[Kimchi-devel] [PATCH] issue #374: Use base64 encoding to launch VM console

alinefm at linux.vnet.ibm.com alinefm at linux.vnet.ibm.com
Tue Jul 22 16:42:57 UTC 2014


From: Aline Manera <alinefm at linux.vnet.ibm.com>

websockify.py uses urlparse.parse_qs() to parse token parameter in the
console URL

/vnc_auto.html?port=64667&path=?token=issue%2B374&encrypt=1

And even encoding the VM name using encodeURIComponent() it replaces the
plus sign for a white space,

{'token': ['issue 374']}

That way websockify will never be able to find the console port based on VM
name.

To fix it, use base64 for encoding the VM name while setting up the
console configuration and accessing it using noVNC or Spice.

Signed-off-by: Aline Manera <alinefm at linux.vnet.ibm.com>
---
 src/kimchi/vnc.py       | 2 ++
 ui/js/src/kimchi.api.js | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/kimchi/vnc.py b/src/kimchi/vnc.py
index 002b950..9380e21 100644
--- a/src/kimchi/vnc.py
+++ b/src/kimchi/vnc.py
@@ -18,6 +18,7 @@
 # License along with this library; if not, write to the Free Software
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 
+import base64
 import errno
 import os
 import subprocess
@@ -53,6 +54,7 @@ def new_ws_proxy():
 
 def add_proxy_token(name, port):
     with open(os.path.join(WS_TOKENS_DIR, name), 'w') as f:
+        name = base64.urlsafe_b64encode(name)
         f.write('%s: localhost:%s' % (name.encode('utf-8'), port))
 
 
diff --git a/ui/js/src/kimchi.api.js b/ui/js/src/kimchi.api.js
index 021be63..99ac730 100644
--- a/ui/js/src/kimchi.api.js
+++ b/ui/js/src/kimchi.api.js
@@ -352,7 +352,7 @@ var kimchi = {
             }).done(function() {
                 url = 'https://' + location.hostname + ':' + proxy_port;
                 url += "/console.html?url=vnc_auto.html&port=" + proxy_port;
-                url += "&path=?token=" + encodeURIComponent(vm);
+                url += "&path=?token=" + kimchi.urlSafeB64Encode(vm);
                 url += "&kimchi=" + location.port;
                 url += '&encrypt=1';
                 window.open(url);
@@ -377,7 +377,7 @@ var kimchi = {
                 url = 'https://' + location.hostname + ':' + proxy_port;
                 url += "/console.html?url=spice.html&port=" + proxy_port;
                 url += "&listen=" + location.hostname;
-                url += "&token=" + encodeURIComponent(vm);
+                url += "&token=" + kimchi.urlSafeB64Encode(vm);
                 url += "&kimchi=" + location.port;
                 url += '&encrypt=1';
                 window.open(url);
-- 
1.9.3




More information about the Kimchi-devel mailing list