[Spice-devel] [PATCH migration 12/19] client: handle SpiceMsgMainMigrationBegin (semi-seamless migration)
Yonit Halperin
yhalperi at redhat.com
Wed Oct 12 03:39:02 PDT 2011
RHBZ 725009, 738270
(cherry picked from commit 31ed2519a752b7332ed40d0d7ab02e938c0e65cb branch 0.8)
Conflicts:
client/red_client.cpp
Signed-off-by: Yonit Halperin <yhalperi at redhat.com>
---
client/red_client.cpp | 23 ++++++++++++++++++++---
1 files changed, 20 insertions(+), 3 deletions(-)
diff --git a/client/red_client.cpp b/client/red_client.cpp
index efd9feb..afde7d2 100644
--- a/client/red_client.cpp
+++ b/client/red_client.cpp
@@ -260,9 +260,15 @@ void* Migrate::worker_main(void *data)
void Migrate::start(const SpiceMsgMainMigrationBegin* migrate)
{
+ std::string cert_subject;
+ uint32_t peer_major;
+ uint32_t peer_minor;
+
DBG(0, "");
abort();
- if ((_client.get_peer_major() == 1) && (_client.get_peer_minor() < 1)) {
+ peer_major = _client.get_peer_major();
+ peer_minor = _client.get_peer_minor();
+ if ((peer_major == 1) && (peer_minor < 1)) {
LOG_INFO("server minor version incompatible for destination authentication"
"(missing dest pubkey in SpiceMsgMainMigrationBegin)");
OldRedMigrationBegin* old_migrate = (OldRedMigrationBegin*)migrate;
@@ -274,8 +280,19 @@ void Migrate::start(const SpiceMsgMainMigrationBegin* migrate)
_host.assign((char *)migrate->host_data);
_port = migrate->port ? migrate->port : -1;
_sport = migrate->sport ? migrate->sport : -1;
- _auth_options.type_flags = SPICE_SSL_VERIFY_OP_PUBKEY;
- _auth_options.host_pubkey.assign(migrate->pub_key_data, migrate->pub_key_data + migrate->pub_key_size);
+ if ((peer_major == 1) || (peer_major == 2 && peer_minor < 1)) {
+ _auth_options.type_flags = SPICE_SSL_VERIFY_OP_PUBKEY;
+ _auth_options.host_pubkey.assign(migrate->pub_key_data, migrate->pub_key_data +
+ migrate->pub_key_size);
+ } else {
+ _auth_options.type_flags = SPICE_SSL_VERIFY_OP_SUBJECT;
+ _auth_options.CA_file = _client.get_host_auth_options().CA_file;
+ if (migrate->cert_subject_size != 0) {
+ _auth_options.host_subject.assign(migrate->cert_subject_data,
+ migrate->cert_subject_data +
+ migrate->cert_subject_size);
+ }
+ }
}
_con_ciphers = _client.get_connection_ciphers();
--
1.7.6.4
More information about the Spice-devel
mailing list