x2go-commits September 2013

x2go-commits@lists.x2go.org

2 participants
2415 discussions

x2goclient.git - master (branch) updated: 4.0.1.1-7-gdae0664
by git-admin＠x2go.org 30 Sep '13

30 Sep '13

The branch, master has been updated via dae06640659ec9de4c8308897a218c92f4e6ac7a (commit) from 56785cbc26c68ff4704b347add58ea559956aa5f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit dae06640659ec9de4c8308897a218c92f4e6ac7a Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Date: Mon Sep 30 21:04:39 2013 +0200 reformat log entry ----------------------------------------------------------------------- Summary of changes: debian/changelog | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) The diff of changes is: diff --git a/debian/changelog b/debian/changelog index 9075947..0b6aa9e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,8 +7,9 @@ x2goclient (4.0.1.2-0~x2go2) UNRELEASED; urgency=low [ Oleksandr Shneyder ] * New upstream version (4.0.1.2): - - support for keys "shadowuser" "shadowdisplay" and "shadowmode" in - config file. This allow to choose default display for shadow sessions + - Support for keys "shadowuser" "shadowdisplay" and "shadowmode" in + config file. This allows choosing the default display for shadow + sessions. -- Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Wed, 11 Sep 2013 12:17:43 +0200 hooks/post-receive -- x2goclient.git (X2Go Client) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "x2goclient.git" (X2Go Client).

1 0

x2goclient.git - master (branch) updated: 4.0.1.1-8-gf376e1c
by git-admin＠x2go.org 30 Sep '13

30 Sep '13

The branch, master has been updated via f376e1c9e9e1b145b4ed1f2cb8a32b64ffe5f4bf (commit) from dae06640659ec9de4c8308897a218c92f4e6ac7a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f376e1c9e9e1b145b4ed1f2cb8a32b64ffe5f4bf Author: Heinrich Schuchardt <xypron.glpk(a)gmx.de> Date: Mon Sep 30 21:07:25 2013 +0200 Handle SSH host key changes more elegantly and allow user interaction if such a host key change occurs. (Fixes: #241). ----------------------------------------------------------------------- Summary of changes: debian/changelog | 5 ++++ onmainwindow.cpp | 67 +++++++++++++++++++++++++++++++++++++----------------- 2 files changed, 51 insertions(+), 21 deletions(-) The diff of changes is: diff --git a/debian/changelog b/debian/changelog index 0b6aa9e..6360efe 100644 --- a/debian/changelog +++ b/debian/changelog @@ -11,6 +11,11 @@ x2goclient (4.0.1.2-0~x2go2) UNRELEASED; urgency=low config file. This allows choosing the default display for shadow sessions. + [ Heinrich Schuchardt ] + * New upstream version (4.0.1.2): + - Handle SSH host key changes more elegantly and allow user interaction + if such a host key change occurs. (Fixes: #241). + -- Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Wed, 11 Sep 2013 12:17:43 +0200 x2goclient (4.0.1.1-0~x2go1) unstable; urgency=low diff --git a/onmainwindow.cpp b/onmainwindow.cpp index 6a3fb66..3036ecd 100644 --- a/onmainwindow.cpp +++ b/onmainwindow.cpp @@ -2964,33 +2964,58 @@ void ONMainWindow::slotSshServerAuthError ( int error, QString sshMessage, SshMa { case SSH_SERVER_KNOWN_CHANGED: errMsg=tr ( "Host key for server changed.\nIt is now: " ) +sshMessage+"\n"+ - tr ( "For security reasons, connection will be stopped" ); - connection->writeKnownHosts(false); - connection->wait(); - if(sshConnection && sshConnection !=connection) + tr ( "This can be an indication of a man-in-the-middle attack.\n" + "Somebody might be eavesdropping on you.\n" + "For security reasons, it is recommended to stop the connection.\n" + "Do you want to terminate the connection?\n" ); + if ( !QMessageBox::warning( 0, tr( "Host key verification failed" ), + errMsg, tr( "Yes" ), tr( "No" ) ) != 0) + { + connection->writeKnownHosts(false); + connection->wait(); + if(sshConnection && sshConnection !=connection) + { + sshConnection->wait(); + delete sshConnection; + } + slotSshUserAuthError ( tr ( "Host key verification failed" ) ); + sshConnection=0; + return; + } + else { - sshConnection->wait(); - delete sshConnection; + errMsg = tr( "If you accept the new host key the security of your " + "connection may be compromised.\n" + "Do you want to update the host key?" ); } - sshConnection=0; - slotSshUserAuthError ( errMsg ); - return; - + break; case SSH_SERVER_FOUND_OTHER: errMsg=tr ( "The host key for this server was not found but an other" - "type of key exists.An attacker might change the default server key to" - "confuse your client into thinking the key does not exist" ); - connection->writeKnownHosts(false); - connection->wait(); - if(sshConnection && sshConnection !=connection) + "type of key exists. An attacker might change the default server key to " + "confuse your client into thinking the key does not exist. \n" + "For security reasons, it is recommended to stop the connection.\n" + "Do you want to terminate the connection?\n"); + if ( !QMessageBox::warning( 0, tr( "Host key verification failed" ), + errMsg, tr( "Yes" ), tr( "No" ) ) != 0) + { + connection->writeKnownHosts(false); + connection->wait(); + if(sshConnection && sshConnection !=connection) + { + sshConnection->wait(); + delete sshConnection; + } + slotSshUserAuthError ( tr ( "Host key verification failed" ) ); + sshConnection=0; + return; + } + else { - sshConnection->wait(); - delete sshConnection; + errMsg = tr( "If you accept the new host key the security of your " + "connection may be compromised.\n" + "Do you want to update the host key?" ); } - sshConnection=0; - slotSshUserAuthError ( errMsg ); - return ; - + break; case SSH_SERVER_ERROR: connection->writeKnownHosts(false); connection->wait(); hooks/post-receive -- x2goclient.git (X2Go Client) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "x2goclient.git" (X2Go Client).

1 0

nx-libs.git - master (branch) updated: redist-server/3.5.0.21-2-g2ef4ab4
by git-admin＠x2go.org 30 Sep '13

30 Sep '13

The branch, master has been updated via 2ef4ab414e6d872b4acfb369193a6cd2fe4e6957 (commit) from b29654d5421008e8aab89902ea2ee528990681c8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2ef4ab414e6d872b4acfb369193a6cd2fe4e6957 Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Date: Mon Sep 30 21:00:41 2013 +0200 Add patch: 603_nx-X11_compilation_warnings.full.patch. Fix 3 evident bugs: one implicit function declaration issue and two array index out of bounds issues. (Fixes: #314). ----------------------------------------------------------------------- Summary of changes: debian/changelog | 5 ++- .../603_nx-X11_compilation_warnings.full.patch | 38 ++++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 debian/patches/603_nx-X11_compilation_warnings.full.patch The diff of changes is: diff --git a/debian/changelog b/debian/changelog index 1f0ed61..5bc7c8d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,9 @@ nx-libs (2:3.5.0.22-0) UNRELEASED; urgency=low - * Continue development... + [ Mirraz Mirraz ] + * Add patch: 603_nx-X11_compilation_warnings.full.patch. Fix 3 evident bugs: + one implicit function declaration issue and two array index out of bounds + issues. (Fixes: #314). -- Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Fri, 30 Aug 2013 16:20:18 +0200 diff --git a/debian/patches/603_nx-X11_compilation_warnings.full.patch b/debian/patches/603_nx-X11_compilation_warnings.full.patch new file mode 100644 index 0000000..3656461 --- /dev/null +++ b/debian/patches/603_nx-X11_compilation_warnings.full.patch @@ -0,0 +1,38 @@ +Description: Handle some serious compilation warnings +Author: Mirraz Mirraz <mirraz1(a)rambler.ru> +--- a/nx-X11/extras/Mesa/src/mesa/shader/arbprogparse.c 2013-08-30 20:18:40.000000000 +0600 ++++ b/nx-X11/extras/Mesa/src/mesa/shader/arbprogparse.c 2013-09-30 18:39:42.357560169 +0600 +@@ -3259,7 +3259,6 @@ + vp->SrcReg[0].Swizzle = SWIZZLE_NOOP; + vp->SrcReg[1].Swizzle = SWIZZLE_NOOP; + vp->SrcReg[2].Swizzle = SWIZZLE_NOOP; +- vp->SrcReg[3].Swizzle = SWIZZLE_NOOP; + vp->DstReg.WriteMask = 0xf; + + switch (type) { +--- a/nx-X11/lib/X11/imLcPrs.c 2013-08-30 20:18:40.000000000 +0600 ++++ b/nx-X11/lib/X11/imLcPrs.c 2013-09-30 19:02:56.925125678 +0600 +@@ -589,7 +589,7 @@ + + l = _Xmbstoutf8(local_utf8_buf, rhs_string_mb, LOCAL_UTF8_BUFSIZE - 1); + if (l == LOCAL_UTF8_BUFSIZE - 1) { +- local_wc_buf[l] = '\0'; ++ local_utf8_buf[l] = '\0'; + } + if( (rhs_string_utf8 = (char *)Xmalloc(l + 1)) == NULL ) { + Xfree( rhs_string_wc ); +--- a/nx-X11/programs/Xserver/xkb/ddxLoad.c 2013-08-30 20:18:40.000000000 +0600 ++++ b/nx-X11/programs/Xserver/xkb/ddxLoad.c 2013-09-30 18:56:27.358995920 +0600 +@@ -37,6 +37,12 @@ + #include <errno.h> + #include <stdio.h> + #include <ctype.h> ++ ++/* stat() */ ++#include <sys/types.h> ++#include <sys/stat.h> ++#include <unistd.h> ++ + #define NEED_EVENTS 1 + #include <X11/X.h> + #include <X11/Xos.h> diff --git a/debian/patches/series b/debian/patches/series index 8c5eebd..3526c84 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -48,6 +48,7 @@ 600_nx-X11+nxcompext+nxcompshad_unique-libnames.full.patch 601_nx-X11_build-option-changes-to-not-use-bundled-libraries.full.patch 602_nx-X11_initgroups.full.patch +603_nx-X11_compilation_warnings.full.patch 999_nxagent_unbrand-nxagent-brand-x2goagent.full.patch 016_nx-X11_install-location.debian.patch 102_xserver-xext_set-securitypolicy-path.debian.patch hooks/post-receive -- nx-libs.git (NX (redistributed)) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "nx-libs.git" (NX (redistributed)).

1 0

page changed: wiki:development:build-howto-macos:x2goclient
by wiki-admin＠x2go.org 27 Sep '13

27 Sep '13

A page in your DokuWiki was added or changed. Here are the details: Date : 2013/09/27 22:23 Browser : Mozilla/5.0 (X11; U; Linux armv7l; en-GB; rv:1.9.2.3pre) Gecko/20100723 Firefox/3.5 Maemo Browser 1.7.4.8 RX-51 N900 IP-Address : 176.5.129.133 Hostname : 176.5.129.133 Old Revision: http://wiki.x2go.org/doku.php/wiki:development:build-howto-macos:x2goclient… New Revision: http://wiki.x2go.org/doku.php/wiki:development:build-howto-macos:x2goclient Edit Summary: User : sunweaver @@ -1,15 +1,5 @@ ====== Building X2Go Client on Mac OS ====== - - ===== Build/Install X2Go Client using Homebrew ===== - - As X2Go Client and it's dependencies are already in Homebrew (thanks to Eugene San). - - We assume you've already installed Homebrew. - If not please invoke:<code>$ ruby -e "$(curl -fsSL https://raw.github.com/mxcl/homebrew/go)"</code> - For more information regarding Homebrew head to http://brew.sh - - It is possible to install X2Go Client in one command: <code>$ brew install x2goclient</code> ===== Build X2Go Client using MacPorts ===== X2Go Client is available from MacPorts, maintained by Clemens Lang, who currently also builds the official X2Go Client DMGs. @@ -52,8 +42,19 @@ $ ./macbuild.sh </code> to generate ''x2goclient.dmg''. + + ===== Build/Install X2Go Client using Homebrew ===== + + As X2Go Client and it's dependencies are already in Homebrew (thanks to Eugene San). + + We assume you've already installed Homebrew. + If not please invoke:<code>$ ruby -e "$(curl -fsSL https://raw.github.com/mxcl/homebrew/go)"</code> + For more information regarding Homebrew head to http://brew.sh + + It is possible to install X2Go Client in one command: <code>$ brew install x2goclient</code> + ===== Build X2Go Client from Scratch ===== ==== Variables ==== -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

page changed: wiki:development:build-howto-macos:x2goclient
by wiki-admin＠x2go.org 27 Sep '13

27 Sep '13

A page in your DokuWiki was added or changed. Here are the details: Date : 2013/09/27 22:21 Browser : Mozilla/5.0 (X11; U; Linux armv7l; en-GB; rv:1.9.2.3pre) Gecko/20100723 Firefox/3.5 Maemo Browser 1.7.4.8 RX-51 N900 IP-Address : 176.5.129.133 Hostname : 176.5.129.133 Old Revision: http://wiki.x2go.org/doku.php/wiki:development:build-howto-macos:x2goclient… New Revision: http://wiki.x2go.org/doku.php/wiki:development:build-howto-macos:x2goclient Edit Summary: [Build X2Go Client from Scratch (w/o Mac Ports)] User : sunweaver @@ -53,9 +53,9 @@ </code> to generate ''x2goclient.dmg''. - ===== Build X2Go Client from Scratch (w/o Mac Ports) ===== + ===== Build X2Go Client from Scratch ===== ==== Variables ==== This document makes use of several variables to address paths in a generic, but distinct way. They are not meant to be used via shell, but for human parsing. No program of the x2go suite actually uses them for anything. You may "set" them to whatever value you want to (in your head), just don't change them half-way through the building process. The "default value" is merely a suggestion. -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

page changed: wiki:development:build-howto-macos:x2goclient
by wiki-admin＠x2go.org 27 Sep '13

27 Sep '13

A page in your DokuWiki was added or changed. Here are the details: Date : 2013/09/27 22:20 Browser : Mozilla/5.0 (X11; U; Linux armv7l; en-GB; rv:1.9.2.3pre) Gecko/20100723 Firefox/3.5 Maemo Browser 1.7.4.8 RX-51 N900 IP-Address : 176.5.129.133 Hostname : 176.5.129.133 Old Revision: http://wiki.x2go.org/doku.php/wiki:development:build-howto-macos:x2goclient… New Revision: http://wiki.x2go.org/doku.php/wiki:development:build-howto-macos:x2goclient Edit Summary: [Build/Install X2Go Client using Homebrew] User : sunweaver @@ -7,9 +7,9 @@ We assume you've already installed Homebrew. If not please invoke:<code>$ ruby -e "$(curl -fsSL https://raw.github.com/mxcl/homebrew/go)"</code> For more information regarding Homebrew head to http://brew.sh - It is possible to install X2goClient in one command: <code>$ brew install x2goclient</code> + It is possible to install X2Go Client in one command: <code>$ brew install x2goclient</code> ===== Build X2Go Client using MacPorts ===== X2Go Client is available from MacPorts, maintained by Clemens Lang, who currently also builds the official X2Go Client DMGs. -- This mail was generated by DokuWiki at http://wiki.x2go.org/

1 0

python-paramiko.git - x2go (branch) updated: ddb4343318bc9190a25ca7489d9038901da18ce3
by git-admin＠x2go.org 27 Sep '13

27 Sep '13

The branch, x2go has been updated via ddb4343318bc9190a25ca7489d9038901da18ce3 (commit) via 2fa1479d3f6b50a2cc1dd8821c934bebcd03a466 (commit) from 578f2988212d939a43e2f434892e4c9d44b1ad40 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ddb4343318bc9190a25ca7489d9038901da18ce3 Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Date: Fri Sep 27 23:52:53 2013 +0200 clean-up last commit commit 2fa1479d3f6b50a2cc1dd8821c934bebcd03a466 Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Date: Fri Sep 27 23:51:31 2013 +0200 Revert "clean-up last commit" This reverts commit 578f2988212d939a43e2f434892e4c9d44b1ad40. ----------------------------------------------------------------------- Summary of changes: Makefile | 15 ++++++++++++++ paramiko/__init__.py | 2 -- paramiko/client.py | 56 ++++++++++++++++++++------------------------------ paramiko/hostkeys.py | 7 ++----- 4 files changed, 39 insertions(+), 41 deletions(-) create mode 100644 Makefile The diff of changes is: diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..572f867 --- /dev/null +++ b/Makefile @@ -0,0 +1,15 @@ +release: docs + python setup.py sdist register upload + +docs: paramiko/* + epydoc --no-private -o docs/ paramiko + +clean: + rm -rf build dist docs + rm -f MANIFEST *.log demos/*.log + rm -f paramiko/*.pyc + rm -f test.log + rm -rf paramiko.egg-info + +test: + python ./test.py diff --git a/paramiko/__init__.py b/paramiko/__init__.py index 7f9aa31..62cd51c 100644 --- a/paramiko/__init__.py +++ b/paramiko/__init__.py @@ -87,8 +87,6 @@ from hostkeys import HostKeys from config import SSHConfig from proxy import ProxyCommand -__version_info__ = tuple([ int(d) for d in __version__.split(".") ]) - # fix module names for epydoc for c in locals().values(): if issubclass(type(c), type) or type(c).__name__ == 'classobj': diff --git a/paramiko/client.py b/paramiko/client.py index ee26278..493d548 100644 --- a/paramiko/client.py +++ b/paramiko/client.py @@ -33,7 +33,7 @@ from paramiko.dsskey import DSSKey from paramiko.hostkeys import HostKeys from paramiko.resource import ResourceManager from paramiko.rsakey import RSAKey -from paramiko.ssh_exception import PasswordRequiredException, SSHException, BadHostKeyException +from paramiko.ssh_exception import SSHException, BadHostKeyException from paramiko.transport import Transport from paramiko.util import retry_on_signal @@ -231,8 +231,8 @@ class SSHClient (object): """ self._policy = policy - def connect(self, hostname, port=SSH_PORT, username=None, password=None, passphrase=None, - pkey=None, key_filename=None, timeout=None, allow_agent=True, look_for_keys=True, + def connect(self, hostname, port=SSH_PORT, username=None, password=None, pkey=None, + key_filename=None, timeout=None, allow_agent=True, look_for_keys=True, compress=False, sock=None): """ Connect to an SSH server and authenticate to it. The server's host key @@ -262,10 +262,6 @@ class SSHClient (object): @param password: a password to use for authentication or for unlocking a private key @type password: str - @param passphrase: a passphrase to use for unlocking - a private key in case the password is already needed for two-factor - authentication - @type passphrase: str @param pkey: an optional private key to use for authentication @type pkey: L{PKey} @param key_filename: the filename, or list of filenames, of optional @@ -343,7 +339,7 @@ class SSHClient (object): key_filenames = [ key_filename ] else: key_filenames = key_filename - self._auth(username, password, passphrase, pkey, key_filenames, allow_agent, look_for_keys) + self._auth(username, password, pkey, key_filenames, allow_agent, look_for_keys) def close(self): """ @@ -433,7 +429,7 @@ class SSHClient (object): """ return self._transport - def _auth(self, username, password, passphrase, pkey, key_filenames, allow_agent, look_for_keys): + def _auth(self, username, password, pkey, key_filenames, allow_agent, look_for_keys): """ Try, in order: @@ -442,17 +438,12 @@ class SSHClient (object): - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (if allowed). - Plain username/password auth, if a password was given. - The password might be needed to unlock a private key, or for - two-factor authentication [for which it is required]. - - If the SSH key needs unlocking via passphrase and two-factor - auth requires a password, the passphrase is unused for unlocking - the key whereas the password is used for server authentication. + (The password might be needed to unlock a private key, or for + two-factor authentication [for which it is required].) """ saved_exception = None two_factor = False allowed_types = [] - if passphrase is None: passphrase = password if pkey is not None: try: @@ -464,6 +455,20 @@ class SSHClient (object): except SSHException, e: saved_exception = e + if not two_factor: + for key_filename in key_filenames: + for pkey_class in (RSAKey, DSSKey): + try: + key = pkey_class.from_private_key_file(key_filename, password) + self._log(DEBUG, 'Trying key %s from %s' % (hexlify(key.get_fingerprint()), key_filename)) + self._transport.auth_publickey(username, key) + two_factor = (allowed_types == ['password']) + if not two_factor: + return + break + except SSHException, e: + saved_exception = e + if not two_factor and allow_agent: if self._agent == None: self._agent = Agent() @@ -481,23 +486,6 @@ class SSHClient (object): saved_exception = e if not two_factor: - for key_filename in key_filenames: - for pkey_class in (RSAKey, DSSKey): - try: - key = pkey_class.from_private_key_file(key_filename, passphrase) - self._log(DEBUG, 'Trying key %s from %s' % (hexlify(key.get_fingerprint()), key_filename)) - allowed_types = self._transport.auth_publickey(username, key) - two_factor = (allowed_types == ['password']) - if not two_factor: - return - break - except PasswordRequiredException, e: - saved_exception = e - break - except SSHException, e: - saved_exception = e - - if not two_factor: keyfiles = [] rsa_key = os.path.expanduser('~/.ssh/id_rsa') dsa_key = os.path.expanduser('~/.ssh/id_dsa') @@ -518,7 +506,7 @@ class SSHClient (object): for pkey_class, filename in keyfiles: try: - key = pkey_class.from_private_key_file(filename, passphrase) + key = pkey_class.from_private_key_file(filename, password) self._log(DEBUG, 'Trying discovered key %s in %s' % (hexlify(key.get_fingerprint()), filename)) # for 2-factor auth a successfully auth'd key will result in ['password'] allowed_types = self._transport.auth_publickey(username, key) diff --git a/paramiko/hostkeys.py b/paramiko/hostkeys.py index 0f29f2b..f64e6e6 100644 --- a/paramiko/hostkeys.py +++ b/paramiko/hostkeys.py @@ -130,9 +130,9 @@ class HostKeys (UserDict.DictMixin): if filename is not None: self.load(filename) - def add(self, hostname, keytype, key, hash_hostname=True): + def add(self, hostname, keytype, key): """ - Add a host key entry to the table. Any existing entry for a + Add a host key entry to the table. Any existing entry for a C{(hostname, keytype)} pair will be replaced. @param hostname: the hostname (or IP) to add @@ -141,14 +141,11 @@ class HostKeys (UserDict.DictMixin): @type keytype: str @param key: the key to add @type key: L{PKey} - """ for e in self._entries: if (hostname in e.hostnames) and (e.key.get_name() == keytype): e.key = key return - if not hostname.startswith('|1|') and hash_hostname: - hostname = self.hash_host(hostname) self._entries.append(HostKeyEntry([hostname], key)) def load(self, filename): hooks/post-receive -- python-paramiko.git (Debian package python-paramiko) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "python-paramiko.git" (Debian package python-paramiko).

1 0

python-paramiko.git - x2go (branch) updated: 578f2988212d939a43e2f434892e4c9d44b1ad40
by git-admin＠x2go.org 27 Sep '13

27 Sep '13

The branch, x2go has been updated via 578f2988212d939a43e2f434892e4c9d44b1ad40 (commit) from bc71e90bcb8cd8d270e43bb108f67c7cef485328 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 578f2988212d939a43e2f434892e4c9d44b1ad40 Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Date: Fri Sep 27 23:47:21 2013 +0200 clean-up last commit ----------------------------------------------------------------------- Summary of changes: Makefile | 15 ------ debian/patches/007_reintroduce-version-info.patch | 10 +--- paramiko/__init__.py | 2 + paramiko/client.py | 56 +++++++++++++-------- paramiko/hostkeys.py | 7 ++- 5 files changed, 42 insertions(+), 48 deletions(-) delete mode 100644 Makefile The diff of changes is: diff --git a/Makefile b/Makefile deleted file mode 100644 index 572f867..0000000 --- a/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -release: docs - python setup.py sdist register upload - -docs: paramiko/* - epydoc --no-private -o docs/ paramiko - -clean: - rm -rf build dist docs - rm -f MANIFEST *.log demos/*.log - rm -f paramiko/*.pyc - rm -f test.log - rm -rf paramiko.egg-info - -test: - python ./test.py diff --git a/debian/patches/007_reintroduce-version-info.patch b/debian/patches/007_reintroduce-version-info.patch index 9b9fedc..b0b36a6 100644 --- a/debian/patches/007_reintroduce-version-info.patch +++ b/debian/patches/007_reintroduce-version-info.patch @@ -2,15 +2,7 @@ Description: Reintroduce __version_info__ as it breaks mysql-workbench Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> --- a/paramiko/__init__.py +++ b/paramiko/__init__.py -@@ -60,7 +60,6 @@ - __version__ = "1.11.0" - __license__ = "GNU Lesser General Public License (LGPL)" - -- - from transport import SecurityOptions, Transport - from client import SSHClient, MissingHostKeyPolicy, AutoAddPolicy, RejectPolicy, WarningPolicy - from auth_handler import AuthHandler -@@ -87,6 +86,8 @@ +@@ -87,6 +87,8 @@ from config import SSHConfig from proxy import ProxyCommand diff --git a/paramiko/__init__.py b/paramiko/__init__.py index 62cd51c..7f9aa31 100644 --- a/paramiko/__init__.py +++ b/paramiko/__init__.py @@ -87,6 +87,8 @@ from hostkeys import HostKeys from config import SSHConfig from proxy import ProxyCommand +__version_info__ = tuple([ int(d) for d in __version__.split(".") ]) + # fix module names for epydoc for c in locals().values(): if issubclass(type(c), type) or type(c).__name__ == 'classobj': diff --git a/paramiko/client.py b/paramiko/client.py index 493d548..ee26278 100644 --- a/paramiko/client.py +++ b/paramiko/client.py @@ -33,7 +33,7 @@ from paramiko.dsskey import DSSKey from paramiko.hostkeys import HostKeys from paramiko.resource import ResourceManager from paramiko.rsakey import RSAKey -from paramiko.ssh_exception import SSHException, BadHostKeyException +from paramiko.ssh_exception import PasswordRequiredException, SSHException, BadHostKeyException from paramiko.transport import Transport from paramiko.util import retry_on_signal @@ -231,8 +231,8 @@ class SSHClient (object): """ self._policy = policy - def connect(self, hostname, port=SSH_PORT, username=None, password=None, pkey=None, - key_filename=None, timeout=None, allow_agent=True, look_for_keys=True, + def connect(self, hostname, port=SSH_PORT, username=None, password=None, passphrase=None, + pkey=None, key_filename=None, timeout=None, allow_agent=True, look_for_keys=True, compress=False, sock=None): """ Connect to an SSH server and authenticate to it. The server's host key @@ -262,6 +262,10 @@ class SSHClient (object): @param password: a password to use for authentication or for unlocking a private key @type password: str + @param passphrase: a passphrase to use for unlocking + a private key in case the password is already needed for two-factor + authentication + @type passphrase: str @param pkey: an optional private key to use for authentication @type pkey: L{PKey} @param key_filename: the filename, or list of filenames, of optional @@ -339,7 +343,7 @@ class SSHClient (object): key_filenames = [ key_filename ] else: key_filenames = key_filename - self._auth(username, password, pkey, key_filenames, allow_agent, look_for_keys) + self._auth(username, password, passphrase, pkey, key_filenames, allow_agent, look_for_keys) def close(self): """ @@ -429,7 +433,7 @@ class SSHClient (object): """ return self._transport - def _auth(self, username, password, pkey, key_filenames, allow_agent, look_for_keys): + def _auth(self, username, password, passphrase, pkey, key_filenames, allow_agent, look_for_keys): """ Try, in order: @@ -438,12 +442,17 @@ class SSHClient (object): - Any "id_rsa" or "id_dsa" key discoverable in ~/.ssh/ (if allowed). - Plain username/password auth, if a password was given. - (The password might be needed to unlock a private key, or for - two-factor authentication [for which it is required].) + The password might be needed to unlock a private key, or for + two-factor authentication [for which it is required]. + + If the SSH key needs unlocking via passphrase and two-factor + auth requires a password, the passphrase is unused for unlocking + the key whereas the password is used for server authentication. """ saved_exception = None two_factor = False allowed_types = [] + if passphrase is None: passphrase = password if pkey is not None: try: @@ -455,20 +464,6 @@ class SSHClient (object): except SSHException, e: saved_exception = e - if not two_factor: - for key_filename in key_filenames: - for pkey_class in (RSAKey, DSSKey): - try: - key = pkey_class.from_private_key_file(key_filename, password) - self._log(DEBUG, 'Trying key %s from %s' % (hexlify(key.get_fingerprint()), key_filename)) - self._transport.auth_publickey(username, key) - two_factor = (allowed_types == ['password']) - if not two_factor: - return - break - except SSHException, e: - saved_exception = e - if not two_factor and allow_agent: if self._agent == None: self._agent = Agent() @@ -486,6 +481,23 @@ class SSHClient (object): saved_exception = e if not two_factor: + for key_filename in key_filenames: + for pkey_class in (RSAKey, DSSKey): + try: + key = pkey_class.from_private_key_file(key_filename, passphrase) + self._log(DEBUG, 'Trying key %s from %s' % (hexlify(key.get_fingerprint()), key_filename)) + allowed_types = self._transport.auth_publickey(username, key) + two_factor = (allowed_types == ['password']) + if not two_factor: + return + break + except PasswordRequiredException, e: + saved_exception = e + break + except SSHException, e: + saved_exception = e + + if not two_factor: keyfiles = [] rsa_key = os.path.expanduser('~/.ssh/id_rsa') dsa_key = os.path.expanduser('~/.ssh/id_dsa') @@ -506,7 +518,7 @@ class SSHClient (object): for pkey_class, filename in keyfiles: try: - key = pkey_class.from_private_key_file(filename, password) + key = pkey_class.from_private_key_file(filename, passphrase) self._log(DEBUG, 'Trying discovered key %s in %s' % (hexlify(key.get_fingerprint()), filename)) # for 2-factor auth a successfully auth'd key will result in ['password'] allowed_types = self._transport.auth_publickey(username, key) diff --git a/paramiko/hostkeys.py b/paramiko/hostkeys.py index f64e6e6..0f29f2b 100644 --- a/paramiko/hostkeys.py +++ b/paramiko/hostkeys.py @@ -130,9 +130,9 @@ class HostKeys (UserDict.DictMixin): if filename is not None: self.load(filename) - def add(self, hostname, keytype, key): + def add(self, hostname, keytype, key, hash_hostname=True): """ - Add a host key entry to the table. Any existing entry for a + Add a host key entry to the table. Any existing entry for a C{(hostname, keytype)} pair will be replaced. @param hostname: the hostname (or IP) to add @@ -141,11 +141,14 @@ class HostKeys (UserDict.DictMixin): @type keytype: str @param key: the key to add @type key: L{PKey} + """ for e in self._entries: if (hostname in e.hostnames) and (e.key.get_name() == keytype): e.key = key return + if not hostname.startswith('|1|') and hash_hostname: + hostname = self.hash_host(hostname) self._entries.append(HostKeyEntry([hostname], key)) def load(self, filename): hooks/post-receive -- python-paramiko.git (Debian package python-paramiko) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "python-paramiko.git" (Debian package python-paramiko).

1 0

python-paramiko.git - x2go (branch) updated: bc71e90bcb8cd8d270e43bb108f67c7cef485328
by git-admin＠x2go.org 27 Sep '13

27 Sep '13

The branch, x2go has been updated via bc71e90bcb8cd8d270e43bb108f67c7cef485328 (commit) from aa89cf6f18b544c1e9ffbb4436a2cbc9aa92b566 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bc71e90bcb8cd8d270e43bb108f67c7cef485328 Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Date: Fri Sep 27 23:45:46 2013 +0200 move the changes from patch 007 further down, so we do not get conflicts whith every new upstream release ----------------------------------------------------------------------- Summary of changes: debian/patches/007_reintroduce-version-info.patch | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) The diff of changes is: diff --git a/debian/patches/007_reintroduce-version-info.patch b/debian/patches/007_reintroduce-version-info.patch index 229f774..9b9fedc 100644 --- a/debian/patches/007_reintroduce-version-info.patch +++ b/debian/patches/007_reintroduce-version-info.patch @@ -2,11 +2,20 @@ Description: Reintroduce __version_info__ as it breaks mysql-workbench Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> --- a/paramiko/__init__.py +++ b/paramiko/__init__.py -@@ -58,6 +58,7 @@ - - __author__ = "Jeff Forcier <jeff(a)bitprophet.org>" +@@ -60,7 +60,6 @@ __version__ = "1.11.0" -+__version_info__ = tuple([ int(d) for d in __version__.split(".") ]) __license__ = "GNU Lesser General Public License (LGPL)" +- + from transport import SecurityOptions, Transport + from client import SSHClient, MissingHostKeyPolicy, AutoAddPolicy, RejectPolicy, WarningPolicy + from auth_handler import AuthHandler +@@ -87,6 +86,8 @@ + from config import SSHConfig + from proxy import ProxyCommand ++__version_info__ = tuple([ int(d) for d in __version__.split(".") ]) ++ + # fix module names for epydoc + for c in locals().values(): + if issubclass(type(c), type) or type(c).__name__ == 'classobj': hooks/post-receive -- python-paramiko.git (Debian package python-paramiko) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "python-paramiko.git" (Debian package python-paramiko).

1 0

python-paramiko.git - x2go (branch) updated: aa89cf6f18b544c1e9ffbb4436a2cbc9aa92b566
by git-admin＠x2go.org 27 Sep '13

27 Sep '13

The branch, x2go has been updated via aa89cf6f18b544c1e9ffbb4436a2cbc9aa92b566 (commit) from 98477465da692687415cecae61069bec8cc902c8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit aa89cf6f18b544c1e9ffbb4436a2cbc9aa92b566 Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Date: Fri Sep 27 23:25:09 2013 +0200 Add patch: 007_reintroduce-version-info.patch ----------------------------------------------------------------------- Summary of changes: debian/changelog | 1 + debian/patches/007_reintroduce-version-info.patch | 12 ++++++++++++ debian/patches/series | 1 + 3 files changed, 14 insertions(+) create mode 100644 debian/patches/007_reintroduce-version-info.patch The diff of changes is: diff --git a/debian/changelog b/debian/changelog index 3f2e9a2..e0dbb9f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,6 +7,7 @@ paramiko (1.11.0-0) UNRELEASED; urgency=low + Add patch: 004_password-passphrase-auth.patch + Add patch: 005_fix-key-filename-with-two-factor-auth.patch + Add patch: 006_prefer-agent-auth-to-key-file-auth.patch + + Add patch: 007_reintroduce-version-info.patch -- Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> Mon, 29 Apr 2013 13:08:38 +0200 diff --git a/debian/patches/007_reintroduce-version-info.patch b/debian/patches/007_reintroduce-version-info.patch new file mode 100644 index 0000000..229f774 --- /dev/null +++ b/debian/patches/007_reintroduce-version-info.patch @@ -0,0 +1,12 @@ +Description: Reintroduce __version_info__ as it breaks mysql-workbench +Author: Mike Gabriel <mike.gabriel(a)das-netzwerkteam.de> +--- a/paramiko/__init__.py ++++ b/paramiko/__init__.py +@@ -58,6 +58,7 @@ + + __author__ = "Jeff Forcier <jeff(a)bitprophet.org>" + __version__ = "1.11.0" ++__version_info__ = tuple([ int(d) for d in __version__.split(".") ]) + __license__ = "GNU Lesser General Public License (LGPL)" + + diff --git a/debian/patches/series b/debian/patches/series index ea63d55..6d87d1f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -4,3 +4,4 @@ 004_password-passphrase-auth.patch 005_fix-key-filename-with-two-factor-auth.patch 006_prefer-agent-auth-to-key-file-auth.patch +007_reintroduce-version-info.patch hooks/post-receive -- python-paramiko.git (Debian package python-paramiko) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "python-paramiko.git" (Debian package python-paramiko).

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

x2go-commits September 2013