diff options
author | Yonit Halperin <yhalperi@redhat.com> | 2010-01-10 09:48:38 +0200 |
---|---|---|
committer | Yaniv Kamay <ykamay@redhat.com> | 2010-01-11 19:10:54 +0200 |
commit | 3eae1c80d97ce6d1e0eee69f7454973abdb94ef6 (patch) | |
tree | f8e88491e6ea9d4be7feb7e03ed1349325d7983a /client/red_channel.cpp | |
parent | dcf326cfd523c135bd0be8f9a4bc2da6c78b2d23 (diff) | |
download | spice-3eae1c80d97ce6d1e0eee69f7454973abdb94ef6.tar.gz spice-3eae1c80d97ce6d1e0eee69f7454973abdb94ef6.tar.xz spice-3eae1c80d97ce6d1e0eee69f7454973abdb94ef6.zip |
server,client: server authentication for secured channels.
3 available mechanisms: by public key, by host name, and by certificate subject name.
In the former method, chain of trust verification is not performed.
The CA certificate files are looked for under <spice-config-dir>/spice_truststore.pem
windows <spice-config-dir>=%APPDATA%\spicec\
linux <spice-config-dir>=$HOME/.spicec/
Diffstat (limited to 'client/red_channel.cpp')
-rw-r--r-- | client/red_channel.cpp | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/client/red_channel.cpp b/client/red_channel.cpp index c7dce015..25e4e04d 100644 --- a/client/red_channel.cpp +++ b/client/red_channel.cpp @@ -89,6 +89,8 @@ void RedChannelBase::link(uint32_t connection_id, const std::string& password) header.major_version); } + _remote_minor = header.minor_version; + AutoArray<uint8_t> reply_buf(new uint8_t[header.size]); recive(reply_buf.get(), header.size); @@ -155,11 +157,11 @@ void RedChannelBase::link(uint32_t connection_id, const std::string& password) } void RedChannelBase::connect(const ConnectionOptions& options, uint32_t connection_id, - uint32_t ip, std::string password) + const char* host, std::string password) { if (options.allow_unsecure()) { try { - RedPeer::connect_unsecure(ip, options.unsecure_port); + RedPeer::connect_unsecure(host, options.unsecure_port); link(connection_id, password); return; } catch (...) { @@ -170,16 +172,10 @@ void RedChannelBase::connect(const ConnectionOptions& options, uint32_t connecti } } ASSERT(options.allow_secure()); - RedPeer::connect_secure(options, ip); + RedPeer::connect_secure(options, host); link(connection_id, password); } -void RedChannelBase::connect(const ConnectionOptions& options, uint32_t connection_id, - const char* host, std::string password) -{ - connect(options, connection_id, host_by_name(host), password); -} - void RedChannelBase::set_capability(ChannelCaps& caps, uint32_t cap) { uint32_t word_index = cap / 32; @@ -399,7 +395,8 @@ void RedChannel::run() set_state(CONNECTING_STATE); ConnectionOptions con_options(_client.get_connection_options(get_type()), _client.get_port(), - _client.get_sport()); + _client.get_sport(), + _client.get_host_auth_options()); RedChannelBase::connect(con_options, _client.get_connection_id(), _client.get_host().c_str(), _client.get_password().c_str()); |