On Fri, May 17, 2019 at 9:31 PM Ulrich Sibiller <ulrich.sibil...@gmail.com> wrote: > Alternatively we could add a hack: if the proxy hostname has some > special form, e.g. "!hostname", that very check will be skipped. As > proxy and normal hosts are both controlled via the same code in > SshmasterConnection this way the user could configure that for both > connections independently.
I have just implemented that, see attached patch 0001. It makes my setup work. What do you think of this approach? While doing that I also noticed that checkLogin() is missing some cleanup code, see attached patch 0002. Uli
From 673120c953805e93cdf1e0d8b10492d482773493 Mon Sep 17 00:00:00 2001 From: Ulrich Sibiller <uli42@gmx.de> Date: Fri, 17 May 2019 22:28:19 +0200 Subject: [PATCH 1/2] Skip checkLogin() if hostname starts with "!" Some special ssh proxies will not allow arbitrary commands. checkLogin() will break these sessions because it tries to run the echo command on the proxy. By specifying a "!" as the first character of the (proxy) hostname you can instruct x2goclient ot skip the checkLogin() call altogether. Note that this will break proxies that require you to cjhange you password or some other type of interaction. As this is added to SshMasterConnection it is also valid to specify that for the server hostname although this is not very useful. --- src/sshmasterconnection.cpp | 17 +++++++++++++++++ src/sshmasterconnection.h | 1 + 2 files changed, 18 insertions(+) diff --git a/src/sshmasterconnection.cpp b/src/sshmasterconnection.cpp index 6a1bc86..141de4c 100644 --- a/src/sshmasterconnection.cpp +++ b/src/sshmasterconnection.cpp @@ -169,6 +169,16 @@ SshMasterConnection::SshMasterConnection (QObject* parent, QString host, int por << "; useproxy " << useproxy << "; proxyserver " << proxyserver << "; proxyport " << proxyport; this->host=host; + // If the hostname starts with "!" do not perform loginCheck() for this connection + if (this->host.indexOf("!") == 0) + { + this->loginCheck=false; + this->host.remove(0, 1); + } + else + { + this->loginCheck=true; + } this->port=port; this->user=user; this->pass=pass; @@ -670,7 +680,14 @@ void SshMasterConnection::run() x2goDebug<<"User authentication OK."; // checkLogin() is currently specific to libssh. if(kerberos) + { emit connectionOk(host); + } + else if(this->loginCheck == false) + { + x2goDebug<<"Skipping Login Check as requested by configuration"; + emit connectionOk(host); + } else { if(checkLogin()) diff --git a/src/sshmasterconnection.h b/src/sshmasterconnection.h index 69bfa0d..ec66619 100644 --- a/src/sshmasterconnection.h +++ b/src/sshmasterconnection.h @@ -213,6 +213,7 @@ private: SshMasterConnection* sshProxy; bool sshProxyReady; bool breakLoop; + bool loginCheck; bool challengeAuthPasswordAccepted; QString challengeAuthVerificationCode; -- 2.11.0
From 8285af7ea4bb701a9e6720ffa1742df4003b0529 Mon Sep 17 00:00:00 2001 From: Ulrich Sibiller <uli42@gmx.de> Date: Fri, 17 May 2019 22:41:37 +0200 Subject: [PATCH 2/2] checkLogin(): close channel on failure --- src/sshmasterconnection.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/sshmasterconnection.cpp b/src/sshmasterconnection.cpp index 141de4c..cde33ba 100644 --- a/src/sshmasterconnection.cpp +++ b/src/sshmasterconnection.cpp @@ -1654,6 +1654,7 @@ bool SshMasterConnection::checkLogin() QString err=ssh_get_error ( my_ssh_session ); QString errorMsg=tr ( "%1 failed." ).arg ("ssh_channel_open_session"); x2goDebug<<errorMsg.left (errorMsg.size () - 1)<<": "<<err<<endl; + ssh_channel_free(channel); return false; } if (ssh_channel_request_pty(channel)!=SSH_OK) @@ -1661,6 +1662,7 @@ bool SshMasterConnection::checkLogin() QString err=ssh_get_error ( my_ssh_session ); QString errorMsg=tr ( "%1 failed." ).arg ("ssh_channel_request_pty"); x2goDebug<<errorMsg.left (errorMsg.size () - 1)<<": "<<err<<endl; + ssh_channel_free(channel); return false; } if(ssh_channel_change_pty_size(channel, 80, 24)!=SSH_OK) @@ -1668,6 +1670,7 @@ bool SshMasterConnection::checkLogin() QString err=ssh_get_error ( my_ssh_session ); QString errorMsg=tr ( "%1 failed." ).arg ("ssh_channel_change_pty_size"); x2goDebug<<errorMsg.left (errorMsg.size () - 1)<<": "<<err<<endl; + ssh_channel_free(channel); return false; } if ( ssh_channel_request_exec ( channel, "echo \"LOGIN OK\"" ) != SSH_OK ) @@ -1675,6 +1678,7 @@ bool SshMasterConnection::checkLogin() QString err=ssh_get_error ( my_ssh_session ); QString errorMsg=tr ( "%1 failed." ).arg ("ssh_channel_request_exec"); x2goDebug<<errorMsg.left (errorMsg.size () - 1)<<": "<<err<<endl; + ssh_channel_free(channel); } else { @@ -1687,7 +1691,10 @@ bool SshMasterConnection::checkLogin() { int nbytes = ssh_channel_read_nonblocking(channel, buffer, sizeof(buffer), 0); if (nbytes < 0) + { + ssh_channel_free(channel); return false; + } if (nbytes > 0) { QString inf=QByteArray ( buffer,nbytes ); -- 2.11.0
_______________________________________________ x2go-dev mailing list x2go-dev@lists.x2go.org https://lists.x2go.org/listinfo/x2go-dev