From aed8d463bc137322f0807dc3cac41558c19685b2 Mon Sep 17 00:00:00 2001 From: Evan Broder Date: Fri, 28 Mar 2008 20:29:04 -0400 Subject: [PATCH 1/1] Fixed the init scripts and control file. Also, imported quentin's UNCOMMITTED CODE svn path=/trunk/packages/sipb-xen-vnc-server/; revision=288 --- code/vncexternalauth.py | 41 +++++++++++++++++++-------------------- code/vncproxy.py | 10 ++++++++-- debian/control | 2 +- debian/sipb-xen-vnc-server.init | 2 +- 4 files changed, 30 insertions(+), 25 deletions(-) mode change 100644 => 100755 code/vncproxy.py diff --git a/code/vncexternalauth.py b/code/vncexternalauth.py index 9f0edec..da676d9 100644 --- a/code/vncexternalauth.py +++ b/code/vncexternalauth.py @@ -45,10 +45,11 @@ class VNCAuthOutgoing(protocol.Protocol): self.socks.transport.loseConnection() def dataReceived(self,data): + #self.socks.log(self,"R"+data) self.socks.write(data) def write(self,data): - #self.socks.log(self,data) + #self.socks.log(self,'W'+data) self.transport.write(data) @@ -65,12 +66,12 @@ class VNCAuth(protocol.Protocol): def validateToken(self, token): global TOKEN_KEY + self.auth_error = "Invalid token" try: token = base64.urlsafe_b64decode(token) token = cPickle.loads(token) m = hmac.new(TOKEN_KEY, digestmod=sha) m.update(token['data']) - self.auth_error = "Invalid token" if (m.digest() == token['digest']): data = cPickle.loads(token['data']) expires = data["expires"] @@ -81,8 +82,8 @@ class VNCAuth(protocol.Protocol): self.auth_data = data else: self.auth_error = "Token has expired; please try logging in again" - except: - self.auth = None + except (TypeError, cPickle.UnpicklingError): + self.auth = None print sys.exc_info() def dataReceived(self,data): @@ -99,7 +100,7 @@ class VNCAuth(protocol.Protocol): try: (header, data) = line.split(": ", 1) headers[header] = data - except: + except ValueError: pass if command == "AUTHTOKEN": @@ -114,24 +115,22 @@ class VNCAuth(protocol.Protocol): vmname = args[0] if ("Auth-token" in headers): token = headers["Auth-token"] - try: - self.validateToken(token) - finally: - if self.auth is not None: - port = getPort(vmname, self.auth_data) - if port is not None: # FIXME - if port is not 0: - d = self.connectClass(self.server, port, VNCAuthOutgoing, self) - d.addErrback(lambda result, self=self: self.makeReply(404, result.getErrorMessage())) - else: - self.makeReply(404, "Unable to find VNC for VM "+vmname) + self.validateToken(token) + if self.auth is not None: + port = getPort(vmname, self.auth_data) + if port is not None: # FIXME + if port != 0: + d = self.connectClass(self.server, port, VNCAuthOutgoing, self) + d.addErrback(lambda result, self=self: self.makeReply(404, result.getErrorMessage())) else: - self.makeReply(401, "Unauthorized to connect to VM "+vmname) + self.makeReply(404, "Unable to find VNC for VM "+vmname) else: - if self.auth_error: - self.makeReply(401, self.auth_error) - else: - self.makeReply(401, "Invalid token") + self.makeReply(401, "Unauthorized to connect to VM "+vmname) + else: + if self.auth_error: + self.makeReply(401, self.auth_error) + else: + self.makeReply(401, "Invalid token") else: self.makeReply(401, "Login first") else: diff --git a/code/vncproxy.py b/code/vncproxy.py old mode 100644 new mode 100755 index 06c1c79..310b8b5 --- a/code/vncproxy.py +++ b/code/vncproxy.py @@ -1,7 +1,13 @@ #! /usr/bin/python -from twisted.internet import reactor +from twisted.internet import reactor, ssl import vncexternalauth +sslContext = ssl.DefaultOpenSSLContextFactory( + 'vncproxykey.pem', + 'vncproxy.crt', +) + if '__main__' == __name__: - reactor.listenTCP(10003,vncexternalauth.VNCAuthFactory("./vncauth.log", "localhost")) + reactor.listenSSL(10003,vncexternalauth.VNCAuthFactory("./vncauth.log", "localhost"), contextFactory=sslContext) + #reactor.listenTCP(10003,vncexternalauth.VNCAuthFactory("./vncauth.log", "localhost")) reactor.run() diff --git a/debian/control b/debian/control index 3c4e51a..4f97cab 100644 --- a/debian/control +++ b/debian/control @@ -5,7 +5,7 @@ Maintainer: SIPB Xen Project Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 4.1.0), subversion Standards-Version: 3.7.2 -Package: sipb-xen-dhcp +Package: sipb-xen-vnc-server Architecture: all Depends: ${misc:Depends}, daemon, python-twisted-core, xen-utils-3.1-1 Description: Install and enable the VNC server diff --git a/debian/sipb-xen-vnc-server.init b/debian/sipb-xen-vnc-server.init index 0093148..e40e259 100644 --- a/debian/sipb-xen-vnc-server.init +++ b/debian/sipb-xen-vnc-server.init @@ -45,7 +45,7 @@ do_start() # 1 if daemon was already running # 2 if daemon could not be started daemon --running -n $NAME && return 1 - daemon -r -D "$(dirname $DAEMON)" -O daemon.info -E daemon.err -n $NAME -U $DAEMON $DAEMON_ARGS || return 2 + daemon -r -U -O daemon.info -E daemon.err -n $NAME -U $DAEMON $DAEMON_ARGS || return 2 } # -- 1.7.9.5