From: Evan Broder <broder@mit.edu>
Date: Wed, 29 Oct 2008 03:17:24 +0000 (-0400)
Subject: Don't proxy requests for the VNC cert if the requested hostname isn't
X-Git-Tag: invirt-remote-server/0.0.11^0
X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-remote.git/commitdiff_plain/993edbbf67b4c87d8a912830ede21bf9b01b2440

Don't proxy requests for the VNC cert if the requested hostname isn't
an Invirt host

svn path=/trunk/packages/invirt-remote-server/; revision=1411
---

diff --git a/debian/changelog b/debian/changelog
index a971e00..c1d2208 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+invirt-remote-server (0.0.11) unstable; urgency=low
+
+  * Don't proxy requests for the VNC cert if the requested hostname isn't
+    an Invirt host
+
+ -- Evan Broder <broder@mit.edu>  Tue, 28 Oct 2008 23:17:10 -0400
+
 invirt-remote-server (0.0.10) unstable; urgency=low
 
   * All remctls of type 'web' have the same ACL - glob them together
diff --git a/files/usr/sbin/invirt-remote-vnccert b/files/usr/sbin/invirt-remote-vnccert
index acf2816..019256a 100755
--- a/files/usr/sbin/invirt-remote-vnccert
+++ b/files/usr/sbin/invirt-remote-vnccert
@@ -1,6 +1,26 @@
-#!/bin/bash
-# Get the VNC cert for the host passed as the first argument
+#!/usr/bin/python
 
-klist -s || kinit -k
+"""
+Retrieves the VNC certificate from an Invirt host
+"""
 
-exec remctl "$1" remote web vnccert
+from invirt.config import structs as config
+from subprocess import Popen, call, PIPE
+import sys
+
+
+def main(argv):
+    if len(argv) < 2:
+        print >> sys.stderr, "usage: invirt-remote-vnccert <host>"
+        return 2
+    
+    host = argv[1]
+    
+    if host not in list(i.hostname for i in config.hosts):
+        print >> sys.stderr, "Invalid hostname specified"
+        return 1
+    
+    return call(['remctl', host, 'remote', 'web', 'vnccert'])
+
+if __name__ == '__main__':
+    sys.exit(main(sys.argv))