From jlukens@botch.com Wed Mar 5 05:08:41 2014 Received: (at submit) by bugs.x2go.org; 5 Mar 2014 04:08:42 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20 autolearn=ham version=3.3.2 Received: from felt.botch.com (felt.botch.com [207.145.43.98]) by ymir (Postfix) with ESMTP id 0BC025DB13 for ; Wed, 5 Mar 2014 05:08:41 +0100 (CET) Received: from [127.0.0.1] (unknown [192.168.254.1]) (Authenticated sender: jlukens) by felt.botch.com (Postfix) with ESMTP id 1B3B01AC0C5 for ; Tue, 4 Mar 2014 23:08:40 -0500 (EST) Date: Tue, 4 Mar 2014 23:08:47 -0500 From: Josh Lukens To: submit@bugs.x2go.org Message-ID: <40986E5D72924376B16BC735EECD4852@botch.com> Subject: Add support to client for dynamic authids when connecting to session broker X-Mailer: sparrow 1.6.4 (build 1178) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="5316a34f_79838cb2_7cc0" --5316a34f_79838cb2_7cc0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Disposition: inline Package: x2goclient Version: 4.0.2.0 Severity: wishlist Currently the client re-authenticates with the session broker for every interaction. This breaks the use of any one time use authentication methods. The attached patch adds support for the session broker server to include an authid in its responses. The client will then include that authid in future requests. A corresponding patch to the session broker is forthcoming. Patch should be backward compatible with existing session brokers. --5316a34f_79838cb2_7cc0 Content-Type: application/octet-stream Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="support-for-dynamic-authid.patch" ZGlmZiAtLWdpdCBhL2h0dHBicm9rZXJjbGllbnQuY3BwIGIvaHR0cGJyb2tlcmNsaWVudC5jcHAK aW5kZXggZWM4NjU5My4uYTA2NjI0MCAxMDA2NDQKLS0tIGEvaHR0cGJyb2tlcmNsaWVudC5jcHAK KysrIGIvaHR0cGJyb2tlcmNsaWVudC5jcHAKQEAgLTQ2LDYgKzQ2LDcgQEAgSHR0cEJyb2tlckNs aWVudDo6SHR0cEJyb2tlckNsaWVudCAoIE9OTWFpbldpbmRvdyogd25kLCBDb25maWdGaWxlKiBj ZmcgKQogICAgIFFVcmwgbHVybCAoIGNvbmZpZy0+YnJva2VydXJsICk7CiAgICAgaWYobHVybC51 c2VyTmFtZSgpLmxlbmd0aCgpPjApCiAgICAgICAgIGNvbmZpZy0+YnJva2VyVXNlcj1sdXJsLnVz ZXJOYW1lKCk7CisgICAgbmV4dEF1dGhJZD1jb25maWctPmJyb2tlclVzZXJJZDsKIAogICAgIGlm KGNvbmZpZy0+YnJva2VydXJsLmluZGV4T2YoInNzaDovLyIpPT0wKQogICAgIHsKQEAgLTI0MSw3 ICsyNDIsNyBAQCB2b2lkIEh0dHBCcm9rZXJDbGllbnQ6OnNsb3RTc2hVc2VyQXV0aEVycm9yKFFT dHJpbmcgZXJyb3IpCiB2b2lkIEh0dHBCcm9rZXJDbGllbnQ6OmdldFVzZXJTZXNzaW9ucygpCiB7 CiAgICAgUVN0cmluZyBicm9rZXJVc2VyPWNvbmZpZy0+YnJva2VyVXNlcjsKLSAgICB4MmdvRGVi dWc8PCJjYWxsZWQgZ2V0VXNlclNlc3Npb25zOiBicm9rZXJ1c2VyOiAiPDxicm9rZXJVc2VyPDwi IGF1dGhpZDogIjw8Y29uZmlnLT5icm9rZXJVc2VySWQ7CisgICAgeDJnb0RlYnVnPDwiY2FsbGVk IGdldFVzZXJTZXNzaW9uczogYnJva2VydXNlcjogIjw8YnJva2VyVXNlcjw8IiBhdXRoaWQ6ICI8 PG5leHRBdXRoSWQ7CiAgICAgaWYobWFpbldpbmRvdy0+Z2V0VXNlUEdQQ2FyZCgpKQogICAgICAg ICBicm9rZXJVc2VyPW1haW5XaW5kb3ctPmdldENhcmRMb2dpbigpOwogICAgIGNvbmZpZy0+c2Vz c2lvbmRhdGE9UVN0cmluZzo6bnVsbDsKQEAgLTI1Miw3ICsyNTMsNyBAQCB2b2lkIEh0dHBCcm9r ZXJDbGllbnQ6OmdldFVzZXJTZXNzaW9ucygpCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICJ0YXNrPWxpc3RzZXNzaW9ucyYiPDwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInVz ZXI9Ijw8YnJva2VyVXNlcjw8IiYiPDwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInBh c3N3b3JkPSI8PGNvbmZpZy0+YnJva2VyUGFzczw8IiYiPDwKLSAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgImF1dGhpZD0iPDxjb25maWctPmJyb2tlclVzZXJJZDsKKyAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgImF1dGhpZD0iPDxuZXh0QXV0aElkOwogCiAgICAgICAgIHgyZ29EZWJ1 ZyA8PCAic2VuZGluZyByZXF1ZXN0OiAiPDwgcmVxLnRvVXRmOCgpOwogICAgICAgICBRTmV0d29y a1JlcXVlc3QgcmVxdWVzdChRVXJsKGNvbmZpZy0+YnJva2VydXJsKSk7CkBAIC0yNjYsOCArMjY3 LDggQEAgdm9pZCBIdHRwQnJva2VyQ2xpZW50OjpnZXRVc2VyU2Vzc2lvbnMoKQogICAgICAgICAg ICAgY3JlYXRlU3NoQ29ubmVjdGlvbigpOwogICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICB9 Ci0gICAgICAgIGlmIChjb25maWctPmJyb2tlclVzZXJJZC5sZW5ndGgoKSA+IDApIHsKLSAgICAg ICAgICAgIHNzaENvbm5lY3Rpb24tPmV4ZWN1dGVDb21tYW5kICggY29uZmlnLT5zc2hCcm9rZXJC aW4rIiAtLXVzZXIgIisgYnJva2VyVXNlciArIiAtLWF1dGhpZCAiK2NvbmZpZy0+YnJva2VyVXNl cklkKyAiIC0tdGFzayBsaXN0c2Vzc2lvbnMiLAorICAgICAgICBpZiAobmV4dEF1dGhJZC5sZW5n dGgoKSA+IDApIHsKKyAgICAgICAgICAgIHNzaENvbm5lY3Rpb24tPmV4ZWN1dGVDb21tYW5kICgg Y29uZmlnLT5zc2hCcm9rZXJCaW4rIiAtLXVzZXIgIisgYnJva2VyVXNlciArIiAtLWF1dGhpZCAi K25leHRBdXRoSWQrICIgLS10YXNrIGxpc3RzZXNzaW9ucyIsCiAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMsIFNMT1QgKCBzbG90TGlzdFNlc3Npb25zICgg Ym9vbCwgUVN0cmluZyxpbnQgKSApKTsKICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgIHNz aENvbm5lY3Rpb24tPmV4ZWN1dGVDb21tYW5kICggY29uZmlnLT5zc2hCcm9rZXJCaW4rIiAtLXVz ZXIgIisgYnJva2VyVXNlciArIiAtLXRhc2sgbGlzdHNlc3Npb25zIiwKQEAgLTI5MSw3ICsyOTIs NyBAQCB2b2lkIEh0dHBCcm9rZXJDbGllbnQ6OnNlbGVjdFVzZXJTZXNzaW9uKGNvbnN0IFFTdHJp bmcmIHNlc3Npb24pCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJzaWQ9Ijw8c2Vzc2lv bjw8IiYiPDwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInVzZXI9Ijw8YnJva2VyVXNl cjw8IiYiPDwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgInBhc3N3b3JkPSI8PGNvbmZp Zy0+YnJva2VyUGFzczw8IiYiPDwKLSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgImF1dGhp ZD0iPDxjb25maWctPmJyb2tlclVzZXJJZDsKKyAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ImF1dGhpZD0iPDxuZXh0QXV0aElkOwogICAgICAgICB4MmdvRGVidWcgPDwgInNlbmRpbmcgcmVx dWVzdDogIjw8IHJlcS50b1V0ZjgoKTsKICAgICAgICAgUU5ldHdvcmtSZXF1ZXN0IHJlcXVlc3Qo UVVybChjb25maWctPmJyb2tlcnVybCkpOwogICAgICAgICByZXF1ZXN0LnNldEhlYWRlcihRTmV0 d29ya1JlcXVlc3Q6OkNvbnRlbnRUeXBlSGVhZGVyLCAiYXBwbGljYXRpb24veC13d3ctZm9ybS11 cmxlbmNvZGVkIik7CkBAIC0zMDAsOCArMzAxLDggQEAgdm9pZCBIdHRwQnJva2VyQ2xpZW50Ojpz ZWxlY3RVc2VyU2Vzc2lvbihjb25zdCBRU3RyaW5nJiBzZXNzaW9uKQogICAgIH0KICAgICBlbHNl CiAgICAgewotICAgICAgICBpZiAoY29uZmlnLT5icm9rZXJVc2VySWQubGVuZ3RoKCkgPiAwKSB7 Ci0gICAgICAgICAgICBzc2hDb25uZWN0aW9uLT5leGVjdXRlQ29tbWFuZCAoIGNvbmZpZy0+c3No QnJva2VyQmluKyIgLS11c2VyICIrIGJyb2tlclVzZXIgKyIgLS1hdXRoaWQgIitjb25maWctPmJy b2tlclVzZXJJZCsgIiAtLXRhc2sgc2VsZWN0c2Vzc2lvbiAtLXNpZCBcXFwiIitzZXNzaW9uKyJc XFwiIiwKKyAgICAgICAgaWYgKG5leHRBdXRoSWQubGVuZ3RoKCkgPiAwKSB7CisgICAgICAgICAg ICBzc2hDb25uZWN0aW9uLT5leGVjdXRlQ29tbWFuZCAoIGNvbmZpZy0+c3NoQnJva2VyQmluKyIg LS11c2VyICIrIGJyb2tlclVzZXIgKyIgLS1hdXRoaWQgIituZXh0QXV0aElkKyAiIC0tdGFzayBz ZWxlY3RzZXNzaW9uIC0tc2lkIFxcXCIiK3Nlc3Npb24rIlxcXCIiLAogICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICB0aGlzLFNMT1QgKCBzbG90U2VsZWN0U2Vzc2lv bihib29sLFFTdHJpbmcsaW50KSkpOwogICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgc3No Q29ubmVjdGlvbi0+ZXhlY3V0ZUNvbW1hbmQgKCBjb25maWctPnNzaEJyb2tlckJpbisiIC0tdXNl ciAiKyBicm9rZXJVc2VyICsiIC0tdGFzayBzZWxlY3RzZXNzaW9uIC0tc2lkIFxcXCIiK3Nlc3Np b24rIlxcXCIiLApAQCAtMzI2LDcgKzMyNyw3IEBAIHZvaWQgSHR0cEJyb2tlckNsaWVudDo6Y2hh bmdlUGFzc3dvcmQoUVN0cmluZyBuZXdQYXNzKQogICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAibmV3cGFzcz0iPDxuZXdQYXNzPDwiJiI8PAogICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAidXNlcj0iPDxicm9rZXJVc2VyPDwiJiI8PAogICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAicGFzc3dvcmQ9Ijw8Y29uZmlnLT5icm9rZXJQYXNzPDwiJiI8PAotICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAiYXV0aGlkPSI8PGNvbmZpZy0+YnJva2VyVXNlcklkOworICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAiYXV0aGlkPSI8PG5leHRBdXRoSWQ7CiAgICAgICAgIHgyZ29E ZWJ1ZyA8PCAic2VuZGluZyByZXF1ZXN0OiAiPDwgcmVxLnRvVXRmOCgpOwogICAgICAgICBRTmV0 d29ya1JlcXVlc3QgcmVxdWVzdChRVXJsKGNvbmZpZy0+YnJva2VydXJsKSk7CiAgICAgICAgIHJl cXVlc3Quc2V0SGVhZGVyKFFOZXR3b3JrUmVxdWVzdDo6Q29udGVudFR5cGVIZWFkZXIsICJhcHBs aWNhdGlvbi94LXd3dy1mb3JtLXVybGVuY29kZWQiKTsKQEAgLTMzNCw4ICszMzUsOCBAQCB2b2lk IEh0dHBCcm9rZXJDbGllbnQ6OmNoYW5nZVBhc3N3b3JkKFFTdHJpbmcgbmV3UGFzcykKICAgICB9 CiAgICAgZWxzZQogICAgIHsKLSAgICAgICAgaWYgKGNvbmZpZy0+YnJva2VyVXNlcklkLmxlbmd0 aCgpID4gMCkgewotICAgICAgICAgICAgc3NoQ29ubmVjdGlvbi0+ZXhlY3V0ZUNvbW1hbmQgKCBj b25maWctPnNzaEJyb2tlckJpbisiIC0tdXNlciAiKyBicm9rZXJVc2VyICsiIC0tYXV0aGlkICIr Y29uZmlnLT5icm9rZXJVc2VySWQrICIgLS10YXNrIHNldHBhc3MgLS1uZXdwYXNzICIrbmV3UGFz cywgdGhpcywKKyAgICAgICAgaWYgKG5leHRBdXRoSWQubGVuZ3RoKCkgPiAwKSB7CisgICAgICAg ICAgICBzc2hDb25uZWN0aW9uLT5leGVjdXRlQ29tbWFuZCAoIGNvbmZpZy0+c3NoQnJva2VyQmlu KyIgLS11c2VyICIrIGJyb2tlclVzZXIgKyIgLS1hdXRoaWQgIituZXh0QXV0aElkKyAiIC0tdGFz ayBzZXRwYXNzIC0tbmV3cGFzcyAiK25ld1Bhc3MsIHRoaXMsCiAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgIFNMT1QgKCBzbG90UGFzc0NoYW5nZWQoYm9vbCxRU3Ry aW5nLGludCkpKTsKICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgIHNzaENvbm5lY3Rpb24t PmV4ZWN1dGVDb21tYW5kICggY29uZmlnLT5zc2hCcm9rZXJCaW4rIiAtLXVzZXIgIisgYnJva2Vy VXNlciArIiAtLXRhc2sgc2V0cGFzcyAtLW5ld3Bhc3MgIituZXdQYXNzLCB0aGlzLApAQCAtMzU5 LDggKzM2MCw4IEBAIHZvaWQgSHR0cEJyb2tlckNsaWVudDo6dGVzdENvbm5lY3Rpb24oKQogICAg IH0KICAgICBlbHNlCiAgICAgewotICAgICAgICBpZiAoY29uZmlnLT5icm9rZXJVc2VySWQubGVu Z3RoKCkgPiAwKSB7Ci0gICAgICAgICAgICBzc2hDb25uZWN0aW9uLT5leGVjdXRlQ29tbWFuZChj b25maWctPnNzaEJyb2tlckJpbisiIC0tYXV0aGlkICIrY29uZmlnLT5icm9rZXJVc2VySWQrICIg LS10YXNrIHRlc3Rjb24iLAorICAgICAgICBpZiAobmV4dEF1dGhJZC5sZW5ndGgoKSA+IDApIHsK KyAgICAgICAgICAgIHNzaENvbm5lY3Rpb24tPmV4ZWN1dGVDb21tYW5kKGNvbmZpZy0+c3NoQnJv a2VyQmluKyIgLS1hdXRoaWQgIituZXh0QXV0aElkKyAiIC0tdGFzayB0ZXN0Y29uIiwKICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMsIFNMT1QgKCBzbG90U2Vs ZWN0U2Vzc2lvbihib29sLFFTdHJpbmcsaW50KSkpOwogICAgICAgICB9IGVsc2UgewogICAgICAg ICAgICAgc3NoQ29ubmVjdGlvbi0+ZXhlY3V0ZUNvbW1hbmQoY29uZmlnLT5zc2hCcm9rZXJCaW4r IiAtLXRhc2sgdGVzdGNvbiIsCkBAIC00MDAsNiArNDAxLDExIEBAIGJvb2wgSHR0cEJyb2tlckNs aWVudDo6Y2hlY2tBY2Nlc3MoUVN0cmluZyBhbnN3ZXIgKQogICAgICAgICByZXR1cm4gZmFsc2U7 CiAgICAgfQogICAgIGNvbmZpZy0+YnJva2VyQXV0aGVudGljYXRlZD10cnVlOworICAgIGludCBh dXRoQmVnaW49YW5zd2VyLmluZGV4T2YoIkFVVEhJRDoiKTsKKyAgICBpZiAoYXV0aEJlZ2luIT0t MSkKKyAgICB7CisgICAgICAgIG5leHRBdXRoSWQ9YW5zd2VyLm1pZChhdXRoQmVnaW4rNywgYW5z d2VyLmluZGV4T2YoIlxuIixhdXRoQmVnaW4pLWF1dGhCZWdpbi03KTsKKyAgICB9CiAgICAgcmV0 dXJuIHRydWU7CiB9CiAKZGlmZiAtLWdpdCBhL2h0dHBicm9rZXJjbGllbnQuaCBiL2h0dHBicm9r ZXJjbGllbnQuaAppbmRleCA4YTc3MmRmLi4yZDY2OGY4IDEwMDY0NAotLS0gYS9odHRwYnJva2Vy Y2xpZW50LmgKKysrIGIvaHR0cGJyb2tlcmNsaWVudC5oCkBAIC01Miw2ICs1Miw3IEBAIHByaXZh dGU6CiAgICAgUU5ldHdvcmtSZXBseSogc2VsU2Vzc1JlcXVlc3Q7CiAgICAgUU5ldHdvcmtSZXBs eSogY2hQYXNzUmVxdWVzdDsKICAgICBRTmV0d29ya1JlcGx5KiB0ZXN0Q29uUmVxdWVzdDsKKyAg ICBRU3RyaW5nIG5leHRBdXRoSWQ7CiAgICAgUVN0cmluZyBuZXdCcm9rZXJQYXNzOwogICAgIENv bmZpZ0ZpbGUqIGNvbmZpZzsKICAgICBPTk1haW5XaW5kb3cqIG1haW5XaW5kb3c7Cg== --5316a34f_79838cb2_7cc0--