On Tue, Mar 8, 2011 at 10:48 AM, Mads Kiilerich <m...@kiilerich.com> wrote:
> On 03/08/2011 04:30 PM, Marc-André Moreau wrote:
>
>> I have a suggestion regarding certificate validation:
>>
>> Looking at mstsc.exe, it appears to me that the certificate validation
>> is delegated to a module dedicated just to that. If we let the UI handle
>> it with a callback, maybe we could provide the UI with a library that
>> can handle it? This way, for instance, a system with both xfreerdp and
>> dfbfreerdp wouldn't need to have separate certificate validation.
>> Information could be stored in ~/.freerdp
>>
>
> We have to be wire-compatible with MS, but I'm not sure how much we should
> learn from MS when it comes to architecture.
>
Agreed, the MS architecture only gives ideas, it's not something we need to
stick to
>
> However, except for "is the certificate valid with regard to these CAs"
> question (which should be answered by the crypto library that already is
> encapsulated in libfreerdp) there isn't much code that could be reused. It
> is mostly policy and user interfacing, and that is closely related to how
> the GUI choose to do it.
>
How do you plan on handling "is the certificate valid with regard to these
CAs", if we delegate the call to the UI? Will the UI use another function
call in libfreerdp to check if a certificate is valid? The user will only
get a question if the certificate cannot be validated automatically, such as
it is the case with a self-signed certificate.
>
> I also don't think it would make much sense if for example remmina looked
> in .freerdp. It should use its own configuration and UI.
>
Remmina has its own stuff to deal with, that wouln't need to be put there.
However, we could handle FreeRDP-specific information there, stuff that is
common to all UIs.
>
> When it comes to FreeRDPs own simple UIs I think they should be built from
> the same source with a sufficient number of compile options, and branded as
> freerdp on all platforms. Exactly just like for example firefox is firefox
> on all platforms even though it differs and is platform specific in some
> points. That way they will all share the same command line options and
> configuration file parsers and so on - and they would all use ~/.freerdp.
>
The main difference is that Firefox will normally be available under one
port per platform, not multiple "ports" per platform like what we have. Both
X11 and DirectFB UIs run on Linux, so how do we make the distinction?
>
> /Mads
>
------------------------------------------------------------------------------
What You Don't Know About Data Connectivity CAN Hurt You
This paper provides an overview of data connectivity, details
its effect on application quality, and explores various alternative
solutions. http://p.sf.net/sfu/progress-d2d
_______________________________________________
Freerdp-devel mailing list
Freerdp-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freerdp-devel
