> Yes, I would like to reuse pveproxy. (I just have tested HTTP::PROXY to see > how it's work) > > The only thing is that spice client only do proxy through http and not https. > But it should be possible to add a new listen port to pveproxy on http, only > accepting CONNECT request. > Should not be a security problem if we crypt the host header, and the > connection to spice use tls.
Maybe it is better to use an dynamic port and run a separate server (like we do for VNC)? > I think the main problem in HTTP::PROXY, it that the tunnel is not bi- > directionnal. I have debug it, it's waiting for read spice socket. > > The implementation is pretty simple: > > CLIENT ---> HTTP CONNECT host:port > SERVER ----> HTTP/1.0 200 OK > then bi-directionnal tunnel read-write > > > But I don't known how to implement the bi-directionnal tunnel in perl. see run_vnc_proxy() in 'qm' _______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
