[X2Go-Commits] python-paramiko.git - x2go (branch) updated: 98477465da692687415cecae61069bec8cc902c8

X2Go dev team git-admin at x2go.org
Sun Sep 15 14:34:52 CEST 2013


The branch, x2go has been updated
       via  98477465da692687415cecae61069bec8cc902c8 (commit)
      from  ba0b5b1f27347a5a88ad86ae3569d17960fe99fe (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 98477465da692687415cecae61069bec8cc902c8
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Sun Sep 15 14:34:31 2013 +0200

    Add patch: 006_prefer-agent-auth-to-key-file-auth.patch

-----------------------------------------------------------------------

Summary of changes:
 debian/changelog                                   |    1 +
 .../006_prefer-agent-auth-to-key-file-auth.patch   |   60 ++++++++++++++++++++
 debian/patches/series                              |    1 +
 3 files changed, 62 insertions(+)
 create mode 100644 debian/patches/006_prefer-agent-auth-to-key-file-auth.patch

The diff of changes is:
diff --git a/debian/changelog b/debian/changelog
index d49b0a5..3f2e9a2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,7 @@ paramiko (1.11.0-0) UNRELEASED; urgency=low
     + Add patch: 003_hash-hostnames.patch
     + Add patch: 004_password-passphrase-auth.patch
     + Add patch: 005_fix-key-filename-with-two-factor-auth.patch
+    + Add patch: 006_prefer-agent-auth-to-key-file-auth.patch
 
  -- Mike Gabriel <mike.gabriel at das-netzwerkteam.de>  Mon, 29 Apr 2013 13:08:38 +0200
 
diff --git a/debian/patches/006_prefer-agent-auth-to-key-file-auth.patch b/debian/patches/006_prefer-agent-auth-to-key-file-auth.patch
new file mode 100644
index 0000000..b8f4d54
--- /dev/null
+++ b/debian/patches/006_prefer-agent-auth-to-key-file-auth.patch
@@ -0,0 +1,60 @@
+commit c98cd9ddd6c8a625c154a5b26e53d078220b2591
+Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
+Date:   Sun Sep 15 14:18:45 2013 +0200
+
+    Prefer agent authentication to key_filename based authentication
+    
+    Re-order the several authentication attempts in a way that potentially
+    password-less authentications are tried first (pkey, agent). Only then
+    try authentication that access private key files (which might need
+    decryption/unlocking). And finally request a password for password based
+    authentication.
+
+--- a/paramiko/client.py
++++ b/paramiko/client.py
+@@ -464,6 +464,22 @@
+             except SSHException, e:
+                 saved_exception = e
+ 
++        if not two_factor and allow_agent:
++            if self._agent == None:
++                self._agent = Agent()
++
++            for key in self._agent.get_keys():
++                try:
++                    self._log(DEBUG, 'Trying SSH agent key %s' % hexlify(key.get_fingerprint()))
++                    # for 2-factor auth a successfully auth'd key will result in ['password']
++                    allowed_types = self._transport.auth_publickey(username, key)
++                    two_factor = (allowed_types == ['password'])
++                    if not two_factor:
++                        return
++                    break
++                except SSHException, e:
++                    saved_exception = e
++
+         if not two_factor:
+             for key_filename in key_filenames:
+                 for pkey_class in (RSAKey, DSSKey):
+@@ -481,22 +497,6 @@
+                     except SSHException, e:
+                         saved_exception = e
+ 
+-        if not two_factor and allow_agent:
+-            if self._agent == None:
+-                self._agent = Agent()
+-
+-            for key in self._agent.get_keys():
+-                try:
+-                    self._log(DEBUG, 'Trying SSH agent key %s' % hexlify(key.get_fingerprint()))
+-                    # for 2-factor auth a successfully auth'd key will result in ['password']
+-                    allowed_types = self._transport.auth_publickey(username, key)
+-                    two_factor = (allowed_types == ['password'])
+-                    if not two_factor:
+-                        return
+-                    break
+-                except SSHException, e:
+-                    saved_exception = e
+-
+         if not two_factor:
+             keyfiles = []
+             rsa_key = os.path.expanduser('~/.ssh/id_rsa')
diff --git a/debian/patches/series b/debian/patches/series
index 2b07f27..ea63d55 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -3,3 +3,4 @@
 003_hash-hostnames.patch
 004_password-passphrase-auth.patch
 005_fix-key-filename-with-two-factor-auth.patch
+006_prefer-agent-auth-to-key-file-auth.patch


hooks/post-receive
-- 
python-paramiko.git (Debian package python-paramiko)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "python-paramiko.git" (Debian package python-paramiko).




More information about the x2go-commits mailing list