import-layers/meta-virtualization/recipes-extended/libvirt/libvirt-1.3.5/0001-qemu-Let-empty-default-VNC-password-work-as-document.patch - openbmc/openbmc - Gitiles

 Upstream-Status: Backport

 Backport patch to fix CVE-2016-5008 from:

 https://libvirt.org/git/?p=libvirt.git;a=commit;h=f32441c69bf450d6ac593c3acd621c37e120cdaf

 Signed-off-by: Kai Kang <kai.kang@windriver.com>
 ---
 From f32441c69bf450d6ac593c3acd621c37e120cdaf Mon Sep 17 00:00:00 2001
 From: Jiri Denemark <jdenemar@redhat.com>
 Date: Tue, 28 Jun 2016 14:39:58 +0200
 Subject: [PATCH] qemu: Let empty default VNC password work as documented

 CVE-2016-5008

 Setting an empty graphics password is documented as a way to disable
 VNC/SPICE access, but QEMU does not always behaves like that. VNC would
 happily accept the empty password. Let's enforce the behavior by setting
 password expiration to "now".

 https://bugzilla.redhat.com/show_bug.cgi?id=1180092

 Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
 (cherry picked from commit bb848feec0f3f10e92dd8e5231ae7aa89b5598f3)
 ---
  src/qemu/qemu_hotplug.c | 14 +++++++-------
  1 file changed, 7 insertions(+), 7 deletions(-)

 diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
 index 5f12d77..fda28b0 100644
 --- a/src/qemu/qemu_hotplug.c
 +++ b/src/qemu/qemu_hotplug.c
 @@ -3547,6 +3547,7 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
      time_t now = time(NULL);
      char expire_time [64];
      const char *connected = NULL;
 +    const char *password;
      int ret = -1;
      virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);

 @@ -3554,16 +3555,14 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
          ret = 0;
          goto cleanup;
      }
 +    password = auth->passwd ? auth->passwd : defaultPasswd;

      if (auth->connected)
          connected = virDomainGraphicsAuthConnectedTypeToString(auth->connected);

      if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
          goto cleanup;
 -    ret = qemuMonitorSetPassword(priv->mon,
 -                                 type,
 -                                 auth->passwd ? auth->passwd : defaultPasswd,
 -                                 connected);
 +    ret = qemuMonitorSetPassword(priv->mon, type, password, connected);

      if (ret == -2) {
          if (type != VIR_DOMAIN_GRAPHICS_TYPE_VNC) {
 @@ -3571,14 +3570,15 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
                             _("Graphics password only supported for VNC"));
              ret = -1;
          } else {
 -            ret = qemuMonitorSetVNCPassword(priv->mon,
 -                                            auth->passwd ? auth->passwd : defaultPasswd);
 +            ret = qemuMonitorSetVNCPassword(priv->mon, password);
          }
      }
      if (ret != 0)
          goto end_job;

 -    if (auth->expires) {
 +    if (password[0] == '\0') {
 +        snprintf(expire_time, sizeof(expire_time), "now");
 +    } else if (auth->expires) {
          time_t lifetime = auth->validTo - now;
          if (lifetime <= 0)
              snprintf(expire_time, sizeof(expire_time), "now");
 --
 2.9.0
	Upstream-Status: Backport

	Backport patch to fix CVE-2016-5008 from:

	https://libvirt.org/git/?p=libvirt.git;a=commit;h=f32441c69bf450d6ac593c3acd621c37e120cdaf

	Signed-off-by: Kai Kang <kai.kang@windriver.com>
	---
	From f32441c69bf450d6ac593c3acd621c37e120cdaf Mon Sep 17 00:00:00 2001
	From: Jiri Denemark <jdenemar@redhat.com>
	Date: Tue, 28 Jun 2016 14:39:58 +0200
	Subject: [PATCH] qemu: Let empty default VNC password work as documented

	CVE-2016-5008

	Setting an empty graphics password is documented as a way to disable
	VNC/SPICE access, but QEMU does not always behaves like that. VNC would
	happily accept the empty password. Let's enforce the behavior by setting
	password expiration to "now".

	https://bugzilla.redhat.com/show_bug.cgi?id=1180092

	Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
	(cherry picked from commit bb848feec0f3f10e92dd8e5231ae7aa89b5598f3)
	---
	src/qemu/qemu_hotplug.c \| 14 +++++++-------
	1 file changed, 7 insertions(+), 7 deletions(-)

	diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
	index 5f12d77..fda28b0 100644
	--- a/src/qemu/qemu_hotplug.c
	+++ b/src/qemu/qemu_hotplug.c
	@@ -3547,6 +3547,7 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
	time_t now = time(NULL);
	char expire_time [64];
	const char *connected = NULL;
	+ const char *password;
	int ret = -1;
	virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);

	@@ -3554,16 +3555,14 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
	ret = 0;
	goto cleanup;
	}
	+ password = auth->passwd ? auth->passwd : defaultPasswd;

	if (auth->connected)
	connected = virDomainGraphicsAuthConnectedTypeToString(auth->connected);

	if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
	goto cleanup;
	- ret = qemuMonitorSetPassword(priv->mon,
	- type,
	- auth->passwd ? auth->passwd : defaultPasswd,
	- connected);
	+ ret = qemuMonitorSetPassword(priv->mon, type, password, connected);

	if (ret == -2) {
	if (type != VIR_DOMAIN_GRAPHICS_TYPE_VNC) {
	@@ -3571,14 +3570,15 @@ qemuDomainChangeGraphicsPasswords(virQEMUDriverPtr driver,
	_("Graphics password only supported for VNC"));
	ret = -1;
	} else {
	- ret = qemuMonitorSetVNCPassword(priv->mon,
	- auth->passwd ? auth->passwd : defaultPasswd);
	+ ret = qemuMonitorSetVNCPassword(priv->mon, password);
	}
	}
	if (ret != 0)
	goto end_job;

	- if (auth->expires) {
	+ if (password[0] == '\0') {
	+ snprintf(expire_time, sizeof(expire_time), "now");
	+ } else if (auth->expires) {
	time_t lifetime = auth->validTo - now;
	if (lifetime <= 0)
	snprintf(expire_time, sizeof(expire_time), "now");
	--
	2.9.0