[X2Go-Commits] [x2gobroker] 01/01: Allow for broker clients to send in public SSH keys that the client may use for authentication to X2Go Servers.
git-admin at x2go.org
git-admin at x2go.org
Tue Mar 18 19:30:07 CET 2014
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master
in repository x2gobroker.
commit 9cfc3b98f0d3e859cc7f9703d2f9081d43b6fcbd
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Mar 18 19:29:04 2014 +0100
Allow for broker clients to send in public SSH keys that the client may use for authentication to X2Go Servers.
---
debian/changelog | 2 ++
x2gobroker/brokers/base_broker.py | 61 +++++++++++++++++++++++++------------
x2gobroker/web/json.py | 3 +-
x2gobroker/web/plain.py | 3 +-
4 files changed, 47 insertions(+), 22 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 0ac02f0..d0f227a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -99,6 +99,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low
- Session profiles with marker user=BROKER_USER will now auto-fill-in the
broker username into the session profile's 'user' option.
- Provide tool: x2gobroker-testagent.
+ - Allow for broker clients to send in public SSH keys that the client may use
+ for authentication to X2Go Servers.
* debian/control:
+ Replace LDAP support with session brokerage support in LONG_DESCRIPTION.
+ Fix SYNOPSIS texts.
diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py
index 0edb946..9b52aef 100644
--- a/x2gobroker/brokers/base_broker.py
+++ b/x2gobroker/brokers/base_broker.py
@@ -946,7 +946,7 @@ class X2GoBroker(object):
return list_of_profiles
- def select_session(self, profile_id, username=None):
+ def select_session(self, profile_id, username=None, pubkey=None):
"""\
Start/resume a session by selecting a profile name offered by the X2Go client.
@@ -957,6 +957,9 @@ class X2GoBroker(object):
@type profile_id: C{unicode}
@param username: specify username that this operation runs for
@type username: C{unicode}
+ @param pubkey: The broker clients may send us a public key that we may
+ temporarily install into a remote X2Go Server for non-interactive login
+ @type pubkey: C{unicode}
"""
try:
@@ -1092,25 +1095,43 @@ class X2GoBroker(object):
# session autologin feature
if remote_agent and self.get_session_autologin(profile_id) and username:
- # FIXME: we somehow have to find out about the username of the person at the broker client-side...
- # using the username used for broker login for now...
- pubkey, privkey = x2gobroker.agent.genkeypair(local_username=username, client_address=self.get_client_address())
- x2gobroker.agent.add_authorized_key(username=username,
- pubkey_hash=pubkey,
- authorized_keys_file=self.get_authorized_keys_file(profile_id),
- query_mode=agent_query_mode,
- remote_agent=remote_agent,
- ),
- selected_session.update({
- 'authentication_privkey': privkey,
- })
- x2gobroker.agent.delete_authorized_key(username=username,
- pubkey_hash=pubkey,
- authorized_keys_file=self.get_authorized_keys_file(profile_id),
- query_mode=agent_query_mode,
- remote_agent=remote_agent,
- delay_deletion=20,
- )
+ if not pubkey:
+ # if the broker client has not provided a public SSH key, we will generate one
+ # this is the OLD style of the auto login feature
+
+ # FIXME: we somehow have to find out about the username of the person at the broker client-side...
+ # using the username used for broker login for now...
+ pubkey, privkey = x2gobroker.agent.genkeypair(local_username=username, client_address=self.get_client_address())
+ x2gobroker.agent.add_authorized_key(username=username,
+ pubkey_hash=pubkey,
+ authorized_keys_file=self.get_authorized_keys_file(profile_id),
+ query_mode=agent_query_mode,
+ remote_agent=remote_agent,
+ ),
+ selected_session.update({
+ 'authentication_privkey': privkey,
+ })
+ x2gobroker.agent.delete_authorized_key(username=username,
+ pubkey_hash=pubkey,
+ authorized_keys_file=self.get_authorized_keys_file(profile_id),
+ query_mode=agent_query_mode,
+ remote_agent=remote_agent,
+ delay_deletion=20,
+ )
+ else:
+ x2gobroker.agent.add_authorized_key(username=username,
+ pubkey_hash=pubkey,
+ authorized_keys_file=self.get_authorized_keys_file(profile_id),
+ query_mode=agent_query_mode,
+ remote_agent=remote_agent,
+ ),
+ x2gobroker.agent.delete_authorized_key(username=username,
+ pubkey_hash=pubkey,
+ authorized_keys_file=self.get_authorized_keys_file(profile_id),
+ query_mode=agent_query_mode,
+ remote_agent=remote_agent,
+ delay_deletion=20,
+ )
return selected_session
diff --git a/x2gobroker/web/json.py b/x2gobroker/web/json.py
index bbbcb81..a1f9300 100644
--- a/x2gobroker/web/json.py
+++ b/x2gobroker/web/json.py
@@ -112,6 +112,7 @@ class X2GoBrokerWeb(_RequestHandler):
username = self.get_argument('user', default='')
password = self.get_argument('password', default='')
cookie = self.get_argument('authid', default='')
+ pubkey = self.get_argument('pubkey', default='')
task = self.get_argument('task', default='')
profile_id = self.get_argument('profile-id', default='')
new_password = self.get_argument('newpass', default='')
@@ -171,7 +172,7 @@ class X2GoBrokerWeb(_RequestHandler):
selected_session = {}
- profile_info = broker_backend.select_session(profile_id=profile_id, username=username)
+ profile_info = broker_backend.select_session(profile_id=profile_id, username=username, pubkey=pubkey)
if profile_info.has_key('server'):
selected_session['server'] = "{server}".format(server=profile_info['server'])
if profile_info.has_key('port'):
diff --git a/x2gobroker/web/plain.py b/x2gobroker/web/plain.py
index f9e8531..150818b 100644
--- a/x2gobroker/web/plain.py
+++ b/x2gobroker/web/plain.py
@@ -108,6 +108,7 @@ class X2GoBrokerWeb(_RequestHandler):
username = self.get_argument('user', default='')
password = self.get_argument('password', default='')
cookie = self.get_argument('authid', default='')
+ pubkey = self.get_argument('pubkey', default='')
task = self.get_argument('task', default='')
profile_id = self.get_argument('sid', default='')
new_password = self.get_argument('newpass', default='')
@@ -190,7 +191,7 @@ class X2GoBrokerWeb(_RequestHandler):
if profile_id:
- profile_info = broker_backend.select_session(profile_id=profile_id, username=username)
+ profile_info = broker_backend.select_session(profile_id=profile_id, username=username, pubkey=pubkey)
if profile_info.has_key('server'):
output += "SERVER:"
output += profile_info['server']
--
Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
More information about the x2go-commits
mailing list