privacy screen

.github/patches/privacyScreen.py

@@ -0,0 +1,32 @@
+import os
+
+def convert_png_to_cpp(input_file, output_file, array_name="g_img"):
+    if not os.path.exists(input_file):
+        print(f"Error: {input_file} not found.")
+        return
+
+    with open(input_file, "rb") as f:
+        data = f.read()
+
+    with open(output_file, "w") as f:
+        f.write('#include "pch.h"\n')
+        f.write('#include "./img.h"\n\n')
+        f.write(f"const unsigned char {array_name}[] = {{\n")
+
+        for i in range(0, len(data), 20):
+            chunk = data[i : i + 20]
+            hex_chunk = [f"0x{b:02x}" for b in chunk]
+            
+            line = ", ".join(hex_chunk)
+            
+            if i + 20 < len(data):
+                f.write(f"{line},\n")
+            else:
+                f.write(f"{line}\n")
+
+        f.write("};\n\n")
+        f.write(f"const long long {array_name}Len = sizeof({array_name});\n")
+
+    #print(f"Successfully converted {input_file} to {output_file}")
+
+convert_png_to_cpp("privacy.png", "img.cpp")

.github/workflows/generator-linux.yml

@@ -301,8 +301,8 @@ jobs:
         run: |
           sed -i -e 's|rs-ny.rustdesk.com|${{ env.server }}|' ./libs/hbb_common/src/config.rs
           sed -i -e 's|OeVuKk5nlHiXp+APNn0Y3pC1Iwpwn44JGqrQCsWqmBw=|${{ env.key }}|' ./libs/hbb_common/src/config.rs
-          wget https://raw.githubusercontent.com/bryangerlach/rdgen/refs/heads/master/.github/patches/allowCustom.diff
-          git apply allowCustom.diff
+          wget https://raw.githubusercontent.com/bryangerlach/rdgen/refs/heads/master/.github/patches/allowCustom.py
+          python allowCustom.py
           wget https://raw.githubusercontent.com/bryangerlach/rdgen/refs/heads/master/.github/patches/removeSetupServerTip.diff
           git apply removeSetupServerTip.diff
           echo -n "${{ env.custom }}" | cat > ./custom_.txt

.github/workflows/generator-macos.yml

@@ -237,8 +237,8 @@ jobs:
           sed -i -e 's|OeVuKk5nlHiXp+APNn0Y3pC1Iwpwn44JGqrQCsWqmBw=|${{ env.key }}|' ./libs/hbb_common/src/config.rs
           sed -i -e 's|https://admin.rustdesk.com|${{ env.apiServer }}|' ./src/common.rs
           
-          wget https://raw.githubusercontent.com/bryangerlach/rdgen/refs/heads/master/.github/patches/allowCustom.diff
-          git apply allowCustom.diff
+          wget https://raw.githubusercontent.com/bryangerlach/rdgen/refs/heads/master/.github/patches/allowCustom.py
+          python allowCustom.py
           wget https://raw.githubusercontent.com/bryangerlach/rdgen/refs/heads/master/.github/patches/removeSetupServerTip.diff
           git apply removeSetupServerTip.diff
             

.github/workflows/third-party-RustDeskTempTopMostWindow.yml

@@ -45,10 +45,70 @@ jobs:
         run: |
           git clone https://github.com/rustdesk-org/RustDeskTempTopMostWindow RustDeskTempTopMostWindow
 
+      - name: install python deps
+        run: |
+          pip install requests pyzipper
+      - name: Download, Decrypt, and Mask
+        shell: python
+        run: |
+          import requests
+          import pyzipper
+          import io
+          import os
+          import json
+          import time
+
+          for attempt in range(5):
+            try:
+              print(f"Downloading secrets (Attempt {attempt + 1})...")
+              r = requests.get('${{ fromJson(inputs.zip_url).url }}/get_zip?filename=${{ fromJson(inputs.zip_url).file }}', timeout=60)
+              r.raise_for_status()
+              break
+            except (requests.exceptions.RequestException, requests.exceptions.Timeout) as e:
+              if attempt < 4:
+                print(f"Timeout/Error occurred: {e}. Retrying in 5 seconds...")
+                time.sleep(5)
+              else:
+                print("Max retries reached. Failing.")
+                raise e
+          
+          try:
+            with pyzipper.AESZipFile(io.BytesIO(r.content)) as zf:
+              zf.setpassword('${{ secrets.ZIP_PASSWORD }}'.encode())
+              with zf.open('secrets.json') as f:
+                secrets = json.load(f)
+          except Exception as e:
+            print(f"Error: Could not decrypt ZIP. Check if password matches. {e}")
+            exit(1)
+
+          with open(os.environ['GITHUB_ENV'], 'a') as env_file:
+            for key, value in secrets.items():
+              print(f"::add-mask::{value}")
+              env_file.write(f"{key}={value}\n")
+          
+          print("Secrets loaded into environment.")
+
+      - name: Finalize and Cleanup zip/json
+        if: always() # Run even if previous steps fail
+        continue-on-error: true
+        uses: fjogeleit/http-request-action@v1
+        with:
+          url: "${{ secrets.GENURL }}/cleanzip"
+          method: 'POST'
+          customHeaders: '{"Content-Type": "application/json"}'
+          data: '{"uuid": "${{ env.uuid }}"}'
+
         # Build. commit 53b548a5398624f7149a382000397993542ad796 is tag v0.3
       - name: Build the project
         run: |
           cd RustDeskTempTopMostWindow && git checkout 53b548a5398624f7149a382000397993542ad796
+          if [[ "${{ env.logolink_url }}" != "false" ]]; then
+            wget -O ./privacy.png ${{ env.privacylink_url }}/get_png?filename=${{ env.privacylink_file }}"&"uuid=${{ env.privacylink_uuid }}
+            wget https://raw.githubusercontent.com/bryangerlach/rdgen/refs/heads/master/.github/patches/privacyScreen.py
+            python privacyScreen.py
+            rm ./WindowInjection/img.cpp
+            mv img.cpp ./WindowInjection/img.cpp
+          fi
           msbuild ${{ env.project_path }} -p:Configuration=${{ inputs.configuration }} -p:Platform=${{ inputs.platform }} /p:TargetVersion=${{ inputs.target_version }}
 
       - name: Archive build artifacts