[pve-devel] vncpropxy question

Dominik Csapak d.csapak at proxmox.com
Thu Jun 30 13:50:45 CEST 2022

On 6/30/22 13:25, Dominik Csapak wrote:
> On 6/30/22 13:02, Dietmar Maurer wrote:
>> in qemu-server, I wonder why we set $ENV{LC_PVE_TICKET} conditionally? Does not make any sense to 
>> me, because it make all other connection failing...
>> diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
>> index 99b426e..c6a3ac1 100644
>> --- a/PVE/API2/Qemu.pm
>> +++ b/PVE/API2/Qemu.pm
>> @@ -2102,7 +2102,7 @@ __PACKAGE__->register_method({
>>              } else {
>> -               $ENV{LC_PVE_TICKET} = $password if $websocket; # set ticket with "qm vncproxy"
>> +               $ENV{LC_PVE_TICKET} = $password;
>>                  $cmd = [@$remcmd, "/usr/sbin/qm", 'vncproxy', $vmid];
> AFAICS, this is a remnant of old code where we would start wsproxy.py instead of our
>   'qm vncproxy'
> i think we could remove the whole websocket parameter as it doesn't
> do anything here
> so we could do
> 1. remove the use of $websocket here
> 2. remove the websocket=1 parameter in novnc
> 3. remove the websocket parameter completely (in 8.0, since it's a breaking api change)


'it doesn't do anything here' is not completely correct
for 'regular' vm displays it just does not set the ticket which
breaks the connection

for use with a serial terminal in the vm, we also
set '-notls' and '-listen localhost' for vncterm

if we'd drop the parameter anyway (with 8.0) and use always
'-notls -listen localhost' i think we could drop the custom
libvncserver package in vncterm and use the debian packaged
one (since we'd never use tls then anyway)

we could even go a step further and remove support for terminals
over vnc completely, since we have support for that in the
browser with xterm.js since quite some time

More information about the pve-devel mailing list