qemu/0016-vnc-password-file-and-incoming-conn.patch
Bruce Rogers 4490b0e1e4 Accepting request 517094 from home:bfrogers:branches:Virtualization
Discovered we needed to augment a previous security patch with two additional patches to complete a clean fix.

OBS-URL: https://build.opensuse.org/request/show/517094
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=353
2017-08-15 20:33:21 +00:00

133 lines
4.0 KiB
Diff

From 1e4392f3e2e1641b7ed570da630a9e86cb23710d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
Date: Wed, 29 Aug 2012 20:06:01 +0200
Subject: [PATCH] vnc: password-file= and incoming-connections=
TBD (from SUSE Studio team)
---
ui/vnc.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
diff --git a/ui/vnc.c b/ui/vnc.c
index 349cfc9d86..486d2759e4 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -59,6 +59,8 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
static QTAILQ_HEAD(, VncDisplay) vnc_displays =
QTAILQ_HEAD_INITIALIZER(vnc_displays);
+static int allowed_connections = 0;
+
static int vnc_cursor_define(VncState *vs);
static void vnc_release_modifiers(VncState *vs);
@@ -1130,6 +1132,7 @@ static void vnc_disconnect_start(VncState *vs)
void vnc_disconnect_finish(VncState *vs)
{
int i;
+ static int num_disconnects = 0;
vnc_jobs_join(vs); /* Wait encoding jobs */
@@ -1178,6 +1181,13 @@ void vnc_disconnect_finish(VncState *vs)
object_unref(OBJECT(vs->sioc));
vs->sioc = NULL;
g_free(vs);
+
+ num_disconnects++;
+ if (allowed_connections > 0 && allowed_connections <= num_disconnects) {
+ VNC_DEBUG("Maximum number of disconnects (%d) reached:"
+ " Session terminating\n", allowed_connections);
+ exit(0);
+ }
}
ssize_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp)
@@ -3171,6 +3181,39 @@ static void vnc_display_print_local_addr(VncDisplay *vd)
qapi_free_SocketAddress(addr);
}
+static void read_file_password(const char *id, const char *filename)
+{
+ FILE *pfile = NULL;
+ char *passwd = NULL;
+ int start = 0, length = 0, rc = 0;
+
+ if (strlen(filename) == 0) {
+ printf("No file supplied\n");
+ return;
+ }
+
+ pfile = fopen(filename, "r");
+ if (pfile == NULL) {
+ printf("Could not read from %s\n", filename);
+ return;
+ }
+
+ start = ftell(pfile);
+ fseek(pfile, 0L, SEEK_END);
+ length = ftell(pfile);
+ fseek(pfile, 0L, start);
+
+ passwd = g_malloc(length + 1);
+ rc = fread(passwd, 1, length, pfile);
+ fclose(pfile);
+
+ if (rc == length && rc > 0) {
+ vnc_display_password(id, passwd);
+ }
+
+ g_free(passwd);
+}
+
static QemuOptsList qemu_vnc_opts = {
.name = "vnc",
.head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
@@ -3201,6 +3244,9 @@ static QemuOptsList qemu_vnc_opts = {
},{
.name = "connections",
.type = QEMU_OPT_NUMBER,
+ },{
+ .name = "allowed-connections",
+ .type = QEMU_OPT_NUMBER,
},{
.name = "to",
.type = QEMU_OPT_NUMBER,
@@ -3213,6 +3259,9 @@ static QemuOptsList qemu_vnc_opts = {
},{
.name = "password",
.type = QEMU_OPT_BOOL,
+ },{
+ .name = "password-file",
+ .type = QEMU_OPT_STRING,
},{
.name = "reverse",
.type = QEMU_OPT_BOOL,
@@ -3766,6 +3815,7 @@ void vnc_display_open(const char *id, Error **errp)
const char *share, *device_id;
QemuConsole *con;
bool password = false;
+ const char *password_file;
bool reverse = false;
const char *credid;
bool sasl = false;
@@ -3809,6 +3859,10 @@ void vnc_display_open(const char *id, Error **errp)
goto fail;
}
}
+ password_file = qemu_opt_get(opts, "password-file");
+ if (password_file) {
+ read_file_password(id, password_file);
+ }
lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 1);
@@ -3897,6 +3951,7 @@ void vnc_display_open(const char *id, Error **errp)
vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
}
vd->connections_limit = qemu_opt_get_number(opts, "connections", 32);
+ allowed_connections = qemu_opt_get_number(opts, "allowed-connections", 0);
#ifdef CONFIG_VNC_JPEG
vd->lossy = qemu_opt_get_bool(opts, "lossy", false);