diff options
| author | Marc-André Lureau <marcandre.lureau@redhat.com> | 2011-01-25 13:48:52 +0100 |
|---|---|---|
| committer | Marc-André Lureau <marcandre.lureau@redhat.com> | 2011-01-25 16:53:23 +0100 |
| commit | 49a29dbb30e1af895de468d1e3bd2d6461616707 (patch) | |
| tree | 98b53f60a4443da336487e75140703be90362bea | |
| parent | d01fa70c9421160ba2480bb6a6ab23db2bf2fe3e (diff) | |
gtk: add pubkey verification on migration
| -rw-r--r-- | gtk/channel-main.c | 14 | ||||
| -rw-r--r-- | gtk/spice-session.c | 2 |
2 files changed, 12 insertions, 4 deletions
diff --git a/gtk/channel-main.c b/gtk/channel-main.c index ac10170..80ac978 100644 --- a/gtk/channel-main.c +++ b/gtk/channel-main.c @@ -1166,6 +1166,9 @@ static gboolean migrate_connect(gpointer data) c = SPICE_CHANNEL(mig->channel)->priv; g_return_val_if_fail(c != NULL, FALSE); + session = spice_channel_get_session(mig->channel); + mig->session = spice_session_new_from_session(session); + if ((c->peer_hdr.major_version == 1) && (c->peer_hdr.minor_version < 2)) { OldRedMigrationBegin *info = (OldRedMigrationBegin *)mig->info; @@ -1175,21 +1178,24 @@ static gboolean migrate_connect(gpointer data) sport = info->sport; host = info->host; } else { + GByteArray *pubkey = g_byte_array_new(); SpiceMsgMainMigrationBegin *info = mig->info; SPICE_DEBUG("migrate_begin %d %s %d %d", info->host_size, info->host_data, info->port, info->sport); port = info->port; sport = info->sport; host = (char*)info->host_data; - /* TODO: add info->pub_key_data check */ + g_byte_array_append(pubkey, info->pub_key_data, info->pub_key_size); + g_object_set(mig->session, + "pubkey", pubkey, + "verify", SPICE_CHANNEL_VERIFY_PUBKEY, + NULL); + g_byte_array_unref(pubkey); } - session = spice_channel_get_session(mig->channel); - if (g_getenv("SPICE_MIG_HOST")) host = g_getenv("SPICE_MIG_HOST"); - mig->session = spice_session_new_from_session(session); g_object_set(mig->session, "host", host, NULL); spice_session_set_port(mig->session, port, FALSE); spice_session_set_port(mig->session, sport, TRUE); diff --git a/gtk/spice-session.c b/gtk/spice-session.c index 0e70054..2809104 100644 --- a/gtk/spice-session.c +++ b/gtk/spice-session.c @@ -529,6 +529,8 @@ SpiceSession *spice_session_new_from_session(SpiceSession *session) "tls-port", &c->tls_port, "password", &c->password, "ca-file", &c->ca_file, + "cert-subject", &c->cert_subject, + "pubkey", &c->pubkey, NULL); c->client_provided_sockets = s->client_provided_sockets; |