From 7bc411803771ae9c18290eeb55480bab5cd66b93 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>

Date: Tue, 2 Oct 2018 12:34:03 +0100

Subject: [PATCH 01/49] vnc: call sasl_server_init() only when required

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

RH-Author: Marc-André Lureau <marcandre.lureau@redhat.com>

Message-id: <20181002123403.20747-2-marcandre.lureau@redhat.com>

Patchwork-id: 82356

O-Subject: [RHEL8/rhel qemu-kvm PATCH 1/1] vnc: call sasl_server_init() only when required

Bugzilla: 1609327

RH-Acked-by: Daniel P. Berrange <berrange@redhat.com>

RH-Acked-by: Thomas Huth <thuth@redhat.com>

RH-Acked-by: Danilo de Paula <ddepaula@redhat.com>

VNC server is calling sasl_server_init() during startup of QEMU, even

if SASL auth has not been enabled.

This may create undesirable warnings like "Could not find keytab file:

/etc/qemu/krb5.tab" when the user didn't configure SASL on host and

started VNC server.

Instead, only initialize SASL when needed. Note that HMP/QMP "change

vnc" calls vnc_display_open() again, which will initialize SASL if

needed.

Fix assignment in if condition, while touching this code.

Related to:

https://bugzilla.redhat.com/show_bug.cgi?id=1609327

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>

Message-id: 20180907063634.359-1-marcandre.lureau@redhat.com

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

(cherry picked from commit b5dc0d7d565048fcf2767060261d8385805aced1)

BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1609327

Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=18601393

Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>

Conflicts:

        ui/vnc.c

        Due to "qemu"->"qemu-kvm" rename.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

---

 ui/vnc.c | 15 ++++++++-------

 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/ui/vnc.c b/ui/vnc.c

index 0c3011b..86c6762 100644

--- a/ui/vnc.c

+++ b/ui/vnc.c

@@ -3869,9 +3869,6 @@ void vnc_display_open(const char *id, Error **errp)

     bool reverse = false;

     const char *credid;

     bool sasl = false;

-#ifdef CONFIG_VNC_SASL

-    int saslErr;

-#endif

     int acl = 0;

     int lock_key_sync = 1;

     int key_delay_ms;

@@ -4045,10 +4042,14 @@ void vnc_display_open(const char *id, Error **errp)

     trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth);

 #ifdef CONFIG_VNC_SASL

-    if ((saslErr = sasl_server_init(NULL, "qemu-kvm")) != SASL_OK) {

-        error_setg(errp, "Failed to initialize SASL auth: %s",

-                   sasl_errstring(saslErr, NULL, NULL));

-        goto fail;

+    if (sasl) {

+        int saslErr = sasl_server_init(NULL, "qemu-kvm");

+

+        if (saslErr != SASL_OK) {

+            error_setg(errp, "Failed to initialize SASL auth: %s",

+                       sasl_errstring(saslErr, NULL, NULL));

+            goto fail;

+        }

     }

 #endif

     vd->lock_key_sync = lock_key_sync;

-- 

1.8.3.1