[X2Go-Commits] python-x2go.git - build-baikal (branch) updated: 0.4.0.8-4-g8a48422

X2Go dev team git-admin at x2go.org
Wed Jan 8 15:31:37 CET 2014


The branch, build-baikal has been updated
       via  8a48422fa568620d612901dcd064275122b794e0 (commit)
      from  c69719a3dd52d73fc18d48805b8fa3451d2b9212 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 debian/changelog                 |    1 +
 x2go/backends/control/_stdout.py |   55 +++++++++++++++++++++++++++++++-------
 2 files changed, 46 insertions(+), 10 deletions(-)

The diff of changes is:
diff --git a/debian/changelog b/debian/changelog
index 0d84279..6dfa5f8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,7 @@ python-x2go (0.4.0.9-0~x2go1) UNRELEASED; urgency=low
     - Store the session password in base64 encoded string in order to make 
       it harder spotting the long term stored (for the duration of the session)
       plain text password.
+    - Support encryption passphrases on SSH private key files.
 
  -- Mike Gabriel <mike.gabriel at das-netzwerkteam.de>  Wed, 07 Aug 2013 12:18:46 +0200
 
diff --git a/x2go/backends/control/_stdout.py b/x2go/backends/control/_stdout.py
index 7b73759..648b72e 100644
--- a/x2go/backends/control/_stdout.py
+++ b/x2go/backends/control/_stdout.py
@@ -857,14 +857,41 @@ class X2GoControlSessionSTDOUT(paramiko.SSHClient):
                 elif (key_filename and os.path.exists(os.path.normpath(key_filename))) or pkey:
                     self.logger('trying SSH pub/priv key authentication with server', loglevel=log.loglevel_DEBUG)
                     paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=pkey,
-                                               key_filename=key_filename, timeout=timeout, allow_agent=allow_agent,
+                                               key_filename=key_filename, timeout=timeout, allow_agent=False,
                                                look_for_keys=look_for_keys)
                 else:
                     self.logger('trying SSH key discovery or agent authentication with server', loglevel=log.loglevel_DEBUG)
+                    paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=None,
+                                               key_filename=None, timeout=timeout, allow_agent=allow_agent,
+                                               look_for_keys=look_for_keys)
+
+                # since Paramiko 1.7.7.1 there is compression available, let's use it if present...
+                t = self.get_transport()
+                if x2go._paramiko.PARAMIKO_FEATURE['use-compression']:
+                    t.use_compression(compress=True)
+                # enable keep alive callbacks
+                t.set_keepalive(5)
+
+            except paramiko.PasswordRequiredException, e:
+                self.close()
+                if password:
+                    self.logger('unlock SSH private key file with provided password', loglevel=log.loglevel_INFO)
+
                     try:
-                        paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=None,
-                                                      key_filename=None, timeout=timeout, allow_agent=allow_agent,
-                                                      look_for_keys=look_for_keys)
+                        if (key_filename and os.path.exists(os.path.normpath(key_filename))) or pkey:
+                            self.logger('re-trying SSH pub/priv key authentication with server', loglevel=log.loglevel_DEBUG)
+                            paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=pkey, password=password,
+                                                       key_filename=key_filename, timeout=timeout, allow_agent=False,
+                                                       look_for_keys=look_for_keys)
+                        else:
+                            self.logger('re-trying SSH key discovery or agent authentication with server', loglevel=log.loglevel_DEBUG)
+                            paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=None, password=password,
+                                                       key_filename=None, timeout=timeout, allow_agent=allow_agent,
+                                                       look_for_keys=look_for_keys)
+                    except paramiko.AuthenticationException:
+                        # the provided password cannot be used to unlock any private SSH key file (i.e. wrong password)
+                        raise paramiko.PasswordRequiredException(str(e))
+
                     except paramiko.SSHException, e:
                         if str(e) == 'No authentication methods available':
                             raise paramiko.AuthenticationException('Interactive password authentication required!')
@@ -874,12 +901,11 @@ class X2GoControlSessionSTDOUT(paramiko.SSHClient):
                                 self.sshproxy_session.stop_thread()
                             raise(e)
 
-                # since Paramiko 1.7.7.1 there is compression available, let's use it if present...
-                t = self.get_transport()
-                if x2go._paramiko.PARAMIKO_FEATURE['use-compression']:
-                    t.use_compression(compress=True)
-                # enable keep alive callbacks
-                t.set_keepalive(5)
+                else:
+                    self.close()
+                    if self.sshproxy_session:
+                        self.sshproxy_session.stop_thread()
+                    raise(e)
 
             except paramiko.AuthenticationException, e:
                 self.close()
@@ -899,6 +925,15 @@ class X2GoControlSessionSTDOUT(paramiko.SSHClient):
                         self.sshproxy_session.stop_thread()
                     raise(e)
 
+            except paramiko.SSHException, e:
+                if str(e) == 'No authentication methods available':
+                    raise paramiko.AuthenticationException('Interactive password authentication required!')
+                else:
+                    self.close()
+                    if self.sshproxy_session:
+                        self.sshproxy_session.stop_thread()
+                    raise(e)
+
             except:
                 self.close()
                 if self.sshproxy_session:


hooks/post-receive
-- 
python-x2go.git (Python X2Go Client API)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "python-x2go.git" (Python X2Go Client API).




More information about the x2go-commits mailing list