vnc: add display id to acl names

In case the display id is "default" (which is the one you get if you don't explicitly assign one) we keep the old name scheme, without display, for backward compatibility reasons. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
2014-10-21 14:50:42 +02:00 · 2014-10-21 14:50:42 +02:00 · c8496408b4
parent 14f7143ede
commit c8496408b4
1 changed files with 20 additions and 2 deletions
--- a/ui/vnc.c
+++ b/ui/vnc.c
@ -3207,18 +3207,36 @@ void vnc_display_open(const char *id, const char *display, Error **errp)

 #ifdef CONFIG_VNC_TLS
    if (acl && x509 && vs->tls.x509verify) {
-        if (!(vs->tls.acl = qemu_acl_init("vnc.x509dname"))) {
+        char *aclname;
+
+        if (strcmp(vs->id, "default") == 0) {
+            aclname = g_strdup("vnc.x509dname");
+        } else {
+            aclname = g_strdup_printf("vnc.%s.x509dname", vs->id);
+        }
+        vs->tls.acl = qemu_acl_init(aclname);
+        if (!vs->tls.acl) {
            fprintf(stderr, "Failed to create x509 dname ACL\n");
            exit(1);
        }
+        g_free(aclname);
    }
 #endif
 #ifdef CONFIG_VNC_SASL
    if (acl && sasl) {
-        if (!(vs->sasl.acl = qemu_acl_init("vnc.username"))) {
+        char *aclname;
+
+        if (strcmp(vs->id, "default") == 0) {
+            aclname = g_strdup("vnc.username");
+        } else {
+            aclname = g_strdup_printf("vnc.%s.username", vs->id);
+        }
+        vs->sasl.acl = qemu_acl_init(aclname);
+        if (!vs->sasl.acl) {
            fprintf(stderr, "Failed to create username ACL\n");
            exit(1);
        }
+        g_free(aclname);
    }
 #endif