[X2Go-Commits] [x2gobroker] 01/01: Provide legacy support for deprecated x2gobroker.conf global parameter 'check-credentials'.
git-admin at x2go.org
git-admin at x2go.org
Tue Oct 28 18:45:48 CET 2014
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master
in repository x2gobroker.
commit 0dcd15ff0334890df18592baf7f1a12bbf812a2a
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Oct 28 18:45:39 2014 +0100
Provide legacy support for deprecated x2gobroker.conf global parameter 'check-credentials'.
---
debian/changelog | 2 ++
x2gobroker/brokers/base_broker.py | 16 ++++++++++++----
x2gobroker/defaults.py | 4 ++++
3 files changed, 18 insertions(+), 4 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 9bfaa0e..ed9222e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -169,6 +169,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low
completely.
- Make sure that without configuration files, the HTTP broker listens to
port 8080.
+ - Provide legacy support for deprecated x2gobroker.conf global parameter
+ 'check-credentials'.
* debian/control:
+ Provide separate bin:package for SSH brokerage: x2gobroker-ssh.
+ Replace LDAP support with session brokerage support in LONG_DESCRIPTION.
diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py
index 9473c70..3e60280 100644
--- a/x2gobroker/brokers/base_broker.py
+++ b/x2gobroker/brokers/base_broker.py
@@ -826,10 +826,18 @@ class X2GoBroker(object):
@rtype: C{bool},C{unicode}
"""
+ require_password = self.config.get_value('global', 'require-password')
+ require_cookie = self.config.get_value('global', 'require-cookie')
+
+ # LEGACY support for X2Go Session Broker (<< 0.0.3.0) configuration files
+ if not self.config.get_value('global', 'check-credentials'):
+ logger_broker.warning('base_broker.X2GoBroker.check_access(): deprecated parameter \'check-credentials\' used in x2gobroker.conf (use \'require-password\' and \'require-cookie\' instead)!!!'.format(configfile=self.config_file))
+ require_password = False
+ require_cookie = False
+
### FOR INTRANET LOAD BALANCER WE MAY JUST ALLOW ACCESS TO EVERYONE
### This is handled through the config file, normally /etc/x2go/x2gobroker.conf
-
- if not self.config.get_value('global', 'require-password') and not self.config.get_value('global', 'require-cookie'):
+ if not require_password and not require_cookie:
logger_broker.debug('base_broker.X2GoBroker.check_access(): access is granted without checking credentials, prevent this in {configfile}'.format(configfile=self.config_file))
return True, None
elif username == 'check-credentials' and password == 'FALSE':
@@ -841,7 +849,7 @@ class X2GoBroker(object):
if type(cookie) is types.StringType:
cookie = unicode(cookie)
- if (((cookie == None) or (cookie == "")) and self.config.get_value('global', 'require-cookie')):
+ if (((cookie == None) or (cookie == "")) and require_cookie):
#cookie required but we did not get one - catch wrong cookie case later
logger_broker.debug('base_broker.X2GoBroker.check_access(): cookie required but none given.')
return False, None
@@ -852,7 +860,7 @@ class X2GoBroker(object):
logger_broker.debug('base_broker.X2GoBroker.check_access(): checking if our configured cookie was submitted: {access}'.format(access=access))
# the require cookie but not password case falls through to returning value of access
- if self.config.get_value('global', 'require-password'):
+ if require_password:
# using files to store persistant cookie information because global variables do not work across threads in WSGI
if _X2GOBROKER_USER == _X2GOBROKER_DAEMON_USER:
diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py
index 9451d4b..91931c7 100644
--- a/x2gobroker/defaults.py
+++ b/x2gobroker/defaults.py
@@ -190,6 +190,10 @@ X2GOBROKER_HOME = os.path.normpath(os.path.expanduser('~{broker_uid}'.format(bro
# defaults for X2Go Sessino Broker configuration file
X2GOBROKER_CONFIG_DEFAULTS = {
'global': {
+ # legacy support for X2Go Session Broker << 0.0.3.0
+ # the check-credentials parameter has been slit up into the two params above
+ u'check-credentials': True,
+ # use these two instead of check-credentials...
u'require-password': True,
u'require-cookie': False,
u'use-static-cookie': True,
--
Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
More information about the x2go-commits
mailing list