From unknown Fri Jun 12 01:27:01 2026 X-Loop: owner@bugs.x2go.org Subject: Bug#218: [X2Go-Dev] Bug#218: Bug#218: x2gobroker: Hostname is used instead of FQDN Reply-To: Anders Bruun Olsen , 218@bugs.x2go.org Resent-From: Anders Bruun Olsen Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Mon, 27 May 2013 09:03:02 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 218 X-X2Go-PR-Package: x2gobroker X-X2Go-PR-Keywords: confirmed Received: via spool by 218-submit@bugs.x2go.org id=B218.136964532221067 (code B ref 218); Mon, 27 May 2013 09:03:02 +0000 Received: (at 218) by bugs.x2go.org; 27 May 2013 09:02:02 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=HTML_MESSAGE, RCVD_IN_DNSWL_MED,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.2 X-Greylist: delayed 432 seconds by postgrey-1.34 at ymir; Mon, 27 May 2013 11:02:01 CEST Received: from eu1sys200aog111.obsmtp.com (eu1sys200aog111.obsmtp.com [207.126.144.131]) by ymir (Postfix) with SMTP id 018925DB11 for <218@bugs.x2go.org>; Mon, 27 May 2013 11:02:00 +0200 (CEST) Received: from mail-ob0-f170.google.com ([209.85.214.170]) (using TLSv1) by eu1sys200aob111.postini.com ([207.126.147.11]) with SMTP ID DSNKUaMhCHQ5IWUSWgR//0A5EFxO0pXWnyyT@postini.com; Mon, 27 May 2013 09:02:01 UTC Received: by mail-ob0-f170.google.com with SMTP id er7so7766046obc.15 for <218@bugs.x2go.org>; Mon, 27 May 2013 02:01:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dsl.dk; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=AsYu46ZJXXk4s6V4pAlfBn+Zw2Uj7EyOb7gaIwV8aM4=; b=ZDJPldF27rU0MNqaaISK1w5Vq3X4emgGWbnh4s9rduKy+LpZgcBWV9Ntg1pYH3/Ihr psbxJIZHk3uFCSzyVCNVT0TFxMrHikxCGAu+B+jKqjx/HrpI+8U0rKir0XpQJacXwms6 98lxFcyYiyc7o4xJaPa/FV+dt0lY27p327q7w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:x-gm-message-state; bh=AsYu46ZJXXk4s6V4pAlfBn+Zw2Uj7EyOb7gaIwV8aM4=; b=RERgC3iQNrHyIUy7QIMnfXCQ7w7cK3CBJrAdsTQ0Wlwc+MSWpPlYIDdpZD50b3xhb4 mGi9DRJ7hqOBDZBIx9SQAK4kqO/xa8Et+PsVonQFfYPN15VFsYDKzng7LGU96aAYuFoP Cc5YASPbQRCzKbnOvVyjTI4/5wAglq8ngf5nqU7/cUL61n7yWWz0+eyGlHtHUQWh+vgh zTx/5ayrrQWKNOHOmXrQehsBBSu5/bm9bCHmHWdWJKUGtBRSOuTd1lygar7tw9vwceLy GkGv3Dy/YLxbsE6Au4gQb25WFKp7caR5pxVTL03z6l+VavlkerqoAARaRE9yz97OR4Mm 2kZw== X-Received: by 10.182.80.5 with SMTP id n5mr17630989obx.88.1369644886891; Mon, 27 May 2013 01:54:46 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.182.80.5 with SMTP id n5mr17630976obx.88.1369644886639; Mon, 27 May 2013 01:54:46 -0700 (PDT) Received: by 10.182.0.45 with HTTP; Mon, 27 May 2013 01:54:46 -0700 (PDT) In-Reply-To: <20130522175335.95934gesn8bjsbun@mail.das-netzwerkteam.de> References: <20130522175335.95934gesn8bjsbun@mail.das-netzwerkteam.de> Date: Mon, 27 May 2013 10:54:46 +0200 Message-ID: From: Anders Bruun Olsen To: Mike Gabriel , 218@bugs.x2go.org, x2go-dev Content-Type: multipart/alternative; boundary=047d7b2e4146efd88704ddaf4cfa X-Gm-Message-State: ALoCoQnbw5xMzwLVLztHKNroU1eme8nx0QURM/E5KcLQx+sTceGwpSajGpNEXl7SilUPlG+fXv0MFCz8qAMjkVj8EkfS7dA3t1RUEMEBtno7XNvhCkQ+3GloJJl1X/8HsFXt6dtyPDNTYsYhFpvOsMrPZ+kQfnzQHQ== --047d7b2e4146efd88704ddaf4cfa Content-Type: text/plain; charset=UTF-8 I obviously don't know the algorithm used to figure out which server is selected, but in my ignorance, I would think the way to do it should be something like this: 1. Ask all servers if they have a running session for the user trying to log in. 2. If any servers answer possitively, send the configured hostname to the client. 3. Ask all servers for the needed information. 4. Do the math on the broker, to figure out which server to select. 5. Send the selected server to the client. Every time the broker talks to a server, it would keep the information about which server it is talking to, in memory and just associate the returned information with that server. I really don't see why it is neccesary for the servers to reply back with who they think they are, nor who their counterparts in the cluster are. The fact that the algorithm relies on the servers to identify themselves also seems to me to be a potential security hole. What if a local user achieved enough administrative rights to change the hostname. Couldn't he then get the broker to send users to a server that he controls? 2013/5/22 Mike Gabriel > tag #218 confirmed > thanks > > Hi Anders, > > On Mi 22 Mai 2013 15:30:29 CEST Anders Bruun Olsen wrote: > > Package: x2gobroker >> Version: 0.0.2.2 >> >> I am setting up a loadbalanced cluster of x2go servers with a broker in >> front. There are thinclients on the LAN accessing the broker/cluster and >> there will be users logging on from outside. Users on the LAN are served >> term1.example.lan and term2.example.lan, whereas users from outside get >> term1.example.com and term2.example.com. So far everything has worked >> fine, >> but now I have started testing outside access, which does not work. >> x2gobroker (with autologin) tells x2goclient to access term1 or term2 - it >> leaves out the rest of the domain name. This works fine on the LAN, >> because >> the machines there have example.lan set as their searchdomain, but >> machines >> from outside can't resolve "term1" to "term1.example.com" and need to be >> given the FQDN. Please note that the FQDNs is specified in the >> sessionprofiles, but x2goclient still tries to resolve the short version >> of >> the name. >> > > A fix for this is not so trivial, as it seems. The ,,wrong'' hostname is > produced by x2golistsession on the server that the x2gobroker-agent gets > executed on. > > Obviously, your external clients call the X2Go Session Broker. The session > broker knows a list of possible hosts for sending the select_session query > to. The server that gets asked responds with a hostname from the X2Go > session DB, that is not necessarily what you configured in X2Go Session > Broker's x2gobroker-sessionprofiles.**conf. > > So, what is needed is a backwards mapping between the result that gets > returned by x2gobroker-agent (i.e. the returned server name / hostname) > back to the FQDN hostnames configured in X2Go Session Broker. The mapping > is not bijective here, it is more about guessing and shooting blindfolded. > > /me scratches his head on the best approach for this... > > Mike > > > > > -- > > DAS-NETZWERKTEAM > mike gabriel, herweg 7, 24357 fleckeby > fon: +49 (1520) 1976 148 > > GnuPG Key ID 0x25771B31 > mail: mike.gabriel@das-netzwerkteam.**de, > http://das-netzwerkteam.de > > freeBusy: > https://mail.das-netzwerkteam.**de/freebusy/m.gabriel%40das-** > netzwerkteam.de.xfb > > _______________________________________________ > X2Go-Dev mailing list > X2Go-Dev@lists.berlios.de > https://lists.berlios.de/mailman/listinfo/x2go-dev > -- Anders Bruun Olsen It-ansvarlig Det Danske Sprog- og Litteraturselskab (Society for Danish Language and Literature) --047d7b2e4146efd88704ddaf4cfa Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
I obviously don't know the algorithm used to figure ou= t which server is selected, but in my ignorance, I would think the way to d= o it should be something like this:

1. Ask all ser= vers if they have a running session for the user trying to log in.
2. If any servers answer possitively, send the configured hostna= me to the client.
3. Ask all servers for the needed informa= tion.
4. Do the math on the broker, to figure out which ser= ver to select.
5. Send the selected server to the client.

<= /div>
Every time the broker talks to a server, it would keep the = information about which server it is talking to, in memory and just associa= te the returned information with that server. I really don't see why it= is neccesary for the servers to reply back with who they think they are, n= or who their counterparts in the cluster are.

The fact that the algorithm relies on the s= ervers to identify themselves also seems to me to be a potential security h= ole. What if a local user achieved enough administrative rights to change t= he hostname. Couldn't he then get the broker to send users to a server = that he controls?



2013/5/22 Mike Gabriel <mike.gabriel@das-netz= werkteam.de>
tag #218 confirmed
thanks

Hi Anders,

On Mi 22 Mai 2013 15:30:29 CEST Anders Bruun Olsen wrote:

Package: x2gobroker
Version: 0.0.2.2

I am setting up a loadbalanced cluster of x2go servers with a broker in
front. There are thinclients on the LAN accessing the broker/cluster and there will be users logging on from outside. Users on the LAN are served term1.example.lan and term2.example.lan, whereas users from outside get
term1.example.com and term2.example.= com. So far everything has worked fine,
but now I have started testing outside access, which does not work.
x2gobroker (with autologin) tells x2goclient to access term1 or term2 - it<= br> leaves out the rest of the domain name. This works fine on the LAN, because=
the machines there have example.lan set as their searchdomain, but machines=
from outside can't resolve "term1" to "term1.example.com" and need = to be
given the FQDN. Please note that the FQDNs is specified in the
sessionprofiles, but x2goclient still tries to resolve the short version of=
the name.

A fix for this is not so trivial, as it seems. The ,,wrong'' hostna= me is produced by x2golistsession on the server that the x2gobroker-agent g= ets executed on.

Obviously, your external clients call the X2Go Session Broker. The session = broker knows a list of possible hosts for sending the select_session query = to. The server that gets asked responds with a hostname from the X2Go sessi= on DB, that is not necessarily what you configured in X2Go Session Broker&#= 39;s x2gobroker-sessionprofiles.conf.

So, what is needed is a backwards mapping between the result that gets retu= rned by x2gobroker-agent (i.e. the returned server name / hostname) back to= the FQDN hostnames configured in X2Go Session Broker. The mapping is not b= ijective here, it is more about guessing and shooting blindfolded.

/me scratches his head on the best approach for this...

Mike




--

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/fr= eebusy/m.gabriel%40das-netzwerkteam.de.xfb

_______________________________________________
X2Go-Dev mailing list
X2Go-Dev@lists.berlios.de<= br> https://lists.berlios.de/mailman/listinfo/x2go-dev



--
Anders Bruun Olsen
I= t-ansvarlig
Det Danske Sprog- og Litteraturselskab
(Society for Danish Language and = Literature)
--047d7b2e4146efd88704ddaf4cfa--