From 13101b428542f0234266443fe28130392366744b Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Thu, 18 Mar 2010 17:25:35 -0300 Subject: [PATCH 09/14] spice: configure channel security RH-Author: Gerd Hoffmann Message-id: <1268933140-655-10-git-send-email-kraxel@redhat.com> Patchwork-id: 7899 O-Subject: [RHEL-6 kvm PATCH v3 09/14] spice: configure channel security Bugzilla: 574225 RH-Acked-by: Alexander Larsson RH-Acked-by: Yonit Halperin RH-Acked-by: Izik Eidus This patch adds tls-channel and plaintext-channel options to the qemu -spice command line argument. The options can be specified multiple times to configure multiple channels, like this: -spice port=1234,tls-port=5678,tls-channel=main,tls-channel=inputs bugzilla: #574225 -- spice: add config options Signed-off-by: Gerd Hoffmann --- spice.c | 40 ++++++++++++++++++++++++++++++++++++++++ 1 files changed, 40 insertions(+), 0 deletions(-) Signed-off-by: Eduardo Habkost --- spice.c | 40 ++++++++++++++++++++++++++++++++++++++++ 1 files changed, 40 insertions(+), 0 deletions(-) diff --git a/spice.c b/spice.c index 256fa46..5b2bfee 100644 --- a/spice.c +++ b/spice.c @@ -115,6 +115,19 @@ static const char *compression_names[] = { #define parse_compression(_name) \ name2enum(_name, compression_names, ARRAY_SIZE(compression_names)) +static const char *channel_names[] = { + [ SPICE_CHANNEL_MAIN ] = "main", + [ SPICE_CHANNEL_DISPLAY ] = "display", + [ SPICE_CHANNEL_INPUTS ] = "inputs", + [ SPICE_CHANNEL_CURSOR ] = "cursor", + [ SPICE_CHANNEL_PLAYBACK ] = "playback", + [ SPICE_CHANNEL_RECORD ] = "record", + [ SPICE_CHANNEL_TUNNEL ] = "tunnel", + [ SPICE_CHANNEL_ALL ] = "all", +}; +#define parse_channel(_name) \ + name2enum(_name, channel_names, ARRAY_SIZE(channel_names)) + /* functions for the rest of qemu */ QemuOptsList qemu_spice_opts = { @@ -146,6 +159,12 @@ QemuOptsList qemu_spice_opts = { .name = "image-compression", /* old: ic */ .type = QEMU_OPT_STRING, },{ + .name = "tls-channel", + .type = QEMU_OPT_STRING, + },{ + .name = "plaintext-channel", + .type = QEMU_OPT_STRING, + },{ .name = "x509-dir", .type = QEMU_OPT_STRING, },{ @@ -222,6 +241,26 @@ void mon_set_password(Monitor *mon, const QDict *qdict, QObject **ret_data) } } +static int add_channel(const char *name, const char *value, void *opaque) +{ + spice_channel_t channel; + int security = 0; + + if (strcmp(name, "tls-channel") == 0) + security = SPICE_CHANNEL_SECURITY_SSL; + if (strcmp(name, "plaintext-channel") == 0) + security = SPICE_CHANNEL_SECURITY_NON; + if (security == 0) + return 0; + channel = parse_channel(value); + if (channel == -1) { + fprintf(stderr, "spice: failed to parse channel: %s\n", value); + exit(1); + } + spice_server_set_channel_security(s, channel, security); + return 0; +} + void qemu_spice_init(void) { QemuOpts *opts = QTAILQ_FIRST(&qemu_spice_opts.head); @@ -316,6 +355,7 @@ void qemu_spice_init(void) spice_server_set_noauth(s); spice_server_set_image_compression(s, compression); + qemu_opt_foreach(opts, add_channel, NULL, 0); spice_server_init(s, &core_interface); using_spice = 1; -- 1.6.3.rc4.29.g8146