[pve-devel] [PATCH] spice tls test : remove authentification in Host field and connect to port instead unix domain socket

[Alexandre Derumier]

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 PVE/HTTPServer.pm |   16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/PVE/HTTPServer.pm b/PVE/HTTPServer.pm
index 7af8a0d..35f599e 100755
--- a/PVE/HTTPServer.pm
+++ b/PVE/HTTPServer.pm
@@ -505,7 +505,7 @@ sub handle_spice_proxy_request {
 	print "$$: CONNECT $vmid, $node, $socket\n" if $self->{debug};
 
 	# fixme: this needs root privs
-	tcp_connect "unix/", $socket, sub {
+	tcp_connect $node, $socket, sub {
 	    my ($fh) = @_ 
 		or die "connect to '$socket' failed: $!";
 
@@ -850,12 +850,14 @@ sub unshift_read_header {
 
 		my $auth = {};
 		if ($self->{spiceproxy}) {
-		    my $connect_str = $r->header('Host');
-		    my ($vmid, $node) = PVE::AccessControl::verify_spice_connect_url($connect_str);
-		    if (!($vmid && $node)) {
-			$self->error($reqstate, HTTP_UNAUTHORIZED, "invalid ticket");
-			return;
-		    }
+		    #my $connect_str = $r->header('Host');
+		    #my ($vmid, $node) = PVE::AccessControl::verify_spice_connect_url($connect_str);
+		    #if (!($vmid && $node)) {
+			#$self->error($reqstate, HTTP_UNAUTHORIZED, "invalid ticket");
+			#return;
+		    #}
+		    my ($node, $vmid) = split(':', $r->header('Host'));
+
 		    $self->handle_spice_proxy_request($reqstate, $vmid, $node);
 		    return;
 		} elsif ($path =~ m!$baseuri!) {
-- 
1.7.10.4