On Fri, May 17, 2019 at 9:31 PM Ulrich Sibiller
<ulrich.sibil...@gmail.com> wrote:
> Alternatively we could add a hack: if the proxy hostname has some
> special form, e.g. "!hostname", that very check will be skipped. As
> proxy and normal hosts are both controlled via the same code in
> SshmasterConnection this way the user could configure that for both
> connections independently.
I have just implemented that, see attached patch 0001. It makes my
setup work. What do you think of this approach?
While doing that I also noticed that checkLogin() is missing some
cleanup code, see attached patch 0002.
Uli
From 673120c953805e93cdf1e0d8b10492d482773493 Mon Sep 17 00:00:00 2001
From: Ulrich Sibiller <uli42@gmx.de>
Date: Fri, 17 May 2019 22:28:19 +0200
Subject: [PATCH 1/2] Skip checkLogin() if hostname starts with "!"
Some special ssh proxies will not allow arbitrary
commands. checkLogin() will break these sessions because it tries to
run the echo command on the proxy.
By specifying a "!" as the first character of the (proxy) hostname you
can instruct x2goclient ot skip the checkLogin() call altogether. Note
that this will break proxies that require you to cjhange you password
or some other type of interaction.
As this is added to SshMasterConnection it is also valid to specify
that for the server hostname although this is not very useful.
---
src/sshmasterconnection.cpp | 17 +++++++++++++++++
src/sshmasterconnection.h | 1 +
2 files changed, 18 insertions(+)
diff --git a/src/sshmasterconnection.cpp b/src/sshmasterconnection.cpp
index 6a1bc86..141de4c 100644
--- a/src/sshmasterconnection.cpp
+++ b/src/sshmasterconnection.cpp
@@ -169,6 +169,16 @@ SshMasterConnection::SshMasterConnection (QObject* parent, QString host, int por
<< "; useproxy " << useproxy << "; proxyserver " << proxyserver
<< "; proxyport " << proxyport;
this->host=host;
+ // If the hostname starts with "!" do not perform loginCheck() for this connection
+ if (this->host.indexOf("!") == 0)
+ {
+ this->loginCheck=false;
+ this->host.remove(0, 1);
+ }
+ else
+ {
+ this->loginCheck=true;
+ }
this->port=port;
this->user=user;
this->pass=pass;
@@ -670,7 +680,14 @@ void SshMasterConnection::run()
x2goDebug<<"User authentication OK.";
// checkLogin() is currently specific to libssh.
if(kerberos)
+ {
emit connectionOk(host);
+ }
+ else if(this->loginCheck == false)
+ {
+ x2goDebug<<"Skipping Login Check as requested by configuration";
+ emit connectionOk(host);
+ }
else
{
if(checkLogin())
diff --git a/src/sshmasterconnection.h b/src/sshmasterconnection.h
index 69bfa0d..ec66619 100644
--- a/src/sshmasterconnection.h
+++ b/src/sshmasterconnection.h
@@ -213,6 +213,7 @@ private:
SshMasterConnection* sshProxy;
bool sshProxyReady;
bool breakLoop;
+ bool loginCheck;
bool challengeAuthPasswordAccepted;
QString challengeAuthVerificationCode;
--
2.11.0
From 8285af7ea4bb701a9e6720ffa1742df4003b0529 Mon Sep 17 00:00:00 2001
From: Ulrich Sibiller <uli42@gmx.de>
Date: Fri, 17 May 2019 22:41:37 +0200
Subject: [PATCH 2/2] checkLogin(): close channel on failure
---
src/sshmasterconnection.cpp | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/sshmasterconnection.cpp b/src/sshmasterconnection.cpp
index 141de4c..cde33ba 100644
--- a/src/sshmasterconnection.cpp
+++ b/src/sshmasterconnection.cpp
@@ -1654,6 +1654,7 @@ bool SshMasterConnection::checkLogin()
QString err=ssh_get_error ( my_ssh_session );
QString errorMsg=tr ( "%1 failed." ).arg ("ssh_channel_open_session");
x2goDebug<<errorMsg.left (errorMsg.size () - 1)<<": "<<err<<endl;
+ ssh_channel_free(channel);
return false;
}
if (ssh_channel_request_pty(channel)!=SSH_OK)
@@ -1661,6 +1662,7 @@ bool SshMasterConnection::checkLogin()
QString err=ssh_get_error ( my_ssh_session );
QString errorMsg=tr ( "%1 failed." ).arg ("ssh_channel_request_pty");
x2goDebug<<errorMsg.left (errorMsg.size () - 1)<<": "<<err<<endl;
+ ssh_channel_free(channel);
return false;
}
if(ssh_channel_change_pty_size(channel, 80, 24)!=SSH_OK)
@@ -1668,6 +1670,7 @@ bool SshMasterConnection::checkLogin()
QString err=ssh_get_error ( my_ssh_session );
QString errorMsg=tr ( "%1 failed." ).arg ("ssh_channel_change_pty_size");
x2goDebug<<errorMsg.left (errorMsg.size () - 1)<<": "<<err<<endl;
+ ssh_channel_free(channel);
return false;
}
if ( ssh_channel_request_exec ( channel, "echo \"LOGIN OK\"" ) != SSH_OK )
@@ -1675,6 +1678,7 @@ bool SshMasterConnection::checkLogin()
QString err=ssh_get_error ( my_ssh_session );
QString errorMsg=tr ( "%1 failed." ).arg ("ssh_channel_request_exec");
x2goDebug<<errorMsg.left (errorMsg.size () - 1)<<": "<<err<<endl;
+ ssh_channel_free(channel);
}
else
{
@@ -1687,7 +1691,10 @@ bool SshMasterConnection::checkLogin()
{
int nbytes = ssh_channel_read_nonblocking(channel, buffer, sizeof(buffer), 0);
if (nbytes < 0)
+ {
+ ssh_channel_free(channel);
return false;
+ }
if (nbytes > 0)
{
QString inf=QByteArray ( buffer,nbytes );
--
2.11.0
_______________________________________________
x2go-dev mailing list
x2go-dev@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-dev
