X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-vnc-server.git/blobdiff_plain/14cf46b2e06a403c4238b415b2d762e747840d35..aed8d463bc137322f0807dc3cac41558c19685b2:/code/vncexternalauth.py diff --git a/code/vncexternalauth.py b/code/vncexternalauth.py index 9f0edec..da676d9 100644 --- a/code/vncexternalauth.py +++ b/code/vncexternalauth.py @@ -45,10 +45,11 @@ class VNCAuthOutgoing(protocol.Protocol): self.socks.transport.loseConnection() def dataReceived(self,data): + #self.socks.log(self,"R"+data) self.socks.write(data) def write(self,data): - #self.socks.log(self,data) + #self.socks.log(self,'W'+data) self.transport.write(data) @@ -65,12 +66,12 @@ class VNCAuth(protocol.Protocol): def validateToken(self, token): global TOKEN_KEY + self.auth_error = "Invalid token" try: token = base64.urlsafe_b64decode(token) token = cPickle.loads(token) m = hmac.new(TOKEN_KEY, digestmod=sha) m.update(token['data']) - self.auth_error = "Invalid token" if (m.digest() == token['digest']): data = cPickle.loads(token['data']) expires = data["expires"] @@ -81,8 +82,8 @@ class VNCAuth(protocol.Protocol): self.auth_data = data else: self.auth_error = "Token has expired; please try logging in again" - except: - self.auth = None + except (TypeError, cPickle.UnpicklingError): + self.auth = None print sys.exc_info() def dataReceived(self,data): @@ -99,7 +100,7 @@ class VNCAuth(protocol.Protocol): try: (header, data) = line.split(": ", 1) headers[header] = data - except: + except ValueError: pass if command == "AUTHTOKEN": @@ -114,24 +115,22 @@ class VNCAuth(protocol.Protocol): vmname = args[0] if ("Auth-token" in headers): token = headers["Auth-token"] - try: - self.validateToken(token) - finally: - if self.auth is not None: - port = getPort(vmname, self.auth_data) - if port is not None: # FIXME - if port is not 0: - d = self.connectClass(self.server, port, VNCAuthOutgoing, self) - d.addErrback(lambda result, self=self: self.makeReply(404, result.getErrorMessage())) - else: - self.makeReply(404, "Unable to find VNC for VM "+vmname) + self.validateToken(token) + if self.auth is not None: + port = getPort(vmname, self.auth_data) + if port is not None: # FIXME + if port != 0: + d = self.connectClass(self.server, port, VNCAuthOutgoing, self) + d.addErrback(lambda result, self=self: self.makeReply(404, result.getErrorMessage())) else: - self.makeReply(401, "Unauthorized to connect to VM "+vmname) + self.makeReply(404, "Unable to find VNC for VM "+vmname) else: - if self.auth_error: - self.makeReply(401, self.auth_error) - else: - self.makeReply(401, "Invalid token") + self.makeReply(401, "Unauthorized to connect to VM "+vmname) + else: + if self.auth_error: + self.makeReply(401, self.auth_error) + else: + self.makeReply(401, "Invalid token") else: self.makeReply(401, "Login first") else: