From nobody Sun Apr 28 15:26:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1522769117659901.2794899920157; Tue, 3 Apr 2018 08:25:17 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6F5098047C; Tue, 3 Apr 2018 15:25:15 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D3BD47E4CC; Tue, 3 Apr 2018 15:25:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 766D54CA99; Tue, 3 Apr 2018 15:25:14 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w33FOEpO001654 for ; Tue, 3 Apr 2018 11:24:14 -0400 Received: by smtp.corp.redhat.com (Postfix) id 4721DD7E18; Tue, 3 Apr 2018 15:24:14 +0000 (UTC) Received: from dnr.brq.redhat.com (unknown [10.43.2.15]) by smtp.corp.redhat.com (Postfix) with ESMTP id C22C0D7DF6; Tue, 3 Apr 2018 15:24:11 +0000 (UTC) From: =?UTF-8?q?J=C3=A1n=20Tomko?= To: libvir-list@redhat.com Date: Tue, 3 Apr 2018 17:23:50 +0200 Message-Id: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: cfergeau@redhat.com Subject: [libvirt] [libvirt PATCH] qemu: Add support for specifying SPICE TLS ciphers X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 03 Apr 2018 15:25:16 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 From: Christophe Fergeau This commit adds a 'spice_tls_ciphers' parameter in qemu.conf which allows to configure which TLS ciphers SPICE will be using for its TLS connections. https://bugzilla.redhat.com/show_bug.cgi?id=3D1562032 Signed-off-by: Christophe Fergeau Signed-off-by: J=C3=A1n Tomko --- This is mostly useful as a workaround for missing crypto policies, so I'm not sure if it's upstream material. Changes from the patch attached to the BZ: ciphers(2) -> ciphers(1) Added augeas changes and tests escape the string before passing it to QEMU src/qemu/libvirtd_qemu.aug | 1 + src/qemu/qemu.conf | 5 ++++ src/qemu/qemu_command.c | 8 +++++- src/qemu/qemu_conf.c | 3 +++ src/qemu/qemu_conf.h | 1 + src/qemu/test_libvirtd_qemu.aug.in | 1 + .../graphics-spice-sasl-ciphers.args | 29 ++++++++++++++++++= ++++ .../graphics-spice-sasl-ciphers.xml | 1 + tests/qemuxml2argvtest.c | 5 ++++ 9 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 tests/qemuxml2argvdata/graphics-spice-sasl-ciphers.args create mode 120000 tests/qemuxml2argvdata/graphics-spice-sasl-ciphers.xml diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug index c19bf3a43..15222d7e3 100644 --- a/src/qemu/libvirtd_qemu.aug +++ b/src/qemu/libvirtd_qemu.aug @@ -44,6 +44,7 @@ module Libvirtd_qemu =3D let spice_entry =3D str_entry "spice_listen" | bool_entry "spice_tls" | str_entry "spice_tls_x509_cert_dir" + | str_entry "spice_tls_ciphers" | bool_entry "spice_auto_unix_socket" | str_entry "spice_password" | bool_entry "spice_sasl" diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index 07eab7eff..1d7b6c555 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -181,6 +181,11 @@ #spice_tls_x509_cert_dir =3D "/etc/pki/libvirt-spice" =20 =20 +# The ciphers used by spice can be overridden here. This is an OpenSSL cip= her +# list as documented in ciphers(1) +#spice_tls_ciphers =3D "DEFAULT" + + # Enable this option to have SPICE served over an automatically created # unix socket. This prevents unprivileged access from users on the # host machine. diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 682d71441..adf0b2cb9 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -8028,8 +8028,14 @@ qemuBuildGraphicsSPICECommandLine(virQEMUDriverConfi= gPtr cfg, !cfg->spicePassword) virBufferAddLit(&opt, "disable-ticketing,"); =20 - if (hasSecure) + if (hasSecure) { virBufferAsprintf(&opt, "x509-dir=3D%s,", cfg->spiceTLSx509certdir= ); + if (cfg->spiceTLSCiphers) { + virBufferAddLit(&opt, "tls-ciphers=3D"); + virQEMUBuildBufferEscapeComma(&opt, cfg->spiceTLSCiphers); + virBufferAddLit(&opt, ","); + } + } =20 switch (graphics->data.spice.defaultMode) { case VIR_DOMAIN_GRAPHICS_SPICE_CHANNEL_MODE_SECURE: diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index 36cf3a281..92afd252d 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -374,6 +374,7 @@ static void virQEMUDriverConfigDispose(void *obj) VIR_FREE(cfg->vncSASLdir); =20 VIR_FREE(cfg->spiceTLSx509certdir); + VIR_FREE(cfg->spiceTLSCiphers); VIR_FREE(cfg->spiceListen); VIR_FREE(cfg->spicePassword); VIR_FREE(cfg->spiceSASLdir); @@ -550,6 +551,8 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr = cfg, goto cleanup; if (virConfGetValueString(conf, "spice_tls_x509_cert_dir", &cfg->spice= TLSx509certdir) < 0) goto cleanup; + if (virConfGetValueString(conf, "spice_tls_ciphers", &cfg->spiceTLSCip= hers) < 0) + goto cleanup; if (virConfGetValueBool(conf, "spice_sasl", &cfg->spiceSASL) < 0) goto cleanup; if (virConfGetValueString(conf, "spice_sasl_dir", &cfg->spiceSASLdir) = < 0) diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index e1ad5463f..9ab9f4e37 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -128,6 +128,7 @@ struct _virQEMUDriverConfig { =20 bool spiceTLS; char *spiceTLSx509certdir; + char *spiceTLSCiphers; bool spiceSASL; char *spiceSASLdir; char *spiceListen; diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qe= mu.aug.in index 688e5b9fd..2f62b383e 100644 --- a/src/qemu/test_libvirtd_qemu.aug.in +++ b/src/qemu/test_libvirtd_qemu.aug.in @@ -17,6 +17,7 @@ module Test_libvirtd_qemu =3D { "spice_listen" =3D "0.0.0.0" } { "spice_tls" =3D "1" } { "spice_tls_x509_cert_dir" =3D "/etc/pki/libvirt-spice" } +{ "spice_tls_ciphers" =3D "DEFAULT" } { "spice_auto_unix_socket" =3D "1" } { "spice_password" =3D "XYZ12345" } { "spice_sasl" =3D "1" } diff --git a/tests/qemuxml2argvdata/graphics-spice-sasl-ciphers.args b/test= s/qemuxml2argvdata/graphics-spice-sasl-ciphers.args new file mode 100644 index 000000000..2f608ad7c --- /dev/null +++ b/tests/qemuxml2argvdata/graphics-spice-sasl-ciphers.args @@ -0,0 +1,29 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/home/test \ +USER=3Dtest \ +LOGNAME=3Dtest \ +SASL_CONF_PATH=3D/root/.sasl2 \ +QEMU_AUDIO_DRV=3Dspice \ +/usr/bin/qemu-system-i686 \ +-name QEMUGuest1 \ +-S \ +-M pc \ +-m 214 \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,path=3D/tmp/lib/domain--1-QEMUGuest1/moni= tor.sock,\ +server,nowait \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dreadline \ +-no-acpi \ +-boot c \ +-usb \ +-drive file=3D/dev/HostVG/QEMUGuest1,format=3Draw,if=3Dnone,id=3Ddrive-ide= 0-0-0 \ +-device ide-drive,bus=3Dide.0,unit=3D0,drive=3Ddrive-ide0-0-0,id=3Dide0-0-= 0 \ +-spice port=3D5903,tls-port=3D5904,addr=3D127.0.0.1,sasl,\ +x509-dir=3D/etc/pki/libvirt-spice,tls-ciphers=3DDEFAULT,tls-channel=3Ddefa= ult \ +-vga qxl \ +-global qxl-vga.ram_size=3D67108864 \ +-global qxl-vga.vram_size=3D33554432 \ +-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x3 diff --git a/tests/qemuxml2argvdata/graphics-spice-sasl-ciphers.xml b/tests= /qemuxml2argvdata/graphics-spice-sasl-ciphers.xml new file mode 120000 index 000000000..1bfac9efa --- /dev/null +++ b/tests/qemuxml2argvdata/graphics-spice-sasl-ciphers.xml @@ -0,0 +1 @@ +graphics-spice-sasl.xml \ No newline at end of file diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 308d71f72..29f702c5c 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1126,6 +1126,11 @@ mymain(void) DO_TEST("graphics-spice-sasl", QEMU_CAPS_SPICE, QEMU_CAPS_DEVICE_QXL); + ignore_value(VIR_STRDUP(driver.config->spiceTLSCiphers, "DEFAULT")); + DO_TEST("graphics-spice-sasl-ciphers", + QEMU_CAPS_SPICE, + QEMU_CAPS_DEVICE_QXL); + VIR_FREE(driver.config->spiceTLSCiphers); VIR_FREE(driver.config->spiceSASLdir); driver.config->spiceSASL =3D 0; DO_TEST("graphics-spice-agentmouse", --=20 2.13.6 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list