Change the damage trust option to include a 'never' option.

This is not expected to be useful in production, but it will
be useful in developing tests.

src/display.c

@@ -688,5 +688,9 @@ void display_close(display_t *d)
 
 int display_trust_damage(display_t *d)
 {
-    return d->session->options.always_trust_damage || d->fullscreen_damage_count <= 2;
+    if (d->session->options.trust_damage == ALWAYS_TRUST)
+        return 1;
+    if (d->session->options.trust_damage == NEVER_TRUST)
+        return 0;
+    return d->fullscreen_damage_count <= 2;
 }

src/options.c

@@ -344,6 +344,7 @@ static void options_from_config(options_t *options)
 {
     GKeyFile *userkey = g_key_file_new();
     GKeyFile *systemkey = NULL;
+    char *trust_damage = NULL;
     int config_file_given = options->user_config_file ? TRUE : FALSE;
 
     if (!config_file_given) {
@@ -381,7 +382,14 @@ static void options_from_config(options_t *options)
     string_option(&options->on_disconnect, userkey, systemkey, "spice", "on-disconnect");
     options->audit = bool_option(userkey, systemkey, "spice", "audit");
     options->audit_message_type = int_option(userkey, systemkey, "spice", "audit-message-type");
-    options->always_trust_damage = bool_option(userkey, systemkey, "spice", "always-trust-damage");
+
+    string_option(&trust_damage, userkey, systemkey, "spice", "trust-damage");
+    options->trust_damage = AUTO_TRUST;
+    if (g_strcmp0(trust_damage, "always") == 0)
+        options->trust_damage = ALWAYS_TRUST;
+    if (g_strcmp0(trust_damage, "never") == 0)
+        options->trust_damage = NEVER_TRUST;
+    g_free(trust_damage);
 
 #if defined(HAVE_LIBAUDIT_H)
     /* Pick an arbitrary default in the user range.  CodeWeavers was founed in 1996, so 1196 it is... */

src/options.h

@@ -39,6 +39,8 @@ typedef struct {
     char *ciphersuite;
 } ssl_options_t;
 
+typedef enum { AUTO_TRUST, ALWAYS_TRUST, NEVER_TRUST } damage_trust_t;
+
 typedef struct {
     /* Both config and command line arguments */
     long timeout;
@@ -62,7 +64,7 @@ typedef struct {
     char *on_disconnect;
     int audit;
     int audit_message_type;
-    int always_trust_damage;
+    damage_trust_t trust_damage;
 
     /* file names of config files */
     char *user_config_file;

src/xdg/x11spice/x11spice.conf

@@ -86,12 +86,19 @@
 #audit-message-type=1196
 
 #-----------------------------------------------------------------------------
-# always-trust-damage
+# trust-damage
 #           By default, x11spice will distrust repeated fullscreen
-#           damage reports.  If this is on, we will always trust the reports.
-#           Default false.
-#-----------------------------------------------------------------------------
-#always-trust-damage=false
+#           damage reports.  This configuration option allows you to
+#           change that behavior.  Allowed values are:
+#             auto      Do not trust the 3rd to nth repeated full screen
+#                       damage report.  Instead, increase scan frequency.
+#             always    Trust each and every damage report.
+#             never     Never trust damage.  This mode is not useful in
+#                       production, but is useful for testing the scanning
+#                       algorithm
+#           Default auto.
+#-----------------------------------------------------------------------------
+#trust-damage=auto
 
 #-----------------------------------------------------------------------------
 # minimize  Starts the x11spice gui minimized.  Default false.