[pve-devel] [PATCH 1/2] add spiceproxy api2
Dietmar Maurer
dietmar at proxmox.com
Tue Jun 25 08:56:15 CEST 2013
> + my $ticket =
> + PVE::AccessControl::assemble_spice_ticket($authuser, $authpath);
Did you already send that code (patch for pve-access-control)?
> +
> + my $remip;
> +
> + if ($node ne 'localhost' && $node ne PVE::INotify::nodename()) {
> + $remip = PVE::Cluster::remote_node_ip($node);
> + }
> +
> + my $socket = PVE::QemuServer::spice_socket($vmid);
> + my ($proxysocket, $proxyid) =
> +PVE::Tools::next_spiceproxy_socket();
> +
> + die "spice proxy socket is already in use\n" if -e $proxysocket;
> +
> +
> + my $realcmd = sub {
> + my $upid = shift;
> +
> + syslog('info', "starting spice proxy $upid\n");
> +
> + my $cmd = ['/usr/bin/socat', '-d', '-d', "UNIX-
> LISTEN:$proxysocket,reuseaddr,fork"];
> + my $remotesocket = $remip ? "EXEC:'ssh root@$remip socat STDIO
> UNIX-CONNECT:$socket'" : "UNIX-CONNECT:$socket";
> + push @$cmd, $remotesocket;
> +
> + my $parser = sub {
> + my $line = shift;
> + print $line."\n";
> + die "Client is disconnect" if ($line =~ /exiting with status 0/);
> + };
> + eval {
> + local $SIG{INT} = $SIG{TERM} = $SIG{QUIT} = $SIG{HUP} = sub {
> die "interrupted by signal\n"; };
> + #fixme : how to setup a connect wait timeout ?
> + PVE::Tools::run_command($cmd, errfunc => $parser, outfunc =>
> sub{});
> + };
> + if ($@) {
> + unlink $proxysocket if -e $proxysocket;
> + }
> + };
> +
> + my $upid = $rpcenv->fork_worker('spiceproxy', $vmid, $authuser,
> + $realcmd);
> +
> +
> + my $proxyname = `hostname -f` || PVE::INotify::nodename();
> + chomp $proxyname;
> +
> + my $config = {};
> + $config->{type} = 'spice';
> + $config->{proxy} = "http://$proxyname:3128";
> + $config->{host} = $ticket;
> + $config->{port} = $proxyid;
> + return $config;
One problem with this is that the SPICE client pass the $ticktet using an unencrypted proxy call.
That is a security problem, because somebody else can sniff/steal the ticket.
More information about the pve-devel
mailing list