main/xen: more robust websockets vencrypt-bypass hack

7aafa84c · William Pitcock · 1372cc18 · 7aafa84c · 7aafa84c
Commit 7aafa84c authored Sep 27, 2013 by William Pitcock
Hide whitespace changes
Inline Side-by-side

Showing with 58 additions and 8 deletions

main/xen/APKBUILD main/xen/APKBUILD +3 -3

main/xen/qemu-xen-websocket-plain-hack.patch main/xen/qemu-xen-websocket-plain-hack.patch +55 -5

No files found.
--- a/main/xen/APKBUILD
+++ b/main/xen/APKBUILD
@@ -192,7 +192,7 @@ b3e3a57d189a4f86c9766eaf3b5207f4  xsa48-4.2.patch
 a4097e06a7e000ed00f4607db014d277  qemu-xen-websocket.patch
 35bdea1d4e3ae2565edc7e40906efdd5  qemu-xen-tls-websockets.patch
 9cf9b155dfa6cd473554aa0f25181c1c  qemu-coroutine-gthread.patch
-c64a3b7bd77cdb01398d8ab8017fa269  qemu-xen-websocket-plain-hack.patch
+f8ea5786b0a6157b9cb3e67e323b592c  qemu-xen-websocket-plain-hack.patch
 a90c36642f0701a8aaa4ebe4dde430f5  xenstored.initd
 b017ccdd5e1c27bbf1513e3569d4ff07  xenstored.confd
 ed262f15fb880badb53575539468646c  xenconsoled.initd
@@ -216,7 +216,7 @@ fcb5b9ff0bc4b4d39fed9b88891491b91628aa449914cfea321abe5da24c1da2  fix-pod2man-ch
 e9f6c482fc449e0b540657a8988ad31f2e680b8933e50e6486687a52f6a9ed04  qemu-xen-websocket.patch
 435dd428d83acdfde58888532a1cece1e9075b2a2460fe3f6cd33c7d400f2715  qemu-xen-tls-websockets.patch
 7477c5acfc756f6498858e4a3eb250b3db84ee491a9d4ae38dddbc27275a370c  qemu-coroutine-gthread.patch
-9498c65a2c7aa454560605a7acf4702e9e3c48224421850c604be0723941c77f  qemu-xen-websocket-plain-hack.patch
+6c4c184462d47e7fd00e8d8f6bf12b33f6cf486f00415c1934ecf6c2b62f69c1  qemu-xen-websocket-plain-hack.patch
 868c77d689ae54b7041da169bfaa01868503337d4105a071eb771f4ec5a0543d  xenstored.initd
 ea9171e71ab3d33061979bcf3bb737156192aa4b0be4d1234438ced75b6fdef3  xenstored.confd
 93bea2eb90ea1b4628854c8141dd351bbd1fbc5959b12795447ea933ad025f01  xenconsoled.initd
@@ -240,7 +240,7 @@ bda9105793f2327e1317991762120d0668af0e964076b18c9fdbfd509984b2e88d85df95702c46b2
 45f1da45f3ff937d0a626e37c130d76f5b97f49a57ddeb11ef2a8e850c04c32c819a3dfcef501eb3784db5fe7b39c88230063e56aa6e5197fd9c7b7d424fff77  qemu-xen-websocket.patch
 11eaccc346440ff285552f204d491e3b31bda1665c3219ecae3061b5d55db9dec885af0c031fa19c67e87bbe238002b1911bbd5bfea2f2ba0d61e6b3d0c952c9  qemu-xen-tls-websockets.patch
 8b8df4f57ab725f54cfe44fb6b8d271ee22e94873f168e452293dd53955854b171b8311209133e5d825f9ce985219818803182b3451708a3452bc699b7b1dda1  qemu-coroutine-gthread.patch
-0b1fc70267efd2303945dc64c8c224c52f5161c1f5bfc2b1db6392ec6945ecccb2ae93bacd3f0146d9b9cb0e568b80c8f1edf63cdd0b9e8a8ac57227ad198e3f  qemu-xen-websocket-plain-hack.patch
+692e29205fa3d0a6e4d1be69a242d55c44a1fee26c594e6e46d8809339f93dcdc31c0735723a46f63ae0a727741bdc8a899bb1ce9103a2cd701b236f63a17fa2  qemu-xen-websocket-plain-hack.patch
 880584e0866b1efcf3b7a934f07072ec84c13c782e3e7a15848d38ba8af50259d46db037dca1e037b15274989f2c22acd1134954dd60c59f4ee693b417d03e0d  xenstored.initd
 100cf4112f401f45c1e4e885a5074698c484b40521262f6268fad286498e95f4c51e746f0e94eb43a590bb8e813a397bb53801ccacebec9541020799d8d70514  xenstored.confd
 12f981b2459c65d66e67ec0b32d0d19b95a029bc54c2a79138cfe488d3524a22e51860f755abfe25ddcdaf1b27f2ded59b6e350b9d5f8791193d00e2d3673137  xenconsoled.initd

--- a/main/xen/qemu-xen-websocket-plain-hack.patch
+++ b/main/xen/qemu-xen-websocket-plain-hack.patch
--- xen-4.3.0.orig/tools/qemu-xen/ui/vnc.c
-+++ xen-4.3.0/tools/qemu-xen/ui/vnc.c
-@@ -3121,7 +3121,7 @@
+--- xen-4.3.0/tools/qemu-xen/ui/vnc-ws.c
+++ xen-4.3.0.mod/tools/qemu-xen/ui/vnc-ws.c
+@@ -90,11 +90,6 @@
+     vncws_tls_handshake(vs);
+ }
+ 
+-#define NEED_X509_AUTH(vs)                              \
+-    ((vs)->subauth == VNC_AUTH_VENCRYPT_X509NONE ||   \
+-     (vs)->subauth == VNC_AUTH_VENCRYPT_X509VNC ||    \
+-     (vs)->subauth == VNC_AUTH_VENCRYPT_X509PLAIN ||  \
+-     (vs)->subauth == VNC_AUTH_VENCRYPT_X509SASL)
+ #endif
+ 
+ void vncws_handshake_read(void *opaque)
+@@ -105,7 +100,7 @@
+     if (!vs->vd->want_tls)
+         return vncws_handshake_read_impl(vs);
+ 
+-    if (vnc_tls_client_setup(vs, NEED_X509_AUTH(vs)) < 0) {
+    if (vnc_tls_client_setup(vs, true) < 0) {
+         VNC_DEBUG("Failed to setup TLS\n");
+         return 0;
+     }
+--- xen-4.3.0/tools/qemu-xen/ui/vnc.c
+++ xen-4.3.0.mod/tools/qemu-xen/ui/vnc.c
+@@ -3121,7 +3121,11 @@
      */
     if (password) {
 #ifdef CONFIG_VNC_TLS
-        if (tls) {
-+        if (0) {
+#ifdef CONFIG_VNC_WS
+        if (tls && !vs->websocket) {
+#else
+         if (tls) {
+#endif
             vs->auth = VNC_AUTH_VENCRYPT;
             if (x509) {
                 VNC_DEBUG("Initializing VNC server with x509 password auth\n");
+@@ -3141,7 +3145,11 @@
+ #ifdef CONFIG_VNC_SASL
+     } else if (sasl) {
+ #ifdef CONFIG_VNC_TLS
+#ifdef CONFIG_VNC_WS
+        if (tls && !vs->websocket) {
+#else
+         if (tls) {
+#endif
+             vs->auth = VNC_AUTH_VENCRYPT;
+             if (x509) {
+                 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n");
+@@ -3161,7 +3169,11 @@
+ #endif /* CONFIG_VNC_SASL */
+     } else {
+ #ifdef CONFIG_VNC_TLS
+#ifdef CONFIG_VNC_WS
+        if (tls && !vs->websocket) {
+#else
+         if (tls) {
+#endif
+             vs->auth = VNC_AUTH_VENCRYPT;
+             if (x509) {
+                 VNC_DEBUG("Initializing VNC server with x509 no auth\n");