From nobody Mon Nov 3 20:22:52 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1505996296798447.44554692869076; Thu, 21 Sep 2017 05:18:16 -0700 (PDT) Received: from localhost ([::1]:53415 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dv0Qq-000884-0q for importer@patchew.org; Thu, 21 Sep 2017 08:18:16 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41187) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dv0OL-0006Zw-7L for qemu-devel@nongnu.org; Thu, 21 Sep 2017 08:15:44 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dv0OI-0008Dq-G0 for qemu-devel@nongnu.org; Thu, 21 Sep 2017 08:15:41 -0400 Received: from mx1.redhat.com ([209.132.183.28]:46620) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dv0OH-0008CM-O8 for qemu-devel@nongnu.org; Thu, 21 Sep 2017 08:15:38 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D7ED7806B2 for ; Thu, 21 Sep 2017 12:15:36 +0000 (UTC) Received: from t460.redhat.com (unknown [10.33.36.54]) by smtp.corp.redhat.com (Postfix) with ESMTP id 971585D97C; Thu, 21 Sep 2017 12:15:35 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com D7ED7806B2 Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=berrange@redhat.com From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Thu, 21 Sep 2017 13:15:28 +0100 Message-Id: <20170921121528.23935-3-berrange@redhat.com> In-Reply-To: <20170921121528.23935-1-berrange@redhat.com> References: <20170921121528.23935-1-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Thu, 21 Sep 2017 12:15:37 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH 2/2] ui: add tracing of VNC authentication process X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Gerd Hoffmann Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Trace anything related to authentication in the VNC protocol handshake Signed-off-by: Daniel P. Berrange --- ui/trace-events | 15 +++++++ ui/vnc-auth-sasl.c | 113 ++++++++++++++++++++++-----------------------= ---- ui/vnc-auth-vencrypt.c | 21 ++++----- ui/vnc.c | 36 ++++++++-------- 4 files changed, 92 insertions(+), 93 deletions(-) diff --git a/ui/trace-events b/ui/trace-events index e4c02e47f5..1a9f126330 100644 --- a/ui/trace-events +++ b/ui/trace-events @@ -35,6 +35,21 @@ vnc_client_connect(void *state, void *ioc) "VNC client c= onnect state=3D%p ioc=3D%p" vnc_client_disconnect_start(void *state, void *ioc) "VNC client disconnect= start state=3D%p ioc=3D%p" vnc_client_disconnect_finish(void *state, void *ioc) "VNC client disconnec= t finish state=3D%p ioc=3D%p" vnc_client_io_wrap(void *state, void *ioc, const char *type) "VNC client I= /O wrap state=3D%p ioc=3D%p type=3D%s" +vnc_auth_init(void *display, int websock, int auth, int subauth) "VNC auth= init state=3D%p websock=3D%d auth=3D%d subauth=3D%d" +vnc_auth_start(void *state, int method) "VNC client auth start state=3D%p = method=3D%d" +vnc_auth_pass(void *state, int method) "VNC client auth passed state=3D%p = method=3D%d" +vnc_auth_fail(void *state, int method, const char *message, const char *re= ason) "VNC client auth failed state=3D%p method=3D%d message=3D%s reason=3D= %s" +vnc_auth_reject(void *state, int expect, int got) "VNC client auth rejecte= d state=3D%p method expected=3D%d got=3D%d" +vnc_auth_vencrypt_version(void *state, int major, int minor) "VNC client a= uth vencrypt version state=3D%p major=3D%d minor=3D%d" +vnc_auth_vencrypt_subauth(void *state, int auth) "VNC client auth vencrypt= subauth state=3D%p auth=3D%d" +vnc_auth_sasl_mech_list(void *state, const char *mechs) "VNC client auth S= ASL state=3D%p mechlist=3D%s" +vnc_auth_sasl_mech_choose(void *state, const char *mech) "VNC client auth = SASL state=3D%p mech=3D%s" +vnc_auth_sasl_start(void *state, const void *clientdata, size_t clientlen,= const void *serverdata, size_t severlen, int ret) "VNC client auth SASL st= art state=3D%p clientdata=3D%p clientlen=3D%zu serverdata=3D%p serverlen=3D= %zu ret=3D%d" +vnc_auth_sasl_step(void *state, const void *clientdata, size_t clientlen, = const void *serverdata, size_t severlen, int ret) "VNC client auth SASL ste= p state=3D%p clientdata=3D%p clientlen=3D%zu serverdata=3D%p serverlen=3D%z= u ret=3D%d" +vnc_auth_sasl_ssf(void *state, int ssf) "VNC client auth SASL SSF state=3D= %p size=3D%d" +vnc_auth_sasl_username(void *state, const char *name) "VNC client auth SAS= L user state=3D%p name=3D%s" +vnc_auth_sasl_acl(void *state, int allow) "VNC client auth SASL ACL state= =3D%p allow=3D%d" + =20 # ui/input.c input_event_key_number(int conidx, int number, const char *qcode, bool dow= n) "con %d, key number 0x%x [%s], down %d" diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c index 3ade4a4918..23f28280e7 100644 --- a/ui/vnc-auth-sasl.c +++ b/ui/vnc-auth-sasl.c @@ -25,6 +25,7 @@ #include "qemu/osdep.h" #include "qapi/error.h" #include "vnc.h" +#include "trace.h" =20 /* Max amount of data we send/recv for SASL steps to prevent DOS */ #define SASL_DATA_MAX_LEN (1024 * 1024) @@ -133,27 +134,26 @@ static int vnc_auth_sasl_check_access(VncState *vs) =20 err =3D sasl_getprop(vs->sasl.conn, SASL_USERNAME, &val); if (err !=3D SASL_OK) { - VNC_DEBUG("cannot query SASL username on connection %d (%s), denyi= ng access\n", - err, sasl_errstring(err, NULL, NULL)); + trace_vnc_auth_fail(vs, vs->auth, "Cannot fetch SASL username", + sasl_errstring(err, NULL, NULL)); return -1; } if (val =3D=3D NULL) { - VNC_DEBUG("no client username was found, denying access\n"); + trace_vnc_auth_fail(vs, vs->auth, "No SASL username set", ""); return -1; } - VNC_DEBUG("SASL client username %s\n", (const char *)val); =20 vs->sasl.username =3D g_strdup((const char*)val); + trace_vnc_auth_sasl_username(vs, vs->sasl.username); =20 if (vs->vd->sasl.acl =3D=3D NULL) { - VNC_DEBUG("no ACL activated, allowing access\n"); + trace_vnc_auth_sasl_acl(vs, 1); return 0; } =20 allow =3D qemu_acl_party_is_allowed(vs->vd->sasl.acl, vs->sasl.usernam= e); =20 - VNC_DEBUG("SASL client %s %s by ACL\n", vs->sasl.username, - allow ? "allowed" : "denied"); + trace_vnc_auth_sasl_acl(vs, allow); return allow ? 0 : -1; } =20 @@ -170,7 +170,9 @@ static int vnc_auth_sasl_check_ssf(VncState *vs) return 0; =20 ssf =3D *(const int *)val; - VNC_DEBUG("negotiated an SSF of %d\n", ssf); + + trace_vnc_auth_sasl_ssf(vs, ssf); + if (ssf < 56) return 0; /* 56 is good for Kerberos */ =20 @@ -218,33 +220,28 @@ static int protocol_client_auth_sasl_step(VncState *v= s, uint8_t *data, size_t le datalen--; /* Don't count NULL byte when passing to _start() */ } =20 - VNC_DEBUG("Step using SASL Data %p (%d bytes)\n", - clientdata, datalen); err =3D sasl_server_step(vs->sasl.conn, clientdata, datalen, &serverout, &serveroutlen); + trace_vnc_auth_sasl_step(vs, data, len, serverout, serveroutlen, err); if (err !=3D SASL_OK && err !=3D SASL_CONTINUE) { - VNC_DEBUG("sasl step failed %d (%s)\n", - err, sasl_errdetail(vs->sasl.conn)); + trace_vnc_auth_fail(vs, vs->auth, "Cannot step SASL auth", + sasl_errdetail(vs->sasl.conn)); sasl_dispose(&vs->sasl.conn); vs->sasl.conn =3D NULL; goto authabort; } =20 if (serveroutlen > SASL_DATA_MAX_LEN) { - VNC_DEBUG("sasl step reply data too long %d\n", - serveroutlen); + trace_vnc_auth_fail(vs, vs->auth, "SASL data too long", ""); sasl_dispose(&vs->sasl.conn); vs->sasl.conn =3D NULL; goto authabort; } =20 - VNC_DEBUG("SASL return data %d bytes, nil; %d\n", - serveroutlen, serverout ? 0 : 1); - if (serveroutlen) { vnc_write_u32(vs, serveroutlen + 1); vnc_write(vs, serverout, serveroutlen + 1); @@ -256,22 +253,20 @@ static int protocol_client_auth_sasl_step(VncState *v= s, uint8_t *data, size_t le vnc_write_u8(vs, err =3D=3D SASL_CONTINUE ? 0 : 1); =20 if (err =3D=3D SASL_CONTINUE) { - VNC_DEBUG("%s", "Authentication must continue\n"); /* Wait for step length */ vnc_read_when(vs, protocol_client_auth_sasl_step_len, 4); } else { if (!vnc_auth_sasl_check_ssf(vs)) { - VNC_DEBUG("Authentication rejected for weak SSF %p\n", vs->ioc= ); + trace_vnc_auth_fail(vs, vs->auth, "SASL SSF too weak", ""); goto authreject; } =20 /* Check username whitelist ACL */ if (vnc_auth_sasl_check_access(vs) < 0) { - VNC_DEBUG("Authentication rejected for ACL %p\n", vs->ioc); goto authreject; } =20 - VNC_DEBUG("Authentication successful %p\n", vs->ioc); + trace_vnc_auth_pass(vs, vs->auth); vnc_write_u32(vs, 0); /* Accept auth */ /* * Delay writing in SSF encoded mode until pending output @@ -300,9 +295,9 @@ static int protocol_client_auth_sasl_step(VncState *vs,= uint8_t *data, size_t le static int protocol_client_auth_sasl_step_len(VncState *vs, uint8_t *data,= size_t len) { uint32_t steplen =3D read_u32(data, 0); - VNC_DEBUG("Got client step len %d\n", steplen); + if (steplen > SASL_DATA_MAX_LEN) { - VNC_DEBUG("Too much SASL data %d\n", steplen); + trace_vnc_auth_fail(vs, vs->auth, "SASL step len too large", ""); vnc_client_error(vs); return -1; } @@ -346,33 +341,28 @@ static int protocol_client_auth_sasl_start(VncState *= vs, uint8_t *data, size_t l datalen--; /* Don't count NULL byte when passing to _start() */ } =20 - VNC_DEBUG("Start SASL auth with mechanism %s. Data %p (%d bytes)\n", - vs->sasl.mechlist, clientdata, datalen); err =3D sasl_server_start(vs->sasl.conn, vs->sasl.mechlist, clientdata, datalen, &serverout, &serveroutlen); + trace_vnc_auth_sasl_start(vs, data, len, serverout, serveroutlen, err); if (err !=3D SASL_OK && err !=3D SASL_CONTINUE) { - VNC_DEBUG("sasl start failed %d (%s)\n", - err, sasl_errdetail(vs->sasl.conn)); + trace_vnc_auth_fail(vs, vs->auth, "Cannot start SASL auth", + sasl_errdetail(vs->sasl.conn)); sasl_dispose(&vs->sasl.conn); vs->sasl.conn =3D NULL; goto authabort; } if (serveroutlen > SASL_DATA_MAX_LEN) { - VNC_DEBUG("sasl start reply data too long %d\n", - serveroutlen); + trace_vnc_auth_fail(vs, vs->auth, "SASL data too long", ""); sasl_dispose(&vs->sasl.conn); vs->sasl.conn =3D NULL; goto authabort; } =20 - VNC_DEBUG("SASL return data %d bytes, nil; %d\n", - serveroutlen, serverout ? 0 : 1); - if (serveroutlen) { vnc_write_u32(vs, serveroutlen + 1); vnc_write(vs, serverout, serveroutlen + 1); @@ -384,22 +374,20 @@ static int protocol_client_auth_sasl_start(VncState *= vs, uint8_t *data, size_t l vnc_write_u8(vs, err =3D=3D SASL_CONTINUE ? 0 : 1); =20 if (err =3D=3D SASL_CONTINUE) { - VNC_DEBUG("%s", "Authentication must continue\n"); /* Wait for step length */ vnc_read_when(vs, protocol_client_auth_sasl_step_len, 4); } else { if (!vnc_auth_sasl_check_ssf(vs)) { - VNC_DEBUG("Authentication rejected for weak SSF %p\n", vs->ioc= ); + trace_vnc_auth_fail(vs, vs->auth, "SASL SSF too weak", ""); goto authreject; } =20 /* Check username whitelist ACL */ if (vnc_auth_sasl_check_access(vs) < 0) { - VNC_DEBUG("Authentication rejected for ACL %p\n", vs->ioc); goto authreject; } =20 - VNC_DEBUG("Authentication successful %p\n", vs->ioc); + trace_vnc_auth_pass(vs, vs->auth); vnc_write_u32(vs, 0); /* Accept auth */ start_client_init(vs); } @@ -422,9 +410,9 @@ static int protocol_client_auth_sasl_start(VncState *vs= , uint8_t *data, size_t l static int protocol_client_auth_sasl_start_len(VncState *vs, uint8_t *data= , size_t len) { uint32_t startlen =3D read_u32(data, 0); - VNC_DEBUG("Got client start len %d\n", startlen); + if (startlen > SASL_DATA_MAX_LEN) { - VNC_DEBUG("Too much SASL data %d\n", startlen); + trace_vnc_auth_fail(vs, vs->auth, "SASL start len too large", ""); vnc_client_error(vs); return -1; } @@ -439,22 +427,18 @@ static int protocol_client_auth_sasl_start_len(VncSta= te *vs, uint8_t *data, size static int protocol_client_auth_sasl_mechname(VncState *vs, uint8_t *data,= size_t len) { char *mechname =3D g_strndup((const char *) data, len); - VNC_DEBUG("Got client mechname '%s' check against '%s'\n", - mechname, vs->sasl.mechlist); + trace_vnc_auth_sasl_mech_choose(vs, mechname); =20 if (strncmp(vs->sasl.mechlist, mechname, len) =3D=3D 0) { if (vs->sasl.mechlist[len] !=3D '\0' && vs->sasl.mechlist[len] !=3D ',') { - VNC_DEBUG("One %d", vs->sasl.mechlist[len]); goto fail; } } else { char *offset =3D strstr(vs->sasl.mechlist, mechname); - VNC_DEBUG("Two %p\n", offset); if (!offset) { goto fail; } - VNC_DEBUG("Two '%s'\n", offset); if (offset[-1] !=3D ',' || (offset[len] !=3D '\0'&& offset[len] !=3D ',')) { @@ -465,11 +449,11 @@ static int protocol_client_auth_sasl_mechname(VncStat= e *vs, uint8_t *data, size_ g_free(vs->sasl.mechlist); vs->sasl.mechlist =3D mechname; =20 - VNC_DEBUG("Validated mechname '%s'\n", mechname); vnc_read_when(vs, protocol_client_auth_sasl_start_len, 4); return 0; =20 fail: + trace_vnc_auth_fail(vs, vs->auth, "Unsupported mechname", mechname); vnc_client_error(vs); g_free(mechname); return -1; @@ -478,14 +462,14 @@ static int protocol_client_auth_sasl_mechname(VncStat= e *vs, uint8_t *data, size_ static int protocol_client_auth_sasl_mechname_len(VncState *vs, uint8_t *d= ata, size_t len) { uint32_t mechlen =3D read_u32(data, 0); - VNC_DEBUG("Got client mechname len %d\n", mechlen); + if (mechlen > 100) { - VNC_DEBUG("Too long SASL mechname data %d\n", mechlen); + trace_vnc_auth_fail(vs, vs->auth, "SASL mechname too long", ""); vnc_client_error(vs); return -1; } if (mechlen < 1) { - VNC_DEBUG("Too short SASL mechname %d\n", mechlen); + trace_vnc_auth_fail(vs, vs->auth, "SASL mechname too short", ""); vnc_client_error(vs); return -1; } @@ -524,19 +508,22 @@ void start_auth_sasl(VncState *vs) const char *mechlist =3D NULL; sasl_security_properties_t secprops; int err; + Error *local_err =3D NULL; char *localAddr, *remoteAddr; int mechlistlen; =20 - VNC_DEBUG("Initialize SASL auth %p\n", vs->ioc); - /* Get local & remote client addresses in form IPADDR;PORT */ - localAddr =3D vnc_socket_ip_addr_string(vs->sioc, true, NULL); + localAddr =3D vnc_socket_ip_addr_string(vs->sioc, true, &local_err); if (!localAddr) { + trace_vnc_auth_fail(vs, vs->auth, "Cannot format local IP", + error_get_pretty(local_err)); goto authabort; } =20 - remoteAddr =3D vnc_socket_ip_addr_string(vs->sioc, false, NULL); + remoteAddr =3D vnc_socket_ip_addr_string(vs->sioc, false, &local_err); if (!remoteAddr) { + trace_vnc_auth_fail(vs, vs->auth, "Cannot format remote IP", + error_get_pretty(local_err)); g_free(localAddr); goto authabort; } @@ -554,8 +541,8 @@ void start_auth_sasl(VncState *vs) localAddr =3D remoteAddr =3D NULL; =20 if (err !=3D SASL_OK) { - VNC_DEBUG("sasl context setup failed %d (%s)", - err, sasl_errstring(err, NULL, NULL)); + trace_vnc_auth_fail(vs, vs->auth, "SASL context setup failed", + sasl_errstring(err, NULL, NULL)); vs->sasl.conn =3D NULL; goto authabort; } @@ -570,8 +557,8 @@ void start_auth_sasl(VncState *vs) keysize =3D qcrypto_tls_session_get_key_size(vs->tls, &local_err); if (keysize < 0) { - VNC_DEBUG("cannot TLS get cipher size: %s\n", - error_get_pretty(local_err)); + trace_vnc_auth_fail(vs, vs->auth, "cannot TLS get cipher size", + error_get_pretty(local_err)); error_free(local_err); sasl_dispose(&vs->sasl.conn); vs->sasl.conn =3D NULL; @@ -581,8 +568,8 @@ void start_auth_sasl(VncState *vs) =20 err =3D sasl_setprop(vs->sasl.conn, SASL_SSF_EXTERNAL, &ssf); if (err !=3D SASL_OK) { - VNC_DEBUG("cannot set SASL external SSF %d (%s)\n", - err, sasl_errstring(err, NULL, NULL)); + trace_vnc_auth_fail(vs, vs->auth, "cannot set SASL external SS= F", + sasl_errstring(err, NULL, NULL)); sasl_dispose(&vs->sasl.conn); vs->sasl.conn =3D NULL; goto authabort; @@ -617,8 +604,8 @@ void start_auth_sasl(VncState *vs) =20 err =3D sasl_setprop(vs->sasl.conn, SASL_SEC_PROPS, &secprops); if (err !=3D SASL_OK) { - VNC_DEBUG("cannot set SASL security props %d (%s)\n", - err, sasl_errstring(err, NULL, NULL)); + trace_vnc_auth_fail(vs, vs->auth, "cannot set SASL security props", + sasl_errstring(err, NULL, NULL)); sasl_dispose(&vs->sasl.conn); vs->sasl.conn =3D NULL; goto authabort; @@ -633,13 +620,13 @@ void start_auth_sasl(VncState *vs) NULL, NULL); if (err !=3D SASL_OK) { - VNC_DEBUG("cannot list SASL mechanisms %d (%s)\n", - err, sasl_errdetail(vs->sasl.conn)); + trace_vnc_auth_fail(vs, vs->auth, "cannot list SASL mechanisms", + sasl_errdetail(vs->sasl.conn)); sasl_dispose(&vs->sasl.conn); vs->sasl.conn =3D NULL; goto authabort; } - VNC_DEBUG("Available mechanisms for client: '%s'\n", mechlist); + trace_vnc_auth_sasl_mech_list(vs, mechlist); =20 vs->sasl.mechlist =3D g_strdup(mechlist); mechlistlen =3D strlen(mechlist); @@ -647,12 +634,12 @@ void start_auth_sasl(VncState *vs) vnc_write(vs, mechlist, mechlistlen); vnc_flush(vs); =20 - VNC_DEBUG("Wait for client mechname length\n"); vnc_read_when(vs, protocol_client_auth_sasl_mechname_len, 4); =20 return; =20 authabort: + error_free(local_err); vnc_client_error(vs); } =20 diff --git a/ui/vnc-auth-vencrypt.c b/ui/vnc-auth-vencrypt.c index 2a3766aa64..7833631275 100644 --- a/ui/vnc-auth-vencrypt.c +++ b/ui/vnc-auth-vencrypt.c @@ -35,27 +35,24 @@ static void start_auth_vencrypt_subauth(VncState *vs) switch (vs->subauth) { case VNC_AUTH_VENCRYPT_TLSNONE: case VNC_AUTH_VENCRYPT_X509NONE: - VNC_DEBUG("Accept TLS auth none\n"); vnc_write_u32(vs, 0); /* Accept auth completion */ start_client_init(vs); break; =20 case VNC_AUTH_VENCRYPT_TLSVNC: case VNC_AUTH_VENCRYPT_X509VNC: - VNC_DEBUG("Start TLS auth VNC\n"); start_auth_vnc(vs); break; =20 #ifdef CONFIG_VNC_SASL case VNC_AUTH_VENCRYPT_TLSSASL: case VNC_AUTH_VENCRYPT_X509SASL: - VNC_DEBUG("Start TLS auth SASL\n"); start_auth_sasl(vs); break; #endif /* CONFIG_VNC_SASL */ =20 default: /* Should not be possible, but just in case */ - VNC_DEBUG("Reject subauth %d server bug\n", vs->auth); + trace_vnc_auth_fail(vs, vs->auth, "Unhandled VeNCrypt subauth", ""); vnc_write_u8(vs, 1); if (vs->minor >=3D 8) { static const char err[] =3D "Unsupported authentication type"; @@ -73,8 +70,8 @@ static void vnc_tls_handshake_done(QIOTask *task, Error *err =3D NULL; =20 if (qio_task_propagate_error(task, &err)) { - VNC_DEBUG("Handshake failed %s\n", - error_get_pretty(err)); + trace_vnc_auth_fail(vs, vs->auth, "TLS handshake failed", + error_get_pretty(err)); vnc_client_error(vs); error_free(err); } else { @@ -92,15 +89,15 @@ static int protocol_client_vencrypt_auth(VncState *vs, = uint8_t *data, size_t len { int auth =3D read_u32(data, 0); =20 + trace_vnc_auth_vencrypt_subauth(vs, auth); if (auth !=3D vs->subauth) { - VNC_DEBUG("Rejecting auth %d\n", auth); + trace_vnc_auth_fail(vs, vs->auth, "Unsupported sub-auth version", = ""); vnc_write_u8(vs, 0); /* Reject auth */ vnc_flush(vs); vnc_client_error(vs); } else { Error *err =3D NULL; QIOChannelTLS *tls; - VNC_DEBUG("Accepting auth %d, setting up TLS for handshake\n", aut= h); vnc_write_u8(vs, 1); /* Accept auth */ vnc_flush(vs); =20 @@ -115,14 +112,14 @@ static int protocol_client_vencrypt_auth(VncState *vs= , uint8_t *data, size_t len vs->vd->tlsaclname, &err); if (!tls) { - VNC_DEBUG("Failed to setup TLS %s\n", error_get_pretty(err)); + trace_vnc_auth_fail(vs, vs->auth, "TLS setup failed", + error_get_pretty(err)); error_free(err); vnc_client_error(vs); return 0; } =20 qio_channel_set_name(QIO_CHANNEL(tls), "vnc-server-tls"); - VNC_DEBUG("Start TLS VeNCrypt handshake process\n"); object_unref(OBJECT(vs->ioc)); vs->ioc =3D QIO_CHANNEL(tls); trace_vnc_client_io_wrap(vs, vs->ioc, "tls"); @@ -138,14 +135,14 @@ static int protocol_client_vencrypt_auth(VncState *vs= , uint8_t *data, size_t len =20 static int protocol_client_vencrypt_init(VncState *vs, uint8_t *data, size= _t len) { + trace_vnc_auth_vencrypt_version(vs, (int)data[0], (int)data[1]); if (data[0] !=3D 0 || data[1] !=3D 2) { - VNC_DEBUG("Unsupported VeNCrypt protocol %d.%d\n", (int)data[0], (= int)data[1]); + trace_vnc_auth_fail(vs, vs->auth, "Unsupported version", ""); vnc_write_u8(vs, 1); /* Reject version */ vnc_flush(vs); vnc_client_error(vs); } else { - VNC_DEBUG("Sending allowed auth %d\n", vs->subauth); vnc_write_u8(vs, 0); /* Accept version */ vnc_write_u8(vs, 1); /* Number of sub-auths */ vnc_write_u32(vs, vs->subauth); /* The supported auth */ diff --git a/ui/vnc.c b/ui/vnc.c index 47dacc47b6..9f8d5a1b1f 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -2407,11 +2407,11 @@ static int protocol_client_auth_vnc(VncState *vs, u= int8_t *data, size_t len) Error *err =3D NULL; =20 if (!vs->vd->password) { - VNC_DEBUG("No password configured on server"); + trace_vnc_auth_fail(vs, vs->auth, "password is not set", ""); goto reject; } if (vs->vd->expires < now) { - VNC_DEBUG("Password is expired"); + trace_vnc_auth_fail(vs, vs->auth, "password is expired", ""); goto reject; } =20 @@ -2428,8 +2428,8 @@ static int protocol_client_auth_vnc(VncState *vs, uin= t8_t *data, size_t len) key, G_N_ELEMENTS(key), &err); if (!cipher) { - VNC_DEBUG("Cannot initialize cipher %s", - error_get_pretty(err)); + trace_vnc_auth_fail(vs, vs->auth, "cannot create cipher", + error_get_pretty(err)); error_free(err); goto reject; } @@ -2439,18 +2439,18 @@ static int protocol_client_auth_vnc(VncState *vs, u= int8_t *data, size_t len) response, VNC_AUTH_CHALLENGE_SIZE, &err) < 0) { - VNC_DEBUG("Cannot encrypt challenge %s", - error_get_pretty(err)); + trace_vnc_auth_fail(vs, vs->auth, "cannot encrypt challenge respon= se", + error_get_pretty(err)); error_free(err); goto reject; } =20 /* Compare expected vs actual challenge response */ if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) !=3D 0) { - VNC_DEBUG("Client challenge response did not match\n"); + trace_vnc_auth_fail(vs, vs->auth, "mis-matched challenge response"= , ""); goto reject; } else { - VNC_DEBUG("Accepting VNC challenge response\n"); + trace_vnc_auth_pass(vs, vs->auth); vnc_write_u32(vs, 0); /* Accept auth */ vnc_flush(vs); =20 @@ -2489,7 +2489,7 @@ static int protocol_client_auth(VncState *vs, uint8_t= *data, size_t len) /* We only advertise 1 auth scheme at a time, so client * must pick the one we sent. Verify this */ if (data[0] !=3D vs->auth) { /* Reject auth */ - VNC_DEBUG("Reject auth %d because it didn't match advertized\n", (i= nt)data[0]); + trace_vnc_auth_reject(vs, vs->auth, (int)data[0]); vnc_write_u32(vs, 1); if (vs->minor >=3D 8) { static const char err[] =3D "Authentication failed"; @@ -2498,36 +2498,33 @@ static int protocol_client_auth(VncState *vs, uint8= _t *data, size_t len) } vnc_client_error(vs); } else { /* Accept requested auth */ - VNC_DEBUG("Client requested auth %d\n", (int)data[0]); + trace_vnc_auth_start(vs, vs->auth); switch (vs->auth) { case VNC_AUTH_NONE: - VNC_DEBUG("Accept auth none\n"); if (vs->minor >=3D 8) { vnc_write_u32(vs, 0); /* Accept auth completion */ vnc_flush(vs); } + trace_vnc_auth_pass(vs, vs->auth); start_client_init(vs); break; =20 case VNC_AUTH_VNC: - VNC_DEBUG("Start VNC auth\n"); start_auth_vnc(vs); break; =20 case VNC_AUTH_VENCRYPT: - VNC_DEBUG("Accept VeNCrypt auth\n"); start_auth_vencrypt(vs); break; =20 #ifdef CONFIG_VNC_SASL case VNC_AUTH_SASL: - VNC_DEBUG("Accept SASL auth\n"); start_auth_sasl(vs); break; #endif /* CONFIG_VNC_SASL */ =20 default: /* Should not be possible, but just in case */ - VNC_DEBUG("Reject auth %d server code bug\n", vs->auth); + trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", ""); vnc_write_u8(vs, 1); if (vs->minor >=3D 8) { static const char err[] =3D "Authentication failed"; @@ -2572,10 +2569,11 @@ static int protocol_version(VncState *vs, uint8_t *= version, size_t len) vs->minor =3D 3; =20 if (vs->minor =3D=3D 3) { + trace_vnc_auth_start(vs, vs->auth); if (vs->auth =3D=3D VNC_AUTH_NONE) { - VNC_DEBUG("Tell client auth none\n"); vnc_write_u32(vs, vs->auth); vnc_flush(vs); + trace_vnc_auth_pass(vs, vs->auth); start_client_init(vs); } else if (vs->auth =3D=3D VNC_AUTH_VNC) { VNC_DEBUG("Tell client VNC auth\n"); @@ -2583,13 +2581,13 @@ static int protocol_version(VncState *vs, uint8_t *= version, size_t len) vnc_flush(vs); start_auth_vnc(vs); } else { - VNC_DEBUG("Unsupported auth %d for protocol 3.3\n", vs->auth); + trace_vnc_auth_fail(vs, vs->auth, + "Unsupported auth method for v3.3", ""); vnc_write_u32(vs, VNC_AUTH_INVALID); vnc_flush(vs); vnc_client_error(vs); } } else { - VNC_DEBUG("Telling client we support auth %d\n", vs->auth); vnc_write_u8(vs, 1); /* num auth */ vnc_write_u8(vs, vs->auth); vnc_read_when(vs, protocol_client_auth, 1); @@ -3946,12 +3944,14 @@ void vnc_display_open(const char *id, Error **errp) sasl, false, errp) < 0) { goto fail; } + trace_vnc_auth_init(vd, 0, vd->auth, vd->subauth); =20 if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth, vd->tlscreds, password, sasl, true, errp) < 0) { goto fail; } + trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth); =20 #ifdef CONFIG_VNC_SASL if ((saslErr =3D sasl_server_init(NULL, "qemu")) !=3D SASL_OK) { --=20 2.13.5