Original Xbox Emulator for Windows, macOS, and Linux (Active Development)
Go to file
aliguori 2f9606b373 Add SASL authentication support ("Daniel P. Berrange")
This patch adds the new SASL authentication protocol to the VNC server.

It is enabled by setting the 'sasl' flag when launching VNC. SASL can
optionally provide encryption via its SSF layer, if a suitable mechanism
is configured (eg, GSSAPI/Kerberos, or Digest-MD5).  If an SSF layer is
not available, then it should be combined with the x509 VNC authentication
protocol which provides encryption.

eg, if using GSSAPI

   qemu -vnc localhost:1,sasl

eg if using  TLS/x509 for encryption

   qemu -vnc localhost:1,sasl,tls,x509


By default the Cyrus SASL library will look for its configuration in
the file /etc/sasl2/qemu.conf.  For non-root users, this can be overridden
by setting the SASL_CONF_PATH environment variable, eg to make it look in
$HOME/.sasl2.  NB unprivileged users may not have access to the full range
of SASL mechanisms, since some of them require some administrative privileges
to configure. The patch includes an example SASL configuration file which
illustrates config for GSSAPI and Digest-MD5, though it should be noted that
the latter is not really considered secure any more.

Most of the SASL authentication code is located in a separate source file,
vnc-auth-sasl.c.  The main vnc.c file only contains minimal integration
glue, specifically parsing of command line flags / setup, and calls to
start the SASL auth process, to do encoding/decoding for data.

There are several possible stacks for reading & writing of data, depending
on the combo of VNC authentication methods in use

 - Clear.    read/write straight to socket
 - TLS.      read/write via GNUTLS helpers
 - SASL.     encode/decode via SASL SSF layer, then read/write to socket
 - SASL+TLS. encode/decode via SASL SSF layer, then read/write via GNUTLS

Hence, the vnc_client_read & vnc_client_write methods have been refactored
a little.

   vnc_client_read:  main entry point for reading, calls either

       - vnc_client_read_plain   reading, with no intermediate decoding
       - vnc_client_read_sasl    reading, with SASL SSF decoding

   These two methods, then call vnc_client_read_buf(). This decides
   whether to write to the socket directly or write via GNUTLS.

The situation is the same for writing data. More extensive comments
have been added in the code / patch. The vnc_client_read_sasl and
vnc_client_write_sasl method implementations live in the separate
vnc-auth-sasl.c file.

The state required for the SASL auth mechanism is kept in a separate
VncStateSASL struct, defined in vnc-auth-sasl.h and included in the
main VncState.

The configure script probes for SASL and automatically enables it
if found, unless --disable-vnc-sasl was given to override it.


 Makefile            |    7 
 Makefile.target     |    5 
 b/qemu.sasl         |   34 ++
 b/vnc-auth-sasl.c   |  626 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 b/vnc-auth-sasl.h   |   67 +++++
 configure           |   34 ++
 qemu-doc.texi       |   97 ++++++++
 vnc-auth-vencrypt.c |   12 
 vnc.c               |  249 ++++++++++++++++++--
 vnc.h               |   31 ++
 10 files changed, 1129 insertions(+), 33 deletions(-)

   Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6724 c046a42c-6fe2-441c-8c8c-71466251a162
2009-03-06 20:27:28 +00:00
audio monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
bsd-user Flush stdout after printing usage() 2009-02-28 20:14:00 +00:00
darwin-user Flush stdout after printing usage() 2009-02-28 20:14:00 +00:00
fpu soft-float: add float32_log2() and float64_log2() 2009-02-05 13:42:47 +00:00
gdb-xml The different VFP variants will never occur at the same time, and giving them 2009-03-04 12:18:15 +00:00
hw monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
keymaps Fix fr-be keymap 2009-02-09 23:19:44 +00:00
linux-user Flush stdout after printing usage() 2009-02-28 20:14:00 +00:00
pc-bios kvm/powerpc: flat device tree files for MPC8544DS 2009-03-02 16:42:49 +00:00
slirp monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
target-alpha targets: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:06:11 +00:00
target-arm Fix cpu_arm_handle_mmu_fault warning 2009-02-07 15:19:20 +00:00
target-cris CRIS: Avoid endless loops for unstested CRIS cpu-state load/save. 2009-03-03 18:07:11 +00:00
target-i386 Fix cpuid KVM crash on i386 (Lubomir Rintel) 2009-03-05 19:01:28 +00:00
target-m68k Fix ColdFire fmovem. Free the temporary we just allocated rather than some 2009-02-24 22:17:35 +00:00
target-mips targets: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:06:11 +00:00
target-ppc target-ppc: improve mfcr/mtcrf 2009-03-03 06:12:14 +00:00
target-sh4 SH4: Fixed last UTLB unused and URB/URC management 2009-03-03 09:14:01 +00:00
target-sparc Turn MMUs and caches off on reset 2009-02-21 11:13:51 +00:00
tcg TCG: remove obsolete old_op_count profiler field 2009-02-11 19:47:39 +00:00
tests Get rid of user_mode_only 2009-01-14 19:40:27 +00:00
.gitignore Extend gitignore (Jan Kiszka) 2009-01-22 17:15:25 +00:00
a.out.h Remove unnecessary trailing newlines 2008-12-13 09:32:43 +00:00
aes.c Fix miscellaneous minor things, by Andre Przywara. 2007-12-17 03:15:52 +00:00
aes.h AES crypto support 2004-08-01 21:54:53 +00:00
aio.c toplevel: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:06:18 +00:00
alpha-dis.c Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
alpha.ld alpha support 2003-04-29 20:53:42 +00:00
arm-dis.c Update ARM disassembler. 2007-11-10 17:38:00 +00:00
arm-semi.c Fix more FSF addresses 2009-01-05 18:11:53 +00:00
arm.ld Link ARM prologue closer to code segment to avoid a build failure 2008-07-10 17:21:31 +00:00
balloon.h Add missing file from previous commit. 2008-12-04 20:35:16 +00:00
block_int.h monitor: Rework early disk password inquiry (Jan Kiszka) 2009-03-05 23:01:01 +00:00
block-bochs.c block: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:05:53 +00:00
block-cloop.c block: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:05:53 +00:00
block-cow.c Split block API from vl.h. 2007-11-11 02:51:17 +00:00
block-dmg.c block: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:05:53 +00:00
block-nbd.c Remove unnecessary #includes from block-nbd.c 2008-08-19 19:10:38 +00:00
block-parallels.c block: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:05:53 +00:00
block-qcow2.c block: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:05:53 +00:00
block-qcow.c qcow1: Fix compressed images (Kevin Wolf) 2009-01-08 19:29:03 +00:00
block-raw-posix.c fix raw_aio_remove (Stefano Stabellini) 2009-02-26 16:40:19 +00:00
block-raw-win32.c Expand cache= option and use write-through caching by default 2008-10-14 14:42:54 +00:00
block-vmdk.c block: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:05:53 +00:00
block-vpc.c block: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:05:53 +00:00
block-vvfat.c block: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:05:53 +00:00
block.c monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
block.h monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
bswap.h Remove all traces of __powerpc__ 2009-01-14 18:39:49 +00:00
bt-host.c Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
bt-vhci.c Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
buffered_file.c toplevel: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:06:18 +00:00
buffered_file.h Introduce a buffered file wrapper for QEMUFile 2008-10-13 03:10:22 +00:00
cache-utils.c Properly initialize len argument of sysctl and include stdio.h (perror) 2009-02-04 20:39:09 +00:00
cache-utils.h Remove all traces of __powerpc__ 2009-01-14 18:39:49 +00:00
Changelog Add version information for 0.10.0 release. 2009-03-04 22:47:59 +00:00
cocoa.m Update cocoa.m to match new DisplayState code (Samuel Benson) 2009-03-04 19:25:22 +00:00
configure Add SASL authentication support ("Daniel P. Berrange") 2009-03-06 20:27:28 +00:00
console.c toplevel: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:06:18 +00:00
console.h monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
COPYING COPYING: update from FSF 2008-10-12 17:54:42 +00:00
COPYING.LIB Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
cpu-all.h qemu: add cpu_unregister_io_memory and make io mem table index dynamic (Marcelo Tosatti) 2009-02-11 15:20:58 +00:00
cpu-defs.h Get rid of user_mode_only 2009-01-14 19:40:27 +00:00
cpu-exec.c global s/loglevel & X/qemu_loglevel_mask(X)/ (Eduardo Habkost) 2009-01-15 22:36:53 +00:00
cris-dis.c toplevel: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:06:18 +00:00
curses_keys.h Refactor keymap code to avoid duplication ("Daniel P. Berrange") 2009-03-06 20:27:10 +00:00
curses.c Refactor keymap code to avoid duplication ("Daniel P. Berrange") 2009-03-06 20:27:10 +00:00
cutils.c Add qemu_iovec_reset() (Avi Kivity) 2009-02-05 21:23:54 +00:00
d3des.c Ansify to please sparse 2008-10-27 19:49:12 +00:00
d3des.h Actually add d3des implementation files. 2007-08-25 02:09:50 +00:00
def-helper.h Remove unnecessary trailing newlines 2008-12-13 09:32:43 +00:00
device_tree.c toplevel: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:06:18 +00:00
device_tree.h Implement device tree support needed for Bamboo emulation 2008-12-16 10:43:48 +00:00
dis-asm.h Update ppc-dis.c from binutils 2.17 2009-02-09 19:58:22 +00:00
disas.c monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
disas.h monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
dma-helpers.c Introduce block dma helpers (Avi Kivity) 2009-02-05 21:23:58 +00:00
dma.h Introduce block dma helpers (Avi Kivity) 2009-02-05 21:23:58 +00:00
dyngen-exec.h Remove unused code from dyngen-exec.h 2009-02-09 18:28:36 +00:00
elf_ops.h Use load address when loading ELF images. 2008-10-22 18:20:20 +00:00
elf.h Fix most warnings that would be caused by gcc flag -Wundef 2008-09-06 17:47:39 +00:00
exec-all.h Remove GenOpFunc typedefs 2009-02-08 17:17:52 +00:00
exec.c Fix unassigned region offsets. 2009-02-23 13:16:07 +00:00
feature_to_c.sh Fix undeclared symbol warnings from sparse 2008-10-26 13:43:07 +00:00
gdbstub.c monitor: Pass-through for gdbstub (Jan Kiszka) 2009-03-05 23:01:55 +00:00
gdbstub.h User-mode GDB stub improvements - handle signals 2008-12-18 22:44:13 +00:00
gen-icount.h Remove unnecessary trailing newlines 2008-12-13 09:32:43 +00:00
host-utils.c Code used by the linux-user targets should not use vl.h. 2007-11-05 13:01:41 +00:00
host-utils.h Include <strings.h> for ffs(). 2008-11-12 17:18:41 +00:00
hostregs_helper.h Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
hpet.h Add a local copy of hpet.h. 2007-09-16 20:03:23 +00:00
hppa-dis.c HPPA (PA-RISC) host support 2008-04-12 20:14:54 +00:00
hppa.ld HPPA (PA-RISC) host support 2008-04-12 20:14:54 +00:00
i386-dis.c Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
i386.ld Add TLS sections. 2008-05-31 16:21:33 +00:00
ia64.ld ia64 host support (David Mosberger) 2005-04-07 22:20:31 +00:00
keymaps.c Refactor keymap code to avoid duplication ("Daniel P. Berrange") 2009-03-06 20:27:10 +00:00
kqemu.c Convert references to logfile/loglevel to use qemu_log*() macros 2009-01-15 22:34:14 +00:00
kqemu.h kqemu API change - allow use of kqemu with 32 bit QEMU on a 64 bit host 2008-05-30 20:48:25 +00:00
kvm-all.c toplevel: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:06:18 +00:00
kvm.h kvm: sync vcpu state during initialization (Hollis Blanchard) 2008-12-15 22:20:42 +00:00
libfdt_env.h Implement device tree support needed for Bamboo emulation 2008-12-16 10:43:48 +00:00
LICENSE Add missing newline at the end of file 2008-12-14 08:50:18 +00:00
loader.c toplevel: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:06:18 +00:00
m68k-dis.c Spelling and grammar fixes 2008-11-30 16:25:37 +00:00
m68k-semi.c Fix more FSF addresses 2009-01-05 18:11:53 +00:00
m68k.ld m68k host port (Richard Zidlicky) 2003-08-10 22:14:22 +00:00
MAINTAINERS Update maintainers list. 2008-08-25 22:26:03 +00:00
Makefile Add SASL authentication support ("Daniel P. Berrange") 2009-03-06 20:27:28 +00:00
Makefile.target Add SASL authentication support ("Daniel P. Berrange") 2009-03-06 20:27:28 +00:00
migration-exec.c monitor: Decouple terminals (Jan Kiszka) 2009-03-05 23:01:42 +00:00
migration-tcp.c monitor: Decouple terminals (Jan Kiszka) 2009-03-05 23:01:42 +00:00
migration.c monitor: Introduce MONITOR_USE_READLINE flag (Jan Kiszka) 2009-03-05 23:01:51 +00:00
migration.h monitor: Decouple terminals (Jan Kiszka) 2009-03-05 23:01:42 +00:00
mips-dis.c Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
mips.ld Linker scripts for MIPS hosts. 2007-05-05 19:24:38 +00:00
mipsel.ld Linker scripts for MIPS hosts. 2007-05-05 19:24:38 +00:00
monitor.c monitor: Introduce MONITOR_USE_READLINE flag (Jan Kiszka) 2009-03-05 23:01:51 +00:00
monitor.h monitor: Introduce MONITOR_USE_READLINE flag (Jan Kiszka) 2009-03-05 23:01:51 +00:00
nbd.c Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
nbd.h Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
net-checksum.c Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
net.c monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
net.h monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
osdep.c Remove redundant #ifdef _BSD 2008-12-11 19:39:56 +00:00
osdep.h snapshot subcommand for qemu-img (Kevin Wolf) 2009-01-07 17:40:15 +00:00
pci-ids.txt List virtio console device in pci-ids.txt 2009-01-24 16:37:31 +00:00
posix-aio-compat.c Properly handle pthread_cond_timedwait timing out 2009-02-21 05:48:19 +00:00
posix-aio-compat.h Rename sigev_signo to avoid FreeBSD problems (Juergen Lock) 2009-01-24 11:54:21 +00:00
ppc64.ld Correct version of Heikki Lindholms ppc64.ld script 2008-08-20 22:39:24 +00:00
ppc-dis.c Update ppc-dis.c from binutils from 4th July, 2007, just before GPLv3 switch 2009-02-09 19:59:57 +00:00
ppc.ld Update ppc.ld to work with newer binutils. 2007-04-28 19:00:30 +00:00
qemu_socket.h sockets: helper functions for qemu (Gerd Hoffman) 2008-11-11 20:46:40 +00:00
qemu-aio.h Refactor AIO to allow multiple AIO implementations 2008-09-22 19:17:18 +00:00
qemu-binfmt-conf.sh Code provision for n32/n64 mips userland emulation. Not functional yet. 2007-09-30 01:58:33 +00:00
qemu-char.c monitor: Introduce MONITOR_USE_READLINE flag (Jan Kiszka) 2009-03-05 23:01:51 +00:00
qemu-char.h monitor: Improve mux'ed console experience (Jan Kiszka) 2009-03-05 23:01:47 +00:00
qemu-common.h monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
qemu-doc.texi Add SASL authentication support ("Daniel P. Berrange") 2009-03-06 20:27:28 +00:00
qemu-img.c Make qemu-img argument handling POSIX compliant 2009-02-09 18:14:31 +00:00
qemu-img.texi Synch code, help and docs 2009-01-24 18:19:25 +00:00
qemu-lock.h Remove all traces of __powerpc__ 2009-01-14 18:39:49 +00:00
qemu-log.h Define macros that will become the new logging API (Eduardo Habkost) 2009-01-15 21:52:11 +00:00
qemu-malloc.c Fix qemu_realloc() (Kevin Wolf) 2009-02-11 21:00:32 +00:00
qemu-nbd.c toplevel: remove error handling from qemu_malloc() callers (Avi Kivity) 2009-02-05 22:06:18 +00:00
qemu-nbd.texi Fix formatting of documentation (Stefan Weil) 2008-09-22 20:41:57 +00:00
qemu-sockets.c Fix some more warnings 2009-01-14 18:34:22 +00:00
qemu-tech.texi Update (thanks to Edgar, Thiemo, malc, Paul, Laurent and Andrzej) 2008-10-09 18:52:04 +00:00
qemu-timer.h Break up vl.h. 2007-11-17 17:14:51 +00:00
qemu-tool.c monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
qemu.sasl Add SASL authentication support ("Daniel P. Berrange") 2009-03-06 20:27:28 +00:00
readline.c monitor: Improve mux'ed console experience (Jan Kiszka) 2009-03-05 23:01:47 +00:00
readline.h monitor: Improve mux'ed console experience (Jan Kiszka) 2009-03-05 23:01:47 +00:00
README Add missing newline at the end of file 2008-12-14 08:50:18 +00:00
rules.mak build system: Further improve quiet mode (Jan Kiszka) 2009-01-26 17:07:46 +00:00
s390-dis.c Remove unnecessary trailing newlines 2008-12-13 09:32:43 +00:00
s390.ld Remove unnecessary trailing newlines 2008-12-13 09:32:43 +00:00
savevm.c monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
sdl_keysym.h Refactor keymap code to avoid duplication ("Daniel P. Berrange") 2009-03-06 20:27:10 +00:00
sdl.c Refactor keymap code to avoid duplication ("Daniel P. Berrange") 2009-03-06 20:27:10 +00:00
sh4-dis.c Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
softmmu_defs.h Fix some warnings that would be generated by gcc -Wredundant-decls 2008-08-30 09:51:20 +00:00
softmmu_exec.h Fix some warnings that would be generated by gcc -Wredundant-decls 2008-08-30 09:51:20 +00:00
softmmu_header.h Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
softmmu_template.h Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
softmmu-semi.h Suppress gcc 4.x -Wpointer-sign (included in -Wall) warnings 2008-09-20 08:07:15 +00:00
sparc64.ld Map code buffers below 2G on Sparc64 2008-07-26 15:05:57 +00:00
sparc-dis.c Make OpenBSD sparc-softmmu compile warning free 2009-01-14 18:08:08 +00:00
sparc.ld More detabification 2007-10-06 11:28:21 +00:00
sys-queue.h Remove CRs 2008-12-14 08:53:17 +00:00
sysemu.h monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
tap-win32.c Add a -net name=foo parameter (Mark McLoughlin) 2009-01-07 17:48:51 +00:00
texi2pod.pl Update texi2pod.pl. 2008-02-04 14:47:49 +00:00
thunk.c Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
thunk.h Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
TODO Update 2008-12-04 11:29:42 +00:00
translate-all.c global s/loglevel & X/qemu_loglevel_mask(X)/ (Eduardo Habkost) 2009-01-15 22:36:53 +00:00
uboot_image.h Update FSF address in GPL/LGPL boilerplate 2009-01-04 22:05:52 +00:00
usb-bsd.c monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
usb-linux.c monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
usb-stub.c monitor: Rework API (Jan Kiszka) 2009-03-05 23:01:23 +00:00
VERSION Add version information for 0.10.0 release. 2009-03-04 22:47:59 +00:00
vgafont.h Some little fixes on QEMU 2008-09-06 16:31:30 +00:00
vl.c monitor: Introduce MONITOR_USE_READLINE flag (Jan Kiszka) 2009-03-05 23:01:51 +00:00
vnc_keysym.h Refactor keymap code to avoid duplication ("Daniel P. Berrange") 2009-03-06 20:27:10 +00:00
vnc-auth-sasl.c Add SASL authentication support ("Daniel P. Berrange") 2009-03-06 20:27:28 +00:00
vnc-auth-sasl.h Add SASL authentication support ("Daniel P. Berrange") 2009-03-06 20:27:28 +00:00
vnc.c Add SASL authentication support ("Daniel P. Berrange") 2009-03-06 20:27:28 +00:00
vnc.h Add SASL authentication support ("Daniel P. Berrange") 2009-03-06 20:27:28 +00:00
vnchextile.h exploiting the new interface in vnc.c (Stefano Stabellini) 2009-01-15 22:17:38 +00:00
x86_64.ld update 2005-01-06 20:50:00 +00:00
x_keymap.c Fix SDL on evdev hosts (Anthony Liguori) 2009-03-03 17:37:21 +00:00
x_keymap.h Fix SDL on evdev hosts (Anthony Liguori) 2009-03-03 17:37:21 +00:00

Read the documentation in qemu-doc.html.

Fabrice Bellard.