[Spice-commits] Branch '0.8' - 3 commits - NEWS configure.ac spice/protocol.h spice/vd_agent.h
Hans de Goede
jwrdegoede at kemper.freedesktop.org
Tue Mar 1 21:41:01 PST 2011
NEWS | 5 +++++
configure.ac | 4 ++--
spice/protocol.h | 10 ++++++++++
spice/vd_agent.h | 26 ++++++++++++++++++++++++++
4 files changed, 43 insertions(+), 2 deletions(-)
New commits:
commit 52d4094f31881c12276a30860c02048847d96453
Author: Hans de Goede <hdegoede at redhat.com>
Date: Tue Mar 1 19:20:35 2011 +0200
Release 0.8.0
diff --git a/NEWS b/NEWS
index 81936df..6903e25 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,8 @@
+Major changes in 0.8.0
+======================
+* Add support for different clipboards (selections) to vd_agent copy paste
+* Add support for using different authentication mechanisms (just SASL for now)
+
Major changes in 0.7.1
======================
* Add some enums for the xorg qxl driver
diff --git a/configure.ac b/configure.ac
index fef1645..72278e9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,8 +1,8 @@
AC_PREREQ([2.57])
m4_define([SPICE_MAJOR], 0)
-m4_define([SPICE_MINOR], 7)
-m4_define([SPICE_MICRO], 1)
+m4_define([SPICE_MINOR], 8)
+m4_define([SPICE_MICRO], 0)
AC_INIT(spice-protocol, [SPICE_MAJOR.SPICE_MINOR.SPICE_MICRO], [], spice-protocol)
commit 28fca476f42e44de5ac7432c6118c4b20c345d4c
Author: Marc-André Lureau <marcandre.lureau at redhat.com>
Date: Fri Feb 18 23:46:00 2011 +0100
protocol: add clipboard selection capability
Add a new capability VD_AGENT_CAP_CLIPBOARD_SELECTION.
When both client and servers have this capability, the
VDAgentClipboard* messages MUST be prepended with a uint8_t indicating
which clipboard selection to operate + 3 bytes stuffing for alignment
that could be used for future capabilities or extensions.
A few clipboard selection are defined according to X11/Gtk scheme:
- VD_AGENT_CLIPBOARD_SELECTION_CLIPBOARD: the default clipboard,
implemented by most OS to deal with explicit Copy/Paste operations.
- VD_AGENT_CLIPBOARD_SELECTION_PRIMARY: the PRIMARY clipboard, used
for mouse selections.
- VD_AGENT_CLIPBOARD_SELECTION_SECONDARY: the SECONDARY clipboard.
See also:
http://www.freedesktop.org/wiki/Specifications/ClipboardsWiki
https://bugs.freedesktop.org/show_bug.cgi?id=34833
diff --git a/spice/vd_agent.h b/spice/vd_agent.h
index 43d0e7c..ec2ef27 100644
--- a/spice/vd_agent.h
+++ b/spice/vd_agent.h
@@ -125,6 +125,10 @@ enum {
};
typedef struct SPICE_ATTR_PACKED VDAgentClipboard {
+#if 0 /* VD_AGENT_CAP_CLIPBOARD_SELECTION */
+ uint8_t selection;
+ uint8_t __reserved[sizeof(uint32_t) - 1 * sizeof(uint8_t)];
+#endif
uint32_t type;
uint8_t data[0];
} VDAgentClipboard;
@@ -139,13 +143,28 @@ enum {
};
typedef struct SPICE_ATTR_PACKED VDAgentClipboardGrab {
+#if 0 /* VD_AGENT_CAP_CLIPBOARD_SELECTION */
+ uint8_t selection;
+ uint8_t __reserved[sizeof(uint32_t) - 1 * sizeof(uint8_t)];
+#endif
uint32_t types[0];
} VDAgentClipboardGrab;
typedef struct SPICE_ATTR_PACKED VDAgentClipboardRequest {
+#if 0 /* VD_AGENT_CAP_CLIPBOARD_SELECTION */
+ uint8_t selection;
+ uint8_t __reserved[sizeof(uint32_t) - 1 * sizeof(uint8_t)];
+#endif
uint32_t type;
} VDAgentClipboardRequest;
+typedef struct SPICE_ATTR_PACKED VDAgentClipboardRelease {
+#if 0 /* VD_AGENT_CAP_CLIPBOARD_SELECTION */
+ uint8_t selection;
+ uint8_t __reserved[sizeof(uint32_t) - 1 * sizeof(uint8_t)];
+#endif
+} VDAgentClipboardRelease;
+
enum {
VD_AGENT_CAP_MOUSE_STATE = 0,
VD_AGENT_CAP_MONITORS_CONFIG,
@@ -153,9 +172,16 @@ enum {
VD_AGENT_CAP_CLIPBOARD,
VD_AGENT_CAP_DISPLAY_CONFIG,
VD_AGENT_CAP_CLIPBOARD_BY_DEMAND,
+ VD_AGENT_CAP_CLIPBOARD_SELECTION,
VD_AGENT_END_CAP,
};
+enum {
+ VD_AGENT_CLIPBOARD_SELECTION_CLIPBOARD = 0,
+ VD_AGENT_CLIPBOARD_SELECTION_PRIMARY,
+ VD_AGENT_CLIPBOARD_SELECTION_SECONDARY,
+};
+
typedef struct SPICE_ATTR_PACKED VDAgentAnnounceCapabilities {
uint32_t request;
uint32_t caps[0];
commit d3a4947525f0c7c1807a2582742ad10721338044
Author: Marc-André Lureau <marcandre.lureau at redhat.com>
Date: Fri Feb 4 22:00:26 2011 +0100
protocol: add common channel caps for AUTH mechanism selection
Current version 2.0 of the SPICE protocol describes how the client
reply to the server SpiceLinkReply message with a RSA_public_encrypt()
of the password.
Instead of using the current Spice AUTH mechanism, we would like to
offer different AUTH mechanisms, in particular SASL, which is a
framework allowing different underlying mechanisms such as
GSSAPI/Kerberos v5 (and optionally adding a data security layer).
We could bump the protocol version, but that would make this feature
mandatory for the implementer of the protocol. By using the channel
caps, the client and server are left to negotiate and alter the AUTH
part of the protocol as follows:
- SPICE_COMMON_CAP_PROTOCOL_AUTH_SELECTION, if set, the authentication
mechanism can be chosen during link phase. If both client and server
have this cap, the client MUST reply to SpiceLinkReply with a
SpiceLinkAuthMechanism message, with the value of the CAP_AUTH
mechanism choosen (a uint32 auth_mechanism). The following
authentication steps are described by the selected authentication
mechanism.
The differents mechanisms selectable via
SPICE_COMMON_CAP_PROTOCOL_AUTH_SELECTION are also specified as part of
the common channel caps. They can be used only if both client and
server offer them.
Ex: no AUTH selection
C: SpiceLinkMess
S: SpiceLinkReply, CAP_PROTOCOL_AUTH_SELECTION not in common caps
- The client can't choose AUTH, and fallback on Spice RSA mechanism
Ex: AUTH selection
C: SpiceLinkMess, CAP_PROTOCOL_AUTH_SELECTION in common caps
S: SpiceLinkReply, CAP_PROTOCOL_AUTH_SELECTION in common caps
- The client MUST reply with SpiceLinkAuthMechanism
C: SpiceLinkAuthMechanism (with a matching CAP_AUTH)
- SPICE_COMMON_CAP_AUTH_SPICE, the following steps and authentication
mechanism are the same as with version 2.0: a RSA_public_encrypt()
of the password is sent.
This mechanism MUST be implemented in both client and server to
comply with the SPICE protocol.
- SPICE_COMMON_CAP_AUTH_SASL, the authentication exchange follows
SASL protocol has defined in RFC 2222.
This mechanism is OPTIONAL in both client and servers.
Ex: AUTH selection, followed by SASL authentication
AUTH Selection:
C: SpiceLinkMess, CAP_PROTOCOL_AUTH_SELECTION + CAP_AUTH_SASL in common caps
S: SpiceLinkReply, CAP_PROTOCOL_AUTH_SELECTION + CAP_AUTH_SASL in common caps
- The client MUST reply with SpiceLinkAuthMechanism
C: SpiceLinkAuthMechanism CAP_AUTH_SASL
Init:
S: u32 mechlist-length
u8-array mechlist-string
Start:
C: u32 mechname-length
u8-array mechname-string
u32 clientout-length
u8-array clientout-string
S: u32 serverin-length
u8-array serverin-string
u8 continue
Step: (while continue)
C: u32 clientout-length
u8-array clientout-string
S: u32 serverin-length
u8-array serverin-string
u8 continue
See also VNC SASL protocol description, which uses the same protocol:
http://sourceforge.net/mailarchive/forum.php?thread_name=20100719125155.GA14166%40evileye.atkac.brq.redhat.com&forum_name=tigervnc-rfbproto
Updated since v1 of this commit:
- renamed s/SPICE_CHANNEL_CAP/SPICE_COMMON_CAP
- added some note about mandatory vs optional mechanisms.
Signed-off-by: Hans de Goede <hdegoede at redhat.com>
diff --git a/spice/protocol.h b/spice/protocol.h
index d6a2041..26d964b 100644
--- a/spice/protocol.h
+++ b/spice/protocol.h
@@ -51,6 +51,12 @@ typedef struct SPICE_ATTR_PACKED SpiceLinkHeader {
uint32_t size;
} SpiceLinkHeader;
+enum {
+ SPICE_COMMON_CAP_PROTOCOL_AUTH_SELECTION,
+ SPICE_COMMON_CAP_AUTH_SPICE,
+ SPICE_COMMON_CAP_AUTH_SASL,
+};
+
typedef struct SPICE_ATTR_PACKED SpiceLinkMess {
uint32_t connection_id;
uint8_t channel_type;
@@ -72,6 +78,10 @@ typedef struct SPICE_ATTR_PACKED SpiceLinkEncryptedTicket {
uint8_t encrypted_data[SPICE_TICKET_KEY_PAIR_LENGTH / 8];
} SpiceLinkEncryptedTicket;
+typedef struct SPICE_ATTR_PACKED SpiceLinkAuthMechanism {
+ uint32_t auth_mechanism;
+} SpiceLinkAuthMechanism;
+
typedef struct SPICE_ATTR_PACKED SpiceDataHeader {
uint64_t serial;
uint16_t type;
More information about the Spice-commits
mailing list