This is an automated email from the git hooks/post-receive script. x2go pushed a change to branch master in repository x2gobroker. from 8018b73 Change pre and post scripts to use common codebase across frontends. (Fixes: #469). Add ability to have script run in select session after server is selected. new f635b14 Add basic support for pulling https_get authmech config from configuration file. (Fixes: #470). new 3790cb7 mention all authmechs in Auth Mechs section in config file, even if not configurable new db723ab update test files to new situations in upstream code new e0664d9 use UTF-8 in zeroconf broker backend for session profile list new 051ceb6 Several fixes while re-working the unittests... The 5 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: debian/changelog | 8 ++ etc/x2gobroker.conf | 21 ++++- x2gobroker/authmechs/base_authmech.py | 2 +- x2gobroker/authmechs/https_get_authmech.py | 20 +++- x2gobroker/authmechs/none_authmech.py | 2 +- x2gobroker/authmechs/pam_authmech.py | 2 +- x2gobroker/authmechs/testsuite_authmech.py | 2 +- x2gobroker/brokers/base_broker.py | 44 +++++---- x2gobroker/brokers/zeroconf_broker.py | 70 +++++++------- x2gobroker/client/plain.py | 14 +-- x2gobroker/defaults.py | 9 +- x2gobroker/tests/test_broker_base.py | 133 +++++++++++++-------------- x2gobroker/tests/test_broker_zeroconf.py | 73 ++++++++------- x2gobroker/tests/test_client_plain_base.py | 9 +- x2gobroker/tests/test_web_plain_base.py | 10 +- x2gobroker/tests/test_web_plain_zeroconf.py | 6 +- 16 files changed, 236 insertions(+), 189 deletions(-) -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit f635b147e196a112284014007746fa7c5d0ce2c6 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Thu Apr 3 10:35:13 2014 +0200 Add basic support for pulling https_get authmech config from configuration file. (Fixes: #470). --- debian/changelog | 2 ++ etc/x2gobroker.conf | 12 ++++++++++++ x2gobroker/authmechs/https_get_authmech.py | 16 ++++++++++++---- 3 files changed, 26 insertions(+), 4 deletions(-) diff --git a/debian/changelog b/debian/changelog index d7350da..98e95f7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -151,6 +151,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low - Add auth mechanism https_get. (Fixes: #450). - Change pre and post scripts to use common codebase across frontends. (Fixes: #469). - Add ability to have script run in select session after server is selected. + - Add basic support for pulling https_get authmech config from configuration file. + (Fixes: #470). -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Fri, 07 Jun 2013 23:25:30 +0200 diff --git a/etc/x2gobroker.conf b/etc/x2gobroker.conf index 8dbab39..e51cc18 100644 --- a/etc/x2gobroker.conf +++ b/etc/x2gobroker.conf @@ -207,6 +207,17 @@ # below value is the default. #default-agent-query-mode=NONE + +### +### Auth Mechs section +### + +#[authmech_https_get] +#host = my.webserver.com +#path = /auth/index.html +#port = 443 + + ### ### BACKEND section ### @@ -251,3 +262,4 @@ #group-search-filter = (&(objectClass=posifxGroup)(cn=*)) #starttls = false #agent-query-mode = SSH + diff --git a/x2gobroker/authmechs/https_get_authmech.py b/x2gobroker/authmechs/https_get_authmech.py index d8d1a99..d3817ed 100644 --- a/x2gobroker/authmechs/https_get_authmech.py +++ b/x2gobroker/authmechs/https_get_authmech.py @@ -35,19 +35,27 @@ import sys import httplib import base64 import string +import ConfigParser + +from x2gobroker.defaults import X2GOBROKER_CONFIG as _X2GOBROKER_CONFIG class X2GoBrokerAuthMech(object): def authenticate(self, username, password): - ## FIXME: these should really be specificed in config file - host = "my.webserver.com" - path = "/auth/index.html" + ## FIXME: these should really be specificed in master config file and have better error checking + + config = ConfigParser.RawConfigParser() + config.read(_X2GOBROKER_CONFIG) + + host = config.get('authmech_https_get','host') + path = config.get('authmech_https_get','path') + port = config.get('authmech_https_get','port') # base64 encode the username and password auth = base64.standard_b64encode('%s:%s' % (username, password)).replace('\n', '') - https = httplib.HTTPSConnection(host) + https = httplib.HTTPSConnection(host,port) https.putrequest("GET", path) https.putheader("Host", host) https.putheader("User-Agent", "x2go http auth") -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit db723ab4a04c8aa21a42486b24aeb81a67214221 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Thu Apr 3 12:20:06 2014 +0200 update test files to new situations in upstream code --- x2gobroker/tests/test_broker_base.py | 133 +++++++++++++-------------- x2gobroker/tests/test_broker_zeroconf.py | 73 ++++++++------- x2gobroker/tests/test_client_plain_base.py | 9 +- x2gobroker/tests/test_web_plain_base.py | 10 +- x2gobroker/tests/test_web_plain_zeroconf.py | 6 +- 5 files changed, 117 insertions(+), 114 deletions(-) diff --git a/x2gobroker/tests/test_broker_base.py b/x2gobroker/tests/test_broker_base.py index 46dd49c..af1b20a 100644 --- a/x2gobroker/tests/test_broker_base.py +++ b/x2gobroker/tests/test_broker_base.py @@ -1,4 +1,3 @@ -# -*- coding: utf-8 -*- # Copyright (C) 2012-2014 by Mike Gabriel <mike.gabriel@das-netzwerkteam.de> # @@ -29,7 +28,7 @@ class TestX2GoBrokerBackendBase(unittest.TestCase): def _init_base_backend(self): _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS) - _config_defaults.update({'base': {'enable': True, }, }) + _config_defaults.update({'broker_base': {'enable': True, }, }) _config = "" # use the config that derives directly from the config defaults tf = tempfile.NamedTemporaryFile() print >> tf, _config @@ -40,9 +39,9 @@ class TestX2GoBrokerBackendBase(unittest.TestCase): def test_is_enabled(self): _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS) - _config_defaults.update({'base': {'enable': True, }, }) + _config_defaults.update({'broker_base': {'enable': True, }, }) _config = """ -[base] +[broker_base] enable = false """ tf = tempfile.NamedTemporaryFile() @@ -51,7 +50,7 @@ enable = false base_backend = base.X2GoBroker(config_file=tf.name, config_defaults=_config_defaults) self.assertEqual(base_backend.is_enabled(), False) _config = """ -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -65,12 +64,12 @@ enable = true def test_getauthenticationmechanism(self): _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS) - _config_defaults.update({'base': {'enable': True, }, }) + _config_defaults.update({'broker_base': {'enable': True, }, }) _config = """ [global] default-auth-mech = foo-auth-mech -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -82,7 +81,7 @@ enable = true [global] default-auth-mech = foo-auth-mech -[base] +[broker_base] enable = true auth-mech = bar-auth-mech """ @@ -97,12 +96,12 @@ auth-mech = bar-auth-mech def test_getuserdbservice(self): _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS) - _config_defaults.update({'base': {'enable': True, }, }) + _config_defaults.update({'broker_base': {'enable': True, }, }) _config = """ [global] default-user-db = foo-user-db -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -114,7 +113,7 @@ enable = true [global] default-user-db = foo-user-db -[base] +[broker_base] enable = true user-db = bar-user-db """ @@ -129,12 +128,12 @@ user-db = bar-user-db def test_getgroupdbservice(self): _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS) - _config_defaults.update({'base': {'enable': True, }, }) + _config_defaults.update({'broker_base': {'enable': True, }, }) _config = """ [global] default-group-db = foo-group-db -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -146,7 +145,7 @@ enable = true [global] default-group-db = foo-group-db -[base] +[broker_base] enable = true group-db = bar-group-db """ @@ -159,13 +158,13 @@ group-db = bar-group-db def test_nameservicebase(self): _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS) - _config_defaults.update({'base': {'enable': True, }, }) + _config_defaults.update({'broker_base': {'enable': True, }, }) _config = """ [global] default-user-db = base default-group-db = base -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -181,13 +180,13 @@ enable = true def test_nameservicelibnss(self): _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS) - _config_defaults.update({'base': {'enable': True, }, }) + _config_defaults.update({'broker_base': {'enable': True, }, }) _config = """ [global] default-user-db = libnss default-group-db = libnss -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -205,13 +204,13 @@ enable = true def test_nameservicelibnss_primgroup(self): _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS) - _config_defaults.update({'base': {'enable': True, }, }) + _config_defaults.update({'broker_base': {'enable': True, }, }) _config = """ [global] default-user-db = libnss default-group-db = libnss -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -228,7 +227,7 @@ enable = true default-user-db = default-group-db = -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -243,7 +242,7 @@ enable = true default-user-db = testsuite default-group-db = testsuite -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -257,16 +256,16 @@ enable = true def test_check_access_nocreds(self): _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS) - _config_defaults.update({'base': {'enable': True, }, }) + _config_defaults.update({'broker_base': {'enable': True, }, }) _config = """ [global] -check-credentials = false +require-password = false """ tf = tempfile.NamedTemporaryFile() print >> tf, _config tf.seek(0) base_backend = base.X2GoBroker(config_file=tf.name, config_defaults=_config_defaults) - self.assertEqual(base_backend.check_access(), True) + self.assertEqual(base_backend.check_access()[0], True) tf.close() ### TEST PROFILE DEFAULTS: get_profile_defaults() @@ -274,40 +273,40 @@ check-credentials = false def test_getdefaultprofile(self): base_backend = self._init_base_backend() _expected_profile = { - 'command': 'TERMINAL', - 'defsndport': True, - 'useiconv': False, - 'iconvfrom': 'UTF-8', - 'height': 600, - 'export': '', - 'quality': 9, - 'fullscreen': False, - 'layout': '', - 'useexports': True, - 'width': 800, - 'speed': 2, - 'soundsystem': 'pulse', - 'print': True, - 'type': 'auto', - 'sndport': 4713, - 'xinerama': True, - 'variant': '', - 'usekbd': True, - 'fstunnel': True, - 'applications': ['TERMINAL','WWWBROWSER','MAILCLIENT','OFFICE'], - 'multidisp': False, - 'sshproxyport': 22, - 'sound': True, - 'rootless': True, - 'iconvto': 'UTF-8', - 'soundtunnel': True, - 'dpi': 96, - 'sshport': 22, - 'setdpi': 0, - 'pack': '16m-jpeg', - 'user': '', - 'host': [u'localhost'], - 'directrdp': False, + u'command': u'TERMINAL', + u'defsndport': True, + u'useiconv': False, + u'iconvfrom': u'UTF-8', + u'height': 600, + u'export': u'', + u'quality': 9, + u'fullscreen': False, + u'layout': u'', + u'useexports': True, + u'width': 800, + u'speed': 2, + u'soundsystem': u'pulse', + u'print': True, + u'type': u'auto', + u'sndport': 4713, + u'xinerama': True, + u'variant': u'', + u'usekbd': True, + u'fstunnel': True, + u'applications': [u'TERMINAL',u'WWWBROWSER',u'MAILCLIENT',u'OFFICE'], + u'multidisp': False, + u'sshproxyport': 22, + u'sound': True, + u'rootless': True, + u'iconvto': u'UTF-8', + u'soundtunnel': True, + u'dpi': 96, + u'sshport': 22, + u'setdpi': 0, + u'user': u'BROKER_USER', + u'pack': u'16m-jpeg', + u'host': [u'localhost'], + u'directrdp': False, } _profile = base_backend.get_profile_defaults() self.assertEqual(len(_expected_profile.keys()), len(_profile.keys())) @@ -442,7 +441,7 @@ check-credentials = false default-user-db = testsuite default-group-db = testsuite -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -465,7 +464,7 @@ enable = true default-user-db = testsuite default-group-db = testsuite -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -518,7 +517,7 @@ enable = true default-user-db = testsuite default-group-db = testsuite -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -540,7 +539,7 @@ default-user-db = testsuite default-group-db = testsuite ignore-primary-group-memberships = true -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -562,7 +561,7 @@ default-user-db = testsuite default-group-db = testsuite ignore-primary-group-memberships = false -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -585,7 +584,7 @@ enable = true default-user-db = testsuite default-group-db = testsuite -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -651,7 +650,7 @@ enable = true default-user-db = testsuite default-group-db = testsuite -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -1016,7 +1015,7 @@ enable = true default-user-db = testsuite default-group-db = testsuite -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() diff --git a/x2gobroker/tests/test_broker_zeroconf.py b/x2gobroker/tests/test_broker_zeroconf.py index 95fe41d..e51105b 100644 --- a/x2gobroker/tests/test_broker_zeroconf.py +++ b/x2gobroker/tests/test_broker_zeroconf.py @@ -27,44 +27,46 @@ class TestX2GoBrokerBackendZeroconf(unittest.TestCase): ### TEST: list_profiles() method def test_profilelist(self): + _save_maxDiff = self.maxDiff + self.maxDiff = None list_of_profiles = { 'unittest': { - 'user': u'', - 'defsndport': True, - 'useiconv': False, - 'iconvfrom': u'UTF-8', - 'height': 600, - 'export': u'', - 'quality': 9, - 'fullscreen': False, - 'layout': u'', - 'useexports': 1, - 'width': 800, - 'speed': 2, - 'soundsystem': u'pulse', - 'print': True, - 'type': u'auto', - 'sndport': 4713, - 'xinerama': True, - 'variant': u'', - 'usekbd': True, - 'fstunnel': True, - 'applications': [u'TERMINAL',u'WWWBROWSER',u'MAILCLIENT',u'OFFICE',], - 'host': u'localhost', - 'multidisp': 0, - 'sshproxyport': 22, - 'sound': True, - 'rootless': 0, - 'name': u'LOCALHOST', - 'iconvto': u'UTF-8', - 'soundtunnel': True, - 'command': 'KDE', - 'dpi': 96, - 'sshport': 22, - 'setdpi': 0, - 'pack': u'16m-jpeg', + u'user': u'', + u'defsndport': True, + u'useiconv': False, + u'iconvfrom': u'UTF-8', + u'height': 600, + u'export': u'', + u'quality': 9, + u'fullscreen': False, + u'layout': u'', + u'useexports': 1, + u'width': 800, + u'speed': 2, + u'soundsystem': u'pulse', + u'print': True, + u'type': u'auto', + u'sndport': 4713, + u'xinerama': True, + u'variant': u'', + u'usekbd': True, + u'fstunnel': True, + u'applications': [u'TERMINAL',u'WWWBROWSER',u'MAILCLIENT',u'OFFICE',], + u'host': u'localhost', + u'multidisp': 0, + u'sshproxyport': 22, + u'sound': True, + u'rootless': 0, + u'name': u'LOCALHOST', + u'iconvto': u'UTF-8', + u'soundtunnel': True, + u'command': 'KDE', + u'dpi': 96, + u'sshport': 22, + u'setdpi': 0, + u'pack': u'16m-jpeg', # make sure, hard-coded defaults end up in the list_profiles() output of the zeroconf backend, as well - 'directrdp': False, + u'directrdp': False, }, } zeroconf_backend = x2gobroker.brokers.zeroconf_broker.X2GoBroker() @@ -76,6 +78,7 @@ class TestX2GoBrokerBackendZeroconf(unittest.TestCase): _key: list_of_profiles['unittest'] } self.assertEqual(_profiles, _test_profiles) + self.maxDiff = _save_maxDiff ### TEST: select_profile() method diff --git a/x2gobroker/tests/test_client_plain_base.py b/x2gobroker/tests/test_client_plain_base.py index 250758a..d13cfbe 100644 --- a/x2gobroker/tests/test_client_plain_base.py +++ b/x2gobroker/tests/test_client_plain_base.py @@ -45,7 +45,7 @@ class TestX2GoBrokerClientPlainBase(unittest.TestCase): a = args() _config = """ -[base] +[broker_base] enable = false """ tf = tempfile.NamedTemporaryFile() @@ -56,7 +56,7 @@ enable = false assert_equal(r, None) tf.close() _config = """ -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -65,7 +65,8 @@ enable = true _cf_bak = x2gobroker.defaults.X2GOBROKER_CONFIG x2gobroker.defaults.X2GOBROKER_CONFIG = tf.name r = x2gobroker.client.plain.X2GoBrokerClient().get(a) - assert_equal(r, "Access granted\n") + lines = r.split('\n') + assert_equal(lines[1], "Access granted") tf.close() x2gobroker.defaults.X2GOBROKER_CONFIG = _cf_bak @@ -80,7 +81,7 @@ enable = true a = args() _config = """ -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() diff --git a/x2gobroker/tests/test_web_plain_base.py b/x2gobroker/tests/test_web_plain_base.py index b1f5ee5..92727e3 100644 --- a/x2gobroker/tests/test_web_plain_base.py +++ b/x2gobroker/tests/test_web_plain_base.py @@ -36,7 +36,7 @@ class TestX2GoBrokerWebPlainBase(unittest.TestCase): def test_isenabled(self): _config = """ -[base] +[broker_base] enable = false """ tf = tempfile.NamedTemporaryFile() @@ -49,7 +49,7 @@ enable = false assert_equal(r.status, 404) tf.close() _config = """ -[base] +[broker_base] enable = true """ tf = tempfile.NamedTemporaryFile() @@ -67,9 +67,9 @@ enable = true def test_checkaccess(self): testApp = TestApp(application) r = testApp.get('/plain/base/', expect_errors=True) - assert_equal(r.status, 401) + assert_equal(r.status, 404) _config = """ -[base] +[broker_base] enable = true auth-mech = testsuite """ @@ -87,7 +87,7 @@ auth-mech = testsuite def test_listsessions(self): _config = """ -[base] +[broker_base] enable = true auth-mech = testsuite """ diff --git a/x2gobroker/tests/test_web_plain_zeroconf.py b/x2gobroker/tests/test_web_plain_zeroconf.py index cc75ebe..8da9a48 100644 --- a/x2gobroker/tests/test_web_plain_zeroconf.py +++ b/x2gobroker/tests/test_web_plain_zeroconf.py @@ -36,7 +36,7 @@ class TestX2GoBrokerWebPlainZeroconf(unittest.TestCase): def test_listsessions_checkcommand(self): _config = """ -[zeroconf] +[broker_zeroconf] enable = true auth-mech = testsuite desktop-shell = KDE @@ -58,7 +58,7 @@ desktop-shell = KDE r.mustcontain(no='<br />', ) tf.close() _config = """ -[zeroconf] +[broker_zeroconf] enable = true auth-mech = testsuite desktop-shell = GNOME @@ -84,7 +84,7 @@ desktop-shell = GNOME def test_selectsession(self): _config = """ -[zeroconf] +[broker_zeroconf] enable = true auth-mech = testsuite """ -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit e0664d9f58fd7b303313ab361653efd115aa9c05 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Thu Apr 3 12:20:50 2014 +0200 use UTF-8 in zeroconf broker backend for session profile list --- x2gobroker/brokers/zeroconf_broker.py | 70 ++++++++++++++++----------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/x2gobroker/brokers/zeroconf_broker.py b/x2gobroker/brokers/zeroconf_broker.py index 85328b4..2e252ac 100644 --- a/x2gobroker/brokers/zeroconf_broker.py +++ b/x2gobroker/brokers/zeroconf_broker.py @@ -38,40 +38,40 @@ class X2GoBroker(base.X2GoBroker): _list_of_profiles = { uuid.uuid4(): { - 'user': u'', - 'defsndport': True, - 'useiconv': False, - 'iconvfrom': u'UTF-8', - 'height': 600, - 'export': u'', - 'quality': 9, - 'fullscreen': False, - 'layout': u'', - 'useexports': 1, - 'width': 800, - 'speed': 2, - 'soundsystem': u'pulse', - 'print': True, - 'type': u'auto', - 'sndport': 4713, - 'xinerama': True, - 'variant': u'', - 'usekbd': True, - 'fstunnel': True, - 'applications': [u'TERMINAL',u'WWWBROWSER',u'MAILCLIENT',u'OFFICE',], - 'host': u'localhost', - 'multidisp': 0, - 'sshproxyport': 22, - 'sound': True, - 'rootless': 0, - 'name': u'LOCALHOST', - 'iconvto': u'UTF-8', - 'soundtunnel': True, - 'command': self.get_backend_value(self.backend_name, u'desktop-shell'), - 'dpi': 96, - 'sshport': 22, - 'setdpi': 0, - 'pack': u'16m-jpeg', + u'user': u'', + u'defsndport': True, + u'useiconv': False, + u'iconvfrom': u'UTF-8', + u'height': 600, + u'export': u'', + u'quality': 9, + u'fullscreen': False, + u'layout': u'', + u'useexports': 1, + u'width': 800, + u'speed': 2, + u'soundsystem': u'pulse', + u'print': True, + u'type': u'auto', + u'sndport': 4713, + u'xinerama': True, + u'variant': u'', + u'usekbd': True, + u'fstunnel': True, + u'applications': [u'TERMINAL',u'WWWBROWSER',u'MAILCLIENT',u'OFFICE',], + u'host': u'localhost', + u'multidisp': 0, + u'sshproxyport': 22, + u'sound': True, + u'rootless': 0, + u'name': u'LOCALHOST', + u'iconvto': u'UTF-8', + u'soundtunnel': True, + u'command': self.get_backend_value('broker_{backend}'.format(backend=self.backend_name), u'desktop-shell'), + u'dpi': 96, + u'sshport': 22, + u'setdpi': 0, + u'pack': u'16m-jpeg', }, } list_of_profiles = {} @@ -81,7 +81,7 @@ class X2GoBroker(base.X2GoBroker): list_of_profiles[profile_id] = profile return list_of_profiles - def select_session(self, profile_id, username=None): + def select_session(self, profile_id, username=None, **kwargs): selectprofile_output = { 'server': 'localhost', -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 051ceb6ae48da4b47e4367e5de55d5f9229f1895 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Thu Apr 3 12:24:48 2014 +0200 Several fixes while re-working the unittests... - Rename sections for broker backends in x2gobroker.conf - Fix run - Make config object of x2gobroker.conf available in authentication mechanism backends. - Fix SSH based broker client. - Fix several failing tests, adapt tests to current code base. --- debian/changelog | 6 ++++ etc/x2gobroker.conf | 6 ++-- x2gobroker/authmechs/base_authmech.py | 2 +- x2gobroker/authmechs/https_get_authmech.py | 16 +++++----- x2gobroker/authmechs/none_authmech.py | 2 +- x2gobroker/authmechs/pam_authmech.py | 2 +- x2gobroker/authmechs/testsuite_authmech.py | 2 +- x2gobroker/brokers/base_broker.py | 44 ++++++++++++++++++---------- x2gobroker/client/plain.py | 14 ++++----- x2gobroker/defaults.py | 9 ++++-- 10 files changed, 61 insertions(+), 42 deletions(-) diff --git a/debian/changelog b/debian/changelog index 98e95f7..f6486b3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -118,6 +118,12 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low session profiles. - JSON webUI: run pre and post auth scripts also via this backend. - x2gobroker-daemon: become wrapper script, enable --mode HTTP by default. + - Rename sections for broker backends in x2gobroker.conf + - Fix run + - Make config object of x2gobroker.conf available in authentication mechanism + backends. + - Fix SSH based broker client. + - Fix several failing tests, adapt tests to current code base. * debian/control: + Replace LDAP support with session brokerage support in LONG_DESCRIPTION. + Fix SYNOPSIS texts. diff --git a/etc/x2gobroker.conf b/etc/x2gobroker.conf index edd3ada..b55becc 100644 --- a/etc/x2gobroker.conf +++ b/etc/x2gobroker.conf @@ -242,18 +242,18 @@ # # For small-scale deployments the IniFile backend is the recommended backend. -[zeroconf] +[broker_zeroconf] #enable = false #auth-mech = pam #user-db = libnss #group-db = libnss #desktop-shell = KDE -[inifile] +[broker_inifile] #enable = true #session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf -#[ldap] -> MUSIC OF THE FUTURE +#[broker_ldap] -> MUSIC OF THE FUTURE #enable = false #auth-mech = ldap #user-db = ldap diff --git a/x2gobroker/authmechs/base_authmech.py b/x2gobroker/authmechs/base_authmech.py index 832d25e..f8206af 100644 --- a/x2gobroker/authmechs/base_authmech.py +++ b/x2gobroker/authmechs/base_authmech.py @@ -20,5 +20,5 @@ class X2GoBrokerAuthMech(object): - def authenticate(self, username, password): + def authenticate(self, username, password, **kwargs): return False diff --git a/x2gobroker/authmechs/https_get_authmech.py b/x2gobroker/authmechs/https_get_authmech.py index d3817ed..4f42d71 100644 --- a/x2gobroker/authmechs/https_get_authmech.py +++ b/x2gobroker/authmechs/https_get_authmech.py @@ -41,16 +41,18 @@ from x2gobroker.defaults import X2GOBROKER_CONFIG as _X2GOBROKER_CONFIG class X2GoBrokerAuthMech(object): - def authenticate(self, username, password): + def authenticate(self, username, password, config=None, **kwargs): ## FIXME: these should really be specificed in master config file and have better error checking - config = ConfigParser.RawConfigParser() - config.read(_X2GOBROKER_CONFIG) - - host = config.get('authmech_https_get','host') - path = config.get('authmech_https_get','path') - port = config.get('authmech_https_get','port') + if config: + host = config.get_value('authmech_https_get','host') + path = config.get_value('authmech_https_get','path') + port = config.get_value('authmech_https_get','port') + else: + host = "localhost" + path = "/auth" + port = "80" # base64 encode the username and password auth = base64.standard_b64encode('%s:%s' % (username, password)).replace('\n', '') diff --git a/x2gobroker/authmechs/none_authmech.py b/x2gobroker/authmechs/none_authmech.py index 6a75f1f..6535f4b 100644 --- a/x2gobroker/authmechs/none_authmech.py +++ b/x2gobroker/authmechs/none_authmech.py @@ -20,5 +20,5 @@ class X2GoBrokerAuthMech(object): - def authenticate(self, username, password): + def authenticate(self, username, password, **kwargs): return True diff --git a/x2gobroker/authmechs/pam_authmech.py b/x2gobroker/authmechs/pam_authmech.py index c1b0625..9e7b85b 100644 --- a/x2gobroker/authmechs/pam_authmech.py +++ b/x2gobroker/authmechs/pam_authmech.py @@ -29,7 +29,7 @@ from x2gobroker.loggers import logger_error class X2GoBrokerAuthMech(object): - def authenticate(self, username, password): + def authenticate(self, username, password, **kwargs): if username and password: try: diff --git a/x2gobroker/authmechs/testsuite_authmech.py b/x2gobroker/authmechs/testsuite_authmech.py index 8fda0a9..2df02c4 100644 --- a/x2gobroker/authmechs/testsuite_authmech.py +++ b/x2gobroker/authmechs/testsuite_authmech.py @@ -20,7 +20,7 @@ class X2GoBrokerAuthMech(object): - def authenticate(self, username, password): + def authenticate(self, username, password, **kwargs): # return C{True} for user test with password sweet... (used by the unit tests) if username == 'test' and password == 'sweet': diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py index 8aef096..603d443 100644 --- a/x2gobroker/brokers/base_broker.py +++ b/x2gobroker/brokers/base_broker.py @@ -41,6 +41,9 @@ import x2gobroker.x2gobroker_exceptions from x2gobroker.loggers import logger_broker, logger_error +from x2gobroker.defaults import X2GOBROKER_USER as _X2GOBROKER_USER +from x2gobroker.defaults import X2GOBROKER_DAEMON_USER as _X2GOBROKER_DAEMON_USER + class X2GoBroker(object): """\ L{base.X2GoBroker} is an abstract class for X2Go broker implementations. @@ -68,7 +71,7 @@ class X2GoBroker(object): if self.config_file is None: self.config_file = x2gobroker.defaults.X2GOBROKER_CONFIG if config_defaults is None: config_defaults = x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS self.config = x2gobroker.config.X2GoBrokerConfigFile(config_files=self.config_file, defaults=config_defaults) - self.enabled = self.config.get_value(self.backend_name, 'enable') + self.enabled = self.config.get_value('broker_{backend}'.format(backend=self.backend_name), 'enable') self._dynamic_cookie_map = {} self._client_address = None @@ -183,7 +186,7 @@ class X2GoBroker(object): @rtype: C{dict} """ - return self.config.get_section(self.backend_name) + return self.config.get_section('broker_{backend}'.format(backend=self.backend_name)) def get_backend_value(self, backend='zeroconf', option='enable'): """\ @@ -448,7 +451,7 @@ class X2GoBroker(object): if self._import_authmech_module(mech=self.get_authentication_mechanism()): logger_broker.debug('base_broker.X2GoBroker._do_authenticate(): authenticating user={username} with password=<hidden> against backend={backend}.'.format(username=username, backend=self.backend_name)) - return self.authmech_module.X2GoBrokerAuthMech().authenticate(username, password) + return self.authmech_module.X2GoBrokerAuthMech().authenticate(username, password, config=self.config) else: return False @@ -464,8 +467,8 @@ class X2GoBroker(object): _default_auth_mech = "pam" _auth_mech = "" - if self.config.has_value(self.backend_name, 'auth-mech') and self.config.get_value(self.backend_name, 'auth-mech'): - _auth_mech = self.config.get_value(self.backend_name, 'auth-mech').lower() + if self.config.has_value('broker_{backend}'.format(backend=self.backend_name), 'auth-mech') and self.config.get_value('broker_{backend}'.format(backend=self.backend_name), 'auth-mech'): + _auth_mech = self.config.get_value('broker_{backend}'.format(backend=self.backend_name), 'auth-mech').lower() logger_broker.debug('base_broker.X2GoBroker.get_authentication_mechanism(): found auth-mech in backend config section »{backend}«: {value}. This one has precendence over the default value.'.format(backend=self.backend_name, value=_auth_mech)) elif self.config.has_value('global', 'default-auth-mech'): @@ -492,8 +495,8 @@ class X2GoBroker(object): _agent_query_mode = _profile[u'broker-agent-query-mode'] logger_broker.debug('base_broker.X2GoBroker.get_agent_query_mode(): found broker-agent-query-mode in session profile with ID {id}: {value}. This one has precendence over the default and the backend value.'.format(id=profile_id, value=_agent_query_mode)) - elif self.config.has_value(self.backend_name, 'agent-query-mode') and self.config.get_value(self.backend_name, 'agent-query-mode'): - _backend_agent_query_mode = self.config.get_value(self.backend_name, 'agent-query-mode').lower() + elif self.config.has_value('broker_{backend}'.format(backend=self.backend_name), 'agent-query-mode') and self.config.get_value('broker_{backend}'.format(backend=self.backend_name), 'agent-query-mode'): + _backend_agent_query_mode = self.config.get_value('broker_{backend}'.format(backend=self.backend_name), 'agent-query-mode').lower() logger_broker.debug('base_broker.X2GoBroker.get_agent_query_mode(): found agent-query-mode in backend config section »{backend}«: {value}. This one has precendence over the default value.'.format(backend=self.backend_name, value=_agent_query_mode)) elif self.config.has_value('global', 'default-agent-query-mode') and self.config.get_value('global', 'default-agent-query-mode'): @@ -566,8 +569,8 @@ class X2GoBroker(object): if self.config.has_value('global', 'default-user-db'): _user_db = self.config.get_value('global', 'default-user-db').lower() or _user_db - if self.config.has_value(self.backend_name, 'user-db'): - _user_db = self.config.get_value(self.backend_name, 'user-db').lower() or _user_db + if self.config.has_value('broker_{backend}'.format(backend=self.backend_name), 'user-db'): + _user_db = self.config.get_value('broker_{backend}'.format(backend=self.backend_name), 'user-db').lower() or _user_db return unicode(_user_db) @@ -584,8 +587,8 @@ class X2GoBroker(object): if self.config.has_value('global', 'default-group-db'): _group_db = self.config.get_value('global', 'default-group-db').lower() or _group_db - if self.config.has_value(self.backend_name, 'group-db'): - _group_db = self.config.get_value(self.backend_name, 'group-db').lower() or _group_db + if self.config.has_value('broker_{backend}'.format(backend=self.backend_name), 'group-db'): + _group_db = self.config.get_value('broker_{backend}'.format(backend=self.backend_name), 'group-db').lower() or _group_db return unicode(_group_db) @@ -728,7 +731,7 @@ class X2GoBroker(object): else: return [] - def check_access(self, username='', password='', ip='', cookie=None): + def check_access(self, username='', password='', ip='', cookie=None, override_password_auth=False): """\ Check if a given user with a given password may gain access to the X2Go session broker. @@ -741,6 +744,9 @@ class X2GoBroker(object): @type ip: C{unicode} @param cookie: an extra (static or dynamic) authentication token @type cookie: C{unicode} + @param override_password_auth: let password auth always succeed, needed for SSH broker (where SSH + handled the password (or key) based authentication + @type override_password_auth: C{bool} @return: returns C{True} if the authentication has been successful @rtype: C{bool},C{unicode} @@ -775,7 +781,12 @@ class X2GoBroker(object): if self.config.get_value('global', 'require-password'): # using files to store persistant cookie information because global variables do not work across threads in WSGI - cookie_directory=self.config.get_value('global', 'cookie-directory') + if _X2GOBROKER_USER == _X2GOBROKER_DAEMON_USER: + cookie_directory = self.config.get_value('global', 'cookie-directory') + cookie_directory = os.path.normpath(cookie_directory) + else: + cookie_directory=os.path.normpath(os.path.expanduser('~/.x2go/broker-cookies/')) + if (not os.path.isdir(cookie_directory)): logger_broker.debug('base_broker.X2GoBroker.check_access(): cookie-directory {cookie_directory} does not exist trying to craete it'.format(cookie_directory=cookie_directory)) try: @@ -790,7 +801,7 @@ class X2GoBroker(object): ### IMPLEMENT YOUR AUTHENTICATION LOGIC IN THE self._do_authenticate(**kwargs) METHOD ### when inheriting from the base.X2GoBroker class. - access = self._do_authenticate(username=username, password=password) + access = self._do_authenticate(username=username, password=password) or override_password_auth ### ### @@ -910,11 +921,11 @@ class X2GoBroker(object): if key.startswith('host='): del profile[key] if key == 'user' and profile[key] == 'BROKER_USER': - profile[key] = username + profile[key] = unicode(username) if self.get_session_autologin(profile_id): profile['autologin'] = True - profile['key'] = '<will-be-provided-later>' + profile['key'] = u'<will-be-provided-later>' # make sure that desktop sessions (that we know by name) do run with rootless=false if profile['command'] in x2gobroker.defaults.X2GO_DESKTOP_SESSIONS: @@ -1154,6 +1165,7 @@ class X2GoBroker(object): """ + global_config = self.get_global_config() if len(global_config[script_type]) != 0: for script in global_config[script_type]: try: diff --git a/x2gobroker/client/plain.py b/x2gobroker/client/plain.py index 8c37960..f730d40 100644 --- a/x2gobroker/client/plain.py +++ b/x2gobroker/client/plain.py @@ -66,21 +66,19 @@ class X2GoBrokerClient(object): output = '' - if broker_backend.check_access(cookie=cookie, cookie_only=True): + access, next_cookie = broker_backend.check_access(cookie=cookie, override_password_auth=True) + if access: logger_broker.debug ('username: {username}, task: {task}, profile_id: {profile_id}'.format(username=username, task=task, profile_id=profile_id)) ### ### CONFIRM SUCCESSFUL AUTHENTICATION FIRST ### - - if global_config['require-cookie-auth'] and not global_config['use-static-cookie']: - - ### FIXME: make up a nice protocol for this, disabled for now - #output += "AUTHID: {authid}<br />".format(authid=broker_backend.get_next_authid(username=data.user)) - pass + if next_cookie is not None: + output += "AUTHID:{authid}\n".format(authid=next_cookie) output += "Access granted\n" + ### ### X2GO BROKER TASKS ### @@ -141,5 +139,3 @@ class X2GoBrokerClient(object): return output logger_broker.error ('broker backend ,,{backend}\'\' is disabled on this system'.format(backend=backend)) - - diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py index 5ae9ccb..f06b301 100644 --- a/x2gobroker/defaults.py +++ b/x2gobroker/defaults.py @@ -202,21 +202,24 @@ X2GOBROKER_CONFIG_DEFAULTS = { u'default-authorized-keys': u'%h/.x2go/authorized_keys', u'default-agent-query-mode': u'NONE', }, - 'zeroconf': { + 'broker_base': { + u'enable': False, + }, + 'broker_zeroconf': { u'enable': False, u'auth-mech': u'pam', u'user-db': u'libnss', u'group-db': u'libnss', u'desktop-shell': u'KDE', }, - 'inifile': { + 'broker_inifile': { u'enable': True, u'session-profiles': u'/etc/x2go/broker/x2gobroker-sessionprofiles.conf', u'auth-mech': u'', u'user-db': u'', u'group-db': u'', }, - 'ldap': { + 'broker_ldap': { u'enable': False, u'auth-mech': u'ldap', u'user-db': u'ldap', -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 3790cb7177faeb0bfac15beb7d5697f9e7f401d5 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Thu Apr 3 10:36:30 2014 +0200 mention all authmechs in Auth Mechs section in config file, even if not configurable --- etc/x2gobroker.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/etc/x2gobroker.conf b/etc/x2gobroker.conf index e51cc18..edd3ada 100644 --- a/etc/x2gobroker.conf +++ b/etc/x2gobroker.conf @@ -212,6 +212,9 @@ ### Auth Mechs section ### +#[authmech_pam] +# no configurable options for this authentication mechanism + #[authmech_https_get] #host = my.webserver.com #path = /auth/index.html -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
-
git-admin@x2go.org