diff options
| author | Aurelien Jarno | 2010-12-27 22:59:48 +0100 |
|---|---|---|
| committer | Aurelien Jarno | 2010-12-27 22:59:48 +0100 |
| commit | 818c2e1b9777599d333855330d94050b3432c8b7 (patch) | |
| tree | df85b289b7c0f797fbf5bf8ca5bca4422b387aa7 /ui/vnc.c | |
| parent | x86: Filter out garbage from segment flags dump (diff) | |
| parent | vnc/spice: add set_passwd monitor command. (diff) | |
| download | qemu-818c2e1b9777599d333855330d94050b3432c8b7.tar.gz qemu-818c2e1b9777599d333855330d94050b3432c8b7.tar.xz qemu-818c2e1b9777599d333855330d94050b3432c8b7.zip | |
Merge branch 'spice.v23.pull' of git://anongit.freedesktop.org/spice/qemu
* 'spice.v23.pull' of git://anongit.freedesktop.org/spice/qemu:
vnc/spice: add set_passwd monitor command.
vnc: support password expire
vnc: auth reject cleanup
spice: add qmp 'query-spice' and hmp 'info spice' commands.
spice: connection events.
spice: add qxl device
spice: add qxl vgabios binary.
Diffstat (limited to 'ui/vnc.c')
| -rw-r--r-- | ui/vnc.c | 44 |
1 files changed, 27 insertions, 17 deletions
@@ -2082,18 +2082,15 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) unsigned char response[VNC_AUTH_CHALLENGE_SIZE]; int i, j, pwlen; unsigned char key[8]; + time_t now = time(NULL); if (!vs->vd->password || !vs->vd->password[0]) { VNC_DEBUG("No password configured on server"); - vnc_write_u32(vs, 1); /* Reject auth */ - if (vs->minor >= 8) { - static const char err[] = "Authentication failed"; - vnc_write_u32(vs, sizeof(err)); - vnc_write(vs, err, sizeof(err)); - } - vnc_flush(vs); - vnc_client_error(vs); - return 0; + goto reject; + } + if (vs->vd->expires < now) { + VNC_DEBUG("Password is expired"); + goto reject; } memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE); @@ -2109,14 +2106,7 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) /* Compare expected vs actual challenge response */ if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) { VNC_DEBUG("Client challenge reponse did not match\n"); - vnc_write_u32(vs, 1); /* Reject auth */ - if (vs->minor >= 8) { - static const char err[] = "Authentication failed"; - vnc_write_u32(vs, sizeof(err)); - vnc_write(vs, err, sizeof(err)); - } - vnc_flush(vs); - vnc_client_error(vs); + goto reject; } else { VNC_DEBUG("Accepting VNC challenge response\n"); vnc_write_u32(vs, 0); /* Accept auth */ @@ -2125,6 +2115,17 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) start_client_init(vs); } return 0; + +reject: + vnc_write_u32(vs, 1); /* Reject auth */ + if (vs->minor >= 8) { + static const char err[] = "Authentication failed"; + vnc_write_u32(vs, sizeof(err)); + vnc_write(vs, err, sizeof(err)); + } + vnc_flush(vs); + vnc_client_error(vs); + return 0; } void start_auth_vnc(VncState *vs) @@ -2436,6 +2437,7 @@ void vnc_display_init(DisplayState *ds) vs->ds = ds; QTAILQ_INIT(&vs->clients); + vs->expires = TIME_MAX; if (keyboard_layout) vs->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout); @@ -2507,6 +2509,14 @@ int vnc_display_password(DisplayState *ds, const char *password) return 0; } +int vnc_display_pw_expire(DisplayState *ds, time_t expires) +{ + VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display; + + vs->expires = expires; + return 0; +} + char *vnc_display_local_addr(DisplayState *ds) { VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display; |