From df4c93b3e8e25fde155c07d07ba8972a7455ff54 Mon Sep 17 00:00:00 2001
From: Nick Couchman <vnick@apache.org>
Date: Sun, 10 Mar 2019 15:22:49 -0400
Subject: [PATCH] GUACAMOLE-414: Use configure checks for finding TLS locking
 support.

---
 configure.ac            | 27 +++++++++++++++++++++++++++
 src/protocols/vnc/vnc.c |  6 +++---
 src/protocols/vnc/vnc.h |  2 +-
 3 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/configure.ac b/configure.ac
index 0acb27b1..85a0559e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -512,6 +512,33 @@ then
 
 fi
 
+#
+# TLS Locking Support within libVNCServer
+#
+
+if test "x${have_libvncserver}" = "xyes"
+then
+
+    have_vnc_tls_locking=yes
+    AC_CHECK_MEMBERS([rfbClient.LockWriteToTLS, rfbClient.UnlockWriteToTLS],
+                     [], [have_vnc_tls_locking=no],
+                     [[#include <rfb/rfbclient.h>]])
+
+    if test "x${have_vnc_tls_locking}" = "xno"
+    then
+        AC_MSG_WARN([
+      --------------------------------------------
+       This version of libvncclient lacks support
+       for TLS locking.  VNC connections that use
+       TLS may experience instability as documented
+       in GUACAMOLE-414])
+    else
+        AC_DEFINE([ENABLE_VNC_TLS_LOCKING],,
+                  [Whether support for TLS locking within VNC is enabled.])
+    fi
+
+fi
+
 #
 # FreeRDP
 #
diff --git a/src/protocols/vnc/vnc.c b/src/protocols/vnc/vnc.c
index 54e88dca..932a917d 100644
--- a/src/protocols/vnc/vnc.c
+++ b/src/protocols/vnc/vnc.c
@@ -56,7 +56,7 @@
 
 char* GUAC_VNC_CLIENT_KEY = "GUAC_VNC";
 
-#if LIBVNCSERVER_VERSION_MAJOR >=0 && LIBVNCSERVER_VERSION_MINOR >= 9 && LIBVNCSERVER_VERSION_PATCHLEVEL >= 11
+#ifdef ENABLE_VNC_TLS_LOCKING
 /**
  * A callback function that is called by the VNC library prior to writing
  * data to a TLS-encrypted socket.  This returns the rfbBool FALSE value
@@ -127,7 +127,7 @@ rfbClient* guac_vnc_get_client(guac_client* client) {
     rfb_client->GotFrameBufferUpdate = guac_vnc_update;
     rfb_client->GotCopyRect = guac_vnc_copyrect;
 
-#if LIBVNCSERVER_VERSION_MAJOR >=0 && LIBVNCSERVER_VERSION_MINOR >= 9 && LIBVNCSERVER_VERSION_PATCHLEVEL >= 11
+#ifdef ENABLE_VNC_TLS_LOCKING
     /* TLS Locking and Unlocking */
     rfb_client->LockWriteToTLS = guac_vnc_lock_write_to_tls;
     rfb_client->UnlockWriteToTLS = guac_vnc_unlock_write_to_tls;
@@ -247,7 +247,7 @@ void* guac_vnc_client_thread(void* data) {
     rfbClientLog = guac_vnc_client_log_info;
     rfbClientErr = guac_vnc_client_log_error;
 
-#if LIBVNCSERVER_VERSION_MAJOR >=0 && LIBVNCSERVER_VERSION_MINOR >= 9 && LIBVNCSERVER_VERSION_PATCHLEVEL >= 11
+#ifdef ENABLE_VNC_TLS_LOCKING
     /* Initialize the write lock */
     pthread_mutex_init(&(vnc_client->tls_lock), NULL);
 #endif
diff --git a/src/protocols/vnc/vnc.h b/src/protocols/vnc/vnc.h
index de9b3239..7e927585 100644
--- a/src/protocols/vnc/vnc.h
+++ b/src/protocols/vnc/vnc.h
@@ -56,7 +56,7 @@ typedef struct guac_vnc_client {
      */
     pthread_t client_thread;
 
-#if LIBVNCSERVER_VERSION_MAJOR >=0 && LIBVNCSERVER_VERSION_MINOR >= 9 && LIBVNCSERVER_VERSION_PATCHLEVEL >= 11
+#ifdef ENABLE_VNC_TLS_LOCKING
     /**
      * The TLS mutex lock for the client.
      */