[pve-devel] [PATCH 3/3] api2 : add spice ticket

Alexandre Derumier aderumier at odiso.com
Wed Apr 10 13:08:11 CEST 2013 

fixme :
- ticket string maxlengh is 60 characters.
  encrypt it generate a too big string.

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 PVE/API2/Qemu.pm |   52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 qm               |    2 ++
 2 files changed, 54 insertions(+)

diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index ebf502a..ce298e6 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -5,6 +5,7 @@ use strict;
 use warnings;
 use Cwd 'abs_path';
 use JSON;
+use MIME::Base64;
 
 use PVE::Cluster qw (cfs_read_file cfs_write_file);;
 use PVE::SafeSyslog;
@@ -815,6 +816,57 @@ __PACKAGE__->register_method({
     }});
 
 __PACKAGE__->register_method({
+    name => 'spiceticket',
+    path => '{vmid}/spiceticket',
+    method => 'GET',
+    protected => 1,
+    permissions => {
+	check => ['perm', '/vms/{vmid}', [ 'VM.Console' ]],
+    },
+    description => "Generate spice ticket",
+    parameters => {
+	additionalProperties => 0,
+	properties => {
+	    node => get_standard_option('pve-node'),
+	    vmid => get_standard_option('pve-vmid'),
+	},
+    },
+    returns => { type => 'object' },
+    code => sub {
+	my ($param) = @_;
+
+	my $node = extract_param($param, 'node');
+
+	my $vmid = extract_param($param, 'vmid');
+
+	my $rpcenv = PVE::RPCEnvironment::get();
+
+	my $authuser = $rpcenv->get_user();
+	my $authpath = "/vms/$vmid";
+
+	my $timestamp = sprintf("%08X", time());
+
+	my $plain = "PVESPICE:$timestamp";
+
+	my $path = PVE::AccessControl::normalize_path($authpath);
+
+	my $full = "$plain:$authuser:$path";
+	#fixme : password seem to be limited to 60 characters (client? server?), encrypt with certificate generated a too long string
+	my $ticket = encode_base64($full);
+	chomp $ticket;
+
+	PVE::QemuServer::vm_mon_cmd($vmid, "expire_password", protocol => "spice", time => "+20");
+
+	PVE::QemuServer::vm_mon_cmd($vmid, "set_password", protocol => "spice", password => $ticket);
+
+	my $config = {};
+	$config->{password} = $ticket;
+
+	print to_json($config);
+	return $config;
+    }});
+
+__PACKAGE__->register_method({
     name => 'vm_config',
     path => '{vmid}/config',
     method => 'GET',
diff --git a/qm b/qm
index fb77858..d6df4dc 100755
--- a/qm
+++ b/qm
@@ -410,6 +410,8 @@ my $cmddef = {
 
     monitor  => [ __PACKAGE__, 'monitor', ['vmid']],
 
+    spiceticket => [ "PVE::API2::Qemu", 'spiceticket', ['vmid']],
+
     mtunnel => [ __PACKAGE__, 'mtunnel', []],	
 };
 
-- 
1.7.10.4

More information about the pve-devel mailing list