From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:36204)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1QwKKO-0005k7-Qn
	for qemu-devel@nongnu.org; Wed, 24 Aug 2011 16:45:37 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1QwKKN-0000Ck-Bc
	for qemu-devel@nongnu.org; Wed, 24 Aug 2011 16:45:36 -0400
Received: from mx1.redhat.com ([209.132.183.28]:49054)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1QwKKN-00009E-1O
	for qemu-devel@nongnu.org; Wed, 24 Aug 2011 16:45:35 -0400
Date: Wed, 24 Aug 2011 21:45:26 +0100
From: "Daniel P. Berrange" <berrange@redhat.com>
Message-ID: <20110824204526.GA20100@redhat.com>
References: <1314211389-28915-1-git-send-email-aliguori@us.ibm.com>
	<1314211389-28915-15-git-send-email-aliguori@us.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <1314211389-28915-15-git-send-email-aliguori@us.ibm.com>
Subject: Re: [Qemu-devel] [PATCH 14/14] vnc: don't demote authentication
 protocol when disabling login
Reply-To: "Daniel P. Berrange" <berrange@redhat.com>
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: Kevin Wolf <kwolf@redhat.com>, Michael Roth <mdroth@linux.vnet.ibm.com>, qemu-devel@nongnu.org, Luiz Capitulino <lcapitulino@redhat.com>

On Wed, Aug 24, 2011 at 01:43:09PM -0500, Anthony Liguori wrote:
> Currently when disabling login in VNC, the password is cleared out and the
> authentication protocol is forced to AUTH_VNC.  If you're using a stronger
> authentication protocol, this has the effect of downgrading your security
> protocol.
> 
> Fix this by only changing the authentication protocol if the current
> authentication protocol is AUTH_NONE.  That ensures we're never downgrading.
> 
> Reported-by: Daniel Berrange <berrange@redhat.com>
> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
> ---
>  monitor.c |   18 ------------------
>  qmp.c     |   19 +++++++++++++++++++
>  ui/vnc.c  |    4 +++-
>  3 files changed, 22 insertions(+), 19 deletions(-)
> 
> diff --git a/monitor.c b/monitor.c
> index 9801a2d..ad73bc5 100644
> --- a/monitor.c
> +++ b/monitor.c
> @@ -1005,24 +1005,6 @@ static int do_quit(Monitor *mon, const QDict *qdict, QObject **ret_data)
>      return 0;
>  }
>  
> -void qmp_change(const char *device, const char *target,
> -                bool has_arg, const char *arg, Error **err)
> -{
> -    if (strcmp(device, "vnc") == 0) {
> -        if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) {
> -            if (!has_arg || !arg[0]) {
> -                vnc_display_disable_login(NULL);
> -            } else {
> -                qmp_change_vnc_password(arg, err);
> -            }
> -        } else {
> -            qmp_change_vnc_listen(target, err);
> -        }
> -    } else {
> -        deprecated_qmp_change_blockdev(device, target, has_arg, arg, err);
> -    }
> -}
> -
>  static int set_password(Monitor *mon, const QDict *qdict, QObject **ret_data)
>  {
>      const char *protocol  = qdict_get_str(qdict, "protocol");
> diff --git a/qmp.c b/qmp.c
> index 73d6172..5674adc 100644
> --- a/qmp.c
> +++ b/qmp.c
> @@ -16,6 +16,7 @@
>  
>  #include "sysemu.h"
>  #include "console.h"
> +#include "blockdev.h"
>  
>  NameInfo *qmp_query_name(Error **errp)
>  {
> @@ -42,3 +43,21 @@ void qmp_change_vnc_listen(const char *target, Error **err)
>          error_set(err, QERR_VNC_SERVER_FAILED, target);
>      }
>  }
> +
> +void qmp_change(const char *device, const char *target,
> +                bool has_arg, const char *arg, Error **err)
> +{
> +    if (strcmp(device, "vnc") == 0) {
> +        if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) {
> +            if (!has_arg || !arg[0]) {
> +                vnc_display_disable_login(NULL);
> +            } else {
> +                qmp_change_vnc_password(arg, err);
> +            }
> +        } else {
> +            qmp_change_vnc_listen(target, err);
> +        }
> +    } else {
> +        deprecated_qmp_change_blockdev(device, target, has_arg, arg, err);
> +    }
> +}
> diff --git a/ui/vnc.c b/ui/vnc.c
> index fc3a612..ecb216f 100644
> --- a/ui/vnc.c
> +++ b/ui/vnc.c
> @@ -2648,7 +2648,9 @@ int vnc_display_disable_login(DisplayState *ds)
>      }
>  
>      vs->password = NULL;
> -    vs->auth = VNC_AUTH_VNC;
> +    if (vs->auth == VNC_AUTH_NONE) {
> +        vs->auth = VNC_AUTH_VNC;
> +    }
>  
>      return 0;
>  }

Thanks for making this change. The same also needs to be done in the
'vnc_display_password()' method.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|