From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ian Jackson Subject: [PATCH 2/6] libxl: SECURITY: always honour request for vnc password Date: Tue, 1 Feb 2011 18:24:58 +0000 Message-ID: <1296584702-20138-3-git-send-email-ian.jackson@eu.citrix.com> References: <1296584702-20138-1-git-send-email-ian.jackson@eu.citrix.com> <1296584702-20138-2-git-send-email-ian.jackson@eu.citrix.com> Mime-Version: 1.0 Content-Type: text/plain Return-path: In-Reply-To: <1296584702-20138-2-git-send-email-ian.jackson@eu.citrix.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: xen-devel@lists.xensource.com Cc: Ian Jackson , Ian Jackson List-Id: xen-devel@lists.xenproject.org qemu only sets a password on its vnc display if the value for the -vnc option has the ",password" modifier. The code for constructing qemu-dm options was broken and only added this modifier for one of the cases. Unfortunately there does not appear to be any code for passing the vnc password to upstream qemu (ie, in the case where libxl_build_device_model_args_new is called). To avoid accidentally running the domain without a password, check for this situation and fail an assertion. This will have to be revisited after 4.1. Signed-off-by: Ian Jackson --- tools/libxl/libxl_dm.c | 25 ++++++++++++++++--------- 1 files changed, 16 insertions(+), 9 deletions(-) diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c index 3bef49a..7518118 100644 --- a/tools/libxl/libxl_dm.c +++ b/tools/libxl/libxl_dm.c @@ -23,6 +23,7 @@ #include #include #include +#include #include "libxl_utils.h" #include "libxl_internal.h" #include "libxl.h" @@ -55,26 +56,29 @@ static char ** libxl_build_device_model_args_old(libxl__gc *gc, flexarray_vappend(dm_args, "-domain-name", info->dom_name, NULL); if (info->vnc || info->vncdisplay || info->vnclisten || info->vncunused) { - flexarray_append(dm_args, "-vnc"); + char *vncarg; if (info->vncdisplay) { if (info->vnclisten && strchr(info->vnclisten, ':') == NULL) { - flexarray_append(dm_args, - libxl__sprintf(gc, "%s:%d%s", + vncarg = libxl__sprintf(gc, "%s:%d", info->vnclisten, - info->vncdisplay, - info->vncpasswd ? ",password" : "")); + info->vncdisplay); } else { - flexarray_append(dm_args, libxl__sprintf(gc, "127.0.0.1:%d", info->vncdisplay)); + vncarg = libxl__sprintf(gc, "127.0.0.1:%d", info->vncdisplay); } } else if (info->vnclisten) { if (strchr(info->vnclisten, ':') != NULL) { - flexarray_append(dm_args, info->vnclisten); + vncarg = info->vnclisten; } else { - flexarray_append(dm_args, libxl__sprintf(gc, "%s:0", info->vnclisten)); + vncarg = libxl__sprintf(gc, "%s:0", info->vnclisten); } } else { - flexarray_append(dm_args, "127.0.0.1:0"); + vncarg = "127.0.0.1:0"; } + if (info->vncpasswd) + vncarg = libxl__sprintf(gc, "%s,password", vncarg); + flexarray_append(dm_args, "-vnc"); + flexarray_append(dm_args, vncarg); + if (info->vncunused) { flexarray_append(dm_args, "-vncunused"); } @@ -190,6 +194,9 @@ static char ** libxl_build_device_model_args_new(libxl__gc *gc, int display = 0; const char *listen = "127.0.0.1"; + if (info->vncpasswd && info->vncpasswd[0]) { + assert(!"missing code for supplying vnc password to qemu"); + } flexarray_append(dm_args, "-vnc"); if (info->vncdisplay) { -- 1.5.6.5