On Thu, Mar 4, 2021 at 8:33 PM Nick Couchman <[email protected]> wrote:
> On Thu, Mar 4, 2021 at 19:54 Dave Neeley <[email protected]> wrote: > >> ... >> > I would have assumed the certificates most definitely had to be stored on >> disk _somewhere_, is that not correct? Say the guacamole web client was >> running in one docker container, and guacd was running in a second >> container. How would certificates be passed in-memory between these two? >> > > Yes, the parameters referenced in the pull request would, most likely, > point to the location of a file, accessible by guacd, that contains the > certificate, key, CA, and crl data, respectively. So, even though the > parameters are configured client-side, the client itself (both browser and > client container for the Java code) need not have any access to or > knowledge of the contents of the files. > To clarify on this a bit further: The details of a connection are passed as part of the Guacamole protocol during the handshake phase. This is performed by the web application based on how the connection has been configured by the administrator. Passing certificate filenames for local use by guacd would go against some of the core design principles behind the separation of guacd and the webapp. With the exception of data that absolutely *must* be on disk (like RDP drive redirection), data dictated by the webapp shouldn't need to be on disk. Part of the idea behind the separation between guacd and the webapp is that guacd should be able to consume the data fed to it by the webapp (or some third-party webapp) and provide a remote desktop connection that satisfies the request dictated by that data, without making assumptions regarding how that data is sourced. This includes details like the credentials/certificates that must be available to authenticate with the remote desktop. In the most basic situation where guacd and Guacamole are running on the same server, it will not immediately make sense why guacd should not assume that the required certificates are on disk. In the bigger picture, guacd and Guacamole need not run on the same server, both might actually consist of multiple nodes behind balancers, and the data in question may actually come from a database, or might be provisioned just-in-time, or retrieved from a vault, etc. TL;DR - No, the certificates are not necessarily stored on disk somewhere. They may not even be stored at all. It's just not a safe assumption. Michael Jumper CEO, Lead Developer Glyptodon Inc <https://enterprise.glyptodon.com/>.
