[x2gobroker] branch master updated (ccee037 -> 9fa371e)

List overview All Threads
Download

newer

older

[[X2Go Wiki]] page changed:...

Jenkins build is back to normal :...

git-admin＠x2go.org

14 Dec 2018 14 Dec '18

8:56 a.m.

This is an automated email from the git hooks/post-receive script. x2go pushed a change to branch master in repository x2gobroker. from ccee037 src/x2gobroker-{agent,ssh}.c: fix more compile errors. new f0818c9 x2gobroker/config.py: Correctly reference RawConfigParser class. new 7d6c36b x2gobroker/agent.py: Move delay_execution() function over to x2gobroker/utils.py. new 5cd512f Move AuthService and AuthClient classes to x2gobroker/authservice.py, so that we have them in the API documentation. new db2e980 x2gobroker/basicauth.py: Add API documentation. new 790e3fb x2gobroker/config.py: Don't use types.InstanceType anymore. Gone in Python3. new 422b859 x2gobroker/tests/test_web_uccs_zeroconf.py: Drop duplicate URL key from dictionary. new e6d161e x2gobroker/tests/test_web_plain_base.py: Rename function, so we don't redefine an earlier test function. new 997a97e x2gobroker/tests/test_web_uccs_zeroconf.py: Add missing / undefined variable. new 5820a87 SSH broker: Add --login option. This now supports X2Go Broker user and X2Go Server username being different accounts. new 7103d4a bin/x2gobroker: Correctly use split_host_address() function call. new f9dd59d bin/x2gobroker: Don't override already defined logger objects, define them properly where needed. new cb7e297 Convert one more unicode object into (Python3) string. new 39a018c debian/control: Add B-D: python3-netaddr (for unit tests). new 77a942d x2gobroker/tests/test_broker_agent.py: Assure that tests are run without loadchecker usage. new 9570047 broker-use-load-checker profile option: Also tolerate 'TRUE' and 'True'. new 93a6974 x2gobroker/agent.py: Fix failing execution of LOCAL broker agent. As the LOCAL broker agent is executed setuid root, we cannot Popen.terminate() (which is unneeded anyway) the process after its execution. new 9fa371e HTTP broker: Add &login=<server_user> support to plain and json broker frontends. The 17 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "adds" were already present in the repository and have only been added to this reference. Summary of changes: bin/x2gobroker | 29 ++++++-- debian/changelog | 16 +++++ debian/control | 1 + sbin/x2gobroker-authservice | 56 +--------------- sbin/x2gobroker-keygen | 2 +- x2gobroker/agent.py | 36 ++-------- x2gobroker/authservice.py | 103 +++++++++++++++++++++++++++++ x2gobroker/basicauth.py | 18 +++++ x2gobroker/brokers/base_broker.py | 12 ++-- x2gobroker/client/plain.py | 19 +++--- x2gobroker/config.py | 18 ++--- x2gobroker/tests/test_broker_agent.py | 3 + x2gobroker/tests/test_client_plain_base.py | 1 + x2gobroker/tests/test_web_plain_base.py | 23 ++++++- x2gobroker/tests/test_web_uccs_zeroconf.py | 3 +- x2gobroker/utils.py | 38 +++++++++++ x2gobroker/web/json.py | 19 +++--- x2gobroker/web/plain.py | 19 +++--- 18 files changed, 282 insertions(+), 134 deletions(-) -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

Show replies by date

git-admin＠x2go.org

14 Dec 14 Dec

8:56 a.m.

New subject: [x2gobroker] 01/17: x2gobroker/config.py: Correctly reference RawConfigParser class.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit f0818c9210105a079d0ae5856fcd35ca43c31b05 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Sep 14 11:36:44 2018 +0200 x2gobroker/config.py: Correctly reference RawConfigParser class. --- x2gobroker/config.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/x2gobroker/config.py b/x2gobroker/config.py index 66700f0..d20bc83 100644 --- a/x2gobroker/config.py +++ b/x2gobroker/config.py @@ -125,10 +125,10 @@ class X2GoBrokerConfigFile(object): """\ Stores a value for a given section and key. - This methods affects a ``RawConfigParser`` object held in - RAM. No configuration file is affected by this - method. To write the configuration to disk use - the L{write()} method. + This methods affects a :class:`configparser.RawConfigParser` + object held in RAM. No configuration file is affected by this + method. To write the configuration to disk use the L{write()} + method. :param section: the INI file section :type section: ``str`` @@ -149,10 +149,10 @@ class X2GoBrokerConfigFile(object): def _fill_defaults(self): """\ - Fills a ``RawConfigParser`` object with the default config file - values as pre-defined in Python X2GoBroker or. This RawConfigParser - object is held in RAM. No configuration file is affected by this - method. + Fills a :class:`configparser.RawConfigParser` object with the + default config file values as pre-defined in Python X2GoBroker + or. This RawConfigParser object is held in RAM. No configuration + file is affected by this method. """ for section, sectiondict in list(self.defaultValues.items()): -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 02/17: x2gobroker/agent.py: Move delay_execution() function over to x2gobroker/utils.py.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 7d6c36b9ead1625c347124a1cd7ccd6203e15c29 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Sep 14 12:28:04 2018 +0200 x2gobroker/agent.py: Move delay_execution() function over to x2gobroker/utils.py. --- x2gobroker/agent.py | 27 +-------------------------- x2gobroker/utils.py | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+), 26 deletions(-) diff --git a/x2gobroker/agent.py b/x2gobroker/agent.py index 3563da2..935c330 100644 --- a/x2gobroker/agent.py +++ b/x2gobroker/agent.py @@ -22,7 +22,6 @@ import os.path import subprocess import paramiko import io -import time import socket import logging @@ -37,34 +36,10 @@ import x2gobroker.defaults import x2gobroker.x2gobroker_exceptions import x2gobroker.utils from x2gobroker.loggers import logger_broker, logger_error +from x2gobroker.utils import delayed_execution tasks = {} - -def delayed_execution(agent_func, delay=0, **kwargs): - - forkpid = os.fork() - if forkpid == 0: - - # close stdin, stdout and stderr in the forked process... - for nm in os.listdir("/proc/self/fd"): - if nm.startswith('.'): - continue - fd = int(nm) - if fd in (0,1,2): - os.close(fd) - - # wait for the given delay period - i = 0 - while i < delay: - time.sleep(1) - i += 1 - - # execute the function requested - agent_func(**kwargs) - os._exit(0) - - def has_remote_broker_agent_setup(): """\ Peform some integrity checks that may indicate that a remote diff --git a/x2gobroker/utils.py b/x2gobroker/utils.py index 8f703db..3e16985 100644 --- a/x2gobroker/utils.py +++ b/x2gobroker/utils.py @@ -35,6 +35,7 @@ import distutils.version import pwd, grp import socket import binascii +import time def _checkConfigFileDefaults(data_structure): """\ @@ -410,3 +411,40 @@ def get_key_fingerprint_with_colons(key): if idx % 2 == 0: _colon_fingerprint += ':' return _colon_fingerprint.rstrip(':') + +def delayed_execution(agent_func, delay, *args, **kwargs): + """\ + Delay execution of a function. + + :param func: function to be executed. + :type func: ``func`` + :param delay: delay of the function start in seconds + :type delay: ``int`` + :param args: arg parameters to be handed over to the + to-be-delayed function + :type args: ``list`` + :param kwargs: kwarg parameters to be handed over to the + to-be-delayed function + :type kwargs: ``dict`` + + """ + forkpid = os.fork() + if forkpid == 0: + + # close stdin, stdout and stderr in the forked process... + for nm in os.listdir("/proc/self/fd"): + if nm.startswith('.'): + continue + fd = int(nm) + if fd in (0,1,2): + os.close(fd) + + # wait for the given delay period + i = 0 + while i < delay: + time.sleep(1) + i += 1 + + # execute the function requested + agent_func(*args, **kwargs) + os._exit(0) -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 05/17: x2gobroker/config.py: Don't use types.InstanceType anymore. Gone in Python3.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 790e3fbe82c5948397cf911b74643ee66913e091 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Sep 14 15:12:13 2018 +0200 x2gobroker/config.py: Don't use types.InstanceType anymore. Gone in Python3. --- x2gobroker/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x2gobroker/config.py b/x2gobroker/config.py index d20bc83..f518d24 100644 --- a/x2gobroker/config.py +++ b/x2gobroker/config.py @@ -100,7 +100,7 @@ class X2GoBrokerConfigFile(object): def __repr__(self): result = 'X2GoConfigFile(' for p in dir(self): - if '__' in p or not p in self.__dict__ or type(p) is types.InstanceType: continue + if '__' in p or not p in self.__dict__: continue result += p + '=' + str(self.__dict__[p]) + ',' result = result.strip(',') return result + ')' -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 06/17: x2gobroker/tests/test_web_uccs_zeroconf.py: Drop duplicate URL key from dictionary.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 422b859e26e1cc3a73b6fe3adaa2033f1dbc5588 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Sep 14 15:14:25 2018 +0200 x2gobroker/tests/test_web_uccs_zeroconf.py: Drop duplicate URL key from dictionary. --- x2gobroker/tests/test_web_uccs_zeroconf.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/x2gobroker/tests/test_web_uccs_zeroconf.py b/x2gobroker/tests/test_web_uccs_zeroconf.py index b4249ee..59200e1 100644 --- a/x2gobroker/tests/test_web_uccs_zeroconf.py +++ b/x2gobroker/tests/test_web_uccs_zeroconf.py @@ -55,7 +55,6 @@ class TestX2GoBrokerWebUccsZeroConf(unittest.TestCase): 'Password': '', }, ], - 'URL': 'http://localhost:8080/uccs/zeroconf/', } _config = """ [global] @@ -104,7 +103,6 @@ desktop-shell = KDE 'Password': '', }, ], - 'URL': 'http://localhost:8080/uccs/zeroconf/', } _config = """ [global] -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 07/17: x2gobroker/tests/test_web_plain_base.py: Rename function, so we don't redefine an earlier test function.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit e6d161e244681f709042014a50d8c254b7879e02 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Sep 14 15:18:58 2018 +0200 x2gobroker/tests/test_web_plain_base.py: Rename function, so we don't redefine an earlier test function. --- x2gobroker/tests/test_web_plain_base.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x2gobroker/tests/test_web_plain_base.py b/x2gobroker/tests/test_web_plain_base.py index c46e14d..0e6e255 100644 --- a/x2gobroker/tests/test_web_plain_base.py +++ b/x2gobroker/tests/test_web_plain_base.py @@ -85,7 +85,7 @@ auth-mech = testsuite ### TEST RESPONSE: simple authentication with accentuated chars in password (check_access) - def test_checkaccess(self): + def test_checkaccess_with_accentuated_chars(self): testApp = TestApp(application) r = testApp.get('/plain/base/', expect_errors=True) assert_equal(r.status, 404) -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 08/17: x2gobroker/tests/test_web_uccs_zeroconf.py: Add missing / undefined variable.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 997a97e3c40b83bd3a28a2afb17c3d4fd94d4b35 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Sep 14 15:38:26 2018 +0200 x2gobroker/tests/test_web_uccs_zeroconf.py: Add missing / undefined variable. --- x2gobroker/tests/test_web_uccs_zeroconf.py | 1 + 1 file changed, 1 insertion(+) diff --git a/x2gobroker/tests/test_web_uccs_zeroconf.py b/x2gobroker/tests/test_web_uccs_zeroconf.py index 59200e1..1e47bb6 100644 --- a/x2gobroker/tests/test_web_uccs_zeroconf.py +++ b/x2gobroker/tests/test_web_uccs_zeroconf.py @@ -119,6 +119,7 @@ desktop-shell = kdE tf.seek(0) x2gobroker.defaults.X2GOBROKER_CONFIG = tf.name testApp = TestApp(application) + headers = {} r = testApp.get('/uccs/zeroconf/api/4', headers=headers, expect_errors=True) assert_equal(r.status, 200) -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 03/17: Move AuthService and AuthClient classes to x2gobroker/authservice.py, so that we have them in the API documentation.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 5cd512f08f9f0fe525f59f09728bfaa96af7a8c3 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Sep 14 12:53:37 2018 +0200 Move AuthService and AuthClient classes to x2gobroker/authservice.py, so that we have them in the API documentation. --- sbin/x2gobroker-authservice | 56 +----------------------- x2gobroker/authservice.py | 103 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 104 insertions(+), 55 deletions(-) diff --git a/sbin/x2gobroker-authservice b/sbin/x2gobroker-authservice index baa75c8..c80a86f 100755 --- a/sbin/x2gobroker-authservice +++ b/sbin/x2gobroker-authservice @@ -25,10 +25,8 @@ import setproctitle import argparse import logging import asyncore -import socket import getpass import logging.config -import pam import atexit import configparser @@ -55,59 +53,7 @@ setproctitle.setproctitle("%s %s" % (PROG_NAME, " ".join(PROG_OPTIONS))) from x2gobroker import __VERSION__ from x2gobroker import __AUTHOR__ - - -class AuthClient(asyncore.dispatcher_with_send): - - def __init__(self, sock, logger=None): - self.logger = logger - asyncore.dispatcher_with_send.__init__(self, sock) - self._buf = '' - - def handle_read(self): - data = self._buf + self.recv(1024).decode() - if not data: - self.close() - return - reqs, data = data.rsplit('\n', 1) - self._buf = data - for req in reqs.split('\n'): - try: - user, passwd, service = req.split('\r') - except: - self.send('bad\n') - self.logger.warning('bad authentication data received') - else: - opam = pam - if hasattr(pam, "pam"): - opam = pam.pam() - if opam.authenticate(user, passwd, service): - self.send('ok\n'.encode()) - self.logger.info('successful authentication for \'{user}\' with password \'<hidden>\' against PAM service \'{service}\''.format(user=user, service=service)) - else: - self.send('fail\n'.encode()) - self.logger.info('authentication failure for \'{user}\' with password \'<hidden>\' against PAM service \'{service}\''.format(user=user, service=service)) - - def handle_close(self): - self.close() - - -class AuthService(asyncore.dispatcher_with_send): - - def __init__(self, socketfile, owner='root', group_owner='root', permissions='0o660', logger=None): - self.logger = logger - asyncore.dispatcher_with_send.__init__(self) - self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM) - self.set_reuse_addr() - self.bind(socketfile) - os.chown(socketfile, getpwnam(owner).pw_uid, getgrnam(group_owner).gr_gid) - os.chmod(socketfile, int(permissions, 8)) - self.listen(1) - - def handle_accept(self): - conn, _ = self.accept() - AuthClient(conn, logger=self.logger) - +from x2gobroker.authservice import AuthService def loop(): asyncore.loop() diff --git a/x2gobroker/authservice.py b/x2gobroker/authservice.py index d8d6755..2bac9bc 100644 --- a/x2gobroker/authservice.py +++ b/x2gobroker/authservice.py @@ -18,8 +18,14 @@ # Free Software Foundation, Inc., # 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. +import asyncore +import os +import pam import socket +from pwd import getpwnam +from grp import getgrnam + # X2Go Session Broker modules import x2gobroker.defaults from x2gobroker.loggers import logger_broker @@ -69,3 +75,100 @@ def authenticate(username, password, service="x2gobroker"): return True logger_broker.info('authservice.authenticate(): authentication against service »{service}« failed for user »{username}«'.format(username=username, service=service)) return False + +class AuthClient(asyncore.dispatcher_with_send): + """\ + Handle incoming PAM credential verification request and send a + response back through the socket. + + :param sock: open socket connection + :type sock: ``<obj>`` + :param logger: logger instance to report log messages to + :type logger: ``obj`` + + """ + def __init__(self, sock, logger=None): + self.logger = logger + asyncore.dispatcher_with_send.__init__(self, sock) + self._buf = '' + + def handle_read(self): + """\ + Handle the incoming request after :func:`AuthService.accept()` + and respond accordingly. + + The requests are expected line by line, the fields are split by "\\r":: + + <user>\\r<password>\\r<pam-service>\\n + + The reponse is sent back over the open socket connection. + Possibly answers are either:: + + ok\\n + + or... + + fail\\n + + """ + data = self._buf + self.recv(1024).decode() + if not data: + self.close() + return + reqs, data = data.rsplit('\n', 1) + self._buf = data + for req in reqs.split('\n'): + try: + user, passwd, service = req.split('\r') + except: + self.send('bad\n') + self.logger.warning('bad authentication data received') + else: + opam = pam + if hasattr(pam, "pam"): + opam = pam.pam() + if opam.authenticate(user, passwd, service): + self.send('ok\n'.encode()) + self.logger.info('successful authentication for \'{user}\' with password \'<hidden>\' against PAM service \'{service}\''.format(user=user, service=service)) + else: + self.send('fail\n'.encode()) + self.logger.info('authentication failure for \'{user}\' with password \'<hidden>\' against PAM service \'{service}\''.format(user=user, service=service)) + + def handle_close(self): + self.close() + + +class AuthService(asyncore.dispatcher_with_send): + """\ + Provide an :mod:`asyncore` based authentication socket handler where + client can send credential checking requests to. + + Access to the sockt is limited by file permissions to given owner and + group. + + :param socketfile: file name path of the to be created Unix domain + socket file. The directory in the give path must exist. + :type socketfile: ``str`` + :param owner: chown the socket file to this owner + :type owner: ``str`` + :param group: chgrp the socket file to this group + :type group: ``str`` + :param permissions: octal representation of the file permissions (handed over as string) + :type permissions: ``str`` + :param logger: logger instance to report log messages to + :type logger: ``<obj>`` + + """ + def __init__(self, socketfile, owner='root', group_owner='root', permissions='0o660', logger=None): + self.logger = logger + asyncore.dispatcher_with_send.__init__(self) + self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM) + self.set_reuse_addr() + self.bind(socketfile) + os.chown(socketfile, getpwnam(owner).pw_uid, getgrnam(group_owner).gr_gid) + os.chmod(socketfile, int(permissions, 8)) + self.listen(1) + + def handle_accept(self): + conn, _ = self.accept() + AuthClient(conn, logger=self.logger) -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 04/17: x2gobroker/basicauth.py: Add API documentation.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit db2e980ae22a93a8fa1dbed3483f111b199f25ea Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Sep 14 13:01:33 2018 +0200 x2gobroker/basicauth.py: Add API documentation. --- x2gobroker/basicauth.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/x2gobroker/basicauth.py b/x2gobroker/basicauth.py index 0ed69b8..d48117b 100644 --- a/x2gobroker/basicauth.py +++ b/x2gobroker/basicauth.py @@ -16,10 +16,28 @@ # Free Software Foundation, Inc., # 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. +"""\ +Module providing a function for handling BasicAuth request processing. + +""" + # modules import base64 def require_basic_auth(realm, validate_callback): + """\ + Handler for ``http(s)://`` BasisAuth processing. + + :param realm: authentication realm + :type realm: ``str`` + :param validate_callback: callback function for validating credentials + :type validate_callback: ``func`` + + :returns: authentication :func:`execute()` function (or ``False``) + :rtype: ``func`` or ``bool`` + + """ + def require_basic_auth_decorator(handler_class): def wrap_execute(handler_execute): def require_basic_auth(handler, kwargs): -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 09/17: SSH broker: Add --login option. This now supports X2Go Broker user and X2Go Server username being different accounts.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 5820a876a107ed99b11a0805988f80e563a87627 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Nov 30 09:31:16 2018 +0100 SSH broker: Add --login option. This now supports X2Go Broker user and X2Go Server username being different accounts. --- bin/x2gobroker | 16 +++++++++++++--- debian/changelog | 2 ++ x2gobroker/brokers/base_broker.py | 4 ++-- x2gobroker/client/plain.py | 19 ++++++++++--------- x2gobroker/tests/test_client_plain_base.py | 1 + 5 files changed, 28 insertions(+), 14 deletions(-) diff --git a/bin/x2gobroker b/bin/x2gobroker index bf3dfa9..16c44df 100755 --- a/bin/x2gobroker +++ b/bin/x2gobroker @@ -130,7 +130,8 @@ if __name__ == "__main__": sshbroker_options = [ {'args':['--task'], 'default': None, 'metavar': 'BROKER_TASK', 'help': 'broker task (listsessions, selectsession, setpass, testcon)', }, - {'args':['--user'], 'default': None, 'metavar': 'USER_NAME', 'help': 'Operate on behalf of this user name', }, + {'args':['--user'], 'default': None, 'metavar': 'USER_NAME', 'help': 'Operate on behalf of this X2Go Broker user name', }, + {'args':['--login'], 'default': None, 'metavar': 'LOGIN_NAME', 'help': 'Operate on behalf of this X2Go Server user name', }, {'args':['--auth-cookie', '--next-authid', '--authid', ], 'default': None, 'metavar': 'AUTH_ID', 'help': 'Pre-shared (dynamic) authentication ID', }, {'args':['--profile-id', '--sid', ], 'default': None, 'metavar': 'PROFILE_ID', 'help': 'for task: the profile ID selected from the list of available session profiles', }, {'args':['--backend'], 'default': None, 'metavar': 'BROKER_BACKEND', 'help': 'select a non-default broker backend', }, @@ -182,11 +183,20 @@ if __name__ == "__main__": if cmdline_args.profile_id and cmdline_args.task != 'selectsession': #logger_broker.warn('ignoring option --sid as it only has a meaning with ,,--task selectsession\'\'') pass + + # is a specific X2Go Broker user given on the command line? if cmdline_args.user is None: cmdline_args.user = os.environ['LOGNAME'] - elif cmdline_args.user != x2gobroker.defaults.X2GOBROKER_DAEMON_USER: - #logger_broker.warn('denying context change to user `{user}\', only allowed for magic user `{magic_user}\''.format(user=cmdline_args.user, magic_user=x2gobroker.defaults.X2GOBROKER_DAEMON_USER)) + elif os.environ['LOGNAME'] != x2gobroker.defaults.X2GOBROKER_DAEMON_USER: + logger_broker.warn('denying context change to user `{user}\', only allowed for magic user `{magic_user}\''.format(user=cmdline_args.user, magic_user=x2gobroker.defaults.X2GOBROKER_DAEMON_USER)) cmdline_args.user = os.environ['LOGNAME'] + + # is a specific X2Go Server login name given on the command line? + # if not, assume broker user and X2Go Server login are the same... + if cmdline_args.login is None: + cmdline_args.login = cmdline_args.user + + # bail out if no task is given on the command line if cmdline_args.task is None: print("") p.print_usage() diff --git a/debian/changelog b/debian/changelog index f2bc8ba..f37e161 100644 --- a/debian/changelog +++ b/debian/changelog @@ -83,6 +83,8 @@ x2gobroker (0.0.4.0-0x2go1) UNRELEASED; urgency=medium - x2gobroker/loadchecker.py: Avoid rare cases where at the end of a load checking cycle a negative sleep time would have been calculated. (Fixes: #1315). Thanks to Walid Moghrabi for catching this. + - SSH broker: Add --login option. This now supports X2Go Broker user and + X2Go Server username being different accounts. * debian/*: + Trigger Makefile's install target and install those files. Drop debhelper from-source-installation magic. diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py index 9c1e68d..b6c9b3f 100644 --- a/x2gobroker/brokers/base_broker.py +++ b/x2gobroker/brokers/base_broker.py @@ -1306,7 +1306,7 @@ class X2GoBroker(object): :param profile_id: the selected profile ID. This matches one of the dictionary keys offered by the ``list_profiles`` method :type profile_id: ``str`` - :param username: specify username that this operation runs for + :param username: specify X2Go Server username that this operation runs for :type username: ``str`` :param pubkey: The broker clients may send us a public key that we may temporarily install into a remote X2Go Server for non-interactive login @@ -1642,7 +1642,7 @@ class X2GoBroker(object): # this is the OLD style of the auto login feature # FIXME: we somehow have to find out about the username of the person at the broker client-side... - # using the username used for broker login for now... + # using the username used for server login for now... pubkey, privkey = x2gobroker.agent.genkeypair(local_username=username, client_address=self.get_client_address()) if remote_sshproxy_agent is not None: diff --git a/x2gobroker/client/plain.py b/x2gobroker/client/plain.py index dad51ab..fc8ddd9 100644 --- a/x2gobroker/client/plain.py +++ b/x2gobroker/client/plain.py @@ -58,7 +58,8 @@ class X2GoBrokerClient(object): logger_broker.info('client address is {address}'.format(address=ip)) broker_backend.set_client_address(ip) - username = args.user + broker_username = args.user + server_username = args.login cookie = args.auth_cookie task = args.task profile_id = args.profile_id @@ -67,13 +68,13 @@ class X2GoBrokerClient(object): broker_backend._do_authenticate = _override_do_authenticate - username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='pre_auth_scripts', username=username, password="SSH", task=task, profile_id=profile_id, ip=ip, cookie=cookie) - access, next_cookie = broker_backend.check_access(username=username, ip=ip, cookie=cookie, override_password_auth=True) - username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='post_auth_scripts', username=username, password="SSH", task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access) + broker_username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='pre_auth_scripts', username=broker_username, password="SSH", task=task, profile_id=profile_id, ip=ip, cookie=cookie) + access, next_cookie = broker_backend.check_access(username=broker_username, ip=ip, cookie=cookie, override_password_auth=True) + broker_username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='post_auth_scripts', username=broker_username, password="SSH", task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access) if access: - logger_broker.debug ('username: {username}, task: {task}, profile_id: {profile_id}'.format(username=username, task=task, profile_id=profile_id)) + logger_broker.debug ('broker_username: {broker_username}, server_username: {server_username}, task: {task}, profile_id: {profile_id}'.format(broker_username=broker_username, server_username=server_username, task=task, profile_id=profile_id)) ### ### CONFIRM SUCCESSFUL AUTHENTICATION FIRST @@ -98,7 +99,7 @@ class X2GoBrokerClient(object): if task == 'listsessions': - profiles = broker_backend.list_profiles(username) + profiles = broker_backend.list_profiles(broker_username) if profiles: output += "START_USER_SESSIONS\n\n" profile_ids = list(profiles.keys()) @@ -107,7 +108,7 @@ class X2GoBrokerClient(object): output += "[{profile_id}]\n".format(profile_id=profile_id) for key in list(profiles[profile_id].keys()): if key == 'user' and not profiles[profile_id][key]: - profiles[profile_id][key] = username + profiles[profile_id][key] = server_username if type(profiles[profile_id][key]) == str: output += "{key}={value}".format(key=key, value=profiles[profile_id][key]) elif type(profiles[profile_id][key]) in (list, tuple): @@ -124,9 +125,9 @@ class X2GoBrokerClient(object): if profile_id: - profile_info = broker_backend.select_session(profile_id=profile_id, username=username) + profile_info = broker_backend.select_session(profile_id=profile_id, username=server_username) - username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='select_session_scripts', username=username, password="SSH", task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access, server=profile_info['server']) + broker_username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='select_session_scripts', username=broker_username, password="SSH", task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access, server=profile_info['server']) if 'server' in profile_info: output += "SERVER:" diff --git a/x2gobroker/tests/test_client_plain_base.py b/x2gobroker/tests/test_client_plain_base.py index 34ce54f..c6c3c9f 100644 --- a/x2gobroker/tests/test_client_plain_base.py +++ b/x2gobroker/tests/test_client_plain_base.py @@ -29,6 +29,7 @@ from nose.tools import assert_equal, assert_true, assert_false class args(): def __init__(self): self.user = None + self.login = None self.auth_cookie = None self.task = None self.profile_id = None -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 10/17: bin/x2gobroker: Correctly use split_host_address() function call.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 7103d4a50b25be21521bd97ca7421938c261ff63 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Nov 30 09:35:38 2018 +0100 bin/x2gobroker: Correctly use split_host_address() function call. --- bin/x2gobroker | 2 +- debian/changelog | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/bin/x2gobroker b/bin/x2gobroker index 16c44df..b67b3a6 100755 --- a/bin/x2gobroker +++ b/bin/x2gobroker @@ -256,7 +256,7 @@ if __name__ == "__main__": if not daemon_logdir.endswith('/'): daemon_logdir += '/' - bind_address, bind_port = x2gobroker.utils.split_host_address(cmdline_args.bind, default_address=None, default_port=8080) + bind_address, bind_port = split_host_address(cmdline_args.bind, default_address=None, default_port=8080) cmdline_args.bind = "[{address}]:{port}".format(address=bind_address, port=bind_port) if os.getuid() == 0 and cmdline_args.drop_privileges: diff --git a/debian/changelog b/debian/changelog index f37e161..0fcf6d2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -85,6 +85,7 @@ x2gobroker (0.0.4.0-0x2go1) UNRELEASED; urgency=medium (Fixes: #1315). Thanks to Walid Moghrabi for catching this. - SSH broker: Add --login option. This now supports X2Go Broker user and X2Go Server username being different accounts. + - bin/x2gobroker: Correctly use split_host_address() function call. * debian/*: + Trigger Makefile's install target and install those files. Drop debhelper from-source-installation magic. -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 11/17: bin/x2gobroker: Don't override already defined logger objects, define them properly where needed.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit f9dd59dd656019f593d37d234a2859cc17696061 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Nov 30 09:41:20 2018 +0100 bin/x2gobroker: Don't override already defined logger objects, define them properly where needed. --- bin/x2gobroker | 11 +++++++++-- debian/changelog | 2 ++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/bin/x2gobroker b/bin/x2gobroker index b67b3a6..db73176 100755 --- a/bin/x2gobroker +++ b/bin/x2gobroker @@ -94,7 +94,9 @@ except ImportError: from x2gobroker import __VERSION__ from x2gobroker import __AUTHOR__ -from x2gobroker.loggers import logger_broker, logger_access, logger_error, tornado_log_request, PROG_NAME +import x2gobroker.loggers +tornado_log_request = x2gobroker.loggers.tornado_log_request +PROG_NAME = x2gobroker.loggers.PROG_NAME from x2gobroker.utils import drop_privileges, split_host_address interactive_mode_warning = False @@ -157,11 +159,16 @@ if __name__ == "__main__": if cmdline_args.debug_interactively: # recreate loggers... logger_broker, logger_access, logger_error = x2gobroker.loggers.init_console_loggers() - # override loggers in x2gobroker module... + # define our own debugging loggers x2gobroker.loggers.logger_broker = logger_broker x2gobroker.loggers.logger_broker = logger_access x2gobroker.loggers.logger_error = logger_error cmdline_args.debug = True + else: + # use already defined loggers from the x2gobroker.loggers module... + logger_broker = x2gobroker.loggers.logger_broker + logger_access = x2gobroker.loggers.logger_broker + logger_error = x2gobroker.loggers.logger_error # override X2GOBROKER_DEBUG=0 in os.environ with the command line switch if cmdline_args.debug: diff --git a/debian/changelog b/debian/changelog index 0fcf6d2..57f3f69 100644 --- a/debian/changelog +++ b/debian/changelog @@ -86,6 +86,8 @@ x2gobroker (0.0.4.0-0x2go1) UNRELEASED; urgency=medium - SSH broker: Add --login option. This now supports X2Go Broker user and X2Go Server username being different accounts. - bin/x2gobroker: Correctly use split_host_address() function call. + - bin/x2gobroker: Don't override already defined logger objects, define + them properly where needed. * debian/*: + Trigger Makefile's install target and install those files. Drop debhelper from-source-installation magic. -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 12/17: Convert one more unicode object into (Python3) string.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit cb7e297b5c34926c1f30afdccee82ec22cf03e70 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Nov 30 10:26:25 2018 +0100 Convert one more unicode object into (Python3) string. --- debian/changelog | 1 + sbin/x2gobroker-keygen | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/debian/changelog b/debian/changelog index 57f3f69..dde5278 100644 --- a/debian/changelog +++ b/debian/changelog @@ -88,6 +88,7 @@ x2gobroker (0.0.4.0-0x2go1) UNRELEASED; urgency=medium - bin/x2gobroker: Correctly use split_host_address() function call. - bin/x2gobroker: Don't override already defined logger objects, define them properly where needed. + - Convert one more unicode object into (Python3) string. * debian/*: + Trigger Makefile's install target and install those files. Drop debhelper from-source-installation magic. diff --git a/sbin/x2gobroker-keygen b/sbin/x2gobroker-keygen index 95a5b40..5fe716b 100755 --- a/sbin/x2gobroker-keygen +++ b/sbin/x2gobroker-keygen @@ -95,7 +95,7 @@ if __name__ == '__main__': cmdline_args = p.parse_args() if cmdline_args.key_type.upper() not in supported_key_types: - logger_error.error(u'Unknown key type »{key_type}«. Possible key types are RSA and DSA. Exiting...'.format(key_type=cmdline_args.key_type.upper())) + logger_error.error('Unknown key type »{key_type}«. Possible key types are RSA and DSA. Exiting...'.format(key_type=cmdline_args.key_type.upper())) sys.exit(-2) broker_uid = x2gobroker.defaults.X2GOBROKER_DAEMON_USER -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 13/17: debian/control: Add B-D: python3-netaddr (for unit tests).

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 39a018c201fad8c1425734a87f7e61a28876ec6d Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Nov 30 10:36:44 2018 +0100 debian/control: Add B-D: python3-netaddr (for unit tests). --- debian/changelog | 1 + debian/control | 1 + 2 files changed, 2 insertions(+) diff --git a/debian/changelog b/debian/changelog index dde5278..f16357f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -104,6 +104,7 @@ x2gobroker (0.0.4.0-0x2go1) UNRELEASED; urgency=medium with Python3 core. + Switch from libapache2-mod-wsgi to libapache2-mod-wsgi-py3. + Add B-D: dh-python. + + Add B-D: python3-netaddr (for unit tests). * debian/x2gobroker-loadchecker.postinst: + Do chown/chmod on the correct file (not authservice.log, but loadchecker.log). diff --git a/debian/control b/debian/control index d3f02a3..6c2569b 100644 --- a/debian/control +++ b/debian/control @@ -14,6 +14,7 @@ Build-Depends: dpkg-dev (>= 1.14.31~), python3 (>= 2.6.5-0~), python3-setuptools, + python3-netaddr, python3-nose, python3-paste, python3-sphinx, -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 14/17: x2gobroker/tests/test_broker_agent.py: Assure that tests are run without loadchecker usage.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 77a942dd5a06e45a77c2f03a228a4bc0d3fffdbe Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Nov 30 10:37:40 2018 +0100 x2gobroker/tests/test_broker_agent.py: Assure that tests are run without loadchecker usage. --- debian/changelog | 2 ++ x2gobroker/tests/test_broker_agent.py | 3 +++ 2 files changed, 5 insertions(+) diff --git a/debian/changelog b/debian/changelog index f16357f..eb7983d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -89,6 +89,8 @@ x2gobroker (0.0.4.0-0x2go1) UNRELEASED; urgency=medium - bin/x2gobroker: Don't override already defined logger objects, define them properly where needed. - Convert one more unicode object into (Python3) string. + - x2gobroker/tests/test_broker_agent.py: Assure that tests are run without + loadchecker usage. * debian/*: + Trigger Makefile's install target and install those files. Drop debhelper from-source-installation magic. diff --git a/x2gobroker/tests/test_broker_agent.py b/x2gobroker/tests/test_broker_agent.py index f93119e..c3c4552 100644 --- a/x2gobroker/tests/test_broker_agent.py +++ b/x2gobroker/tests/test_broker_agent.py @@ -84,6 +84,7 @@ class TestX2GoBrokerAgent(unittest.TestCase): command = MATE user = foo broker-agent-query-mode = NONE +broker-use-load-checker = false [testprofile1] name = testprofile1 @@ -334,6 +335,7 @@ broker-agent-query-mode = SSH command = MATE user = foo broker-agent-query-mode = NONE +broker-use-load-checker = false [testprofile1] name = testprofile1 @@ -471,6 +473,7 @@ broker-autologin = true command = MATE user = foo broker-agent-query-mode = NONE +broker-use-load-checker = false [testprofile1] name = testprofile1 -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 15/17: broker-use-load-checker profile option: Also tolerate 'TRUE' and 'True'.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 95700473c181f0e6905d5aa4d7cc3f5172c3cc20 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Nov 30 10:39:02 2018 +0100 broker-use-load-checker profile option: Also tolerate 'TRUE' and 'True'. --- debian/changelog | 1 + x2gobroker/brokers/base_broker.py | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index eb7983d..6138397 100644 --- a/debian/changelog +++ b/debian/changelog @@ -91,6 +91,7 @@ x2gobroker (0.0.4.0-0x2go1) UNRELEASED; urgency=medium - Convert one more unicode object into (Python3) string. - x2gobroker/tests/test_broker_agent.py: Assure that tests are run without loadchecker usage. + - broker-use-load-checker profile option: Also tolerate 'TRUE' and 'True'. * debian/*: + Trigger Makefile's install target and install those files. Drop debhelper from-source-installation magic. diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py index b6c9b3f..d8e1847 100644 --- a/x2gobroker/brokers/base_broker.py +++ b/x2gobroker/brokers/base_broker.py @@ -746,12 +746,12 @@ class X2GoBroker(object): return False # if not blocked on a per session profile basis - if 'broker-use-load-checker' in _profile_broker and _profile_broker['broker-use-load-checker'] not in ('1', 'true'): + if 'broker-use-load-checker' in _profile_broker and _profile_broker['broker-use-load-checker'] not in ('1', 'true', 'TRUE', 'True'): return False # if load checking is enabled globally, for the broker backend, # or for the given session profile... - if self.get_use_load_checker() or ('broker-use-load-checker' in _profile_broker and _profile_broker['broker-use-load-checker'] in ('1', 'true')): + if self.get_use_load_checker() or ('broker-use-load-checker' in _profile_broker and _profile_broker['broker-use-load-checker'] in ('1', 'true', 'TRUE', 'True')): return True return False -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 16/17: x2gobroker/agent.py: Fix failing execution of LOCAL broker agent. As the LOCAL broker agent is executed setuid root, we cannot Popen.terminate() (which is unneeded anyway) the process after its execution.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 93a6974ec2fdd1c3a7958e815ab330ecaf1747bf Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Dec 14 09:43:15 2018 +0100 x2gobroker/agent.py: Fix failing execution of LOCAL broker agent. As the LOCAL broker agent is executed setuid root, we cannot Popen.terminate() (which is unneeded anyway) the process after its execution. --- debian/changelog | 4 ++++ x2gobroker/agent.py | 9 ++++++--- x2gobroker/brokers/base_broker.py | 4 ++-- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/debian/changelog b/debian/changelog index 6138397..752f29c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -92,6 +92,10 @@ x2gobroker (0.0.4.0-0x2go1) UNRELEASED; urgency=medium - x2gobroker/tests/test_broker_agent.py: Assure that tests are run without loadchecker usage. - broker-use-load-checker profile option: Also tolerate 'TRUE' and 'True'. + - x2gobroker/agent.py: Fix failing execution of LOCAL broker agent. As + the LOCAL broker agent is executed setuid root, we cannot + Popen.terminate() (which is unneeded anyway) the process after its + execution. * debian/*: + Trigger Makefile's install target and install those files. Drop debhelper from-source-installation magic. diff --git a/x2gobroker/agent.py b/x2gobroker/agent.py index 935c330..22a5527 100644 --- a/x2gobroker/agent.py +++ b/x2gobroker/agent.py @@ -136,11 +136,14 @@ def _call_local_broker_agent(username, task, cmdline_args=[], logger=None): stderr=subprocess.STDOUT, shell=False, ) - result = agent_process.stdout.read().decode().split('\n') - agent_process.terminate() + + logger.info('Executing agent command succeeded.') + # skipping process terminating (not needed and not permitted + # as the broker agent is installed setuid root. agent_process.communicate() - except OSError: + except OSError as e: + logger.warning('Executing agent command failed. Error message is: {emsg}.'.format(emsg=str(e))) result = None if result: diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py index d8e1847..562620c 100644 --- a/x2gobroker/brokers/base_broker.py +++ b/x2gobroker/brokers/base_broker.py @@ -1269,8 +1269,8 @@ class X2GoBroker(object): if 'status' in profile and profile['status']: logger_broker.debug('base_broker.X2GoBroker.get_profile_for_user(): marking session profile {name} as {status}'.format(name=profile['name'], status=profile['status'])) - except x2gobroker.x2gobroker_exceptions.X2GoBrokerAgentException: - pass + except x2gobroker.x2gobroker_exceptions.X2GoBrokerAgentException as e: + logger_broker.warning('base_broker.X2GoBroker.get_profile_for_user(): broker agent call failed. Error message is: {errmsg}'.format(errmsg=str(e))) else: profile['host'] = [profile['host'][0]] -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

git-admin＠x2go.org

8:56 a.m.

New subject: [x2gobroker] 17/17: HTTP broker: Add &login=<server_user> support to plain and json broker frontends.

This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch master in repository x2gobroker. commit 9fa371e903671dcc6c7eef8bd0cbefd83f1e067f Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Fri Dec 14 09:53:42 2018 +0100 HTTP broker: Add &login=<server_user> support to plain and json broker frontends. --- debian/changelog | 2 ++ x2gobroker/tests/test_web_plain_base.py | 21 +++++++++++++++++++++ x2gobroker/web/json.py | 19 +++++++++++-------- x2gobroker/web/plain.py | 19 +++++++++++-------- 4 files changed, 45 insertions(+), 16 deletions(-) diff --git a/debian/changelog b/debian/changelog index 752f29c..24d8990 100644 --- a/debian/changelog +++ b/debian/changelog @@ -83,6 +83,8 @@ x2gobroker (0.0.4.0-0x2go1) UNRELEASED; urgency=medium - x2gobroker/loadchecker.py: Avoid rare cases where at the end of a load checking cycle a negative sleep time would have been calculated. (Fixes: #1315). Thanks to Walid Moghrabi for catching this. + - HTTP broker: Add &login=<server_user> support to plain and json broker + frontends. - SSH broker: Add --login option. This now supports X2Go Broker user and X2Go Server username being different accounts. - bin/x2gobroker: Correctly use split_host_address() function call. diff --git a/x2gobroker/tests/test_web_plain_base.py b/x2gobroker/tests/test_web_plain_base.py index 0e6e255..35b2718 100644 --- a/x2gobroker/tests/test_web_plain_base.py +++ b/x2gobroker/tests/test_web_plain_base.py @@ -83,6 +83,27 @@ auth-mech = testsuite r.mustcontain('Access granted') x2gobroker.defaults.X2GOBROKER_CONFIG = _cf_bak + ### TEST RESPONSE: simple authentication with user name and login name (check_access) + + def test_checkaccess_user_and_login(self): + testApp = TestApp(application) + r = testApp.get('/plain/base/', expect_errors=True) + assert_equal(r.status, 404) + _config = """ +[broker_base] +enable = true +auth-mech = testsuite +""" + tf = tempfile.NamedTemporaryFile(mode='w') + tf.write(_config) + tf.seek(0) + _cf_bak = x2gobroker.defaults.X2GOBROKER_CONFIG + x2gobroker.defaults.X2GOBROKER_CONFIG = tf.name + r = testApp.get('/plain/base/', params={'user': 'test', 'login': 'test_user_on_server', 'password': 'sweet', }, expect_errors=True) + assert_equal(r.status, 200) + r.mustcontain('Access granted') + x2gobroker.defaults.X2GOBROKER_CONFIG = _cf_bak + ### TEST RESPONSE: simple authentication with accentuated chars in password (check_access) def test_checkaccess_with_accentuated_chars(self): diff --git a/x2gobroker/web/json.py b/x2gobroker/web/json.py index c96c2ef..a802866 100644 --- a/x2gobroker/web/json.py +++ b/x2gobroker/web/json.py @@ -105,7 +105,10 @@ class X2GoBrokerWeb(_RequestHandler): logger_error.error('client could not provide an IP address, pretending: 404 Not Found') raise tornado.web.HTTPError(404) - username = self.get_argument('user', default='') + broker_username = self.get_argument('user', default='') + server_username = self.get_argument('login', default='') + if not server_username: + server_username = broker_username password = self.get_argument('password', default='', strip=False) cookie = self.get_argument('authid', default='') pubkey = self.get_argument('pubkey', default='') @@ -121,12 +124,12 @@ class X2GoBrokerWeb(_RequestHandler): 'task': task, } - username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='pre_auth_scripts', username=username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie) + broker_username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='pre_auth_scripts', username=broker_username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie) - logger_broker.debug ('username: {username}, password: {password}, task: {task}, profile_id: {profile_id}, cookie: {cookie}'.format(username=username, password='XXXXX', task=task, profile_id=profile_id, cookie=cookie)) - access, next_cookie = broker_backend.check_access(username=username, password=password, ip=ip, cookie=cookie) + logger_broker.debug ('username: {username}, password: {password}, task: {task}, profile_id: {profile_id}, cookie: {cookie}'.format(broker_username=broker_username, server_username=server_username, password='XXXXX', task=task, profile_id=profile_id, cookie=cookie)) + access, next_cookie = broker_backend.check_access(username=broker_username, password=password, ip=ip, cookie=cookie) - username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='post_auth_scripts', username=username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access) + broker_username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='post_auth_scripts', username=broker_username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access) if access: @@ -161,7 +164,7 @@ class X2GoBrokerWeb(_RequestHandler): if task == 'listsessions' or task == 'listprofiles': payload.update({ - 'profiles': broker_backend.list_profiles(username), + 'profiles': broker_backend.list_profiles(username=broker_username), }) elif task == 'selectsession': @@ -173,9 +176,9 @@ class X2GoBrokerWeb(_RequestHandler): selected_session = {} - profile_info = broker_backend.select_session(profile_id=profile_id, username=username, pubkey=pubkey) + profile_info = broker_backend.select_session(profile_id=profile_id, username=server_username, pubkey=pubkey) if 'server' in profile_info: - username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='select_session_scripts', username=username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access, server=profile_info['server']) + server_username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='select_session_scripts', username=server_username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access, server=profile_info['server']) selected_session['server'] = "{server}".format(server=server) if 'port' in profile_info: selected_session['port'] = "{port}".format(port=profile_info['port']) diff --git a/x2gobroker/web/plain.py b/x2gobroker/web/plain.py index 36c84cb..9b1a17e 100644 --- a/x2gobroker/web/plain.py +++ b/x2gobroker/web/plain.py @@ -101,7 +101,10 @@ class X2GoBrokerWeb(_RequestHandler): logger_error.error('client could not provide an IP address, pretending: 404 Not Found') raise tornado.web.HTTPError(404) - username = self.get_argument('user', default='') + broker_username = self.get_argument('user', default='') + server_username = self.get_argument('login', default='') + if not server_username: + server_username = broker_username password = self.get_argument('password', default='', strip=False) cookie = self.get_argument('authid', default='') pubkey = self.get_argument('pubkey', default='') @@ -111,12 +114,12 @@ class X2GoBrokerWeb(_RequestHandler): output = '' - username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='pre_auth_scripts', username=username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie) + broker_username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='pre_auth_scripts', username=broker_username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie) - logger_broker.debug ('username: {username}, password: {password}, task: {task}, profile_id: {profile_id}, cookie: {cookie}'.format(username=username, password='XXXXX', task=task, profile_id=profile_id, cookie=cookie)) - access, next_cookie = broker_backend.check_access(username=username, password=password, ip=ip, cookie=cookie) + logger_broker.debug ('broker_username: {broker_username}, server_username: {server_username}, password: {password}, task: {task}, profile_id: {profile_id}, cookie: {cookie}'.format(broker_username=broker_username, server_username=server_username, password='XXXXX', task=task, profile_id=profile_id, cookie=cookie)) + access, next_cookie = broker_backend.check_access(username=broker_username, password=password, ip=ip, cookie=cookie) - username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='post_auth_scripts', username=username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access) + broker_username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='post_auth_scripts', username=broker_username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access) if access: @@ -144,7 +147,7 @@ class X2GoBrokerWeb(_RequestHandler): if task == 'listsessions': - profiles = broker_backend.list_profiles(username) + profiles = broker_backend.list_profiles(broker_username) if profiles: output += "START_USER_SESSIONS\n\n" profile_ids = list(profiles.keys()) @@ -168,10 +171,10 @@ class X2GoBrokerWeb(_RequestHandler): if profile_id: - profile_info = broker_backend.select_session(profile_id=profile_id, username=username, pubkey=pubkey) + profile_info = broker_backend.select_session(profile_id=profile_id, username=server_username, pubkey=pubkey) if 'server' in profile_info: - username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='select_session_scripts', username=username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access, server=profile_info['server']) + server_username, password, task, profile_id, ip, cookie, authed, server = broker_backend.run_optional_script(script_type='select_session_scripts', username=server_username, password=password, task=task, profile_id=profile_id, ip=ip, cookie=cookie, authed=access, server=profile_info['server']) output += "SERVER:" output += server if 'port' in profile_info: -- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

2367

Age (days ago)

2367

Last active (days ago)

x2go-commits@lists.x2go.org

17 comments

1 participants

tags (0)

participants (1)

git-admin＠x2go.org