Ignore:
Timestamp:
Oct 28, 2008, 8:00:19 PM (15 years ago)
Author:
broder
Message:

Generate the VNC token key at invirt-vnc-server install-time instead
of hard-coding

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/packages/invirt-vnc-server/python/vnc/extauth.py

    r1386 r1388  
    1919import socket
    2020import time
    21 import get_port
    22 
    23 TOKEN_KEY = "0M6W0U1IXexThi5idy8mnkqPKEq1LtEnlK/pZSn0cDrN"
     21
     22def getTokenKey():
     23    token_key = file('/etc/invirt/secrets/vnc-key').read().strip()
     24    while True:
     25        yield token_key
     26getTokenKey = getTokenKey().next
    2427
    2528def getPort(name, auth_data):
     29    import get_port
    2630    if (auth_data["machine"] == name):
    2731        port = get_port.findPort(name)
     
    6367
    6468    def validateToken(self, token):
    65         global TOKEN_KEY
    6669        self.auth_error = "Invalid token"
    6770        try:
    6871            token = base64.urlsafe_b64decode(token)
    6972            token = cPickle.loads(token)
    70             m = hmac.new(TOKEN_KEY, digestmod=sha)
     73            m = hmac.new(getTokenKey(), digestmod=sha)
    7174            m.update(token['data'])
    7275            if (m.digest() == token['digest']):
Note: See TracChangeset for help on using the changeset viewer.