[X2Go-Commits] python-x2go.git - release/0.4.0.x (branch) updated: 0.0.37.0-44-gf41550a
X2Go dev team
git-admin at x2go.org
Tue Jan 7 16:16:39 CET 2014
The branch, release/0.4.0.x has been updated
via f41550a56ecc92d14466317c0370b209d866d90c (commit)
from 12bb02a83abd24c50689d960beff9aad238d3a8c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
x2go/backends/control/_stdout.py | 30 +++++++++++-----
x2go/checkhosts.py | 74 ++++++++++++++++++++++++++++++++++++++
2 files changed, 96 insertions(+), 8 deletions(-)
create mode 100644 x2go/checkhosts.py
The diff of changes is:
diff --git a/x2go/backends/control/_stdout.py b/x2go/backends/control/_stdout.py
index 7e2d7d5..1a47554 100644
--- a/x2go/backends/control/_stdout.py
+++ b/x2go/backends/control/_stdout.py
@@ -32,6 +32,7 @@ import paramiko
import gevent
import copy
+import binascii
# Python X2go modules
import x2go.sshproxy as sshproxy
@@ -39,6 +40,7 @@ import x2go.log as log
import x2go.utils as utils
import x2go.x2go_exceptions as x2go_exceptions
import x2go.defaults as defaults
+import x2go.checkhosts as checkhosts
from x2go.backends.terminal import X2goTerminalSession as _X2goTerminalSession
from x2go.backends.info import X2goServerSessionInfo as _X2goServerSessionInfo
@@ -239,22 +241,32 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient):
Perform a Paramiko/SSH host key check.
"""
+ _hostname = hostname
+ _port = port
+ _fingerprint = 'NO-FINGERPRINT'
+ _fingerprint_type = 'SOME-KEY-TYPE'
+
+ _check_policy = checkhosts.X2goCheckHostKeyPolicy()
+ self.set_missing_host_key_policy(_check_policy)
+
try:
paramiko.SSHClient.connect(self, hostname=hostname, port=port, username='foo', password='bar')
+ except x2go_exceptions.AuthenticationException:
host_ok = True
- self.logger('SSH host key verification succeeded.', loglevel=log.loglevel_NOTICE)
+ self.logger('SSH host key verification succeeded. Host is already known to the client\'s Paramiko/SSH sub-system.', loglevel=log.loglevel_NOTICE)
except x2go_exceptions.SSHException, e:
- msg = e.message
- if msg.startswith('Unknown server')
+ msg = str(e)
+ if msg.startswith('Checked host key for X2go server '):
host_ok = False
- self.logger('SSH host key verification failed.', loglevel=log.loglevel_NOTICE)
+ _hostname = _check_policy.get_hostname().split(':')[0].lstrip('[').rstrip(']')
+ _port = _check_policy.get_hostname().split(':')[1]
+ _fingerprint = _check_policy.get_key_fingerprint_with_colons()
+ _fingerprint_type = _check_policy.get_key_name()
+ self.logger('SSH host key verification failed. Seeing this X2go server for the first time.', loglevel=log.loglevel_NOTICE)
else:
raise(e)
- _hostname = hostname
- _port = port
- _fingerprint = 'NO-FINGERPRINT'
- _fingerprint_type = 'SOME-KEY-TYPE'
+ self.set_missing_host_key_policy(paramiko.RejectPolicy())
return (host_ok, _hostname, _port, _fingerprint, _fingerprint_type)
def connect(self, hostname, port=22, username='', password='', pkey=None,
@@ -406,6 +418,8 @@ class X2goControlSessionSTDOUT(paramiko.SSHClient):
self.close()
raise paramiko.AuthenticationException()
+ self.set_missing_host_key_policy(paramiko.RejectPolicy())
+
self.hostname = hostname
self.port = port
diff --git a/x2go/checkhosts.py b/x2go/checkhosts.py
new file mode 100644
index 0000000..d4eda9a
--- /dev/null
+++ b/x2go/checkhosts.py
@@ -0,0 +1,74 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (C) 2010-2011 by Mike Gabriel <m.gabriel at das-netzwerkteam.de>
+#
+# Python X2go is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# Python X2go is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the
+# Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+"""\
+Providing mechanisms to control session backends to check host validity.
+
+"""
+__NAME__ = 'x2gocheckhosts-pylib'
+
+# modules
+import paramiko
+import binascii
+
+# Python X2go modules
+import x2go_exceptions
+
+class X2goCheckHostKeyPolicy(paramiko.MissingHostKeyPolicy):
+ """\
+ Policy for making host key information available to Python X2go after a
+ Paramiko/SSH connect has been attempted. A connect that uses this
+ C{paramiko.MissingHostKeyPolicy} will always fail.
+
+ This is used by L{X2goControlSessionSTDOUT}.
+ """
+ def missing_host_key(self, client, hostname, key):
+ self.client = client
+ self.hostname = hostname
+ self.key = key
+ client._log(paramiko.common.DEBUG, 'Checking %s host key for %s: %s' %
+ (key.get_name(), hostname, binascii.hexlify(key.get_fingerprint())))
+ raise x2go_exceptions.SSHException('Checked host key for X2go server %s' % hostname)
+
+ def get_client(self):
+ return self.client
+
+ def get_hostname(self):
+ return self.hostname
+
+ def get_key(self):
+ return self.key
+
+ def get_key_name(self):
+ return self.key.get_name().upper()
+
+ def get_key_fingerprint(self):
+ return binascii.hexlify(self.key.get_fingerprint())
+
+ def get_key_fingerprint_with_colons(self):
+ _fingerprint = self.get_key_fingerprint()
+ _colon_fingerprint = ''
+ idx = 0
+ for char in _fingerprint:
+ idx += 1
+ _colon_fingerprint += char
+ if idx % 2 == 0:
+ _colon_fingerprint += ':'
+ return _colon_fingerprint.rstrip(':')
+
hooks/post-receive
--
python-x2go.git (Python X2Go Client API)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "python-x2go.git" (Python X2Go Client API).
More information about the x2go-commits
mailing list