do not use novnc wsproxy

Instead, we use new HTTPServer features.
2025-07-04 05:39:13 +00:00 · 2014-06-18 11:02:57 +02:00 · 2014-06-18 11:02:57 +02:00 · 3e7567e05e
commit 3e7567e05e
parent 000fc0a254
2 changed files with 54 additions and 8 deletions
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@ -1338,17 +1338,14 @@ __PACKAGE__->register_method({
 			'-perm', 'Sys.Console', '-c', @$remcmd, @$termcmd];
 	    } else {
 		$ENV{LC_PVE_TICKET} = $ticket if $websocket; # set ticket with "qm vncproxy"
 		my $qmcmd = [@$remcmd, "/usr/sbin/qm", 'vncproxy', $vmid];
 		my $qmstr = join(' ', @$qmcmd);
 		# also redirect stderr (else we get RFB protocol errors)
 		$cmd = ['/bin/nc', '-l', '-p', $port, '-w', $timeout, '-c', "$qmstr 2>/dev/null"];
 		if ($websocket) {
 		    $ENV{LC_PVE_TICKET} = $ticket;
 		    $cmd = ["/usr/share/novnc-pve/utils/wsproxy.py", '--run-once', "--timeout=$timeout", "--idle-timeout=$timeout", '--ssl-only', '--cert', '/etc/pve/local/pve-ssl.pem', '--key', '/etc/pve/local/pve-ssl.key', $port, '--', @$cmd];
 		}
 	    }
 	    PVE::Tools::run_command($cmd);
@ -1369,6 +1366,55 @@ __PACKAGE__->register_method({
 	};
    }});
 __PACKAGE__->register_method({
    name => 'vncwebsocket',
    path => '{vmid}/vncwebsocket',
    method => 'GET',
    proxyto => 'node',
    permissions => {
 	check => ['perm', '/vms/{vmid}', [ 'VM.Console' ]],
    },
    description => "Opens a weksocket for VNV traffic.",
    parameters => {
    	additionalProperties => 0,
 	properties => {
 	    node => get_standard_option('pve-node'),
 	    vmid => get_standard_option('pve-vmid'),
 	    port => {
 		description => "Port number returned by previous vncproxy call.",
 		type => 'integer',
 		minimum => 5900,
 		maximum => 5999,
 	    },
 	},
    },
    returns => {
 	type => "object",
 	properties => {
 	    port => { type => 'string' },
 	},
    },
    code => sub {
 	my ($param) = @_;
 	my $rpcenv = PVE::RPCEnvironment::get();
 	my $authuser = $rpcenv->get_user();
 	my $vmid = $param->{vmid};
 	my $node = $param->{node};
 	my $conf = PVE::QemuServer::load_config($vmid, $node); # VM exists ?
 	# Note: VNC ports are acessible from outside, so we do not gain any
 	# security if we verify that $param->{port} belongs to VM $vmid. This
 	# check is done by verifying the VNC ticket (inside VNC protocol).
 	my $port = $param->{port};
 	return { port => $port };
    }});
 __PACKAGE__->register_method({
    name => 'spiceproxy',
    path => '{vmid}/spiceproxy',
@ -1399,8 +1445,8 @@ __PACKAGE__->register_method({
 	my $node = $param->{node};
 	my $proxy = $param->{proxy};
-    my $conf = PVE::QemuServer::load_config($vmid, $node);
+	my $conf = PVE::QemuServer::load_config($vmid, $node);
-    my $title = "VM $vmid - $conf->{'name'}",
+	my $title = "VM $vmid - $conf->{'name'}",
 	my $port = PVE::QemuServer::spice_port($vmid);
--- a/control.in
+++ b/control.in
@ -3,7 +3,7 @@ Version: @@VERSION@@-@@PKGRELEASE@@
 Section: admin
 Priority: optional
 Architecture: @@ARCH@@
-Depends: libc6 (>= 2.7-18), perl (>= 5.10.0-19), libterm-readline-gnu-perl, pve-qemu-kvm (>= 1.7-1), netcat-traditional, libpve-access-control, libpve-storage-perl, pve-cluster, redhat-cluster-pve, libjson-perl, libjson-xs-perl, libio-multiplex-perl, libnet-ssleay-perl, socat, pve-firewall, novnc-pve
+Depends: libc6 (>= 2.7-18), perl (>= 5.10.0-19), libterm-readline-gnu-perl, pve-qemu-kvm (>= 1.7-1), netcat-traditional, libpve-access-control, libpve-storage-perl, pve-cluster, redhat-cluster-pve, libjson-perl, libjson-xs-perl, libio-multiplex-perl, libnet-ssleay-perl, socat, pve-firewall
 Conflicts: netcat-openbsd
 Maintainer: Proxmox Support Team <support@proxmox.com>
 Description: Qemu Server Tools