Menu
▾
▴
Re: [Libvncserver-common] new setting to disable TLS encryption
|
From: Vic L. <ll...@16...> - 2009-12-31 06:39:56
|
Hi Karl, I agreed this is a much better way to do it and I don't think this is cumbersome for the viewer developers. We just need to pass in a fixed array of security types, and that would need a little more work on libvncclient side. Another question is, should we respect the security type order from the server, or the viewer? For example: Server reports supported types: 1, 2, 3 Viewer says it wants the following types: 3, 2 If we respect the server we choose 2; if we respect the client we choose 3. Which way we should go? Thanks, Vic On Wed, 2009-12-30 at 23:31 -0500, Karl J. Runge wrote: > On Thu, 31 Dec 2009, Vic Lee <ll...@16...> wrote: > > > > So I am thinking if we can add this setting in libvncclient and let user > > choose to disable TLS. I can add a new bool in struct AppData in > > rfbclient.h, then skip TLS and VeNCrypt if this setting is true. > > Would it be too cumbersome for the viewer developer to expose to them a > way to set which RFB security types they want to accept? > > This would be completely general then, with the downside that they have > to explicitly set the ones they want (or do not want; some may want to > require encrypted connections.) > > I think there are only 256 possible RFB security types (an unfortunate > limitation IMHO) and so that would easily fit into a fixed char array > if desired (or a linked list / similar if that is better.) I suggest > a function interface to set/unset them (this would also enable a higher > level function that could disable/enable all encrypted types, etc.) > > Just my $0.02. > > Karl > |