[X2Go-Commits] [x2gobroker] 01/01: Provide legacy support for deprecated x2gobroker.conf global parameter 'check-credentials'.

git-admin at x2go.org git-admin at x2go.org
Tue Oct 28 18:45:48 CET 2014 

This is an automated email from the git hooks/post-receive script.

x2go pushed a commit to branch master
in repository x2gobroker.

commit 0dcd15ff0334890df18592baf7f1a12bbf812a2a
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date:   Tue Oct 28 18:45:39 2014 +0100

    Provide legacy support for deprecated x2gobroker.conf global parameter 'check-credentials'.
---
 debian/changelog                  |    2 ++
 x2gobroker/brokers/base_broker.py |   16 ++++++++++++----
 x2gobroker/defaults.py            |    4 ++++
 3 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 9bfaa0e..ed9222e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -169,6 +169,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low
       completely.
     - Make sure that without configuration files, the HTTP broker listens to
       port 8080.
+    - Provide legacy support for deprecated x2gobroker.conf global parameter
+      'check-credentials'.
   * debian/control:
     + Provide separate bin:package for SSH brokerage: x2gobroker-ssh.
     + Replace LDAP support with session brokerage support in LONG_DESCRIPTION.
diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py
index 9473c70..3e60280 100644
--- a/x2gobroker/brokers/base_broker.py
+++ b/x2gobroker/brokers/base_broker.py
@@ -826,10 +826,18 @@ class X2GoBroker(object):
         @rtype: C{bool},C{unicode}
 
         """
+        require_password = self.config.get_value('global', 'require-password')
+        require_cookie = self.config.get_value('global', 'require-cookie')
+
+        # LEGACY support for X2Go Session Broker (<< 0.0.3.0) configuration files
+        if not self.config.get_value('global', 'check-credentials'):
+            logger_broker.warning('base_broker.X2GoBroker.check_access(): deprecated parameter \'check-credentials\' used in x2gobroker.conf (use \'require-password\' and \'require-cookie\' instead)!!!'.format(configfile=self.config_file))
+            require_password = False
+            require_cookie = False
+
         ### FOR INTRANET LOAD BALANCER WE MAY JUST ALLOW ACCESS TO EVERYONE
         ### This is handled through the config file, normally /etc/x2go/x2gobroker.conf
-
-        if not self.config.get_value('global', 'require-password') and not self.config.get_value('global', 'require-cookie'):
+        if not require_password and not require_cookie:
             logger_broker.debug('base_broker.X2GoBroker.check_access(): access is granted without checking credentials, prevent this in {configfile}'.format(configfile=self.config_file))
             return True, None
         elif username == 'check-credentials' and password == 'FALSE':
@@ -841,7 +849,7 @@ class X2GoBroker(object):
         if type(cookie) is types.StringType:
             cookie = unicode(cookie)
 
-        if (((cookie == None) or (cookie == "")) and self.config.get_value('global', 'require-cookie')):
+        if (((cookie == None) or (cookie == "")) and require_cookie):
             #cookie required but we did not get one - catch wrong cookie case later
             logger_broker.debug('base_broker.X2GoBroker.check_access(): cookie required but none given.')
             return False, None
@@ -852,7 +860,7 @@ class X2GoBroker(object):
         logger_broker.debug('base_broker.X2GoBroker.check_access(): checking if our configured cookie was submitted: {access}'.format(access=access))
 
         # the require cookie but not password case falls through to returning value of access
-        if self.config.get_value('global', 'require-password'):
+        if require_password:
 
             # using files to store persistant cookie information because global variables do not work across threads in WSGI
             if _X2GOBROKER_USER == _X2GOBROKER_DAEMON_USER:
diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py
index 9451d4b..91931c7 100644
--- a/x2gobroker/defaults.py
+++ b/x2gobroker/defaults.py
@@ -190,6 +190,10 @@ X2GOBROKER_HOME = os.path.normpath(os.path.expanduser('~{broker_uid}'.format(bro
 # defaults for X2Go Sessino Broker configuration file
 X2GOBROKER_CONFIG_DEFAULTS = {
     'global': {
+        # legacy support for X2Go Session Broker << 0.0.3.0
+        # the check-credentials parameter has been slit up into the two params above
+        u'check-credentials': True,
+        # use these two instead of check-credentials...
         u'require-password': True,
         u'require-cookie': False,
         u'use-static-cookie': True,

--
Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git

More information about the x2go-commits mailing list