Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (

From:	Anthony Liguori
Subject:	Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 4)
Date:	Fri, 06 Mar 2009 14:30:06 -0600
User-agent:	Thunderbird 2.0.0.19 (X11/20090105)

Daniel P. Berrange wrote:

Previously I provided patches for QEMU's VNC server to support SSL/TLS
and x509 certificates. This provides good encryption capabilities for
the VNC session. It doesn't really address the authentication problem
though.

I have been working to  create a new authentication type in the RFB
protocol to address this need in a generic, extendable way, by mapping
the SASL API into the RFB protocol. Since SASL is a generic plugin
based API, this will allow use of a huge range of auth mechanims over
VNC, without us having to add any more auth code. For example, PAM,
Digest-MD5, GSSAPI/Kerberos, One-time key/password, LDAP password
lookup, SQL db password lookup, and more.

I have got a VNC auth type assigned by the RFB spec maintainers:

  http://realvnc.com/pipermail/vnc-list/2008-December/059463.html


Applied 1-8.  I'd like to wait on 9.

There was a lot of rejects because of Jan's series. I fixed these up.I also added another patch that fixed the tabs introduced by your series.


You want to add:

               (indent-tabs-mode . nil)

To your emacs bits.

Regards,

Anthony Liguori

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] PATCH: 1/9: Fix bug in TLS authentication, (continued)
- Re: [Qemu-devel] PATCH: 1/9: Fix bug in TLS authentication, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 2/9: Enhance 'info vnc' monitor output, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 3/9: Refactor keymap code to avoid duplication, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 4/9: Move VNC structs into header file, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 5/9: Move TLS auth into separate file, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 6/9: Add SASL authentication support, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 7/9: Include auth credentials in 'info vnc', Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 8/9: Support ACLs for controlling VNC access, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 9/9: Persist ACLs in external files, Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 4), Daniel P. Berrange, 2009/03/02
- Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 4), Anthony Liguori <=
  - Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 4), Daniel P. Berrange, 2009/03/09

Prev by Date: [Qemu-devel] [6727] Remove tabs introduced from VNC ACL series
Next by Date: Re: [Qemu-devel] [PATCH] Add and use remaining #defines for PCI device IDs
Previous by thread: Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 4)
Next by thread: Re: [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 4)
Index(es):
- Date
- Thread