This is an automated email from the git hooks/post-receive script. x2go pushed a change to branch master in repository x2gobroker. from 67b9140 more consolidation for split_host_address() function new 0dcd15f Provide legacy support for deprecated x2gobroker.conf global parameter 'check-credentials'. The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: debian/changelog | 2 ++ x2gobroker/brokers/base_broker.py | 16 ++++++++++++---- x2gobroker/defaults.py | 4 ++++ 3 files changed, 18 insertions(+), 4 deletions(-) -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 0dcd15ff0334890df18592baf7f1a12bbf812a2a Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Tue Oct 28 18:45:39 2014 +0100 Provide legacy support for deprecated x2gobroker.conf global parameter 'check-credentials'. --- debian/changelog | 2 ++ x2gobroker/brokers/base_broker.py | 16 ++++++++++++---- x2gobroker/defaults.py | 4 ++++ 3 files changed, 18 insertions(+), 4 deletions(-) diff --git a/debian/changelog b/debian/changelog index 9bfaa0e..ed9222e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -169,6 +169,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low completely. - Make sure that without configuration files, the HTTP broker listens to port 8080. + - Provide legacy support for deprecated x2gobroker.conf global parameter + 'check-credentials'. * debian/control: + Provide separate bin:package for SSH brokerage: x2gobroker-ssh. + Replace LDAP support with session brokerage support in LONG_DESCRIPTION. diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py index 9473c70..3e60280 100644 --- a/x2gobroker/brokers/base_broker.py +++ b/x2gobroker/brokers/base_broker.py @@ -826,10 +826,18 @@ class X2GoBroker(object): @rtype: C{bool},C{unicode} """ + require_password = self.config.get_value('global', 'require-password') + require_cookie = self.config.get_value('global', 'require-cookie') + + # LEGACY support for X2Go Session Broker (<< 0.0.3.0) configuration files + if not self.config.get_value('global', 'check-credentials'): + logger_broker.warning('base_broker.X2GoBroker.check_access(): deprecated parameter \'check-credentials\' used in x2gobroker.conf (use \'require-password\' and \'require-cookie\' instead)!!!'.format(configfile=self.config_file)) + require_password = False + require_cookie = False + ### FOR INTRANET LOAD BALANCER WE MAY JUST ALLOW ACCESS TO EVERYONE ### This is handled through the config file, normally /etc/x2go/x2gobroker.conf - - if not self.config.get_value('global', 'require-password') and not self.config.get_value('global', 'require-cookie'): + if not require_password and not require_cookie: logger_broker.debug('base_broker.X2GoBroker.check_access(): access is granted without checking credentials, prevent this in {configfile}'.format(configfile=self.config_file)) return True, None elif username == 'check-credentials' and password == 'FALSE': @@ -841,7 +849,7 @@ class X2GoBroker(object): if type(cookie) is types.StringType: cookie = unicode(cookie) - if (((cookie == None) or (cookie == "")) and self.config.get_value('global', 'require-cookie')): + if (((cookie == None) or (cookie == "")) and require_cookie): #cookie required but we did not get one - catch wrong cookie case later logger_broker.debug('base_broker.X2GoBroker.check_access(): cookie required but none given.') return False, None @@ -852,7 +860,7 @@ class X2GoBroker(object): logger_broker.debug('base_broker.X2GoBroker.check_access(): checking if our configured cookie was submitted: {access}'.format(access=access)) # the require cookie but not password case falls through to returning value of access - if self.config.get_value('global', 'require-password'): + if require_password: # using files to store persistant cookie information because global variables do not work across threads in WSGI if _X2GOBROKER_USER == _X2GOBROKER_DAEMON_USER: diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py index 9451d4b..91931c7 100644 --- a/x2gobroker/defaults.py +++ b/x2gobroker/defaults.py @@ -190,6 +190,10 @@ X2GOBROKER_HOME = os.path.normpath(os.path.expanduser('~{broker_uid}'.format(bro # defaults for X2Go Sessino Broker configuration file X2GOBROKER_CONFIG_DEFAULTS = { 'global': { + # legacy support for X2Go Session Broker << 0.0.3.0 + # the check-credentials parameter has been slit up into the two params above + u'check-credentials': True, + # use these two instead of check-credentials... u'require-password': True, u'require-cookie': False, u'use-static-cookie': True, -- Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
-
git-admin@x2go.org