Bug 1911224
| Summary: | virt-viewer core dumped when inputting an invalid password for a vnc vm in kiosk mode | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | zhoujunqin <juzhou> | ||||||||
| Component: | virt-viewer | Assignee: | Default Assignee for SPICE Bugs <rh-spice-bugs> | ||||||||
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> | ||||||||
| Severity: | medium | Docs Contact: | |||||||||
| Priority: | unspecified | ||||||||||
| Version: | 8.4 | CC: | berrange, mdean, mxie, tyan, tzheng, uril, virt-maint, xiaodwan | ||||||||
| Target Milestone: | rc | Keywords: | Triaged | ||||||||
| Target Release: | 8.0 | ||||||||||
| Hardware: | x86_64 | ||||||||||
| OS: | Unspecified | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | virt-viewer-9.0-10.el8 | Doc Type: | If docs needed, set a value | ||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2021-11-09 17:48:12 UTC | Type: | Bug | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Bug Depends On: | |||||||||||
| Bug Blocks: | 1948357 | ||||||||||
| Attachments: |
|
||||||||||
Should be fixed by: https://gitlab.com/virt-viewer/virt-viewer/-/merge_requests/61 I can reproduce this bug with the package:
virt-viewer-9.0-9.el8.x86_64
Then try to verify with a new build:
virt-viewer-9.0-10.el8.x86_64
Steps:
1. Prepare a vnc guest with authentication required.
# virsh dumpxml rhel8-vnc --security-info --inactive
...
<graphics type='vnc' port='-1' autoport='yes' passwd='aabb'>
<listen type='address'/>
</graphics>
2. Open the vm by "virt-viewer $guest -k", and then input an invalid password after the authentication dialog pops up.
$ virt-viewer -c qemu:///system rhel7.9-vnc -k
Test result:
a. After inputting an invalid password(such as 'test'), An authentication failed dialog pops up:
------------------------------------------------------
Unable to connect to the graphic server localhost:5902
Authentication failed
------------------------------------------------------
Click 'OK', then virt-viewer navigates to the previous authentication page.
b. Repeat inputting invalid password for 10 times, virt-viewer works well, no crash.
c. Click 'Cancel' directly on the authentication dialog, virt-viewer will show the authentication dialog again.
virt-viewer can't exit when in kiosk mode.
Even I use 'kill -9' to stop this process, command '$ virt-viewer -c qemu:///system rhel8-vnc -k' keeps on the terminal
Is it the expected result, if not, I suggest filing a separate bug to track this issue, thanks
d. If I input an empty password on the authentication dialog, then click "OK".
virt-viewer will show an error message as follows:
------------------------------------------------------
Unable to connect to the graphic server 127.0.0.1:5902
Unknown authentication failure: %s: Weak encryption key
------------------------------------------------------
Click 'OK', then virt-viewer will display a white screen, details please see the attachment.
What's more, without in kiosk mode, if I input an empty password, then virt-viewer prompts the above error message,
but after click 'OK', virt-viewer will exit silently.
@Jakub, please help double-check the results c and d, thanks.
Created attachment 1763334 [details]
screenshot for result-c
Created attachment 1763335 [details]
screenshot for result-d
The new build should be mostly consistent with the builds prior to virt-viewer-9.0-5. What's new is the error dialog in case d). I checked with 9.0-2 on fedora 33 and both of the issues, c) and d), are present. Regarding c), I'm not sure whether that's by design or not. There should probably be some discussion. I can imagine that both not allowing and allowing to exit while not connected in kiosk mode could make sense in some scenarios. As for d), it should be fixed. The error message also shouldn't contain the "%s", but that's a bug in gtk-vnc, if I'm not mistaken. So I'd open a new bug at least for d), possibly for c). Verify this bug with builds:
virt-viewer-9.0-10.el8.x86_64
qemu-kvm-4.2.0-48.module+el8.4.0+10368+630e803b.x86_64
libvirt-6.0.0-35.module+el8.4.0+10230+7a9b21e4.x86_64
Steps:
Steps:
1. Prepare a vnc guest with authentication required.
# virsh dumpxml vnc --security-info --inactive
...
<graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0' sharePolicy='ignore' passwd='aabb'>
<listen type='address' address='0.0.0.0'/>
</graphics>
2. Open the vm by "virt-viewer $guest -k", and then input an invalid password after the authentication dialog pops up.
$ virt-viewer -c qemu:///system vnc -k
Test result:
a. After inputting an invalid password(such as 'test'), An authentication failed dialog pops up:
------------------------------------------------------
Unable to connect to the graphic server localhost:5902
Authentication failed
------------------------------------------------------
Click 'OK', then virt-viewer navigates to the previous authentication page.
b. Repeat inputting invalid password for 10 times, virt-viewer works well, no crash.
So the bug issue is fixed, I move the bug from ON_QA to VERIFIED status, thanks.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (virt-viewer bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:4165 |
Created attachment 1742543 [details] virt-viewer debug log Description of problem: virt-viewer core dumped when inputting an invalid password for a vnc vm in kiosk mode Version-Release number of selected component (if applicable): virt-viewer-9.0-5.el8.x86_64 virt-viewer-debuginfo-9.0-5.el8.x86_64 gtk-vnc2-0.9.0-2.el8.x86_64 libgovirt-0.3.7-4.el8.x86_64 kernel-4.18.0-266.el8.x86_64 libvirt-6.0.0-32.module+el8.4.0+9172+b707c649.x86_64 How reproducible: 100% Steps to Reproduce: 1. Prepare a vnc guest with authentication required. # virsh dumpxml rhel7.9-vnc --security-info --inactive |grep -A7 graphics <graphics type='vnc' port='-1' autoport='yes' listen='0.0.0.0' passwd='aabb'> <listen type='address' address='0.0.0.0'/> </graphics> 2. Open the vm by "virt-viewer $guest -k", and then input an invalid password after the authentication dialog pops up. $ virt-viewer -c qemu:///system rhel7.9-vnc -k Test result: After inputting an invalid password(such as 'test'), An authentication failed dialog pops up: Unable to connect to the graphic server localhost:5900 Authentication failed Click 'OK', then virt-viewer crashes. ... Segmentation fault (core dumped) Actual results: As described. Expected results: Fix it. Additional info: