From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:50465) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SPLxi-00070G-Jw for qemu-devel@nongnu.org; Tue, 01 May 2012 18:54:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1SPLxg-0005qS-Fr for qemu-devel@nongnu.org; Tue, 01 May 2012 18:54:26 -0400 Received: from cantor2.suse.de ([195.135.220.15]:43794 helo=mx2.suse.de) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SPLxg-0005nl-6T for qemu-devel@nongnu.org; Tue, 01 May 2012 18:54:24 -0400 Message-ID: <4FA0699D.6090302@suse.de> Date: Wed, 02 May 2012 00:54:21 +0200 From: =?UTF-8?B?QW5kcmVhcyBGw6RyYmVy?= MIME-Version: 1.0 References: <20120501212040.27850.27184.stgit@sifl> In-Reply-To: <20120501212040.27850.27184.stgit@sifl> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] [PATCH] vnc: disable VNC password authentication (security type 2) when in FIPS mode List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Paul Moore Cc: Stefan Weil , qemu-devel@nongnu.org Am 01.05.2012 23:20, schrieb Paul Moore: > FIPS 140-2 requires disabling certain ciphers, including DES, which is = used > by VNC to obscure passwords when they are sent over the network. The > solution for FIPS users is to disable the use of VNC password auth when= the > host system is operating in FIPS mode. >=20 > This patch causes qemu to emits a syslog entry indicating that VNC pass= word "to emit" > auth is disabled when it detects the host is running in FIPS mode, and > unless a VNC password was specified on the command line it continues > normally. However, if a VNC password was given on the command line, qe= mu > fails with an error message to stderr explaining that that VNC password "explaining that VNC" > auth is not allowed in FIPS mode. >=20 > Signed-off-by: Paul Moore Interesting feature. :) > diff --git a/ui/vnc.c b/ui/vnc.c > index deb9ecd..620791e 100644 > --- a/ui/vnc.c > +++ b/ui/vnc.c > @@ -32,6 +32,7 @@ > #include "acl.h" > #include "qemu-objects.h" > #include "qmp-commands.h" > +#include syslog.h is POSIX, but it'll need a guard for mingw32. > @@ -48,6 +49,24 @@ static DisplayChangeListener *dcl; > static int vnc_cursor_define(VncState *vs); > static void vnc_release_modifiers(VncState *vs); > =20 > +static int fips_enabled(void) > +{ > + int enabled =3D 0; > + char value; > + FILE *fds; > + > + fds =3D fopen("/proc/sys/crypto/fips_enabled", "r"); How standardized is this? Should we limit this to __linux__ or something? > + if (fds =3D=3D NULL) { > + return 0; > + } > + if (fread(&value, sizeof(value), 1, fds) =3D=3D 1 && value =3D=3D = '1') { > + enabled =3D 1; > + } > + fclose(fds); > + > + return enabled; > +} bool would seem nicer as return type and field type below. Andreas > + > static void vnc_set_share_mode(VncState *vs, VncShareMode mode) > { > #ifdef _VNC_DEBUG > diff --git a/ui/vnc.h b/ui/vnc.h > index a851ebd..8746a98 100644 > --- a/ui/vnc.h > +++ b/ui/vnc.h > @@ -160,6 +160,7 @@ struct VncDisplay > char *display; > char *password; > time_t expires; > + int fips; > int auth; > bool lossy; > bool non_adaptive; --=20 SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 N=C3=BCrnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imend=C3=B6rffer; HRB 16746 AG N=C3=BC= rnberg