| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
We need to make sure we have a buffer big enough to accomodate the data
sent by the coming SASL step.
|
|
sasl_handle_auth_start() was called instead of reds_sasl_handle_auth_step()
|
|
2 of the arguments are not used, the G_GNUC_UNUSED annotation will make
this explicit.
|
|
All users are now contained in reds_stream.c
|
|
9feed69 moved the async reader code to RedsStream so that it can be used
for the SASL authentication code. In particular, it introduced a
RedsStream::async_read member which is used by the SASL authentication code
for its async operations.
However, what was not done is to remove the now redundant
RedLinkInfo::async_read field. This causes failures when using SASL
authentication as the async read error callback is getting set
on the RedLinkInfo::async_read structure, but then the SASL code is trying
to use the RedeStream::async_read structure for its async IOs, which do not
have the needed error callback set.
This commit makes use of the newly introduced reds_stream_async_read()
helper in order to make use of RedsStream::async_read.
|
|
This is a more explicit name.
|
|
This replaces async_read_set_error_handler() which was unused. This sets a
callback to be called when an async operation fails.
We could pass the error_handler to each reds_stream_async_read() call, but as
we will be using the same one for all async calls, it's more convenient to set it
once and for all.
AsyncRead is going to be private to reds_stream.c in one of the next
commits, and the error handler will need to be set from reds.c,
hence the move to a public RedsStream method.
|
|
This will allow to make RedsStream::async_read private
|
|
Fixing this is a matter of picking the spice-common fix to generate the
(de)marshaller source files in the right place, and to adjust the compiler
flags to look for includes in the build directory as well.
|
|
There are 2 SASL-related function prototypes which are unused in the
--without-sasl case. They cause a warning, and a build failure
when using -Werror. Wrapping them in #if HAVE_SASL avoids this issue.
|
|
This commit makes use of a2x in order to generate a chunked manual in
addition to the "all in one page" one.
|
|
|
|
This can fail in fips mode for example. If we ignore the failure, we'll get
a crash:
#0 0x00007f38d63728a0 in BN_num_bits () from /lib64/libcrypto.so.10
#1 0x00007f38d639661d in RSA_size () from /lib64/libcrypto.so.10
#2 0x00007f38d7991762 in reds_handle_read_link_done () from /lib64/libspice-server.so.1
#3 0x00007f38d7990c06 in spice_server_add_client () from /lib64/libspice-server.so.1
#4 0x00007f38d7990c6a in reds_accept () from /lib64/libspice-server.so.1
#5 0x00007f38dc0d2946 in qemu_iohandler_poll (pollfds=0x7f38dedce200, ret=755449965, ret@entry=1) at iohandler.c:143
#6 0x00007f38dc0d6ea8 in main_loop_wait (nonblocking=<optimized out>) at main-loop.c:465
#7 0x00007f38dbffd7c0 in main_loop () at vl.c:1988
#8 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at vl.c:4357
This commit will cause the client connection to fail but qemu won't
segfault.
|
|
static void _spice_timer_set(SpiceTimer *timer, uint32_t ms, uint32_t now)
The _spice_timer_set() function takes a 32-bit integer for the "now" value.
The now value passed in however, can exceed 2^32 (it's in ms and derived
from CLOCK_MONOTONIC, which will wrap around a 32-bit integer in around 46
days).
If the now value passed in exceeds 2^32, this will mean timers are inserted
into the active list with expiry values before the current time, they will
immediately trigger, and (if they don't make themselves inactive) be
reinserted still before the current time.
This leads to an infinite loop in spice_timer_queue_cb().
https://bugzilla.redhat.com/show_bug.cgi?id=1072700
|
|
|
|
|
|
|
|
It's much much easier to read and edit, and the end results looks better
as well, see http://elmarco.fedorapeople.org/manual.html
|
|
For example, with qemu, a webdav channel can be created this way:
-chardev spiceport,name=org.spice-space.webdav.0,...
And redirected to a virtio port:
-device virtserialport,...,name=org.spice-space.webdav.0
|
|
|
|
Remove some non-conventional/non-freesoftware editor-specific lines.
Remove trailing whitespaces
Get rid of DTD, which is too strict for docbook, see also:
http://docbook.org/tdg5/en/html/ch02.html
This get rids of the following warning/error:
I/O error : Attempt to load network entity
http://docbook.org/xml/5.0/dtd/docbook.dtd
/home/elmarco/src/spice/spice-master/docs/manual/SpiceUserManual.xml:4:
warning: failed to load external entity
"http://docbook.org/xml/5.0/dtd/docbook.dtd"
"http://docbook.org/xml/5.0/dtd/docbook.dtd">
^
|
|
It was spelt 'capabilty'
|
|
|
|
When trying to start mjpeg compression mode, mjpeg_encoder_start_frame()
tests the image format as its only able to compress 24/32bpp images. On
images with lower bit depths, we return MJPEG_ENCODER_FRAME_UNSUPPORTED to
indicate this is not a format we can compress. However, this return goes
with a spice_warning("unsupported format"). As the rest of the code can
cope with this unsupported format by not doing mjpeg compression, it's
nicer to downgrade this spice_warning() to spice_debug().
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1070028
|
|
This manual documents how to enable/use various SPICE features when
creating a VM by running QEMU directly, or when using libvirt, or when
using virt-manager.
This is based on work by Lubos Kocman
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The private data is allocated at the same time as RedsStream and
goes immediatly after the main RedsStream data.
This private member will allow to hide internal RedsStream
implementation details from the rest of spice-server.
|
|
SASL authentication mostly use members from RedsStream to do its work, so
it makes sense to have its code in reds_stream.c. This should allow to make
RedsStream::sasl private in the future.
|
|
The AsyncRead structure in reds.h wraps an async read + callback to
be done on a stream. Moving it to reds_stream.h is needed in order
to move SASL authentication there.
|
|
Now that stream creation and SSL enabling are done by helpers
in reds_stream.c, we can move the initialization of the vfunc
read/write pointers there too.
|
|
Initializing a new stream means initializing quite a few fields.
This commit factors this initialization in a dedicated reds_stream_new
helper. This also helps moving more code from reds.c to reds_stream.c
|
|
Code to initiate a SSL stream belongs there
|
|
They are renamed to reds_stream_write*
|
|
Gather common RedsStream code there rather than having it
in reds.c
|
|
|
|
test-display-streaming is calling malloc() without checking its return
value. Coverity warns about this. This commit switches to g_malloc() to
sidestep this warning (g_malloc() never returns NULL but aborts instead).
|
|
coverity spotted some variables that were declared but not used in
server/tests
|
|
Signed-off-by: Jeremy White <jwhite@codeweavers.com>
|
|
Signed-off-by: Jeremy White <jwhite@codeweavers.com>
|
|
spice-common.
This makes celt optional, and paves the way to readily add additional codecs.
Signed-off-by: Jeremy White <jwhite@codeweavers.com>
|
|
When creating a TLS socket, both spice-server and spice-gtk currently
call SSL_CTX_new(TLSv1_method()). The TLSv1_method() function set the
protocol version to TLS 1.0 exclusively. The correct way to support
multiple protocol versions is to call SSLv23_method() in spite of its
scary name. This method will enable all SSL/TLS protocol versions. The
protocol suite may be further narrowed down by setting respective
SSL_OP_NO_<version_code> options of SSL context. This possibility is
used in this patch in order to block use of SSLv3 that is enabled by
default in openssl for client sockets as of now but spice has never used
it.
|
