qemu/ui-vnc-don-t-return-an-empty-SASL-mechlist-to-the-cl.patch

From 838c585cf6c899a0b48683a0b46ed01cc24d835c Mon Sep 17 00:00:00 2001
From: Susanooo <zhangchujun_yewu@cmss.chinamobile.com>
Date: Fri, 25 Oct 2024 10:08:39 +0800
Subject: [PATCH] ui/vnc: don't return an empty SASL mechlist to the client
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The SASL initialization phase may determine that there are no valid
mechanisms available to use. This may be because the host OS admin
forgot to install some packages, or it might be because the requested
SSF level is incompatible with available mechanisms, or other unknown
reasons.

If we return an empty mechlist to the client, they're going to get a
failure from the SASL library on their end and drop the connection.
Thus there is no point even sending this back to the client, we can
just drop the connection immediately.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: zhangchujun <zhangchujun_yewu@cmss.chinamobile.com>
---
 ui/vnc-auth-sasl.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c
index 47fdae5b21..e321c9decc 100644
--- a/ui/vnc-auth-sasl.c
+++ b/ui/vnc-auth-sasl.c
@@ -674,6 +674,13 @@ void start_auth_sasl(VncState *vs)
     }
     trace_vnc_auth_sasl_mech_list(vs, mechlist);
 
+    if (g_str_equal(mechlist, "")) {
+	    trace_vnc_auth_fail(vs, vs->auth, "no available SASL mechanisms", "");
+	    sasl_dispose(&vs->sasl.conn);
+	    vs->sasl.conn = NULL;
+	    goto authabort;
+    }
+
     vs->sasl.mechlist = g_strdup(mechlist);
     mechlistlen = strlen(mechlist);
     vnc_write_u32(vs, mechlistlen);
-- 
2.41.0.windows.1
QEMU update to version 8.2.0-26: - vdpa-dev: Fix initialisation order to restore VDUSE compatibility - tcg: Allow top bit of SIMD_DATA_BITS to be set in simd_desc() - migration: fix-possible-int-overflow - target/m68k: Map FPU exceptions to FPSR register - qemu-options: Fix CXL Fixed Memory Window interleave-granularity typo - hvf: arm: Fix encodings for ID_AA64PFR1_EL1 and debug System registers - hw/intc/arm_gic: Fix handling of NS view of GICC_APR<n> - qio: Inherit follow_coroutine_ctx across TLS - target/riscv: Fix the element agnostic function problem - accel/tcg: Fix typo causing tb->page_addr[1] to not be recorded - tcg/loongarch64: Fix tcg_out_movi vs some pcrel pointers - migration: Fix file migration with fdset - ui/vnc: don't return an empty SASL mechlist to the client - target/arm: Fix FJCVTZS vs flush-to-zero - hw/ppc/e500: Prefer QOM cast - sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments - hw/ppc/e500: Remove unused "irqs" parameter - hw/ppc/e500: Add missing device tree properties to i2c controller node - hw/i386/amd_iommu: Don't leak memory in amdvi_update_iotlb() - hw/arm/mps2-tz.c: fix RX/TX interrupts order - target/i386: csv: Add support to migrate the incoming context for CSV3 guest - target/i386: csv: Add support to migrate the outgoing context for CSV3 guest - target/i386: csv: Add support to migrate the incoming page for CSV3 guest - target/i386: csv: Add support to migrate the outgoing page for CSV3 guest - linux-headers: update kernel headers to include CSV3 migration cmds - vfio: Only map shared region for CSV3 virtual machine - vga: Force full update for CSV3 guest - target/i386: csv: Load initial image to private memory for CSV3 guest - target/i386: csv: Do not register/unregister guest secure memory for CSV3 guest - target/i386: cpu: Populate CPUID 0x8000_001F when CSV3 is active - target/i386: csv: Add command to load vmcb to CSV3 guest memory - target/i386: csv: Add command to load data to CSV3 guest memory - target/i386: csv: Add command to initialize CSV3 context - target/i386: csv: Add CSV3 context - next-kbd: convert to use qemu_input_handler_register() - qemu/bswap: Undefine CPU_CONVERT() once done - exec/memop: Remove unused memop_big_endian() helper - hw/nvme: fix handling of over-committed queues - 9pfs: fix crash on 'Treaddir' request - hw/misc/psp: Pin the hugepage memory specified by mem2 during use for psp - hw/misc: support tkm use mem2 memory - hw/i386: add mem2 option for qemu - kvm: add support for guest physical bits - target/i386: add guest-phys-bits cpu property Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com> (cherry picked from commit f45f35e88509a4ffa9f62332ee9601e9fe1f8d09) 2024-12-12 17:01:35 +08:00			`From 838c585cf6c899a0b48683a0b46ed01cc24d835c Mon Sep 17 00:00:00 2001`
			`From: Susanooo <zhangchujun_yewu@cmss.chinamobile.com>`
			`Date: Fri, 25 Oct 2024 10:08:39 +0800`
			`Subject: [PATCH] ui/vnc: don't return an empty SASL mechlist to the client`
			`MIME-Version: 1.0`
			`Content-Type: text/plain; charset=UTF-8`
			`Content-Transfer-Encoding: 8bit`

			`The SASL initialization phase may determine that there are no valid`
			`mechanisms available to use. This may be because the host OS admin`
			`forgot to install some packages, or it might be because the requested`
			`SSF level is incompatible with available mechanisms, or other unknown`
			`reasons.`

			`If we return an empty mechlist to the client, they're going to get a`
			`failure from the SASL library on their end and drop the connection.`
			`Thus there is no point even sending this back to the client, we can`
			`just drop the connection immediately.`

			`Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>`
			`Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>`
			`Signed-off-by: zhangchujun <zhangchujun_yewu@cmss.chinamobile.com>`
			`---`
			`ui/vnc-auth-sasl.c \| 7 +++++++`
			`1 file changed, 7 insertions(+)`

			`diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c`
			`index 47fdae5b21..e321c9decc 100644`
			`--- a/ui/vnc-auth-sasl.c`
			`+++ b/ui/vnc-auth-sasl.c`
			`@@ -674,6 +674,13 @@ void start_auth_sasl(VncState *vs)`
			`}`
			`trace_vnc_auth_sasl_mech_list(vs, mechlist);`

			`+ if (g_str_equal(mechlist, "")) {`
			`+ trace_vnc_auth_fail(vs, vs->auth, "no available SASL mechanisms", "");`
			`+ sasl_dispose(&vs->sasl.conn);`
			`+ vs->sasl.conn = NULL;`
			`+ goto authabort;`
			`+ }`
			`+`
			`vs->sasl.mechlist = g_strdup(mechlist);`
			`mechlistlen = strlen(mechlist);`
			`vnc_write_u32(vs, mechlistlen);`
			`--`
			`2.41.0.windows.1`