support passing sasl acl in vnc to qemu cmd.
turn the xml example:
...
<graphics ...>
<authz type='sasl' index='1'/>
</graphics>
...
into qemu cmd:
qemu-kvm
...
-vnc 0.0.0.0:0,sasl,sasl-authz=authz1
Signed-off-by: Zihao Chang <changzihao1@xxxxxxxxxx>
---
src/qemu/qemu_command.c | 29 ++++++++++++++++++++++++++++-
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 8679c62d550f..e1a07a6e7113 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -7537,6 +7537,30 @@ qemuBuildGraphicsSDLCommandLine(virQEMUDriverConfigPtr cfg G_GNUC_UNUSED,
}
+static int
+qemuBuildGraphicsVNCAuthzCommandLine(virBufferPtr opt,
+ virDomainGraphicsDefPtr graphics)
+{
+ size_t i;
+ int nAuthzs = graphics->data.vnc.auth.nAuthzs;
+ virDomainGraphicsAuthzDefPtr authzs = graphics->data.vnc.auth.authzs;
+
+ if (nAuthzs <= 0) {
+ return 0;
+ }
+
+ for (i = 0; i < nAuthzs; i++) {
+ if (authzs[i].type == VIR_DOMAIN_AUTHZ_TYPE_SASL) {
+ virBufferAsprintf(opt, ",sasl-authz=authz%lu", authzs[i].index);
+ } else if (authzs[i].type == VIR_DOMAIN_AUTHZ_TYPE_TLS) {
+ virBufferAsprintf(opt, ",tls-authz=authz%lu", authzs[i].index);
+ }
+ }
+
+ return 0;
+}
+
+
static int
qemuBuildGraphicsVNCCommandLine(virQEMUDriverConfigPtr cfg,
virCommandPtr cmd,
@@ -7643,7 +7667,10 @@ qemuBuildGraphicsVNCCommandLine(virQEMUDriverConfigPtr cfg,
if (cfg->vncSASLdir)
virCommandAddEnvPair(cmd, "SASL_CONF_PATH", cfg->vncSASLdir);
- /* TODO: Support ACLs later */
+ }
+
+ if (cfg->vncSASL || cfg->vncTLS) {
+ qemuBuildGraphicsVNCAuthzCommandLine(&opt, graphics);
}
virCommandAddArg(cmd, "-vnc");
--
2.28.0
