vnc: Generate a random password if none specified.

[stephen-fox]

Currently, the VNC server is started without a password if none was specified in the guest's configuration file (this is normally done with the "vnc_password" parameter).

This commit changes this behavior to automatically generate a random password if none is configured. This can be disabled by specifying a configuration parameter.

There does not appear to be a way to get the password back to the user via stdout. Since the password already appears in the guest's log file, I felt that was a sensible place to store it for now.

In addition to improving the default security of a guest, this change also allows macOS' builtin VNC client to connect. The macOS VNC client requires servers to configure a password (although, it fails to make that obvious).

[beam]

And if i want use VNC without password?

[stephen-fox]

I could add a configuration file parameter that allows no password (i.e., disables the password generation).

Edit: In retrospect, I learned that VNC passwords are limited to eight characters - so this PR needs to be updated anyways.

[stephen-fox]

@beam, I have added the ability to disable the automatic password generation if the user desires.

[beam]

I think it would be better to do it differently. Add settings for password generation and normally leave blank.

[stephen-fox]

Alternatively, it would be nice if the VNC server listened on 127.0.0.1 or better yet a unix socket. I wish we could avoid relying on VNC altogether. But that is a constraint bhyve forces and I'm not sure what the alternative would be (maybe something like xvfb?).

I would like to see secure - and frankly reasonable - defaults in a hypervisor.