The branch, twofactorauth has been updated via dfb613dbfe8c96c12d1150c64bc86368b8cb70a5 (commit) from d5f871ba0fa17cd63dc3bca118844ec74f3ebb03 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- ----------------------------------------------------------------------- Summary of changes: debian/changelog | 2 ++ x2go/backends/control/_stdout.py | 14 ++++++++++---- x2go/sshproxy.py | 14 ++++++++++++-- 3 files changed, 24 insertions(+), 6 deletions(-) The diff of changes is: diff --git a/debian/changelog b/debian/changelog index 9ca8382..442ec5a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,6 +7,8 @@ python-x2go (0.1.1.3-0~x2go1) UNRELEASED; urgency=low - Fix AttributeError if no graphical proxy instance has been declared yet. - Do not allow any interruption during X2go cleanup calls. - Stabilize desktop sharing if the remote session is not available. + - Enforce IPv4 on all SSH proxy and other SSHClient connections when connecting to + ''localhost''. -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Fri, 01 Jul 2011 14:53:48 +0200 diff --git a/x2go/backends/control/_stdout.py b/x2go/backends/control/_stdout.py index 059d091..c369680 100644 --- a/x2go/backends/control/_stdout.py +++ b/x2go/backends/control/_stdout.py @@ -383,13 +383,19 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): key_filename = None pkey = None - self.logger('connecting to %s' % hostname, loglevel=log.loglevel_NOTICE) + self.logger('connecting to [%s]:%s' % (hostname, port), loglevel=log.loglevel_NOTICE) self.load_session_host_keys() + + _hostname = hostname + # enforce IPv4 for localhost address + if _hostname == 'localhost': + _hostname = '127.0.0.1' + if (key_filename and os.path.exists(os.path.normpath(key_filename))) or pkey: try: self.logger('trying SSH pub/priv key authentication with server', loglevel=log.loglevel_DEBUG) - paramiko.SSHClient.connect(self, hostname, port=port, username=username, pkey=pkey, + paramiko.SSHClient.connect(self, _hostname, port=port, username=username, pkey=pkey, key_filename=key_filename, timeout=timeout, allow_agent=allow_agent, look_for_keys=look_for_keys) @@ -398,7 +404,7 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): if password: self.logger('next auth mechanism we\'ll try is keyboard-interactive authentication', loglevel=log.loglevel_DEBUG) try: - paramiko.SSHClient.connect(self, hostname, port=port, username=username, password=password, + paramiko.SSHClient.connect(self, _hostname, port=port, username=username, password=password, timeout=timeout, allow_agent=allow_agent, look_for_keys=look_for_keys) except paramiko.AuthenticationException, e: @@ -430,7 +436,7 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient): password = "".join([random.choice(string.letters+string.digits) for x in range(1, 20)]) self.logger('performing SSH keyboard-interactive authentication with server', loglevel=log.loglevel_DEBUG) try: - paramiko.SSHClient.connect(self, hostname, port=port, username=username, password=password, + paramiko.SSHClient.connect(self, _hostname, port=port, username=username, password=password, timeout=timeout, allow_agent=allow_agent, look_for_keys=look_for_keys) except paramiko.AuthenticationException, e: self.close() diff --git a/x2go/sshproxy.py b/x2go/sshproxy.py index 3d08a35..dcf7f51 100644 --- a/x2go/sshproxy.py +++ b/x2go/sshproxy.py @@ -136,6 +136,7 @@ class X2goSSHProxy(paramiko.SSHClient, threading.Thread): except IndexError: pass else: self.hostname = sshproxy_host + if sshproxy_user: self.username = sshproxy_user if sshproxy_password: password = sshproxy_password if sshproxy_key_filename: key_filename = sshproxy_key_filename @@ -150,6 +151,15 @@ class X2goSSHProxy(paramiko.SSHClient, threading.Thread): self.remote_host = remote_host self.remote_port = int(remote_port) + # enforce IPv4 for localhost addresses!!! + _hostname = self.hostname + if _hostname == 'localhost': + _hostname = '127.0.0.1' + if self.local_host == 'localhost': + self.local_host = '127.0.0.1' + if self.remote_host == 'localhost': + self.remote_host = '127.0.0.1' + if username is None: username = _CURRENT_LOCAL_USER @@ -171,7 +181,7 @@ class X2goSSHProxy(paramiko.SSHClient, threading.Thread): try: if (key_filename and os.path.exists(os.path.normpath(key_filename))) or pkey: try: - self.connect(self.hostname, port=self.port, + self.connect(_hostname, port=self.port, username=self.username, key_filename=key_filename, pkey=pkey, @@ -191,7 +201,7 @@ class X2goSSHProxy(paramiko.SSHClient, threading.Thread): if not password: password = "".join([random.choice(string.letters+string.digits) for x in range(1, 20)]) try: - self.connect(self.hostname, port=self.port, + self.connect(_hostname, port=self.port, username=self.username, password=password, look_for_keys=False, hooks/post-receive -- python-x2go.git (Python X2Go Client API) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "python-x2go.git" (Python X2Go Client API).