This code was removed from the generic server, so we need to add it here. cleanup follows ...
Signed-off-by: Dietmar Maurer <diet...@proxmox.com> --- PVE/HTTPServer.pm | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/PVE/HTTPServer.pm b/PVE/HTTPServer.pm index ef533fc..5ae0e97 100755 --- a/PVE/HTTPServer.pm +++ b/PVE/HTTPServer.pm @@ -34,6 +34,10 @@ sub new { sub verify_spice_connect_url { my ($self, $connect_str) = @_; + my $rpcenv = $self->{rpcenv}; + + $rpcenv->init_request(); + my ($vmid, $node, $port) = PVE::AccessControl::verify_spice_connect_url($connect_str); return ($vmid, $node, $port); @@ -46,10 +50,15 @@ sub generate_csrf_prevention_token { } sub auth_handler { - my ($self, $method, $rel_uri, $ticket, $token) = @_; + my ($self, $method, $rel_uri, $ticket, $token, $peer_host) = @_; my $rpcenv = $self->{rpcenv}; + # set environment variables + $rpcenv->set_user(undef); + $rpcenv->set_language('C'); + $rpcenv->set_client_ip($peer_host); + my $require_auth = 1; # explicitly allow some calls without auth @@ -120,6 +129,8 @@ sub rest_handler { my $rpcenv = $self->{rpcenv}; + $rpcenv->init_request(); + my $base_handler_class = $self->{base_handler_class}; die "no base handler - internal error" if !$base_handler_class; @@ -127,6 +138,7 @@ sub rest_handler { my $uri_param = {}; my ($handler, $info) = $base_handler_class->find_handler($method, $rel_uri, $uri_param); if (!$handler || !$info) { + $rpcenv->set_user(undef); # clear after request return { status => HTTP_NOT_IMPLEMENTED, message => "Method '$method $rel_uri' not implemented", @@ -135,6 +147,7 @@ sub rest_handler { foreach my $p (keys %{$params}) { if (defined($uri_param->{$p})) { + $rpcenv->set_user(undef); # clear after request return { status => HTTP_BAD_REQUEST, message => "Parameter verification failed - duplicate parameter '$p'", @@ -146,6 +159,7 @@ sub rest_handler { # check access permissions eval { $rpcenv->check_api2_permissions($info->{permissions}, $auth->{userid}, $uri_param); }; if (my $err = $@) { + $rpcenv->set_user(undef); # clear after request return &$exc_to_res($info, $err, HTTP_FORBIDDEN); } @@ -163,15 +177,18 @@ sub rest_handler { } }; if (my $err = $@) { + $rpcenv->set_user(undef); # clear after request return &$exc_to_res($info, $err); } if ($remip) { + $rpcenv->set_user(undef); # clear after request return { proxy => $remip, proxynode => $node, proxy_params => $params }; } } my $euid = $>; if ($info->{protected} && ($euid != 0)) { + $rpcenv->set_user(undef); # clear after request return { proxy => 'localhost' , proxy_params => $params } } @@ -191,9 +208,11 @@ sub rest_handler { } }; if (my $err = $@) { + $rpcenv->set_user(undef); # clear after request return &$exc_to_res($info, $err); } + $rpcenv->set_user(undef); # clear after request return $resp; } -- 2.1.4 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel