This is an automated email from the git hooks/post-receive script. x2go pushed a change to branch master in repository x2goclient. from 9ad7066 src/onmainwindow.cpp: actually pass the correct group ID to the chgrp call and make sure that the warning dialog box also appears whenever the exit code indicates a failure. new b9e17cd src/onmainwindow.{cpp,h}: remove Cygwin permissions workaround via chgrp. new c1f259a copy-deps-win32.bat: update to 20180615-1 Cygwin bundle, shipping with a further modified OpenSSH Server version at 7.7p1-1-x2go1 and without chgrp. new 9c1ca41 src/onmainwindow.cpp: disable private host key permissions check in OpenSSH Server on Windows. Fixes: #1156. The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: copy-deps-win32.bat | 2 +- debian/changelog | 7 +++ src/onmainwindow.cpp | 124 +-------------------------------------------------- src/onmainwindow.h | 1 - 4 files changed, 9 insertions(+), 125 deletions(-) -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2goclient. commit b9e17cd0c9044197ab496dc0c60c196546d35fe0 Author: Mihai Moldovan <ionic@ionic.de> Date: Fri Jun 15 11:55:07 2018 +0200 src/onmainwindow.{cpp,h}: remove Cygwin permissions workaround via chgrp. --- debian/changelog | 2 + src/onmainwindow.cpp | 123 --------------------------------------------------- src/onmainwindow.h | 1 - 3 files changed, 2 insertions(+), 124 deletions(-) diff --git a/debian/changelog b/debian/changelog index de521ab..9c3bcf9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -93,6 +93,8 @@ x2goclient (4.1.2.0-0x2go1) UNRELEASED; urgency=medium - src/onmainwindow.cpp: actually pass the correct group ID to the chgrp call and make sure that the warning dialog box also appears whenever the exit code indicates a failure. + - src/onmainwindow.{cpp,h}: remove Cygwin permissions workaround via + chgrp. * x2goclient.spec: - Remove plugin references. * debian/rules: diff --git a/src/onmainwindow.cpp b/src/onmainwindow.cpp index 20f46e2..6c2fcb6 100644 --- a/src/onmainwindow.cpp +++ b/src/onmainwindow.cpp @@ -10397,125 +10397,6 @@ void ONMainWindow::slotSetWinServersReady() restoreCygnusSettings(); } -void ONMainWindow::workaround_cygwin_permissions_issue () { - /* - * Traditionally, user home directories were owned by a group called "None" - * (or usually also translated into the system locale, because it's - * Windows...). - * - * Newer versions, at least Windows 10 and higher, set the group to the - * user's group, quite like on Linux. - * - * This has interesting consequences for older Cygwin versions (up to - * 1.7.34 probably - we currently use 1.7.33). - * Windows has a general concept of users and groups, but keeps a database - * of both in a combined way, with actually unique IDs. Hence, if a - * directory is owned by an ID that corresponds to the user both in the - * owner and group ACLs, then Cygwin gets confused with owner and group - * permissions. - * Even though the effective group permissions might be "---", it somehow - * manages to map the effective owner permissions, that typically are - * "rwx", to the UNIX group permissions as well. - * Consequently, OpenSSH will error out complaining about the permissions - * of the host keys being too open, even though they really are not. - * - * To work around this problem, we will reset the group ID of - * ~/.x2go/etc to the None group ID, which conveniently has a reserved and - * fixed value of 513 (RID) or 197121 (Cygwin) across all systems. - * - * Note that we don't have to do that for ~/x2go/ssh/gen, since we disable - * file permission checks for user keys. - */ - QString etc_dir = cygwinPath (wapiShortFileName (homeDir + "/.x2go/etc")); - - QStringList args; - args << "-R" << "-v" << "197121" << etc_dir; - - QProcess chgrp; - chgrp.setStandardInputFile ( -#if QT_VERSION >= 0x050200 - QProcess::nullDevice () -#else - "\\\\.\\NUL" -#endif - ); - chgrp.start ("chgrp", args); - - bool fail = false; - while (!(chgrp.waitForStarted (10))) { - /* - * If the process state is still "Starting", it means that the timer in - * waitForStarted () ran out. Continue normal execution, otherwise - * handle the startup error. - */ - if (QProcess::Starting != chgrp.state ()) { - fail = true; - - break; - } - - QCoreApplication::processEvents (QEventLoop::AllEvents, 10); - } - - if (fail) { - show_RichText_WarningMsgBox (tr ("Unable to start chgrp helper."), - tr ("Changing the group permissions of the X2Go Client-specific " - "OpenSSH server configuration will not take place.") - + "\n" - + tr ("The OpenSSH server might fail to start on newer Windows " - "versions (10 and higher)."), - false); - - x2goDebug << "Failed to start chgrp: " << chgrp.error () - << " with exit status " << chgrp.exitStatus () - << " and exit code " << chgrp.exitCode () - << " (invalid unless exit status was QProcess::NormalExit)" - << "; continuing without directory regrouping. sshd might " - << "fail to start up."; - - return; - } - - fail = false; - while (!(chgrp.waitForFinished (10))) { - /* - * Pretty much the same logic as above, only slightly adaptated: - * a timeout only makes sense if the process is still "Running". - * Otherwise it must have died. - */ - if (QProcess::Running != chgrp.state ()) { - fail = true; - - break; - } - - QCoreApplication::processEvents (QEventLoop::AllEvents, 10); - } - - fail = ((fail) || (QProcess::NormalExit != chgrp.exitStatus ()) - || ((QProcess::NormalExit == chgrp.exitStatus ()) && (chgrp.exitCode ()))); - - if (fail) { - show_RichText_WarningMsgBox (tr ("Execution failure of chgrp helper."), - tr ("Changing the group permissions of the X2Go Client-specific " - "OpenSSH server configuration will not take place.") - + "\n" - + tr ("The OpenSSH server might fail to start on newer Windows " - "versions (10 and higher)."), - false); - - x2goDebug << "chgrp failed during execution: " << chgrp.error () - << " with exit status " << chgrp.exitStatus () - << " and exit code " << chgrp.exitCode () - << " (invalid unless exit status was QProcess::NormalExit)" - << "; continuing without directory regrouping. sshd might " - << "fail to start up."; - } - - x2goDebug << "chgrp stdout: " << chgrp.readAllStandardOutput () - << endl << "chgrp stderr: " << chgrp.readAllStandardError (); -} - #include <windows.h> #include<sstream> #endif @@ -10941,10 +10822,6 @@ bool ONMainWindow::startSshd(ONMainWindow::key_types key_type) */ generateEtcFiles (); -#ifdef Q_OS_WIN - workaround_cygwin_permissions_issue (); -#endif - clientSshPort = "7022"; QString etcDir=homeDir+"/.x2go/etc"; diff --git a/src/onmainwindow.h b/src/onmainwindow.h index 2b78261..47eaa5e 100644 --- a/src/onmainwindow.h +++ b/src/onmainwindow.h @@ -1187,7 +1187,6 @@ private: #ifdef Q_OS_WIN void saveCygnusSettings(); void restoreCygnusSettings(); - void workaround_cygwin_permissions_issue (); #endif #if defined (Q_OS_WIN) || defined (Q_OS_DARWIN) QString getXDisplay(); -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2goclient. commit c1f259a1bcd7b408bbbc451209af270024d84379 Author: Mihai Moldovan <ionic@ionic.de> Date: Fri Jun 15 11:57:56 2018 +0200 copy-deps-win32.bat: update to 20180615-1 Cygwin bundle, shipping with a further modified OpenSSH Server version at 7.7p1-1-x2go1 and without chgrp. --- copy-deps-win32.bat | 2 +- debian/changelog | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/copy-deps-win32.bat b/copy-deps-win32.bat index d47be84..a5c3a2e 100755 --- a/copy-deps-win32.bat +++ b/copy-deps-win32.bat @@ -2,7 +2,7 @@ if "%~3"=="" ( echo "Usage: copy-deps-win32.bat path-to-x2goclient-contrib path-to-OpenSSL-Win32 destination" goto :a ) -xcopy /E /Y %1\cygwin\20160121-4_bin %3\ || exit /b %errorlevel% +xcopy /E /Y %1\cygwin\20180615-1_bin %3\ || exit /b %errorlevel% del %3\nxproxy.exe.unstripped %3\libXcomp.a %3\libXcomp.dll.a || exit /b %errorlevel% xcopy /E /Y %1\libssh\0.7.4-x2go1-mingw482_bin\bin\libssh.dll %3\ || exit /b %errorlevel% xcopy /E /Y %1\libssh\0.7.4-x2go1-mingw482_bin\bin\libssh_threads.dll %3\ || exit /b %errorlevel% diff --git a/debian/changelog b/debian/changelog index 9c3bcf9..e70ea70 100644 --- a/debian/changelog +++ b/debian/changelog @@ -95,6 +95,9 @@ x2goclient (4.1.2.0-0x2go1) UNRELEASED; urgency=medium exit code indicates a failure. - src/onmainwindow.{cpp,h}: remove Cygwin permissions workaround via chgrp. + - copy-deps-win32.bat: update to 20180615-1 Cygwin bundle, shipping with + a further modified OpenSSH Server version at 7.7p1-1-x2go1 and without + chgrp. * x2goclient.spec: - Remove plugin references. * debian/rules: -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2goclient. commit 9c1ca414da2698d51213382475b29e6a1d1e9b6a Author: Mihai Moldovan <ionic@ionic.de> Date: Fri Jun 15 11:59:05 2018 +0200 src/onmainwindow.cpp: disable private host key permissions check in OpenSSH Server on Windows. Fixes: #1156. --- debian/changelog | 2 ++ src/onmainwindow.cpp | 1 + 2 files changed, 3 insertions(+) diff --git a/debian/changelog b/debian/changelog index e70ea70..078b072 100644 --- a/debian/changelog +++ b/debian/changelog @@ -98,6 +98,8 @@ x2goclient (4.1.2.0-0x2go1) UNRELEASED; urgency=medium - copy-deps-win32.bat: update to 20180615-1 Cygwin bundle, shipping with a further modified OpenSSH Server version at 7.7p1-1-x2go1 and without chgrp. + - src/onmainwindow.cpp: disable private host key permissions check in + OpenSSH Server on Windows. Fixes: #1156. * x2goclient.spec: - Remove plugin references. * debian/rules: diff --git a/src/onmainwindow.cpp b/src/onmainwindow.cpp index 6c2fcb6..48d5b6a 100644 --- a/src/onmainwindow.cpp +++ b/src/onmainwindow.cpp @@ -10420,6 +10420,7 @@ void ONMainWindow::generateEtcFiles() #endif /* defined (Q_OS_WIN) */ QTextStream out ( &file ); out<<"StrictModes no\n"<< + "StrictKeyModes no\n" << "UsePrivilegeSeparation no\n"<< "PidFile \"" + varDir + "/sshd.pid\"\n" << "AuthorizedKeysFile \"" << authKeyPath << "\"\n"; -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
-
git-admin@x2go.org