X2Go Bug report logs - #781
x2goclient in broker mode with --broker-noauth

version graph

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: Sergey Savko <savko@tophouse.ru>

Date: Wed, 4 Feb 2015 10:50:02 UTC

Severity: normal

Tags: pending

Found in version 4.0.3.1

Fixed in version 4.0.3.2

Done: X2Go Release Manager <git-admin@x2go.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to x2go-dev@lists.x2go.org, X2Go Developers <x2go-dev@lists.x2go.org>:
Bug#781; Package x2goclient. (Wed, 04 Feb 2015 10:50:02 GMT) (full text, mbox, link).


Acknowledgement sent to Sergey Savko <savko@tophouse.ru>:
New Bug report received and forwarded. Copy sent to X2Go Developers <x2go-dev@lists.x2go.org>. (Wed, 04 Feb 2015 10:50:02 GMT) (full text, mbox, link).


Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):

From: Sergey Savko <savko@tophouse.ru>
To: submit@bugs.x2go.org
Subject: x2goclient in broker mode with --broker-noauth
Date: Wed, 4 Feb 2015 14:41:35 +0400 (MSK)
[Message part 1 (text/plain, inline)]
Package: x2goclient
Version: 4.0.3.1
Tag: patch

If x2goclient started in broker mode without pass-through authentication (--broker-noauth) and authentication on the server, x2goclient connected from the user who started the x2goclient. 
That isn't right, we can run x2goclient from any user and connect to the servers as a different user. Just x2goclient can't restore session from suspend.
This patch allows you to start x2goclient from any user on the local system and connect to the server by the user that was entered in the authentication window.

-- 
Yours truly,
Sergey Savko.
[0001-x2goclient-broker-noauth-patch.patch (text/x-patch, attachment)]

Information forwarded to x2go-dev@lists.x2go.org, X2Go Developers <x2go-dev@lists.x2go.org>:
Bug#781; Package x2goclient. (Wed, 04 Feb 2015 15:00:02 GMT) (full text, mbox, link).


Acknowledgement sent to Mike Gabriel <mike.gabriel@das-netzwerkteam.de>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.x2go.org>. (Wed, 04 Feb 2015 15:00:02 GMT) (full text, mbox, link).


Message #10 received at 781@bugs.x2go.org (full text, mbox, reply):

From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: Sergey Savko <savko@tophouse.ru>, 781@bugs.x2go.org
Cc: 781-submitter@bugs.x2go.org
Subject: Re: [X2Go-Dev] Bug#781: x2goclient in broker mode with --broker-noauth
Date: Wed, 04 Feb 2015 14:59:07 +0000
[Message part 1 (text/plain, inline)]
Hi Alex,

On  Mi 04 Feb 2015 11:41:35 CET, Sergey Savko wrote:

> Package: x2goclient
> Version: 4.0.3.1
> Tag: patch
>
> If x2goclient started in broker mode without pass-through  
> authentication (--broker-noauth) and authentication on the server,  
> x2goclient connected from the user who started the x2goclient.
> That isn't right, we can run x2goclient from any user and connect to  
> the servers as a different user. Just x2goclient can't restore  
> session from suspend.
> This patch allows you to start x2goclient from any user on the local  
> system and connect to the server by the user that was entered in the  
> authentication window.

can you please review Sergey's patch attached to #781? Would switching  
to the X2Go Server username for the "selectsession" broker task break  
any of your deployed setups?

Optionally, I would suggest adding a cmdline option  
(--broker-noauth-with-session-username or such) that enables the  
provided patch (which makes sense from my point of view).

Greets,
Mike


-- 

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
[Message part 2 (application/pgp-signature, inline)]

Message sent on to Sergey Savko <savko@tophouse.ru>:
Bug#781. (Wed, 04 Feb 2015 15:00:03 GMT) (full text, mbox, link).


Information forwarded to x2go-dev@lists.x2go.org, X2Go Developers <x2go-dev@lists.x2go.org>:
Bug#781; Package x2goclient. (Fri, 06 Feb 2015 11:25:02 GMT) (full text, mbox, link).


Acknowledgement sent to Sergey Savko <savko@tophouse.ru>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.x2go.org>. (Fri, 06 Feb 2015 11:25:02 GMT) (full text, mbox, link).


Message #18 received at 781@bugs.x2go.org (full text, mbox, reply):

From: Sergey Savko <savko@tophouse.ru>
To: 781@bugs.x2go.org, mike.gabriel@das-netzwerkteam.de
Subject: second patch
Date: Fri, 6 Feb 2015 15:20:29 +0400 (MSK)
[Message part 1 (text/plain, inline)]

-- 
Yours truly,
Sergey Savko.
[0001-x2goclient-broker-noauth-patch.patch (text/x-patch, attachment)]

Information forwarded to x2go-dev@lists.x2go.org, X2Go Developers <x2go-dev@lists.x2go.org>:
Bug#781; Package x2goclient. (Fri, 06 Feb 2015 13:15:02 GMT) (full text, mbox, link).


Acknowledgement sent to Mike Gabriel <mike.gabriel@das-netzwerkteam.de>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.x2go.org>. (Fri, 06 Feb 2015 13:15:02 GMT) (full text, mbox, link).


Message #23 received at 781@bugs.x2go.org (full text, mbox, reply):

From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: 781-submitter@bugs.x2go.org
Cc: control@bugs.x2go.org, 781@bugs.x2go.org
Subject: X2Go issue (in src:x2goclient) has been marked as pending for release
Date: Fri, 6 Feb 2015 14:13:51 +0100 (CET)
tag #781 pending
fixed #781 4.0.3.2
thanks

Hello,

X2Go issue #781 (src:x2goclient) reported by you has been
fixed in X2Go Git. You can see the changelog below, and you can
check the diff of the fix at:

    http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=58e4845

The issue will most likely be fixed in src:x2goclient (4.0.3.2).

light+love
X2Go Git Admin (on behalf of the sender of this mail)

---
commit 58e4845eb5ccb9ce9d3baca75698c91f7e71377d
Author: Sergey_Savko <savko@tophouse.ru>
Date:   Fri Feb 6 14:15:53 2015 +0300

    Add new cmdline option --broker-noauth-use-session-username. When --broker-noauth is used, the broker does not know on behalf of which user to operate. This new option enables username syncing. When logging into X2Go Server, that username will be sent to the broker and be used for querying X2Go Broker Agents etc. (Fixes: #781).

diff --git a/debian/changelog b/debian/changelog
index c6fe947..c40f3ab 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -39,6 +39,11 @@ x2goclient (4.0.3.2-0x2go1) UNRELEASED; urgency=medium
   * New upstream release (4.0.3.2):
     - Prevent passwordless re-logins into X2Go Session Broker if
       --broker-autologoff is used on the cmdline. (Fixes: #782).
+    - Add new cmdline option --broker-noauth-use-session-username.
+      When --broker-noauth is used, the broker does not know on behalf
+      of which user to operate. This new option enables username syncing.
+      When logging into X2Go Server, that username will be sent to the
+      broker and be used for querying X2Go Broker Agents etc. (Fixes: #781).
 
   [ Heinrich Schuchardt ]
   * New upstream release (4.0.3.2):


Added tag(s) pending. Request was from Mike Gabriel <mike.gabriel@das-netzwerkteam.de> to control@bugs.x2go.org. (Fri, 06 Feb 2015 13:15:03 GMT) (full text, mbox, link).


Marked as fixed in versions 4.0.3.2. Request was from Mike Gabriel <mike.gabriel@das-netzwerkteam.de> to control@bugs.x2go.org. (Fri, 06 Feb 2015 13:15:03 GMT) (full text, mbox, link).


Message sent on to Sergey Savko <savko@tophouse.ru>:
Bug#781. (Fri, 06 Feb 2015 13:15:03 GMT) (full text, mbox, link).


Information forwarded to x2go-dev@lists.x2go.org, X2Go Developers <x2go-dev@lists.x2go.org>:
Bug#781; Package x2goclient. (Thu, 19 Feb 2015 12:00:12 GMT) (full text, mbox, link).


Acknowledgement sent to X2Go Release Manager <git-admin@x2go.org>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.x2go.org>. (Thu, 19 Feb 2015 12:00:13 GMT) (full text, mbox, link).


Message #35 received at 781@bugs.x2go.org (full text, mbox, reply):

From: X2Go Release Manager <git-admin@x2go.org>
To: 781-submitter@bugs.x2go.org
Cc: control@bugs.x2go.org, 781@bugs.x2go.org
Subject: X2Go issue (in src:x2goclient) has been marked as closed
Date: Thu, 19 Feb 2015 12:58:00 +0100 (CET)
close #781
thanks

Hello,

we are very hopeful that X2Go issue #781 reported by you
has been resolved in the new release (4.0.3.2) of the
X2Go source project »src:x2goclient«.

You can view the complete changelog entry of src:x2goclient (4.0.3.2)
below, and you can use the following link to view all the code changes
between this and the last release of src:x2goclient.

    http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=3b7ca68412005521d45d9751a370549ab1c80e58;hp=5290218751cc68a1fc1711ebd169e195eb3daeed

If you feel that the issue has not been resolved satisfyingly, feel
free to reopen this bug report or submit a follow-up report with
further observations described based on the new released version
of src:x2goclient.

Thanks a lot for contributing to X2Go!!!

light+love
X2Go Git Admin (on behalf of the sender of this mail)

---
X2Go Component: src:x2goclient
Version: 4.0.3.2-0x2go1
Status: RELEASE
Date: Thu, 19 Feb 2015 12:49:22 +0100
Fixes: 616 642 681 702 705 713 720 742 781 782
Changes: 
 x2goclient (4.0.3.2-0x2go1) RELEASED; urgency=medium
 .
   [ Oleksandr Shneyder ]
   * New upstream release (4.0.3.2):
     - Fix placement of session folders in session card column. (Fixes: #681).
     - Send empty message in x2gohelper to stop AppStarting cursor. (Fixes: #616).
     - Fix multiple creations of modmap timer (OS_DARWIN).
 .
   [ Mike Gabriel ]
   * New upstream release (4.0.3.2):
     - Add several info/error/debug log message while hunting down #702.
     - Use app.setQuitOnLastWindowClosed(false) for the X2Go Client QtApplication
       to assure that X2Go Client does not arbitrarily exit during a running
       session. This fixes X2Go Client crashes that occur when printing via
       the CUPS-X2Go printing mechanism with activate print dialog popup on
       incoming print jobs and minimized main window. (Fixes: #702).
     - Be more exact when reporting rev forwarding tunnel request failures to
       the GUI user. Include the purpose of the tunnel (NX, audio, foldersharing)
       in the error message.
     - Enable debugging in sshprocess.cpp and sshmasterconnection.cpp if
       --debug is given.
     - sshmasterconnection.cpp: Fix several grammar issues in error messages.
     - When sharing a client-side folder, do not write the SSH pub key to
       client-side authorized_keys file if the folder-to-be-shared does not
       exist on the client. (Partially solves #405).
     - Fix string concatenation/layout of error message when tunnel I/O errors
       occur.
     - Improve debugging/logging the SSH connections made by X2Go Client.
     - Fix quotes when calling remote commands via SSH (esp. allow same quoting/
       escaping style for libssh and openSSH+Krb based connections). (Fixes: #720).
     - FIXME: Disable PubkeyAuthentication _and_ PasswordAuthentication if
       GSSAPI authentication is activated. This is counter intuitive, though,
       and requires several other fixes in the authentication code.
   * x2goclient.spec:
     - Always set BuildRoot: parameter.
 .
   [ Sergey Savko ]
   * New upstream release (4.0.3.2):
     - Prevent passwordless re-logins into X2Go Session Broker if
       --broker-autologoff is used on the cmdline. (Fixes: #782).
     - Add new cmdline option --broker-noauth-use-session-username.
       When --broker-noauth is used, the broker does not know on behalf
       of which user to operate. This new option enables username syncing.
       When logging into X2Go Server, that username will be sent to the
       broker and be used for querying X2Go Broker Agents etc. (Fixes: #781).
 .
   [ Heinrich Schuchardt ]
   * New upstream release (4.0.3.2):
     - Base the layout dialogue "Session ID" (which shows up when starting a
       connection) on typographic points (instead of pixels). (Fixes: #713).
 .
   [ Jason Alavaliant ]
   * New upstream verson (4.0.3.2):
     - Use QUrl::toPercentEncoding() method to properly encode passwords sent
       to X2Go Session Broker. (Fixes: #705).
 .
   [ Mike DePaulo ]
   * New upstream release (4.0.3.2):
     - Windows: Win32 OpenSSL updates from 1.0.1j to 1.0.1L, which
       fixes the CVEs announced on 2015-01-08.
     - Windows: Cygwin OpenSSL updated from 1.0.1j-1 to 1.0.1k-1, which
       fixes the CVEs announced on 2015-01-08.
     - Windows: Bundle new version of VcXsrv: 1.15.2.2-xp+vc2013+x2go1.
       The differences from 1.15.2.1-xp+vc2013+x2go1 are that its bundled
       OpenSSL has been updated to 1.0.1k, and that xorg-server
       CVE-2014-8091..8103 have been fixed.
     - Windows: Update libssh from 0.6.3 to 0.6.4 (while maintaining
       Pageant support). This fixes CVE-2014-8132, which shouldn't
       affect x2goclient because x2goclient uses the SSH client
       functionality, not the SSH server functionality.
       0.6.4 also added 4 features related to ECDSA keys.
     - Windows: Fix compatibility with PulseAudio 6.0
     - Windows: Remove workaround for audio input with old versions of
       PulseAudio (calling parec once per second)
       (Fixes: #742)
       Thanks George Trakatelis (uom.edu.gr) for submitting this change.
     - Windows: Enable X2Go Client for Windows to build under VS2010 nmake
       (but not the VS2010 IDE due to a Qt4 Visual Studio Add-in limitation)
       Note that the official builds are still build under MinGW.
       (Fixes: #642)
       Thanks George Trakatelis (uom.edu.gr) for submitting this feature.
     - Windows: Make builds easier, and updating bundled dependencies
       easier, by adding copy-deps-win32.bat. It copies the exact
       version of each dependency (DLL, executable, data, folder, etc)
       from x2goclient-contrib.git.
 .
   [ Kaan Ozdincer ]
   * New upstream version (4.0.3.2):
     - Add Turkish translation file.


Marked Bug as done Request was from X2Go Release Manager <git-admin@x2go.org> to control@bugs.x2go.org. (Thu, 19 Feb 2015 12:00:22 GMT) (full text, mbox, link).


Notification sent to Sergey Savko <savko@tophouse.ru>:
Bug acknowledged by developer. (Thu, 19 Feb 2015 12:00:22 GMT) (full text, mbox, link).


Message sent on to Sergey Savko <savko@tophouse.ru>:
Bug#781. (Thu, 19 Feb 2015 12:00:38 GMT) (full text, mbox, link).


Bug archived. Request was from Debbugs Internal Request <owner@bugs.x2go.org> to internal_control@bugs.x2go.org. (Fri, 20 Mar 2015 06:24:01 GMT) (full text, mbox, link).


Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Mon Aug 19 03:48:30 2019; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.