This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 2ab4eec987ab55dd496973b1727a4e9c992c6664 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Wed Apr 1 14:17:35 2015 +0200 x2gobroker-pubkeyauthorizer: Handle replacement of SSH pubkeys with wrong/ old SSH options. --- debian/changelog | 2 ++ sbin/x2gobroker-pubkeyauthorizer | 15 ++++++++++++--- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/debian/changelog b/debian/changelog index 45e4ccd..0f5d81f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -298,6 +298,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low and let X2Go Client release itself, that the host is unreachable. - x2gobroker-loadchecker: Don't freeze if load information for a complete load-balanced server farm is unavailable. + - x2gobroker-pubkeyauthorizer: Handle replacement of SSH pubkeys with wrong/ + old SSH options. * debian/control: + Provide separate bin:package for SSH brokerage: x2gobroker-ssh. + Replace LDAP support with session brokerage support in LONG_DESCRIPTION. diff --git a/sbin/x2gobroker-pubkeyauthorizer b/sbin/x2gobroker-pubkeyauthorizer index 619fe20..2bf6f8d 100755 --- a/sbin/x2gobroker-pubkeyauthorizer +++ b/sbin/x2gobroker-pubkeyauthorizer @@ -145,15 +145,23 @@ if __name__ == '__main__': logger_broker.info(' Found {i} public keys at URL {url}'.format(i=len(new_pubkeys), url=cmdline_args.broker_url)) tmpfile.close() + append_newline = "" try: read_authorized_keys = open('{home}/.ssh/authorized_keys'.format(home=broker_home), 'rb') - already_authorized_keys = read_authorized_keys.read().split('\n') + _content = read_authorized_keys.read() + if _content and ord(_content[-1]) != 10: + append_newline = '\n' + already_authorized_keys = _content.split('\n') read_authorized_keys.close() except IOError: already_authorized_keys = [] append_authorized_keys = open('{home}/.ssh/authorized_keys'.format(home=broker_home), 'ab') + if append_newline: + logger_broker.warning(' The file {authorized_keys} does not end with a newline character. Adding it.'.format(authorized_keys='{home}/.ssh/authorized_keys'.format(home=broker_home))) + append_authorized_keys.write(append_newline) + i = 0 to_be_removed = [] for new_pubkey in new_pubkeys: @@ -181,8 +189,9 @@ if __name__ == '__main__': keyopts = "" if " " in keytype: keyopts, keytype = keytype.rsplit(" ", 1) - if " ".join([keytype, pubkey, owner]) in already_authorized_keys: - to_be_removed.append(" ".join([keytype, pubkey, owner])) + for authorized_key in [ k for k in already_authorized_keys if k ]: + if authorized_key.endswith(" ".join([keytype, pubkey, owner])) and not authorized_key.startswith(keyopts): + to_be_removed.append(authorized_key) if new_pubkey not in already_authorized_keys: append_authorized_keys.write('{k}\n'.format(k=new_pubkey)) -- Alioth's /srv/git/code.x2go.org/x2gobroker.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git