proxmox-mirrors/pve-manager
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-manager synced 2025-08-09 03:10:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

use new PVE::AccessControl::remote_viewer_config()

Browse Source
This commit is contained in:
Dietmar Maurer 2013-12-10 10:51:27 +01:00
parent 7774df7851
commit eb7cd2ced5
1 changed files with 5 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
PVE/API2Tools.pm
View File

@ -141,22 +141,11 @@ sub run_spiceterm {
my $authuser = $rpcenv->get_user(); my $authuser = $rpcenv->get_user();
if (!$proxy) {
my $host = `hostname -f` || PVE::INotify::nodename();
chomp $host;
$proxy = $host;
}
my ($ticket, $proxyticket) = PVE::AccessControl::assemble_spice_ticket($authuser, $vmid, $node);
my $filename = "/etc/pve/local/pve-ssl.pem";
my $subject = PVE::QemuServer::read_x509_subject_spice($filename);
my $cacert = PVE::Tools::file_get_contents("/etc/pve/pve-root-ca.pem", 8192);
$cacert =~ s/\n/\\n/g;
my $port = PVE::Tools::next_spice_port(); my $port = PVE::Tools::next_spice_port();
my ($ticket, undef, $remote_viewer_config) =
PVE::AccessControl::remote_viewer_config($authuser, $vmid, $node, $proxy, $title, $port);
my $timeout = 10; my $timeout = 10;
my $cmd = ['/usr/bin/spiceterm', '--port', $port, '--addr', '127.0.0.1', my $cmd = ['/usr/bin/spiceterm', '--port', $port, '--addr', '127.0.0.1',
@ -197,19 +186,10 @@ sub run_spiceterm {
} else { } else {
$rpcenv->fork_worker('spiceshell', undef, $authuser, $realcmd); $rpcenv->fork_worker('spiceshell', undef, $authuser, $realcmd);
} }
PVE::Tools::wait_for_vnc_port($port); PVE::Tools::wait_for_vnc_port($port);
return { return $remote_viewer_config;
type => 'spice',
title => $title,
host => $proxyticket, # this break tls hostname verification, so we need to use 'host-subject'
proxy => "http://$proxy:3128",
'tls-port' => $port,
'host-subject' => $subject,
ca => $cacert,
password => $ticket,
'delete-this-file' => 1,
};
} }
1; 1;