[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] VNC password auth for paravirt framebuffer



Attached to this mail is an update of my original patches to add VNC pasword
authentication support for the paravirt framebuffer server. These bring the
PVFB VNC server to (near?) feature parity with the HVM VNC server. The rules
for configuring the password are equivalent of those used for HVM, but the
actual guest config option is a little different as a result of the recent
refactoring of the PVFB config file syntax.

 - If the 'vfb' option in the guest config has a 'vncpasswd' parameter
   specified
      - If the passwd is not zero length, use that
      - Else run with no authentication (important as it enables override
        of next rule) 
 - Else-if the xend-config.sxp has a password specified use that
 - Else run with no authentication

Example configuration:

 - To set an explicit guest password:

    vfb = [ "type=vnc,vncunused=1,vnclisten=0.0.0.0,vncpasswd=123456"]
 
 - To disable authentication, overriding any XenD configured
   defalt password

    vfb = [ "type=vnc,vncunused=1,vnclisten=0.0.0.0,vncpasswd="]

 - To run with default XenD configured password (if any)

    vfb = [ "type=vnc,vncunused=1,vnclisten=0.0.0.0"]

The changes basically affect 3 areas:

 - tools/xenfb/vncfb.c  - read the password from XenStore & configure
    LibVNCServer's authentication routines.
 - tools/python/xen/xm/create.py - add vncpasswd parameter as a valid option
 - tools/python/xen/xend/server/vfbif.py - read password from config file
   and write it into xenstore to access by xen-vncfb server

A functionally equivalent version of this patch is already in use in Fedora
Core 5, 6 and RHEL-5  betas, so has seen some real world testing already.

   Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>

Regards,
Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 

Attachment: xen-3.0.4-vncpassword-pvfb-4.patch
Description: Text document

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.