The branch, master has been updated via 710f44fe7f9ff77d0896a250b2de52f2b4cc0a3a (commit) via 9b780d88aafa5432de58ca2c0606fe7a0048b1bc (commit) from 18a92d3014e5060b7fc959518ad822f572e89691 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 710f44fe7f9ff77d0896a250b2de52f2b4cc0a3a Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Apr 19 15:36:28 2013 +0200 Move complete authservice logic into x2gobroker-authservice script. commit 9b780d88aafa5432de58ca2c0606fe7a0048b1bc Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Apr 19 15:32:57 2013 +0200 Add enable()/disable() methods to broker backends. ----------------------------------------------------------------------- Summary of changes: debian/changelog | 2 ++ debian/control | 1 + sbin/x2gobroker-authservice | 29 +++++++++++++++++++++++++++++ x2gobroker/authmechs/pam_authmech.py | 1 + x2gobroker/authservice.py | 30 ------------------------------ x2gobroker/brokers/base_broker.py | 17 ++++++++++++++++- 6 files changed, 49 insertions(+), 31 deletions(-) The diff of changes is: diff --git a/debian/changelog b/debian/changelog index 79326c5..b497da4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -18,6 +18,8 @@ x2gobroker (0.0.1.1-0~x2go1) UNRELEASED; urgency=low daemon script. - Add forgotten file: x2gobroker-authservice-logger.conf. (Fixes: #180). - Add script: x2gobroker-testauth. + - Add enable()/disable() methods to broker backends. + - Move complete authservice logic into x2gobroker-authservice script. * /debian/control: + Fix --root parameter in DEB_PYTHON_INSTALL_ARGS. + Let bin:package x2gobroker-authservice depend on python-x2gobroker (of the diff --git a/debian/control b/debian/control index 2425279..2beef36 100644 --- a/debian/control +++ b/debian/control @@ -91,6 +91,7 @@ Depends: python, python-argparse, python-setproctitle, + python-pampy, python-x2gobroker (>= ${source:Version}), python-x2gobroker (<< ${source:Version}.1~), Suggests: x2gobroker-daemon, diff --git a/sbin/x2gobroker-authservice b/sbin/x2gobroker-authservice index 28084fd..391211a 100755 --- a/sbin/x2gobroker-authservice +++ b/sbin/x2gobroker-authservice @@ -30,6 +30,7 @@ import asyncore import socket import getpass import logging.config +import pam from pwd import getpwnam from grp import getgrnam @@ -42,6 +43,34 @@ from x2gobroker import __VERSION__ from x2gobroker import __AUTHOR__ +class AuthClient(asyncore.dispatcher_with_send): + + def __init__(self, sock): + asyncore.dispatcher_with_send.__init__(self, sock) + self._buf = '' + + def handle_read(self): + data = self._buf + self.recv(1024) + if not data: + self.close() + return + reqs, data = data.rsplit('\n', 1) + self._buf = data + for req in reqs.split('\n'): + try: + user, passwd, service = req.split() + except: + self.send('bad\n') + else: + if pam.authenticate(user, passwd, service): + self.send('ok\n') + else: + self.send('fail\n') + + def handle_close(self): + self.close() + + class AuthService(asyncore.dispatcher_with_send): def __init__(self, socketfile, owner='root', group_owner='root', permissions='0660'): diff --git a/x2gobroker/authmechs/pam_authmech.py b/x2gobroker/authmechs/pam_authmech.py index 7ea2023..3eb0b3c 100644 --- a/x2gobroker/authmechs/pam_authmech.py +++ b/x2gobroker/authmechs/pam_authmech.py @@ -36,6 +36,7 @@ class X2GoBrokerAuthMech(object): return True except error: + logger_error.error('Authentication against authentication service failed, trying direct PAM authentication (which is likely to fail on most PAM setups).'.format(username=username, service=service)) # fallback to direct PAM authentication against the PAM service ,,x2gobroker'' if pam.authenticate(username, password, service="x2gobroker"): return True diff --git a/x2gobroker/authservice.py b/x2gobroker/authservice.py index 26c841e..bcfc99a 100644 --- a/x2gobroker/authservice.py +++ b/x2gobroker/authservice.py @@ -21,43 +21,13 @@ # 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. import os -import asyncore import socket -import getpass # X2Go Session Broker modules import x2gobroker.defaults from x2gobroker.loggers import logger_broker -class AuthClient(asyncore.dispatcher_with_send): - - def __init__(self, sock): - asyncore.dispatcher_with_send.__init__(self, sock) - self._buf = '' - - def handle_read(self): - data = self._buf + self.recv(1024) - if not data: - self.close() - return - reqs, data = data.rsplit('\n', 1) - self._buf = data - for req in reqs.split('\n'): - try: - user, passwd, service = req.split() - except: - self.send('bad\n') - else: - if pam.authenticate(user, passwd, service): - self.send('ok\n') - else: - self.send('fail\n') - - def handle_close(self): - self.close() - - def authenticate(username, password, service="x2gobroker"): s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) logger_broker.debug('connecting to authentication service socket {socket}'.format(socket=x2gobroker.defaults.X2GOBROKER_AUTHSERVICE_SOCKET)) diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py index b9038c3..2ce0ba4 100644 --- a/x2gobroker/brokers/base_broker.py +++ b/x2gobroker/brokers/base_broker.py @@ -65,6 +65,7 @@ class X2GoBroker(object): if self.config_file is None: self.config_file = x2gobroker.defaults.X2GOBROKER_CONFIG if config_defaults is None: config_defaults = x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS self.config = x2gobroker.config.X2GoBrokerConfigFile(config_files=self.config_file, defaults=config_defaults) + self.enabled = self.config.get_value(self.backend_name, 'enable') self._dynamic_cookie_map = {} self._client_address = None @@ -81,7 +82,21 @@ class X2GoBroker(object): Check if this backend has been enabled in the configuration file. """ - return self.config.get_value(self.backend_name, 'enable') + return self.enabled + + def enable(self): + """\ + Enable this broker backend. + + """ + self.enabled = True + + def disable(self): + """\ + Disable this broker backend. + + """ + self.enabled = False def set_client_address(self, address): """\ hooks/post-receive -- x2gobroker.git (HTTP(S) Session broker for X2Go) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).