From nobody Tue May 7 12:21:10 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1629884299674514.6765316612556; Wed, 25 Aug 2021 02:38:19 -0700 (PDT) Received: from localhost ([::1]:48120 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mIpMQ-0003TP-55 for importer@patchew.org; Wed, 25 Aug 2021 05:38:18 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37102) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mIpLd-0002C5-UZ for qemu-devel@nongnu.org; Wed, 25 Aug 2021 05:37:29 -0400 Received: from proxmox-new.maurer-it.com ([94.136.29.106]:8454) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mIpLb-0007SD-O2 for qemu-devel@nongnu.org; Wed, 25 Aug 2021 05:37:29 -0400 Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 2514F4376F; Wed, 25 Aug 2021 11:37:15 +0200 (CEST) From: Stefan Reiter To: "Dr. David Alan Gilbert" , Markus Armbruster , Paolo Bonzini , Eric Blake , Gerd Hoffmann , Wolfgang Bumiller , Thomas Lamprecht Subject: [PATCH 1/2] monitor/hmp: correctly invert password argument detection again Date: Wed, 25 Aug 2021 11:37:00 +0200 Message-Id: <20210825093701.668122-2-s.reiter@proxmox.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210825093701.668122-1-s.reiter@proxmox.com> References: <20210825093701.668122-1-s.reiter@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=94.136.29.106; envelope-from=s.reiter@proxmox.com; helo=proxmox-new.maurer-it.com X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZM-MESSAGEID: 1629884302142100001 Content-Type: text/plain; charset="utf-8" Commit cfb5387a1d 'hmp: remove "change vnc TARGET" command' claims to remove the HMP "change vnc" command, but doesn't actually do that. Instead if rewires it to use 'qmp_change_vnc_password', and in the process inverts the argument detection - ignoring the first issue, this inversion is wrong, as this will now ask the user for a password if one is already provided, and simply fail if none is given. Fixes: cfb5387a1d ("hmp: remove "change vnc TARGET" command") Signed-off-by: Stefan Reiter Reviewed-by: Marc-Andr=C3=A9 Lureau --- monitor/hmp-cmds.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monitor/hmp-cmds.c b/monitor/hmp-cmds.c index f7a211e5a4..31366e6331 100644 --- a/monitor/hmp-cmds.c +++ b/monitor/hmp-cmds.c @@ -1591,7 +1591,7 @@ void hmp_change(Monitor *mon, const QDict *qdict) } if (strcmp(target, "passwd") =3D=3D 0 || strcmp(target, "password") =3D=3D 0) { - if (arg) { + if (!arg) { MonitorHMP *hmp_mon =3D container_of(mon, MonitorHMP, comm= on); monitor_read_password(hmp_mon, hmp_change_read_arg, NULL); return; --=20 2.30.2 From nobody Tue May 7 12:21:10 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1629884386940921.3079130325075; Wed, 25 Aug 2021 02:39:46 -0700 (PDT) Received: from localhost ([::1]:51534 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mIpNq-0005lL-0m for importer@patchew.org; Wed, 25 Aug 2021 05:39:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37108) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mIpLe-0002C6-0e for qemu-devel@nongnu.org; Wed, 25 Aug 2021 05:37:30 -0400 Received: from proxmox-new.maurer-it.com ([94.136.29.106]:46946) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mIpLb-0007SF-P8 for qemu-devel@nongnu.org; Wed, 25 Aug 2021 05:37:29 -0400 Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id E014D4042F; Wed, 25 Aug 2021 11:37:15 +0200 (CEST) From: Stefan Reiter To: "Dr. David Alan Gilbert" , Markus Armbruster , Paolo Bonzini , Eric Blake , Gerd Hoffmann , Wolfgang Bumiller , Thomas Lamprecht Subject: [PATCH 2/2] monitor: allow VNC related QMP and HMP commands to take a display ID Date: Wed, 25 Aug 2021 11:37:01 +0200 Message-Id: <20210825093701.668122-3-s.reiter@proxmox.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210825093701.668122-1-s.reiter@proxmox.com> References: <20210825093701.668122-1-s.reiter@proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=94.136.29.106; envelope-from=s.reiter@proxmox.com; helo=proxmox-new.maurer-it.com X-Spam_score_int: 0 X-Spam_score: 0.0 X-Spam_bar: / X-Spam_report: (0.0 / 5.0 requ) SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZM-MESSAGEID: 1629884387857100001 It is possible to specify more than one VNC server on the command line, either with an explicit ID or the auto-generated ones =C3=A0 la "default", "vnc2", "vnc3", ... It is not possible to change the password on one of these extra VNC displays though. Fix this by adding a "display" parameter to the 'set_password' and 'expire_password' QMP and HMP commands. For HMP, this is a bit trickier, since at least 'set_password' already has the 'connected' parameter following the mandatory 'password' one, so we need to prefix the display ID with "id=3D" to allow correct parsing. With this prefix, no existing command or workflow should be affected. While rewriting the descriptions, also remove the line "Use zero to make the password stay valid forever." from 'set_password', I believe this was intended for 'expire_password', but would even be wrong there. Signed-off-by: Stefan Reiter --- hmp-commands.hx | 28 +++++++++++++++------------- monitor/hmp-cmds.c | 20 ++++++++++++++++++-- monitor/qmp-cmds.c | 9 +++++---- qapi/ui.json | 12 ++++++++++-- 4 files changed, 48 insertions(+), 21 deletions(-) diff --git a/hmp-commands.hx b/hmp-commands.hx index e01ca13ca8..0b5abcfb8a 100644 --- a/hmp-commands.hx +++ b/hmp-commands.hx @@ -1541,34 +1541,36 @@ ERST =20 { .name =3D "set_password", - .args_type =3D "protocol:s,password:s,connected:s?", - .params =3D "protocol password action-if-connected", + .args_type =3D "protocol:s,password:s,display:s?,connected:s?", + .params =3D "protocol password [id=3Ddisplay] [action-if-conne= cted]", .help =3D "set spice/vnc password", .cmd =3D hmp_set_password, }, =20 SRST -``set_password [ vnc | spice ] password [ action-if-connected ]`` - Change spice/vnc password. Use zero to make the password stay valid - forever. *action-if-connected* specifies what should happen in +``set_password [ vnc | spice ] password [ id=3Ddisplay ] [ action-if-conne= cted ]`` + Change spice/vnc password. *display* (must be prefixed with + 'id=3D') can be used with 'vnc' to specify which display to set the + password on. *action-if-connected* specifies what should happen in case a connection is established: *fail* makes the password change - fail. *disconnect* changes the password and disconnects the - client. *keep* changes the password and keeps the connection up. - *keep* is the default. + fail. *disconnect* changes the password and disconnects the client. + *keep* changes the password and keeps the connection up. *keep* is + the default. ERST =20 { .name =3D "expire_password", - .args_type =3D "protocol:s,time:s", - .params =3D "protocol time", + .args_type =3D "protocol:s,time:s,display:s?", + .params =3D "protocol time [id=3Ddisplay]", .help =3D "set spice/vnc password expire-time", .cmd =3D hmp_expire_password, }, =20 SRST -``expire_password [ vnc | spice ]`` *expire-time* - Specify when a password for spice/vnc becomes - invalid. *expire-time* accepts: +``expire_password [ vnc | spice ] expire-time [ id=3Ddisplay ]`` + Specify when a password for spice/vnc becomes invalid. + *display* behaves the same as in ``set_password``. + *expire-time* accepts: =20 ``now`` Invalidate password instantly. diff --git a/monitor/hmp-cmds.c b/monitor/hmp-cmds.c index 31366e6331..30f5b2c3e3 100644 --- a/monitor/hmp-cmds.c +++ b/monitor/hmp-cmds.c @@ -1546,10 +1546,20 @@ void hmp_set_password(Monitor *mon, const QDict *qd= ict) { const char *protocol =3D qdict_get_str(qdict, "protocol"); const char *password =3D qdict_get_str(qdict, "password"); + const char *display =3D qdict_get_try_str(qdict, "display"); const char *connected =3D qdict_get_try_str(qdict, "connected"); Error *err =3D NULL; =20 - qmp_set_password(protocol, password, !!connected, connected, &err); + if (display && strncmp(display, "id=3D", 3)) { + connected =3D display; + display =3D NULL; + } else if (display) { + /* skip "id=3D" */ + display =3D display + 3; + } + + qmp_set_password(protocol, password, !!connected, connected, !!display, + display, &err); hmp_handle_error(mon, err); } =20 @@ -1557,9 +1567,15 @@ void hmp_expire_password(Monitor *mon, const QDict *= qdict) { const char *protocol =3D qdict_get_str(qdict, "protocol"); const char *whenstr =3D qdict_get_str(qdict, "time"); + const char *display =3D qdict_get_try_str(qdict, "display"); Error *err =3D NULL; =20 - qmp_expire_password(protocol, whenstr, &err); + if (display && !strncmp(display, "id=3D", 3)) { + /* skip "id=3D" */ + display =3D display + 3; + } + + qmp_expire_password(protocol, whenstr, !!display, display, &err); hmp_handle_error(mon, err); } =20 diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c index f7d64a6457..a9ded90a41 100644 --- a/monitor/qmp-cmds.c +++ b/monitor/qmp-cmds.c @@ -165,7 +165,8 @@ void qmp_system_wakeup(Error **errp) } =20 void qmp_set_password(const char *protocol, const char *password, - bool has_connected, const char *connected, Error **e= rrp) + bool has_connected, const char *connected, + bool has_display, const char *display, Error **errp) { int disconnect_if_connected =3D 0; int fail_if_connected =3D 0; @@ -198,7 +199,7 @@ void qmp_set_password(const char *protocol, const char = *password, } /* Note that setting an empty password will not disable login thro= ugh * this interface. */ - rc =3D vnc_display_password(NULL, password); + rc =3D vnc_display_password(has_display ? display : NULL, password= ); } else { error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "protocol", "'vnc' or 'spice'"); @@ -211,7 +212,7 @@ void qmp_set_password(const char *protocol, const char = *password, } =20 void qmp_expire_password(const char *protocol, const char *whenstr, - Error **errp) + bool has_display, const char *display, Error **er= rp) { time_t when; int rc; @@ -232,7 +233,7 @@ void qmp_expire_password(const char *protocol, const ch= ar *whenstr, } rc =3D qemu_spice.set_pw_expire(when); } else if (strcmp(protocol, "vnc") =3D=3D 0) { - rc =3D vnc_display_pw_expire(NULL, when); + rc =3D vnc_display_pw_expire(has_display ? display : NULL, when); } else { error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "protocol", "'vnc' or 'spice'"); diff --git a/qapi/ui.json b/qapi/ui.json index 16bf03224f..24dca811f8 100644 --- a/qapi/ui.json +++ b/qapi/ui.json @@ -25,6 +25,9 @@ # 'disconnect' to disconnect existing clients # 'keep' to maintain existing clients # +# @display: In case of VNC, the id of the display where the password +# should be changed. Defaults to the first. +# # Returns: - Nothing on success # - If Spice is not enabled, DeviceNotFound # @@ -38,7 +41,8 @@ # ## { 'command': 'set_password', - 'data': {'protocol': 'str', 'password': 'str', '*connected': 'str'} } + 'data': {'protocol': 'str', 'password': 'str', '*connected': 'str', + '*display': 'str'} } =20 ## # @expire_password: @@ -54,6 +58,9 @@ # - '+INT' where INT is the number of seconds from now (integer) # - 'INT' where INT is the absolute time in seconds # +# @display: In case of VNC, the id of the display where the password +# should be set to expire. Defaults to the first. +# # Returns: - Nothing on success # - If @protocol is 'spice' and Spice is not active, DeviceNotFou= nd # @@ -71,7 +78,8 @@ # <- { "return": {} } # ## -{ 'command': 'expire_password', 'data': {'protocol': 'str', 'time': 'str'}= } +{ 'command': 'expire_password', + 'data': {'protocol': 'str', 'time': 'str', '*display': 'str'} } =20 ## # @screendump: --=20 2.30.2