From cf864569cd9134ee503ad9eb6be2881001c0ed80 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Wed, 11 Dec 2013 13:15:37 +0100 Subject: [PATCH] vnc: refuse to set a password with VNC_AUTH_NONE Current code silently changes the authentication settings in case you try to set a password without password authentication turned on. This is bad. Return an error instead. If we want allow changing auth settings at runtime this should be done explicitly using a separate monitor command, not as side effect of set_passwd. Signed-off-by: Gerd Hoffmann --- ui/vnc.c | 34 ++++++---------------------------- 1 file changed, 6 insertions(+), 28 deletions(-) diff --git a/ui/vnc.c b/ui/vnc.c index 2d7def9aa2..64aa2fa82c 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -2976,26 +2976,6 @@ static void vnc_display_close(DisplayState *ds) #endif } -static int vnc_display_disable_login(DisplayState *ds) -{ - VncDisplay *vs = vnc_display; - - if (!vs) { - return -1; - } - - if (vs->password) { - g_free(vs->password); - } - - vs->password = NULL; - if (vs->auth == VNC_AUTH_NONE) { - vs->auth = VNC_AUTH_VNC; - } - - return 0; -} - int vnc_display_password(DisplayState *ds, const char *password) { VncDisplay *vs = vnc_display; @@ -3003,20 +2983,18 @@ int vnc_display_password(DisplayState *ds, const char *password) if (!vs) { return -EINVAL; } - - if (!password) { - /* This is not the intention of this interface but err on the side - of being safe */ - return vnc_display_disable_login(ds); + if (vs->auth == VNC_AUTH_NONE) { + error_printf_unless_qmp("If you want use passwords please enable " + "password auth using '-vnc ${dpy},password'."); + return -EINVAL; } if (vs->password) { g_free(vs->password); vs->password = NULL; } - vs->password = g_strdup(password); - if (vs->auth == VNC_AUTH_NONE) { - vs->auth = VNC_AUTH_VNC; + if (password) { + vs->password = g_strdup(password); } return 0;