Proxmox/pve-manager
5
0
Fork 0
Code Pull Requests Releases Activity

try to detect proxy loops

Browse Source
This commit is contained in:
Dietmar Maurer 2013-07-22 09:13:41 +02:00
parent ec57444699
commit 7c02a32511
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
PVE/HTTPServer.pm
View File

@ -469,6 +469,11 @@ sub handle_api2_request {
return; return;
} }
if ($r->header('PVEDisableProxy')) {
$self->error($reqstate, HTTP_INTERNAL_SERVER_ERROR, "proxy loop detected");
return;
}
$res->{proxy_params}->{tmpfilename} = $reqstate->{tmpfilename} if $upload_state; $res->{proxy_params}->{tmpfilename} = $reqstate->{tmpfilename} if $upload_state;
$self->proxy_request($reqstate, $clientip, $res->{proxy}, $method, $self->proxy_request($reqstate, $clientip, $res->{proxy}, $method,
@ -498,6 +503,9 @@ sub handle_spice_proxy_request {
my $rpcenv = $self->{rpcenv}; my $rpcenv = $self->{rpcenv};
$rpcenv->init_request(); $rpcenv->init_request();
my $clientip = $reqstate->{peer_host};
my $r = $reqstate->{request};
my $remip; my $remip;
if ($node ne 'localhost' && $node ne PVE::INotify::nodename()) { if ($node ne 'localhost' && $node ne PVE::INotify::nodename()) {
@ -508,6 +516,11 @@ sub handle_spice_proxy_request {
print "$$: CONNECT $vmid, $node, $spiceport\n" if $self->{debug}; print "$$: CONNECT $vmid, $node, $spiceport\n" if $self->{debug};
} }
if ($r->header('PVEDisableProxy')) {
$self->error($reqstate, HTTP_INTERNAL_SERVER_ERROR, "proxy loop detected");
return;
}
$reqstate->{hdl}->timeout(0); $reqstate->{hdl}->timeout(0);
$reqstate->{hdl}->wbuf_max(64*10*1024); $reqstate->{hdl}->wbuf_max(64*10*1024);
@ -584,7 +597,10 @@ sub handle_spice_proxy_request {
"Host: ${connect_str}\015\012" . "Host: ${connect_str}\015\012" .
"Proxy-Connection: keep-alive\015\012" . "Proxy-Connection: keep-alive\015\012" .
"User-Agent: spiceproxy\015\012" . "User-Agent: spiceproxy\015\012" .
"PVEDisableProxy: true\015\012" .
"PVEClientIP: $clientip\015\012" .
"\015\012"; "\015\012";
$reqstate->{proxyhdl}->push_write($header); $reqstate->{proxyhdl}->push_write($header);
$reqstate->{proxyhdl}->push_read(line => sub { $reqstate->{proxyhdl}->push_read(line => sub {
my ($hdl, $line) = @_; my ($hdl, $line) = @_;