Commit Graph

226 Commits

Author SHA1 Message Date
Orit Wasserman
5db5f44cb4 Separate inet_connect into inet_connect (blocking) and inet_nonblocking_connect
No need to add non blocking parameters to the blocking inet_connect
add block parameter for inet_connect_opts instead of using QemuOpt "block".

Signed-off-by: Orit Wasserman <owasserm@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-09-25 19:05:55 -05:00
Anthony Liguori
509e9c462d Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  configure: fix seccomp check
  arch_init.c: add missing '%' symbols before PRIu64 in debug printfs
  kvm: Fix warning from static code analysis
  qapi: Fix enumeration typo error
  console: Clean up bytes per pixel calculation
  Fix copy&paste typos in documentation comments
  linux-user: Remove #if 0'd cpu_get_real_ticks() definition
  ui: Fix spelling in comment (ressource -> resource)
  Spelling fixes in comments and macro names (ressource -> resource)
  Fix spelling (licenced -> licensed) in GPL
  Spelling fixes in comments and documentation
  srp: Don't use QEMU_PACKED for single elements of a structured type
2012-09-17 10:21:42 -05:00
Stefan Weil
4580c49010 ui: Fix spelling in comment (ressource -> resource)
The function is called interface_release_resource.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-09-14 08:21:28 +01:00
Gerd Hoffmann
b021bd2983 spice: send updates only for changed screen content
when creating screen updates go compare the current guest screen
against the mirror (which holds the most recent update sent), then
only create updates for the screen areas which did actually change.

[ v2: drop redundant qemu_spice_create_one_update call ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-12 08:09:47 +02:00
Gerd Hoffmann
a7310dd34d spice: add screen mirror
Create a screen mirror, keep there a copy of the most recent update
passed on to spice-server.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-12 08:09:47 +02:00
Gerd Hoffmann
c60319a3aa spice: split qemu_spice_create_update
Creating one function which creates a single update for a given
rectangle.  And one (for now) pretty simple wrapper around it to
queue up screen updates for the dirty region.

[ v2: also update bounding box ]

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-12 08:09:47 +02:00
Gerd Hoffmann
b1af98ba3e spice: switch to queue for vga mode updates
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-12 08:09:47 +02:00
Gerd Hoffmann
ddd8fdc78e spice: make number of surfaces runtime-configurable.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:56 +02:00
Alon Levy
020af1c45f qxl: add QXL_IO_MONITORS_CONFIG_ASYNC
Revision bumped to 4 for new IO support, enabled for spice-server >=
0.11.1. New io enabled if revision is 4. Revision can be set to 4.

[ kraxel: 3 continues to be the default revision.  Once we have a new
          stable spice-server release and the qemu patches to enable
          the new bits merged we'll go flip the switch and make rev4
          the default ]

This io calls the corresponding new spice api
spice_qxl_monitors_config_async to let spice-server read a new guest set
monitors config and notify the client.

On migration reissue spice_qxl_monitors_config_async.

RHBZ: 770842

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

fixup

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Yonit Halperin
8c9570530c spice: adding seamless-migration option to the command line
The seamless-migration flag is required in order to identify
whether libvirt supports the new QEVENT_SPICE_MIGRATE_COMPLETED or not
(by default the flag is off).
New libvirt versions that wait for QEVENT_SPICE_MIGRATE_COMPLETED should turn on this flag.
When this flag is off, spice fallbacks to its old migration method, which
can result in data loss.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Yonit Halperin
61c4efe2cb spice: add 'migrated' flag to spice info
The flag is 'true' when spice migration has completed on the src side.
It is needed for a case where libvirt dies before migration completes
and it misses the event QEVENT_SPICE_MIGRATE_COMPLETED.
When libvirt is restored and queries the migration status, it also needs
to query spice and check if its migration has completed.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Yonit Halperin
2fdd16e239 spice migration: add QEVENT_SPICE_MIGRATE_COMPLETED
When migrating, libvirt queries the migration status, and upon migration
completions, it closes the migration src. On the other hand, when
migration is completed, spice transfers data from the src to destination
via the client. This data is required for keeping the spice session
after migration, without suffering from data loss and inconsistencies.
In order to allow this data transfer, we add QEVENT for signaling
libvirt that spice migration has completed, and libvirt needs to wait
for this event before quitting the src process.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Yonit Halperin
71d388d420 spice: notify on vm state change only via spice_server_vm_start/stop
QXLWorker->start/stop are deprecated since spice-server 0.11.2

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Yonit Halperin
f5bb039c6d spice: notify spice server on vm start/stop
Spice server needs to know about the vm state in order to prevent
attempts to write to devices when they are stopped, mainly during
the non-live stage of migration.
Instead, spice will take care of restoring this writes, on the migration
target side, after migration completes.

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Christophe Fergeau
835cab85ad spice: abort on invalid streaming cmdline params
When parsing its command line parameters, spice aborts when it
finds unexpected values, except for the 'streaming-video' option.
This happens because the parsing of the parameters for this option
is done using the 'name2enum' helper, which does not error out
on unknown values. Using the 'parse_name' helper makes sure we
error out in this case. Looking at git history, the use of
'name2enum' instead of 'parse_name' seems to have been an oversight,
so let's change to that now.

Fixes rhbz#831708

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-09-05 17:11:55 +02:00
Luiz Capitulino
02a08fef07 net: inet_connect(), inet_connect_opts(): add in_progress argument
It's used to indicate the special case where a valid file-descriptor
is returned (ie. success) but the connection can't be completed
w/o blocking.

This is needed because QERR_SOCKET_CONNECT_IN_PROGRESS is not
treated like an error and a future commit will drop it.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
2012-08-13 13:20:34 -03:00
Paul Moore
0f66998ff6 vnc: disable VNC password authentication (security type 2) when in FIPS mode
FIPS 140-2 requires disabling certain ciphers, including DES, which is used
by VNC to obscure passwords when they are sent over the network.  The
solution for FIPS users is to disable the use of VNC password auth when the
host system is operating in FIPS compliance mode and the user has specified
'-enable-fips' on the QEMU command line.

This patch causes QEMU to emit a message to stderr when the host system is
running in FIPS mode and a VNC password was specified on the commend line.
If the system is not running in FIPS mode, or is running in FIPS mode but
VNC password authentication was not requested, QEMU operates normally.

Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-08-03 14:28:40 -05:00
Blue Swirl
0ed8b6f67f Avoid returning void
It's silly and non-conforming to standards to return void,
don't do it.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-07-28 09:23:11 +00:00
Daniel P. Berrange
2624bab836 Remove support for non-threaded VNC server
QEMU now has a fundamental requirement for pthreads, so there
is no compelling reason to retain support for the non-threaded
VNC server. Remove the --{enable,disable}-vnc-thread configure
arguments, and all CONFIG_VNC_THREAD conditionals

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-27 16:27:00 -05:00
Alon Levy
160c31f78f ui/spice-display.c: add missing initialization for valgrind
We can't initialize QXLDevSurfaceCreate field by field because it has a
pa hole, and so 4 bytes remain uninitialized when building on x86-64, so
just memset.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-06-22 10:46:12 +02:00
Paolo Bonzini
8867aef02e build: move ui/ objects to nested Makefile.objs
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-06-07 09:21:14 +02:00
Gerd Hoffmann
1643f2b232 vnc: fix segfault in vnc_display_pw_expire()
NULL pointer dereference in case no vnc server is configured.
Catch this and return -EINVAL like vnc_display_password() does.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-30 10:28:44 +08:00
Andreas Färber
60b46aa2f3 cocoa: Suppress Cocoa frontend for -qtest
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
2012-05-29 11:40:27 +02:00
Amos Kong
029409e5a9 sockets: use error class to pass listen error
Add a new argument in inet_listen()/inet_listen_opts()
to pass back listen error.

Change nbd, qemu-char, vnc to use new interface.

Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Orit Wasserman <owasserm@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-10 12:37:57 -05:00
Amos Kong
a6ba35b3be sockets: change inet_connect() to support nonblock socket
Add a bool argument to inet_connect() to assign if set socket
to block/nonblock, and delete original argument 'socktype'
that is unused.
Add a new argument to inet_connect()/inet_connect_opts(),
to pass back connect error by error class.

Retry to connect when -EINTR is got. Connect's successful
for nonblock socket when following errors are got, user
should wait for connecting by select():
  -EINPROGRESS
  -EWOULDBLOCK (win32)
  -WSAEALREADY (win32)

Change nbd, vnc to use new interface.

Signed-off-by: Amos Kong <akong@redhat.com>
Reviewed-by: Orit Wasserman <owasserm@redhat.com>
Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-05-10 12:37:57 -05:00
Alon Levy
4efee029cb spice_info: add mouse_mode
Add mouse_mode, either server or mouse, to qmp and hmp commands, based
on spice_server_is_server_mouse added in spice-server 0.10.3.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-05-03 10:45:04 +02:00
Stefan Weil
5cbdb3a34b Replace Qemu by QEMU in comments
The official spelling is QEMU.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
[blauwirbel@gmail.com: fixed comment style in hw/sun4m.c]
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-04-07 14:00:45 +00:00
Alon Levy
a13ccc991a ui/spice-display: use uintptr_t when casting qxl physical addresses
The current intptr_t casts are a problem when the address's highest
bit is 1, and it is cast to a intptr_t and then to uint64_t, such
as at:
     surface.mem        = (intptr_t)ssd->buf;

This causes the sign bit to be extended which causes a wrong address to
be passed on to spice, which then complains when it gets the wrong
slot_id number, since the slot_id is taken from the higher bits.

The assertion happens early - during the first primary surface creation.

This fixes running "-vga qxl -spice" with 32 bit compiled
qemu-system-i386.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-22 14:29:13 +01:00
Peter Maydell
34d14c6d8c ui/spice-display.c: Fix compilation warnings on 32 bit hosts
Fix compilation failures ("cast from pointer to integer of
different size [-Werror=pointer-to-int-cast]") by using
uintptr_t instead.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-22 14:29:12 +01:00
Anthony Liguori
b85a4ec8a7 Merge remote-tracking branch 'stefanha/trivial-patches' into staging
* stefanha/trivial-patches:
  qemu-ga: for w32, fix leaked handle ov.hEvent in ga_channel_write()
  ioapic: fix build with DEBUG_IOAPIC
  .gitignore: add qemu-bridge-helper and option rom build products
  cleanup obsolete typedef
  monitor: Remove unused bool field 'qapi' in mon_cmd_t struct
  ds1338: Add missing break statement
  vnc: Fix packed boolean struct members
  Remove type field in ModuleEntry as it's not used
2012-03-19 13:37:41 -05:00
Alon Levy
ad1be89948 spice: fix broken initialization
Commit 1b71f7c14f moved MODULE_INIT_QOM to
way before MODULE_INIT_MACHINE, thereby breaking assumptions made in
spice-core.c which registered both a type initializer and a machine
intializer.

This fix removes the type registration, and replaces it with calling
qemu_spice_init in vl.c after command line parsing (second pass) is
done, and after timers are armed, required by spice server.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-19 13:12:19 +01:00
Alon Levy
c480bb7da4 qxl: switch qxl.c to trace-events
dprint is still used for qxl_init_common one time prints.

also switched parts of spice-display.c over, mainly all the callbacks to
spice server.

All qxl device trace events start with the qxl device id.

Signed-off-by: Alon Levy <alevy@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-19 13:12:19 +01:00
Marc-André Lureau
d0638b185c spice: set spice uuid and name
This allows a Spice client to identify a VM

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-03-19 13:12:19 +01:00
Stefan Weil
ee032ca146 vnc: Fix packed boolean struct members
This patch fixes warnings reported by splint:

For variables which are packed in a single bit, a signed data type
like 'int' does not make much sense.

There is no obvious reason why the two values should be packed,
so I removed the packing and changed the data type to bool
because both are used as boolean values.

v2:

Some versions of gcc complain after this modification,
for example gcc (Debian 4.4.5-8) 4.4.5):

ui/vnc-auth-sasl.c: In function ‘vnc_sasl_client_cleanup’:
ui/vnc-auth-sasl.c:34: error: suggest parentheses around assignment used as truth value

Obviously, the compiler does not like code which does
bool = unsigned = bool = 0

Splitting that code in three statements works.

Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-03-19 10:52:52 +00:00
Stefan Weil
9e4dd565b4 vnc: Limit r/w access to size of allocated memory
This fixes memory reads and writes which exceeded the upper limit
of allocated memory vd->guest.ds->data and vd->server->data.

Cc: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-14 16:22:46 -05:00
Corentin Chary
175b2a6e4b vnc: don't mess up with iohandlers in the vnc thread
The threaded VNC servers messed up with QEMU fd handlers without
any kind of locking, and that can cause some nasty race conditions.

Using qemu_mutex_lock_iothread() won't work because vnc_dpy_cpy(),
which will wait for the current job queue to finish, can be called with
the iothread lock held.

Instead, we now store the data in a temporary buffer, and use a bottom
half to notify the main thread that new data is available.

vnc_[un]lock_ouput() is still needed to access VncState members like
abort, csock or jobs_buffer.

Signed-off-by: Corentin Chary <corentin.chary@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-14 16:22:46 -05:00
Gerd Hoffmann
1d3323de5f implement vnc_dpy_setdata
The comment is wrong, we have to do something in the setdata callback.
Changing the framebuffer backing storage (happens when the guest pans
the display) renders the whole screen content invalid.

Trigger #1: cirrus vga + 32bit linux guest + vesafb with ypan enabled.
Trigger #2: std vga + http://patchwork.ozlabs.org/patch/145479/

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-03-12 14:05:26 -05:00
Stefan Weil
0ea5c0cdb0 vnc: Add break statement
This was not a bug, but it is not common practice to omit the break statement
from the last case statement before an empty default case.

Any change of the default case would introduce a bug.

This was reported as a warning by splint.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2012-03-08 15:22:11 +00:00
Christophe Fergeau
35c6332914 Error out when tls-channel option is used without TLS
It's currently possible to setup spice channels using TLS when
no TLS port has been specified (ie TLS is disabled). This cannot
work, so better to error out in such a situation.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-28 17:22:30 +01:00
Christophe Fergeau
339a475f50 spice: use error_report to report errors
Error message reporting during spice startup wasn't consistent, it was done
with fprintf(stderr, "") but sometimes the message didn't have a trailing
\n. Using error_report make the intent of the message clearer and deal
with the final \n for us.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-28 17:22:30 +01:00
Alon Levy
81fb6f1504 qxl: make qxl_render_update async
RHBZ# 747011

Removes the last user of QXL_SYNC when using update drivers that use the
_ASYNC io ports.

The last user is qxl_render_update, it is called both by qxl_hw_update
which is the vga_hw_update_ptr passed to graphic_console_init, and by
qxl_hw_screen_dump.

At the same time the QXLRect area being passed to the red_worker thread
is passed as a copy, as part of the QXLCookie.

The implementation uses interface_update_area_complete with a bh to make
sure dpy_update and qxl_flip are called from the io thread, otherwise
the vga->ds->surface.data can change under our feet.

With this patch sdl+spice works fine. But spice by itself doesn't
produce the expected screendumps unless repeated a few times, due to
ppm_save being called before update_area (rendering done in spice server
thread) having a chance to complete. Fixed by next patch, but see commit
message for problem introduced by it.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:52 +01:00
Alon Levy
2e1a98c9c1 qxl: introduce QXLCookie
Will be used in the next patch.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:52 +01:00
Alon Levy
4295e15aa7 qxl: require spice >= 0.8.2
drop all ifdefs on SPICE_INTERFACE_QXL_MINOR >= 1 as a result,
any check for SPICE_SERVER_VERSION that is now always satisfied,
and SPICE_INTERFACE_CORE_MINOR >= 3 tests, because
0.8.2 has SPICE_INTERFACE_QXL_MINOR == 1 and
SPICE_INTERFACE_CORE_MINOR == 3.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:51 +01:00
Alon Levy
63ea491d4e sdl: remove NULL check, g_malloc0 can't fail
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:51 +01:00
Alon Levy
bb5a8cd5b0 qxl: fix spice+sdl no cursor regression
regression introduced by 0753609458,

v2: lock around qemu_spice_cursor_refresh_unlocked

Reported-by: Fabiano Fidêncio <fabiano@fidencio.org>
Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-27 09:46:51 +01:00
Markus Armbruster
1f51470d04 Revert "qemu-char: Print strerror message on failure" and deps
The commit's purpose is laudable:

    The only way for chardev drivers to communicate an error was to
    return a NULL pointer, which resulted in an error message that
    said _that_ something went wrong, but not _why_.

It attempts to achieve it by changing the interface to return 0/-errno
and update qemu_chr_open_opts() to use strerror() to display a more
helpful error message.  Unfortunately, it has serious flaws:

1. Backends "socket" and "udp" return bogus error codes, because
qemu_chr_open_socket() and qemu_chr_open_udp() assume that
unix_listen_opts(), unix_connect_opts(), inet_listen_opts(),
inet_connect_opts() and inet_dgram_opts() fail with errno set
appropriately.  That assumption is wrong, and the commit turns
unspecific error messages into misleading error messages.  For
instance:

    $ qemu-system-x86_64 -nodefaults -vnc :0 -chardev socket,id=bar,host=xxx
    inet_connect: host and/or port not specified
    chardev: opening backend "socket" failed: No such file or directory

ENOENT is what happens to be in my errno when the backend returns
-errno.  Let's put ERANGE there just for giggles:

    $ qemu-system-x86_64 -nodefaults -vnc :0 -chardev socket,id=bar,host=xxx -drive if=none,iops=99999999999999999999
    inet_connect: host and/or port not specified
    chardev: opening backend "socket" failed: Numerical result out of range

Worse: when errno happens to be zero, return -errno erroneously
signals success, and qemu_chr_new_from_opts() dies dereferencing
uninitialized chr.  I observe this with "-serial unix:".

2. All qemu_chr_open_opts() knows about the error is an errno error
code.  That's simply not enough for a decent message.  For instance,
when inet_dgram() can't resolve the parameter host, which errno code
should it use?  What if it can't resolve parameter localaddr?

Clue: many backends already report errors in their open methods.
Let's revert the flawed commit along with its dependencies, and fix up
the silent error paths instead.

This reverts commit 6e1db57b2a.

Conflicts:

	console.c
	hw/baum.c
	qemu-char.c

This reverts commit aad04cd024.

The parts of commit db418a0a "Add stdio char device on windows" that
depend on the reverted change fixed up.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-02-24 09:06:56 -06:00
Yonit Halperin
faa9822321 spice: support ipv6 channel address in monitor events and in spice info
RHBZ #788444

CC: Gerd Hoffmann <kraxel@redhat.com>

Signed-off-by: Yonit Halperin <yhalperi@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-21 10:36:05 +01:00
Daniel P. Berrange
f1f5f4070c Add SPICE support to add_client monitor command
With the acceptance of some new APIs to libspice-server.so it
is possible to add support for SPICE to the 'add_client'
monitor command, bringing parity with VNC. Since SPICE can
use TLS or plain connections, the command also gains a new
'tls' parameter to specify whether TLS should be attempted
on the injected client sockets.

This new feature is only enabled if building against a
libspice-server >= 0.10.1

* qmp-commands.hx: Add 'tls' parameter & missing doc for
  'skipauth' parameter
* monitor.c: Wire up SPICE for 'add_client' command
* ui/qemu-spice.h, ui/spice-core.c: Add qemu_spice_display_add_client
  API to wire up from monitor

[1] http://cgit.freedesktop.org/spice/spice/commit/server/spice.h?id=d55b68b6b44f2499278fa860fb47ff22f5011faa
    http://cgit.freedesktop.org/spice/spice/commit/server/spice.h?id=bd07dde530d9504e1cfe7ed5837fc00c26f36716

Changes in v3:
 - Added 'optional' flag to new parameters documented
 - Added no-op impl of qemu_spice_display_add_client when
   SPICE is disabled during build

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-02-21 10:36:05 +01:00
Daniel P. Berrange
7dfbfc7927 vnc: Don't demote authentication scheme when changing password/disabling login
Currently when disabling login in VNC, the password is cleared out and the
authentication protocol is forced to AUTH_VNC.  If you're using a stronger
authentication protocol, this has the effect of downgrading your security
protocol.

Fix this by only changing the authentication protocol if the current
authentication protocol is AUTH_NONE.  That ensures we're never downgrading.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
--
NB. This patch is derived from one posted by Anthony last year, which got
accidentally lost after Luiz took over the QMP series work

  https://lists.gnu.org/archive/html/qemu-devel/2011-09/msg00392.html

 v1 -> v2
 - Make sure to not demote when changing password (Daniel)
 v2 -> v3
 - Rebase to latest GIT master wrt QMP changes
2012-02-17 09:58:21 -06:00
Anthony Liguori
cf5cfe0471 Merge remote-tracking branch 'kraxel/vnc.2' into staging
* kraxel/vnc.2:
  vnc: lift modifier keys on client disconnect.
  vnc: implement shared flag handling.
  vnc: fix ctrl key in vnc terminal emulation
  Fix vnc memory corruption with width = 1400
2012-02-15 18:40:53 -06:00