This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch release/4.0.1.x in repository x2goserver. commit 7be656cd888024baba6df01d06e7ed93258dfc35 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Sat Dec 6 22:46:08 2014 +0100 Handle AD domain users gracefully when X2Go is used with SQLite DB backend. (Fixes: #664). --- debian/changelog | 2 ++ x2goserver/lib/x2gosqlitewrapper.pl | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/debian/changelog b/debian/changelog index 5c71034..84cdd56 100644 --- a/debian/changelog +++ b/debian/changelog @@ -50,6 +50,8 @@ x2goserver (4.0.1.19-0x2go1) UNRELEASED; urgency=medium clipboard mode feature (and probably other code changes). - Document session startup / resumption failures (and their reasons) in server-side log output. + - Handle AD domain users gracefully when X2Go is used with SQLite DB + backend. (Fixes: #664). * debian/control: + Add D (x2goserver): libfile-which-perl. + Add C (x2goserver: x2godesktopsharing (<< 3.1.1.2). diff --git a/x2goserver/lib/x2gosqlitewrapper.pl b/x2goserver/lib/x2gosqlitewrapper.pl index deb0925..8a02f98 100755 --- a/x2goserver/lib/x2gosqlitewrapper.pl +++ b/x2goserver/lib/x2gosqlitewrapper.pl @@ -519,9 +519,17 @@ sub check_user { my $sid=shift or die "argument \"session_id\" missed"; return if $realuser eq "root"; + # session id looks like someuser-51-1304005895_stDgnome-session_dp24 # during DB insertsession it only looks like someuser-51-1304005895 + + # derive the session's user from the session name/id my $user = "$sid"; + + # handle ActiveDirectory Domain user accounts gracefully + $realuser =~ s/\\//; + + # perform the user check $user =~ s/($realuser-[0-9]{2,}-[0-9]{10,}_st(D|R).*|.*-[0-9]{2,}-[0-9]{10,}_stS(0|1)XSHAD$realuser.*)/$realuser/; $user eq $realuser or die "$realuser is not authorized"; } -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goserver.git