Message ID | 1314211389-28915-15-git-send-email-aliguori@us.ibm.com |
---|---|
State | New |
Headers | show |
On Wed, Aug 24, 2011 at 01:43:09PM -0500, Anthony Liguori wrote: > Currently when disabling login in VNC, the password is cleared out and the > authentication protocol is forced to AUTH_VNC. If you're using a stronger > authentication protocol, this has the effect of downgrading your security > protocol. > > Fix this by only changing the authentication protocol if the current > authentication protocol is AUTH_NONE. That ensures we're never downgrading. > > Reported-by: Daniel Berrange <berrange@redhat.com> > Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> > --- > monitor.c | 18 ------------------ > qmp.c | 19 +++++++++++++++++++ > ui/vnc.c | 4 +++- > 3 files changed, 22 insertions(+), 19 deletions(-) > > diff --git a/monitor.c b/monitor.c > index 9801a2d..ad73bc5 100644 > --- a/monitor.c > +++ b/monitor.c > @@ -1005,24 +1005,6 @@ static int do_quit(Monitor *mon, const QDict *qdict, QObject **ret_data) > return 0; > } > > -void qmp_change(const char *device, const char *target, > - bool has_arg, const char *arg, Error **err) > -{ > - if (strcmp(device, "vnc") == 0) { > - if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) { > - if (!has_arg || !arg[0]) { > - vnc_display_disable_login(NULL); > - } else { > - qmp_change_vnc_password(arg, err); > - } > - } else { > - qmp_change_vnc_listen(target, err); > - } > - } else { > - deprecated_qmp_change_blockdev(device, target, has_arg, arg, err); > - } > -} > - > static int set_password(Monitor *mon, const QDict *qdict, QObject **ret_data) > { > const char *protocol = qdict_get_str(qdict, "protocol"); > diff --git a/qmp.c b/qmp.c > index 73d6172..5674adc 100644 > --- a/qmp.c > +++ b/qmp.c > @@ -16,6 +16,7 @@ > > #include "sysemu.h" > #include "console.h" > +#include "blockdev.h" > > NameInfo *qmp_query_name(Error **errp) > { > @@ -42,3 +43,21 @@ void qmp_change_vnc_listen(const char *target, Error **err) > error_set(err, QERR_VNC_SERVER_FAILED, target); > } > } > + > +void qmp_change(const char *device, const char *target, > + bool has_arg, const char *arg, Error **err) > +{ > + if (strcmp(device, "vnc") == 0) { > + if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) { > + if (!has_arg || !arg[0]) { > + vnc_display_disable_login(NULL); > + } else { > + qmp_change_vnc_password(arg, err); > + } > + } else { > + qmp_change_vnc_listen(target, err); > + } > + } else { > + deprecated_qmp_change_blockdev(device, target, has_arg, arg, err); > + } > +} > diff --git a/ui/vnc.c b/ui/vnc.c > index fc3a612..ecb216f 100644 > --- a/ui/vnc.c > +++ b/ui/vnc.c > @@ -2648,7 +2648,9 @@ int vnc_display_disable_login(DisplayState *ds) > } > > vs->password = NULL; > - vs->auth = VNC_AUTH_VNC; > + if (vs->auth == VNC_AUTH_NONE) { > + vs->auth = VNC_AUTH_VNC; > + } > > return 0; > } Thanks for making this change. The same also needs to be done in the 'vnc_display_password()' method. Regards, Daniel
On 08/24/2011 03:45 PM, Daniel P. Berrange wrote: > On Wed, Aug 24, 2011 at 01:43:09PM -0500, Anthony Liguori wrote: >> Currently when disabling login in VNC, the password is cleared out and the >> authentication protocol is forced to AUTH_VNC. If you're using a stronger >> authentication protocol, this has the effect of downgrading your security >> protocol. >> >> Fix this by only changing the authentication protocol if the current >> authentication protocol is AUTH_NONE. That ensures we're never downgrading. >> >> Reported-by: Daniel Berrange<berrange@redhat.com> >> Signed-off-by: Anthony Liguori<aliguori@us.ibm.com> >> --- >> monitor.c | 18 ------------------ >> qmp.c | 19 +++++++++++++++++++ >> ui/vnc.c | 4 +++- >> 3 files changed, 22 insertions(+), 19 deletions(-) >> >> diff --git a/monitor.c b/monitor.c >> index 9801a2d..ad73bc5 100644 >> --- a/monitor.c >> +++ b/monitor.c >> @@ -1005,24 +1005,6 @@ static int do_quit(Monitor *mon, const QDict *qdict, QObject **ret_data) >> return 0; >> } >> >> -void qmp_change(const char *device, const char *target, >> - bool has_arg, const char *arg, Error **err) >> -{ >> - if (strcmp(device, "vnc") == 0) { >> - if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) { >> - if (!has_arg || !arg[0]) { >> - vnc_display_disable_login(NULL); >> - } else { >> - qmp_change_vnc_password(arg, err); >> - } >> - } else { >> - qmp_change_vnc_listen(target, err); >> - } >> - } else { >> - deprecated_qmp_change_blockdev(device, target, has_arg, arg, err); >> - } >> -} >> - >> static int set_password(Monitor *mon, const QDict *qdict, QObject **ret_data) >> { >> const char *protocol = qdict_get_str(qdict, "protocol"); >> diff --git a/qmp.c b/qmp.c >> index 73d6172..5674adc 100644 >> --- a/qmp.c >> +++ b/qmp.c >> @@ -16,6 +16,7 @@ >> >> #include "sysemu.h" >> #include "console.h" >> +#include "blockdev.h" >> >> NameInfo *qmp_query_name(Error **errp) >> { >> @@ -42,3 +43,21 @@ void qmp_change_vnc_listen(const char *target, Error **err) >> error_set(err, QERR_VNC_SERVER_FAILED, target); >> } >> } >> + >> +void qmp_change(const char *device, const char *target, >> + bool has_arg, const char *arg, Error **err) >> +{ >> + if (strcmp(device, "vnc") == 0) { >> + if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) { >> + if (!has_arg || !arg[0]) { >> + vnc_display_disable_login(NULL); >> + } else { >> + qmp_change_vnc_password(arg, err); >> + } >> + } else { >> + qmp_change_vnc_listen(target, err); >> + } >> + } else { >> + deprecated_qmp_change_blockdev(device, target, has_arg, arg, err); >> + } >> +} >> diff --git a/ui/vnc.c b/ui/vnc.c >> index fc3a612..ecb216f 100644 >> --- a/ui/vnc.c >> +++ b/ui/vnc.c >> @@ -2648,7 +2648,9 @@ int vnc_display_disable_login(DisplayState *ds) >> } >> >> vs->password = NULL; >> - vs->auth = VNC_AUTH_VNC; >> + if (vs->auth == VNC_AUTH_NONE) { >> + vs->auth = VNC_AUTH_VNC; >> + } >> >> return 0; >> } > > Thanks for making this change. The same also needs to be done in the > 'vnc_display_password()' method. Ack. Regards, Anthony Liguori > > Regards, > Daniel
diff --git a/monitor.c b/monitor.c index 9801a2d..ad73bc5 100644 --- a/monitor.c +++ b/monitor.c @@ -1005,24 +1005,6 @@ static int do_quit(Monitor *mon, const QDict *qdict, QObject **ret_data) return 0; } -void qmp_change(const char *device, const char *target, - bool has_arg, const char *arg, Error **err) -{ - if (strcmp(device, "vnc") == 0) { - if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) { - if (!has_arg || !arg[0]) { - vnc_display_disable_login(NULL); - } else { - qmp_change_vnc_password(arg, err); - } - } else { - qmp_change_vnc_listen(target, err); - } - } else { - deprecated_qmp_change_blockdev(device, target, has_arg, arg, err); - } -} - static int set_password(Monitor *mon, const QDict *qdict, QObject **ret_data) { const char *protocol = qdict_get_str(qdict, "protocol"); diff --git a/qmp.c b/qmp.c index 73d6172..5674adc 100644 --- a/qmp.c +++ b/qmp.c @@ -16,6 +16,7 @@ #include "sysemu.h" #include "console.h" +#include "blockdev.h" NameInfo *qmp_query_name(Error **errp) { @@ -42,3 +43,21 @@ void qmp_change_vnc_listen(const char *target, Error **err) error_set(err, QERR_VNC_SERVER_FAILED, target); } } + +void qmp_change(const char *device, const char *target, + bool has_arg, const char *arg, Error **err) +{ + if (strcmp(device, "vnc") == 0) { + if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) { + if (!has_arg || !arg[0]) { + vnc_display_disable_login(NULL); + } else { + qmp_change_vnc_password(arg, err); + } + } else { + qmp_change_vnc_listen(target, err); + } + } else { + deprecated_qmp_change_blockdev(device, target, has_arg, arg, err); + } +} diff --git a/ui/vnc.c b/ui/vnc.c index fc3a612..ecb216f 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -2648,7 +2648,9 @@ int vnc_display_disable_login(DisplayState *ds) } vs->password = NULL; - vs->auth = VNC_AUTH_VNC; + if (vs->auth == VNC_AUTH_NONE) { + vs->auth = VNC_AUTH_VNC; + } return 0; }
Currently when disabling login in VNC, the password is cleared out and the authentication protocol is forced to AUTH_VNC. If you're using a stronger authentication protocol, this has the effect of downgrading your security protocol. Fix this by only changing the authentication protocol if the current authentication protocol is AUTH_NONE. That ensures we're never downgrading. Reported-by: Daniel Berrange <berrange@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> --- monitor.c | 18 ------------------ qmp.c | 19 +++++++++++++++++++ ui/vnc.c | 4 +++- 3 files changed, 22 insertions(+), 19 deletions(-)