From f896516cdd58fcc899652094d3bdcade8d69429b Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Wed, 5 Jan 2011 15:29:39 -0200
Subject: [PATCH 34/48] Revert "vnc: support password expire"

RH-Author: Gerd Hoffmann <kraxel@redhat.com>
Message-id: <1294241382-17988-36-git-send-email-kraxel@redhat.com>
Patchwork-id: 15770
O-Subject: [RHEL-6 kvm PATCH 35/38] Revert "vnc: support password expire"
Bugzilla: 642131 634153 615947 632458 631832 647865
RH-Acked-by: Uri Lublin <uril@redhat.com>
RH-Acked-by: Alon Levy <alevy@redhat.com>
RH-Acked-by: Hans de Goede <hdegoede@redhat.com>

This reverts commit d041589b58c189e1ba0fc7e42fc2d479d949f3d2.

Conflicts:

	monitor.c

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 console.h |    2 +-
 monitor.c |    2 +-
 vnc.c     |   43 +++++++++++++++++--------------------------
 vnc.h     |    1 -
 4 files changed, 19 insertions(+), 29 deletions(-)

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
---
 console.h |    2 +-
 monitor.c |    2 +-
 vnc.c     |   43 +++++++++++++++++--------------------------
 vnc.h     |    1 -
 4 files changed, 19 insertions(+), 29 deletions(-)

diff --git a/console.h b/console.h
index 9d289b0..dd89389 100644
--- a/console.h
+++ b/console.h
@@ -371,7 +371,7 @@ void cocoa_display_init(DisplayState *ds, int full_screen);
 void vnc_display_init(DisplayState *ds);
 void vnc_display_close(DisplayState *ds);
 int vnc_display_open(DisplayState *ds, const char *display);
-int vnc_display_password(DisplayState *ds, const char *password, int lifetime);
+int vnc_display_password(DisplayState *ds, const char *password);
 void do_info_vnc_print(Monitor *mon, const QObject *data);
 void do_info_vnc(Monitor *mon, QObject **ret_data);
 char *vnc_display_local_addr(DisplayState *ds);
diff --git a/monitor.c b/monitor.c
index 4af4fdc..0811135 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1121,7 +1121,7 @@ static int do_change_block(Monitor *mon, const char *device,
 
 static int change_vnc_password(const char *password)
 {
-    if (vnc_display_password(NULL, password, 0) < 0) {
+    if (vnc_display_password(NULL, password) < 0) {
         qerror_report(QERR_SET_PASSWD_FAILED);
         return -1;
     }
diff --git a/vnc.c b/vnc.c
index 819ce04..a523096 100644
--- a/vnc.c
+++ b/vnc.c
@@ -2126,18 +2126,18 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
     unsigned char response[VNC_AUTH_CHALLENGE_SIZE];
     int i, j, pwlen;
     unsigned char key[8];
-    time_t now;
 
     if (!vs->vd->password || !vs->vd->password[0]) {
         VNC_DEBUG("No password configured on server");
-        goto reject;
-    }
-    if (vs->vd->expires) {
-        time(&now);
-        if (vs->vd->expires < now) {
-            VNC_DEBUG("Password is expired");
-            goto reject;
+        vnc_write_u32(vs, 1); /* Reject auth */
+        if (vs->minor >= 8) {
+            static const char err[] = "Authentication failed";
+            vnc_write_u32(vs, sizeof(err));
+            vnc_write(vs, err, sizeof(err));
         }
+        vnc_flush(vs);
+        vnc_client_error(vs);
+        return 0;
     }
 
     memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE);
@@ -2153,7 +2153,14 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
     /* Compare expected vs actual challenge response */
     if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) {
         VNC_DEBUG("Client challenge reponse did not match\n");
-        goto reject;
+        vnc_write_u32(vs, 1); /* Reject auth */
+        if (vs->minor >= 8) {
+            static const char err[] = "Authentication failed";
+            vnc_write_u32(vs, sizeof(err));
+            vnc_write(vs, err, sizeof(err));
+        }
+        vnc_flush(vs);
+        vnc_client_error(vs);
     } else {
         VNC_DEBUG("Accepting VNC challenge response\n");
         vnc_write_u32(vs, 0); /* Accept auth */
@@ -2162,17 +2169,6 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
         start_client_init(vs);
     }
     return 0;
-
-reject:
-    vnc_write_u32(vs, 1); /* Reject auth */
-    if (vs->minor >= 8) {
-        static const char err[] = "Authentication failed";
-        vnc_write_u32(vs, sizeof(err));
-        vnc_write(vs, err, sizeof(err));
-    }
-    vnc_flush(vs);
-    vnc_client_error(vs);
-    return 0;
 }
 
 void start_auth_vnc(VncState *vs)
@@ -2515,7 +2511,7 @@ void vnc_display_close(DisplayState *ds)
 #endif
 }
 
-int vnc_display_password(DisplayState *ds, const char *password, int lifetime)
+int vnc_display_password(DisplayState *ds, const char *password)
 {
     VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display;
 
@@ -2533,11 +2529,6 @@ int vnc_display_password(DisplayState *ds, const char *password, int lifetime)
         if (vs->auth == VNC_AUTH_NONE) {
             vs->auth = VNC_AUTH_VNC;
         }
-        if (lifetime) {
-            vs->expires = time(NULL) + lifetime;
-        } else {
-            vs->expires = 0;
-        }
     } else {
         vs->auth = VNC_AUTH_NONE;
     }
diff --git a/vnc.h b/vnc.h
index a752cef..77f13c9 100644
--- a/vnc.h
+++ b/vnc.h
@@ -104,7 +104,6 @@ struct VncDisplay
 
     char *display;
     char *password;
-    time_t expires;
     int auth;
 #ifdef CONFIG_VNC_TLS
     int subauth; /* Used by VeNCrypt */
-- 
1.7.4.rc1.16.gd2f15e