[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 10/14] ui/vnc: fix skipping SASL SSF on UNIX sockets
From: |
Daniel P . Berrangé |
Subject: |
[PULL 10/14] ui/vnc: fix skipping SASL SSF on UNIX sockets |
Date: |
Tue, 22 Oct 2024 16:24:11 +0100 |
The 'is_unix' flag is set on the VNC server during startup, however,
a regression in:
commit 8bd22f477f68bbd7a9c88e926e7a58bf65605e39
Author: Daniel P. Berrangé <berrange@redhat.com>
Date: Fri Feb 3 12:06:46 2017 +0000
ui: extract code to connect/listen from vnc_display_open
meant we stopped setting the 'is_unix' flag when QEMU listens for
VNC sockets, only setting when QEMU does a reverse VNC connection.
Rather than fixing setting of the 'is_unix' flag, remove it, and
directly check the live client socket address. This is more robust
to a possible situation where the VNC server was listening on a
mixture of INET and UNIX sockets.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
ui/vnc-auth-sasl.c | 14 +++++++++++---
ui/vnc.c | 3 ---
ui/vnc.h | 1 -
3 files changed, 11 insertions(+), 7 deletions(-)
diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c
index edf19deb3b..43515447fb 100644
--- a/ui/vnc-auth-sasl.c
+++ b/ui/vnc-auth-sasl.c
@@ -551,6 +551,13 @@ vnc_socket_ip_addr_string(QIOChannelSocket *ioc,
return 0;
}
+static bool
+vnc_socket_is_unix(QIOChannelSocket *ioc)
+{
+ SocketAddress *addr = qio_channel_socket_get_local_address(ioc, NULL);
+ return addr && addr->type == SOCKET_ADDRESS_TYPE_UNIX;
+}
+
void start_auth_sasl(VncState *vs)
{
const char *mechlist = NULL;
@@ -627,10 +634,11 @@ void start_auth_sasl(VncState *vs)
memset (&secprops, 0, sizeof secprops);
/* Inform SASL that we've got an external SSF layer from TLS.
*
- * Disable SSF, if using TLS+x509+SASL only. TLS without x509
- * is not sufficiently strong
+ * Disable SSF, if using TLS+x509+SASL only, or UNIX sockets.
+ * TLS without x509 is not sufficiently strong, nor is plain
+ * TCP
*/
- if (vs->vd->is_unix ||
+ if (vnc_socket_is_unix(vs->sioc) ||
(vs->auth == VNC_AUTH_VENCRYPT &&
vs->subauth == VNC_AUTH_VENCRYPT_X509SASL)) {
/* If we've got TLS or UNIX domain sock, we don't care about SSF */
diff --git a/ui/vnc.c b/ui/vnc.c
index 93a8dbd253..5fcb35bf25 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -3430,7 +3430,6 @@ static void vnc_display_close(VncDisplay *vd)
if (!vd) {
return;
}
- vd->is_unix = false;
if (vd->listener) {
qio_net_listener_disconnect(vd->listener);
@@ -3932,8 +3931,6 @@ static int vnc_display_connect(VncDisplay *vd,
error_setg(errp, "Expected a single address in reverse mode");
return -1;
}
- /* TODO SOCKET_ADDRESS_TYPE_FD when fd has AF_UNIX */
- vd->is_unix = saddr_list->value->type == SOCKET_ADDRESS_TYPE_UNIX;
sioc = qio_channel_socket_new();
qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse");
if (qio_channel_socket_connect_sync(sioc, saddr_list->value, errp) < 0) {
diff --git a/ui/vnc.h b/ui/vnc.h
index e5fa2efa3e..acc53a2cc1 100644
--- a/ui/vnc.h
+++ b/ui/vnc.h
@@ -168,7 +168,6 @@ struct VncDisplay
const char *id;
QTAILQ_ENTRY(VncDisplay) next;
- bool is_unix;
char *password;
time_t expires;
int auth;
--
2.46.0
- [PULL 00/14] Misc fixes patches, Daniel P . Berrangé, 2024/10/22
- [PULL 02/14] sockets: Remove deadcode, Daniel P . Berrangé, 2024/10/22
- [PULL 01/14] crypto: Remove unused DER string functions, Daniel P . Berrangé, 2024/10/22
- [PULL 03/14] util: don't set SO_REUSEADDR on client sockets, Daniel P . Berrangé, 2024/10/22
- [PULL 04/14] crypto/hash: avoid overwriting user supplied result pointer, Daniel P . Berrangé, 2024/10/22
- [PULL 05/14] tests: correctly validate result buffer in hash/hmac tests, Daniel P . Berrangé, 2024/10/22
- [PULL 06/14] include/crypto: clarify @result/@result_len for hash/hmac APIs, Daniel P . Berrangé, 2024/10/22
- [PULL 07/14] crypto/hash-afalg: Fix broken build, Daniel P . Berrangé, 2024/10/22
- [PULL 08/14] ui/vnc: don't return an empty SASL mechlist to the client, Daniel P . Berrangé, 2024/10/22
- [PULL 09/14] ui/vnc: don't raise error formatting socket address for non-inet, Daniel P . Berrangé, 2024/10/22
- [PULL 10/14] ui/vnc: fix skipping SASL SSF on UNIX sockets,
Daniel P . Berrangé <=
- [PULL 11/14] ui/vnc: don't check for SSF after SASL authentication on UNIX sockets, Daniel P . Berrangé, 2024/10/22
- [PULL 12/14] ui: fix handling of NULL SASL server data, Daniel P . Berrangé, 2024/10/22
- [PULL 14/14] gitlab: enable afalg tests in fedora system test, Daniel P . Berrangé, 2024/10/22
- [PULL 13/14] ui: validate NUL byte padding in SASL client data more strictly, Daniel P . Berrangé, 2024/10/22
- Re: [PULL 00/14] Misc fixes patches, Peter Maydell, 2024/10/24