matt335672
d02059d967
Add missing ssl_sha1_clear()/ssl_md5_clear() calls
2022-01-20 16:43:00 +00:00
matt335672
cffce1f856
Only advertise X11 clip formats we can supply
2022-01-14 11:11:03 +00:00
Kentaro Hayashi
47bc56f5a4
Add sesman.ini new text/file/image restriction settings
...
RestrictInboundClipboard is added.
Then, RestrictOutboundClipboard/RestrictInboundClipboard configuration
is extended to accept comma separated list.
* RestrictOutboundClipboard=none
* RestrictOutboundClipboard=text
* RestrictOutboundClipboard=file
* RestrictOutboundClipboard=image
* RestrictOutboundClipboard=all
* RestrictOutboundClipboard=text, image, file
For compatibility, the following configuration is also
accepted (alias)
* RestrictOutboundClipboard=true
* RestrictOutboundClipboard=false
* RestrictOutboundClipboard=yes
2022-01-14 10:17:02 +09:00
Kentaro Hayashi
1d6d80d14f
Block inbound clipboard text/image/file respectively
...
Disable clipboard_event_selection_request call is overkill for
blocking text/image/file purpose.
For example, it breaks existing behavior (slow response from gedit,
gimp as a side effects)
Instead, in clipboard_event_selection_request, these media format will
be blocked respectively which depends on the following configurations
in sesman.ini [Security] section.
* RestrictInboundClipboard=text
* RestrictInboundClipboard=file
* RestrictInboundClipboard=image
You can also set comma separated list.
* RestrictInboundClipboard=text,file,image
2022-01-14 10:17:02 +09:00
Kentaro Hayashi
fb1c4ec945
Block outbound clipboard text/image/file respectively
...
RestrictOutboundClipboard kills all of test/file/image
transfer via clipboard.
For controlling each content type behavior,
clipboard_xevent is not appropriate place to block respectively.
Instead, in clipboard_event_selection_notify, these media type
will be blocked which depends on the following configurations in
sesman.ini [Security] section.
* RestrictOutboundClipboard=text
* RestrictOutboundClipboard=file
* RestrictOutboundClipboard=image
You can also set comma separated list
* RestrictOutboundClipboard=text, file, image
2022-01-14 10:17:02 +09:00
Kentaro Hayashi
bd82084505
Extend In/Outbound text,file,image restriction respectively
...
It supports the extended configurations for sesman.ini:
Before:
[Security]
RestrictOutboundClipboard=true or false
After:
[Security]
RestrictInboundClipboard=[true or false | text or file or image | comma separated list]
RestrictOutboundClipboard=[true or false | text or file or image | comma separated list]
Above configuration is disabled by default (false)
And it can be specified comma separated list like this:.
RestrictInboundClipboard=file, image
RestrictOutboundClipboard=text, file, image
Note that if RestrictOutboundClipboard=true,file is set,
file is ignored and it is treated as RestrictOutboundClipboard=true
It is same for RestrictInboundClipboard.
2022-01-14 10:17:02 +09:00
matt335672
ab0e141fa9
Merge pull request #2011 from matt335672/unify_scpv0_code
...
Unify scpv0 code #2011
2022-01-05 11:06:42 +00:00
Kentaro Hayashi
53027ad5af
Use LOG instead of LOG_DEVEL
...
According to https://github.com/neutrinolabs/xrdp/wiki/Logging ,
it may be better to emit this log message because this log is
useful for system administrator to know whether RestrictOutboundClipboard
configuration works or not
And raise log level to info because it is informative for system
administrator.
2021-12-23 12:58:35 +09:00
Kentaro Hayashi
23906383b6
clipboard: Fix wrong debug level log message for g_file_atom2
...
As g_file_atom2 is x-special/gnome-copied-files
(See g_file_atom2 definition in sesman/chansrv/clipboard.c),
it should be "x-special/gnome-copied-files" in this context.
Signed-off-by: Kentaro Hayashi <hayashi@clear-code.com>
2021-12-06 12:40:41 +09:00
matt335672
5c610aee28
Modify sesrun to use common SCP V0 interface
2021-11-25 13:30:34 +00:00
matt335672
30a92cb095
Changes to libtrans interface
2021-11-25 13:30:34 +00:00
matt335672
5862a6123f
Changes for unifying libscp code
2021-11-25 13:30:34 +00:00
matt335672
8b9b22c773
Create shared GUID module to simplify session guid handling
2021-11-25 13:29:55 +00:00
matt335672
ce23c824ea
Merge pull request #1976 from matt335672/fail2ban_support
...
Fail2ban support (#1076 )
2021-11-18 10:11:12 +00:00
matt335672
a49144be73
Avoid deadlock in clipboard copy code
2021-10-25 16:16:59 +01:00
matt335672
b87b7f9ee8
Add xfuse_path_in_xfuse_fs()
2021-10-25 16:16:54 +01:00
matt335672
0b28fe05b6
Address review comments
2021-10-25 11:35:35 +01:00
matt335672
5fb621ca53
Logged IP address for fail2ban on login failure
2021-10-25 11:35:35 +01:00
matt335672
60016c1f75
Rename client_ip to connection_description
2021-10-25 11:35:35 +01:00
matt335672
d868c00e2c
Adding (working) stanza for Apline to startwm.sh
2021-09-27 14:41:44 +01:00
matt335672
346f48401e
Revert 57bf8b8a5c
2021-09-27 10:52:18 +01:00
matt335672
32d5d7cc27
Merge pull request #2001 from metalefty/clipfile-fail
...
clipboard file: Implement MS-RDPECLIP 3.1.5.4.7 compliance (#2001 )
2021-09-21 10:37:35 +01:00
Koichiro IWAO
eb848747d2
clipboard file: adjust log level and add some detailed info
2021-09-21 18:19:47 +09:00
Koichiro IWAO
ad13956b12
clipboard file: Implement MS-RDPECLIP 3.1.5.4.7 compliance
...
If the requested file data could not be retrieved or the sender received
an unsuccessful Format List Response PDU (section 3.1.5.2.4), then the
clipHeader field MUST contain the CB_RESPONSE_FAIL (0x0002) flag and the
requestedFileContentsData field MUST contain no data (zero-length).
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpeclip/5d3991e9-440d-4e4d-8b8d-391c324c4007
Fixes #1997 .
2021-09-21 16:50:42 +09:00
matt335672
2dbec63327
Add Nautilus 3 compatibility
2021-09-16 10:02:02 +01:00
matt335672
253ea6eb6d
Send clip response for string while file list is available
2021-09-16 10:02:02 +01:00
matt335672
d9988c340c
Improve error checking and logging for returned CLIPRDR_FILELIST
2021-09-16 10:02:02 +01:00
matt335672
e1bbef99aa
Check CLIPRDR_FILEDESCRIPTOR is present before reading it
2021-09-09 14:38:07 +01:00
matt335672
8fdf7b518c
Correct filename padding skip in CLIPRDR_FILEDESCRIPTOR
2021-09-09 14:38:04 +01:00
matt335672
6a5895ce37
Remove unnecessary malloc/free
2021-09-09 14:37:35 +01:00
matt335672
9d8676f89d
Corrected size of filename in struct clip_file_desc
2021-09-09 14:37:27 +01:00
matt335672
8e9fb8008f
Addressed review comments
2021-09-08 11:51:21 +01:00
matt335672
d32953c405
Parse DEVICE_ANNOUNCE header correctly
2021-09-08 11:33:43 +01:00
matt335672
b481351ad7
Merge pull request #1954 from metalefty/clipboard-file-log
...
clipboard: log file transfer for the purpose of audit (#1954 )
2021-08-11 09:19:16 +01:00
Koichiro IWAO
1722451715
clipboard: log file transfer for the purpose of audit
...
Sponsored by: @CyberTrust and @haw
2021-08-11 15:38:24 +09:00
Francesco Colista
57bf8b8a5c
sesman/startwm.sh : add support for Alpine Linux
2021-08-09 16:52:11 +02:00
matt335672
5c9839a7f4
Address review comments
2021-07-27 13:36:34 +01:00
matt335672
d4c81229ba
Module testing now OK
2021-07-27 13:36:34 +01:00
matt335672
c9afd804a4
Minor const and comment fixes
2021-07-27 13:36:34 +01:00
matt335672
a10de5c5aa
Removed struct SCP_CONNECTION type entirely
2021-07-27 13:36:34 +01:00
matt335672
3643cc37ec
Fix compile issues with SCP states
2021-07-27 13:36:34 +01:00
Jay Sorg
95d4de206d
work on moving to trans for scp v1
2021-07-27 13:36:32 +01:00
Jay Sorg
738e346f81
sesman: work on moving sesman to trans, v0 scp working
2021-07-27 13:35:43 +01:00
matt335672
36ec662a13
Log a message for failed logins
2021-07-19 09:29:04 +01:00
matt335672
20ec03dbe0
Merge pull request #1900 from matt335672/issue1885
...
Rework VNC text clipboard interface (#1900 )
2021-07-07 09:22:57 +01:00
matt335672
a79f5c00b1
Replace snprintf() with g_snprintf()
2021-06-17 15:15:59 +01:00
matt335672
87701051d3
Update conversation header following review
2021-06-10 15:45:49 +01:00
matt335672
ce666a02fa
Bring the PAM module up to date
2021-06-10 15:45:49 +01:00
matt335672
87bbfd96ca
Use symbolic names for static virtual channel name strings
2021-06-08 14:11:17 +01:00
matt335672
3ea19ef0cd
Create ms-rdpeclip.h and update ms-rdpbcgr.h
2021-06-08 14:11:17 +01:00
matt335672
eda01f0853
Fix chansrv unterminated streams
2021-05-28 10:57:12 +01:00
matt335672
d0a8ed37e0
Fix file I/O buffer probs detected by --enable-devel-streamcheck
2021-05-28 10:57:12 +01:00
matt335672
52a52daddd
Split development option into separate things
2021-05-28 10:57:12 +01:00
Alexandre Quesnel
52707ac686
Fixing formatting with astyle
2021-05-08 16:58:11 +00:00
Alexandre Quesnel
cbf6adb4be
Adding logs to sesman/session.c
2021-04-14 04:41:54 +00:00
matt335672
86c87b6f15
Move get_display_num_from_display to string_calls module
2021-04-13 12:16:00 +01:00
matt335672
e7cb5bd64a
Allow DISPLAY=:0 for chansrv and in other modules
2021-04-13 12:15:26 +01:00
matt335672
741be5a4a2
Enable FUSE in cirrus build
2021-04-09 10:04:30 +01:00
aquesnel
0ec471b02d
Add detailed logging to libxrdp ( #1742 )
...
* Added s_rem(s) for getting the remaining bytes in a stream
* Added s_rem_out() macro
* Fixed 15bpp pointer error checking
* Combined the 512 and 2048 bit certificate sending code paths
* Other detailed comments and logging added following MS-RDPBCGR
2021-02-04 10:11:54 +00:00
matt335672
1e13533048
Remove output on stdout by default on daemon startuip
2021-01-07 10:50:16 +00:00
matt335672
8ab3a2e9f8
Bumped cppcheck version to 2.3
...
addressed resulting warnings
2020-12-31 11:27:14 +00:00
matt335672
8205559959
Fix regressions in auth modules
2020-12-29 09:48:01 +00:00
Khem Raj
d4e9b0f637
correct the location of errno.h
...
Fixes build on musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-12-22 23:11:50 -08:00
matt335672
0a1a8f40e5
Moved a lot of string funcs to string_calls module
2020-12-22 11:57:24 +00:00
matt335672
5523847540
Allow FuseMountName for chansrv to be absolute path
2020-12-21 12:36:31 +00:00
metalefty
785db575ca
Merge pull request #1751 from matt335672/address-minor-user-comments
...
Cosmetic fixes for minor issues
2020-12-21 16:12:58 +09:00
metalefty
61fd63f028
Merge pull request #1756 from metalefty/delete-socket-files
...
sesman: address the issue of socket file leftovers
2020-12-21 13:49:20 +09:00
metalefty
835536b406
Merge pull request #1741 from matt335672/sesrun-improvements
...
sesrun improvements and doc fixes
2020-12-21 13:45:57 +09:00
Koichiro IWAO
31214f15a6
sesman: reflect review suggestions on cleanup_sockets
...
* Use LOG_LEVEL_WARNING for the deletion failure
* Log the error condition when the deletion failed
2020-12-21 13:28:53 +09:00
metalefty
5b73fb9c31
Merge pull request #1755 from metalefty/man
...
man page fixes after neutrinolabs/xorgxrdp#175
2020-12-19 14:03:49 +09:00
Koichiro IWAO
5114d1ee64
sesman: address the issue of socket file leftovers
...
There are two points.
Make sure cleanup files happen after chansrv and Xserver exit. If these
child processes lock socket files, the deletion might fail.
Usually, cleanup of xorgxrdp related socket files is handled by
xorgxrdp. Just in case it failed, perform cleanup also in sesman.
Fixes #1740 . Thanks to @matt335672.
Sponsored by: Cybertrust Japan
Sponsored by: HAW International
2020-12-18 18:30:49 +09:00
Koichiro IWAO
6562c9d958
man page fixes after neutrinolabs/xorgxrdp#175
2020-12-18 15:21:21 +09:00
metalefty
87d710e89b
Merge pull request #1727 from RisingWater/devel
...
Update verify_user_pam.c
2020-12-17 16:15:43 +09:00
matt335672
7ddc43aeea
Cosmetic fixes for minor issues
2020-12-14 11:35:31 +00:00
matt335672
633716bbad
sesrun improvements and doc fixes
2020-12-09 11:44:17 +00:00
matt335672
e6c1df64d3
Added --config/-c to sesman
2020-12-09 10:19:14 +00:00
matt335672
8d994a547d
Add log_config_init_for_console() for utilities
2020-11-30 11:04:21 +00:00
Alexandre Quesnel
0c61a15fc5
Migrating logging to LOG() and LOG_DEVEL() in sesman/*
2020-11-30 00:36:20 +00:00
RisingWater
9efdd92c2a
Update verify_user_pam.c
...
change to g_memset
2020-11-19 11:03:43 +08:00
RisingWater
5d8f451a41
Update verify_user_pam.c
...
when a system give a tip message in function verify_pam_conv, authenticate will fail.
so it need skip this message to make sure authenticate success.
2020-11-17 11:48:26 +08:00
D.V.Yacenko
a6a785d7a4
Allow parameters for XRDP run bash script
...
Allows run bash script with parameters on xrdp. For example rdesktop -s "myscript.sh params"
2020-10-22 16:12:55 +01:00
metalefty
176b4b15a2
Merge pull request #1702 from yifanjiang/devel
...
startwm.sh: Additionally support /usr/etc/X11/xdm/Xsession
2020-10-19 14:33:53 +09:00
Alexandre Quesnel
a9ec1ebd99
Unifying logging in chanserv
...
This commit adds:
* replace multiple logging macros with LOG and LOG_DEVEL
* logging configuration for chanserv
* logging configuration for console output
* logging configuration for per file or method log level filtering for
debug builds
* file, line, and method name in log message for debug builds
2020-10-19 05:10:47 +00:00
Yifan J
31a910a275
startwm.sh: Additionally support /usr/etc/X11/xdm/Xsession in SUSE
...
distributions
https://lists.opensuse.org/opensuse-factory/2019-08/msg00113.html
2020-10-19 09:35:03 +08:00
Alexandre Quesnel
12a0266f1e
Use a single type for the fuse file handle callback context
2020-09-15 15:37:56 +00:00
matt335672
79b88d7f30
Merge pull request #1635 from matt335672/minus-c-option-chansrv
...
chansrv improved config support
2020-09-09 09:59:43 +01:00
Alexandre Quesnel
a7462404d5
Adding casts for narrowing to pointer width for issue #1678
2020-09-08 21:04:02 +00:00
matt335672
edda1b064d
chansrv improved config support
2020-09-08 16:58:03 +01:00
matt335672
8bd7309d72
Updated sesman.ini comment for Policy= in line with the manpage
2020-08-26 10:04:33 +01:00
bolkedebruin
5cd36c511c
Set max character buffer len to 512 per MS specification
...
The MS specs determine that the character buffer lenngths
for usernames, domains, passwords, alternate shells, etc
can be up to 512 characters including the mandatory null
terminator.
2020-08-17 10:35:35 +02:00
metalefty
f3e42fc209
Merge pull request #1640 from aquesnel/build_debug_werror
...
Fixing the build with --enable-xrdpdebug and CFLAGS=-Werror -Wall
2020-08-11 14:01:52 +09:00
Koichiro IWAO
00dca40bf8
sesman.ini: Update Xorg path for CentOS 8
...
Closes #1646 .
2020-08-03 10:39:04 +09:00
Alexandre Quesnel
7e58209b19
Fixing the build with --enable-xrdpdebug and CFLAGS=-Werror -Wall
2020-07-25 23:53:26 +00:00
matt335672
7384f6e574
Fixed CVE-2020-4044 CI errors
2020-06-29 11:38:24 +01:00
matt335672
e593f58a82
Fix for CVE-2020-4044
...
Reported by: Ashley Newson
2020-06-26 20:06:02 +09:00
matt335672
3c4b42b1aa
Implemented resize and multimon support for VNC backend
2020-06-04 15:10:35 +01:00
matt335672
aa0dbbae15
Added CHANNEL_NAME_LEN to ms-rdpbcgr.h
2020-04-27 15:01:56 +01:00
matt335672
617283eb34
Remove unnecessary g_malloc() call
2020-04-24 11:27:36 +01:00
matt335672
7ef01f7b0c
Address memory allocation overflow security issues
2020-04-23 17:29:06 +01:00
Koichiro IWAO
1adb3c7b33
Fix Xorg path for Arch Linux
...
It has been moved: https://www.archlinux.org/packages/extra/x86_64/xorg-server/
Fixes : #1448
2020-04-02 16:18:06 +09:00
matt335672
a2266f23f6
Allow a redirected drive device_id to be zero (Guacamole support)
2020-03-03 16:16:09 +00:00
matt335672
a3d429b4f7
Minor fixes to drive redirection
2020-03-03 16:14:24 +00:00
matt335672
77686bf832
Fix cppcheck 1.89+1.90 warnings
2020-01-30 10:36:23 +00:00
metalefty
6d7cce3d34
Merge pull request #1484 from matt335672/cppc-chansrv-pcsc
...
xrdp_pcsc: Fix cppcheck 1.82 + 1.90 warnings
2020-01-30 10:28:36 +09:00
Derek Schrock
72bece526b
return from xfs_delete_xfs_fs if NULL
2020-01-27 21:15:09 -05:00
matt335672
70d78dfb6f
Fix cppcheck 1.82 + 1.90 warnings
2020-01-17 11:18:46 +00:00
metalefty
627da8da3e
Merge pull request #1470 from matt335672/rename-includes
...
Move MS-defined constants into separate includes
2020-01-16 15:01:18 +09:00
matt335672
6f881d47d3
Rationalise ms- constants
...
Constants from MS documents (MS-RDPBCGR etc) moved out of
common/xrdp_constants.h into includes named after the documents.
Similar includes moved from sesman/chansrv to the common area.
2020-01-06 15:46:37 +00:00
Ilya Shipitsin
00f17c3ffc
sesman/chansrv/chansrv_fuse.c: resolve double free found by cppcheck
...
sesman/chansrv/chansrv_fuse.c:1719:9: error: Memory pointed to by 'full_path' is freed twice. [doubleFree]
2020-01-06 13:38:02 +05:00
matt335672
3820d279e2
Added includes for C/POSIX types referenced in chansrv_fuse.h to chansrv_fuse.h
2019-12-22 12:37:38 +00:00
matt335672
3ef2e7ce49
CI Fixes
2019-12-05 16:44:52 +00:00
matt335672
4d8f2b5a31
Significant remote file system improvements
...
- Reimplemented inode store in separate module chansrv_xfs.[hc]
- Allowed atimes and mtimes to be written to Windows side
- Mapped file user write bit to (inverted) Windows FILE_ATTRIBUTE_READONLY bit
- Mapped file user execute bit to Windows FILE_ATTRIBUTE_SYSTEM bit
- Implemented improved security for remotely mounted drives
- Implemented USB device removal, allowing hot-plug/remove of memory sticks
- Fixed pagefile.sys breaking Ubuntu file browser
- Fixed write offset bug
- Allowed renaming of open files
- Improved reported error codes
- Fixed various memory leaks
- Addressed valgrind errors related to struct fuse_file_info pointers.
2019-12-05 11:41:32 +00:00
Jay Sorg
d7b1f12d9b
default rdpsnd audin off, can enable with --enable-rdpsndaudin
2019-10-22 22:48:15 -07:00
Jay Sorg
351c92dfba
sesman: fix for sesman startup without startup script
2019-10-16 13:53:22 -07:00
Jay Sorg
cf67dd56bf
chansrv: no logic change, fix typo
2019-07-10 11:18:07 -07:00
Jay Sorg
417bb71abf
chansrv: env var to disable rdpsnd record
2019-07-08 22:45:58 -07:00
Jay Sorg
933394c6be
chansrv: remove excessive logging
2019-07-08 22:40:31 -07:00
Jay Sorg
8aedd31762
chansrv: use rdpsnd record if supported, else try AUDIO_INPUT(MS-RDPEAI)
2019-07-08 22:03:27 -07:00
Jay Sorg
c5798df0bd
chansrv: hook up audin
2019-07-08 18:25:59 -07:00
Jay Sorg
ae40ff27c8
chansrv: audin close should chose channel
2019-07-07 22:05:46 -07:00
Jay Sorg
a9a823b0da
chansrv: audio in partial working
2019-07-04 23:52:18 -07:00
Jay Sorg
3c9241022a
chansrv: add audin.c/h
2019-07-03 21:31:52 -07:00
Jay Sorg
e14ea4ff2e
chansrv: drop g_sent_flag, not very useful and some clients skip acks
2019-06-23 20:52:55 -07:00
Jay Sorg
4ad9e48ff5
chansrv: don't let audio fall behind
2019-06-22 23:01:13 -07:00
Koichiro IWAO
ae2cbbb2e0
Fix build after #1327
...
Fixes #1335 .
In file included from ./irp.h:27:
./chansrv_fuse.h:39:5: error: unknown type name 'time_t'
time_t atime; /* Time of last access. */
^
./chansrv_fuse.h:40:5: error: unknown type name 'time_t'
time_t mtime; /* Time of last modification. */
^
./chansrv_fuse.h:41:5: error: unknown type name 'time_t'
time_t ctime; /* Time of last status change. */
^
3 errors generated.
*** Error code 1
2019-04-18 14:25:46 +09:00
matt335672
fe97b983f5
Remove unnecessary reference from sesman/config.c
...
Following commit 81703c426f
, there are
no longer any references to g_cfg from within this file, and so the
external reference can be removed.
2019-04-11 11:28:33 +01:00
metalefty
006721fea8
Merge pull request #1327 from matt335672/implement-separate-lookup
...
XFuse file overwrite and lookup improvements
2019-04-11 15:56:24 +09:00
matt335672
6a6442e32f
Fix sing symbol link error when --disable-fuse is set
2019-04-02 13:08:47 +01:00
matt335672
d154df5059
Add remote drive lookup functionality to fuse
...
- Replace xfuse_cb_enum_dir() directory callback for adding files with
more general xfuse_devredir_add_file_or_dir() to be called from a
directory or a lookup operation.
- Moved XRDP_INODE out of public interface for chansrv_fuse, and replaced
with simpler struct file_attr to pass to
xfuse_devredir_add_file_or_dir()
- Allow a struct file_attr to be placed in an IRP for assembly of file
attributes over multiple IRP_MJ_QUERY_INFORMATION requats.
- Add dev_redir_lookup_entry() to public interface for devredir.c
- Add xfuse_devredir_cb_lookup_entry() callback to public interface for
chansrv-fuse.c
2019-04-01 14:15:12 +01:00
matt335672
ef9013b4d9
Implement O_WRONLY option for open file
...
Allows files to be overwritten on Linux without EIO
Logging improved on failed write
2019-04-01 14:14:46 +01:00
matt335672
c43c9cd551
Code tidyups
...
- Remove unused 'is_synced' member from struct xrdp_inode
- Move prototype for xfuse_devredir_cb_write_file() to correct file
- Add const correctness to dev_redir_strings_ends_with() function
- Add const correctness to fuse_reverse_pathname() function
- Moved devredir_proc_cid_* functions out of devredir.h and made static
- Added XFUSE_DUMP_ADDED_ENTRIES maro for debugging
- Removed duplicate code path in xfuse_remove_dir_or_file()
- Removed duplicate code path in xfuse_cb_rename()
- Removed duplicate code path in xfuse_create_dir_or_file()
- Removed duplicate code path in xfuse_cb_open()
- Removed duplicate code path in xfuse_proc_opendir_req()
2019-04-01 14:14:22 +01:00
matt335672
c31b3b0dc2
chansrv_fuse.c tidyups
...
- Remove unused USE_SYNC_FLAG macro
- Remove unused members invoke_fuse, off, dirbuf1 from XFUSE_INFO
- Clear f_fifo_opendir entries on deinit
- Added some comments and fixed some others
2019-04-01 14:13:57 +01:00
Koichiro IWAO
81703c426f
sesman: Fix default_wm and reconnect_sh refer wrong path after SIGHUP
...
Changes in #1147 had a bug. Fixes #1315 .
Reported by: Daniel Hoffend
2019-03-28 11:42:32 +09:00
metalefty
ec05d4208d
Merge pull request #1298 from jaroslaw-osmanski/restrict-outbound-clipboard
...
Restrict outbound clipboard
2019-03-20 10:37:40 +09:00
Jaroslaw Osmanski
56fe961349
Fixed style and format issues.
2019-03-08 08:42:18 +01:00
Jaroslaw Osmanski
7d7e8184ae
Use CHANSRV_RESTRICT_OUTBOUND_CLIPBOARD env between sesman -> chansrv
2019-03-02 16:53:15 +01:00
Jaroslaw Osmanski
1b6bfa682c
Log when outbound copy was rejected because RestrictOutboundClipboard was set
2019-03-01 14:49:57 +01:00
matt335672
d49f405130
Add implementation of xfuse_deinit_xrdp_fs()
2019-02-26 13:22:30 +00:00
Jaroslaw Osmanski
46c33ddaf4
Read sesman config in clipboard
2019-02-26 11:36:32 +01:00
Krzysztof Adamski
751cd97018
reapply outboud-resitrcted clipboard
2019-02-26 07:40:17 +01:00
Jaroslaw Osmanski
0d8a49ab13
astyle formatting for sesman config.h and chansrv clipboard
2019-02-26 07:40:10 +01:00
4680414@qq.com
e655fe6a1b
libscp v1 server set height twice,and not set width. so fix it.
2019-02-15 09:18:37 +08:00
Koichiro IWAO
88f0d3114d
Fix build with FDK AAC v2
...
Original fix provided by takefu. See also:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233556
2018-11-28 01:31:14 +09:00
Koichiro IWAO
a4b0aa9355
Remove x11rdp from config
...
as it is already deprecated. x11rdp is complicated to build and very few
people using it actually. However, some people still select "X11rdp"
session and get stuck despite not installing x11rdp.
https://github.com/neutrinolabs/xrdp/issues/962#issuecomment-430545526
People who really want to use x11rdp should revert this commit.
2018-10-18 11:19:38 +09:00
metalefty
c2ade7a1f7
Merge pull request #1225 from savisko/devel
...
Fix crash of xrdp-chansrv process, issue #1202 .
2018-10-18 10:49:09 +09:00
metalefty
a83400060b
Merge pull request #1227 from metalefty/idle-disc
...
Ressurect IdleTimeLimit
2018-10-18 10:40:12 +09:00
Koichiro IWAO
5ea403430a
Sort & reword description of IdleTimeLimit
2018-10-16 16:53:33 +09:00
jsorg71
ae1514c167
dynamic virtual channel improvements
...
remove not used chansrv <-> xrdp messages
move static channel disable control into libxrdp
remove some blocking read, write chansrv calls
add drdynvc calls to libxrdp
add drdynvc calls to chansrv
channel cleanup
2018-10-11 22:09:20 -07:00
Michael Savisko
47d8e03d3a
Fixed compilation warning in previous commit.
2018-10-11 13:51:59 +03:00
Michael Savisko
ba93badf73
Fix crash of xrdp-chansrv process, issue #1202 .
...
In xfuse_create_file_in_xrdp_fs insure that xfuse_fs is properly initialized.
2018-10-11 13:11:24 +03:00
Koichiro IWAO
f84f3de478
docs: ressurect IdleTimeLimit
...
This reverts commit 513f767996
.
2018-10-10 17:47:12 +09:00
Koichiro IWAO
2a85a65d08
show more helpful message if xrdp-dis failed
2018-09-11 11:58:44 +09:00
Koichiro IWAO
d6992cf62d
sesman: add XRDP_ prefix to xrdp related environment variable
...
and remove CHANSRV, use the shorter name
2018-09-04 16:01:40 +09:00
Koichiro IWAO
59f3a79fe4
sesman: pass pulse socket name via environment variable
2018-09-04 16:01:40 +09:00
Idan Freiberg
5d2c5b1410
chansrv: remove pulseaudio modules from xrdp source tree
...
its actually an independent code which is not part of xrdp
moved to its own repoistory: https://github.com/neutrinolabs/pulseaudio-modules
Signed-off-by: Idan Freiberg <speidy@gmail.com>
2018-08-03 06:12:53 +03:00
Koichiro IWAO
ff85cb4530
Merge branch 'wfix-pulsechansrv-makefile' into devel
2018-08-03 10:05:46 +09:00
Brandon Wooldridge
8427c3601b
Corrected spacing between arguments to cc
for Pulseaudio chanserv Makefile
2018-08-02 15:24:46 -07:00
matt335672
c467ba6b04
Add handler for fatal X server conditions
...
Unless X server failures are caught, these can cause a premature
exit of chansrv, giving it no chance to clean up. This is currently a
particular problem for fuser mounts.
2018-07-19 08:16:29 +01:00
Koichiro IWAO
eda1842825
sesman: add comments, no logic change
2018-06-19 12:57:30 +09:00
Koichiro IWAO
6e16b38ecc
sesman: fix potential buffer over flow
2018-06-16 16:44:37 +09:00
Koichiro IWAO
9192e95c96
sesman: fix logging after default_wm change
2018-06-16 16:44:37 +09:00
Koichiro IWAO
6fb18cd5fa
docs: document configurable reconnect script path
2018-06-16 16:44:37 +09:00
Koichiro IWAO
a39b413746
sesman: make the path of reconnect script configurable
2018-06-16 16:44:37 +09:00
Koichiro IWAO
e82f212f34
sesman: accept full path for DefaultWindowManager
...
Solves: #1143
Also, this idea is inspired by Fedora's patch [1]. Some distro wants to
put all scripts in libexec directory due to SELinux. This enables
distros to put such scripts anywhere.
[1] https://src.fedoraproject.org/cgit/rpms/xrdp.git/tree/xrdp-0.9.6-scripts-libexec.patch?id=02f845c1b8cea781313cf3e9efcd6d7d50341824
2018-06-16 16:44:37 +09:00
Idan Freiberg
036c292120
Merge pull request #1146 from metalefty/sesman-leak
...
sesman: fix leak in struct config_sesman
2018-06-14 12:43:02 +03:00
metalefty
f83d967f46
Merge pull request #1120 from matt335672/set-env-on-reconnect
...
Copy the PAM session environment for the reconnect script
2018-06-14 11:04:43 +09:00
Koichiro IWAO
037d4eeece
sesman: fix leak in struct config_sesman
2018-06-13 17:20:03 +09:00
Koichiro IWAO
2262f1361f
sesman: close stdout/stderr earlier
...
not to spit on the console
2018-06-05 00:19:36 +09:00
Koichiro IWAO
6ae3052a0f
sesman: don't spit on the console when starting
...
As the Debian patch[1] expresses, spitting messages on the console when
a process starts in background is a bad idea. Everything should be
written to log file and daemon should start silently. This is a first
step to shut up daemons.
Got some idea from Debian Remote Maintainers and Thorsten Glaser,
thanks!
[1] 2751ad4d62/debian/patches/shutup-daemon.diff
2018-06-05 00:19:36 +09:00
Koichiro IWAO
19fa26a27e
sesman: don't print config in reader function
...
reader function should just read. Add config_dump function to print read
config.
2018-06-05 00:19:35 +09:00
Koichiro IWAO
de33a7832e
sesman: s/XOrg/Xorg/g, no logic change
...
X.Org is usually spelled X.Org or Xorg.
2018-06-05 00:19:35 +09:00
Koichiro IWAO
e4857b13fa
sesman: config_read_logging function no longer exists
2018-06-05 00:19:33 +09:00
matt335672
cde5b09129
Copy the PAM session environment for the reconnect script
...
This provides access to variables set at login which may be
required by the script (e.g. KRB5CCNAME)
2018-05-31 10:54:38 +01:00
metalefty
39b664fc27
Merge pull request #1108 from aiden0z/devel
...
sesrun support start other session based on session_code argument
2018-04-22 13:45:18 +09:00
Aiden Luo
7864f9d692
sesrun support start other session based on session_code argument
2018-04-20 18:11:27 +08:00
Koichiro IWAO
819c506d26
sesman: Update Xorg help comment for Arch Linux
...
As reported in #1106 , Arch Linux looks to me like using Xorg wrapper now.
2018-04-19 01:21:54 +09:00
Koichiro IWAO
a63c411772
sesman: rename vnc password file, just a cosmetic change
2018-03-23 19:16:10 +09:00
Jay Sorg
e40f0dc7e2
sesman: add hostname to vnc password file
2018-03-23 15:48:25 +09:00
Koichiro IWAO
780ba744f6
Revert "devredir: fix xinode leak"
...
This reverts commit 5daa09171e
.
Causes "double free". Fix #990 was not correct.
```
[1271363627]: DEV_REDIR dev_redir_proc_device_iocompletion: 738 : entered: IoStatus=0x0 CompletionId=1
[1271363627]: DEV_REDIR dev_redir_proc_device_iocompletion: 839 : got CID_DIRECTORY_CONTROL
[1271363627]: DEV_REDIR dev_redir_proc_query_dir_response: 933 : processing FILE_DIRECTORY_INFORMATION structs
[1271363627]: DEV_REDIR dev_redir_proc_query_dir_response: 968 : FileName: .
[1271363627]: DEV_REDIR devredir_fuse_data_peek: 1335 : returning 0x7f2a9c013410
*** Error in `/usr/sbin/xrdp-chansrv': double free or corruption (out): 0x00007f2a9c13a330 ***
```
Closes : #1025
2018-03-23 11:40:52 +09:00
Koichiro IWAO
97c21bc972
sesman: default startwm.sh should use bash
...
as it sources bash_profile. And add comments.
Closes #1009 .
2018-03-09 14:24:17 +09:00
Vraiment
fd37805ac0
Make sesman.ini dynamic for the location of the configuration file
2018-02-19 11:41:55 +09:00
Koichiro IWAO
c50015122c
FreeBSD: rework setsid code
...
Pull request #650 is not valid to avoid run session twice.
It certainly stops running session twice but causes #1016 .
In FreeBSD, sesman process will run like this. The intermediate
sesman is needed to detect session termination correctly.
xrdp-sesman (daemon)
|
+- xrdp-sesman (FreeBSD specific intermediate sesman)
|
+- xrdp-sesman (bsd sesion leader & each session)
|
+- Xorg
+- startwm.sh
+- xrdp-chansrv
To stop runninng session twice correctly, just exit before the
intermediate sesman executes Xorg, WM and chansrv.
2018-02-06 16:03:10 +09:00
Koichiro IWAO
e16029cbc2
fix leak of SCP_DISCONNECTED_SESSION
...
Pointed out by: #919
2018-01-23 11:16:26 +09:00
Koichiro IWAO
5daa09171e
devredir: fix xinode leak
...
Pointed out by: #919
2018-01-12 09:24:03 +09:00
Koichiro IWAO
08f847d74b
sesman: refactor, change variable names
...
session_variables1 -> env_names
session_variables2 -> env_values
Use the name used in callee function env_set_user(). The former names
are not clear.
2018-01-11 10:57:47 +09:00
Koichiro IWAO
dcf64e43ca
remove trailing space
2018-01-11 10:57:43 +09:00
Koichiro IWAO
f2db57afb0
fix indent
2018-01-09 14:09:13 +09:00
matt335672
3f2a017c97
Make listen check before daemon fork
2017-12-27 15:00:18 +00:00
Dominik George
53eccc93a2
Simplify pulseaudio module build instructions
2017-12-26 19:06:36 +09:00
Koichiro IWAO
93481365d1
pulse: replace old pulse notes with bran-new README
2017-12-26 09:26:51 +09:00
Dominik George
3244cb59d5
Fix memory corruption introduced by CVE-2017-16927 fix.
2017-12-21 14:07:51 +09:00
Koichiro IWAO
d8bb32541a
sesman: bring Xorg at the top in sesman.ini
...
as Xorg prefered recommended backend now. Add more comments.
2017-12-16 00:27:06 +09:00
Koichiro IWAO
64a0deb9cf
sesman: comment on non-suid Xorg in sesman.ini
...
Pointed out by: #923
2017-12-16 00:27:06 +09:00
speidy
d958d1f018
sesman: scpv0, accept variable length data fields
2017-11-28 09:04:25 +09:00
Koichiro IWAO
929a7c359d
chansrv: add LOG_LEVEL_TRACE here, too
2017-11-12 22:27:46 +09:00
Koichiro IWAO
3d29b6ec76
sound: g_bbuf_size should be determined after codec is determined
...
Fixes #910 , if both client and server support more than one codecs,
g_bbuf_size might be set to wrong value.
2017-11-08 08:57:52 +09:00
Koichiro IWAO
26394870e5
sesman: delete socket files when session exits
2017-09-13 09:04:58 +09:00
Jay Sorg
d9b929c185
chansrv: sound, fdk-aac, avoid 1 item array items
2017-08-04 17:24:57 -07:00
Jay Sorg
152318ad7c
use pkg-config to configure with fdk-aac
2017-08-04 17:24:57 -07:00
Jay Sorg
4f91a52109
chansrv: sound, remove a do not know and a comment
2017-08-04 17:24:57 -07:00
Jay Sorg
021a78f4c6
chansrv: sound, use WAVE_FORMAT_AAC not WAVE_FORMAT_AAC_MS
2017-08-04 17:24:57 -07:00
Jay Sorg
bf0d56c314
chansrv: sound, add aac
2017-08-04 17:24:57 -07:00
Jay Sorg
8ac35d7ed1
chansrv: sound, handle skips in audio acks
2017-08-04 17:24:57 -07:00
matt335672
4023aa7f1c
xfuse_create_share() called before xfuse_init()
...
* Initialise inode table in `xfuse_create_share()` if necessary
* Add guard to `xfuse_init_xrdp_fs()` to prevent double initialisation of the inode table
2017-08-03 11:50:31 +09:00
Koichiro IWAO
05ef6d104e
sesman: search pam files also in ${sysconfdir}/pam.d
...
as some operating system such as FreeBSD searches not only `/etc/pam.d`
but also `/usr/local/etc/pam.d` [1].
[1] https://www.freebsd.org/cgi/man.cgi?query=pam.d&sektion=5
2017-07-26 11:34:01 +09:00
Koichiro IWAO
e990dd4263
chansrv: remove trailing space
2017-07-25 11:40:04 +09:00
Koichiro IWAO
ca24572fd5
chansrv: use switch-case to support more codecs
2017-07-25 11:40:04 +09:00
Koichiro IWAO
dbaf23e93b
chansrv: constify wFormatTag
2017-07-25 11:40:04 +09:00
Ian Geiser
4b87548b71
Use g_create_path instead of g_create_dir
...
Rename g_mk_temp_dir to g_mk_socket_path
2017-07-14 20:52:38 +09:00
Koichiro IWAO
858e6149f0
fix typo
2017-07-13 13:41:26 +09:00
Koichiro IWAO
6f8eacd72b
sesman: make sure socket directory present
...
before try to create a domain socket.
Originally proposed by Ian Geiser (geiseri).
2017-07-13 13:41:26 +09:00
Jay Sorg
b6bd8acef1
sesman: move auth_start_session, auth_stop_session, and auth_end to child process
2017-07-12 17:58:36 +09:00
Ben Cohen
c7d08bd9e7
xrdp-sesadmin: fix error when there are no sessions
...
Test case: On a system running xrdp with no sessions running run:
xrdp-sesadmin -u=<user> -p=<password> -c=list
Expected result: "No sessions." (ignoring debug output)
Observed result: "Error getting session list."
In the SCP_SERVER_STATE_MNG_LISTREQ case in scp_v1_mng_process() if
there are no sessions it ends the scp session, which causes an error in
the client. In commit 0017081d
the client was changed to report errors,
giving the result above.
Fix by calling scp_v1s_mng_list_sessions() from scp_v1_mng_process()
even when there are no sessions, and if so sending a packet with a count
of zero so that the client gets what it expects.
2017-07-06 13:40:25 +09:00
Koichiro IWAO
9065964bd9
chansrv: include display number in chansrv log filename
...
since xrdp-chansrv may be run multiple instances per user. For example,
Xvnc backend creates one session per screen geometry.
2017-07-06 12:36:47 +09:00
Koichiro IWAO
5a7208a15b
sesman: exit with failure status if listen failed
2017-06-20 14:29:02 +09:00
Koichiro IWAO
6a860d4b02
sesman: install empty reconnectwm.sh as a template
...
as it was undocumented and few people know reconnectwm.sh is executed on
client reconnect. The behaviour of startwm.sh / reconnectwm.sh should
be documented. This is a first step of documenting them.
2017-06-20 13:40:05 +09:00
Koichiro IWAO
e1d11a74da
pulse: respect XRDP_SOCKET_PATH environment variable
2017-05-16 10:41:06 +09:00
Koichiro IWAO
1acef2567c
sesman: pass xrdp socket path to user session
...
via environment variable.
2017-05-16 10:41:06 +09:00
Fuminobu TAKEYAMA
1f27a4d850
startwm.sh: do not call pseudo shell code for /etc/X11/xdm/Xsession
...
Since /etc/X11/xdm/Xsession calls user's login shell, startwm.sh
should not execute the pseudo code; It causes to execute
~/.profile twice.
2017-05-09 16:26:38 +09:00
Koichiro IWAO
10fe699466
pulse: define default socket directory in Makefile
2017-04-06 09:29:16 +09:00
Koichiro IWAO
06ce0d7ee3
sesman: LOGNAME should be set to username
...
which is used to store login name. The login name shall be the string
that would be returned by the getlogin() function [1]. Some applications
only refers LOGNAME environment variable and don't fallback to other
variables such as USER.
Fixes #725 . Reported by @seidler2547.
[1] The Single UNIX Specification, Issue 7
2017-04-06 09:25:02 +09:00
Pavel Roskin
148afd1170
Rename file_loc.h to xrdp_sockets.h, install it
...
Include xrdp_sockets.h directly, not through headers.
2017-03-28 00:59:16 -07:00
Koichiro IWAO
8220afceab
pulse: refer correct path to file_loc.h
2017-03-24 13:49:21 +09:00
Koichiro IWAO
a20d88335f
pulse: use correct macro for audio in/out sockets
2017-03-24 13:49:21 +09:00
Jay Sorg
4b8a33e087
sesman: move auth/pam calls to main process
2017-03-21 21:56:28 -07:00
Pavel Roskin
b0c2f18521
xrdp-chansrv: default to INFO log level rather than ERROR
2017-03-20 19:11:06 -07:00
Jay Sorg
05c599666d
sesman: remove sessvc, one less process to manage
2017-03-19 17:16:36 -07:00
Pavel Roskin
58c9cb43e9
Make socket directory configurable, don't hardcode /tmp/.xrdp
...
Use XRDP_SOCKET_PATH in file_loc.h
Don't define any non-socket paths in file_loc.h, they should come from
the makefiles.
Define all paths unconditionally, they should not be defined elsewhere.
Pass XRDP_SOCKET_PATH as environment variable to the backends.
2017-03-17 22:25:05 -07:00
Pavel Roskin
fc2572f60b
Remove chansrv_cleanup(), it doesn't do anything useful
...
xrdp_chansrv_%8.8x_main_term and xrdp_chansrv_%8.8x_thread_done are both
wait objects, not sockets. They are created and cleaned up in chansrv.c
Wait objects are pairs of file descriptors on POSIX. They are closed
automatically when the process exits.
On Windows, wait objects are handles that are closed by CloseHandle().
Those handles should also be closed on the process exit.
In any case, there is no way for a parent process to clean up file
handles of the child process.
2017-03-17 22:25:05 -07:00
speidy
cfdbc2b4db
chansrv: dvc, check channel exists on get/remove api struct
2017-03-16 00:20:10 +02:00
Pavel Roskin
6ed4c969f4
Eliminate APP_CC and DEFAULT_CC
2017-03-14 00:21:48 -07:00
Pavel Roskin
30a7a947b1
Don't include config_ac.h from any header files
2017-03-04 00:52:34 -08:00
Pavel Roskin
b2d3dcf169
Include config_ac.h from all source files
2017-03-04 00:52:34 -08:00
Pavel Roskin
8a1de8dbc4
Remove trailing whitespace
2017-02-08 13:30:56 +09:00
Koichiro IWAO
f11eed3277
chansrv: fix warnings in pulse module
2017-02-02 21:46:49 -08:00
Pavel Roskin
99e4e4520a
xrdp-sesadmin: show sessions in human readable format
2017-02-02 21:24:50 -08:00
Pavel Roskin
ea6882fd4c
xrdp-sesadmin: refactor array access
2017-02-02 21:24:50 -08:00
Pavel Roskin
0017081d78
xrdp-sesadmin: fix crash on network or authentication error
...
If scp_v1c_mng_get_session_list() returns an error, report it to the
user and exit. Session list is not initialized in that case and should
not be freed.
g_free() already checks its argument for being to NULL, remove an extra
check.
2017-02-02 21:24:50 -08:00
Koichiro IWAO
021b79ba55
docs: remove IdleTimeLimit until it is actually implemented
...
it gives users false hope and finally disappoints them.
2017-01-31 05:07:06 -03:00
Jay Sorg
a1aff316dc
change log message to long long
2017-01-29 23:14:33 -08:00
Jay Sorg
b5029c2596
sesman: fix warning for 32 bit / 64 bit log entry, trunc to 32 bit
2017-01-29 23:14:33 -08:00
metalefty
cc48345f40
sesman: remove unnecessary fork for FreeBSD ( #650 )
...
it is not only unnecessary but causes another bug.
2017-01-28 21:14:55 +09:00
mirabilos
6257bae23f
Add GNU/kFreeBSD support ( #645 )
...
* GNU/kFreeBSD is a FreeBSD variant, for code purposes.
* GNU/kFreeBSD uses GNU/Linux-ish init scripts, however.
2017-01-26 23:02:41 -02:00
Pavel Roskin
e35b5a4708
Constify string arguments in xrdp-chansrv sources
2017-01-22 22:39:10 -08:00
Idan Freiberg
4a23b7939c
Merge pull request #630 from selu/devel
...
Fix calling XChangeProperty in clipboard provide
2017-01-23 08:16:18 +02:00
Pavel Roskin
0a9b586332
Improve xrdp-sesman help text
...
Don't document "-ns", as "-n" and "--nodaemon" should be enough. Always
refer to the program as xrdp-sesman, not sesman.
2017-01-17 18:09:47 -08:00
Szabolcs Seláf
bf4c32c862
Fix calling XChangeProperty in clipboard provide
...
XChangeProperty's last parameter is number of elements, not number of bytes as it's in https://tronche.com/gui/x/xlib/window-information/XChangeProperty.html
Because of this bug Paste did not work in any java applications.
2017-01-17 15:18:23 +01:00
Pavel Roskin
8ee886a5cc
Don't log device_data_len in the code where it may be uninitialized
...
Log device_data_len only in the code that reads it.
2017-01-11 23:25:42 -08:00
Pavel Roskin
f1a521204a
Remove redundant function declarations
2017-01-11 23:25:42 -08:00
Pavel Roskin
9a2e728396
Remove send_channel_data() from devredir.h, it's declared in chansrv.h
...
Include "chansrv.h" from devredir.c to have send_channel_data()
declaration.
2017-01-11 23:25:42 -08:00