qemu/0016-vnc-password-file-and-incoming-conn.patch
Bruce Rogers 70b09a5bad Accepting request 461715 from Virtualization:Staging
Update to v2.8.0, including integration of SLE qemu package so we are "Factory First" again for SLE qemu. Includes some spec file tweaks/cleanups as well. A number of post v2.8.0 security fixes are also included.

OBS-URL: https://build.opensuse.org/request/show/461715
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=329
2017-03-15 19:38:55 +00:00

133 lines
4.0 KiB
Diff

From 4338d0069c38dddf42e1ac1b66414266d6e9dac7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 29 Aug 2012 20:06:01 +0200
Subject: [PATCH] vnc: password-file= and incoming-connections=
TBD (from SUSE Studio team)
---
ui/vnc.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
diff --git a/ui/vnc.c b/ui/vnc.c
index 2c28a59ff7..8d0c16b23f 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -58,6 +58,8 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
static QTAILQ_HEAD(, VncDisplay) vnc_displays =
QTAILQ_HEAD_INITIALIZER(vnc_displays);
+static int allowed_connections = 0;
+
static int vnc_cursor_define(VncState *vs);
static void vnc_release_modifiers(VncState *vs);
@@ -1201,6 +1203,7 @@ static void vnc_disconnect_start(VncState *vs)
void vnc_disconnect_finish(VncState *vs)
{
int i;
+ static int num_disconnects = 0;
vnc_jobs_join(vs); /* Wait encoding jobs */
@@ -1251,6 +1254,13 @@ void vnc_disconnect_finish(VncState *vs)
object_unref(OBJECT(vs->sioc));
vs->sioc = NULL;
g_free(vs);
+
+ num_disconnects++;
+ if (allowed_connections > 0 && allowed_connections <= num_disconnects) {
+ VNC_DEBUG("Maximum number of disconnects (%d) reached:"
+ " Session terminating\n", allowed_connections);
+ exit(0);
+ }
}
ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp)
@@ -3244,6 +3254,39 @@ static void vnc_display_print_local_addr(VncDisplay *vd)
qapi_free_SocketAddress(addr);
}
+static void read_file_password(const char *id, const char *filename)
+{
+ FILE *pfile = NULL;
+ char *passwd = NULL;
+ int start = 0, length = 0, rc = 0;
+
+ if (strlen(filename) == 0) {
+ printf("No file supplied\n");
+ return;
+ }
+
+ pfile = fopen(filename, "r");
+ if (pfile == NULL) {
+ printf("Could not read from %s\n", filename);
+ return;
+ }
+
+ start = ftell(pfile);
+ fseek(pfile, 0L, SEEK_END);
+ length = ftell(pfile);
+ fseek(pfile, 0L, start);
+
+ passwd = g_malloc(length + 1);
+ rc = fread(passwd, 1, length, pfile);
+ fclose(pfile);
+
+ if (rc == length && rc > 0) {
+ vnc_display_password(id, passwd);
+ }
+
+ g_free(passwd);
+}
+
static QemuOptsList qemu_vnc_opts = {
.name = "vnc",
.head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
@@ -3275,6 +3318,9 @@ static QemuOptsList qemu_vnc_opts = {
.name = "connections",
.type = QEMU_OPT_NUMBER,
},{
+ .name = "allowed-connections",
+ .type = QEMU_OPT_NUMBER,
+ },{
.name = "to",
.type = QEMU_OPT_NUMBER,
},{
@@ -3287,6 +3333,9 @@ static QemuOptsList qemu_vnc_opts = {
.name = "password",
.type = QEMU_OPT_BOOL,
},{
+ .name = "password-file",
+ .type = QEMU_OPT_STRING,
+ },{
.name = "reverse",
.type = QEMU_OPT_BOOL,
},{
@@ -3486,6 +3535,7 @@ void vnc_display_open(const char *id, Error **errp)
const char *share, *device_id;
QemuConsole *con;
bool password = false;
+ const char *password_file;
bool reverse = false;
const char *vnc;
char *h;
@@ -3615,6 +3665,10 @@ void vnc_display_open(const char *id, Error **errp)
goto fail;
}
}
+ password_file = qemu_opt_get(opts, "password-file");
+ if (password_file) {
+ read_file_password(id, password_file);
+ }
reverse = qemu_opt_get_bool(opts, "reverse", false);
lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
@@ -3704,6 +3758,7 @@ void vnc_display_open(const char *id, Error **errp)
vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
}
vd->connections_limit = qemu_opt_get_number(opts, "connections", 32);
+ allowed_connections = qemu_opt_get_number(opts, "allowed-connections", 0);
#ifdef CONFIG_VNC_JPEG
vd->lossy = qemu_opt_get_bool(opts, "lossy", false);