On Tue, Sep 24, 2013 at 08:47:37PM +0300, Uri Lublin wrote: > It seems better to me that spice-common would check whatever it is > asked, via v->verifyop, > and not return after the first successful test. > > If hostname is known to be wrong, it should not be checked (its flag > should be off). The problem is that we are not doing this at the moment, spice_set_session_option() will set v->verifyop to SPICE_SSL_VERIFY_OP_HOSTNAME | SPICE_SSL_VERIFY_OP_SUBJECT if a host subject was specified. VirtViewerSessionSpice::fill_session() will do the same, and I suspect it's the same for the controller code. The only reason to specify a host subject is when we know the hostname will not be correct to verify the host TLS certificate. If we want to use your patch, we need to change v->verifyop prior to the SSL verification to remove SPICE_SSL_VERIFY_HOSTNAME when both SPICE_SSL_VERIFY_OP_HOSTNAME and SPICE_SSL_VERIFY_OP_SUBJECT are set. Christophe
Attachment:
pgpxDwMLtt3zs.pgp
Description: PGP signature
_______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel