From 9968426f01eca2ac86545187955d7a6098314c58 Mon Sep 17 00:00:00 2001 From: Dietmar Maurer Date: Thu, 6 Apr 2017 07:17:55 +0200 Subject: [PATCH 1/1] PMG/HTTPServer.pm: add safety check for master node We want to verify that we are on the master node. --- PMG/HTTPServer.pm | 9 +++++++-- PMG/RESTEnvironment.pm | 16 ++++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/PMG/HTTPServer.pm b/PMG/HTTPServer.pm index ed28491..26a2015 100755 --- a/PMG/HTTPServer.pm +++ b/PMG/HTTPServer.pm @@ -112,8 +112,7 @@ sub rest_handler { # check access permissions PMG::AccessControl::check_api2_permissions($info->{permissions}, $auth->{userid}); - if ($info->{proxyto}) { - my $pn = $info->{proxyto}; + if (my $pn = $info->{proxyto}) { my $node; if ($pn eq 'master') { @@ -137,6 +136,12 @@ sub rest_handler { return; } + if (my $pn = $info->{proxyto}) { + if ($pn eq 'master') { + $rpcenv->check_node_is_master(); + } + } + $resp = { data => $handler->handle($info, $uri_param), info => $info, # useful to format output diff --git a/PMG/RESTEnvironment.pm b/PMG/RESTEnvironment.pm index cde486d..b25d62a 100644 --- a/PMG/RESTEnvironment.pm +++ b/PMG/RESTEnvironment.pm @@ -3,12 +3,16 @@ package PMG::RESTEnvironment; use strict; use warnings; +use PVE::INotify; use PVE::RESTEnvironment; +use PMG::Cluster; use PMG::ClusterConfig; use base qw(PVE::RESTEnvironment); +my $nodename = PVE::INotify::nodename(); + # initialize environment - must be called once at program startup sub init { my ($class, $type, %params) = @_; @@ -31,4 +35,16 @@ sub init_request { $self->{cinfo} = PVE::INotify::read_file("cluster.conf"); } +sub check_node_is_master { + my ($self, $noerr); + + my $master = PMG::Cluster::get_master_node($self->{cinfo}); + + return 1 if $master eq 'localhost' || $master eq $nodename; + + return undef if $noerr; + + die "this node ('$nodename') is not the master node\n"; +} + 1; -- 2.39.5