From nobody Mon Feb 9 07:22:37 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=philmd@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=philmd@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1623775702; cv=none; d=zohomail.com; s=zohoarc; b=ijsfweBeiuCUe6jikafIJUYac4/W7r4f9quLLi0G21nqguy5xTJaTkqUvKJfbXVAjc5JZe38OM5DmifHpyxXukSq10bLf+j83t46nZyH9qsNQIw8bKiQFE0OtGxar6kTTJ4Na2UaP1I5KDuJzY0Uiix8kf1nBYda1Z3zXDq68SY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1623775702; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=rBGmlWWdNqhJONAA1i8jAn+bT/MVszHhvaHYRQx6bnU=; b=TqGZtIXXDoEA6xlVJPt7TFQ+SOxIhYZYWFRoXRc6Qxw6umOHVLnbxvlMwHqLuOnHrCOn8sJ1WHOpOsgY2bIVYyrj0KGFaq3Aordu1tTo5Jp/GYxgZRyofpRm0jGbOklmqxl58FoytdtnxDM9c8IgAub8XEuCAsMyrsWUGXYqVus= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=philmd@redhat.com; dmarc=pass header.from= (p=none dis=none) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1623775702488484.41015779841246; Tue, 15 Jun 2021 09:48:22 -0700 (PDT) Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-240-3dUfTFOjOlW8ezSG75GjRw-1; Tue, 15 Jun 2021 12:48:19 -0400 Received: by mail-wr1-f70.google.com with SMTP id s8-20020adff8080000b0290114e1eeb8c6so8853296wrp.23 for ; Tue, 15 Jun 2021 09:48:19 -0700 (PDT) Return-Path: Return-Path: Received: from x1w.. (93.red-83-35-24.dynamicip.rima-tde.net. [83.35.24.93]) by smtp.gmail.com with ESMTPSA id o3sm2880918wrj.94.2021.06.15.09.48.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Jun 2021 09:48:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1623775701; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rBGmlWWdNqhJONAA1i8jAn+bT/MVszHhvaHYRQx6bnU=; b=hNGAHwMJ2W3NymYqT6GSNbWr+DgmAlkj26sx80rXs7AzfhIXKO0bkZEpy1fFD5eQrvm3ee LFSxWxQZZM0Uc8fppWLydPweD+skvUqpniqdcLQRE8q1N1yqVpN4MSobjQ++ZFWJPtkH9c cHJMURTCQJ50EP0rmQtTNUYavK6QWfk= X-MC-Unique: 3dUfTFOjOlW8ezSG75GjRw-1 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=rBGmlWWdNqhJONAA1i8jAn+bT/MVszHhvaHYRQx6bnU=; b=PQkOJwd8cmghnPjSo2/5pGqKjkBm9QFF6t2C44p7tQ084/sKGp93rYfzEPvBZR88/F pOI1bKBp+lxjndkSmFmdBgoZoTI6Znkn/eWu/Ob2iKKb/nGYYI1TX5DqvBSel4iTvSVU 6YbTkydjrRW05tBg7KqMOQlsaZA0DBhZEVtIh2LgPLiREqjaEQPQM+/emHTyvwrXCDDW 18V0V2RyD4WchNajgkKSxmB+XlSARp/QcYIPLh2E8WjF81fdSA7JSgznCtIj8YG3VHhO iWmhqAR/cTn/cif8Xny/nd7NqNGtl2KB5rVVVXSBPVbE9ooPZt5syxdbhA8UXnKljxVl 19Tg== X-Gm-Message-State: AOAM5300SitkE4hkPe/l6LwdnCSLp0SYrvSi1Sz8KBrkYw1NcDoS5buP Gfr+p2SuBrF67gp283fTwsGlY76dSY02znflvRxLu0vrpJOv5IPW0YtN4Q4xDDOaOtnUaUIf1vr ViVmfwHxfE1JgDQ== X-Received: by 2002:a5d:538c:: with SMTP id d12mr49271wrv.116.1623775698557; Tue, 15 Jun 2021 09:48:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw3fYDqB5MDpICipwQfOhKPhpClDR68jW5F0WKbZk10AQuFIng7zwCpSskVFgW//sQ+U1ov3g== X-Received: by 2002:a5d:538c:: with SMTP id d12mr49253wrv.116.1623775698451; Tue, 15 Jun 2021 09:48:18 -0700 (PDT) From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= To: qemu-devel@nongnu.org Cc: qemu-block@nongnu.org, =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , Leonardo Bras , Lukas Straub , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Subject: [PATCH v2 6/7] ui/vnc: Use qcrypto_tls_session_check_role() Date: Tue, 15 Jun 2021 18:47:50 +0200 Message-Id: <20210615164751.2192807-7-philmd@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210615164751.2192807-1-philmd@redhat.com> References: <20210615164751.2192807-1-philmd@redhat.com> MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=philmd@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Avoid accessing QCryptoTLSCreds internals by using the qcrypto_tls_session_check_role() helper. Signed-off-by: Philippe Mathieu-Daud=C3=A9 --- ui/vnc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ui/vnc.c b/ui/vnc.c index b3d4d7b9a5f..ad68f9b639f 100644 --- a/ui/vnc.c +++ b/ui/vnc.c @@ -4080,7 +4080,8 @@ void vnc_display_open(const char *id, Error **errp) } object_ref(OBJECT(vd->tlscreds)); =20 - if (vd->tlscreds->endpoint !=3D QCRYPTO_TLS_CREDS_ENDPOINT_SERVER)= { + if (!qcrypto_tls_session_check_role(vd->tlscreds, + QCRYPTO_TLS_CREDS_ENDPOINT_SER= VER)) { error_setg(errp, "Expecting TLS credentials with a server endpoint"); goto fail; --=20 2.31.1