qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
From: Gerd Hoffmann <kraxel@redhat.com>
To: qemu-devel@nongnu.org
Cc: Gerd Hoffmann <kraxel@redhat.com>
Subject: [Qemu-devel] [PATCH 3/3] vnc/spice: add set_passwd monitor command.
Date: Thu,  7 Oct 2010 13:15:21 +0200	[thread overview]
Message-ID: <1286450121-17153-4-git-send-email-kraxel@redhat.com> (raw)
In-Reply-To: <1286450121-17153-1-git-send-email-kraxel@redhat.com>

This patch adds a new set_password monitor command which allows to
change the password for spice and vnc connections.  See the doc update
patch chunk for details.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hmp-commands.hx |   23 +++++++++++++++++++++
 monitor.c       |   58 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 ui/qemu-spice.h |    3 ++
 ui/spice-core.c |    7 ++++++
 4 files changed, 91 insertions(+), 0 deletions(-)

diff --git a/hmp-commands.hx b/hmp-commands.hx
index 81999aa..a972b80 100644
--- a/hmp-commands.hx
+++ b/hmp-commands.hx
@@ -1116,6 +1116,29 @@ Set the encrypted device @var{device} password to @var{password}
 ETEXI
 
     {
+        .name       = "set_password",
+        .args_type  = "protocol:s,password:s,expiration:i,connected:s?",
+        .params     = "protocol password expiration action-if-connected",
+        .help       = "set spice/vnc password",
+	.user_print = monitor_user_noop,
+        .mhandler.cmd_new = set_password,
+    },
+
+STEXI
+@item set_password [ vnc | spice ] password expiration [ action-if-connected ]
+@findex set_password
+
+Change spice/vnc password.  @var{expiration} specifies the number of
+seconds the password will stay valid.  Use zero to make the password
+stay valid forever.  @var{action-if-connected} specifies what should
+happen in case a connection is established: @var{fail} makes the
+password change fail.  @var{disconnect} changes the password and
+disconnects the client.  @var{keep} changes the password and keeps the
+connection up.  @var{keep} is the default.
+
+ETEXI
+
+    {
         .name       = "info",
         .args_type  = "item:s?",
         .params     = "[subcommand]",
diff --git a/monitor.c b/monitor.c
index d82eb9e..32a20ba 100644
--- a/monitor.c
+++ b/monitor.c
@@ -34,6 +34,7 @@
 #include "net.h"
 #include "net/slirp.h"
 #include "qemu-char.h"
+#include "ui/qemu-spice.h"
 #include "sysemu.h"
 #include "monitor.h"
 #include "readline.h"
@@ -1021,6 +1022,63 @@ static int do_change(Monitor *mon, const QDict *qdict, QObject **ret_data)
     return ret;
 }
 
+static int set_password(Monitor *mon, const QDict *qdict, QObject **ret_data)
+{
+    const char *protocol  = qdict_get_str(qdict, "protocol");
+    const char *password  = qdict_get_str(qdict, "password");
+    const char *connected = qdict_get_try_str(qdict, "connected");
+    int lifetime          = qdict_get_int(qdict, "expiration");
+    int disconnect_if_connected = 0;
+    int fail_if_connected = 0;
+    int rc;
+
+    if (connected) {
+        if (strcmp(connected, "fail") == 0) {
+            fail_if_connected = 1;
+        } else if (strcmp(connected, "disconnect") == 0) {
+            disconnect_if_connected = 1;
+        } else if (strcmp(connected, "keep") == 0) {
+            /* nothing */
+        } else {
+            qerror_report(QERR_INVALID_PARAMETER, "connected");
+            return -1;
+        }
+    }
+
+    if (strcmp(protocol, "spice") == 0) {
+        if (!using_spice) {
+            /* correct one? spice isn't a device ,,, */
+            qerror_report(QERR_DEVICE_NOT_ACTIVE, "spice");
+            return -1;
+        }
+        rc = qemu_spice_set_passwd(password, lifetime,
+                                   fail_if_connected,
+                                   disconnect_if_connected);
+        if (rc != 0) {
+            qerror_report(QERR_SET_PASSWD_FAILED);
+            return -1;
+        }
+        return 0;
+    }
+
+    if (strcmp(protocol, "vnc") == 0) {
+        if (fail_if_connected || disconnect_if_connected) {
+            /* vnc supports "connected=keep" only */
+            qerror_report(QERR_INVALID_PARAMETER, "connected");
+            return -1;
+        }
+        rc = vnc_display_password(NULL, password, lifetime);
+        if (rc != 0) {
+            qerror_report(QERR_SET_PASSWD_FAILED);
+            return -1;
+        }
+        return 0;
+    }
+
+    qerror_report(QERR_INVALID_PARAMETER, "protocol");
+    return -1;
+}
+
 static int do_screen_dump(Monitor *mon, const QDict *qdict, QObject **ret_data)
 {
     vga_hw_screen_dump(qdict_get_str(qdict, "filename"));
diff --git a/ui/qemu-spice.h b/ui/qemu-spice.h
index 063c7dc..0e6e748 100644
--- a/ui/qemu-spice.h
+++ b/ui/qemu-spice.h
@@ -31,10 +31,13 @@ void qemu_spice_init(void);
 void qemu_spice_input_init(void);
 void qemu_spice_display_init(DisplayState *ds);
 int qemu_spice_add_interface(SpiceBaseInstance *sin);
+int qemu_spice_set_passwd(const char *passwd, int lifetime,
+                          bool fail_if_connected, bool disconnect_if_connected);
 
 #else  /* CONFIG_SPICE */
 
 #define using_spice 0
+#define qemu_spice_set_passwd(_p, _l, _f1, _f2) (-1)
 
 #endif /* CONFIG_SPICE */
 
diff --git a/ui/spice-core.c b/ui/spice-core.c
index 8b5e4a8..6d30755 100644
--- a/ui/spice-core.c
+++ b/ui/spice-core.c
@@ -176,6 +176,13 @@ int qemu_spice_add_interface(SpiceBaseInstance *sin)
     return spice_server_add_interface(spice_server, sin);
 }
 
+int qemu_spice_set_passwd(const char *passwd, int lifetime,
+                          bool fail_if_connected, bool disconnect_if_connected)
+{
+    return spice_server_set_ticket(spice_server, passwd, lifetime,
+                                   fail_if_connected, disconnect_if_connected);
+}
+
 static void spice_register_config(void)
 {
     qemu_add_opts(&qemu_spice_opts);
-- 
1.7.1

  parent reply	other threads:[~2010-10-07 11:15 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-10-07 11:15 [Qemu-devel] [PATCH 0/3] vnc/spice: add monitor command to change password Gerd Hoffmann
2010-10-07 11:15 ` [Qemu-devel] [PATCH 1/3] vnc: auth reject cleanup Gerd Hoffmann
2010-10-07 11:15 ` [Qemu-devel] [PATCH 2/3] vnc: support password expire Gerd Hoffmann
2010-10-07 19:53   ` Anthony Liguori
2010-10-08 10:08     ` Daniel P. Berrange
2010-11-02 11:15       ` Gerd Hoffmann
2010-11-09 13:42         ` Gerd Hoffmann
2010-11-10 15:52           ` Anthony Liguori
2010-11-10 15:50       ` Anthony Liguori
2010-11-11 11:39         ` Gerd Hoffmann
2010-11-16 20:26           ` Anthony Liguori
2010-11-17 10:23             ` Gerd Hoffmann
2010-11-20  2:14               ` Anthony Liguori
2010-10-07 11:15 ` Gerd Hoffmann [this message]
  -- strict thread matches above, loose matches on Subject: below --
2010-11-24 17:03 [Qemu-devel] [PATCH 0/3] vnc/spice: add monitor commands to change+expire passwords Gerd Hoffmann
2010-11-24 17:03 ` [Qemu-devel] [PATCH 3/3] vnc/spice: add set_passwd monitor command Gerd Hoffmann
2010-11-24 17:54   ` malc

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1286450121-17153-4-git-send-email-kraxel@redhat.com \
    --to=kraxel@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).