[X2Go-Commits] python-x2go.git - release/0.4.0.x (branch) updated: 0.0.37.0-44-gf41550a

X2Go dev team git-admin at x2go.org
Tue Jan 7 16:16:39 CET 2014


The branch, release/0.4.0.x has been updated
       via  f41550a56ecc92d14466317c0370b209d866d90c (commit)
      from  12bb02a83abd24c50689d960beff9aad238d3a8c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 x2go/backends/control/_stdout.py |   30 +++++++++++-----
 x2go/checkhosts.py               |   74 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 96 insertions(+), 8 deletions(-)
 create mode 100644 x2go/checkhosts.py

The diff of changes is:
diff --git a/x2go/backends/control/_stdout.py b/x2go/backends/control/_stdout.py
index 7e2d7d5..1a47554 100644
--- a/x2go/backends/control/_stdout.py
+++ b/x2go/backends/control/_stdout.py
@@ -32,6 +32,7 @@ import paramiko
 import gevent
 
 import copy
+import binascii
 
 # Python X2go modules
 import x2go.sshproxy as sshproxy
@@ -39,6 +40,7 @@ import x2go.log as log
 import x2go.utils as utils
 import x2go.x2go_exceptions as x2go_exceptions
 import x2go.defaults as defaults
+import x2go.checkhosts as checkhosts
 
 from x2go.backends.terminal import X2goTerminalSession as _X2goTerminalSession
 from x2go.backends.info import X2goServerSessionInfo as _X2goServerSessionInfo
@@ -239,22 +241,32 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient):
         Perform a Paramiko/SSH host key check.
 
         """
+        _hostname = hostname
+        _port = port
+        _fingerprint = 'NO-FINGERPRINT'
+        _fingerprint_type = 'SOME-KEY-TYPE'
+
+        _check_policy = checkhosts.X2goCheckHostKeyPolicy()
+        self.set_missing_host_key_policy(_check_policy)
+
         try:
             paramiko.SSHClient.connect(self, hostname=hostname, port=port, username='foo', password='bar')
+        except x2go_exceptions.AuthenticationException:
             host_ok = True
-            self.logger('SSH host key verification succeeded.', loglevel=log.loglevel_NOTICE)
+            self.logger('SSH host key verification succeeded. Host is already known to the client\'s Paramiko/SSH sub-system.', loglevel=log.loglevel_NOTICE)
         except x2go_exceptions.SSHException, e:
-            msg = e.message
-            if msg.startswith('Unknown server')
+            msg = str(e)
+            if msg.startswith('Checked host key for X2go server '):
                 host_ok = False
-                self.logger('SSH host key verification failed.', loglevel=log.loglevel_NOTICE)
+                _hostname = _check_policy.get_hostname().split(':')[0].lstrip('[').rstrip(']')
+                _port = _check_policy.get_hostname().split(':')[1]
+                _fingerprint = _check_policy.get_key_fingerprint_with_colons()
+                _fingerprint_type = _check_policy.get_key_name()
+                self.logger('SSH host key verification failed. Seeing this X2go server for the first time.', loglevel=log.loglevel_NOTICE)
             else:
                 raise(e)
 
-        _hostname = hostname
-        _port = port
-        _fingerprint = 'NO-FINGERPRINT'
-        _fingerprint_type = 'SOME-KEY-TYPE'
+        self.set_missing_host_key_policy(paramiko.RejectPolicy())
         return (host_ok, _hostname, _port, _fingerprint, _fingerprint_type)
 
     def connect(self, hostname, port=22, username='', password='', pkey=None,
@@ -406,6 +418,8 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient):
             self.close()
             raise paramiko.AuthenticationException()
 
+        self.set_missing_host_key_policy(paramiko.RejectPolicy())
+
         self.hostname = hostname
         self.port = port
 
diff --git a/x2go/checkhosts.py b/x2go/checkhosts.py
new file mode 100644
index 0000000..d4eda9a
--- /dev/null
+++ b/x2go/checkhosts.py
@@ -0,0 +1,74 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (C) 2010-2011 by Mike Gabriel <m.gabriel at das-netzwerkteam.de>
+#
+# Python X2go is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# Python X2go is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the
+# Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+"""\
+Providing mechanisms to control session backends to check host validity.
+
+"""
+__NAME__ = 'x2gocheckhosts-pylib'
+
+# modules
+import paramiko
+import binascii
+
+# Python X2go modules
+import x2go_exceptions
+
+class X2goCheckHostKeyPolicy(paramiko.MissingHostKeyPolicy):
+    """\
+    Policy for making host key information available to Python X2go after a 
+    Paramiko/SSH connect has been attempted. A connect that uses this 
+    C{paramiko.MissingHostKeyPolicy} will always fail.
+
+    This is used by L{X2goControlSessionSTDOUT}.
+    """
+    def missing_host_key(self, client, hostname, key):
+        self.client = client
+        self.hostname = hostname
+        self.key = key
+        client._log(paramiko.common.DEBUG, 'Checking %s host key for %s: %s' %
+                   (key.get_name(), hostname, binascii.hexlify(key.get_fingerprint())))
+        raise x2go_exceptions.SSHException('Checked host key for X2go server %s' % hostname)
+
+    def get_client(self):
+        return self.client
+
+    def get_hostname(self):
+        return self.hostname
+
+    def get_key(self):
+        return self.key
+
+    def get_key_name(self):
+        return self.key.get_name().upper()
+
+    def get_key_fingerprint(self):
+        return binascii.hexlify(self.key.get_fingerprint())
+
+    def get_key_fingerprint_with_colons(self):
+        _fingerprint = self.get_key_fingerprint()
+        _colon_fingerprint = ''
+        idx = 0
+        for char in _fingerprint:
+            idx += 1
+            _colon_fingerprint += char
+            if idx % 2 == 0:
+                _colon_fingerprint += ':'
+        return _colon_fingerprint.rstrip(':')
+


hooks/post-receive
-- 
python-x2go.git (Python X2Go Client API)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "python-x2go.git" (Python X2Go Client API).




More information about the x2go-commits mailing list