From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:54711)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <anthony@codemonkey.ws>) id 1QwKM7-00086z-Rc
	for qemu-devel@nongnu.org; Wed, 24 Aug 2011 16:47:30 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <anthony@codemonkey.ws>) id 1QwKM3-0000Xm-LQ
	for qemu-devel@nongnu.org; Wed, 24 Aug 2011 16:47:20 -0400
Received: from mail-yi0-f45.google.com ([209.85.218.45]:50896)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <anthony@codemonkey.ws>) id 1QwKM3-0000Wy-It
	for qemu-devel@nongnu.org; Wed, 24 Aug 2011 16:47:19 -0400
Received: by yih10 with SMTP id 10so1337441yih.4
	for <qemu-devel@nongnu.org>; Wed, 24 Aug 2011 13:47:09 -0700 (PDT)
Message-ID: <4E556347.3030002@codemonkey.ws>
Date: Wed, 24 Aug 2011 15:47:03 -0500
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
References: <1314211389-28915-1-git-send-email-aliguori@us.ibm.com>	<1314211389-28915-15-git-send-email-aliguori@us.ibm.com>
	<20110824204526.GA20100@redhat.com>
In-Reply-To: <20110824204526.GA20100@redhat.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 14/14] vnc: don't demote authentication
 protocol when disabling login
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>, Anthony Liguori <aliguori@us.ibm.com>, Luiz Capitulino <lcapitulino@redhat.com>, Michael Roth <mdroth@linux.vnet.ibm.com>, qemu-devel@nongnu.org

On 08/24/2011 03:45 PM, Daniel P. Berrange wrote:
> On Wed, Aug 24, 2011 at 01:43:09PM -0500, Anthony Liguori wrote:
>> Currently when disabling login in VNC, the password is cleared out and the
>> authentication protocol is forced to AUTH_VNC.  If you're using a stronger
>> authentication protocol, this has the effect of downgrading your security
>> protocol.
>>
>> Fix this by only changing the authentication protocol if the current
>> authentication protocol is AUTH_NONE.  That ensures we're never downgrading.
>>
>> Reported-by: Daniel Berrange<berrange@redhat.com>
>> Signed-off-by: Anthony Liguori<aliguori@us.ibm.com>
>> ---
>>   monitor.c |   18 ------------------
>>   qmp.c     |   19 +++++++++++++++++++
>>   ui/vnc.c  |    4 +++-
>>   3 files changed, 22 insertions(+), 19 deletions(-)
>>
>> diff --git a/monitor.c b/monitor.c
>> index 9801a2d..ad73bc5 100644
>> --- a/monitor.c
>> +++ b/monitor.c
>> @@ -1005,24 +1005,6 @@ static int do_quit(Monitor *mon, const QDict *qdict, QObject **ret_data)
>>       return 0;
>>   }
>>
>> -void qmp_change(const char *device, const char *target,
>> -                bool has_arg, const char *arg, Error **err)
>> -{
>> -    if (strcmp(device, "vnc") == 0) {
>> -        if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) {
>> -            if (!has_arg || !arg[0]) {
>> -                vnc_display_disable_login(NULL);
>> -            } else {
>> -                qmp_change_vnc_password(arg, err);
>> -            }
>> -        } else {
>> -            qmp_change_vnc_listen(target, err);
>> -        }
>> -    } else {
>> -        deprecated_qmp_change_blockdev(device, target, has_arg, arg, err);
>> -    }
>> -}
>> -
>>   static int set_password(Monitor *mon, const QDict *qdict, QObject **ret_data)
>>   {
>>       const char *protocol  = qdict_get_str(qdict, "protocol");
>> diff --git a/qmp.c b/qmp.c
>> index 73d6172..5674adc 100644
>> --- a/qmp.c
>> +++ b/qmp.c
>> @@ -16,6 +16,7 @@
>>
>>   #include "sysemu.h"
>>   #include "console.h"
>> +#include "blockdev.h"
>>
>>   NameInfo *qmp_query_name(Error **errp)
>>   {
>> @@ -42,3 +43,21 @@ void qmp_change_vnc_listen(const char *target, Error **err)
>>           error_set(err, QERR_VNC_SERVER_FAILED, target);
>>       }
>>   }
>> +
>> +void qmp_change(const char *device, const char *target,
>> +                bool has_arg, const char *arg, Error **err)
>> +{
>> +    if (strcmp(device, "vnc") == 0) {
>> +        if (strcmp(target, "passwd") == 0 || strcmp(target, "password") == 0) {
>> +            if (!has_arg || !arg[0]) {
>> +                vnc_display_disable_login(NULL);
>> +            } else {
>> +                qmp_change_vnc_password(arg, err);
>> +            }
>> +        } else {
>> +            qmp_change_vnc_listen(target, err);
>> +        }
>> +    } else {
>> +        deprecated_qmp_change_blockdev(device, target, has_arg, arg, err);
>> +    }
>> +}
>> diff --git a/ui/vnc.c b/ui/vnc.c
>> index fc3a612..ecb216f 100644
>> --- a/ui/vnc.c
>> +++ b/ui/vnc.c
>> @@ -2648,7 +2648,9 @@ int vnc_display_disable_login(DisplayState *ds)
>>       }
>>
>>       vs->password = NULL;
>> -    vs->auth = VNC_AUTH_VNC;
>> +    if (vs->auth == VNC_AUTH_NONE) {
>> +        vs->auth = VNC_AUTH_VNC;
>> +    }
>>
>>       return 0;
>>   }
>
> Thanks for making this change. The same also needs to be done in the
> 'vnc_display_password()' method.

Ack.

Regards,

Anthony Liguori

>
> Regards,
> Daniel