Hi
----- Mensaje original -----
> Hi,
>
> I'm trying to do seamless migration of a qemu guest, using only tls for spice
> client.
>
> Client is remote-viewer, and is launched through a config file with the ca
> certificate embedded like this
>
> [virt-viewer]
> type=spice
> ca=----BEGIN CERTIFICATE------\n........\nEND CERTIFICATE----\n
> tls-port=xxxx
> ...
>
>
> This works fine for establish the connection to spice server,
> but when I'm doing a seamless migration, the ca is not reused and
> remote-viewer give me
>
> (remote-viewer:25533): GSpice-WARNING **: no cert loaded
>
> Workaround is to copy the cerficate in .spicec/spice_truststore.pem,
>
> But I would like to avoid to do this.
>
>
> Is it a bug ? or does exist some option to force remote-viewer to auto write
> the ca=... inside the spice_truststore.pem ?
It looks like a bug, I think we should copy the ca when creating the migration session. Can you try the attached patch (not tested)? thanks
From cf6275a6ef2b450220302ad112157c25a7006402 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@xxxxxxxxxx>
Date: Mon, 22 Jul 2013 15:07:55 +0200
Subject: [PATCH spice-gtk] session: copy "ca" property in copy ctor
This should fix the GSpice-WARNING **: no cert loaded, when doing a
seamless migration (when using the "ca" property).
---
gtk/spice-session.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/gtk/spice-session.c b/gtk/spice-session.c
index 8cb2d39..a9435f4 100644
--- a/gtk/spice-session.c
+++ b/gtk/spice-session.c
@@ -1251,6 +1251,7 @@ SpiceSession *spice_session_new_from_session(SpiceSession *session)
"enable-smartcard", &c->smartcard,
"enable-audio", &c->audio,
"enable-usbredir", &c->usbredir,
+ "ca", &c->ca,
NULL);
c->client_provided_sockets = s->client_provided_sockets;
--
1.8.3.rc1.49.g8d97506
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/spice-devel