Skip to content

v1.7.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 27 May 22:03
· 14 commits to main since this release
v1.7.0
9e6a0aa

Feature and fix release. A long-standing RDP resize artifact is fixed, folders you can't access are now hidden instead of shown-then-denied, Ctrl+V no longer leaves modifiers stuck, and VDI gains a container-naming fix plus example images. Routine dependency bumps.

Highlights

RDP resize black/ghost regions fixed (#118)

Resizing the browser during an RDP session could leave sharp black rectangles where static window content had been, persisting until something repainted those pixels. The cause was in guacd: guac_rdp_gdi_desktop_resize() resized the GDI buffer and display layer but never marked the layer dirty, so the post-resize flush sent nothing and the client kept stale/blank regions.

We now carry a guacd patch (patches/005-rdp-resize-dirty-flush.patch) that marks the whole layer dirty and issues a RefreshRect for the new desktop area after a resize. This fixes the legacy bitmap path, which is rustguac's default (enable_gfx off). GFX/RDPGFX sessions use a separate surface-cache path that does not exhibit the artifact in practice.

Root cause diagnosed and the fix supplied by @Bails309 on the issue. Thank you.

Inaccessible folders are now hidden (#147)

Previously, subfolders of a folder you could open were all listed regardless of their own group ACLs, so you could see folders you weren't entitled to and only discover that on click ("no access"). This also leaked folder names to unauthorized users.

Subfolders are now filtered by access. A folder is shown if you can access it directly or can access any descendant of it, so deeper grants are never orphaned out of the tree. Admins still see everything. Reported by @Napsty (Claudio Kuenzler).

Ctrl+V no longer sticks modifier keys

Pasting with Ctrl+V could leave Ctrl (or Alt/Shift) stuck "down" on the remote until pressed again. The Ctrl+V paste path reads the browser clipboard, which shifts focus to a permission prompt; the modifier's keyup then landed off-page and was never forwarded. The client now releases all held keys on window blur / visibility change (the canonical Guacamole guard), which also covers alt-tab-with-modifier-held and clicking away to another app.

VDI container-name collisions fixed (#138)

A user with multiple VDI entries resolving to the same in-container username got the same Docker container name for all of them, so starting one could reuse or replace another. Container names now include the sanitized entry name (rustguac-vdi-{username}-{entry}); same user + same entry still reuses one container, different entries run independently. Contributed by @vk2amv (Lindsay Harvey).

VDI example images (#139)

Two example VDI container images added under contrib/: one with PulseAudio audio, one with PulseAudio + x264/GFX. Also from @vk2amv.

Dependencies

  • pulldown-cmark 0.13.3 -> 0.13.4
  • tower-http 0.6.10 -> 0.6.11
  • serde_json 1.0.149 -> 1.0.150
  • cbc 0.2.0 -> 0.2.1
  • russh 0.60.2 -> 0.60.3 (held at the 0.60.x patch line; the 0.61.0 minor was declined for now)

Thanks

Thanks to @Bails309 for diagnosing and fixing the RDP resize artifact (#118), @Napsty (Claudio Kuenzler) for the folder-visibility report (#147), and @vk2amv (Lindsay Harvey) for the VDI container-naming fix (#138) and example images (#139).

Errata (added 2026-05-28)

The "RDP resize black/ghost regions fixed (#118)" change above does not actually resolve the user-visible black-tile symptom against xrdp (Linux RDP) targets, contrary to what we said when shipping v1.7.0. Subsequent testing against a reproducing session showed the black tiles are caused by the server emitting cfill rgba(0,0,0,255) instructions tiling the entire new viewport on resize, then only incrementally repainting changed regions - whatever the server's dirty tracking treats as "unchanged" stays black. Patch 005-rdp-resize-dirty-flush addresses a different (theoretical) failure mode and doesn't help this one; it may even amplify the server's full-paint-with-black cycle via RefreshRect.

The patch still ships in v1.7.0 because it isn't actively harmful, but #118 is reopened and under investigation. See #118 for the diagnostic trail.

The other shipped changes in v1.7.0 (folder access hiding #147, Ctrl+V stuck-modifier fix, VDI #138/#139, dependency bumps) are unaffected.

Contributors

Napsty, vk2amv, and Bails309
Assets 6
Loading