X2Go Bug report logs - #311
http broker: Add cmd-line option for loading self-signed root-CA certificates

Toggle useless messages

Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):

From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

To: submit@bugs.x2go.org

Subject: http broker: Add cmd-line option for loading self-signed root-CA certificates

Date: Tue, 24 Sep 2013 13:49:29 +0200

[Message part 1 (text/plain, inline)]

Package: x2goclient
Severity: wishlist
Version: 4.0.1.1

Add a command line options that allows to load a self-signed / custom  
CA certificate that is used when accessing the HTTP session broker via  
https.

For an example, see:
http://www.thomaskeller.biz/blog/2009/01/03/ssl-verification-with-qt-and-a-custom-ca-certificate/

Mike

-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb

[Message part 2 (application/pgp-signature, inline)]

Message #10 received at 311@bugs.x2go.org (full text, mbox, reply):

From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

To: 311-submitter@bugs.x2go.org

Cc: control@bugs.x2go.org, 311@bugs.x2go.org

Subject: X2Go issue (in src:x2goclient) has been marked as pending for release

Date: Tue, 29 Oct 2013 16:40:17 +0100 (CET)

tag #311 pending
fixed #311 4.0.1.2
thanks

Hello,

X2Go issue #311 (src:x2goclient) reported by you has been
fixed in X2Go Git. You can see the changelog below, and you can
check the diff of the fix at:

    http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=1a4504a

The issue will most likely be fixed in src:x2goclient (4.0.1.2).

light+love
X2Go Git Admin (on behalf of the sender of this mail)

---
commit 1a4504aefb145446c9011fb34743aa8535db3b7b
Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
Date:   Tue Oct 29 16:39:43 2013 +0100

    Add option --broker-cacertfile. Allow usage of non-system-wide installed (self-signed) SSL certificate chains for https (SSL) session broker connections. (Fixes: #311).

diff --git a/debian/changelog b/debian/changelog
index e069591..78908d6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -11,6 +11,9 @@ x2goclient (4.0.1.2-0~x2go2) UNRELEASED; urgency=low
     + Perform sanity checks on data that comes in from X2Go Servers.
       Prohibit the execution of arbitrary code via the ~/.bashrc file.
       (Fixes: #333).
+    + Add option --broker-cacertfile. Allow usage of non-system-wide
+      installed (self-signed) SSL certificate chains for https (SSL)
+      session broker connections. (Fixes: #311).
   * Pull-in packaging changes from Debian.
 
   [ Ricardo Díaz Martín ]

Message #22 received at 311@bugs.x2go.org (full text, mbox, reply):

From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

To: 311-submitter@bugs.x2go.org

Cc: control@bugs.x2go.org, 311@bugs.x2go.org

Subject: X2Go issue (in src:x2goclient) has been marked as closed

Date: Tue, 17 Dec 2013 15:55:21 +0100 (CET)

close #311
thanks

Hello,

we are very hopeful that X2Go issue #311 reported by you
has been resolved in the new release (4.0.1.2) of the
X2Go source project »src:x2goclient«.

You can view the complete changelog entry of src:x2goclient (4.0.1.2)
below, and you can use the following link to view all the code changes
between this and the last release of src:x2goclient.

    http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=34591fd62844b2b955e6a4bf3cf44d4759c5e44c;hp=d5ff7886ae22a1e36541570e7095fac9860af6e8

If you feel that the issue has not been resolved satisfyingly, feel
free to reopen this bug report or submit a follow-up report with
further observations described based on the new released version
of src:x2goclient.

Thanks a lot for contributing to X2Go!!!

light+love
X2Go Git Admin (on behalf of the sender of this mail)

---
X2Go Component: src:x2goclient
Version: 4.0.1.2-0x2go2
Status: RELEASE
Date: Tue, 17 Dec 2013 15:21:38 +0100
Fixes: 139 230 241 311 315 316 328 333
Changes: 
 x2goclient (4.0.1.2-0x2go2) RELEASED; urgency=low
 .
   [ Mike Gabriel ]
   * New upstream version (4.0.1.2):
     - Provide Keywords: key in .desktop file.
     - Add NSIS packaging files for win32 builds to source tree.
       (Files provided by Oleksandr Shneyder, thanks!!!).
     - Rename win32 desktop and startmenu icon from "X2goClient" to "X2Go
       Client".
     - Store broker HTTPS certificate exceptions in
       $HOME/.x2go/ssl/exceptions (before: $HOME/ssl/exceptions).
       (Fixes: #328).
     - Perform sanity checks on data that comes in from X2Go Servers.
       Prohibit the execution of arbitrary code via the ~/.bashrc file.
       (Fixes: #333).
     - Add option --broker-cacertfile. Allow usage of non-system-wide
       installed (self-signed) SSL certificate chains for https (SSL)
       session broker connections. (Fixes: #311).
     - Update man page for new --tray-icon cmdline option.
     - Update man page for --broker-url. Explain the syntax of <URL>.
     - Properly handle (=expand) the "~" character in key filenames. (Brought to
       attention by Eldamir on IRC. Thanks!).
     - Expand tilde operator for all other file paths handed over to X2Go Client
       via sessions file or cmdline parameter.
     - Syntax fix of x2goclient.desktop file.
     - Test for various file locations of the pulseaudio cookie file.
     - Allow patching of qmake-qt4 executable path in Makefile.
     - Make qmake-qt4 and lrelease path in Makefile easily replacable (as
       RHEL-5 does not have those tools in $PATH).
     - Make sure that build_client and build_plugin are not build with parallel
       make.
     - Make x2goplugin-provider installable via Makefile.
   * Pull-in packaging changes from Debian.
   * debian/source/format:
     + Switch to format 1.0.
   * x2goclient.spec:
     + Ship x2goclient.spec (RPM package definitions) in upstream project.
       (Thanks to the Fedora package maintainers).
     + Clear (Fedora package) changelog.
     + Make package build on Fedora/EPEL versions that do not have the
       qtbrowserplugin package.
     + For EPEL-5 builds: replace full path to qmake-qt4 and lrelease.
     + Split up package into bin:packages: x2goclient, x2goplugin,
       x2goplugin-provider.
     + Make sure lrelease-qt4 is executed (not just lrelease).
 .
   [ Ricardo Díaz Martín ]
   * New upstream versino (4.0.1.2):
     - Strip whitespaces off of user name, host name and other
       strings when loading / saving session profiles.(Fixes: #315).
     - New option --tray-icon. Force showing the tray icon, even for
       hidden sessions. Also allow creation of .desktop files with
       --tray-icon optionally being enabled. (Fixes: #316).
     - Update Spanish translation.
 .
   [ Oleksandr Shneyder ]
   * New upstream version (4.0.1.2):
     - Support for keys "shadowuser" "shadowdisplay" and "shadowmode" in
       config file. This allows choosing the default display for shadow
       sessions.
     - Support for GSSApi(Kerberos 5) authentication. Using ssh/scp commands
       on Linux and Mac and plink/pscp on Windows.
     - Support for ChallengeResponseAuthentication (Google Authenticator)
     - Setting main window focus on mac (Fixes: #139).
     - Additional check if authentication with GSSApi successfull
     - c121b7e2d3d83abdc2d7a29637bc3294e38b2ec3 broke checking if remote
       command produce only stderr and not stdout. It made x2goclient crash
       if x2gostartagent send LIMIT error. Current commit fixes this issue.
     - SshMasterConnection should use current user name if no user name is
       specified in session settings
     - GSSApi(Kerberos 5) authentication for sshproxy and sshbroker
     - fixed GSSApi(Kerberos 5) authentication for sshproxy and sshbroker
       on windows
 .
   [ Heinrich Schuchardt ]
   * New upstream version (4.0.1.2):
     - Handle SSH host key changes more elegantly and allow user interaction
       if such a host key change occurs. (Fixes: #241).
 .
   [ Michael DePaulo ]
   * New upstream version (4.0.1.2):
     - win32: Add uninstall information to Add/Remove Programs. (Fixes: #230).

Send a report that this bug log contains spam.