X2Go Bug report logs - #1122
x2goclient spurously asks for passphrase on autologin

version graph

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: Arne Wichmann <aw@anhrefn.saar.de>

Date: Thu, 8 Dec 2016 18:05:02 UTC

Severity: normal

Tags: patch, pending

Found in version 4.0.5.2

Fixed in version 4.1.1.1

Done: X2Go Release Manager X2Go Release Manager <git-admin@x2go.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to x2go-dev@lists.x2go.org, X2Go Developers <x2go-dev@lists.x2go.org>:
Bug#1122; Package x2goclient. (Thu, 08 Dec 2016 18:05:02 GMT) (full text, mbox, link).


Acknowledgement sent to Arne Wichmann <aw@anhrefn.saar.de>:
New Bug report received and forwarded. Copy sent to X2Go Developers <x2go-dev@lists.x2go.org>. (Thu, 08 Dec 2016 18:05:02 GMT) (full text, mbox, link).


Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):

From: Arne Wichmann <aw@anhrefn.saar.de>
To: submit@bugs.x2go.org
Subject: x2goclient spurously asks for passphrase on autologin
Date: Thu, 8 Dec 2016 18:59:06 +0100
[Message part 1 (text/plain, inline)]
Package: x2goclient
Version: 4.0.5.2

When using 
  x2goclient --pgp-card
and not using a Smartcard, after typing a password there will be a popup
window asking for a passphrase even though no usable keys are available.

(The problem arose at a Thinclient of a customer who in some cases does not
use their smartcards.)

After some digging into the problem I think that the autologin flag should
be cleared after SshMasterConnection::userAuthAuto has been tried once.
Alternatively SshMasterConnection::userAuthAuto could check if there are
usable keys before asking for a passphrase. Or it could check if a
password has already been given. 

cu

AW
-- 
[...] If you don't want to be restricted, don't agree to it. If you are
coerced, comply as much as you must to protect yourself, just don't support
it. Noone can free you but yourself. (crag, on Debian Planet)
Arne Wichmann (aw@saar.de)
[signature.asc (application/pgp-signature, inline)]

Information forwarded to x2go-dev@lists.x2go.org, X2Go Developers <x2go-dev@lists.x2go.org>:
Bug#1122; Package x2goclient. (Wed, 08 Mar 2017 12:55:02 GMT) (full text, mbox, link).


Acknowledgement sent to Arne Wichmann <aw@anhrefn.saar.de>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.x2go.org>. (Wed, 08 Mar 2017 12:55:02 GMT) (full text, mbox, link).


Message #10 received at 1122@bugs.x2go.org (full text, mbox, reply):

From: Arne Wichmann <aw@anhrefn.saar.de>
To: 1122@bugs.x2go.org
Cc: control@bugs.x2go.org
Subject: Patch
Date: Wed, 8 Mar 2017 13:44:11 +0100
[Message part 1 (text/plain, inline)]
tag #1122 patch
thanks

Hi...

So, I created an experimental patch which makes the problem go away.

cu

AW

----
diff --git a/debian/changelog b/debian/changelog
index dc1fbbf..c57c678 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+x2goclient (4.1.0.1-0x2go1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Do not ask passphrase on autologin
+
+ -- Arne Wichmann <aw@saar.de>  Wed, 08 Mar 2017 13:32:51 +0100
+
 x2goclient (4.1.0.1-0x2go1) UNRELEASED; urgency=medium
 
   [ Mihai Moldovan ]
diff --git a/src/sshmasterconnection.cpp b/src/sshmasterconnection.cpp
index 8e620c2..ab6398e 100644
--- a/src/sshmasterconnection.cpp
+++ b/src/sshmasterconnection.cpp
@@ -1150,6 +1150,8 @@ bool SshMasterConnection::userAuthAuto()
 {
     int rc = ssh_userauth_autopubkey ( my_ssh_session, "" );
     int i=0;
+#define NO_PASSPHRASE_ON_AUTOLOGIN
+#ifndef NO_PASSPHRASE_ON_AUTOLOGIN
     while(rc != SSH_AUTH_SUCCESS)
     {
         keyPhraseReady=false;
@@ -1173,6 +1175,7 @@ bool SshMasterConnection::userAuthAuto()
             break;
         }
     }
+#endif
 
     if ( rc != SSH_AUTH_SUCCESS )
     {
----

-- 
[...] If you don't want to be restricted, don't agree to it. If you are
coerced, comply as much as you must to protect yourself, just don't support
it. Noone can free you but yourself. (crag, on Debian Planet)
Arne Wichmann (aw@saar.de)
[signature.asc (application/pgp-signature, inline)]

Added tag(s) patch. Request was from Arne Wichmann <aw@anhrefn.saar.de> to control@bugs.x2go.org. (Wed, 08 Mar 2017 12:55:02 GMT) (full text, mbox, link).


Information forwarded to x2go-dev@lists.x2go.org, X2Go Developers <x2go-dev@lists.x2go.org>:
Bug#1122; Package x2goclient. (Sun, 10 Dec 2017 05:05:03 GMT) (full text, mbox, link).


Acknowledgement sent to Mihai Moldovan <ionic@ionic.de>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.x2go.org>. (Sun, 10 Dec 2017 05:05:03 GMT) (full text, mbox, link).


Message #17 received at 1122@bugs.x2go.org (full text, mbox, reply):

From: Mihai Moldovan <ionic@ionic.de>
To: 1122-submitter@bugs.x2go.org
Cc: control@bugs.x2go.org, 1122@bugs.x2go.org
Subject: X2Go issue (in src:x2goclient) has been marked as pending for release
Date: Sun, 10 Dec 2017 06:04:03 +0100 (CET)
tag #1122 pending
fixed #1122 4.1.1.1
thanks

Hello,

X2Go issue #1122 (src:x2goclient) reported by you has been
fixed in X2Go Git. You can see the changelog below, and you can
check the diff of the fix at:

    http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=248d227

The issue will most likely be fixed in src:x2goclient (4.1.1.1).

light+love
X2Go Git Admin (on behalf of the sender of this mail)

---
commit 248d22794db8f63d26187fe21045b64e12088427
Author: Mihai Moldovan <ionic@ionic.de>
Date:   Sun Dec 10 06:03:29 2017 +0100

    debian/changelog: add bug closure for #1122.

diff --git a/debian/changelog b/debian/changelog
index 5cdc048..e3a4322 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,7 @@ x2goclient (4.1.1.1-0x2go1) UNRELEASED; urgency=medium
       in MacPorts.
     - src/sshmasterconnection.cpp: don't ask for private key passphrase if
       auto-login merely failed due to the server denying the public key.
+      Fixes: #1122.
     - src/{httpbrokerclient,onmainwindow,sshmasterconnection}.{cpp,h}:
       introduce new passphrase_type enum and replace the old verificationCode
       boolean value with that. Allows using more messages, including a new one
@@ -18,11 +19,12 @@ x2goclient (4.1.1.1-0x2go1) UNRELEASED; urgency=medium
       include onmainwindow.h to avoid a circular dependency, it has to be
       part of SshMasterConnection for now.
     - src/sshmasterconnection.cpp: query for password if it wasn't already
-      provided. This usually happens if auto-login is enabled, which bypasses
-      the password prompt. If auto-login fails, authentication normally
-      continues via challenge auth or plain passwords, but since users had no
-      chance to input a password, such authentication will always fail. Give
-      users a way to enter passwords, in case the auto-login failed.
+      provided. Fixes: #1122. This usually happens if auto-login is enabled,
+      which bypasses the password prompt. If auto-login fails, authentication
+      normally continues via challenge auth or plain passwords, but since
+      users had no chance to input a password, such authentication will always
+      fail. Give users a way to enter passwords, in case the auto-login
+      failed.
     - src/onmainwindow.cpp: finally include version information in debug
       output.
     - res/i18n/x2goclient_*.ts: apply last change to translation files


Added tag(s) pending. Request was from Mihai Moldovan <ionic@ionic.de> to control@bugs.x2go.org. (Sun, 10 Dec 2017 05:05:04 GMT) (full text, mbox, link).


Marked as fixed in versions 4.1.1.1. Request was from Mihai Moldovan <ionic@ionic.de> to control@bugs.x2go.org. (Sun, 10 Dec 2017 05:05:04 GMT) (full text, mbox, link).


Message sent on to Arne Wichmann <aw@anhrefn.saar.de>:
Bug#1122. (Sun, 10 Dec 2017 05:05:04 GMT) (full text, mbox, link).


Information forwarded to x2go-dev@lists.x2go.org, X2Go Developers <x2go-dev@lists.x2go.org>:
Bug#1122; Package x2goclient. (Thu, 15 Feb 2018 20:45:02 GMT) (full text, mbox, link).


Acknowledgement sent to X2Go Release Manager X2Go Release Manager <git-admin@x2go.org>:
Extra info received and forwarded to list. Copy sent to X2Go Developers <x2go-dev@lists.x2go.org>. (Thu, 15 Feb 2018 20:45:02 GMT) (full text, mbox, link).


Message #29 received at 1122@bugs.x2go.org (full text, mbox, reply):

From: X2Go Release Manager X2Go Release Manager <git-admin@x2go.org>
To: 1122-submitter@bugs.x2go.org
Cc: control@bugs.x2go.org, 1122@bugs.x2go.org
Subject: X2Go issue (in src:x2goclient) has been marked as closed
Date: Thu, 15 Feb 2018 21:42:04 +0100 (CET)
close #1122
thanks

Hello,

we are very hopeful that X2Go issue #1122 reported by you
has been resolved in the new release (4.1.1.1) of the
X2Go source project »src:x2goclient«.

You can view the complete changelog entry of src:x2goclient (4.1.1.1)
below, and you can use the following link to view all the code changes
between this and the last release of src:x2goclient.

    http://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=eef4bf3e0e618b15cbf6649e9dbb07d99e57ad00;hp=f0fb9c49b1c30fd025c2c7c9094fa662b8b09b4d

If you feel that the issue has not been resolved satisfyingly, feel
free to reopen this bug report or submit a follow-up report with
further observations described based on the new released version
of src:x2goclient.

Thanks a lot for contributing to X2Go!!!

light+love
X2Go Git Admin (on behalf of the sender of this mail)

---
X2Go Component: src:x2goclient
Version: 4.1.1.1-0x2go1
Status: RELEASE
Date: Thu, 15 Feb 2018 21:38:31 +0100
Fixes: 408 559 1122 1209 1214 1227
Changes:
 x2goclient (4.1.1.1-0x2go1) RELEASED; urgency=medium
 .
   [ Mihai Moldovan ]
   * New upstream version (4.1.1.1):
     - src/pulsemanager.cpp: print out PA --version output as a debug message.
     - macbuild.sh: also bundle xauth binary as nxauth binary.
     - macbuild.sh: switch to bundling PulseAudio 11.1 since it's now available
       in MacPorts.
     - src/sshmasterconnection.cpp: don't ask for private key passphrase if
       auto-login merely failed due to the server denying the public key.
       Fixes: #1122.
     - src/{httpbrokerclient,onmainwindow,sshmasterconnection}.{cpp,h}:
       introduce new passphrase_type enum and replace the old verificationCode
       boolean value with that. Allows using more messages, including a new one
       for plain password prompts. Adapt usage accordingly. The implementation
       is ugly, but there's no good way around that (short of using C++11
       features). The enum would really logically belong to ONMainWindow, but
       since we also have to use it in SshMasterConnection, that may not
       include onmainwindow.h to avoid a circular dependency, it has to be
       part of SshMasterConnection for now.
     - src/sshmasterconnection.cpp: query for password if it wasn't already
       provided. Fixes: #1122. This usually happens if auto-login is enabled,
       which bypasses the password prompt. If auto-login fails, authentication
       normally continues via challenge auth or plain passwords, but since
       users had no chance to input a password, such authentication will always
       fail. Give users a way to enter passwords, in case the auto-login
       failed.
     - src/onmainwindow.cpp: finally include version information in debug
       output.
     - res/i18n/x2goclient_*.ts: apply last change to translation files
       directly.
     - src/sshmasterconnection.cpp: error out with a useful error message in
       case no password has been provided when doing password authentication.
     - src/sshmasterconnection.cpp: don't output an empty error message if
       password authencation has been requested but the server does not support
       this mechanism. Fixes: #408.
     - src/onmainwindow.cpp: wrap user name for client-side mounts in quotes.
       Fixes: #559. Will fail with user names that contain quotes, but oh
       well...
     - {example/x2goclient-cli,src/onmainwindow.cpp}: remove hopefully obsolete
       HOSTNAME exporting into environment.
     - src/onmainwindow.cpp: remove client-side LD_LIBRARY_PATH meddling.
       Nothing of value is in that directory and nxproxy hasn't needed that for
       years.
     - src/settingswidgets.cpp: don't incorrectly enable whole display settings
       in single display setups. Let debugging mode override this behavior,
       though.
     - src/onmainwindow.cpp: pass X2GO_RANDR_XINERAMA=[yes,no] to
       x2gostartagent as an environment variable based upon the xinerama
       session setting. Has no effect when connecting to older X2Go Server
       versions and handles startup correctly with X2Go Server 4.1.0.0.
     - src/onmainwindow.cpp: fix another leaked X2goSettings object.
     - src/onmainwindow.cpp: rename xinerama env variable on session startup to
       X2GO_XINERAMA in accordance with server changes.
     - src/onmainwindow.cpp: supply xinerama option as another parameter to
       x2goresume-session on session resume.
     - src/sessionbutton.cpp: make button non-sensitive in bottom right part if
       it's editable. Fixes: #1214.
     - {src/{help.cpp,onmainwindow.{cpp,h}},man/man1/x2goclient.1}: reformat,
       whitespace fixes, split out close button slot in a separate function.
     - src/onmainwindow.{cpp,h}: let close button be a member variable.
     - src/onmainwindow.cpp: disable and enable close button during and after
       connection startup.
     - src/onmainwindow.cpp: initialize directRDP to false to be able to call
       slotSuspendSessFromSt () even if no session has previously been started.
     - src/onmainwindow.cpp: only initialize directRDP variable if platform is
       Linux. Fixes compile failures on Windows and OS X.
     - src/onmainwindow.cpp: always create close button, but either hide or
       show it based upon whether --closebt was provided or not.
     - src/onmainwindow.cpp: revert 3060183a78d8b6bd81bec9968c985c38bfd1e5c2.
       Being able to suspend sessions via the close button is complex and
       unnecessary, since in thinclient mode, for which this feature is
       useful, users will not be able to see the client window while a session
       is executing, due to it running in full screen mode.
     - src/onmainwindow.cpp: always enable close button, let it log out from a
       broker if already authenticated or close the client on click. Fixes:
       #1209.
     - man/man1/x2goclient.1: clarify what the close button now does. It either
       lets the user re-login to the broker or closes the client.
     - src/onmainwindow.cpp: correctly initialize brokerAuthentication member
       of ConfigFile struct.
     - {res/{img/png/close-button.png,resources.qrc},
        src/{{onmainwindow,httpbrokerclient}.{cpp,h},help.cpp},
        man/man1/x2goclient.1}: rename close button to broker logout button.
       Reimplement the way it is shown - disable it upon startup and only
       enable it after successful broker authentication.
     - man/man1/x2goclient.1: add missing escape signs before dash/minus
       characters.
 .
   [ Oleksandr Shneyder ]
   * New upstream version (4.1.1.1):
     - Change echo mode for user input in InteractionDialog.
 .
   [ Walid Moghrabi ]
   * New upstream version (4.1.1.1):
     - {res/img/png/,res/resources.qrc}: add close-button.png file.
     - {src/{help.cpp,onmainwindow.{cpp,h}},man/man1/x2goclient.1}: add new
       option --closebt. Fixes: #1227. Adds a close button in the top-left
       client corner (maybe next to the halt button) that currently just
       terminates the client.


Marked Bug as done Request was from X2Go Release Manager X2Go Release Manager <git-admin@x2go.org> to control@bugs.x2go.org. (Thu, 15 Feb 2018 20:45:06 GMT) (full text, mbox, link).


Notification sent to Arne Wichmann <aw@anhrefn.saar.de>:
Bug acknowledged by developer. (Thu, 15 Feb 2018 20:45:06 GMT) (full text, mbox, link).


Message sent on to Arne Wichmann <aw@anhrefn.saar.de>:
Bug#1122. (Thu, 15 Feb 2018 20:45:08 GMT) (full text, mbox, link).


Bug archived. Request was from Debbugs Internal Request <owner@bugs.x2go.org> to internal_control@bugs.x2go.org. (Fri, 16 Mar 2018 06:24:02 GMT) (full text, mbox, link).


Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Thu Mar 28 12:19:45 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.