first injection test seems to work

server/src/uds/core/managers/UserServiceManager.py

@@ -51,7 +51,7 @@ import requests
 import json
 import logging
 
-__updated__ = '2016-10-14'
+__updated__ = '2016-10-23'
 
 logger = logging.getLogger(__name__)
 
@@ -410,6 +410,7 @@ class UserServiceManager(object):
         '''
         If allowed, send script to user service
         '''
+        # logger.debug('Senging script: {}'.format(script))
         url = uService.getCommsUrl()
         if url is None:
             logger.error('Can\'t connect with actor (no actor or legacy actor)')

server/src/uds/transports/X2GO/BaseX2GOTransport.py

@@ -33,6 +33,7 @@
 
 from django.utils.translation import ugettext_noop as _
 from uds.core.managers.UserPrefsManager import CommonPrefs
+from uds.core.managers import userServiceManager
 from uds.core.ui.UserInterface import gui
 from uds.core.transports.BaseTransport import Transport
 from uds.core.transports import protocols
@@ -60,26 +61,14 @@ class BaseX2GOTransport(Transport):
     '''
     iconFile = 'x2go.png'
     protocol = protocols.X2GO
-    supportedOss = OsDetector.Linux
+    supportedOss = (OsDetector.Linux, OsDetector.Windows)
 
-    useEmptyCreds = gui.CheckBoxField(
-        order=1,
-        label=_('Empty credentials'),
-        tooltip=_('If checked, the credentials used to connect will be emtpy'),
-        tab=gui.CREDENTIALS_TAB
-    )
     fixedName = gui.TextField(
         order=2,
         label=_('Username'),
         tooltip=_('If not empty, this username will be always used as credential'),
         tab=gui.CREDENTIALS_TAB
     )
-    fixedPassword = gui.PasswordField(
-        order=3,
-        label=_('Password'),
-        tooltip=_('If not empty, this password will be always used as credential'),
-        tab=gui.CREDENTIALS_TAB
-    )
 
     fullScreen = gui.CheckBoxField(
         order=10,
@@ -105,8 +94,6 @@ class BaseX2GOTransport(Transport):
         tab=gui.ADVANCED_TAB
     )
 
-
-
     def isAvailableFor(self, userService, ip):
         '''
         Checks if the transport is available for the requested destination ip
@@ -125,15 +112,10 @@ class BaseX2GOTransport(Transport):
         if self.fixedName.value != '':
             username = self.fixedName.value
 
-        if self.fixedPassword.value != '':
-            password = self.fixedPassword.value
-        if self.useEmptyCreds.isTrue():
-            username, password = '', '', ''
-
         # Fix username/password acording to os manager
         username, password = service.processUserPassword(username, password)
 
-        return {'protocol': self.protocol, 'username': username, 'password': password}
+        return {'protocol': self.protocol, 'username': username, 'password': ''}
 
     def getConnectionInfo(self, service, user, password):
         return self.processUserPassword(service, user, password)
@@ -161,7 +143,13 @@ class BaseX2GOTransport(Transport):
         return (priv, pub)
 
     def getAuthorizeScript(self, user, pubKey):
-        return self.getScript('scripts/authorize.py'.format(user=user, key=pubKey))
+        return self.getScript('scripts/authorize.py').replace('__USER__', user).replace('__KEY__', pubKey)
+
+    def getAndPushKey(self, user, userService):
+        priv, pub = self.genKeyPairForSsh()
+        authScript = self.getAuthorizeScript(user, pub)
+        userServiceManager().sendScript(userService, authScript)
+        return priv, pub
 
     def getScript(self, script):
         with open(os.path.join(os.path.dirname(__file__), script)) as f:

server/src/uds/transports/X2GO/TX2GOTransport.py

@@ -46,7 +46,7 @@ import logging
 import random
 import string
 
-__updated__ = '2016-10-19'
+__updated__ = '2016-10-23'
 
 logger = logging.getLogger(__name__)
 
@@ -64,9 +64,7 @@ class TX2GOTransport(BaseX2GOTransport):
 
     tunnelServer = gui.TextField(label=_('Tunnel server'), order=1, tooltip=_('IP or Hostname of tunnel server sent to client device ("public" ip) and port. (use HOST:PORT format)'), tab=gui.TUNNEL_TAB)
 
-    useEmptyCreds = BaseX2GOTransport.useEmptyCreds
     fixedName = BaseX2GOTransport.fixedName
-    fixedPassword = BaseX2GOTransport.fixedPassword
     fullScreen = BaseX2GOTransport.fullScreen
     desktopType = BaseX2GOTransport.desktopType
 
@@ -77,4 +75,5 @@ class TX2GOTransport(BaseX2GOTransport):
                 raise Transport.ValidationException(_('Must use HOST:PORT in Tunnel Server Field'))
 
     def getUDSTransportScript(self, userService, transport, ip, os, user, password, request):
-        pass
+        self.getAndPushKey('user', userService)
+        return ''

server/src/uds/transports/X2GO/X2GOTransport.py

@@ -52,11 +52,10 @@ class X2GOTransport(BaseX2GOTransport):
     typeType = 'X2GOTransport'
     typeDescription = _('X2Go Transport for direct connection (EXPERIMENTAL)')
 
-    useEmptyCreds = BaseX2GOTransport.useEmptyCreds
     fixedName = BaseX2GOTransport.fixedName
-    fixedPassword = BaseX2GOTransport.fixedPassword
     fullScreen = BaseX2GOTransport.fullScreen
     desktopType = BaseX2GOTransport.desktopType
 
     def getUDSTransportScript(self, userService, transport, ip, os, user, password, request):
-        pass
+        self.getAndPushKey('user', userService)
+        return ''

server/src/uds/transports/X2GO/scripts/authorize.py

@@ -1,17 +1,12 @@
-#!/usr/bin/env python
-# -*- coding: utf-8 -*-
-#
-'''
-@author: Adolfo Gómez, dkmaster at dkmon dot com
-'''
 from __future__ import unicode_literals
 
 import sys
 import os
 import errno
+import pwd
 
-USER = '{user}'
-KEY = '{key}'
+USER = '__USER__'
+KEY = '__KEY__'
 
 def logError(err):
     print(err)
@@ -24,14 +19,18 @@ def updateAuthorizedKeys(user, pubKey):
 
     # Create .ssh on user home
     home = os.path.expanduser('~{}'.format(user))
+    uid = pwd.getpwnam(user)
     if not os.path.exists(home):  # User not found, nothing done
         logError('Home folder for user {} not found'.format(user))
         return
 
+    uid = pwd.getpwnam(user).pw_uid
+
     sshFolder = '{}/.ssh'.format(home)
     if not os.path.exists(sshFolder):
         try:
             os.makedirs(sshFolder, 0700)
+            os.chown(sshFolder, uid, -1)
         except OSError as e:
             if e.errno != errno.EEXIST:
                 logError('Error creating .ssh folder for user {}: {}'.format(user, e))
@@ -53,6 +52,7 @@ def updateAuthorizedKeys(user, pubKey):
         f.write('ssh-rsa {} UDS@X2GOCLIENT\n'.format(pubKey))
 
     # Ensure access is correct
+    os.chown(authorizedKeys, uid, -1)
     os.chmod(authorizedKeys, 0600)
 
     # Done