From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:46123)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1bAHpB-0007eD-Mf
	for qemu-devel@nongnu.org; Tue, 07 Jun 2016 10:17:49 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1bAHp8-0004mz-Hz
	for qemu-devel@nongnu.org; Tue, 07 Jun 2016 10:17:45 -0400
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue,  7 Jun 2016 15:17:33 +0100
Message-Id: <1465309053-5784-1-git-send-email-berrange@redhat.com>
Subject: [Qemu-devel] [PATCH STABLE 2.5] vnc: fix VNC websockets TLS
 handshake
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Ben Aitchison <ben@meh.net.nz>, qemu-stable@nongnu.org, Gerd Hoffmann <kraxel@redhat.com>, "Daniel P. Berrange" <berrange@redhat.com>

If the VNC websockets TLS handshake blocked, we register a
callback to continue it after the socket signals data is
available. Unfortunately we were mistakenly registering
the wrong method callback, causing us to restart the TLS
handshake from the begining, which obviously fails.

Reported-by: Ben Aitchison <ben@meh.net.nz>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
 ui/vnc-ws.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

NB this is a stable-2.5 only patch, with no equiv in master
since the code was totally refactored in 2.6

diff --git a/ui/vnc-ws.c b/ui/vnc-ws.c
index 175ea50..a8cf180 100644
--- a/ui/vnc-ws.c
+++ b/ui/vnc-ws.c
@@ -22,8 +22,9 @@
 #include "qemu/main-loop.h"
 #include "crypto/hash.h"
 
-static int vncws_start_tls_handshake(VncState *vs)
+static void vncws_run_tls_handshake(void *opaque)
 {
+    VncState *vs = (VncState *)opaque;
     Error *err = NULL;
 
     if (qcrypto_tls_session_handshake(vs->tls, &err) < 0) {
@@ -42,22 +43,21 @@ static int vncws_start_tls_handshake(VncState *vs)
 
     case QCRYPTO_TLS_HANDSHAKE_RECVING:
         VNC_DEBUG("Handshake interrupted (blocking read)\n");
-        qemu_set_fd_handler(vs->csock, vncws_tls_handshake_io, NULL, vs);
+        qemu_set_fd_handler(vs->csock, vncws_run_tls_handshake, NULL, vs);
         break;
 
     case QCRYPTO_TLS_HANDSHAKE_SENDING:
         VNC_DEBUG("Handshake interrupted (blocking write)\n");
-        qemu_set_fd_handler(vs->csock, NULL, vncws_tls_handshake_io, vs);
+        qemu_set_fd_handler(vs->csock, NULL, vncws_run_tls_handshake, vs);
         break;
     }
 
-    return 0;
+    return;
 
  error:
     VNC_DEBUG("Handshake failed %s\n", error_get_pretty(err));
     error_free(err);
     vnc_client_error(vs);
-    return -1;
 }
 
 void vncws_tls_handshake_io(void *opaque)
@@ -84,7 +84,7 @@ void vncws_tls_handshake_io(void *opaque)
                                       vs);
 
     VNC_DEBUG("Start TLS WS handshake process\n");
-    vncws_start_tls_handshake(vs);
+    vncws_run_tls_handshake(vs);
 }
 
 void vncws_handshake_read(void *opaque)
-- 
2.5.5