[X2Go-Commits] python-x2go.git - brokerclient (branch) updated: 0.0.37.0-44-gf41550a

X2Go dev team git-admin at x2go.org
Tue Jan 7 16:20:11 CET 2014


The branch, brokerclient has been updated
       via  f41550a56ecc92d14466317c0370b209d866d90c (commit)
      from  12bb02a83abd24c50689d960beff9aad238d3a8c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 x2go/backends/control/_stdout.py |   30 +++++++++++-----
 x2go/checkhosts.py               |   74 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 96 insertions(+), 8 deletions(-)
 create mode 100644 x2go/checkhosts.py

The diff of changes is:
diff --git a/x2go/backends/control/_stdout.py b/x2go/backends/control/_stdout.py
index 7e2d7d5..1a47554 100644
--- a/x2go/backends/control/_stdout.py
+++ b/x2go/backends/control/_stdout.py
@@ -32,6 +32,7 @@ import paramiko
 import gevent
 
 import copy
+import binascii
 
 # Python X2go modules
 import x2go.sshproxy as sshproxy
@@ -39,6 +40,7 @@ import x2go.log as log
 import x2go.utils as utils
 import x2go.x2go_exceptions as x2go_exceptions
 import x2go.defaults as defaults
+import x2go.checkhosts as checkhosts
 
 from x2go.backends.terminal import X2goTerminalSession as _X2goTerminalSession
 from x2go.backends.info import X2goServerSessionInfo as _X2goServerSessionInfo
@@ -239,22 +241,32 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient):
         Perform a Paramiko/SSH host key check.
 
         """
+        _hostname = hostname
+        _port = port
+        _fingerprint = 'NO-FINGERPRINT'
+        _fingerprint_type = 'SOME-KEY-TYPE'
+
+        _check_policy = checkhosts.X2goCheckHostKeyPolicy()
+        self.set_missing_host_key_policy(_check_policy)
+
         try:
             paramiko.SSHClient.connect(self, hostname=hostname, port=port, username='foo', password='bar')
+        except x2go_exceptions.AuthenticationException:
             host_ok = True
-            self.logger('SSH host key verification succeeded.', loglevel=log.loglevel_NOTICE)
+            self.logger('SSH host key verification succeeded. Host is already known to the client\'s Paramiko/SSH sub-system.', loglevel=log.loglevel_NOTICE)
         except x2go_exceptions.SSHException, e:
-            msg = e.message
-            if msg.startswith('Unknown server')
+            msg = str(e)
+            if msg.startswith('Checked host key for X2go server '):
                 host_ok = False
-                self.logger('SSH host key verification failed.', loglevel=log.loglevel_NOTICE)
+                _hostname = _check_policy.get_hostname().split(':')[0].lstrip('[').rstrip(']')
+                _port = _check_policy.get_hostname().split(':')[1]
+                _fingerprint = _check_policy.get_key_fingerprint_with_colons()
+                _fingerprint_type = _check_policy.get_key_name()
+                self.logger('SSH host key verification failed. Seeing this X2go server for the first time.', loglevel=log.loglevel_NOTICE)
             else:
                 raise(e)
 
-        _hostname = hostname
-        _port = port
-        _fingerprint = 'NO-FINGERPRINT'
-        _fingerprint_type = 'SOME-KEY-TYPE'
+        self.set_missing_host_key_policy(paramiko.RejectPolicy())
         return (host_ok, _hostname, _port, _fingerprint, _fingerprint_type)
 
     def connect(self, hostname, port=22, username='', password='', pkey=None,
@@ -406,6 +418,8 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient):
             self.close()
             raise paramiko.AuthenticationException()
 
+        self.set_missing_host_key_policy(paramiko.RejectPolicy())
+
         self.hostname = hostname
         self.port = port
 
diff --git a/x2go/checkhosts.py b/x2go/checkhosts.py
new file mode 100644
index 0000000..d4eda9a
--- /dev/null
+++ b/x2go/checkhosts.py
@@ -0,0 +1,74 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (C) 2010-2011 by Mike Gabriel <m.gabriel at das-netzwerkteam.de>
+#
+# Python X2go is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# Python X2go is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the
+# Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+"""\
+Providing mechanisms to control session backends to check host validity.
+
+"""
+__NAME__ = 'x2gocheckhosts-pylib'
+
+# modules
+import paramiko
+import binascii
+
+# Python X2go modules
+import x2go_exceptions
+
+class X2goCheckHostKeyPolicy(paramiko.MissingHostKeyPolicy):
+    """\
+    Policy for making host key information available to Python X2go after a 
+    Paramiko/SSH connect has been attempted. A connect that uses this 
+    C{paramiko.MissingHostKeyPolicy} will always fail.
+
+    This is used by L{X2goControlSessionSTDOUT}.
+    """
+    def missing_host_key(self, client, hostname, key):
+        self.client = client
+        self.hostname = hostname
+        self.key = key
+        client._log(paramiko.common.DEBUG, 'Checking %s host key for %s: %s' %
+                   (key.get_name(), hostname, binascii.hexlify(key.get_fingerprint())))
+        raise x2go_exceptions.SSHException('Checked host key for X2go server %s' % hostname)
+
+    def get_client(self):
+        return self.client
+
+    def get_hostname(self):
+        return self.hostname
+
+    def get_key(self):
+        return self.key
+
+    def get_key_name(self):
+        return self.key.get_name().upper()
+
+    def get_key_fingerprint(self):
+        return binascii.hexlify(self.key.get_fingerprint())
+
+    def get_key_fingerprint_with_colons(self):
+        _fingerprint = self.get_key_fingerprint()
+        _colon_fingerprint = ''
+        idx = 0
+        for char in _fingerprint:
+            idx += 1
+            _colon_fingerprint += char
+            if idx % 2 == 0:
+                _colon_fingerprint += ':'
+        return _colon_fingerprint.rstrip(':')
+


hooks/post-receive
-- 
python-x2go.git (Python X2Go Client API)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "python-x2go.git" (Python X2Go Client API).




More information about the x2go-commits mailing list