This is an automated email from the git hooks/post-receive script. x2go pushed a change to branch bugfix/osx in repository x2goclient. from c143fe6 src/{unixhelper.cpp,x2goclient.cpp}: fix errno usage - save before use. new d292ca6 src/onmainwindow.cpp: document createRSAKey () because what it does is completely non-obvious. new 35240f5 src/onmainwindow.cpp: add support for explicitly setting the private key bit size based on type and use values (currently) regarded as secure to generateHostKey (). The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: debian/changelog | 5 +++++ src/onmainwindow.cpp | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) -- Alioth's /srv/git/code.x2go.org/x2goclient.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch bugfix/osx in repository x2goclient. commit d292ca61d692ca7634f95af0528685b48e645316 Author: Mihai Moldovan <ionic@ionic.de> Date: Thu Sep 22 04:05:53 2016 +0200 src/onmainwindow.cpp: document createRSAKey () because what it does is completely non-obvious. --- debian/changelog | 2 ++ src/onmainwindow.cpp | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/debian/changelog b/debian/changelog index 5c39aaa..65dc858 100644 --- a/debian/changelog +++ b/debian/changelog @@ -372,6 +372,8 @@ x2goclient (4.0.5.3-0x2go1) UNRELEASED; urgency=medium - src/pulsemanager.cpp: remove unused variables. - src/unixhelper.cpp: code cleanup. - src/{unixhelper.cpp,x2goclient.cpp}: fix errno usage - save before use. + - src/onmainwindow.cpp: document createRSAKey () because what it does is + completely non-obvious. -- X2Go Release Manager <git-admin@x2go.org> Mon, 19 Sep 2016 09:07:07 +0200 diff --git a/src/onmainwindow.cpp b/src/onmainwindow.cpp index 67a2259..f6a4075 100644 --- a/src/onmainwindow.cpp +++ b/src/onmainwindow.cpp @@ -8056,6 +8056,33 @@ void ONMainWindow::exportDefaultDirs() QString ONMainWindow::createRSAKey() { + /* + * I spent multiple hours on trying to understand this function + * and directory exporting in general, so I'd better document + * this. + * + * This function first generates a new RSA private-public key + * pair as ~/.x2go/ssh/gen/key.XXXXX{,.pub}. + * + * Then, the SSH daemon's public host key is read and appended + * to the *private* SSH key file after a marker looking like + * this: "----BEGIN RSA IDENTITY----" + * + * Later on, this *private* SSH key file is transferred to the + * remote server, which parses it in the "x2gomountdirs" perl + * script and extracts the public key (used for logging in + * to the client machine) and the public *host* key, used to + * circumvent the "untrusted host" message by SSH by + * explicitly giving the aforementioned public *host* key as + * the only element in a fake "authorized_keys" file. Again, + * this is all happening server-side. + * + * The *public* key part generated here is then taken and + * later added to the "authorized_keys" file on the client + * side, to allow auto-logins via the generated and transferred + * private SSH key. + */ + QDir dr; QString keyPath=homeDir +"/.x2go/ssh/gen"; dr.mkpath ( keyPath ); @@ -8071,6 +8098,9 @@ QString ONMainWindow::createRSAKey() QStringList args; + /* + * Generating new key material here. + */ args<<"-t"<<"rsa"<<"-b"<<"1024"<<"-N"<<""<<"-f"<<keyName<<"-q"; x2goDebug<<"ssh-keygen " + args.join(" "); @@ -8083,6 +8113,9 @@ QString ONMainWindow::createRSAKey() x2goDebug<<"ssh-keygen succeeded."; + /* + * Now taking the *host* pub key here... + */ QFile rsa ( "/etc/ssh/ssh_host_rsa_key.pub" ); #ifdef Q_OS_WIN rsa.setFileName ( -- Alioth's /srv/git/code.x2go.org/x2goclient.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch bugfix/osx in repository x2goclient. commit 35240f5f95dfbb38950f3c1f11b5ba143f06b950 Author: Mihai Moldovan <ionic@ionic.de> Date: Thu Sep 22 04:08:45 2016 +0200 src/onmainwindow.cpp: add support for explicitly setting the private key bit size based on type and use values (currently) regarded as secure to generateHostKey (). --- debian/changelog | 3 +++ src/onmainwindow.cpp | 9 +++++++++ 2 files changed, 12 insertions(+) diff --git a/debian/changelog b/debian/changelog index 65dc858..b476d39 100644 --- a/debian/changelog +++ b/debian/changelog @@ -374,6 +374,9 @@ x2goclient (4.0.5.3-0x2go1) UNRELEASED; urgency=medium - src/{unixhelper.cpp,x2goclient.cpp}: fix errno usage - save before use. - src/onmainwindow.cpp: document createRSAKey () because what it does is completely non-obvious. + - src/onmainwindow.cpp: add support for explicitly setting the private key + bit size based on type and use values (currently) regarded as secure to + generateHostKey (). -- X2Go Release Manager <git-admin@x2go.org> Mon, 19 Sep 2016 09:07:07 +0200 diff --git a/src/onmainwindow.cpp b/src/onmainwindow.cpp index f6a4075..951b485 100644 --- a/src/onmainwindow.cpp +++ b/src/onmainwindow.cpp @@ -10293,26 +10293,33 @@ void ONMainWindow::generateHostKey(ONMainWindow::key_types key_type) { ONMainWindow::key_types sanitized_key_type = UNKNOWN_KEY_TYPE; QString stringified_key_type = ""; + std::size_t key_bits = 0; switch (key_type) { case RSA_KEY_TYPE: sanitized_key_type = key_type; stringified_key_type = "rsa"; + key_bits = 4096; break; case DSA_KEY_TYPE: sanitized_key_type = key_type; stringified_key_type = "dsa"; + key_bits = 1024; break; case ECDSA_KEY_TYPE: sanitized_key_type = key_type; stringified_key_type = "ecdsa"; + key_bits = 384; break; case ED25519_KEY_TYPE: sanitized_key_type = key_type; stringified_key_type = "ed25519"; + /* Fixed key length, flag will be unused. */ + key_bits = 0; break; default: sanitized_key_type = UNKNOWN_KEY_TYPE; stringified_key_type = "unknown"; + key_bits = 0; } if (sanitized_key_type == UNKNOWN_KEY_TYPE) { @@ -10339,6 +10346,8 @@ void ONMainWindow::generateHostKey(ONMainWindow::key_types key_type) QStringList args; args << "-t" << stringified_key_type + << "-b" + << QString::number (key_bits) << "-N" << "" << "-C" -- Alioth's /srv/git/code.x2go.org/x2goclient.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
-
git-admin@x2go.org