[Spice-commits] gtk/spice-channel.c

[Christophe Fergau]

 gtk/spice-channel.c |    7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

New commits:
commit 5a36c87faa1ef9d9aba60a07930d9fe3e237c3a9
Author: Christophe Fergeau <cfergeau at redhat.com>
Date:   Sun Jun 10 23:30:13 2012 +0200

    Emit SPICE_CHANNEL_ERROR_TLS when certificate can't be found
    
    When trying to start remote-viewer with SPICE over TLS with
    --spice-ca-file with a wrong filename, the connection fails
    but remote-viewer keeps displaying the "Trying to connect"
    message. The only hint that something went wrong is:
    (remote-viewer:12924): GSpice-WARNING **: loading ca certs from a/home/teuf/foo.crt
    
    This patch makes sure we emit a SPICE_CHANNEL_ERROR_TLS before
    giving up on channel creation to inform the application that
    an error happened.

diff --git a/gtk/spice-channel.c b/gtk/spice-channel.c
index 3cd047d..4cac8ce 100644
--- a/gtk/spice-channel.c
+++ b/gtk/spice-channel.c
@@ -2144,15 +2144,16 @@ reconnect:
             g_warn_if_fail(ca_file != NULL);
             SPICE_DEBUG("CA file: %s", ca_file);
             rc = SSL_CTX_load_verify_locations(c->ctx, ca_file, NULL);
-            if (rc != 1)
-                g_warning("loading ca certs from %s failed", ca_file);
 
             if (rc != 1) {
+                g_warning("loading ca certs from %s failed", ca_file);
                 if (verify & SPICE_SESSION_VERIFY_PUBKEY) {
                     g_warning("only pubkey active");
                     verify = SPICE_SESSION_VERIFY_PUBKEY;
-                } else
+                } else {
+                    emit_main_context(channel, SPICE_CHANNEL_EVENT, SPICE_CHANNEL_ERROR_TLS);
                     goto cleanup;
+                }
             }
         }