Changeset 1388 for trunk/packages/invirt-vnc-server/python

Timestamp:

Oct 28, 2008, 8:00:19 PM (16 years ago)

Author:

broder

Message:

Generate the VNC token key at invirt-vnc-server install-time instead
of hard-coding

File:

• trunk/packages/invirt-vnc-server/python/vnc/extauth.py (modified) (2 diffs)

trunk/packages/invirt-vnc-server/python/vnc/extauth.py

@@ -19 +19 @@
 import socket
 import time
-import get_port
-
-TOKEN_KEY = "0M6W0U1IXexThi5idy8mnkqPKEq1LtEnlK/pZSn0cDrN"
+
+def getTokenKey():
+    token_key = file('/etc/invirt/secrets/vnc-key').read().strip()
+    while True:
+        yield token_key
+getTokenKey = getTokenKey().next
 
 def getPort(name, auth_data):
+    import get_port
     if (auth_data["machine"] == name):
         port = get_port.findPort(name)
@@ -63 +67 @@
 
     def validateToken(self, token):
-        global TOKEN_KEY
         self.auth_error = "Invalid token"
         try:
             token = base64.urlsafe_b64decode(token)
             token = cPickle.loads(token)
-            m = hmac.new(TOKEN_KEY, digestmod=sha)
+            m = hmac.new(getTokenKey(), digestmod=sha)
             m.update(token['data'])
             if (m.digest() == token['digest']):