Index: /trunk/src/VBox/Frontends/VBoxHeadless/VBoxHeadless.cpp =================================================================== --- /trunk/src/VBox/Frontends/VBoxHeadless/VBoxHeadless.cpp (revision 42445) +++ /trunk/src/VBox/Frontends/VBoxHeadless/VBoxHeadless.cpp (revision 42446) @@ -471,4 +471,6 @@ " \"TCP/Address\" - interface IP the VRDE server\n" " will bind to\n" + " --settingspw Specify the settings password\n" + " --settingspwfile Specify a file containing the settings password\n" #ifdef VBOX_WITH_VIDEO_REC " -c, -capture, --capture Record the VM screen output to a file\n" @@ -476,7 +478,6 @@ " -h, --height Frame height when recording\n" " -r, --bitrate Recording bit rate when recording\n" - " -f, --filename File name when recording. The codec\n" - " used will be chosen based on the\n" - " file extension\n" + " -f, --filename File name when recording. The codec used\n" + " will be chosen based on the file extension\n" #endif "\n"); @@ -528,4 +529,67 @@ } #endif /* VBOX_WITH_VIDEO_REC defined */ + +static RTEXITCODE readPasswordFile(const char *pszFilename, com::Utf8Str *pPasswd) +{ + size_t cbFile; + char szPasswd[512]; + int vrc = VINF_SUCCESS; + RTEXITCODE rcExit = RTEXITCODE_SUCCESS; + bool fStdIn = !strcmp(pszFilename, "stdin"); + PRTSTREAM pStrm; + if (!fStdIn) + vrc = RTStrmOpen(pszFilename, "r", &pStrm); + else + pStrm = g_pStdIn; + if (RT_SUCCESS(vrc)) + { + vrc = RTStrmReadEx(pStrm, szPasswd, sizeof(szPasswd)-1, &cbFile); + if (RT_SUCCESS(vrc)) + { + if (cbFile >= sizeof(szPasswd)-1) + { + RTPrintf("Provided password in file '%s' is too long\n", pszFilename); + rcExit = RTEXITCODE_FAILURE; + } + else + { + unsigned i; + for (i = 0; i < cbFile && !RT_C_IS_CNTRL(szPasswd[i]); i++) + ; + szPasswd[i] = '\0'; + *pPasswd = szPasswd; + } + } + else + { + RTPrintf("Cannot read password from file '%s': %Rrc\n", pszFilename, vrc); + rcExit = RTEXITCODE_FAILURE; + } + if (!fStdIn) + RTStrmClose(pStrm); + } + else + { + RTPrintf("Cannot open password file '%s' (%Rrc)\n", pszFilename, vrc); + rcExit = RTEXITCODE_FAILURE; + } + + return rcExit; +} + +static RTEXITCODE settingsPasswordFile(ComPtr virtualBox, const char *pszFilename) +{ + com::Utf8Str passwd; + RTEXITCODE rcExit = readPasswordFile(pszFilename, &passwd); + if (rcExit == RTEXITCODE_SUCCESS) + { + int rc; + CHECK_ERROR(virtualBox, SetSettingsSecret(com::Bstr(passwd).raw())); + if (FAILED(rc)) + rcExit = RTEXITCODE_FAILURE; + } + + return rcExit; +} #ifdef RT_OS_WINDOWS @@ -577,4 +641,6 @@ OPT_CSAM, OPT_NO_CSAM, + OPT_SETTINGSPW, + OPT_SETTINGSPW_FILE, OPT_COMMENT }; @@ -610,4 +676,6 @@ { "-nocsam", OPT_NO_CSAM, 0 }, { "--nocsam", OPT_NO_CSAM, 0 }, + { "--settingspw", OPT_SETTINGSPW, RTGETOPT_REQ_STRING }, + { "--settingspwfile", OPT_SETTINGSPW_FILE, RTGETOPT_REQ_STRING }, #ifdef VBOX_WITH_VIDEO_REC { "-capture", 'c', 0 }, @@ -626,4 +694,6 @@ // parse the command line int ch; + const char *pcszSettingsPw = NULL; + const char *pcszSettingsPwFile = NULL; RTGETOPTUNION ValueUnion; RTGETOPTSTATE GetState; @@ -676,4 +746,10 @@ case OPT_NO_CSAM: fCSAM = false; + break; + case OPT_SETTINGSPW: + pcszSettingsPw = ValueUnion.psz; + break; + case OPT_SETTINGSPW_FILE: + pcszSettingsPwFile = ValueUnion.psz; break; #ifdef VBOX_WITH_VIDEO_REC @@ -807,4 +883,17 @@ RTPrintf("Failed to get session object (rc=%Rhrc)!\n", rc); break; + } + + if (pcszSettingsPw) + { + CHECK_ERROR(virtualBox, SetSettingsSecret(Bstr(pcszSettingsPw).raw())); + if (FAILED(rc)) + break; + } + else if (pcszSettingsPwFile) + { + int rcExit = settingsPasswordFile(virtualBox, pcszSettingsPwFile); + if (rcExit != RTEXITCODE_SUCCESS) + break; } Index: /trunk/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp =================================================================== --- /trunk/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp (revision 42445) +++ /trunk/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp (revision 42446) @@ -63,4 +63,5 @@ #include #include +#include #include #include @@ -157,4 +158,7 @@ static int WaitSDLEvent(SDL_Event *event); static void SetFullscreen(bool enable); +static RTEXITCODE readPasswordFile(const char *pszFilename, com::Utf8Str *pPasswd); +static RTEXITCODE settingsPasswordFile(ComPtr virtualBox, const char *pszFilename); + #ifdef VBOX_WITH_SDL13 static VBoxSDLFB * getFbFromWinId(SDL_WindowID id); @@ -617,4 +621,6 @@ " --vrdp Listen for VRDP connections on one of specified ports (default if not specified)\n" " --discardstate Discard saved state (if present) and revert to last snapshot (if present)\n" + " --settingspw Specify the settings password\n" + " --settingspwfile Specify a file containing the settings password\n" #ifdef VBOX_SECURELABEL " --securelabel Display a secure VM label at the top of the screen\n" @@ -815,9 +821,11 @@ bool fXPCOMEventThreadSignaled = false; #endif - char *hdaFile = NULL; - char *cdromFile = NULL; - char *fdaFile = NULL; + const char *pcszHdaFile = NULL; + const char *pcszCdromFile = NULL; + const char *pcszFdaFile = NULL; const char *pszPortVRDP = NULL; bool fDiscardState = false; + const char *pcszSettingsPw = NULL; + const char *pcszSettingsPwFile = NULL; #ifdef VBOX_SECURELABEL BOOL fSecureLabel = false; @@ -1118,6 +1126,6 @@ /* resolve it. */ if (RTPathExists(argv[curArg])) - hdaFile = RTPathRealDup(argv[curArg]); - if (!hdaFile) + pcszHdaFile = RTPathRealDup(argv[curArg]); + if (!pcszHdaFile) { RTPrintf("Error: The path to the specified harddisk, '%s', could not be resolved.\n", argv[curArg]); @@ -1135,6 +1143,6 @@ /* resolve it. */ if (RTPathExists(argv[curArg])) - fdaFile = RTPathRealDup(argv[curArg]); - if (!fdaFile) + pcszFdaFile = RTPathRealDup(argv[curArg]); + if (!pcszFdaFile) { RTPrintf("Error: The path to the specified floppy disk, '%s', could not be resolved.\n", argv[curArg]); @@ -1152,6 +1160,6 @@ /* resolve it. */ if (RTPathExists(argv[curArg])) - cdromFile = RTPathRealDup(argv[curArg]); - if (!cdromFile) + pcszCdromFile = RTPathRealDup(argv[curArg]); + if (!pcszCdromFile) { RTPrintf("Error: The path to the specified cdrom, '%s', could not be resolved.\n", argv[curArg]); @@ -1177,4 +1185,22 @@ { fDiscardState = true; + } + else if (!strcmp(argv[curArg], "--settingspw")) + { + if (++curArg >= argc) + { + RTPrintf("Error: missing password"); + return 1; + } + pcszSettingsPw = argv[curArg]; + } + else if (!strcmp(argv[curArg], "--settingspwfile")) + { + if (++curArg >= argc) + { + RTPrintf("Error: missing password file\n"); + return 1; + } + pcszSettingsPwFile = argv[curArg]; } #ifdef VBOX_SECURELABEL @@ -1375,4 +1401,17 @@ } + if (pcszSettingsPw) + { + CHECK_ERROR(pVirtualBox, SetSettingsSecret(Bstr(pcszSettingsPw).raw())); + if (FAILED(rc)) + goto leave; + } + else if (pcszSettingsPwFile) + { + int rcExit = settingsPasswordFile(pVirtualBox, pcszSettingsPwFile); + if (rcExit != RTEXITCODE_SUCCESS) + goto leave; + } + /* * Do we have a UUID? @@ -1453,5 +1492,5 @@ * Are we supposed to use a different hard disk file? */ - if (hdaFile) + if (pcszHdaFile) { ComPtr pMedium; @@ -1461,5 +1500,5 @@ * assign it. If not, register a new image and assign it to the VM. */ - Bstr bstrHdaFile(hdaFile); + Bstr bstrHdaFile(pcszHdaFile); pVirtualBox->OpenMedium(bstrHdaFile.raw(), DeviceType_HardDisk, AccessMode_ReadWrite, FALSE /* fForceNewUuid */, @@ -1468,5 +1507,5 @@ { /* we've not found the image */ - RTPrintf("Adding hard disk '%s'...\n", hdaFile); + RTPrintf("Adding hard disk '%s'...\n", pcszHdaFile); pVirtualBox->OpenMedium(bstrHdaFile.raw(), DeviceType_HardDisk, AccessMode_ReadWrite, FALSE /* fForceNewUuid */, @@ -1524,5 +1563,5 @@ * Mount a floppy if requested. */ - if (fdaFile) + if (pcszFdaFile) do { @@ -1530,5 +1569,5 @@ /* unmount? */ - if (!strcmp(fdaFile, "none")) + if (!strcmp(pcszFdaFile, "none")) { /* nothing to do, NULL object will cause unmount */ @@ -1536,5 +1575,5 @@ else { - Bstr bstrFdaFile(fdaFile); + Bstr bstrFdaFile(pcszFdaFile); /* Assume it's a host drive name */ @@ -1554,5 +1593,5 @@ { /* try to add to the list */ - RTPrintf("Adding floppy image '%s'...\n", fdaFile); + RTPrintf("Adding floppy image '%s'...\n", pcszFdaFile); CHECK_ERROR_BREAK(pVirtualBox, OpenMedium(bstrFdaFile.raw(), @@ -1609,5 +1648,5 @@ * Mount a CD-ROM if requested. */ - if (cdromFile) + if (pcszCdromFile) do { @@ -1615,5 +1654,5 @@ /* unmount? */ - if (!strcmp(cdromFile, "none")) + if (!strcmp(pcszCdromFile, "none")) { /* nothing to do, NULL object will cause unmount */ @@ -1621,5 +1660,5 @@ else { - Bstr bstrCdromFile(cdromFile); + Bstr bstrCdromFile(pcszCdromFile); /* Assume it's a host drive name */ @@ -1638,5 +1677,5 @@ { /* try to add to the list */ - RTPrintf("Adding ISO image '%s'...\n", cdromFile); + RTPrintf("Adding ISO image '%s'...\n", pcszCdromFile); CHECK_ERROR_BREAK(pVirtualBox, OpenMedium(bstrCdromFile.raw(), @@ -2921,4 +2960,66 @@ } +static RTEXITCODE readPasswordFile(const char *pszFilename, com::Utf8Str *pPasswd) +{ + size_t cbFile; + char szPasswd[512]; + int vrc = VINF_SUCCESS; + RTEXITCODE rcExit = RTEXITCODE_SUCCESS; + bool fStdIn = !strcmp(pszFilename, "stdin"); + PRTSTREAM pStrm; + if (!fStdIn) + vrc = RTStrmOpen(pszFilename, "r", &pStrm); + else + pStrm = g_pStdIn; + if (RT_SUCCESS(vrc)) + { + vrc = RTStrmReadEx(pStrm, szPasswd, sizeof(szPasswd)-1, &cbFile); + if (RT_SUCCESS(vrc)) + { + if (cbFile >= sizeof(szPasswd)-1) + { + RTPrintf("Provided password in file '%s' is too long\n", pszFilename); + rcExit = RTEXITCODE_FAILURE; + } + else + { + unsigned i; + for (i = 0; i < cbFile && !RT_C_IS_CNTRL(szPasswd[i]); i++) + ; + szPasswd[i] = '\0'; + *pPasswd = szPasswd; + } + } + else + { + RTPrintf("Cannot read password from file '%s': %Rrc\n", pszFilename, vrc); + rcExit = RTEXITCODE_FAILURE; + } + if (!fStdIn) + RTStrmClose(pStrm); + } + else + { + RTPrintf("Cannot open password file '%s' (%Rrc)\n", pszFilename, vrc); + rcExit = RTEXITCODE_FAILURE; + } + + return rcExit; +} + +static RTEXITCODE settingsPasswordFile(ComPtr virtualBox, const char *pszFilename) +{ + com::Utf8Str passwd; + RTEXITCODE rcExit = readPasswordFile(pszFilename, &passwd); + if (rcExit == RTEXITCODE_SUCCESS) + { + int rc; + CHECK_ERROR(virtualBox, SetSettingsSecret(com::Bstr(passwd).raw())); + if (FAILED(rc)) + rcExit = RTEXITCODE_FAILURE; + } + + return rcExit; +} #ifndef VBOX_WITH_HARDENING