Bug 1506689

Summary: Reject VNC passwords over 8 characters
Product: [Community] Virtualization Tools Reporter: Jon Derrick <jonathan.derrick>
Component: libvirtAssignee: Libvirt Maintainers <libvirt-maint>
Status: CLOSED UPSTREAM QA Contact:
Severity: low Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: berrange, hongzliu, juzhou, libvirt-maint, mxie, serg
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-11-15 14:57:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jon Derrick 2017-10-26 14:40:04 UTC 
Description of problem:
To my surprise, I could use a VNC password in my VM over 8 characters and only needed to enter the first 8 characters.

Daniel informed me that VNC has a maximum effective password length of 8 characters, and that anything over 8 characters is discarded.

It might be helpful if virsh could reject a VNC passwd over 8 characters to avoid surprising users like myself.

Version-Release number of selected component (if applicable):
Virsh 3.2.1

How reproducible:
100%

Steps to Reproduce:
1. Define VM XML with VNC display and passwd over 8 characters
2. Start VM
3. Login to VNC with first 8 characters of passwd

Actual results:
It's only required to enter the first 8 characters of the VNC password

Expected results:
Reject the VM XML that uses a VNC password > 8 characters

Additional info:
Comment 1 Daniel Berrangé 2021-12-16 11:17:45 UTC 
https://listman.redhat.com/archives/libvir-list/2021-December/msg00717.html
Comment 2 Daniel Berrangé 2022-11-15 14:57:23 UTC 
Committed for 8.0.0 as:

commit 27c1d06b5bd68bdce55efff0a50a15a30cb2a96b
Author: Daniel P. Berrangé <berrange>
Date:   Thu Dec 16 10:20:37 2021 +0000

    qemu: validate VNC password length