On Thu, Oct 18, 2012 at 07:41:35PM +0200, Marc-André Lureau wrote: > Validate empty host subject from qemu exactly like when no explicit > host subject is specified. Looks good, have you tested that it works? I tried to fix it a while ago as it seemed easy enough, provided a scratch build to the reporter, but this did not work as expected at all ;) ACK if this has been tested. Christophe > > https://bugzilla.redhat.com/show_bug.cgi?id=858228 > --- > gtk/channel-main.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/gtk/channel-main.c b/gtk/channel-main.c > index 21428cf..6b9ba8d 100644 > --- a/gtk/channel-main.c > +++ b/gtk/channel-main.c > @@ -1729,6 +1729,10 @@ static gboolean migrate_connect(gpointer data) > "verify", SPICE_SESSION_VERIFY_PUBKEY, > NULL); > g_byte_array_unref(pubkey); > + } else if (info->cert_subject_size == 0 || > + strlen((const char*)info->cert_subject_data) == 0) { > + /* only verify hostname if no cert subject */ > + g_object_set(mig->session, "verify", SPICE_SESSION_VERIFY_HOSTNAME, NULL); > } else { > gchar *subject = g_alloca(info->cert_subject_size + 1); > strncpy(subject, (const char*)info->cert_subject_data, info->cert_subject_size); > -- > 1.7.11.7 > > _______________________________________________ > Spice-devel mailing list > Spice-devel@xxxxxxxxxxxxxxxxxxxxx > http://lists.freedesktop.org/mailman/listinfo/spice-devel
Attachment:
pgpe0WxcCSMlZ.pgp
Description: PGP signature
_______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel