Patchwork [3/3] vnc/spice: add set_passwd monitor command.

login
register
mail settings
Submitter Gerd Hoffmann
Date Oct. 7, 2010, 11:15 a.m.
Message ID <1286450121-17153-4-git-send-email-kraxel@redhat.com>
Download mbox | patch
Permalink /patch/67038/
State New
Headers show

Comments

Gerd Hoffmann - Oct. 7, 2010, 11:15 a.m.
This patch adds a new set_password monitor command which allows to
change the password for spice and vnc connections.  See the doc update
patch chunk for details.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hmp-commands.hx |   23 +++++++++++++++++++++
 monitor.c       |   58 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 ui/qemu-spice.h |    3 ++
 ui/spice-core.c |    7 ++++++
 4 files changed, 91 insertions(+), 0 deletions(-)

Patch

diff --git a/hmp-commands.hx b/hmp-commands.hx
index 81999aa..a972b80 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -1116,6 +1116,29 @@  Set the encrypted device @var{device} password to @var{password}
 ETEXI
 
     {
+        .name       = "set_password",
+        .args_type  = "protocol:s,password:s,expiration:i,connected:s?",
+        .params     = "protocol password expiration action-if-connected",
+        .help       = "set spice/vnc password",
+	.user_print = monitor_user_noop,
+        .mhandler.cmd_new = set_password,
+    },
+
+STEXI
+@item set_password [ vnc | spice ] password expiration [ action-if-connected ]
+@findex set_password
+
+Change spice/vnc password.  @var{expiration} specifies the number of
+seconds the password will stay valid.  Use zero to make the password
+stay valid forever.  @var{action-if-connected} specifies what should
+happen in case a connection is established: @var{fail} makes the
+password change fail.  @var{disconnect} changes the password and
+disconnects the client.  @var{keep} changes the password and keeps the
+connection up.  @var{keep} is the default.
+
+ETEXI
+
+    {
         .name       = "info",
         .args_type  = "item:s?",
         .params     = "[subcommand]",
diff --git a/monitor.c b/monitor.c
index d82eb9e..32a20ba 100644
--- a/monitor.c
+++ b/monitor.c
@@ -34,6 +34,7 @@ 
 #include "net.h"
 #include "net/slirp.h"
 #include "qemu-char.h"
+#include "ui/qemu-spice.h"
 #include "sysemu.h"
 #include "monitor.h"
 #include "readline.h"
@@ -1021,6 +1022,63 @@  static int do_change(Monitor *mon, const QDict *qdict, QObject **ret_data)
     return ret;
 }
 
+static int set_password(Monitor *mon, const QDict *qdict, QObject **ret_data)
+{
+    const char *protocol  = qdict_get_str(qdict, "protocol");
+    const char *password  = qdict_get_str(qdict, "password");
+    const char *connected = qdict_get_try_str(qdict, "connected");
+    int lifetime          = qdict_get_int(qdict, "expiration");
+    int disconnect_if_connected = 0;
+    int fail_if_connected = 0;
+    int rc;
+
+    if (connected) {
+        if (strcmp(connected, "fail") == 0) {
+            fail_if_connected = 1;
+        } else if (strcmp(connected, "disconnect") == 0) {
+            disconnect_if_connected = 1;
+        } else if (strcmp(connected, "keep") == 0) {
+            /* nothing */
+        } else {
+            qerror_report(QERR_INVALID_PARAMETER, "connected");
+            return -1;
+        }
+    }
+
+    if (strcmp(protocol, "spice") == 0) {
+        if (!using_spice) {
+            /* correct one? spice isn't a device ,,, */
+            qerror_report(QERR_DEVICE_NOT_ACTIVE, "spice");
+            return -1;
+        }
+        rc = qemu_spice_set_passwd(password, lifetime,
+                                   fail_if_connected,
+                                   disconnect_if_connected);
+        if (rc != 0) {
+            qerror_report(QERR_SET_PASSWD_FAILED);
+            return -1;
+        }
+        return 0;
+    }
+
+    if (strcmp(protocol, "vnc") == 0) {
+        if (fail_if_connected || disconnect_if_connected) {
+            /* vnc supports "connected=keep" only */
+            qerror_report(QERR_INVALID_PARAMETER, "connected");
+            return -1;
+        }
+        rc = vnc_display_password(NULL, password, lifetime);
+        if (rc != 0) {
+            qerror_report(QERR_SET_PASSWD_FAILED);
+            return -1;
+        }
+        return 0;
+    }
+
+    qerror_report(QERR_INVALID_PARAMETER, "protocol");
+    return -1;
+}
+
 static int do_screen_dump(Monitor *mon, const QDict *qdict, QObject **ret_data)
 {
     vga_hw_screen_dump(qdict_get_str(qdict, "filename"));
diff --git a/ui/qemu-spice.h b/ui/qemu-spice.h
index 063c7dc..0e6e748 100644
--- a/ui/qemu-spice.h
+++ b/ui/qemu-spice.h
@@ -31,10 +31,13 @@  void qemu_spice_init(void);
 void qemu_spice_input_init(void);
 void qemu_spice_display_init(DisplayState *ds);
 int qemu_spice_add_interface(SpiceBaseInstance *sin);
+int qemu_spice_set_passwd(const char *passwd, int lifetime,
+                          bool fail_if_connected, bool disconnect_if_connected);
 
 #else  /* CONFIG_SPICE */
 
 #define using_spice 0
+#define qemu_spice_set_passwd(_p, _l, _f1, _f2) (-1)
 
 #endif /* CONFIG_SPICE */
 
diff --git a/ui/spice-core.c b/ui/spice-core.c
index 8b5e4a8..6d30755 100644
--- a/ui/spice-core.c
+++ b/ui/spice-core.c
@@ -176,6 +176,13 @@  int qemu_spice_add_interface(SpiceBaseInstance *sin)
     return spice_server_add_interface(spice_server, sin);
 }
 
+int qemu_spice_set_passwd(const char *passwd, int lifetime,
+                          bool fail_if_connected, bool disconnect_if_connected)
+{
+    return spice_server_set_ticket(spice_server, passwd, lifetime,
+                                   fail_if_connected, disconnect_if_connected);
+}
+
 static void spice_register_config(void)
 {
     qemu_add_opts(&qemu_spice_opts);