wayvnc icon indicating copy to clipboard operation
wayvnc copied to clipboard

Allow connection only with confirmation

Open freeconst opened this issue 2 years ago • 3 comments

In addition to authorized connections, it would be nice to add connection requests for privacy. Some x0vnc QueryConnect analog.

freeconst avatar Jun 27 '22 05:06 freeconst

There could be an option to call a user defined command upon connection, which would determine if the connection is accepted or not.

any1 avatar Jun 27 '22 09:06 any1

Now that we have an IPC mechanism in wayvncctl, maybe this would be easier to do.

I'd suggest a new IPC command like event-receive that would register a client to be an auth-handler.

Then the client could expect to receive an auth-attempt IPC call, and would be expected to respond with a allow/disallow response.

Care must be taken to deal with the server's behavior with multiple IPC clients, and what to do in the event of nonresponse arriving.

lack avatar Dec 18 '22 08:12 lack

This is probably a good enough solution:

  • The authentication method is configured in the config file or in a command line argument to wayvnc
  • If the method is set to "query", we do the following:
  • Generate a "client-auth-request" event when a client connects
  • The event contains the user's submitted credentials.
  • When an instance of wayvncctl receives this event, it calls wayvncctl client-auth-accept or wayvncctl client-auth-reject [reason]
  • If the server does not receive an accept or reject command from wayvncctl within the timeout period, the client is rejected.

any1 avatar Jan 15 '23 19:01 any1