When launching from a vv-file, we want to use the ca specified in the vv
file and not load additional certs from the fallback ca-file. This
ensures that the ca-file property of the spice session is unset when
loading a ca from a vv-file.
Resolves: rhbz#1127762
---
An alternate approach would be simply removing the fallback 'ca-file' property
value from spice-gtk. The default value for this property is currently
~/.spicec/spice_truststore.pem, which appears to be a holdover from the old
'spicec' client. I don't know whether anybody relies on this file anymore or
not.
src/virt-viewer-session-spice.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/virt-viewer-session-spice.c b/src/virt-viewer-session-spice.c
index b6886be..c1cd2f9 100644
--- a/src/virt-viewer-session-spice.c
+++ b/src/virt-viewer-session-spice.c
@@ -365,7 +365,10 @@ fill_session(VirtViewerFile *file, SpiceSession *session)
g_return_if_fail(ca != NULL);
GByteArray *ba = g_byte_array_new_take((guint8 *)ca, strlen(ca) + 1);
- g_object_set(G_OBJECT(session), "ca", ba, NULL);
+ g_object_set(G_OBJECT(session),
+ "ca", ba,
+ "ca-file", NULL,
+ NULL);
g_byte_array_unref(ba);
}
--
1.9.3
_______________________________________________
virt-tools-list mailing list
virt-tools-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/virt-tools-list
