diff options
author | Gerd Hoffmann <kraxel@redhat.com> | 2010-10-07 11:50:45 +0200 |
---|---|---|
committer | Gerd Hoffmann <kraxel@redhat.com> | 2010-12-09 14:23:24 +0100 |
commit | 3c9405a0f7d76602415b3cbe8d52d7714b6ce5af (patch) | |
tree | 1be9d19af7fa9034a4159113e065c2f9bee283d4 | |
parent | 6bffdf0f83263bad1dd2187c533758d7cb6f5bcf (diff) | |
download | qemu-3c9405a0f7d76602415b3cbe8d52d7714b6ce5af.tar.gz qemu-3c9405a0f7d76602415b3cbe8d52d7714b6ce5af.tar.bz2 qemu-3c9405a0f7d76602415b3cbe8d52d7714b6ce5af.zip |
vnc: support password expire
This patch adds support for expiring passwords to vnc. It adds a new
vnc_display_pw_expire() function which specifies the time when the
password will expire.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
-rw-r--r-- | console.h | 1 | ||||
-rw-r--r-- | qemu-common.h | 3 | ||||
-rw-r--r-- | ui/vnc.c | 14 | ||||
-rw-r--r-- | ui/vnc.h | 1 |
4 files changed, 19 insertions, 0 deletions
@@ -369,6 +369,7 @@ void vnc_display_init(DisplayState *ds); void vnc_display_close(DisplayState *ds); int vnc_display_open(DisplayState *ds, const char *display); int vnc_display_password(DisplayState *ds, const char *password); +int vnc_display_pw_expire(DisplayState *ds, time_t expires); void do_info_vnc_print(Monitor *mon, const QObject *data); void do_info_vnc(Monitor *mon, QObject **ret_data); char *vnc_display_local_addr(DisplayState *ds); diff --git a/qemu-common.h b/qemu-common.h index de82c2ea13..188b05f98c 100644 --- a/qemu-common.h +++ b/qemu-common.h @@ -50,6 +50,9 @@ typedef struct DeviceState DeviceState; #if !defined(ENOTSUP) #define ENOTSUP 4096 #endif +#ifndef TIME_MAX +#define TIME_MAX LONG_MAX +#endif #ifndef CONFIG_IOVEC #define CONFIG_IOVEC @@ -2082,11 +2082,16 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) unsigned char response[VNC_AUTH_CHALLENGE_SIZE]; int i, j, pwlen; unsigned char key[8]; + time_t now = time(NULL); if (!vs->vd->password || !vs->vd->password[0]) { VNC_DEBUG("No password configured on server"); goto reject; } + if (vs->vd->expires < now) { + VNC_DEBUG("Password is expired"); + goto reject; + } memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE); @@ -2432,6 +2437,7 @@ void vnc_display_init(DisplayState *ds) vs->ds = ds; QTAILQ_INIT(&vs->clients); + vs->expires = TIME_MAX; if (keyboard_layout) vs->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout); @@ -2503,6 +2509,14 @@ int vnc_display_password(DisplayState *ds, const char *password) return 0; } +int vnc_display_pw_expire(DisplayState *ds, time_t expires) +{ + VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display; + + vs->expires = expires; + return 0; +} + char *vnc_display_local_addr(DisplayState *ds) { VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display; @@ -120,6 +120,7 @@ struct VncDisplay char *display; char *password; + time_t expires; int auth; bool lossy; #ifdef CONFIG_VNC_TLS |