70b09a5bad
Update to v2.8.0, including integration of SLE qemu package so we are "Factory First" again for SLE qemu. Includes some spec file tweaks/cleanups as well. A number of post v2.8.0 security fixes are also included. OBS-URL: https://build.opensuse.org/request/show/461715 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=329
133 lines
4.0 KiB
Diff
133 lines
4.0 KiB
Diff
From 4338d0069c38dddf42e1ac1b66414266d6e9dac7 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
|
|
Date: Wed, 29 Aug 2012 20:06:01 +0200
|
|
Subject: [PATCH] vnc: password-file= and incoming-connections=
|
|
|
|
TBD (from SUSE Studio team)
|
|
---
|
|
ui/vnc.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
1 file changed, 55 insertions(+)
|
|
|
|
diff --git a/ui/vnc.c b/ui/vnc.c
|
|
index 2c28a59ff7..8d0c16b23f 100644
|
|
--- a/ui/vnc.c
|
|
+++ b/ui/vnc.c
|
|
@@ -58,6 +58,8 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
|
|
static QTAILQ_HEAD(, VncDisplay) vnc_displays =
|
|
QTAILQ_HEAD_INITIALIZER(vnc_displays);
|
|
|
|
+static int allowed_connections = 0;
|
|
+
|
|
static int vnc_cursor_define(VncState *vs);
|
|
static void vnc_release_modifiers(VncState *vs);
|
|
|
|
@@ -1201,6 +1203,7 @@ static void vnc_disconnect_start(VncState *vs)
|
|
void vnc_disconnect_finish(VncState *vs)
|
|
{
|
|
int i;
|
|
+ static int num_disconnects = 0;
|
|
|
|
vnc_jobs_join(vs); /* Wait encoding jobs */
|
|
|
|
@@ -1251,6 +1254,13 @@ void vnc_disconnect_finish(VncState *vs)
|
|
object_unref(OBJECT(vs->sioc));
|
|
vs->sioc = NULL;
|
|
g_free(vs);
|
|
+
|
|
+ num_disconnects++;
|
|
+ if (allowed_connections > 0 && allowed_connections <= num_disconnects) {
|
|
+ VNC_DEBUG("Maximum number of disconnects (%d) reached:"
|
|
+ " Session terminating\n", allowed_connections);
|
|
+ exit(0);
|
|
+ }
|
|
}
|
|
|
|
ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp)
|
|
@@ -3244,6 +3254,39 @@ static void vnc_display_print_local_addr(VncDisplay *vd)
|
|
qapi_free_SocketAddress(addr);
|
|
}
|
|
|
|
+static void read_file_password(const char *id, const char *filename)
|
|
+{
|
|
+ FILE *pfile = NULL;
|
|
+ char *passwd = NULL;
|
|
+ int start = 0, length = 0, rc = 0;
|
|
+
|
|
+ if (strlen(filename) == 0) {
|
|
+ printf("No file supplied\n");
|
|
+ return;
|
|
+ }
|
|
+
|
|
+ pfile = fopen(filename, "r");
|
|
+ if (pfile == NULL) {
|
|
+ printf("Could not read from %s\n", filename);
|
|
+ return;
|
|
+ }
|
|
+
|
|
+ start = ftell(pfile);
|
|
+ fseek(pfile, 0L, SEEK_END);
|
|
+ length = ftell(pfile);
|
|
+ fseek(pfile, 0L, start);
|
|
+
|
|
+ passwd = g_malloc(length + 1);
|
|
+ rc = fread(passwd, 1, length, pfile);
|
|
+ fclose(pfile);
|
|
+
|
|
+ if (rc == length && rc > 0) {
|
|
+ vnc_display_password(id, passwd);
|
|
+ }
|
|
+
|
|
+ g_free(passwd);
|
|
+}
|
|
+
|
|
static QemuOptsList qemu_vnc_opts = {
|
|
.name = "vnc",
|
|
.head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
|
|
@@ -3275,6 +3318,9 @@ static QemuOptsList qemu_vnc_opts = {
|
|
.name = "connections",
|
|
.type = QEMU_OPT_NUMBER,
|
|
},{
|
|
+ .name = "allowed-connections",
|
|
+ .type = QEMU_OPT_NUMBER,
|
|
+ },{
|
|
.name = "to",
|
|
.type = QEMU_OPT_NUMBER,
|
|
},{
|
|
@@ -3287,6 +3333,9 @@ static QemuOptsList qemu_vnc_opts = {
|
|
.name = "password",
|
|
.type = QEMU_OPT_BOOL,
|
|
},{
|
|
+ .name = "password-file",
|
|
+ .type = QEMU_OPT_STRING,
|
|
+ },{
|
|
.name = "reverse",
|
|
.type = QEMU_OPT_BOOL,
|
|
},{
|
|
@@ -3486,6 +3535,7 @@ void vnc_display_open(const char *id, Error **errp)
|
|
const char *share, *device_id;
|
|
QemuConsole *con;
|
|
bool password = false;
|
|
+ const char *password_file;
|
|
bool reverse = false;
|
|
const char *vnc;
|
|
char *h;
|
|
@@ -3615,6 +3665,10 @@ void vnc_display_open(const char *id, Error **errp)
|
|
goto fail;
|
|
}
|
|
}
|
|
+ password_file = qemu_opt_get(opts, "password-file");
|
|
+ if (password_file) {
|
|
+ read_file_password(id, password_file);
|
|
+ }
|
|
|
|
reverse = qemu_opt_get_bool(opts, "reverse", false);
|
|
lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
|
|
@@ -3704,6 +3758,7 @@ void vnc_display_open(const char *id, Error **errp)
|
|
vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
|
|
}
|
|
vd->connections_limit = qemu_opt_get_number(opts, "connections", 32);
|
|
+ allowed_connections = qemu_opt_get_number(opts, "allowed-connections", 0);
|
|
|
|
#ifdef CONFIG_VNC_JPEG
|
|
vd->lossy = qemu_opt_get_bool(opts, "lossy", false);
|