* RE: Individual passwords for guest VNC servers ?
@ 2006-09-26 18:23 Ian Pratt
2006-09-28 1:01 ` Masami Watanabe
2006-09-29 8:47 ` [PATCH][Take 2] VNC authentification Masami Watanabe
0 siblings, 2 replies; 16+ messages in thread
From: Ian Pratt @ 2006-09-26 18:23 UTC (permalink / raw)
To: Masami Watanabe, Daniel P. Berrange, Anthony Liguori; +Cc: xen-devel
> Thanks all point about security, I'll do as follows.
> I thought that the point was the following two.
>
>
> 1. Storage place of encrypted password
> Should I store it in /etc/xen/passwd ?
> Or, should I wait for DB of Xen that will be released in
> the future?
The xend life cycle management patches were posted by Alistair a couple
of months back. They'll go in early in the 3.0.4 cycle.
> In the latter case, the release time and information, I want you to
> teach it.
> Now, I think we have no choice but to use /etc/xen/passwd.
In the mean time, I'd just out them in the domain config file and change
the default permissions and ownership.
> 2. Method of Xen VNC Server receiving stored password
> By way of xenstore. However, it is necessary to consider
> xenstore-ls.
It can be passed transiently (i.e. it gets deleted from the store by
qemu-dm)
You need to be root to run xenstore-ls so I'm comfortable with this.
Ian
^ permalink raw reply [flat|nested] 16+ messages in thread
* RE: Individual passwords for guest VNC servers ?
2006-09-26 18:23 Individual passwords for guest VNC servers ? Ian Pratt
@ 2006-09-28 1:01 ` Masami Watanabe
2006-09-29 8:47 ` [PATCH][Take 2] VNC authentification Masami Watanabe
1 sibling, 0 replies; 16+ messages in thread
From: Masami Watanabe @ 2006-09-28 1:01 UTC (permalink / raw)
To: Ian Pratt, Daniel P. Berrange, Anthony Liguori; +Cc: xen-devel, masami.watanabe
> In the mean time, I'd just out them in the domain config file and change
> the default permissions and ownership.
Yes, I'll do as follows.
I challenge the correction that uses xenstore.
When the password is received, qemu-dm deletes it.
Masami Watanabe
On Tue, 26 Sep 2006 19:23:47 +0100, Ian Pratt wrote:
>
> > Thanks all point about security, I'll do as follows.
> > I thought that the point was the following two.
> >
> >
> > 1. Storage place of encrypted password
> > Should I store it in /etc/xen/passwd ?
> > Or, should I wait for DB of Xen that will be released in
> > the future?
>
> The xend life cycle management patches were posted by Alistair a couple
> of months back. They'll go in early in the 3.0.4 cycle.
>
> > In the latter case, the release time and information, I want you to
> > teach it.
> > Now, I think we have no choice but to use /etc/xen/passwd.
>
> In the mean time, I'd just out them in the domain config file and change
> the default permissions and ownership.
>
> > 2. Method of Xen VNC Server receiving stored password
> > By way of xenstore. However, it is necessary to consider
> > xenstore-ls.
>
> It can be passed transiently (i.e. it gets deleted from the store by
> qemu-dm)
> You need to be root to run xenstore-ls so I'm comfortable with this.
>
> Ian
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel
^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH][Take 2] VNC authentification
2006-09-26 18:23 Individual passwords for guest VNC servers ? Ian Pratt
2006-09-28 1:01 ` Masami Watanabe
@ 2006-09-29 8:47 ` Masami Watanabe
2006-09-29 14:01 ` Anthony Liguori
2006-09-29 22:11 ` Daniel P. Berrange
1 sibling, 2 replies; 16+ messages in thread
From: Masami Watanabe @ 2006-09-29 8:47 UTC (permalink / raw)
To: xen-devel; +Cc: Ian Pratt, Anthony Liguori, Daniel P. Berrange, masami.watanabe
[-- Attachment #1: Type: text/plain, Size: 1611 bytes --]
Hi,
This is take 2 on VNC authentification.
The specification is as mentioned at
http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
The difference is follows.
- correction that passes information through xenstore.
- after information is read, qemu deletes information on xenstore.
Signed-off-by: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
Best regards,
Watanabe
On Tue, 26 Sep 2006 19:23:47 +0100, Ian Pratt wrote:
>
> > Thanks all point about security, I'll do as follows.
> > I thought that the point was the following two.
> >
> >
> > 1. Storage place of encrypted password
> > Should I store it in /etc/xen/passwd ?
> > Or, should I wait for DB of Xen that will be released in
> > the future?
>
> The xend life cycle management patches were posted by Alistair a couple
> of months back. They'll go in early in the 3.0.4 cycle.
>
> > In the latter case, the release time and information, I want you to
> > teach it.
> > Now, I think we have no choice but to use /etc/xen/passwd.
>
> In the mean time, I'd just out them in the domain config file and change
> the default permissions and ownership.
>
> > 2. Method of Xen VNC Server receiving stored password
> > By way of xenstore. However, it is necessary to consider
> > xenstore-ls.
>
> It can be passed transiently (i.e. it gets deleted from the store by
> qemu-dm)
> You need to be root to run xenstore-ls so I'm comfortable with this.
>
> Ian
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel
[-- Attachment #2: vnc_auth_take2.patch --]
[-- Type: application/octet-stream, Size: 30893 bytes --]
diff -r 1d0e75523636 tools/examples/xend-config.sxp
--- a/tools/examples/xend-config.sxp Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/examples/xend-config.sxp Fri Sep 29 15:46:03 2006 +0900
@@ -130,3 +130,7 @@
# The tool used for initiating virtual TPM migration
#(external-migration-tool '')
+
+# The default password for VNC console on HVM domain.
+# Empty string is no authentication.
+(vncpasswd '')
diff -r 1d0e75523636 tools/examples/xmexample.hvm
--- a/tools/examples/xmexample.hvm Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/examples/xmexample.hvm Fri Sep 29 15:46:03 2006 +0900
@@ -145,6 +145,11 @@ vnc=1
#vncconsole=0
#----------------------------------------------------------------------------
+# set password for domain's VNC console
+# default is depents on vncpasswd in xend-config.sxp
+vncpasswd=''
+
+#----------------------------------------------------------------------------
# no graphics, use serial port
#nographic=0
diff -r 1d0e75523636 tools/examples/xmexample.vti
--- a/tools/examples/xmexample.vti Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/examples/xmexample.vti Fri Sep 29 15:46:03 2006 +0900
@@ -95,6 +95,11 @@ vnc=0
#vncconsole=0
#----------------------------------------------------------------------------
+# set password for domain's VNC console
+# default is depents on vncpasswd in xend-config.sxp
+vncpasswd=''
+
+#----------------------------------------------------------------------------
# no graphics, use serial port
#nographic=0
diff -r 1d0e75523636 tools/ioemu/Makefile.target
--- a/tools/ioemu/Makefile.target Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/ioemu/Makefile.target Fri Sep 29 15:46:03 2006 +0900
@@ -398,6 +398,7 @@ VL_OBJS+=sdl.o
VL_OBJS+=sdl.o
endif
VL_OBJS+=vnc.o
+VL_OBJS+=d3des.o
ifdef CONFIG_COCOA
VL_OBJS+=cocoa.o
COCOA_LIBS=-F/System/Library/Frameworks -framework Cocoa -framework IOKit
@@ -456,6 +457,9 @@ sdl.o: sdl.c keymaps.c sdl_keysym.h
$(CC) $(CFLAGS) $(DEFINES) $(SDL_CFLAGS) -c -o $@ $<
vnc.o: vnc.c keymaps.c sdl_keysym.h vnchextile.h
+ $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
+
+d3des.o: d3des.c d3des.h
$(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
sdlaudio.o: sdlaudio.c
diff -r 1d0e75523636 tools/ioemu/vl.c
--- a/tools/ioemu/vl.c Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/ioemu/vl.c Fri Sep 29 15:46:03 2006 +0900
@@ -169,6 +169,9 @@ time_t timeoffset = 0;
char domain_name[1024] = { 'H','V', 'M', 'X', 'E', 'N', '-'};
extern int domid;
+
+char vncpasswd[64];
+unsigned char challenge[AUTHCHALLENGESIZE];
/***********************************************************/
/* x86 ISA bus support */
@@ -5901,6 +5904,7 @@ int main(int argc, char **argv)
vncunused = 0;
kernel_filename = NULL;
kernel_cmdline = "";
+ *vncpasswd = '\0';
#ifndef CONFIG_DM
#ifdef TARGET_PPC
cdrom_index = 1;
@@ -6544,6 +6548,10 @@ int main(int argc, char **argv)
init_ioports();
+ /* read vncpasswd from xenstore */
+ if (0 > xenstore_read_vncpasswd(domid))
+ exit(1);
+
/* terminal init */
if (nographic) {
dumb_display_init(ds);
diff -r 1d0e75523636 tools/ioemu/vl.h
--- a/tools/ioemu/vl.h Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/ioemu/vl.h Fri Sep 29 15:46:03 2006 +0900
@@ -1220,4 +1220,7 @@ extern char domain_name[];
void destroy_hvm_domain(void);
+/* VNC Authentication */
+#define AUTHCHALLENGESIZE 16
+
#endif /* VL_H */
diff -r 1d0e75523636 tools/ioemu/vnc.c
--- a/tools/ioemu/vnc.c Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/ioemu/vnc.c Fri Sep 29 15:46:03 2006 +0900
@@ -44,6 +44,7 @@
#include "vnc_keysym.h"
#include "keymaps.c"
+#include "d3des.h"
#define XK_MISCELLANY
#define XK_LATIN1
@@ -1221,7 +1222,58 @@ static int protocol_version(VncState *vs
return 0;
}
- vnc_write_u32(vs, 1); /* None */
+ vnc_auth(vs); /* Challenge-Responce authentication */
+
+ return 0;
+}
+
+static int protocol_authtype(VncState *vs, char *type, size_t len)
+{
+ return 0;
+}
+
+static unsigned char d3desObfuscationKey[] = {23,82,107,6,35,78,88,7};
+
+static int protocol_response(VncState *vs, char *client_response, size_t len)
+{
+ extern char vncpasswd[64];
+ extern unsigned char challenge[AUTHCHALLENGESIZE];
+ unsigned char cryptchallenge[AUTHCHALLENGESIZE];
+ unsigned char vmpasswd[64];
+ unsigned char vmplain[9];
+ unsigned char key[8];
+ int vmpasswdlen, i, j;
+
+ memcpy(cryptchallenge, challenge, AUTHCHALLENGESIZE);
+
+ /* base64 decode VM password */
+ vmpasswdlen = base64decode(vmpasswd, vncpasswd);
+
+ /* Get plain VM password */
+ deskey(d3desObfuscationKey, DE1);
+ des(vmpasswd, vmplain);
+ vmplain[8] = 0;
+
+ /* Calculate the sent challenge */
+ for (i=0; i<8; i++)
+ key[i] = i<vmpasswdlen ? vmplain[i] : 0;
+ deskey(key, EN0);
+ for (j = 0; j < AUTHCHALLENGESIZE; j += 8)
+ des(cryptchallenge+j, cryptchallenge+j);
+
+ /* Check the actual response */
+ if (memcmp(cryptchallenge, client_response, AUTHCHALLENGESIZE) != 0) {
+ /* password error */
+ vnc_write_u32(vs, 1);
+ vnc_write_u32(vs, 22);
+ vnc_write(vs, "Authentication failure", 22);
+ vnc_flush(vs);
+ fprintf(logfile, "VNC Password error.\n");
+ vnc_client_error(vs);
+ return 0;
+ }
+
+ vnc_write_u32(vs, 0);
vnc_flush(vs);
vnc_read_when(vs, protocol_client_init, 1);
@@ -1344,3 +1396,94 @@ int vnc_start_viewer(int port)
return pid;
}
}
+
+static int vnc_auth(VncState *vs)
+{
+ extern char vncpasswd[64];
+ extern unsigned char challenge[AUTHCHALLENGESIZE];
+
+ if (*vncpasswd == '\0') {
+ /* AuthType is None */
+ vnc_write_u32(vs, 1);
+ vnc_flush(vs);
+ vnc_read_when(vs, protocol_client_init, 1);
+ } else {
+ /* AuthType is VncAuth */
+ vnc_write_u32(vs, 2);
+ vnc_flush(vs);
+
+ /* Read AuthType */
+ vnc_read_when(vs, protocol_authtype, 1);
+
+ /* Send Challenge */
+ make_challenge(challenge, AUTHCHALLENGESIZE);
+ vnc_write(vs, challenge, AUTHCHALLENGESIZE);
+ vnc_flush(vs);
+
+ /* Read Responce */
+ vnc_read_when(vs, protocol_response, AUTHCHALLENGESIZE);
+ }
+
+ return 0;
+}
+
+static int make_challenge(char *random, int size)
+{
+ FILE *fp;
+ int readsize;
+
+ fp = fopen("/dev/random", "r");
+ if (!fp) {
+ fprintf(stderr, "make_challenge: no OS supplied /dev/random\n");
+ exit(1);
+ }
+ readsize = fread(random, size, 1, fp);
+ fclose(fp);
+
+ return 0;
+}
+
+
+const char base64char[] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
+
+static unsigned int base64value(char c1)
+{
+ unsigned int i;
+
+ if (c1 == '=') return 0;
+ for (i=0; base64char[i]; i++) {
+ if (c1 == base64char[i]) break;
+ }
+
+ return i;
+}
+
+static int base64decode(unsigned char *out, char *in)
+{
+ int outpos = 0; /* current position of out area */
+ int i;
+ int inlen; /* indata length */
+
+ inlen = strlen(in);
+
+ /* base64 decode */
+ for (i=0; i<inlen; i+=4) {
+ if (in[i] == '=') break;
+ out[outpos] = (unsigned char)
+ ( (base64value(in[i])<<2) | ((base64value(in[i+1])&0x30)>>4) );
+ out[outpos+1] = (unsigned char)
+ ( ((base64value(in[i+1])&0x0f)<<4)|((base64value(in[i+2])&0x3c)>>2) );
+ out[outpos+2] = (unsigned char)
+ ( ((base64value(in[i+2])&0x03)<<6) | (base64value(in[i+3])&0x3f) );
+ outpos += 3;
+ }
+
+ /* correction length */
+ if (outpos) {
+ if (in[i-1] == '=') outpos--;
+ if (in[i-2] == '=') outpos--;
+ }
+
+ return outpos;
+}
diff -r 1d0e75523636 tools/ioemu/xenstore.c
--- a/tools/ioemu/xenstore.c Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/ioemu/xenstore.c Fri Sep 29 15:46:03 2006 +0900
@@ -213,3 +213,60 @@ void xenstore_write_vncport(int display)
free(portstr);
free(buf);
}
+
+int xenstore_read_vncpasswd(int domid)
+{
+ extern char vncpasswd[64];
+ char *buf = NULL, *path, *uuid = NULL, *passwd = NULL;
+ unsigned int i, len, rc = 0;
+
+ if (xsh == NULL) {
+ return -1;
+ }
+
+ path = xs_get_domain_path(xsh, domid);
+ if (path == NULL) {
+ fprintf(logfile, "xs_get_domain_path() error\n");
+ return -1;
+ }
+
+ pasprintf(&buf, "%s/vm", path);
+ uuid = xs_read(xsh, XBT_NULL, buf, &len);
+ if (uuid == NULL) {
+ fprintf(logfile, "xs_read(): uuid get error\n");
+ free(path);
+ return -1;
+ }
+
+ pasprintf(&buf, "%s/vncpasswd", uuid);
+ passwd = xs_read(xsh, XBT_NULL, buf, &len);
+ if (passwd == NULL) {
+ free(uuid);
+ free(path);
+ return rc;
+ }
+
+ for (i=0; i<len; i++) {
+ vncpasswd[i] = passwd[i];
+ passwd[i] = '\0';
+ }
+ vncpasswd[len] = '\0';
+
+ if (pasprintf(&buf, "%s/vncpasswd", uuid) == -1) {
+ fprintf(logfile, "pasprintf() vncpasswd failed\n");
+ goto out2;
+ rc = -1;
+ }
+ if (xs_write(xsh, XBT_NULL, buf, passwd, len) == 0) {
+ fprintf(logfile, "xs_write() vncpasswd failed\n");
+ rc = -1;
+ }
+
+
+ out2:
+ free(passwd);
+ free(uuid);
+ free(path);
+
+ return rc;
+}
diff -r 1d0e75523636 tools/python/xen/xend/XendDomainInfo.py
--- a/tools/python/xen/xend/XendDomainInfo.py Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/python/xen/xend/XendDomainInfo.py Fri Sep 29 15:46:03 2006 +0900
@@ -391,6 +391,9 @@ def parseConfig(config):
else:
log.warn("Ignoring malformed and deprecated config option "
"restart = %s", restart)
+
+ result['image'].append(
+ ['vncpasswd_default', xroot.get_vncpasswd_default()])
log.debug("parseConfig: result is %s", result)
return result
diff -r 1d0e75523636 tools/python/xen/xend/XendRoot.py
--- a/tools/python/xen/xend/XendRoot.py Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/python/xen/xend/XendRoot.py Fri Sep 29 15:46:03 2006 +0900
@@ -95,6 +95,8 @@ class XendRoot:
dom0_min_mem_default = '0'
dom0_vcpus_default = '0'
+
+ vncpasswd_default = '#None#'
components = {}
@@ -272,6 +274,10 @@ class XendRoot:
def get_console_limit(self):
return self.get_config_int('console-limit', 1024)
+ def get_vncpasswd_default(self):
+ return self.get_config_value('vncpasswd',
+ self.vncpasswd_default)
+
def instance():
"""Get an instance of XendRoot.
Use this instead of the constructor.
diff -r 1d0e75523636 tools/python/xen/xend/image.py
--- a/tools/python/xen/xend/image.py Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/python/xen/xend/image.py Fri Sep 29 15:46:03 2006 +0900
@@ -348,8 +348,20 @@ class HVMImageHandler(ImageHandler):
sdl = sxp.child_value(config, 'sdl')
ret = []
nographic = sxp.child_value(config, 'nographic')
+
+ # get password from xend-config(if password omitted, '#None#')
+ vncpasswd_default = sxp.child_value(config,
+ 'vncpasswd_default')
+ # get password from VM config(if password omitted, None)
+ vncpasswd_vmconfig = sxp.child_value(config, 'vncpasswd')
+ vncpasswd = vncpasswd_vmconfig
+
if nographic:
ret.append('-nographic')
+ # remove password
+ if vncpasswd_vmconfig:
+ config.remove(['vncpasswd', vncpasswd_vmconfig])
+ del config[config.index(['vncpasswd_default', vncpasswd_default])]
return ret
if vnc:
vncdisplay = sxp.child_value(config, 'vncdisplay',
@@ -358,6 +370,19 @@ class HVMImageHandler(ImageHandler):
vncunused = sxp.child_value(config, 'vncunused')
if vncunused:
ret += ['-vncunused']
+ # password check
+ if vncpasswd is None:
+ if vncpasswd_default=='#None#':
+ raise VmError('vncpasswd is not setuped in VMconfig and xend-config.')
+ else:
+ vncpasswd = vncpasswd_default
+ if vncpasswd!='':
+ self.vm.storeVm("vncpasswd", vncpasswd)
+
+ # remove password
+ config.remove(['vncpasswd', vncpasswd_vmconfig])
+ del config[config.index(['vncpasswd_default', vncpasswd_default])]
+
return ret
def createDeviceModel(self):
diff -r 1d0e75523636 tools/python/xen/xm/create.py
--- a/tools/python/xen/xm/create.py Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/python/xen/xm/create.py Fri Sep 29 15:46:03 2006 +0900
@@ -103,6 +103,10 @@ gopts.opt('console_autoconnect', short='
gopts.opt('console_autoconnect', short='c',
fn=set_true, default=0,
use="Connect to the console after the domain is created.")
+
+gopts.var('vncpasswd', val='NAME',
+ fn=set_value, default=None,
+ use="Password for VNC console on HVM domain.")
gopts.var('vncviewer', val='no|yes',
fn=set_bool, default=None,
@@ -638,6 +642,7 @@ def configure_hvm(config_image, vals):
for a in args:
if (vals.__dict__[a]):
config_image.append([a, vals.__dict__[a]])
+ config_image.append(['vncpasswd', vals.vncpasswd])
def run_bootloader(vals, config_image):
if not os.access(vals.bootloader, os.X_OK):
diff -r 1d0e75523636 tools/ioemu/d3des.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/d3des.c Fri Sep 29 15:46:03 2006 +0900
@@ -0,0 +1,434 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC. Also the bytebit[] array
+ * has been reversed so that the most significant bit in each byte of the
+ * key is ignored, not the least significant.
+ *
+ * These changes are:
+ * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* D3DES (V5.09) -
+ *
+ * A portable, public domain, version of the Data Encryption Standard.
+ *
+ * Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge.
+ * Thanks to: Dan Hoey for his excellent Initial and Inverse permutation
+ * code; Jim Gillogly & Phil Karn for the DES key schedule code; Dennis
+ * Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau,
+ * for humouring me on.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge.
+ * (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992.
+ */
+
+#include "d3des.h"
+
+static void scrunch(unsigned char *, unsigned long *);
+static void unscrun(unsigned long *, unsigned char *);
+static void desfunc(unsigned long *, unsigned long *);
+static void cookey(unsigned long *);
+
+static unsigned long KnL[32] = { 0L };
+
+static unsigned short bytebit[8] = {
+ 01, 02, 04, 010, 020, 040, 0100, 0200 };
+
+static unsigned long bigbyte[24] = {
+ 0x800000L, 0x400000L, 0x200000L, 0x100000L,
+ 0x80000L, 0x40000L, 0x20000L, 0x10000L,
+ 0x8000L, 0x4000L, 0x2000L, 0x1000L,
+ 0x800L, 0x400L, 0x200L, 0x100L,
+ 0x80L, 0x40L, 0x20L, 0x10L,
+ 0x8L, 0x4L, 0x2L, 0x1L };
+
+/* Use the key schedule specified in the Standard (ANSI X3.92-1981). */
+
+static unsigned char pc1[56] = {
+ 56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17,
+ 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35,
+ 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21,
+ 13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3 };
+
+static unsigned char totrot[16] = {
+ 1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28 };
+
+static unsigned char pc2[48] = {
+ 13, 16, 10, 23, 0, 4, 2, 27, 14, 5, 20, 9,
+ 22, 18, 11, 3, 25, 7, 15, 6, 26, 19, 12, 1,
+ 40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47,
+ 43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31 };
+
+void deskey(key, edf) /* Thanks to James Gillogly & Phil Karn! */
+unsigned char *key;
+int edf;
+{
+ register int i, j, l, m, n;
+ unsigned char pc1m[56], pcr[56];
+ unsigned long kn[32];
+
+ for ( j = 0; j < 56; j++ ) {
+ l = pc1[j];
+ m = l & 07;
+ pc1m[j] = (key[l >> 3] & bytebit[m]) ? 1 : 0;
+ }
+ for( i = 0; i < 16; i++ ) {
+ if( edf == DE1 ) m = (15 - i) << 1;
+ else m = i << 1;
+ n = m + 1;
+ kn[m] = kn[n] = 0L;
+ for( j = 0; j < 28; j++ ) {
+ l = j + totrot[i];
+ if( l < 28 ) pcr[j] = pc1m[l];
+ else pcr[j] = pc1m[l - 28];
+ }
+ for( j = 28; j < 56; j++ ) {
+ l = j + totrot[i];
+ if( l < 56 ) pcr[j] = pc1m[l];
+ else pcr[j] = pc1m[l - 28];
+ }
+ for( j = 0; j < 24; j++ ) {
+ if( pcr[pc2[j]] ) kn[m] |= bigbyte[j];
+ if( pcr[pc2[j+24]] ) kn[n] |= bigbyte[j];
+ }
+ }
+ cookey(kn);
+ return;
+ }
+
+static void cookey(raw1)
+register unsigned long *raw1;
+{
+ register unsigned long *cook, *raw0;
+ unsigned long dough[32];
+ register int i;
+
+ cook = dough;
+ for( i = 0; i < 16; i++, raw1++ ) {
+ raw0 = raw1++;
+ *cook = (*raw0 & 0x00fc0000L) << 6;
+ *cook |= (*raw0 & 0x00000fc0L) << 10;
+ *cook |= (*raw1 & 0x00fc0000L) >> 10;
+ *cook++ |= (*raw1 & 0x00000fc0L) >> 6;
+ *cook = (*raw0 & 0x0003f000L) << 12;
+ *cook |= (*raw0 & 0x0000003fL) << 16;
+ *cook |= (*raw1 & 0x0003f000L) >> 4;
+ *cook++ |= (*raw1 & 0x0000003fL);
+ }
+ usekey(dough);
+ return;
+ }
+
+void cpkey(into)
+register unsigned long *into;
+{
+ register unsigned long *from, *endp;
+
+ from = KnL, endp = &KnL[32];
+ while( from < endp ) *into++ = *from++;
+ return;
+ }
+
+void usekey(from)
+register unsigned long *from;
+{
+ register unsigned long *to, *endp;
+
+ to = KnL, endp = &KnL[32];
+ while( to < endp ) *to++ = *from++;
+ return;
+ }
+
+void des(inblock, outblock)
+unsigned char *inblock, *outblock;
+{
+ unsigned long work[2];
+
+ scrunch(inblock, work);
+ desfunc(work, KnL);
+ unscrun(work, outblock);
+ return;
+ }
+
+static void scrunch(outof, into)
+register unsigned char *outof;
+register unsigned long *into;
+{
+ *into = (*outof++ & 0xffL) << 24;
+ *into |= (*outof++ & 0xffL) << 16;
+ *into |= (*outof++ & 0xffL) << 8;
+ *into++ |= (*outof++ & 0xffL);
+ *into = (*outof++ & 0xffL) << 24;
+ *into |= (*outof++ & 0xffL) << 16;
+ *into |= (*outof++ & 0xffL) << 8;
+ *into |= (*outof & 0xffL);
+ return;
+ }
+
+static void unscrun(outof, into)
+register unsigned long *outof;
+register unsigned char *into;
+{
+ *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 8) & 0xffL);
+ *into++ = (unsigned char)(*outof++ & 0xffL);
+ *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 8) & 0xffL);
+ *into = (unsigned char)(*outof & 0xffL);
+ return;
+ }
+
+static unsigned long SP1[64] = {
+ 0x01010400L, 0x00000000L, 0x00010000L, 0x01010404L,
+ 0x01010004L, 0x00010404L, 0x00000004L, 0x00010000L,
+ 0x00000400L, 0x01010400L, 0x01010404L, 0x00000400L,
+ 0x01000404L, 0x01010004L, 0x01000000L, 0x00000004L,
+ 0x00000404L, 0x01000400L, 0x01000400L, 0x00010400L,
+ 0x00010400L, 0x01010000L, 0x01010000L, 0x01000404L,
+ 0x00010004L, 0x01000004L, 0x01000004L, 0x00010004L,
+ 0x00000000L, 0x00000404L, 0x00010404L, 0x01000000L,
+ 0x00010000L, 0x01010404L, 0x00000004L, 0x01010000L,
+ 0x01010400L, 0x01000000L, 0x01000000L, 0x00000400L,
+ 0x01010004L, 0x00010000L, 0x00010400L, 0x01000004L,
+ 0x00000400L, 0x00000004L, 0x01000404L, 0x00010404L,
+ 0x01010404L, 0x00010004L, 0x01010000L, 0x01000404L,
+ 0x01000004L, 0x00000404L, 0x00010404L, 0x01010400L,
+ 0x00000404L, 0x01000400L, 0x01000400L, 0x00000000L,
+ 0x00010004L, 0x00010400L, 0x00000000L, 0x01010004L };
+
+static unsigned long SP2[64] = {
+ 0x80108020L, 0x80008000L, 0x00008000L, 0x00108020L,
+ 0x00100000L, 0x00000020L, 0x80100020L, 0x80008020L,
+ 0x80000020L, 0x80108020L, 0x80108000L, 0x80000000L,
+ 0x80008000L, 0x00100000L, 0x00000020L, 0x80100020L,
+ 0x00108000L, 0x00100020L, 0x80008020L, 0x00000000L,
+ 0x80000000L, 0x00008000L, 0x00108020L, 0x80100000L,
+ 0x00100020L, 0x80000020L, 0x00000000L, 0x00108000L,
+ 0x00008020L, 0x80108000L, 0x80100000L, 0x00008020L,
+ 0x00000000L, 0x00108020L, 0x80100020L, 0x00100000L,
+ 0x80008020L, 0x80100000L, 0x80108000L, 0x00008000L,
+ 0x80100000L, 0x80008000L, 0x00000020L, 0x80108020L,
+ 0x00108020L, 0x00000020L, 0x00008000L, 0x80000000L,
+ 0x00008020L, 0x80108000L, 0x00100000L, 0x80000020L,
+ 0x00100020L, 0x80008020L, 0x80000020L, 0x00100020L,
+ 0x00108000L, 0x00000000L, 0x80008000L, 0x00008020L,
+ 0x80000000L, 0x80100020L, 0x80108020L, 0x00108000L };
+
+static unsigned long SP3[64] = {
+ 0x00000208L, 0x08020200L, 0x00000000L, 0x08020008L,
+ 0x08000200L, 0x00000000L, 0x00020208L, 0x08000200L,
+ 0x00020008L, 0x08000008L, 0x08000008L, 0x00020000L,
+ 0x08020208L, 0x00020008L, 0x08020000L, 0x00000208L,
+ 0x08000000L, 0x00000008L, 0x08020200L, 0x00000200L,
+ 0x00020200L, 0x08020000L, 0x08020008L, 0x00020208L,
+ 0x08000208L, 0x00020200L, 0x00020000L, 0x08000208L,
+ 0x00000008L, 0x08020208L, 0x00000200L, 0x08000000L,
+ 0x08020200L, 0x08000000L, 0x00020008L, 0x00000208L,
+ 0x00020000L, 0x08020200L, 0x08000200L, 0x00000000L,
+ 0x00000200L, 0x00020008L, 0x08020208L, 0x08000200L,
+ 0x08000008L, 0x00000200L, 0x00000000L, 0x08020008L,
+ 0x08000208L, 0x00020000L, 0x08000000L, 0x08020208L,
+ 0x00000008L, 0x00020208L, 0x00020200L, 0x08000008L,
+ 0x08020000L, 0x08000208L, 0x00000208L, 0x08020000L,
+ 0x00020208L, 0x00000008L, 0x08020008L, 0x00020200L };
+
+static unsigned long SP4[64] = {
+ 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+ 0x00802080L, 0x00800081L, 0x00800001L, 0x00002001L,
+ 0x00000000L, 0x00802000L, 0x00802000L, 0x00802081L,
+ 0x00000081L, 0x00000000L, 0x00800080L, 0x00800001L,
+ 0x00000001L, 0x00002000L, 0x00800000L, 0x00802001L,
+ 0x00000080L, 0x00800000L, 0x00002001L, 0x00002080L,
+ 0x00800081L, 0x00000001L, 0x00002080L, 0x00800080L,
+ 0x00002000L, 0x00802080L, 0x00802081L, 0x00000081L,
+ 0x00800080L, 0x00800001L, 0x00802000L, 0x00802081L,
+ 0x00000081L, 0x00000000L, 0x00000000L, 0x00802000L,
+ 0x00002080L, 0x00800080L, 0x00800081L, 0x00000001L,
+ 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+ 0x00802081L, 0x00000081L, 0x00000001L, 0x00002000L,
+ 0x00800001L, 0x00002001L, 0x00802080L, 0x00800081L,
+ 0x00002001L, 0x00002080L, 0x00800000L, 0x00802001L,
+ 0x00000080L, 0x00800000L, 0x00002000L, 0x00802080L };
+
+static unsigned long SP5[64] = {
+ 0x00000100L, 0x02080100L, 0x02080000L, 0x42000100L,
+ 0x00080000L, 0x00000100L, 0x40000000L, 0x02080000L,
+ 0x40080100L, 0x00080000L, 0x02000100L, 0x40080100L,
+ 0x42000100L, 0x42080000L, 0x00080100L, 0x40000000L,
+ 0x02000000L, 0x40080000L, 0x40080000L, 0x00000000L,
+ 0x40000100L, 0x42080100L, 0x42080100L, 0x02000100L,
+ 0x42080000L, 0x40000100L, 0x00000000L, 0x42000000L,
+ 0x02080100L, 0x02000000L, 0x42000000L, 0x00080100L,
+ 0x00080000L, 0x42000100L, 0x00000100L, 0x02000000L,
+ 0x40000000L, 0x02080000L, 0x42000100L, 0x40080100L,
+ 0x02000100L, 0x40000000L, 0x42080000L, 0x02080100L,
+ 0x40080100L, 0x00000100L, 0x02000000L, 0x42080000L,
+ 0x42080100L, 0x00080100L, 0x42000000L, 0x42080100L,
+ 0x02080000L, 0x00000000L, 0x40080000L, 0x42000000L,
+ 0x00080100L, 0x02000100L, 0x40000100L, 0x00080000L,
+ 0x00000000L, 0x40080000L, 0x02080100L, 0x40000100L };
+
+static unsigned long SP6[64] = {
+ 0x20000010L, 0x20400000L, 0x00004000L, 0x20404010L,
+ 0x20400000L, 0x00000010L, 0x20404010L, 0x00400000L,
+ 0x20004000L, 0x00404010L, 0x00400000L, 0x20000010L,
+ 0x00400010L, 0x20004000L, 0x20000000L, 0x00004010L,
+ 0x00000000L, 0x00400010L, 0x20004010L, 0x00004000L,
+ 0x00404000L, 0x20004010L, 0x00000010L, 0x20400010L,
+ 0x20400010L, 0x00000000L, 0x00404010L, 0x20404000L,
+ 0x00004010L, 0x00404000L, 0x20404000L, 0x20000000L,
+ 0x20004000L, 0x00000010L, 0x20400010L, 0x00404000L,
+ 0x20404010L, 0x00400000L, 0x00004010L, 0x20000010L,
+ 0x00400000L, 0x20004000L, 0x20000000L, 0x00004010L,
+ 0x20000010L, 0x20404010L, 0x00404000L, 0x20400000L,
+ 0x00404010L, 0x20404000L, 0x00000000L, 0x20400010L,
+ 0x00000010L, 0x00004000L, 0x20400000L, 0x00404010L,
+ 0x00004000L, 0x00400010L, 0x20004010L, 0x00000000L,
+ 0x20404000L, 0x20000000L, 0x00400010L, 0x20004010L };
+
+static unsigned long SP7[64] = {
+ 0x00200000L, 0x04200002L, 0x04000802L, 0x00000000L,
+ 0x00000800L, 0x04000802L, 0x00200802L, 0x04200800L,
+ 0x04200802L, 0x00200000L, 0x00000000L, 0x04000002L,
+ 0x00000002L, 0x04000000L, 0x04200002L, 0x00000802L,
+ 0x04000800L, 0x00200802L, 0x00200002L, 0x04000800L,
+ 0x04000002L, 0x04200000L, 0x04200800L, 0x00200002L,
+ 0x04200000L, 0x00000800L, 0x00000802L, 0x04200802L,
+ 0x00200800L, 0x00000002L, 0x04000000L, 0x00200800L,
+ 0x04000000L, 0x00200800L, 0x00200000L, 0x04000802L,
+ 0x04000802L, 0x04200002L, 0x04200002L, 0x00000002L,
+ 0x00200002L, 0x04000000L, 0x04000800L, 0x00200000L,
+ 0x04200800L, 0x00000802L, 0x00200802L, 0x04200800L,
+ 0x00000802L, 0x04000002L, 0x04200802L, 0x04200000L,
+ 0x00200800L, 0x00000000L, 0x00000002L, 0x04200802L,
+ 0x00000000L, 0x00200802L, 0x04200000L, 0x00000800L,
+ 0x04000002L, 0x04000800L, 0x00000800L, 0x00200002L };
+
+static unsigned long SP8[64] = {
+ 0x10001040L, 0x00001000L, 0x00040000L, 0x10041040L,
+ 0x10000000L, 0x10001040L, 0x00000040L, 0x10000000L,
+ 0x00040040L, 0x10040000L, 0x10041040L, 0x00041000L,
+ 0x10041000L, 0x00041040L, 0x00001000L, 0x00000040L,
+ 0x10040000L, 0x10000040L, 0x10001000L, 0x00001040L,
+ 0x00041000L, 0x00040040L, 0x10040040L, 0x10041000L,
+ 0x00001040L, 0x00000000L, 0x00000000L, 0x10040040L,
+ 0x10000040L, 0x10001000L, 0x00041040L, 0x00040000L,
+ 0x00041040L, 0x00040000L, 0x10041000L, 0x00001000L,
+ 0x00000040L, 0x10040040L, 0x00001000L, 0x00041040L,
+ 0x10001000L, 0x00000040L, 0x10000040L, 0x10040000L,
+ 0x10040040L, 0x10000000L, 0x00040000L, 0x10001040L,
+ 0x00000000L, 0x10041040L, 0x00040040L, 0x10000040L,
+ 0x10040000L, 0x10001000L, 0x10001040L, 0x00000000L,
+ 0x10041040L, 0x00041000L, 0x00041000L, 0x00001040L,
+ 0x00001040L, 0x00040040L, 0x10000000L, 0x10041000L };
+
+static void desfunc(block, keys)
+register unsigned long *block, *keys;
+{
+ register unsigned long fval, work, right, leftt;
+ register int round;
+
+ leftt = block[0];
+ right = block[1];
+ work = ((leftt >> 4) ^ right) & 0x0f0f0f0fL;
+ right ^= work;
+ leftt ^= (work << 4);
+ work = ((leftt >> 16) ^ right) & 0x0000ffffL;
+ right ^= work;
+ leftt ^= (work << 16);
+ work = ((right >> 2) ^ leftt) & 0x33333333L;
+ leftt ^= work;
+ right ^= (work << 2);
+ work = ((right >> 8) ^ leftt) & 0x00ff00ffL;
+ leftt ^= work;
+ right ^= (work << 8);
+ right = ((right << 1) | ((right >> 31) & 1L)) & 0xffffffffL;
+ work = (leftt ^ right) & 0xaaaaaaaaL;
+ leftt ^= work;
+ right ^= work;
+ leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL;
+
+ for( round = 0; round < 8; round++ ) {
+ work = (right << 28) | (right >> 4);
+ work ^= *keys++;
+ fval = SP7[ work & 0x3fL];
+ fval |= SP5[(work >> 8) & 0x3fL];
+ fval |= SP3[(work >> 16) & 0x3fL];
+ fval |= SP1[(work >> 24) & 0x3fL];
+ work = right ^ *keys++;
+ fval |= SP8[ work & 0x3fL];
+ fval |= SP6[(work >> 8) & 0x3fL];
+ fval |= SP4[(work >> 16) & 0x3fL];
+ fval |= SP2[(work >> 24) & 0x3fL];
+ leftt ^= fval;
+ work = (leftt << 28) | (leftt >> 4);
+ work ^= *keys++;
+ fval = SP7[ work & 0x3fL];
+ fval |= SP5[(work >> 8) & 0x3fL];
+ fval |= SP3[(work >> 16) & 0x3fL];
+ fval |= SP1[(work >> 24) & 0x3fL];
+ work = leftt ^ *keys++;
+ fval |= SP8[ work & 0x3fL];
+ fval |= SP6[(work >> 8) & 0x3fL];
+ fval |= SP4[(work >> 16) & 0x3fL];
+ fval |= SP2[(work >> 24) & 0x3fL];
+ right ^= fval;
+ }
+
+ right = (right << 31) | (right >> 1);
+ work = (leftt ^ right) & 0xaaaaaaaaL;
+ leftt ^= work;
+ right ^= work;
+ leftt = (leftt << 31) | (leftt >> 1);
+ work = ((leftt >> 8) ^ right) & 0x00ff00ffL;
+ right ^= work;
+ leftt ^= (work << 8);
+ work = ((leftt >> 2) ^ right) & 0x33333333L;
+ right ^= work;
+ leftt ^= (work << 2);
+ work = ((right >> 16) ^ leftt) & 0x0000ffffL;
+ leftt ^= work;
+ right ^= (work << 16);
+ work = ((right >> 4) ^ leftt) & 0x0f0f0f0fL;
+ leftt ^= work;
+ right ^= (work << 4);
+ *block++ = right;
+ *block = leftt;
+ return;
+ }
+
+/* Validation sets:
+ *
+ * Single-length key, single-length plaintext -
+ * Key : 0123 4567 89ab cdef
+ * Plain : 0123 4567 89ab cde7
+ * Cipher : c957 4425 6a5e d31d
+ *
+ * Double-length key, single-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain : 0123 4567 89ab cde7
+ * Cipher : 7f1d 0a77 826b 8aff
+ *
+ * Double-length key, double-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : 27a0 8440 406a df60 278f 47cf 42d6 15d7
+ *
+ * Triple-length key, single-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain : 0123 4567 89ab cde7
+ * Cipher : de0b 7c06 ae5e 0ed5
+ *
+ * Triple-length key, double-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : ad0d 1b30 ac17 cf07 0ed1 1c63 81e4 4de5
+ *
+ * d3des V5.0a rwo 9208.07 18:44 Graven Imagery
+ **********************************************************************/
diff -r 1d0e75523636 tools/ioemu/d3des.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/d3des.h Fri Sep 29 15:46:03 2006 +0900
@@ -0,0 +1,51 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC.
+ *
+ * These changes are:
+ * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* d3des.h -
+ *
+ * Headers and defines for d3des.c
+ * Graven Imagery, 1992.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge
+ * (GEnie : OUTER; CIS : [71755,204])
+ */
+
+#define EN0 0 /* MODE == encrypt */
+#define DE1 1 /* MODE == decrypt */
+
+extern void deskey(unsigned char *, int);
+/* hexkey[8] MODE
+ * Sets the internal key register according to the hexadecimal
+ * key contained in the 8 bytes of hexkey, according to the DES,
+ * for encryption or decryption according to MODE.
+ */
+
+extern void usekey(unsigned long *);
+/* cookedkey[32]
+ * Loads the internal key register with the data in cookedkey.
+ */
+
+extern void cpkey(unsigned long *);
+/* cookedkey[32]
+ * Copies the contents of the internal key register into the storage
+ * located at &cookedkey[0].
+ */
+
+extern void des(unsigned char *, unsigned char *);
+/* from[8] to[8]
+ * Encrypts/Decrypts (according to the key currently loaded in the
+ * internal key register) one block of eight bytes at address 'from'
+ * into the block at address 'to'. They can be the same.
+ */
+
+/* d3des.h V5.09 rwo 9208.04 15:06 Graven Imagery
+ ********************************************************************/
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH][Take 2] VNC authentification
2006-09-29 8:47 ` [PATCH][Take 2] VNC authentification Masami Watanabe
@ 2006-09-29 14:01 ` Anthony Liguori
2006-09-30 18:47 ` masami.watanabe
2006-09-29 22:11 ` Daniel P. Berrange
1 sibling, 1 reply; 16+ messages in thread
From: Anthony Liguori @ 2006-09-29 14:01 UTC (permalink / raw)
To: Masami Watanabe; +Cc: Ian Pratt, xen-devel, Daniel P. Berrange
A couple comments:
Does this code actually work? You call vnc_read_when twice in the same
function. The first one should never get called (it can only be called
from the main loop and there can only ever be one outstanding read
function).
There are a couple weird bits in the code too that I cannot reply to
(your mailer is sending the attachment as a octet-stream, please inline
too next time you send the patch).
Otherwise, it looks really promising!
Regards,
Anthony Liguori
Masami Watanabe wrote:
> Hi,
>
> This is take 2 on VNC authentification.
>
> The specification is as mentioned at
> http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
> The difference is follows.
> - correction that passes information through xenstore.
> - after information is read, qemu deletes information on xenstore.
>
>
> Signed-off-by: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
>
> Best regards,
> Watanabe
>
>
> On Tue, 26 Sep 2006 19:23:47 +0100, Ian Pratt wrote:
>
>>
>>
>>> Thanks all point about security, I'll do as follows.
>>> I thought that the point was the following two.
>>>
>>>
>>> 1. Storage place of encrypted password
>>> Should I store it in /etc/xen/passwd ?
>>> Or, should I wait for DB of Xen that will be released in
>>> the future?
>>>
>> The xend life cycle management patches were posted by Alistair a couple
>> of months back. They'll go in early in the 3.0.4 cycle.
>>
>>
>>> In the latter case, the release time and information, I want you to
>>> teach it.
>>> Now, I think we have no choice but to use /etc/xen/passwd.
>>>
>> In the mean time, I'd just out them in the domain config file and change
>> the default permissions and ownership.
>>
>>
>>> 2. Method of Xen VNC Server receiving stored password
>>> By way of xenstore. However, it is necessary to consider
>>> xenstore-ls.
>>>
>> It can be passed transiently (i.e. it gets deleted from the store by
>> qemu-dm)
>> You need to be root to run xenstore-ls so I'm comfortable with this.
>>
>> Ian
>>
>> _______________________________________________
>> Xen-devel mailing list
>> Xen-devel@lists.xensource.com
>> http://lists.xensource.com/xen-devel
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH][Take 2] VNC authentification
2006-09-29 8:47 ` [PATCH][Take 2] VNC authentification Masami Watanabe
2006-09-29 14:01 ` Anthony Liguori
@ 2006-09-29 22:11 ` Daniel P. Berrange
2006-09-30 18:53 ` Masami Watanabe
1 sibling, 1 reply; 16+ messages in thread
From: Daniel P. Berrange @ 2006-09-29 22:11 UTC (permalink / raw)
To: Masami Watanabe; +Cc: Ian Pratt, Anthony Liguori, xen-devel
On Fri, Sep 29, 2006 at 05:47:34PM +0900, Masami Watanabe wrote:
> Hi,
>
> This is take 2 on VNC authentification.
>
> The specification is as mentioned at
> http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
> The difference is follows.
> - correction that passes information through xenstore.
> - after information is read, qemu deletes information on xenstore.
This patch doesn't compile because it is calling functions before
they are even defined & the implicit definition this results in does
not match the actual definition later
xen-3.0.3-testing-11633/tools/ioemu/vnc.c: In function 'protocol_version':
xen-3.0.3-testing-11633/tools/ioemu/vnc.c:1225: warning: implicit declaration of function 'vnc_auth'
xen-3.0.3-testing-11633/tools/ioemu/vnc.c: In function 'protocol_response':
xen-3.0.3-testing-11633/tools/ioemu/vnc.c:1250: warning: implicit declaration of function 'base64decode'
xen-3.0.3-testing-11633/tools/ioemu/vnc.c: At top level:
xen-3.0.3-testing-11633/tools/ioemu/vnc.c:1399: error: static declaration of 'vnc_auth' follows non-static declaration
xen-3.0.3-testing-11633/tools/ioemu/vnc.c:1225: error: previous implicit declaration of 'vnc_auth' was here
xen-3.0.3-testing-11633/tools/ioemu/vnc.c: In function 'vnc_auth':
xen-3.0.3-testing-11633/tools/ioemu/vnc.c:1417: warning: implicit declaration of function 'make_challenge'
xen-3.0.3-testing-11633/tools/ioemu/vnc.c: At top level:
xen-3.0.3-testing-11633/tools/ioemu/vnc.c:1429: error: static declaration of 'make_challenge' follows non-static declaration
xen-3.0.3-testing-11633/tools/ioemu/vnc.c:1417: error: previous implicit declaration of 'make_challenge' was here
xen-3.0.3-testing-11633/tools/ioemu/vnc.c:1461: error: static declaration of 'base64decode' follows non-static declaration
xen-3.0.3-testing-11633/tools/ioemu/vnc.c:1250: error: previous implicit declaration of 'base64decode' was here
> diff -r 1d0e75523636 tools/python/xen/xend/XendRoot.py
> --- a/tools/python/xen/xend/XendRoot.py Wed Sep 27 17:49:22 2006 +0100
> +++ b/tools/python/xen/xend/XendRoot.py Fri Sep 29 15:46:03 2006 +0900
> @@ -95,6 +95,8 @@ class XendRoot:
> dom0_min_mem_default = '0'
>
> dom0_vcpus_default = '0'
> +
> + vncpasswd_default = '#None#'
Why not just use the proper Python None value ?
> diff -r 1d0e75523636 tools/python/xen/xend/XendDomainInfo.py
> --- a/tools/python/xen/xend/XendDomainInfo.py Wed Sep 27 17:49:22 2006 +0100
> +++ b/tools/python/xen/xend/XendDomainInfo.py Fri Sep 29 15:46:03 2006 +0900
> @@ -391,6 +391,9 @@ def parseConfig(config):
> else:
> log.warn("Ignoring malformed and deprecated config option "
> "restart = %s", restart)
> +
> + result['image'].append(
> + ['vncpasswd_default', xroot.get_vncpasswd_default()])
Why put the system default password into the guest's config record here,
only to remove it again later on. The XendRoot object is a singleton, so
better to just call 'get_vncpasswd_default' when you need it later....
> diff -r 1d0e75523636 tools/python/xen/xend/image.py
> --- a/tools/python/xen/xend/image.py Wed Sep 27 17:49:22 2006 +0100
> +++ b/tools/python/xen/xend/image.py Fri Sep 29 15:46:03 2006 +0900
> @@ -348,8 +348,20 @@ class HVMImageHandler(ImageHandler):
> sdl = sxp.child_value(config, 'sdl')
> ret = []
> nographic = sxp.child_value(config, 'nographic')
> +
> + # get password from xend-config(if password omitted, '#None#')
> + vncpasswd_default = sxp.child_value(config,
> + 'vncpasswd_default')
Just call
vncpassword_default = xen.xend.XendRoot.instance().get_vncpasswd_default()
Then there is no need to keep 'vncpasswd_default' in the guest's sxp at all.
> + # get password from VM config(if password omitted, None)
> + vncpasswd_vmconfig = sxp.child_value(config, 'vncpasswd')
> + vncpasswd = vncpasswd_vmconfig
> +
> if nographic:
> ret.append('-nographic')
> + # remove password
> + if vncpasswd_vmconfig:
> + config.remove(['vncpasswd', vncpasswd_vmconfig])
> + del config[config.index(['vncpasswd_default', vncpasswd_default])]
> return ret
> if vnc:
> vncdisplay = sxp.child_value(config, 'vncdisplay',
> @@ -358,6 +370,19 @@ class HVMImageHandler(ImageHandler):
> vncunused = sxp.child_value(config, 'vncunused')
> if vncunused:
> ret += ['-vncunused']
> + # password check
> + if vncpasswd is None:
> + if vncpasswd_default=='#None#':
> + raise VmError('vncpasswd is not setuped in VMconfig and xend-config.')
> + else:
> + vncpasswd = vncpasswd_default
This should just do 'if vncpasswd_default is None', rather than use some
magic string value '#None#'
> + if vncpasswd!='':
> + self.vm.storeVm("vncpasswd", vncpasswd)
> +
> + # remove password
> + config.remove(['vncpasswd', vncpasswd_vmconfig])
> + del config[config.index(['vncpasswd_default', vncpasswd_default])]
> +
> return ret
>
> def createDeviceModel(self):
See comment above about not storing 'vncpasswd_default' in this object
at all.
Regards,
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH][Take 2] VNC authentification
2006-09-29 14:01 ` Anthony Liguori
@ 2006-09-30 18:47 ` masami.watanabe
0 siblings, 0 replies; 16+ messages in thread
From: masami.watanabe @ 2006-09-30 18:47 UTC (permalink / raw)
To: Anthony Liguori; +Cc: Ian Pratt, xen-devel, Daniel P. Berrange, masami.watanabe
Hi Anthony,
> Does this code actually work?
It operates certainly...
> You call vnc_read_when twice in the same
> function. The first one should never get called (it can only be called
> from the main loop and there can only ever be one outstanding read
> function).
Original structure in vnc.c(CS11635) is,
vnc_display_init()
vnc_listen_read()
vnc_read_when()->protocol_version()
vnc_read_when()->protocol_client_init()
Patch's structure is,
vnc_display_init()
vnc_listen_read()
vnc_read_when()->protocol_version()
vnc_auth()
vnc_read_when()->protocol_authtype()
vnc_read_when()->protocol_response()
vnc_read_when()->protocol_client_init()
Is your point above-mentioned vnc_auth?
> There are a couple weird bits in the code too that I cannot reply to
> (your mailer is sending the attachment as a octet-stream, please inline
> too next time you send the patch).
My mailer is sending the attachment as a application/octet-stream,
It cannot be changed to another Content-Type.
Yes, I send next patch by inline.
Regards,
Masami Watanabe
On Fri, 29 Sep 2006 09:01:23 -0500, Anthony Liguori wrote:
> A couple comments:
>
> Does this code actually work? You call vnc_read_when twice in the same
> function. The first one should never get called (it can only be called
> from the main loop and there can only ever be one outstanding read
> function).
>
> There are a couple weird bits in the code too that I cannot reply to
> (your mailer is sending the attachment as a octet-stream, please inline
> too next time you send the patch).
>
> Otherwise, it looks really promising!
>
> Regards,
>
> Anthony Liguori
>
> Masami Watanabe wrote:
> > Hi,
> >
> > This is take 2 on VNC authentification.
> >
> > The specification is as mentioned at
> > http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
> > The difference is follows.
> > - correction that passes information through xenstore.
> > - after information is read, qemu deletes information on xenstore.
> >
> >
> > Signed-off-by: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
> >
> > Best regards,
> > Watanabe
> >
> >
> > On Tue, 26 Sep 2006 19:23:47 +0100, Ian Pratt wrote:
> >
> >>
> >>
> >>> Thanks all point about security, I'll do as follows.
> >>> I thought that the point was the following two.
> >>>
> >>>
> >>> 1. Storage place of encrypted password
> >>> Should I store it in /etc/xen/passwd ?
> >>> Or, should I wait for DB of Xen that will be released in
> >>> the future?
> >>>
> >> The xend life cycle management patches were posted by Alistair a couple
> >> of months back. They'll go in early in the 3.0.4 cycle.
> >>
> >>
> >>> In the latter case, the release time and information, I want you to
> >>> teach it.
> >>> Now, I think we have no choice but to use /etc/xen/passwd.
> >>>
> >> In the mean time, I'd just out them in the domain config file and change
> >> the default permissions and ownership.
> >>
> >>
> >>> 2. Method of Xen VNC Server receiving stored password
> >>> By way of xenstore. However, it is necessary to consider
> >>> xenstore-ls.
> >>>
> >> It can be passed transiently (i.e. it gets deleted from the store by
> >> qemu-dm)
> >> You need to be root to run xenstore-ls so I'm comfortable with this.
> >>
> >> Ian
> >>
> >> _______________________________________________
> >> Xen-devel mailing list
> >> Xen-devel@lists.xensource.com
> >> http://lists.xensource.com/xen-devel
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH][Take 2] VNC authentification
2006-09-29 22:11 ` Daniel P. Berrange
@ 2006-09-30 18:53 ` Masami Watanabe
2006-10-02 16:22 ` Daniel P. Berrange
0 siblings, 1 reply; 16+ messages in thread
From: Masami Watanabe @ 2006-09-30 18:53 UTC (permalink / raw)
To: Daniel P. Berrange; +Cc: Ian Pratt, Anthony Liguori, xen-devel, masami.watanabe
Hi Dan,
I post patch that reflects your point.
However, Now, I can not use standard VNC clients to server.
therefore, I cannot do final test. It becomes possible on next Tuesday.
Please forgive my post, it is current update.
> This patch doesn't compile because it is calling functions before
> they are even defined & the implicit definition this results in does
> not match the actual definition later
It is my mistake when take 1 patch was changed to take 2 patch.
> > dom0_vcpus_default = '0'
> > +
> > + vncpasswd_default = '#None#'
>
> Why not just use the proper Python None value ?
Thanks.
I stopped using magic string.
"if vncpasswd_default:" cannot distinguish the null string and undefined.
I thought that "is Not" was also the same. However, it was possible.
> Just call
>
> vncpassword_default = xen.xend.XendRoot.instance().get_vncpasswd_default()
>
> Then there is no need to keep 'vncpasswd_default' in the guest's sxp at all.
Thanks.
> > + if vncpasswd!='':
> > + self.vm.storeVm("vncpasswd", vncpasswd)
> > +
> > + # remove password
> > + config.remove(['vncpasswd', vncpasswd_vmconfig])
> > + del config[config.index(['vncpasswd_default', vncpasswd_default])]
> > +
> > return ret
> >
> > def createDeviceModel(self):
>
> See comment above about not storing 'vncpasswd_default' in this object
> at all.
Thanks.
Signed-off-by: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
Best regards,
Watanabe
---
diff -r 1d0e75523636 tools/examples/xend-config.sxp
--- a/tools/examples/xend-config.sxp Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/examples/xend-config.sxp Sun Oct 01 02:13:06 2006 +0900
@@ -130,3 +130,7 @@
# The tool used for initiating virtual TPM migration
#(external-migration-tool '')
+
+# The default password for VNC console on HVM domain.
+# Empty string is no authentication.
+(vncpasswd '')
diff -r 1d0e75523636 tools/examples/xmexample.hvm
--- a/tools/examples/xmexample.hvm Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/examples/xmexample.hvm Sun Oct 01 02:13:06 2006 +0900
@@ -145,6 +145,11 @@ vnc=1
#vncconsole=0
#----------------------------------------------------------------------------
+# set password for domain's VNC console
+# default is depents on vncpasswd in xend-config.sxp
+vncpasswd=''
+
+#----------------------------------------------------------------------------
# no graphics, use serial port
#nographic=0
diff -r 1d0e75523636 tools/examples/xmexample.vti
--- a/tools/examples/xmexample.vti Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/examples/xmexample.vti Sun Oct 01 02:13:06 2006 +0900
@@ -95,6 +95,11 @@ vnc=0
#vncconsole=0
#----------------------------------------------------------------------------
+# set password for domain's VNC console
+# default is depents on vncpasswd in xend-config.sxp
+vncpasswd=''
+
+#----------------------------------------------------------------------------
# no graphics, use serial port
#nographic=0
diff -r 1d0e75523636 tools/ioemu/Makefile.target
--- a/tools/ioemu/Makefile.target Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/ioemu/Makefile.target Sun Oct 01 02:13:06 2006 +0900
@@ -398,6 +398,7 @@ VL_OBJS+=sdl.o
VL_OBJS+=sdl.o
endif
VL_OBJS+=vnc.o
+VL_OBJS+=d3des.o
ifdef CONFIG_COCOA
VL_OBJS+=cocoa.o
COCOA_LIBS=-F/System/Library/Frameworks -framework Cocoa -framework IOKit
@@ -456,6 +457,9 @@ sdl.o: sdl.c keymaps.c sdl_keysym.h
$(CC) $(CFLAGS) $(DEFINES) $(SDL_CFLAGS) -c -o $@ $<
vnc.o: vnc.c keymaps.c sdl_keysym.h vnchextile.h
+ $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
+
+d3des.o: d3des.c d3des.h
$(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
sdlaudio.o: sdlaudio.c
diff -r 1d0e75523636 tools/ioemu/vl.c
--- a/tools/ioemu/vl.c Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/ioemu/vl.c Sun Oct 01 02:13:06 2006 +0900
@@ -169,6 +169,9 @@ time_t timeoffset = 0;
char domain_name[1024] = { 'H','V', 'M', 'X', 'E', 'N', '-'};
extern int domid;
+
+char vncpasswd[64];
+unsigned char challenge[AUTHCHALLENGESIZE];
/***********************************************************/
/* x86 ISA bus support */
@@ -5901,6 +5904,7 @@ int main(int argc, char **argv)
vncunused = 0;
kernel_filename = NULL;
kernel_cmdline = "";
+ *vncpasswd = '\0';
#ifndef CONFIG_DM
#ifdef TARGET_PPC
cdrom_index = 1;
@@ -6544,6 +6548,10 @@ int main(int argc, char **argv)
init_ioports();
+ /* read vncpasswd from xenstore */
+ if (0 > xenstore_read_vncpasswd(domid))
+ exit(1);
+
/* terminal init */
if (nographic) {
dumb_display_init(ds);
diff -r 1d0e75523636 tools/ioemu/vl.h
--- a/tools/ioemu/vl.h Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/ioemu/vl.h Sun Oct 01 02:13:06 2006 +0900
@@ -1209,6 +1209,7 @@ void xenstore_process_event(void *opaque
void xenstore_process_event(void *opaque);
void xenstore_check_new_media_present(int timeout);
void xenstore_write_vncport(int vnc_display);
+int xenstore_read_vncpasswd(int domid);
/* xen_platform.c */
void pci_xen_platform_init(PCIBus *bus);
@@ -1220,4 +1221,7 @@ extern char domain_name[];
void destroy_hvm_domain(void);
+/* VNC Authentication */
+#define AUTHCHALLENGESIZE 16
+
#endif /* VL_H */
diff -r 1d0e75523636 tools/ioemu/vnc.c
--- a/tools/ioemu/vnc.c Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/ioemu/vnc.c Sun Oct 01 02:13:06 2006 +0900
@@ -44,6 +44,7 @@
#include "vnc_keysym.h"
#include "keymaps.c"
+#include "d3des.h"
#define XK_MISCELLANY
#define XK_LATIN1
@@ -137,6 +138,10 @@ static void vnc_update_client(void *opaq
static void vnc_update_client(void *opaque);
static void vnc_client_read(void *opaque);
static void framebuffer_set_updated(VncState *vs, int x, int y, int w, int h);
+static int vnc_auth(VncState *vs);
+static int make_challenge(char *random, int size);
+static unsigned int base64value(char c1);
+static int base64decode(unsigned char *out, char *in);
#if 0
static inline void vnc_set_bit(uint32_t *d, int k)
@@ -1221,7 +1226,58 @@ static int protocol_version(VncState *vs
return 0;
}
- vnc_write_u32(vs, 1); /* None */
+ vnc_auth(vs); /* Challenge-Responce authentication */
+
+ return 0;
+}
+
+static int protocol_authtype(VncState *vs, char *type, size_t len)
+{
+ return 0;
+}
+
+static unsigned char d3desObfuscationKey[] = {23,82,107,6,35,78,88,7};
+
+static int protocol_response(VncState *vs, char *client_response, size_t len)
+{
+ extern char vncpasswd[64];
+ extern unsigned char challenge[AUTHCHALLENGESIZE];
+ unsigned char cryptchallenge[AUTHCHALLENGESIZE];
+ unsigned char vmpasswd[64];
+ unsigned char vmplain[9];
+ unsigned char key[8];
+ int vmpasswdlen, i, j;
+
+ memcpy(cryptchallenge, challenge, AUTHCHALLENGESIZE);
+
+ /* base64 decode VM password */
+ vmpasswdlen = base64decode(vmpasswd, vncpasswd);
+
+ /* Get plain VM password */
+ deskey(d3desObfuscationKey, DE1);
+ des(vmpasswd, vmplain);
+ vmplain[8] = 0;
+
+ /* Calculate the sent challenge */
+ for (i=0; i<8; i++)
+ key[i] = i<vmpasswdlen ? vmplain[i] : 0;
+ deskey(key, EN0);
+ for (j = 0; j < AUTHCHALLENGESIZE; j += 8)
+ des(cryptchallenge+j, cryptchallenge+j);
+
+ /* Check the actual response */
+ if (memcmp(cryptchallenge, client_response, AUTHCHALLENGESIZE) != 0) {
+ /* password error */
+ vnc_write_u32(vs, 1);
+ vnc_write_u32(vs, 22);
+ vnc_write(vs, "Authentication failure", 22);
+ vnc_flush(vs);
+ fprintf(logfile, "VNC Password error.\n");
+ vnc_client_error(vs);
+ return 0;
+ }
+
+ vnc_write_u32(vs, 0);
vnc_flush(vs);
vnc_read_when(vs, protocol_client_init, 1);
@@ -1344,3 +1400,94 @@ int vnc_start_viewer(int port)
return pid;
}
}
+
+static int vnc_auth(VncState *vs)
+{
+ extern char vncpasswd[64];
+ extern unsigned char challenge[AUTHCHALLENGESIZE];
+
+ if (*vncpasswd == '\0') {
+ /* AuthType is None */
+ vnc_write_u32(vs, 1);
+ vnc_flush(vs);
+ vnc_read_when(vs, protocol_client_init, 1);
+ } else {
+ /* AuthType is VncAuth */
+ vnc_write_u32(vs, 2);
+ vnc_flush(vs);
+
+ /* Read AuthType */
+ vnc_read_when(vs, protocol_authtype, 1);
+
+ /* Send Challenge */
+ make_challenge(challenge, AUTHCHALLENGESIZE);
+ vnc_write(vs, challenge, AUTHCHALLENGESIZE);
+ vnc_flush(vs);
+
+ /* Read Responce */
+ vnc_read_when(vs, protocol_response, AUTHCHALLENGESIZE);
+ }
+
+ return 0;
+}
+
+static int make_challenge(char *random, int size)
+{
+ FILE *fp;
+ int readsize;
+
+ fp = fopen("/dev/random", "r");
+ if (!fp) {
+ fprintf(stderr, "make_challenge: no OS supplied /dev/random\n");
+ exit(1);
+ }
+ readsize = fread(random, size, 1, fp);
+ fclose(fp);
+
+ return 0;
+}
+
+
+const char base64char[] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
+
+static unsigned int base64value(char c1)
+{
+ unsigned int i;
+
+ if (c1 == '=') return 0;
+ for (i=0; base64char[i]; i++) {
+ if (c1 == base64char[i]) break;
+ }
+
+ return i;
+}
+
+static int base64decode(unsigned char *out, char *in)
+{
+ int outpos = 0; /* current position of out area */
+ int i;
+ int inlen; /* indata length */
+
+ inlen = strlen(in);
+
+ /* base64 decode */
+ for (i=0; i<inlen; i+=4) {
+ if (in[i] == '=') break;
+ out[outpos] = (unsigned char)
+ ( (base64value(in[i])<<2) | ((base64value(in[i+1])&0x30)>>4) );
+ out[outpos+1] = (unsigned char)
+ ( ((base64value(in[i+1])&0x0f)<<4)|((base64value(in[i+2])&0x3c)>>2) );
+ out[outpos+2] = (unsigned char)
+ ( ((base64value(in[i+2])&0x03)<<6) | (base64value(in[i+3])&0x3f) );
+ outpos += 3;
+ }
+
+ /* correction length */
+ if (outpos) {
+ if (in[i-1] == '=') outpos--;
+ if (in[i-2] == '=') outpos--;
+ }
+
+ return outpos;
+}
diff -r 1d0e75523636 tools/ioemu/xenstore.c
--- a/tools/ioemu/xenstore.c Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/ioemu/xenstore.c Sun Oct 01 02:13:06 2006 +0900
@@ -213,3 +213,60 @@ void xenstore_write_vncport(int display)
free(portstr);
free(buf);
}
+
+int xenstore_read_vncpasswd(int domid)
+{
+ extern char vncpasswd[64];
+ char *buf = NULL, *path, *uuid = NULL, *passwd = NULL;
+ unsigned int i, len, rc = 0;
+
+ if (xsh == NULL) {
+ return -1;
+ }
+
+ path = xs_get_domain_path(xsh, domid);
+ if (path == NULL) {
+ fprintf(logfile, "xs_get_domain_path() error\n");
+ return -1;
+ }
+
+ pasprintf(&buf, "%s/vm", path);
+ uuid = xs_read(xsh, XBT_NULL, buf, &len);
+ if (uuid == NULL) {
+ fprintf(logfile, "xs_read(): uuid get error\n");
+ free(path);
+ return -1;
+ }
+
+ pasprintf(&buf, "%s/vncpasswd", uuid);
+ passwd = xs_read(xsh, XBT_NULL, buf, &len);
+ if (passwd == NULL) {
+ free(uuid);
+ free(path);
+ return rc;
+ }
+
+ for (i=0; i<len; i++) {
+ vncpasswd[i] = passwd[i];
+ passwd[i] = '\0';
+ }
+ vncpasswd[len] = '\0';
+
+ if (pasprintf(&buf, "%s/vncpasswd", uuid) == -1) {
+ fprintf(logfile, "pasprintf() vncpasswd failed\n");
+ goto out2;
+ rc = -1;
+ }
+ if (xs_write(xsh, XBT_NULL, buf, passwd, len) == 0) {
+ fprintf(logfile, "xs_write() vncpasswd failed\n");
+ rc = -1;
+ }
+
+
+ out2:
+ free(passwd);
+ free(uuid);
+ free(path);
+
+ return rc;
+}
diff -r 1d0e75523636 tools/python/xen/xend/XendRoot.py
--- a/tools/python/xen/xend/XendRoot.py Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/python/xen/xend/XendRoot.py Sun Oct 01 02:13:06 2006 +0900
@@ -95,6 +95,8 @@ class XendRoot:
dom0_min_mem_default = '0'
dom0_vcpus_default = '0'
+
+ vncpasswd_default = None
components = {}
@@ -272,6 +274,10 @@ class XendRoot:
def get_console_limit(self):
return self.get_config_int('console-limit', 1024)
+ def get_vncpasswd_default(self):
+ return self.get_config_value('vncpasswd',
+ self.vncpasswd_default)
+
def instance():
"""Get an instance of XendRoot.
Use this instead of the constructor.
diff -r 1d0e75523636 tools/python/xen/xend/image.py
--- a/tools/python/xen/xend/image.py Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/python/xen/xend/image.py Sun Oct 01 02:13:06 2006 +0900
@@ -348,8 +348,16 @@ class HVMImageHandler(ImageHandler):
sdl = sxp.child_value(config, 'sdl')
ret = []
nographic = sxp.child_value(config, 'nographic')
+
+ # get password from VM config(if password omitted, None)
+ vncpasswd_vmconfig = sxp.child_value(config, 'vncpasswd')
+ vncpasswd = vncpasswd_vmconfig
+
if nographic:
ret.append('-nographic')
+ # remove password
+ if vncpasswd_vmconfig:
+ config.remove(['vncpasswd', vncpasswd_vmconfig])
return ret
if vnc:
vncdisplay = sxp.child_value(config, 'vncdisplay',
@@ -358,6 +366,20 @@ class HVMImageHandler(ImageHandler):
vncunused = sxp.child_value(config, 'vncunused')
if vncunused:
ret += ['-vncunused']
+ # get password from xend-config(if password omitted, None)
+ vncpasswd_default = xen.xend.XendRoot.instance().get_vncpasswd_default()
+ # password check
+ if vncpasswd is None:
+ if vncpasswd_default is None:
+ raise VmError('vncpasswd is not setuped in VMconfig and xend-config.')
+ else:
+ vncpasswd = vncpasswd_default
+ if vncpasswd!='':
+ self.vm.storeVm("vncpasswd", vncpasswd)
+
+ # remove password
+ config.remove(['vncpasswd', vncpasswd_vmconfig])
+
return ret
def createDeviceModel(self):
diff -r 1d0e75523636 tools/python/xen/xm/create.py
--- a/tools/python/xen/xm/create.py Wed Sep 27 17:49:22 2006 +0100
+++ b/tools/python/xen/xm/create.py Sun Oct 01 02:13:06 2006 +0900
@@ -103,6 +103,10 @@ gopts.opt('console_autoconnect', short='
gopts.opt('console_autoconnect', short='c',
fn=set_true, default=0,
use="Connect to the console after the domain is created.")
+
+gopts.var('vncpasswd', val='NAME',
+ fn=set_value, default=None,
+ use="Password for VNC console on HVM domain.")
gopts.var('vncviewer', val='no|yes',
fn=set_bool, default=None,
@@ -638,6 +642,7 @@ def configure_hvm(config_image, vals):
for a in args:
if (vals.__dict__[a]):
config_image.append([a, vals.__dict__[a]])
+ config_image.append(['vncpasswd', vals.vncpasswd])
def run_bootloader(vals, config_image):
if not os.access(vals.bootloader, os.X_OK):
diff -r 1d0e75523636 tools/ioemu/d3des.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/d3des.c Sun Oct 01 02:13:06 2006 +0900
@@ -0,0 +1,434 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC. Also the bytebit[] array
+ * has been reversed so that the most significant bit in each byte of the
+ * key is ignored, not the least significant.
+ *
+ * These changes are:
+ * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* D3DES (V5.09) -
+ *
+ * A portable, public domain, version of the Data Encryption Standard.
+ *
+ * Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge.
+ * Thanks to: Dan Hoey for his excellent Initial and Inverse permutation
+ * code; Jim Gillogly & Phil Karn for the DES key schedule code; Dennis
+ * Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau,
+ * for humouring me on.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge.
+ * (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992.
+ */
+
+#include "d3des.h"
+
+static void scrunch(unsigned char *, unsigned long *);
+static void unscrun(unsigned long *, unsigned char *);
+static void desfunc(unsigned long *, unsigned long *);
+static void cookey(unsigned long *);
+
+static unsigned long KnL[32] = { 0L };
+
+static unsigned short bytebit[8] = {
+ 01, 02, 04, 010, 020, 040, 0100, 0200 };
+
+static unsigned long bigbyte[24] = {
+ 0x800000L, 0x400000L, 0x200000L, 0x100000L,
+ 0x80000L, 0x40000L, 0x20000L, 0x10000L,
+ 0x8000L, 0x4000L, 0x2000L, 0x1000L,
+ 0x800L, 0x400L, 0x200L, 0x100L,
+ 0x80L, 0x40L, 0x20L, 0x10L,
+ 0x8L, 0x4L, 0x2L, 0x1L };
+
+/* Use the key schedule specified in the Standard (ANSI X3.92-1981). */
+
+static unsigned char pc1[56] = {
+ 56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17,
+ 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35,
+ 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21,
+ 13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3 };
+
+static unsigned char totrot[16] = {
+ 1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28 };
+
+static unsigned char pc2[48] = {
+ 13, 16, 10, 23, 0, 4, 2, 27, 14, 5, 20, 9,
+ 22, 18, 11, 3, 25, 7, 15, 6, 26, 19, 12, 1,
+ 40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47,
+ 43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31 };
+
+void deskey(key, edf) /* Thanks to James Gillogly & Phil Karn! */
+unsigned char *key;
+int edf;
+{
+ register int i, j, l, m, n;
+ unsigned char pc1m[56], pcr[56];
+ unsigned long kn[32];
+
+ for ( j = 0; j < 56; j++ ) {
+ l = pc1[j];
+ m = l & 07;
+ pc1m[j] = (key[l >> 3] & bytebit[m]) ? 1 : 0;
+ }
+ for( i = 0; i < 16; i++ ) {
+ if( edf == DE1 ) m = (15 - i) << 1;
+ else m = i << 1;
+ n = m + 1;
+ kn[m] = kn[n] = 0L;
+ for( j = 0; j < 28; j++ ) {
+ l = j + totrot[i];
+ if( l < 28 ) pcr[j] = pc1m[l];
+ else pcr[j] = pc1m[l - 28];
+ }
+ for( j = 28; j < 56; j++ ) {
+ l = j + totrot[i];
+ if( l < 56 ) pcr[j] = pc1m[l];
+ else pcr[j] = pc1m[l - 28];
+ }
+ for( j = 0; j < 24; j++ ) {
+ if( pcr[pc2[j]] ) kn[m] |= bigbyte[j];
+ if( pcr[pc2[j+24]] ) kn[n] |= bigbyte[j];
+ }
+ }
+ cookey(kn);
+ return;
+ }
+
+static void cookey(raw1)
+register unsigned long *raw1;
+{
+ register unsigned long *cook, *raw0;
+ unsigned long dough[32];
+ register int i;
+
+ cook = dough;
+ for( i = 0; i < 16; i++, raw1++ ) {
+ raw0 = raw1++;
+ *cook = (*raw0 & 0x00fc0000L) << 6;
+ *cook |= (*raw0 & 0x00000fc0L) << 10;
+ *cook |= (*raw1 & 0x00fc0000L) >> 10;
+ *cook++ |= (*raw1 & 0x00000fc0L) >> 6;
+ *cook = (*raw0 & 0x0003f000L) << 12;
+ *cook |= (*raw0 & 0x0000003fL) << 16;
+ *cook |= (*raw1 & 0x0003f000L) >> 4;
+ *cook++ |= (*raw1 & 0x0000003fL);
+ }
+ usekey(dough);
+ return;
+ }
+
+void cpkey(into)
+register unsigned long *into;
+{
+ register unsigned long *from, *endp;
+
+ from = KnL, endp = &KnL[32];
+ while( from < endp ) *into++ = *from++;
+ return;
+ }
+
+void usekey(from)
+register unsigned long *from;
+{
+ register unsigned long *to, *endp;
+
+ to = KnL, endp = &KnL[32];
+ while( to < endp ) *to++ = *from++;
+ return;
+ }
+
+void des(inblock, outblock)
+unsigned char *inblock, *outblock;
+{
+ unsigned long work[2];
+
+ scrunch(inblock, work);
+ desfunc(work, KnL);
+ unscrun(work, outblock);
+ return;
+ }
+
+static void scrunch(outof, into)
+register unsigned char *outof;
+register unsigned long *into;
+{
+ *into = (*outof++ & 0xffL) << 24;
+ *into |= (*outof++ & 0xffL) << 16;
+ *into |= (*outof++ & 0xffL) << 8;
+ *into++ |= (*outof++ & 0xffL);
+ *into = (*outof++ & 0xffL) << 24;
+ *into |= (*outof++ & 0xffL) << 16;
+ *into |= (*outof++ & 0xffL) << 8;
+ *into |= (*outof & 0xffL);
+ return;
+ }
+
+static void unscrun(outof, into)
+register unsigned long *outof;
+register unsigned char *into;
+{
+ *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 8) & 0xffL);
+ *into++ = (unsigned char)(*outof++ & 0xffL);
+ *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 8) & 0xffL);
+ *into = (unsigned char)(*outof & 0xffL);
+ return;
+ }
+
+static unsigned long SP1[64] = {
+ 0x01010400L, 0x00000000L, 0x00010000L, 0x01010404L,
+ 0x01010004L, 0x00010404L, 0x00000004L, 0x00010000L,
+ 0x00000400L, 0x01010400L, 0x01010404L, 0x00000400L,
+ 0x01000404L, 0x01010004L, 0x01000000L, 0x00000004L,
+ 0x00000404L, 0x01000400L, 0x01000400L, 0x00010400L,
+ 0x00010400L, 0x01010000L, 0x01010000L, 0x01000404L,
+ 0x00010004L, 0x01000004L, 0x01000004L, 0x00010004L,
+ 0x00000000L, 0x00000404L, 0x00010404L, 0x01000000L,
+ 0x00010000L, 0x01010404L, 0x00000004L, 0x01010000L,
+ 0x01010400L, 0x01000000L, 0x01000000L, 0x00000400L,
+ 0x01010004L, 0x00010000L, 0x00010400L, 0x01000004L,
+ 0x00000400L, 0x00000004L, 0x01000404L, 0x00010404L,
+ 0x01010404L, 0x00010004L, 0x01010000L, 0x01000404L,
+ 0x01000004L, 0x00000404L, 0x00010404L, 0x01010400L,
+ 0x00000404L, 0x01000400L, 0x01000400L, 0x00000000L,
+ 0x00010004L, 0x00010400L, 0x00000000L, 0x01010004L };
+
+static unsigned long SP2[64] = {
+ 0x80108020L, 0x80008000L, 0x00008000L, 0x00108020L,
+ 0x00100000L, 0x00000020L, 0x80100020L, 0x80008020L,
+ 0x80000020L, 0x80108020L, 0x80108000L, 0x80000000L,
+ 0x80008000L, 0x00100000L, 0x00000020L, 0x80100020L,
+ 0x00108000L, 0x00100020L, 0x80008020L, 0x00000000L,
+ 0x80000000L, 0x00008000L, 0x00108020L, 0x80100000L,
+ 0x00100020L, 0x80000020L, 0x00000000L, 0x00108000L,
+ 0x00008020L, 0x80108000L, 0x80100000L, 0x00008020L,
+ 0x00000000L, 0x00108020L, 0x80100020L, 0x00100000L,
+ 0x80008020L, 0x80100000L, 0x80108000L, 0x00008000L,
+ 0x80100000L, 0x80008000L, 0x00000020L, 0x80108020L,
+ 0x00108020L, 0x00000020L, 0x00008000L, 0x80000000L,
+ 0x00008020L, 0x80108000L, 0x00100000L, 0x80000020L,
+ 0x00100020L, 0x80008020L, 0x80000020L, 0x00100020L,
+ 0x00108000L, 0x00000000L, 0x80008000L, 0x00008020L,
+ 0x80000000L, 0x80100020L, 0x80108020L, 0x00108000L };
+
+static unsigned long SP3[64] = {
+ 0x00000208L, 0x08020200L, 0x00000000L, 0x08020008L,
+ 0x08000200L, 0x00000000L, 0x00020208L, 0x08000200L,
+ 0x00020008L, 0x08000008L, 0x08000008L, 0x00020000L,
+ 0x08020208L, 0x00020008L, 0x08020000L, 0x00000208L,
+ 0x08000000L, 0x00000008L, 0x08020200L, 0x00000200L,
+ 0x00020200L, 0x08020000L, 0x08020008L, 0x00020208L,
+ 0x08000208L, 0x00020200L, 0x00020000L, 0x08000208L,
+ 0x00000008L, 0x08020208L, 0x00000200L, 0x08000000L,
+ 0x08020200L, 0x08000000L, 0x00020008L, 0x00000208L,
+ 0x00020000L, 0x08020200L, 0x08000200L, 0x00000000L,
+ 0x00000200L, 0x00020008L, 0x08020208L, 0x08000200L,
+ 0x08000008L, 0x00000200L, 0x00000000L, 0x08020008L,
+ 0x08000208L, 0x00020000L, 0x08000000L, 0x08020208L,
+ 0x00000008L, 0x00020208L, 0x00020200L, 0x08000008L,
+ 0x08020000L, 0x08000208L, 0x00000208L, 0x08020000L,
+ 0x00020208L, 0x00000008L, 0x08020008L, 0x00020200L };
+
+static unsigned long SP4[64] = {
+ 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+ 0x00802080L, 0x00800081L, 0x00800001L, 0x00002001L,
+ 0x00000000L, 0x00802000L, 0x00802000L, 0x00802081L,
+ 0x00000081L, 0x00000000L, 0x00800080L, 0x00800001L,
+ 0x00000001L, 0x00002000L, 0x00800000L, 0x00802001L,
+ 0x00000080L, 0x00800000L, 0x00002001L, 0x00002080L,
+ 0x00800081L, 0x00000001L, 0x00002080L, 0x00800080L,
+ 0x00002000L, 0x00802080L, 0x00802081L, 0x00000081L,
+ 0x00800080L, 0x00800001L, 0x00802000L, 0x00802081L,
+ 0x00000081L, 0x00000000L, 0x00000000L, 0x00802000L,
+ 0x00002080L, 0x00800080L, 0x00800081L, 0x00000001L,
+ 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+ 0x00802081L, 0x00000081L, 0x00000001L, 0x00002000L,
+ 0x00800001L, 0x00002001L, 0x00802080L, 0x00800081L,
+ 0x00002001L, 0x00002080L, 0x00800000L, 0x00802001L,
+ 0x00000080L, 0x00800000L, 0x00002000L, 0x00802080L };
+
+static unsigned long SP5[64] = {
+ 0x00000100L, 0x02080100L, 0x02080000L, 0x42000100L,
+ 0x00080000L, 0x00000100L, 0x40000000L, 0x02080000L,
+ 0x40080100L, 0x00080000L, 0x02000100L, 0x40080100L,
+ 0x42000100L, 0x42080000L, 0x00080100L, 0x40000000L,
+ 0x02000000L, 0x40080000L, 0x40080000L, 0x00000000L,
+ 0x40000100L, 0x42080100L, 0x42080100L, 0x02000100L,
+ 0x42080000L, 0x40000100L, 0x00000000L, 0x42000000L,
+ 0x02080100L, 0x02000000L, 0x42000000L, 0x00080100L,
+ 0x00080000L, 0x42000100L, 0x00000100L, 0x02000000L,
+ 0x40000000L, 0x02080000L, 0x42000100L, 0x40080100L,
+ 0x02000100L, 0x40000000L, 0x42080000L, 0x02080100L,
+ 0x40080100L, 0x00000100L, 0x02000000L, 0x42080000L,
+ 0x42080100L, 0x00080100L, 0x42000000L, 0x42080100L,
+ 0x02080000L, 0x00000000L, 0x40080000L, 0x42000000L,
+ 0x00080100L, 0x02000100L, 0x40000100L, 0x00080000L,
+ 0x00000000L, 0x40080000L, 0x02080100L, 0x40000100L };
+
+static unsigned long SP6[64] = {
+ 0x20000010L, 0x20400000L, 0x00004000L, 0x20404010L,
+ 0x20400000L, 0x00000010L, 0x20404010L, 0x00400000L,
+ 0x20004000L, 0x00404010L, 0x00400000L, 0x20000010L,
+ 0x00400010L, 0x20004000L, 0x20000000L, 0x00004010L,
+ 0x00000000L, 0x00400010L, 0x20004010L, 0x00004000L,
+ 0x00404000L, 0x20004010L, 0x00000010L, 0x20400010L,
+ 0x20400010L, 0x00000000L, 0x00404010L, 0x20404000L,
+ 0x00004010L, 0x00404000L, 0x20404000L, 0x20000000L,
+ 0x20004000L, 0x00000010L, 0x20400010L, 0x00404000L,
+ 0x20404010L, 0x00400000L, 0x00004010L, 0x20000010L,
+ 0x00400000L, 0x20004000L, 0x20000000L, 0x00004010L,
+ 0x20000010L, 0x20404010L, 0x00404000L, 0x20400000L,
+ 0x00404010L, 0x20404000L, 0x00000000L, 0x20400010L,
+ 0x00000010L, 0x00004000L, 0x20400000L, 0x00404010L,
+ 0x00004000L, 0x00400010L, 0x20004010L, 0x00000000L,
+ 0x20404000L, 0x20000000L, 0x00400010L, 0x20004010L };
+
+static unsigned long SP7[64] = {
+ 0x00200000L, 0x04200002L, 0x04000802L, 0x00000000L,
+ 0x00000800L, 0x04000802L, 0x00200802L, 0x04200800L,
+ 0x04200802L, 0x00200000L, 0x00000000L, 0x04000002L,
+ 0x00000002L, 0x04000000L, 0x04200002L, 0x00000802L,
+ 0x04000800L, 0x00200802L, 0x00200002L, 0x04000800L,
+ 0x04000002L, 0x04200000L, 0x04200800L, 0x00200002L,
+ 0x04200000L, 0x00000800L, 0x00000802L, 0x04200802L,
+ 0x00200800L, 0x00000002L, 0x04000000L, 0x00200800L,
+ 0x04000000L, 0x00200800L, 0x00200000L, 0x04000802L,
+ 0x04000802L, 0x04200002L, 0x04200002L, 0x00000002L,
+ 0x00200002L, 0x04000000L, 0x04000800L, 0x00200000L,
+ 0x04200800L, 0x00000802L, 0x00200802L, 0x04200800L,
+ 0x00000802L, 0x04000002L, 0x04200802L, 0x04200000L,
+ 0x00200800L, 0x00000000L, 0x00000002L, 0x04200802L,
+ 0x00000000L, 0x00200802L, 0x04200000L, 0x00000800L,
+ 0x04000002L, 0x04000800L, 0x00000800L, 0x00200002L };
+
+static unsigned long SP8[64] = {
+ 0x10001040L, 0x00001000L, 0x00040000L, 0x10041040L,
+ 0x10000000L, 0x10001040L, 0x00000040L, 0x10000000L,
+ 0x00040040L, 0x10040000L, 0x10041040L, 0x00041000L,
+ 0x10041000L, 0x00041040L, 0x00001000L, 0x00000040L,
+ 0x10040000L, 0x10000040L, 0x10001000L, 0x00001040L,
+ 0x00041000L, 0x00040040L, 0x10040040L, 0x10041000L,
+ 0x00001040L, 0x00000000L, 0x00000000L, 0x10040040L,
+ 0x10000040L, 0x10001000L, 0x00041040L, 0x00040000L,
+ 0x00041040L, 0x00040000L, 0x10041000L, 0x00001000L,
+ 0x00000040L, 0x10040040L, 0x00001000L, 0x00041040L,
+ 0x10001000L, 0x00000040L, 0x10000040L, 0x10040000L,
+ 0x10040040L, 0x10000000L, 0x00040000L, 0x10001040L,
+ 0x00000000L, 0x10041040L, 0x00040040L, 0x10000040L,
+ 0x10040000L, 0x10001000L, 0x10001040L, 0x00000000L,
+ 0x10041040L, 0x00041000L, 0x00041000L, 0x00001040L,
+ 0x00001040L, 0x00040040L, 0x10000000L, 0x10041000L };
+
+static void desfunc(block, keys)
+register unsigned long *block, *keys;
+{
+ register unsigned long fval, work, right, leftt;
+ register int round;
+
+ leftt = block[0];
+ right = block[1];
+ work = ((leftt >> 4) ^ right) & 0x0f0f0f0fL;
+ right ^= work;
+ leftt ^= (work << 4);
+ work = ((leftt >> 16) ^ right) & 0x0000ffffL;
+ right ^= work;
+ leftt ^= (work << 16);
+ work = ((right >> 2) ^ leftt) & 0x33333333L;
+ leftt ^= work;
+ right ^= (work << 2);
+ work = ((right >> 8) ^ leftt) & 0x00ff00ffL;
+ leftt ^= work;
+ right ^= (work << 8);
+ right = ((right << 1) | ((right >> 31) & 1L)) & 0xffffffffL;
+ work = (leftt ^ right) & 0xaaaaaaaaL;
+ leftt ^= work;
+ right ^= work;
+ leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL;
+
+ for( round = 0; round < 8; round++ ) {
+ work = (right << 28) | (right >> 4);
+ work ^= *keys++;
+ fval = SP7[ work & 0x3fL];
+ fval |= SP5[(work >> 8) & 0x3fL];
+ fval |= SP3[(work >> 16) & 0x3fL];
+ fval |= SP1[(work >> 24) & 0x3fL];
+ work = right ^ *keys++;
+ fval |= SP8[ work & 0x3fL];
+ fval |= SP6[(work >> 8) & 0x3fL];
+ fval |= SP4[(work >> 16) & 0x3fL];
+ fval |= SP2[(work >> 24) & 0x3fL];
+ leftt ^= fval;
+ work = (leftt << 28) | (leftt >> 4);
+ work ^= *keys++;
+ fval = SP7[ work & 0x3fL];
+ fval |= SP5[(work >> 8) & 0x3fL];
+ fval |= SP3[(work >> 16) & 0x3fL];
+ fval |= SP1[(work >> 24) & 0x3fL];
+ work = leftt ^ *keys++;
+ fval |= SP8[ work & 0x3fL];
+ fval |= SP6[(work >> 8) & 0x3fL];
+ fval |= SP4[(work >> 16) & 0x3fL];
+ fval |= SP2[(work >> 24) & 0x3fL];
+ right ^= fval;
+ }
+
+ right = (right << 31) | (right >> 1);
+ work = (leftt ^ right) & 0xaaaaaaaaL;
+ leftt ^= work;
+ right ^= work;
+ leftt = (leftt << 31) | (leftt >> 1);
+ work = ((leftt >> 8) ^ right) & 0x00ff00ffL;
+ right ^= work;
+ leftt ^= (work << 8);
+ work = ((leftt >> 2) ^ right) & 0x33333333L;
+ right ^= work;
+ leftt ^= (work << 2);
+ work = ((right >> 16) ^ leftt) & 0x0000ffffL;
+ leftt ^= work;
+ right ^= (work << 16);
+ work = ((right >> 4) ^ leftt) & 0x0f0f0f0fL;
+ leftt ^= work;
+ right ^= (work << 4);
+ *block++ = right;
+ *block = leftt;
+ return;
+ }
+
+/* Validation sets:
+ *
+ * Single-length key, single-length plaintext -
+ * Key : 0123 4567 89ab cdef
+ * Plain : 0123 4567 89ab cde7
+ * Cipher : c957 4425 6a5e d31d
+ *
+ * Double-length key, single-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain : 0123 4567 89ab cde7
+ * Cipher : 7f1d 0a77 826b 8aff
+ *
+ * Double-length key, double-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : 27a0 8440 406a df60 278f 47cf 42d6 15d7
+ *
+ * Triple-length key, single-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain : 0123 4567 89ab cde7
+ * Cipher : de0b 7c06 ae5e 0ed5
+ *
+ * Triple-length key, double-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : ad0d 1b30 ac17 cf07 0ed1 1c63 81e4 4de5
+ *
+ * d3des V5.0a rwo 9208.07 18:44 Graven Imagery
+ **********************************************************************/
diff -r 1d0e75523636 tools/ioemu/d3des.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/d3des.h Sun Oct 01 02:13:06 2006 +0900
@@ -0,0 +1,51 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC.
+ *
+ * These changes are:
+ * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* d3des.h -
+ *
+ * Headers and defines for d3des.c
+ * Graven Imagery, 1992.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge
+ * (GEnie : OUTER; CIS : [71755,204])
+ */
+
+#define EN0 0 /* MODE == encrypt */
+#define DE1 1 /* MODE == decrypt */
+
+extern void deskey(unsigned char *, int);
+/* hexkey[8] MODE
+ * Sets the internal key register according to the hexadecimal
+ * key contained in the 8 bytes of hexkey, according to the DES,
+ * for encryption or decryption according to MODE.
+ */
+
+extern void usekey(unsigned long *);
+/* cookedkey[32]
+ * Loads the internal key register with the data in cookedkey.
+ */
+
+extern void cpkey(unsigned long *);
+/* cookedkey[32]
+ * Copies the contents of the internal key register into the storage
+ * located at &cookedkey[0].
+ */
+
+extern void des(unsigned char *, unsigned char *);
+/* from[8] to[8]
+ * Encrypts/Decrypts (according to the key currently loaded in the
+ * internal key register) one block of eight bytes at address 'from'
+ * into the block at address 'to'. They can be the same.
+ */
+
+/* d3des.h V5.09 rwo 9208.04 15:06 Graven Imagery
+ ********************************************************************/
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH][Take 2] VNC authentification
2006-09-30 18:53 ` Masami Watanabe
@ 2006-10-02 16:22 ` Daniel P. Berrange
2006-10-02 17:24 ` Anthony Liguori
0 siblings, 1 reply; 16+ messages in thread
From: Daniel P. Berrange @ 2006-10-02 16:22 UTC (permalink / raw)
To: Masami Watanabe; +Cc: Ian Pratt, Anthony Liguori, xen-devel
On Sun, Oct 01, 2006 at 03:53:33AM +0900, Masami Watanabe wrote:
> Hi Dan,
>
> I post patch that reflects your point.
> However, Now, I can not use standard VNC clients to server.
> therefore, I cannot do final test. It becomes possible on next Tuesday.
> Please forgive my post, it is current update.
The Python XenD bits of your latest patch all look good to me now - thanks
for taking time to address the issues.
I've compiled the patches against latest Xen going into Fedora Core 6,
and the password authentication does appear to be working as expected.
Only issue was that I forgot the password in the VM config file needed
to be the base64 encoded, DES-encrypted format - once I sorted that
out it worked fine.
> --- a/tools/examples/xend-config.sxp Wed Sep 27 17:49:22 2006 +0100
> +++ b/tools/examples/xend-config.sxp Sun Oct 01 02:13:06 2006 +0900
> @@ -130,3 +130,7 @@
>
> # The tool used for initiating virtual TPM migration
> #(external-migration-tool '')
> +
> +# The default password for VNC console on HVM domain.
> +# Empty string is no authentication.
> +(vncpasswd '')
We should add a note about this needing to be the base-64 encoded,
DES encrypted password, rather than plain text.
> diff -r 1d0e75523636 tools/examples/xmexample.hvm
> --- a/tools/examples/xmexample.hvm Wed Sep 27 17:49:22 2006 +0100
> +++ b/tools/examples/xmexample.hvm Sun Oct 01 02:13:06 2006 +0900
> @@ -145,6 +145,11 @@ vnc=1
> #vncconsole=0
>
> #----------------------------------------------------------------------------
> +# set password for domain's VNC console
> +# default is depents on vncpasswd in xend-config.sxp
> +vncpasswd=''
Again add a comment about the format.
> +static int make_challenge(char *random, int size)
> +{
> + FILE *fp;
> + int readsize;
> +
> + fp = fopen("/dev/random", "r");
> + if (!fp) {
> + fprintf(stderr, "make_challenge: no OS supplied /dev/random\n");
> + exit(1);
> + }
> + readsize = fread(random, size, 1, fp);
> + fclose(fp);
> +
> + return 0;
> +}
Using /dev/random for this is rather overkill for VNC. I very quickly
exhausted my machine's entropy pool after connecting & disconnecting
a couple of times over. The regular VNC server sources just call the
standard C 'random()' function CHALLENGESIZE times over to get some
random bytes (and seed the random pool at startup based on time & pid).
> +
> +int xenstore_read_vncpasswd(int domid)
> +{
> + extern char vncpasswd[64];
> + char *buf = NULL, *path, *uuid = NULL, *passwd = NULL;
> + unsigned int i, len, rc = 0;
> +
> + if (xsh == NULL) {
> + return -1;
> + }
> +
> + path = xs_get_domain_path(xsh, domid);
> + if (path == NULL) {
> + fprintf(logfile, "xs_get_domain_path() error\n");
> + return -1;
> + }
> +
> + pasprintf(&buf, "%s/vm", path);
> + uuid = xs_read(xsh, XBT_NULL, buf, &len);
> + if (uuid == NULL) {
> + fprintf(logfile, "xs_read(): uuid get error\n");
> + free(path);
> + return -1;
> + }
> +
> + pasprintf(&buf, "%s/vncpasswd", uuid);
> + passwd = xs_read(xsh, XBT_NULL, buf, &len);
> + if (passwd == NULL) {
> + free(uuid);
> + free(path);
> + return rc;
> + }
> +
> + for (i=0; i<len; i++) {
> + vncpasswd[i] = passwd[i];
> + passwd[i] = '\0';
> + }
> + vncpasswd[len] = '\0';
Should check for buffer overflow since 'vncpasswd' is only 64 bytes
long.
Regards,
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH][Take 2] VNC authentification
2006-10-02 16:22 ` Daniel P. Berrange
@ 2006-10-02 17:24 ` Anthony Liguori
2006-10-02 18:12 ` Daniel P. Berrange
0 siblings, 1 reply; 16+ messages in thread
From: Anthony Liguori @ 2006-10-02 17:24 UTC (permalink / raw)
To: Daniel P. Berrange; +Cc: Ian Pratt, xen-devel, Masami Watanabe
Daniel P. Berrange wrote:
> On Sun, Oct 01, 2006 at 03:53:33AM +0900, Masami Watanabe wrote:
>
>> Hi Dan,
>>
>> I post patch that reflects your point.
>> However, Now, I can not use standard VNC clients to server.
>> therefore, I cannot do final test. It becomes possible on next Tuesday.
>> Please forgive my post, it is current update.
>>
>
> The Python XenD bits of your latest patch all look good to me now - thanks
> for taking time to address the issues.
>
> I've compiled the patches against latest Xen going into Fedora Core 6,
> and the password authentication does appear to be working as expected.
> Only issue was that I forgot the password in the VM config file needed
> to be the base64 encoded, DES-encrypted format - once I sorted that
> out it worked fine.
>
>
>> --- a/tools/examples/xend-config.sxp Wed Sep 27 17:49:22 2006 +0100
>> +++ b/tools/examples/xend-config.sxp Sun Oct 01 02:13:06 2006 +0900
>> @@ -130,3 +130,7 @@
>>
>> # The tool used for initiating virtual TPM migration
>> #(external-migration-tool '')
>> +
>> +# The default password for VNC console on HVM domain.
>> +# Empty string is no authentication.
>> +(vncpasswd '')
>>
>
> We should add a note about this needing to be the base-64 encoded,
> DES encrypted password, rather than plain text.
>
Why even bother encrypting the password? We're using a well known DES
key so there is no security here. A user must still take appropriate
precautions to protect the config files. In fact, I think munging the
password like this gives a false sense of security.
Regards,
Anthony Liguori
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH][Take 2] VNC authentification
2006-10-02 17:24 ` Anthony Liguori
@ 2006-10-02 18:12 ` Daniel P. Berrange
2006-10-02 19:15 ` Ian Pratt
0 siblings, 1 reply; 16+ messages in thread
From: Daniel P. Berrange @ 2006-10-02 18:12 UTC (permalink / raw)
To: Anthony Liguori; +Cc: Ian Pratt, xen-devel, Masami Watanabe
On Mon, Oct 02, 2006 at 12:24:36PM -0500, Anthony Liguori wrote:
> Daniel P. Berrange wrote:
> >
> >>--- a/tools/examples/xend-config.sxp Wed Sep 27 17:49:22 2006 +0100
> >>+++ b/tools/examples/xend-config.sxp Sun Oct 01 02:13:06 2006 +0900
> >>@@ -130,3 +130,7 @@
> >>
> >> # The tool used for initiating virtual TPM migration
> >> #(external-migration-tool '')
> >>+
> >>+# The default password for VNC console on HVM domain.
> >>+# Empty string is no authentication.
> >>+(vncpasswd '')
> >>
> >
> >We should add a note about this needing to be the base-64 encoded,
> >DES encrypted password, rather than plain text.
> >
>
> Why even bother encrypting the password? We're using a well known DES
> key so there is no security here. A user must still take appropriate
> precautions to protect the config files. In fact, I think munging the
> password like this gives a false sense of security.
Yeah, we really need to chmod 700 the /etc/xen directory to protect
the passwords. Once this is done, there isn't much to be gained
from encryption in the file itself except for obfuscating it from
the benign casual observer. Using plain text in the config file would
make life easier to tools too, because they won't have to carry about
this VNC-specific DES encryption routine just to create passwds in the
guest config
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
^ permalink raw reply [flat|nested] 16+ messages in thread
* RE: [PATCH][Take 2] VNC authentification
2006-10-02 18:12 ` Daniel P. Berrange
@ 2006-10-02 19:15 ` Ian Pratt
2006-10-03 2:04 ` Masami Watanabe
2006-10-03 16:08 ` [PATCH][Take 3] " Masami Watanabe
0 siblings, 2 replies; 16+ messages in thread
From: Ian Pratt @ 2006-10-02 19:15 UTC (permalink / raw)
To: Daniel P. Berrange, Anthony Liguori; +Cc: xen-devel, Masami Watanabe
> > Why even bother encrypting the password? We're using a well known
DES
> > key so there is no security here. A user must still take
appropriate
> > precautions to protect the config files. In fact, I think munging
the
> > password like this gives a false sense of security.
>
> Yeah, we really need to chmod 700 the /etc/xen directory to protect
> the passwords. Once this is done, there isn't much to be gained
> from encryption in the file itself except for obfuscating it from
> the benign casual observer. Using plain text in the config file would
> make life easier to tools too, because they won't have to carry about
> this VNC-specific DES encryption routine just to create passwds in the
> guest config
Yep, let's change the permissions and use plain text passwords. No point
giving people a false sense of security.
Ian
^ permalink raw reply [flat|nested] 16+ messages in thread
* RE: [PATCH][Take 2] VNC authentification
2006-10-02 19:15 ` Ian Pratt
@ 2006-10-03 2:04 ` Masami Watanabe
2006-10-03 16:08 ` [PATCH][Take 3] " Masami Watanabe
1 sibling, 0 replies; 16+ messages in thread
From: Masami Watanabe @ 2006-10-03 2:04 UTC (permalink / raw)
To: Ian Pratt, Daniel P. Berrange, Anthony Liguori; +Cc: xen-devel, masami.watanabe
Hi,
Thanks all,
I will marshal code about the password from config file.
(It doesn't use base64 decode and DES decrypt to the password of
config file)
And, I think that chmod 600 is necessary also for /var/log/xend.log.
Regards,
Masami Watanabe
On Mon, 2 Oct 2006 20:15:13 +0100, Ian Pratt wrote:
> > > Why even bother encrypting the password? We're using a well known
> DES
> > > key so there is no security here. A user must still take
> appropriate
> > > precautions to protect the config files. In fact, I think munging
> the
> > > password like this gives a false sense of security.
> >
> > Yeah, we really need to chmod 700 the /etc/xen directory to protect
> > the passwords. Once this is done, there isn't much to be gained
> > from encryption in the file itself except for obfuscating it from
> > the benign casual observer. Using plain text in the config file would
> > make life easier to tools too, because they won't have to carry about
> > this VNC-specific DES encryption routine just to create passwds in the
> > guest config
>
> Yep, let's change the permissions and use plain text passwords. No point
> giving people a false sense of security.
>
> Ian
^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH][Take 3] VNC authentification
2006-10-02 19:15 ` Ian Pratt
2006-10-03 2:04 ` Masami Watanabe
@ 2006-10-03 16:08 ` Masami Watanabe
2006-10-03 17:56 ` Anthony Liguori
1 sibling, 1 reply; 16+ messages in thread
From: Masami Watanabe @ 2006-10-03 16:08 UTC (permalink / raw)
To: Ian Pratt, Daniel P. Berrange, Anthony Liguori; +Cc: xen-devel, masami.watanabe
Hi,
This is take 3 on VNC authentification.
The specification is as mentioned at
http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
The difference is follows.
- Correction corresponding to plain VNC password
base64 decode and DES decrypt was not used.
- /dev/random was not used.
Perhaps, in the source code that I had seen, standard C 'random()'
was used with Win32.
However, exhausted entropy pool is certainly no good.
Thanks all.
Signed-off-by: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
Best regards,
Watanabe
-----
diff -r f426f6e646eb tools/examples/xend-config.sxp
--- a/tools/examples/xend-config.sxp Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/examples/xend-config.sxp Tue Oct 03 23:32:54 2006 +0900
@@ -130,3 +130,7 @@
# The tool used for initiating virtual TPM migration
#(external-migration-tool '')
+
+# The default password for VNC console on HVM domain.
+# Empty string is no authentication.
+(vncpasswd '')
diff -r f426f6e646eb tools/examples/xmexample.hvm
--- a/tools/examples/xmexample.hvm Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/examples/xmexample.hvm Tue Oct 03 23:33:23 2006 +0900
@@ -145,6 +145,11 @@ vnc=1
#vncconsole=0
#----------------------------------------------------------------------------
+# set password for domain's VNC console
+# default is depents on vncpasswd in xend-config.sxp
+vncpasswd=''
+
+#----------------------------------------------------------------------------
# no graphics, use serial port
#nographic=0
diff -r f426f6e646eb tools/examples/xmexample.vti
--- a/tools/examples/xmexample.vti Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/examples/xmexample.vti Tue Oct 03 23:33:38 2006 +0900
@@ -95,6 +95,11 @@ vnc=0
#vncconsole=0
#----------------------------------------------------------------------------
+# set password for domain's VNC console
+# default is depents on vncpasswd in xend-config.sxp
+vncpasswd=''
+
+#----------------------------------------------------------------------------
# no graphics, use serial port
#nographic=0
diff -r f426f6e646eb tools/ioemu/Makefile.target
--- a/tools/ioemu/Makefile.target Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/ioemu/Makefile.target Tue Oct 03 23:34:09 2006 +0900
@@ -398,6 +398,7 @@ VL_OBJS+=sdl.o
VL_OBJS+=sdl.o
endif
VL_OBJS+=vnc.o
+VL_OBJS+=d3des.o
ifdef CONFIG_COCOA
VL_OBJS+=cocoa.o
COCOA_LIBS=-F/System/Library/Frameworks -framework Cocoa -framework IOKit
@@ -456,6 +457,9 @@ sdl.o: sdl.c keymaps.c sdl_keysym.h
$(CC) $(CFLAGS) $(DEFINES) $(SDL_CFLAGS) -c -o $@ $<
vnc.o: vnc.c keymaps.c sdl_keysym.h vnchextile.h
+ $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
+
+d3des.o: d3des.c d3des.h
$(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
sdlaudio.o: sdlaudio.c
diff -r f426f6e646eb tools/ioemu/vl.c
--- a/tools/ioemu/vl.c Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/ioemu/vl.c Tue Oct 03 23:35:01 2006 +0900
@@ -169,6 +169,9 @@ time_t timeoffset = 0;
char domain_name[1024] = { 'H','V', 'M', 'X', 'E', 'N', '-'};
extern int domid;
+
+char vncpasswd[64];
+unsigned char challenge[AUTHCHALLENGESIZE];
/***********************************************************/
/* x86 ISA bus support */
@@ -5901,6 +5904,7 @@ int main(int argc, char **argv)
vncunused = 0;
kernel_filename = NULL;
kernel_cmdline = "";
+ *vncpasswd = '\0';
#ifndef CONFIG_DM
#ifdef TARGET_PPC
cdrom_index = 1;
@@ -6544,6 +6548,10 @@ int main(int argc, char **argv)
init_ioports();
+ /* read vncpasswd from xenstore */
+ if (0 > xenstore_read_vncpasswd(domid))
+ exit(1);
+
/* terminal init */
if (nographic) {
dumb_display_init(ds);
diff -r f426f6e646eb tools/ioemu/vl.h
--- a/tools/ioemu/vl.h Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/ioemu/vl.h Tue Oct 03 23:35:17 2006 +0900
@@ -1209,6 +1209,7 @@ void xenstore_process_event(void *opaque
void xenstore_process_event(void *opaque);
void xenstore_check_new_media_present(int timeout);
void xenstore_write_vncport(int vnc_display);
+int xenstore_read_vncpasswd(int domid);
/* xen_platform.c */
void pci_xen_platform_init(PCIBus *bus);
@@ -1220,4 +1221,7 @@ extern char domain_name[];
void destroy_hvm_domain(void);
+/* VNC Authentication */
+#define AUTHCHALLENGESIZE 16
+
#endif /* VL_H */
diff -r f426f6e646eb tools/ioemu/vnc.c
--- a/tools/ioemu/vnc.c Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/ioemu/vnc.c Tue Oct 03 23:36:20 2006 +0900
@@ -44,6 +44,7 @@
#include "vnc_keysym.h"
#include "keymaps.c"
+#include "d3des.h"
#define XK_MISCELLANY
#define XK_LATIN1
@@ -137,6 +138,10 @@ static void vnc_update_client(void *opaq
static void vnc_update_client(void *opaque);
static void vnc_client_read(void *opaque);
static void framebuffer_set_updated(VncState *vs, int x, int y, int w, int h);
+static int vnc_auth(VncState *vs);
+static int make_challenge(char *random, int size);
+static void set_seed(unsigned int *seedp);
+static void get_random(int len, unsigned char *buf);
#if 0
static inline void vnc_set_bit(uint32_t *d, int k)
@@ -1221,7 +1226,47 @@ static int protocol_version(VncState *vs
return 0;
}
- vnc_write_u32(vs, 1); /* None */
+ vnc_auth(vs); /* Challenge-Responce authentication */
+
+ return 0;
+}
+
+static int protocol_authtype(VncState *vs, char *type, size_t len)
+{
+ return 0;
+}
+
+static int protocol_response(VncState *vs, char *client_response, size_t len)
+{
+ extern char vncpasswd[64];
+ extern unsigned char challenge[AUTHCHALLENGESIZE];
+ unsigned char cryptchallenge[AUTHCHALLENGESIZE];
+ unsigned char key[8];
+ int passwdlen, i, j;
+
+ memcpy(cryptchallenge, challenge, AUTHCHALLENGESIZE);
+
+ /* Calculate the sent challenge */
+ passwdlen = strlen(vncpasswd);
+ for (i=0; i<8; i++)
+ key[i] = i<passwdlen ? vncpasswd[i] : 0;
+ deskey(key, EN0);
+ for (j = 0; j < AUTHCHALLENGESIZE; j += 8)
+ des(cryptchallenge+j, cryptchallenge+j);
+
+ /* Check the actual response */
+ if (memcmp(cryptchallenge, client_response, AUTHCHALLENGESIZE) != 0) {
+ /* password error */
+ vnc_write_u32(vs, 1);
+ vnc_write_u32(vs, 22);
+ vnc_write(vs, "Authentication failure", 22);
+ vnc_flush(vs);
+ fprintf(logfile, "VNC Password error.\n");
+ vnc_client_error(vs);
+ return 0;
+ }
+
+ vnc_write_u32(vs, 0);
vnc_flush(vs);
vnc_read_when(vs, protocol_client_init, 1);
@@ -1344,3 +1389,63 @@ int vnc_start_viewer(int port)
return pid;
}
}
+
+static int vnc_auth(VncState *vs)
+{
+ extern char vncpasswd[64];
+ extern unsigned char challenge[AUTHCHALLENGESIZE];
+
+ if (*vncpasswd == '\0') {
+ /* AuthType is None */
+ vnc_write_u32(vs, 1);
+ vnc_flush(vs);
+ vnc_read_when(vs, protocol_client_init, 1);
+ } else {
+ /* AuthType is VncAuth */
+ vnc_write_u32(vs, 2);
+ vnc_flush(vs);
+
+ /* Read AuthType */
+ vnc_read_when(vs, protocol_authtype, 1);
+
+ /* Send Challenge */
+ make_challenge(challenge, AUTHCHALLENGESIZE);
+ vnc_write(vs, challenge, AUTHCHALLENGESIZE);
+ vnc_flush(vs);
+
+ /* Read Responce */
+ vnc_read_when(vs, protocol_response, AUTHCHALLENGESIZE);
+ }
+
+ return 0;
+}
+
+unsigned int seed;
+
+static int make_challenge(char *random, int size)
+{
+
+ set_seed(&seed);
+ get_random(size, random);
+
+ return 0;
+}
+
+static void set_seed(unsigned int *seedp)
+{
+ *seedp += (unsigned int)(time(NULL)+getpid()+getpid()*987654+rand());
+ srand(*seedp);
+
+ return;
+}
+
+static void get_random(int len, unsigned char *buf)
+{
+ int i;
+
+ for (i=0; i<len; i++)
+ buf[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
+
+ return;
+}
+
diff -r f426f6e646eb tools/ioemu/xenstore.c
--- a/tools/ioemu/xenstore.c Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/ioemu/xenstore.c Tue Oct 03 23:36:45 2006 +0900
@@ -213,3 +213,60 @@ void xenstore_write_vncport(int display)
free(portstr);
free(buf);
}
+
+int xenstore_read_vncpasswd(int domid)
+{
+ extern char vncpasswd[64];
+ char *buf = NULL, *path, *uuid = NULL, *passwd = NULL;
+ unsigned int i, len, rc = 0;
+
+ if (xsh == NULL) {
+ return -1;
+ }
+
+ path = xs_get_domain_path(xsh, domid);
+ if (path == NULL) {
+ fprintf(logfile, "xs_get_domain_path() error\n");
+ return -1;
+ }
+
+ pasprintf(&buf, "%s/vm", path);
+ uuid = xs_read(xsh, XBT_NULL, buf, &len);
+ if (uuid == NULL) {
+ fprintf(logfile, "xs_read(): uuid get error\n");
+ free(path);
+ return -1;
+ }
+
+ pasprintf(&buf, "%s/vncpasswd", uuid);
+ passwd = xs_read(xsh, XBT_NULL, buf, &len);
+ if (passwd == NULL) {
+ free(uuid);
+ free(path);
+ return rc;
+ }
+
+ for (i=0; i<len && i<63; i++) {
+ vncpasswd[i] = passwd[i];
+ passwd[i] = '\0';
+ }
+ vncpasswd[len] = '\0';
+
+ if (pasprintf(&buf, "%s/vncpasswd", uuid) == -1) {
+ fprintf(logfile, "pasprintf() vncpasswd failed\n");
+ goto out2;
+ rc = -1;
+ }
+ if (xs_write(xsh, XBT_NULL, buf, passwd, len) == 0) {
+ fprintf(logfile, "xs_write() vncpasswd failed\n");
+ rc = -1;
+ }
+
+
+ out2:
+ free(passwd);
+ free(uuid);
+ free(path);
+
+ return rc;
+}
diff -r f426f6e646eb tools/python/xen/xend/XendRoot.py
--- a/tools/python/xen/xend/XendRoot.py Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/python/xen/xend/XendRoot.py Tue Oct 03 23:38:49 2006 +0900
@@ -95,6 +95,8 @@ class XendRoot:
dom0_min_mem_default = '0'
dom0_vcpus_default = '0'
+
+ vncpasswd_default = None
components = {}
@@ -272,6 +274,10 @@ class XendRoot:
def get_console_limit(self):
return self.get_config_int('console-limit', 1024)
+ def get_vncpasswd_default(self):
+ return self.get_config_value('vncpasswd',
+ self.vncpasswd_default)
+
def instance():
"""Get an instance of XendRoot.
Use this instead of the constructor.
diff -r f426f6e646eb tools/python/xen/xend/image.py
--- a/tools/python/xen/xend/image.py Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/python/xen/xend/image.py Tue Oct 03 23:47:00 2006 +0900
@@ -349,8 +349,16 @@ class HVMImageHandler(ImageHandler):
sdl = sxp.child_value(config, 'sdl')
ret = []
nographic = sxp.child_value(config, 'nographic')
+
+ # get password from VM config(if password omitted, None)
+ vncpasswd_vmconfig = sxp.child_value(config, 'vncpasswd')
+ vncpasswd = vncpasswd_vmconfig
+
if nographic:
ret.append('-nographic')
+ # remove password
+ if vncpasswd_vmconfig:
+ config.remove(['vncpasswd', vncpasswd_vmconfig])
return ret
if vnc:
vncdisplay = sxp.child_value(config, 'vncdisplay',
@@ -359,6 +367,20 @@ class HVMImageHandler(ImageHandler):
vncunused = sxp.child_value(config, 'vncunused')
if vncunused:
ret += ['-vncunused']
+ # get password from xend-config(if password omitted, None)
+ vncpasswd_default = xen.xend.XendRoot.instance().get_vncpasswd_default()
+ # password check
+ if vncpasswd is None:
+ if vncpasswd_default is None:
+ raise VmError('vncpasswd is not setuped in VMconfig and xend-config.')
+ else:
+ vncpasswd = vncpasswd_default
+ if vncpasswd!='':
+ self.vm.storeVm("vncpasswd", vncpasswd)
+
+ # remove password
+ config.remove(['vncpasswd', vncpasswd_vmconfig])
+
return ret
def createDeviceModel(self):
diff -r f426f6e646eb tools/python/xen/xm/create.py
--- a/tools/python/xen/xm/create.py Mon Oct 02 18:04:56 2006 +0100
+++ b/tools/python/xen/xm/create.py Tue Oct 03 23:49:11 2006 +0900
@@ -103,6 +103,10 @@ gopts.opt('console_autoconnect', short='
gopts.opt('console_autoconnect', short='c',
fn=set_true, default=0,
use="Connect to the console after the domain is created.")
+
+gopts.var('vncpasswd', val='NAME',
+ fn=set_value, default=None,
+ use="Password for VNC console on HVM domain.")
gopts.var('vncviewer', val='no|yes',
fn=set_bool, default=None,
@@ -638,6 +642,7 @@ def configure_hvm(config_image, vals):
for a in args:
if (vals.__dict__[a]):
config_image.append([a, vals.__dict__[a]])
+ config_image.append(['vncpasswd', vals.vncpasswd])
def run_bootloader(vals, config_image):
if not os.access(vals.bootloader, os.X_OK):
diff -r f426f6e646eb tools/ioemu/d3des.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/d3des.c Tue Oct 03 23:34:25 2006 +0900
@@ -0,0 +1,434 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC. Also the bytebit[] array
+ * has been reversed so that the most significant bit in each byte of the
+ * key is ignored, not the least significant.
+ *
+ * These changes are:
+ * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* D3DES (V5.09) -
+ *
+ * A portable, public domain, version of the Data Encryption Standard.
+ *
+ * Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge.
+ * Thanks to: Dan Hoey for his excellent Initial and Inverse permutation
+ * code; Jim Gillogly & Phil Karn for the DES key schedule code; Dennis
+ * Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau,
+ * for humouring me on.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge.
+ * (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992.
+ */
+
+#include "d3des.h"
+
+static void scrunch(unsigned char *, unsigned long *);
+static void unscrun(unsigned long *, unsigned char *);
+static void desfunc(unsigned long *, unsigned long *);
+static void cookey(unsigned long *);
+
+static unsigned long KnL[32] = { 0L };
+
+static unsigned short bytebit[8] = {
+ 01, 02, 04, 010, 020, 040, 0100, 0200 };
+
+static unsigned long bigbyte[24] = {
+ 0x800000L, 0x400000L, 0x200000L, 0x100000L,
+ 0x80000L, 0x40000L, 0x20000L, 0x10000L,
+ 0x8000L, 0x4000L, 0x2000L, 0x1000L,
+ 0x800L, 0x400L, 0x200L, 0x100L,
+ 0x80L, 0x40L, 0x20L, 0x10L,
+ 0x8L, 0x4L, 0x2L, 0x1L };
+
+/* Use the key schedule specified in the Standard (ANSI X3.92-1981). */
+
+static unsigned char pc1[56] = {
+ 56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17,
+ 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35,
+ 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21,
+ 13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3 };
+
+static unsigned char totrot[16] = {
+ 1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28 };
+
+static unsigned char pc2[48] = {
+ 13, 16, 10, 23, 0, 4, 2, 27, 14, 5, 20, 9,
+ 22, 18, 11, 3, 25, 7, 15, 6, 26, 19, 12, 1,
+ 40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47,
+ 43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31 };
+
+void deskey(key, edf) /* Thanks to James Gillogly & Phil Karn! */
+unsigned char *key;
+int edf;
+{
+ register int i, j, l, m, n;
+ unsigned char pc1m[56], pcr[56];
+ unsigned long kn[32];
+
+ for ( j = 0; j < 56; j++ ) {
+ l = pc1[j];
+ m = l & 07;
+ pc1m[j] = (key[l >> 3] & bytebit[m]) ? 1 : 0;
+ }
+ for( i = 0; i < 16; i++ ) {
+ if( edf == DE1 ) m = (15 - i) << 1;
+ else m = i << 1;
+ n = m + 1;
+ kn[m] = kn[n] = 0L;
+ for( j = 0; j < 28; j++ ) {
+ l = j + totrot[i];
+ if( l < 28 ) pcr[j] = pc1m[l];
+ else pcr[j] = pc1m[l - 28];
+ }
+ for( j = 28; j < 56; j++ ) {
+ l = j + totrot[i];
+ if( l < 56 ) pcr[j] = pc1m[l];
+ else pcr[j] = pc1m[l - 28];
+ }
+ for( j = 0; j < 24; j++ ) {
+ if( pcr[pc2[j]] ) kn[m] |= bigbyte[j];
+ if( pcr[pc2[j+24]] ) kn[n] |= bigbyte[j];
+ }
+ }
+ cookey(kn);
+ return;
+ }
+
+static void cookey(raw1)
+register unsigned long *raw1;
+{
+ register unsigned long *cook, *raw0;
+ unsigned long dough[32];
+ register int i;
+
+ cook = dough;
+ for( i = 0; i < 16; i++, raw1++ ) {
+ raw0 = raw1++;
+ *cook = (*raw0 & 0x00fc0000L) << 6;
+ *cook |= (*raw0 & 0x00000fc0L) << 10;
+ *cook |= (*raw1 & 0x00fc0000L) >> 10;
+ *cook++ |= (*raw1 & 0x00000fc0L) >> 6;
+ *cook = (*raw0 & 0x0003f000L) << 12;
+ *cook |= (*raw0 & 0x0000003fL) << 16;
+ *cook |= (*raw1 & 0x0003f000L) >> 4;
+ *cook++ |= (*raw1 & 0x0000003fL);
+ }
+ usekey(dough);
+ return;
+ }
+
+void cpkey(into)
+register unsigned long *into;
+{
+ register unsigned long *from, *endp;
+
+ from = KnL, endp = &KnL[32];
+ while( from < endp ) *into++ = *from++;
+ return;
+ }
+
+void usekey(from)
+register unsigned long *from;
+{
+ register unsigned long *to, *endp;
+
+ to = KnL, endp = &KnL[32];
+ while( to < endp ) *to++ = *from++;
+ return;
+ }
+
+void des(inblock, outblock)
+unsigned char *inblock, *outblock;
+{
+ unsigned long work[2];
+
+ scrunch(inblock, work);
+ desfunc(work, KnL);
+ unscrun(work, outblock);
+ return;
+ }
+
+static void scrunch(outof, into)
+register unsigned char *outof;
+register unsigned long *into;
+{
+ *into = (*outof++ & 0xffL) << 24;
+ *into |= (*outof++ & 0xffL) << 16;
+ *into |= (*outof++ & 0xffL) << 8;
+ *into++ |= (*outof++ & 0xffL);
+ *into = (*outof++ & 0xffL) << 24;
+ *into |= (*outof++ & 0xffL) << 16;
+ *into |= (*outof++ & 0xffL) << 8;
+ *into |= (*outof & 0xffL);
+ return;
+ }
+
+static void unscrun(outof, into)
+register unsigned long *outof;
+register unsigned char *into;
+{
+ *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 8) & 0xffL);
+ *into++ = (unsigned char)(*outof++ & 0xffL);
+ *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 8) & 0xffL);
+ *into = (unsigned char)(*outof & 0xffL);
+ return;
+ }
+
+static unsigned long SP1[64] = {
+ 0x01010400L, 0x00000000L, 0x00010000L, 0x01010404L,
+ 0x01010004L, 0x00010404L, 0x00000004L, 0x00010000L,
+ 0x00000400L, 0x01010400L, 0x01010404L, 0x00000400L,
+ 0x01000404L, 0x01010004L, 0x01000000L, 0x00000004L,
+ 0x00000404L, 0x01000400L, 0x01000400L, 0x00010400L,
+ 0x00010400L, 0x01010000L, 0x01010000L, 0x01000404L,
+ 0x00010004L, 0x01000004L, 0x01000004L, 0x00010004L,
+ 0x00000000L, 0x00000404L, 0x00010404L, 0x01000000L,
+ 0x00010000L, 0x01010404L, 0x00000004L, 0x01010000L,
+ 0x01010400L, 0x01000000L, 0x01000000L, 0x00000400L,
+ 0x01010004L, 0x00010000L, 0x00010400L, 0x01000004L,
+ 0x00000400L, 0x00000004L, 0x01000404L, 0x00010404L,
+ 0x01010404L, 0x00010004L, 0x01010000L, 0x01000404L,
+ 0x01000004L, 0x00000404L, 0x00010404L, 0x01010400L,
+ 0x00000404L, 0x01000400L, 0x01000400L, 0x00000000L,
+ 0x00010004L, 0x00010400L, 0x00000000L, 0x01010004L };
+
+static unsigned long SP2[64] = {
+ 0x80108020L, 0x80008000L, 0x00008000L, 0x00108020L,
+ 0x00100000L, 0x00000020L, 0x80100020L, 0x80008020L,
+ 0x80000020L, 0x80108020L, 0x80108000L, 0x80000000L,
+ 0x80008000L, 0x00100000L, 0x00000020L, 0x80100020L,
+ 0x00108000L, 0x00100020L, 0x80008020L, 0x00000000L,
+ 0x80000000L, 0x00008000L, 0x00108020L, 0x80100000L,
+ 0x00100020L, 0x80000020L, 0x00000000L, 0x00108000L,
+ 0x00008020L, 0x80108000L, 0x80100000L, 0x00008020L,
+ 0x00000000L, 0x00108020L, 0x80100020L, 0x00100000L,
+ 0x80008020L, 0x80100000L, 0x80108000L, 0x00008000L,
+ 0x80100000L, 0x80008000L, 0x00000020L, 0x80108020L,
+ 0x00108020L, 0x00000020L, 0x00008000L, 0x80000000L,
+ 0x00008020L, 0x80108000L, 0x00100000L, 0x80000020L,
+ 0x00100020L, 0x80008020L, 0x80000020L, 0x00100020L,
+ 0x00108000L, 0x00000000L, 0x80008000L, 0x00008020L,
+ 0x80000000L, 0x80100020L, 0x80108020L, 0x00108000L };
+
+static unsigned long SP3[64] = {
+ 0x00000208L, 0x08020200L, 0x00000000L, 0x08020008L,
+ 0x08000200L, 0x00000000L, 0x00020208L, 0x08000200L,
+ 0x00020008L, 0x08000008L, 0x08000008L, 0x00020000L,
+ 0x08020208L, 0x00020008L, 0x08020000L, 0x00000208L,
+ 0x08000000L, 0x00000008L, 0x08020200L, 0x00000200L,
+ 0x00020200L, 0x08020000L, 0x08020008L, 0x00020208L,
+ 0x08000208L, 0x00020200L, 0x00020000L, 0x08000208L,
+ 0x00000008L, 0x08020208L, 0x00000200L, 0x08000000L,
+ 0x08020200L, 0x08000000L, 0x00020008L, 0x00000208L,
+ 0x00020000L, 0x08020200L, 0x08000200L, 0x00000000L,
+ 0x00000200L, 0x00020008L, 0x08020208L, 0x08000200L,
+ 0x08000008L, 0x00000200L, 0x00000000L, 0x08020008L,
+ 0x08000208L, 0x00020000L, 0x08000000L, 0x08020208L,
+ 0x00000008L, 0x00020208L, 0x00020200L, 0x08000008L,
+ 0x08020000L, 0x08000208L, 0x00000208L, 0x08020000L,
+ 0x00020208L, 0x00000008L, 0x08020008L, 0x00020200L };
+
+static unsigned long SP4[64] = {
+ 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+ 0x00802080L, 0x00800081L, 0x00800001L, 0x00002001L,
+ 0x00000000L, 0x00802000L, 0x00802000L, 0x00802081L,
+ 0x00000081L, 0x00000000L, 0x00800080L, 0x00800001L,
+ 0x00000001L, 0x00002000L, 0x00800000L, 0x00802001L,
+ 0x00000080L, 0x00800000L, 0x00002001L, 0x00002080L,
+ 0x00800081L, 0x00000001L, 0x00002080L, 0x00800080L,
+ 0x00002000L, 0x00802080L, 0x00802081L, 0x00000081L,
+ 0x00800080L, 0x00800001L, 0x00802000L, 0x00802081L,
+ 0x00000081L, 0x00000000L, 0x00000000L, 0x00802000L,
+ 0x00002080L, 0x00800080L, 0x00800081L, 0x00000001L,
+ 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+ 0x00802081L, 0x00000081L, 0x00000001L, 0x00002000L,
+ 0x00800001L, 0x00002001L, 0x00802080L, 0x00800081L,
+ 0x00002001L, 0x00002080L, 0x00800000L, 0x00802001L,
+ 0x00000080L, 0x00800000L, 0x00002000L, 0x00802080L };
+
+static unsigned long SP5[64] = {
+ 0x00000100L, 0x02080100L, 0x02080000L, 0x42000100L,
+ 0x00080000L, 0x00000100L, 0x40000000L, 0x02080000L,
+ 0x40080100L, 0x00080000L, 0x02000100L, 0x40080100L,
+ 0x42000100L, 0x42080000L, 0x00080100L, 0x40000000L,
+ 0x02000000L, 0x40080000L, 0x40080000L, 0x00000000L,
+ 0x40000100L, 0x42080100L, 0x42080100L, 0x02000100L,
+ 0x42080000L, 0x40000100L, 0x00000000L, 0x42000000L,
+ 0x02080100L, 0x02000000L, 0x42000000L, 0x00080100L,
+ 0x00080000L, 0x42000100L, 0x00000100L, 0x02000000L,
+ 0x40000000L, 0x02080000L, 0x42000100L, 0x40080100L,
+ 0x02000100L, 0x40000000L, 0x42080000L, 0x02080100L,
+ 0x40080100L, 0x00000100L, 0x02000000L, 0x42080000L,
+ 0x42080100L, 0x00080100L, 0x42000000L, 0x42080100L,
+ 0x02080000L, 0x00000000L, 0x40080000L, 0x42000000L,
+ 0x00080100L, 0x02000100L, 0x40000100L, 0x00080000L,
+ 0x00000000L, 0x40080000L, 0x02080100L, 0x40000100L };
+
+static unsigned long SP6[64] = {
+ 0x20000010L, 0x20400000L, 0x00004000L, 0x20404010L,
+ 0x20400000L, 0x00000010L, 0x20404010L, 0x00400000L,
+ 0x20004000L, 0x00404010L, 0x00400000L, 0x20000010L,
+ 0x00400010L, 0x20004000L, 0x20000000L, 0x00004010L,
+ 0x00000000L, 0x00400010L, 0x20004010L, 0x00004000L,
+ 0x00404000L, 0x20004010L, 0x00000010L, 0x20400010L,
+ 0x20400010L, 0x00000000L, 0x00404010L, 0x20404000L,
+ 0x00004010L, 0x00404000L, 0x20404000L, 0x20000000L,
+ 0x20004000L, 0x00000010L, 0x20400010L, 0x00404000L,
+ 0x20404010L, 0x00400000L, 0x00004010L, 0x20000010L,
+ 0x00400000L, 0x20004000L, 0x20000000L, 0x00004010L,
+ 0x20000010L, 0x20404010L, 0x00404000L, 0x20400000L,
+ 0x00404010L, 0x20404000L, 0x00000000L, 0x20400010L,
+ 0x00000010L, 0x00004000L, 0x20400000L, 0x00404010L,
+ 0x00004000L, 0x00400010L, 0x20004010L, 0x00000000L,
+ 0x20404000L, 0x20000000L, 0x00400010L, 0x20004010L };
+
+static unsigned long SP7[64] = {
+ 0x00200000L, 0x04200002L, 0x04000802L, 0x00000000L,
+ 0x00000800L, 0x04000802L, 0x00200802L, 0x04200800L,
+ 0x04200802L, 0x00200000L, 0x00000000L, 0x04000002L,
+ 0x00000002L, 0x04000000L, 0x04200002L, 0x00000802L,
+ 0x04000800L, 0x00200802L, 0x00200002L, 0x04000800L,
+ 0x04000002L, 0x04200000L, 0x04200800L, 0x00200002L,
+ 0x04200000L, 0x00000800L, 0x00000802L, 0x04200802L,
+ 0x00200800L, 0x00000002L, 0x04000000L, 0x00200800L,
+ 0x04000000L, 0x00200800L, 0x00200000L, 0x04000802L,
+ 0x04000802L, 0x04200002L, 0x04200002L, 0x00000002L,
+ 0x00200002L, 0x04000000L, 0x04000800L, 0x00200000L,
+ 0x04200800L, 0x00000802L, 0x00200802L, 0x04200800L,
+ 0x00000802L, 0x04000002L, 0x04200802L, 0x04200000L,
+ 0x00200800L, 0x00000000L, 0x00000002L, 0x04200802L,
+ 0x00000000L, 0x00200802L, 0x04200000L, 0x00000800L,
+ 0x04000002L, 0x04000800L, 0x00000800L, 0x00200002L };
+
+static unsigned long SP8[64] = {
+ 0x10001040L, 0x00001000L, 0x00040000L, 0x10041040L,
+ 0x10000000L, 0x10001040L, 0x00000040L, 0x10000000L,
+ 0x00040040L, 0x10040000L, 0x10041040L, 0x00041000L,
+ 0x10041000L, 0x00041040L, 0x00001000L, 0x00000040L,
+ 0x10040000L, 0x10000040L, 0x10001000L, 0x00001040L,
+ 0x00041000L, 0x00040040L, 0x10040040L, 0x10041000L,
+ 0x00001040L, 0x00000000L, 0x00000000L, 0x10040040L,
+ 0x10000040L, 0x10001000L, 0x00041040L, 0x00040000L,
+ 0x00041040L, 0x00040000L, 0x10041000L, 0x00001000L,
+ 0x00000040L, 0x10040040L, 0x00001000L, 0x00041040L,
+ 0x10001000L, 0x00000040L, 0x10000040L, 0x10040000L,
+ 0x10040040L, 0x10000000L, 0x00040000L, 0x10001040L,
+ 0x00000000L, 0x10041040L, 0x00040040L, 0x10000040L,
+ 0x10040000L, 0x10001000L, 0x10001040L, 0x00000000L,
+ 0x10041040L, 0x00041000L, 0x00041000L, 0x00001040L,
+ 0x00001040L, 0x00040040L, 0x10000000L, 0x10041000L };
+
+static void desfunc(block, keys)
+register unsigned long *block, *keys;
+{
+ register unsigned long fval, work, right, leftt;
+ register int round;
+
+ leftt = block[0];
+ right = block[1];
+ work = ((leftt >> 4) ^ right) & 0x0f0f0f0fL;
+ right ^= work;
+ leftt ^= (work << 4);
+ work = ((leftt >> 16) ^ right) & 0x0000ffffL;
+ right ^= work;
+ leftt ^= (work << 16);
+ work = ((right >> 2) ^ leftt) & 0x33333333L;
+ leftt ^= work;
+ right ^= (work << 2);
+ work = ((right >> 8) ^ leftt) & 0x00ff00ffL;
+ leftt ^= work;
+ right ^= (work << 8);
+ right = ((right << 1) | ((right >> 31) & 1L)) & 0xffffffffL;
+ work = (leftt ^ right) & 0xaaaaaaaaL;
+ leftt ^= work;
+ right ^= work;
+ leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL;
+
+ for( round = 0; round < 8; round++ ) {
+ work = (right << 28) | (right >> 4);
+ work ^= *keys++;
+ fval = SP7[ work & 0x3fL];
+ fval |= SP5[(work >> 8) & 0x3fL];
+ fval |= SP3[(work >> 16) & 0x3fL];
+ fval |= SP1[(work >> 24) & 0x3fL];
+ work = right ^ *keys++;
+ fval |= SP8[ work & 0x3fL];
+ fval |= SP6[(work >> 8) & 0x3fL];
+ fval |= SP4[(work >> 16) & 0x3fL];
+ fval |= SP2[(work >> 24) & 0x3fL];
+ leftt ^= fval;
+ work = (leftt << 28) | (leftt >> 4);
+ work ^= *keys++;
+ fval = SP7[ work & 0x3fL];
+ fval |= SP5[(work >> 8) & 0x3fL];
+ fval |= SP3[(work >> 16) & 0x3fL];
+ fval |= SP1[(work >> 24) & 0x3fL];
+ work = leftt ^ *keys++;
+ fval |= SP8[ work & 0x3fL];
+ fval |= SP6[(work >> 8) & 0x3fL];
+ fval |= SP4[(work >> 16) & 0x3fL];
+ fval |= SP2[(work >> 24) & 0x3fL];
+ right ^= fval;
+ }
+
+ right = (right << 31) | (right >> 1);
+ work = (leftt ^ right) & 0xaaaaaaaaL;
+ leftt ^= work;
+ right ^= work;
+ leftt = (leftt << 31) | (leftt >> 1);
+ work = ((leftt >> 8) ^ right) & 0x00ff00ffL;
+ right ^= work;
+ leftt ^= (work << 8);
+ work = ((leftt >> 2) ^ right) & 0x33333333L;
+ right ^= work;
+ leftt ^= (work << 2);
+ work = ((right >> 16) ^ leftt) & 0x0000ffffL;
+ leftt ^= work;
+ right ^= (work << 16);
+ work = ((right >> 4) ^ leftt) & 0x0f0f0f0fL;
+ leftt ^= work;
+ right ^= (work << 4);
+ *block++ = right;
+ *block = leftt;
+ return;
+ }
+
+/* Validation sets:
+ *
+ * Single-length key, single-length plaintext -
+ * Key : 0123 4567 89ab cdef
+ * Plain : 0123 4567 89ab cde7
+ * Cipher : c957 4425 6a5e d31d
+ *
+ * Double-length key, single-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain : 0123 4567 89ab cde7
+ * Cipher : 7f1d 0a77 826b 8aff
+ *
+ * Double-length key, double-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : 27a0 8440 406a df60 278f 47cf 42d6 15d7
+ *
+ * Triple-length key, single-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain : 0123 4567 89ab cde7
+ * Cipher : de0b 7c06 ae5e 0ed5
+ *
+ * Triple-length key, double-length plaintext -
+ * Key : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : ad0d 1b30 ac17 cf07 0ed1 1c63 81e4 4de5
+ *
+ * d3des V5.0a rwo 9208.07 18:44 Graven Imagery
+ **********************************************************************/
diff -r f426f6e646eb tools/ioemu/d3des.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tools/ioemu/d3des.h Tue Oct 03 23:34:25 2006 +0900
@@ -0,0 +1,51 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC.
+ *
+ * These changes are:
+ * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* d3des.h -
+ *
+ * Headers and defines for d3des.c
+ * Graven Imagery, 1992.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge
+ * (GEnie : OUTER; CIS : [71755,204])
+ */
+
+#define EN0 0 /* MODE == encrypt */
+#define DE1 1 /* MODE == decrypt */
+
+extern void deskey(unsigned char *, int);
+/* hexkey[8] MODE
+ * Sets the internal key register according to the hexadecimal
+ * key contained in the 8 bytes of hexkey, according to the DES,
+ * for encryption or decryption according to MODE.
+ */
+
+extern void usekey(unsigned long *);
+/* cookedkey[32]
+ * Loads the internal key register with the data in cookedkey.
+ */
+
+extern void cpkey(unsigned long *);
+/* cookedkey[32]
+ * Copies the contents of the internal key register into the storage
+ * located at &cookedkey[0].
+ */
+
+extern void des(unsigned char *, unsigned char *);
+/* from[8] to[8]
+ * Encrypts/Decrypts (according to the key currently loaded in the
+ * internal key register) one block of eight bytes at address 'from'
+ * into the block at address 'to'. They can be the same.
+ */
+
+/* d3des.h V5.09 rwo 9208.04 15:06 Graven Imagery
+ ********************************************************************/
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH][Take 3] VNC authentification
2006-10-03 16:08 ` [PATCH][Take 3] " Masami Watanabe
@ 2006-10-03 17:56 ` Anthony Liguori
2006-10-03 18:06 ` Daniel P. Berrange
0 siblings, 1 reply; 16+ messages in thread
From: Anthony Liguori @ 2006-10-03 17:56 UTC (permalink / raw)
To: Masami Watanabe; +Cc: Ian Pratt, xen-devel, Daniel P. Berrange
Masami Watanabe wrote:
> +static int vnc_auth(VncState *vs)
> +{
> + extern char vncpasswd[64];
> + extern unsigned char challenge[AUTHCHALLENGESIZE];
> +
> + if (*vncpasswd == '\0') {
> + /* AuthType is None */
> + vnc_write_u32(vs, 1);
> + vnc_flush(vs);
> + vnc_read_when(vs, protocol_client_init, 1);
> + } else {
> + /* AuthType is VncAuth */
> + vnc_write_u32(vs, 2);
> + vnc_flush(vs);
> +
> + /* Read AuthType */
> + vnc_read_when(vs, protocol_authtype, 1);
>
As I mentioned before, you cannot have to vnc_read_when()'s execution
path without returning the the mainloop.
protocol_authtype() cannot possibly be invoked. If the code is working
now, it's pure luck.
There was just a very high profile RealVNC vulnerability that was due to
improper authtype handling. It's very important we do this right so we
don't duplicate this bug.
Regards,
Anthony Liguori
> + /* Send Challenge */
> + make_challenge(challenge, AUTHCHALLENGESIZE);
> + vnc_write(vs, challenge, AUTHCHALLENGESIZE);
> + vnc_flush(vs);
> +
> + /* Read Responce */
> + vnc_read_when(vs, protocol_response, AUTHCHALLENGESIZE);
> + }
> +
> + return 0;
> +}
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel
>
>
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH][Take 3] VNC authentification
2006-10-03 17:56 ` Anthony Liguori
@ 2006-10-03 18:06 ` Daniel P. Berrange
2006-10-03 18:49 ` Anthony Liguori
0 siblings, 1 reply; 16+ messages in thread
From: Daniel P. Berrange @ 2006-10-03 18:06 UTC (permalink / raw)
To: Anthony Liguori; +Cc: Ian Pratt, xen-devel, Masami Watanabe
On Tue, Oct 03, 2006 at 12:56:31PM -0500, Anthony Liguori wrote:
> Masami Watanabe wrote:
> >+static int vnc_auth(VncState *vs)
> >+{
> >+ extern char vncpasswd[64];
> >+ extern unsigned char challenge[AUTHCHALLENGESIZE];
> >+
> >+ if (*vncpasswd == '\0') {
> >+ /* AuthType is None */
> >+ vnc_write_u32(vs, 1);
> >+ vnc_flush(vs);
> >+ vnc_read_when(vs, protocol_client_init, 1);
> >+ } else {
> >+ /* AuthType is VncAuth */
> >+ vnc_write_u32(vs, 2);
> >+ vnc_flush(vs);
> >+
> >+ /* Read AuthType */
> >+ vnc_read_when(vs, protocol_authtype, 1);
> >
>
> As I mentioned before, you cannot have to vnc_read_when()'s execution
> path without returning the the mainloop.
>
> protocol_authtype() cannot possibly be invoked. If the code is working
> now, it's pure luck.
Yeah, the impl of protocol_authtype() in there is a no-op too - it should
be rejecting auth types which aren't supported, even if it was being invoked.
With the code as it is, protocol_authtype never runs & the server starts
doing VNCAuth regardless of what the client says it wants to do, which is
clearly not correct.
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH][Take 3] VNC authentification
2006-10-03 18:06 ` Daniel P. Berrange
@ 2006-10-03 18:49 ` Anthony Liguori
0 siblings, 0 replies; 16+ messages in thread
From: Anthony Liguori @ 2006-10-03 18:49 UTC (permalink / raw)
To: Daniel P. Berrange; +Cc: Ian Pratt, xen-devel, Masami Watanabe
Daniel P. Berrange wrote:
> On Tue, Oct 03, 2006 at 12:56:31PM -0500, Anthony Liguori wrote:
>
>> Masami Watanabe wrote:
>>
>>> +static int vnc_auth(VncState *vs)
>>> +{
>>> + extern char vncpasswd[64];
>>> + extern unsigned char challenge[AUTHCHALLENGESIZE];
>>> +
>>> + if (*vncpasswd == '\0') {
>>> + /* AuthType is None */
>>> + vnc_write_u32(vs, 1);
>>> + vnc_flush(vs);
>>> + vnc_read_when(vs, protocol_client_init, 1);
>>> + } else {
>>> + /* AuthType is VncAuth */
>>> + vnc_write_u32(vs, 2);
>>> + vnc_flush(vs);
>>> +
>>> + /* Read AuthType */
>>> + vnc_read_when(vs, protocol_authtype, 1);
>>>
>>>
>> As I mentioned before, you cannot have to vnc_read_when()'s execution
>> path without returning the the mainloop.
>>
>> protocol_authtype() cannot possibly be invoked. If the code is working
>> now, it's pure luck.
>>
>
> Yeah, the impl of protocol_authtype() in there is a no-op too - it should
> be rejecting auth types which aren't supported, even if it was being invoked.
> With the code as it is, protocol_authtype never runs & the server starts
> doing VNCAuth regardless of what the client says it wants to do, which is
> clearly not correct.
>
Another thing to keep in mind, is that the reason I did 3.3 instead of
3.8 is that I knew there was only one auth type we would be supporting.
If we do support multiple auth types, we really ought to move to using
the 3.8 protocol since that provides a negotiation mechanism.
Regards,
Anthony Liguori
> Dan.
>
^ permalink raw reply [flat|nested] 16+ messages in thread
end of thread, other threads:[~2006-10-03 18:49 UTC | newest]
Thread overview: 16+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-26 18:23 Individual passwords for guest VNC servers ? Ian Pratt
2006-09-28 1:01 ` Masami Watanabe
2006-09-29 8:47 ` [PATCH][Take 2] VNC authentification Masami Watanabe
2006-09-29 14:01 ` Anthony Liguori
2006-09-30 18:47 ` masami.watanabe
2006-09-29 22:11 ` Daniel P. Berrange
2006-09-30 18:53 ` Masami Watanabe
2006-10-02 16:22 ` Daniel P. Berrange
2006-10-02 17:24 ` Anthony Liguori
2006-10-02 18:12 ` Daniel P. Berrange
2006-10-02 19:15 ` Ian Pratt
2006-10-03 2:04 ` Masami Watanabe
2006-10-03 16:08 ` [PATCH][Take 3] " Masami Watanabe
2006-10-03 17:56 ` Anthony Liguori
2006-10-03 18:06 ` Daniel P. Berrange
2006-10-03 18:49 ` Anthony Liguori
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.