[fix](ui): Adjust SSL references to say 'TLS' as well

This fixes #898.

Signed-off-by: Dom Rodriguez <shymega@shymega.org.uk>

.editorconfig

@@ -0,0 +1,9 @@
+root = true
+
+[*]
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+indent_style = space
+indent_size = 4

.github/ISSUE_TEMPLATE.md

@@ -1,30 +0,0 @@
-### Operating Systems ###
-
-Server: microOS Tiara
-
-Client: Applesoft Windy OS 10
-
-**READ ME, DELETE ME**: On Windows, hold the Windows key and press 'r', type 'winver' and hit return to get your OS version. On Mac, hit the Apple menu (top left of the screen) and check 'About this Mac'. Linux users... you know what you're using ;)
-
-### Barrier Version ###
-
-1.9.π
-
-**READ ME, DELETE ME**: Go to the 'Help' (on Windows) or 'Barrier' (on macOS) menu and then 'About Barrier' to check your version. Verify that you are using the same version across all of your machines, and that your issue still occurs with the latest release available at https://github.com/debauchee/barrier/
-
-### Steps to reproduce bug ###
-
-**READ ME, DELETE ME**: Try to be succinct. If your bug is intermittent, try and describe what you're doing when it happens most.
-
-1. Click things.
-2. Type things.
-3. Bug occurs.
-4. ... 
-
-### Other info ###
-
-* When did the problem start to occur? When I...
-* Is there a way to work around it? No/Yes, you can...
-* Does this bug prevent you from using Barrier entirely? Yes/No
-
-Put anything else you can think of here.

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,36 @@
+---
+name: Bug report
+about: Please fill in this template as much as you can, to help us, help you.
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+Please do not link to image hosting sites, as these can be ephemeral. Instead, attach them to the issue. 
+
+**Desktop (please complete the following information):**
+
+ - OS: [e.g. Windows]
+- Barrier version [e.g 2.3.3]
+
+**Additional context**
+
+Add any other context about the problem here.

.github/workflows/stale.yml

@@ -0,0 +1,30 @@
+name: Mark stale issues and pull requests
+
+on:
+  schedule:
+  - cron: "00 0 * * *"
+
+jobs:
+  stale:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/stale@v3
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+
+        stale-issue-message: "Is this issue still an issue for you? Please do comment and let us know! Alternatively, you may close the issue yourself if it is no longer an problem"
+        stale-pr-message: "Is this PR still being worked on? Please do comment and let us know! Alternatively, you may close the PR yourself if you no longer wish to work on the PR."
+
+        close-issue-message: "This issue will now be closed due to inactivty. It may be reopened if the demand indicates it should be."
+        close-pr-message: "This PR will now be closed due to inactivty. It may be reopened if the demand indicates it should be."
+
+        days-before-stale: 182
+        days-before-close: -1
+
+        stale-issue-label: "no-issue-activity"
+        stale-pr-label: "no-pr-activity"
+
+        exempt-issue-labels: "work-in-progress,security,critical"
+        exempt-pr-labels: "awaiting-approval,work-in-progress"

Build.properties

@@ -3,5 +3,5 @@
 #
 BARRIER_VERSION_MAJOR = 2
 BARRIER_VERSION_MINOR = 3
-BARRIER_VERSION_PATCH = 4
-BARRIER_VERSION_STAGE = snapshot
+BARRIER_VERSION_PATCH = 3
+BARRIER_VERSION_STAGE = release

CMakeLists.txt

@@ -20,6 +20,8 @@ project (barrier C CXX)
 
 option (BARRIER_BUILD_GUI "Build the GUI" ON)
 option (BARRIER_BUILD_INSTALLER "Build the installer" ON)
+option (BARRIER_BUILD_TESTS "Build the tests" ON)
+option (BARRIER_USE_EXTERNAL_GTEST "Use external installation of Google Test framework" OFF)
 
 set (CMAKE_EXPORT_COMPILE_COMMANDS ON)
 set (CMAKE_CXX_STANDARD 14)
@@ -49,7 +51,6 @@ else()
 endif()
 
 set (libs)
-include_directories (BEFORE SYSTEM ./ext/gtest/include)
 
 if (UNIX)
     if (NOT APPLE)

RELEASING.md

@@ -1,59 +0,0 @@
-Creating a release
-==================
-
-This document is documentation intednded for maintainers of Barrier.
-It documents the release process of Barrier.
-
-Step 1: Setup environment variables
------------------------------------
-
-Setup the following environment variable that will be used throughout the rest of the steps.
-
-    export VERSION=X.Y.Z
-
-Step 2: Release notes PR
-------------------------
-
-Open a new branch (e.g. `release`) and run the following:
-
-    towncrier --version ${VERSION} --date `date -u  +%F`
-
-This collects the release notes using the `towncrier` tool. Please commit the collected release
-notes afterwards.
-
-Certain file names are not properly supported by the `towncrier` tool and it ignores them.
-Check `newsfragments` directory for any forgotten release notes
-
-Step 3: Merge the release notes PR
-----------------------------------
-
-Step 4: Push git tag
---------------------
-
-Pull the merge commit created on the `master` branch during the step 2.
-
-Create a tag:
-
-    git tag -s v${VERSION} -m v${VERSION}
-
-Push the tag:
-
-    git push origin master --tags
-
-
-Step 5: Draft a new release on Github
--------------------------------------
-
-Go to https://github.com/buildbot/buildbot/releases and draft a new release.
-
-Use git tag as the title of the release: `vX.Y.Z`.
-
-Use the release notes generated by the `towncrier` tool as the description of the releases.
-
-Upload the artifacts created by Azure pipelines as the binaries of the release. The following
-artifacts should be uploaded to Github:
-
- - the Barrier-X.Y.Z-release.dmg created by the oldest Mac OS task (artifact name is
-   "Mac Release Disk Image and App XYZ").
-
- - the BarrierSetup-X.Y.Z-release.exe (artifact name is Windows Release Installer).

azure-pipelines.yml

@@ -63,15 +63,9 @@ jobs:
         artifactName: Windows Release Installer
 
 - job: LinuxBuild
-  strategy:
-    matrix:
-      ubuntu-18.04:
-        imageName: 'ubuntu-18.04'
-      ubuntu-20.04:
-        imageName: 'ubuntu-20.04'
   displayName: Linux Build
   pool:
-    vmImage: $(imageName)
+    vmImage: 'ubuntu-16.04'
   steps:
     - script: sudo apt-get update -y
     - script: sudo apt-get install -y libxtst-dev qtdeclarative5-dev libavahi-compat-libdnssd-dev libcurl4-openssl-dev
@@ -81,22 +75,13 @@ jobs:
 
 - job: MacBuild
   displayName: Mac Build
+  pool:
+    vmImage: 'macOS-10.14'
   strategy:
     matrix:
-      big-sur-Release:
-          imageName: "macOS-11"
-          B_BUILD_TYPE: Release
-          BARRIER_VERSION_STAGE: Release
-      catalina-Release:
-          imageName: "macOS-10.15"
-          B_BUILD_TYPE: Release
-          BARRIER_VERSION_STAGE: Release
-      mojave-Release:
-          imageName: "macOS-10.14"
-          B_BUILD_TYPE: Release
-          BARRIER_VERSION_STAGE: Release
-  pool:
-    vmImage: $(imageName)
+      Release:
+        B_BUILD_TYPE: Release
+        BARRIER_VERSION_STAGE: Release
   variables:
     VERBOSE: 1
     TERM: xterm-256color
@@ -114,4 +99,4 @@ jobs:
       condition: eq(variables['B_BUILD_TYPE'], 'Release')
       inputs:
         pathtoPublish: build/bundle
-        artifactName: Mac Release Disk Image and App $(imageName)
+        artifactName: Mac Release Disk Image and App

cmake/Version.cmake

@@ -2,7 +2,7 @@ cmake_minimum_required (VERSION 3.4)
 
 set (BARRIER_VERSION_MAJOR 2)
 set (BARRIER_VERSION_MINOR 3)
-set (BARRIER_VERSION_PATCH 4)
+set (BARRIER_VERSION_PATCH 3)
 set (BARRIER_VERSION_STAGE "release")
 
 #

debian/changelog

@@ -1,3 +1,155 @@
+barrier (2.3.3) UNRELEASED; urgency=medium
+
+  [ Aaron Bieber ]
+  * tell build system about openbsd
+
+  [ Tetja Rediske ]
+  * make non-gui variants build without avahi
+
+  [ Erik Nordstrøm ]
+  * Replace hard-coded names of build directory in build_installer.sh script for macOS with looking at the location of the script by the script itself when it is run. This makes it possible to have differently named build dirs for debug and release builds, and without restricting what each of those directories must be named.
+  * Remove shell script that changes directory and then executes barrier on macOS, and execute barrier directly instead.
+  * Add settings in the Info.plist file that enable high-DPI support on macOS.
+
+  [ Daniel Seither ]
+  * Remove unused variables
+  * IpcLogOutputter: Put member initializers in execution order
+  * OSXDragView: Get rid of uninitialized variable warning
+  * Add override specifiers
+  * Let tray image blend into macOS menu bar
+
+  [ Vasily Galkin ]
+  * Man page: fix incorrect name of user conf file in barriers.1
+
+  [ Keegan Quinn ]
+  * Cast values to fix build errors on OS X 10.11.
+
+  [ Maximiliano Bertacchini ]
+  * Update readme with mention of the snap package.
+
+  [ Javier Candeira ]
+  * Fix #503 - Clarify on README how to report issues
+
+  [ Micael Jarniac ]
+  * Build status badges added to a table
+
+  [ Maximiliano Bertacchini ]
+  * Add build-essential to the snap's build deps.
+  * Explicitly disable wayland support in the snap.
+  * Add comment on snap env var
+
+  [ Vasily Galkin ]
+  * Fix infinite loop on fast TCP disconnection
+
+  [ Dom Rodriguez ]
+  * README: Add OpenBSD to list of supported OSes
+
+  [ Åke Engelbrektson ]
+  * Update gui_sv.ts
+
+  [ the-wes ]
+  * Add more detailed description of what Barrier does
+
+  [ James Le Cuirot ]
+  * Use -pthread flag and simplify pthread build logic
+  * Only require Qt5 when building the GUI
+
+  [ Tomáš Chvátal ]
+  * Fix desktop file Categories to match standard
+
+  [ Chris Simons ]
+  * Add script that uses macdeployqt instead of `reref_dylibs.sh` shell script to create the `.app` bundle
+  * Use `build_dist.sh` in CMake instead of `build_installer.sh` Have CMake always build a bundle, the `build_dist.sh` script will only build a dmg if the build type is "Release"
+  * Add warnings for users manually running `build_installer.sh` and `reref_dylibs.sh` manually
+  * Homebrew (Ruby) throws an error when it gets `SIGPIPE` from the `--max-count` on `grep`.
+  * added barrierc and barriers to macdeployqt targets
+  * Change MacOS Build Steps
+  * Fix TIS/TSM in logs
+  * Elevate XSocketAddressInUse to ERROR
+  * Allow selecting Fingerprint Qlabel
+  * replace tabs with spaces
+  * Change log level on several status messages (Fixes #652, Fixes #516)
+
+  [ Ben Plessinger ]
+  * A few more log cleanups
+
+  [ Vasily Galkin ]
+  * Remove unused IEventQueue::isEmpty() method to simplify code understanding
+
+  [ Povilas Kanapickas ]
+  * XWindowsEventQueueBuffer: Fix delays when waiting for new events
+
+  [ Jonathan Martens ]
+  * Fix Auto config missing hostname prompt #704
+
+  [ Vasily Galkin ]
+  * Windows 8+: make waiting for messages correspond to emptiness check
+
+  [ Povilas Kanapickas ]
+  * gui: Use enum class to scope enum values
+  * lib/client: Use std::string directly instead of String typedef
+  * lib/arch: Use std::string directly instead of String typedef
+  * lib/net: Use std::string directly instead of String typedef
+  * lib/server: Use std::string directly instead of String typedef
+  * lib/base: Use std::string directly instead of String typedef
+  * lib/ipc: Use std::string directly instead of String typedef
+  * lib/net: Add missing include
+  * lib/platform: Use std::string directly instead of String typedef
+  * test: Enable building of tests
+  * test: Reduce the number of implicit include directories
+  * test: Remove unresolved merge conflict markers
+  * test: Fix referenced library name
+  * test: Update to new APIs
+  * tests: Fix crash in XWindowsKeyStateTests
+  * test: Fix undefined behavior of deleting incomplete type
+  * tests: Disable test that depends on external state
+  * Use noexcept instead of exception specifications
+  * lib/common: Remove no longer used stdexcept.h
+
+  [ Jonathan Martens ]
+  * Make connection message a NOTE for consistency
+
+  [ zhexiwang ]
+  * Added toggleScreen function, using hot key to loop through all screens. Comparing to switchToScreen, it is more handy since the user only need to hit one hotkey.
+
+  [ GeorgH93 ]
+  * Fix build on Windows
+  * Keep errorlevel
+
+  [ Povilas Kanapickas ]
+  * Revert "Make connection message a NOTE for consistency"
+
+  [ Chris Simons ]
+  * add comments explaining the use of CLOG_PRINT
+
+  [ Dom Rodriguez ]
+  * Remove ext/gtest, ext/gmock to replace with Git submodule
+  * Add gtest/gmock framework, locked at 1.6.0
+  * Fix CI infrastructure (.bat/.sh) to initialise Git submodules before build
+
+  [ Maximiliano Bertacchini ]
+  * Fix snap build failing to initialize submodules.
+
+  [ Niklas Hambüchen ]
+  * ui: Settings: Explain what "double tap" means
+
+  [ Dom Rodriguez ]
+  * Prepare for v2.3.3 release
+
+  [ Maximiliano Bertacchini ]
+  * Shorten snap version on tagged revisions
+
+  [ Tomoya Tanjo ]
+  * Add Eisu_toggle and Muhenkan keys
+
+  [ Michael Zimmermann ]
+  * add support for keyboard backlight media keys
+
+  [ Dom Rodriguez ]
+  * [Build]: Bump Build.properties
+
+ -- root <root@873b8d543aab>  Fri, 07 Aug 2020 16:25:54 +0000
+
 barrier (2.3.2) disco; urgency=medium
 
   [ walker0643 ]

dist/macos/bundle/build_dist.sh.in

@@ -1,7 +1,7 @@
 #!/bin/sh
 
 # Use the same verbose variable as CMake
-[ "$VERBOSE" = "1" ] && set -x
+[ "$VERBOSE" == "1" ] && set -x
 
 # Exit on unset variables or pipe errors
 set -uo pipefail
@@ -14,10 +14,10 @@ B_BARRIERC="Barrier.app/Contents/MacOS/barrierc"
 B_BARRIERS="Barrier.app/Contents/MacOS/barriers"
 
 # Colorized output
-info() { tput bold; echo "$@"; tput sgr0 ; }
-error() { tput bold; tput setaf 1; echo "$@"; tput sgr0 ; }
-success() { tput bold; tput setaf 2; echo "$@"; tput sgr0 ; }
-warn() { tput bold; tput setaf 3; echo "$@"; tput sgr0 ; }
+function info() { tput bold; echo "$@" ; tput sgr0 ;}
+function error() { tput bold; tput setaf 1; echo "$@"; tput sgr0 ; }
+function success() { tput bold; tput setaf 2; echo "$@"; tput sgr0 ; }
+function warn() { tput bold; tput setaf 3; echo "$@"; tput sgr0 ; }
 
 info "Checking for bundle contents"
 if [ ! -d "Barrier.app/Contents" ]; then
@@ -40,7 +40,7 @@ if which -s port ; then
     info "MacPorts found, searching for macdeployqt"
     DEPLOYQT="$(port contents qt5-qttools | grep --only --max-count 1 '/.*macdeployqt')"
     if [ ! -x "$DEPLOYQT" ]; then
-        error "Please install package qt5-qttools"
+        error Please install package qt5-qttools
         exit 1
     fi
 fi
@@ -48,15 +48,15 @@ fi
 # Check for macdeployqt on Homebrew
 if which -s brew ; then
     info "Homebrew found, searching for macdeployqt"
-    DEPLOYQT="$(brew list qt@5 | grep --only '/.*macdeployqt' | head -1)"
+    DEPLOYQT="$(brew list qt | grep --only '/.*macdeployqt' | head -1)"
     if [ ! -x "$DEPLOYQT" ]; then
-        error "Please install package qt"
+        error Please install package qt
         exit 1
     fi
 fi
 
 # Use macdeployqt to include libraries and create dmg
-if [ "$B_BUILDTYPE" = "Release" ]; then
+if [ "$B_BUILDTYPE" == "Release" ]; then
     info "Building Release disk image (dmg)"
     "$DEPLOYQT" Barrier.app -dmg \
     -executable="$B_BARRIERC" \
@@ -70,4 +70,4 @@ else
     -executable="$B_BARRIERC" \
     -executable="$B_BARRIERS" || exit 1
     success "Bundle created successfully"
-fi
+fi

doc/barrierc.1

@@ -1,5 +1,5 @@
 .\" See UpdateManpages.txt about modification of this file. Most of it was generated by help2man 1.47.8.
-.TH BARRIERC "1" "November 2019" "barrierc 2.3.4-release" "User Commands"
+.TH BARRIERC "1" "November 2019" "barrierc 2.3.3-release" "User Commands"
 .SH NAME
 barrierc \- Barrier Keyboard/Mouse Client
 .SH SYNOPSIS

doc/barriers.1

@@ -1,5 +1,5 @@
 .\" See UpdateManpages.txt about modification of this file. Most of it was generated by help2man 1.47.8.
-.TH BARRIERS "1" "November 2019" "barriers 2.3.4-release" "User Commands"
+.TH BARRIERS "1" "November 2019" "barriers 2.3.3-release" "User Commands"
 .SH NAME
 barriers \- Barrier Keyboard/Mouse Server
 .SH SYNOPSIS

doc/newsfragments/README.md

@@ -1,13 +0,0 @@
-This is the directory for release note fragments processed by
-[towncrier](https://github.com/hawkowl/towncrier).
-
-When making a user-visible change create a file in this directory and it will be automatically be
-included into the release note document when the next release is published.
-
-The file extension specifies the type of a change. The following are currently supported:
-
- - .feature: a new feature.
- - .bugfix: a bug fix.
- - .security: a fix for security issue.
- - .doc: a documentation improvement.
- - .removal: a deprecation or removal of functionality.

doc/release_notes/index.md

@@ -1,32 +0,0 @@
-Release notes
-=============
-
-[comment]: <> (towncrier release notes start)
-
-Barrier `2.3.4` ( `2021-11-01` )
-================================
-
-Security fixes
---------------
-
-- Barrier will now correctly close connections when the app-level handshake fails (fixes CVE-2021-42075).
-
-  Previously repeated failing connections would leak file descriptors leading to Barrier being unable
-  to receive new connections from clients.
-
-- Barrier will now enforce a maximum length of input messages (fixes CVE-2021-42076).
-
-  Previously it was possible for a malicious client or server to send excessive length messages
-  leading to denial of service by resource exhaustion.
-
-- Fixed a bug which caused Barrier to crash when disconnecting a TCP session just after sending Hello message.
-  This bug allowed an unauthenticated attacker to crash Barrier with only network access.
-
-All of the above security issues have been reported by Matthias Gerstner who was really helpful
-resolving them.
-
-Bug fixes
----------
-
-- Fixed a bug in SSL implementation that caused invalid data occasionally being sent to clients
-  under heavy load.

doc/release_notes/index.template.jinja

@@ -1,37 +0,0 @@
-{% for section, _ in sections|dictsort(by='key') %}
-{% set underline = "-" %}
-{% if section %}
-{{section}}
-{{ underline * section|length }}{% set underline = "-" %}
-
-{% endif %}
-{% if sections[section] %}
-{% for category, val in definitions|dictsort if category in sections[section]%}
-
-{{ definitions[category]['name'] }}
-{{ underline * definitions[category]['name']|length }}
-
-{% if definitions[category]['showcontent'] %}
-{% for text, values in sections[section][category]|dictsort(by='value') %}
-- {{ text }}
-{% endfor %}
-{% else %}
-- {{ sections[section][category]['']|sort|join(', ') }}
-
-
-{% endif %}
-{% if sections[section][category]|length == 0 %}
-
-No significant changes.
-
-
-{% else %}
-{% endif %}
-{% endfor %}
-{% else %}
-
-No significant changes.
-
-
-{% endif %}
-{% endfor %}

osx_environment.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # Checks if directory exists, otherwise asks to install package.
-check_dir_exists() {
+function check_dir_exists() {
     local path=$1
     local package=$2
 
@@ -11,7 +11,7 @@ check_dir_exists() {
     fi
 }
 
-if [ -z "$BARRIER_BUILD_ENV" ]; then
+if [ ! $BARRIER_BUILD_ENV ]; then
     check_dir_exists '/Applications/Xcode.app' 'Xcode'
 
     printf "Modifying environment for Barrier build...\n"
@@ -29,15 +29,18 @@ if [ -z "$BARRIER_BUILD_ENV" ]; then
 
     elif command -v brew; then
         printf "Detected Homebrew\n"
-        QT_PATH=$(brew --prefix qt@5)
+        QT_PATH=$(brew --prefix qt)
+        OPENSSL_PATH=$(brew --prefix openssl)
 
-        check_dir_exists "$QT_PATH" 'qt5'
+        check_dir_exists "$QT_PATH" 'qt'
+        check_dir_exists "$OPENSSL_PATH" 'openssl'
 
         export BARRIER_BUILD_BREW=1
-        export CMAKE_PREFIX_PATH="/opt/procursus:$QT_PATH:$CMAKE_PREFIX_PATH"
-        export LD_LIBRARY_PATH="/opt/procursus/lib:$LD_LIBRARY_PATH"
-        export CPATH="/opt/procursus/include:$CPATH"
-        export PKG_CONFIG_PATH="/opt/procursus/lib/pkgconfig:$PKG_CONFIG_PATH"
+        export CMAKE_PREFIX_PATH="$QT_PATH:$CMAKE_PREFIX_PATH"
+        export LD_LIBRARY_PATH="$OPENSSL_PATH/lib:$LD_LIBRARY_PATH"
+        export CPATH="$OPENSSL_PATH/include:$CPATH"
+        export PKG_CONFIG_PATH="$OPENSSL_PATH/lib/pkgconfig:$PKG_CONFIG_PATH"
+
     else
         printf "Neither Homebrew nor Macports is installed. Can't get dependency paths\n"
         exit 1

snap/snapcraft.yaml

@@ -1,7 +1,7 @@
 name: barrier
 base: core18
 version: master
-version-script: git describe --tags --long | sed "s/^v//"
+version-script: git describe --tags | sed "s/^v//"
 adopt-info: appstream-flathub
 grade: stable # must be 'stable' to release into candidate/stable channels
 confinement: strict # use 'strict' once you have the right plugs and slots

src/CMakeLists.txt

@@ -19,7 +19,10 @@ include_directories (${CMAKE_CURRENT_BINARY_DIR}/lib)
 
 add_subdirectory(lib)
 add_subdirectory(cmd)
-add_subdirectory(test)
+
+if (BARRIER_BUILD_TESTS)
+    add_subdirectory(test)
+endif()
 
 if (BARRIER_BUILD_GUI)
     add_subdirectory(gui)

src/gui/CMakeLists.txt

@@ -22,7 +22,7 @@ add_executable (barrier WIN32
 
 include_directories (./src)
 
-target_link_libraries (barrier Qt5::Core Qt5::Widgets Qt5::Network)
+target_link_libraries (barrier Qt5::Core Qt5::Widgets Qt5::Network ${OPENSSL_LIBS})
 target_compile_definitions (barrier PRIVATE -DBARRIER_VERSION_STAGE="${BARRIER_VERSION_STAGE}")
 target_compile_definitions (barrier PRIVATE -DBARRIER_REVISION="${BARRIER_REVISION}")
 

src/gui/res/lang/gui_de.ts

@@ -984,7 +984,7 @@ Klicken sie doppelt auf eine Anzeige um die Einstellungen zu bearbeiten.</transl
     <message>
         <location filename="res/ServerConfigDialogBase.ui" line="419"/>
         <source>&amp;Check clients every</source>
-        <translation type="finished">Prüfe auf Meldungen vom &amp;Client aller</translation>
+        <translation type="finished">Prüfe auf Meldungen vom &amp;Client alle</translation>
     </message>
     <message>
         <location filename="res/ServerConfigDialogBase.ui" line="470"/>
@@ -1408,4 +1408,4 @@ Server response:
         <translation type="unfinished"></translation>
     </message>
 </context>
-</TS>
+</TS>

src/gui/src/MainWindow.cpp

@@ -949,6 +949,10 @@ void MainWindow::updateSSLFingerprint()
 {
     if (m_AppConfig->getCryptoEnabled() && m_pSslCertificate == nullptr) {
         m_pSslCertificate = new SslCertificate(this);
+        connect(m_pSslCertificate, &SslCertificate::info, [&](QString info)
+        {
+            appendLogInfo(info);
+        });
         m_pSslCertificate->generateCertificate();
     }
     if (m_AppConfig->getCryptoEnabled() && Fingerprint::local().fileExists()) {

src/gui/src/MainWindowBase.ui

@@ -77,7 +77,7 @@
             </sizepolicy>
            </property>
            <property name="text">
-            <string>SSL Fingerprint:</string>
+            <string>SSL/TLS Fingerprint:</string>
            </property>
           </widget>
          </item>

src/gui/src/SettingsDialogBase.ui

@@ -184,7 +184,7 @@
       <item row="2" column="0">
        <widget class="QCheckBox" name="m_pCheckBoxEnableCrypto">
         <property name="text">
-         <string>Enable &amp;SSL</string>
+         <string>Enable &amp;SSL/TLS</string>
         </property>
        </widget>
       </item>

src/gui/src/SslCertificate.cpp

@@ -23,6 +23,12 @@
 #include <QDir>
 #include <QCoreApplication>
 
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+#include <openssl/x509.h>
+
 static const char kCertificateLifetime[] = "365";
 static const char kCertificateSubjectInfo[] = "/CN=Barrier";
 static const char kCertificateFilename[] = "Barrier.pem";
@@ -37,13 +43,13 @@ static const char kConfigFile[] = "barrier.conf";
 SslCertificate::SslCertificate(QObject *parent) :
     QObject(parent)
 {
-    m_ProfileDir = QString::fromStdString(DataDirectories::profile());
-    if (m_ProfileDir.isEmpty()) {
+    m_ProfileDir = DataDirectories::profile();
+    if (m_ProfileDir.empty()) {
         emit error(tr("Failed to get profile directory."));
     }
 }
 
-bool SslCertificate::runTool(const QStringList& args)
+std::pair<bool, std::string> SslCertificate::runTool(const QStringList& args)
 {
     QString program;
 #if defined(Q_OS_WIN)
@@ -66,11 +72,12 @@ bool SslCertificate::runTool(const QStringList& args)
     process.start(program, args);
 
     bool success = process.waitForStarted();
+    std::string output;
 
     QString standardError;
     if (success && process.waitForFinished())
     {
-        m_ToolOutput = process.readAllStandardOutput().trimmed();
+        output = process.readAllStandardOutput().trimmed().toStdString();
         standardError = process.readAllStandardError().trimmed();
     }
 
@@ -78,30 +85,22 @@ bool SslCertificate::runTool(const QStringList& args)
     if (!success || code != 0)
     {
         emit error(
-            QString("SSL tool failed: %1\n\nCode: %2\nError: %3")
+            QString("SSL/TLS tool failed: %1\n\nCode: %2\nError: %3")
                 .arg(program)
                 .arg(process.exitCode())
                 .arg(standardError.isEmpty() ? "Unknown" : standardError));
-        return false;
+        return {false, output};
     }
 
-    return true;
+    return {true, output};
 }
 
 void SslCertificate::generateCertificate()
 {
-    QString sslDirPath = QString("%1%2%3")
-        .arg(m_ProfileDir)
-        .arg(QDir::separator())
-        .arg(kSslDir);
-
-    QString filename = QString("%1%2%3")
-        .arg(sslDirPath)
-        .arg(QDir::separator())
-        .arg(kCertificateFilename);
+    auto filename = QString::fromStdString(getCertificatePath());
 
     QFile file(filename);
-    if (!file.exists()) {
+    if (!file.exists() || !isCertificateValid(filename)) {
         QStringList arguments;
 
         // self signed certificate
@@ -123,7 +122,7 @@ void SslCertificate::generateCertificate()
         arguments.append("-newkey");
         arguments.append("rsa:2048");
 
-        QDir sslDir(sslDirPath);
+        QDir sslDir(QString::fromStdString(getCertificateDirectory()));
         if (!sslDir.exists()) {
             sslDir.mkpath(".");
         }
@@ -136,11 +135,11 @@ void SslCertificate::generateCertificate()
         arguments.append("-out");
         arguments.append(filename);
 
-        if (!runTool(arguments)) {
+        if (!runTool(arguments).first) {
             return;
         }
 
-        emit info(tr("SSL certificate generated."));
+        emit info(tr("SSL/TLS certificate generated."));
     }
 
     generateFingerprint(filename);
@@ -158,21 +157,90 @@ void SslCertificate::generateFingerprint(const QString& certificateFilename)
     arguments.append("-in");
     arguments.append(certificateFilename);
 
-    if (!runTool(arguments)) {
+    auto ret = runTool(arguments);
+    bool success = ret.first;
+    std::string output = ret.second;
+
+    if (!success) {
         return;
     }
 
     // find the fingerprint from the tool output
-    int i = m_ToolOutput.indexOf("=");
-    if (i != -1) {
+    auto i = output.find_first_of('=');
+    if (i != std::string::npos) {
         i++;
-        QString fingerprint = m_ToolOutput.mid(
-            i, m_ToolOutput.size() - i);
+        auto fingerprint = output.substr(
+            i, output.size() - i);
 
-        Fingerprint::local().trust(fingerprint, false);
-        emit info(tr("SSL fingerprint generated."));
+        Fingerprint::local().trust(QString::fromStdString(fingerprint), false);
+        emit info(tr("SSL/TLS fingerprint generated."));
     }
     else {
-        emit error(tr("Failed to find SSL fingerprint."));
+        emit error(tr("Failed to find SSL/TLS fingerprint."));
     }
 }
+
+std::string SslCertificate::getCertificatePath()
+{
+    return getCertificateDirectory() + QDir::separator().toLatin1() + kCertificateFilename;
+}
+
+std::string SslCertificate::getCertificateDirectory()
+{
+    return m_ProfileDir + QDir::separator().toLatin1() + kSslDir;
+}
+
+bool SslCertificate::isCertificateValid(const QString& path)
+{
+    OpenSSL_add_all_algorithms();
+    ERR_load_BIO_strings();
+    ERR_load_crypto_strings();
+
+    BIO* bio = BIO_new(BIO_s_file());
+
+    auto ret = BIO_read_filename(bio, path.toStdString().c_str());
+    if (!ret) {
+        emit info(tr("Could not read from default certificate file."));
+        BIO_free_all(bio);
+        return false;
+    }
+
+    X509* cert = PEM_read_bio_X509(bio, NULL, 0, NULL);
+    if (!cert) {
+        emit info(tr("Error loading default certificate file to memory."));
+        BIO_free_all(bio);
+        return false;
+    }
+
+    EVP_PKEY* pubkey = X509_get_pubkey(cert);
+    if (!pubkey) {
+        emit info(tr("Default certificate key file does not contain valid public key"));
+        X509_free(cert);
+        BIO_free_all(bio);
+        return false;
+    }
+
+    auto type = EVP_PKEY_type(EVP_PKEY_id(pubkey));
+    if (type != EVP_PKEY_RSA && type != EVP_PKEY_DSA) {
+        emit info(tr("Public key in default certificate key file is not RSA or DSA"));
+        EVP_PKEY_free(pubkey);
+        X509_free(cert);
+        BIO_free_all(bio);
+        return false;
+    }
+
+    auto bits = EVP_PKEY_bits(pubkey);
+    if (bits < 2048) {
+        // We could have small keys in old barrier installations
+        emit info(tr("Public key in default certificate key file is too small."));
+        EVP_PKEY_free(pubkey);
+        X509_free(cert);
+        BIO_free_all(bio);
+        return false;
+    }
+
+    EVP_PKEY_free(pubkey);
+    X509_free(cert);
+    BIO_free_all(bio);
+    return true;
+}

src/gui/src/SslCertificate.h

@@ -18,6 +18,7 @@
 #pragma once
 
 #include <QObject>
+#include <string>
 
 class SslCertificate : public QObject
 {
@@ -35,10 +36,13 @@ signals:
     void generateFinished();
 
 private:
-    bool runTool(const QStringList& args);
+    std::pair<bool, std::string> runTool(const QStringList& args);
     void generateFingerprint(const QString& certificateFilename);
 
+    std::string getCertificatePath();
+    std::string getCertificateDirectory();
+
+    bool isCertificateValid(const QString& path);
 private:
-    QString m_ProfileDir;
-    QString m_ToolOutput;
+    std::string m_ProfileDir;
 };

src/lib/arch/unix/ArchDaemonUnix.cpp

@@ -61,7 +61,7 @@ execSelfNonDaemonized()
 }
 
 bool alreadyDaemonized() {
-    return getenv("_BARRIER_DAEMONIZED") != NULL;
+    return std::getenv("_BARRIER_DAEMONIZED") != NULL;
 }
 
 #endif

src/lib/barrier/KeyMap.h

@@ -24,7 +24,9 @@
 #include "common/stdset.h"
 #include "common/stdvector.h"
 
+#ifdef BARRIER_TEST_ENV
 #include <gtest/gtest_prod.h>
+#endif
 
 namespace barrier {
 
@@ -327,6 +329,7 @@ public:
     //@}
 
 private:
+#ifdef BARRIER_TEST_ENV
     FRIEND_TEST(KeyMapTests,
                 findBestKey_requiredDown_matchExactFirstItem);
     FRIEND_TEST(KeyMapTests,
@@ -340,6 +343,7 @@ private:
     FRIEND_TEST(KeyMapTests,
                 findBestKey_onlyOneRequiredDown_matchTwoRequiredChangesItem);
     FRIEND_TEST(KeyMapTests, findBestKey_noRequiredDown_cannotMatch);
+#endif
 
 private:
     //! Ways to synthesize a key

src/lib/barrier/PacketStreamFilter.cpp

@@ -17,7 +17,6 @@
  */
 
 #include "barrier/PacketStreamFilter.h"
-#include "barrier/protocol_types.h"
 #include "base/IEventQueue.h"
 #include "mt/Lock.h"
 #include "base/TMethodEventJob.h"
@@ -134,7 +133,8 @@ PacketStreamFilter::isReadyNoLock() const
     return (m_size != 0 && m_buffer.getSize() >= m_size);
 }
 
-bool PacketStreamFilter::readPacketSize()
+void
+PacketStreamFilter::readPacketSize()
 {
     // note -- m_mutex must be locked on entry
 
@@ -146,13 +146,7 @@ bool PacketStreamFilter::readPacketSize()
                  ((UInt32)buffer[1] << 16) |
                  ((UInt32)buffer[2] <<  8) |
                   (UInt32)buffer[3];
-
-        if (m_size > PROTOCOL_MAX_MESSAGE_LENGTH) {
-            m_events->addEvent(Event(m_events->forIStream().inputFormatError(), getEventTarget()));
-            return false;
-        }
     }
-    return true;
 }
 
 bool
@@ -166,17 +160,13 @@ PacketStreamFilter::readMore()
     UInt32 n = getStream()->read(buffer, sizeof(buffer));
     while (n > 0) {
         m_buffer.write(buffer, n);
-
-        // if we don't yet have the next packet size then get it, if possible.
-        // Note that we can't wait for whole pending data to arrive because it may be huge in
-        // case of malicious or erroneous peer.
-        if (!readPacketSize()) {
-            break;
-        }
-
         n = getStream()->read(buffer, sizeof(buffer));
     }
 
+    // if we don't yet have the next packet size then get it,
+    // if possible.
+    readPacketSize();
+
     // note if we now have a whole packet
     bool isReady = isReadyNoLock();
 

src/lib/barrier/PacketStreamFilter.h

@@ -47,9 +47,7 @@ protected:
 
 private:
     bool                isReadyNoLock() const;
-
-    // returns false on erroneous packet size
-    bool readPacketSize();
+    void                readPacketSize();
     bool                readMore();
 
 private:

src/lib/barrier/ProtocolUtil.cpp

@@ -19,8 +19,6 @@
 #include "barrier/ProtocolUtil.h"
 #include "io/IStream.h"
 #include "base/Log.h"
-#include "barrier/protocol_types.h"
-#include "barrier/XBarrier.h"
 #include "common/stdvector.h"
 #include "base/String.h"
 
@@ -161,10 +159,6 @@ ProtocolUtil::vreadf(barrier::IStream* stream, const char* fmt, va_list args)
                            (static_cast<UInt32>(buffer[2]) <<  8) |
                             static_cast<UInt32>(buffer[3]);
 
-                if (n > PROTOCOL_MAX_LIST_LENGTH) {
-                    throw XBadClient("Too long message received");
-                }
-
                 // convert it
                 void* v = va_arg(args, void*);
                 switch (len) {
@@ -217,10 +211,6 @@ ProtocolUtil::vreadf(barrier::IStream* stream, const char* fmt, va_list args)
                              (static_cast<UInt32>(buffer[2]) <<  8) |
                               static_cast<UInt32>(buffer[3]);
 
-                if (len > PROTOCOL_MAX_STRING_LENGTH) {
-                    throw XBadClient("Too long message received");
-                }
-
                 // use a fixed size buffer if its big enough
                 const bool useFixed = (len <= sizeof(buffer));
 

src/lib/barrier/Screen.h

@@ -42,7 +42,7 @@ public:
     Screen(IPlatformScreen* platformScreen, IEventQueue* events);
     virtual ~Screen();
 
-#ifdef TEST_ENV
+#ifdef BARRIER_TEST_ENV
     Screen() : m_mock(true) { }
 #endif
 

src/lib/barrier/key_types.cpp

@@ -43,6 +43,7 @@ const KeyNameMapEntry kKeyNameMap[] = {
     { "Control_R",        kKeyControl_R },
     { "Delete",            kKeyDelete },
     { "Down",            kKeyDown },
+    { "EisuToggle",      kKeyEisuToggle },
     { "Eject",            kKeyEject },
     { "End",            kKeyEnd },
     { "Escape",            kKeyEscape },
@@ -89,6 +90,7 @@ const KeyNameMapEntry kKeyNameMap[] = {
     { "Hyper_L",        kKeyHyper_L },
     { "Hyper_R",        kKeyHyper_R },
     { "Insert",            kKeyInsert },
+    { "Kana",            kKeyKana },
     { "KP_0",            kKeyKP_0 },
     { "KP_1",            kKeyKP_1 },
     { "KP_2",            kKeyKP_2 },
@@ -130,6 +132,7 @@ const KeyNameMapEntry kKeyNameMap[] = {
     { "Menu",            kKeyMenu },
     { "Meta_L",            kKeyMeta_L },
     { "Meta_R",            kKeyMeta_R },
+    { "Muhenkan",       kKeyMuhenkan },
     { "NumLock",        kKeyNumLock },
     { "PageDown",        kKeyPageDown },
     { "PageUp",            kKeyPageUp },

src/lib/barrier/key_types.h

@@ -109,11 +109,13 @@ static const KeyID		kKeyPause		= 0xEF13;	/* Pause, hold */
 static const KeyID		kKeyScrollLock	= 0xEF14;
 static const KeyID		kKeySysReq		= 0xEF15;
 static const KeyID		kKeyEscape		= 0xEF1B;
+static const KeyID		kKeyMuhenkan	= 0xEF22;	/* Cancel Conversion */
 static const KeyID		kKeyHenkan		= 0xEF23;	/* Start/Stop Conversion */
 static const KeyID		kKeyKana		= 0xEF26;	/* Kana */
 static const KeyID		kKeyHiraganaKatakana = 0xEF27;	/* Hiragana/Katakana toggle */
 static const KeyID		kKeyZenkaku		= 0xEF2A;	/* Zenkaku/Hankaku */
 static const KeyID		kKeyKanzi		= 0xEF2A;	/* Kanzi */
+static const KeyID		kKeyEisuToggle	= 0xEF30;	/* Alphanumeric toggle */
 static const KeyID		kKeyHangul		= 0xEF31;	/* Hangul */
 static const KeyID		kKeyHanja		= 0xEF34;	/* Hanja */
 static const KeyID		kKeyDelete		= 0xEFFF;	/* Delete, rubout */
@@ -284,6 +286,8 @@ static const KeyID		kKeyAppUser1		= 0xE0B6;
 static const KeyID		kKeyAppUser2		= 0xE0B7;
 static const KeyID		kKeyBrightnessDown	= 0xE0B8;
 static const KeyID		kKeyBrightnessUp	= 0xE0B9;
+static const KeyID		kKeyKbdBrightnessDown	= 0xE0BA;
+static const KeyID		kKeyKbdBrightnessUp	= 0xE0BB;
 static const KeyID		kKeyMissionControl	= 0xE0C0;
 static const KeyID		kKeyLaunchpad		= 0xE0C1;
 

src/lib/barrier/protocol_types.h

@@ -20,8 +20,6 @@
 
 #include "base/EventTypes.h"
 
-#include <cstdint>
-
 // protocol version number
 // 1.0:  initial protocol
 // 1.1:  adds KeyCode to key press, release, and repeat
@@ -53,12 +51,6 @@ static const double        kKeepAlivesUntilDeath = 3.0;
 static const double        kHeartRate = -1.0;
 static const double        kHeartBeatsUntilDeath = 3.0;
 
-// Messages of very large size indicate a likely protocol error. We don't parse such messages and
-// drop connection instead. Note that e.g. the clipboard messages are already limited to 32kB.
-static constexpr std::uint32_t PROTOCOL_MAX_MESSAGE_LENGTH = 4 * 1024 * 1024;
-static constexpr std::uint32_t PROTOCOL_MAX_LIST_LENGTH = 1024 * 1024;
-static constexpr std::uint32_t PROTOCOL_MAX_STRING_LENGTH = 1024 * 1024;
-
 // direction constants
 enum EDirection {
     kNoDirection,

src/lib/base/EventTypes.cpp

@@ -56,7 +56,6 @@ REGISTER_EVENT(IStream, outputFlushed)
 REGISTER_EVENT(IStream, outputError)
 REGISTER_EVENT(IStream, inputShutdown)
 REGISTER_EVENT(IStream, outputShutdown)
-REGISTER_EVENT(IStream, inputFormatError)
 
 //
 // IpcClient

src/lib/base/EventTypes.h

@@ -133,11 +133,6 @@ public:
     */
     Event::Type        outputShutdown();
 
-    /** Get input format error event type
-
-        This is sent when a stream receives an irrecoverable input format error.
-    */
-    Event::Type inputFormatError();
     //@}
         
 private:
@@ -146,7 +141,6 @@ private:
     Event::Type        m_outputError;
     Event::Type        m_inputShutdown;
     Event::Type        m_outputShutdown;
-    Event::Type m_inputFormatError;
 };
 
 class IpcClientEvents : public EventTypes {

src/lib/client/ServerProxy.cpp

@@ -26,7 +26,6 @@
 #include "barrier/ProtocolUtil.h"
 #include "barrier/option_types.h"
 #include "barrier/protocol_types.h"
-#include "barrier/XBarrier.h"
 #include "io/IStream.h"
 #include "base/Log.h"
 #include "base/IEventQueue.h"
@@ -125,27 +124,17 @@ ServerProxy::handleData(const Event&, void*)
 
         // parse message
         LOG((CLOG_DEBUG2 "msg from server: %c%c%c%c", code[0], code[1], code[2], code[3]));
-        try {
-            switch ((this->*m_parser)(code)) {
-            case kOkay:
-                break;
+        switch ((this->*m_parser)(code)) {
+        case kOkay:
+            break;
 
-            case kUnknown:
-                LOG((CLOG_ERR "invalid message from server: %c%c%c%c", code[0], code[1], code[2], code[3]));
-                m_client->disconnect("invalid message from server");
-                return;
-
-            case kDisconnect:
-                return;
-            }
-        } catch (const XBadClient& e) {
-            // TODO: disconnect handling is currently dispersed across both parseMessage() and
-            // handleData() functions, we should collect that to a single place
-
-            LOG((CLOG_ERR "protocol error from server: %s", e.what()));
-            ProtocolUtil::writef(m_stream, kMsgEBad);
+        case kUnknown:
+            LOG((CLOG_ERR "invalid message from server: %c%c%c%c", code[0], code[1], code[2], code[3]));
             m_client->disconnect("invalid message from server");
             return;
+
+        case kDisconnect:
+            return;
         }
 
         // next message

src/lib/client/ServerProxy.h

@@ -59,7 +59,7 @@ public:
     // sending dragging information to server
     void                sendDragInfo(UInt32 fileCount, const char* info, size_t size);
     
-#ifdef TEST_ENV
+#ifdef BARRIER_TEST_ENV
     void                handleDataForTest() { handleData(Event(), NULL); }
 #endif
 

src/lib/common/unix/DataDirectories.cpp

@@ -18,7 +18,7 @@
 #include "../DataDirectories.h"
 
 #include <unistd.h>    // sysconf
-#include <stdlib.h>    // getenv
+#include <cstdlib>     // getenv
 #include <sys/types.h> // getpwuid(_r)
 #include <pwd.h>       // getpwuid(_r)
 
@@ -63,7 +63,7 @@ static std::string profile_basedir()
 #ifdef WINAPI_XWINDOWS
     // linux/bsd adheres to freedesktop standards
     // https://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html
-    const char* dir = getenv("XDG_DATA_HOME");
+    const char* dir = std::getenv("XDG_DATA_HOME");
     if (dir != NULL)
         return dir;
     return unix_home() + "/.local/share";

src/lib/ipc/IpcServer.h

@@ -82,7 +82,7 @@ private:
     ClientList            m_clients;
     mutable std::mutex m_clientsMutex;
 
-#ifdef TEST_ENV
+#ifdef BARRIER_TEST_ENV
 public:
     IpcServer() :
         m_mock(true),

src/lib/net/SecureSocket.cpp

@@ -40,7 +40,6 @@
 
 #define MAX_ERROR_SIZE 65535
 
-static const std::size_t MAX_INPUT_BUFFER_SIZE = 1024 * 1024;
 static const float s_retryDelay = 0.01f;
 
 enum {
@@ -104,8 +103,6 @@ SecureSocket::close()
 
 void SecureSocket::freeSSLResources()
 {
-    std::lock_guard<std::mutex> ssl_lock{ssl_mutex_};
-
     if (m_ssl->m_ssl != NULL) {
         SSL_shutdown(m_ssl->m_ssl);
         SSL_free(m_ssl->m_ssl);
@@ -159,7 +156,7 @@ SecureSocket::secureAccept()
 TCPSocket::EJobResult
 SecureSocket::doRead()
 {
-    UInt8 buffer[4096];
+    static UInt8 buffer[4096];
     memset(buffer, 0, sizeof(buffer));
     int bytesRead = 0;
     int status = 0;
@@ -183,11 +180,7 @@ SecureSocket::doRead()
         // slurp up as much as possible
         do {
             m_inputBuffer.write(buffer, bytesRead);
-
-            if (m_inputBuffer.getSize() > MAX_INPUT_BUFFER_SIZE) {
-                break;
-            }
-
+            
             status = secureRead(buffer, sizeof(buffer), bytesRead);
             if (status < 0) {
                 return kBreak;
@@ -218,6 +211,11 @@ SecureSocket::doRead()
 TCPSocket::EJobResult
 SecureSocket::doWrite()
 {
+    static bool s_retry = false;
+    static int s_retrySize = 0;
+    static std::unique_ptr<char[]> s_staticBuffer;
+    static std::size_t s_staticBufferSize = 0;
+
     // write data
     int bufferSize = 0;
     int bytesWrote = 0;
@@ -226,16 +224,16 @@ SecureSocket::doWrite()
     if (!isSecureReady())
         return kRetry;
 
-    if (do_write_retry_) {
-        bufferSize = do_write_retry_size_;
+    if (s_retry) {
+        bufferSize = s_retrySize;
     } else {
         bufferSize = m_outputBuffer.getSize();
-        if (bufferSize > do_write_retry_buffer_size_) {
-            do_write_retry_buffer_.reset(new char[bufferSize]);
-            do_write_retry_buffer_size_ = bufferSize;
+        if (bufferSize > s_staticBufferSize) {
+            s_staticBuffer.reset(new char[bufferSize]);
+            s_staticBufferSize = bufferSize;
         }
         if (bufferSize > 0) {
-            std::memcpy(do_write_retry_buffer_.get(), m_outputBuffer.peek(bufferSize), bufferSize);
+            memcpy(s_staticBuffer.get(), m_outputBuffer.peek(bufferSize), bufferSize);
         }
     }
     
@@ -243,14 +241,14 @@ SecureSocket::doWrite()
         return kRetry;
     }
 
-    status = secureWrite(do_write_retry_buffer_.get(), bufferSize, bytesWrote);
+    status = secureWrite(s_staticBuffer.get(), bufferSize, bytesWrote);
     if (status > 0) {
-        do_write_retry_ = false;
+        s_retry = false;
     } else if (status < 0) {
         return kBreak;
     } else if (status == 0) {
-        do_write_retry_ = true;
-        do_write_retry_size_ = bufferSize;
+        s_retry = true;
+        s_retrySize = bufferSize;
         return kNew;
     }
     
@@ -265,16 +263,16 @@ SecureSocket::doWrite()
 int
 SecureSocket::secureRead(void* buffer, int size, int& read)
 {
-    std::lock_guard<std::mutex> ssl_lock{ssl_mutex_};
-
     if (m_ssl->m_ssl != NULL) {
         LOG((CLOG_DEBUG2 "reading secure socket"));
         read = SSL_read(m_ssl->m_ssl, buffer, size);
+        
+        static int retry;
 
         // Check result will cleanup the connection in the case of a fatal
-        checkResult(read, secure_read_retry_);
-
-        if (secure_read_retry_) {
+        checkResult(read, retry);
+        
+        if (retry) {
             return 0;
         }
 
@@ -291,17 +289,17 @@ SecureSocket::secureRead(void* buffer, int size, int& read)
 int
 SecureSocket::secureWrite(const void* buffer, int size, int& wrote)
 {
-    std::lock_guard<std::mutex> ssl_lock{ssl_mutex_};
-
     if (m_ssl->m_ssl != NULL) {
         LOG((CLOG_DEBUG2 "writing secure socket:%p", this));
 
         wrote = SSL_write(m_ssl->m_ssl, buffer, size);
+        
+        static int retry;
 
         // Check result will cleanup the connection in the case of a fatal
-        checkResult(wrote, secure_write_retry_);
+        checkResult(wrote, retry);
 
-        if (secure_write_retry_) {
+        if (retry) {
             return 0;
         }
 
@@ -324,8 +322,6 @@ SecureSocket::isSecureReady()
 void
 SecureSocket::initSsl(bool server)
 {
-    std::lock_guard<std::mutex> ssl_lock{ssl_mutex_};
-
     m_ssl = new Ssl();
     m_ssl->m_context = NULL;
     m_ssl->m_ssl = NULL;
@@ -333,10 +329,8 @@ SecureSocket::initSsl(bool server)
     initContext(server);
 }
 
-bool SecureSocket::loadCertificates(std::string& filename)
+bool SecureSocket::loadCertificates(const std::string& filename)
 {
-    std::lock_guard<std::mutex> ssl_lock{ssl_mutex_};
-
     if (filename.empty()) {
         showError("ssl certificate is not specified");
         return false;
@@ -347,9 +341,7 @@ bool SecureSocket::loadCertificates(std::string& filename)
         file.close();
 
         if (!exist) {
-            std::string errorMsg("ssl certificate doesn't exist: ");
-            errorMsg.append(filename);
-            showError(errorMsg.c_str());
+            showError("ssl certificate doesn't exist: " + filename);
             return false;
         }
     }
@@ -357,19 +349,19 @@ bool SecureSocket::loadCertificates(std::string& filename)
     int r = 0;
     r = SSL_CTX_use_certificate_file(m_ssl->m_context, filename.c_str(), SSL_FILETYPE_PEM);
     if (r <= 0) {
-        showError("could not use ssl certificate");
+        showError("could not use ssl certificate: " + filename);
         return false;
     }
 
     r = SSL_CTX_use_PrivateKey_file(m_ssl->m_context, filename.c_str(), SSL_FILETYPE_PEM);
     if (r <= 0) {
-        showError("could not use ssl private key");
+        showError("could not use ssl private key: " + filename);
         return false;
     }
 
     r = SSL_CTX_check_private_key(m_ssl->m_context);
     if (!r) {
-        showError("could not verify ssl private key");
+        showError("could not verify ssl private key: " + filename);
         return false;
     }
 
@@ -379,8 +371,6 @@ bool SecureSocket::loadCertificates(std::string& filename)
 void
 SecureSocket::initContext(bool server)
 {
-    // ssl_mutex_ is assumed to be acquired
-
     SSL_library_init();
 
     const SSL_METHOD* method;
@@ -411,15 +401,13 @@ SecureSocket::initContext(bool server)
     SSL_CTX_set_options(m_ssl->m_context, SSL_OP_NO_SSLv3);
 
     if (m_ssl->m_context == NULL) {
-        showError();
+        showError("");
     }
 }
 
 void
 SecureSocket::createSSL()
 {
-    // ssl_mutex_ is assumed to be acquired
-
     // I assume just one instance is needed
     // get new SSL state with context
     if (m_ssl->m_ssl == NULL) {
@@ -431,8 +419,6 @@ SecureSocket::createSSL()
 int
 SecureSocket::secureAccept(int socket)
 {
-    std::lock_guard<std::mutex> ssl_lock{ssl_mutex_};
-
     createSSL();
 
     // set connection socket to SSL state
@@ -440,8 +426,10 @@ SecureSocket::secureAccept(int socket)
     
     LOG((CLOG_DEBUG2 "accepting secure socket"));
     int r = SSL_accept(m_ssl->m_ssl);
+    
+    static int retry;
 
-    checkResult(r, secure_accept_retry_);
+    checkResult(r, retry);
 
     if (isFatal()) {
         // tell user and sleep so the socket isn't hammered.
@@ -449,12 +437,12 @@ SecureSocket::secureAccept(int socket)
         LOG((CLOG_INFO "client connection may not be secure"));
         m_secureReady = false;
         ARCH->sleep(1);
-        secure_accept_retry_ = 0;
+        retry = 0;
         return -1; // Failed, error out
     }
 
     // If not fatal and no retry, state is good
-    if (secure_accept_retry_ == 0) {
+    if (retry == 0) {
         m_secureReady = true;
         LOG((CLOG_INFO "accepted secure socket"));
         if (CLOG->getFilter() >= kDEBUG1) {
@@ -465,7 +453,7 @@ SecureSocket::secureAccept(int socket)
     }
 
     // If not fatal and retry is set, not ready, and return retry
-    if (secure_accept_retry_ > 0) {
+    if (retry > 0) {
         LOG((CLOG_DEBUG2 "retry accepting secure socket"));
         m_secureReady = false;
         ARCH->sleep(s_retryDelay);
@@ -480,8 +468,6 @@ SecureSocket::secureAccept(int socket)
 int
 SecureSocket::secureConnect(int socket)
 {
-    std::lock_guard<std::mutex> ssl_lock{ssl_mutex_};
-
     createSSL();
 
     // attach the socket descriptor
@@ -489,24 +475,26 @@ SecureSocket::secureConnect(int socket)
     
     LOG((CLOG_DEBUG2 "connecting secure socket"));
     int r = SSL_connect(m_ssl->m_ssl);
+    
+    static int retry;
 
-    checkResult(r, secure_connect_retry_);
+    checkResult(r, retry);
 
     if (isFatal()) {
         LOG((CLOG_ERR "failed to connect secure socket"));
-        secure_connect_retry_ = 0;
+        retry = 0;
         return -1;
     }
 
     // If we should retry, not ready and return 0
-    if (secure_connect_retry_ > 0) {
+    if (retry > 0) {
         LOG((CLOG_DEBUG2 "retry connect secure socket"));
         m_secureReady = false;
         ARCH->sleep(s_retryDelay);
         return 0;
     }
 
-    secure_connect_retry_ = 0;
+    retry = 0;
     // No error, set ready, process and return ok
     m_secureReady = true;
     if (verifyCertFingerprint()) {
@@ -532,7 +520,6 @@ SecureSocket::secureConnect(int socket)
 bool
 SecureSocket::showCertificate()
 {
-    // ssl_mutex_ is assumed to be acquired
     X509* cert;
     char* line;
  
@@ -555,8 +542,6 @@ SecureSocket::showCertificate()
 void
 SecureSocket::checkResult(int status, int& retry)
 {
-    // ssl_mutex_ is assumed to be acquired
-
     // ssl errors are a little quirky. the "want" errors are normal and
     // should result in a retry.
 
@@ -631,16 +616,15 @@ SecureSocket::checkResult(int status, int& retry)
 
     if (isFatal()) {
         retry = 0;
-        showError();
+        showError("");
         disconnect();
     }
 }
 
-void
-SecureSocket::showError(const char* reason)
+void SecureSocket::showError(const std::string& reason)
 {
-    if (reason != NULL) {
-        LOG((CLOG_ERR "%s", reason));
+    if (!reason.empty()) {
+        LOG((CLOG_ERR "%s", reason.c_str()));
     }
 
     std::string error = getError();
@@ -693,8 +677,6 @@ void SecureSocket::formatFingerprint(std::string& fingerprint, bool hex, bool se
 bool
 SecureSocket::verifyCertFingerprint()
 {
-    // ssl_mutex_ is assumed to be acquired
-
     // calculate received certificate fingerprint
     X509 *cert = cert = SSL_get_peer_certificate(m_ssl->m_ssl);
     EVP_MD* tempDigest;
@@ -837,8 +819,6 @@ showCipherStackDesc(STACK_OF(SSL_CIPHER) * stack) {
 void
 SecureSocket::showSecureCipherInfo()
 {
-    // ssl_mutex_ is assumed to be acquired
-
     STACK_OF(SSL_CIPHER) * sStack = SSL_get_ciphers(m_ssl->m_ssl);
 
     if (sStack == NULL) {
@@ -881,8 +861,6 @@ SecureSocket::showSecureLibInfo()
 void
 SecureSocket::showSecureConnectInfo()
 {
-    // ssl_mutex_ is assumed to be acquired
-
     const SSL_CIPHER* cipher = SSL_get_current_cipher(m_ssl->m_ssl);
 
     if (cipher != NULL) {

src/lib/net/SecureSocket.h

@@ -19,7 +19,6 @@
 
 #include "net/TCPSocket.h"
 #include "net/XSocket.h"
-#include <mutex>
 
 class IEventQueue;
 class SocketMultiplexer;
@@ -56,52 +55,35 @@ public:
     EJobResult            doRead() override;
     EJobResult            doWrite() override;
     void                initSsl(bool server);
-    bool loadCertificates(std::string& CertFile);
+    bool loadCertificates(const std::string& filename);
 
 private:
     // SSL
-    void initContext(bool server); // may only be called with ssl_mutex_ acquired
-    void createSSL(); // may only be called with ssl_mutex_ acquired.
+    void                initContext(bool server);
+    void                createSSL();
     int                    secureAccept(int s);
     int                    secureConnect(int s);
-    bool showCertificate(); // may only be called with ssl_mutex_ acquired
-    void checkResult(int n, int& retry); // may only be called with m_ssl_mutex_ acquired.
-    void                showError(const char* reason = NULL);
+    bool                showCertificate();
+    void                checkResult(int n, int& retry);
+    void                showError(const std::string& reason);
     std::string getError();
     void                disconnect();
     void formatFingerprint(std::string& fingerprint, bool hex = true, bool separator = true);
-    bool verifyCertFingerprint(); // may only be called with ssl_mutex_ acquired
+    bool                verifyCertFingerprint();
 
     MultiplexerJobStatus serviceConnect(ISocketMultiplexerJob*, bool, bool, bool);
     MultiplexerJobStatus serviceAccept(ISocketMultiplexerJob*, bool, bool, bool);
 
-    void showSecureConnectInfo(); // may only be called with ssl_mutex_ acquired
-    void showSecureLibInfo();
-    void showSecureCipherInfo(); // may only be called with ssl_mutex_ acquired
-
+    void                showSecureConnectInfo();
+    void                showSecureLibInfo();
+    void                showSecureCipherInfo();
+    
     void                handleTCPConnected(const Event& event, void*);
 
     void freeSSLResources();
 
 private:
-    // all accesses to m_ssl must be protected by this mutex. The only function that is called
-    // from outside SocketMultiplexer thread is close(), so we mostly care about things accessed
-    // by it.
-    std::mutex ssl_mutex_;
-
     Ssl*                m_ssl;
     bool                m_secureReady;
     bool                m_fatal;
-
-    int secure_accept_retry_ = 0; // used only in secureAccept()
-    int secure_connect_retry_ = 0; // used only in secureConnect()
-    int secure_read_retry_ = 0; // used only in secureRead()
-    int secure_write_retry_ = 0; // used only in secureWrite()
-
-    // The following are used only from doWrite()
-    // FIXME: using std::vector would simplify logic significantly.
-    bool do_write_retry_ = false;
-    int do_write_retry_size_ = 0;
-    std::unique_ptr<char[]> do_write_retry_buffer_;
-    std::size_t do_write_retry_buffer_size_ = 0;
 };

src/lib/net/TCPSocket.cpp

@@ -33,7 +33,9 @@
 #include <cstdlib>
 #include <memory>
 
-static const std::size_t MAX_INPUT_BUFFER_SIZE = 1024 * 1024;
+//
+// TCPSocket
+//
 
 TCPSocket::TCPSocket(IEventQueue* events, SocketMultiplexer* socketMultiplexer, IArchNetwork::EAddressFamily family) :
     IDataSocket(events),
@@ -343,10 +345,6 @@ TCPSocket::doRead()
         do {
             m_inputBuffer.write(buffer, (UInt32)bytesRead);
 
-            if (m_inputBuffer.getSize() > MAX_INPUT_BUFFER_SIZE) {
-                break;
-            }
-
             bytesRead = ARCH->readSocket(m_socket, buffer, sizeof(buffer));
         } while (bytesRead > 0);
         

src/lib/platform/MSWindowsKeyState.cpp

@@ -69,7 +69,7 @@ const KeyID				MSWindowsKeyState::s_virtualKey[] =
 	/* 0x01a */ { kKeyNone },		// undefined
 	/* 0x01b */ { kKeyEscape },		// VK_ESCAPE
 	/* 0x01c */ { kKeyHenkan },		// VK_CONVERT		
-	/* 0x01d */ { kKeyNone },		// VK_NONCONVERT	
+	/* 0x01d */ { kKeyMuhenkan },	// VK_NONCONVERT	
 	/* 0x01e */ { kKeyNone },		// VK_ACCEPT		
 	/* 0x01f */ { kKeyNone },		// VK_MODECHANGE	
 	/* 0x020 */ { kKeyNone },		// VK_SPACE

src/lib/platform/OSXKeyState.cpp

@@ -122,7 +122,11 @@ static const KeyEntry    s_controlKeys[] = {
     { kKeyMissionControl, s_missionControlVK },
     { kKeyLaunchpad, s_launchpadVK },
     { kKeyBrightnessUp,  s_brightnessUp },
-    { kKeyBrightnessDown, s_brightnessDown }
+    { kKeyBrightnessDown, s_brightnessDown },
+
+    // JIS keyboards only
+    { kKeyEisuToggle, kVK_JIS_Eisu },
+    { kKeyKana, kVK_JIS_Kana }
 };
 
 

src/lib/platform/XWindowsKeyState.h

@@ -136,7 +136,7 @@ private:
         bool            m_lock;
     };
 
-#ifdef TEST_ENV
+#ifdef BARRIER_TEST_ENV
 public: // yuck
 #endif
     typedef std::vector<KeyModifierMask> KeyModifierMaskList;
@@ -169,7 +169,7 @@ private:
     // autorepeat state
     XKeyboardState        m_keyboardState;
 
-#ifdef TEST_ENV
+#ifdef BARRIER_TEST_ENV
 public:
     SInt32                  group() const { return m_group; }
     void                    group(const SInt32& group) { m_group = group; }

src/lib/platform/XWindowsScreen.cpp

@@ -877,7 +877,7 @@ XWindowsScreen::openDisplay(const char* displayName)
 {
 	// get the DISPLAY
 	if (displayName == NULL) {
-		displayName = getenv("DISPLAY");
+		displayName = std::getenv("DISPLAY");
 		if (displayName == NULL) {
 			displayName = ":0.0";
 		}

src/lib/platform/XWindowsUtil.cpp

@@ -1250,7 +1250,7 @@ XK_uhorn
 // map "Internet" keys to KeyIDs
 static const KeySym s_map1008FF[] =
 {
-    /* 0x00 */ 0, 0, kKeyBrightnessUp, kKeyBrightnessDown, 0, 0, 0, 0,
+    /* 0x00 */ 0, 0, kKeyBrightnessUp, kKeyBrightnessDown, 0, kKeyKbdBrightnessUp, kKeyKbdBrightnessDown, 0,
     /* 0x08 */ 0, 0, 0, 0, 0, 0, 0, 0,
     /* 0x10 */ 0, kKeyAudioDown, kKeyAudioMute, kKeyAudioUp,
     /* 0x14 */ kKeyAudioPlay, kKeyAudioStop, kKeyAudioPrev, kKeyAudioNext,

src/lib/server/ClientListener.cpp

@@ -184,6 +184,7 @@ ClientListener::handleUnknownClient(const Event&, void* vclient)
 
     // get the real client proxy and install it
     ClientProxy* client = unknownClient->orphanClientProxy();
+    bool handshakeOk = true;
     if (client != NULL) {
         // handshake was successful
         m_waitingClients.push_back(client);
@@ -195,17 +196,20 @@ ClientListener::handleUnknownClient(const Event&, void* vclient)
                             new TMethodEventJob<ClientListener>(this,
                                 &ClientListener::handleClientDisconnected,
                                 client));
-    } else {
-        auto* stream = unknownClient->getStream();
-        if (stream) {
-            stream->close();
-        }
+    }
+    else {
+        handshakeOk = false;
     }
 
     // now finished with unknown client
     m_events->removeHandler(m_events->forClientProxyUnknown().success(), client);
     m_events->removeHandler(m_events->forClientProxyUnknown().failure(), client);
     m_newClients.erase(unknownClient);
+    PacketStreamFilter* streamFileter = dynamic_cast<PacketStreamFilter*>(unknownClient->getStream());
+    IDataSocket* socket = NULL;
+    if (streamFileter != NULL) {
+        socket = dynamic_cast<IDataSocket*>(streamFileter->getStream());
+    }
 
     delete unknownClient;
 }

src/lib/server/ClientProxy1_0.cpp

@@ -51,10 +51,6 @@ ClientProxy1_0::ClientProxy1_0(const std::string& name, barrier::IStream* stream
                             stream->getEventTarget(),
                             new TMethodEventJob<ClientProxy1_0>(this,
                                 &ClientProxy1_0::handleDisconnect, NULL));
-    m_events->adoptHandler(m_events->forIStream().inputFormatError(),
-                           stream->getEventTarget(),
-                           new TMethodEventJob<ClientProxy1_0>(this,
-                                &ClientProxy1_0::handleDisconnect, NULL));
     m_events->adoptHandler(m_events->forIStream().outputShutdown(),
                             stream->getEventTarget(),
                             new TMethodEventJob<ClientProxy1_0>(this,
@@ -94,8 +90,6 @@ ClientProxy1_0::removeHandlers()
                             getStream()->getEventTarget());
     m_events->removeHandler(m_events->forIStream().outputShutdown(),
                             getStream()->getEventTarget());
-    m_events->removeHandler(m_events->forIStream().inputFormatError(),
-                            getStream()->getEventTarget());
     m_events->removeHandler(Event::kTimer, this);
 
     // remove timer
@@ -154,18 +148,9 @@ ClientProxy1_0::handleData(const Event&, void*)
         }
 
         // parse message
-        try {
-            LOG((CLOG_DEBUG2 "msg from \"%s\": %c%c%c%c", getName().c_str(), code[0], code[1], code[2], code[3]));
-            if (!(this->*m_parser)(code)) {
-                LOG((CLOG_ERR "invalid message from client \"%s\": %c%c%c%c", getName().c_str(), code[0], code[1], code[2], code[3]));
-                disconnect();
-                return;
-            }
-        } catch (const XBadClient& e) {
-            // TODO: disconnect handling is currently dispersed across both parseMessage() and
-            // handleData() functions, we should collect that to a single place
-
-            LOG((CLOG_ERR "protocol error from client: %s", e.what()));
+        LOG((CLOG_DEBUG2 "msg from \"%s\": %c%c%c%c", getName().c_str(), code[0], code[1], code[2], code[3]));
+        if (!(this->*m_parser)(code)) {
+            LOG((CLOG_ERR "invalid message from client \"%s\": %c%c%c%c", getName().c_str(), code[0], code[1], code[2], code[3]));
             disconnect();
             return;
         }

src/lib/server/ClientProxyUnknown.cpp

@@ -118,10 +118,6 @@ ClientProxyUnknown::addStreamHandlers()
                             m_stream->getEventTarget(),
                             new TMethodEventJob<ClientProxyUnknown>(this,
                                 &ClientProxyUnknown::handleDisconnect));
-    m_events->adoptHandler(m_events->forIStream().inputFormatError(),
-                           m_stream->getEventTarget(),
-                           new TMethodEventJob<ClientProxyUnknown>(this,
-                                &ClientProxyUnknown::handleDisconnect));
     m_events->adoptHandler(m_events->forIStream().outputShutdown(),
                             m_stream->getEventTarget(),
                             new TMethodEventJob<ClientProxyUnknown>(this,
@@ -153,8 +149,6 @@ ClientProxyUnknown::removeHandlers()
                             m_stream->getEventTarget());
         m_events->removeHandler(m_events->forIStream().inputShutdown(),
                             m_stream->getEventTarget());
-        m_events->removeHandler(m_events->forIStream().inputFormatError(),
-                                m_stream->getEventTarget());
         m_events->removeHandler(m_events->forIStream().outputShutdown(),
                             m_stream->getEventTarget());
     }

src/lib/server/Config.h

@@ -174,7 +174,7 @@ public:
     Config(IEventQueue* events);
     virtual ~Config();
 
-#ifdef TEST_ENV
+#ifdef BARRIER_TEST_ENV
     Config() : m_inputFilter(NULL) { }
 #endif
 

src/lib/server/InputFilter.h

@@ -333,7 +333,7 @@ public:
     InputFilter(const InputFilter&);
     virtual ~InputFilter();
 
-#ifdef TEST_ENV
+#ifdef BARRIER_TEST_ENV
     InputFilter() : m_primaryClient(NULL) { }
 #endif
 

src/lib/server/PrimaryClient.h

@@ -37,7 +37,7 @@ public:
     PrimaryClient(const std::string& name, barrier::Screen* screen);
     ~PrimaryClient();
 
-#ifdef TEST_ENV
+#ifdef BARRIER_TEST_ENV
     PrimaryClient() : BaseClientProxy("") { }
 #endif
 

src/lib/server/Server.h

@@ -110,7 +110,7 @@ public:
         barrier::Screen* screen, IEventQueue* events, ServerArgs const& args);
     ~Server();
 
-#ifdef TEST_ENV
+#ifdef BARRIER_TEST_ENV
     Server() : m_mock(true), m_config(NULL) { }
     void setActive(BaseClientProxy* active) {    m_active = active; }
 #endif

src/test/CMakeLists.txt

@@ -14,19 +14,33 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-include_directories(
-    ../../ext/gtest
-    ../../ext/gtest/include
-    ../../ext/gmock
-    ../../ext/gmock/include)
-    
-add_library(gtest STATIC ../../ext/gtest/src/gtest-all.cc)
-add_library(gmock STATIC ../../ext/gmock/src/gmock-all.cc)
+if (BARRIER_USE_EXTERNAL_GTEST)
+    include (FindPkgConfig)
+    find_package(GTest REQUIRED)
+    pkg_check_modules(GMOCK REQUIRED gmock)
+    include_directories(
+        ${GTEST_INCLUDE_DIRS}
+        ${GMOCK_INCLUDE_DIRS}
+    )
+else()
+    include_directories(
+        ../../ext/gtest
+        ../../ext/gtest/include
+        ../../ext/gmock
+        ../../ext/gmock/include
+    )
 
-if (UNIX)
-    # ignore warnings in gtest and gmock
-    set_target_properties(gtest PROPERTIES COMPILE_FLAGS "-w")
-    set_target_properties(gmock PROPERTIES COMPILE_FLAGS "-w")
+    add_library(gtest STATIC ../../ext/gtest/src/gtest-all.cc)
+    add_library(gmock STATIC ../../ext/gmock/src/gmock-all.cc)
+
+    set(GTEST_LIBRARIES gtest)
+    set(GMOCK_LIBRARIES gmock)
+
+    if (UNIX)
+        # ignore warnings in gtest and gmock
+        set_target_properties(gtest PROPERTIES COMPILE_FLAGS "-w")
+        set_target_properties(gmock PROPERTIES COMPILE_FLAGS "-w")
+    endif()
 endif()
 
 add_subdirectory(integtests)

src/test/integtests/CMakeLists.txt

@@ -68,8 +68,6 @@ endif()
 
 include_directories(
     ../../
-    ../../../ext/gtest/include
-    ../../../ext/gmock/include
 )
 
 if (UNIX)
@@ -80,4 +78,4 @@ endif()
 
 add_executable(integtests ${sources})
 target_link_libraries(integtests
-    arch base client common io ipc mt net platform server synlib gtest gmock ${libs} ${OPENSSL_LIBS})
+    arch base client common io ipc mt net platform server synlib ${GTEST_LIBRARIES} ${GMOCK_LIBRARIES} ${libs} ${OPENSSL_LIBS})

src/test/integtests/ipc/IpcTests.cpp

@@ -19,7 +19,7 @@
 // TODO: fix, tests failing intermittently on mac.
 #ifndef WINAPI_CARBON
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "test/global/TestEventQueue.h"
 #include "ipc/IpcServer.h"

src/test/integtests/net/NetworkTests.cpp

@@ -18,7 +18,7 @@
 // TODO: fix, tests failing intermittently on mac.
 #ifndef WINAPI_CARBON
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "test/mock/server/MockConfig.h"
 #include "test/mock/server/MockPrimaryClient.h"

src/test/integtests/platform/MSWindowsKeyStateTests.cpp

@@ -16,7 +16,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "test/mock/barrier/MockEventQueue.h"
 #include "test/mock/barrier/MockKeyMap.h"

src/test/integtests/platform/XWindowsKeyStateTests.cpp

@@ -16,7 +16,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "test/mock/barrier/MockKeyMap.h"
 #include "test/mock/barrier/MockEventQueue.h"

src/test/integtests/platform/XWindowsScreenSaverTests.cpp

@@ -23,6 +23,7 @@
 #include "platform/XWindowsScreenSaver.h"
 
 #include "test/global/gtest.h"
+#include <cstdlib>
 #include <X11/Xlib.h>
 
 using ::testing::_;
@@ -30,7 +31,12 @@ using ::testing::_;
 // TODO: not working on build machine for some reason
 TEST(CXWindowsScreenSaverTests, activate_defaultScreen_todo)
 {
-    Display* display = XOpenDisplay(":0.0");
+    const char* displayName = std::getenv("DISPLAY");
+    if (displayName == NULL) {
+        displayName = ":0.0";
+    }
+
+    Display* display = XOpenDisplay(displayName);
     Window window = DefaultRootWindow(display);
     MockEventQueue eventQueue;
     EXPECT_CALL(eventQueue, removeHandler(_, _)).Times(1);

src/test/integtests/platform/XWindowsScreenTests.cpp

@@ -20,16 +20,22 @@
 #include "platform/XWindowsScreen.h"
 
 #include "test/global/gtest.h"
+#include <cstdlib>
 
 using ::testing::_;
 
 TEST(CXWindowsScreenTests, fakeMouseMove_nonPrimary_getCursorPosValuesCorrect)
 {
+    const char* displayName = std::getenv("DISPLAY");
+    if (displayName == NULL) {
+        displayName = ":0.0";
+    }
+
     MockEventQueue eventQueue;
     EXPECT_CALL(eventQueue, adoptHandler(_, _, _)).Times(2);
     EXPECT_CALL(eventQueue, adoptBuffer(_)).Times(2);
     EXPECT_CALL(eventQueue, removeHandler(_, _)).Times(2);
-    XWindowsScreen screen(new XWindowsImpl(), ":0.0", false, false, 0, &eventQueue);
+    XWindowsScreen screen(new XWindowsImpl(), displayName, false, false, 0, &eventQueue);
 
     screen.fakeMouseMove(10, 20);
 

src/test/mock/barrier/MockApp.h

@@ -17,7 +17,7 @@
 
 #pragma once
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "barrier/App.h"
 

src/test/mock/barrier/MockArgParser.h

@@ -17,7 +17,7 @@
 
 #pragma once
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "barrier/ArgParser.h"
 

src/test/mock/barrier/MockScreen.h

@@ -17,7 +17,7 @@
 
 #pragma once
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "barrier/Screen.h"
 

src/test/mock/server/MockConfig.h

@@ -17,7 +17,7 @@
 
 #pragma once
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "server/Config.h"
 

src/test/mock/server/MockInputFilter.h

@@ -17,7 +17,7 @@
 
 #pragma once
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "server/InputFilter.h"
 

src/test/mock/server/MockPrimaryClient.h

@@ -17,7 +17,7 @@
 
 #pragma once
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "server/PrimaryClient.h"
 #include "base/String.h"

src/test/mock/server/MockServer.h

@@ -17,7 +17,7 @@
 
 #pragma once
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "server/Server.h"
 

src/test/unittests/CMakeLists.txt

@@ -50,8 +50,6 @@ list(APPEND headers ${platform_sources})
 
 include_directories(
     ../../
-    ../../../ext/gtest/include
-    ../../../ext/gmock/include
     ../../../ext
 )
 
@@ -67,4 +65,4 @@ endif()
 
 add_executable(unittests ${sources})
 target_link_libraries(unittests
-    arch base client server common io net platform server synlib mt ipc gtest gmock ${libs} ${OPENSSL_LIBS})
+    arch base client server common io net platform server synlib mt ipc ${GTEST_LIBRARIES} ${GMOCK_LIBRARIES} ${libs} ${OPENSSL_LIBS})

src/test/unittests/barrier/KeyMapTests.cpp

@@ -15,6 +15,8 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#define BARRIER_TEST_ENV
+
 #include "barrier/KeyMap.h"
 
 #include "test/global/gtest.h"

src/test/unittests/ipc/IpcLogOutputterTests.cpp

@@ -15,7 +15,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#define TEST_ENV
+#define BARRIER_TEST_ENV
 
 #include "test/mock/ipc/MockIpcServer.h"
 

towncrier.toml

@@ -1,39 +0,0 @@
-[tool.towncrier]
-    package = ""
-    directory = "doc/newsfragments"
-    filename = "doc/release_notes/index.md"
-    template = "doc/release_notes/index.template.jinja"
-    title_format = "\nBarrier `{version}` ( `{project_date}` )\n================================\n"
-    start_string = "[comment]: <> (towncrier release notes start)"
-    [[tool.towncrier.section]]
-        path = ""
-
-    [[tool.towncrier.type]]
-        directory = "security"
-        name = "Security fixes"
-        showcontent = false
-
-    [[tool.towncrier.type]]
-        directory = "feature"
-        name = "Features"
-        showcontent = true
-
-    [[tool.towncrier.type]]
-        directory = "bugfix"
-        name = "Bug fixes"
-        showcontent = true
-
-    [[tool.towncrier.type]]
-        directory = "doc"
-        name = "Improved Documentation"
-        showcontent = true
-
-    [[tool.towncrier.type]]
-        directory = "removal"
-        name = "Deprecations and Removals"
-        showcontent = true
-
-    [[tool.towncrier.type]]
-        directory = "misc"
-        name = "Miscellaneous"
-        showcontent = false