Hi, after quick look and user's perspective, Did you specify --host-subject on the client side? It would give you an error If you do not.
----- Original Message ----- > From: [email protected] > To: [email protected] > Sent: Tuesday, June 21, 2011 12:50:04 PM > Subject: [Spice-devel] Spice-Client Windows + SSL Bug+fix ? > Hi, > I tried to use SSL with the Windowsclient. > > When I use the old one (from > http://spice-space.org/download/binaries/spice-client-win32-0.6.3.zip): > > 1308268882 INFO [11344:8892] Platform::set_clipboard_owner: new > clipboard > owner: none > 1308268882 INFO [11344:8892] PlatformWinProc: Unsupported clipboard > format > 1308268882 INFO [11344:8892] Application::main: starting 0.5.0.0 > 1308268882 INFO [11344:8892] GUI::GUI: > 1308268883 INFO [11344:8892] ForeignMenu::ForeignMenu: Creating a > foreign > menu connection SpiceForeignMenu-11344 > 1308268883 INFO [11344:10072] RedPeer::connect_unsecure: Trying > 192.169.0.5 5924 > 1308268883 INFO [11344:10072] RedPeer::connect_unsecure: Connected to > 192.169.0.5 5924 > 1308268884 WARN [11344:10072] RedPeer::connect_secure: failed to > connect > w/SSL, ssl_error error:00000001:lib(0):func(0):reason(1) > 1308268884 WARN [11344:10072] RedChannel::run: SSL Error: > 1308268884 INFO [11344:8892] WinMain: Spice client terminated > (exitcode = 7) > > in the spicec.log. > > The Server says: > reds_handle_ssl_accept: SSL_accept failed, error=1 > > So I tried to compile it by myself. > Spice 0.8.1 won't compile but the current master branch. > > Debug spicec.exe gives me an Assertion Runtimeerror: > "vector subscript out of range". > > Server says on that: > reds_handle_ssl_accept: SSL_accept failed, error=5 > > The Runtimeerror is triggered inside the Methode "connect_secure" of > the > class "RedPeer". > Concretely Line 184 fw. > "verify = spice_openssl_verify_new( > _ssl, auth_flags, > host, > (char*)&options.host_auth.host_pubkey[0], > options.host_auth.host_pubkey.size(), > options.host_auth.host_subject.c_str());" > seems to be the Problem. > Changing Line 187 to > "(char*)&options.host_auth.host_pubkey" fixes that Problem and I can > run > the Client with SSL. > > Btw. the variable vertify is never used (expect of freeing it) and > options.host_auth.host_pubkey is empty/NULL, shouldn't it contain the > data > from spice_truststore.pem)? > > Greetings > Thomas Tyminski > Berlin , Germany > > ================= > P.S: > If you already received this E-Mail, I am sorry for that. > > _______________________________________________ > Spice-devel mailing list > [email protected] > http://lists.freedesktop.org/mailman/listinfo/spice-devel _______________________________________________ Spice-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/spice-devel
