adfe6ac166
On the client side, this adds the as3crypto library to web-socket-js
so that the WebSocket 'wss://' scheme is supported which is WebSocket
over SSL/TLS.
Couple of downsides to the fall-back method:
- This balloons the size of the web-socket-js object from about 12K to 172K.
- Getting it working required disabling RFC2718 web proxy support
in web-socket-js.
- It makes the web-socket-js fallback even slower with the
encryption overhead.
The server side (wsproxy.py) uses python SSL support. The proxy
automatically detects the type of incoming connection whether flash
policy request, SSL/TLS handshake ('wss://') or plain socket
('ws://').
Also added a check-box to the web page to enable/disabled 'wss://'
encryption.
|
||
|---|---|---|
| docs | ||
| include | ||
| canvas.html | ||
| canvas.js | ||
| links | ||
| prime.html | ||
| prime.js | ||
| README.md | ||
| rfb_notes | ||
| TODO | ||
| vnc.html | ||
| vnc.js | ||
| web.py | ||
| webs.py | ||
| wsproxy.py | ||
| wstest.html | ||
| wstest.py | ||
VNC HTML5 Client
Description
A VNC client implemented using HTML5, specifically Canvas and WebSocket (supports 'wss://' encryption).
For browsers that do not have builtin WebSocket support, the project includes web-socket-js, a WebSocket emulator using Adobe Flash (http://github.com/gimite/web-socket-js).
In addition, as3crypto has been added to web-socket-js to implement WebSocket SSL/TLS encryption, i.e. the "wss://" URI scheme. (http://github.com/lyokato/as3crypto_patched).
Requirements
Until there is VNC server support for WebSocket connections, you need to use a WebSocket to TCP socket proxy. There is a python proxy included ('wsproxy'). One advantage of using the proxy is that it has builtin support for SSL/TLS encryption (i.e. "wss://").
There a few reasons why a proxy is required:
-
WebSocket is not a pure socket protocol. There is an initial HTTP like handshake to allow easy hand-off by web servers and allow some origin policy exchange. Also, each WebSocket frame begins with 0 ('\x00') and ends with 255 ('\xff').
-
Javascript itself does not have the ability to handle pure byte strings (Unicode encoding messes with it) even though you can read them with WebSocket. The python proxy encodes the data so that the Javascript client can base64 decode the data into an array. The client requests this encoding
-
When using the web-socket-js as a fallback, WebSocket 'onmessage' events may arrive out of order. In order to compensate for this the client asks the proxy (using the initial query string) to add sequence numbers to each packet.
To encrypt the traffic using the WebSocket 'wss://' URI scheme you need to generate a certificate for the proxy to load. You can generate a self-signed certificate using openssl. The common name should be the hostname of the server where the proxy will be running:
`openssl req -new -x509 -days 365 -nodes -out self.pem -keyout self.pem`
Usage
-
run a VNC server.
vncserver :1 -
run the python proxy:
./wsproxy.py [listen_port] [vnc_host] [vnc_port]./wsproxy.py 8787 localhost 5901 -
run the mini python web server to serve the directory:
./web.py PORT./web.py 8080 -
Point your web browser at http://localhost:8080/vnc.html (or whatever port you used above to run the web server).
-
Specify the host and port where the proxy is running and the password that the vnc server is using (if any). Hit the Connect button and enjoy!