1. 16 7月, 2009 1 次提交
  2. 10 7月, 2009 2 次提交
  3. 30 6月, 2009 2 次提交
  4. 29 6月, 2009 2 次提交
  5. 11 6月, 2009 4 次提交
  6. 06 6月, 2009 1 次提交
  7. 05 6月, 2009 1 次提交
  8. 28 5月, 2009 1 次提交
  9. 27 5月, 2009 1 次提交
  10. 08 5月, 2009 1 次提交
    • J
      Drop CONFIG_GDBSTUB · 322f9d01
      Jan Kiszka 提交于
      This is no user-flippable switch, and no arch makes use of disabling
      gdbstub support. So it's pointless to keep the related #ifdefs and
      configure hunks around - and risking breakages like 711c410fdd again.
      Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com>
      322f9d01
  11. 01 5月, 2009 1 次提交
  12. 23 4月, 2009 1 次提交
  13. 22 4月, 2009 5 次提交
  14. 19 4月, 2009 1 次提交
  15. 18 4月, 2009 1 次提交
  16. 08 4月, 2009 1 次提交
  17. 06 4月, 2009 2 次提交
  18. 29 3月, 2009 1 次提交
  19. 13 3月, 2009 1 次提交
  20. 09 3月, 2009 1 次提交
  21. 07 3月, 2009 3 次提交
    • B
      Sparse fixes: NULL use, header order, ANSI prototypes, static · 511d2b14
      blueswir1 提交于
      Fix Sparse warnings:
       * use NULL instead of plain 0
       * rearrange header include order to avoid redefining types accidentally
       * ANSIfy SLIRP
       * avoid "restrict" keyword
       * add static
      
      
      
      git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6736 c046a42c-6fe2-441c-8c8c-71466251a162
      511d2b14
    • A
      Remove tabs introduced from VNC ACL series · 28a76be8
      aliguori 提交于
      Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
      
      
      git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6727 c046a42c-6fe2-441c-8c8c-71466251a162
      28a76be8
    • A
      Support ACLs for controlling VNC access ("Daniel P. Berrange") · 76655d6d
      aliguori 提交于
      This patch introduces a generic internal API for access control lists
      to be used by network servers in QEMU. It adds support for checking
      these ACL in the VNC server, in two places. The first ACL is for the
      SASL authentication mechanism, checking the SASL username. This ACL
      is called 'vnc.username'. The second is for the TLS authentication
      mechanism, when x509 client certificates are turned on, checking against
      the Distinguished Name of the client. This ACL is called 'vnc.x509dname'
      
      The internal API provides for an ACL with the following characteristics
      
       - A unique name, eg  vnc.username, and vnc.x509dname.
       - A default policy, allow or deny
       - An ordered series of match rules, with allow or deny policy
      
      If none of the match rules apply, then the default policy is
      used.
      
      There is a monitor API to manipulate the ACLs, which I'll describe via
      examples
      
        (qemu) acl show vnc.username
        policy: allow
        (qemu) acl policy vnc.username denya
        acl: policy set to 'deny'
        (qemu) acl allow vnc.username fred
        acl: added rule at position 1
        (qemu) acl allow vnc.username bob
        acl: added rule at position 2
        (qemu) acl allow vnc.username joe 1
        acl: added rule at position 1
        (qemu) acl show vnc.username
        policy: deny
        0: allow fred
        1: allow joe
        2: allow bob
      
      
        (qemu) acl show vnc.x509dname
        policy: allow
        (qemu) acl policy vnc.x509dname deny
        acl: policy set to 'deny'
        (qemu) acl allow vnc.x509dname C=GB,O=ACME,L=London,CN=*
        acl: added rule at position 1
        (qemu) acl allow vnc.x509dname C=GB,O=ACME,L=Boston,CN=bob
        acl: added rule at position 2
        (qemu) acl show vnc.x509dname
        policy: deny
        0: allow C=GB,O=ACME,L=London,CN=*
        1: allow C=GB,O=ACME,L=Boston,CN=bob
      
      By default the VNC server will not use any ACLs, allowing access to
      the server if the user successfully authenticates. To enable use of
      ACLs to restrict user access, the ',acl' flag should be given when
      starting QEMU. The initial ACL activated will be a 'deny all' policy
      and should be customized using monitor commands.
      
      eg enable SASL auth and ACLs
      
          qemu ....  -vnc localhost:1,sasl,acl
      
      The next patch will provide a way to load a pre-defined ACL when
      starting up
      
      
       Makefile        |    6 +
       b/acl.c         |  185 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
       b/acl.h         |   74 ++++++++++++++++++++++
       configure       |   18 +++++
       monitor.c       |   95 ++++++++++++++++++++++++++++
       qemu-doc.texi   |   49 ++++++++++++++
       vnc-auth-sasl.c |   16 +++-
       vnc-auth-sasl.h |    7 ++
       vnc-tls.c       |   19 +++++
       vnc-tls.h       |    3 
       vnc.c           |   21 ++++++
       vnc.h           |    3 
       12 files changed, 491 insertions(+), 5 deletions(-)
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
      
      
      git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6726 c046a42c-6fe2-441c-8c8c-71466251a162
      76655d6d
  22. 06 3月, 2009 6 次提交