|
| From: | Anthony Liguori |
| Subject: | Re: [Qemu-devel] Re: Spice project is now open |
| Date: | Mon, 14 Dec 2009 10:15:25 -0600 |
| User-agent: | Thunderbird 2.0.0.23 (X11/20090825) |
Avi Kivity wrote:
You can still implement this with SCM_RIGHTS. Authenticate, select guest, drop tls, pass fd to qemu, authenticate, hack hack hack, drop tls, pass fd back to proxy, goto 10.
Here's how I'd envision this working. Start qemu with: qemu -vnc proxy:/path/to/unix/domain/socketWe connect to /path/to/unix/domain/socket and wait to recv file descriptors after telling the server it's name and what protocol version it supports. We treat each received file descriptor as a new connection. We use do full protocol with no specific authentication.
The server runs and opens /path/to/unix/domain/socket. Whenever a client connects to the server socket, it does protocol negotiation using the least common denominator of protocol versions given it. We use a protocol extension to list and negotiate which client to connect to. Once that's been established, we send a socketpair() over the appropriate domain socket, and do appropriate negotiation to get us up to the ServerInit stage. We use a combination of DesktopResize and WMVi in the server to get the client at the appropriate state to match the ServerInit.
We then (in the server) blindly proxy any data from the qemu instance to the client (encrypting it if necessary).
We won't need to reencode any traffic in this model and it's pretty reasonable from a UI perspective. In fact, if we use a helper, we can probably have an even better command line for qemu.
Regards, Anthony Liguori
| [Prev in Thread] | Current Thread | [Next in Thread] |