From unknown Fri Mar 29 14:22:25 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#218: x2gobroker: Hostname is used instead of FQDN Reply-To: Anders Bruun Olsen , 218@bugs.x2go.org Resent-From: Anders Bruun Olsen Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Wed, 22 May 2013 13:33:02 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: report 218 X-X2Go-PR-Package: x2gobroker X-X2Go-PR-Keywords: Received: via spool by submit@bugs.x2go.org id=B.136922943122302 (code B); Wed, 22 May 2013 13:33:02 +0000 Received: (at submit) by bugs.x2go.org; 22 May 2013 13:30:31 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=HTML_MESSAGE, RCVD_IN_DNSWL_MED,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from eu1sys200aog103.obsmtp.com (eu1sys200aog103.obsmtp.com [207.126.144.115]) by ymir (Postfix) with SMTP id 161FF5DB13 for ; Wed, 22 May 2013 15:30:31 +0200 (CEST) Received: from mail-ve0-f176.google.com ([209.85.128.176]) (using TLSv1) by eu1sys200aob103.postini.com ([207.126.147.11]) with SMTP ID DSNKUZzIdpzw39e22UYwvOWRNH8waA/PUHFn@postini.com; Wed, 22 May 2013 13:30:31 UTC Received: by mail-ve0-f176.google.com with SMTP id jz10so1408433veb.21 for ; Wed, 22 May 2013 06:30:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dsl.dk; s=google; h=mime-version:date:message-id:subject:from:to:content-type; bh=BR8c2TxFysLFZnzhJ9s8D7HD37TX1AxgMs9tLYRzK/4=; b=N31bsMKI+R32sXS+JzX0Lpp0i4+d6rETrzuFvy5See+bKs+N8UV8SEr5B5eLoRkE8K Ra7Bn1sRVcFeyY6SoGchctkxnBrPVtC4tZjoObDXdlqkClb1zQqCUdv5ToXNiqJYRZr6 4c/6xXH9W6jo+Wq3Ml5gqzj6uCG9h0CC+XX5w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type :x-gm-message-state; bh=BR8c2TxFysLFZnzhJ9s8D7HD37TX1AxgMs9tLYRzK/4=; b=KZS+GaOv+7f0OmMTE/gNYtZkZaw3SbM84nOxeGrv3OKJ93TIBC18jo19SPkADRtgGd ih+br7WHwQSj16tXtUjRJ9FPAAzhTaOz7JY6OOOs9GbmyaPT2P1ifNvBj1Ka9cF2pu9j n+uhaUvRucCsZkV4NG8QeY+SjMBPe7EsBBD5YdASSaE713EgYcB7viJMMljz79wRNBgf C3v7mPSyRCoOBKlGcNmwv/h7gtZShRe/jteAs1JbAqLtScYrXaQKW3yAemUXcAr7KiyE dUTVh6Wemlr5PFbCUpgXVzcY4xfxc83OSOeiG8wtxfyenlbeQPUiaslKTHZDBxAEOnQE NZHg== X-Received: by 10.58.90.66 with SMTP id bu2mr2782198veb.29.1369229430087; Wed, 22 May 2013 06:30:30 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.58.90.66 with SMTP id bu2mr2782192veb.29.1369229429993; Wed, 22 May 2013 06:30:29 -0700 (PDT) Received: by 10.220.198.198 with HTTP; Wed, 22 May 2013 06:30:29 -0700 (PDT) Date: Wed, 22 May 2013 15:30:29 +0200 Message-ID: From: Anders Bruun Olsen To: submit@bugs.x2go.org Content-Type: multipart/alternative; boundary=089e013cc386ca846004dd4e9178 X-Gm-Message-State: ALoCoQly3eJXW0AwfR3/3Ze2g1Wx66OItsw15j31f1rFG2uCkjN3wUNAsNIlEMduE8kQRoCcgH5mNauLFhmvu42pQ517pvqXb6T2nnCBCsyyBXpCBMKFbbDJK1rLpzHjFEexzZYdlpqXWM7uCJk49URr2GzT6+e0kg== --089e013cc386ca846004dd4e9178 Content-Type: text/plain; charset=UTF-8 Package: x2gobroker Version: 0.0.2.2 I am setting up a loadbalanced cluster of x2go servers with a broker in front. There are thinclients on the LAN accessing the broker/cluster and there will be users logging on from outside. Users on the LAN are served term1.example.lan and term2.example.lan, whereas users from outside get term1.example.com and term2.example.com. So far everything has worked fine, but now I have started testing outside access, which does not work. x2gobroker (with autologin) tells x2goclient to access term1 or term2 - it leaves out the rest of the domain name. This works fine on the LAN, because the machines there have example.lan set as their searchdomain, but machines from outside can't resolve "term1" to "term1.example.com" and need to be given the FQDN. Please note that the FQDNs is specified in the sessionprofiles, but x2goclient still tries to resolve the short version of the name. -- Anders Bruun Olsen It-ansvarlig Det Danske Sprog- og Litteraturselskab (Society for Danish Language and Literature) --089e013cc386ca846004dd4e9178 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Package: x2gobroker
Version: 0.0.2.2

I am setting up a loadbalanced cluster of x2go servers with a broke= r in front. There are thinclients on the LAN accessing the broker/cluster a= nd there will be users logging on from outside. Users on the LAN are served= term1.example.lan and term2.example.lan, whereas users from outside get term1.example.com and term2.example.com. So far everything has worked = fine, but now I have started testing outside access, which does not work. x= 2gobroker (with autologin) tells x2goclient to access term1 or term2 - it l= eaves out the rest of the domain name. This works fine on the LAN, because = the machines there have example.lan set as their searchdomain, but machines= from outside can't resolve "term1" to "term1.example.com" and need to be given the F= QDN. Please note that the FQDNs is specified in the sessionprofiles, but x2= goclient still tries to resolve the short version of the name.

--
Anders Bruun Olsen
It-ansvarlig
Det Danske= Sprog- og Litteraturselskab
(Society for Danish Language and Literature= )
--089e013cc386ca846004dd4e9178-- From unknown Fri Mar 29 14:22:25 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#218: [X2Go-Dev] Bug#218: x2gobroker: Hostname is used instead of FQDN Reply-To: Mike Gabriel , 218@bugs.x2go.org Resent-From: Mike Gabriel Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Wed, 22 May 2013 16:03:02 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 218 X-X2Go-PR-Package: x2gobroker X-X2Go-PR-Keywords: Received: via spool by 218-submit@bugs.x2go.org id=B218.1369238026611 (code B ref 218); Wed, 22 May 2013 16:03:02 +0000 Received: (at 218) by bugs.x2go.org; 22 May 2013 15:53:46 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir (Postfix) with ESMTPS id 041835DB13; Wed, 22 May 2013 17:53:37 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id 1B719BCB; Wed, 22 May 2013 17:53:37 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id E3C753BB5A; Wed, 22 May 2013 17:53:36 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d1i1tJX1-8A2; Wed, 22 May 2013 17:53:36 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 8B4EE3BB88; Wed, 22 May 2013 17:53:36 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 679363BB5A; Wed, 22 May 2013 17:53:36 +0200 (CEST) Received: by grimnir.das-netzwerkteam.de (Postfix, from userid 33) id A49E63BB88; Wed, 22 May 2013 17:53:35 +0200 (CEST) Received: from m-047.informatik.uni-kiel.de (m-047.informatik.uni-kiel.de [134.245.254.47]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Wed, 22 May 2013 17:53:35 +0200 Message-ID: <20130522175335.95934gesn8bjsbun@mail.das-netzwerkteam.de> X-Priority: 3 (Normal) Date: Wed, 22 May 2013 17:53:35 +0200 From: Mike Gabriel To: 218@bugs.x2go.org Cc: control@bugs.x2go.org, 218-submitter@bugs.x2go.org References: In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=_49i2q0ipnr3z"; protocol="application/pgp-signature"; micalg="pgp-sha1" Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.3.4) This message is in MIME format and has been PGP signed. --=_49i2q0ipnr3z Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit tag #218 confirmed thanks Hi Anders, On Mi 22 Mai 2013 15:30:29 CEST Anders Bruun Olsen wrote: > Package: x2gobroker > Version: 0.0.2.2 > > I am setting up a loadbalanced cluster of x2go servers with a broker in > front. There are thinclients on the LAN accessing the broker/cluster and > there will be users logging on from outside. Users on the LAN are served > term1.example.lan and term2.example.lan, whereas users from outside get > term1.example.com and term2.example.com. So far everything has worked fine, > but now I have started testing outside access, which does not work. > x2gobroker (with autologin) tells x2goclient to access term1 or term2 - it > leaves out the rest of the domain name. This works fine on the LAN, because > the machines there have example.lan set as their searchdomain, but machines > from outside can't resolve "term1" to "term1.example.com" and need to be > given the FQDN. Please note that the FQDNs is specified in the > sessionprofiles, but x2goclient still tries to resolve the short version of > the name. A fix for this is not so trivial, as it seems. The ,,wrong'' hostname is produced by x2golistsession on the server that the x2gobroker-agent gets executed on. Obviously, your external clients call the X2Go Session Broker. The session broker knows a list of possible hosts for sending the select_session query to. The server that gets asked responds with a hostname from the X2Go session DB, that is not necessarily what you configured in X2Go Session Broker's x2gobroker-sessionprofiles.conf. So, what is needed is a backwards mapping between the result that gets returned by x2gobroker-agent (i.e. the returned server name / hostname) back to the FQDN hostnames configured in X2Go Session Broker. The mapping is not bijective here, it is more about guessing and shooting blindfolded. /me scratches his head on the best approach for this... Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb --=_49i2q0ipnr3z Content-Type: application/pgp-signature Content-Description: Digitale PGP-Unterschrift Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAABAgAGBQJRnOn/AAoJEJr0azAldxsxWN8P+wX3Ss+RclJDXdxj4njmdFCS GbZiLrk5FyYtDu2JImTiwFvKgnh6Tn9yKMF+Q8/zWHwzrzWRbKLZFP/h10yieec2 A6e/cdgx9sr9gpaOCsuEWtenLw5ukbPznn3X5PsSAEG3n6zmpS+0en/hso97IqLt N8F9OHXaVv/iuykdemQ8deZKRN+rOEcMlyWxuimxfJgdtPxwKEYFwg4lImV8oyz7 NhZAnJJ8pipbrCAtriI+eiQp4AxeRi1zFqLI0JWd8lcrGOEmvWknFJWKGyhtR0ue Ck4zHt4bEPge2Kv2/1HYCW+LxRuXkeSqU+hR3HQfDjDSR+Ihxi3miq1JU1yVU7+G o2SuyMPJmlPAP9MfcytiWZWRFB53SwjvKowg9K0pmsUEHzRu8qx5AQWOb7S35Afk tOzCqY39yVueOzVwAbDPOrSy/LzQY+jtcpyGIIsWQBvDMRyDFfX7X+7sWB5mjqaL 66URkNssjwkdNi8XQEtOm7CRFMWqQVxFpE15UX5HNP5Ws5hxeBOgIJ3zH4xIGj3+ GeokUt8d2E/u3dOsFf1Ysz8652W1vp4mCvXdGVn8fRpE/rjSWflJK8E8A3ioPSzt 2jaS90jDKNvfSiDHQ5olWgi7nOuqw9uBxkD3Uy3voIZvD0RoRM2VStiCD1WOSHN2 XYqg5FYi0jf+vScbv1eF =mmgW -----END PGP SIGNATURE----- --=_49i2q0ipnr3z-- From unknown Fri Mar 29 14:22:25 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#218: [X2Go-Dev] Bug#218: Bug#218: x2gobroker: Hostname is used instead of FQDN Reply-To: Anders Bruun Olsen , 218@bugs.x2go.org Resent-From: Anders Bruun Olsen Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Mon, 27 May 2013 09:03:02 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 218 X-X2Go-PR-Package: x2gobroker X-X2Go-PR-Keywords: confirmed Received: via spool by 218-submit@bugs.x2go.org id=B218.136964532221067 (code B ref 218); Mon, 27 May 2013 09:03:02 +0000 Received: (at 218) by bugs.x2go.org; 27 May 2013 09:02:02 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=HTML_MESSAGE, RCVD_IN_DNSWL_MED,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.2 X-Greylist: delayed 432 seconds by postgrey-1.34 at ymir; Mon, 27 May 2013 11:02:01 CEST Received: from eu1sys200aog111.obsmtp.com (eu1sys200aog111.obsmtp.com [207.126.144.131]) by ymir (Postfix) with SMTP id 018925DB11 for <218@bugs.x2go.org>; Mon, 27 May 2013 11:02:00 +0200 (CEST) Received: from mail-ob0-f170.google.com ([209.85.214.170]) (using TLSv1) by eu1sys200aob111.postini.com ([207.126.147.11]) with SMTP ID DSNKUaMhCHQ5IWUSWgR//0A5EFxO0pXWnyyT@postini.com; Mon, 27 May 2013 09:02:01 UTC Received: by mail-ob0-f170.google.com with SMTP id er7so7766046obc.15 for <218@bugs.x2go.org>; Mon, 27 May 2013 02:01:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dsl.dk; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=AsYu46ZJXXk4s6V4pAlfBn+Zw2Uj7EyOb7gaIwV8aM4=; b=ZDJPldF27rU0MNqaaISK1w5Vq3X4emgGWbnh4s9rduKy+LpZgcBWV9Ntg1pYH3/Ihr psbxJIZHk3uFCSzyVCNVT0TFxMrHikxCGAu+B+jKqjx/HrpI+8U0rKir0XpQJacXwms6 98lxFcyYiyc7o4xJaPa/FV+dt0lY27p327q7w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:x-gm-message-state; bh=AsYu46ZJXXk4s6V4pAlfBn+Zw2Uj7EyOb7gaIwV8aM4=; b=RERgC3iQNrHyIUy7QIMnfXCQ7w7cK3CBJrAdsTQ0Wlwc+MSWpPlYIDdpZD50b3xhb4 mGi9DRJ7hqOBDZBIx9SQAK4kqO/xa8Et+PsVonQFfYPN15VFsYDKzng7LGU96aAYuFoP Cc5YASPbQRCzKbnOvVyjTI4/5wAglq8ngf5nqU7/cUL61n7yWWz0+eyGlHtHUQWh+vgh zTx/5ayrrQWKNOHOmXrQehsBBSu5/bm9bCHmHWdWJKUGtBRSOuTd1lygar7tw9vwceLy GkGv3Dy/YLxbsE6Au4gQb25WFKp7caR5pxVTL03z6l+VavlkerqoAARaRE9yz97OR4Mm 2kZw== X-Received: by 10.182.80.5 with SMTP id n5mr17630989obx.88.1369644886891; Mon, 27 May 2013 01:54:46 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.182.80.5 with SMTP id n5mr17630976obx.88.1369644886639; Mon, 27 May 2013 01:54:46 -0700 (PDT) Received: by 10.182.0.45 with HTTP; Mon, 27 May 2013 01:54:46 -0700 (PDT) In-Reply-To: <20130522175335.95934gesn8bjsbun@mail.das-netzwerkteam.de> References: <20130522175335.95934gesn8bjsbun@mail.das-netzwerkteam.de> Date: Mon, 27 May 2013 10:54:46 +0200 Message-ID: From: Anders Bruun Olsen To: Mike Gabriel , 218@bugs.x2go.org, x2go-dev Content-Type: multipart/alternative; boundary=047d7b2e4146efd88704ddaf4cfa X-Gm-Message-State: ALoCoQnbw5xMzwLVLztHKNroU1eme8nx0QURM/E5KcLQx+sTceGwpSajGpNEXl7SilUPlG+fXv0MFCz8qAMjkVj8EkfS7dA3t1RUEMEBtno7XNvhCkQ+3GloJJl1X/8HsFXt6dtyPDNTYsYhFpvOsMrPZ+kQfnzQHQ== --047d7b2e4146efd88704ddaf4cfa Content-Type: text/plain; charset=UTF-8 I obviously don't know the algorithm used to figure out which server is selected, but in my ignorance, I would think the way to do it should be something like this: 1. Ask all servers if they have a running session for the user trying to log in. 2. If any servers answer possitively, send the configured hostname to the client. 3. Ask all servers for the needed information. 4. Do the math on the broker, to figure out which server to select. 5. Send the selected server to the client. Every time the broker talks to a server, it would keep the information about which server it is talking to, in memory and just associate the returned information with that server. I really don't see why it is neccesary for the servers to reply back with who they think they are, nor who their counterparts in the cluster are. The fact that the algorithm relies on the servers to identify themselves also seems to me to be a potential security hole. What if a local user achieved enough administrative rights to change the hostname. Couldn't he then get the broker to send users to a server that he controls? 2013/5/22 Mike Gabriel > tag #218 confirmed > thanks > > Hi Anders, > > On Mi 22 Mai 2013 15:30:29 CEST Anders Bruun Olsen wrote: > > Package: x2gobroker >> Version: 0.0.2.2 >> >> I am setting up a loadbalanced cluster of x2go servers with a broker in >> front. There are thinclients on the LAN accessing the broker/cluster and >> there will be users logging on from outside. Users on the LAN are served >> term1.example.lan and term2.example.lan, whereas users from outside get >> term1.example.com and term2.example.com. So far everything has worked >> fine, >> but now I have started testing outside access, which does not work. >> x2gobroker (with autologin) tells x2goclient to access term1 or term2 - it >> leaves out the rest of the domain name. This works fine on the LAN, >> because >> the machines there have example.lan set as their searchdomain, but >> machines >> from outside can't resolve "term1" to "term1.example.com" and need to be >> given the FQDN. Please note that the FQDNs is specified in the >> sessionprofiles, but x2goclient still tries to resolve the short version >> of >> the name. >> > > A fix for this is not so trivial, as it seems. The ,,wrong'' hostname is > produced by x2golistsession on the server that the x2gobroker-agent gets > executed on. > > Obviously, your external clients call the X2Go Session Broker. The session > broker knows a list of possible hosts for sending the select_session query > to. The server that gets asked responds with a hostname from the X2Go > session DB, that is not necessarily what you configured in X2Go Session > Broker's x2gobroker-sessionprofiles.**conf. > > So, what is needed is a backwards mapping between the result that gets > returned by x2gobroker-agent (i.e. the returned server name / hostname) > back to the FQDN hostnames configured in X2Go Session Broker. The mapping > is not bijective here, it is more about guessing and shooting blindfolded. > > /me scratches his head on the best approach for this... > > Mike > > > > > -- > > DAS-NETZWERKTEAM > mike gabriel, herweg 7, 24357 fleckeby > fon: +49 (1520) 1976 148 > > GnuPG Key ID 0x25771B31 > mail: mike.gabriel@das-netzwerkteam.**de, > http://das-netzwerkteam.de > > freeBusy: > https://mail.das-netzwerkteam.**de/freebusy/m.gabriel%40das-** > netzwerkteam.de.xfb > > _______________________________________________ > X2Go-Dev mailing list > X2Go-Dev@lists.berlios.de > https://lists.berlios.de/mailman/listinfo/x2go-dev > -- Anders Bruun Olsen It-ansvarlig Det Danske Sprog- og Litteraturselskab (Society for Danish Language and Literature) --047d7b2e4146efd88704ddaf4cfa Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
I obviously don't know the algorithm used to figure ou= t which server is selected, but in my ignorance, I would think the way to d= o it should be something like this:

1. Ask all ser= vers if they have a running session for the user trying to log in.
2. If any servers answer possitively, send the configured hostna= me to the client.
3. Ask all servers for the needed informa= tion.
4. Do the math on the broker, to figure out which ser= ver to select.
5. Send the selected server to the client.

<= /div>
Every time the broker talks to a server, it would keep the = information about which server it is talking to, in memory and just associa= te the returned information with that server. I really don't see why it= is neccesary for the servers to reply back with who they think they are, n= or who their counterparts in the cluster are.

The fact that the algorithm relies on the s= ervers to identify themselves also seems to me to be a potential security h= ole. What if a local user achieved enough administrative rights to change t= he hostname. Couldn't he then get the broker to send users to a server = that he controls?



2013/5/22 Mike Gabriel <mike.gabriel@das-netz= werkteam.de>
tag #218 confirmed
thanks

Hi Anders,

On Mi 22 Mai 2013 15:30:29 CEST Anders Bruun Olsen wrote:

Package: x2gobroker
Version: 0.0.2.2

I am setting up a loadbalanced cluster of x2go servers with a broker in
front. There are thinclients on the LAN accessing the broker/cluster and there will be users logging on from outside. Users on the LAN are served term1.example.lan and term2.example.lan, whereas users from outside get
term1.example.com and term2.example.= com. So far everything has worked fine,
but now I have started testing outside access, which does not work.
x2gobroker (with autologin) tells x2goclient to access term1 or term2 - it<= br> leaves out the rest of the domain name. This works fine on the LAN, because=
the machines there have example.lan set as their searchdomain, but machines=
from outside can't resolve "term1" to "term1.example.com" and need = to be
given the FQDN. Please note that the FQDNs is specified in the
sessionprofiles, but x2goclient still tries to resolve the short version of=
the name.

A fix for this is not so trivial, as it seems. The ,,wrong'' hostna= me is produced by x2golistsession on the server that the x2gobroker-agent g= ets executed on.

Obviously, your external clients call the X2Go Session Broker. The session = broker knows a list of possible hosts for sending the select_session query = to. The server that gets asked responds with a hostname from the X2Go sessi= on DB, that is not necessarily what you configured in X2Go Session Broker&#= 39;s x2gobroker-sessionprofiles.conf.

So, what is needed is a backwards mapping between the result that gets retu= rned by x2gobroker-agent (i.e. the returned server name / hostname) back to= the FQDN hostnames configured in X2Go Session Broker. The mapping is not b= ijective here, it is more about guessing and shooting blindfolded.

/me scratches his head on the best approach for this...

Mike




--

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/fr= eebusy/m.gabriel%40das-netzwerkteam.de.xfb

_______________________________________________
X2Go-Dev mailing list
X2Go-Dev@lists.berlios.de<= br> https://lists.berlios.de/mailman/listinfo/x2go-dev



--
Anders Bruun Olsen
I= t-ansvarlig
Det Danske Sprog- og Litteraturselskab
(Society for Danish Language and = Literature)
--047d7b2e4146efd88704ddaf4cfa-- From unknown Fri Mar 29 14:22:25 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#218: X2Go issue (in src:x2gobroker) has been marked as pending for release Reply-To: Mike Gabriel , 218@bugs.x2go.org Resent-From: Mike Gabriel Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Wed, 29 May 2013 22:38:19 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 218 X-X2Go-PR-Package: x2gobroker X-X2Go-PR-Keywords: confirmed Received: via spool by 218-submit@bugs.x2go.org id=B218.13698670112114 (code B ref 218); Wed, 29 May 2013 22:38:19 +0000 Received: (at 218) by bugs.x2go.org; 29 May 2013 22:36:51 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=NO_RELAYS,URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: by ymir (Postfix, from userid 1005) id 204695DB26; Thu, 30 May 2013 00:36:43 +0200 (CEST) From: Mike Gabriel To: 218-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 218@bugs.x2go.org Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit X-Mailer: http://snipr.com/post-receive-tag-pending Message-Id: <20130529223643.204695DB26@ymir> Date: Thu, 30 May 2013 00:36:43 +0200 (CEST) tag #218 pending fixed #218 0.0.2.3 thanks Hello, X2Go issue #218 (src:x2gobroker) reported by you has been fixed in X2Go Git. You can see the changelog below, and you can check the diff of the fix at: http://code.x2go.org/gitweb?p=x2gobroker.git;a=commitdiff;h=b0cefb7 The issue will most likely be fixed in src:x2gobroker (0.0.2.3). light+love X2Go Git Admin (on behalf of the sender of this mail) --- commit b0cefb72b896ea34c724d0a8b79f9f8edadff7b5 Author: Mike Gabriel Date: Thu May 30 00:33:04 2013 +0200 inifile broker: Allow explicit specification combinations of » (
)« in host= session profile field. (Fixes: #218). diff --git a/debian/changelog b/debian/changelog index a6b1619..d9e5f35 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,8 @@ x2gobroker (0.0.2.3-0~x2go1) UNRELEASED; urgency=low - * Continue development... + * New upstream version (0.0.2.3): + - inifile broker: Allow explicit specification combinations of + » (
)« in host= session profile field. (Fixes: #218). -- Mike Gabriel Wed, 22 May 2013 17:42:12 +0200 From unknown Fri Mar 29 14:22:25 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#218: X2Go issue (in src:x2gobroker) has been marked as closed Reply-To: Mike Gabriel , 218@bugs.x2go.org Resent-From: Mike Gabriel Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Fri, 07 Jun 2013 21:32:55 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 218 X-X2Go-PR-Package: x2gobroker X-X2Go-PR-Keywords: confirmed pending Received: via spool by 218-submit@bugs.x2go.org id=B218.137064017910144 (code B ref 218); Fri, 07 Jun 2013 21:32:55 +0000 Received: (at 218) by bugs.x2go.org; 7 Jun 2013 21:22:59 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=NO_RELAYS,URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: by ymir (Postfix, from userid 1005) id 6BBE15DB2C; Fri, 7 Jun 2013 23:22:19 +0200 (CEST) From: Mike Gabriel To: 218-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 218@bugs.x2go.org Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Message-Id: <20130607212219.6BBE15DB2C@ymir> Date: Fri, 7 Jun 2013 23:22:19 +0200 (CEST) close #218 thanks Hello, we are very hopeful that X2Go issue #218 reported by you has been resolved in the new release (0.0.2.3) of the X2Go source project »src:x2gobroker«. You can view the complete changelog entry of src:x2gobroker (0.0.2.3) below, and you can use the following link to view all the code changes between this and the last release of src:x2gobroker. http://code.x2go.org/gitweb?p=x2gobroker.git;a=commitdiff;h=5a969b79741be3d85dc82738361dfda4fc10c75d;hp=6a16a5739fc702c12d3cc8738837a8a29cae8c12 If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:x2gobroker. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:x2gobroker Version: 0.0.2.3 Status: RELEASE Date: Fri, 07 Jun 2013 23:21:29 +0200 Fixes: 152 218 Changes: x2gobroker (0.0.2.3) RELEASED; urgency=low . * New upstream version (0.0.2.3): - inifile broker: Allow explicit specification combinations of » (
)« in host= session profile field. (Fixes: #218). - Add rootless=false to example session profiles for all Desktop sessions in x2gobroker-sessionprofiles.conf. - Handle the rootless property automatically for know-by-name desktop sessions. - Make enable-plain-output, enable-uccs-output functional. - Add agent-quer-mode »NONE«. Disable X2Go Broker Agent calls completely. - Add status={S,R} to session profile list items when returned through X2Go Session Broker. (Fixes: #152). Handle taking over of running sessions and resuming sessions more reliably. Provide mechanism to suspend/terminate sessions through X2Go Server's (>= 4.0.1.0) x2gocleansessions daemon. From unknown Fri Mar 29 14:22:25 2024 MIME-Version: 1.0 X-Mailer: MIME-tools 5.502 (Entity 5.502) X-Loop: owner@bugs.x2go.org From: owner@bugs.x2go.org (X2Go Bug Tracking System) Subject: Bug#218 closed by Mike Gabriel (X2Go issue (in src:x2gobroker) has been marked as closed) Message-ID: References: <20130607212219.6BBE15DB2C@ymir> X-X2go-PR-Keywords: confirmed pending X-X2go-PR-Message: they-closed 218 X-X2go-PR-Package: x2gobroker X-X2go-PR-Source: x2gobroker Date: Fri, 07 Jun 2013 21:32:56 +0000 Content-Type: multipart/mixed; boundary="----------=_1370640776-19907-0" This is a multi-part message in MIME format... ------------=_1370640776-19907-0 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 This is an automatic notification regarding your Bug report which was filed against the x2gobroker package: #218: x2gobroker: Hostname is used instead of FQDN It has been closed by Mike Gabriel . Their explanation is attached below along with your original report. If this explanation is unsatisfactory and you have not received a better one in a separate message then please contact Mike Gabriel by replying to this email. --=20 X2Go Bug Tracking System Contact owner@bugs.x2go.org with problems ------------=_1370640776-19907-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at control) by bugs.x2go.org; 7 Jun 2013 21:22:51 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=NO_RELAYS,URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: by ymir (Postfix, from userid 1005) id 6BBE15DB2C; Fri, 7 Jun 2013 23:22:19 +0200 (CEST) From: Mike Gabriel To: 218-submitter@bugs.x2go.org Cc: control@bugs.x2go.org, 218@bugs.x2go.org Subject: X2Go issue (in src:x2gobroker) has been marked as closed Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit Message-Id: <20130607212219.6BBE15DB2C@ymir> Date: Fri, 7 Jun 2013 23:22:19 +0200 (CEST) close #218 thanks Hello, we are very hopeful that X2Go issue #218 reported by you has been resolved in the new release (0.0.2.3) of the X2Go source project »src:x2gobroker«. You can view the complete changelog entry of src:x2gobroker (0.0.2.3) below, and you can use the following link to view all the code changes between this and the last release of src:x2gobroker. http://code.x2go.org/gitweb?p=x2gobroker.git;a=commitdiff;h=5a969b79741be3d85dc82738361dfda4fc10c75d;hp=6a16a5739fc702c12d3cc8738837a8a29cae8c12 If you feel that the issue has not been resolved satisfyingly, feel free to reopen this bug report or submit a follow-up report with further observations described based on the new released version of src:x2gobroker. Thanks a lot for contributing to X2Go!!! light+love X2Go Git Admin (on behalf of the sender of this mail) --- X2Go Component: src:x2gobroker Version: 0.0.2.3 Status: RELEASE Date: Fri, 07 Jun 2013 23:21:29 +0200 Fixes: 152 218 Changes: x2gobroker (0.0.2.3) RELEASED; urgency=low . * New upstream version (0.0.2.3): - inifile broker: Allow explicit specification combinations of » (
)« in host= session profile field. (Fixes: #218). - Add rootless=false to example session profiles for all Desktop sessions in x2gobroker-sessionprofiles.conf. - Handle the rootless property automatically for know-by-name desktop sessions. - Make enable-plain-output, enable-uccs-output functional. - Add agent-quer-mode »NONE«. Disable X2Go Broker Agent calls completely. - Add status={S,R} to session profile list items when returned through X2Go Session Broker. (Fixes: #152). Handle taking over of running sessions and resuming sessions more reliably. Provide mechanism to suspend/terminate sessions through X2Go Server's (>= 4.0.1.0) x2gocleansessions daemon. ------------=_1370640776-19907-0 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by bugs.x2go.org; 22 May 2013 13:30:31 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=HTML_MESSAGE, RCVD_IN_DNSWL_MED,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from eu1sys200aog103.obsmtp.com (eu1sys200aog103.obsmtp.com [207.126.144.115]) by ymir (Postfix) with SMTP id 161FF5DB13 for ; Wed, 22 May 2013 15:30:31 +0200 (CEST) Received: from mail-ve0-f176.google.com ([209.85.128.176]) (using TLSv1) by eu1sys200aob103.postini.com ([207.126.147.11]) with SMTP ID DSNKUZzIdpzw39e22UYwvOWRNH8waA/PUHFn@postini.com; Wed, 22 May 2013 13:30:31 UTC Received: by mail-ve0-f176.google.com with SMTP id jz10so1408433veb.21 for ; Wed, 22 May 2013 06:30:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dsl.dk; s=google; h=mime-version:date:message-id:subject:from:to:content-type; bh=BR8c2TxFysLFZnzhJ9s8D7HD37TX1AxgMs9tLYRzK/4=; b=N31bsMKI+R32sXS+JzX0Lpp0i4+d6rETrzuFvy5See+bKs+N8UV8SEr5B5eLoRkE8K Ra7Bn1sRVcFeyY6SoGchctkxnBrPVtC4tZjoObDXdlqkClb1zQqCUdv5ToXNiqJYRZr6 4c/6xXH9W6jo+Wq3Ml5gqzj6uCG9h0CC+XX5w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type :x-gm-message-state; bh=BR8c2TxFysLFZnzhJ9s8D7HD37TX1AxgMs9tLYRzK/4=; b=KZS+GaOv+7f0OmMTE/gNYtZkZaw3SbM84nOxeGrv3OKJ93TIBC18jo19SPkADRtgGd ih+br7WHwQSj16tXtUjRJ9FPAAzhTaOz7JY6OOOs9GbmyaPT2P1ifNvBj1Ka9cF2pu9j n+uhaUvRucCsZkV4NG8QeY+SjMBPe7EsBBD5YdASSaE713EgYcB7viJMMljz79wRNBgf C3v7mPSyRCoOBKlGcNmwv/h7gtZShRe/jteAs1JbAqLtScYrXaQKW3yAemUXcAr7KiyE dUTVh6Wemlr5PFbCUpgXVzcY4xfxc83OSOeiG8wtxfyenlbeQPUiaslKTHZDBxAEOnQE NZHg== X-Received: by 10.58.90.66 with SMTP id bu2mr2782198veb.29.1369229430087; Wed, 22 May 2013 06:30:30 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.58.90.66 with SMTP id bu2mr2782192veb.29.1369229429993; Wed, 22 May 2013 06:30:29 -0700 (PDT) Received: by 10.220.198.198 with HTTP; Wed, 22 May 2013 06:30:29 -0700 (PDT) Date: Wed, 22 May 2013 15:30:29 +0200 Message-ID: Subject: x2gobroker: Hostname is used instead of FQDN From: Anders Bruun Olsen To: submit@bugs.x2go.org Content-Type: multipart/alternative; boundary=089e013cc386ca846004dd4e9178 X-Gm-Message-State: ALoCoQly3eJXW0AwfR3/3Ze2g1Wx66OItsw15j31f1rFG2uCkjN3wUNAsNIlEMduE8kQRoCcgH5mNauLFhmvu42pQ517pvqXb6T2nnCBCsyyBXpCBMKFbbDJK1rLpzHjFEexzZYdlpqXWM7uCJk49URr2GzT6+e0kg== --089e013cc386ca846004dd4e9178 Content-Type: text/plain; charset=UTF-8 Package: x2gobroker Version: 0.0.2.2 I am setting up a loadbalanced cluster of x2go servers with a broker in front. There are thinclients on the LAN accessing the broker/cluster and there will be users logging on from outside. Users on the LAN are served term1.example.lan and term2.example.lan, whereas users from outside get term1.example.com and term2.example.com. So far everything has worked fine, but now I have started testing outside access, which does not work. x2gobroker (with autologin) tells x2goclient to access term1 or term2 - it leaves out the rest of the domain name. This works fine on the LAN, because the machines there have example.lan set as their searchdomain, but machines from outside can't resolve "term1" to "term1.example.com" and need to be given the FQDN. Please note that the FQDNs is specified in the sessionprofiles, but x2goclient still tries to resolve the short version of the name. -- Anders Bruun Olsen It-ansvarlig Det Danske Sprog- og Litteraturselskab (Society for Danish Language and Literature) --089e013cc386ca846004dd4e9178 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Package: x2gobroker
Version: 0.0.2.2

I am setting up a loadbalanced cluster of x2go servers with a broke= r in front. There are thinclients on the LAN accessing the broker/cluster a= nd there will be users logging on from outside. Users on the LAN are served= term1.example.lan and term2.example.lan, whereas users from outside get term1.example.com and term2.example.com. So far everything has worked = fine, but now I have started testing outside access, which does not work. x= 2gobroker (with autologin) tells x2goclient to access term1 or term2 - it l= eaves out the rest of the domain name. This works fine on the LAN, because = the machines there have example.lan set as their searchdomain, but machines= from outside can't resolve "term1" to "term1.example.com" and need to be given the F= QDN. Please note that the FQDNs is specified in the sessionprofiles, but x2= goclient still tries to resolve the short version of the name.

--
Anders Bruun Olsen
It-ansvarlig
Det Danske= Sprog- og Litteraturselskab
(Society for Danish Language and Literature= )
--089e013cc386ca846004dd4e9178-- ------------=_1370640776-19907-0--