From patchwork Fri Feb 24 10:37:54 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christophe Fergeau X-Patchwork-Id: 142928 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [140.186.70.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id 72EF0B6FCA for ; Sat, 25 Feb 2012 02:46:15 +1100 (EST) Received: from localhost ([::1]:60380 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S0xLZ-0005uE-0M for incoming@patchwork.ozlabs.org; Fri, 24 Feb 2012 10:46:13 -0500 Received: from eggs.gnu.org ([140.186.70.92]:54340) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S0sXL-0001zZ-Ob for qemu-devel@nongnu.org; Fri, 24 Feb 2012 05:38:09 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1S0sXH-0005AD-R9 for qemu-devel@nongnu.org; Fri, 24 Feb 2012 05:38:03 -0500 Received: from mx1.redhat.com ([209.132.183.28]:9913) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1S0sXH-0005A0-Dy for qemu-devel@nongnu.org; Fri, 24 Feb 2012 05:37:59 -0500 Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q1OAbwlA007260 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 24 Feb 2012 05:37:58 -0500 Received: from teriyaki.redhat.com (ovpn-116-26.ams2.redhat.com [10.36.116.26]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id q1OAbsHE026036 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 24 Feb 2012 05:37:57 -0500 From: Christophe Fergeau To: qemu-devel@nongnu.org Date: Fri, 24 Feb 2012 11:37:54 +0100 Message-Id: <1330079874-5818-2-git-send-email-cfergeau@redhat.com> In-Reply-To: <1330079874-5818-1-git-send-email-cfergeau@redhat.com> References: <1330079874-5818-1-git-send-email-cfergeau@redhat.com> X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 209.132.183.28 X-Mailman-Approved-At: Fri, 24 Feb 2012 10:46:04 -0500 Subject: [Qemu-devel] [PATCH 2/2] Error out when tls-channel option is used without TLS X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org It's currently possible to setup spice channels using TLS when no TLS port has been specified (ie TLS is disabled). This cannot work, so better to error out in such a situation. --- ui/spice-core.c | 8 +++++++- 1 files changed, 7 insertions(+), 1 deletions(-) diff --git a/ui/spice-core.c b/ui/spice-core.c index 6d240a3..5e644c9 100644 --- a/ui/spice-core.c +++ b/ui/spice-core.c @@ -524,8 +524,11 @@ static int add_channel(const char *name, const char *value, void *opaque) { int security = 0; int rc; + int *tls_port = opaque; if (strcmp(name, "tls-channel") == 0) { + if (!*tls_port) + return 1; security = SPICE_CHANNEL_SECURITY_SSL; } if (strcmp(name, "plaintext-channel") == 0) { @@ -697,7 +700,10 @@ void qemu_spice_init(void) spice_server_set_playback_compression (spice_server, qemu_opt_get_bool(opts, "playback-compression", 1)); - qemu_opt_foreach(opts, add_channel, NULL, 0); + if (qemu_opt_foreach(opts, add_channel, &tls_port, 1) != 0) { + fprintf(stderr, "tried to setup tls-channel without specifying a TLS port\n"); + exit(1); + } if (0 != spice_server_init(spice_server, &core_interface)) { fprintf(stderr, "failed to initialize spice server\n");