From c51ec2e8e9691653ec17b20deeff3bce98008068 Mon Sep 17 00:00:00 2001
From: matt335672 <30179339+matt335672@users.noreply.github.com>
Date: Wed, 14 Jun 2023 14:23:07 +0100
Subject: [PATCH] Remove sesmanruntimedir

Now we've made the XRDP_SOCKET_PATH only writeable by root, it's
safe to move the sesman socket back into this directory. We no longer
need a separate sesmanruntimedir
---
 configure.ac                |  7 -----
 docs/man/Makefile.am        |  1 -
 docs/man/sesman.ini.5.in    |  2 +-
 docs/man/xrdp-sesadmin.8.in |  2 +-
 docs/man/xrdp-sesman.8.in   |  2 +-
 libipm/Makefile.am          |  1 -
 libipm/scp.c                | 23 +++++++++++++--
 sesman/Makefile.am          |  1 -
 sesman/sesman.c             | 56 +++++--------------------------------
 9 files changed, 31 insertions(+), 64 deletions(-)

diff --git a/configure.ac b/configure.ac
index 2f3d6938..adabcc6b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -62,12 +62,6 @@ AC_ARG_WITH([socketdir],
                   [], [with_socketdir="$runstatedir/xrdp"])
 AC_SUBST([socketdir], [$with_socketdir])
 
-AC_ARG_WITH([sesmanruntimedir],
-  [AS_HELP_STRING([--with-sesmanruntimedir=DIR],
-                  [Use directory for sesman runtime data (default: RUNSTATEDIR/xrdp-sesman)])],
-                  [], [with_sesmanruntimedir="$runstatedir/xrdp-sesman"])
-AC_SUBST([sesmanruntimedir], [$with_sesmanruntimedir])
-
 AC_ARG_WITH([systemdsystemunitdir],
         AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files, no to disable]),
         [], [
@@ -655,7 +649,6 @@ echo "  pamconfdir              $pamconfdir"
 echo "  localstatedir           $localstatedir"
 echo "  runstatedir             $runstatedir"
 echo "  socketdir               $socketdir"
-echo "  sesmanruntimedir        $sesmanruntimedir"
 echo ""
 echo "  unit tests performable  $perform_unit_tests"
 echo ""
diff --git a/docs/man/Makefile.am b/docs/man/Makefile.am
index 8da6cd96..8dbd7142 100644
--- a/docs/man/Makefile.am
+++ b/docs/man/Makefile.am
@@ -27,7 +27,6 @@ SUBST_VARS = sed \
    -e 's|@localstatedir[@]|$(localstatedir)|g' \
    -e 's|@sysconfdir[@]|$(sysconfdir)|g' \
    -e 's|@socketdir[@]|$(socketdir)|g' \
-   -e 's|@sesmanruntimedir[@]|$(sesmanruntimedir)|g' \
    -e 's|@xrdpconfdir[@]|$(sysconfdir)/xrdp|g' \
    -e 's|@xrdpdatadir[@]|$(datadir)/xrdp|g' \
    -e 's|@xrdphomeurl[@]|http://www.xrdp.org/|g'
diff --git a/docs/man/sesman.ini.5.in b/docs/man/sesman.ini.5.in
index 0d4f5c90..d2ca9832 100644
--- a/docs/man/sesman.ini.5.in
+++ b/docs/man/sesman.ini.5.in
@@ -57,7 +57,7 @@ In this instance, the system administrator is responsible for ensuring
 the socket can only be created by a suitably privileged process.
 .PP
 If the parameter does not start with a '/', a name within
-@sesmanruntimedir@ is used.
+@socketdir@ is used.
 .RE
 
 .TP
diff --git a/docs/man/xrdp-sesadmin.8.in b/docs/man/xrdp-sesadmin.8.in
index 953f3f67..cba29a37 100644
--- a/docs/man/xrdp-sesadmin.8.in
+++ b/docs/man/xrdp-sesadmin.8.in
@@ -28,7 +28,7 @@ Retained for compatibility, but ignored.
 .BI \-i= port
 The sesman \fIUNIX domain socket\fP to connect to.
 Defaults to \fBsesman.socket\fP.
-If no path is specified for the socket, a default of @sesmanruntimedir@ is used.
+If no path is specified for the socket, a default of @socketdir@ is used.
 
 .TP
 .BI \-c= command
diff --git a/docs/man/xrdp-sesman.8.in b/docs/man/xrdp-sesman.8.in
index e676548e..379b92b5 100644
--- a/docs/man/xrdp-sesman.8.in
+++ b/docs/man/xrdp-sesman.8.in
@@ -70,7 +70,7 @@ not running \fBxrdp\-sesman\fR as a daemon.
 .br
 @localstatedir@/run/xrdp\-sesman.pid
 .br
-@sesmanruntimedir@/sesman.socket
+@socketdir@/sesman.socket
 
 .SH "AUTHORS"
 Jay Sorg <jsorg71@users.sourceforge.net>
diff --git a/libipm/Makefile.am b/libipm/Makefile.am
index 4770f4dd..a1a6edcd 100644
--- a/libipm/Makefile.am
+++ b/libipm/Makefile.am
@@ -1,6 +1,5 @@
 
 AM_CPPFLAGS = \
-  -DSESMAN_RUNTIME_PATH=\"${sesmanruntimedir}\" \
   -DXRDP_SOCKET_ROOT_PATH=\"${socketdir}\" \
   -I$(top_srcdir)/common
 
diff --git a/libipm/scp.c b/libipm/scp.c
index eaeac344..c090bc50 100644
--- a/libipm/scp.c
+++ b/libipm/scp.c
@@ -27,6 +27,8 @@
 #include <config_ac.h>
 #endif
 
+#include <ctype.h>
+
 #include "scp.h"
 #include "libipm.h"
 #include "guid.h"
@@ -76,6 +78,23 @@ scp_msgno_to_str(enum scp_msg_code n, char *buff, unsigned int buff_size)
     return buff;
 }
 
+/*****************************************************************************/
+/**
+ * Helper function returning 1 if the passed-in string is an integer >= 0
+ */
+static int is_positive_int(const char *s)
+{
+    for ( ; *s != '\0' ; ++s)
+    {
+        if (!isdigit(*s))
+        {
+            return 0;
+        }
+    }
+
+    return 1;
+}
+
 /*****************************************************************************/
 int
 scp_port_to_unix_domain_path(const char *port, char *buff,
@@ -111,7 +130,7 @@ scp_port_to_unix_domain_path(const char *port, char *buff,
         {
             port = SCP_LISTEN_PORT_BASE_STR;
         }
-        else if (g_strcmp(port, "3350") == 0)
+        else if (is_positive_int(port))
         {
             /* Version v0.9.x and earlier of xrdp used a TCP port
              * number. If we come across this, we'll ignore it for
@@ -121,7 +140,7 @@ scp_port_to_unix_domain_path(const char *port, char *buff,
             port = SCP_LISTEN_PORT_BASE_STR;
         }
 
-        result = g_snprintf(buff, bufflen, SESMAN_RUNTIME_PATH "/%s", port);
+        result = g_snprintf(buff, bufflen, XRDP_SOCKET_ROOT_PATH "/%s", port);
     }
 
     return result;
diff --git a/sesman/Makefile.am b/sesman/Makefile.am
index 638ca94e..7b34470c 100644
--- a/sesman/Makefile.am
+++ b/sesman/Makefile.am
@@ -7,7 +7,6 @@ AM_CPPFLAGS = \
   -DXRDP_LIBEXEC_PATH=\"${libexecdir}/xrdp\" \
   -DXRDP_PID_PATH=\"${localstatedir}/run\" \
   -DXRDP_SOCKET_ROOT_PATH=\"${socketdir}\" \
-  -DSESMAN_RUNTIME_PATH=\"${sesmanruntimedir}\" \
   -I$(top_srcdir)/sesman/libsesman \
   -I$(top_srcdir)/common \
   -I$(top_srcdir)/libipm
diff --git a/sesman/sesman.c b/sesman/sesman.c
index 1c1cb619..21409c19 100644
--- a/sesman/sesman.c
+++ b/sesman/sesman.c
@@ -193,45 +193,6 @@ sesman_process_params(int argc, char **argv,
     return 0;
 }
 
-/******************************************************************************/
-static int
-create_sesman_runtime_dir(void)
-{
-    int rv = -1;
-    /* Make sure if we create the directory, there's no gap where it
-    * may have the wrong permissions */
-    int entry_umask = g_umask_hex(0x755);
-
-    if (!g_directory_exist(SESMAN_RUNTIME_PATH) &&
-            !g_create_dir(SESMAN_RUNTIME_PATH))
-    {
-        LOG(LOG_LEVEL_ERROR,
-            "Can't create runtime directory '"
-            SESMAN_RUNTIME_PATH "' [%s]", g_get_strerror());
-    }
-    else if (g_chown(SESMAN_RUNTIME_PATH, g_getuid(), g_getuid()) != 0)
-    {
-        LOG(LOG_LEVEL_ERROR,
-            "Can't set ownership of sesman runtime directory [%s]",
-            g_get_strerror());
-    }
-    else if (g_chmod_hex(SESMAN_RUNTIME_PATH, 0x755) != 0)
-    {
-        /* This might seem redundant, but there's a chance the
-         * directory already exists */
-        LOG(LOG_LEVEL_ERROR,
-            "Can't set permissions of sesman runtime directory [%s]",
-            g_get_strerror());
-    }
-    else
-    {
-        rv = 0;
-    }
-    g_umask_hex(entry_umask);
-
-    return rv;
-}
-
 /******************************************************************************/
 static int sesman_listen_test(struct config_sesman *cfg)
 {
@@ -694,24 +655,24 @@ create_xrdp_socket_root_path(void)
 
     /* Create the path using 0755 permissions */
     int old_umask = g_umask_hex(0x22);
-    (void)g_create_path(XRDP_SOCKET_PATH"/");
+    (void)g_create_path(XRDP_SOCKET_ROOT_PATH"/");
     (void)g_umask_hex(old_umask);
 
     /* Check the ownership and permissions on the last path element
      * are as expected */
-    if (g_chown(XRDP_SOCKET_PATH, uid, gid) != 0)
+    if (g_chown(XRDP_SOCKET_ROOT_PATH, uid, gid) != 0)
     {
         LOG(LOG_LEVEL_ERROR,
             "create_xrdp_socket_root_path: Can't set owner of %s to %d:%d",
-            XRDP_SOCKET_PATH, uid, gid);
+            XRDP_SOCKET_ROOT_PATH, uid, gid);
         return 1;
     }
 
-    if (g_chmod_hex(XRDP_SOCKET_PATH, 0x755) != 0)
+    if (g_chmod_hex(XRDP_SOCKET_ROOT_PATH, 0x755) != 0)
     {
         LOG(LOG_LEVEL_ERROR,
             "create_xrdp_socket_root_path: Can't set perms of %s to 0x755",
-            XRDP_SOCKET_PATH);
+            XRDP_SOCKET_ROOT_PATH);
         return 1;
     }
 
@@ -887,9 +848,9 @@ main(int argc, char **argv)
         }
     }
 
-    /* Create the runtime directory before we try to listen (or
+    /* Create the socket directory before we try to listen (or
      * test-listen), so there's somewhere for the default socket to live */
-    if (create_sesman_runtime_dir() != 0)
+    if (create_xrdp_socket_root_path() != 0)
     {
         config_free(g_cfg);
         log_end();
@@ -963,9 +924,6 @@ main(int argc, char **argv)
     LOG(LOG_LEVEL_INFO,
         "starting xrdp-sesman with pid %d", g_pid);
 
-    /* make sure the socket directory exists */
-    create_xrdp_socket_root_path();
-
     /* make sure the /tmp/.X11-unix directory exists */
     if (!g_directory_exist("/tmp/.X11-unix"))
     {