Skip to content

L
libvirt

openeuler / libvirt

通知 3
Star 0
Fork 0
L
libvirt
提交 bb848fee 编写于 作者: J Jiri Denemark
42 浏览文件
操作

qemu: Let empty default VNC password work as documented 

CVE-2016-5008

Setting an empty graphics password is documented as a way to disable
VNC/SPICE access, but QEMU does not always behaves like that. VNC would
happily accept the empty password. Let's enforce the behavior by setting
password expiration to "now".

https://bugzilla.redhat.com/show_bug.cgi?id=1180092Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
上级 7371ca5c
隐藏空白更改
内联 并排
Showing with 7 addition and 7 deletion
src/qemu/qemu_hotplug.c
浏览文件 @ bb848fee
...@@ -3933,6 +3933,7 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver, ...@@ -3933,6 +3933,7 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
time_t now = time(NULL); time_t now = time(NULL);
char expire_time [64]; char expire_time [64];
const char *connected = NULL; const char *connected = NULL;
const char *password;
int ret = -1; int ret = -1;
virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver); virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
...@@ -3940,16 +3941,14 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver, ...@@ -3940,16 +3941,14 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
ret = 0; ret = 0;
goto cleanup; goto cleanup;
} }
password = auth->passwd ? auth->passwd : defaultPasswd;
if (auth->connected) if (auth->connected)
connected = virDomainGraphicsAuthConnectedTypeToString(auth->connected); connected = virDomainGraphicsAuthConnectedTypeToString(auth->connected);
if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0) if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
goto cleanup; goto cleanup;
ret = qemuMonitorSetPassword(priv->mon, ret = qemuMonitorSetPassword(priv->mon, type, password, connected);
type,
auth->passwd ? auth->passwd : defaultPasswd,
connected);
if (ret == -2) { if (ret == -2) {
if (type != VIR_DOMAIN_GRAPHICS_TYPE_VNC) { if (type != VIR_DOMAIN_GRAPHICS_TYPE_VNC) {
...@@ -3957,14 +3956,15 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver, ...@@ -3957,14 +3956,15 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
_("Graphics password only supported for VNC")); _("Graphics password only supported for VNC"));
ret = -1; ret = -1;
} else { } else {
ret = qemuMonitorSetVNCPassword(priv->mon, ret = qemuMonitorSetVNCPassword(priv->mon, password);
auth->passwd ? auth->passwd : defaultPasswd);
} }
} }
if (ret != 0) if (ret != 0)
goto end_job; goto end_job;
if (auth->expires) { if (password[0] == '\0') {
snprintf(expire_time, sizeof(expire_time), "now");
} else if (auth->expires) {
time_t lifetime = auth->validTo - now; time_t lifetime = auth->validTo - now;
if (lifetime <= 0) if (lifetime <= 0)
snprintf(expire_time, sizeof(expire_time), "now"); snprintf(expire_time, sizeof(expire_time), "now");
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册