The branch, master has been updated via 972d8cf6f428e3183beedbcaa9e4c6db1704cde1 (commit) from ec6440b91b3c0156c5c555800edb5e3fb53a417e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 972d8cf6f428e3183beedbcaa9e4c6db1704cde1 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Mon Jun 20 21:38:09 2011 +0200 Make sure SSH proxy password gets forgotten between two sessions, fix for mutiple open SSH client sessions. ----------------------------------------------------------------------- Summary of changes: debian/changelog | 1 + x2go/backends/control/_stdout.py | 17 ++++++++++++----- x2go/session.py | 4 ++-- x2go/sshproxy.py | 6 +++++- 4 files changed, 20 insertions(+), 8 deletions(-) The diff of changes is: diff --git a/debian/changelog b/debian/changelog index 5f60e5d..28d517c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -4,6 +4,7 @@ python-x2go (0.1.1.0-0~x2go1) UNRELEASED; urgency=low - Add X2go desktop sharing support. - Fix SSH authentication failures (close session on failure). - Close SSH connection first, then close down SSH proxy. + - Make sure SSH proxy password gets forgotten between two sessions. -- Mike Gabriel <mike@mimino.das-netzwerkteam.de> Mon, 20 Jun 2011 14:16:54 +0200 diff --git a/x2go/backends/control/_stdout.py b/x2go/backends/control/_stdout.py index 8e5a0c2..25e0943 100644 --- a/x2go/backends/control/_stdout.py +++ b/x2go/backends/control/_stdout.py @@ -356,6 +356,8 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): ) except: + if self.sshproxy_session: + self.sshproxy_session.stop_thread() self.sshproxy_session = None raise @@ -389,7 +391,7 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): look_for_keys=look_for_keys) except paramiko.AuthenticationException, e: - + self.close() if password: self.logger('next auth mechanism we\'ll try is keyboard-interactive authentication', loglevel=log.loglevel_DEBUG) try: @@ -397,6 +399,9 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): timeout=timeout, allow_agent=allow_agent, look_for_keys=look_for_keys) except paramiko.AuthenticationException, e: + self.close() + if self.sshproxy_session: + self.sshproxy_session.stop_thread() raise e except: self.close() @@ -425,6 +430,9 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): paramiko.SSHClient.connect(self, hostname, port=port, username=username, password=password, timeout=timeout, allow_agent=allow_agent, look_for_keys=look_for_keys) except paramiko.AuthenticationException, e: + self.close() + if self.sshproxy_session: + self.sshproxy_session.stop_thread() raise e except: self.close() @@ -493,7 +501,9 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): try: if self.get_transport() is not None: still_active = self.get_transport().is_active() - self.get_transport().close() + self.close() + if self.sshproxy_session is not None: + self.sshproxy_session.stop_thread() return still_active return False except AttributeError: @@ -501,10 +511,7 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): # but state that this method call did not close the SSH client, but was already closed return False - if self.sshproxy_session is not None: - self.sshproxy_session.stop_thread() - def is_alive(self): if self._x2go_exec_command('echo', loglevel=log.loglevel_DEBUG): return True diff --git a/x2go/session.py b/x2go/session.py index 687a010..4420ed2 100644 --- a/x2go/session.py +++ b/x2go/session.py @@ -702,9 +702,9 @@ class X2goSession(object): **_params) # remove credentials immediately self.control_params['password'] = '' - try: del self.control_params['sshproxy_user'] + try: del self.sshproxy_params['sshproxy_user'] except KeyError: pass - try: del self.control_params['sshproxy_password'] + try: del self.sshproxy_params['sshproxy_password'] except KeyError: pass if not self.connected: diff --git a/x2go/sshproxy.py b/x2go/sshproxy.py index 670fe0c..e59d430 100644 --- a/x2go/sshproxy.py +++ b/x2go/sshproxy.py @@ -173,6 +173,7 @@ class X2goSSHProxy(paramiko.SSHClient, threading.Thread): allow_agent=False, ) except AuthenticationException, e: + self.close() raise X2goSSHProxyAuthenticationException('pubkey auth mechanisms both failed') except: self.close() @@ -191,6 +192,7 @@ class X2goSSHProxy(paramiko.SSHClient, threading.Thread): allow_agent=False, ) except AuthenticationException: + self.close() raise X2goSSHProxyAuthenticationException('interactive auth mechanisms failed') except: self.close() @@ -256,12 +258,14 @@ class X2goSSHProxy(paramiko.SSHClient, threading.Thread): """ if self.fw_tunnel is not None and self.fw_tunnel.is_active: self.logger('taking down SSH proxy tunnel via [%s]:%s' % (self.hostname, self.port), loglevel=log.loglevel_NOTICE) - forward.stop_forward_tunnel(self.fw_tunnel) + try: forward.stop_forward_tunnel(self.fw_tunnel) + except: pass self.fw_tunnel = None self._keepalive = False if self.get_transport() is not None: self.logger('closing SSH proxy connection to [%s]:%s' % (self.hostname, self.port), loglevel=log.loglevel_NOTICE) self.close() + self.password = self.sshproxy_password = None def __del__(self): """\ hooks/post-receive -- python-x2go.git (Python X2go Client API) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "python-x2go.git" (Python X2go Client API).