Hi Alex, please explain the reasoning behind this API change in the SSH broker call. This commit currently breaks SSH brokerage in X2Go Session Broker and I would like to fix it. So, what do you intend with the additional --login option? How is the broker supposed to react? Mike On Mi 05 Sep 2018 14:25:44 CEST, git-admin wrote:
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master in repository x2goclient.
commit e7e74df029a1bd7d86a03c7f72f5b555eb6c5b0e Author: Oleksandr Shneyder <o.shneyder@phoca-gmbh.de> Date: Wed Sep 5 14:25:33 2018 +0200
Client now sends "login" parameter to the broker when executing
task "selectsession". Before client just sent a username on the broker and it was imposiible to find out user name on X2Go server, which is not always the same as broker username. This won't break a compatibility with previous broker as they just will ignore this parameter.
debian/changelog | 5 +++++ src/httpbrokerclient.cpp | 23 +++++++++++++++-------- src/httpbrokerclient.h | 2 +- src/onmainwindow.cpp | 2 +- 4 files changed, 22 insertions(+), 10 deletions(-)
diff --git a/debian/changelog b/debian/changelog index dc01147..0a43c2d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -17,6 +17,11 @@ x2goclient (4.1.2.2-0x2go1) UNRELEASED; urgency=medium - Broker can send to client command to suspend or terminate the session as an answer to the client event message. For this broker should send to client SUSPEND ID or TERMINATE ID.
- Client now sends "login" parameter to the broker when executing task
broker and it was"selectsession". Before client just sent a username on the
always theimposiible to find out user name on X2Go server, which is not
with previoussame as broker username. This won't break a compatibility
[ Mihai Moldovan ]broker as they just will ignore this parameter.
- New upstream version (4.1.2.2): diff --git a/src/httpbrokerclient.cpp b/src/httpbrokerclient.cpp index 6110866..02a69c9 100644 --- a/src/httpbrokerclient.cpp +++ b/src/httpbrokerclient.cpp @@ -313,9 +313,9 @@ void HttpBrokerClient::getUserSessions() } }
-void HttpBrokerClient::selectUserSession(const QString& session) +void HttpBrokerClient::selectUserSession(const QString& session, const QString& loginName) {
- x2goDebug<<"Called selectUserSession for session "<<session<<".";
- x2goDebug<<"Called selectUserSession for session "<<session<<", "<<"loginName "<<loginName; QString brokerUser=config->brokerUser; if(mainWindow->getUsePGPCard()) brokerUser=mainWindow->getCardLogin(); @@ -329,6 +329,10 @@ void HttpBrokerClient::selectUserSession(const QString& session)
"user="<<QUrl::toPercentEncoding(brokerUser)<<"&"<< "password="<<QUrl::toPercentEncoding(config->brokerPass)<<"&"<< "authid="<<nextAuthId;
if(loginName.length()>0)
{
<<"&login="<<QUrl::toPercentEncoding(loginName);QTextStream ( &req )
"application/x-www-form-urlencoded"); @@ -337,13 +341,16 @@ void HttpBrokerClient::selectUserSession(const QString& session) } else {} x2goDebug << "Sending request: "<< req.toUtf8(); QNetworkRequest request(QUrl(config->brokerurl)); request.setHeader(QNetworkRequest::ContentTypeHeader,
if (nextAuthId.length() > 0) {
--user "+ brokerUser +" --authid "+nextAuthId+ " --task selectsession --sid \""+session+"\"",sshConnection->executeCommand ( config->sshBrokerBin+"
slotSelectSession(bool,QString,int)));this,SLOT (
} else {
--user "+ brokerUser +" --task selectsession --sid \""+session+"\"",sshConnection->executeCommand ( config->sshBrokerBin+"
slotSelectSession(bool,QString,int)));this,SLOT (
QString sshCmd=config->sshBrokerBin+" --user "+ brokerUser
- " --task selectsession --sid \""+session+"\"";
if(nextAuthId.length() > 0)
{
sshCmd+=" --authid "+nextAuthId;
}
if(loginName.length() > 0)
{
sshCmd+=" --login " + loginName; }
slotSelectSession(bool,QString,int))); }sshConnection->executeCommand (sshCmd, this,SLOT (
} diff --git a/src/httpbrokerclient.h b/src/httpbrokerclient.h index 24f52f3..73ae2ef 100644 --- a/src/httpbrokerclient.h +++ b/src/httpbrokerclient.h @@ -41,7 +41,7 @@ class HttpBrokerClient: public QObject public: HttpBrokerClient ( ONMainWindow* wnd, ConfigFile* cfg ); ~HttpBrokerClient();
- void selectUserSession(const QString& session );
- void selectUserSession(const QString& session, const QString& loginName); void changePassword(QString newPass); void testConnection(); void closeSSHInteractionDialog(); diff --git a/src/onmainwindow.cpp b/src/onmainwindow.cpp index 8aa5078..52e765c 100644 --- a/src/onmainwindow.cpp +++ b/src/onmainwindow.cpp @@ -3325,7 +3325,7 @@ void ONMainWindow::slotSessEnter() return; } #endif
broker->selectUserSession(sessionExplorer->getLastSession()->id());
- broker->selectUserSession(sessionExplorer->getLastSession()->id(),login->text()); config.session=sessionExplorer->getLastSession()->id(); setStatStatus ( tr ( "Connecting to broker" ) ); stInfo->insertPlainText ( "broker url: "+config.brokerurl );
-- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
-- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
Hi Mike, this parameter is needed for the case if brokeruser and x2gouser are not same. Until this commit X2Go client only sent broker login to the broker, and not login name on x2go server. So if you are connecting to broker with name user1 and after this you want to connect to x2go server as user2, it was impossible to find out the list of sessions running for user2 on x2go server. Now X2Go client sends both logins (on broker and on x2go server). There are plenty use cases, where this information can be used. Another case when several broker users sharing same accounts on x2go servers. In this case you can track connection between X2Go Users and Broker Users. Anyway this should not brake any previous setups. X2Go Broker should just ignore arguments which are not supported. Regards Alex Am 28.11.2018 um 16:13 schrieb Mike Gabriel:
Hi Alex,
please explain the reasoning behind this API change in the SSH broker call.
This commit currently breaks SSH brokerage in X2Go Session Broker and I would like to fix it.
So, what do you intend with the additional --login option? How is the broker supposed to react?
Mike
On Mi 05 Sep 2018 14:25:44 CEST, git-admin wrote:
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master in repository x2goclient.
commit e7e74df029a1bd7d86a03c7f72f5b555eb6c5b0e Author: Oleksandr Shneyder <o.shneyder@phoca-gmbh.de> Date: Wed Sep 5 14:25:33 2018 +0200
Client now sends "login" parameter to the broker when executing task "selectsession". Before client just sent a username on the broker and it was imposiible to find out user name on X2Go server, which is not always the same as broker username. This won't break a compatibility with previous broker as they just will ignore this parameter.
debian/changelog | 5 +++++ src/httpbrokerclient.cpp | 23 +++++++++++++++-------- src/httpbrokerclient.h | 2 +- src/onmainwindow.cpp | 2 +- 4 files changed, 22 insertions(+), 10 deletions(-)
diff --git a/debian/changelog b/debian/changelog index dc01147..0a43c2d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -17,6 +17,11 @@ x2goclient (4.1.2.2-0x2go1) UNRELEASED; urgency=medium - Broker can send to client command to suspend or terminate the session as an answer to the client event message. For this broker should send to client SUSPEND ID or TERMINATE ID. + - Client now sends "login" parameter to the broker when executing task + "selectsession". Before client just sent a username on the broker and it was + imposiible to find out user name on X2Go server, which is not always the + same as broker username. This won't break a compatibility with previous + broker as they just will ignore this parameter.
[ Mihai Moldovan ] * New upstream version (4.1.2.2): diff --git a/src/httpbrokerclient.cpp b/src/httpbrokerclient.cpp index 6110866..02a69c9 100644 --- a/src/httpbrokerclient.cpp +++ b/src/httpbrokerclient.cpp @@ -313,9 +313,9 @@ void HttpBrokerClient::getUserSessions() } }
-void HttpBrokerClient::selectUserSession(const QString& session) +void HttpBrokerClient::selectUserSession(const QString& session, const QString& loginName) { - x2goDebug<<"Called selectUserSession for session "<<session<<"."; + x2goDebug<<"Called selectUserSession for session "<<session<<", "<<"loginName "<<loginName; QString brokerUser=config->brokerUser; if(mainWindow->getUsePGPCard()) brokerUser=mainWindow->getCardLogin(); @@ -329,6 +329,10 @@ void HttpBrokerClient::selectUserSession(const QString& session) "user="<<QUrl::toPercentEncoding(brokerUser)<<"&"<< "password="<<QUrl::toPercentEncoding(config->brokerPass)<<"&"<< "authid="<<nextAuthId; + if(loginName.length()>0) + { + QTextStream ( &req ) <<"&login="<<QUrl::toPercentEncoding(loginName); + } x2goDebug << "Sending request: "<< req.toUtf8(); QNetworkRequest request(QUrl(config->brokerurl)); request.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded"); @@ -337,13 +341,16 @@ void HttpBrokerClient::selectUserSession(const QString& session) } else { - if (nextAuthId.length() > 0) { - sshConnection->executeCommand ( config->sshBrokerBin+" --user "+ brokerUser +" --authid "+nextAuthId+ " --task selectsession --sid \""+session+"\"", - this,SLOT ( slotSelectSession(bool,QString,int))); - } else { - sshConnection->executeCommand ( config->sshBrokerBin+" --user "+ brokerUser +" --task selectsession --sid \""+session+"\"", - this,SLOT ( slotSelectSession(bool,QString,int))); + QString sshCmd=config->sshBrokerBin+" --user "+ brokerUser + " --task selectsession --sid \""+session+"\""; + if(nextAuthId.length() > 0) + { + sshCmd+=" --authid "+nextAuthId; + } + if(loginName.length() > 0) + { + sshCmd+=" --login " + loginName; } + sshConnection->executeCommand (sshCmd, this,SLOT ( slotSelectSession(bool,QString,int))); }
} diff --git a/src/httpbrokerclient.h b/src/httpbrokerclient.h index 24f52f3..73ae2ef 100644 --- a/src/httpbrokerclient.h +++ b/src/httpbrokerclient.h @@ -41,7 +41,7 @@ class HttpBrokerClient: public QObject public: HttpBrokerClient ( ONMainWindow* wnd, ConfigFile* cfg ); ~HttpBrokerClient(); - void selectUserSession(const QString& session ); + void selectUserSession(const QString& session, const QString& loginName); void changePassword(QString newPass); void testConnection(); void closeSSHInteractionDialog(); diff --git a/src/onmainwindow.cpp b/src/onmainwindow.cpp index 8aa5078..52e765c 100644 --- a/src/onmainwindow.cpp +++ b/src/onmainwindow.cpp @@ -3325,7 +3325,7 @@ void ONMainWindow::slotSessEnter() return; } #endif - broker->selectUserSession(sessionExplorer->getLastSession()->id()); + broker->selectUserSession(sessionExplorer->getLastSession()->id(),login->text());
config.session=sessionExplorer->getLastSession()->id(); setStatStatus ( tr ( "Connecting to broker" ) ); stInfo->insertPlainText ( "broker url: "+config.brokerurl );
-- Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
x2go-commits mailing list x2go-commits@lists.x2go.org https://lists.x2go.org/listinfo/x2go-commits
x2go-dev mailing list x2go-dev@lists.x2go.org https://lists.x2go.org/listinfo/x2go-dev
-- ----------------------------------------------------------- Oleksandr Shneyder | Email: o.shneyder@phoca-gmbh.de phoca GmbH | Tel. : 0911 - 14870374 0 Schleiermacherstr. 2 | Fax. : 0911 - 14870374 9 D-90491 Nürnberg | Mobil: 0163 - 49 64 461 Geschäftsführung: Dipl.-Inf. Oleksandr Shneyder Amtsgericht München | http://www.phoca-gmbh.de HRB 196 658 | http://www.x2go.org USt-IdNr.: DE281977973 -----------------------------------------------------------
Hi Alex,
On Mi 28 Nov 2018 17:03:52 CET, Oleksandr Shneyder wrote:
Hi Mike,
this parameter is needed for the case if brokeruser and x2gouser are not same. Until this commit X2Go client only sent broker login to the broker, and not login name on x2go server. So if you are connecting to broker with name user1 and after this you want to connect to x2go server as user2, it was impossible to find out the list of sessions running for user2 on x2go server. Now X2Go client sends both logins (on broker and on x2go server). There are plenty use cases, where this information can be used. Another case when several broker users sharing same accounts on x2go servers. In this case you can track connection between X2Go Users and Broker Users.
Anyway this should not brake any previous setups. X2Go Broker should just ignore arguments which are not supported.
Regards Alex
I have added the login feature now to the X2Go Session Broker.
I encountered one corner case:
login into broker with X2Go Client for user A
the broker sends over one session profile that has broker agent support and can query the X2Go Server in the profile for running/suspended sessions
if there are sessions running/suspended for the broker user, then it reports that there is a session running or suspended (for the broker user)
if I now login with a user B (so another user as the broker user), I get (of course) a new session
Do you have a concept for this behaviour? Or do you simply deactivate
session resuming for setups where broker user != server user?
DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
Hi Mike,
My customers have different brokers. Some of them giving back sessions, depending on broker login, other on x2go server login. One of the examples:
I'm logged on the broker as "Alex", you logged on the broker as "Mike". Both of us logged on the one of the servers in server pool "Lab-1" as user "labuser". We suspending our sessions. When we are logging to broker next time, I'll get my session and you yours. In the server pool "Lab-2", however, I want that broker user "Alex" could resume all sessions started by X2Go user "labuser". And maybe user "admin" could resume all sessions, doesn't matter who started them. And so on. Different customers have different use cases. I'm creating the brokers for the customers to perfectly fit into their infrastructure. All brokers are different. It's like a tailor suite. This is why I never supported a "legacy" broker. "Legacy" broker means that customers supposed to adapt their infrastructure to our solution. And it's exactly the opposite of what I wanted to achieve with X2Go broker.
regards Alex
Am 14.12.18 um 10:02 schrieb Mike Gabriel:
Hi Alex,
On Mi 28 Nov 2018 17:03:52 CET, Oleksandr Shneyder wrote:
Hi Mike,
this parameter is needed for the case if brokeruser and x2gouser are not same. Until this commit X2Go client only sent broker login to the broker, and not login name on x2go server. So if you are connecting to broker with name user1 and after this you want to connect to x2go server as user2, it was impossible to find out the list of sessions running for user2 on x2go server. Now X2Go client sends both logins (on broker and on x2go server). There are plenty use cases, where this information can be used. Another case when several broker users sharing same accounts on x2go servers. In this case you can track connection between X2Go Users and Broker Users.
Anyway this should not brake any previous setups. X2Go Broker should just ignore arguments which are not supported.
Regards Alex
I have added the login feature now to the X2Go Session Broker.
I encountered one corner case:
* login into broker with X2Go Client for user A * the broker sends over one session profile that has broker agent support and can query the X2Go Server in the profile for running/suspended sessions * if there are sessions running/suspended for the broker user, then it reports that there is a session running or suspended (for the broker user)
* if I now login with a user B (so another user as the broker user), I get (of course) a new session
Do you have a concept for this behaviour? Or do you simply deactivate session resuming for setups where broker user != server user?
Greets, Mike
Oleksandr Shneyder | Email: o.shneyder@phoca-gmbh.de phoca GmbH | Tel. : 0911 - 14870374 0 Schleiermacherstr. 2 | Fax. : 0911 - 14870374 9 D-90491 Nürnberg | Mobil: 0163 - 49 64 461
Geschäftsführung: Dipl.-Inf. Oleksandr Shneyder
Hi Alex,
On Fr 14 Dez 2018 12:24:39 CET, Oleksandr Shneyder wrote:
Hi Mike,
My customers have different brokers. Some of them giving back sessions, depending on broker login, other on x2go server login. One of the examples:
I'm logged on the broker as "Alex", you logged on the broker as "Mike". Both of us logged on the one of the servers in server pool "Lab-1" as user "labuser". We suspending our sessions. When we are logging to broker next time, I'll get my session and you yours.
I'm ok with the final login result of this model. The X2Go Session
Broker can now handle this, I think.
However, I am concerned about the session cards in X2Go Client. When I
log into the broker, X2Go Client's session cards notify me about
running or suspended sessions. At this time, the only know username is
the broker user. Of course, I can put the X2Go Server user already
into the session profile.
How do you handle the display of "running session" / "suspended
session" [1] on the session profile cards?
[1]
https://code.x2go.org/gitweb?p=x2goclient.git;a=blob;f=src/sessionbutton.cpp...
In the server pool "Lab-2", however, I want that broker user "Alex" could resume all sessions started by X2Go user "labuser". And maybe user "admin" could resume all sessions, doesn't matter who started them. And so on. Different customers have different use cases. I'm creating the brokers for the customers to perfectly fit into their infrastructure. All brokers are different. It's like a tailor suite. This is why I never supported a "legacy" broker. "Legacy" broker means that customers supposed to adapt their infrastructure to our solution. And it's exactly the opposite of what I wanted to achieve with X2Go broker.
Please note that you could add such use cases easily as custom broker
backends in X2Go Session Broker.
E.g. I wrote a simple zeroconf broker backend as example: https://code.x2go.org/gitweb?p=x2gobroker.git;a=blob;f=x2gobroker/brokers/ze...
Also authentication backends (called mechanisms) can be customized, so
can nameservice backends (mechanisms):
https://code.x2go.org/gitweb?p=x2gobroker.git;a=tree;f=x2gobroker/authmechs;...
https://code.x2go.org/gitweb?p=x2gobroker.git;a=tree;f=x2gobroker/nameservic...
I am pretty sure that you would be much faster using the existing
framework when implementing special use cases.
DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139
GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
Hi Mike Am 21.12.18 um 07:49 schrieb Mike Gabriel:
Hi Alex,
On Fr 14 Dez 2018 12:24:39 CET, Oleksandr Shneyder wrote:
Hi Mike,
My customers have different brokers. Some of them giving back sessions, depending on broker login, other on x2go server login. One of the examples:
I'm logged on the broker as "Alex", you logged on the broker as "Mike". Both of us logged on the one of the servers in server pool "Lab-1" as user "labuser". We suspending our sessions. When we are logging to broker next time, I'll get my session and you yours.
I'm ok with the final login result of this model. The X2Go Session Broker can now handle this, I think.
However, I am concerned about the session cards in X2Go Client. When I log into the broker, X2Go Client's session cards notify me about running or suspended sessions. At this time, the only know username is the broker user. Of course, I can put the X2Go Server user already into the session profile.
How do you handle the display of "running session" / "suspended session" [1] on the session profile cards?
same here. Different use cases - different solutions. In some cases username on server is saved in session file. In other cases x2go broker get the user sessions from broker database. This details I'm usually discussing with customer and we deciding together what is the best solution.
[1] https://code.x2go.org/gitweb?p=x2goclient.git;a=blob;f=src/sessionbutton.cpp...
In the server pool "Lab-2", however, I want that broker user "Alex" could resume all sessions started by X2Go user "labuser". And maybe user "admin" could resume all sessions, doesn't matter who started them. And so on. Different customers have different use cases. I'm creating the brokers for the customers to perfectly fit into their infrastructure. All brokers are different. It's like a tailor suite. This is why I never supported a "legacy" broker. "Legacy" broker means that customers supposed to adapt their infrastructure to our solution. And it's exactly the opposite of what I wanted to achieve with X2Go broker.
Please note that you could add such use cases easily as custom broker backends in X2Go Session Broker.
E.g. I wrote a simple zeroconf broker backend as example: https://code.x2go.org/gitweb?p=x2gobroker.git;a=blob;f=x2gobroker/brokers/ze...
Also authentication backends (called mechanisms) can be customized, so can nameservice backends (mechanisms): https://code.x2go.org/gitweb?p=x2gobroker.git;a=tree;f=x2gobroker/authmechs;...
https://code.x2go.org/gitweb?p=x2gobroker.git;a=tree;f=x2gobroker/nameservic...
I am pretty sure that you would be much faster using the existing framework when implementing special use cases.
Greets, Mike
Oleksandr Shneyder | Email: o.shneyder@phoca-gmbh.de phoca GmbH | Tel. : 0911 - 14870374 0 Schleiermacherstr. 2 | Fax. : 0911 - 14870374 9 D-90491 Nürnberg | Mobil: 0163 - 49 64 461
Geschäftsführung: Dipl.-Inf. Oleksandr Shneyder