Hi,
> > How does this look like (incremental fixup attached, docs to be
> > updated) ?
> Might be worth separate docs for the enums (we've done it elsewhere).
Sure, as mentioned above docs where not done yet ...
> But the interface looks fine to me.
... as I wanted to check this first ;)
So, here is the new version with updated docs ;)
cheers,
Gerd
>From 1fcfdb821b7dbbafe1a2ee81f8b74f2ab83b6075 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kra...@redhat.com>
Date: Mon, 15 Dec 2014 10:14:10 +0100
Subject: [PATCH] query-vnc2: auth fixup
---
qapi-schema.json | 50 ++++++++++++++++++++++++++-------------
ui/vnc.c | 71 +++++++++++++++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 104 insertions(+), 17 deletions(-)
diff --git a/qapi-schema.json b/qapi-schema.json
index 5bba0c2..b48c5ca 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -754,6 +754,31 @@
'*service': 'str', '*auth': 'str', '*clients': ['VncClientInfo']} }
##
+# @VncPriAuth:
+#
+# vnc primary authentication method.
+#
+# Since: 2.3
+##
+{ 'enum': 'VncPriAuth',
+ 'data': [ 'none', 'vnc', 'ra2', 'ra2ne', 'tight', 'ultra',
+ 'tls', 'vencrypt', 'sasl' ] }
+
+##
+# @VncVencryptSubAuth:
+#
+# vnc sub authentication method with vencrypt.
+#
+# Since: 2.3
+##
+{ 'enum': 'VncVencryptSubAuth',
+ 'data': [ 'plain',
+ 'tls-none', 'x509-none',
+ 'tls-vnc', 'x509-vnc',
+ 'tls-plain', 'x509-plain',
+ 'tls-sasl', 'x509-sasl' ] }
+
+##
# @VncInfo2:
#
# Information about a vnc server
@@ -769,28 +794,21 @@
# The list can be empty, for obvious reasons.
#
# @auth: The current authentication type used by the server
-# 'none' if no authentication is being used
-# 'vnc' if VNC authentication is being used
-# 'vencrypt+plain' if VEncrypt is used with plain text authentication
-# 'vencrypt+tls+none' if VEncrypt is used with TLS and no authentication
-# 'vencrypt+tls+vnc' if VEncrypt is used with TLS and VNC authentication
-# 'vencrypt+tls+plain' if VEncrypt is used with TLS and plain text auth
-# 'vencrypt+x509+none' if VEncrypt is used with x509 and no auth
-# 'vencrypt+x509+vnc' if VEncrypt is used with x509 and VNC auth
-# 'vencrypt+x509+plain' if VEncrypt is used with x509 and plain text auth
-# 'vencrypt+tls+sasl' if VEncrypt is used with TLS and SASL auth
-# 'vencrypt+x509+sasl' if VEncrypt is used with x509 and SASL auth
+#
+# @vencrypt: #optional The vencrypt sub authentication type used by the server,
+# only specified in case auth == vencrypt.
#
# @display: #optional The display device the vnc server is linked to.
#
# Since: 2.3
##
{ 'type': 'VncInfo2',
- 'data': { 'id' : 'str',
- 'server' : ['VncBasicInfo'],
- 'clients' : ['VncClientInfo'],
- 'auth' : 'str',
- '*display' : 'str' } }
+ 'data': { 'id' : 'str',
+ 'server' : ['VncBasicInfo'],
+ 'clients' : ['VncClientInfo'],
+ 'auth' : 'VncPriAuth',
+ '*vencrypt' : 'VncVencryptSubAuth',
+ '*display' : 'str' } }
##
# @query-vnc:
diff --git a/ui/vnc.c b/ui/vnc.c
index 1e7eb4d..fb8068f 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -489,6 +489,75 @@ static VncBasicInfoList *qmp_query_server_entry(int socket,
return list;
}
+static void qmp_query_auth(VncDisplay *vd, VncInfo2 *info)
+{
+ switch (vd->auth) {
+ case VNC_AUTH_VNC:
+ info->auth = VNC_PRI_AUTH_VNC;
+ break;
+ case VNC_AUTH_RA2:
+ info->auth = VNC_PRI_AUTH_RA2;
+ break;
+ case VNC_AUTH_RA2NE:
+ info->auth = VNC_PRI_AUTH_RA2NE;
+ break;
+ case VNC_AUTH_TIGHT:
+ info->auth = VNC_PRI_AUTH_TIGHT;
+ break;
+ case VNC_AUTH_ULTRA:
+ info->auth = VNC_PRI_AUTH_ULTRA;
+ break;
+ case VNC_AUTH_TLS:
+ info->auth = VNC_PRI_AUTH_TLS;
+ break;
+ case VNC_AUTH_VENCRYPT:
+ info->auth = VNC_PRI_AUTH_VENCRYPT;
+#ifdef CONFIG_VNC_TLS
+ info->has_vencrypt = true;
+ switch (vd->subauth) {
+ case VNC_AUTH_VENCRYPT_PLAIN:
+ info->vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN;
+ break;
+ case VNC_AUTH_VENCRYPT_TLSNONE:
+ info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE;
+ break;
+ case VNC_AUTH_VENCRYPT_TLSVNC:
+ info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC;
+ break;
+ case VNC_AUTH_VENCRYPT_TLSPLAIN:
+ info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN;
+ break;
+ case VNC_AUTH_VENCRYPT_X509NONE:
+ info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE;
+ break;
+ case VNC_AUTH_VENCRYPT_X509VNC:
+ info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC;
+ break;
+ case VNC_AUTH_VENCRYPT_X509PLAIN:
+ info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN;
+ break;
+ case VNC_AUTH_VENCRYPT_TLSSASL:
+ info->vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL;
+ break;
+ case VNC_AUTH_VENCRYPT_X509SASL:
+ info->vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL;
+ break;
+ default:
+ info->has_vencrypt = false;
+ break;
+ }
+#endif
+ break;
+ case VNC_AUTH_SASL:
+ info->auth = VNC_PRI_AUTH_SASL;
+ break;
+ case VNC_AUTH_NONE:
+ default:
+ info->auth = VNC_PRI_AUTH_NONE;
+ break;
+ }
+}
+
VncInfo2List *qmp_query_vnc2(Error **errp)
{
VncInfo2List *item, *prev = NULL;
@@ -499,8 +568,8 @@ VncInfo2List *qmp_query_vnc2(Error **errp)
QTAILQ_FOREACH(vd, &vnc_displays, next) {
info = g_new0(VncInfo2, 1);
info->id = g_strdup(vd->id);
- info->auth = g_strdup(vnc_auth_name(vd));
info->clients = qmp_query_client_list(vd);
+ qmp_query_auth(vd, info);
if (vd->dcl.con) {
dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con),
"device", NULL));
--
1.8.3.1
