Re: [Spice-devel] [PATCH 04/10] syntax-check: Don't cast free() arguments

[Christophe Fergeau]

On Thu, Oct 08, 2015 at 07:41:47AM +0200, Victor Toso wrote:
> Hi,
> 
> On Wed, Oct 07, 2015 at 06:45:11PM +0200, Christophe Fergeau wrote:
> > ---
> >  server/red_replay_qxl.c | 12 ++--
> >  1 file changed, 6 insertions(+), 6 deletions(-)
> > 
> > diff --git a/server/red_replay_qxl.c b/server/red_replay_qxl.c
> > index ad1a8fd..7dcfc16 100644
> > --- a/server/red_replay_qxl.c
> > +++ b/server/red_replay_qxl.c
> > @@ -439,9 +439,9 @@ static void red_replay_image_free(SpiceReplay *replay, 
> > QXLPHYSICAL p, uint32_t f
> >  
> >  switch (qxl->descriptor.type) {
> >  case SPICE_IMAGE_TYPE_BITMAP:
> > -free((void*)qxl->bitmap.palette);
> > +free(qxl->bitmap.palette);
> 
> I'm getting -Werror=int-conversion here (gcc)
> 
> 
> red_replay_qxl.c: In function 'red_replay_image_free':
> red_replay_qxl.c:442:14: error: passing argument 1 of 'free' makes pointer 
> from integer without a cast [-Werror=int-conversion]
>  free(qxl->bitmap.palette);

Ah right, should have been more careful ;) I'll exclude this file from
the tests.

Christophe


signature.asc
Description: PGP signature
___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [spice-server] syntax-check: Exclude red_replay_qxl.c from sc_cast_of_argument_to_free

[Christophe Fergeau]

red_replay_qxl.c stores some pointers QXLPHYSICAL data members (ie
uint64_t), and then needs to free them, so the cast is required.
---
 cfg.mk | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cfg.mk b/cfg.mk
index 7cf1d58..c935327 100644
--- a/cfg.mk
+++ b/cfg.mk
@@ -150,3 +150,5 @@ exclude_file_name_regexp--sc_trailing_blank = 
^common/win/my_getopt-1.5/getopt.3
 exclude_file_name_regexp--sc_unmarked_diagnostics = ^.*\.(c|py|h)
 
 exclude_file_name_regexp--sc_prohibit_path_max_allocation = 
server/tests/test_display_base.c
+
+exclude_file_name_regexp--sc_cast_of_argument_to_free = server/red_replay_qxl.c
-- 
2.5.0

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

Re: [Spice-devel] [ovirt-devel] ovirt-guest-agent behavior on disconnect

[David Mansfield]

On 10/01/2015 02:47 AM, Vinzenz Feenstra wrote:

On 09/30/2015 10:03 PM, Barak Azulay wrote:



Barak

On Sep 30, 2015, at 10:04, Michal Skrivanek
<michal.skriva...@redhat.com> wrote:



On Sep 25, 2015, at 19:40 , David Mansfield
<ov...@dm.cobite.com> wrote:


[cross-posted to de...@ovirt.org and
spice-devel@lists.freedesktop.org
]

Hi oVirt Devs,

I'm here from the spice-devel list where we were discussing some
changes to the behavior of the spice guest agent reacting to a user
disconnect (of the spice console).


Hi David,
great, any enhancement is good! Vinzenz, please add more details to
my guesses below:)



Some information about how the ovirt-guest-agent works would be
informative if you can spare a minute.

The functionality being discussed is locking the user session in the
VM when the user disconnects from spice (either intentionally or
unintentionally).


What OSs are we talking about (the behavior is significantly different
and each pose different challenges.




Also, peripherally, how does oVirt ensure secure access by
authorized users of a VM and prevent "over-the-shoulder" snooping
(spice graphics session stealing) or other forms of information leak
from a VM shared by multiple users.


We have several mechanisms to ensure that:
1 - ticketing system managed by the engine, so permissions are checked
on the ovirt-engine, if a user has permissions to connect to the vm
than the engines sends vdsm the ticket (and it sets the ticket to the
spice server ... Through libvirt), and than the client receives this
ticket to present to the spice server on connect (of course this
ticket has time expiration)
2 - every time the client disconnects we receive an event and
immediately send lock desktop command to the guest (through the
ovirt-guest-agent). This is implemented both for win and Linux but for
a Linux guest for that to work one must work on run level 5.
3 - anyway since this is racy , in order to avoid session theft we do
not allow a second user to connect to a vm when the first user
disconnected, the second user will be able to login only after the cm
was rebooted.






So here are some questions:

Can a VM be "shared" by multiple users in oVirt at all? Are there
known security issues that would make this a non-recommended or
fundamentally un-securable setup?


normally no, there is a semi-supported hook to allow that with VNC
(and even that is slightly broken IIRC at the moment), but in general
we do want so support that for specific usecases


The question is not clear enough,

In case you mean simultaneously (2 users) than the above answer is
relevant.
In case you mean sequential ... Than the answer is explained above ,
and yes we allow a vm to be shared among several users or groups.






Does the oVirt agent lock the session on disconnect? Always /
unconditionally?


IIRC It will always try to lock, but we can not guarantee that the
operation actually succeeded (long story ...)



If it's configurable, where does the configuration reside - in the
vm guest, on the vm host (/engine) or on the client?


it's oVirt management UI configuration, it changes the host's
behavior on spice disconnect per VM



Does the oVirt agent lock all sessions or the current active session?


just the active AFAIK


On windows its implemented only for desktop OSs (... Xp ...win7 ...)
we lock only the interactive session, for win server this is not
supported , in fact we do not install the SSO mechanism at all because
it works differently for those OSs (w2k3 , 2008, 2010)

On Linux it's a bit more complicated , but we find the session of the
user we know connected to the vm ... And send the lock command.

Actually not completely correct, currently we only lock the first, we
don't try to match the user, the current assumption is that we only
allow one user per VM therefore there can't be more than one active session.
That said, that's how it is currently implemented. Not that this is the
best way.



As explained above since there is no guarantee for that to succeed
than we do not allow other users to connect till the cm is rebooted.






How does it lock the sessions? I've looked at the code and it
appears '/usr/bin/loginctl lock-sessions' is being used on machines
it's provided on and something more complicated on older boxes.
Does the user have a way to customize this behavior? and if so, is
it VM guest, VM host or client configuration?



AFAIR this is not configurable ... But Vinzenz should be able to give
an accurate answer

The only configuration you can do as of ovirt/RHEV 3.6 is that you are
now able to say to perform one of the following actions on console
disconnect:
- Lock the screen
- Logout the current user
- Reboot the VM
- Shutdown the VM
- Do nothing



Is the console disconnect triggered by a libvirt graphics event that is 
monitored?  Assuming so, then the "discon

Re: [Spice-devel] [spice-server] syntax-check: Exclude red_replay_qxl.c from sc_cast_of_argument_to_free

[Victor Toso]

Hey,

On Thu, Oct 08, 2015 at 10:18:08AM +0200, Christophe Fergeau wrote:
> red_replay_qxl.c stores some pointers QXLPHYSICAL data members (ie
> uint64_t), and then needs to free them, so the cast is required.
> ---
>  cfg.mk | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/cfg.mk b/cfg.mk
> index 7cf1d58..c935327 100644
> --- a/cfg.mk
> +++ b/cfg.mk
> @@ -150,3 +150,5 @@ exclude_file_name_regexp--sc_trailing_blank = 
> ^common/win/my_getopt-1.5/getopt.3
>  exclude_file_name_regexp--sc_unmarked_diagnostics = ^.*\.(c|py|h)
>  
>  exclude_file_name_regexp--sc_prohibit_path_max_allocation = 
> server/tests/test_display_base.c
> +
> +exclude_file_name_regexp--sc_cast_of_argument_to_free = 
> server/red_replay_qxl.c

Looks good.
___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

Re: [Spice-devel] Spice Using Problem

[Christophe Fergeau]

On Thu, Oct 08, 2015 at 09:55:18AM +0800, 395459...@qq.com wrote:
> hi 
> when i use spicy with --spice-debug,i collect all the print information to 
> spice_error.txt,
> can you find the problem with this file
> thanks

Nothing stands out from a quick look. Is it happening with recent
spice-gtk releases, were you able to get a gdb backtrace when this
crashes? With ovirt, I'd recommend using remote-viewer rather than
spicy.

Christophe


signature.asc
Description: PGP signature
___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

Re: [Spice-devel] [NSIS 3/8] packaging: Re-enable NSIS branding

[Yedidyah Bar David]

On Thu, Sep 10, 2015 at 4:18 PM, Christophe Fergeau  wrote:
> Do you know why we want it to be enabled? I don't really care either
> way, just curious..

Not sure, Lev?

>
> Christophe
>
> On Thu, Sep 10, 2015 at 03:14:10PM +0300, Yedidyah Bar David wrote:
>> From: Lev Veyde 
>>
>> Change-Id: I8692e636d42f127f953f578d86c7cbe8f2bcc06a
>> Signed-off-by: Lev Veyde 
>> ---
>>  win-guest-tools.nsis | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/win-guest-tools.nsis b/win-guest-tools.nsis
>> index 8369dfe..d2f8483 100644
>> --- a/win-guest-tools.nsis
>> +++ b/win-guest-tools.nsis
>> @@ -61,7 +61,7 @@ Name "${NAME}"
>>  Caption "${NAME} Installer"
>>  OutFile "${FILENAME}-${VERSION}.exe"
>>  InstallDir "$PROGRAMFILES\${NAME}"
>> -BrandingText " "
>> +BrandingText ""
>>
>>  # SilentInstall silent
>>  ShowInstDetails nevershow
>> --
>> 2.1.4
>>
>> ___
>> Spice-devel mailing list
>> Spice-devel@lists.freedesktop.org
>> http://lists.freedesktop.org/mailman/listinfo/spice-devel



-- 
Didi
___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

Re: [Spice-devel] [NSIS 4/8] packaging: Update installer to include new oVirt GA .ini files

[Yedidyah Bar David]

On Thu, Sep 10, 2015 at 4:19 PM, Christophe Fergeau  wrote:
> On Thu, Sep 10, 2015 at 03:14:11PM +0300, Yedidyah Bar David wrote:
>> From: Lev Veyde 
>>
>> Recent version of oVirt Guest Agent added 2 new .ini conf files.
>> This patch modifies the installer, so these files are installed
>> as well.
>
> I would squash this in 2/8, unless you want to preserve authorship of
> this patch.

I'd rather do.

>
> Christophe



-- 
Didi
___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

Re: [Spice-devel] [NSIS 7/8] Change installer filename

[Yedidyah Bar David]

On Thu, Sep 10, 2015 at 4:20 PM, Christophe Fergeau  wrote:
> On Thu, Sep 10, 2015 at 03:14:14PM +0300, Yedidyah Bar David wrote:
>> for ovirt use ovirt-guest-tools-setup
>>
>
> This rename can probably be squashed in 1/8 ?
>
>
>> Allow passing a custom DISPLAYED_VERSION and EXE_VERSION
>
> Can you make this a separate commit,

Done

> and explain the intent of these 2
> version numbers?

One sets the -VERSION part of the installer exe filename,
which we want to be empty in ovirt, and the other sets the
displayed version (in the registry) which we want to be
our version (currently 3.6.0-something).

Changed the commit message accordingly, please tell me if
you think further clarification is needed.

>
>>
>> Change-Id: Id60a990aea8e9148c0cd47dd685f9681395ac624
>> Signed-off-by: Yedidyah Bar David 
>> ---
>>  win-guest-tools.nsis | 14 +++---
>>  1 file changed, 11 insertions(+), 3 deletions(-)
>>
>> diff --git a/win-guest-tools.nsis b/win-guest-tools.nsis
>> index 91295a9..4eb5c73 100644
>> --- a/win-guest-tools.nsis
>> +++ b/win-guest-tools.nsis
>> @@ -40,6 +40,7 @@ SetCompressor /SOLID lzma
>>  !include "WinVer.nsh"
>>  !include "x64.nsh"
>>
>> +
>>  !ifdef SPICE
>>  !define FILENAME "spice-guest-tools"
>>  !define NAME "SPICE Guest Tools"
>> @@ -47,7 +48,7 @@ SetCompressor /SOLID lzma
>>  !define REGKEYNAME "SpiceGuestTools"
>>  !define URL "http://spice-space.org";
>>  !else ifdef OVIRT
>> -!define FILENAME "win-guest-tools"
>> +!define FILENAME "ovirt-guest-tools-setup"
>>  !define NAME "oVirt Guest Tools"
>>  !define PUBLISHER "The oVirt Project"
>>  !define REGKEYNAME "oVirtGuestTools"
>> @@ -55,11 +56,18 @@ SetCompressor /SOLID lzma
>>  !else
>>  !error "OVIRT or SPICE symbol should passed to makensis with the -D flag"
>>  !endif
>> +
>>  !define VERSION "0.103"
>> +!ifndef DISPLAYED_VERSION
>> +!define DISPLAYED_VERSION "${VERSION}"
>> +!endif
>> +!ifndef EXE_VERSION
>> +!define EXE_VERSION "-${VERSION}"
>> +!endif
>>
>>  Name "${NAME}"
>>  Caption "${NAME} Installer"
>> -OutFile "${FILENAME}-${VERSION}.exe"
>> +OutFile "${FILENAME}${EXE_VERSION}.exe"
>>  InstallDir "$PROGRAMFILES\${NAME}"
>>  BrandingText ""
>>
>> @@ -185,7 +193,7 @@ Section "install"
>>WriteRegStr HKLM 
>> "Software\Microsoft\Windows\CurrentVersion\Uninstall\${REGKEYNAME}" \
>>   "DisplayName" "${NAME}"
>>WriteRegStr HKLM 
>> "Software\Microsoft\Windows\CurrentVersion\Uninstall\${REGKEYNAME}" \
>> - "DisplayVersion" "${VERSION}"
>> + "DisplayVersion" "${DISPLAYED_VERSION}"
>>WriteRegStr HKLM 
>> "Software\Microsoft\Windows\CurrentVersion\Uninstall\${REGKEYNAME}" \
>>   "Publisher" "${PUBLISHER}"
>>WriteRegStr HKLM 
>> "Software\Microsoft\Windows\CurrentVersion\Uninstall\${REGKEYNAME}" \
>> --
>> 2.1.4
>>
>> ___
>> Spice-devel mailing list
>> Spice-devel@lists.freedesktop.org
>> http://lists.freedesktop.org/mailman/listinfo/spice-devel



-- 
Didi
___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [common PATCH 1/4 v2] ssl-verify: Only check addr length when using IP addr

[Lukas Venhoda]

Only check for address lenght, when connecting trough IP address.
It is not used, when connecting trough DNS hostname.
---
Changes since v1:
 - New patch
- Wasn't moved in v1
---
 common/ssl_verify.c | 11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/common/ssl_verify.c b/common/ssl_verify.c
index a830800..24c6e2c 100644
--- a/common/ssl_verify.c
+++ b/common/ssl_verify.c
@@ -173,11 +173,6 @@ static int verify_hostname(X509* cert, const char 
*hostname)
 return 0;
 }

-// only IpV4 supported
-if (inet_aton(hostname, &addr)) {
-addr_len = sizeof(struct in_addr);
-}
-
 /* try matching against:
  *  1) a DNS name as an alternative name (subjectAltName) extension
  * in the certificate
@@ -211,6 +206,12 @@ static int verify_hostname(X509* cert, const char 
*hostname)
 } else if (name->type == GEN_IPADD) {
 int alt_ip_len = ASN1_STRING_length(name->d.iPAddress);
 found_dns_name = 1;
+
+// only IpV4 supported
+if (inet_aton(hostname, &addr)) {
+addr_len = sizeof(struct in_addr);
+}
+
 if ((addr_len == alt_ip_len)&&
 !memcmp(ASN1_STRING_data(name->d.iPAddress), &addr, 
addr_len)) {
 spice_debug("alt name IP match=%s",
--
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [common PATCH 4/4 v2] ssl-verify: Changed debug msg from IPv4 to IPv6

[Lukas Venhoda]

Spice debug message printed only IPv4 addresses using inet_ntoa.
Changed to inet_pton for IPv6 support.

Can't use getnameinfo, because IP address in certificate is already in
struct in(6)_addr format used by inet_ntop function.

Added inet_ntop for Windows XP compatibility.
---
Changes since v1:
 - Added inet_ntop() compatibility function
- For Windows XP
 - Added ip_address_to_string() function
 - Cleaned up alt match debug message
---
 common/ssl_verify.c | 50 --
 1 file changed, 48 insertions(+), 2 deletions(-)

diff --git a/common/ssl_verify.c b/common/ssl_verify.c
index 0b7d958..ca3bd23 100644
--- a/common/ssl_verify.c
+++ b/common/ssl_verify.c
@@ -34,6 +34,49 @@
 #include 
 #include 

+#ifdef WIN32
+/* Code snippet from 
http://memset.wordpress.com/2010/10/09/inet_ntop-for-win32/ */
+static const char * inet_ntop(int af, const void * src, char * dst, socklen_t 
size)
+{
+struct sockaddr_in addr_in;
+
+memset(&addr_in, 0, sizeof(struct sockaddr_in));
+memcpy(&(addr_in.sin_addr), src, sizeof(addr_in.sin_addr));
+
+addr_in.sin_family = af;
+if (WSAAddressToString((struct sockaddr *) &addr_in, sizeof(struct 
sockaddr_in), 0, dst, &size) != 0) {
+spice_warning("WSAAddressToString() : %d", WSAGetLastError());
+return NULL;
+}
+return dst;
+}
+#endif
+
+static int ip_address_to_string(const void * ip_addr, char * string, int ipv6)
+{
+int ipversion;
+int af;
+socklen_t addr_len;
+
+memset(string, 0, INET6_ADDRSTRLEN);
+
+if (ipv6) {
+af = AF_INET6;
+addr_len = INET6_ADDRSTRLEN;
+ipversion = 6;
+} else {
+af = AF_INET;
+addr_len = INET_ADDRSTRLEN;
+ipversion = 4;
+}
+
+if (inet_ntop(af, ip_addr, string, addr_len) == NULL) {
+return 0;
+}
+
+return ipversion;
+}
+
 static int verify_pubkey(X509* cert, const char *key, size_t key_size)
 {
 EVP_PKEY* cert_pubkey = NULL;
@@ -221,8 +264,11 @@ static int verify_hostname(X509* cert, const char 
*hostname)

 if ((addr_len == alt_ip_len)&&
 (memcmp(ASN1_STRING_data(name->d.iPAddress), 
&ip_addr.data, addr_len) == 0)) {
-spice_debug("alt name IP match=%s",
-inet_ntoa(*((struct 
in_addr*)ASN1_STRING_data(name->d.iPAddress;
+char buf[INET6_ADDRSTRLEN];
+int ipversion = ip_address_to_string((void 
*)ASN1_STRING_data(name->d.iPAddress),
+ buf, addr_len == 
sizeof(struct in6_addr));
+spice_debug("alt name IPv%d match=%s", ipversion, buf);
+
 GENERAL_NAMES_free(subject_alt_names);
 return 1;
 }
--
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [common PATCH 3/4 v2] ssl-verify: Changed IPv4 hostname to IPv6

[Lukas Venhoda]

Changed old inet_aton function for modern getaddrinfo.

inet_aton only supported IPv4 addresses, and wasn't available on windows
machines. getaddrinfo supports both IPv4 and IPv6 natively.
---
Changes since v1:
 - Changed inet_pton() to getaddrinfo()
 - Removed inet_aton() compatibility function
 - Changed 2 variables into a union
 - Cleaned up memcmp condition
---
 common/ssl_verify.c | 43 +--
 common/ssl_verify.h |  1 +
 2 files changed, 26 insertions(+), 18 deletions(-)

diff --git a/common/ssl_verify.c b/common/ssl_verify.c
index 72a3dd8..0b7d958 100644
--- a/common/ssl_verify.c
+++ b/common/ssl_verify.c
@@ -28,23 +28,12 @@
 #include 
 #include 
 #include 
+#include 
+#include 
 #endif
 #include 
 #include 

-#ifdef WIN32
-static int inet_aton(const char* ip, struct in_addr* in_addr)
-{
-unsigned long addr = inet_addr(ip);
-
-if (addr == INADDR_NONE) {
-return 0;
-}
-in_addr->S_un.S_addr = addr;
-return 1;
-}
-#endif
-
 static int verify_pubkey(X509* cert, const char *key, size_t key_size)
 {
 EVP_PKEY* cert_pubkey = NULL;
@@ -161,11 +150,18 @@ static int verify_hostname(X509* cert, const char 
*hostname)
 {
 GENERAL_NAMES* subject_alt_names;
 int found_dns_name = 0;
-struct in_addr addr;
+struct addrinfo hints;
+struct addrinfo *addr = NULL;
 int addr_len = 0;
 int cn_match = 0;
 X509_NAME* subject;

+union {
+struct in_addr ipv4;
+struct in6_addr ipv6;
+unsigned char data[16];
+} ip_addr;
+
 spice_return_val_if_fail(hostname != NULL, 0);

 if (!cert) {
@@ -207,13 +203,24 @@ static int verify_hostname(X509* cert, const char 
*hostname)
 int alt_ip_len = ASN1_STRING_length(name->d.iPAddress);
 found_dns_name = 1;

-// only IpV4 supported
-if (inet_aton(hostname, &addr)) {
-addr_len = sizeof(struct in_addr);
+memset(&hints, 0, sizeof(hints));
+hints.ai_socktype = SOCK_STREAM;
+hints.ai_flags = AI_NUMERICHOST;
+
+if (getaddrinfo(hostname, NULL, &hints, &addr) == 0) {
+if (addr->ai_family == AF_INET) {
+addr_len = sizeof(struct in_addr);
+ip_addr.ipv4 = ((struct sockaddr_in 
*)addr->ai_addr)->sin_addr;
+} else if (addr->ai_family == AF_INET6) {
+addr_len = sizeof(struct in6_addr);
+ip_addr.ipv6 = ((struct sockaddr_in6 
*)addr->ai_addr)->sin6_addr;
+}
+
+freeaddrinfo(addr);
 }

 if ((addr_len == alt_ip_len)&&
-!memcmp(ASN1_STRING_data(name->d.iPAddress), &addr, 
addr_len)) {
+(memcmp(ASN1_STRING_data(name->d.iPAddress), 
&ip_addr.data, addr_len) == 0)) {
 spice_debug("alt name IP match=%s",
 inet_ntoa(*((struct 
in_addr*)ASN1_STRING_data(name->d.iPAddress;
 GENERAL_NAMES_free(subject_alt_names);
diff --git a/common/ssl_verify.h b/common/ssl_verify.h
index e32ca54..a7fcfee 100644
--- a/common/ssl_verify.h
+++ b/common/ssl_verify.h
@@ -20,6 +20,7 @@
 #define SSL_VERIFY_H

 #if defined(WIN32)
+#include 
 #include 
 #include 
 #ifdef X509_NAME
--
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [common PATCH 2/4 v2] ssl-verify: Don't print DNS when using IP

[Lukas Venhoda]

Print IP address instead of DNS, when using IP adress connection.
---
Changes since v1:
 - New patch
- Wasn't changed in v1
---
 common/ssl_verify.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/ssl_verify.c b/common/ssl_verify.c
index 24c6e2c..72a3dd8 100644
--- a/common/ssl_verify.c
+++ b/common/ssl_verify.c
@@ -215,7 +215,7 @@ static int verify_hostname(X509* cert, const char *hostname)
 if ((addr_len == alt_ip_len)&&
 !memcmp(ASN1_STRING_data(name->d.iPAddress), &addr, 
addr_len)) {
 spice_debug("alt name IP match=%s",
-inet_ntoa(*((struct 
in_addr*)ASN1_STRING_data(name->d.dNSName;
+inet_ntoa(*((struct 
in_addr*)ASN1_STRING_data(name->d.iPAddress;
 GENERAL_NAMES_free(subject_alt_names);
 return 1;
 }
--
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 3/4 v2] mingw: include ws2tcpip header

[Fabiano Fidêncio]

This header has the definition of getaddrinfo, according to:
https://msdn.microsoft.com/en-us/library/windows/desktop/ms738520(v=vs.85).aspx
---
Changes since v1:
- No changes since v1
---
 src/vscclient.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/vscclient.c b/src/vscclient.c
index fad8db9..24015ef 100644
--- a/src/vscclient.c
+++ b/src/vscclient.c
@@ -20,6 +20,7 @@
 #include 
 #define closesocket(x) close(x)
 #else
+#include 
 #include 
 #endif
 
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 2/4 v2] mingw: avoid problems for using %zd (C99)

[Fabiano Fidêncio]

Otherwise the following problem can be faced:
src/vscclient.c: In function 'connect_to_qemu':
src/vscclient.c:642:16: error: unknown conversion type character 'z' in format 
[-Werror=format=]
 printf("Connected (sizeof Header=%zd)!\n", sizeof(VSCMsgHeader));
 ^
src/vscclient.c:642:16: error: too many arguments for format 
[-Werror=format-extra-args]
---
Changes since v1:
- Fix the host_os check
- Fix the (linux) compilation break
---
 Makefile.am  |  4 
 configure.ac | 13 +
 2 files changed, 17 insertions(+)

diff --git a/Makefile.am b/Makefile.am
index f106bd9..f39f5d8 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -48,6 +48,10 @@ vscclient_SOURCES = src/vscclient.c
 vscclient_LDADD = libcacard.la $(CACARD_LIBS) $(GTHREAD_LIBS)
 vscclient_CFLAGS = $(AM_CPPFLAGS) $(GTHREAD_CFLAGS)
 
+if OS_WIN32
+vscclient_CFLAGS += -D__USE_MINGW_ANSI_STDIO=1
+endif
+
 AM_CPPFLAGS = $(CACARD_CFLAGS) $(WARN_CFLAGS)
 EXTRA_DIST =   \
NEWS\
diff --git a/configure.ac b/configure.ac
index e2214b3..b841ec1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -10,6 +10,19 @@ AM_INIT_AUTOMAKE([foreign subdir-objects no-dist-gzip 
dist-xz])
 AM_MAINTAINER_MODE([enable])
 m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])])
 
+AC_CANONICAL_HOST
+AC_MSG_CHECKING([for native Win32])
+case "$host_os" in
+ *mingw*|*cygwin*)
+os_win32=yes
+;;
+ *)
+os_win32=no
+;;
+esac
+AC_MSG_RESULT([$os_win32])
+AM_CONDITIONAL([OS_WIN32],[test "$os_win32" = "yes"])
+
 AX_CHECK_ENABLE_DEBUG([yes],[DEBUG])
 
 AC_PROG_CC
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 0/4 v2] libcacard: a few fixes that allows the library to be crosscompiled (using mingw)

[Fabiano Fidêncio]

Second round ... changes are going to be pointed out patch by patch ...

Fabiano Fidêncio (4):
  mingw: remove cac_is_cac_card dead code
  mingw: avoid problems for using %zd (C99)
  mingw: include ws2tcpip header
  mingw: include  and link to ws2_32

 Makefile.am   |  8 
 configure.ac  | 13 +
 src/cac.h |  3 ---
 src/libcacard.syms|  1 -
 src/vcard_emul_type.c |  6 --
 src/vscclient.c   |  2 ++
 6 files changed, 23 insertions(+), 10 deletions(-)

-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 1/4 v2] mingw: remove cac_is_cac_card dead code

[Fabiano Fidêncio]

Without removing cac_is_cac_card the following error can be faced:

Cannot export cac_is_cac_card: symbol not defined
collect2: error: ld returned 1 exit status

Found a not so old QEMU thread about this:
https://www.mail-archive.com/qemu-devel%40nongnu.org/msg291698.html
--
Changes since v1:
- Remove the cac_is_cac_card deadcode with the symbol from the .syms
---
 src/cac.h | 3 ---
 src/libcacard.syms| 1 -
 src/vcard_emul_type.c | 6 --
 3 files changed, 10 deletions(-)

diff --git a/src/cac.h b/src/cac.h
index fa94644..a91b88f 100644
--- a/src/cac.h
+++ b/src/cac.h
@@ -25,7 +25,4 @@ VCardStatus cac_card_init(VReader *reader, VCard *card, const 
char *params,
   unsigned char * const *cert, int cert_len[],
   VCardKey *key[] /* adopt the keys*/,
   int cert_count);
-
-/* not yet implemented */
-VCardStatus cac_is_cac_card(VReader *reader);
 #endif
diff --git a/src/libcacard.syms b/src/libcacard.syms
index 1697515..2f9d423 100644
--- a/src/libcacard.syms
+++ b/src/libcacard.syms
@@ -1,5 +1,4 @@
 cac_card_init
-cac_is_cac_card
 vcard_add_applet
 vcard_apdu_delete
 vcard_apdu_new
diff --git a/src/vcard_emul_type.c b/src/vcard_emul_type.c
index 42afbab..04e8d99 100644
--- a/src/vcard_emul_type.c
+++ b/src/vcard_emul_type.c
@@ -36,12 +36,6 @@ VCardStatus vcard_init(VReader *vreader, VCard *vcard,
 
 VCardEmulType vcard_emul_type_select(VReader *vreader)
 {
-#ifdef notdef
-/* since there is only one emulator no need to call this function */
-if (cac_is_cac_card(vreader) == VCARD_DONE) {
-return VCARD_EMUL_CAC;
-}
-#endif
 /* return the default */
 return VCARD_EMUL_CAC;
 }
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 4/4 v2] mingw: include and link to ws2_32

[Fabiano Fidêncio]

Otherwise the following errors can be faced:
src/vscclient-vscclient.o: In function `send_msg':
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:122: undefined
reference to `_imp__htonl@4'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:124: undefined
reference to `_imp__htonl@4'
src/vscclient-vscclient.o: In function `on_host_init':
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:260: undefined
reference to `_imp__ntohl@4'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:273: undefined
reference to `_imp__ntohl@4'
src/vscclient-vscclient.o: In function `do_socket_read':
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:332: undefined
reference to `_imp__ntohl@4'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:333: undefined
reference to `_imp__ntohl@4'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:334: undefined
reference to `_imp__ntohl@4'
src/vscclient-vscclient.o: In function `connect_to_qemu':
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:615: undefined
reference to `_imp__socket@12'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:628: undefined
reference to `_imp__getaddrinfo@16'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:636: undefined
reference to `_imp__connect@12'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:645: undefined
reference to `_imp__freeaddrinfo@4'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:650: undefined
reference to `_imp__freeaddrinfo@4'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:652: undefined
reference to `_imp__closesocket@4'
src/vscclient-vscclient.o: In function `main':
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:676: undefined
reference to `_imp__WSAStartup@8'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:677: undefined
reference to `_imp__WSAGetLastError@0'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:778: undefined
reference to `_imp__htonl@4'
/home/ffidenci/src/upstream/libcacard/src/vscclient.c:791: undefined
reference to `_imp__closesocket@4'
collect2: error: ld returned 1 exit status
Makefile:656: recipe for target 'vscclient.exe' failed
make[2]: *** [vscclient.exe] Error 1
make[2]: Leaving directory '/home/ffidenci/src/upstream/libcacard'
Makefile:774: recipe for target 'all-recursive' failed
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory '/home/ffidenci/src/upstream/libcacard'
Makefile:495: recipe for target 'all' failed
make: *** [all] Error 2
---
Changes since v1:
- Fix the host_os check
- Include winsock2 _before_ the ws2tcpip include
---
 Makefile.am | 4 
 src/vscclient.c | 1 +
 2 files changed, 5 insertions(+)

diff --git a/Makefile.am b/Makefile.am
index f39f5d8..7939079 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -40,6 +40,10 @@ libcacard_la_LDFLAGS =   
\
$(WARN_LDFLAGS)
$(NULL)
 
+if OS_WIN32
+libcacard_la_LIBADD += -lws2_32
+endif
+
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libcacard.pc
 
diff --git a/src/vscclient.c b/src/vscclient.c
index 24015ef..e9fd3aa 100644
--- a/src/vscclient.c
+++ b/src/vscclient.c
@@ -20,6 +20,7 @@
 #include 
 #define closesocket(x) close(x)
 #else
+#include 
 #include 
 #include 
 #endif
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

Re: [Spice-devel] [PATCH 0/4 v2] libcacard: a few fixes that allows the library to be crosscompiled (using mingw)

[Marc-André Lureau]

ack series, thanks

On Thu, Oct 8, 2015 at 5:23 PM, Fabiano Fidêncio  wrote:
> Second round ... changes are going to be pointed out patch by patch ...
>
> Fabiano Fidêncio (4):
>   mingw: remove cac_is_cac_card dead code
>   mingw: avoid problems for using %zd (C99)
>   mingw: include ws2tcpip header
>   mingw: include  and link to ws2_32
>
>  Makefile.am   |  8 
>  configure.ac  | 13 +
>  src/cac.h |  3 ---
>  src/libcacard.syms|  1 -
>  src/vcard_emul_type.c |  6 --
>  src/vscclient.c   |  2 ++
>  6 files changed, 23 insertions(+), 10 deletions(-)
>
> --
> 2.4.3
>
> ___
> Spice-devel mailing list
> Spice-devel@lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/spice-devel



-- 
Marc-André Lureau
___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

Re: [Spice-devel] [PATCH 0/4 v2] libcacard: a few fixes that allows the library to be crosscompiled (using mingw)

[Fabiano Fidêncio]

On Thu, Oct 8, 2015 at 5:25 PM, Marc-André Lureau
 wrote:
> ack series, thanks

Pushed, thanks!
___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 09/12] Add libcacard.h

[marcandre . lureau]

From: Marc-André Lureau 

A top-level header file is often easier to deal with for programs

Signed-off-by: Marc-André Lureau 
---
 Makefile.am |  1 +
 src/libcacard.h | 22 ++
 2 files changed, 23 insertions(+)
 create mode 100644 src/libcacard.h

diff --git a/Makefile.am b/Makefile.am
index 513272b..f8ee424 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -27,6 +27,7 @@ libcacard_include_HEADERS =   \
src/card_7816.h \
src/card_7816t.h\
src/eventt.h\
+   src/libcacard.h \
src/vcard.h \
src/vcard_emul.h\
src/vcard_emul_type.h   \
diff --git a/src/libcacard.h b/src/libcacard.h
new file mode 100644
index 000..9232134
--- /dev/null
+++ b/src/libcacard.h
@@ -0,0 +1,22 @@
+/*
+ * This work is licensed under the terms of the GNU LGPL, version 2.1 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#ifndef LIBCACARD_H
+#define LIBCACARD_H
+
+#include "cac.h"
+#include "capcsc.h"
+#include "card_7816.h"
+#include "card_7816t.h"
+#include "eventt.h"
+#include "vcard_emul.h"
+#include "vcard_emul_type.h"
+#include "vcard.h"
+#include "vcardt.h"
+#include "vevent.h"
+#include "vreader.h"
+#include "vreadert.h"
+#include "vscard_common.h"
+
+#endif
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 00/12] libcacard: pending patches

[marcandre . lureau]

From: Marc-André Lureau 

A series of pending patches for libcacard, adapted from previous
patches for qemu. Most of this patches have already been reviewed by
me, other adapted, or added. A second look is worth it:

- add error checking to vcard_emul_options()
- add VCARD_DIRECT implementation to provide direct communication with
  a smartcard using libpcsclite (--enable-pcsc)
- bug fix: delete the reader entry after queueing an event, not before
- add a top-level libcacard.h header
- add test & code coverage
- update for 2.5.1

thanks

Jeremy White (5):
  Bug fix: delete the reader entry after queueing an event, not before
  Add error checking to vcard_emul_options
  Add a VCARD_DIRECT implemention to the libcacard smartcard support
  Enable support for passthru
  Remove the (broken) passthru option

Marc-André Lureau (6):
  build-sys: add --enable-pcsc
  build-sys: do not install vcardt_internal.h
  Add libcacard.h
  Add some tests & code coverage
  build-sys: move G_LOG_DOMAIN to CPPFLAGS
  NEWS: update for upcoming 2.5.1

Thomas Huth (1):
  libcacard: Fix bug detected with 'smatch'

 Makefile.am |  39 ++-
 NEWS|  11 +
 build-aux/glib-tap.mk   | 150 +++
 build-aux/tap-driver.sh | 652 
 build-aux/tap-test  |   5 +
 configure.ac|  29 +++
 m4/glibtests.m4 |  28 +++
 src/capcsc.c| 505 +
 src/capcsc.h|  18 ++
 src/card_7816.c |   8 +-
 src/card_7816.h |   4 +-
 src/libcacard.h |  22 ++
 src/libcacard.syms  |   2 +
 src/vcard.c |   2 +-
 src/vcard.h |   2 +-
 src/vcard_emul_nss.c|  76 +-
 src/vcard_emul_type.c   |   3 +-
 src/vreader.c   |   7 +-
 src/vscclient.c |  16 +-
 tests/db/cert8.db   | Bin 0 -> 65536 bytes
 tests/db/key3.db| Bin 0 -> 16384 bytes
 tests/db/secmod.db  | Bin 0 -> 16384 bytes
 tests/libcacard.c   | 239 ++
 23 files changed, 1771 insertions(+), 47 deletions(-)
 create mode 100644 build-aux/glib-tap.mk
 create mode 100755 build-aux/tap-driver.sh
 create mode 100755 build-aux/tap-test
 create mode 100644 m4/glibtests.m4
 create mode 100644 src/capcsc.c
 create mode 100644 src/capcsc.h
 create mode 100644 src/libcacard.h
 create mode 100644 tests/db/cert8.db
 create mode 100644 tests/db/key3.db
 create mode 100644 tests/db/secmod.db
 create mode 100644 tests/libcacard.c

-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 12/12] NEWS: update for upcoming 2.5.1

[marcandre . lureau]

From: Marc-André Lureau 

---
 NEWS | 11 +++
 1 file changed, 11 insertions(+)

diff --git a/NEWS b/NEWS
index 8e55e71..b2778f3 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,14 @@
+v2.5.1
+==
+
+- fix mingw cross-compilation
+- add error checking to vcard_emul_options()
+- add VCARD_DIRECT implementation to provide direct communication with
+  a smartcard using libpcsclite (--enable-pcsc)
+- add a top-level libcacard.h header
+- add test & code coverage
+- bug fix: delete the reader entry after queueing an event, not before
+
 v2.5.0
 ==
 
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 08/12] build-sys: do not install vcardt_internal.h

[marcandre . lureau]

From: Marc-André Lureau 

It was not in the exported symbols, so it shouldn't hurt to remove it now.

Signed-off-by: Marc-André Lureau 
---
 Makefile.am | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile.am b/Makefile.am
index b1e257f..513272b 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -12,6 +12,7 @@ libcacard_la_SOURCES =\
src/vcard_emul_nss.c\
src/vcard_emul_type.c   \
src/vcardt.c\
+   src/vcardt_internal.h   \
src/vreader.c   \
$(NULL)
 
@@ -30,7 +31,6 @@ libcacard_include_HEADERS =   \
src/vcard_emul.h\
src/vcard_emul_type.h   \
src/vcardt.h\
-   src/vcardt_internal.h   \
src/vevent.h\
src/vreader.h   \
src/vreadert.h  \
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 06/12] Remove the (broken) passthru option

[marcandre . lureau]

From: Jeremy White 

That option can be achieved using -e "use_hw=yes hw_type=passthru"

Signed-off-by: Jeremy White 
Reviewed-by: Marc-André Lureau 
---
 src/vscclient.c | 16 +++-
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/src/vscclient.c b/src/vscclient.c
index e9fd3aa..dd20842 100644
--- a/src/vscclient.c
+++ b/src/vscclient.c
@@ -49,14 +49,8 @@ print_byte_array(
 
 static void
 print_usage(void) {
-printf("vscclient [-c  .. -e  -d %s] "
-" \n",
-#ifdef USE_PASSTHRU
-" -p");
-printf(" -p use passthrough mode\n");
-#else
-   "");
-#endif
+printf("vscclient [-c  .. -e  -d ] "
+" \n");
 vcard_emul_usage();
 }
 
@@ -684,7 +678,7 @@ main(
 }
 #endif
 
-while ((c = getopt(argc, argv, "c:e:pd:")) != -1) {
+while ((c = getopt(argc, argv, "c:e:d:")) != -1) {
 switch (c) {
 case 'c':
 if (cert_count >= MAX_CERTS) {
@@ -696,10 +690,6 @@ main(
 case 'e':
 emul_args = optarg;
 break;
-case 'p':
-print_usage();
-exit(4);
-break;
 case 'd':
 verbose = get_id_from_string(optarg, 1);
 break;
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 04/12] Add a VCARD_DIRECT implemention to the libcacard smartcard support

[marcandre . lureau]

From: Jeremy White 

This uses libpcsclite to provide direct communication with a smartcard.

Signed-off-by: Jeremy White 
Reviewed-by: Marc-André Lureau 
---
 Makefile.am   |   9 +-
 configure.ac  |   1 +
 src/capcsc.c  | 505 ++
 src/capcsc.h  |  18 ++
 src/card_7816.c   |   2 +-
 src/card_7816.h   |   4 +-
 src/libcacard.syms|   2 +
 src/vcard.c   |   2 +-
 src/vcard.h   |   2 +-
 src/vcard_emul_nss.c  |  11 +-
 src/vcard_emul_type.c |   1 +
 11 files changed, 549 insertions(+), 8 deletions(-)
 create mode 100644 src/capcsc.c
 create mode 100644 src/capcsc.h

diff --git a/Makefile.am b/Makefile.am
index 7939079..b1e257f 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -15,9 +15,14 @@ libcacard_la_SOURCES =   \
src/vreader.c   \
$(NULL)
 
+if ENABLE_PCSC
+libcacard_la_SOURCES += src/capcsc.c
+endif
+
 libcacard_includedir = $(includedir)/cacard
 libcacard_include_HEADERS =\
src/cac.h   \
+   src/capcsc.h\
src/card_7816.h \
src/card_7816t.h\
src/eventt.h\
@@ -32,7 +37,7 @@ libcacard_include_HEADERS =   \
src/vscard_common.h \
$(NULL)
 
-libcacard_la_LIBADD = $(CACARD_LIBS)
+libcacard_la_LIBADD = $(CACARD_LIBS) $(PCSC_LIBS)
 libcacard_la_LDFLAGS = \
-export-symbols $(srcdir)/src/libcacard.syms\
-no-undefined   \
@@ -56,7 +61,7 @@ if OS_WIN32
 vscclient_CFLAGS += -D__USE_MINGW_ANSI_STDIO=1
 endif
 
-AM_CPPFLAGS = $(CACARD_CFLAGS) $(WARN_CFLAGS)
+AM_CPPFLAGS = $(CACARD_CFLAGS) $(PCSC_CFLAGS) $(WARN_CFLAGS)
 EXTRA_DIST =   \
NEWS\
README.md   \
diff --git a/configure.ac b/configure.ac
index b878526..6a0a73d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -49,6 +49,7 @@ if test "x$enable_pcsc" != "xno"; then
fi
if test "x$have_pcsc" = "xyes"; then
   enable_pcsc=yes
+  AC_DEFINE([ENABLE_PCSC], 1, [pcsc support])
fi
 fi
 AM_CONDITIONAL(ENABLE_PCSC, test "x$enable_pcsc" = "xyes")
diff --git a/src/capcsc.c b/src/capcsc.c
new file mode 100644
index 000..3b68ee3
--- /dev/null
+++ b/src/capcsc.c
@@ -0,0 +1,505 @@
+/*
+ * Supply a vreader using the PC/SC interface.
+ *
+ * This work is licensed under the terms of the GNU LGPL, version 2.1 or later.
+ * See the COPYING.LIB file in the top-level directory.
+ */
+
+#include "glib-compat.h"
+#include 
+#include 
+
+#include "vcard.h"
+#include "card_7816.h"
+#include "capcsc.h"
+#include "vreader.h"
+#include "vevent.h"
+
+#include 
+#include 
+
+
+typedef struct _PCSCContext PCSCContext;
+
+typedef struct {
+PCSCContext *context;
+int index;
+char *name;
+DWORD protocol;
+DWORD state;
+SCARDHANDLE card;
+BYTE atr[MAX_ATR_SIZE];
+DWORD atrlen;
+int card_connected;
+unsigned long request_count;
+} SCardReader;
+
+typedef struct _PCSCContext {
+SCARDCONTEXT context;
+SCardReader readers[CAPCSC_MAX_READERS];
+int reader_count;
+int readers_changed;
+GThread *thread;
+CompatGMutex lock;
+} PCSCContext;
+
+
+static void delete_reader(PCSCContext *pc, int i)
+{
+SCardReader *r = &pc->readers[i];
+g_free(r->name);
+r->name = NULL;
+
+if (i < (pc->reader_count - 1)) {
+int rem = pc->reader_count - i - 1;
+memmove(&pc->readers[i], &pc->readers[i + 1],
+sizeof(SCardReader) * rem);
+}
+
+pc->reader_count--;
+}
+
+static void delete_reader_cb(VReaderEmul *ve)
+{
+SCardReader *r = (SCardReader *) ve;
+
+g_mutex_lock(&r->context->lock);
+delete_reader(r->context, r->index);
+g_mutex_unlock(&r->context->lock);
+}
+
+static int new_reader(PCSCContext *pc, const char *name, DWORD state)
+{
+SCardReader *r;
+VReader *vreader;
+
+if (pc->reader_count >= CAPCSC_MAX_READERS - 1) {
+return 1;
+}
+
+r = &pc->readers[pc->reader_count];
+memset(r, 0, sizeof(*r));
+r->index = pc->reader_count++;
+r->context = pc;
+r->name = g_strdup(name);
+
+vreader = vreader_new(name, (VReaderEmul *) r, delete_reader_cb);
+vreader_add_reader(vreader);
+vreader_free(vreader);
+
+return 0;
+}
+
+static int find_reader(PCSCContext *pc, const char *name)
+{
+int i;
+for (i = 0; i < pc->reader_count; i++)
+if (strcmp(pc->readers[i].name, name) == 0) {
+return i;
+}
+
+return -1;
+}
+
+
+static int scan_for_readers(PCSCContext *pc)
+{
+LONG rc;
+
+int i;
+char buf[8192];
+DWORD buflen = sizeof(buf);
+
+char *p;
+int matches[CAPCSC_MAX_READERS

[Spice-devel] [PATCH 03/12] Add error checking to vcard_emul_options

[marcandre . lureau]

From: Jeremy White 

Also add an alias of 'nssemul' for the default card
of hw=yes hw_type=cac, and an alias of 'passthru' for
the new card type of hw=yes hw_type=passthru.

This allows the spice-gtk client to take a more human
friendly set of arguments and relay them through to this code.

Signed-off-by: Jeremy White 
Reviewed-by: Marc-André Lureau 
---
 src/vcard_emul_nss.c | 39 ---
 1 file changed, 28 insertions(+), 11 deletions(-)

diff --git a/src/vcard_emul_nss.c b/src/vcard_emul_nss.c
index 2f95f03..7ffa0b4 100644
--- a/src/vcard_emul_nss.c
+++ b/src/vcard_emul_nss.c
@@ -1116,17 +1116,13 @@ static VCardEmulOptions options;
  * and its length in "token_length". "token" will not be nul-terminated.
  * After calling the macro, "args" will be advanced to the beginning of
  * the next token.
- * This macro may call continue or break.
  */
 #define NEXT_TOKEN(token) \
 (token) = args; \
 args = strpbrk(args, ",)"); \
-if (*args == 0) { \
-break; \
-} \
-if (*args == ')') { \
-args++; \
-continue; \
+if (*args == 0 || *args == ')') { \
+fprintf(stderr, "Error: invalid soft specification.\n"); \
+return NULL; \
 } \
 (token##_length) = args - (token); \
 args = strip(args+1);
@@ -1144,6 +1140,7 @@ vcard_emul_options(const char *args)
 do {
 args = strip(args); /* strip off the leading spaces */
 if (*args == ',') {
+args++;
 continue;
 }
 /* soft=(slot_name,virt_name,emul_type,emul_flags,cert_1, (no eol)
@@ -1162,7 +1159,8 @@ vcard_emul_options(const char *args)
 
 args = strip(args + 5);
 if (*args != '(') {
-continue;
+fprintf(stderr, "Error: invalid soft specification.\n");
+return NULL;
 }
 args = strip(args+1);
 
@@ -1173,11 +1171,17 @@ vcard_emul_options(const char *args)
 memcpy(type_str, type_params, type_params_length);
 type_str[type_params_length] = '\0';
 type = vcard_emul_type_from_string(type_str);
+if (type == VCARD_EMUL_NONE) {
+fprintf(stderr, "Error: invalid smartcard type '%s'.\n",
+type_str);
+return NULL;
+}
 
 NEXT_TOKEN(type_params)
 
 if (*args == 0) {
-break;
+fprintf(stderr, "Error: missing cert specification.\n");
+return NULL;
 }
 
 if (opts->vreader_count >= reader_count) {
@@ -1217,6 +1221,11 @@ vcard_emul_options(const char *args)
 } else if (strncmp(args, "hw_type=", 8) == 0) {
 args = strip(args+8);
 opts->hw_card_type = vcard_emul_type_from_string(args);
+if (opts->hw_card_type == VCARD_EMUL_NONE) {
+fprintf(stderr, "Error: invalid smartcard type '%s'.\n",
+args);
+return NULL;
+}
 args = find_blank(args);
 /* hw_params= */
 } else if (strncmp(args, "hw_params=", 10) == 0) {
@@ -1230,7 +1239,8 @@ vcard_emul_options(const char *args)
 const char *db;
 args = strip(args+3);
 if (*args != '"') {
-continue;
+fprintf(stderr, "Error: you must quote the file path.\n");
+return NULL;
 }
 args++;
 db = args;
@@ -1239,8 +1249,14 @@ vcard_emul_options(const char *args)
 if (*args != 0) {
 args++;
 }
+} else if (strncmp(args, "nssemul", 7) == 0) {
+opts->hw_card_type = VCARD_EMUL_CAC;
+opts->use_hw = PR_TRUE;
+args = find_blank(args + 7);
+/* nssemul */
 } else {
-args = find_blank(args);
+fprintf(stderr, "Error: Unknown smartcard specification.\n");
+return NULL;
 }
 } while (*args != 0);
 
@@ -1256,6 +1272,7 @@ vcard_emul_usage(void)
 " use_hw=[yes|no] (default yes)\n"
 " hw_type={card_type_to_emulate}  (default CAC)\n"
 " hw_param={param_for_card}   (default \"\")\n"
+" nssemul (alias for use_hw=yes, hw_type=CAC)\n"
 " soft=({slot_name},{vreader_name},{card_type_to_emulate},{params_for_card},\n"
 "   {cert1},{cert2},{cert3}(default none)\n"
 "\n"
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 07/12] libcacard: Fix bug detected with 'smatch'

[marcandre . lureau]

From: Thomas Huth 

'smatch' complains about two bugs and one style issue in card_7816.c:

libcacard/card_7816.c:273 vcard_apdu_set_length() warn: should this be a 
bitwise op?
libcacard/card_7816.c:295 vcard_apdu_set_length() warn: should this be a 
bitwise op?
libcacard/card_7816.c:661 vcard7816_vm_process_apdu() warn: inconsistent 
indenting

... and indeed, the code seems to be wrong here. Let's fix this
by using a bitwise OR instead of logical OR and by indenting
the code with the right level.

Signed-off-by: Thomas Huth 
Reviewed-by: Marc-André Lureau 
---
 src/card_7816.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/card_7816.c b/src/card_7816.c
index d168e06..8b12689 100644
--- a/src/card_7816.c
+++ b/src/card_7816.c
@@ -274,7 +274,7 @@ vcard_apdu_set_length(VCardAPDU *apdu)
 }
 /* calculate the first extended value. Could be either Le or Lc */
 Le = (apdu->a_header->ah_body[0] << 8)
-   || apdu->a_header->ah_body[1];
+| apdu->a_header->ah_body[1];
 if (L == 3) {
 /* 2E extended, return data only */
 /*   zero maps to 65536 */
@@ -296,7 +296,7 @@ vcard_apdu_set_length(VCardAPDU *apdu)
 if (L == Le+5) {
 /* 4E extended, parameters and return data */
 Le = (apdu->a_data[apdu->a_len-2] << 8)
-   || apdu->a_data[apdu->a_len-1];
+| apdu->a_data[apdu->a_len-1];
 apdu->a_Le = Le ? Le : 65536;
 return VCARD7816_STATUS_SUCCESS;
 }
@@ -661,7 +661,7 @@ vcard7816_vm_process_apdu(VCard *card, VCardAPDU *apdu,
 }
 }
 } else {
-status = vcard_emul_login(card, apdu->a_body, apdu->a_Lc);
+status = vcard_emul_login(card, apdu->a_body, apdu->a_Lc);
 *response = vcard_make_response(status);
 }
 }
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 10/12] Add some tests & code coverage

[marcandre . lureau]

From: Marc-André Lureau 

Signed-off-by: Marc-André Lureau 
---
 Makefile.am |  28 ++-
 build-aux/glib-tap.mk   | 150 +++
 build-aux/tap-driver.sh | 652 
 build-aux/tap-test  |   5 +
 configure.ac|   4 +-
 m4/glibtests.m4 |  28 +++
 tests/db/cert8.db   | Bin 0 -> 65536 bytes
 tests/db/key3.db| Bin 0 -> 16384 bytes
 tests/db/secmod.db  | Bin 0 -> 16384 bytes
 tests/libcacard.c   | 239 ++
 10 files changed, 1100 insertions(+), 6 deletions(-)
 create mode 100644 build-aux/glib-tap.mk
 create mode 100755 build-aux/tap-driver.sh
 create mode 100755 build-aux/tap-test
 create mode 100644 m4/glibtests.m4
 create mode 100644 tests/db/cert8.db
 create mode 100644 tests/db/key3.db
 create mode 100644 tests/db/secmod.db
 create mode 100644 tests/libcacard.c

diff --git a/Makefile.am b/Makefile.am
index f8ee424..b8e8a90 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -43,7 +43,7 @@ libcacard_la_LDFLAGS =
\
-export-symbols $(srcdir)/src/libcacard.syms\
-no-undefined   \
-version-info 0:0:0 \
-   $(WARN_LDFLAGS)
+   $(AM_LDFLAGS)   \
$(NULL)
 
 if OS_WIN32
@@ -62,15 +62,33 @@ if OS_WIN32
 vscclient_CFLAGS += -D__USE_MINGW_ANSI_STDIO=1
 endif
 
-AM_CPPFLAGS = $(CACARD_CFLAGS) $(PCSC_CFLAGS) $(WARN_CFLAGS)
-EXTRA_DIST =   \
+include $(srcdir)/build-aux/glib-tap.mk
+
+test_programs = tests/libcacard
+tests_libcacard_LDADD = libcacard.la
+
+@CODE_COVERAGE_RULES@
+
+AM_CPPFLAGS =  \
+   $(CACARD_CFLAGS)\
+   $(CODE_COVERAGE_CFLAGS) \
+   $(PCSC_CFLAGS)  \
+   $(WARN_CFLAGS)  \
+   -I$(srcdir)/src \
+   $(NULL)
+AM_LDFLAGS = $(CODE_COVERAGE_LDFLAGS) $(WARN_LDFLAGS)
+
+EXTRA_DIST +=  \
NEWS\
README.md   \
docs/libcacard.txt  \
src/libcacard.syms  \
+   build-aux/tap-driver.sh \
+   build-aux/tap-test  \
+   build-aux/test-driver   \
$(NULL)
 
-MAINTAINERCLEANFILES = \
+MAINTAINERCLEANFILES +=\
$(GITIGNORE_MAINTAINERCLEANFILES_TOPLEVEL)  \
$(GITIGNORE_MAINTAINERCLEANFILES_MAKEFILE_IN)   \
$(GITIGNORE_MAINTAINERCLEANFILES_M4_LIBTOOL)
@@ -82,7 +100,7 @@ dist-hook: gen-ChangeLog
 $(top_srcdir)/.version:
echo $(VERSION) > $@-t && mv $@-t $@
 
-BUILT_SOURCES = $(top_srcdir)/.version
+BUILT_SOURCES += $(top_srcdir)/.version
 EXTRA_DIST += $(top_srcdir)/.version
 gen-ChangeLog:
@if test -d "$(srcdir)/.git"; then \
diff --git a/build-aux/glib-tap.mk b/build-aux/glib-tap.mk
new file mode 100644
index 000..b63d6c9
--- /dev/null
+++ b/build-aux/glib-tap.mk
@@ -0,0 +1,150 @@
+# GLIB - Library of useful C routines
+
+AM_TESTS_ENVIRONMENT= \
+   G_TEST_SRCDIR="$(abs_srcdir)/tests" \
+   G_TEST_BUILDDIR="$(abs_builddir)/tests" \
+   G_DEBUG="gc-friendly cleanup"   \
+   MALLOC_CHECK_=2 \
+   MALLOC_PERTURB_=$$(($${RANDOM:-256} % 256))
+LOG_DRIVER = env AM_TAP_AWK='$(AWK)' $(SHELL) 
$(top_srcdir)/build-aux/tap-driver.sh
+LOG_COMPILER = $(top_srcdir)/build-aux/tap-test
+
+NULL =
+
+# initialize variables for unconditional += appending
+BUILT_SOURCES =
+BUILT_EXTRA_DIST =
+CLEANFILES = *.log *.trs
+DISTCLEANFILES =
+MAINTAINERCLEANFILES =
+EXTRA_DIST =
+TESTS =
+
+installed_test_LTLIBRARIES =
+installed_test_PROGRAMS =
+installed_test_SCRIPTS =
+nobase_installed_test_DATA =
+
+noinst_LTLIBRARIES =
+noinst_PROGRAMS =
+noinst_SCRIPTS =
+noinst_DATA =
+
+check_LTLIBRARIES =
+check_PROGRAMS =
+check_SCRIPTS =
+check_DATA =
+
+# We support a fairly large range of possible variables.  It is expected that 
all types of files in a test suite
+# will belong in exactly one of the following variables.
+#
+# First, we support the usual automake suffixes, but in lowercase, with the 
customary meaning:
+#
+#   test_programs, test_scripts, test_data, test_ltlibraries
+#
+# The above are used to list files that are involved in both uninstalled and 
installed testing.  The
+# test_programs and test_scripts are taken to be actual testcases and will be 
run as part of the test suite.
+# Note that _data is always used with the nobase_ automake variable name to 
ensure that installed test data is
+# installed in the same way as it appears in the package layout.
+#
+# In order to mark a particular file as being only for one type of testing, 
use 'inst

[Spice-devel] [PATCH 05/12] Enable support for passthru

[marcandre . lureau]

From: Jeremy White 

Enable support for passthru (e.g. direct to pcsc) smart cards in the
emul_options entry point in libcacard.

Signed-off-by: Jeremy White 
Reviewed-by: Marc-André Lureau 
---
 src/vcard_emul_nss.c  | 28 +++-
 src/vcard_emul_type.c |  2 +-
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/src/vcard_emul_nss.c b/src/vcard_emul_nss.c
index d046ea9..08a60c6 100644
--- a/src/vcard_emul_nss.c
+++ b/src/vcard_emul_nss.c
@@ -35,6 +35,9 @@
 #include "vevent.h"
 
 #include "vcardt_internal.h"
+#if defined(ENABLE_PCSC)
+#include "capcsc.h"
+#endif
 
 
 typedef enum {
@@ -896,6 +899,23 @@ vcard_emul_init(const VCardEmulOptions *options)
 options = &default_options;
 }
 
+#if defined(ENABLE_PCSC)
+if (options->use_hw && options->hw_card_type == VCARD_EMUL_PASSTHRU) {
+if (options->vreader_count > 0) {
+fprintf(stderr, "Error: you cannot use a soft card and "
+"a passthru card simultaneously.\n");
+return VCARD_EMUL_FAIL;
+}
+
+if (capcsc_init()) {
+fprintf(stderr, "Error initializing PCSC interface.\n");
+return VCARD_EMUL_FAIL;
+}
+
+return VCARD_EMUL_OK;
+}
+#endif
+
 /* first initialize NSS */
 if (options->nss_db) {
 rv = NSS_Init(options->nss_db);
@@ -1299,5 +1319,11 @@ vcard_emul_usage(void)
 "hw_type, and parameters of hw_param.\n"
 "\n"
 "If more one or more soft= parameters are specified, these readers will be\n"
-"presented to the guest\n");
+"presented to the guest\n"
+#if defined(ENABLE_PCSC)
+"\n"
+"If a hw_type of PASSTHRU is given, a connection will be made to the 
hardware\n"
+"using libpcscslite.  Note that in that case, no soft cards are permitted.\n"
+#endif
+);
 }
diff --git a/src/vcard_emul_type.c b/src/vcard_emul_type.c
index 385e121..44cc305 100644
--- a/src/vcard_emul_type.c
+++ b/src/vcard_emul_type.c
@@ -46,7 +46,7 @@ VCardEmulType vcard_emul_type_from_string(const char 
*type_string)
  if (strcasecmp(type_string, "CAC") == 0) {
 return VCARD_EMUL_CAC;
  }
-#ifdef USE_PASSTHRU
+#ifdef ENABLE_PCSC
  if (strcasecmp(type_string, "PASSTHRU") == 0) {
 return VCARD_EMUL_PASSTHRU;
  }
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 11/12] build-sys: move G_LOG_DOMAIN to CPPFLAGS

[marcandre . lureau]

From: Marc-André Lureau 

So the whole project use the same log domain.

Signed-off-by: Marc-André Lureau 
---
 Makefile.am   | 1 +
 src/vreader.c | 5 -
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index b8e8a90..1cef1ee 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -70,6 +70,7 @@ tests_libcacard_LDADD = libcacard.la
 @CODE_COVERAGE_RULES@
 
 AM_CPPFLAGS =  \
+   -DG_LOG_DOMAIN=\"libcacard\"\
$(CACARD_CFLAGS)\
$(CODE_COVERAGE_CFLAGS) \
$(PCSC_CFLAGS)  \
diff --git a/src/vreader.c b/src/vreader.c
index bd662ac..2d8aa9f 100644
--- a/src/vreader.c
+++ b/src/vreader.c
@@ -5,11 +5,6 @@
  * See the COPYING file in the top-level directory.
  */
 
-#ifdef G_LOG_DOMAIN
-#undef G_LOG_DOMAIN
-#endif
-#define G_LOG_DOMAIN "libcacard"
-
 #include "glib-compat.h"
 
 #include 
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 02/12] build-sys: add --enable-pcsc

[marcandre . lureau]

From: Marc-André Lureau 

Signed-off-by: Marc-André Lureau 
---
 configure.ac | 26 ++
 1 file changed, 26 insertions(+)

diff --git a/configure.ac b/configure.ac
index b841ec1..b878526 100644
--- a/configure.ac
+++ b/configure.ac
@@ -36,9 +36,35 @@ AX_CODE_COVERAGE()
 PKG_CHECK_MODULES(CACARD, [glib-2.0 >= 2.22 nss >= 3.12.8])
 PKG_CHECK_MODULES(GTHREAD, [gthread-2.0])
 
+dnl === --enable-pcsc 
==
+
+AC_ARG_ENABLE([pcsc],
+  AS_HELP_STRING([--disable-pcsc],
+ [do not build passthrough support]),,
+  enable_pcsc=auto)
+if test "x$enable_pcsc" != "xno"; then
+   PKG_CHECK_MODULES(PCSC, libpcsclite, have_pcsc=yes, have_pcsc=no)
+   if test "x$have_pcsc" = "xno" -a "x$enable_pcsc" = "xyes"; then
+  AC_MSG_ERROR([pcsc support explicitly requested, but libpcsclite 
couldn't be found])
+   fi
+   if test "x$have_pcsc" = "xyes"; then
+  enable_pcsc=yes
+   fi
+fi
+AM_CONDITIONAL(ENABLE_PCSC, test "x$enable_pcsc" = "xyes")
+
 AC_CONFIG_FILES([
 Makefile
 src/Makefile
 libcacard.pc
 ])
 AC_OUTPUT
+
+AC_MSG_NOTICE([
+
+libcacard - $VERSION
+
+• Prefix: $prefix
+• PCSC enabled: $enable_pcsc
+
+])
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 01/12] Bug fix: delete the reader entry after queueing an event, not before

[marcandre . lureau]

From: Jeremy White 

As far as I can tell, the vreader_remove_reader function is not presently in
use anywhere; I have an upcoming patch set that uses it.

Signed-off-by: Jeremy White 
Reviewed-by: Marc-André Lureau 
---
 src/vreader.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/vreader.c b/src/vreader.c
index 5029f76..bd662ac 100644
--- a/src/vreader.c
+++ b/src/vreader.c
@@ -533,8 +533,8 @@ vreader_remove_reader(VReader *reader)
 }
 vreader_dequeue(vreader_list, current_entry);
 vreader_list_unlock();
-vreader_list_entry_delete(current_entry);
 vevent_queue_vevent(vevent_new(VEVENT_READER_REMOVE, reader, NULL));
+vreader_list_entry_delete(current_entry);
 return VREADER_OK;
 }
 
-- 
2.4.3

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 2/2] do not link spice with libcacard

[Michael Tokarev]

None of the libcacard symbols are actually used by the library,
only the header files, so there's no need to link with libcacard.

Signed-off-by: Michael Tokarev 
---
 spice-common/m4/spice-deps.m4 | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/spice-common/m4/spice-deps.m4 b/spice-common/m4/spice-deps.m4
index 64e7093..532472a 100644
--- a/spice-common/m4/spice-deps.m4
+++ b/spice-common/m4/spice-deps.m4
@@ -58,7 +58,8 @@ AC_DEFUN([SPICE_CHECK_SMARTCARD], [
   fi
 fi
 AS_VAR_APPEND([$1_CFLAGS], [' $(SMARTCARD_CFLAGS)'])
-AS_VAR_APPEND([$1_LIBS], [' $(SMARTCARD_LIBS)'])
+dnl only headers are used, not the lib itself
+dnlAS_VAR_APPEND([$1_LIBS], [' $(SMARTCARD_LIBS)'])
 ])
 
 
-- 
2.1.4

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

[Spice-devel] [PATCH 1/2] use variables foo_LIBS and foo_CFLAGS in deps, not their values

[Michael Tokarev]

spice-common/m4/spice-deps.m4 adds various foo_CFLAGS and foo_DEPS
to the given common_CFLAGS and common_DEPS. But it does this by
substituting the value directly, instead of using these variables
(which are also being defined with AC_DEFINE).  This way, it is
impossible to re-define these variables during make time.

So instead of

  AC_VAR_APPEND([$1_CFLAGS], [" $foo_CFLAGS"])

which adds _contents_ of $foo_CFLAGS, use

  AC_VAR_APPEND([$1_CFLAGS], [' $(foo_CFLAGS)'])

which adds reference to foo_CFLAGS variable instead.

Signed-off-by: Michael Tokarev 
---
 spice-common/m4/spice-deps.m4 | 28 ++--
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/spice-common/m4/spice-deps.m4 b/spice-common/m4/spice-deps.m4
index e4b2c8d..64e7093 100644
--- a/spice-common/m4/spice-deps.m4
+++ b/spice-common/m4/spice-deps.m4
@@ -57,8 +57,8 @@ AC_DEFUN([SPICE_CHECK_SMARTCARD], [
 AC_DEFINE(USE_SMARTCARD, [1], [Define if supporting smartcard 
proxying])
   fi
 fi
-AS_VAR_APPEND([$1_CFLAGS], [" $SMARTCARD_CFLAGS"])
-AS_VAR_APPEND([$1_LIBS], [" $SMARTCARD_LIBS"])
+AS_VAR_APPEND([$1_CFLAGS], [' $(SMARTCARD_CFLAGS)'])
+AS_VAR_APPEND([$1_LIBS], [' $(SMARTCARD_LIBS)'])
 ])
 
 
@@ -83,8 +83,8 @@ AC_DEFUN([SPICE_CHECK_CELT051], [
 
 AM_CONDITIONAL([HAVE_CELT051], [test "x$have_celt051" = "xyes"])
 AM_COND_IF([HAVE_CELT051], AC_DEFINE([HAVE_CELT051], 1, [Define if we have 
celt051 codec]))
-AS_VAR_APPEND([$1_CFLAGS], [" $CELT051_CFLAGS"])
-AS_VAR_APPEND([$1_LIBS], [" $CELT051_LIBS"])
+AS_VAR_APPEND([$1_CFLAGS], [' $(CELT051_CFLAGS)'])
+AS_VAR_APPEND([$1_LIBS], [' $(CELT051_LIBS)'])
 ])
 
 
@@ -101,8 +101,8 @@ AC_DEFUN([SPICE_CHECK_OPUS], [
 if test "x$have_opus" = "xyes" ; then
   AC_DEFINE([HAVE_OPUS], [1], [Define if we have OPUS])
 fi
-AS_VAR_APPEND([$1_CFLAGS], [" $OPUS_CFLAGS"])
-AS_VAR_APPEND([$1_LIBS], [" $OPUS_LIBS"])
+AS_VAR_APPEND([$1_CFLAGS], [' $(OPUS_CFLAGS)'])
+AS_VAR_APPEND([$1_LIBS], [' $(OPUS_LIBS)'])
 ])
 
 
@@ -132,8 +132,8 @@ AC_DEFUN([SPICE_CHECK_OPENGL], [
 AC_MSG_ERROR([GL libraries not available])
 fi
 fi
-AS_VAR_APPEND([$1_CFLAGS], [" $GL_CFLAGS"])
-AS_VAR_APPEND([$1_LIBS], [" $GL_LIBS"])
+AS_VAR_APPEND([$1_CFLAGS], [' $(GL_CFLAGS)'])
+AS_VAR_APPEND([$1_LIBS], [' $(GL_LIBS)'])
 ])
 
 
@@ -144,8 +144,8 @@ AC_DEFUN([SPICE_CHECK_OPENGL], [
 #---
 AC_DEFUN([SPICE_CHECK_PIXMAN], [
 PKG_CHECK_MODULES(PIXMAN, pixman-1 >= 0.17.7)
-AS_VAR_APPEND([$1_CFLAGS], [" $PIXMAN_CFLAGS"])
-AS_VAR_APPEND([$1_LIBS], [" $PIXMAN_LIBS"])
+AS_VAR_APPEND([$1_CFLAGS], [' $(PIXMAN_CFLAGS)'])
+AS_VAR_APPEND([$1_LIBS], [' $(PIXMAN_LIBS)'])
 ])
 
 
@@ -156,8 +156,8 @@ AC_DEFUN([SPICE_CHECK_PIXMAN], [
 #---
 AC_DEFUN([SPICE_CHECK_GLIB2], [
 PKG_CHECK_MODULES(GLIB2, glib-2.0)
-AS_VAR_APPEND([$1_CFLAGS], [" $GLIB2_CFLAGS"])
-AS_VAR_APPEND([$1_LIBS], [" $GLIB2_LIBS"])
+AS_VAR_APPEND([$1_CFLAGS], [' $(GLIB2_CFLAGS)'])
+AS_VAR_APPEND([$1_LIBS], [' $(GLIB2_LIBS)'])
 ])
 
 # SPICE_CHECK_PYTHON_MODULES()
@@ -200,6 +200,6 @@ AC_DEFUN([SPICE_CHECK_LZ4], [
   PKG_CHECK_MODULES([LZ4], [liblz4])
   AC_DEFINE(USE_LZ4, [1], [Define to build with lz4 support])
 fi
-AS_VAR_APPEND([$1_CFLAGS], [" $LZ4_CFLAGS"])
-AS_VAR_APPEND([$1_LIBS], [" $LZ4_LIBS"])
+AS_VAR_APPEND([$1_CFLAGS], [' $(LZ4_CFLAGS)'])
+AS_VAR_APPEND([$1_LIBS], [' $(LZ4_LIBS)'])
 ])
-- 
2.1.4

___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel

Re: [Spice-devel] [Qemu-devel] [PATCH] [RFC] LZ4 compression option for SPICE

[Fabio Fantoni]

Il 27/01/2015 09:26, Markus Armbruster ha scritto:
> Eric Blake  writes:
>
>> On 01/26/2015 01:48 AM, Javier Celaya wrote:
>>> Sorry, I forgot to patch the command-line help. Hope it helps.
>>>
> Recently, SPICE included the lz4 compression algorithm. This patch adds
> a command line option to select it.
 How is libvirt going to introspect whether the command line supports
 this option?  Is there some QMP command that lists the set of valid
 compression formats understood by a given qemu binary?
>> No, patching the command line --help does NOT help libvirt.  It needs to
>> be discoverable via QMP to be introspectible, as scraping --help output
>> is not machine-friendly.  (That said, you DO want to expose it in --help
>> output; I'm just complaining that --help output alone is not enough).
> We should really, really, really provide access to (the relevant subset
> of) the QAPI schema over QMP!  Until we get that, useful progress is
> delayed by problems like this one, and we keep growing special-purpose
> solutions to problems like this one.
> ___
> Spice-devel mailing list
> Spice-devel@lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/spice-devel
>

Hi, spice 0.12.6 with lz4 support has been released, is there any
possibility to add it also in qemu upstream to make possible selecting
it "Out of the box" please?



smime.p7s
Description: Firma crittografica S/MIME
___
Spice-devel mailing list
Spice-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/spice-devel