2014-08-22 12:38:44 +02:00
|
|
|
From d9fd5bb9acd60d2dd7f46eecf49899ae196bb199 Mon Sep 17 00:00:00 2001
|
2013-02-10 19:32:29 +01:00
|
|
|
From: =?UTF-8?q?Andreas=20F=C3=A4rber?= <afaerber@suse.de>
|
2012-09-05 13:51:25 +02:00
|
|
|
Date: Wed, 29 Aug 2012 20:06:01 +0200
|
|
|
|
Subject: [PATCH] vnc: password-file= and incoming-connections=
|
|
|
|
|
|
|
|
TBD (from SUSE Studio team)
|
|
|
|
---
|
2014-01-17 23:04:30 +01:00
|
|
|
ui/vnc.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
1 file changed, 71 insertions(+)
|
2012-09-05 13:51:25 +02:00
|
|
|
|
|
|
|
diff --git a/ui/vnc.c b/ui/vnc.c
|
2014-08-21 18:38:27 +02:00
|
|
|
index f8d9b7d..48e6591 100644
|
2012-09-05 13:51:25 +02:00
|
|
|
--- a/ui/vnc.c
|
|
|
|
+++ b/ui/vnc.c
|
2014-07-11 18:51:43 +02:00
|
|
|
@@ -47,6 +47,7 @@ static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
|
2013-05-14 22:46:08 +02:00
|
|
|
#include "d3des.h"
|
2012-09-05 13:51:25 +02:00
|
|
|
|
|
|
|
static VncDisplay *vnc_display; /* needed for info vnc */
|
|
|
|
+static int allowed_connections = 0;
|
|
|
|
|
|
|
|
static int vnc_cursor_define(VncState *vs);
|
|
|
|
static void vnc_release_modifiers(VncState *vs);
|
2014-08-21 18:38:27 +02:00
|
|
|
@@ -1039,6 +1040,7 @@ static void vnc_disconnect_start(VncState *vs)
|
2013-02-10 19:32:29 +01:00
|
|
|
void vnc_disconnect_finish(VncState *vs)
|
2012-09-05 13:51:25 +02:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
+ static int num_disconnects = 0;
|
|
|
|
|
|
|
|
vnc_jobs_join(vs); /* Wait encoding jobs */
|
|
|
|
|
2014-08-21 18:38:27 +02:00
|
|
|
@@ -1087,6 +1089,13 @@ void vnc_disconnect_finish(VncState *vs)
|
2012-09-05 13:51:25 +02:00
|
|
|
}
|
|
|
|
g_free(vs->lossy_rect);
|
|
|
|
g_free(vs);
|
|
|
|
+
|
|
|
|
+ num_disconnects++;
|
|
|
|
+ if (allowed_connections > 0 && allowed_connections <= num_disconnects) {
|
|
|
|
+ VNC_DEBUG("Maximum number of disconnects (%d) reached:"
|
|
|
|
+ " Session terminating\n", allowed_connections);
|
|
|
|
+ exit(0);
|
|
|
|
+ }
|
|
|
|
}
|
|
|
|
|
|
|
|
int vnc_client_io_error(VncState *vs, int ret, int last_errno)
|
2014-08-21 18:38:27 +02:00
|
|
|
@@ -3039,6 +3048,39 @@ char *vnc_display_local_addr(DisplayState *ds)
|
2012-09-05 13:51:25 +02:00
|
|
|
return vnc_socket_local_addr("%s:%s", vs->lsock);
|
|
|
|
}
|
|
|
|
|
|
|
|
+static void read_file_password(DisplayState *ds, char *filename)
|
|
|
|
+{
|
|
|
|
+ FILE *pfile = NULL;
|
|
|
|
+ char *passwd = NULL;
|
|
|
|
+ int start = 0, length = 0, rc = 0;
|
|
|
|
+
|
|
|
|
+ if(strlen(filename) == 0) {
|
|
|
|
+ printf("No file supplied\n");
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ pfile = fopen(filename, "r");
|
|
|
|
+ if(pfile == NULL) {
|
|
|
|
+ printf("Could not read from %s\n", filename);
|
|
|
|
+ return;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ start = ftell(pfile);
|
|
|
|
+ fseek(pfile, 0L, SEEK_END);
|
|
|
|
+ length = ftell(pfile);
|
|
|
|
+ fseek(pfile, 0L, start);
|
|
|
|
+
|
|
|
|
+ passwd = malloc(length+1);
|
|
|
|
+ rc = fread(passwd, 1, length, pfile);
|
|
|
|
+ fclose(pfile);
|
|
|
|
+
|
|
|
|
+ if(rc == length && rc > 0) {
|
|
|
|
+ vnc_display_password(ds, passwd);
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ free(passwd);
|
|
|
|
+}
|
|
|
|
+
|
2012-11-27 21:42:06 +01:00
|
|
|
void vnc_display_open(DisplayState *ds, const char *display, Error **errp)
|
2012-09-05 13:51:25 +02:00
|
|
|
{
|
2013-05-14 22:46:08 +02:00
|
|
|
VncDisplay *vs = vnc_display;
|
2014-08-21 18:38:27 +02:00
|
|
|
@@ -3072,6 +3114,9 @@ void vnc_display_open(DisplayState *ds, const char *display, Error **errp)
|
2012-09-05 13:51:25 +02:00
|
|
|
while ((options = strchr(options, ','))) {
|
|
|
|
options++;
|
|
|
|
if (strncmp(options, "password", 8) == 0) {
|
|
|
|
+ char *start, *end;
|
|
|
|
+ start = strchr(options, '=');
|
|
|
|
+ end = strchr(options, ',');
|
|
|
|
if (fips_get_state()) {
|
2012-11-27 21:42:06 +01:00
|
|
|
error_setg(errp,
|
|
|
|
"VNC password auth disabled due to FIPS mode, "
|
2014-08-21 18:38:27 +02:00
|
|
|
@@ -3080,6 +3125,32 @@ void vnc_display_open(DisplayState *ds, const char *display, Error **errp)
|
2012-11-27 21:42:06 +01:00
|
|
|
goto fail;
|
2012-09-05 13:51:25 +02:00
|
|
|
}
|
|
|
|
password = 1; /* Require password auth */
|
|
|
|
+ if (start && (!end || (start < end))) {
|
|
|
|
+ int len = end ? end-(start+1) : strlen(start+1);
|
|
|
|
+ char *text = g_malloc(len+1);
|
|
|
|
+ strncpy(text, start+1, len);
|
|
|
|
+ text[len] = '\0';
|
|
|
|
+
|
|
|
|
+ if (strncmp(options, "password-file=", 14) == 0) {
|
|
|
|
+ read_file_password(ds, text);
|
|
|
|
+ } else {
|
|
|
|
+ vnc_display_password(ds, text);
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ free(text);
|
|
|
|
+ }
|
|
|
|
+ } else if (strncmp(options, "allowed-connections=", 20) == 0) {
|
|
|
|
+ char *start, *end;
|
|
|
|
+ start = strchr(options, '=');
|
|
|
|
+ end = strchr(options, ',');
|
|
|
|
+ if (start && (!end || (start < end))) {
|
|
|
|
+ int len = end ? end-(start+1) : strlen(start+1);
|
|
|
|
+ char *text = g_malloc(len+1);
|
|
|
|
+ strncpy(text, start+1, len);
|
|
|
|
+ text[len] = '\0';
|
|
|
|
+ VNC_DEBUG("Maximum number of disconnects: %s\n", text);
|
|
|
|
+ allowed_connections = atoi(text);
|
|
|
|
+ }
|
|
|
|
} else if (strncmp(options, "reverse", 7) == 0) {
|
|
|
|
reverse = 1;
|
|
|
|
} else if (strncmp(options, "no-lock-key-sync", 16) == 0) {
|