On 12/14/2009 05:10 PM, Daniel P. Berrange wrote:
The model I had in mind was for the proxy to define a VNC extension that allows the client to query what 'desktops' are available and request switching between them at any time. The list of desktop would of course be authorized per client, and strong authentication is a must for this. Any time a switch was made, the RFB protocol would return to the 'ServerInit' state. The idea is that you should not assume a homogenous environment, and you really don't want to fall down to the lowest common denominator of extensions, nor have the proxy doing re-encoding on the FB data updates. Returning to the ServerInit state allowing the client to re-negotiate the set of encodings for the new desktop, and so the proxy can be fairly stateless and while needing to understand the wire protocol, it can just pass through the actual FB update data unchanged. The combo of the an extension for switching desktops on the fly and the encryption state problem doesn't really seem to fit with passing the VNC FD over with SCM_RIGHTS.
You can still implement this with SCM_RIGHTS. Authenticate, select guest, drop tls, pass fd to qemu, authenticate, hack hack hack, drop tls, pass fd back to proxy, goto 10.
-- error compiling committee.c: too many arguments to function
