128 lines
4.2 KiB
Diff
128 lines
4.2 KiB
Diff
From 25c622437e7c59a99e35fe9318cb5ec11c7cff4a Mon Sep 17 00:00:00 2001
|
|
From: =?utf-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
|
|
Date: Wed, 29 Aug 2012 20:06:01 +0200
|
|
Subject: [PATCH] vnc: password-file= and incoming-connections=
|
|
|
|
TBD (from SUSE Studio team)
|
|
---
|
|
ui/vnc.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
1 files changed, 71 insertions(+), 0 deletions(-)
|
|
|
|
diff --git a/ui/vnc.c b/ui/vnc.c
|
|
index 385e345..df295a0 100644
|
|
--- a/ui/vnc.c
|
|
+++ b/ui/vnc.c
|
|
@@ -45,6 +45,7 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
|
|
|
|
static VncDisplay *vnc_display; /* needed for info vnc */
|
|
static DisplayChangeListener *dcl;
|
|
+static int allowed_connections = 0;
|
|
|
|
static int vnc_cursor_define(VncState *vs);
|
|
static void vnc_release_modifiers(VncState *vs);
|
|
@@ -1018,6 +1019,7 @@ static void vnc_disconnect_start(VncState *vs)
|
|
static void vnc_disconnect_finish(VncState *vs)
|
|
{
|
|
int i;
|
|
+ static int num_disconnects = 0;
|
|
|
|
vnc_jobs_join(vs); /* Wait encoding jobs */
|
|
|
|
@@ -1063,6 +1065,13 @@ static void vnc_disconnect_finish(VncState *vs)
|
|
}
|
|
g_free(vs->lossy_rect);
|
|
g_free(vs);
|
|
+
|
|
+ num_disconnects++;
|
|
+ if (allowed_connections > 0 && allowed_connections <= num_disconnects) {
|
|
+ VNC_DEBUG("Maximum number of disconnects (%d) reached:"
|
|
+ " Session terminating\n", allowed_connections);
|
|
+ exit(0);
|
|
+ }
|
|
}
|
|
|
|
int vnc_client_io_error(VncState *vs, int ret, int last_errno)
|
|
@@ -2844,6 +2853,39 @@ char *vnc_display_local_addr(DisplayState *ds)
|
|
return vnc_socket_local_addr("%s:%s", vs->lsock);
|
|
}
|
|
|
|
+static void read_file_password(DisplayState *ds, char *filename)
|
|
+{
|
|
+ FILE *pfile = NULL;
|
|
+ char *passwd = NULL;
|
|
+ int start = 0, length = 0, rc = 0;
|
|
+
|
|
+ if(strlen(filename) == 0) {
|
|
+ printf("No file supplied\n");
|
|
+ return;
|
|
+ }
|
|
+
|
|
+ pfile = fopen(filename, "r");
|
|
+ if(pfile == NULL) {
|
|
+ printf("Could not read from %s\n", filename);
|
|
+ return;
|
|
+ }
|
|
+
|
|
+ start = ftell(pfile);
|
|
+ fseek(pfile, 0L, SEEK_END);
|
|
+ length = ftell(pfile);
|
|
+ fseek(pfile, 0L, start);
|
|
+
|
|
+ passwd = malloc(length+1);
|
|
+ rc = fread(passwd, 1, length, pfile);
|
|
+ fclose(pfile);
|
|
+
|
|
+ if(rc == length && rc > 0) {
|
|
+ vnc_display_password(ds, passwd);
|
|
+ }
|
|
+
|
|
+ free(passwd);
|
|
+}
|
|
+
|
|
int vnc_display_open(DisplayState *ds, const char *display)
|
|
{
|
|
VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display;
|
|
@@ -2876,6 +2918,9 @@ int vnc_display_open(DisplayState *ds, const char *display)
|
|
while ((options = strchr(options, ','))) {
|
|
options++;
|
|
if (strncmp(options, "password", 8) == 0) {
|
|
+ char *start, *end;
|
|
+ start = strchr(options, '=');
|
|
+ end = strchr(options, ',');
|
|
if (fips_get_state()) {
|
|
fprintf(stderr,
|
|
"VNC password auth disabled due to FIPS mode, "
|
|
@@ -2886,6 +2931,32 @@ int vnc_display_open(DisplayState *ds, const char *display)
|
|
return -1;
|
|
}
|
|
password = 1; /* Require password auth */
|
|
+ if (start && (!end || (start < end))) {
|
|
+ int len = end ? end-(start+1) : strlen(start+1);
|
|
+ char *text = g_malloc(len+1);
|
|
+ strncpy(text, start+1, len);
|
|
+ text[len] = '\0';
|
|
+
|
|
+ if (strncmp(options, "password-file=", 14) == 0) {
|
|
+ read_file_password(ds, text);
|
|
+ } else {
|
|
+ vnc_display_password(ds, text);
|
|
+ }
|
|
+
|
|
+ free(text);
|
|
+ }
|
|
+ } else if (strncmp(options, "allowed-connections=", 20) == 0) {
|
|
+ char *start, *end;
|
|
+ start = strchr(options, '=');
|
|
+ end = strchr(options, ',');
|
|
+ if (start && (!end || (start < end))) {
|
|
+ int len = end ? end-(start+1) : strlen(start+1);
|
|
+ char *text = g_malloc(len+1);
|
|
+ strncpy(text, start+1, len);
|
|
+ text[len] = '\0';
|
|
+ VNC_DEBUG("Maximum number of disconnects: %s\n", text);
|
|
+ allowed_connections = atoi(text);
|
|
+ }
|
|
} else if (strncmp(options, "reverse", 7) == 0) {
|
|
reverse = 1;
|
|
} else if (strncmp(options, "no-lock-key-sync", 16) == 0) {
|