From patchwork Fri Feb 24 10:37:54 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [2/2] Error out when tls-channel option is used without TLS Date: Fri, 24 Feb 2012 00:37:54 -0000 From: Christophe Fergeau X-Patchwork-Id: 142928 Message-Id: <1330079874-5818-2-git-send-email-cfergeau@redhat.com> To: qemu-devel@nongnu.org It's currently possible to setup spice channels using TLS when no TLS port has been specified (ie TLS is disabled). This cannot work, so better to error out in such a situation. --- ui/spice-core.c | 8 +++++++- 1 files changed, 7 insertions(+), 1 deletions(-) diff --git a/ui/spice-core.c b/ui/spice-core.c index 6d240a3..5e644c9 100644 --- a/ui/spice-core.c +++ b/ui/spice-core.c @@ -524,8 +524,11 @@ static int add_channel(const char *name, const char *value, void *opaque) { int security = 0; int rc; + int *tls_port = opaque; if (strcmp(name, "tls-channel") == 0) { + if (!*tls_port) + return 1; security = SPICE_CHANNEL_SECURITY_SSL; } if (strcmp(name, "plaintext-channel") == 0) { @@ -697,7 +700,10 @@ void qemu_spice_init(void) spice_server_set_playback_compression (spice_server, qemu_opt_get_bool(opts, "playback-compression", 1)); - qemu_opt_foreach(opts, add_channel, NULL, 0); + if (qemu_opt_foreach(opts, add_channel, &tls_port, 1) != 0) { + fprintf(stderr, "tried to setup tls-channel without specifying a TLS port\n"); + exit(1); + } if (0 != spice_server_init(spice_server, &core_interface)) { fprintf(stderr, "failed to initialize spice server\n");