diff options
author | Marc-André Lureau <marcandre.lureau@redhat.com> | 2013-04-11 14:21:15 +0200 |
---|---|---|
committer | Marc-André Lureau <marcandre.lureau@redhat.com> | 2013-04-11 15:08:16 +0200 |
commit | 26fc5d9f611ac0839eec2fd4242a446d8e96ce8c (patch) | |
tree | 827b0bc4634fbe57b703bb258c0f6654f899bf70 | |
parent | 07c3309890400b30ed27dc1d331fe3a2f027fe69 (diff) | |
download | spice-gtk-26fc5d9f611ac0839eec2fd4242a446d8e96ce8c.tar.gz spice-gtk-26fc5d9f611ac0839eec2fd4242a446d8e96ce8c.tar.xz spice-gtk-26fc5d9f611ac0839eec2fd4242a446d8e96ce8c.zip |
session: enforce secure channels
-rw-r--r-- | gtk/spice-channel.c | 2 | ||||
-rw-r--r-- | gtk/spice-session-priv.h | 2 | ||||
-rw-r--r-- | gtk/spice-session.c | 11 |
3 files changed, 11 insertions, 4 deletions
diff --git a/gtk/spice-channel.c b/gtk/spice-channel.c index b9ce899..0a32d6c 100644 --- a/gtk/spice-channel.c +++ b/gtk/spice-channel.c @@ -2231,7 +2231,7 @@ static void *spice_channel_coroutine(void *data) } reconnect: - c->conn = spice_session_channel_open_host(c->session, channel, c->tls); + c->conn = spice_session_channel_open_host(c->session, channel, &c->tls); if (c->conn == NULL) { if (!c->tls) { CHANNEL_DEBUG(channel, "trying with TLS port"); diff --git a/gtk/spice-session-priv.h b/gtk/spice-session-priv.h index ee90615..de4e40c 100644 --- a/gtk/spice-session-priv.h +++ b/gtk/spice-session-priv.h @@ -116,7 +116,7 @@ int spice_session_get_connection_id(SpiceSession *session); gboolean spice_session_get_client_provided_socket(SpiceSession *session); GSocketConnection* spice_session_channel_open_host(SpiceSession *session, SpiceChannel *channel, - gboolean use_tls); + gboolean *use_tls); void spice_session_channel_new(SpiceSession *session, SpiceChannel *channel); void spice_session_channel_destroy(SpiceSession *session, SpiceChannel *channel); void spice_session_channel_migrate(SpiceSession *session, SpiceChannel *channel); diff --git a/gtk/spice-session.c b/gtk/spice-session.c index 448ef15..e60e904 100644 --- a/gtk/spice-session.c +++ b/gtk/spice-session.c @@ -1760,9 +1760,10 @@ static gboolean open_host_idle_cb(gpointer data) /* coroutine context */ G_GNUC_INTERNAL GSocketConnection* spice_session_channel_open_host(SpiceSession *session, SpiceChannel *channel, - gboolean use_tls) + gboolean *use_tls) { SpiceSessionPrivate *s = SPICE_SESSION_GET_PRIVATE(session); + SpiceChannelPrivate *c = channel->priv; spice_open_host open_host = { 0, }; gchar *port, *endptr; @@ -1770,7 +1771,13 @@ GSocketConnection* spice_session_channel_open_host(SpiceSession *session, SpiceC open_host.from = coroutine_self(); open_host.session = session; open_host.channel = channel; - port = use_tls ? s->tls_port : s->port; + + const char *name = spice_channel_type_to_string(c->channel_type); + if (spice_strv_contains(s->secure_channels, "all") || + spice_strv_contains(s->secure_channels, name)) + *use_tls = TRUE; + + port = *use_tls ? s->tls_port : s->port; if (port == NULL) return NULL; |