[X2Go-Commits] python-x2go.git - master (branch) updated: 0.4.0.8-4-g8a48422

X2Go dev team git-admin at x2go.org
Tue Sep 3 10:23:06 CEST 2013


The branch, master has been updated
       via  8a48422fa568620d612901dcd064275122b794e0 (commit)
      from  c69719a3dd52d73fc18d48805b8fa3451d2b9212 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 8a48422fa568620d612901dcd064275122b794e0
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Tue Sep 3 10:22:54 2013 +0200

    Support encryption passphrases on SSH private key files.

-----------------------------------------------------------------------

Summary of changes:
 debian/changelog                 |    1 +
 x2go/backends/control/_stdout.py |   55 +++++++++++++++++++++++++++++++-------
 2 files changed, 46 insertions(+), 10 deletions(-)

The diff of changes is:
diff --git a/debian/changelog b/debian/changelog
index 0d84279..6dfa5f8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,7 @@ python-x2go (0.4.0.9-0~x2go1) UNRELEASED; urgency=low
     - Store the session password in base64 encoded string in order to make 
       it harder spotting the long term stored (for the duration of the session)
       plain text password.
+    - Support encryption passphrases on SSH private key files.
 
  -- Mike Gabriel <mike.gabriel at das-netzwerkteam.de>  Wed, 07 Aug 2013 12:18:46 +0200
 
diff --git a/x2go/backends/control/_stdout.py b/x2go/backends/control/_stdout.py
index 7b73759..648b72e 100644
--- a/x2go/backends/control/_stdout.py
+++ b/x2go/backends/control/_stdout.py
@@ -857,14 +857,41 @@ class X2GoControlSessionSTDOUT(paramiko.SSHClient):
                 elif (key_filename and os.path.exists(os.path.normpath(key_filename))) or pkey:
                     self.logger('trying SSH pub/priv key authentication with server', loglevel=log.loglevel_DEBUG)
                     paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=pkey,
-                                               key_filename=key_filename, timeout=timeout, allow_agent=allow_agent,
+                                               key_filename=key_filename, timeout=timeout, allow_agent=False,
                                                look_for_keys=look_for_keys)
                 else:
                     self.logger('trying SSH key discovery or agent authentication with server', loglevel=log.loglevel_DEBUG)
+                    paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=None,
+                                               key_filename=None, timeout=timeout, allow_agent=allow_agent,
+                                               look_for_keys=look_for_keys)
+
+                # since Paramiko 1.7.7.1 there is compression available, let's use it if present...
+                t = self.get_transport()
+                if x2go._paramiko.PARAMIKO_FEATURE['use-compression']:
+                    t.use_compression(compress=True)
+                # enable keep alive callbacks
+                t.set_keepalive(5)
+
+            except paramiko.PasswordRequiredException, e:
+                self.close()
+                if password:
+                    self.logger('unlock SSH private key file with provided password', loglevel=log.loglevel_INFO)
+
                     try:
-                        paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=None,
-                                                      key_filename=None, timeout=timeout, allow_agent=allow_agent,
-                                                      look_for_keys=look_for_keys)
+                        if (key_filename and os.path.exists(os.path.normpath(key_filename))) or pkey:
+                            self.logger('re-trying SSH pub/priv key authentication with server', loglevel=log.loglevel_DEBUG)
+                            paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=pkey, password=password,
+                                                       key_filename=key_filename, timeout=timeout, allow_agent=False,
+                                                       look_for_keys=look_for_keys)
+                        else:
+                            self.logger('re-trying SSH key discovery or agent authentication with server', loglevel=log.loglevel_DEBUG)
+                            paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=None, password=password,
+                                                       key_filename=None, timeout=timeout, allow_agent=allow_agent,
+                                                       look_for_keys=look_for_keys)
+                    except paramiko.AuthenticationException:
+                        # the provided password cannot be used to unlock any private SSH key file (i.e. wrong password)
+                        raise paramiko.PasswordRequiredException(str(e))
+
                     except paramiko.SSHException, e:
                         if str(e) == 'No authentication methods available':
                             raise paramiko.AuthenticationException('Interactive password authentication required!')
@@ -874,12 +901,11 @@ class X2GoControlSessionSTDOUT(paramiko.SSHClient):
                                 self.sshproxy_session.stop_thread()
                             raise(e)
 
-                # since Paramiko 1.7.7.1 there is compression available, let's use it if present...
-                t = self.get_transport()
-                if x2go._paramiko.PARAMIKO_FEATURE['use-compression']:
-                    t.use_compression(compress=True)
-                # enable keep alive callbacks
-                t.set_keepalive(5)
+                else:
+                    self.close()
+                    if self.sshproxy_session:
+                        self.sshproxy_session.stop_thread()
+                    raise(e)
 
             except paramiko.AuthenticationException, e:
                 self.close()
@@ -899,6 +925,15 @@ class X2GoControlSessionSTDOUT(paramiko.SSHClient):
                         self.sshproxy_session.stop_thread()
                     raise(e)
 
+            except paramiko.SSHException, e:
+                if str(e) == 'No authentication methods available':
+                    raise paramiko.AuthenticationException('Interactive password authentication required!')
+                else:
+                    self.close()
+                    if self.sshproxy_session:
+                        self.sshproxy_session.stop_thread()
+                    raise(e)
+
             except:
                 self.close()
                 if self.sshproxy_session:


hooks/post-receive
-- 
python-x2go.git (Python X2Go Client API)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "python-x2go.git" (Python X2Go Client API).




More information about the x2go-commits mailing list