diff options
| author | Christophe Fergeau <cfergeau@redhat.com> | 2014-01-06 22:37:45 +0100 |
|---|---|---|
| committer | Christophe Fergeau <cfergeau@redhat.com> | 2014-01-20 12:15:42 +0100 |
| commit | 30fecf87f86f4f8343182cd0f3348f9c8a59e92b (patch) | |
| tree | b40e15e6dc2778b2df3c1999704e23b38492ff01 | |
| parent | 1f7123298fbebce4134e12b33d35fe62621f631b (diff) | |
| download | spice-30fecf87f86f4f8343182cd0f3348f9c8a59e92b.tar.gz spice-30fecf87f86f4f8343182cd0f3348f9c8a59e92b.tar.xz spice-30fecf87f86f4f8343182cd0f3348f9c8a59e92b.zip | |
Introduce reds_stream_is_ssl()
| -rw-r--r-- | server/inputs_channel.c | 2 | ||||
| -rw-r--r-- | server/reds.c | 10 | ||||
| -rw-r--r-- | server/reds_stream.c | 5 | ||||
| -rw-r--r-- | server/reds_stream.h | 1 |
4 files changed, 12 insertions, 6 deletions
diff --git a/server/inputs_channel.c b/server/inputs_channel.c index 8d4feaba..395b81fc 100644 --- a/server/inputs_channel.c +++ b/server/inputs_channel.c @@ -551,7 +551,7 @@ static void inputs_connect(RedChannel *channel, RedClient *client, spice_assert(g_inputs_channel); spice_assert(channel == &g_inputs_channel->base); - if (!stream->ssl && !red_client_during_migrate_at_target(client)) { + if (!reds_stream_is_ssl(stream) && !red_client_during_migrate_at_target(client)) { main_channel_client_push_notify(red_client_get_main(client), "keyboard channel is insecure"); } diff --git a/server/reds.c b/server/reds.c index 252cf5be..7fc48f1a 100644 --- a/server/reds.c +++ b/server/reds.c @@ -1412,9 +1412,9 @@ static void reds_info_new_channel(RedLinkInfo *link, int connection_id) spice_info("channel %d:%d, connected successfully, over %s link", link->link_mess->channel_type, link->link_mess->channel_id, - link->stream->ssl == NULL ? "Non Secure" : "Secure"); + reds_stream_is_ssl(link->stream) ? "Secure" : "Non Secure"); /* add info + send event */ - if (link->stream->ssl) { + if (reds_stream_is_ssl(link->stream)) { link->stream->info->flags |= SPICE_CHANNEL_EVENT_FLAG_TLS; } link->stream->info->connection_id = connection_id; @@ -2033,8 +2033,8 @@ static int reds_security_check(RedLinkInfo *link) { ChannelSecurityOptions *security_option = find_channel_security(link->link_mess->channel_type); uint32_t security = security_option ? security_option->options : default_channel_security; - return (link->stream->ssl && (security & SPICE_CHANNEL_SECURITY_SSL)) || - (!link->stream->ssl && (security & SPICE_CHANNEL_SECURITY_NONE)); + return (reds_stream_is_ssl(link->stream) && (security & SPICE_CHANNEL_SECURITY_SSL)) || + (!reds_stream_is_ssl(link->stream) && (security & SPICE_CHANNEL_SECURITY_NONE)); } static void reds_handle_read_link_done(void *opaque) @@ -2058,7 +2058,7 @@ static void reds_handle_read_link_done(void *opaque) SPICE_COMMON_CAP_PROTOCOL_AUTH_SELECTION); if (!reds_security_check(link)) { - if (link->stream->ssl) { + if (reds_stream_is_ssl(link->stream)) { spice_warning("spice channels %d should not be encrypted", link_mess->channel_type); reds_send_link_error(link, SPICE_LINK_ERR_NEED_UNSECURED); } else { diff --git a/server/reds_stream.c b/server/reds_stream.c index e94995ce..95c159f7 100644 --- a/server/reds_stream.c +++ b/server/reds_stream.c @@ -255,6 +255,11 @@ RedsStream *reds_stream_new(int socket) return stream; } +bool reds_stream_is_ssl(RedsStream *stream) +{ + return (stream->ssl != NULL); +} + void reds_stream_disable_writev(RedsStream *stream) { stream->writev = NULL; diff --git a/server/reds_stream.h b/server/reds_stream.h index 4927336d..fca2a712 100644 --- a/server/reds_stream.h +++ b/server/reds_stream.h @@ -125,6 +125,7 @@ void reds_stream_free(RedsStream *s); void reds_stream_push_channel_event(RedsStream *s, int event); void reds_stream_remove_watch(RedsStream* s); RedsStream *reds_stream_new(int socket); +bool reds_stream_is_ssl(RedsStream *stream); RedsStreamSslStatus reds_stream_ssl_accept(RedsStream *stream); int reds_stream_enable_ssl(RedsStream *stream, SSL_CTX *ctx); |