-diff -ur libvirt-8.0.0.orig/src/qemu/qemu_command.c libvirt-8.0.0/src/qemu/qemu_command.c
---- libvirt-8.0.0.orig/src/qemu/qemu_command.c 2022-01-23 12:17:21.722539037 +0100
-+++ libvirt-8.0.0/src/qemu/qemu_command.c 2022-01-23 12:17:43.308582727 +0100
-@@ -8327,6 +8327,10 @@
+diff -ur libvirt-8.4.0.orig/src/qemu/qemu_command.c libvirt-8.4.0/src/qemu/qemu_command.c
+--- libvirt-8.4.0.orig/src/qemu/qemu_command.c 2022-06-03 00:01:50.967940423 +0200
++++ libvirt-8.4.0/src/qemu/qemu_command.c 2022-06-03 00:02:10.338979122 +0200
+@@ -8318,6 +8318,10 @@
virCommandAddEnvPair(cmd, "SASL_CONF_PATH", cfg->vncSASLdir);
/* TODO: Support ACLs later */
}
if (graphics->data.vnc.powerControl != VIR_TRISTATE_BOOL_ABSENT) {
-diff -ur libvirt-8.0.0.orig/src/qemu/qemu.conf libvirt-8.0.0/src/qemu/qemu.conf
---- libvirt-8.0.0.orig/src/qemu/qemu.conf 2022-01-23 12:17:21.720539033 +0100
-+++ libvirt-8.0.0/src/qemu/qemu.conf 2022-01-23 12:17:43.308582727 +0100
-@@ -147,6 +147,15 @@
- #vnc_sasl = 1
-
-
-+# Enable the VNC access control lists. When switched on this will
-+# initially block all vnc users from accessing the vnc server. To
-+# add and remove ids from the ACLs you will need to send the appropriate
-+# commands to the qemu monitor as required by your particular version of
-+# QEMU. See the QEMU documentation for more details.
-+#
-+# vnc_acl = 1
-+
-+
- # The default SASL configuration file is located in /etc/sasl/
- # When running libvirtd unprivileged, it may be desirable to
- # override the configs in this location. Set this parameter to
-diff -ur libvirt-8.0.0.orig/src/qemu/qemu_conf.c libvirt-8.0.0/src/qemu/qemu_conf.c
---- libvirt-8.0.0.orig/src/qemu/qemu_conf.c 2022-01-23 12:17:21.722539037 +0100
-+++ libvirt-8.0.0/src/qemu/qemu_conf.c 2022-01-23 12:17:43.308582727 +0100
-@@ -450,6 +450,8 @@
+diff -ur libvirt-8.4.0.orig/src/qemu/qemu_conf.c libvirt-8.4.0/src/qemu/qemu_conf.c
+--- libvirt-8.4.0.orig/src/qemu/qemu_conf.c 2022-06-03 00:01:50.967940423 +0200
++++ libvirt-8.4.0/src/qemu/qemu_conf.c 2022-06-03 00:02:13.756985948 +0200
+@@ -439,6 +439,8 @@
return -1;
if (virConfGetValueBool(conf, "vnc_allow_host_audio", &cfg->vncAllowHostAudio) < 0)
return -1;
if (cfg->vncPassword &&
strlen(cfg->vncPassword) > 8) {
-diff -ur libvirt-8.0.0.orig/src/qemu/qemu_conf.h libvirt-8.0.0/src/qemu/qemu_conf.h
---- libvirt-8.0.0.orig/src/qemu/qemu_conf.h 2022-01-23 12:17:21.722539037 +0100
-+++ libvirt-8.0.0/src/qemu/qemu_conf.h 2022-01-23 12:17:43.309582729 +0100
+diff -ur libvirt-8.4.0.orig/src/qemu/qemu_conf.h libvirt-8.4.0/src/qemu/qemu_conf.h
+--- libvirt-8.4.0.orig/src/qemu/qemu_conf.h 2022-06-03 00:01:50.967940423 +0200
++++ libvirt-8.4.0/src/qemu/qemu_conf.h 2022-06-03 00:02:13.756985948 +0200
@@ -114,6 +114,7 @@
bool vncTLSx509verify;
bool vncTLSx509verifyPresent;
char *vncTLSx509certdir;
char *vncTLSx509secretUUID;
char *vncListen;
+diff -ur libvirt-8.4.0.orig/src/qemu/qemu.conf.in libvirt-8.4.0/src/qemu/qemu.conf.in
+--- libvirt-8.4.0.orig/src/qemu/qemu.conf.in 2022-06-03 00:01:50.966940421 +0200
++++ libvirt-8.4.0/src/qemu/qemu.conf.in 2022-06-03 00:03:50.351178936 +0200
+@@ -147,6 +147,15 @@
+ #vnc_sasl = 1
+
+
++# Enable the VNC access control lists. When switched on this will
++# initially block all vnc users from accessing the vnc server. To
++# add and remove ids from the ACLs you will need to send the appropriate
++# commands to the qemu monitor as required by your particular version of
++# QEMU. See the QEMU documentation for more details.
++#
++# vnc_acl = 1
++
++
+ # The default SASL configuration file is located in /etc/sasl/
+ # When running libvirtd unprivileged, it may be desirable to
+ # override the configs in this location. Set this parameter to
-diff -ur libvirt-8.0.0.orig/docs/auth.rst libvirt-8.0.0/docs/auth.rst
---- libvirt-8.0.0.orig/docs/auth.rst 2022-01-23 12:13:11.662032954 +0100
-+++ libvirt-8.0.0/docs/auth.rst 2022-01-23 12:13:54.286119215 +0100
+diff -ur libvirt-8.4.0.orig/docs/auth.rst libvirt-8.4.0/docs/auth.rst
+--- libvirt-8.4.0.orig/docs/auth.rst 2022-06-02 23:58:08.077490237 +0200
++++ libvirt-8.4.0/docs/auth.rst 2022-06-02 23:58:27.936533169 +0200
@@ -225,7 +225,7 @@
Since the libvirt SASL config file defaults to using ``GSSAPI`` (Kerberos), a
parameter to ``scram-sha-256``.
**Note:** previous versions of libvirt suggested ``DIGEST-MD5`` and
-diff -ur libvirt-8.0.0.orig/src/qemu/qemu.conf libvirt-8.0.0/src/qemu/qemu.conf
---- libvirt-8.0.0.orig/src/qemu/qemu.conf 2022-01-23 12:13:11.768033168 +0100
-+++ libvirt-8.0.0/src/qemu/qemu.conf 2022-01-23 12:13:54.287119217 +0100
+diff -ur libvirt-8.4.0.orig/src/qemu/qemu.conf.in libvirt-8.4.0/src/qemu/qemu.conf.in
+--- libvirt-8.4.0.orig/src/qemu/qemu.conf.in 2022-06-02 23:58:08.164490425 +0200
++++ libvirt-8.4.0/src/qemu/qemu.conf.in 2022-06-03 00:01:05.398849381 +0200
@@ -141,18 +141,18 @@
# Examples include vinagre, virt-viewer and virt-manager
# itself. UltraVNC, RealVNC, TightVNC do not support this
# Enable use of TLS encryption on the chardev TCP transports.
#
-diff -ur libvirt-8.0.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-8.0.0/src/qemu/test_libvirtd_qemu.aug.in
---- libvirt-8.0.0.orig/src/qemu/test_libvirtd_qemu.aug.in 2022-01-23 12:13:11.775033183 +0100
-+++ libvirt-8.0.0/src/qemu/test_libvirtd_qemu.aug.in 2022-01-23 12:13:54.287119217 +0100
+diff -ur libvirt-8.4.0.orig/src/qemu/test_libvirtd_qemu.aug.in libvirt-8.4.0/src/qemu/test_libvirtd_qemu.aug.in
+--- libvirt-8.4.0.orig/src/qemu/test_libvirtd_qemu.aug.in 2022-06-02 23:58:08.170490438 +0200
++++ libvirt-8.4.0/src/qemu/test_libvirtd_qemu.aug.in 2022-06-02 23:58:30.521538761 +0200
@@ -13,7 +13,7 @@
{ "vnc_tls_x509_verify" = "1" }
{ "vnc_password" = "XYZ12345" }
{ "chardev_tls" = "1" }
{ "chardev_tls_x509_cert_dir" = "/etc/pki/libvirt-chardev" }
{ "chardev_tls_x509_verify" = "1" }
-diff -ur libvirt-8.0.0.orig/src/remote/libvirtd.conf.in libvirt-8.0.0/src/remote/libvirtd.conf.in
---- libvirt-8.0.0.orig/src/remote/libvirtd.conf.in 2022-01-23 12:13:11.775033183 +0100
-+++ libvirt-8.0.0/src/remote/libvirtd.conf.in 2022-01-23 12:13:54.287119217 +0100
+diff -ur libvirt-8.4.0.orig/src/remote/libvirtd.conf.in libvirt-8.4.0/src/remote/libvirtd.conf.in
+--- libvirt-8.4.0.orig/src/remote/libvirtd.conf.in 2022-06-02 23:58:08.171490440 +0200
++++ libvirt-8.4.0/src/remote/libvirtd.conf.in 2022-06-02 23:58:30.521538761 +0200
@@ -136,7 +136,7 @@
# the network providing auth (eg, TLS/x509 certificates)
#
#auth_tcp = "sasl"
# Change the authentication scheme for TLS sockets.
-diff -ur libvirt-8.0.0.orig/src/remote/meson.build libvirt-8.0.0/src/remote/meson.build
---- libvirt-8.0.0.orig/src/remote/meson.build 2022-01-23 12:13:11.776033185 +0100
-+++ libvirt-8.0.0/src/remote/meson.build 2022-01-23 12:13:54.288119219 +0100
-@@ -309,7 +309,7 @@
+diff -ur libvirt-8.4.0.orig/src/remote/meson.build libvirt-8.4.0/src/remote/meson.build
+--- libvirt-8.4.0.orig/src/remote/meson.build 2022-06-02 23:58:08.171490440 +0200
++++ libvirt-8.4.0/src/remote/meson.build 2022-06-02 23:58:30.522538764 +0200
+@@ -302,7 +302,7 @@
if conf.has('WITH_SASL')
install_data(
'libvirtd.sasl',
rename: [ 'libvirt.conf' ],
)
endif
-diff -ur libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args libvirt-8.0.0/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args
---- libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args 2022-01-23 12:13:11.959033556 +0100
-+++ libvirt-8.0.0/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args 2022-01-23 12:15:32.706318406 +0100
+diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args libvirt-8.4.0/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args
+--- libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args 2022-06-02 23:58:08.323490769 +0200
++++ libvirt-8.4.0/tests/qemuxml2argvdata/graphics-spice-sasl.x86_64-latest.args 2022-06-02 23:58:30.522538764 +0200
@@ -6,7 +6,7 @@
XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
/usr/bin/qemu-system-x86_64 \
-name guest=QEMUGuest1,debug-threads=on \
-S \
-diff -ur libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-2.11.0.args libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-2.11.0.args
---- libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-2.11.0.args 2022-01-23 12:13:11.960033558 +0100
-+++ libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-2.11.0.args 2022-01-23 12:15:44.141341542 +0100
-@@ -7,7 +7,7 @@
- XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
- XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
- QEMU_AUDIO_DRV=none \
--SASL_CONF_PATH=/root/.sasl2 \
-+SASL_CONF_PATH=/root/.sasl \
- /usr/bin/qemu-system-x86_64 \
- -name guest=QEMUGuest1,debug-threads=on \
- -S \
-diff -ur libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args
---- libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args 2022-01-23 12:13:11.960033558 +0100
-+++ libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args 2022-01-23 12:15:47.578348507 +0100
+diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args
+--- libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args 2022-06-02 23:58:08.324490771 +0200
++++ libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-sasl.x86_64-latest.args 2022-06-02 23:58:31.535540952 +0200
@@ -6,7 +6,7 @@
XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
/usr/bin/qemu-system-x86_64 \
-name guest=QEMUGuest1,debug-threads=on \
-S \
-diff -ur libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args
---- libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args 2022-01-23 12:13:11.960033558 +0100
-+++ libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args 2022-01-23 12:15:37.354327814 +0100
+diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args
+--- libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args 2022-06-02 23:58:08.324490771 +0200
++++ libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-5.2.0.args 2022-06-02 23:58:31.535540952 +0200
@@ -6,7 +6,7 @@
XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
/usr/bin/qemu-system-x86_64 \
-name guest=QEMUGuest1,debug-threads=on \
-S \
-diff -ur libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args
---- libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args 2022-01-23 12:13:11.960033558 +0100
-+++ libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args 2022-01-23 12:15:20.475293652 +0100
+diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args
+--- libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args 2022-06-02 23:58:08.324490771 +0200
++++ libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls-secret.x86_64-latest.args 2022-06-02 23:58:31.536540954 +0200
@@ -6,7 +6,7 @@
XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
/usr/bin/qemu-system-x86_64 \
-name guest=QEMUGuest1,debug-threads=on \
-S \
-diff -ur libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.11.0.args libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.11.0.args
---- libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.11.0.args 2022-01-23 12:13:11.960033558 +0100
-+++ libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-2.11.0.args 2022-01-23 12:15:28.153309190 +0100
-@@ -7,7 +7,7 @@
- XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
- XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
- QEMU_AUDIO_DRV=none \
--SASL_CONF_PATH=/root/.sasl2 \
-+SASL_CONF_PATH=/root/.sasl \
- /usr/bin/qemu-system-x86_64 \
- -name guest=QEMUGuest1,debug-threads=on \
- -S \
-diff -ur libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args
---- libvirt-8.0.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args 2022-01-23 12:13:11.960033558 +0100
-+++ libvirt-8.0.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args 2022-01-23 12:15:40.112333398 +0100
+diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args
+--- libvirt-8.4.0.orig/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args 2022-06-02 23:58:08.324490771 +0200
++++ libvirt-8.4.0/tests/qemuxml2argvdata/graphics-vnc-tls.x86_64-latest.args 2022-06-02 23:58:32.239542466 +0200
@@ -6,7 +6,7 @@
XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
/usr/bin/qemu-system-x86_64 \
-name guest=QEMUGuest1,debug-threads=on \
-S \
-diff -ur libvirt-8.0.0.orig/tests/qemuxml2argvtest.c libvirt-8.0.0/tests/qemuxml2argvtest.c
---- libvirt-8.0.0.orig/tests/qemuxml2argvtest.c 2022-01-23 12:13:12.005033649 +0100
-+++ libvirt-8.0.0/tests/qemuxml2argvtest.c 2022-01-23 12:15:08.509269432 +0100
-@@ -1552,7 +1552,7 @@
+diff -ur libvirt-8.4.0.orig/tests/qemuxml2argvtest.c libvirt-8.4.0/tests/qemuxml2argvtest.c
+--- libvirt-8.4.0.orig/tests/qemuxml2argvtest.c 2022-06-02 23:58:08.469491084 +0200
++++ libvirt-8.4.0/tests/qemuxml2argvtest.c 2022-06-02 23:59:10.540619907 +0200
+@@ -1509,7 +1509,7 @@
driver.config->vncSASL = 1;
VIR_FREE(driver.config->vncSASLdir);
- driver.config->vncSASLdir = g_strdup("/root/.sasl2");
+ driver.config->vncSASLdir = g_strdup("/root/.sasl");
- DO_TEST_CAPS_VER("graphics-vnc-sasl", "2.11.0");
DO_TEST_CAPS_LATEST("graphics-vnc-sasl");
driver.config->vncTLS = 1;
-@@ -1577,7 +1577,7 @@
+ driver.config->vncTLSx509verify = 1;
+@@ -1531,7 +1531,7 @@
DO_TEST_CAPS_LATEST("graphics-spice");
DO_TEST_CAPS_LATEST("graphics-spice-no-args");
driver.config->spiceSASL = 1;
DO_TEST_CAPS_LATEST("graphics-spice-sasl");
VIR_FREE(driver.config->spiceSASLdir);
driver.config->spiceSASL = 0;
-diff -ur libvirt-8.0.0.orig/tests/virconfdata/libvirtd.conf libvirt-8.0.0/tests/virconfdata/libvirtd.conf
---- libvirt-8.0.0.orig/tests/virconfdata/libvirtd.conf 2022-01-23 12:13:12.112033865 +0100
-+++ libvirt-8.0.0/tests/virconfdata/libvirtd.conf 2022-01-23 12:14:04.741140369 +0100
+diff -ur libvirt-8.4.0.orig/tests/virconfdata/libvirtd.conf libvirt-8.4.0/tests/virconfdata/libvirtd.conf
+--- libvirt-8.4.0.orig/tests/virconfdata/libvirtd.conf 2022-06-02 23:58:08.555491270 +0200
++++ libvirt-8.4.0/tests/virconfdata/libvirtd.conf 2022-06-02 23:58:32.240542468 +0200
@@ -91,7 +91,7 @@
# the network providing auth (eg, TLS/x509 certificates)
#
auth_tcp = "sasl"
# Change the authentication scheme for TLS sockets.
-diff -ur libvirt-8.0.0.orig/tests/virconfdata/libvirtd.out libvirt-8.0.0/tests/virconfdata/libvirtd.out
---- libvirt-8.0.0.orig/tests/virconfdata/libvirtd.out 2022-01-23 12:13:12.112033865 +0100
-+++ libvirt-8.0.0/tests/virconfdata/libvirtd.out 2022-01-23 12:14:04.741140369 +0100
+diff -ur libvirt-8.4.0.orig/tests/virconfdata/libvirtd.out libvirt-8.4.0/tests/virconfdata/libvirtd.out
+--- libvirt-8.4.0.orig/tests/virconfdata/libvirtd.out 2022-06-02 23:58:08.555491270 +0200
++++ libvirt-8.4.0/tests/virconfdata/libvirtd.out 2022-06-02 23:58:32.240542468 +0200
@@ -73,7 +73,7 @@
# the network providing auth (eg, TLS/x509 certificates)
#
TLD / packages / libvirt.git / commitdiff