| bool_entry "spice_sasl"
| str_entry "spice_sasl_dir"
+ let rdp_entry = str_entry "rdp_listen"
+ | str_entry "rdp_tls_x509_cert_dir"
+ | str_entry "rdp_username"
+ | str_entry "rdp_password"
+
let chardev_entry = bool_entry "chardev_tls"
| str_entry "chardev_tls_x509_cert_dir"
| bool_entry "chardev_tls_x509_verify"
| str_entry "bridge_helper"
| str_entry "pr_helper"
| str_entry "slirp_helper"
+ | str_entry "qemu_rdp"
| str_entry "dbus_daemon"
| bool_entry "set_process_name"
| int_entry "max_processes"
let entry = default_tls_entry
| vnc_entry
| spice_entry
+ | rdp_entry
| chardev_entry
| migrate_entry
| backup_entry
#
#spice_sasl_dir = "/some/directory/sasl2"
+# RDP is configured to listen on 127.0.0.1 by default.
+# To make it listen on all public interfaces, uncomment
+# this next option.
+#
+#rdp_listen = "0.0.0.0"
+
+# In order to override the default TLS certificate location for
+# RDP certificates, supply a valid path to the certificate directory.
+# If the path is not provided, then the default_tls_x509_cert_dir path
+# will be used.
+#
+#rdp_tls_x509_cert_dir = "/etc/pki/libvirt-rdp"
+
+# The default RDP username. This parameter is only used if the
+# per-domain XML config does not already provide a username.
+#
+#rdp_username = "user"
+
+# The default RDP password. This parameter is only used if the
+# per-domain XML config does not already provide a password.
+# By default, RDP server will not allow password-less connections.
+# Obviously change this example here before you set this.
+#
+#rdp_password = "RDP12345"
+
# Enable use of TLS encryption on the chardev TCP transports.
#
# It is necessary to setup CA and issue a server certificate
# Path to the SLIRP networking helper.
#slirp_helper = "/usr/bin/slirp-helper"
+
+# Path to qemu-rdp
+# If this is not an absolute path, the program will be searched for
+# in $PATH.
+#qemu_rdp = "qemu-rdp"
+
# Path to the dbus-daemon
# If this is not an absolute path, the program will be searched for
# in $PATH.
#define QEMU_BRIDGE_HELPER "qemu-bridge-helper"
#define QEMU_PR_HELPER "qemu-pr-helper"
+#define QEMU_RDP "qemu-rdp"
#define QEMU_DBUS_DAEMON "dbus-daemon"
}
cfg->vncListen = g_strdup(VIR_LOOPBACK_IPV4_ADDR);
+ cfg->rdpListen = g_strdup(VIR_LOOPBACK_IPV4_ADDR);
cfg->spiceListen = g_strdup(VIR_LOOPBACK_IPV4_ADDR);
cfg->remotePortMin = QEMU_REMOTE_PORT_MIN;
cfg->prHelperName = g_strdup(QEMU_PR_HELPER);
cfg->slirpHelperName = g_strdup(QEMU_SLIRP_HELPER);
cfg->dbusDaemonName = g_strdup(QEMU_DBUS_DAEMON);
+ cfg->qemuRdpName = g_strdup(QEMU_RDP);
cfg->securityDefaultConfined = true;
cfg->securityRequireConfined = false;
g_free(cfg->spicePassword);
g_free(cfg->spiceSASLdir);
+ g_free(cfg->rdpTLSx509certdir);
+ g_free(cfg->rdpListen);
+ g_free(cfg->rdpUsername);
+ g_free(cfg->rdpPassword);
+
g_free(cfg->chardevTLSx509certdir);
g_free(cfg->chardevTLSx509secretUUID);
g_free(cfg->prHelperName);
g_free(cfg->slirpHelperName);
g_free(cfg->dbusDaemonName);
+ g_free(cfg->qemuRdpName);
g_free(cfg->autoDumpPath);
return 0;
}
+static int
+virQEMUDriverConfigLoadRDPEntry(virQEMUDriverConfig *cfg,
+ virConf *conf)
+{
+ if (virConfGetValueString(conf, "rdp_tls_x509_cert_dir", &cfg->rdpTLSx509certdir) < 0)
+ return -1;
+ if (virConfGetValueString(conf, "rdp_listen", &cfg->rdpListen) < 0)
+ return -1;
+ if (virConfGetValueString(conf, "rdp_username", &cfg->rdpUsername) < 0)
+ return -1;
+ if (virConfGetValueString(conf, "rdp_password", &cfg->rdpPassword) < 0)
+ return -1;
+
+ return 0;
+}
static int
virQEMUDriverConfigLoadSpecificTLSEntry(virQEMUDriverConfig *cfg,
if (virConfGetValueString(conf, "dbus_daemon", &cfg->dbusDaemonName) < 0)
return -1;
+ if (virConfGetValueString(conf, "qemu_rdp", &cfg->qemuRdpName) < 0)
+ return -1;
+
if (virConfGetValueBool(conf, "set_process_name", &cfg->setProcessName) < 0)
return -1;
if (virConfGetValueUInt(conf, "max_processes", &cfg->maxProcesses) < 0)
if (virQEMUDriverConfigLoadSPICEEntry(cfg, conf) < 0)
return -1;
+ if (virQEMUDriverConfigLoadRDPEntry(cfg, conf) < 0)
+ return -1;
+
if (virQEMUDriverConfigLoadSpecificTLSEntry(cfg, conf) < 0)
return -1;
return -1;
}
+ if (cfg->rdpTLSx509certdir &&
+ !virFileExists(cfg->rdpTLSx509certdir)) {
+ virReportError(VIR_ERR_CONF_SYNTAX,
+ _("rdp_tls_x509_cert_dir directory '%1$s' does not exist"),
+ cfg->rdpTLSx509certdir);
+ return -1;
+ }
+
if (cfg->chardevTLSx509certdir &&
!virFileExists(cfg->chardevTLSx509certdir)) {
virReportError(VIR_ERR_CONF_SYNTAX,
SET_TLS_X509_CERT_DEFAULT(vnc);
SET_TLS_X509_CERT_DEFAULT(spice);
+ SET_TLS_X509_CERT_DEFAULT(rdp);
SET_TLS_X509_CERT_DEFAULT(chardev);
SET_TLS_X509_CERT_DEFAULT(migrate);
SET_TLS_X509_CERT_DEFAULT(backup);
{ "spice_password" = "XYZ12345" }
{ "spice_sasl" = "1" }
{ "spice_sasl_dir" = "/some/directory/sasl2" }
+{ "rdp_listen" = "0.0.0.0" }
+{ "rdp_tls_x509_cert_dir" = "/etc/pki/libvirt-rdp" }
+{ "rdp_username" = "user" }
+{ "rdp_password" = "RDP12345" }
{ "chardev_tls" = "1" }
{ "chardev_tls_x509_cert_dir" = "/etc/pki/libvirt-chardev" }
{ "chardev_tls_x509_verify" = "1" }
{ "memory_backing_dir" = "/var/lib/libvirt/qemu/ram" }
{ "pr_helper" = "qemu-pr-helper" }
{ "slirp_helper" = "/usr/bin/slirp-helper" }
+{ "qemu_rdp" = "qemu-rdp" }
{ "dbus_daemon" = "dbus-daemon" }
{ "swtpm_user" = "tss" }
{ "swtpm_group" = "tss" }
projects / thirdparty / libvirt.git / commitdiff
