Validate empty host subject from qemu exactly like when no explicit host subject is specified. https://bugzilla.redhat.com/show_bug.cgi?id=858228 --- gtk/channel-main.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/gtk/channel-main.c b/gtk/channel-main.c index 21428cf..6b9ba8d 100644 --- a/gtk/channel-main.c +++ b/gtk/channel-main.c @@ -1729,6 +1729,10 @@ static gboolean migrate_connect(gpointer data) "verify", SPICE_SESSION_VERIFY_PUBKEY, NULL); g_byte_array_unref(pubkey); + } else if (info->cert_subject_size == 0 || + strlen((const char*)info->cert_subject_data) == 0) { + /* only verify hostname if no cert subject */ + g_object_set(mig->session, "verify", SPICE_SESSION_VERIFY_HOSTNAME, NULL); } else { gchar *subject = g_alloca(info->cert_subject_size + 1); strncpy(subject, (const char*)info->cert_subject_data, info->cert_subject_size); -- 1.7.11.7 _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel