Merge branch 'main' into develop

etc/xml/windows_11.xml

@@ -23,7 +23,7 @@
     <vmport state='off'/>
     <smm state='on'/>
   </features>
-  <cpu mode='host-model' check='partial'>
+  <cpu mode='custom' check='partial'>
     <topology sockets='1' cores='2' threads='2'/>
   </cpu>
   <clock offset='localtime'>

lib/Ravada.pm

@@ -494,7 +494,8 @@ sub _update_isos {
         ,file_re => 'alpine-standard-3.16.*-x86_64.iso'
         ,sha256_url => '$url/alpine-standard-3.16.*.iso.sha256'
             ,min_disk_size => '2'
-            ,options => { machine => 'pc-q35', bios => 'UEFI' }
+            ,options => { machine => 'pc-q35', bios => 'UEFI'
+            }
         }
         ,alpine381_32 => {
             name => 'Alpine 3.16 32 bits'
@@ -866,7 +867,9 @@ sub _update_isos {
           ,min_ram => 4
           ,arch => 'x86_64'
           ,extra_iso => 'https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/archive-virtio/virtio-win-0.1.2\d+-\d+/virtio-win-0.1.2\d+.iso'
-            ,options => { machine => 'pc-q35', bios => 'UEFI' }
+            ,options => { machine => 'pc-q35', bios => 'UEFI'
+                ,hardware => { cpu => { cpu => { topology => { threads => 2, cores => 2}}}}
+            }
         }
        ,empty_32bits => {
           name => 'Empty Machine 32 bits'
@@ -5157,6 +5160,51 @@ sub _cmd_reboot {
 
 }
 
+sub _cmd_shutdown_start($self, $request) {
+    my $uid = $request->args('uid');
+    my $id_domain = $request->args('id_domain');
+    my $id_vm = $request->defined_arg('id_vm');
+
+    my $domain;
+    if ($id_vm) {
+        my $vm = Ravada::VM->open($id_vm);
+        $domain = $vm->search_domain_by_id($id_domain);
+    } else {
+        $domain = $self->search_domain_by_id($id_domain);
+    }
+    die "Unknown domain '$id_domain'\n" if !$domain;
+
+    my $user = Ravada::Auth::SQL->search_by_id( $uid);
+
+    die "USER $uid not authorized to restart machine ".$domain->name
+    unless $domain->_data('id_owner') ==  $user->id || $user->is_operator;
+
+    my $timeout = ($request->defined_arg('timeout') or $domain->_timeout_shutdown() or 60);
+
+    for my $try ( 0 .. 1 ) {
+        $domain->shutdown(timeout => $timeout, user => $user
+                    , request => $request);
+
+        for ( 0 .. $timeout+1 ) {
+            last if !$domain->is_active;
+            sleep 1;
+        }
+        last if !$domain->is_active;
+    }
+
+    my $req_shutdown = Ravada::Request->force_shutdown_domain(
+        uid => $user->id
+        ,id_domain => $domain->id
+        ,after_request => $request->id
+    );
+
+    Ravada::Request->start_domain(
+        uid => $user->id
+        ,id_domain => $domain->id
+        ,after_request => $req_shutdown->id
+    );
+}
+
 sub _cmd_force_reboot {
     my $self = shift;
     my $request = shift;
@@ -6098,6 +6146,7 @@ sub _req_method {
 ,enforce_limits => \&_cmd_enforce_limits
 ,force_shutdown => \&_cmd_force_shutdown
 ,force_reboot   => \&_cmd_force_reboot
+,shutdown_start => \&_cmd_shutdown_start
         ,rebase => \&_cmd_rebase
 
 ,refresh_storage => \&_cmd_refresh_storage
@@ -6468,6 +6517,8 @@ sub _cmd_close_exposed_ports($self, $request) {
     my $user = Ravada::Auth::SQL->search_by_id( $uid ) or die "Error: user $uid not found";
 
     my $domain = Ravada::Domain->open($request->id_domain);
+    return if !$domain;
+
     die "Error: user ".$user->name." not authorized to delete iptables rule"
     unless $user->is_admin || $domain->_data('id_owner') == $uid;
 

lib/Ravada/Auth.pm

@@ -6,6 +6,7 @@ use strict;
 our $LDAP_OK;
 our $SSO_OK;
 
+use Data::Dumper;
 use Ravada::Auth::SQL;
 
 =head1 NAME

lib/Ravada/Auth/SSO.pm

@@ -72,6 +72,7 @@ sub _get_session_userid_by_ticket
     my ($cookie) = @_;
     my $result;
     die 'Can\'t read pubkey file (sso->cookie->pub_key value at ravada.conf file)' if (! -r $$CONFIG->{sso}->{cookie}->{pub_key});
+
     eval { $result = Authen::ModAuthPubTkt::pubtkt_verify(publickey => $$CONFIG->{sso}->{cookie}->{pub_key}, keytype => $$CONFIG->{sso}->{cookie}->{type}, ticket => $cookie); };
     die $@ ? $@ : 'Cannot validate ticket' if ((! $result) || ($@));
     my %data = Authen::ModAuthPubTkt::pubtkt_parse($cookie);
@@ -123,6 +124,11 @@ sub init {
                 return 0;
             }
         }
+        if (!$$CONFIG->{sso}->{cookie}->{type}) {
+            $ERR = "Error: missing sso / cookie / type in config file\n";
+            warn $ERR unless $warn++;
+            return 0;
+        }
         for my $field (qw(priv_key pub_key)) {
             if ( !exists $$CONFIG->{sso}->{cookie}->{$field}
             || ! $$CONFIG->{sso}->{cookie}->{$field}) {

lib/Ravada/Domain.pm

@@ -303,6 +303,8 @@ sub _around_start($orig, $self, @arg) {
 
     $self->_start_preconditions(@arg);
 
+    $self->_pre_start_internal();
+
     $self->_data( 'post_shutdown' => 0);
     $self->_data( 'post_hibernated' => 0);
 
@@ -702,7 +704,9 @@ sub _around_add_volume {
         ($name) = $file =~ m{.*/(.*)} if !$name && $file;
         $name = $self->name if !$name;
 
-        $name .= "-".$args{target}."-".Ravada::Utils::random_name(4);
+        $name .= "-".$args{target}."-".Ravada::Utils::random_name(4)
+        if $name !~ /\.iso$/;
+
         $args{name} = $name;
     }
 
@@ -715,10 +719,12 @@ sub _around_add_volume {
     $args{allocation} = Ravada::Utils::size_to_number($args{allocation})
         if exists $args{allocation} && defined $args{allocation};
 
-    my $free = $self->_vm->free_disk();
+    my $storage = $args{storage};
+
+    my $free = $self->_vm->free_disk($storage);
     my $free_out = int($free / 1024 / 1024 / 1024 ) * 1024 *1024 *1024;
 
-    confess "Error creating volume, out of space $size . Disk free: "
+    die "Error creating volume, out of space $size . Disk free: "
             .Ravada::Utils::number_to_size($free_out)
             ."\n"
         if exists $args{size} && $args{size} && $args{size} >= $free;
@@ -1661,6 +1667,10 @@ sub _data($self, $field, $value=undef, $table='domains') {
 
 sub _data_extra($self, $field, $value=undef) {
     $self->_insert_db_extra()   if !$self->is_known_extra();
+    if (defined $value) {
+        my $old = $self->_data_extra($field);
+        return if defined $old && $old eq $value;
+    }
     return $self->_data($field, $value, "domains_".lc($self->type));
 }
 
@@ -1941,9 +1951,6 @@ sub display($self, $user) {
 
     my ($display_info) = grep { $_->{driver} !~ /-tls$/ } @display_info;
 
-    confess "Error: I can't find builtin display info for ".$self->name." ".ref($self)."\n".Dumper($display_info)
-    if !exists $display_info->{port};
-
     return '' if !$display_info->{driver} || !$display_info->{ip}
     || !$display_info->{port};
 
@@ -3042,9 +3049,17 @@ sub _remove_start_requests($self) {
     }
 }
 
+# it may be superceeded in child class
+sub _post_shutdown_internal {}
+
+# it may be superceeded in child class
+sub _pre_start_internal {}
+
 sub _post_shutdown {
     my $self = shift;
 
+    $self->_post_shutdown_internal();
+
     my %arg = @_;
     my $timeout = delete $arg{timeout};
     if (!defined $timeout) {
@@ -4023,7 +4038,7 @@ sub _post_resume {
     return $self->_post_start(@_);
 }
 
-sub _timeout_shutdown($self, $value) {
+sub _timeout_shutdown($self, $value=undef) {
     $TIMEOUT_SHUTDOWN = $value if defined $value;
     return $TIMEOUT_SHUTDOWN;
 }
@@ -4519,6 +4534,7 @@ Check if the domain has swap volumes defined, and clean them
 
 sub clean_swap_volumes {
     my $self = shift;
+    return if $self->is_active();
     for my $vol ( $self->list_volumes_info) {
         confess if !$vol->domain;
         if ($vol->file && $vol->file =~ /\.SWAP\.\w+$/) {
@@ -5667,6 +5683,7 @@ hardware change can be applied.
 =cut
 
 sub needs_restart($self, $value=undef) {
+    return $self->_data('needs_restart') if !defined $value;
     return $self->_data('needs_restart',$value);
 }
 
@@ -5690,7 +5707,7 @@ sub _post_change_hardware($self, $hardware, $index, $data=undef) {
     }
     $self->info(Ravada::Utils->user_daemon) if $self->is_known();
 
-    $self->needs_restart(1) if $self->is_known && $self->_data('status') eq 'active' && $hardware ne 'memory';
+    $self->needs_restart(1) if $self->is_known && $self->_data('status') eq 'active' && $hardware ne 'memory' && $hardware !~ /cpu/;
     $self->post_prepare_base() if $self->is_base();
 }