qemu: validate VNC password length

The VNC password authentication scheme is quite horrendous in that it
takes the user password and directly uses it as a DES case. DES is a
byte 8 keyed cipher, so the VNC password can never be more than 8
characters long. Anything over that length will be silently dropped.

We should validate this length restriction when accepting user XML
configs and report an error. For the global VNC password we don't
really want to break daemon startup by reporting an error, but
logging a warning is worthwhile.

https://bugzilla.redhat.com/show_bug.cgi?id=1506689

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2021-12-16 10:20:37 +00:00
parent 8ab1a0fdc9
commit 27c1d06b5b
2 changed files with 14 additions and 0 deletions

View File

@ -451,6 +451,12 @@ virQEMUDriverConfigLoadVNCEntry(virQEMUDriverConfig *cfg,
if (virConfGetValueBool(conf, "vnc_allow_host_audio", &cfg->vncAllowHostAudio) < 0)
return -1;
if (cfg->vncPassword &&
strlen(cfg->vncPassword) > 8) {
VIR_WARN("VNC password is %zu characters long, only 8 permitted, truncating",
strlen(cfg->vncPassword));
cfg->vncPassword[8] = '\0';
}
return 0;
}

View File

@ -4109,6 +4109,14 @@ qemuValidateDomainDeviceDefVNCGraphics(const virDomainGraphicsDef *graphics,
return -1;
}
if (graphics->data.vnc.auth.passwd &&
strlen(graphics->data.vnc.auth.passwd) > 8) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("VNC password is %zu characters long, only 8 permitted"),
strlen(graphics->data.vnc.auth.passwd));
return -1;
}
return 0;
}