spice: add SASL support

        },{

            .name = "disable-copy-paste",

            .type = QEMU_OPT_BOOL,

        },{

            .name = "sasl",

            .type = QEMU_OPT_BOOL,

        },{

            .name = "x509-dir",

            .type = QEMU_OPT_STRING,

@item password=<secret>

Set the password you need to authenticate.

@item sasl

Require that the client use SASL to authenticate with the spice.

The exact choice of authentication method used is controlled from the

system / user's SASL configuration file for the 'qemu' service. This

is typically found in /etc/sasl2/qemu.conf. If running QEMU as an

unprivileged user, an environment variable SASL_CONF_PATH can be used

to make it search alternate locations for the service config.

While some SASL auth methods can also provide data encryption (eg GSSAPI),

it is recommended that SASL always be combined with the 'tls' and

'x509' settings to enable use of SSL and server certificates. This

ensures a data encryption preventing compromise of authentication

credentials.

@item disable-ticketing

Allow client connects without authentication.

    if (password) {

        spice_server_set_ticket(spice_server, password, 0, 0, 0);

    }

    if (qemu_opt_get_bool(opts, "sasl", 0)) {

#if SPICE_SERVER_VERSION >= 0x000900 /* 0.9.0 */

        if (spice_server_set_sasl_appname(spice_server, "qemu") == -1 ||

            spice_server_set_sasl(spice_server, 1) == -1) {

            fprintf(stderr, "spice: failed to enable sasl\n");

            exit(1);

        }

#else

        fprintf(stderr, "spice: sasl is not available (spice >= 0.9 required)\n");

        exit(1);

#endif

    }

    if (qemu_opt_get_bool(opts, "disable-ticketing", 0)) {

        auth = "none";

        spice_server_set_noauth(spice_server);