From mike.gabriel@das-netzwerkteam.de Wed Dec 30 10:50:59 2015 Received: (at 922) by bugs.x2go.org; 30 Dec 2015 09:51:01 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 2E0605DA4F for <922@bugs.x2go.org>; Wed, 30 Dec 2015 10:50:58 +0100 (CET) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id 158909EC for <922@bugs.x2go.org>; Wed, 30 Dec 2015 10:50:58 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 98BE33BBBC for <922@bugs.x2go.org>; Wed, 30 Dec 2015 10:50:56 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gWmlmiIB+4nB for <922@bugs.x2go.org>; Wed, 30 Dec 2015 10:50:56 +0100 (CET) Received: from das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id 27B483BA36 for <922@bugs.x2go.org>; Wed, 30 Dec 2015 10:50:56 +0100 (CET) Received: from bifrost.das-netzwerkteam.de (bifrost.das-netzwerkteam.de [178.62.101.154]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Wed, 30 Dec 2015 09:50:56 +0000 Date: Wed, 30 Dec 2015 09:50:56 +0000 Message-ID: <20151230095056.Horde.a1sbxA-0fTDMUp2FwXMZcpR@mail.das-netzwerkteam.de> From: Mike Gabriel To: 922@bugs.x2go.org Subject: Fwd: [X2Go-Dev] X2Go Server contains some IPv4/non-IPv6 logic for creating ports. User-Agent: Horde Application Framework 5 Accept-Language: de,en Organization: DAS-NETZWERKTEAM X-Originating-IP: 178.62.101.154 X-Remote-Browser: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.4.0 Content-Type: multipart/signed; boundary="=_TwxPewhTKQ_BudiNDmUUBuw"; protocol="application/pgp-signature"; micalg=pgp-sha256 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_TwxPewhTKQ_BudiNDmUUBuw Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable ----- Weitergeleitete Nachricht von Mike Gabriel=20=20 =20----- Datum: Wed, 30 Dec 2015 09:21:20 +0000 Von: Mike Gabriel Betreff: [X2Go-Dev] X2Go Server contains some IPv4/non-IPv6 logic for=20=20 creating=20ports. An: x2go-dev@lists.x2go.org Hi guys, On So 23 Aug 2015 23:10:59 CEST, git-admin wrote: > This is an automated email from the git hooks/post-receive script. > > x2go pushed a commit to branch master > in repository x2goserver. > > commit bfe3ba761c1d3e9143285ca17edc87ac763ce35d > Author: Mihai Moldovan > Date: Sun Aug 23 23:08:45 2015 +0200 > > x2goserver/bin/x2gostartagent: changes to Robert Nowotny's=20=20 >=20SSH_PORT patch. Fixes: #922. > > Use default outgoing interface to determine IP address. > > Use the whole range of ${RANDOM}'s pool. > > Seed it for good measure. > > Change the default method to randomization instead of IP-based > initialization. > > If IP-based initialization was requested but the default outgoing IP > address unavailable, fall back to randomization. > Haven't looked at X2Go Server code for a while... Today I found the below..= . > +# Get server IP address. > +get_server_ip_address() { > + # The provided IP address should be outside of any local network. > + # We are only interested in how the kernel would try to reach the > + # non-local IP address specified here. It is not actually contacted > + # in any way. > + typeset ip_output=3D"$(ip route get 8.8.8.8)" > + > + # Remove newlines. > + ip_output=3D"${ip_output//$'\n'}" > + > + # Fetch source address. > + typeset src_address=3D"$(grep -oe=20=20 >=20'src[[:space:]]\{1,\}\(\([[:digit:]]\{1,3\}\.\)\{3\}[[:digit:]]\{1,3\}\= )'=20=20 >=20<<< "${ip_output}" | sed -e 's/src[[:space:]]\{1,\}//')" > + > + if [ -n "${src_address}" ]; then > + printf "${src_address}" > + return "0" > + fi > + > + return "1" > +} Has anyone of you ever heard of IPv6? And has anyone ever seen setups=20=20 where=20the IPv6 traffic is routed via a different interface compared to=20= =20 IPv4=20traffic? Furthermore, within the last years, I never had any problems with=20=20 server-side=20ports being the same on different servers. I mostly=20=20 connect=20through PyHoca. So if there is a problem in X2Go Client=20=20 regarding=20server-side SSH tunnel ports, why--the hack--do you fix that=20= =20 in=20X2Go Server? If the port allocation is a problem at all, it certainly is a problem=20=20 that=20requires fixing in X2Go Client, not X2Go Server. Please consider reverting this flawed patch!!! Scratching my head and wondering... Mike ----- Ende der weitergeleiteten Nachricht ----- --=20 DAS-NETZWERKTEAM mike=20gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/mailxchange/kronolith/fb.php?u=3Dm.gabriel= %40das-netzwerkteam.de --=_TwxPewhTKQ_BudiNDmUUBuw Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJWg6kAAAoJEJr0azAldxsxEl0P/2e/JSz1GTt6huPaFwaoaBs2 VoVZiaJeYuU8mmVsusHj9wnf8w09Sp2QyZJM+Ki2ytdbQq1cyLIprb4o7OfBr+MR ZeHWcE4Ok6FrLA/8c3dJhZRzpRhgd7Pw6P6crLzl763BGi+99looj4i9hK/fpk23 ImL457RDVgI989otCXe4aSWDDUIu0Ow3J/ukWuqOD+GNGkJWYJDYi5/3/tsUqgCp 8YS+rZkwkvoGgfTvX7aRht8E7esOzL9LqfeOeWdwfAK99HUrb2+SdIX9wzMIi3x5 7WqhtSoJnO5YEaTDVCU/kJRvgQN5k0dLLDSQavT8vr9lPw1lbgorHYFW0120r3LR HGeZx+faXqxwhurhNTXQamPwrY38zKjrV8ateg2sJOwsolYGX+MPRZ+jTDRgQk1J OlNSD6iBkC0a5n0ENXpou3pBnrB9+kaQypovzBGZHLzw2pymSd7i/QNuvh1sfKC8 ikU+A5wGF8xUldTPXyzQEZ1jOa9hGc/PF7aEnfktyCBRCd+gClfjYUUeOYInNABe MZg3nqT5xjDbAo5ZK0T/OK0FMZ8VIMatXWLqBnEUfZBe48sE9zKjlURCTTOlY0zT DFvF8P3mRY5jDeXKerkErbySfufLKKwicHMbGHq4hdEx4MtTpP8eJC1b2kdLKBmp Ndn68OGW4YPlFP/muwYt =WIAi -----END PGP SIGNATURE----- --=_TwxPewhTKQ_BudiNDmUUBuw--