Samuel Thibault, le Wed 23 Jan 2008 16:42:33 +0000, a écrit :
> Daniel P. Berrange, le Wed 23 Jan 2008 16:28:11 +0000, a écrit :
> > VNC password authentication is turned on / off via the ',passwd' flag on
> > the -vnc command line to QEMU. If password auth is on, and a zero length
> > string is found as a password, then all logins are completely disabled -
> > the VNC password auth code will fail all logins. If passwd auth is off on
> > the command line, then any password stored in xenstore is irrelevant, no
> > matter what length it is.
>
> Ok, so the real fix seems to be to take that flag into account (which is
> not the case currently).
Which actually boils down to applying the two patches I have proposed:
on a xenstore read failure, an empty password is stored (which is fine
when there is no passwd in the configuration), and hence if ',passwd'
was given on the -vnc command line (i.e. some passwd was given in the
configuration but it somehow didn't make through to xenstore), all
logins will be completely disabled, so we're on the safe side.
Samuel
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|