The get_sorted_session_displays() is broken in that it
doesn't produce a sorted list of displays.
The problem is the qsort comparison function which has 2 errors in 4 lines:-
1) The test is the wrong way round (i.e. arg1 < arg2 produces a +ve
result instead of -ve)
2) Subtracting two unsigned ints in C will never return < 0
The broken function has been masked by other display checks which mean
that it is only visible in a few situations:-
1) Starting two sessions very closely to each other may allocate the
same display to both sessions.
2) If /tmp is namespaced, the other display checks do not work, and
more than two sessions cannot be started.
(cherry picked from commit 70f1b685ba)
- Fix a problem that the xrdp.service fail to auto-start when instructed to listen on a specific interface
- By changing the "network.target" systemd dependency to "network-online.target"
- The "network-online.target", in short, means at least one network interface has finished IP level setup.
- The previously used "network.target" is vague and does not provide such guarantee (ref: man systemd.special(7)).
- Which often cause "xrdp.service" fail to auto-start when the service is configured to listen on a specific interface (e.g. in xrdp.ini, "port=tcp://192.168.0.1:3389"). Because the interface may have not finish setting up its IP, when "xrdp.service" starts.
(cherry picked from commit 21e11de157)
1) [Regression] If the specified mountpoint is not immediately below an
existing directory, the directory is not created.
2) The message to ask the user to unmount an existing mounted directory
has been moved to the right place.
(cherry picked from commit e0a1339b34)
1) add SSE2 simd for dwt_shift_rem and diff_count
make dwt_shift_rem easier to read
move common rlgr defines to common file
move common dwt defines to common file
2) Fix 'make distcheck'
3) Fix compiler warnings on tests
- The command 'systemd-analyze syscall-filter' shows that the group
@system-service added to the xrdp-service SystemCallFilter
actually includes all of the other listed groups and individual
services. Consequently this line can be simplified to just specify
@system-service.
- (reversion) The SystemCallErrorNumber setting in xrdp.service has been
removed so that unauthorized system calls cause an immediate process exit.
(cherry picked from commit e0e9177f5e)
The user socket directory needs to be SGID so that they inherit
the group ownnership. Then xrdp can write to them.
(cherry picked from commit 200e4d84f4)
This script now works the same way as cppcheck. The version to
be used is specified once in the github CI action
(cherry picked from commit b9fd19e6b5)
The '-lrt' added to the Makefile for the common library appears
to be unnecessary.
- On modern Linuxes, this library has been merged with libc, and the
supplied library is empty.
- On older ones (e.g. Devuan 4), the library contains routines we
do not use in xrdp (although we use 'shm_open()' in xorgxrdp).
- On FreeBSD 14 the library contains only mq_* and timer_* routines
which, again, are not required.
(cherry picked from commit e821eddb62)
On Linux, the TCP send buffer size is increased to 32768 if it is less
that this (which it normally is). This however has the effect of disabling
dynamic buffer sizing, leading to a maximum available bandwidth of
max_bandwidth = 262144 (bits) / round_trip_time (secs)
This is not noticeable on a LAN with an RTT of around 0.5ms, but
very noticeable on a WAN with an RTT of 0.25s.
Comments in the config file and manpage in this area are improved, as
is the logging if the parameters are actually set.
(cherry picked from commit b23d6f89d5)
This commit moves the '[Channels]' parsing code for xrdp.ini
from xrdp_wm_init() to an earlier location in xrdp_wm_create().
libxrdp can now check that drdynvc is not disabled before starting it,
and xrdp_wm can disable GFX if virtual channels are not available.
The responsibility for starting the drdynvc channel is moved out of
libxrdp into the application. This will make it easier to allow the
application to check the channel is enabled before starting it.
One of the tests uses a child process which generates SIGSEGV.
On FreeBSD this generates a corefile by default which breaks
the 'make distcheck' process.
When xrdp is built with IPv6 support it will only fall back to IPv4 if
IPv6 is not supported (EAFNOSUPPORT). However, if the system is IPv6
capable but doesn't have an IPv6 address set (at least inside a FreeBSD
jail) EPROTONOSUPPORT is returned from socket().
(cherry picked from commit 5afbca4954)
When a resize is underway on a busy X server, it is possible for a
queued EGFX cmd (order #62) to be processed after the decoder has been
deleted. This causes a client disconnect with no useful error message.
(cherry picked from commit 3430b8898c)
In GFX mode, if we're using xorgxrdp, frame updates are send directly
from the client, bypassing the screen buffer in xrdp_mm.
This commit only allows the xrdp_mm screen buffer to be invalidated
if the painter has drawn into it since the module was loaded. This
prevents the unused (and invalid) frame buffer being pushed to the client
in GFX mode with xorgxrdp.