Fixed the init scripts and control file. Also, imported quentin's UNCOMMITTED CODE

svn path=/trunk/packages/sipb-xen-vnc-server/; revision=288

diff --git a/code/vncexternalauth.py b/code/vncexternalauth.py
index 9f0edec..da676d9 100644 (file)
--- a/code/vncexternalauth.py
+++ b/code/vncexternalauth.py
@@ -45,10 +45,11 @@ class VNCAuthOutgoing(protocol.Protocol):
         self.socks.transport.loseConnection()
 
     def dataReceived(self,data):
         self.socks.transport.loseConnection()
 
     def dataReceived(self,data):

+        #self.socks.log(self,"R"+data)

         self.socks.write(data)
 
     def write(self,data):
         self.socks.write(data)
 
     def write(self,data):

-        #self.socks.log(self,data)
+        #self.socks.log(self,'W'+data)

         self.transport.write(data)
 
 
         self.transport.write(data)
 
 

@@ -65,12 +66,12 @@ class VNCAuth(protocol.Protocol):
 
     def validateToken(self, token):
         global TOKEN_KEY
 
     def validateToken(self, token):
         global TOKEN_KEY

+        self.auth_error = "Invalid token"

         try:
             token = base64.urlsafe_b64decode(token)
             token = cPickle.loads(token)
             m = hmac.new(TOKEN_KEY, digestmod=sha)
             m.update(token['data'])
         try:
             token = base64.urlsafe_b64decode(token)
             token = cPickle.loads(token)
             m = hmac.new(TOKEN_KEY, digestmod=sha)
             m.update(token['data'])

-            self.auth_error = "Invalid token"

             if (m.digest() == token['digest']):
                 data = cPickle.loads(token['data'])
                 expires = data["expires"]
             if (m.digest() == token['digest']):
                 data = cPickle.loads(token['data'])
                 expires = data["expires"]

@@ -81,8 +82,8 @@ class VNCAuth(protocol.Protocol):
                     self.auth_data = data
                 else:
                     self.auth_error = "Token has expired; please try logging in again"
                     self.auth_data = data
                 else:
                     self.auth_error = "Token has expired; please try logging in again"

-        except:
-            self.auth = None
+        except (TypeError, cPickle.UnpicklingError):
+            self.auth = None            

             print sys.exc_info()
 
     def dataReceived(self,data):
             print sys.exc_info()
 
     def dataReceived(self,data):

@@ -99,7 +100,7 @@ class VNCAuth(protocol.Protocol):
                 try:
                     (header, data) = line.split(": ", 1)
                     headers[header] = data
                 try:
                     (header, data) = line.split(": ", 1)
                     headers[header] = data

-                except:
+                except ValueError:

                     pass
 
             if command == "AUTHTOKEN":
                     pass
 
             if command == "AUTHTOKEN":

@@ -114,24 +115,22 @@ class VNCAuth(protocol.Protocol):
                 vmname = args[0]
                 if ("Auth-token" in headers):
                     token = headers["Auth-token"]
                 vmname = args[0]
                 if ("Auth-token" in headers):
                     token = headers["Auth-token"]

-                    try:
-                        self.validateToken(token)
-                    finally:
-                        if self.auth is not None:
-                            port = getPort(vmname, self.auth_data)
-                            if port is not None: # FIXME
-                                if port is not 0:
-                                    d = self.connectClass(self.server, port, VNCAuthOutgoing, self)
-                                    d.addErrback(lambda result, self=self: self.makeReply(404, result.getErrorMessage()))
-                                else:
-                                    self.makeReply(404, "Unable to find VNC for VM "+vmname)
+                    self.validateToken(token)
+                    if self.auth is not None:
+                        port = getPort(vmname, self.auth_data)
+                        if port is not None: # FIXME
+                            if port != 0:
+                                d = self.connectClass(self.server, port, VNCAuthOutgoing, self)
+                                d.addErrback(lambda result, self=self: self.makeReply(404, result.getErrorMessage()))

                             else:
                             else:

-                                self.makeReply(401, "Unauthorized to connect to VM "+vmname)
+                                self.makeReply(404, "Unable to find VNC for VM "+vmname)

                         else:
                         else:

-                            if self.auth_error:
-                                self.makeReply(401, self.auth_error)
-                            else:
-                                self.makeReply(401, "Invalid token")
+                            self.makeReply(401, "Unauthorized to connect to VM "+vmname)
+                    else:
+                        if self.auth_error:
+                            self.makeReply(401, self.auth_error)
+                        else:
+                            self.makeReply(401, "Invalid token")

                 else:
                     self.makeReply(401, "Login first")
             else:
                 else:
                     self.makeReply(401, "Login first")
             else:

diff --git a/code/vncproxy.py b/code/vncproxy.py
old mode 100644 (file)
new mode 100755 (executable)
index 06c1c79..310b8b5
--- a/code/vncproxy.py
+++ b/code/vncproxy.py
@@ -1,7 +1,13 @@
 #! /usr/bin/python
 #! /usr/bin/python

-from twisted.internet import reactor
+from twisted.internet import reactor, ssl

 import vncexternalauth
 
 import vncexternalauth
 

+sslContext = ssl.DefaultOpenSSLContextFactory(
+       'vncproxykey.pem',
+       'vncproxy.crt',
+)
+

 if '__main__' == __name__:
 if '__main__' == __name__:

-    reactor.listenTCP(10003,vncexternalauth.VNCAuthFactory("./vncauth.log", "localhost"))
+    reactor.listenSSL(10003,vncexternalauth.VNCAuthFactory("./vncauth.log", "localhost"), contextFactory=sslContext)
+    #reactor.listenTCP(10003,vncexternalauth.VNCAuthFactory("./vncauth.log", "localhost"))

     reactor.run()
     reactor.run()

diff --git a/debian/control b/debian/control
index 3c4e51a..4f97cab 100644 (file)
--- a/debian/control
+++ b/debian/control
@@ -5,7 +5,7 @@ Maintainer: SIPB Xen Project <sipb-xen@mit.edu>
 Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 4.1.0), subversion
 Standards-Version: 3.7.2
 
 Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 4.1.0), subversion
 Standards-Version: 3.7.2
 

-Package: sipb-xen-dhcp
+Package: sipb-xen-vnc-server

 Architecture: all
 Depends: ${misc:Depends}, daemon, python-twisted-core, xen-utils-3.1-1
 Description: Install and enable the VNC server
 Architecture: all
 Depends: ${misc:Depends}, daemon, python-twisted-core, xen-utils-3.1-1
 Description: Install and enable the VNC server

diff --git a/debian/sipb-xen-vnc-server.init b/debian/sipb-xen-vnc-server.init
index 0093148..e40e259 100644 (file)
--- a/debian/sipb-xen-vnc-server.init
+++ b/debian/sipb-xen-vnc-server.init
@@ -45,7 +45,7 @@ do_start()
        #   1 if daemon was already running
        #   2 if daemon could not be started
        daemon --running -n $NAME && return 1
        #   1 if daemon was already running
        #   2 if daemon could not be started
        daemon --running -n $NAME && return 1

-       daemon -r -D "$(dirname $DAEMON)" -O daemon.info -E daemon.err -n $NAME -U $DAEMON $DAEMON_ARGS || return 2
+       daemon -r -U -O daemon.info -E daemon.err -n $NAME -U $DAEMON $DAEMON_ARGS || return 2

 }
 
 #
 }
 
 #