[pve-devel] [PATCH pve-manager 5/9] HTTPServer.pm: call $rpcenv-init() when necessary.

Dietmar Maurer dietmar at proxmox.com
Mon Jan 16 10:59:35 CET 2017


This code was removed from the generic server, so we need
to add it here. cleanup follows ...

Signed-off-by: Dietmar Maurer <dietmar at proxmox.com>
---
 PVE/HTTPServer.pm | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/PVE/HTTPServer.pm b/PVE/HTTPServer.pm
index ef533fc..5ae0e97 100755
--- a/PVE/HTTPServer.pm
+++ b/PVE/HTTPServer.pm
@@ -34,6 +34,10 @@ sub new {
 sub verify_spice_connect_url {
     my ($self, $connect_str) = @_;
 
+    my $rpcenv = $self->{rpcenv};
+
+    $rpcenv->init_request();
+
     my ($vmid, $node, $port) = PVE::AccessControl::verify_spice_connect_url($connect_str);
 
     return ($vmid, $node, $port);
@@ -46,10 +50,15 @@ sub generate_csrf_prevention_token {
 }
 
 sub auth_handler {
-    my ($self, $method, $rel_uri, $ticket, $token) = @_;
+    my ($self, $method, $rel_uri, $ticket, $token, $peer_host) = @_;
 
     my $rpcenv = $self->{rpcenv};
 
+    # set environment variables
+    $rpcenv->set_user(undef);
+    $rpcenv->set_language('C');
+    $rpcenv->set_client_ip($peer_host);
+
     my $require_auth = 1;
 
     # explicitly allow some calls without auth
@@ -120,6 +129,8 @@ sub rest_handler {
 
     my $rpcenv = $self->{rpcenv};
 
+    $rpcenv->init_request();
+
     my $base_handler_class = $self->{base_handler_class};
 
     die "no base handler - internal error" if !$base_handler_class;
@@ -127,6 +138,7 @@ sub rest_handler {
     my $uri_param = {};
     my ($handler, $info) = $base_handler_class->find_handler($method, $rel_uri, $uri_param);
     if (!$handler || !$info) {
+	$rpcenv->set_user(undef); # clear after request
 	return {
 	    status => HTTP_NOT_IMPLEMENTED,
 	    message => "Method '$method $rel_uri' not implemented",
@@ -135,6 +147,7 @@ sub rest_handler {
 
     foreach my $p (keys %{$params}) {
 	if (defined($uri_param->{$p})) {
+	    $rpcenv->set_user(undef); # clear after request
 	    return {
 		status => HTTP_BAD_REQUEST,
 		message => "Parameter verification failed - duplicate parameter '$p'",
@@ -146,6 +159,7 @@ sub rest_handler {
     # check access permissions
     eval { $rpcenv->check_api2_permissions($info->{permissions}, $auth->{userid}, $uri_param); };
     if (my $err = $@) {
+	$rpcenv->set_user(undef); # clear after request
 	return &$exc_to_res($info, $err, HTTP_FORBIDDEN);
     }
 
@@ -163,15 +177,18 @@ sub rest_handler {
 	    }
 	};
 	if (my $err = $@) {
+	    $rpcenv->set_user(undef); # clear after request
 	    return &$exc_to_res($info, $err);
 	}
 	if ($remip) {
+	    $rpcenv->set_user(undef); # clear after request
 	    return { proxy => $remip, proxynode => $node, proxy_params => $params };
 	}
     }
 
     my $euid = $>;
     if ($info->{protected} && ($euid != 0)) {
+	$rpcenv->set_user(undef); # clear after request
 	return { proxy => 'localhost' , proxy_params => $params }
     }
 
@@ -191,9 +208,11 @@ sub rest_handler {
 	}
     };
     if (my $err = $@) {
+	$rpcenv->set_user(undef); # clear after request
 	return &$exc_to_res($info, $err);
     }
 
+    $rpcenv->set_user(undef); # clear after request
     return $resp;
 }
 
-- 
2.1.4




More information about the pve-devel mailing list