1. Patchew
  2. Libvirt
  3. [PATCH 00/19] Add qemu RDP server support
  4. View patch

[PATCH 08/19] conf: parse optional RDP username & password

marcandre.lureau@redhat.com posted 19 patches 7 months, 1 week ago
There is a newer version of this series
[PATCH 08/19] conf: parse optional RDP username & password
Posted by marcandre.lureau@redhat.com 7 months, 1 week ago 
From: Marc-André Lureau <marcandre.lureau@redhat.com>

Like VNC, allow to set credentials for RDP.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
 src/conf/domain_conf.c            | 13 +++++++++++++
 src/conf/domain_conf.h            |  2 ++
 src/conf/schemas/domaincommon.rng | 10 ++++++++++
 3 files changed, 25 insertions(+)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 45c2cd09f1..35dbb13106 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1986,6 +1986,7 @@ virDomainGraphicsAuthDefClear(virDomainGraphicsAuthDef *def)
     if (!def)
         return;
 
+    VIR_FREE(def->username);
     VIR_FREE(def->passwd);
 
     /* Don't free def */
@@ -11282,6 +11283,8 @@ virDomainGraphicsAuthDefParseXML(xmlNodePtr node,
     if (!def->passwd)
         return 0;
 
+    def->username = virXMLPropString(node, "username");
+
     validTo = virXMLPropString(node, "passwdValidTo");
     if (validTo) {
         g_autoptr(GDateTime) then = NULL;
@@ -11671,6 +11674,10 @@ virDomainGraphicsDefParseXMLRDP(virDomainGraphicsDef *def,
     if (STREQ_NULLABLE(multiUser, "yes"))
         def->data.rdp.multiUser = true;
 
+    if (virDomainGraphicsAuthDefParseXML(node, &def->data.rdp.auth,
+                                         def->type) < 0)
+        return -1;
+
     return 0;
 }
 
@@ -26314,6 +26321,10 @@ virDomainGraphicsAuthDefFormatAttr(virBuffer *buf,
     if (!def->passwd)
         return;
 
+    if (def->username)
+        virBufferEscapeString(buf, " username='%s'",
+                              def->username);
+
     if (flags & VIR_DOMAIN_DEF_FORMAT_SECURE)
         virBufferEscapeString(buf, " passwd='%s'",
                               def->passwd);
@@ -26543,6 +26554,8 @@ virDomainGraphicsDefFormat(virBuffer *buf,
 
         virDomainGraphicsListenDefFormatAddr(buf, glisten, flags);
 
+        virDomainGraphicsAuthDefFormatAttr(buf, &def->data.rdp.auth, flags);
+
         break;
 
     case VIR_DOMAIN_GRAPHICS_TYPE_DESKTOP:
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index ba1a495764..e5c2c2157c 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1903,6 +1903,7 @@ typedef enum {
 } virDomainGraphicsAuthConnectedType;
 
 struct _virDomainGraphicsAuthDef {
+    char *username;
     char *passwd;
     bool expires; /* Whether there is an expiry time set */
     time_t validTo;  /* seconds since epoch */
@@ -2027,6 +2028,7 @@ struct _virDomainGraphicsDef {
             bool autoport;
             bool replaceUser;
             bool multiUser;
+            virDomainGraphicsAuthDef auth;
         } rdp;
         struct {
             char *display;
diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincommon.rng
index 5848d3eaaf..b5328601ff 100644
--- a/src/conf/schemas/domaincommon.rng
+++ b/src/conf/schemas/domaincommon.rng
@@ -4516,6 +4516,16 @@
               <ref name="addrIPorName"/>
             </attribute>
           </optional>
+          <optional>
+            <attribute name="username">
+              <text/>
+            </attribute>
+          </optional>
+          <optional>
+            <attribute name="passwd">
+              <text/>
+            </attribute>
+          </optional>
           <ref name="listenElements"/>
         </group>
         <group>
-- 
2.47.0
Re: [PATCH 08/19] conf: parse optional RDP username & password
Posted by Daniel P. Berrangé 6 months, 4 weeks ago 
On Wed, Jan 29, 2025 at 05:40:30PM +0400, marcandre.lureau@redhat.com wrote:
> From: Marc-André Lureau <marcandre.lureau@redhat.com>
> 
> Like VNC, allow to set credentials for RDP.
> 
> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> ---
>  src/conf/domain_conf.c            | 13 +++++++++++++
>  src/conf/domain_conf.h            |  2 ++
>  src/conf/schemas/domaincommon.rng | 10 ++++++++++
>  3 files changed, 25 insertions(+)

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>


> diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> index ba1a495764..e5c2c2157c 100644
> --- a/src/conf/domain_conf.h
> +++ b/src/conf/domain_conf.h
> @@ -1903,6 +1903,7 @@ typedef enum {
>  } virDomainGraphicsAuthConnectedType;
>  
>  struct _virDomainGraphicsAuthDef {
> +    char *username;
>      char *passwd;
>      bool expires; /* Whether there is an expiry time set */
>      time_t validTo;  /* seconds since epoch */
> @@ -2027,6 +2028,7 @@ struct _virDomainGraphicsDef {
>              bool autoport;
>              bool replaceUser;
>              bool multiUser;
> +            virDomainGraphicsAuthDef auth;

Similar observation as the previous patch that we ought not to be storing
the password in plain text directly in the XML. Everywhere except <graphics>
we reference out of band secrets for getting credentials. We should fix the
graphics XML one day to allow that too. Not something you need to fix.

>          } rdp;
>          struct {
>              char *display;


With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.