From 4e538710ad2aae224ffd0f37194f2c5b933e779c Mon Sep 17 00:00:00 2001 From: Kelven Yang Date: Fri, 12 Apr 2013 10:44:36 -0700 Subject: [PATCH] Backport fix to disable old-form of console access URL in commit fb94b72213bf96f2878b90260067f61629c6a956 --- .../com/cloud/consoleproxy/ConsoleProxy.java | 29 ++++++++++++------- .../ConsoleProxyHttpHandlerHelper.java | 19 +++++++++++- 2 files changed, 37 insertions(+), 11 deletions(-) diff --git a/console-proxy/src/com/cloud/consoleproxy/ConsoleProxy.java b/console-proxy/src/com/cloud/consoleproxy/ConsoleProxy.java index a722d8305a2..0e801fbf9cb 100644 --- a/console-proxy/src/com/cloud/consoleproxy/ConsoleProxy.java +++ b/console-proxy/src/com/cloud/consoleproxy/ConsoleProxy.java @@ -425,23 +425,32 @@ public class ConsoleProxy { synchronized (connectionMap) { ConsoleProxyClient viewer = connectionMap.get(clientKey); if (viewer == null) { + authenticationExternally(param); viewer = new ConsoleProxyVncClient(); viewer.initClient(param); connectionMap.put(clientKey, viewer); s_logger.info("Added viewer object " + viewer); reportLoadChange = true; - } else if (!viewer.isFrontEndAlive()) { - s_logger.info("The rfb thread died, reinitializing the viewer " + viewer); - viewer.initClient(param); - } else if (!param.getClientHostPassword().equals(viewer.getClientHostPassword())) { - s_logger.warn("Bad sid detected(VNC port may be reused). sid in session: " - + viewer.getClientHostPassword() + ", sid in request: " + param.getClientHostPassword()); - viewer.initClient(param); - } else { - if(ajaxSession == null || ajaxSession.isEmpty()) + } else { + // protected against malicous attack by modifying URL content + if(ajaxSession != null) { + long ajaxSessionIdFromUrl = Long.parseLong(ajaxSession); + if(ajaxSessionIdFromUrl != viewer.getAjaxSessionId()) + throw new AuthenticationException ("Cannot use the existing viewer " + + viewer + ": modified AJAX session id"); + } + + if(param.getClientHostPassword() == null || param.getClientHostPassword().isEmpty() || !param.getClientHostPassword().equals(viewer.getClientHostPassword())) + throw new AuthenticationException ("Cannot use the existing viewer " + + viewer + ": bad sid"); + + if(!viewer.isFrontEndAlive()) { authenticationExternally(param); - } + viewer.initClient(param); + reportLoadChange = true; + } + } if(reportLoadChange) { ConsoleProxyClientStatsCollector statsCollector = getStatsCollector(); diff --git a/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java b/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java index 7756d01cd7f..187647158ef 100644 --- a/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java +++ b/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java @@ -49,8 +49,11 @@ public class ConsoleProxyHttpHandlerHelper { if(map.get("token") != null) { ConsoleProxyPasswordBasedEncryptor encryptor = new ConsoleProxyPasswordBasedEncryptor( ConsoleProxy.getEncryptorPassword()); - + ConsoleProxyClientParam param = encryptor.decryptObject(ConsoleProxyClientParam.class, map.get("token")); + + // make sure we get information from token only + guardUserInput(map); if(param != null) { if(param.getClientHostAddress() != null) map.put("host", param.getClientHostAddress()); @@ -67,8 +70,22 @@ public class ConsoleProxyHttpHandlerHelper { if(param.getTicket() != null) map.put("ticket", param.getTicket()); } + } else { + // we no longer accept information from parameter other than token + guardUserInput(map); } return map; } + + private static void guardUserInput(Map map) { + map.remove("host"); + map.remove("port"); + map.remove("tag"); + map.remove("sid"); + map.remove("consoleurl"); + map.remove("sessionref"); + map.remove("ticket"); + } } +