pve-manager

Author	SHA1	Message	Date
Dietmar Maurer	13104c9cc1	HTTPServer.pm: call $rpcenv-init() when necessary. This code was removed from the generic server, so we need to add it here. cleanup follows ... Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2017-01-16 11:54:34 +01:00
Dietmar Maurer	54041bfd2e	use new libpve-http-server-perl package Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2017-01-16 11:54:33 +01:00
Dietmar Maurer	fd9b476f67	HTTPServer.pm: factor out code which refers to PVE::Cluster This will make it easier to move HTTPServer to a separate package. Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2017-01-12 13:07:00 +01:00
Fabian Grünbichler	2d4ef92c06	HTTPServer.pm: make split_abs_uri() private and rename baseuri to base_uri to be consistent Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>	2017-01-12 11:55:54 +01:00
Dietmar Maurer	06edb1ff6e	HTTPServer.pm: improve baseuri matching Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2017-01-12 11:53:19 +01:00
Dietmar Maurer	26432e4241	PVE/API2/Formatter/HTML.pm: avoid use of PVE::REST Instead, pass the HTTP server as last argument to the page formater, so that we can call $server->create_auth_cookie(). Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2017-01-12 11:53:18 +01:00
Dietmar Maurer	c519ed2c40	HTTPServer.pm: add missing 'use' statements Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2017-01-12 11:53:18 +01:00
Dietmar Maurer	c1deace216	HTTPServer.pm: add rest_handler method copied from PVE::REST. We do not need that class anymore. Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2017-01-12 11:53:18 +01:00
Dietmar Maurer	372fb803e5	HTTPServer.pm: allow to set baseuri when creating the class Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2017-01-12 11:53:18 +01:00
Dietmar Maurer	72cbb6ad32	HTTPServer.pm: add auth_handler copied from PVE::REST (slightly adopted) Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2017-01-12 11:53:18 +01:00
Dietmar Maurer	ce54c9c867	HTTPServer.pm: add cookie handling methods Copied from PVE::REST (I want to get rid of this PVE::REST class). Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2017-01-12 11:53:18 +01:00
Dietmar Maurer	58b12d605d	use certificate cache from PVE::Cluster package	2016-11-25 08:54:46 +01:00
Fabian Grünbichler	d23ff9baf8	fix SSL verify callback for certificate chains ignoring parts of the chain means saying they are verified, because the verify callback results are chained together starting with the highest depth.	2016-11-23 08:33:32 +01:00
Fabian Grünbichler	333dd203d5	enable certificate pinning for proxied requests when forwarding an API request to the responsible node, only accept the certificate that this node should have according to the contents of the cluster file system. to limit performance issues, cache certificate fingerprint on first request for each node, and only regenerate cache (at most once per minute) if the actual encountered fingerprint does not match or every 30 minutes (to clear out old entries).	2016-11-17 15:55:17 +01:00
Fabian Grünbichler	b92cdcc9d3	pass proxied to node to proxy_request in addition to proxied to IP	2016-11-17 15:52:53 +01:00
Jos Ewert	da356293f7	Add ECDH curves to use with modern ciphers This patch adds curves to use with TLS_ECDHE_* ciphers They will automatically be used be the proxy as they are in the HIGH ciphersuite. This patch uses the prime256v1 curve, which should be supported by most clients. openssl 1.0.1 only supports a single curve. This also forces the use of new DHE and ECDHE keys on every handshake. This does not seem to have an impact on performance. Signed-Off-By: Jos Ewert flami@flami.net	2016-11-08 09:32:40 +01:00
Dietmar Maurer	695d4ccdf5	simplify/optimize code	2016-05-25 09:59:25 +02:00
Dietmar Maurer	2fddd335d6	depend on pve-docs package and serve documentation files with pveproxy: https://<HOST>:8006/pve-docs/index.html	2016-05-25 09:41:46 +02:00
Dietmar Maurer	4bb0f337e8	fix bug #575 : fork at shutdown, so that partent starts new worker	2016-01-22 11:24:12 +01:00
Emmanuel Kasper	85cd68aae5	Add mime type for woff2 fonts, also update mime type for ttf fonts application/font-woff2 is still in discussion but works in main three browsers This is needed for ExtJS6, which includes some woff2 fonts ttf font mime type is taken from the official IANA assignment, and works as well in main three browsers	2016-01-22 11:24:11 +01:00
Wolfgang Bumiller	a01ed43d99	localhost instead of 127.0.0.1 makes ipv6 life easier	2015-05-27 08:28:51 +02:00
Wolfgang Bumiller	648dcda954	enclose ipv6 hosts in brackets in proxy_request()	2015-05-21 17:32:12 +02:00
Wolfgang Bumiller	101c2b86bd	HTTPServer.pm: accept ip6 connections	2015-05-08 12:43:14 +02:00
Dietmar Maurer	7a481ffc57	websocket_proxy: correctly close connection	2015-01-02 09:20:09 +01:00
Dietmar Maurer	f0ab98b1d1	HTTPServer:: mark process in shutdown phase So that we can see what workers already closed the socket.	2015-01-02 08:54:16 +01:00
Dietmar Maurer	5afee956c5	HTTPServer: add support for font files (content types)	2014-08-01 06:22:53 +02:00
Dietmar Maurer	23fb932c76	use case insensitive match for websocket upgrade (make it work with IE)	2014-06-25 13:25:02 +02:00
Dietmar Maurer	ab70e2abc7	do not call uri_unescape on whole url - only on path Because parameters are decoded with extract_params().	2014-06-24 16:01:54 +02:00
Dietmar Maurer	2a0e522a12	HTTPServer: implement websockets We can avoid wss ceritificate errors this way (wsproxy.py throw certificate errors with firefox).	2014-06-18 12:08:21 +02:00
Dietmar Maurer	a53e2d0ade	HTTPServer: set content type for .html files	2014-06-13 11:25:52 +02:00
Dietmar Maurer	3d84ba73bb	new html formatter PVE::API2::Formatter::HTML This one provides a login page and uses bootstrap for html.	2014-05-02 11:36:11 +02:00
Dietmar Maurer	f7b7f85c2d	fix typo	2014-05-02 07:10:29 +02:00
Dietmar Maurer	27d5f5ea75	move formater registration to HTTPServer	2014-05-02 07:03:12 +02:00
Dietmar Maurer	23e0c0ba4d	add generic formater support	2014-04-30 15:28:30 +02:00
Dietmar Maurer	9bbf4e4ba5	allow to return HTTP::Response object from format_response_data() A formater can generate HTTP redirect now.	2014-04-30 09:30:36 +02:00
Dietmar Maurer	2c72404ea4	HTTPServer: correctly unescape url	2014-04-30 08:42:50 +02:00
Dietmar Maurer	fa239655a0	introduce base_handler_class To make the framework more generic. The final plan is to move the generic server code to package pve-common. Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2014-04-30 08:31:14 +02:00
Dietmar Maurer	9819bdc4db	remove unused code Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>	2014-04-30 08:28:49 +02:00
Dietmar Maurer	76cef29b27	bump version to 3.1-44, re-add spiceconfig support	2014-02-24 12:51:07 +01:00
Dietmar Maurer	97da464628	remove spiceconfig format	2013-12-11 08:38:22 +01:00
Dietmar Maurer	c65335439f	allow to use vmid 0 in spice tickets VMID 0 will be used by spiceterm for task that run on the host.	2013-12-10 06:08:25 +01:00
Dietmar Maurer	831b2a1afd	delay UNAUTHORIZED response to avoid DOS attack	2013-11-18 11:19:27 +01:00
Dietmar Maurer	675bc27474	spice: ignore the case of the characters in hostname match	2013-10-28 08:07:00 +01:00
Dietmar Maurer	c7ec89a4ba	disable SSL compression To avoid CRIME attacks: http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29 http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29http://en.wikipedia.org/wiki/CRIME_%28security_exploit%29# with '#' will be ignored, and an empty message aborts the commit.	2013-09-17 07:13:20 +02:00
Dietmar Maurer	dd28cbbd1b	add favicon.ico	2013-08-16 13:06:32 +02:00
Dietmar Maurer	32e64173a1	fix proxy loop assertion for spiceproxy	2013-07-24 12:42:30 +02:00
Dietmar Maurer	c3e0b952d4	log handle_spice_proxy_request() errors to syslog	2013-07-24 12:40:46 +02:00
Dietmar Maurer	42d8780f13	fix proxy loop assertion	2013-07-23 08:34:56 +02:00
Alexandre Derumier	2164733ed7	spiceproxy : allow only spice port range Signed-off-by: Alexandre Derumier <aderumier@odiso.com>	2013-07-22 13:04:16 +02:00
Dietmar Maurer	7c02a32511	try to detect proxy loops	2013-07-22 09:13:41 +02:00

1 2

81 Commits