On Wed, Jul 5, 2023 at 10:58 AM Christian Tuchschmid < [email protected]> wrote:
> *What we want to achieve* > > Among the VNC, RDP and SSH protocol for the remote desktop side we need > the HTTPS protocol too. Aim is to archive recordings of a HTTPS > stream/connection. > That's noble :-). Just kidding. This does come up periodically, and, while there has been at least one attempt at it, nothing durable has come out of it. > *Implementation steps to achieve the new HTTPS protocol* > > - Create a new https protocol plugin as described in Adding new > protocols — Apache Guacamole > <https://guacamole.apache.org/doc/gug/custom-protocols.html> > - Implement the necessary logic to handle websites. This may include > establishing secure connections, handling encryption, and sending/receiving > data over HTTPS/WS > - what is the right approach to render the https stream into a > website? > - Does a library like CEF (chromium ebedded framework) e.g. exist > to achieve this? Any better ideas than that? > > Yes, because the Guacamole protocol translates things into a combination of commands, images, mouse movements/clicks, and keystrokes, the new protocol implementation would likely need to do the same, having guacd use a library like Selenium to render the web page into images that can be sent along to Guacamole client, which will display those to the user, and then accept mouse/keyboard inputs that would result in forms being filled in, links clicked, etc. Honestly, to me, the "better" idea is just to host a remote browser inside a VNC or RDP session and _not_ implement HTTPS as a Guacamole protocol, but that seems to be unacceptable to a lot of folks who want this functionality, so I seem to be losing that battle :-). > > - > - Utilize the functions provided by libguac to interact with the > Guacamole protocol. These functions send instructions, handle user input, > and manage the communication between the web application and guac > - are there any examples of what needs to be handled in minimum to > retrieve the https stream? > > No, not really - like I said, I think some basic work was done on this, but I don't know if anything really serious, and so I think you'll have to start pretty much from scratch. > > - > > *Validation questions:* > > - Are the listed implementation steps correct? If not, what would be > the right path? > > At a high level, yes, the steps are correct, but there are many more details in there that need to be filled in. > > - > - Is the assumption correct, that we “only” need to create the https > protocol plugin that will interact with the guacamole protocol and the > entire history storage process out of the new https protocol is done > through the guacamole protocol itself? > > Ehhhh...mostly. I'm not sure it's quite as easy as that. First, it depends on what you mean by "history storage process" - do you mean, the process of storing details about who connected to what and when? This is handled by Guacamole Client, not by guacd. Do you mean the process of recording the data sent between Guacamole Client and guacd? This is handled by guacd, with some hooks within each of the protocols into the process of starting/stopping recordings, what type of recordings are made, etc. Also, there are a few steps on the client side to add the basics for the protocol - what parameters are valid, etc. > > - > - Has this already been done by someone? > > There was a PR a few weeks ago, but it got closed. Not sure why. https://github.com/apache/guacamole-server/pull/430 > > - > - What would be the estimated effort to achive this? > > I may not be the best-qualified person to answer this, but I'd say substantial. I can't really put a number/value on it. > > - > - Are there any possibilities to contribute, share the work to have > this https protocol in the core product of guacamole? > > Sure, if you're considering working on it, it would be really helpful if you'd fork the Guacamole code and work to contribute it back to the project. You are certainly not the first one to ask for this protocol, and I think many other people would be glad to have it. The process of contributing code is documented on our website: https://guacamole.apache.org/open-source/ -Nick >
