Re: [Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH_NON

From:	Paolo Bonzini
Subject:	Re: [Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH_NONE
Date:	Wed, 11 Dec 2013 17:06:54 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130923 Thunderbird/17.0.9

Il 11/12/2013 16:54, Gerd Hoffmann ha scritto:
> Current code silently changes the authentication settings
> in case you try to set a password without password authentication
> turned on.  This is bad.  Return an error instead.
> 
> If we want allow changing auth settings at runtime this should
> be done explicitly using a separate monitor command, not as
> side effect of set_passwd.
> 
> Signed-off-by: Gerd Hoffmann <address@hidden>

Isn't this backwards-incompatible?

Paolo

> ---
>  ui/vnc.c | 34 ++++++----------------------------
>  1 file changed, 6 insertions(+), 28 deletions(-)
> 
> diff --git a/ui/vnc.c b/ui/vnc.c
> index 5601cc3..79efb80 100644
> --- a/ui/vnc.c
> +++ b/ui/vnc.c
> @@ -2971,26 +2971,6 @@ static void vnc_display_close(DisplayState *ds)
>  #endif
>  }
>  
> -static int vnc_display_disable_login(DisplayState *ds)
> -{
> -    VncDisplay *vs = vnc_display;
> -
> -    if (!vs) {
> -        return -1;
> -    }
> -
> -    if (vs->password) {
> -        g_free(vs->password);
> -    }
> -
> -    vs->password = NULL;
> -    if (vs->auth == VNC_AUTH_NONE) {
> -        vs->auth = VNC_AUTH_VNC;
> -    }
> -
> -    return 0;
> -}
> -
>  int vnc_display_password(DisplayState *ds, const char *password)
>  {
>      VncDisplay *vs = vnc_display;
> @@ -2998,20 +2978,18 @@ int vnc_display_password(DisplayState *ds, const char 
> *password)
>      if (!vs) {
>          return -EINVAL;
>      }
> -
> -    if (!password) {
> -        /* This is not the intention of this interface but err on the side
> -           of being safe */
> -        return vnc_display_disable_login(ds);
> +    if (vs->auth == VNC_AUTH_NONE) {
> +        error_printf_unless_qmp("If you want use passwords please enable "
> +                                "password auth using '-vnc 
> ${dpy},password'.");
> +        return -EINVAL;
>      }
>  
>      if (vs->password) {
>          g_free(vs->password);
>          vs->password = NULL;
>      }
> -    vs->password = g_strdup(password);
> -    if (vs->auth == VNC_AUTH_NONE) {
> -        vs->auth = VNC_AUTH_VNC;
> +    if (password) {
> +        vs->password = g_strdup(password);
>      }
>  
>      return 0;
>

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH_NONE, Gerd Hoffmann, 2013/12/11
- Re: [Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH_NONE, Paolo Bonzini <=
  - Re: [Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH_NONE, Gerd Hoffmann, 2013/12/11
    - Re: [Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH_NONE, Paolo Bonzini, 2013/12/11
    - Re: [Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH_NONE, Gerd Hoffmann, 2013/12/12

Prev by Date: [Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH_NONE
Next by Date: Re: [Qemu-devel] [PATCH 0/8] target-i386: Simplify kvm_cpu_fill_host() and kvm_check_features_against_host()
Previous by thread: [Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH_NONE
Next by thread: Re: [Qemu-devel] [PATCH] vnc: refuse to set a password with VNC_AUTH_NONE
Index(es):
- Date
- Thread