It's currently possible to setup spice channels using TLS when
no TLS port has been specified (ie TLS is disabled). This cannot
work, so better to error out in such a situation.
---
ui/spice-core.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/ui/spice-core.c b/ui/spice-core.c
index 6d240a3..5e644c9 100644
--- a/ui/spice-core.c
+++ b/ui/spice-core.c
@@ -524,8 +524,11 @@ static int add_channel(const char *name, const char
*value, void *opaque)
{
int security = 0;
int rc;
+ int *tls_port = opaque;
if (strcmp(name, "tls-channel") == 0) {
+ if (!*tls_port)
+ return 1;
security = SPICE_CHANNEL_SECURITY_SSL;
}
if (strcmp(name, "plaintext-channel") == 0) {
@@ -697,7 +700,10 @@ void qemu_spice_init(void)
spice_server_set_playback_compression
(spice_server, qemu_opt_get_bool(opts, "playback-compression", 1));
- qemu_opt_foreach(opts, add_channel, NULL, 0);
+ if (qemu_opt_foreach(opts, add_channel, &tls_port, 1) != 0) {
+ fprintf(stderr, "tried to setup tls-channel without specifying a TLS
port\n");
+ exit(1);
+ }
if (0 != spice_server_init(spice_server, &core_interface)) {
fprintf(stderr, "failed to initialize spice server\n");
--
1.7.7.6
