Signed-off-by: Anders Kaseorg <andersk@mit.edu>
from OpenSSL import SSL
import base64, pickle
import getopt, sys, os, time
from OpenSSL import SSL
import base64, pickle
import getopt, sys, os, time
self.authtoken = authtoken
self.machine = machine
self.authtoken = authtoken
self.machine = machine
+class SafeUnpickler(pickle.Unpickler):
+ def find_class(self, module, name):
+ raise pickle.UnpicklingError("globals are forbidden")
+
def main():
global verbose
try:
def main():
global verbose
try:
# Unpack authentication token
try:
# Unpack authentication token
try:
- token_inner = pickle.loads(base64.urlsafe_b64decode((authtoken.split("."))[0]))
+ token_inner = SafeUnpickler(io.BytesIO(base64.urlsafe_b64decode((authtoken.split("."))[0]))).load()
machine = token_inner["machine"]
connect_host = token_inner["connect_host"]
connect_port = token_inner["connect_port"]
machine = token_inner["machine"]
connect_host = token_inner["connect_host"]
connect_port = token_inner["connect_port"]
projects / invirt/scripts/vnc-client.git / commitdiff
