From mboxrd@z Thu Jan  1 00:00:00 1970
From: Anthony Liguori <aliguori@us.ibm.com>
Subject: Re: [PATCH][Take 2] VNC authentification
Date: Fri, 29 Sep 2006 09:01:23 -0500
Message-ID: <451D2733.3000308@us.ibm.com>
References: <3AAA99889D105740BE010EB6D5A5A3B202A3D2@paddington.ad.cl.cam.ac.uk>
	<JX200609291747343.1765484@jp.fujitsu.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <JX200609291747343.1765484@jp.fujitsu.com>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
Cc: Ian Pratt <m+Ian.Pratt@cl.cam.ac.uk>, xen-devel@lists.xensource.com, "Daniel P. Berrange" <berrange@redhat.com>
List-Id: xen-devel@lists.xenproject.org

A couple comments:

Does this code actually work?  You call vnc_read_when twice in the same 
function.  The first one should never get called (it can only be called 
from the main loop and there can only ever be one outstanding read 
function).

There are a couple weird bits in the code too that I cannot reply to 
(your mailer is sending the attachment as a octet-stream, please inline 
too next time you send the patch).

Otherwise, it looks really promising!

Regards,

Anthony Liguori

Masami Watanabe wrote:
> Hi,
>
> This is take 2 on VNC authentification.
>
> The specification is as mentioned at
> http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
> The difference is follows.
> - correction that passes information through xenstore.
> - after information is read, qemu deletes information on xenstore.
>
>
> Signed-off-by: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
>
> Best regards,
> Watanabe
>
>
> On Tue, 26 Sep 2006 19:23:47 +0100, Ian Pratt wrote:
>   
>>  
>>     
>>> Thanks all point about security, I'll do as follows.
>>> I thought that the point was the following two. 
>>>
>>>
>>> 1. Storage place of encrypted password
>>>   Should I store it in /etc/xen/passwd ?
>>>     Or, should I wait for DB of Xen that will be released in 
>>> the future?
>>>       
>> The xend life cycle management patches were posted by Alistair a couple
>> of months back. They'll go in early in the 3.0.4 cycle.
>>
>>     
>>>   In the latter case, the release time and information, I want you to
>>>   teach it.
>>>   Now, I think we have no choice but to use /etc/xen/passwd.
>>>       
>> In the mean time, I'd just out them in the domain config file and change
>> the default permissions and ownership.
>>
>>     
>>> 2. Method of Xen VNC Server receiving stored password
>>>   By way of xenstore. However, it is necessary to consider 
>>> xenstore-ls.
>>>       
>> It can be passed transiently (i.e. it gets deleted from the store by
>> qemu-dm)
>> You need to be root to run xenstore-ls so I'm comfortable with this.
>>
>> Ian
>>
>> _______________________________________________
>> Xen-devel mailing list
>> Xen-devel@lists.xensource.com
>> http://lists.xensource.com/xen-devel