[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [RFC] xl: support configuration of encrypted VNC

Ian Campbell writes ("[Xen-devel] [RFC] xl: support configuration of encrypted 
VNC"):
> Someone pointed out that it's not possible to configure encrypted vnc
> via xl, while it is possible via xm. This is obviously quite nice to
> have if you are logging in as root...
> 
> The following is my initial attempt but TBH I'm not sure if this is
> presenting the correct interface at either the libxl or xl level. Since
> I don't actually use this stuff myself I'm finding it a bit hard to
> judge how much flexibility is needed or even what the right names/terms
> for things are. Opinions?

What is the security implication of the path with the certificates ?
Is it that only clients with that particular certificate can connect ?

> +        if (!xlu_cfg_get_string (config, "vnctls", &buf, 0)) {
> +            fprintf(stderr, "VNC: %s\n", buf);
> +            if (libxl_vnc_tlsmode_from_string(buf, &dm_info->vnctls)) {
> +                fprintf(stderr, "ERROR: invalid value \"%s\" for 
> \"vnctls\"\n",
> +                        buf);
> +                exit (1);
> +            }
> +        } else {
> +            fprintf(stderr, "!VNC: %s\n", buf);
> +            exit(1);
> +        }

This is a bit odd.  If you don't say "vnctls" in your config file, the
config parser just exits ?

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.