From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: Anthony Liguori <aliguori@us.ibm.com>,
Gerd Hoffmann <kraxel@redhat.com>,
Luiz Capitulino <lcapitulino@redhat.com>
Subject: [Qemu-devel] [PATCH v3] Add SPICE support to add_client monitor command
Date: Mon, 13 Feb 2012 13:43:08 +0000 [thread overview]
Message-ID: <1329140588-12722-1-git-send-email-berrange@redhat.com> (raw)
From: "Daniel P. Berrange" <berrange@redhat.com>
With the acceptance of some new APIs to libspice-server.so it
is possible to add support for SPICE to the 'add_client'
monitor command, bringing parity with VNC. Since SPICE can
use TLS or plain connections, the command also gains a new
'tls' parameter to specify whether TLS should be attempted
on the injected client sockets.
This new feature is only enabled if building against a
libspice-server >= 0.10.1
* qmp-commands.hx: Add 'tls' parameter & missing doc for
'skipauth' parameter
* monitor.c: Wire up SPICE for 'add_client' command
* ui/qemu-spice.h, ui/spice-core.c: Add qemu_spice_display_add_client
API to wire up from monitor
[1] http://cgit.freedesktop.org/spice/spice/commit/server/spice.h?id=d55b68b6b44f2499278fa860fb47ff22f5011faa
http://cgit.freedesktop.org/spice/spice/commit/server/spice.h?id=bd07dde530d9504e1cfe7ed5837fc00c26f36716
Changes in v3:
- Added 'optional' flag to new parameters documented
- Added no-op impl of qemu_spice_display_add_client when
SPICE is disabled during build
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
monitor.c | 9 +++++++--
qmp-commands.hx | 6 ++++--
ui/qemu-spice.h | 6 ++++++
ui/spice-core.c | 13 +++++++++++++
4 files changed, 30 insertions(+), 4 deletions(-)
diff --git a/monitor.c b/monitor.c
index aadbdcb..0d4daad 100644
--- a/monitor.c
+++ b/monitor.c
@@ -823,13 +823,18 @@ static int add_graphics_client(Monitor *mon, const QDict *qdict, QObject **ret_d
CharDriverState *s;
if (strcmp(protocol, "spice") == 0) {
+ int fd = monitor_get_fd(mon, fdname);
+ int skipauth = qdict_get_try_bool(qdict, "skipauth", 0);
+ int tls = qdict_get_try_bool(qdict, "tls", 0);
if (!using_spice) {
/* correct one? spice isn't a device ,,, */
qerror_report(QERR_DEVICE_NOT_ACTIVE, "spice");
return -1;
}
- qerror_report(QERR_ADD_CLIENT_FAILED);
- return -1;
+ if (qemu_spice_display_add_client(fd, skipauth, tls) < 0) {
+ close(fd);
+ }
+ return 0;
#ifdef CONFIG_VNC
} else if (strcmp(protocol, "vnc") == 0) {
int fd = monitor_get_fd(mon, fdname);
diff --git a/qmp-commands.hx b/qmp-commands.hx
index b5e2ab8..dee95f1 100644
--- a/qmp-commands.hx
+++ b/qmp-commands.hx
@@ -910,8 +910,8 @@ EQMP
{
.name = "add_client",
- .args_type = "protocol:s,fdname:s,skipauth:b?",
- .params = "protocol fdname skipauth",
+ .args_type = "protocol:s,fdname:s,skipauth:b?,tls:b?",
+ .params = "protocol fdname skipauth tls",
.help = "add a graphics client",
.user_print = monitor_user_noop,
.mhandler.cmd_new = add_graphics_client,
@@ -927,6 +927,8 @@ Arguments:
- "protocol": protocol name (json-string)
- "fdname": file descriptor name (json-string)
+- "skipauth": whether to skip authentication (json-bool, optional)
+- "tls": whether to perform TLS (json-bool, optional)
Example:
diff --git a/ui/qemu-spice.h b/ui/qemu-spice.h
index c35b29c..3ce57b2 100644
--- a/ui/qemu-spice.h
+++ b/ui/qemu-spice.h
@@ -33,6 +33,7 @@ void qemu_spice_init(void);
void qemu_spice_input_init(void);
void qemu_spice_audio_init(void);
void qemu_spice_display_init(DisplayState *ds);
+int qemu_spice_display_add_client(int csock, int skipauth, int tls);
int qemu_spice_add_interface(SpiceBaseInstance *sin);
int qemu_spice_set_passwd(const char *passwd,
bool fail_if_connected, bool disconnect_if_connected);
@@ -68,6 +69,11 @@ static inline int qemu_spice_migrate_info(const char *h, int p, int t,
return -1;
}
+static inline int qemu_spice_display_add_client(int csock, int skipauth, int tls)
+{
+ return -1;
+}
+
#endif /* CONFIG_SPICE */
#endif /* QEMU_SPICE_H */
diff --git a/ui/spice-core.c b/ui/spice-core.c
index 5639c6f..d98863e 100644
--- a/ui/spice-core.c
+++ b/ui/spice-core.c
@@ -747,6 +747,19 @@ int qemu_spice_set_pw_expire(time_t expires)
return qemu_spice_set_ticket(false, false);
}
+int qemu_spice_display_add_client(int csock, int skipauth, int tls)
+{
+#if SPICE_SERVER_VERSION >= 0x000a01
+ if (tls) {
+ return spice_server_add_ssl_client(spice_server, csock, skipauth);
+ } else {
+ return spice_server_add_client(spice_server, csock, skipauth);
+ }
+#else
+ return -1;
+#endif
+}
+
static void spice_register_config(void)
{
qemu_add_opts(&qemu_spice_opts);
--
1.7.7.6
next reply other threads:[~2012-02-13 13:43 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-13 13:43 Daniel P. Berrange [this message]
2012-02-15 13:23 ` [Qemu-devel] [PATCH v3] Add SPICE support to add_client monitor command Gerd Hoffmann
2012-02-15 17:25 ` Luiz Capitulino
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1329140588-12722-1-git-send-email-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=aliguori@us.ibm.com \
--cc=kraxel@redhat.com \
--cc=lcapitulino@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).