[Spice-devel] spice server: connection events

Vinzenz Feenstra vfeenstr at redhat.com
Wed Jun 24 00:58:03 PDT 2015 

Hi,

Over the time when working with spice events in VDSM (for the oVirt 
project) we have been encountering some issues which I would like to 
discuss here.

Currently when anyone establishes a connection to the port the spice 
server emits the 'connected' event, once the right password/ticket etc 
is passed and the proper connection is established, the spice server 
emits the 'initialized' event and last but not least when someone 
disconnects the 'disconnected' event is triggered.

Now so far so good. Now here are the problems I have been encountering 
with it over the time with it:
- If someone randomly connects to the port (e.g. on a public internet 
facing host with random connect attempts due to port scans, intrusions 
etc) the connected and disconnected events are passed all the time.
   The same applies for invalid password connections.

- Receiving connected, initialized and disconnected events for every 
channel separately. While this might make sense in some way, as there 
are multiple established connections by spice, there's the problem, that 
we want to react on that event, however basically are getting our code 
triggered multiple times as we do not seem to know what channel was 
actually affected.

- Seamless/live migrations: On seamless/live migrations from one host to 
another, we're also having the issue that the disconnected events are 
passed, which again might make sense from the connection level point of 
view, but not from the connection level point of view, but not from a 
session point of view, as the spice session was transferred to another 
host and the client obeys and reconnects.


After talking with David Jasa about the issue, I think a potential 
solution for this issue would be to introduce a new set of events, which 
are easier for applications to keep track of and avoid to handle those 
problems.
The spice server should be able to track sessions for a client, and 
should be able to emit events accordingly to it. So I would propose to 
emit session-started and session-ended events and only once per session 
and not on a connection basis, plus that the session-ended shall not be 
passed when a migration to another host was the reason for disconnections.

I would be pleased to hear your opinions on this.

Thanks :-)



-- 
Regards,

Vinzenz Feenstra | Senior Software Engineer
RedHat Engineering Virtualization R & D
Phone: +420 532 294 625
IRC: vfeenstr or evilissimo

Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com

More information about the Spice-devel mailing list