[PATCH 10/17] Introduce reds_stream_is_ssl()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---
 server/inputs_channel.c |  2 +-
 server/reds.c           | 10 +++++-----
 server/reds_stream.c    |  5 +++++
 server/reds_stream.h    |  1 +
 4 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/server/inputs_channel.c b/server/inputs_channel.c
index 8d4feab..395b81f 100644
--- a/server/inputs_channel.c
+++ b/server/inputs_channel.c
@@ -551,7 +551,7 @@ static void inputs_connect(RedChannel *channel, RedClient *client,
     spice_assert(g_inputs_channel);
     spice_assert(channel == &g_inputs_channel->base);
 
-    if (!stream->ssl && !red_client_during_migrate_at_target(client)) {
+    if (!reds_stream_is_ssl(stream) && !red_client_during_migrate_at_target(client)) {
         main_channel_client_push_notify(red_client_get_main(client),
                                         "keyboard channel is insecure");
     }
diff --git a/server/reds.c b/server/reds.c
index da93dec..f35f989 100644
--- a/server/reds.c
+++ b/server/reds.c
@@ -1411,9 +1411,9 @@ static void reds_info_new_channel(RedLinkInfo *link, int connection_id)
     spice_info("channel %d:%d, connected successfully, over %s link",
                link->link_mess->channel_type,
                link->link_mess->channel_id,
-               link->stream->ssl == NULL ? "Non Secure" : "Secure");
+               reds_stream_is_ssl(link->stream) ? "Secure" : "Non Secure");
     /* add info + send event */
-    if (link->stream->ssl) {
+    if (reds_stream_is_ssl(link->stream)) {
         link->stream->info->flags |= SPICE_CHANNEL_EVENT_FLAG_TLS;
     }
     link->stream->info->connection_id = connection_id;
@@ -2032,8 +2032,8 @@ static int reds_security_check(RedLinkInfo *link)
 {
     ChannelSecurityOptions *security_option = find_channel_security(link->link_mess->channel_type);
     uint32_t security = security_option ? security_option->options : default_channel_security;
-    return (link->stream->ssl && (security & SPICE_CHANNEL_SECURITY_SSL)) ||
-        (!link->stream->ssl && (security & SPICE_CHANNEL_SECURITY_NONE));
+    return (reds_stream_is_ssl(link->stream) && (security & SPICE_CHANNEL_SECURITY_SSL)) ||
+        (!reds_stream_is_ssl(link->stream) && (security & SPICE_CHANNEL_SECURITY_NONE));
 }
 
 static void reds_handle_read_link_done(void *opaque)
@@ -2057,7 +2057,7 @@ static void reds_handle_read_link_done(void *opaque)
                                     SPICE_COMMON_CAP_PROTOCOL_AUTH_SELECTION);
 
     if (!reds_security_check(link)) {
-        if (link->stream->ssl) {
+        if (reds_stream_is_ssl(link->stream)) {
             spice_warning("spice channels %d should not be encrypted", link_mess->channel_type);
             reds_send_link_error(link, SPICE_LINK_ERR_NEED_UNSECURED);
         } else {
diff --git a/server/reds_stream.c b/server/reds_stream.c
index e94995c..95c159f 100644
--- a/server/reds_stream.c
+++ b/server/reds_stream.c
@@ -255,6 +255,11 @@ RedsStream *reds_stream_new(int socket)
     return stream;
 }
 
+bool reds_stream_is_ssl(RedsStream *stream)
+{
+    return (stream->ssl != NULL);
+}
+
 void reds_stream_disable_writev(RedsStream *stream)
 {
     stream->writev = NULL;
diff --git a/server/reds_stream.h b/server/reds_stream.h
index 4927336..fca2a71 100644
--- a/server/reds_stream.h
+++ b/server/reds_stream.h
@@ -125,6 +125,7 @@ void reds_stream_free(RedsStream *s);
 void reds_stream_push_channel_event(RedsStream *s, int event);
 void reds_stream_remove_watch(RedsStream* s);
 RedsStream *reds_stream_new(int socket);
+bool reds_stream_is_ssl(RedsStream *stream);
 RedsStreamSslStatus reds_stream_ssl_accept(RedsStream *stream);
 int reds_stream_enable_ssl(RedsStream *stream, SSL_CTX *ctx);
 
-- 
1.8.4.2

_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/spice-devel




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]     [Monitors]