On Wed, Aug 17, 2011 at 06:55:46PM +0200, Michal Privoznik wrote: > When spice_tls is set but listen_tls is not, we don't initialize > GnuTLS library. So any later gnutls call (e.g. during migration, > where we initialize a certificate) will access uninitialized GnuTLS > internal structs and throws an error. > > Although, we might now initialize GnuTLS twice, it is safe according > to the documentation: > > This function can be called many times, > but will only do something the first time. > --- > src/qemu/qemu_driver.c | 13 +++++++++++++ > 1 files changed, 13 insertions(+), 0 deletions(-) We don't really want this in the QEMU driver, rather do it unconditionally in the libvirtd startup code instead. I'd also prefer if there was a global init function in src/rpc/virnettlscontext.h, so that we keep the GNUTLS code all in one place, and just have libvirt use our internal APIs in all other places. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list