This is an automated email from the git hooks/post-receive script. x2go pushed a change to branch master in repository x2gobroker. from 436b30f Provide tool: x2gobroker-testagent. new 9cfc3b9 Allow for broker clients to send in public SSH keys that the client may use for authentication to X2Go Servers. The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: debian/changelog | 2 ++ x2gobroker/brokers/base_broker.py | 61 +++++++++++++++++++++++++------------ x2gobroker/web/json.py | 3 +- x2gobroker/web/plain.py | 3 +- 4 files changed, 47 insertions(+), 22 deletions(-) -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 9cfc3b98f0d3e859cc7f9703d2f9081d43b6fcbd Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Tue Mar 18 19:29:04 2014 +0100 Allow for broker clients to send in public SSH keys that the client may use for authentication to X2Go Servers. --- debian/changelog | 2 ++ x2gobroker/brokers/base_broker.py | 61 +++++++++++++++++++++++++------------ x2gobroker/web/json.py | 3 +- x2gobroker/web/plain.py | 3 +- 4 files changed, 47 insertions(+), 22 deletions(-) diff --git a/debian/changelog b/debian/changelog index 0ac02f0..d0f227a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -99,6 +99,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low - Session profiles with marker user=BROKER_USER will now auto-fill-in the broker username into the session profile's 'user' option. - Provide tool: x2gobroker-testagent. + - Allow for broker clients to send in public SSH keys that the client may use + for authentication to X2Go Servers. * debian/control: + Replace LDAP support with session brokerage support in LONG_DESCRIPTION. + Fix SYNOPSIS texts. diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py index 0edb946..9b52aef 100644 --- a/x2gobroker/brokers/base_broker.py +++ b/x2gobroker/brokers/base_broker.py @@ -946,7 +946,7 @@ class X2GoBroker(object): return list_of_profiles - def select_session(self, profile_id, username=None): + def select_session(self, profile_id, username=None, pubkey=None): """\ Start/resume a session by selecting a profile name offered by the X2Go client. @@ -957,6 +957,9 @@ class X2GoBroker(object): @type profile_id: C{unicode} @param username: specify username that this operation runs for @type username: C{unicode} + @param pubkey: The broker clients may send us a public key that we may + temporarily install into a remote X2Go Server for non-interactive login + @type pubkey: C{unicode} """ try: @@ -1092,25 +1095,43 @@ class X2GoBroker(object): # session autologin feature if remote_agent and self.get_session_autologin(profile_id) and username: - # FIXME: we somehow have to find out about the username of the person at the broker client-side... - # using the username used for broker login for now... - pubkey, privkey = x2gobroker.agent.genkeypair(local_username=username, client_address=self.get_client_address()) - x2gobroker.agent.add_authorized_key(username=username, - pubkey_hash=pubkey, - authorized_keys_file=self.get_authorized_keys_file(profile_id), - query_mode=agent_query_mode, - remote_agent=remote_agent, - ), - selected_session.update({ - 'authentication_privkey': privkey, - }) - x2gobroker.agent.delete_authorized_key(username=username, - pubkey_hash=pubkey, - authorized_keys_file=self.get_authorized_keys_file(profile_id), - query_mode=agent_query_mode, - remote_agent=remote_agent, - delay_deletion=20, - ) + if not pubkey: + # if the broker client has not provided a public SSH key, we will generate one + # this is the OLD style of the auto login feature + + # FIXME: we somehow have to find out about the username of the person at the broker client-side... + # using the username used for broker login for now... + pubkey, privkey = x2gobroker.agent.genkeypair(local_username=username, client_address=self.get_client_address()) + x2gobroker.agent.add_authorized_key(username=username, + pubkey_hash=pubkey, + authorized_keys_file=self.get_authorized_keys_file(profile_id), + query_mode=agent_query_mode, + remote_agent=remote_agent, + ), + selected_session.update({ + 'authentication_privkey': privkey, + }) + x2gobroker.agent.delete_authorized_key(username=username, + pubkey_hash=pubkey, + authorized_keys_file=self.get_authorized_keys_file(profile_id), + query_mode=agent_query_mode, + remote_agent=remote_agent, + delay_deletion=20, + ) + else: + x2gobroker.agent.add_authorized_key(username=username, + pubkey_hash=pubkey, + authorized_keys_file=self.get_authorized_keys_file(profile_id), + query_mode=agent_query_mode, + remote_agent=remote_agent, + ), + x2gobroker.agent.delete_authorized_key(username=username, + pubkey_hash=pubkey, + authorized_keys_file=self.get_authorized_keys_file(profile_id), + query_mode=agent_query_mode, + remote_agent=remote_agent, + delay_deletion=20, + ) return selected_session diff --git a/x2gobroker/web/json.py b/x2gobroker/web/json.py index bbbcb81..a1f9300 100644 --- a/x2gobroker/web/json.py +++ b/x2gobroker/web/json.py @@ -112,6 +112,7 @@ class X2GoBrokerWeb(_RequestHandler): username = self.get_argument('user', default='') password = self.get_argument('password', default='') cookie = self.get_argument('authid', default='') + pubkey = self.get_argument('pubkey', default='') task = self.get_argument('task', default='') profile_id = self.get_argument('profile-id', default='') new_password = self.get_argument('newpass', default='') @@ -171,7 +172,7 @@ class X2GoBrokerWeb(_RequestHandler): selected_session = {} - profile_info = broker_backend.select_session(profile_id=profile_id, username=username) + profile_info = broker_backend.select_session(profile_id=profile_id, username=username, pubkey=pubkey) if profile_info.has_key('server'): selected_session['server'] = "{server}".format(server=profile_info['server']) if profile_info.has_key('port'): diff --git a/x2gobroker/web/plain.py b/x2gobroker/web/plain.py index f9e8531..150818b 100644 --- a/x2gobroker/web/plain.py +++ b/x2gobroker/web/plain.py @@ -108,6 +108,7 @@ class X2GoBrokerWeb(_RequestHandler): username = self.get_argument('user', default='') password = self.get_argument('password', default='') cookie = self.get_argument('authid', default='') + pubkey = self.get_argument('pubkey', default='') task = self.get_argument('task', default='') profile_id = self.get_argument('sid', default='') new_password = self.get_argument('newpass', default='') @@ -190,7 +191,7 @@ class X2GoBrokerWeb(_RequestHandler): if profile_id: - profile_info = broker_backend.select_session(profile_id=profile_id, username=username) + profile_info = broker_backend.select_session(profile_id=profile_id, username=username, pubkey=pubkey) if profile_info.has_key('server'): output += "SERVER:" output += profile_info['server'] -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
-
git-admin@x2go.org