qemu: validate VNC password length

The VNC password authentication scheme is quite horrendous in that it
takes the user password and directly uses it as a DES case. DES is a
byte 8 keyed cipher, so the VNC password can never be more than 8
characters long. Anything over that length will be silently dropped.

We should validate this length restriction when accepting user XML
configs and report an error. For the global VNC password we don't
really want to break daemon startup by reporting an error, but
logging a warning is worthwhile.

https://bugzilla.redhat.com/show_bug.cgi?id=1506689

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

src/qemu/qemu_conf.c

@@ -451,6 +451,12 @@ virQEMUDriverConfigLoadVNCEntry(virQEMUDriverConfig *cfg,
     if (virConfGetValueBool(conf, "vnc_allow_host_audio", &cfg->vncAllowHostAudio) < 0)
         return -1;
 
+    if (cfg->vncPassword &&
+        strlen(cfg->vncPassword) > 8) {
+        VIR_WARN("VNC password is %zu characters long, only 8 permitted, truncating",
+                 strlen(cfg->vncPassword));
+        cfg->vncPassword[8] = '\0';
+    }
     return 0;
 }
 

src/qemu/qemu_validate.c

@@ -4109,6 +4109,14 @@ qemuValidateDomainDeviceDefVNCGraphics(const virDomainGraphicsDef *graphics,
         return -1;
     }
 
+    if (graphics->data.vnc.auth.passwd &&
+        strlen(graphics->data.vnc.auth.passwd) > 8) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("VNC password is %zu characters long, only 8 permitted"),
+                       strlen(graphics->data.vnc.auth.passwd));
+        return -1;
+    }
+
     return 0;
 }