[virt-tools-list] [PATCH virt-viewer v2] remote-viewer: Prefer ca-cert from display instead of proxy

[Eduardo Lima (Etrunko)]

Since oVirt engine version 4.3.2.1, the API returns certificate data for
display connection in the VM XML, so users do not need to specify it
from the command line anymore. The certificate obtained from the XML
gets precedence over the one from the command line, which is still kept
to keep compatibility of older versions of oVirt.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1402909

Signed-off-by: Eduardo Lima (Etrunko) <etrunko at redhat.com>
---
 src/remote-viewer.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/remote-viewer.c b/src/remote-viewer.c
index 8eaa72e..2450096 100644
--- a/src/remote-viewer.c
+++ b/src/remote-viewer.c
@@ -540,7 +540,8 @@ create_ovirt_session(VirtViewerApp *app, const char *uri, GError **err)
 #ifdef HAVE_SPICE_GTK
     if (type == OVIRT_VM_DISPLAY_SPICE) {
         SpiceSession *session;
-        GByteArray *ca_cert;
+        GByteArray *ca_cert = NULL;
+        const char *from = "display";
 
         session = remote_viewer_get_spice_session(REMOTE_VIEWER(app));
         g_object_set(G_OBJECT(session),
@@ -548,12 +549,19 @@ create_ovirt_session(VirtViewerApp *app, const char *uri, GError **err)
                      "cert-subject", host_subject,
                      "proxy", proxy_url,
                      NULL);
-        g_object_get(G_OBJECT(proxy), "ca-cert", &ca_cert, NULL);
+
+        g_object_get(G_OBJECT(display), "ca-cert", &ca_cert, NULL);
+        if (ca_cert == NULL) {
+            g_object_get(G_OBJECT(proxy), "ca-cert", &ca_cert, NULL);
+            from = "proxy";
+        }
+
         if (ca_cert != NULL) {
             g_object_set(G_OBJECT(session),
                     "ca", ca_cert,
                     NULL);
             g_byte_array_unref(ca_cert);
+            g_debug("Using ca-cert from %s", from);
         }
     }
 #endif
-- 
2.21.0