summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristophe Fergeau <cfergeau@redhat.com>2014-01-06 22:37:45 +0100
committerChristophe Fergeau <cfergeau@redhat.com>2014-01-20 12:15:42 +0100
commit30fecf87f86f4f8343182cd0f3348f9c8a59e92b (patch)
treeb40e15e6dc2778b2df3c1999704e23b38492ff01
parent1f7123298fbebce4134e12b33d35fe62621f631b (diff)
Introduce reds_stream_is_ssl()
Diffstat
-rw-r--r--server/inputs_channel.c2
-rw-r--r--server/reds.c10
-rw-r--r--server/reds_stream.c5
-rw-r--r--server/reds_stream.h1
4 files changed, 12 insertions, 6 deletions
diff --git a/server/inputs_channel.c b/server/inputs_channel.c
index 8d4feaba..395b81fc 100644
--- a/server/inputs_channel.c
+++ b/server/inputs_channel.c
@@ -551,7 +551,7 @@ static void inputs_connect(RedChannel *channel, RedClient *client,
spice_assert(g_inputs_channel);
spice_assert(channel == &g_inputs_channel->base);
- if (!stream->ssl && !red_client_during_migrate_at_target(client)) {
+ if (!reds_stream_is_ssl(stream) && !red_client_during_migrate_at_target(client)) {
main_channel_client_push_notify(red_client_get_main(client),
"keyboard channel is insecure");
}
diff --git a/server/reds.c b/server/reds.c
index 252cf5be..7fc48f1a 100644
--- a/server/reds.c
+++ b/server/reds.c
@@ -1412,9 +1412,9 @@ static void reds_info_new_channel(RedLinkInfo *link, int connection_id)
spice_info("channel %d:%d, connected successfully, over %s link",
link->link_mess->channel_type,
link->link_mess->channel_id,
- link->stream->ssl == NULL ? "Non Secure" : "Secure");
+ reds_stream_is_ssl(link->stream) ? "Secure" : "Non Secure");
/* add info + send event */
- if (link->stream->ssl) {
+ if (reds_stream_is_ssl(link->stream)) {
link->stream->info->flags |= SPICE_CHANNEL_EVENT_FLAG_TLS;
}
link->stream->info->connection_id = connection_id;
@@ -2033,8 +2033,8 @@ static int reds_security_check(RedLinkInfo *link)
{
ChannelSecurityOptions *security_option = find_channel_security(link->link_mess->channel_type);
uint32_t security = security_option ? security_option->options : default_channel_security;
- return (link->stream->ssl && (security & SPICE_CHANNEL_SECURITY_SSL)) ||
- (!link->stream->ssl && (security & SPICE_CHANNEL_SECURITY_NONE));
+ return (reds_stream_is_ssl(link->stream) && (security & SPICE_CHANNEL_SECURITY_SSL)) ||
+ (!reds_stream_is_ssl(link->stream) && (security & SPICE_CHANNEL_SECURITY_NONE));
}
static void reds_handle_read_link_done(void *opaque)
@@ -2058,7 +2058,7 @@ static void reds_handle_read_link_done(void *opaque)
SPICE_COMMON_CAP_PROTOCOL_AUTH_SELECTION);
if (!reds_security_check(link)) {
- if (link->stream->ssl) {
+ if (reds_stream_is_ssl(link->stream)) {
spice_warning("spice channels %d should not be encrypted", link_mess->channel_type);
reds_send_link_error(link, SPICE_LINK_ERR_NEED_UNSECURED);
} else {
diff --git a/server/reds_stream.c b/server/reds_stream.c
index e94995ce..95c159f7 100644
--- a/server/reds_stream.c
+++ b/server/reds_stream.c
@@ -255,6 +255,11 @@ RedsStream *reds_stream_new(int socket)
return stream;
}
+bool reds_stream_is_ssl(RedsStream *stream)
+{
+ return (stream->ssl != NULL);
+}
+
void reds_stream_disable_writev(RedsStream *stream)
{
stream->writev = NULL;
diff --git a/server/reds_stream.h b/server/reds_stream.h
index 4927336d..fca2a712 100644
--- a/server/reds_stream.h
+++ b/server/reds_stream.h
@@ -125,6 +125,7 @@ void reds_stream_free(RedsStream *s);
void reds_stream_push_channel_event(RedsStream *s, int event);
void reds_stream_remove_watch(RedsStream* s);
RedsStream *reds_stream_new(int socket);
+bool reds_stream_is_ssl(RedsStream *stream);
RedsStreamSslStatus reds_stream_ssl_accept(RedsStream *stream);
int reds_stream_enable_ssl(RedsStream *stream, SSL_CTX *ctx);
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 18:03:09 +0000