diff options
author | Joel Martin <github@martintribe.org> | 2010-10-28 10:45:26 -0500 |
---|---|---|
committer | Joel Martin <github@martintribe.org> | 2010-10-28 10:45:26 -0500 |
commit | e5d60a8ba2a9556f8785f228239734a0c7650539 (patch) | |
tree | 9fbe1662d30186bd16ea62e38f29009949204024 /utils/README.md | |
parent | f1a9971c820b99c16a39e4c351c7980be7afc039 (diff) | |
download | novnc-e5d60a8ba2a9556f8785f228239734a0c7650539.tar.gz |
Issue #32, wsproxy README, update webkit bug info,
- Add wsproxy README.md in utils/ directory.
- Document how to build ssl module for python 2.5 and older in wsproxy
README.
- Update browsers.md to note revision that have the webkit Canvas
rendering bug: WebKit build 66396 through 68867 (Chrome/Chromium
build 57968 through 61278).
Diffstat (limited to 'utils/README.md')
-rw-r--r-- | utils/README.md | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/utils/README.md b/utils/README.md new file mode 100644 index 0000000..ac3e86d --- /dev/null +++ b/utils/README.md @@ -0,0 +1,93 @@ +## wsproxy: WebSockets to TCP Proxy + + +### How it works + +At the most basic level, wsproxy just translates WebSockets traffic +to normal socket traffic. wsproxy accepts the WebSockets handshake, +parses it, and then begins forwarding traffic between the client and +the target in both directions. WebSockets payload data is UTF-8 +encoded so in order to transport binary data it must use an encoding +that can be encapsulated within UTF-8. wsproxy uses base64 to encode +all traffic to and from the client. Also, WebSockets traffic starts +with '\0' (0) and ends with '\xff' (255). Some buffering is done in +case the data from the client is not a full WebSockets frame (i.e. +does not end in 255). + + +### Additional features + +These are not necessary for the basic operation. + +* Daemonizing: When the `-f` option is not specified, wsproxy runs + in the background as a daemon process. + +* SSL (the wss:// WebSockets URI): This is detected automatically by + wsproxy by sniffing the first byte sent from the client and then + wrapping the socket if the data starts with '\x16' or '\x80' + (indicating SSL). + +* Flash security policy: wsproxy detects flash security policy + requests (again by sniffing the first packet) and answers with an + appropriate flash security policy response (and then closes the + port). This means no separate flash security policy server is needed + for supporting the flash WebSockets fallback emulator. + +* Session recording: This feature that allows recording of the traffic + sent and received from the client to a file using the `--record` + option. + + +### Implementations + +There are two implementations of wsproxy included: a python +implementation and a C implementation. + +Here is the feature support matrix for the wsproxy implementations: + + +<table> + <tr> + <th>Implementation</th> + <th>Basic Proxying</th> + <th>Daemonizing</th> + <th>SSL/wss</th> + <th>Flash Policy Server</th> + <th>Session Recording</th> + </tr> <tr> + <td>python</td> + <td>yes</td> + <td>yes</td> + <td>yes 1</td> + <td>yes</td> + <td>yes</td> + </tr> <tr> + <td>C</td> + <td>yes</td> + <td>yes</td> + <td>yes</td> + <td>yes</td> + <td>no</td> + </tr> +</table> + +* Note 1: to use SSL/wss with python 2.5 or older, see the following + section on *Building the Python ssl module*. + + +### Building the Python ssl module (for python 2.5 and older) + +* Install the build dependencies. On Ubuntu use this command: + + sudo aptitude install python-dev bluetooth-dev + +* Download, build the ssl module and symlink to it: + + cd noVNC/utils + wget http://pypi.python.org/packages/source/s/ssl/ssl-1.15.tar.gz + tar xvzf ssl-1.15.tar.gz + cd ssl-1.15 + make + cd ../ + ln -sf ssl-1.15/build/lib.linux-*/ssl ssl + |