From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 514CC71087 for ; Mon, 17 May 2021 15:08:11 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 40B8A2C0C7 for ; Mon, 17 May 2021 15:07:41 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 1CCB22C0AF for ; Mon, 17 May 2021 15:07:36 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id E64CF465BB for ; Mon, 17 May 2021 15:07:35 +0200 (CEST) From: Dominik Csapak To: pve-devel@lists.proxmox.com Date: Mon, 17 May 2021 15:07:35 +0200 Message-Id: <20210517130735.17568-3-d.csapak@proxmox.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210517130735.17568-1-d.csapak@proxmox.com> References: <20210517130735.17568-1-d.csapak@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.016 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH http-server 2/2] AnyEvent/websocket_proxy: drop handling of websocket subprotocols X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 May 2021 13:08:11 -0000 We do not support any, and we only ever send binary frames, so drop trying to parse the header. For compatibility with current clients (novnc, pve-xtermjs), we have to reply with the protocols it sent. Signed-off-by: Dominik Csapak --- src/PVE/APIServer/AnyEvent.pm | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/src/PVE/APIServer/AnyEvent.pm b/src/PVE/APIServer/AnyEvent.pm index a7d31cc..6f0abb7 100644 --- a/src/PVE/APIServer/AnyEvent.pm +++ b/src/PVE/APIServer/AnyEvent.pm @@ -650,11 +650,13 @@ sub websocket_proxy { # todo: use stop_read/start_read if write buffer grows to much + # for backwards, compatibility, we have to reply with the websocket + # subprotocol from the request my $res = "$proto 101 Switching Protocols\015\012" . "Upgrade: websocket\015\012" . "Connection: upgrade\015\012" . "Sec-WebSocket-Accept: $wsaccept\015\012" . - "Sec-WebSocket-Protocol: $wsproto\015\012" . + ($wsproto ne "" ? "Sec-WebSocket-Protocol: $wsproto\015\012" : "") . "\015\012"; $self->dprint($res); @@ -902,14 +904,7 @@ sub handle_api2_request { die "unable to upgrade to protocol '$upgrade'\n" if !$upgrade || ($upgrade ne 'websocket'); my $wsver = $r->header('sec-websocket-version'); die "unsupported websocket-version '$wsver'\n" if !$wsver || ($wsver ne '13'); - my $wsproto_str = $r->header('sec-websocket-protocol'); - die "missing websocket-protocol header" if !$wsproto_str; - my $wsproto; - foreach my $p (PVE::Tools::split_list($wsproto_str)) { - $wsproto = $p if !$wsproto && $p eq 'base64'; - $wsproto = $p if $p eq 'binary'; - } - die "unsupported websocket-protocol protocol '$wsproto_str'\n" if !$wsproto; + my $wsproto = $r->header('sec-websocket-protocol') // ""; my $wskey = $r->header('sec-websocket-key'); die "missing websocket-key\n" if !$wskey; # Note: Digest::SHA::sha1_base64 has wrong padding -- 2.20.1