Re: [Qemu-devel] PATCH 3/8: VNC password authentication

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] PATCH 3/8: VNC password authentication

From:	Daniel P. Berrange
Subject:	Re: [Qemu-devel] PATCH 3/8: VNC password authentication
Date:	Wed, 1 Aug 2007 17:26:28 +0100
User-agent:	Mutt/1.4.1i

On Tue, Jul 31, 2007 at 08:46:49PM -0500, Anthony Liguori wrote:
> Daniel P. Berrange wrote:
> >This patch introduces support for VNC protocols upto 3.8 and with
> >it, support for password based authentication. VNC's password based
> >authentication is not entirely secure, but it is a standard and the
> >RFB spec requires that all clients support it. The password can be
> >provided by using the monitor 'change vnc :1' and it will prompt for
> >a password to be entered. Passwords have upto 8 letters of context.
> >Pressing 'enter' without entering any characters disables password
> >auth in the server. NB, we need a custom copy of d3des here because
> >VNC uses a 'special' modification of the algorithm. This d3des code
> >is public domain & in all other VNC servers & clients.
> >  
> 
> I think it may be better to have a command to explicitly set the vnc 
> password.  Issuing "change vnc :1" just to change the password is a 
> little awkward IMHO.

Ok I'll add a separate command for that - any preference for naming.
I thought about 'change vncpassword', but the 'change' command requires
2 args and we'd only have 1 here.  Or if we think there may be other
devices/drivers which will have passwords in the future we could have
'change password vnc' as the command. 

> >-
> >-    vnc_write_u32(vs, 1); /* None */
> >-    vnc_flush(vs);
> >-
> >-    vnc_read_when(vs, protocol_client_init, 1);
> >+    VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, 
> >vs->minor);
> >+    if (vs->major != 3 ||
> >+    (vs->minor != 3 &&
> >+     vs->minor != 7 &&
> >+     vs->minor != 8)) {
> >+    VNC_DEBUG("Unsupported client version\n");
> >+    vnc_write_u32(vs, VNC_AUTH_INVALID);
> >+    vnc_flush(vs);
> >+    vnc_client_error(vs);
> >+    return 0;
> >+    }
> >  
> 
> A very popular VNC client uses 3.5 as the protocol version.  I believe 
> the specification requires that 3.5 be treated at 3.3 because of that.

Good point. I'll add support for that.

Regards,
Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=|

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] PATCH 3/8: VNC password authentication, Daniel P. Berrange <=
- Re: [Qemu-devel] PATCH 3/8: VNC password authentication, Anthony Liguori, 2007/08/02

Prev by Date: Re: [Qemu-devel] Patch: let qemu work with latest bochsbios
Next by Date: Re: [Qemu-devel] PATCH 4/8: VeNCrypt basic TLS support
Previous by thread: [Qemu-devel] Patch: let qemu work with latest bochsbios
Next by thread: Re: [Qemu-devel] PATCH 3/8: VNC password authentication
Index(es):
- Date
- Thread