The sesman tools have some private functions to make syncronous calls
to sesman over SCP. This commit moves these calls to a new module
scp_sync in libipm so that they can be utilised by other parts of
xrdp (i.e. chansrv)
Now we've made the XRDP_SOCKET_PATH only writeable by root, it's
safe to move the sesman socket back into this directory. We no longer
need a separate sesmanruntimedir
The top level socket directory is now called XRDP_SOCKET_ROOT_PATH.
Below that are user-specific directories referred to with the
XRDP_SOCKET_PATH macro - this name is hard-coded into xorgxrdp and
the audio modules as an environment variable.
XRDP_SOCKET_PATH now looks like $XRDP_SOCKET_ROOT_PATH/<uid>
XRDP_SOCKET_PATH is only writeable by the user, and readable by the user
and the xrdp process.
Messaging changes:-
- Implement sys_login request message with username, password and
IP address
- Implement UDS login message for current user connected to sesman
- Implement common login response message for login requests
- Implement logout message so gateway authentications can be handled
- with login/logout messages
- Remove login info from the create session request
- Existing gateway request/response messages removed
- Add close connection message so that sesman can close terminated
connections without displaying ERROR messages in the log.
- Add a set_peername message so clients can send a name to sesman
for improved logging.
Other changes:-
- Add status types for logging in and session creation, so that the
front-end can supply the user with more informative errors in the
event of an error occurring.
- Users identities are now carried by UID rather than username, as
xrdp and sesman are guaranteed to be on the same machine.
The TCP socket implementation of sesman has a number of limitations,
namely that it is affected by firewalls, and also that determining the
user on the other end requires a full authentication process.
The advantage of the TCP socket is that sesman and xrdp can be run on
separate machines. This is however not supported by the xorgxrdp
backend (shared memory), and is insecure, in that passwords are sent
in-the-clear, and the connection is susceptible to MitM attacks. This
architecture has been deprecated in release notes since xrdp v0.9.17,
and although it will continue to be supported in any further releases
in the x0.9.x series, it will not be supported in the next major
version.
matt335672