From patchwork Tue Jun  7 14:17:33 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?=
 <berrange@redhat.com>
X-Patchwork-Id: 631640
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3rPDFf6VDnz9t0t
	for <incoming@patchwork.ozlabs.org>;
	Wed,  8 Jun 2016 00:18:46 +1000 (AEST)
Received: from localhost ([::1]:50149 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)
	id 1bAHq8-0008Is-Rr
	for incoming@patchwork.ozlabs.org; Tue, 07 Jun 2016 10:18:44 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:46123)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1bAHpB-0007eD-Mf
	for qemu-devel@nongnu.org; Tue, 07 Jun 2016 10:17:49 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1bAHp8-0004mz-Hz
	for qemu-devel@nongnu.org; Tue, 07 Jun 2016 10:17:45 -0400
Received: from mx1.redhat.com ([209.132.183.28]:51880)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>)
	id 1bAHp8-0004mN-CG; Tue, 07 Jun 2016 10:17:42 -0400
Received: from int-mx11.intmail.prod.int.phx2.redhat.com
	(int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 2C1C63B720;
	Tue,  7 Jun 2016 14:17:40 +0000 (UTC)
Received: from t530wlan.home.berrange.com.com (vpn1-4-63.ams2.redhat.com
	[10.36.4.63])
	by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with
	ESMTP id u57EHcAp010408; Tue, 7 Jun 2016 10:17:38 -0400
From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Date: Tue,  7 Jun 2016 15:17:33 +0100
Message-Id: <1465309053-5784-1-git-send-email-berrange@redhat.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.30]);
	Tue, 07 Jun 2016 14:17:40 +0000 (UTC)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 209.132.183.28
Subject: [Qemu-devel] [PATCH STABLE 2.5] vnc: fix VNC websockets TLS
	handshake
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Ben Aitchison <ben@meh.net.nz>, qemu-stable@nongnu.org,
	Gerd Hoffmann <kraxel@redhat.com>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

If the VNC websockets TLS handshake blocked, we register a
callback to continue it after the socket signals data is
available. Unfortunately we were mistakenly registering
the wrong method callback, causing us to restart the TLS
handshake from the begining, which obviously fails.

Reported-by: Ben Aitchison <ben@meh.net.nz>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
---
 ui/vnc-ws.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

NB this is a stable-2.5 only patch, with no equiv in master
since the code was totally refactored in 2.6

diff --git a/ui/vnc-ws.c b/ui/vnc-ws.c
index 175ea50..a8cf180 100644
--- a/ui/vnc-ws.c
+++ b/ui/vnc-ws.c
@@ -22,8 +22,9 @@
 #include "qemu/main-loop.h"
 #include "crypto/hash.h"
 
-static int vncws_start_tls_handshake(VncState *vs)
+static void vncws_run_tls_handshake(void *opaque)
 {
+    VncState *vs = (VncState *)opaque;
     Error *err = NULL;
 
     if (qcrypto_tls_session_handshake(vs->tls, &err) < 0) {
@@ -42,22 +43,21 @@ static int vncws_start_tls_handshake(VncState *vs)
 
     case QCRYPTO_TLS_HANDSHAKE_RECVING:
         VNC_DEBUG("Handshake interrupted (blocking read)\n");
-        qemu_set_fd_handler(vs->csock, vncws_tls_handshake_io, NULL, vs);
+        qemu_set_fd_handler(vs->csock, vncws_run_tls_handshake, NULL, vs);
         break;
 
     case QCRYPTO_TLS_HANDSHAKE_SENDING:
         VNC_DEBUG("Handshake interrupted (blocking write)\n");
-        qemu_set_fd_handler(vs->csock, NULL, vncws_tls_handshake_io, vs);
+        qemu_set_fd_handler(vs->csock, NULL, vncws_run_tls_handshake, vs);
         break;
     }
 
-    return 0;
+    return;
 
  error:
     VNC_DEBUG("Handshake failed %s\n", error_get_pretty(err));
     error_free(err);
     vnc_client_error(vs);
-    return -1;
 }
 
 void vncws_tls_handshake_io(void *opaque)
@@ -84,7 +84,7 @@ void vncws_tls_handshake_io(void *opaque)
                                       vs);
 
     VNC_DEBUG("Start TLS WS handshake process\n");
-    vncws_start_tls_handshake(vs);
+    vncws_run_tls_handshake(vs);
 }
 
 void vncws_handshake_read(void *opaque)