diff options
author | Gerd Hoffmann <kraxel@redhat.com> | 2013-12-11 13:15:37 +0100 |
---|---|---|
committer | Gerd Hoffmann <kraxel@redhat.com> | 2014-06-02 16:29:01 +0200 |
commit | cf864569cd9134ee503ad9eb6be2881001c0ed80 (patch) | |
tree | ab3c48358f06c59332ede9d3d84d6c213830edb8 /ui | |
parent | 9bb931802e6ab5ab6947e3cb9cea934fc0724274 (diff) |
vnc: refuse to set a password with VNC_AUTH_NONE
Current code silently changes the authentication settings
in case you try to set a password without password authentication
turned on. This is bad. Return an error instead.
If we want allow changing auth settings at runtime this should
be done explicitly using a separate monitor command, not as
side effect of set_passwd.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Diffstat (limited to 'ui')
-rw-r--r-- | ui/vnc.c | 34 |
1 files changed, 6 insertions, 28 deletions
@@ -2976,26 +2976,6 @@ static void vnc_display_close(DisplayState *ds) #endif } -static int vnc_display_disable_login(DisplayState *ds) -{ - VncDisplay *vs = vnc_display; - - if (!vs) { - return -1; - } - - if (vs->password) { - g_free(vs->password); - } - - vs->password = NULL; - if (vs->auth == VNC_AUTH_NONE) { - vs->auth = VNC_AUTH_VNC; - } - - return 0; -} - int vnc_display_password(DisplayState *ds, const char *password) { VncDisplay *vs = vnc_display; @@ -3003,20 +2983,18 @@ int vnc_display_password(DisplayState *ds, const char *password) if (!vs) { return -EINVAL; } - - if (!password) { - /* This is not the intention of this interface but err on the side - of being safe */ - return vnc_display_disable_login(ds); + if (vs->auth == VNC_AUTH_NONE) { + error_printf_unless_qmp("If you want use passwords please enable " + "password auth using '-vnc ${dpy},password'."); + return -EINVAL; } if (vs->password) { g_free(vs->password); vs->password = NULL; } - vs->password = g_strdup(password); - if (vs->auth == VNC_AUTH_NONE) { - vs->auth = VNC_AUTH_VNC; + if (password) { + vs->password = g_strdup(password); } return 0; |