Jay Sorg
ee65ccb31d
use address for tcp:// and tcp6:// and vsock://
2019-07-01 17:56:50 -07:00
Jay Sorg
0bc7803eaa
add TCP V4 and V6 only socket functions
2019-06-29 23:59:18 -07:00
Jay Sorg
ecf4acf5f1
work on suppress
2019-04-25 14:54:25 -07:00
Jay Sorg
0ed82f71e8
xrdp: check term event for more responsive shutdown
2019-04-01 23:14:09 -07:00
Koichiro IWAO
062699334e
Fix typo s/BITMACACHE/BITMAPCACHE/
2018-12-13 17:27:25 +09:00
Koichiro IWAO
0e9e25f100
use MS name for PDU types
...
RDP_PDU_REDIRECT has been removed as it is not found in MS-RDPBCGR and
not used anywhere.
2018-12-12 17:40:58 +09:00
Koichiro IWAO
b2a7bb0cf0
use MS for orderType constants
2018-12-12 17:40:58 +09:00
Koichiro IWAO
83d3349c5a
add some more constants and use them
2018-11-27 15:08:22 +09:00
Koichiro IWAO
43f6ac0723
use MS name for constants
2018-11-27 15:08:22 +09:00
daixj
fcb1b825c5
neutrinordp: don't enable remote_app if the INFO_RAIL flag is not set
2018-11-23 17:18:26 +08:00
daixj
8da22cf67a
Merge branch 'devel' of https://github.com/neutrinolabs/xrdp into devel-mac
2018-10-25 16:19:54 +08:00
Koichiro IWAO
c15cd91198
common: add constants of glyph support level
2018-10-25 16:00:53 +09:00
daixj
b3a1889200
Support Cache Glyph Revison 2, issue #367
2018-10-25 10:34:00 +08:00
Koichiro IWAO
74497752dc
Add TLSv1.3 support
...
Actually, TLSv1.3 will be enabled without this change if xrdp is compiled
with OpenSSL or alternatives which support TLSv1.3. This commit makes to
enable or disable TLSv1.3 explicitly. Also, this commit adds a log
"TLSv1.3 enabled by config, but not supported by system OpenSSL". if
xrdp installation doesn't support TLSv1.3. It should be user-friendly.
2018-09-14 11:50:55 +09:00
daixj
88b3c06311
fix issue #1112 : set SSL object's read_ahead flag to be 0
2018-05-21 11:08:41 +08:00
metalefty
f52f632e21
Merge pull request #1096 from metalefty/version_info
...
Show OpenSSL version to --version
2018-04-13 14:49:26 +09:00
Koichiro IWAO
b2b42d28f3
xrdp: add OpenSSL version to --version
...
While here, cleanup --help, --version, and when unknown option.
2018-04-10 23:58:31 +09:00
Ben Cohen
3b5b7a5935
UDS file deleted after first connection
...
If you run xrdp with a Unix Domain Socket (UDS) for the port specified in
/etc/xrdp/xrdp.ini then the first connection succeeds but subsequent
connections fail. In fact the UDS is deleted from the filesystem as soon
as the first connection is established.
Test case:
1. Edit /etc/xrdp/xrdp.ini to set "port=/var/run/xrdp-local.socket".
2. Restart xrdp.
3. Run the following. When rdesktop starts up and the logon dialog is
displayed, press "Cancel".
sudo socat TCP-LISTEN:12345 UNIX-CONNECT:/var/run/xrdp-local.socket &
rdesktop localhost:12345
4. Run the following:
sudo socat TCP-LISTEN:12346 UNIX-CONNECT:/var/run/xrdp-local.socket &
rdesktop localhost:12346
Expected behaviour: rdesktop starts up and displays the logon dialog.
Observed behaviour: rdesktop exits with "ERROR: Connection closed" and
socat exits with "No such file or directory.
This is because in the child process after forking, xrdp_listen_fork()
calls trans_delete() which deletes the UDS. Simply commenting out the
g_file_delete() and g_free() fixes this, but that isn't a proper solution
because trans_delete() is called from elsewhere where the UDS might no
longer be wanted.
Fix by adding a function trans_delete_from_child() that frees and clears
listen_filename before calling trans_delete(), and call the new function
from xrdp_listen_fork().
(Workaround: set "fork=false" in /etc/xrdp/xrdp.ini, because
trans_delete() is then not called.)
2018-03-27 09:22:49 +03:00
Fernando Seiti Furusato
9f80fcd74e
Corrected endianness detection on ppc64el.
...
In common/arch.h, the endianness detection considers all powerpc
architectures as big endian. Since that is not true for ppc64el, I
added a verification that checks other preprocessor macros, only for
ppc cases.
Signed-off-by: Fernando Seiti Furusato <ferseiti@gmail.com>
2018-03-27 13:45:58 +09:00
speidy
a432969746
common: ssl_calls: add support for OpenSSL>=1.1.0 API for DH keys
...
also fixes some memory leak introduced in PR#1024.
and adds a check that DH params generated successfully. write a proper log message if not.
2018-03-22 02:20:47 +02:00
speidy
8effc09ab7
common: ssl_calls: check if SSL object created right after its creation.
2018-03-21 08:16:12 +02:00
Koichiro IWAO
e3d0fd6d46
common: temporarily disable DHE
...
until make it possible to use generated DH parameters per installation.
2018-03-18 21:14:06 +09:00
Koichiro IWAO
1690950cc8
common: regenerate dhparam
...
Generated by: openssl dhparam -C 2236
2018-03-01 13:48:22 +09:00
Koichiro IWAO
578d23477c
common: obey coding style, remove trailing space
2018-03-01 12:11:52 +09:00
Enrico Tagliavini
70b5adb396
add support for DHE ciphers via compiled in dhparam
...
make it possible to use regular (non EC) EDH ciphers. To make this
possible a Diffie-Hellman parameter must be passed to the openssl
library. There are a few options possible as described in the manuals at
[1] and [2]. Simplest approach is to generate a DH parameter using
openssl dhparam -C <lenght> and include the code into the application.
The lenght used for this commit is 2236 bits long, which is the longest
possible without risking backward incompatibilities with old systems as
stated in [1]. Newer systems should use ECDH anyway, so it makes sense
to keep this method as compatible with older system as possible.
Paramters longer than 2048 should still be secure enough at the time of
writing.
[1] https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
[2] https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_tmp_dh_callback(3)
2018-03-01 09:57:35 +09:00
Enrico Tagliavini
6cdc0f31b0
enable automatic ECDH when possible (openssl 1.0.2)
...
Openssl 1.1.0 and later are enabling ECDH automatically, but for older
version it must be enabled explicitly or all Perfect Forward Secrecy
ciphers will be silently ignored. See also [1]. This commit applies the
same fix as found in CnetOS 7 httpd package to enable automatic ECDH as
found in [2].
[1] https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
[2] https://git.centos.org/blob/rpms!httpd.git/c7/SOURCES!httpd-2.4.6-ssl-ecdh-auto.patch
2018-03-01 09:57:35 +09:00
Koichiro IWAO
793a418cfb
common: log what value is set to tls_ciphers
...
Related to #1033 .
2018-02-20 13:13:37 +09:00
Koichiro IWAO
3da4d72323
common: quit using !
as comment out symbol in config files
...
It is not used anywhere in default config. Some config like
`tls_ciphers` might contain `!` like this:
tls_ciphers=FIPS:!aNULL:!eNULL
Fixes #1033 .
2018-02-20 13:13:34 +09:00
daixj
31ef2552c4
log: revert permission
2018-02-13 16:44:37 +09:00
daixj
ea6bb62410
log: fix fd checking
2018-02-13 16:44:37 +09:00
daixj
551bb185c5
log: remove unused code and fix potential memory leak
2018-02-13 16:44:37 +09:00
Koichiro IWAO
577bd8214f
common: add more capset constants
...
defined at MS-RDPBCGR 2.2.1.13.1.1.1 [1] and sort
[1] https://msdn.microsoft.com/en-us/library/cc240486.aspx
2017-12-01 11:20:42 +09:00
Koichiro IWAO
77a34e0a7b
common: express capability set constants in hex
...
as same as done in MS-RDPBCGR 2.2.1.13.1.1.1 [1].
[1] https://msdn.microsoft.com/en-us/library/cc240486.aspx
2017-12-01 11:20:42 +09:00
Koichiro IWAO
788ae1467a
xrdp_sec: constify color depth value
2017-12-01 11:20:42 +09:00
Koichiro IWAO
d0c27a2904
common: suppress log when closing log files
...
because if xrdp is running 'fork=yes' mode, the log message
'shutting down log subsystem...' is logged everytime when the child
process is exitting. In other words, everytime when clients are
disconnecting. This is a little bit too vebose.
2017-11-30 15:13:18 +09:00
Koichiro IWAO
3de3a4fab5
common: add more references to constants' origin
...
classify constants into these 5 types
* constants for xrdp
* constants come from ITU-T Recommendations
* constants come from Remote Desktop Protocol
* constants come from other MS products
* unclassified yet
2017-11-24 21:45:48 +09:00
Koichiro IWAO
799c230998
common: add references to constants' origin
2017-11-24 21:45:48 +09:00
Jay Sorg
a9eb21e6d7
common: avoid 100% cpu on ssl accept, can be fake client
2017-11-22 16:17:34 -08:00
Justin Terry (VM)
d7d14d7462
Implements the accept/close logic for vsock
2017-11-17 20:23:20 -08:00
Jay Sorg
bc48578a90
remove crc16.h from common/Makefile.am
2017-11-09 21:13:53 -08:00
Jay Sorg
54285d26dd
remove empty crc16.h file
2017-11-09 21:13:53 -08:00
Jay Sorg
285465a1f5
common, return -1 for bad socket
2017-11-07 18:20:45 -08:00
Jay Sorg
c6c513b23c
use g_memcpy, braces
2017-11-07 18:20:45 -08:00
Jay Sorg
26507644e3
vsock, move some defines
2017-11-07 18:20:45 -08:00
Justin Terry (VM)
50bd624cc4
Implements XRDP over vsock
...
1. Implements the ability to use AV_VSOCK for the transport rather than TCP.
2. Updates the ini file to be able to conditionally turn this feature on.
2017-11-07 18:20:45 -08:00
Koichiro IWAO
a6fd518a48
fix typo s/Roration/Rotation/
2017-11-06 16:18:42 +09:00
Koichiro IWAO
2475893402
Constify extended mouse events
2017-11-06 16:18:42 +09:00
Koichiro IWAO
27aef96e81
Constify mouse event flags, use the MS name for constants
2017-11-06 16:18:42 +09:00
Koichiro IWAO
4a2818e183
Add some more Input Capability Set constants
2017-11-06 16:18:42 +09:00
Koichiro IWAO
2411a0be14
log: add log level TRACE
...
TRACE means more verbose than DEBUG. syslog doesn't have more verbose
level than DEBUG, map TRACE to DEBUG for syslog.
2017-10-13 15:09:33 +09:00
Koichiro IWAO
00bf62bd42
common: prevent raw use of snprintf
2017-10-03 21:55:08 +09:00
Koichiro IWAO
ced3a4817f
xrdp: constify input event type
2017-10-02 09:39:48 +09:00
Koichiro IWAO
f9ab4df7f2
common: fix g_write_ip_address() didn't return correct IP address
...
Fixes : #878 .
2017-09-26 10:54:08 +09:00
Jay Sorg
021a78f4c6
chansrv: sound, use WAVE_FORMAT_AAC not WAVE_FORMAT_AAC_MS
2017-08-04 17:24:57 -07:00
Jay Sorg
bf0d56c314
chansrv: sound, add aac
2017-08-04 17:24:57 -07:00
Koichiro IWAO
4d14f344fd
fix indent, no logic change
2017-08-01 08:40:30 +09:00
Koichiro IWAO
04187945a8
move base64 functions to base64.c
2017-08-01 08:40:30 +09:00
Koichiro IWAO
eae5cdf1fd
pass through except for the first '='
...
if "foo=ba=r" is found in ini files, it should be parsed like this.
key : foo
value : ba=r
2017-08-01 08:40:30 +09:00
Koichiro IWAO
d57e02626d
add base64_decode function
2017-08-01 08:40:30 +09:00
Koichiro IWAO
dbaf23e93b
chansrv: constify wFormatTag
2017-07-25 11:40:04 +09:00
Ian Geiser
324a334315
append a / to ensure the full path is created even when the config variable lacks a trailing /
2017-07-19 10:35:37 +09:00
Koichiro IWAO
aa0721a90e
common: fix more glitches in IPv4 initialization
2017-07-14 21:21:15 +09:00
Ian Geiser
4b87548b71
Use g_create_path instead of g_create_dir
...
Rename g_mk_temp_dir to g_mk_socket_path
2017-07-14 20:52:38 +09:00
Koichiro IWAO
8d5010a202
common: use log_message
2017-07-13 13:41:26 +09:00
Koichiro IWAO
8c74fcb80c
common: fix a glitch with IPv4 struct initialization
...
Pointed out by: andrecbarros
Closes : #803
2017-07-10 11:58:10 +09:00
Koichiro IWAO
aa4b90d250
Change log level DEBUG -> WARNING
...
since unavailability of ssl protocols defined in config file
may weaken security and it is important for users.
2017-07-06 13:14:27 +09:00
Koichiro IWAO
455c341efc
Reword log messages in ssl_get_protocols_from_string()
2017-07-06 13:14:27 +09:00
Jay Sorg
8d63c32899
move openssl calls to common/libssl.c, check for defines
2017-06-22 11:47:48 +09:00
Koichiro IWAO
088bd2d811
common: implement g_file_readable for WIN32
2017-06-12 16:57:04 +09:00
Koichiro IWAO
65c1fe87d7
Log user-friendly message when certificate/privkey is inaccessible
...
We shouldn't assume that xrdp daemon is running under root privilege.
In many cases, root privilege is not really needed for xrdp daemon.
xrdp may fail to load certificate/privkey due to lack of permissions
when running under user privilege. Checking existence of files is not
enough and xrdp should output user-friendly log in such case.
Reported by Debian user in bug 856436 [1].
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856436
2017-06-12 16:57:04 +09:00
Koichiro IWAO
0e7844ab02
Constify MCS connectionType
2017-06-06 10:04:48 +09:00
Koichiro IWAO
c7f8e360fd
common: separate sockets macros into basename and fullpath
...
since sometimes socket directory is obtained from environment variable.
2017-05-16 10:41:06 +09:00
Jay Sorg
2c96908ea5
common: if SSL_shutdown fails, only call one more time
2017-05-10 14:56:20 -07:00
Jay Sorg
75fd3fcf89
common: ssl_tls_write / read return 0 on socket close
2017-05-10 14:56:20 -07:00
MichaelSweden
5c668dc420
Removed error message while falling back to IPv4 (issue #714 )
2017-04-25 09:31:22 +09:00
MichaelSweden
106ae2cd43
Fix to handle OS disabled IPv6, issue #714 .
...
- Changes made only in the os_calls.c file.
- Exported functions changed: g_tcp_bind g_tcp_bind_address g_tcp_connect
- Support three network configurations:
1) Normal network, with IPv6
2) Partly disabled IPv6 via sysctl.conf
3) Total disabled IPv6 via grub
2017-04-25 09:31:22 +09:00
Pavel Roskin
148afd1170
Rename file_loc.h to xrdp_sockets.h, install it
...
Include xrdp_sockets.h directly, not through headers.
2017-03-28 00:59:16 -07:00
speidy
2f382d2a16
libxrdp: print connected client name to log
2017-03-21 22:02:29 -07:00
Pavel Roskin
95506a169f
Log socket fd in g_sck_accept(), fix AF_UNIX logging
2017-03-21 21:59:50 -07:00
Pavel Roskin
43899b7e0c
Allocate space for tls_ciphers dynamically
2017-03-21 10:39:40 -07:00
Pavel Roskin
58c9cb43e9
Make socket directory configurable, don't hardcode /tmp/.xrdp
...
Use XRDP_SOCKET_PATH in file_loc.h
Don't define any non-socket paths in file_loc.h, they should come from
the makefiles.
Define all paths unconditionally, they should not be defined elsewhere.
Pass XRDP_SOCKET_PATH as environment variable to the backends.
2017-03-17 22:25:05 -07:00
Pavel Roskin
6ed4c969f4
Eliminate APP_CC and DEFAULT_CC
2017-03-14 00:21:48 -07:00
Pavel Roskin
30a7a947b1
Don't include config_ac.h from any header files
2017-03-04 00:52:34 -08:00
Pavel Roskin
b2d3dcf169
Include config_ac.h from all source files
2017-03-04 00:52:34 -08:00
Koichiro IWAO
c126f81d9a
add comment to keep xorgxrdp/x11rdp compatibility
2017-02-27 14:17:25 +09:00
Koichiro IWAO
e94ab10e14
TLS: new method to specify SSL/TLS version
...
SSL/TLS protocols only listed in ssl_protocols should be used.
The name "ssl_protocols" comes from nginx.
Resolves #428 .
2017-02-27 14:17:25 +09:00
Jay Sorg
657f6f3756
common: use select for SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE tls errors
2017-02-25 20:52:27 -08:00
Jay Sorg
e0ac84aaa4
change some casts to long long
2017-02-22 20:39:56 -08:00
Jay Sorg
c5e9bc7851
common: print list items as pointers
2017-02-22 20:39:56 -08:00
Jay Sorg
7825246d7a
fix warning new since stdint.h change
2017-02-22 20:39:56 -08:00
Pavel Roskin
f8d22ce673
aarch64 doesn't require pointers to be aligned
2017-02-13 21:00:22 -08:00
Pavel Roskin
dc1e341f5a
Constify input arguments of ssl_mod_exp() and ssl_gen_key_xrdp1()
2017-02-02 21:39:10 -08:00
Pavel Roskin
6a3f0a75bd
Remove support for OpenSSL older than 0.9.8
...
It's hard to find an older version of OpenSSL even on long term support
distros.
2017-02-02 21:39:10 -08:00
Jay Sorg
d7967ec897
minor arch.h change
2017-01-29 23:14:33 -08:00
Jay Sorg
3b84314a1a
arch.h changes to include stdint.h
2017-01-29 23:14:33 -08:00
mirabilos
6257bae23f
Add GNU/kFreeBSD support ( #645 )
...
* GNU/kFreeBSD is a FreeBSD variant, for code purposes.
* GNU/kFreeBSD uses GNU/Linux-ish init scripts, however.
2017-01-26 23:02:41 -02:00
Idan Freiberg
19375dda7a
Merge pull request #426 from metalefty/log-tls-version-and-cipher
...
TLS: log TLS version and cipher
2017-01-16 07:26:51 +02:00
Idan Freiberg
a64e1789c5
Merge pull request #615 from speidy/channels_fixes
...
Channels improvements
2017-01-15 08:55:00 +02:00
Pavel Roskin
f1a521204a
Remove redundant function declarations
2017-01-11 23:25:42 -08:00
Koichiro IWAO
c89c1318f8
obey coding standard, no logic change
2017-01-12 09:28:22 +09:00
speidy
94cdbdcee6
libxrdp: change channel_code into a meaningful name
2017-01-06 07:59:49 +02:00
Pavel Roskin
6664aac00f
Use "void" for empty argument list in declarations
...
In C, an empty argument list in a declaration means that the function
can accept any arguments. Use "void" instead, it means "no arguments".
C++ treats void and empty list as "no arguments".
2017-01-05 17:27:20 -08:00
volth
26a26ef906
fix build with --enable-xrdpdebug=yes
2017-01-04 19:20:44 +00:00
volth
37b4a14b54
fix build with --enable-xrdpdebug=yes
2017-01-04 13:00:01 +00:00
metalefty
25e5243ecf
Merge pull request #553 from jsorg71/libpainter
...
add libpainter for drawing when client does not have minimum orders
2016-12-20 17:00:48 +09:00
Jay Sorg
1f51586769
add libpainter for drawing when client does not have minimum orders
2016-12-15 21:17:50 -08:00
speidy
4697354044
xrdp_constants: move CAPSET constants to their place
2016-12-13 19:35:56 -05:00
speidy
917aadd2d1
libxrdp: more constants
2016-12-13 18:18:34 -05:00
speidy
3dc0f2860c
Merge branch 'surface_cmds' of git://github.com/speidy/xrdp into surface_cmds
2016-12-13 15:08:37 -05:00
speidy
5e39bb1f87
libxrdp: caps, group caps require fastpath output, use FASTPATH_OUTPUT_SUPPORTED constant
2016-12-13 15:05:39 -05:00
Speidy
a0cf6030df
Merge branch 'devel' of https://github.com/neutrinolabs/xrdp into surface_cmds
2016-12-12 15:51:39 -08:00
jsorg71
5966de4ee2
Merge pull request #536 from jsorg71/unicode
...
add unicode support
2016-12-11 17:15:34 -08:00
Jay Sorg
c264862afe
change some magics to defines
2016-12-10 01:06:45 -08:00
Jay Sorg
2f8d3ba9da
add unicode support
2016-12-10 00:11:28 -08:00
Pavel Roskin
d97155e2f6
Don't use colon to separate IPv6 address from the port
...
IPv6 addresses can have colons in their names, so the final colon can be
confusing.
2016-12-09 08:42:56 -08:00
speidy
8a0fec5e66
o send RFX tiles as stream (Stream Surface Bits Command)
...
o silent frame ack logging
o support surface commands in capsets
o fix some wrong constants
2016-12-08 20:12:00 -05:00
Jay Sorg
9a517b34f0
vnc: code cleanup
2016-12-04 15:39:10 -08:00
metalefty
943dec86ca
Merge pull request #512 from speidy/devel
...
xrdp_encoder: do not initialize for non-UNIX rdp clients
2016-12-02 15:25:48 +09:00
Pavel Roskin
c6307aa2b0
Use pkg-config to discover OpenSSL
...
All supported versions of OpenSSL have pkg-config files.
2016-11-29 17:00:09 -08:00
Pavel Roskin
06f4f72e28
Add -ldl to libcommon link flags if it's needed for dlopen()
2016-11-29 16:25:37 -08:00
speidy
1fe048b63d
xrdp_encoder: do not initialize for non-UNIX rdp clients
...
xrdp_encoder: comment about temporary workaround
2016-11-29 15:25:14 -05:00
Koichiro IWAO
849a8075c5
common: If IPv6 not supported, fall back to IPv4
...
The system to run xrdp does not necessarily support IPv6 even though
it is compiled with IPv6.
Fixes #432 .
2016-11-22 16:40:54 +09:00
Koichiro IWAO
40e8194122
TLS: log TLS version and cipher
2016-11-22 10:50:30 +09:00
Itamar Reis Peixoto
7cc1dd2ba8
Merge pull request #460 from metalefty/ipv6/logs
...
common: Fix client IP address logging when IPv6 is enabled
2016-11-20 16:00:26 -02:00
Pavel Roskin
2dcc69b752
Use g_get_strerror() instead of strerror(errno) for portability
2016-11-08 14:08:51 -08:00
Pavel Roskin
1fe368c5b3
Install headers used by X11rdp and xorgxrdp
...
Installing the headers makes it possible to compile xorgxrdp as a
separate package, without xrdp sources.
2016-11-06 22:36:13 -08:00
Koichiro IWAO
dcf36b592b
common: Address family it not always AF_INET6
...
even if XRDP_ENABLE_IPV6 defined.
2016-11-04 17:31:36 +09:00
Koichiro IWAO
b2118450f4
common: Fix client IP address logging when IPv6 is enabled
...
g_tcp_accept() and g_sck_accept() should use sockadd_in6 when IPv6 is
enabled. The former code logs client IP address always "0.0.0.0" in such
case.
Fixes #412 .
2016-11-04 17:31:36 +09:00
Pavel Roskin
4324084d58
Use static inline functions for OpenSSL 1.0 backport
...
Conditional preprocessor directives spread throughout the code set a bad
example.
The new backport code is located in one place. The compiler checks
argument types. The backport code has no access to the caller variables.
The main code has all advantages of the new, more compact API.
2016-11-01 11:09:15 -07:00
Dominik George
e5cf45d1ac
Add backwards compatibility to OpenSSL < 1.1.0.
2016-10-27 22:40:48 +02:00
Dominik George
1b5fb8f1c8
Fix ssl_calls for OpenSSL 1.1.0, closes #458 .
2016-10-27 21:56:22 +02:00
Pavel Roskin
6fef1e4eb5
Use const pointers in function arguments when possible
2016-10-17 08:54:07 -07:00
Pavel Roskin
bc868b96b1
Remove text2bool() from log.h, there is no such function
2016-10-17 08:54:07 -07:00
Pavel Roskin
a618d4f757
Don't use final newline in log calls, it's already appended
2016-10-17 08:54:07 -07:00
Pavel Roskin
7d03d1a3e9
Fix outgoing connections on Mac OSX
...
connect() on an already established connection returns error with errno
set to EISCONN. Treat it as success.
2016-09-08 22:28:38 -07:00
Pavel Roskin
5465b8c85e
Add socklen_t check with substitution, use socklen_t as needed
2016-09-08 20:26:19 -07:00
Pavel Roskin
6f4ffa769c
Improve debug information when closing a socket
...
Don't assume AF_INET family. Don't assume the socket is connected. Report
local address and port. Don't try to close non-sockets and invalid file
descriptors. Report errors getting socket information and closing the
socket. Use more appropriate log levels.
2016-09-08 20:26:19 -07:00
Jay Sorg
8f747e37ca
always set SSL_OP_NO_SSLv2 in TLS options
2016-08-25 11:38:03 -07:00
Alex Illsley
47124df4ed
new options for xrdp.ini disableSSlv3=yes and tls_ciphers=HIGH and code to implement
2016-08-25 11:20:47 -07:00
Koichiro IWAO
ceb4b7b2a4
Fix clipboard when text/filename contains non-ASCII characters
...
broken by #314 . This is compatible with the fix introduced in #314 .
To use non-ASCII text/filename in clipboard, chansrv needs to be run
with LC_CTYPE=*.UTF-8 because the behaviour of mbstowcs(3) function
called in chansrv depends on LC_CTYPE[1]. However #314 made
LC_CTYPE=C in chansrv context. Even if LANG and LC_* are set in
.bashrc, /etc/profile, /etc/locale.conf or something like that,
it doesn't affect in chansrv context because chansrv doesn't source
any of them unlike sesman.
So do not set LC_CTYPE to blank or "C" in g_init() in order to get
g_mbstowcs and g_wcstombs to work properly with non-ASCII UTF-8
characters in any context.
Setting LC_CTYPE to *.UTF-8 doesn't obstruct applying system
language in RHEL [2].
[1] Linux man page says:
The behavior of mbstowcs() depends on the LC_CTYPE category of
the current locale.
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1290820
2016-08-18 13:27:55 +09:00
Jay Sorg
f4f23b0a7d
Include stdint.h, don't redefine MAX/MIN constants if already defined
2016-08-12 12:16:14 -07:00
Jay Sorg
d35e57b117
Pixman fixes
2016-08-11 22:18:26 -07:00
Jay Sorg
bb7bac2d9b
add region intersect
2016-08-08 23:12:52 -07:00
Jay Sorg
58c777783b
add more advances region support using pixman
2016-08-08 20:02:10 -07:00
jsorg71
8353baab3d
Merge pull request #390 from proski/june21
...
Cleanups and C++ compatibility
2016-08-05 14:38:41 -07:00
speidy
c9b55e3691
sesman: env_set_user, fix potential bof issues
2016-07-22 04:48:37 -04:00
Pavel Roskin
ace7d2c822
Declare unified module interface and use it in modules
...
This fixes loading modules compiled with a C++ compiler. Remote thandle
type, it's unused. Use tintptr for module data. Don't cast pointers to
long, they won't fit on Win64.
2016-07-08 05:09:09 +00:00
Pavel Roskin
2c13ef5c6d
Use enum logLevels consistently for log levels
2016-07-08 04:29:57 +00:00
Pavel Roskin
0c72ee2371
Use char* for TLS send and receive
...
This is consistent with ssl_tls_read() and ssl_tls_write(). C++ warnings
are fixed without adding any casts.
2016-07-08 04:29:56 +00:00
Pavel Roskin
28a1a090b3
Use correct types for ssl and ctx fields in struct ssl_tls
2016-07-08 04:29:53 +00:00
Pavel Roskin
d1efb0d5ba
Fix signed to unsigned comparisons reported by g++ 6.1.0
2016-07-08 04:29:51 +00:00
Pavel Roskin
5829323ad8
Use g_new or g_new0 when C++ compiler would complain about implicit cast
2016-07-08 04:29:49 +00:00
Pavel Roskin
a24df49241
Introduce glib style macros for allocating memory with type
2016-07-08 04:29:49 +00:00
Pavel Roskin
aeeb3d2c2e
Fix warnings detected by -Wwrite-strings
2016-07-08 04:29:42 +00:00
Pavel Roskin
951e632757
Make program_name constant, don't duplicate or free it
2016-07-08 04:27:07 +00:00
Pavel Roskin
77b380c0b5
Fix format warnings in log_message() calls
2016-06-21 16:30:16 -07:00
Pavel Roskin
b1527b7947
Check string format in log_message
...
Move "printflike" definition to arch.h, it's used both by log.h and
os_calls.h.
2016-06-21 16:30:16 -07:00
Pavel Roskin
ae5bb5bf9c
Fix incorrect use of "it's" and "its", adjust wording
2016-06-21 16:30:15 -07:00
speidy
b38dcf1bb0
xrdp_wm: fix for multimon, draw login window and log window on primary
...
monitor
2016-05-17 20:11:49 -04:00
Itamar Reis Peixoto
0a6a55b547
Merge pull request #370 from proski/typos
...
Typo fixes and more
2016-05-06 09:05:38 -04:00
jsorg71
8249091183
Merge pull request #332 from metalefty/freebsd/ipv6
...
common: add log for g_tcp_connect
2016-05-05 22:00:51 -07:00
Pavel Roskin
c3f6e1f58a
Use uniform comments for GUIDs
2016-05-05 00:06:26 -07:00
Pavel Roskin
ca9cbcafc8
Typo fixes
2016-05-04 23:33:30 -07:00
jsorg71
fdb146740f
Merge pull request #360 from proski/format-warnings
...
Warning fixes
2016-05-03 00:52:58 -07:00
Jay Sorg
fac0907a3c
trans: set non blocking socket after accept
2016-04-27 18:16:45 -07:00
Pavel Roskin
f93074a430
Add unnamed semaphore support on Mac OS
...
sem_init() is not functional on Mac OS. Use the Grand Central Dispatch
implementation.
Make libscp_lock.c use semaphores through the thread_calls wrapper.
2016-04-23 00:26:46 -07:00
Pavel Roskin
e65bd6b7d7
Fix more format warnings
2016-04-21 21:21:17 -07:00
Pavel Roskin
55e12a09d8
Include config_ac.h from common/os_calls.h to enable all format warnings
2016-04-21 21:20:12 -07:00
Jay Sorg
0655272b9c
common: call recv/send before can_recv/can_send
2016-04-06 16:37:34 -07:00
Jay Sorg
bd6c38af4d
common: fix warnings
2016-04-02 16:49:23 -07:00
jsorg71
034ee36f9c
Merge pull request #341 from proski/sanity-checks
...
Sanity checks
2016-03-16 20:51:58 -07:00
Jay Sorg
689ffe79d9
fix warnings, move some calls to os_calls
2016-03-16 14:32:14 -07:00
Jay Sorg
7393579205
Don't attempt to intercept SIGKILL, it doesn't work on any OS
2016-03-14 16:33:49 -07:00
Pavel Roskin
9091c3eef2
Annotate printf-like functions if supported by the compiler
...
Both GCC and Clang support it. Add a macro from Autoconf archive to check
for format attribute support.
2016-03-03 22:56:09 -08:00
Koichiro IWAO
9460bdb643
common: no logic change, indent 2 -> 4
2016-02-23 18:26:42 +09:00
Koichiro IWAO
d01854a341
common: no logic change, fix alignment, whitespaces
2016-02-23 18:26:41 +09:00
Koichiro IWAO
1ed7dbec53
common: add log for g_tcp_connect
...
in case getaddrinfo(3) might fail.
In FreeBSD, AI_V4MAPPED support for getaddrinfo(3) was very recently
implemented[1]. Most of FreeBSD systems in the world do not have
this implementation yet. This will be a problem when AI_V4MAPPED
isn't supported and xrdp is built with IPv6 option. In such a case,
g_tcp_connect always fails.
Of course getaddrinfo(3) might fail in other cases. The log helps
us to know what's happening.
[1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198092
2016-02-23 18:18:28 +09:00
Jay Sorg
f100036cd9
common: minor fix for older openssl keygen
2016-02-22 11:48:54 -08:00
Jay Sorg
3bc9f1e275
Merge branch 'devel' of git:neutrinolabs/xrdp into devel
2016-02-22 11:40:28 -08:00
Jay Sorg
0d192aee62
common: fix for key generated smaller than asked for
2016-02-22 11:38:03 -08:00
Pavel Roskin
59a5fb0ddb
Move headers from EXTRA_DIST to sources, sort alphabetically
...
There should be no functional difference.
2016-02-21 23:06:48 -08:00
Pavel Roskin
92a6833e9b
Fix typos
2016-02-13 20:41:07 -08:00
Pavel Roskin
dcab7552db
Stop redefining libdir, use moduledir for ${libdir}/xrdp
...
libdir is for shared and static libraries. Some xrdp libraries are loaded
dynamically from a non-standard directory, so they are used like modules.
Having separate libdir and moduledir would eventually allow to separate
dynamically loaded modules from shared libraries.
2016-02-12 23:52:46 -08:00
Jay Sorg
425bd945a5
common: updates for file.c
2016-02-09 18:29:52 -08:00
jsorg71
f7742eddec
Merge pull request #273 from gschwind/devel
...
fix wrong handle of commented section in configuration file.
2016-02-08 16:49:39 -08:00
Itamar Reis Peixoto
08121e0840
Merge pull request #254 from metalefty/freebsd/ipv6
...
Unbreak IPv6 on FreeBSD and add IPv6-only option
2016-02-08 22:40:05 -02:00
Pavel Roskin
02c981e796
More spelling fixes found by codespell and aspell
2016-01-30 17:39:25 -08:00
Pavel Roskin
a452d8d36a
Merge AM_CFLAGS and INCLUDES info AM_CPPFLAGS
...
AM_CPPFLAGS is for flags passed to the preprocessor, such as defines and
includes. AM_CFLAGS is for flags affecting the compiler, such as debug
and optimization settings.
INCLUDES is an obsolete name. Users can pass INCLUDES and break
compilation. AM_CPPFLAGS is more explicit that the flags come from
Automake and should not be overridden.
2016-01-29 22:45:00 -08:00
Pavel Roskin
964e860072
Run through codespell
2016-01-14 08:47:50 -08:00
Jay Sorg
2893fefc91
common: check for term in force send and recv
2016-01-11 18:06:29 -08:00
Jay Sorg
4f128c530c
no logic change, remove trailing space
2015-12-11 20:37:43 -08:00
Jay Sorg
e1c7aa377f
common: fix possible deadlock in trans
2015-11-02 17:57:11 -08:00
Jay Sorg
fd793bd213
rename g_tcp_can_recv to g_sck_can_recv
2015-10-07 22:17:12 -07:00
Jay Sorg
ab3b8edf4a
common: change wait objs to use 'pipe' and remove per process temp directories in /tmp/.xrdp/
2015-10-06 20:55:47 -07:00
Jay Sorg
89f449aa01
common: set log file fd to close on exec
2015-09-27 01:25:07 -07:00
Jay Sorg
7695f3d87b
common: fix logic for internal_log_end
2015-09-27 01:24:14 -07:00
Benoit Gschwind
c9762fa3a7
fix wrong handle of commented section in configuration file.
...
- fix parssing of commented section like the line:
#[section_name]
or
![section_name]
- add few comments
- improve redability
2015-08-19 23:02:50 +02:00
Jay Sorg
4430119d40
common: remove d3des files
2015-08-18 21:19:43 -07:00
Jay Sorg
6384bae1e7
common: changes to trans for timeout
2015-08-18 21:10:23 -07:00
Jay Sorg
5c08ece708
common: add g_mirror_memcpy
2015-08-18 17:14:09 -07:00
itamarjp
960cc62a0e
add missing files into extra_dist,
...
this is required when using make dist to generate a tarball
2015-07-14 11:35:33 -03:00
Jay Sorg
6c23b85593
add timeout to trans_get_wait_objs_rw
2015-07-13 01:10:48 -07:00
Jay Sorg
136e072513
fix problem caused by b56aa98
for tls connections
2015-07-12 01:38:30 -07:00
Jay Sorg
b56aa9832e
work on main loop changes
2015-07-05 23:14:46 -07:00
Koichiro IWAO
536ee41c5e
common: add --enable-ipv6only option
2015-07-02 15:08:56 +09:00
Koichiro IWAO
5bc0453605
common: drop ipv6 autodetection only valid for linux
2015-07-02 15:08:55 +09:00
Koichiro IWAO
cd6ab20e94
common: shut up some messages in ssl_tls_print_error
...
SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE are not fatal error but just
indicate SSL_read, SSL_write, SSL_accept functions to repeat.
2015-06-12 13:03:07 +09:00
Koichiro IWAO
2a2b8bcd59
common: fix #248 TLS on FreeBSD
...
According to document[1][2][3], retry when SSL_get_error returns
SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE.
[1] https://www.openssl.org/docs/ssl/SSL_read.html
[2] https://www.openssl.org/docs/ssl/SSL_write.html
[3] https://www.openssl.org/docs/ssl/SSL_accept.html
2015-06-11 21:45:57 +09:00
Jay Sorg
33167a7c74
add frame acks and h264 codec mode basics
2015-03-28 18:34:25 -07:00
Koichiro IWAO
1f844b2d0e
common: workaround for #146
2015-03-18 08:46:23 +00:00
Koichiro IWAO
278e957dd7
common: add experimental --enable-ipv6 option
2015-03-10 14:05:13 +09:00
Jay Sorg
ef20d9d507
add keyboard options to xrdp_client_info
2015-02-05 22:04:39 -08:00
speidy
86005c5bcc
ssl_calls: fix to read certificate chains
2014-12-10 00:04:38 +02:00
Jay Sorg
d9d746ce5c
common: avoid possible SSL_shutdown crash
2014-12-02 10:52:03 -08:00
Jay Sorg
cc0406dddf
common: move tls calls to ssl_calls
2014-11-25 18:55:37 -08:00
Jay Sorg
5a8bf87c7f
common: tls, fix for pending reads
2014-11-21 20:49:01 -08:00
Jay Sorg
6b0bbbeefa
common: merge from a8
2014-11-07 22:10:59 -08:00
Jay Sorg
c0ce0821ec
common: no logic change, remove spaces
2014-08-27 11:15:31 -07:00
speidy
4015f526db
work on tls mode
2014-08-22 09:13:33 +03:00
Jay Sorg
75874b3f7a
common: some minor changes to arch.h
2014-08-12 20:01:33 -07:00
Koichiro IWAO
dd979731c4
common: fix check for big endian arches
...
Fix for: https://bugzilla.redhat.com/show_bug.cgi?id=905411
2014-08-12 18:04:26 +09:00
Jay Sorg
8397055e8b
move some hard code paths to defines in header
2014-08-06 13:21:01 -07:00
Jay Sorg
386512c0ed
common: fix some warning for TLS
2014-07-31 16:46:58 -07:00
Jay Sorg
b30b74b3b3
added keyboard info to xrdp_client_info.h
2014-07-31 15:34:05 -07:00
Jay Sorg
f49ca27ea7
common: fix for list16_insert_item
2014-07-28 00:17:42 -07:00
Laxmikant Rashinkar
0311a82c0a
coverity: copy into fixed sized buffer
2014-07-27 12:42:12 -07:00
Laxmikant Rashinkar
1c423dadf4
coverity: copy into fixed sized buffer
2014-07-26 16:33:36 -07:00
Laxmikant Rashinkar
56e43c4a38
Merge branch 'devel' of github.com:NeutrinoLabs/xrdp into devel
2014-07-26 13:33:44 -07:00
Laxmikant Rashinkar
27055d5762
coverity: improper use of negative value
2014-07-26 13:33:23 -07:00
speidy
0f9bd232d9
common: indent fix
2014-07-26 09:04:22 +03:00
Jay Sorg
2cb2de7277
common: log, g_ prefix for global
2014-07-25 22:42:07 -07:00
speidy
8e6b75b98f
Merge branch 'devel' of https://github.com/neutrinolabs/xrdp into devel
2014-07-26 08:20:19 +03:00
Jay Sorg
57b0495bc7
common: indent, not logic change
2014-07-25 22:24:40 -07:00
speidy
be51fb739c
common: xrdp_tls, indentation fix
2014-07-26 08:19:50 +03:00
speidy
c612683119
common: trans indentation fix
2014-07-26 08:14:19 +03:00
Jay Sorg
a73e66513d
common: indent, not logic change
2014-07-25 21:45:29 -07:00
Jay Sorg
9e1e6d3c3e
common: indent, not logic change
2014-07-25 21:37:59 -07:00
Jay Sorg
ff8275da58
common: indent, not logic change
2014-07-25 21:33:05 -07:00
Jay Sorg
abf5549524
common: indent, not logic change
2014-07-25 21:21:48 -07:00
Jay Sorg
4bf326080d
common: indent, not logic change
2014-07-25 21:18:40 -07:00
Jay Sorg
b39c68bdc4
common: fifo.c, os_call.h, don't need prefix dir
2014-07-24 22:31:47 -07:00
Jay Sorg
3b79792bcc
common: add default for XRDP_LOG_PATH
2014-07-24 22:29:33 -07:00
Idan Freiberg
16929efb05
Merge branch 'devel' of https://github.com/neutrinolabs/xrdp into
...
devel
Conflicts:
libxrdp/xrdp_sec.c
2014-07-23 16:44:59 +03:00
Idan Freiberg
df87033489
trans: work on TLS
2014-07-23 15:37:47 +03:00
Idan Freiberg
afdf638c7b
libxrdp, common: work on TLS mode
2014-07-23 15:31:45 +03:00
Laxmikant Rashinkar
a990287c46
coverity: fixed unchecked return value from library
2014-07-20 13:14:09 -07:00
Jay Sorg
1291d2dbbe
work on codec mode
2014-07-19 13:25:23 -07:00
Laxmikant Rashinkar
3bb31876e7
coverity: fixed resolution leak issues
2014-07-19 11:56:00 -07:00
Idan Freiberg
f0b6c6b1d1
libxrdp: started adding TLS support
2014-07-15 18:29:40 +03:00
Idan Freiberg
9007deae6f
libxrdp: added an option to enforce security layer in xrdp.ini
2014-07-09 15:33:39 +03:00