Merge Feature/limit vnc console sessions to master #6820
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This change introduces a new pool-level parameter that restricts VNC console access to a single active session per VM/host. This prevents multiple users from simultaneously connecting to the same VM console, preventing one user 'watching' another user operating a session. When the `limit_console_sessions` is true. - Enforced a single active VNC console connection per VM/host - Disable connection to websocket Signed-off-by: Stephen Cheng <[email protected]>
…6660) This change introduces a new pool-level parameter that restricts VNC console access to a single active session per VM/host. This prevents multiple users from simultaneously connecting to the same VM console, preventing one user 'watching' another user operating a session. When the `limit_console_sessions` is true. - Enforced a single active VNC console connection per VM/host - Disable connection to websocket
The field sets the maximum time (in seconds) that a VM's console can be idle before it is automatically disconnected. The default value 0 means never timeout. This setting applies only to VM consoles; for host consoles, use the separate parameter 'host.console_idle_timeout'. Signed-off-by: Stephen Cheng <[email protected]>
The parser only parses the message types for client-to-server messsages, aiming to identify message types from clients. Signed-off-by: Stephen Cheng <[email protected]>
This commit adds idle timeout feature for vnc console connections. Key changes: - Add idle timeout detection by monitoring RFB keyEvent and pointerEvent. - Add callback function to `proxy` to parse the RFB messages and determine if the connection is idle or not. Signed-off-by: Stephen Cheng <[email protected]>
This commit adds idle timeout feature for vnc console connections. Key changes: - Add idle timeout detection by monitoring RFB keyEvent and pointerEvent. - Add callback function to `proxy` to parse the RFB messages and determine if the connection is idle or not.
Add detailed reason in http response when console connection limits are exceeded. Signed-off-by: Stephen Cheng <[email protected]>
Fix conflicts Signed-off-by: Stephen Cheng <[email protected]>
When a VNC console connection is rejected due to the session limit, users want to know which user(s) are currently connected. However, displaying usernames in HTTP error responses may raise privacy concerns in some deployments, so also add a configure to enable/disable the display of the usernames. The main changes are: 1. To contain the active users in the response message, changed the active_connections to record the existing users and use the unique session id to identify them in case multiple connections have the same user name. 2. Use Http_svr.escape to escape html special characters 3. Added `include_console_username_in_error` to enable/disable the display of user names Signed-off-by: Stephen Cheng <[email protected]>
Signed-off-by: Stephen Cheng <[email protected]>
Signed-off-by: Stephen Cheng <[email protected]>
Sync feature branch with master. No code changed. ``` $ git show 27199eb commit 27199eb (HEAD -> private/stephenche/vnc_sync_260107, mygit/private/stephenche/vnc_sync_260107, bb/private/stephenche/vnc_sync_260107) Merge: 8c88947 19f2398 Author: Stephen Cheng <[email protected]> Date: Wed Jan 7 09:56:17 2026 +0800 Merge branch 'master' into private/stephenche/vnc_sync_260107 Signed-off-by: Stephen Cheng <[email protected]> diff --cc ocaml/idl/schematest.ml index 7dc03c9,e0658e78a..a90bf86 --- a/ocaml/idl/schematest.ml +++ b/ocaml/idl/schematest.ml @@@ -3,7 -3,7 +3,7 @@@ let hash x = Digest.string x |> Digest. (* BEWARE: if this changes, check that schema has been bumped accordingly in ocaml/idl/datamodel_common.ml, usually schema_minor_vsn *) - let last_known_schema_hash = "9e085767a7a70fb84747776c4d6cc663" -let last_known_schema_hash = "d8cb04ccddfd91ca3f0f9074dcf7c219" ++let last_known_schema_hash = "a01358e3ff5f42d5aee162e995d2ec05" let current_schema_hash : string = let open Datamodel_types in ```
lindig
approved these changes
Jan 7, 2026
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
232227 Ring3 BST test passed (One failed case is a known issue)
QA test reports is done