From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:34275) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Takv6-0002xR-Rc for qemu-devel@nongnu.org; Tue, 20 Nov 2012 05:19:13 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Takv0-0006zq-Lw for qemu-devel@nongnu.org; Tue, 20 Nov 2012 05:19:08 -0500 Received: from cantor2.suse.de ([195.135.220.15]:40920 helo=mx2.suse.de) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Takv0-0006zh-Br for qemu-devel@nongnu.org; Tue, 20 Nov 2012 05:19:02 -0500 Message-ID: <50AB590F.90203@suse.de> Date: Tue, 20 Nov 2012 11:18:55 +0100 From: Tim Hardeck MIME-Version: 1.0 References: <1353403318-2877-1-git-send-email-thardeck@suse.de> <20121120094734.GD3461@redhat.com> In-Reply-To: <20121120094734.GD3461@redhat.com> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigC305B48EED99AA3470184B71" Subject: Re: [Qemu-devel] [PATCH v2] vnc: added initial websockets support List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" Cc: aliguori@us.ibm.com, stefanha@gmail.com, github@martintribe.org, qemu-devel@nongnu.org, alevy@redhat.com, kraxel@redhat.com, corentin.chary@gmail.com This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigC305B48EED99AA3470184B71 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 11/20/2012 10:47 AM, Daniel P. Berrange wrote: > On Tue, Nov 20, 2012 at 10:21:58AM +0100, Tim Hardeck wrote: >> This patch adds basic Websockets version 13 - RFC 6455 - support to QE= MU >> VNC. Binary encoding support on the client side is required. >> >> Because of the GnuTLS requirement the Websockets implementation is >> optional (--enable-vnc-ws). >> >> To activate Websockets during runtime the VNC option "websocket" is >> used, for example "-vnc :0,websocket" would activate Websockets. >> The port for Websockets connections is (5700 + display) so if QEMU VNC= >> is started with :0 the websockets port would be 5700. >=20 > We need to be able to specify an explicit port number for the websocket= s > listen address, separately from the main VNC port number. This automati= c > pick of websockets port might be nice for a user starting QEMU manually= , > but for management apps we need full direct control. Ok, this should be no problem to add something like websocket=3D bu= t I just thought that a correlation between the vnc and websocket port would be quite useful especially when several QEMU instances are run on one machine. Would it be Ok to keep the correlation if no port is specified? I am going to add the websocket port option after some more feedback. >> Changes to v1 >> * removed automatic websocket recognition >> * added new lwebsock socket on port 5700 + display when the vnc option= >> "websocket" is passed on >> * adapted vnc_connect vnc_listen_read to differ between websocket >> * added separate event handler to read the Websocket handshake >> >> Would it be Ok to use a public domain SHA1 implementation like >> tests/tcg/sha1.c and if so where should the sha1.c be stored? >> Without the GnuTLS dependency would it be Ok to make Websockets not >> optional because this would clean up the patch/code quite a bit? >=20 > IMHO using gcrypt/GNUTLS is a good thing. Creating our own copies of > encryption algorithms in source tree causes significant complications > getting QEMU security certified. GNUTLS is a common enough crypto > library that I don't think it is unreasonably onerous to expect it to > be used for WebSockets. It even works fine on Windows. That's one of the reasons why I have used GnuTLS but it is quite a huge dependency for just one algorithm and the many ifdefs don't really help the code quality. Regards Tim --=20 SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imend=C3=B6rffer, HRB 16746 (AG N=C3=BCrnberg) Maxfeldstr. 5, 90409 N=C3=BCrnberg, Germany T: +49 (0) 911 74053-0 F: +49 (0) 911 74053-483 http://www.suse.de/ --------------enigC305B48EED99AA3470184B71 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iQEcBAEBAgAGBQJQq1kSAAoJENur/L6EMd67lG0H/RTmjuWAk1BVbIymOIkHbMbR dBiXMKiJGMD0i721jt2sZ/z2nGILSVhrIP6RyN1YEM+va5EwyF7UpQnkvts0B1kY iDzYnxUuAuPG5TRoUIB8MiSH371L2/ANFO7oLL6+f0/m7qjLOhqkx59M++HWlb1I 0yLK7qKlZz/8kdXaw1fmzjEBZ8plDI4KdFHSnxPxHhQdB62qc+J3qxTHaVjKtOYZ Irs9Flk/jF3Ou3oIPUbgqFsY41QWKjMYghWVoNZIdEVjmjx6TJsqKbd5ricbd0R2 EWV38PwhHCuFbuiRxioAuoWyAVIUGNMai8PpklX0gHoYrr41RTaU18njoyWYh9A= =p9aj -----END PGP SIGNATURE----- --------------enigC305B48EED99AA3470184B71--