Feature(Go): Screen frame relay end-to-end with graceful client BYE (Phase 4)

server/go/protocol/commands.go

@@ -2,7 +2,10 @@ package protocol
 
 import (
 	"bytes"
+	"crypto/hmac"
+	"crypto/sha256"
 	"encoding/binary"
+	"encoding/hex"
 	"strings"
 
 	"golang.org/x/text/encoding/simplifiedchinese"
@@ -44,19 +47,126 @@ func cleanString(s string) string {
 	return strings.TrimSpace(result.String())
 }
 
-// Command tokens - matching the C++ definitions
+// Command tokens - matching the C++ definitions (common/commands.h).
 const (
 	// Server -> Client commands
-	CommandActived    byte = 0   // COMMAND_ACTIVED
-	CommandBye        byte = 204 // COMMAND_BYE - disconnect
-	CommandHeartbeat  byte = 216 // CMD_HEARTBEAT_ACK
+	CommandActived   byte = 0   // COMMAND_ACTIVED
+	CommandScreenSpy byte = 16  // COMMAND_SCREEN_SPY - start screen capture
+	CommandNext      byte = 30  // COMMAND_NEXT - "control-side dialog is open, you may stream"
+	CommandBye       byte = 204 // COMMAND_BYE - disconnect
+	CommandHeartbeat byte = 216 // CMD_HEARTBEAT_ACK
 
 	// Client -> Server tokens
-	TokenAuth      byte = 100 // TOKEN_AUTH - authorization required
-	TokenHeartbeat byte = 101 // TOKEN_HEARTBEAT
-	TokenLogin     byte = 102 // TOKEN_LOGIN - login packet
+	TokenAuth        byte = 100 // TOKEN_AUTH - authorization required
+	TokenHeartbeat   byte = 101 // TOKEN_HEARTBEAT
+	TokenLogin       byte = 102 // TOKEN_LOGIN - login packet
+	TokenBitmapInfo  byte = 115 // TOKEN_BITMAPINFO - screen sub-connection header
+	TokenFirstScreen byte = 116 // TOKEN_FIRSTSCREEN - raw BGRA baseline frame (NOT H264)
+	TokenNextScreen  byte = 117 // TOKEN_NEXTSCREEN - non-keyframe H264 (P-frame)
+	TokenKeyframe    byte = 134 // TOKEN_KEYFRAME - H264 IDR (sent on GOP boundary)
+	TokenConnAuth    byte = 246 // TOKEN_CONN_AUTH - sub-connection identity handshake
+	CmdCursorImage   byte = 93  // CMD_CURSOR_IMAGE - custom cursor bitmap (Phase 5+ feature)
 )
 
+// Sub-connection authentication (matches common/commands.h ConnAuth* structs).
+// Each newly-opened sub-conn first sends a 512-byte ConnAuthPacket, then waits
+// for a 256-byte ConnAuthAck before any further command is meaningful.
+const (
+	ConnAuthPacketSize = 512
+	ConnAuthAckSize    = 256
+	// ConnAuthAck field offsets within the 256-byte buffer.
+	ConnAuthAckOffStatus     = 1 // uint8
+	ConnAuthAckOffServerTime = 2 // uint64 LE
+	// Status codes.
+	ConnAuthStatusOK byte = 0
+)
+
+// CMD_MASTERSETTING is the server's reply to a fresh client login. The
+// client uses the Signature field to prove this server has the shared
+// secret; without a valid signature the client's private FileUpload init
+// aborts the process. Struct layout matches MasterSettings in
+// common/commands.h (pragma pack 4, total 1000 bytes).
+const (
+	CmdMasterSetting               byte = 215
+	MasterSettingsSize                  = 1000
+	MasterSettingsOffReportInterval      = 0   // int32, seconds
+	MasterSettingsOffSignature          = 508 // Signature[64]
+	MasterSettingsSignatureLen          = 64
+	// DefaultReportIntervalSec matches the C++ default. Sending 0 makes the
+	// client disable its active-window heartbeat field, breaking RTT /
+	// ActiveWindow live updates on the web UI.
+	DefaultReportIntervalSec = 5
+)
+
+// SignMessage computes HMAC-SHA256(key, msg) and returns the 64-char
+// lowercase hex digest. Used to sign CMD_MASTERSETTING replies so the
+// client can verify the response came from a legitimate server.
+//
+// The key is a deployment-time shared secret loaded from the
+// YAMA_SIGN_PASSWORD env var so the binary doesn't carry the literal in
+// cleartext; provision out-of-band and never commit it.
+func SignMessage(password string, msg []byte) string {
+	mac := hmac.New(sha256.New, []byte(password))
+	mac.Write(msg)
+	return hex.EncodeToString(mac.Sum(nil))
+}
+
+// Screen-spy parameters that match the C++ ScreenSpy implementation.
+const (
+	AlgorithmH264 byte = 2 // ALGORITHM_H264 — H264 encoding (the algorithm web uses)
+)
+
+// Reserved-field indices we care about (see common/commands.h RES_* enum).
+// LOGIN_INFOR.szReserved is a '|'-separated list; clients fill known slots
+// even when leaving others blank ("?").
+const (
+	ResFieldClientType  = 0  // RES_CLIENT_TYPE  — client kind (Windows / macOS / ...)
+	ResFieldFilePath    = 4  // RES_FILE_PATH    — install path
+	ResFieldInstallTime = 6  // RES_INSTALL_TIME
+	ResFieldClientLoc   = 10 // RES_CLIENT_LOC   — geo string
+	ResFieldClientPubIP = 11 // RES_CLIENT_PUBIP — public IP
+	ResFieldClientID    = 16 // RES_CLIENT_ID    — uint64 decimal, matches TOKEN_BITMAPINFO clientID
+)
+
+// ScreenFrameHeaderLen is the size of the small per-frame header prepended by
+// the device on every TOKEN_NEXTSCREEN buffer, before the H.264 NAL payload.
+// Layout (excluding the leading TOKEN_* byte):
+//
+//	[algorithm:1][cursorPos:8 (int32 x, int32 y)][cursorIdx:1] = 10 bytes
+//
+// (The C++ side counts the token byte into its ulHeadLength=11; we keep the
+// constant strictly post-token so the call site reads `skip := 1 + headerLen`
+// without confusion.) SCREENYSPY_IMPROVE adds a 4-byte frameID after the
+// cursor index, which is the production-off setting per common/commands.h.
+const ScreenFrameHeaderLen = 1 + 8 + 1
+
+// IsH264Keyframe scans an Annex-B H.264 bitstream for a NAL unit indicating
+// a keyframe boundary — IDR (type 5), SPS (7) or PPS (8). Returns true on
+// the first hit. Matches the detection used by the C++ ScreenSpy broadcast
+// path so frame-type bytes stay consistent across server implementations.
+func IsH264Keyframe(data []byte) bool {
+	n := len(data)
+	for i := 0; i+4 < n; i++ {
+		var nalOffset int
+		switch {
+		case data[i] == 0 && data[i+1] == 0 && data[i+2] == 0 && data[i+3] == 1:
+			nalOffset = i + 4
+		case data[i] == 0 && data[i+1] == 0 && data[i+2] == 1:
+			nalOffset = i + 3
+		default:
+			continue
+		}
+		if nalOffset >= n {
+			continue
+		}
+		nalType := data[nalOffset] & 0x1F
+		if nalType == 5 || nalType == 7 || nalType == 8 {
+			return true
+		}
+	}
+	return false
+}
+
 // LOGIN_INFOR structure size and offsets (matching C++ struct with default alignment)
 // Note: C++ struct uses default alignment (4-byte for uint32/int)
 const (