[Qemu-devel] [PATCHv2 2/2] Error out when tls-channel option is used without TLS

[Christophe Fergeau]

It's currently possible to setup spice channels using TLS when
no TLS port has been specified (ie TLS is disabled). This cannot
work, so better to error out in such a situation.
---
 ui/spice-core.c |7 ++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/ui/spice-core.c b/ui/spice-core.c
index a374999..083af4f 100644
--- a/ui/spice-core.c
+++ b/ui/spice-core.c
@@ -526,6 +526,11 @@ static int add_channel(const char *name, const char 
*value, void *opaque)
 int rc;
 
 if (strcmp(name, tls-channel) == 0) {
+int *tls_port = opaque;
+if (!*tls_port) {
+error_report(spice: tried to setup tls-channel without specifying 
a TLS port\n);
+exit(1);
+}
 security = SPICE_CHANNEL_SECURITY_SSL;
 }
 if (strcmp(name, plaintext-channel) == 0) {
@@ -697,7 +702,7 @@ void qemu_spice_init(void)
 spice_server_set_playback_compression
 (spice_server, qemu_opt_get_bool(opts, playback-compression, 1));
 
-qemu_opt_foreach(opts, add_channel, NULL, 0);
+qemu_opt_foreach(opts, add_channel, tls_port, 0);
 
 if (0 != spice_server_init(spice_server, core_interface)) {
 error_report(failed to initialize spice server);
-- 
1.7.7.6

Re: [Qemu-devel] [PATCHv2 2/2] Error out when tls-channel option is used without TLS

[Gerd Hoffmann]

On 02/24/12 18:13, Christophe Fergeau wrote:
 It's currently possible to setup spice channels using TLS when
 no TLS port has been specified (ie TLS is disabled). This cannot
 work, so better to error out in such a situation.

Applying: Error out when tls-channel option is used without TLS
=== checkpatch complains ===
WARNING: line over 80 characters
#12: FILE: ui/spice-core.c:531:
+error_report(spice: tried to setup tls-channel without
specifying a TLS port\n);

total: 0 errors, 1 warnings, 19 lines checked

/tmp/tmp.9W76AGBT7O has style problems, please review.  If any of these
errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.