qemu: Let empty default VNC password work as documented

CVE-2016-5008 Setting an empty graphics password is documented as a way to disable VNC/SPICE access, but QEMU does not always behaves like that. VNC would happily accept the empty password. Let's enforce the behavior by setting password expiration to "now". https://bugzilla.redhat.com/show_bug.cgi?id=1180092Signed-off-by: N Jiri Denemark <jdenemar@redhat.com> (cherry picked from commit bb848fee) (cherry picked from commit d933f68e) (cherry picked from commit 139a4265)

qemu: Let empty default VNC password work as documented
CVE-2016-5008 Setting an empty graphics password is documented as a way to disable VNC/SPICE access, but QEMU does not always behaves like that. VNC would happily accept the empty password. Let's enforce the behavior by setting password expiration to "now". https://bugzilla.redhat.com/show_bug.cgi?id=1180092Signed-off-by: N Jiri Denemark <jdenemar@redhat.com> (cherry picked from commit bb848fee) (cherry picked from commit d933f68e) (cherry picked from commit 139a4265)
eea38b59 · Jiri Denemark · Daniel P. Berrange · 75028002 · eea38b59
隐藏空白更改
内联并排

Showing with 8 addition and 7 deletion

src/qemu/qemu_hotplug.c src/qemu/qemu_hotplug.c +8 -7

未找到文件。
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -2315,19 +2315,19 @@ qemuDomainChangeGraphicsPasswords(struct qemud_driver *driver,
    time_t now = time(NULL);
    char expire_time [64];
    const char *connected = NULL;
+    const char *password;
    int ret;

    if (!auth->passwd && !driver->vncPassword)
        return 0;

+    password = auth->passwd ? auth->passwd : defaultPasswd;
+
    if (auth->connected)
        connected = virDomainGraphicsAuthConnectedTypeToString(auth->connected);

    qemuDomainObjEnterMonitorWithDriver(driver, vm);
-    ret = qemuMonitorSetPassword(priv->mon,
-                                 type,
-                                 auth->passwd ? auth->passwd : defaultPasswd,
-                                 connected);
+    ret = qemuMonitorSetPassword(priv->mon, type, password, connected);

    if (ret == -2) {
        if (type != VIR_DOMAIN_GRAPHICS_TYPE_VNC) {
@@ -2335,14 +2335,15 @@ qemuDomainChangeGraphicsPasswords(struct qemud_driver *driver,
                            _("Graphics password only supported for VNC"));
            ret = -1;
        } else {
-            ret = qemuMonitorSetVNCPassword(priv->mon,
-                                            auth->passwd ? auth->passwd : defaultPasswd);
+            ret = qemuMonitorSetVNCPassword(priv->mon, password);
        }
    }
    if (ret != 0)
        goto cleanup;

-    if (auth->expires) {
+    if (password[0] == '\0') {
+        snprintf(expire_time, sizeof(expire_time), "now");
+    } else if (auth->expires) {
        time_t lifetime = auth->validTo - now;
        if (lifetime <= 0)
            snprintf(expire_time, sizeof(expire_time), "now");