This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 69fa03ef3eb9e6bf4aa299e3de6194b315c39d6e Author: Josh Lukens <jlukens@botch.com> Date: Thu Mar 6 21:33:38 2014 -0500 Add simple https get authmech. (Fixes: #450). --- debian/changelog | 1 + x2gobroker/authmechs/https_get_authmech.py | 63 ++++++++++++++++++++++++++++ 2 files changed, 64 insertions(+) diff --git a/debian/changelog b/debian/changelog index bb4cb93..49e1087 100644 --- a/debian/changelog +++ b/debian/changelog @@ -119,6 +119,7 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low - Add support for dynamic cookie based auth after initial password auth. (Fixes: #447). - Add support to run pre and post authentication scripts. (Fixes: #449). + - Add auth mechanism https_get. (Fixes: #450). -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Fri, 07 Jun 2013 23:25:30 +0200 diff --git a/x2gobroker/authmechs/https_get_authmech.py b/x2gobroker/authmechs/https_get_authmech.py new file mode 100755 index 0000000..d8d1a99 --- /dev/null +++ b/x2gobroker/authmechs/https_get_authmech.py @@ -0,0 +1,63 @@ +# -*- coding: utf-8 -*- + +# Copyright (C) 2012-2013 by Mike Gabriel <mike.gabriel@das-netzwerkteam.de> +# Copyright (C) 2012-2013 by Oleksandr Shneyder <oleksandr.shneyder@obviously-nice.de> +# +# X2Go Session Broker is free software; you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# X2Go Session Broker is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program; if not, write to the +# Free Software Foundation, Inc., +# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. + +# Very simple authmech that requests a webpage over https with basic auth. +# If the page is fetched successfully (status 200) the user is authenticated. +# +# Used in conjunction with something like an apache server you can get easy +# access to the full handful of existing auth modules for things like radius, +# RSA, etc. +# +# Server name and path must be hard coded below for the time being. Also note +# that the httplib module used does not verify SSL certificates so be sure +# you are on a trusted network as there is a possibility of a man in the middle +# attack. + +# modules +import sys +import httplib +import base64 +import string + +class X2GoBrokerAuthMech(object): + + def authenticate(self, username, password): + + ## FIXME: these should really be specificed in config file + host = "my.webserver.com" + path = "/auth/index.html" + + # base64 encode the username and password + auth = base64.standard_b64encode('%s:%s' % (username, password)).replace('\n', '') + + https = httplib.HTTPSConnection(host) + https.putrequest("GET", path) + https.putheader("Host", host) + https.putheader("User-Agent", "x2go http auth") + https.putheader("Authorization", "Basic %s" % auth) + https.endheaders() + + response = https.getresponse() + https.close() + + if response.status == 200: + return True + + return False -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git