The branch, twofactorauth has been updated via cac70a5c83b14573d816108094bea2b9700b70f9 (commit) from 54ba077c24f31891f5c466e5a0ba3a39897c8a53 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- ----------------------------------------------------------------------- Summary of changes: debian/changelog | 1 + x2go/backends/control/_stdout.py | 14 +++++++++++++- x2go/client.py | 5 ++++- x2go/defaults.py | 2 +- x2go/{monkey_patch_paramiko.py => paramiko.py} | 9 ++++++++- x2go/registry.py | 4 ++++ x2go/session.py | 5 +++++ x2go/utils.py | 23 +++++++++++++++++++++++ 8 files changed, 59 insertions(+), 4 deletions(-) rename x2go/{monkey_patch_paramiko.py => paramiko.py} (92%) The diff of changes is: diff --git a/debian/changelog b/debian/changelog index 9811041..1a38ec0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -16,6 +16,7 @@ python-x2go (0.2.0.11-0~x2go1) UNRELEASED; urgency=low _NET_WORKAREA is not available from the window manager. - Mention ,,maximize'' as possible value for session option geometry in __doc__string of class X2goTerminalSessionSTDOUT. + - Implement SSH agent authentication forwarding. * /debian/rules: + Allow package build on systems with missing dh_python2. diff --git a/x2go/backends/control/_stdout.py b/x2go/backends/control/_stdout.py index 7e8259b..903ef37 100644 --- a/x2go/backends/control/_stdout.py +++ b/x2go/backends/control/_stdout.py @@ -38,6 +38,7 @@ import locale import threading import cStringIO +from distutils import version from gevent import socket # Python X2Go modules @@ -117,6 +118,7 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): profile_name='UNKNOWN', add_to_known_hosts=False, known_hosts=None, + forward_sshagent=False, terminal_backend=_X2goTerminalSession, info_backend=_X2goServerSessionInfo, list_backend=_X2goServerSessionList, @@ -140,6 +142,8 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): @type add_to_known_hosts: C{bool} @param known_hosts: the underlying Paramiko/SSH systems C{known_hosts} file @type known_hosts: C{str} + @param forward_sshagent: forward SSH agent authentication requests to the X2Go client-side + @type forward_sshagent: C{bool} @param terminal_backend: X2Go terminal session backend to use @type terminal_backend: C{class} @param info_backend: backend for handling storage of server session information @@ -173,6 +177,7 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): self.profile_name = profile_name self.add_to_known_hosts = add_to_known_hosts self.known_hosts = known_hosts + self.forward_sshagent = forward_sshagent self.hostname = None self.port = None @@ -825,9 +830,16 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): ssh_transport._x2go_session_marker = True self._session_password = password - if self.get_transport(): + if ssh_transport is not None: self.session_died = False self.query_server_features(force=True) + if self.forward_sshagent: + if x2go.paramiko.PARAMIKO_FEATURE['forward-ssh-agent']: + self.agent_chan = ssh_transport.open_session() + self.agent_handler = paramiko.agent.AgentRequestHandler(self.agent_chan) + self.logger('Requesting SSH agent forwarding for control session of connected session profile %s' % self.profile_name, loglevel=log.loglevel_INFO) + else: + self.logger('SSH agent forwarding is not available in the Paramiko version used with this instance of Python X2Go', loglevel=log.loglevel_WARN) self._remote_home = None if not self.home_exists(): diff --git a/x2go/client.py b/x2go/client.py index 53a3ab2..a22df3a 100644 --- a/x2go/client.py +++ b/x2go/client.py @@ -856,7 +856,7 @@ class X2goClient(object): allow_printing=False, allow_share_local_folders=False, share_local_folders=[], allow_mimebox=False, mimebox_extensions=[], mimebox_action='OPEN', - add_to_known_hosts=False, known_hosts=None, + add_to_known_hosts=False, known_hosts=None, forward_sshagent=False, proxy_options={}, return_object=False, **kwargs): """\ @@ -913,6 +913,8 @@ class X2goClient(object): @type add_to_known_hosts: C{bool} @param known_hosts: full path to C{known_hosts} file @type known_hosts: C{str} + @param forward_sshagent: forward SSH agent authentication requests to the X2Go client-side + @type forward_sshagent: C{bool} @param proxy_options: a set of very C{X2goProxy*} backend specific options; any option that is not known to the C{X2goProxy*} backend will simply be ignored @type proxy_options: C{dict} @@ -992,6 +994,7 @@ class X2goClient(object): keep_controlsession_alive=True, add_to_known_hosts=add_to_known_hosts, known_hosts=known_hosts, + forward_sshagent=forward_sshagent, **_params) self.logger('initializing X2Go session...', log.loglevel_NOTICE, tag=self._logger_tag) diff --git a/x2go/defaults.py b/x2go/defaults.py index 96115f3..73816cb 100644 --- a/x2go/defaults.py +++ b/x2go/defaults.py @@ -304,7 +304,7 @@ X2GO_SESSIONPROFILE_DEFAULTS = { 'usekbd': True, 'layout': 'us', 'type': 'pc105/us', 'variant': '', 'sound': False, 'soundsystem': 'pulse', 'startsoundsystem': False, 'soundtunnel':True, 'defsndport':True, 'sndport':4713, 'name': 'NEW_PROFILE', 'icon': ':icons/128x128/x2gosession.png', - 'host': 'server.mydomain', 'user': CURRENT_LOCAL_USER, 'key': '', 'sshport': 22, 'krblogin': False, + 'host': 'server.mydomain', 'user': CURRENT_LOCAL_USER, 'key': '', 'sshport': 22, 'krblogin': False, 'forwardsshagent': False, 'rootless': True, 'applications': X2GO_GENERIC_APPLICATIONS, 'command':'TERMINAL', 'published': False, 'directrdp': False, 'directrdpsettings': '', 'rdpclient': 'rdesktop', 'rdpport': 3389, 'rdpoptions': '-u X2GO_USER -p X2GO_PASSWORD', 'rdpserver': '', diff --git a/x2go/monkey_patch_paramiko.py b/x2go/paramiko.py similarity index 92% rename from x2go/monkey_patch_paramiko.py rename to x2go/paramiko.py index f9b373b..caafb5f 100644 --- a/x2go/monkey_patch_paramiko.py +++ b/x2go/paramiko.py @@ -18,11 +18,18 @@ # 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. """\ -Monkey Patch for Python Paramiko +Monkey Patch and feature map for Python Paramiko """ import paramiko +from x2go.utils import compare_versions + +PARAMIKO_VERSION = paramiko.__version__.split()[0] +PARAMIKO_FEATURE = { + 'forward-ssh-agent': compare_versions(PARAMIKO_VERSION, ">=", '1.8'), + 'use-compression': compare_versions(PARAMIKO_VERSION, ">=", '1.7.7.1'), +} def _SSHClient_save_host_keys(self, filename): """\ diff --git a/x2go/registry.py b/x2go/registry.py index 85ddf3f..61ceba3 100644 --- a/x2go/registry.py +++ b/x2go/registry.py @@ -460,6 +460,7 @@ class X2goSessionRegistry(object): keep_controlsession_alive=True, add_to_known_hosts=False, known_hosts=None, + forward_sshagent=False, **kwargs): """\ Register a new L{X2goSession} instance with this L{X2goSessionRegistry}. @@ -498,6 +499,8 @@ class X2goSessionRegistry(object): @type add_to_known_hosts: C{bool} @param known_hosts: the underlying Paramiko/SSH systems C{known_hosts} file @type known_hosts: C{str} + @param forward_sshagent: forward SSH agent authentication requests to the X2Go client-side + @type forward_sshagent: C{bool} @param kwargs: all other options will be passed on to the constructor of the to-be-instantiated L{X2goSession} instance @type C{dict} @@ -555,6 +558,7 @@ class X2goSessionRegistry(object): keep_controlsession_alive=keep_controlsession_alive, add_to_known_hosts=add_to_known_hosts, known_hosts=known_hosts, + forward_sshagent=forward_sshagent, logger=self.logger, **kwargs) session_uuid = s._X2goSession__get_uuid() diff --git a/x2go/session.py b/x2go/session.py index 346a452..73cc969 100644 --- a/x2go/session.py +++ b/x2go/session.py @@ -155,6 +155,7 @@ class X2goSession(object): keep_controlsession_alive=False, add_to_known_hosts=False, known_hosts=None, + forward_sshagent=False, logger=None, loglevel=log.loglevel_DEFAULT, connected=False, activated=False, virgin=True, running=None, suspended=None, terminated=None, faulty=None, client_instance=None, @@ -216,6 +217,8 @@ class X2goSession(object): @type add_to_known_hosts: C{bool} @param known_hosts: the underlying Paramiko/SSH systems C{known_hosts} file @type known_hosts: C{str} + @param forward_sshagent: forward SSH agent authentication requests to the SSH agent on the X2Go client-side + @type forward_sshagent: C{bool} @param connected: manipulate session state »connected« by giving a pre-set value @type connected: C{bool} @param activated: normal leave this untouched, an activated session is a session that is about to be used @@ -330,6 +333,7 @@ class X2goSession(object): self.add_to_known_hosts = add_to_known_hosts self.known_hosts = known_hosts + self.forward_sshagent = forward_sshagent self._current_status = { 'timestamp': time.time(), @@ -504,6 +508,7 @@ class X2goSession(object): self.control_session = self.control_backend(profile_name=self.profile_name, add_to_known_hosts=self.add_to_known_hosts, known_hosts=self.known_hosts, + forward_sshagent=self.forward_sshagent, terminal_backend=self.terminal_backend, info_backend=self.info_backend, list_backend=self.list_backend, diff --git a/x2go/utils.py b/x2go/utils.py index f8dee91..49aa9d6 100644 --- a/x2go/utils.py +++ b/x2go/utils.py @@ -33,6 +33,7 @@ import socket import gevent import string import subprocess +import distutils.version # Python X2Go modules from defaults import X2GOCLIENT_OS as _X2GOCLIENT_OS @@ -209,6 +210,7 @@ def _convert_SessionProfileOptions_2_SessionParams(options): 'published': 'published_applications', 'autostart': 'auto_start_or_resume', 'autologin': 'auto_connect', + 'forwardsshagent': 'forward_sshagent', } _speed_dict = { @@ -720,3 +722,24 @@ def merge_ordered_lists(l1, l2): return ordered_list +def compare_versions(version_a, op, version_b): + """\ + Compare <version_a> with <version_b> using operator <op>. + In the background C{distutils.version.LooseVersion} is + used for the comparison operation. + + @param version_a: a version string + @type version_a: C{str} + @param op: an operator provide as string (e.g. '<', '>', '==', '>=' etc.) + @type op: C{str} + @param version_b: another version string that is to be compared with <version_a> + @type version_b: C{str} + + """ + + ### FIXME: this comparison is not reliable with beta et al. version strings + + ver_a = distutils.version.LooseVersion(version_a) + ver_b = distutils.version.LooseVersion(version_b) + + return eval("ver_a %s ver_b" % op) hooks/post-receive -- python-x2go.git (Python X2Go Client API) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "python-x2go.git" (Python X2Go Client API).