[Spice-devel] [spice-gtk] Fix TLS connections when both TLS/non-TLS port are given

[Christophe Fergeau]

When qemu only accepts TLS connections, but spice-gtk is given an URI with
both port and tls-port specified, spice_session_channel_open_host() is
first attempted to the non-TLS port, and when that fails,
spice_channel_coroutine() retries a TLS connection.

Commit 3edcc04 broke this as when the non-TLS connection fails, an error is
set, and the TLS fallback is no longer attempted.
This commit fixes this by not reporting an error when we are attempting a
non-TLS connection, a TLS port is specified, and the non-TLS connection
failed with G_IO_ERROR_CONNECTION_REFUSED.
---
 gtk/spice-session.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/gtk/spice-session.c b/gtk/spice-session.c
index f217507..9cfb35c 100644
--- a/gtk/spice-session.c
+++ b/gtk/spice-session.c
@@ -1877,7 +1877,15 @@ GSocketConnection* spice_session_channel_open_host(SpiceSession *session, SpiceC
 
     if (open_host.error != NULL) {
         SPICE_DEBUG("open host: %s", open_host.error->message);
-        g_propagate_error(error, open_host.error);
+        if (!*use_tls
+                && s->tls_port
+                && (open_host.error->domain == G_IO_ERROR)
+                && (open_host.error->code == G_IO_ERROR_CONNECTION_REFUSED)) {
+            SPICE_DEBUG("Ignoring open host error, will retry TLS connection");
+            g_clear_error(&open_host.error);
+        } else {
+            g_propagate_error(error, open_host.error);
+        }
     } else if (open_host.connection != NULL) {
         GSocket *socket;
         socket = g_socket_connection_get_socket(open_host.connection);
-- 
1.8.5.3