qemu vnc auth

qemu vnc auth

[Yellis Services]

Hello,

I have adapted a xen path to kvm-qemu.
This patch enable auth in vnc

qemu ../.. -hda=/home/os.img -vnc -vncpasswd toto

work with vncviewer on linux and Win.
Don't work with vncviewer applet via http, must be fixed.

Emmanuel.


diff -Naur kvm-12/qemu/d3des.c kvm-12.1/qemu/d3des.c
--- kvm-12/qemu/d3des.c 1970-01-01 01:00:00.000000000 +0100
+++ kvm-12.1/qemu/d3des.c 2007-01-27 18:33:00.000000000 +0100
@@ -0,0 +1,434 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC.  Also the bytebit[] array
+ * has been reversed so that the most significant bit in each byte of the
+ * key is ignored, not the least significant.
+ *
+ * These changes are:
+ *  Copyright (C) 1999 AT&T Laboratories Cambridge.  All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* D3DES (V5.09) -
+ *
+ * A portable, public domain, version of the Data Encryption Standard.
+ *
+ * Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge.
+ * Thanks to: Dan Hoey for his excellent Initial and Inverse permutation
+ * code;  Jim Gillogly & Phil Karn for the DES key schedule code; Dennis
+ * Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau,
+ * for humouring me on.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge.
+ * (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992.
+ */
+
+#include "d3des.h"
+
+static void scrunch(unsigned char *, unsigned long *);
+static void unscrun(unsigned long *, unsigned char *);
+static void desfunc(unsigned long *, unsigned long *);
+static void cookey(unsigned long *);
+
+static unsigned long KnL[32] = { 0L };
+
+static unsigned short bytebit[8] = {
+ 01, 02, 04, 010, 020, 040, 0100, 0200 };
+
+static unsigned long bigbyte[24] = {
+ 0x800000L, 0x400000L, 0x200000L, 0x100000L,
+ 0x80000L, 0x40000L, 0x20000L, 0x10000L,
+ 0x8000L, 0x4000L, 0x2000L, 0x1000L,
+ 0x800L, 0x400L, 0x200L, 0x100L,
+ 0x80L, 0x40L, 0x20L, 0x10L,
+ 0x8L, 0x4L, 0x2L, 0x1L };
+
+/* Use the key schedule specified in the Standard (ANSI X3.92-1981). */
+
+static unsigned char pc1[56] = {
+ 56, 48, 40, 32, 24, 16,  8, 0, 57, 49, 41, 33, 25, 17,
+ 9,  1, 58, 50, 42, 34, 26, 18, 10,  2, 59, 51, 43, 35,
+ 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21,
+ 13,  5, 60, 52, 44, 36, 28, 20, 12,  4, 27, 19, 11,  3 };
+
+static unsigned char totrot[16] = {
+ 1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28 };
+
+static unsigned char pc2[48] = {
+ 13, 16, 10, 23,  0,  4,  2, 27, 14,  5, 20,  9,
+ 22, 18, 11,  3, 25,  7, 15,  6, 26, 19, 12,  1,
+ 40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47,
+ 43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31 };
+
+void deskey(key, edf) /* Thanks to James Gillogly & Phil Karn! */
+unsigned char *key;
+int edf;
+{
+ register int i, j, l, m, n;
+ unsigned char pc1m[56], pcr[56];
+ unsigned long kn[32];
+
+ for ( j = 0; j < 56; j++ ) {
+ l = pc1[j];
+ m = l & 07;
+ pc1m[j] = (key[l >> 3] & bytebit[m]) ? 1 : 0;
+ }
+ for( i = 0; i < 16; i++ ) {
+ if( edf == DE1 ) m = (15 - i) << 1;
+ else m = i << 1;
+ n = m + 1;
+ kn[m] = kn[n] = 0L;
+ for( j = 0; j < 28; j++ ) {
+ l = j + totrot[i];
+ if( l < 28 ) pcr[j] = pc1m[l];
+ else pcr[j] = pc1m[l - 28];
+ }
+ for( j = 28; j < 56; j++ ) {
+     l = j + totrot[i];
+     if( l < 56 ) pcr[j] = pc1m[l];
+     else pcr[j] = pc1m[l - 28];
+     }
+ for( j = 0; j < 24; j++ ) {
+ if( pcr[pc2[j]] ) kn[m] |= bigbyte[j];
+ if( pcr[pc2[j+24]] ) kn[n] |= bigbyte[j];
+ }
+ }
+ cookey(kn);
+ return;
+ }
+
+static void cookey(raw1)
+register unsigned long *raw1;
+{
+ register unsigned long *cook, *raw0;
+ unsigned long dough[32];
+ register int i;
+
+ cook = dough;
+ for( i = 0; i < 16; i++, raw1++ ) {
+ raw0 = raw1++;
+ *cook = (*raw0 & 0x00fc0000L) << 6;
+ *cook |= (*raw0 & 0x00000fc0L) << 10;
+ *cook |= (*raw1 & 0x00fc0000L) >> 10;
+ *cook++ |= (*raw1 & 0x00000fc0L) >> 6;
+ *cook = (*raw0 & 0x0003f000L) << 12;
+ *cook |= (*raw0 & 0x0000003fL) << 16;
+ *cook |= (*raw1 & 0x0003f000L) >> 4;
+ *cook++ |= (*raw1 & 0x0000003fL);
+ }
+ usekey(dough);
+ return;
+ }
+
+void cpkey(into)
+register unsigned long *into;
+{
+ register unsigned long *from, *endp;
+
+ from = KnL, endp = &KnL[32];
+ while( from < endp ) *into++ = *from++;
+ return;
+ }
+
+void usekey(from)
+register unsigned long *from;
+{
+ register unsigned long *to, *endp;
+
+ to = KnL, endp = &KnL[32];
+ while( to < endp ) *to++ = *from++;
+ return;
+ }
+
+void des(inblock, outblock)
+unsigned char *inblock, *outblock;
+{
+ unsigned long work[2];
+
+ scrunch(inblock, work);
+ desfunc(work, KnL);
+ unscrun(work, outblock);
+ return;
+ }
+
+static void scrunch(outof, into)
+register unsigned char *outof;
+register unsigned long *into;
+{
+ *into = (*outof++ & 0xffL) << 24;
+ *into |= (*outof++ & 0xffL) << 16;
+ *into |= (*outof++ & 0xffL) << 8;
+ *into++ |= (*outof++ & 0xffL);
+ *into = (*outof++ & 0xffL) << 24;
+ *into |= (*outof++ & 0xffL) << 16;
+ *into |= (*outof++ & 0xffL) << 8;
+ *into |= (*outof   & 0xffL);
+ return;
+ }
+
+static void unscrun(outof, into)
+register unsigned long *outof;
+register unsigned char *into;
+{
+ *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+ *into++ = (unsigned char)((*outof >>  8) & 0xffL);
+ *into++ = (unsigned char)(*outof++ & 0xffL);
+ *into++ = (unsigned char)((*outof >> 24) & 0xffL);
+ *into++ = (unsigned char)((*outof >> 16) & 0xffL);
+ *into++ = (unsigned char)((*outof >>  8) & 0xffL);
+ *into =  (unsigned char)(*outof & 0xffL);
+ return;
+ }
+
+static unsigned long SP1[64] = {
+ 0x01010400L, 0x00000000L, 0x00010000L, 0x01010404L,
+ 0x01010004L, 0x00010404L, 0x00000004L, 0x00010000L,
+ 0x00000400L, 0x01010400L, 0x01010404L, 0x00000400L,
+ 0x01000404L, 0x01010004L, 0x01000000L, 0x00000004L,
+ 0x00000404L, 0x01000400L, 0x01000400L, 0x00010400L,
+ 0x00010400L, 0x01010000L, 0x01010000L, 0x01000404L,
+ 0x00010004L, 0x01000004L, 0x01000004L, 0x00010004L,
+ 0x00000000L, 0x00000404L, 0x00010404L, 0x01000000L,
+ 0x00010000L, 0x01010404L, 0x00000004L, 0x01010000L,
+ 0x01010400L, 0x01000000L, 0x01000000L, 0x00000400L,
+ 0x01010004L, 0x00010000L, 0x00010400L, 0x01000004L,
+ 0x00000400L, 0x00000004L, 0x01000404L, 0x00010404L,
+ 0x01010404L, 0x00010004L, 0x01010000L, 0x01000404L,
+ 0x01000004L, 0x00000404L, 0x00010404L, 0x01010400L,
+ 0x00000404L, 0x01000400L, 0x01000400L, 0x00000000L,
+ 0x00010004L, 0x00010400L, 0x00000000L, 0x01010004L };
+
+static unsigned long SP2[64] = {
+ 0x80108020L, 0x80008000L, 0x00008000L, 0x00108020L,
+ 0x00100000L, 0x00000020L, 0x80100020L, 0x80008020L,
+ 0x80000020L, 0x80108020L, 0x80108000L, 0x80000000L,
+ 0x80008000L, 0x00100000L, 0x00000020L, 0x80100020L,
+ 0x00108000L, 0x00100020L, 0x80008020L, 0x00000000L,
+ 0x80000000L, 0x00008000L, 0x00108020L, 0x80100000L,
+ 0x00100020L, 0x80000020L, 0x00000000L, 0x00108000L,
+ 0x00008020L, 0x80108000L, 0x80100000L, 0x00008020L,
+ 0x00000000L, 0x00108020L, 0x80100020L, 0x00100000L,
+ 0x80008020L, 0x80100000L, 0x80108000L, 0x00008000L,
+ 0x80100000L, 0x80008000L, 0x00000020L, 0x80108020L,
+ 0x00108020L, 0x00000020L, 0x00008000L, 0x80000000L,
+ 0x00008020L, 0x80108000L, 0x00100000L, 0x80000020L,
+ 0x00100020L, 0x80008020L, 0x80000020L, 0x00100020L,
+ 0x00108000L, 0x00000000L, 0x80008000L, 0x00008020L,
+ 0x80000000L, 0x80100020L, 0x80108020L, 0x00108000L };
+
+static unsigned long SP3[64] = {
+ 0x00000208L, 0x08020200L, 0x00000000L, 0x08020008L,
+ 0x08000200L, 0x00000000L, 0x00020208L, 0x08000200L,
+ 0x00020008L, 0x08000008L, 0x08000008L, 0x00020000L,
+ 0x08020208L, 0x00020008L, 0x08020000L, 0x00000208L,
+ 0x08000000L, 0x00000008L, 0x08020200L, 0x00000200L,
+ 0x00020200L, 0x08020000L, 0x08020008L, 0x00020208L,
+ 0x08000208L, 0x00020200L, 0x00020000L, 0x08000208L,
+ 0x00000008L, 0x08020208L, 0x00000200L, 0x08000000L,
+ 0x08020200L, 0x08000000L, 0x00020008L, 0x00000208L,
+ 0x00020000L, 0x08020200L, 0x08000200L, 0x00000000L,
+ 0x00000200L, 0x00020008L, 0x08020208L, 0x08000200L,
+ 0x08000008L, 0x00000200L, 0x00000000L, 0x08020008L,
+ 0x08000208L, 0x00020000L, 0x08000000L, 0x08020208L,
+ 0x00000008L, 0x00020208L, 0x00020200L, 0x08000008L,
+ 0x08020000L, 0x08000208L, 0x00000208L, 0x08020000L,
+ 0x00020208L, 0x00000008L, 0x08020008L, 0x00020200L };
+
+static unsigned long SP4[64] = {
+ 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+ 0x00802080L, 0x00800081L, 0x00800001L, 0x00002001L,
+ 0x00000000L, 0x00802000L, 0x00802000L, 0x00802081L,
+ 0x00000081L, 0x00000000L, 0x00800080L, 0x00800001L,
+ 0x00000001L, 0x00002000L, 0x00800000L, 0x00802001L,
+ 0x00000080L, 0x00800000L, 0x00002001L, 0x00002080L,
+ 0x00800081L, 0x00000001L, 0x00002080L, 0x00800080L,
+ 0x00002000L, 0x00802080L, 0x00802081L, 0x00000081L,
+ 0x00800080L, 0x00800001L, 0x00802000L, 0x00802081L,
+ 0x00000081L, 0x00000000L, 0x00000000L, 0x00802000L,
+ 0x00002080L, 0x00800080L, 0x00800081L, 0x00000001L,
+ 0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
+ 0x00802081L, 0x00000081L, 0x00000001L, 0x00002000L,
+ 0x00800001L, 0x00002001L, 0x00802080L, 0x00800081L,
+ 0x00002001L, 0x00002080L, 0x00800000L, 0x00802001L,
+ 0x00000080L, 0x00800000L, 0x00002000L, 0x00802080L };
+
+static unsigned long SP5[64] = {
+ 0x00000100L, 0x02080100L, 0x02080000L, 0x42000100L,
+ 0x00080000L, 0x00000100L, 0x40000000L, 0x02080000L,
+ 0x40080100L, 0x00080000L, 0x02000100L, 0x40080100L,
+ 0x42000100L, 0x42080000L, 0x00080100L, 0x40000000L,
+ 0x02000000L, 0x40080000L, 0x40080000L, 0x00000000L,
+ 0x40000100L, 0x42080100L, 0x42080100L, 0x02000100L,
+ 0x42080000L, 0x40000100L, 0x00000000L, 0x42000000L,
+ 0x02080100L, 0x02000000L, 0x42000000L, 0x00080100L,
+ 0x00080000L, 0x42000100L, 0x00000100L, 0x02000000L,
+ 0x40000000L, 0x02080000L, 0x42000100L, 0x40080100L,
+ 0x02000100L, 0x40000000L, 0x42080000L, 0x02080100L,
+ 0x40080100L, 0x00000100L, 0x02000000L, 0x42080000L,
+ 0x42080100L, 0x00080100L, 0x42000000L, 0x42080100L,
+ 0x02080000L, 0x00000000L, 0x40080000L, 0x42000000L,
+ 0x00080100L, 0x02000100L, 0x40000100L, 0x00080000L,
+ 0x00000000L, 0x40080000L, 0x02080100L, 0x40000100L };
+
+static unsigned long SP6[64] = {
+ 0x20000010L, 0x20400000L, 0x00004000L, 0x20404010L,
+ 0x20400000L, 0x00000010L, 0x20404010L, 0x00400000L,
+ 0x20004000L, 0x00404010L, 0x00400000L, 0x20000010L,
+ 0x00400010L, 0x20004000L, 0x20000000L, 0x00004010L,
+ 0x00000000L, 0x00400010L, 0x20004010L, 0x00004000L,
+ 0x00404000L, 0x20004010L, 0x00000010L, 0x20400010L,
+ 0x20400010L, 0x00000000L, 0x00404010L, 0x20404000L,
+ 0x00004010L, 0x00404000L, 0x20404000L, 0x20000000L,
+ 0x20004000L, 0x00000010L, 0x20400010L, 0x00404000L,
+ 0x20404010L, 0x00400000L, 0x00004010L, 0x20000010L,
+ 0x00400000L, 0x20004000L, 0x20000000L, 0x00004010L,
+ 0x20000010L, 0x20404010L, 0x00404000L, 0x20400000L,
+ 0x00404010L, 0x20404000L, 0x00000000L, 0x20400010L,
+ 0x00000010L, 0x00004000L, 0x20400000L, 0x00404010L,
+ 0x00004000L, 0x00400010L, 0x20004010L, 0x00000000L,
+ 0x20404000L, 0x20000000L, 0x00400010L, 0x20004010L };
+
+static unsigned long SP7[64] = {
+ 0x00200000L, 0x04200002L, 0x04000802L, 0x00000000L,
+ 0x00000800L, 0x04000802L, 0x00200802L, 0x04200800L,
+ 0x04200802L, 0x00200000L, 0x00000000L, 0x04000002L,
+ 0x00000002L, 0x04000000L, 0x04200002L, 0x00000802L,
+ 0x04000800L, 0x00200802L, 0x00200002L, 0x04000800L,
+ 0x04000002L, 0x04200000L, 0x04200800L, 0x00200002L,
+ 0x04200000L, 0x00000800L, 0x00000802L, 0x04200802L,
+ 0x00200800L, 0x00000002L, 0x04000000L, 0x00200800L,
+ 0x04000000L, 0x00200800L, 0x00200000L, 0x04000802L,
+ 0x04000802L, 0x04200002L, 0x04200002L, 0x00000002L,
+ 0x00200002L, 0x04000000L, 0x04000800L, 0x00200000L,
+ 0x04200800L, 0x00000802L, 0x00200802L, 0x04200800L,
+ 0x00000802L, 0x04000002L, 0x04200802L, 0x04200000L,
+ 0x00200800L, 0x00000000L, 0x00000002L, 0x04200802L,
+ 0x00000000L, 0x00200802L, 0x04200000L, 0x00000800L,
+ 0x04000002L, 0x04000800L, 0x00000800L, 0x00200002L };
+
+static unsigned long SP8[64] = {
+ 0x10001040L, 0x00001000L, 0x00040000L, 0x10041040L,
+ 0x10000000L, 0x10001040L, 0x00000040L, 0x10000000L,
+ 0x00040040L, 0x10040000L, 0x10041040L, 0x00041000L,
+ 0x10041000L, 0x00041040L, 0x00001000L, 0x00000040L,
+ 0x10040000L, 0x10000040L, 0x10001000L, 0x00001040L,
+ 0x00041000L, 0x00040040L, 0x10040040L, 0x10041000L,
+ 0x00001040L, 0x00000000L, 0x00000000L, 0x10040040L,
+ 0x10000040L, 0x10001000L, 0x00041040L, 0x00040000L,
+ 0x00041040L, 0x00040000L, 0x10041000L, 0x00001000L,
+ 0x00000040L, 0x10040040L, 0x00001000L, 0x00041040L,
+ 0x10001000L, 0x00000040L, 0x10000040L, 0x10040000L,
+ 0x10040040L, 0x10000000L, 0x00040000L, 0x10001040L,
+ 0x00000000L, 0x10041040L, 0x00040040L, 0x10000040L,
+ 0x10040000L, 0x10001000L, 0x10001040L, 0x00000000L,
+ 0x10041040L, 0x00041000L, 0x00041000L, 0x00001040L,
+ 0x00001040L, 0x00040040L, 0x10000000L, 0x10041000L };
+
+static void desfunc(block, keys)
+register unsigned long *block, *keys;
+{
+ register unsigned long fval, work, right, leftt;
+ register int round;
+
+ leftt = block[0];
+ right = block[1];
+ work = ((leftt >> 4) ^ right) & 0x0f0f0f0fL;
+ right ^= work;
+ leftt ^= (work << 4);
+ work = ((leftt >> 16) ^ right) & 0x0000ffffL;
+ right ^= work;
+ leftt ^= (work << 16);
+ work = ((right >> 2) ^ leftt) & 0x33333333L;
+ leftt ^= work;
+ right ^= (work << 2);
+ work = ((right >> 8) ^ leftt) & 0x00ff00ffL;
+ leftt ^= work;
+ right ^= (work << 8);
+ right = ((right << 1) | ((right >> 31) & 1L)) & 0xffffffffL;
+ work = (leftt ^ right) & 0xaaaaaaaaL;
+ leftt ^= work;
+ right ^= work;
+ leftt = ((leftt << 1) | ((leftt >> 31) & 1L)) & 0xffffffffL;
+
+ for( round = 0; round < 8; round++ ) {
+ work  = (right << 28) | (right >> 4);
+ work ^= *keys++;
+ fval  = SP7[ work & 0x3fL];
+ fval |= SP5[(work >>  8) & 0x3fL];
+ fval |= SP3[(work >> 16) & 0x3fL];
+ fval |= SP1[(work >> 24) & 0x3fL];
+ work  = right ^ *keys++;
+ fval |= SP8[ work & 0x3fL];
+ fval |= SP6[(work >>  8) & 0x3fL];
+ fval |= SP4[(work >> 16) & 0x3fL];
+ fval |= SP2[(work >> 24) & 0x3fL];
+ leftt ^= fval;
+ work  = (leftt << 28) | (leftt >> 4);
+ work ^= *keys++;
+ fval  = SP7[ work & 0x3fL];
+ fval |= SP5[(work >>  8) & 0x3fL];
+ fval |= SP3[(work >> 16) & 0x3fL];
+ fval |= SP1[(work >> 24) & 0x3fL];
+ work  = leftt ^ *keys++;
+ fval |= SP8[ work & 0x3fL];
+ fval |= SP6[(work >>  8) & 0x3fL];
+ fval |= SP4[(work >> 16) & 0x3fL];
+ fval |= SP2[(work >> 24) & 0x3fL];
+ right ^= fval;
+ }
+
+ right = (right << 31) | (right >> 1);
+ work = (leftt ^ right) & 0xaaaaaaaaL;
+ leftt ^= work;
+ right ^= work;
+ leftt = (leftt << 31) | (leftt >> 1);
+ work = ((leftt >> 8) ^ right) & 0x00ff00ffL;
+ right ^= work;
+ leftt ^= (work << 8);
+ work = ((leftt >> 2) ^ right) & 0x33333333L;
+ right ^= work;
+ leftt ^= (work << 2);
+ work = ((right >> 16) ^ leftt) & 0x0000ffffL;
+ leftt ^= work;
+ right ^= (work << 16);
+ work = ((right >> 4) ^ leftt) & 0x0f0f0f0fL;
+ leftt ^= work;
+ right ^= (work << 4);
+ *block++ = right;
+ *block = leftt;
+ return;
+ }
+
+/* Validation sets:
+ *
+ * Single-length key, single-length plaintext -
+ * Key   : 0123 4567 89ab cdef
+ * Plain  : 0123 4567 89ab cde7
+ * Cipher : c957 4425 6a5e d31d
+ *
+ * Double-length key, single-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain  : 0123 4567 89ab cde7
+ * Cipher : 7f1d 0a77 826b 8aff
+ *
+ * Double-length key, double-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210
+ * Plain  : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : 27a0 8440 406a df60 278f 47cf 42d6 15d7
+ *
+ * Triple-length key, single-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain  : 0123 4567 89ab cde7
+ * Cipher : de0b 7c06 ae5e 0ed5
+ *
+ * Triple-length key, double-length plaintext -
+ * Key   : 0123 4567 89ab cdef fedc ba98 7654 3210 89ab cdef 0123 4567
+ * Plain  : 0123 4567 89ab cdef 0123 4567 89ab cdff
+ * Cipher : ad0d 1b30 ac17 cf07 0ed1 1c63 81e4 4de5
+ *
+ * d3des V5.0a rwo 9208.07 18:44 Graven Imagery
+ **********************************************************************/
diff -Naur kvm-12/qemu/d3des.h kvm-12.1/qemu/d3des.h
--- kvm-12/qemu/d3des.h 1970-01-01 01:00:00.000000000 +0100
+++ kvm-12.1/qemu/d3des.h 2007-01-27 18:30:04.000000000 +0100
@@ -0,0 +1,51 @@
+/*
+ * This is D3DES (V5.09) by Richard Outerbridge with the double and
+ * triple-length support removed for use in VNC.
+ *
+ * These changes are:
+ *  Copyright (C) 1999 AT&T Laboratories Cambridge.  All Rights Reserved.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ */
+
+/* d3des.h -
+ *
+ * Headers and defines for d3des.c
+ * Graven Imagery, 1992.
+ *
+ * Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge
+ * (GEnie : OUTER; CIS : [71755,204])
+ */
+
+#define EN0 0 /* MODE == encrypt */
+#define DE1 1 /* MODE == decrypt */
+
+extern void deskey(unsigned char *, int);
+/*       hexkey[8]     MODE
+ * Sets the internal key register according to the hexadecimal
+ * key contained in the 8 bytes of hexkey, according to the DES,
+ * for encryption or decryption according to MODE.
+ */
+
+extern void usekey(unsigned long *);
+/*     cookedkey[32]
+ * Loads the internal key register with the data in cookedkey.
+ */
+
+extern void cpkey(unsigned long *);
+/*    cookedkey[32]
+ * Copies the contents of the internal key register into the storage
+ * located at &cookedkey[0].
+ */
+
+extern void des(unsigned char *, unsigned char *);
+/*     from[8]       to[8]
+ * Encrypts/Decrypts (according to the key currently loaded in the
+ * internal key register) one block of eight bytes at address 'from'
+ * into the block at address 'to'.  They can be the same.
+ */
+
+/* d3des.h V5.09 rwo 9208.04 15:06 Graven Imagery
+ ********************************************************************/
diff -Naur kvm-12/qemu/Makefile.target kvm-12.1/qemu/Makefile.target
--- kvm-12/qemu/Makefile.target 2006-12-11 12:24:07.000000000 +0100
+++ kvm-12.1/qemu/Makefile.target 2007-01-28 14:13:34.000000000 +0100
@@ -389,6 +389,7 @@
 VL_OBJS+=sdl.o
 endif
 VL_OBJS+=vnc.o
+VL_OBJS+=d3des.o
 ifdef CONFIG_COCOA
 VL_OBJS+=cocoa.o
 COCOA_LIBS=-F/System/Library/Frameworks -framework Cocoa -framework IOKit
@@ -449,6 +450,9 @@
 vnc.o: vnc.c keymaps.c sdl_keysym.h vnchextile.h
  $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<

+d3des.o: d3des.c d3des.h
+ $(CC) $(CFLAGS) $(DEFINES) -c -o $@ $<
+
 sdlaudio.o: sdlaudio.c
  $(CC) $(CFLAGS) $(DEFINES) $(SDL_CFLAGS) -c -o $@ $<

diff -Naur kvm-12/qemu/vl.c kvm-12.1/qemu/vl.c
--- kvm-12/qemu/vl.c 2007-01-07 13:58:54.000000000 +0100
+++ kvm-12.1/qemu/vl.c 2007-01-28 15:04:45.000000000 +0100
@@ -163,6 +163,9 @@
 int acpi_enabled = 1;
 int fd_bootchk = 1;

+char vncpasswd[64];
+unsigned char challenge[AUTHCHALLENGESIZE];
+
 /***********************************************************/
 /* x86 ISA bus support */

@@ -5501,6 +5504,7 @@
     QEMU_OPTION_vnc,
     QEMU_OPTION_no_acpi,
     QEMU_OPTION_no_kvm,
+    QEMU_OPTION_vncpasswd,
 };

 typedef struct QEMUOption {
@@ -5576,6 +5580,7 @@
     { "usbdevice", HAS_ARG, QEMU_OPTION_usbdevice },
     { "smp", HAS_ARG, QEMU_OPTION_smp },
     { "vnc", HAS_ARG, QEMU_OPTION_vnc },
+    { "vncpasswd", HAS_ARG, QEMU_OPTION_vncpasswd },

     /* temporary options */
     { "usb", 0, QEMU_OPTION_usb },
@@ -5862,6 +5867,7 @@
     nographic = 0;
     kernel_filename = NULL;
     kernel_cmdline = "";
+    *vncpasswd = '\0';
 #ifdef TARGET_PPC
     cdrom_index = 1;
 #else
@@ -6233,6 +6239,14 @@
      exit(1);
  }
  break;
+            case QEMU_OPTION_vncpasswd:
+                strcpy(vncpasswd, optarg);
+//                fprintf(stderr, "Password: %s\n", optarg);
+                /* prevention of ps */
+                argv[optind-1][0] = '*';
+                for (i=1; argv[optind-1][i]; i++)
+                    argv[optind-1][i] = '\0';
+                break;
             case QEMU_OPTION_no_acpi:
                 acpi_enabled = 0;
                 break;
diff -Naur kvm-12/qemu/vl.h kvm-12.1/qemu/vl.h
--- kvm-12/qemu/vl.h 2006-12-31 13:25:01.000000000 +0100
+++ kvm-12.1/qemu/vl.h 2007-01-28 14:16:48.000000000 +0100
@@ -1203,4 +1203,7 @@

 void kqemu_record_dump(void);

+/* VNC Authentication */
+#define AUTHCHALLENGESIZE 16
+
 #endif /* VL_H */
diff -Naur kvm-12/qemu/vnc.c kvm-12.1/qemu/vnc.c
--- kvm-12/qemu/vnc.c 2007-01-07 13:58:54.000000000 +0100
+++ kvm-12.1/qemu/vnc.c 2007-01-28 15:11:07.000000000 +0100
@@ -30,6 +30,7 @@

 #include "vnc_keysym.h"
 #include "keymaps.c"
+#include "d3des.h"

 typedef struct Buffer
 {
@@ -101,6 +102,10 @@
 static void vnc_update_client(void *opaque);
 static void vnc_client_read(void *opaque);

+static int make_challenge(char *random, int size);
+static void set_seed(unsigned int *seedp);
+static void get_random(int len, unsigned char *buf);
+
 static inline void vnc_set_bit(uint32_t *d, int k)
 {
     d[k >> 5] |= 1 << (k & 0x1f);
@@ -985,23 +990,100 @@
     return 0;
 }

+static int protocol_authtype(VncState *vs, char *type, size_t len)
+{
+    return 0;
+}
+
+static unsigned char d3desObfuscationKey[] = {23,82,107,6,35,78,88,7};
+
+static int protocol_response(VncState *vs, char *client_response, size_t
len)
+{
+    extern char vncpasswd[64];
+    extern unsigned char challenge[AUTHCHALLENGESIZE];
+    unsigned char cryptchallenge[AUTHCHALLENGESIZE];
+    unsigned char key[8];
+    int passwdlen, i, j;
+
+    memcpy(cryptchallenge, challenge, AUTHCHALLENGESIZE);
+
+    /* Calculate the sent challenge */
+    passwdlen = strlen(vncpasswd);
+    for (i=0; i<8; i++)
+       key[i] = i<passwdlen ? vncpasswd[i] : 0;
+    deskey(key, EN0);
+    for (j = 0; j < AUTHCHALLENGESIZE; j += 8)
+       des(cryptchallenge+j, cryptchallenge+j);
+
+    /* Check the actual response */
+    if (memcmp(cryptchallenge, client_response, AUTHCHALLENGESIZE) != 0) {
+       /* password error */
+       vnc_write_u32(vs, 1);
+       vnc_write_u32(vs, 22);
+       vnc_write(vs, "Authentication failure", 22);
+       vnc_flush(vs);
+       fprintf(stderr, "VNC Password error.\n");
+       vnc_client_error(vs);
+       return 0;
+    }
+
+    vnc_write_u32(vs, 0);
+    vnc_flush(vs);
+
+    vnc_read_when(vs, protocol_client_init, 1);
+
+    return 0;
+}
+
+
+
 static int protocol_version(VncState *vs, char *version, size_t len)
 {
+    extern char vncpasswd[64];
+    extern unsigned char challenge[AUTHCHALLENGESIZE];
     char local[13];
-    int maj, min;
+    int  support, maj, min;

     memcpy(local, version, 12);
     local[12] = 0;

+    /* protocol version check */
     if (sscanf(local, "RFB %03d.%03d\n", &maj, &min) != 2) {
+ fprintf(stderr, "Protocol version error.\n");
  vnc_client_error(vs);
  return 0;
     }

-    vnc_write_u32(vs, 1); /* None */
-    vnc_flush(vs);
+    support = 0;
+    if (maj = 3) {
+       if (min == 3 || min ==4) {
+           support = 1;
+       }
+    }
+
+    if (! support) {
+       fprintf(stderr, "Client uses unsupported protocol version %d.%d.\n",
+               maj, min);
+       vnc_client_error(vs);
+       return 0;
+    }
+
+    if (*vncpasswd == '\0') {
+       /* AuthType is None */
+       vnc_write_u32(vs, 1);
+       vnc_flush(vs);
+       vnc_read_when(vs, protocol_client_init, 1);
+    } else {
+       /* AuthType is VncAuth */
+       vnc_write_u32(vs, 2);

-    vnc_read_when(vs, protocol_client_init, 1);
+       /* Challenge-Responce authentication */
+       /* Send Challenge */
+       make_challenge(challenge, AUTHCHALLENGESIZE);
+       vnc_write(vs, challenge, AUTHCHALLENGESIZE);
+       vnc_flush(vs);
+       vnc_read_when(vs, protocol_response, AUTHCHALLENGESIZE);
+    }

     return 0;
 }
@@ -1096,3 +1178,106 @@

     vnc_dpy_resize(vs->ds, 640, 400);
 }
+
+unsigned int seed;
+
+static int make_challenge(char *random, int size)
+{
+
+    set_seed(&seed);
+    get_random(size, random);
+
+    return 0;
+}
+
+static void set_seed(unsigned int *seedp)
+{
+    *seedp += (unsigned int)(time(NULL)+getpid()+getpid()*987654+rand());
+    srand(*seedp);
+
+    return;
+}
+
+static void get_random(int len, unsigned char *buf)
+{
+    int i;
+
+    for (i=0; i<len; i++)
+       buf[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
+
+    return;
+}
+
+static int vnc_auth(VncState *vs)
+{
+    extern char vncpasswd[64];
+    extern unsigned char challenge[AUTHCHALLENGESIZE];
+
+    if (*vncpasswd == '\0') {
+ /* AuthType is None */
+ vnc_write_u32(vs, 1);
+ vnc_flush(vs);
+ vnc_read_when(vs, protocol_client_init, 1);
+    } else {
+ /* AuthType is VncAuth */
+ vnc_write_u32(vs, 2);
+ vnc_flush(vs);
+
+ /* Read AuthType */
+ vnc_read_when(vs, protocol_authtype, 1);
+
+ /* Send Challenge */
+ make_challenge(challenge, AUTHCHALLENGESIZE);
+ vnc_write(vs, challenge, AUTHCHALLENGESIZE);
+ vnc_flush(vs);
+
+ /* Read Responce */
+ vnc_read_when(vs, protocol_response, AUTHCHALLENGESIZE);
+    }
+
+    return 0;
+}
+
+const char base64char[] =
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
+
+static unsigned int base64value(char c1)
+{
+    unsigned int i;
+
+    if (c1 == '=') return 0;
+    for (i=0; base64char[i]; i++) {
+ if (c1 == base64char[i]) break;
+    }
+
+    return i;
+}
+
+static int base64decode(unsigned char *out, char *in)
+{
+    int outpos = 0; /* current position of out area */
+    int i;
+    int inlen; /* indata length */
+
+    inlen = strlen(in);
+
+    /* base64 decode */
+    for (i=0; i<inlen; i+=4) {
+ if (in[i] == '=') break;
+ out[outpos] = (unsigned char)
+     ( (base64value(in[i])<<2) | ((base64value(in[i+1])&0x30)>>4) );
+ out[outpos+1] = (unsigned char)
+     ( ((base64value(in[i+1])&0x0f)<<4)|((base64value(in[i+2])&0x3c)>>2) );
+ out[outpos+2] = (unsigned char)
+     ( ((base64value(in[i+2])&0x03)<<6) | (base64value(in[i+3])&0x3f) );
+ outpos += 3;
+    }
+
+    /* correction length */
+    if (outpos) {
+ if (in[i-1] == '=') outpos--;
+ if (in[i-2] == '=') outpos--;
+    }
+
+    return outpos;
+}


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Re: qemu vnc auth

[Avi Kivity]

Yellis Services wrote:
> Hello,
>
> I have adapted a xen path to kvm-qemu.
> This patch enable auth in vnc
>
> qemu ../.. -hda=/home/os.img -vnc -vncpasswd toto
>
> work with vncviewer on linux and Win.
> Don't work with vncviewer applet via http, must be fixed.
>
>   

Anthony, you're our qemu expert.  Care to comment?

-- 
error compiling committee.c: too many arguments to function


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Re: qemu vnc auth

[Daniel P. Berrange]

On Tue, Jan 30, 2007 at 01:03:20PM +0100, Yellis Services wrote:
> Hello,
> 
> I have adapted a xen path to kvm-qemu.
> This patch enable auth in vnc
> 
> qemu ../.. -hda=/home/os.img -vnc -vncpasswd toto
> 
> work with vncviewer on linux and Win.
> Don't work with vncviewer applet via http, must be fixed.

Passing passwords around on the command line is not really a viable
implementation because they can trivially be snooped by any user
on the system. Likewise environment variables are not suitable.

I suggest two approaches:

 1. Pass the name of a file containing the password on the command
    line. QEMU can then read the password from this file. This is
    the approach taken by the regular VNC server - eg it stores a
    passwd in $HOME/.vnc/passwd. This passwd file can be chmod 0600
    to secure it from other userseg. This is useful for a user who
    is laucnhing qemu process mannually and wants to make them all
    use a single passwd.

     qemu ../.. -hda=/home/os.img -vnc -vncpasswdfile /path/to/file

 2. Allow the password to be passed to the QEMU process via a file
    descriptor. This is useful if the QEMU process is being launched
    by some form of management process, letting the parent process
    easily control the password per-QEMU process without writing out
    a great many files.

     qemu ../.. -hda=/home/os.img -vnc -vncpasswdfd  7

So in fact I think it would be very useful to implement both approaches,
because they serve different use cases and I don't think there would be
too much code overhead in having both supported.

Aside from how you supply the initial password, the rest of the patch
looks good to me. It would probably be worthwhile posting this to 
upstream qemu-devel too, to avoid the need for further KVM-specific fork
of the codebae.

Regards,
Dan
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Re: qemu vnc auth

[Anthony Liguori]

Avi Kivity wrote:
> Yellis Services wrote:
>   
>> Hello,
>>
>> I have adapted a xen path to kvm-qemu.
>> This patch enable auth in vnc
>>
>> qemu ../.. -hda=/home/os.img -vnc -vncpasswd toto
>>
>> work with vncviewer on linux and Win.
>> Don't work with vncviewer applet via http, must be fixed.
>>
>>   
>>     
>  
> Anthony, you're our qemu expert.  Care to comment?
>   

Hi Yellis,

Please submit to qemu-devel.  Let it get worked out there.  We can pick 
it up whatever goes once we move to CVS.

Regards,

Anthony Liguori


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV