lxd: Use auth method instead of devlxdRemoteAddress

Signed-off-by: hamistao <[email protected]>
canonical · Sep 10, 2024 · 9b6d519 · 9b6d519
1 parent 4009564
commit 9b6d519
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/lxd/daemon.go b/lxd/daemon.go
@@ -388,7 +388,8 @@ func (d *Daemon) Authenticate(w http.ResponseWriter, r *http.Request) (trusted b
 	}
 
 	// Devlxd unix socket credentials on main API.
-	if r.RemoteAddr == devlxdRemoteAddress {
+	authMethod, _ := auth.GetAuthenticationMethodFromCtx(r.Context())
+	if authMethod == api.AuthenticationMethodDevLxd {
 		return false, "", "", nil, fmt.Errorf("Main API query can't come from /dev/lxd socket")
 	}
 

diff --git a/lxd/images.go b/lxd/images.go
@@ -4107,7 +4107,10 @@ func imageExport(d *Daemon, r *http.Request) response.Response {
 		return response.SmartError(err)
 	}
 
-	isDevLXDQuery := r.RemoteAddr == devlxdRemoteAddress
+	// Verify the auth method in the request context to determine if the request comes from the /dev/lxd socket.
+	authMethod, _ := auth.GetAuthenticationMethodFromCtx(r.Context())
+	isDevLXDQuery := authMethod == api.AuthenticationMethodDevLxd
+
 	secret := r.FormValue("secret")
 	trusted := auth.IsTrusted(r.Context())