Constants from MS documents (MS-RDPBCGR etc) moved out of
common/xrdp_constants.h into includes named after the documents.
Similar includes moved from sesman/chansrv to the common area.
linux/vm_sockets.h defines VMADDR_CID_ANY and VMADDR_PORT_ANY (both
equal to -1U) for vsock cid and port respectively. This change aims to
add the capability to parse negative cid and port numbers for vsock from
the config and pass them to the kernel.
Allows for valid configurations such as "port=vsock://-1:3389" to be
correctly processed, but will parse port and cid inputs like "---1" to
"-", which should currently get silently turned into 0 by atoi inside
g_sck_vsock_bind_address. Inputs that do not contain "-" get parsed as
by xrdp_listen_parse_integer.
as it is already deprecated. x11rdp is complicated to build and very few
people using it actually. However, some people still select "X11rdp"
session and get stuck despite not installing x11rdp.
https://github.com/neutrinolabs/xrdp/issues/962#issuecomment-430545526
People who really want to use x11rdp should revert this commit.
remove not used chansrv <-> xrdp messages
move static channel disable control into libxrdp
remove some blocking read, write chansrv calls
add drdynvc calls to libxrdp
add drdynvc calls to chansrv
channel cleanup
Configured ls_label_width and ls_input_width currently only apply to the combo l
abel and dropdown. Other labels and inputs (username, password, port, ...) use hardcoded defaults.
Also had to change the default label width; for the previous value of 60, "username" ends up just a few pixels too wide.
If you run xrdp with a Unix Domain Socket (UDS) for the port specified in
/etc/xrdp/xrdp.ini then the first connection succeeds but subsequent
connections fail. In fact the UDS is deleted from the filesystem as soon
as the first connection is established.
Test case:
1. Edit /etc/xrdp/xrdp.ini to set "port=/var/run/xrdp-local.socket".
2. Restart xrdp.
3. Run the following. When rdesktop starts up and the logon dialog is
displayed, press "Cancel".
sudo socat TCP-LISTEN:12345 UNIX-CONNECT:/var/run/xrdp-local.socket &
rdesktop localhost:12345
4. Run the following:
sudo socat TCP-LISTEN:12346 UNIX-CONNECT:/var/run/xrdp-local.socket &
rdesktop localhost:12346
Expected behaviour: rdesktop starts up and displays the logon dialog.
Observed behaviour: rdesktop exits with "ERROR: Connection closed" and
socat exits with "No such file or directory.
This is because in the child process after forking, xrdp_listen_fork()
calls trans_delete() which deletes the UDS. Simply commenting out the
g_file_delete() and g_free() fixes this, but that isn't a proper solution
because trans_delete() is called from elsewhere where the UDS might no
longer be wanted.
Fix by adding a function trans_delete_from_child() that frees and clears
listen_filename before calling trans_delete(), and call the new function
from xrdp_listen_fork().
(Workaround: set "fork=false" in /etc/xrdp/xrdp.ini, because
trans_delete() is then not called.)
In most cases, checking fd > 0 is not valid. open(2) returns -1 on
error, 0 on stdin, 1 on stdout, 2 on stderr, >2 . The border should be
between -1 and 0. Additionally, between 2 and 3.
Pointed out by: #919
The log is always logged when clients are disconnecting even though
nothing unusual is happening. This scares users too much. Actually,
some users created a issue on GitHub with the following log. It will
lose focus from the real error.
> [ERROR] Listening socket is in wrong state, terminating listener
such as prefill username and password:
username=ask{base64}YmFzZTY0
username={base64}YmFzZTY0
password=ask{base64}YmFzZTs2NCFwYXNzd29yZCM=
password={base64}YmFzZTs2NCFwYXNzd29yZCM=
';', '#', '!' means comment in .ini files. If prefill username or
password contains such symbols, these can be provided base64 encoded.
If you run xrdp with a Unix Domain Socket (UDS) for the port specified in
/etc/xrdp/xrdp.ini then only root can connect to it.
Test case:
1. Edit /etc/xrdp/xrdp.ini to set "port=/var/run/xrdp-local.socket".
2. Restart xrdp.
3. Run the following, as a non-root user.
socat TCP-LISTEN:12345 UNIX-CONNECT:/var/run/xrdp-local.socket &
rdesktop localhost:12345
Expected behaviour: rdesktop starts up and displays the logon dialog.
Observed behaviour: rdesktop exits with "ERROR: Connection closed" and
socat exits with "Permission denied". (But it suceeds if root runs
socat.)
UDS files are created by trans_listen_address() and given permissions
0660, so only root can connect to it. In this case, for the RDP client
connection, it it fine for any user to connect so it should be given
permissions 0666.
Note that this is only relevant when the port in /etc/xrdp/xrdp.ini has
been set to create a UDS instead of a TCP socket. When a TCP port is
created any user (including remote users, unless the loopback interface
is used) can connect so this is not less secure.
The UK/GB keyboard doesn't work properly connecting to xrdp with xorgxrdp.
It does work when connecting to xrdp with x11vnc, however.
This is because the layout is not declared in xrdp_keyboard.ini. It needs
to be called "gb" not "uk". (There are other layouts that have
km-nnnn.ini files that aren't declared in xrdp_keyboard.ini, so they might
have the same bug, but I haven't tested that. This is analagous to the
commits for the "ch" and "pl" layouts.)
Test case:
1. Use a PC with the UK/GB keyboard layout.
2. Create /etc/xrdp/startwm.sh as follows:
#!/bin/sh
export LANG=en_GB.UTF-8
export MDM_LANG=en_GB.UTF-8
export XTERM_LOCALE=en_GB.UTF-8
xterm
exit 0
3. Connect using rdesktop to localhost (from a session where the same
environment variables are defined).
4. Test layout-specific keys such as:
\ (backslash)
| (bar)
# (numbersign)
~ (asciitilde)
£ (sterling: Shift-3)
€ (EuroSign: AltGr-4)
These keys should produce the appropriate symbol but they don't. With
the change in this commit the keys produce the correct symbol.
As some clinents (AFAIK Windows 10) always send domain name, the backend
module is not selected properly. This causes the default usage with
Windows 10 fails with 'xrdp_wm_log_msg: Section "XXX" not configured'.
Use XRDP_SOCKET_PATH in file_loc.h
Don't define any non-socket paths in file_loc.h, they should come from
the makefiles.
Define all paths unconditionally, they should not be defined elsewhere.
Pass XRDP_SOCKET_PATH as environment variable to the backends.
caused by 9c31bd5. This is not a complete fix but just a workaround
because keylayout value of Japanese keyboard can be other than these
4 values. This workaround still doesn't cover all JP keyboards.
- 0x00000411
- 0xe0010411
- 0xe0200411
- 0xe0210411
Looking for `0411` in lower 16 bits is enough to detect JP keyboards.
self->line_size should be calculated in xrdp_bitmap_create_with_data()
The code was in the original noorders branch but got lost. Without this
fix, the image is garbled.
The client should be configured with compression disabled, or it will
disconnect. That's a known problem.
The removal of "xserverbpp=24" from the Xorg entry lead to a regression.
Clients with a different bpp would not reconnect to an xorgxrdp session
if the client's bpp is different, even though xorgxrdp is always using 24
bpp.
Imply "xserverbpp=24" for "code=20" in xrdp.ini.
Setting autorun to empty keeps X11rdp as the default backend for
autologin (since it's the first section), but it also enables the backend
selection by the domain name.
Describe the autorun interaction with the domain name both in the config
file and in the manual.
Since libpainter is going to become a subpackage, we can make librfxcodec
a subpackage as well.
With this change, librfxcodec is configured, built and linked to xrdp
automatically if enabled by "--enable-rfxcodec"
librfxcodec is packaged by "make dist" regardless of "--enable-rfxcodec"
librfxcodec/confgure is run unconditionally, it's needed for "make dist"
to work. But librfxcodec is only compiled if enabled.
xserverbpp affects X11rdp and Xvnc, but not Xorg. No need to have
xserverbpp in the Xorg section where it has no effect. Add commented out
xserverbpp to Xvnc, some users may want to experiment with that setting.
The pixman library in not part of xrdp. If users see that "xrdp_pixman"
is not found, they might assume it is some xrdp specific library.
The Automake conditional is still XRDP_PIXMAN, but the pkg-config
variables become PIXMAN_LIBS and PIXMAN_CFLAGS.
If no domain is passed, self->session->client_info->domain is an empty
string that is incorrectly treated as if the domain were passed by the
client.
The regression was introduced in fc753a95, when an incorrect check for
non-empty domain was added. That check was removed in 67119ecc based on
coverity report, leaving no trace of the original intention.
Check domain both for '_' and '\0' as the initial character. In either
case, select the first session type section in xrdp.ini.
upper 16 bits of keylayout value indicates keyboard layout.
lower 16 bits of keylayout value indicates country/language.
If the keymap file doesn't match exactly to keylayout value,
the typical keyboard of the country/language should be used.
For example [1]:
0x00000409: US English
0x00010409: US Dvorak
0x00020409: US International
0x00030409: US Dvorak for left hand
0x00040409: US Dvorak for right hang
0x0000040e: Hungarian
0x0001040e: Hungarian 101-key
[1] https://msdn.microsoft.com/windows/hardware/commercialize/manufacture/desktop/windows-language-pack-default-values
Make section names equal to the names in the "name=" setting to avoid
confusion and the need to renumber sections. Avoid "sesman-" in the
names, it's not helpful to the user. Move "Xorg" just below "X11rdp",
that would give xorgxrdp more visibility.
AM_CPPFLAGS is a documented Automake variable for C preprocessor flags
that should not be overridden when compiling the package.
There is no need to have two additional variables that are ultimately
merged into AM_CPPFLAGS.
Their names are also confusing. EXTDA_DIST is a documented Automake
variable. Everything else that starts with "EXTRA" is not.
Specify display in the "login failed" message. Print the section name
that wasn't found. Remove stdout message about missing section,
xrdp_wm_log_msg() already writes to stdout.
For xrdp-sesman, don't report that the daemon is listening to a port if
it fails to attach to that port. Don't use LOG_LEVEL_ALWAYS for startup
message, it's not a critical error.
libdir is for shared and static libraries. Some xrdp libraries are loaded
dynamically from a non-standard directory, so they are used like modules.
Having separate libdir and moduledir would eventually allow to separate
dynamically loaded modules from shared libraries.
AM_CPPFLAGS is for flags passed to the preprocessor, such as defines and
includes. AM_CFLAGS is for flags affecting the compiler, such as debug
and optimization settings.
INCLUDES is an obsolete name. Users can pass INCLUDES and break
compilation. AM_CPPFLAGS is more explicit that the flags come from
Automake and should not be overridden.
To add flags to the compiler, CFLAGS, CPPFLAGS or LDFLAGS can be used on
the configure command line.
The need to add flags depends on the location of the headers and
libraries of the dependencies, which is orthogonal to the directory where
xrdp will be installed.
The implementation in configure.ac has a stray closing bracket, making
GOT_PREFIX true even if --prefix is not passed.
The implementation is inconsistent - the only affected makefiles are for
xrdp and libxrdp.
Changing rpath manually is wrong in most cases. Libtool should be able to
set rpath correctly on its own.
Using $(prefix)/lib ignores the libdir setting. For many 64-bit systems,
/usr/lib is used for 32-bit libraries. Adding 32-bit libraries to the
rpath slows down 64-bit executables, as the dynamic loader searches for
libraries in a wrong directory.
There is no way to disable GOT_PREFIX if --prefix has to be passed.
Fedora RPM patches configure.ac and needs to rerun autoconf and automake
after that.
OpenPAM is used in FreeBSD, NetBSD, DragonFly BSD and Mac OS X.
On the Linux system, Linux-PAM is used. Detect PAM during configure
and use which the system has.
Add support for combining shift & caps lock keys with altgr so that
capital national characters can be written. There was some support for
shift+altgr in xrdp-keygen but it was never actually used.
