On Thu, 21 Dec 2017 10:54:33 +0000
"Daniel P. Berrange" <berra...@redhat.com> wrote:
> Even if common tn3270 implementations do not support TLS, it is trivial to
> have them proxied over a proxy like stunnel which adds TLS at the sockets
> layer. We should thus not silently skip tn3270 protocol initialization
> when TLS is enabled.
>
> Signed-off-by: Daniel P. Berrange <berra...@redhat.com>
> ---
> chardev/char-socket.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/chardev/char-socket.c b/chardev/char-socket.c
> index 53eda8ef00..6013972f72 100644
> --- a/chardev/char-socket.c
> +++ b/chardev/char-socket.c
> @@ -623,8 +623,7 @@ static void tcp_chr_tls_handshake(QIOTask *task,
> if (qio_task_propagate_error(task, NULL)) {
> tcp_chr_disconnect(chr);
> } else {
> - /* tn3270 does not support TLS yet */
> - if (s->do_telnetopt && !s->is_tn3270) {
> + if (s->do_telnetopt) {
> tcp_chr_telnet_init(chr);
> } else {
> tcp_chr_connect(chr);
With this patch applied, attaching an additional 3270 tty still works
for me as before.
I have no idea how to try this out with TLS, though. Would you be able
to run a sanity check? (The instructions in
https://wiki.qemu.org/Features/3270 work fine with a tcg s390x guest.)
I don't really expect problems, but I'm not too familiar with the QEMU
telnet code.
