matt335672
82b1aab9ba
Merge pull request #2146 from zbstao/devel
...
Fixed possible SIGCHILD signal lost
2022-02-10 16:54:22 +00:00
zbstao
35d400a899
Fixed possible SIGCHILD signal lost
...
When multiple(eg. 20) xrdp connections are disconnected at the same time(eg. close all rdp client at the same time), zombie process may be spawned.
2022-02-10 22:18:14 +08:00
matt335672
e6c098e750
Remove s_check() macro
2022-02-09 10:18:15 +00:00
matt335672
a13742f097
Merge pull request #2140 from matt335672/cpprelease_27
...
Move to cppcheck 2.7 and bump default threads to 2
2022-02-08 09:27:43 +00:00
matt335672
baf62457a3
Move to cppcheck 2.7 and bump default threads to 2
2022-02-07 09:31:34 +00:00
metalefty
2651682be9
Merge pull request #2138 from metalefty/typo
...
Fix typo in past CVE number
2022-02-07 16:51:14 +09:00
Koichiro IWAO
79bc7c040e
Fix typo in past CVE number
2022-02-07 15:54:56 +09:00
metalefty
4def30ab8e
Merge pull request from GHSA-8h98-h426-xf32
...
Add lower bound to sesman data input size check
2022-02-07 15:18:15 +09:00
matt335672
eb4a8e342d
Add lower bound to sesman data input size check
2022-02-02 10:39:50 +00:00
matt335672
934a91fc29
Merge pull request #2130 from matt335672/ssl3_fixes
...
OpenSSL3 fixes (#2130 )
2022-01-31 09:39:20 +00:00
matt335672
7b1316fd1b
Merge pull request #2124 from matt335672/fedora_check
...
Fix problems with check 0.15.2 (F36)
2022-01-31 09:34:52 +00:00
matt335672
4699dced14
Implement base64 without openssl
2022-01-28 12:23:40 +00:00
matt335672
8b8cfbe119
Improve wrapping of openssl module
2022-01-28 12:23:40 +00:00
matt335672
e79bc7f181
Fix banner comments in test results
2022-01-28 12:23:40 +00:00
matt335672
c894ba5b40
Better logging of classic connection security
2022-01-28 12:23:40 +00:00
matt335672
6cebade78e
OpenSSL 3.x compatibility
2022-01-20 16:45:25 +00:00
matt335672
fde161bac3
Add unit tests for SSL calls
2022-01-20 16:44:49 +00:00
matt335672
d02059d967
Add missing ssl_sha1_clear()/ssl_md5_clear() calls
2022-01-20 16:43:00 +00:00
matt335672
d853228c19
const fixes for SSL calls
2022-01-19 11:11:37 +00:00
matt335672
3146e624c4
Fix problems with check 0.15.2 (F36)
2022-01-19 11:08:13 +00:00
matt335672
e528a1f452
Merge pull request #2123 from matt335672/update_ver
...
README : Make latest version dynamic
2022-01-18 14:29:10 +00:00
matt335672
bf4c5f2631
README : Make latest version dynamic
2022-01-17 10:54:54 +00:00
matt335672
db982ec1dd
Merge pull request #2119 from matt335672/readme_typo
...
Fix typo in README.md
2022-01-14 12:47:35 +00:00
matt335672
307bfc1f4a
Fix typo in README.md
2022-01-14 12:40:22 +00:00
matt335672
dfd64e2147
Merge pull request #2082 from kenhys/extend-inbound-outbound-restriction
...
Extend inbound/outbound clipboard restriction
2022-01-14 11:17:49 +00:00
matt335672
cffce1f856
Only advertise X11 clip formats we can supply
2022-01-14 11:11:03 +00:00
Kentaro Hayashi
8487c298ba
Update sesman.ini.5 explanation about RestrictOutboundClipboard,RestrictOutboundClipboard
...
RestrictOutboundClipboard,RestrictOutboundClipboard are extended to
accept text,file,image configuration value.
2022-01-14 10:17:02 +09:00
Kentaro Hayashi
47bc56f5a4
Add sesman.ini new text/file/image restriction settings
...
RestrictInboundClipboard is added.
Then, RestrictOutboundClipboard/RestrictInboundClipboard configuration
is extended to accept comma separated list.
* RestrictOutboundClipboard=none
* RestrictOutboundClipboard=text
* RestrictOutboundClipboard=file
* RestrictOutboundClipboard=image
* RestrictOutboundClipboard=all
* RestrictOutboundClipboard=text, image, file
For compatibility, the following configuration is also
accepted (alias)
* RestrictOutboundClipboard=true
* RestrictOutboundClipboard=false
* RestrictOutboundClipboard=yes
2022-01-14 10:17:02 +09:00
Kentaro Hayashi
1d6d80d14f
Block inbound clipboard text/image/file respectively
...
Disable clipboard_event_selection_request call is overkill for
blocking text/image/file purpose.
For example, it breaks existing behavior (slow response from gedit,
gimp as a side effects)
Instead, in clipboard_event_selection_request, these media format will
be blocked respectively which depends on the following configurations
in sesman.ini [Security] section.
* RestrictInboundClipboard=text
* RestrictInboundClipboard=file
* RestrictInboundClipboard=image
You can also set comma separated list.
* RestrictInboundClipboard=text,file,image
2022-01-14 10:17:02 +09:00
Kentaro Hayashi
fb1c4ec945
Block outbound clipboard text/image/file respectively
...
RestrictOutboundClipboard kills all of test/file/image
transfer via clipboard.
For controlling each content type behavior,
clipboard_xevent is not appropriate place to block respectively.
Instead, in clipboard_event_selection_notify, these media type
will be blocked which depends on the following configurations in
sesman.ini [Security] section.
* RestrictOutboundClipboard=text
* RestrictOutboundClipboard=file
* RestrictOutboundClipboard=image
You can also set comma separated list
* RestrictOutboundClipboard=text, file, image
2022-01-14 10:17:02 +09:00
Kentaro Hayashi
bd82084505
Extend In/Outbound text,file,image restriction respectively
...
It supports the extended configurations for sesman.ini:
Before:
[Security]
RestrictOutboundClipboard=true or false
After:
[Security]
RestrictInboundClipboard=[true or false | text or file or image | comma separated list]
RestrictOutboundClipboard=[true or false | text or file or image | comma separated list]
Above configuration is disabled by default (false)
And it can be specified comma separated list like this:.
RestrictInboundClipboard=file, image
RestrictOutboundClipboard=text, file, image
Note that if RestrictOutboundClipboard=true,file is set,
file is ignored and it is treated as RestrictOutboundClipboard=true
It is same for RestrictInboundClipboard.
2022-01-14 10:17:02 +09:00
Kentaro Hayashi
69ea406440
Add g_str_to_bitmask utility function
...
It should be used for comma separated configuration to bitmask.
e.g. RestrictOutboundClipboard = text, file, image
2022-01-14 10:17:02 +09:00
matt335672
d27e5472dd
Merge pull request #2118 from matt335672/rhel7_imlib2
...
Support imlib2 on RHEL 7
2022-01-13 10:23:14 +00:00
matt335672
3de1e966b4
Support imlib2 on RHEL 7
2022-01-12 11:41:26 +00:00
metalefty
d76732b342
Merge pull request #2109 from metalefty/release
...
Release v0.9.18
2022-01-11 09:19:22 +09:00
Koichiro IWAO
1ce2215aac
Bump version to v0.9.18
2022-01-11 09:00:27 +09:00
Koichiro IWAO
137b76d329
Update NEWS for v0.9.18
2022-01-11 09:00:27 +09:00
matt335672
453ae8c700
Merge pull request #2110 from matt335672/rfxcodec_016
...
Bump librfxcodec version to v0.1.6
2022-01-07 12:14:44 +00:00
matt335672
f826e55eda
Bump librfxcodec version to v0.1.6
2022-01-07 11:57:11 +00:00
matt335672
96a92d4e32
Merge pull request #2106 from matt335672/update_librfxcodec
...
Merge in librfxcodec #49
2022-01-05 11:27:51 +00:00
matt335672
7be27ef8b0
Merge in librfxcodec #49
2022-01-05 11:12:48 +00:00
matt335672
ab0e141fa9
Merge pull request #2011 from matt335672/unify_scpv0_code
...
Unify scpv0 code #2011
2022-01-05 11:06:42 +00:00
matt335672
15b8578b54
Merge pull request #1932 from Nexarian/add_monitor_processing_unit_tests
...
Add monitor processing unit tests for existing xrdp_sec function
2022-01-05 10:23:55 +00:00
matt335672
ec44055139
Merge pull request #2087 from matt335672/issue2064
...
RFX : Support large screens
2022-01-05 10:22:46 +00:00
matt335672
63c4d1f793
Merge pull request #2098 from matt335672/remove_func_declaration
...
Remove unused declaration for xrdp_wm_drdynvc_up
2022-01-05 09:25:05 +00:00
matt335672
e80a8bbe3f
Merge pull request #2105 from matt335672/gcc11_warning
...
Fix gcc11.1 uninitialised var warning
2022-01-05 09:23:24 +00:00
matt335672
67bf23feee
Fix gcc11.1 uninitialised var warning
2022-01-04 10:09:33 +00:00
matt335672
f07412839a
Remove unused declaration for xrdp_wm_drdynvc_up
2021-12-27 13:02:41 +00:00
metalefty
a8375d68b5
Merge pull request #2088 from kenhys/use-log
...
Use LOG instead of LOG_DEVEL
2021-12-23 14:22:18 +09:00
Kentaro Hayashi
53027ad5af
Use LOG instead of LOG_DEVEL
...
According to https://github.com/neutrinolabs/xrdp/wiki/Logging ,
it may be better to emit this log message because this log is
useful for system administrator to know whether RestrictOutboundClipboard
configuration works or not
And raise log level to info because it is informative for system
administrator.
2021-12-23 12:58:35 +09:00