debian/patches/old/spice-use-pve-certs.patch

   1 Index: new/ui/spice-core.c
   2 ===================================================================
   3 --- new.orig/ui/spice-core.c    2014-11-20 07:26:43.000000000 +0100
   4 +++ new/ui/spice-core.c 2014-11-20 07:33:22.000000000 +0100
   5 @@ -682,32 +682,35 @@
   6
   7      if (tls_port) {
   8          x509_dir = qemu_opt_get(opts, "x509-dir");
   9 -        if (!x509_dir) {
  10 -            x509_dir = ".";
  11 -        }
  12
  13          str = qemu_opt_get(opts, "x509-key-file");
  14          if (str) {
  15              x509_key_file = g_strdup(str);
  16 -        } else {
  17 +        } else if (x509_dir) {
  18              x509_key_file = g_strdup_printf("%s/%s", x509_dir,
  19                                              X509_SERVER_KEY_FILE);
  20 +        } else {
  21 +            x509_key_file = g_strdup("/etc/pve/local/pve-ssl.key");
  22          }
  23
  24          str = qemu_opt_get(opts, "x509-cert-file");
  25          if (str) {
  26              x509_cert_file = g_strdup(str);
  27 -        } else {
  28 +        } else if (x509_dir) {
  29              x509_cert_file = g_strdup_printf("%s/%s", x509_dir,
  30                                               X509_SERVER_CERT_FILE);
  31 +        } else {
  32 +            x509_cert_file = g_strdup("/etc/pve/local/pve-ssl.pem");
  33          }
  34
  35          str = qemu_opt_get(opts, "x509-cacert-file");
  36          if (str) {
  37              x509_cacert_file = g_strdup(str);
  38 -        } else {
  39 +        } else if (x509_dir) {
  40              x509_cacert_file = g_strdup_printf("%s/%s", x509_dir,
  41                                                 X509_CA_CERT_FILE);
  42 +        } else {
  43 +            x509_cacert_file = g_strdup("/etc/pve/pve-root-ca.pem");
  44          }
  45
  46          x509_key_password = qemu_opt_get(opts, "x509-key-password");