Otherwise we might misinterpret trailing binary data as a second
HTTP request. This happens when we return from the handler with
data still queued up in the socket.
The TCP_KEEPCNT option for sockets only work with the Linux kernel,
this isn't available for example in FreeBSD and Hurd, which makes the
package fail to build on these platforms. See Debian bug here:
https://bugs.debian.org/840035
Child processes were not terminated when the parent websockify
was killed.
This commit makes websockify send a SIGTERM to all active children
when the parent process is terminated.
Fixes#138
This commit adds support to unix sockets in the token plugin, thus it is
possible to have a token files like:
token: unix_socket:/path/to/socket_file
A single websockify instance will be able to handle multiple sockets.
Signed-off-by: Jose Ricardo Ziviani <jose@ziviani.net>
Openstack nova novnc-proxy services uses websockify to provide support
for nova vms using novnc proxy. At present, novnc hangs every couple of
weeks. It only resumes post restart of the novnc-proxy which is not
good. Hence, this code in websockify is updated to get rid of additional
signal calls to avoid novnc going in hang state even though process is
running. Basically, we are getting rid of existing msg and vmsg calls in
the websocket.py. This is kind of quick fix but we will need an
additional way of figuring out the logging to make it easy to trace in
case of any further failures in future.
closes bug: https://github.com/kanaka/noVNC/issues/556
Previously exc was set only when an exception occurs in the inner
try (the one contains call to self.poll), so an error in the other
part causes an UnboundLocalError.
Closes#178
This commit reworks auth plugins slightly to enable
support for HTTP authentication. By raising an
AuthenticationError, auth plugins can now return
HTTP responses to the upgrade request (such as 401).
Related to kanaka/noVNC#522
This commit introduces strict mode, which is on by default. Currently
strict mode only enforces client-to-server frame masking. However,
in the future, it might enforce other parts of the RFC as well.
Closes#164
Previously, we just passed the values of '--*-plugin' and
'--*-source' directly to `LibProxyServer` and `WebSocketProxy`,
which handled turning that into an instance of the plugin class.
Now, that's done in main, and the classes receive an instance
directly.
Auth plugins provide a generic interface for authenticating requests.
The plugin name is specified using the '--auth-plugin' option, and
may either be the name of a class from `websockify.auth_plugins`,
or a fully qualified python path to the auth plugin class (see below).
An optional plugin parameter can be specified using the '--auth-source'
option (a value of `None` will be used if no '--auth-source' option is
specified).
Auth plugins should inherit from `websockify.auth_plugins.BasePlugin`,
and should implement the `authenticate(headers, target_host, target_port)`
method. The value of the '--auth-source' option is available as
`self.source`.
One plugin is currently included: `ExpectOrigin`. The `ExpectOrigin`
plugin checks that the 'Origin' header is an expected value. The list
of acceptable origins is passed using the plugin source, as a
space-separated list.
There was a bug in WebSocketServer that prevented the `file_only`
parameter from actually being set as an instance property, causing
directory listings to appear even with `file_only=True`. This
commit fixes that.
See-Also: https://bugs.launchpad.net/nova/+bug/1447675
Previously, if no `target_cfg` flag was used, the `target_cfg` option
would not get removed from the opts dict, causing an error when it got
passed through to `WebSocketProxy`. Now we always remove it.
Fixes#168.
Token plugins provide a generic interface for transforming a token
into a `(host, port)` tuple.
The plugin name is specified using the '--token-plugin' option,
and may either be the name of a class from `websockify.token_plugins`,
or a fully qualified python path to the token plugin class (see below).
An optional plugin parameter can be specified using the '--token-source'
option (a value of `None` will be used if no '--token-source' option is
passed).
Token plugins should inherit from `websockify.token_plugins.BasePlugin`,
and should implement the `lookup(token)` method. The value of the
'--token-source' option is available as `self.source`.
Several plugins are included by default. The `ReadOnlyTokenFile`
and `TokenFile` plugins implement functionality from '--target-config'
(with the former only reading the file(s) once, and the latter reading
them every time). The 'BaseTokenAPI' plugin fetches the value from
an API, returning the result of `process_result(response_object)`.
By default, `process_result` simply returns the text of the response,
but may be overriden. The `JSONTokenAPI` does just this, returning
the 'host' and 'port' values from the response JSON object.
The old '--target-config' option is now deprecated, and maps to the
`TokenFile` plugin under the hood.
Also-Authored-By: James Portman (@james-portman)
Closes#157
* commit '477dce6cf86d61b20a394f3cbf3170e60d199658':
websocket: use python logging module
websocket: fix exception statement introduced by comment 903e3f06ee557
Adapted to new standard SocketServer RequestHandler design. For
example, this means that self.i_am_client is not needed.