -geometry 800x600+100+100 "$@" \
+${NX_AGENT} 2>>${NX_ROOT}/C-${NX_PORT}/session &
+
+#
+# The X server side proxy will forward the connection
+# to the original DISPLAY.
+#
+
+DISPLAY=$SAVED_DISPLAY
+export DISPLAY
+
+#
+# These are the nxproxy options used to run a typical session.
+#
+# cookie=$NX_COOKIE,root=/home/pinzari/.nx,media=32824,
+# session=kde_on_giulietta,id=giulietta.nomachine.com-1098-6A4649FD0FCA57FAC275AF3F1C45B10F,
+# connect=giulietta.nomachine.com:1098
+#
+
+#NX_HOST=nx/nx,keybd=1,samba=1,cups=1,connect=localhost,cookie=$NX_COOKIE,errors=${NX_ROOT}/S-${NX_PORT}/session
+NX_HOST=nx/nx,keybd=1,samba=0,cups=0,connect=$(urlencode "unix:${NX_SYSTEM}/C-${NX_PORT}/proxy.socket"),cookie=$NX_COOKIE,errors=${NX_ROOT}/S-${NX_PORT}/session
+
+echo "${NX_HOST}:${NX_PORT}" >${NX_ROOT}/S-${NX_PORT}/options
+
+echo -ne "Running the X server side NX proxy.\n"
+
+#valgrind -v --num-callers=8 --error-limit=no --trace-children=no \
+#valgrind --num-callers=8 --tool=memcheck --leak-check=yes --show-reachable=yes --track-fds=yes \
+#ldd ${NXPROXYBIN}
+${NXPROXYBIN} -S nx/nx,options=${NX_ROOT}/S-${NX_PORT}/options:${NX_PORT} \
+2>>${HOME}/.nx/S-${NX_PORT}/session &
+
+echo -ne "Session running on display :$NX_PORT.\n"
+

doc/examples/run-nxproxy2nxproxy-over-sockets

+#!/bin/bash
+
+set -ex
+
+#/**************************************************************************/
+#/*                                                                        */
+#/* Copyright (c) 2001, 2011 NoMachine, http://www.nomachine.com/.         */
+#/* Copyright (c) 2015-2016 Mike Gabriel <mike.gabriel@das-netzwerkteam.de>*/
+#/*                                                                        */
+#/* NXSCRIPTS, NX protocol compression and NX extensions to this software  */
+#/* are copyright of NoMachine. Redistribution and use of the present      */
+#/* software is allowed according to terms specified in the file LICENSE   */
+#/* which comes in the source distribution.                                */
+#/*                                                                        */
+#/* Check http://www.nomachine.com/licensing.html for applicability.       */
+#/*                                                                        */
+#/* NX and NoMachine are trademarks of Medialogic S.p.A.                   */
+#/*                                                                        */
+#/* All rights reserved.                                                   */
+#/*                                                                        */
+#/**************************************************************************/
+
+#
+# Uncomment this to enable echo.
+#
+# set -x
+#
+
+ulimit -c unlimited
+
+NX_PORT=6
+
+NX_SYSTEM=${HOME}/.nx
+
+NX_ROOT=${HOME}/.nx
+
+mkdir -p "${NX_ROOT}"
+
+#
+# This should be randlomly generated.
+#
+
+NX_COOKIE=`xauth -n list |grep "${HOSTNAME}/unix:${NX_PORT}" | grep MIT | cut -f 5 -d ' ' | head -n1`
+if [ -z "$NX_COOKIE" ]; then
+	NX_COOKIE=`mcookie`
+fi
+
+#
+# Create the directories for the NX session.
+#
+
+rm -rf ${NX_ROOT}/C-${NX_PORT} || exit
+mkdir -p ${NX_ROOT}/C-${NX_PORT} || exit
+
+rm -rf ${HOME}/.nx/S-${NX_PORT} || exit
+mkdir -p ${HOME}/.nx/S-${NX_PORT} || exit
+
+#
+# Set the path to libraries and NX executables.
+#
+
+LD_LIBRARY_PATH="${LD_LIBRARY_PATH}:${HOME}/NX/nxcomp:${HOME}/NX/nxcompext:${HOME}/NX/nx-X11/exports/lib"
+export LD_LIBRARY_PATH
+
+PATH="${PATH}:${HOME}/NX/nxclient/nxclient:${HOME}/NX/nx-X11/programs/Xserver/"
+export PATH
+
+#
+# Create the fake cookie for this display.
+#
+
+echo -ne "Creating the X authorization cookie.\n"
+
+xauth add ${HOSTNAME}/unix:${NX_PORT} MIT-MAGIC-COOKIE-1 ${NX_COOKIE}
+xauth add ${HOSTNAME}:${NX_PORT} MIT-MAGIC-COOKIE-1 ${NX_COOKIE}
+
+function urlencode() {
+
+  echo "$(perl -MURI::Escape -e 'print uri_escape($ARGV[0]);' "$1")"
+
+}
+
+#
+# Options are written in a file 'options' in the session
+# directory. The agent will use the DISPLAY settings, so
+# we pass in the DISPLAY the name of the options file.
+#
+# cache=8M,images=32M,link=modem,type=unix-kde,cleanup=0,
+# accept=62.98.198.1,cookie=$NX_COOKIE,
+# id=giulietta.nomachine.com-1098-6A4649FD0FCA57FAC275AF3F1C45B10F,
+# media=1:1098
+#
+
+#NX_HOST=nx/nx,link=lan,pack=no-pack,keybd=1,samba=1,cups=1,limit=0,\
+#accept=127.0.0.1,cookie=$NX_COOKIE,errors=${NX_ROOT}/C-${NX_PORT}/session
+
+#NX_HOST=nx/nx,link=lan,pack=16m-jpeg-9,keybd=1,samba=1,cups=1,limit=0,\
+#accept=127.0.0.1,cookie=$NX_COOKIE,errors=${NX_ROOT}/C-${NX_PORT}/session
+
+#NX_HOST=nx/nx,cache=8192k,link=modem,keybd=1,samba=1,cups=1,limit=0,\
+#connect=127.0.0.1,cookie=$NX_COOKIE,errors=${NX_ROOT}/C-${NX_PORT}/session
+
+#NX_HOST=nx/nx,link=lan,pack=16m-jpeg-9,keybd=1,samba=1,cups=1,limit=0,\
+#accept=127.0.0.1,cookie=$NX_COOKIE,errors=${NX_ROOT}/C-${NX_PORT}/session
+
+NX_HOST=nx/nx,link=lan,pack=16m-jpeg-9,keybd=1,samba=1,cups=1,limit=0,\
+listen=$(urlencode "unix:${NX_SYSTEM}/C-${NX_PORT}/proxy.socket"),cookie=$NX_COOKIE,errors=${NX_ROOT}/C-${NX_PORT}/session
+
+echo "${NX_HOST}:${NX_PORT}" >${NX_ROOT}/C-${NX_PORT}/options
+
+#
+# Run the local proxy impersonating the X display.
+#
+
+echo -ne "Running the X client side NX proxy.\n"
+
+#valgrind -v --num-callers=8 --error-limit=no --trace-children=no \
+#valgrind --tool=memcheck --track-fds=yes \
+nxproxy -C nx/nx,options=${NX_ROOT}/C-${NX_PORT}/options:${NX_PORT} \
+2>>${HOME}/.nx/C-${NX_PORT}/session &
+
+#
+# The X server side proxy will forward the connection
+# to the original DISPLAY.
+#
+
+#
+# These are the nxproxy options used to run a typical session.
+#
+# cookie=$NX_COOKIE,root=/home/pinzari/.nx,media=32824,
+# session=kde_on_giulietta,id=giulietta.nomachine.com-1098-6A4649FD0FCA57FAC275AF3F1C45B10F,
+# connect=giulietta.nomachine.com:1098
+#
+
+NX_HOST=nx/nx,keybd=1,samba=1,cups=1,connect=$(urlencode "unix:${NX_SYSTEM}/C-${NX_PORT}/proxy.socket"),cookie=$NX_COOKIE,errors=${NX_ROOT}/S-${NX_PORT}/session
+
+echo "${NX_HOST}:${NX_PORT}" >${NX_ROOT}/S-${NX_PORT}/options
+
+echo -ne "Running the X server side NX proxy.\n"
+
+#cachegrind -v --dumps=100000000 \
+#cachegrind -v \
+#valgrind -v --leak-check=yes --leak-resolution=high --show-reachable=yes \
+#            --show-reachable=yes --suppressions=nxproxy/nxproxy.supp \
+#            --weird-hacks=lax-ioctls --num-callers=8 --logfile-fd=2 \
+nxproxy -S nx/nx,options=${NX_ROOT}/S-${NX_PORT}/options:${NX_PORT} \
+2>>${HOME}/.nx/S-${NX_PORT}/session &
+
+echo -ne "Session running on display :$NX_PORT.\n"
+

nxcomp/ChannelEndPoint.cpp

@@ -24,6 +24,7 @@
 #include <string.h>
 #include <stdlib.h>
 #include <stdio.h>
+#include <sys/stat.h>
 
 #include "ChannelEndPoint.h"
 
@@ -31,8 +32,21 @@
 
 ChannelEndPoint::ChannelEndPoint(const char *spec)
   : defaultTCPPort_(0), defaultTCPInterface_(0),
-    defaultUnixPath_(NULL) {
-  spec_ = (spec ? strdup(spec) : NULL);
+    defaultUnixPath_(NULL), spec_(NULL) {
+  setSpec(spec);
+}
+
+ChannelEndPoint::~ChannelEndPoint()
+{
+  char *unixPath = NULL;
+
+  if (getUnixPath(&unixPath))
+  {
+    struct stat st;
+    lstat(unixPath, &st);
+    if(S_ISSOCK(st.st_mode))
+      unlink(unixPath);
+  }
 }
 
 void
@@ -40,21 +54,92 @@ ChannelEndPoint::setSpec(const char *spec) {
   if (spec_) free(spec_);
 
   if (spec && strlen(spec))
+  {
     spec_ = strdup(spec);
+    isUnix_ = getUnixPath();
+    isTCP_ = getTCPHostAndPort();
+  }
   else
+  {
     spec_ = NULL;
+    isUnix_ = false;
+    isTCP_ = false;
+  }
 }
 
 void
-ChannelEndPoint::setSpec(int port) {
+ChannelEndPoint::setSpec(long port) {
   if (port >= 0) {
     char tmp[20];
-    sprintf(tmp, "%d", port);
+    sprintf(tmp, "%ld", port);
     setSpec(tmp);
   }
+  else {
+    disable();
+  }
+}
+
+void
+ChannelEndPoint::setSpec(const char *hostName, long port) {
+  int length;
+
+  if (spec_) free(spec_);
+  isUnix_ = false;
+  isTCP_ = false;
+
+  if (hostName && strlen(hostName) && port >= 1)
+  {
+    length = snprintf(NULL, 0, "tcp:%s:%ld", hostName, port);
+    spec_ = (char *)calloc(length + 1, sizeof(char));
+    snprintf(spec_, length+1, "tcp:%s:%ld", hostName, port);
+    isTCP_ = true;
+  }
   else setSpec((char*)NULL);
 }
 
+bool
+ChannelEndPoint::getSpec(char **socketUri) const {
+
+  if (socketUri) *socketUri = NULL;
+
+  char *unixPath = NULL;
+  char *hostName = NULL;
+  long port = -1;
+
+  char *newSocketUri = NULL;
+  int length = -1;
+
+  if (getUnixPath(&unixPath))
+  {
+    length = snprintf(NULL, 0, "unix:%s", unixPath);
+  }
+  else if (getTCPHostAndPort(&hostName, &port))
+  {
+    length = snprintf(NULL, 0, "tcp:%s:%ld", hostName, port);
+  }
+
+  if (length > 0)
+  {
+    newSocketUri = (char *)calloc(length + 1, sizeof(char));
+    if (isUnixSocket())
+      snprintf(newSocketUri, length+1, "unix:%s", unixPath);
+    else
+      snprintf(newSocketUri, length+1, "tcp:%s:%ld", hostName, port);
+
+    if (socketUri)
+      *socketUri = strdup(newSocketUri);
+  }
+
+  free(newSocketUri);
+  free(unixPath);
+  free(hostName);
+
+  if (*socketUri != '\0')
+    return true;
+
+  return false;
+}
+
 void
 ChannelEndPoint::setDefaultTCPPort(long port) {
   defaultTCPPort_ = port;
@@ -76,10 +161,12 @@ ChannelEndPoint::setDefaultUnixPath(char *path) {
 }
 
 void
-ChannelEndPoint::disable() { setSpec("0"); }
+ChannelEndPoint::disable() {
+  setSpec("0");
+}
 
 bool
-ChannelEndPoint::specIsPort(long *port) const {
+ChannelEndPoint::getPort(long *port) const {
   if (port) *port = 0;
   long p = -1;
   if (spec_) {
@@ -101,7 +188,7 @@ ChannelEndPoint::getUnixPath(char **unixPath) const {
   long p;
   char *path = NULL;
 
-  if (specIsPort(&p)) {
+  if (getPort(&p)) {
     if (p != 1) return false;
   }
   else if (spec_ && (strncmp("unix:", spec_, 5) == 0)) {
@@ -122,6 +209,11 @@ ChannelEndPoint::getUnixPath(char **unixPath) const {
   return true;
 }
 
+bool
+ChannelEndPoint::isUnixSocket() const {
+  return isUnix_;
+}
+
 // FIXME!!!
 static const char *
 getComputerName() {
@@ -158,7 +250,7 @@ ChannelEndPoint::getTCPHostAndPort(char **host, long *port) const {
   if (host) *host = NULL;
   if (port) *port = 0;
 
-  if (specIsPort(&p)) {
+  if (getPort(&p)) {
     h_len = 0;
   }
   else if (spec_ && (strncmp("tcp:", spec_, 4) == 0)) {
@@ -194,8 +286,8 @@ ChannelEndPoint::getTCPHostAndPort(char **host, long *port) const {
 }
 
 bool
-ChannelEndPoint::enabled() const {
-  return (getUnixPath() || getTCPHostAndPort());
+ChannelEndPoint::isTCPSocket() const {
+  return isTCP_;
 }
 
 long ChannelEndPoint::getTCPPort() const {
@@ -205,8 +297,15 @@ long ChannelEndPoint::getTCPPort() const {
 }
 
 bool
+ChannelEndPoint::enabled() const {
+  return (isUnixSocket() || isTCPSocket());
+}
+
+bool
 ChannelEndPoint::validateSpec() {
-  return (specIsPort() || getUnixPath() || getTCPHostAndPort());
+  isTCP_ = getTCPHostAndPort();
+  isUnix_ = getUnixPath();
+  return ( getPort() || isUnix_ || isTCP_ );
 }
 
 ChannelEndPoint &ChannelEndPoint::operator=(const ChannelEndPoint &other) {
@@ -219,26 +318,24 @@ ChannelEndPoint &ChannelEndPoint::operator=(const ChannelEndPoint &other) {
   old = spec_;
   spec_ = (other.spec_ ? strdup(other.spec_) : NULL);
   free(old);
+  isUnix_ = getUnixPath();
+  isTCP_ = getTCPHostAndPort();
   return *this;
 }
 
 std::ostream& operator<<(std::ostream& os, const ChannelEndPoint& endPoint) {
   if (endPoint.enabled()) {
-    char *unixPath, *host;
-    long port;
-    if (endPoint.getUnixPath(&unixPath)) {
-      os << "unix:" << unixPath;
-      free(unixPath);
+    char* endPointSpec = NULL;
+    if (endPoint.getSpec(&endPointSpec))
+    {
+      os << endPointSpec;
+      free(endPointSpec);
     }
-    else if (endPoint.getTCPHostAndPort(&host, &port)) {
-      os << "tcp:" << host << ":" << port;
-      free(host);
-    }
-    else {
+    else
       os << "(invalid)";
-    }
   }
-  else {
+  else
+  {
     os << "(disabled)";
   }
   return os;

nxcomp/ChannelEndPoint.h

@@ -33,25 +33,32 @@ class ChannelEndPoint
   int defaultTCPInterface_; // 0=localhost, otherwise IP of public interface.
   char *defaultUnixPath_;
   char *spec_;
+  bool isUnix_;
+  bool isTCP_;
 
-  bool specIsPort(long *port = NULL) const;
+  bool getPort(long *port = NULL) const;
 
  public:
   ChannelEndPoint(const char *spec = NULL);
+  ~ChannelEndPoint();
   ChannelEndPoint &operator=(const ChannelEndPoint &other);
 
   bool enabled() const;
   bool disabled() { return !enabled(); }
   void disable();
   void setSpec(const char *spec);
-  void setSpec(int port);
+  void setSpec(long port);
+  void setSpec(const char *hostName, long port);
+  bool getSpec(char **socketUri) const;
   void setDefaultTCPPort(long port);
   void setDefaultTCPInterface(int publicInterface);
   void setDefaultUnixPath(char *path);
 
   bool getUnixPath(char **path = NULL) const;
+  bool isUnixSocket() const;
   bool getTCPHostAndPort(char **hostname = NULL, long *port = NULL) const;
   long getTCPPort() const;
+  bool isTCPSocket() const;
 
   bool validateSpec();
 };