The branch, release/4.0.1.x has been updated via e29fa6e3fcb823fde96ed10e6cb27a6ad0d65a12 (commit) from 4c62b385033f4b5e909367596c54b19ee869edb9 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e29fa6e3fcb823fde96ed10e6cb27a6ad0d65a12 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Mon Jan 6 13:42:32 2014 +0100 Allow dots (".") in sanitized session names. ----------------------------------------------------------------------- Summary of changes: debian/changelog | 1 + x2goserver/bin/x2gostartagent | 2 +- x2goserver/lib/x2godbwrapper.pm | 24 ++++++++++++------------ x2goserver/lib/x2gosqlitewrapper.pl | 32 ++++++++++++++++---------------- x2goserver/lib/x2goutils.pm | 6 +++--- 5 files changed, 33 insertions(+), 32 deletions(-) The diff of changes is: diff --git a/debian/changelog b/debian/changelog index 9012f3f..9d38b8d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -178,6 +178,7 @@ x2goserver (4.0.0.9-0x2go1) UNRELEASED; urgency=low - Sanitize session name in x2gostartagent, as well. Fixes problems with custom session commands containing characters that get sanitized out. + - Allow dots (".") in sanitized session names. -- Mike Gabriel <mga@listrac.informatik.uni-kiel.de> Mon, 06 Jan 2014 12:35:24 +0100 diff --git a/x2goserver/bin/x2gostartagent b/x2goserver/bin/x2gostartagent index cd82f27..6ad27e2 100755 --- a/x2goserver/bin/x2gostartagent +++ b/x2goserver/bin/x2gostartagent @@ -167,7 +167,7 @@ while [ "$OUTPUT" != "inserted" ]; do SESSION_NAME="${SESSION_NAME}_st${SESSION_TYPE}${X2GO_CMD}_dp${COLORDEPTH}" SESSION_NAME=`echo "$SESSION_NAME" | sed -e "s/:/PP/g"` # sanitize session name - SESSION_NAME=`echo "$SESSION_NAME" | sed -e "s/[^a-zA-Z0-9\_\-]//g"` + SESSION_NAME=`echo "$SESSION_NAME" | sed -e "s/[^a-zA-Z0-9\_\-\.]//g"` fi OUTPUT=`$X2GO_LIB_PATH/x2goinsertsession "$X2GO_PORT" "$HOSTNAME" "$SESSION_NAME"` fi diff --git a/x2goserver/lib/x2godbwrapper.pm b/x2goserver/lib/x2godbwrapper.pm index 259e567..1315575 100644 --- a/x2goserver/lib/x2godbwrapper.pm +++ b/x2goserver/lib/x2godbwrapper.pm @@ -193,7 +193,7 @@ sub dbsys_getmounts my $sid=shift or die "argument \"session_id\" missed"; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my @strings; my $dbh=DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port;sslmode=$sslmode", "$dbuser", "$dbpass",{AutoCommit => 1}) or die $_; my $sth=$dbh->prepare("select client, path from mounts where session_id='$sid'"); @@ -223,7 +223,7 @@ sub db_getmounts my $sid=shift or die "argument \"session_id\" missed"; if($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my @strings; my $dbh=DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port;sslmode=$sslmode", "$dbuser", "$dbpass",{AutoCommit => 1}) or die $_; my $sth=$dbh->prepare("select client, path from mounts_view where session_id='$sid'"); @@ -253,7 +253,7 @@ sub db_deletemount my $path=shift or die "argument \"path\" missed"; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $dbh=DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port;sslmode=$sslmode", "$dbuser", "$dbpass",{AutoCommit => 1}) or die $_; my $sth=$dbh->prepare("delete from mounts_view where session_id='$sid' and path='$path'"); $sth->execute(); @@ -275,7 +275,7 @@ sub db_insertmount my $res_ok=0; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $dbh=DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port;sslmode=$sslmode", "$dbuser", "$dbpass",{AutoCommit => 1}) or die $_; my $sth=$dbh->prepare("insert into mounts (session_id,path,client) values ('$sid','$path','$client')"); $sth->execute(); @@ -304,7 +304,7 @@ sub db_insertsession my $sid=shift or die "argument \"session_id\" missed"; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; $display = x2goutils::sanitizer('num', $display) or die "argument \"display\" malformed"; my $dbh=DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port;sslmode=$sslmode", "$dbuser", "$dbpass",{AutoCommit => 1}) or die $_; my $sth=$dbh->prepare("insert into sessions (display,server,uname,session_id) values ('$display','$server','$uname','$sid')"); @@ -334,7 +334,7 @@ sub db_createsession my $sid=shift or die "argument \"session_id\" missed"; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; $pid = x2goutils::sanitizer('num', $pid) or die "argument \"pid\" malformed"; $gr_port = x2goutils::sanitizer('num', $gr_port) or die "argument \"gr_port\" malformed"; $snd_port = x2goutils::sanitizer('num', $snd_port) or die "argument \"snd_port\" malformed"; @@ -365,7 +365,7 @@ sub db_insertport my $sshport=shift or die "argument \"port\" missed"; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $dbh=DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port;sslmode=$sslmode", "$dbuser", "$dbpass",{AutoCommit => 1}) or die $_; my $sth=$dbh->prepare("insert into used_ports (server,session_id,port) values ('$server','$sid','$sshport')"); $sth->execute()or die; @@ -408,7 +408,7 @@ sub db_resume my $fs_port=shift or die "argument \"fs_port\" missed"; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; $gr_port = x2goutils::sanitizer('num', $gr_port) or die "argument \"gr_port\" malformed"; $snd_port = x2goutils::sanitizer('num', $snd_port) or die "argument \"snd_port\" malformed"; $fs_port = x2goutils::sanitizer('num', $fs_port) or die "argument \"fs_port\" malformed"; @@ -432,7 +432,7 @@ sub db_changestatus my $sid=shift or die "argument \"session_id\" missed"; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $dbh=DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port;sslmode=$sslmode", "$dbuser", "$dbpass",{AutoCommit => 1}) or die $_; my $sth=$dbh->prepare("update sessions_view set last_time=now(),status='$status' where session_id = '$sid'"); $sth->execute()or die; @@ -452,7 +452,7 @@ sub db_getstatus my $status=''; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $dbh=DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port;sslmode=$sslmode", "$dbuser", "$dbpass",{AutoCommit => 1}) or die $_; my $sth=$dbh->prepare("select status from sessions_view where session_id = '$sid'"); $sth->execute($sid) or die; @@ -566,7 +566,7 @@ sub db_getagent my $sid=shift or die "argument \"session_id\" missed"; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $dbh=DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port;sslmode=$sslmode", "$dbuser", "$dbpass",{AutoCommit => 1}) or die $_; my $sth=$dbh->prepare("select agent_pid from sessions_view where session_id ='$sid'"); @@ -594,7 +594,7 @@ sub db_getdisplay my $sid=shift or die "argument \"session_id\" missed"; if ($backend eq 'postgres') { - $sid = x2goutils::sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = x2goutils::sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $dbh=DBI->connect("dbi:Pg:dbname=$db;host=$host;port=$port;sslmode=$sslmode", "$dbuser", "$dbpass",{AutoCommit => 1}) or die $_; my $sth=$dbh->prepare("select display from sessions_view where session_id ='$sid'"); diff --git a/x2goserver/lib/x2gosqlitewrapper.pl b/x2goserver/lib/x2gosqlitewrapper.pl index 48278fa..c146b3b 100755 --- a/x2goserver/lib/x2gosqlitewrapper.pl +++ b/x2goserver/lib/x2gosqlitewrapper.pl @@ -60,9 +60,9 @@ sub sanitizer { $string = $1; return $string; } else {return 0;} - } elsif ($type eq "anumazcsdaus") { - $string =~ s/[^a-zA-Z0-9\_\-]//g; - if ($string =~ /^([a-zA-Z0-9\_\-]*)$/) { + } elsif ($type eq "pnixusername") { + $string =~ s/[^a-zA-Z0-9\_\-\.]//g; + if ($string =~ /^([a-zA-Z0-9\_\-\.]*)$/) { $string = $1; return $string; } else {return 0;} @@ -149,7 +149,7 @@ elsif($cmd eq "listsessionsroot_all") elsif($cmd eq "getmounts") { my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; check_user($sid); my @strings; my $sth=$dbh->prepare("select client, path from mounts where session_id=?"); @@ -165,7 +165,7 @@ elsif($cmd eq "getmounts") elsif($cmd eq "deletemount") { my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $path=shift or die "argument \"path\" missed"; check_user($sid); my $sth=$dbh->prepare("delete from mounts where session_id=? and path=?"); @@ -181,7 +181,7 @@ elsif($cmd eq "deletemount") elsif($cmd eq "deletemounts") { my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; check_user($sid); my $sth=$dbh->prepare("delete from mounts where session_id=?"); $sth->execute($sid); @@ -196,7 +196,7 @@ elsif($cmd eq "deletemounts") elsif($cmd eq "insertmount") { my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $path=shift or die "argument \"path\" missed"; my $client=shift or die "argument \"client\" missed"; check_user($sid); @@ -217,7 +217,7 @@ elsif($cmd eq "insertsession") $display = sanitizer('num', $display) or die "argument \"display\" malformed"; my $server=shift or die "argument \"server\" missed"; my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; check_user($sid); my $sth=$dbh->prepare("insert into sessions (display,server,uname,session_id, init_time, last_time) values (?, ?, ?, ?, datetime('now','localtime'), datetime('now','localtime'))"); @@ -239,7 +239,7 @@ elsif($cmd eq "createsession") my $fs_port=shift or die"argument \"fs_port\" missed"; $fs_port = sanitizer('num', $fs_port) or die "argument \"fs_port\" malformed"; my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; check_user($sid); my $sth=$dbh->prepare("update sessions set status='R',last_time=datetime('now','localtime'),cookie=?,agent_pid=?, client=?,gr_port=?,sound_port=?,fs_port=? where session_id=? and uname=?"); @@ -257,7 +257,7 @@ elsif($cmd eq "insertport") { my $server=shift or die "argument \"server\" missed"; my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $sshport=shift or die "argument \"port\" missed"; my $sth=$dbh->prepare("insert into used_ports (server,session_id,port) values (?, ?, ?)"); check_user($sid); @@ -274,7 +274,7 @@ elsif($cmd eq "rmport") { my $server=shift or die "argument \"server\" missed"; my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $sshport=shift or die "argument \"port\" missed"; my $sth=$dbh->prepare("delete from used_ports where server=? and session_id=? and port=?"); check_user($sid); @@ -290,7 +290,7 @@ elsif($cmd eq "resume") { my $client=shift or die "argument \"client\" missed"; my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $gr_port=shift or die "argument \"gr_port\" missed"; $gr_port = sanitizer('num', $gr_port) or die "argument \"gr_port\" malformed"; my $snd_port=shift or die "argument \"snd_port\" missed"; @@ -313,7 +313,7 @@ elsif($cmd eq "changestatus") { my $status=shift or die "argument \"status\" missed"; my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; check_user($sid); my $sth=$dbh->prepare("update sessions set last_time=datetime('now','localtime'), status=? where session_id = ? and uname=?"); @@ -329,7 +329,7 @@ elsif($cmd eq "changestatus") elsif($cmd eq "getstatus") { my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; check_user($sid); my $sth=$dbh->prepare("select status from sessions where session_id = ?"); $sth->execute($sid); @@ -415,7 +415,7 @@ elsif($cmd eq "getservers") elsif($cmd eq "getagent") { my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $agent; check_user($sid); my $sth=$dbh->prepare("select agent_pid from sessions @@ -439,7 +439,7 @@ elsif($cmd eq "getagent") elsif($cmd eq "getdisplay") { my $sid=shift or die "argument \"session_id\" missed"; - $sid = sanitizer('anumazcsdaus', $sid) or die "argument \"session_id\" malformed"; + $sid = sanitizer('pnixusername', $sid) or die "argument \"session_id\" malformed"; my $display; check_user($sid); my $sth=$dbh->prepare("select display from sessions diff --git a/x2goserver/lib/x2goutils.pm b/x2goserver/lib/x2goutils.pm index 05aa460..a2330ec 100644 --- a/x2goserver/lib/x2goutils.pm +++ b/x2goserver/lib/x2goutils.pm @@ -38,9 +38,9 @@ sub sanitizer { $string = $1; return $string; } else {return 0;} - } elsif ($type eq "anumazcsdaus") { - $string =~ s/[^a-zA-Z0-9\_\-]//g; - if ($string =~ /^([a-zA-Z0-9\_\-]*)$/) { + } elsif ($type eq "pnixusername") { + $string =~ s/[^a-zA-Z0-9\_\-\.]//g; + if ($string =~ /^([a-zA-Z0-9\_\-\.]*)$/) { $string = $1; return $string; } else {return 0;} hooks/post-receive -- x2goserver.git (X2Go Server) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "x2goserver.git" (X2Go Server).