Add support for control connection authentication
Since vncauthproxy no longer uses Unix domain sockets for the controlconnection handling, authentication handling, which was done with POSIXfile permissions, must be implemented in vncauthproxy.
The /var/lib/vncauthproxy/users file (configurable) acts as an...
Use SSL/TLS for control connections
Control connections now use SSL/TLS by default. Since, vncauthproxy controlconnections now use TCP/IP instead of Unix domain sockets, sensitiveinformation could be sent over possibly untrusted / insecure channels.
Set SO_REUSEADDR for the control socket
Fix typos/mistakes introduced by the refactoring
Code refactoring
Minor lexical fixes
Use TCP instead of UNIX sockets (first try)
Initial 'implementation' of vncauthproxy using TCP sockets instead ofUNIX domain sockets for control connections.
By default, it will bind to 127.0.0.1:24999 (forwarding ports start atTCP 25000). The client was changed accordingly....
Make control connection handling async
For every incoming control connection, accept() inside the main loop anddispatch the connection handling/establishment to a new greenlet.
The async handling of the control connections ensures that vncauhtproxy won't...
Modify default port range for port pool
The default port range used for automatic port selectionwas chosen to be the ephemeral port range. This was the wrongthing to do, because it may conflict with ports used for outgoingconnections from the host on which vncauthproxy runs,...
Fix possible race in returning source port to pool
First make sure all sockets for a connection are closed,then return the source port number to the port pool.
This fixes a possible race where the greenlet gets preempted right afterreturning a port to the pool, and the port is picked up from the pool by...
View revisions
Also available in: Atom