As my patches are stalled in the moderator queue, I'm resending the rest of my mail.
If somebody wants them, please send me a private mail and I will bounce him my originial mail. On Fri, Mar 19, 2010 at 04:37:09PM +0100, Adam Tkac wrote: > 1. Encryption support > - we can port gnutls-based patches proposed by Martin Koegler > > In my opinion we should try to include encryption support > (https://www.auto.tuwien.ac.at/~mkoegler/index.php/tlsvnc) because > many people would like to have it there. I'm going to start on this > task. Which VNC protocol extension do you want? * The vencrypt protocol did create a chooser security type. For each possible combination of authentification and security type, it offered a security type. So the struture would be: - basic security types: None (no authentification/no tunnel) VncAuth (VNC authentification) TLS (TLS Tunnel with anonymous DH handshake) X509 (TLS Tunnel with X509 server certificate) - For complex types (tunnel+authentification), it contains a stack module, which creates: TLSVnc X509Vnc - SecurityTypeVenCrypt is added automaticially to the list. If client and server support it, all security types can be used, else only None and VncAuth * The tightvnc security provided seperate tunnel and authentification types. The biggest plus is, that the protocol support other feature negotiation. So the structure would be: - security type modules: None VncAuth - Tunnel type modules: None TLS X509 - VNC Connections implicitly add the tightvnc security type. If it is supported by client and server, the extended handshake (including tunnel type) takes place. I have done based on former work of myself a (untested) prototyp for the C client/server using the tightvnc protocol for tigervnc trunk (https://tigervnc.svn.sourceforge.net/svnroot/tigervnc/tr...@4010). Providing C client/server patches using the the vencrypt security type should be no big deal. CSecurity/SSecurity security types (TLS, Stack, X509) can be taken out of Vencrypt. TLS Stream + Message-Box can be reused from the attached patchset. The chooser would require some rework. So: Which concept do you like? mfg Martin Kögler PS: I won't start working on the Java patches, until the protocol decision is taken. ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Tigervnc-devel mailing list Tigervnc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tigervnc-devel
