Avi Kivity wrote:
You can still implement this with SCM_RIGHTS. Authenticate, select
guest, drop tls, pass fd to qemu, authenticate, hack hack hack, drop
tls, pass fd back to proxy, goto 10.
Here's how I'd envision this working.
Start qemu with:
qemu -vnc proxy:/path/to/unix/domain/socket
We connect to /path/to/unix/domain/socket and wait to recv file
descriptors after telling the server it's name and what protocol version
it supports. We treat each received file descriptor as a new
connection. We use do full protocol with no specific authentication.
The server runs and opens /path/to/unix/domain/socket. Whenever a
client connects to the server socket, it does protocol negotiation using
the least common denominator of protocol versions given it. We use a
protocol extension to list and negotiate which client to connect to.
Once that's been established, we send a socketpair() over the
appropriate domain socket, and do appropriate negotiation to get us up
to the ServerInit stage. We use a combination of DesktopResize and WMVi
in the server to get the client at the appropriate state to match the
ServerInit.
We then (in the server) blindly proxy any data from the qemu instance to
the client (encrypting it if necessary).
We won't need to reencode any traffic in this model and it's pretty
reasonable from a UI perspective. In fact, if we use a helper, we can
probably have an even better command line for qemu.
Regards,
Anthony Liguori