aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xconfigure2
-rw-r--r--hw/qxl.c4
-rw-r--r--qemu-config.c12
-rw-r--r--qemu-options.hx16
-rw-r--r--spice-qemu-char.c11
-rw-r--r--ui/spice-core.c26
-rw-r--r--vl.c1
7 files changed, 53 insertions, 19 deletions
diff --git a/configure b/configure
index bdacb49226..bade3e3f2a 100755
--- a/configure
+++ b/configure
@@ -2414,7 +2414,7 @@ int main(void) { spice_server_new(); return 0; }
EOF
spice_cflags=$($pkg_config --cflags spice-protocol spice-server 2>/dev/null)
spice_libs=$($pkg_config --libs spice-protocol spice-server 2>/dev/null)
- if $pkg_config --atleast-version=0.5.3 spice-server >/dev/null 2>&1 && \
+ if $pkg_config --atleast-version=0.6.0 spice-server >/dev/null 2>&1 && \
compile_prog "$spice_cflags" "$spice_libs" ; then
spice="yes"
libs_softmmu="$libs_softmmu $spice_libs"
diff --git a/hw/qxl.c b/hw/qxl.c
index 2bb36c660f..1906e84fab 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -357,7 +357,9 @@ static int interface_get_command(QXLInstance *sin, struct QXLCommandExt *ext)
ret = true;
}
qemu_mutex_unlock(&qxl->ssd.lock);
- qxl_log_command(qxl, "vga", ext);
+ if (ret) {
+ qxl_log_command(qxl, "vga", ext);
+ }
return ret;
case QXL_MODE_COMPAT:
case QXL_MODE_NATIVE:
diff --git a/qemu-config.c b/qemu-config.c
index 5d7ffa2f23..c63741c6b1 100644
--- a/qemu-config.c
+++ b/qemu-config.c
@@ -306,7 +306,7 @@ static QemuOptsList qemu_trace_opts = {
.name = "file",
.type = QEMU_OPT_STRING,
},
- { /* end if list */ }
+ { /* end of list */ }
},
};
#endif
@@ -385,6 +385,12 @@ QemuOptsList qemu_spice_opts = {
.name = "disable-ticketing",
.type = QEMU_OPT_BOOL,
},{
+ .name = "disable-copy-paste",
+ .type = QEMU_OPT_BOOL,
+ },{
+ .name = "sasl",
+ .type = QEMU_OPT_BOOL,
+ },{
.name = "x509-dir",
.type = QEMU_OPT_STRING,
},{
@@ -430,7 +436,7 @@ QemuOptsList qemu_spice_opts = {
.name = "playback-compression",
.type = QEMU_OPT_BOOL,
},
- { /* end if list */ }
+ { /* end of list */ }
},
};
@@ -446,7 +452,7 @@ QemuOptsList qemu_option_rom_opts = {
.name = "romfile",
.type = QEMU_OPT_STRING,
},
- { /* end if list */ }
+ { /* end of list */ }
},
};
diff --git a/qemu-options.hx b/qemu-options.hx
index 82e085a229..d9edff7d35 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -714,9 +714,25 @@ Force using the specified IP version.
@item password=<secret>
Set the password you need to authenticate.
+@item sasl
+Require that the client use SASL to authenticate with the spice.
+The exact choice of authentication method used is controlled from the
+system / user's SASL configuration file for the 'qemu' service. This
+is typically found in /etc/sasl2/qemu.conf. If running QEMU as an
+unprivileged user, an environment variable SASL_CONF_PATH can be used
+to make it search alternate locations for the service config.
+While some SASL auth methods can also provide data encryption (eg GSSAPI),
+it is recommended that SASL always be combined with the 'tls' and
+'x509' settings to enable use of SSL and server certificates. This
+ensures a data encryption preventing compromise of authentication
+credentials.
+
@item disable-ticketing
Allow client connects without authentication.
+@item disable-copy-paste
+Disable copy paste between the client and the guest.
+
@item tls-port=<nr>
Set the TCP port spice is listening on for encrypted channels.
diff --git a/spice-qemu-char.c b/spice-qemu-char.c
index fa15a71e14..605c241239 100644
--- a/spice-qemu-char.c
+++ b/spice-qemu-char.c
@@ -36,14 +36,13 @@ static int vmc_write(SpiceCharDeviceInstance *sin, const uint8_t *buf, int len)
while (len > 0) {
last_out = MIN(len, VMC_MAX_HOST_WRITE);
- qemu_chr_read(scd->chr, p, last_out);
- if (last_out > 0) {
- out += last_out;
- len -= last_out;
- p += last_out;
- } else {
+ if (qemu_chr_can_read(scd->chr) < last_out) {
break;
}
+ qemu_chr_read(scd->chr, p, last_out);
+ out += last_out;
+ len -= last_out;
+ p += last_out;
}
dprintf(scd, 3, "%s: %lu/%zd\n", __func__, out, len + out);
diff --git a/ui/spice-core.c b/ui/spice-core.c
index ef56ed61a9..dd9905be36 100644
--- a/ui/spice-core.c
+++ b/ui/spice-core.c
@@ -299,8 +299,6 @@ static int parse_name(const char *string, const char *optname,
exit(1);
}
-#if SPICE_SERVER_VERSION >= 0x000600 /* 0.6.0 */
-
static const char *stream_video_names[] = {
[ SPICE_STREAM_VIDEO_OFF ] = "off",
[ SPICE_STREAM_VIDEO_ALL ] = "all",
@@ -309,8 +307,6 @@ static const char *stream_video_names[] = {
#define parse_stream_video(_name) \
name2enum(_name, stream_video_names, ARRAY_SIZE(stream_video_names))
-#endif /* >= 0.6.0 */
-
static const char *compression_names[] = {
[ SPICE_IMAGE_COMPRESS_OFF ] = "off",
[ SPICE_IMAGE_COMPRESS_AUTO_GLZ ] = "auto_glz",
@@ -549,11 +545,29 @@ void qemu_spice_init(void)
if (password) {
spice_server_set_ticket(spice_server, password, 0, 0, 0);
}
+ if (qemu_opt_get_bool(opts, "sasl", 0)) {
+#if SPICE_SERVER_VERSION >= 0x000900 /* 0.9.0 */
+ if (spice_server_set_sasl_appname(spice_server, "qemu") == -1 ||
+ spice_server_set_sasl(spice_server, 1) == -1) {
+ fprintf(stderr, "spice: failed to enable sasl\n");
+ exit(1);
+ }
+#else
+ fprintf(stderr, "spice: sasl is not available (spice >= 0.9 required)\n");
+ exit(1);
+#endif
+ }
if (qemu_opt_get_bool(opts, "disable-ticketing", 0)) {
auth = "none";
spice_server_set_noauth(spice_server);
}
+#if SPICE_SERVER_VERSION >= 0x000801
+ if (qemu_opt_get_bool(opts, "disable-copy-paste", 0)) {
+ spice_server_set_agent_copypaste(spice_server, false);
+ }
+#endif
+
compression = SPICE_IMAGE_COMPRESS_AUTO_GLZ;
str = qemu_opt_get(opts, "image-compression");
if (str) {
@@ -575,8 +589,6 @@ void qemu_spice_init(void)
}
spice_server_set_zlib_glz_compression(spice_server, wan_compr);
-#if SPICE_SERVER_VERSION >= 0x000600 /* 0.6.0 */
-
str = qemu_opt_get(opts, "streaming-video");
if (str) {
int streaming_video = parse_stream_video(str);
@@ -588,8 +600,6 @@ void qemu_spice_init(void)
spice_server_set_playback_compression
(spice_server, qemu_opt_get_bool(opts, "playback-compression", 1));
-#endif /* >= 0.6.0 */
-
qemu_opt_foreach(opts, add_channel, NULL, 0);
spice_server_init(spice_server, &core_interface);
diff --git a/vl.c b/vl.c
index 04b4a20ecc..d7f905df3a 100644
--- a/vl.c
+++ b/vl.c
@@ -290,6 +290,7 @@ static struct {
{ .driver = "cirrus-vga", .flag = &default_vga },
{ .driver = "vmware-svga", .flag = &default_vga },
{ .driver = "isa-vga", .flag = &default_vga },
+ { .driver = "qxl-vga", .flag = &default_vga },
};
static int default_driver_check(QemuOpts *opts, void *opaque)