[X2go-Commits] x2gobroker.git - build-main (branch) updated: 0.0.0.5
X2Go dev team
git-admin at x2go.org
Wed Feb 27 23:04:09 CET 2013
The branch, build-main has been updated
via 7e5e1ad8a8a887538da50ace3749a61316b28e99 (commit)
via 262161e5f0f2e96deebe2148debe99f1f1a2695c (commit)
via 494435a3152cd717db7aba400e1af35bb2855c15 (commit)
via a25cfc15542296060bebe12ee62c91673c1908ac (commit)
via 871654331405e3dc1a4843a1238a494c2a5dbe48 (commit)
via 085e68d5cc5cdb474e657628e4a3ee522c9c0597 (commit)
via 3238daa895272688cbe6ac4ccc7bf83a55be1f7f (commit)
via b275427d44a1c77809efc0aff85bd2577e8448ad (commit)
via 2768dbfc6d12dd6f6e57add35208efeedb605147 (commit)
via 1318e7fd87ac003f9547b4a9337f3ea0f1ac1253 (commit)
via dca80a8fb0efb3eb45e136ddf541f8074cac93e7 (commit)
via af748b18e58a4b05eefb84559a30901cfa9fada4 (commit)
via e999834af45e0c6d3b603cdf79341abbbbbc1834 (commit)
via 2b6b1a6ab08fe4a723406812ffdce202ca2f0ea4 (commit)
via c6d2b8b91fe67cf9d751131ed0cdab98eb1b0477 (commit)
from d35a5187a6fc31f8ea9c9f7321b6421d7cb3e1d0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
Makefile | 6 +-
debian/changelog | 21 ++++++
debian/control | 1 +
debian/python-x2gobroker.default | 4 ++
debian/x2gobroker-daemon.default | 2 +-
sbin/x2gobroker | 17 +++--
sbin/x2gobroker-keygen | 3 +
sbin/x2gobroker-pubkeyauthorizer | 2 +-
x2gobroker/__init__.py | 2 +-
x2gobroker/_paramiko.py | 133 ++++++++++++++++++++++++++++++++++++++
x2gobroker/agent.py | 7 +-
x2gobroker/defaults.py | 4 ++
x2gobroker/utils.py | 23 +++++++
x2gobroker/web/extras.py | 4 ++
14 files changed, 214 insertions(+), 15 deletions(-)
create mode 100644 x2gobroker/_paramiko.py
The diff of changes is:
diff --git a/Makefile b/Makefile
index 07428f6..3c90c45 100755
--- a/Makefile
+++ b/Makefile
@@ -23,9 +23,9 @@
SRC_DIR=$(CURDIR)
SHELL=/bin/bash
-INSTALL_DIR=install -d -o root -g root -m 755
-INSTALL_FILE=install -o root -g root -m 644
-INSTALL_PROGRAM=install -o root -g root -m 755
+INSTALL_DIR=install -dm 755
+INSTALL_FILE=install -m 644
+INSTALL_PROGRAM=install -m 755
CC ?= gcc
CFLAGS += -fPIE
diff --git a/debian/changelog b/debian/changelog
index 2bf6d00..ceb4877 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,24 @@
+x2gobroker (0.0.0.5-0~x2go1) unstable; urgency=low
+
+ [ Mike Gabriel ]
+ * New upstream version (0.0.0.5):
+ - Prepare for WSGI based integration into an external httpd.
+ - Monkey patch Paramiko/SSH (adopted from Python X2Go).
+ - Add variable X2GOBROKER_AGENT_USER, so that remote broker
+ agents can theoretically run under another (i.e. != x2gobroker)
+ user ID.
+ - Properly set the Paramiko/SSH missing hostkey policy.
+ * /debian/control:
+ + Add dependency to python-x2gobroker: python-paramiko.
+ * /debian/x2gobroker-daemon.default:
+ + Fix variable names for SSL suport.
+
+ [ Jan Engelhardt ]
+ * New upstream version (0.0.0.5):
+ - Avoid using install -o/-g.
+
+ -- Mike Gabriel <mike.gabriel at das-netzwerkteam.de> Wed, 27 Feb 2013 23:02:33 +0100
+
x2gobroker (0.0.0.4-0~x2go1) unstable; urgency=low
* New upstream version (0.0.0.4):
diff --git a/debian/control b/debian/control
index 07868bd..3190f5c 100644
--- a/debian/control
+++ b/debian/control
@@ -151,6 +151,7 @@ Depends:
python-pampy,
python-netaddr,
python-webpy (>= 1:0.37),
+ python-paramiko,
Suggests:
apache2 | httpd,
Description: X2Go http(s) based session broker (Python modules)
diff --git a/debian/python-x2gobroker.default b/debian/python-x2gobroker.default
index f34e313..0907b79 100644
--- a/debian/python-x2gobroker.default
+++ b/debian/python-x2gobroker.default
@@ -7,6 +7,10 @@
#X2GOBROKER_DAEMON_USER=x2gobroker
#X2GOBROKER_DAEMON_GROUP=x2gobroker
+# The posix user under which the x2gobroker-agent can be launched on
+# remote X2Go Servers.
+#X2GOBROKER_AGENT_USER=x2gobroker
+
# Run X2Go Session Broker in debug mode, this will make the broker
# available through http GET method calls (otherwise: POST method
# only) and you will be able to test the broker through your web
diff --git a/debian/x2gobroker-daemon.default b/debian/x2gobroker-daemon.default
index bff0410..eb76c1b 100644
--- a/debian/x2gobroker-daemon.default
+++ b/debian/x2gobroker-daemon.default
@@ -20,4 +20,4 @@ START_BROKER=true
#X2GOBROKER_SSL_CERTFILE=/etc/x2go/broker/ssl/broker.crt
# SSL key file (ensure permissions are set to root:x2gobroker:0640)
-#X2GOBROKER_SSL_CERTFILE=/etc/x2go/broker/ssl/broker.key
+#X2GOBROKER_SSL_KEYFILE=/etc/x2go/broker/ssl/broker.key
diff --git a/sbin/x2gobroker b/sbin/x2gobroker
index 846a7e5..66c51da 100755
--- a/sbin/x2gobroker
+++ b/sbin/x2gobroker
@@ -98,6 +98,12 @@ if __name__ == "__main__":
# some people just give the port but prepend a colon, webpy does not like this, so we strip if off
cmdline_args.bind = cmdline_args.bind.lstrip(':')
+ # tweak cmdline args so that they become suitable for the web.py framework
+ if len(sys.argv) <= 1:
+ sys.argv.append('')
+ sys.argv.append('')
+ sys.argv[1] = cmdline_args.bind
+ sys.argv[2:] = []
# import classes serving the different web.py URLs
import x2gobroker.web.plain
@@ -117,16 +123,13 @@ urls = ( '/plain/(.*)', 'x2gobroker.web.plain.X2GoBrokerWeb',
'/pubkeys/', 'x2gobroker.web.extras.X2GoBrokerPubKeyService',
)
+app = web.application(urls, globals(), autoreload=False)
+app.internalerror = web.debugerror
+application = app.wsgifunc()
+
# run the web.py standalone daemon...
if __name__ == "__main__":
- if len(sys.argv) <= 1:
- sys.argv.append('')
- sys.argv.append('')
- sys.argv[1] = cmdline_args.bind
- sys.argv[2:] = []
try:
- app = web.application(urls, globals())
- app.internalerror = web.debugerror
app.run()
except socket.error, e:
print (e)
diff --git a/sbin/x2gobroker-keygen b/sbin/x2gobroker-keygen
index 2d3c037..e05e4c0 100755
--- a/sbin/x2gobroker-keygen
+++ b/sbin/x2gobroker-keygen
@@ -29,6 +29,9 @@ import logging
import binascii
import paramiko
+import x2gobroker._paramiko
+x2gobroker._paramiko.monkey_patch_paramiko()
+
from pwd import getpwnam
from grp import getgrnam
diff --git a/sbin/x2gobroker-pubkeyauthorizer b/sbin/x2gobroker-pubkeyauthorizer
index 62fed95..55ec630 100755
--- a/sbin/x2gobroker-pubkeyauthorizer
+++ b/sbin/x2gobroker-pubkeyauthorizer
@@ -36,7 +36,7 @@ import logging.config
from pwd import getpwnam
from grp import getgrnam
-__VERSION__ = '0.0.0.4'
+__VERSION__ = '0.0.0.5'
__AUTHOR__ = 'Mike Gabriel (X2Go Project) <mike.gabriel at das-netzwerkteam.de>'
PROG_NAME = os.path.basename(sys.argv[0])
diff --git a/x2gobroker/__init__.py b/x2gobroker/__init__.py
index 576a849..f8ccf70 100644
--- a/x2gobroker/__init__.py
+++ b/x2gobroker/__init__.py
@@ -18,5 +18,5 @@
# Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
-__VERSION__ = '0.0.0.4'
+__VERSION__ = '0.0.0.5'
__AUTHOR__ = 'Mike Gabriel (X2Go Project) <mike.gabriel at das-netzwerkteam.de>'
diff --git a/x2gobroker/_paramiko.py b/x2gobroker/_paramiko.py
new file mode 100644
index 0000000..b83cff3
--- /dev/null
+++ b/x2gobroker/_paramiko.py
@@ -0,0 +1,133 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (C) 2010-2013 by Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
+#
+# Python X2Go is free software; you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# Python X2Go is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program; if not, write to the
+# Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+"""\
+Monkey Patch and feature map for Python Paramiko
+
+"""
+
+import paramiko
+import platform
+from utils import compare_versions
+
+PARAMIKO_VERSION = paramiko.__version__.split()[0]
+PARAMIKO_FEATURE = {
+ 'forward-ssh-agent': compare_versions(PARAMIKO_VERSION, ">=", '1.8.0') and (platform.system() != "Windows"),
+ 'use-compression': compare_versions(PARAMIKO_VERSION, ">=", '1.7.7.1'),
+ 'hash-host-entries': compare_versions(PARAMIKO_VERSION, ">=", '99'),
+ 'host-entries-reloadable': compare_versions(PARAMIKO_VERSION, ">=", '99'),
+ 'preserve-known-hosts': compare_versions(PARAMIKO_VERSION, ">=", '99'),
+}
+
+def _SSHClient_save_host_keys(self, filename):
+ """\
+ FIXME!!! --- this method should become part of Paramiko
+
+ This method has been taken from SSHClient class in Paramiko and
+ has been improved and adapted to latest SSH implementations.
+
+ Save the host keys back to a file.
+ Only the host keys loaded with
+ L{load_host_keys} (plus any added directly) will be saved -- not any
+ host keys loaded with L{load_system_host_keys}.
+
+ @param filename: the filename to save to
+ @type filename: str
+
+ @raise IOError: if the file could not be written
+
+ """
+ # update local host keys from file (in case other SSH clients
+ # have written to the known_hosts file meanwhile.
+ if self.known_hosts is not None:
+ self.load_host_keys(self.known_hosts)
+
+ f = open(filename, 'w')
+ #f.write('# SSH host keys collected by paramiko\n')
+ _host_keys = self.get_host_keys()
+ for hostname, keys in _host_keys.iteritems():
+
+ for keytype, key in keys.iteritems():
+ f.write('%s %s %s\n' % (hostname, keytype, key.get_base64()))
+
+ f.close()
+
+
+def _HostKeys_load(self, filename):
+ """\
+ Read a file of known SSH host keys, in the format used by openssh.
+ This type of file unfortunately doesn't exist on Windows, but on
+ posix, it will usually be stored in
+ C{os.path.expanduser("~/.ssh/known_hosts")}.
+
+ If this method is called multiple times, the host keys are merged,
+ not cleared. So multiple calls to C{load} will just call L{add},
+ replacing any existing entries and adding new ones.
+
+ @param filename: name of the file to read host keys from
+ @type filename: str
+
+ @raise IOError: if there was an error reading the file
+
+ """
+ f = open(filename, 'r')
+ for line in f:
+ line = line.strip()
+ if (len(line) == 0) or (line[0] == '#'):
+ continue
+ e = paramiko.hostkeys.HostKeyEntry.from_line(line)
+ if e is not None:
+ _hostnames = e.hostnames
+ for h in _hostnames:
+ if self.check(h, e.key):
+ e.hostnames.remove(h)
+ if len(e.hostnames):
+ self._entries.append(e)
+ f.close()
+
+
+def _HostKeys_add(self, hostname, keytype, key, hash_hostname=True):
+ """\
+ Add a host key entry to the table. Any existing entry for a
+ C{(hostname, keytype)} pair will be replaced.
+
+ @param hostname: the hostname (or IP) to add
+ @type hostname: str
+ @param keytype: key type (C{"ssh-rsa"} or C{"ssh-dss"})
+ @type keytype: str
+ @param key: the key to add
+ @type key: L{PKey}
+
+ """
+ for e in self._entries:
+ if (hostname in e.hostnames) and (e.key.get_name() == keytype):
+ e.key = key
+ return
+ if not hostname.startswith('|1|') and hash_hostname:
+ hostname = self.hash_host(hostname)
+ self._entries.append(paramiko.hostkeys.HostKeyEntry([hostname], key))
+
+
+def monkey_patch_paramiko():
+ if not PARAMIKO_FEATURE['preserve-known-hosts']:
+ paramiko.SSHClient.save_host_keys = _SSHClient_save_host_keys
+ if not PARAMIKO_FEATURE['host-entries-reloadable']:
+ paramiko.hostkeys.HostKeys.load = _HostKeys_load
+ if not PARAMIKO_FEATURE['hash-host-entries']:
+ paramiko.hostkeys.HostKeys.add = _HostKeys_add
diff --git a/x2gobroker/agent.py b/x2gobroker/agent.py
index 600a361..13dc2af 100644
--- a/x2gobroker/agent.py
+++ b/x2gobroker/agent.py
@@ -22,6 +22,9 @@
import subprocess
import paramiko
+import x2gobroker._paramiko
+x2gobroker._paramiko.monkey_patch_paramiko()
+
# X2Go Broker modules
import x2gobroker.defaults
from x2gobroker.loggers import logger_error
@@ -72,7 +75,7 @@ def call_remote_broker_agent(username, mode, remote_agent):
'{mode}'.format(mode=mode),
]
- remote_username = x2gobroker.defaults.X2GOBROKER_USER
+ remote_username = x2gobroker.defaults.X2GOBROKER_AGENT_USER
remote_hostname = remote_agent[u'hostname']
remote_port = int(remote_agent[u'port'])
@@ -80,7 +83,7 @@ def call_remote_broker_agent(username, mode, remote_agent):
try:
client = paramiko.SSHClient()
client.load_system_host_keys()
- client.set_missing_host_key_policy(paramiko.WarningPolicy)
+ client.set_missing_host_key_policy(paramiko.WarningPolicy())
client.connect(remote_hostname, remote_port, remote_username, look_for_keys=True, allow_agent=True)
result = []
diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py
index 6c377c4..cd0dfd7 100644
--- a/x2gobroker/defaults.py
+++ b/x2gobroker/defaults.py
@@ -34,6 +34,10 @@ if os.environ.has_key('X2GOBROKER_DAEMON_GROUP'):
X2GOBROKER_DAEMON_GROUP=os.environ['X2GOBROKER_DAEMON_GROUP']
else:
X2GOBROKER_DAEMON_GROUP="x2gobroker"
+if os.environ.has_key('X2GOBROKER_AGENT_USER'):
+ X2GOBROKER_AGENT_USER=os.environ['X2GOBROKER_AGENT_USER']
+else:
+ X2GOBROKER_AGENT_USER="x2gobroker"
###
### dynamic default values, influencable through os.environ...
diff --git a/x2gobroker/utils.py b/x2gobroker/utils.py
index 1a74ed8..79f5ed3 100644
--- a/x2gobroker/utils.py
+++ b/x2gobroker/utils.py
@@ -23,6 +23,7 @@ import os
import sys
import types
import locale
+import distutils.version
def _checkConfigFileDefaults(data_structure):
"""\
@@ -80,3 +81,25 @@ def get_encoding():
encoding = 'ascii'
return encoding
+def compare_versions(version_a, op, version_b):
+ """\
+ Compare <version_a> with <version_b> using operator <op>.
+ In the background C{distutils.version.LooseVersion} is
+ used for the comparison operation.
+
+ @param version_a: a version string
+ @type version_a: C{str}
+ @param op: an operator provide as string (e.g. '<', '>', '==', '>=' etc.)
+ @type op: C{str}
+ @param version_b: another version string that is to be compared with <version_a>
+ @type version_b: C{str}
+
+ """
+
+ ### FIXME: this comparison is not reliable with beta et al. version strings
+
+ ver_a = distutils.version.LooseVersion(version_a)
+ ver_b = distutils.version.LooseVersion(version_b)
+
+ return eval("ver_a %s ver_b" % op)
+
diff --git a/x2gobroker/web/extras.py b/x2gobroker/web/extras.py
index 728aaec..75571e6 100644
--- a/x2gobroker/web/extras.py
+++ b/x2gobroker/web/extras.py
@@ -23,6 +23,10 @@
# modules
import os.path
import paramiko
+
+import x2gobroker._paramiko
+x2gobroker._paramiko.monkey_patch_paramiko()
+
import x2gobroker.defaults
class X2GoBrokerPubKeyService:
hooks/post-receive
--
x2gobroker.git (HTTP(S) Session broker for X2Go)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).
More information about the x2go-commits
mailing list