To extend beyond the OpenBmc wrapped dialect of VNC,
provide mechanism for plugins to provide
arbitrary cookie, password, url, and protocols parameters.
Implement for ProxMox.
A common issue in larger layer 2 configurations is
for the neighbor table to be undersized for the number of
nodes.
Detect this manifesting and present a message.
Some kernels may bundle the NLMSG_DONE in the last
useful system call, unlike the previous norm of sending it as
a single message in a terminating system call.
302 works for iPXE, but not for more limited UEFI
http client.
If we are dealing with UefiHttpBoot, check for a header
from nginx config and use X-Accel-Redirect to induce proxy side
redirect transparent to client.
Otherwise, give an error indicating the issue with the profile
name length and incompatibility with Apache capabilities.
When trying to set a node or group attribute, evaluate
length of any potential formatting specification to keep it under
8 characters.
This should prevent even temporary expansion over 10MB for an attribute
on the way to setting it.
Some profiles may want to have a fixed boot image,
and site specific content limited to the identity payload, or at
least the TLS so it could fetch the rest over https.
If an expression causes an inordinate amount of memory to be
used, then block it from continuing.
For now, we consider that an expression that expands beyond 16k. I
am unable to conceive of a use case where someone would want to
use an expression to derive more than 16k as it stands, as we don't
carry any particularly large opaque payloads right now.
For both proxmox and vmware, properly model the 'oldstate' feature.
For proxmox, further:
- Wait for power change to actually take effect
- Change reset to a cycle, to help nodesetboot actually work correctly.
This allows users to opt into disabling setting further profile changes.
Nodes may be 'unlocked' (normal), 'autolock' (will lock on next
completion), or 'locked' (unable to change the pending OS profile)
If a nic were aliased *and* the node had attributes
for ipv6 but used host resolution for ipv4 identity,
it was possible for PXE to pick the wrong way
to respond.
Instruct netutil to specifically consider only the matching family
for the PXE/HTTP boot context
This provides nodeinventory (mac and -s most interestingly),
nodepower, nodesetboot (and by extension, nodedeploy -n),
and nodeconsole (console.method=vcenter).
localhost was added to ssh principals, but should not be used
as a candidate in syncfiles.
The syncfileclient should already be filtering this possibility,
but best to filter it everywhere that makes sense.
A node with private, unroutable addresses relative to
the deployment server may cause the deployment server
to select an unroutable address.
Address this with two strategies.
First, if any of the addresses appear local to the deployment server
networks, prefer those and filter out unroutable.
Secondly, if a node is purely remote, and thus all addresses routable,
then make all the addresses a candidate. However, since the
client can't possibly be using fe80::, we can replace the principal list
with just the clientip, provided it appears in the principal list.
If a node has not been asked to open any locally managed
video consoles before it was asked to open a peer managed console,
it would fail to start the needed vinz service.
Work around this by detecting that scenario and giving
the vinz subsystem a chance to fix itself.
The fe80:: is hopeless, try to send ipv4 just in case.
Technically speaking, the user may be using a different address
or real ipv6 and the ipv4 guess might fail, but it probably won't.
On exit, clear the terminal buffer and invalidate the session. This
avoids the web ui being very attached to a closed, dead session, and
leaking stale buffer to a reused sessionid.
For confetty, treat starting a shell session more like starting a
console session.
If an attempt to resize a dead session is attempted,
ignore failures.
