Re: [Qemu-devel] [PATCH 12/15] qapi: add change-vnc-listen (v2)

Mon, 12 Sep 2011 02:17:43 -0700 

On Fri, Sep 02, 2011 at 05:50:05PM -0300, Luiz Capitulino wrote:
> On Fri,  2 Sep 2011 12:34:55 -0500
> Anthony Liguori <aligu...@us.ibm.com> wrote:
> 
> > New QMP only command to change the VNC server's listening address.
> > 
> > Signed-off-by: Anthony Liguori <aligu...@us.ibm.com>
> > ---
> > v1 -> v2
> >  - Enhanced docs (Luiz)
> > ---
> >  qapi-schema.json |   15 +++++++++++++++
> >  qmp-commands.hx  |    8 ++++++++
> >  qmp.c            |    7 +++++++
> >  3 files changed, 30 insertions(+), 0 deletions(-)
> > 
> > diff --git a/qapi-schema.json b/qapi-schema.json
> > index 350cf1c..0c6c9b8 100644
> > --- a/qapi-schema.json
> > +++ b/qapi-schema.json
> > @@ -109,3 +109,18 @@
> >  #         string.  Existing clients are unaffected by executing this 
> > command.
> >  ##
> >  { 'command': 'change-vnc-password', 'data': {'password': 'str'} }
> > +
> > +##
> > +# @change-vnc-listen:
> > +#
> > +# Change the host that the VNC server listens on.
> > +#
> > +# @target:  the new server specification to listen on
> > +#
> > +# Since: 1.0
> > +#
> > +# Notes:  At this moment in time, the behavior of existing client 
> > connections
> > +#         when this command is executed is undefined.  The authentication
> > +#         settings may change after executing this command.
> 
> It seems to completely disable authentication. At least when using
> password auth. I'd be very clear about that.

That is really bad, since even if we have another command to set the
authentication mode, this creates a designed-in race condition. To be
securely race-free, we need to be able to set the desired auth mode
first, and then change the listen address without it affecting auth.

    change-vnc-auth   tls
    change-vnc-listen 123.2.3.5:5901

If we really want vnc-listen to have possible side-effects on auth,
then we need to be able to put the VNC server in an offline mode
while making a sequence of configuration changes eg, something like

    change-vnc-status offline
    change-vnc-listen 123.2.3.5:5901
    change-vnc-auth   tls
    change-vnc-status online

No incoming client connections would be allowed while it is offline

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

Reply via email to