Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration

From:	Gerd Hoffmann
Subject:	Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration
Date:	Tue, 17 Mar 2015 11:54:33 +0100

On Di, 2015-03-17 at 10:33 +0000, Daniel P. Berrange wrote:
> On Tue, Mar 17, 2015 at 08:36:40AM +0100, Gerd Hoffmann wrote:
> >   Hi,
> > 
> > >  - Separate VNC auth scheme is tracked for websockets server,
> > >    since it makes no sense to try to use VeNCrypt over a TLS
> > >    enabled websockets connection.
> > 
> > Hmm.  That is a problem for the QAPI, the auth scheme is linked to the
> > vnc server not the socket.
> 
> It seems straightforward enough to just do this:
> 
> diff --git a/qapi-schema.json b/qapi-schema.json
> index d7c3eec..3362956 100644
> --- a/qapi-schema.json
> +++ b/qapi-schema.json
> @@ -808,6 +808,7 @@
>              'clients'   : ['VncClientInfo'],
>              'auth'      : 'VncPrimaryAuth',
>              '*vencrypt' : 'VncVencryptSubAuth',
> +            '*ws-auth'  : 'VncPrimaryAuth',
>              '*display'  : 'str' } }
> 
> And document that 'ws-auth' is used if server->websocket == true

When doing it this way we probably want add '*ws-tls' : 'bool' too.

I'm fine either way (adding both or -- given the fixed scheme mapping we
have -- none).  Pick whatever suits libvirt best.

cheers,
  Gerd

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 0/3] Misc fixes for VNC, Daniel P. Berrange, 2015/03/16
- [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration, Daniel P. Berrange, 2015/03/16
  - Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration, Alex Bennée, 2015/03/16
    - Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration, Daniel P. Berrange, 2015/03/16
    - Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration, Daniel P. Berrange, 2015/03/17
  - Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration, Gerd Hoffmann, 2015/03/17
    - Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration, Daniel P. Berrange, 2015/03/17
    - Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration, Gerd Hoffmann, 2015/03/17
    - Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration, Daniel P. Berrange, 2015/03/17
    - Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration, Daniel P. Berrange, 2015/03/17
    - Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration, Gerd Hoffmann <=
- [Qemu-devel] [PATCH 2/3] ui: replace printf() calls with VNC_DEBUG, Daniel P. Berrange, 2015/03/16
  - Re: [Qemu-devel] [PATCH 2/3] ui: replace printf() calls with VNC_DEBUG, Alex Bennée, 2015/03/16
- [Qemu-devel] [PATCH 1/3] ui: remove unused 'wiremode' variable in VncState struct, Daniel P. Berrange, 2015/03/16
  - Re: [Qemu-devel] [PATCH 1/3] ui: remove unused 'wiremode' variable in VncState struct, Alex Bennée, 2015/03/16

Prev by Date: Re: [Qemu-devel] [RFC v0 PATCH] cpus: Convert cpu_index into a bitmap
Next by Date: Re: [Qemu-devel] [2.4 PATCH] target-mips: add Config5.FRE support allowing Status.FR=0 emulation
Previous by thread: Re: [Qemu-devel] [PATCH 3/3] ui: fix VNC websockets TLS integration
Next by thread: [Qemu-devel] [PATCH 2/3] ui: replace printf() calls with VNC_DEBUG
Index(es):
- Date
- Thread