summaryrefslogtreecommitdiff
path: root/ui/vnc-auth-sasl.c
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2011-06-23 13:31:41 +0100
committerAnthony Liguori <aliguori@us.ibm.com>2011-07-23 11:19:02 -0500
commit7e7e2ebc942da8285931ceabf12823e165dced8b (patch)
treed7d939f0efe179dfd01efc5915479623d95f8d9b /ui/vnc-auth-sasl.c
parente69ae5c49af45a67ebdf6a7cf465eb91b5c8ee11 (diff)
downloadqemu-7e7e2ebc942da8285931ceabf12823e165dced8b.tar.gz
qemu-7e7e2ebc942da8285931ceabf12823e165dced8b.tar.bz2
qemu-7e7e2ebc942da8285931ceabf12823e165dced8b.zip
Store VNC auth scheme per-client as well as per-server
A future patch will introduce a situation where different clients may have different authentication schemes set. When a new client arrives, copy the 'auth' and 'subauth' fields from VncDisplay into the client's VncState, and use the latter in all authentication functions. * ui/vnc.h: Add 'auth' and 'subauth' to VncState * ui/vnc-auth-sasl.c, ui/vnc-auth-vencrypt.c, ui/vnc.c: Make auth functions pull auth scheme from VncState instead of VncDisplay Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Diffstat (limited to 'ui/vnc-auth-sasl.c')
-rw-r--r--ui/vnc-auth-sasl.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c
index 17a621a2ba..8aac5ec004 100644
--- a/ui/vnc-auth-sasl.c
+++ b/ui/vnc-auth-sasl.c
@@ -538,8 +538,8 @@ void start_auth_sasl(VncState *vs)
#ifdef CONFIG_VNC_TLS
/* Inform SASL that we've got an external SSF layer from TLS/x509 */
- if (vs->vd->auth == VNC_AUTH_VENCRYPT &&
- vs->vd->subauth == VNC_AUTH_VENCRYPT_X509SASL) {
+ if (vs->auth == VNC_AUTH_VENCRYPT &&
+ vs->subauth == VNC_AUTH_VENCRYPT_X509SASL) {
gnutls_cipher_algorithm_t cipher;
sasl_ssf_t ssf;
@@ -570,8 +570,8 @@ void start_auth_sasl(VncState *vs)
#ifdef CONFIG_VNC_TLS
/* Disable SSF, if using TLS+x509+SASL only. TLS without x509
is not sufficiently strong */
- || (vs->vd->auth == VNC_AUTH_VENCRYPT &&
- vs->vd->subauth == VNC_AUTH_VENCRYPT_X509SASL)
+ || (vs->auth == VNC_AUTH_VENCRYPT &&
+ vs->subauth == VNC_AUTH_VENCRYPT_X509SASL)
#endif /* CONFIG_VNC_TLS */
) {
/* If we've got TLS or UNIX domain sock, we don't care about SSF */