diff options
author | Yonit Halperin <yhalperi@redhat.com> | 2010-01-10 09:48:38 +0200 |
---|---|---|
committer | Yaniv Kamay <ykamay@redhat.com> | 2010-01-11 19:10:54 +0200 |
commit | 3eae1c80d97ce6d1e0eee69f7454973abdb94ef6 (patch) | |
tree | f8e88491e6ea9d4be7feb7e03ed1349325d7983a /client/application.cpp | |
parent | dcf326cfd523c135bd0be8f9a4bc2da6c78b2d23 (diff) | |
download | spice-3eae1c80d97ce6d1e0eee69f7454973abdb94ef6.tar.gz spice-3eae1c80d97ce6d1e0eee69f7454973abdb94ef6.tar.xz spice-3eae1c80d97ce6d1e0eee69f7454973abdb94ef6.zip |
server,client: server authentication for secured channels.
3 available mechanisms: by public key, by host name, and by certificate subject name.
In the former method, chain of trust verification is not performed.
The CA certificate files are looked for under <spice-config-dir>/spice_truststore.pem
windows <spice-config-dir>=%APPDATA%\spicec\
linux <spice-config-dir>=$HOME/.spicec/
Diffstat (limited to 'client/application.cpp')
-rw-r--r-- | client/application.cpp | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/client/application.cpp b/client/application.cpp index ac5877c4..d4fe59f6 100644 --- a/client/application.cpp +++ b/client/application.cpp @@ -51,6 +51,8 @@ #define STICKY_KEY_PIXMAP ALT_IMAGE_RES_ID #define STICKY_KEY_TIMEOUT 750 +#define CA_FILE_NAME "spice_truststore.pem" + #ifdef CAIRO_CANVAS_CACH_IS_SHARED mutex_t cairo_surface_user_data_mutex; #endif @@ -1818,6 +1820,11 @@ bool Application::process_cmd_line(int argc, char** argv) _peer_con_opt[i] = RedPeer::ConnectionOptions::CON_OP_INVALID; } + _host_auth_opt.type_flags = RedPeer::HostAuthOptions::HOST_AUTH_OP_NAME; + + Platform::get_spice_config_dir(_host_auth_opt.CA_file); + _host_auth_opt.CA_file += CA_FILE_NAME; + parser.begin(argc, argv); char* val; @@ -1836,12 +1843,11 @@ bool Application::process_cmd_line(int argc, char** argv) break; } case SPICE_OPT_SPORT: { - if ((port = str_to_port(val)) == -1) { + if ((sport = str_to_port(val)) == -1) { std::cout << "invalid secure port " << val << "\n"; _exit_code = SPICEC_ERROR_CODE_INVALID_ARG; return false; } - sport = port; break; } case SPICE_OPT_FULL_SCREEN: |