From: Daniel P. Berrangé <berrange@xxxxxxxxxx> Currently when using VNC the "password" flag turns on password based authentication. The actual password has to be provided separately via the monitor. This introduces a "password-secret" option which lets the password be provided up front. $QEMU --object secret,id=vncsec0,file=passwd.txt \ --vnc localhost:0,password-secret=vncsec0 Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> Message-Id: <20210311114343.439820-2-berrange@xxxxxxxxxx> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx> --- ui/vnc.c | 23 ++++++++++++++++++++++- qemu-options.hx | 5 +++++ 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/ui/vnc.c b/ui/vnc.c index 310abc937812..e8e3426a65c4 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -48,6 +48,7 @@ #include "crypto/tlscredsanon.h" #include "crypto/tlscredsx509.h" #include "crypto/random.h" +#include "crypto/secret_common.h" #include "qom/object_interfaces.h" #include "qemu/cutils.h" #include "qemu/help_option.h" @@ -3459,6 +3460,9 @@ static QemuOptsList qemu_vnc_opts = { },{ .name = "password", .type = QEMU_OPT_BOOL, + },{ + .name = "password-secret", + .type = QEMU_OPT_STRING, },{ .name = "reverse", .type = QEMU_OPT_BOOL, @@ -3931,6 +3935,7 @@ void vnc_display_open(const char *id, Error **errp) int lock_key_sync = 1; int key_delay_ms; const char *audiodev; + const char *passwordSecret; if (!vd) { error_setg(errp, "VNC display not active"); @@ -3948,7 +3953,23 @@ void vnc_display_open(const char *id, Error **errp) goto fail; } - password = qemu_opt_get_bool(opts, "password", false); + + passwordSecret = qemu_opt_get(opts, "password-secret"); + if (passwordSecret) { + if (qemu_opt_get(opts, "password")) { + error_setg(errp, + "'password' flag is redundant with 'password-secret'"); + goto fail; + } + vd->password = qcrypto_secret_lookup_as_utf8(passwordSecret, + errp); + if (!vd->password) { + goto fail; + } + password = true; + } else { + password = qemu_opt_get_bool(opts, "password", false); + } if (password) { if (fips_get_state()) { error_setg(errp, diff --git a/qemu-options.hx b/qemu-options.hx index 622d3bfa5a7d..357fc4596ecc 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -2165,6 +2165,11 @@ SRST time to allow <protocol> password to expire immediately or never expire. + ``password-secret=<secret-id>`` + Require that password based authentication is used for client + connections, using the password provided by the ``secret`` + object identified by ``secret-id``. + ``tls-creds=ID`` Provides the ID of a set of TLS credentials to use to secure the VNC server. They will apply to both the normal VNC server socket -- 2.29.2