wayvnc
wayvnc copied to clipboard
Allow connection only with confirmation
In addition to authorized connections, it would be nice to add connection requests for privacy. Some x0vnc QueryConnect analog.
There could be an option to call a user defined command upon connection, which would determine if the connection is accepted or not.
Now that we have an IPC mechanism in wayvncctl, maybe this would be easier to do.
I'd suggest a new IPC command like event-receive
that would register a client to be an auth-handler.
Then the client could expect to receive an auth-attempt
IPC call, and would be expected to respond with a allow/disallow response.
Care must be taken to deal with the server's behavior with multiple IPC clients, and what to do in the event of nonresponse arriving.
This is probably a good enough solution:
- The authentication method is configured in the config file or in a command line argument to wayvnc
- If the method is set to "query", we do the following:
- Generate a "client-auth-request" event when a client connects
- The event contains the user's submitted credentials.
- When an instance of
wayvncctl
receives this event, it callswayvncctl client-auth-accept
orwayvncctl client-auth-reject [reason]
- If the server does not receive an accept or reject command from
wayvncctl
within the timeout period, the client is rejected.