Commit Graph

166 Commits

Author SHA1 Message Date
Bolke de Bruin
a6a0e5e004 Allow domain name to be concatenated to username
If a server is multihomed (i.e. mutiple domains) the
users are identified by their domain name. This change
allows to concat the domain name to the username with
a specific separator.
2020-08-30 21:56:16 +02:00
Bolke de Bruin
b0bca1363e Add support for token authentication
This feature allows to embed a token in the username field. Tokens
are separated from the username by the ASCII field separator character
0x1F (unicode 0x001F).
2020-08-29 10:40:22 +02:00
matt335672
6f881d47d3 Rationalise ms- constants
Constants from MS documents (MS-RDPBCGR etc) moved out of
common/xrdp_constants.h into includes named after the documents.

Similar includes moved from sesman/chansrv to the common area.
2020-01-06 15:46:37 +00:00
Jay Sorg
0fbbc47092 cleanup refresh rect and check stream bounds 2019-11-07 02:03:57 +00:00
Jay Sorg
21f90e3ca2 work on suppress 2019-04-25 14:54:25 -07:00
Jay Sorg
9e9cada4ec work on suppress 2019-04-25 14:54:25 -07:00
Jay Sorg
ecf4acf5f1 work on suppress 2019-04-25 14:54:25 -07:00
Koichiro IWAO
0e9e25f100
use MS name for PDU types
RDP_PDU_REDIRECT has been removed as it is not found in MS-RDPBCGR and
not used anywhere.
2018-12-12 17:40:58 +09:00
daixj
bc150c2e56 set use_cache_glyph_v2 on if the client support 2018-10-25 17:02:43 +08:00
daixj
b3a1889200 Support Cache Glyph Revison 2, issue #367 2018-10-25 10:34:00 +08:00
jsorg71
ae1514c167
dynamic virtual channel improvements
remove not used chansrv <-> xrdp messages
move static channel disable control into libxrdp
remove some blocking read, write chansrv calls
add drdynvc calls to libxrdp
add drdynvc calls to chansrv
channel cleanup
2018-10-11 22:09:20 -07:00
Jay Sorg
8d63c32899 move openssl calls to common/libssl.c, check for defines 2017-06-22 11:47:48 +09:00
Koichiro IWAO
a1b0344db5 Use the words "cannot read" rather than "cannot open"
as the code actually tests readability.
2017-06-12 16:57:04 +09:00
Koichiro IWAO
65c1fe87d7 Log user-friendly message when certificate/privkey is inaccessible
We shouldn't assume that xrdp daemon is running under root privilege.
In many cases, root privilege is not really needed for xrdp daemon.
xrdp may fail to load certificate/privkey due to lack of permissions
when running under user privilege. Checking existence of files is not
enough and xrdp should output user-friendly log in such case.

Reported by Debian user in bug 856436 [1].

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856436
2017-06-12 16:57:04 +09:00
Pavel Roskin
43899b7e0c Allocate space for tls_ciphers dynamically 2017-03-21 10:39:40 -07:00
Pavel Roskin
6ed4c969f4 Eliminate APP_CC and DEFAULT_CC 2017-03-14 00:21:48 -07:00
Pavel Roskin
9cdcb38d87 Fix memory leak in tls_ciphers parsing 2017-03-13 17:17:06 +09:00
Koichiro IWAO
08ba9ed4a8 Remove useless comment, no logic change
Now client addr and port are properly logged.
2017-03-09 15:42:14 +09:00
Pavel Roskin
b2d3dcf169 Include config_ac.h from all source files 2017-03-04 00:52:34 -08:00
Koichiro IWAO
096baec331 no cast is needed for NULL 2017-02-27 14:17:25 +09:00
Koichiro IWAO
849c1a22a2 TLS: switch ssl_protocols to a comma separated list 2017-02-27 14:17:25 +09:00
Koichiro IWAO
c64e9992e6 TLS: warn if no SSL/TLS protocols enabled 2017-02-27 14:17:25 +09:00
Koichiro IWAO
e94ab10e14 TLS: new method to specify SSL/TLS version
SSL/TLS protocols only listed in ssl_protocols should be used.
The name "ssl_protocols" comes from nginx.

Resolves #428.
2017-02-27 14:17:25 +09:00
Idan Freiberg
482671fd18 Merge pull request #625 from speidy/proxy_session_info
Pass session info in proxy mode
2017-01-23 08:15:18 +02:00
Idan Freiberg
19375dda7a Merge pull request #426 from metalefty/log-tls-version-and-cipher
TLS: log TLS version and cipher
2017-01-16 07:26:51 +02:00
speidy
b7da395b5e libxrdp: use constant RDP_DATA_PDU_LOGON 2017-01-15 08:51:43 +02:00
Jay Sorg
6f74efa70a add session_info
Conflicts:
	libxrdp/libxrdp.h
2017-01-15 08:20:50 +02:00
Koichiro IWAO
f29a98b243 TLS: log client port in addition to ssl protocol and cipher 2017-01-13 17:59:29 +09:00
speidy
94cdbdcee6 libxrdp: change channel_code into a meaningful name 2017-01-06 07:59:49 +02:00
speidy
a96c91b38e libxrdp: fix Fast-Path Synchronize Update message 2016-12-27 09:53:53 +02:00
Pavel Roskin
8069b29429 Recognize security_layer=negotiate in xrdp.ini, improve logging
security_layer=negotiate is documented, but the code is complaining
loudly about it. Fix it, make sure not to change the actual behavior
apart from the logging.

Improve the log message for unrecognized security_layer setting.
2016-11-27 23:49:32 -08:00
Koichiro IWAO
2c9ff1a4d4 log non TLS session 2016-11-22 10:50:31 +09:00
Koichiro IWAO
40e8194122 TLS: log TLS version and cipher 2016-11-22 10:50:30 +09:00
Pavel Roskin
9ac592b218 Don't use term "missing" when using default files, it's too alarming
Also improve messages when non-absolute path is rejected.
2016-10-17 08:38:22 -07:00
Alex Illsley
47124df4ed new options for xrdp.ini disableSSlv3=yes and tls_ciphers=HIGH and code to implement 2016-08-25 11:20:47 -07:00
Carsten Grohmann
7f0d059d84 Improve certificate log messages 2016-06-11 10:58:15 +02:00
Pavel Roskin
ca9cbcafc8 Typo fixes 2016-05-04 23:33:30 -07:00
Pavel Roskin
70f3d4c5e2 Fix warnings for unused variables read from byte streams 2016-04-23 00:18:38 -07:00
Pavel Roskin
22e808a186 Add missing spaces in the strings that are split for line wrapping 2016-02-12 23:52:45 -08:00
speidy
9fb02e381d libxrdp: xrdp_iso: changed logs, some fixes in security layer
negotiation.
2015-06-04 16:48:41 +03:00
Jay Sorg
33167a7c74 add frame acks and h264 codec mode basics 2015-03-28 18:34:25 -07:00
Jay Sorg
253028431c libxrdp: opps, fix typeo 2014-12-23 22:51:10 -06:00
Jay Sorg
25809f4f1c libxrdp: no logic change, tabs to spaces 2014-12-23 20:04:20 -08:00
speidy
52cac06092 libxrdp: delete NLA header detection for now, TLS is working now with
mstsc
2014-11-21 03:17:45 +02:00
speidy
4015f526db work on tls mode 2014-08-22 09:13:33 +03:00
Jay Sorg
ffed349875 added option to set rdp crypto level to none 2014-08-05 12:28:54 -07:00
Idan Freiberg
16929efb05 Merge branch 'devel' of https://github.com/neutrinolabs/xrdp into
devel

Conflicts:
	libxrdp/xrdp_sec.c
2014-07-23 16:44:59 +03:00
Idan Freiberg
afdf638c7b libxrdp, common: work on TLS mode 2014-07-23 15:31:45 +03:00
Jay Sorg
1291d2dbbe work on codec mode 2014-07-19 13:25:23 -07:00
Laxmikant Rashinkar
3bb31876e7 coverity: fixed resolution leak issues 2014-07-19 11:56:00 -07:00