Commit Graph

4700 Commits

Author SHA1 Message Date
matt335672
9b3174b723 Only use fuse_set_log_func() for libfuse >= 3.7
(cherry picked from commit b5772cef91)
2024-10-23 10:18:15 +01:00
matt335672
6f68496baf Migrate chansrv to FUSE3 interface
(cherry picked from commit edd4276633)
2024-10-23 10:17:59 +01:00
matt335672
ec08382193 Update xrdp CI build dependencies for FUSE3
(cherry picked from commit dea4b0096c)
2024-10-23 10:17:43 +01:00
matt335672
ae190a51db Pick up correct includes/libraries for FUSE3
(cherry picked from commit b9703af7ee)
2024-10-23 10:15:28 +01:00
matt335672
5e17218bd5
Merge pull request #3282 from matt335672/v0_10_skip_channeljoin
[V0.10] Allow compatible clients to skip channel join messages
2024-10-22 12:16:50 +01:00
matt335672
6a5dafc8e5 Use client earlyCapabilities to determine channel join count
We always now indicate we support skipping channel joins. If the client
indicates this too, expect no channel join requests from the client.

If we do get some, process them anyway.

(cherry picked from commit f4d73054a9)
2024-10-21 16:03:55 +01:00
matt335672
4c3500d750 Announce server RNS_UD_SC_SKIP_CHANNELJOIN_SUPPORTED
(cherry picked from commit fcc82c3499)
2024-10-21 16:03:43 +01:00
matt335672
76acbe5c69 Combine code paths for handling channel joins
The existing code contains separate TLS and non-TLS code paths for
hadling channel join PDUs. This was introduced in
8fdc1ba216 and was based on a
misunderstanding of where in the connection sequence the TLS client hello
is processed (if a TLS connection is negotiated). The assumption was
the TLS client hello is received after the channel join PDUs. However,
it is actually received immediately after the X.224 Connection Confirm
PDU some time before channel join requests are processed.

Consequently, there is no reason not to adopt a single code path for
handling channel joins.

(cherry picked from commit 7eb586d1ae)
2024-10-21 16:03:23 +01:00
matt335672
b0dd325fb8
Merge pull request #3260 from matt335672/v0_10_fuse_direct_io
[V0.10] add option to enable FUSE direct i/o on file open
2024-09-27 11:36:29 +01:00
Bob Carroll
7bc1383ac6 update man page and fix code style issue
(cherry picked from commit 89a4a1b8f7)
2024-09-27 11:05:11 +01:00
Bob Carroll
e8e5673d22 add option to enable FUSE direct i/o on file open
(cherry picked from commit 66e5eebb1c)
2024-09-27 11:05:01 +01:00
matt335672
1b2cbcf577
Merge pull request #3242 from matt335672/v0_10_support_non_resizeable_vnc
[V0.10] Regression: Support fixed-size VNC sessions
2024-09-11 10:23:18 +01:00
matt335672
cc574bfd03 Regression: Support fixed-size VNC sessions
This is a regression introduced in v0.10.x

This version introduced a state machine to handle resizes requested
by the client and the server. Most configurations support resizeable
sessions, but one that doesn't is xrdp connecting to x11vnc on (e.g.) a
Raspberry PI.

If the session size requested by a client is differnt from the x11vnc
size, an error is logged and the state machine fails to complete,
resulting in a black screen.

This PR handles the problem by queueing a resize to the supported
server size and then continuing with the state machine. It's not an
optimal solution, but involves the least change to v0.10.x code.

(cherry picked from commit 984b71449e)
2024-09-11 09:52:44 +01:00
matt335672
364790bbb1
Merge pull request #3235 from matt335672/v0_10_update_sesman_policy
[V0.10] Minor update to policy description in sesman.ini
2024-09-05 15:01:46 +01:00
matt335672
859b8a8f44 Minor update to policy description in sesman.ini
(cherry picked from commit 7efcaaf027)
2024-09-05 14:53:20 +01:00
matt335672
9f048c533b
Merge pull request #3232 from matt335672/v0_10_update_cppcheck
[V0.10] update cppcheck and astyle
2024-09-05 09:48:16 +01:00
matt335672
eaf32ed623 Update scripts/install_cppcheck.sh for v2.15.0
Remove the setting of CPPFLAGS for cppcheck v2.15.0 as this
upsets the setting of FILESDIR

(cherry picked from commit bc3f0e63f6)
2024-09-04 17:24:16 +01:00
matt335672
03659cf29e Make scripts/install_cppcheck.sh shellcheck-compatible
(cherry picked from commit af22422260)
2024-09-04 17:23:53 +01:00
matt335672
2d8ebf44b8 Bump CI tools versions
- cppcheck 2.13.0 -> 2.15.0
- astyle 3.4.12 -> 3.4.14

Release notes
- https://github.com/danmar/cppcheck/releases/tag/2.14.0
- https://github.com/danmar/cppcheck/releases/tag/2.14.1
- https://github.com/danmar/cppcheck/releases/tag/2.14.2
- https://github.com/danmar/cppcheck/releases/tag/2.15.0
- https://astyle.sourceforge.net/notes.html

Later versions of astyle up to 3.5.1 have (currently) a problem with
align-pointer=name which confuses multiplication with a
pointer-dereference. See https://sourceforge.net/p/astyle/bugs/572/

(cherry picked from commit eab3cbb1d5)
2024-09-04 17:23:40 +01:00
matt335672
7288c1810e Allow a cppcheck check_level to be specified
Version 2.14.0 of cppcheck generates errors relating to the
check level (e.g.):-

    common/base64.c:0:0: information: Limiting analysis of branches. Use --check-level=exhaustive to analyze all branches. [normalCheckLevelMaxBranches]

This does not happen with the same sources (commit
f781962a55) under 2.13.0.

This PR disables the warnings above for 2.14.0, but also allows a '-f'
argument to be passed in to request an exhaustive test. This could be used
(for example) before a major release. An exhaustive test takes a *lot*
longer. The first run with a git runner was around an hour.

The --check-level=flag was only added for 2.11.0, and so this now needs
a version check.

(cherry picked from commit 82c95faaa9)
2024-09-04 17:23:28 +01:00
matt335672
7df829ab78
Merge pull request #3213 from matt335672/v0_10_fix_ci_version
Fix github runner version for v0.10 at 22.04
2024-08-21 09:15:51 +01:00
matt335672
07eeb6d786 Fix github runner for v0.10
At the time of writing, the github runner for ubuntu-latest is
22.04, but this will change to 24.04 later in the year.

This PR fixes the CI runner version at 22.04 for v0.10.x
2024-08-19 09:56:44 +01:00
matt335672
6a14a1cc16
Merge pull request #3212 from matt335672/v0_10_fix_bad_cache_message
[V0.10] Fix misreported cache size
2024-08-19 09:46:17 +01:00
matt335672
6a1a056cd5 Fix misreported cache size
Printed offscreen bitmap cache size is in bytes, not MB.

(cherry picked from commit 3bfa59472e)
2024-08-19 09:27:01 +01:00
matt335672
82bec9d1dc
Merge pull request #3194 from matt335672/v0_10_chansrv_clip_fixes
[V0.10] chansrv clip fixes
2024-08-06 10:37:38 +01:00
matt335672
ace386d072 clipboard: Allow a file read to return 0 for EOF
When used with a FreeRDP client on Linux, a file copy operation from
the clipboard detects end-of-file by a read returning 0 bytes. This is
currently marked as an error.

It is assumed that mstsc.exe detects end-of-file in another way, which
is why this has not been found before.

(cherry picked from commit 0f6e731524)
2024-08-05 09:54:37 +01:00
matt335672
e59dc16be6 Remove unnecessary copy from clipboard_get_files()
The routine clipboard_get_files() parses a potentially long string,
and copies portions of it into a temporary buffer. This buffer is then
passed to clipboard_get_file() as pointer + length;

The buffer is inadequately sized for very long filenames which may
approach XFS_MAXFILENAMELEN in length. This can cause chansrv to fail
when the user copies such filenames.

It turns out the buffer is unnecessary, as the filenames can be
passed directly into clipboard_get_file() from the source string,
using pointer + length. This avoids the length limitation entirely.

(cherry picked from commit 34b5582460)
2024-08-05 09:54:26 +01:00
matt335672
f3070aef15 Allow for longer filenames from the redirector.
This commit ensures that filenames up to the maximum size supported
by our xfs can be supported.

(cherry picked from commit c3f7eec4f5)
2024-08-05 09:54:07 +01:00
matt335672
6c9d56efc2 Remove hard-coded filename limit for clipboard file lists
The limit of 256 characters for clipboard files is limiting for
many Asian locales, particularly as '%xx' notation is used to
communicate bytes with bit 7 set.

(cherry picked from commit a90228241d)
2024-08-05 09:53:55 +01:00
matt335672
f4153a493d Dynamically allocate XFS filesystem names
Replace the 256 byte buffer used for names in the XFS filesystem with a
dynamically allocated buffer.

The define XFS_MAXFILENAMELEN which used to be 255 has been retained,
but bumped to 1023. This value is no longer used for long-lived
allocations, but is used in chansrv_fuse.c for maintaining state
information for in-fligh I/O requests.

(cherry picked from commit d8b5435710)
2024-08-05 09:53:44 +01:00
metalefty
72892c1453
Merge pull request #3188 from metalefty/v0.10-tarball
[v0.10] Include {xrdp,sesman}.ini.in instead of substituted .ini in tarball
2024-08-01 20:58:59 +09:00
Koichiro Iwao
19bacc6e49 Include {xrdp,sesman}.ini.in instead of substituted .ini in tarball
These config files are intended to be substituted during the build
process. The substituted .ini files should not be included in release
tarballs.

Fixes:  #3187
2024-08-01 20:39:03 +09:00
metalefty
1c33f3d9af
Merge pull request #3185 from metalefty/v0.10-release
Release v0.10.1
2024-07-31 21:51:24 +09:00
metalefty
54932b55ef
Merge pull request #3183 from metalefty/v0.10-cherry-picks
[v0.10] cherry-picks
2024-07-31 21:48:28 +09:00
Koichiro Iwao
00b8b41344 Bump version to v0.10.1 2024-07-31 21:09:43 +09:00
Koichiro Iwao
4d9e9f91fa Update NEWS 2024-07-31 21:07:04 +09:00
matt335672
b343ca27b1 Replace binary blob with specified data
This commit changes the license response PDU to be constructed rather
than simply being contained as a binary blob.

Some constants in common/ms-rdpbcgr.h are renamed with the values
from the specification.

(cherry picked from commit 52dd88b576)
2024-07-30 10:46:12 +09:00
matt335672
3108a85e86 Remove Licensing exchange
Replaces the existing licensing exchange with a single PDU
saying the user will not issue a license.

This is necessary for clients on FIPS-compliant systems, as these
are unable to decode the licensing exchange packets, due to outdated
cyphers.

(cherry picked from commit cc4a4c95f2)
2024-07-30 10:46:03 +09:00
Koichiro Iwao
4d4ecdcaa4 GFX: selectable lossy compression levels
(cherry picked from commit e3c83c544c)
2024-07-30 10:45:41 +09:00
matt335672
da34d1e69d
Merge pull request #3175 from matt335672/v0_10_fix_potential_name_overflow
[V0.10] Fix potential name buffer overflows in redirector
2024-07-24 12:11:28 +01:00
matt335672
5223672437 Fix potential name buffer overflows in redirector
The state buffers used by the following structs in chansrv_fuse.c
are one byte too small for filenames of length XFS_MAXFILENAMELEN:-
- struct state_lookup
- struct state_create
- struct state_rename

In practice, there is no runtime danger, as XFS_MAXFILENAMELEN is 255,
and these buffers will be followed by non-byte aligned data. Nevertheless
this should be fixed to prevent problems if the value is changed.

(cherry picked from commit c9e84dc16c)
2024-07-23 12:29:43 +01:00
matt335672
2938c3d7b3
Merge pull request #3171 from matt335672/v0_10_fix_missing_pre_session_ipaddr
[V0.10] sesman: Copy IP address to pre_session_item struct
2024-07-22 09:46:30 +01:00
matt335672
4a90879555 sesman: Copy IP address to pre_session_item struct
struct pre_session_item has an entry for the start_ip_addr which is not
being filled in. This is not normally needed, as the IP address of the
session is passed into the session another way, but it is needed if the
session selection Policy contains the 'I' selector.

(cherry picked from commit a4f57572e6)
2024-07-19 12:01:47 +01:00
metalefty
a7d583a46d
Merge pull request from GHSA-7w22-h4w7-8j5j
Enforce no login screen if require_credentials is set
2024-07-11 09:37:12 +09:00
metalefty
d6fce2f173
Merge pull request #3152 from metalefty/v0.10-submodule
[v0.10] Support screens larger than 4096 pixels (update submodule)
2024-07-09 11:48:14 +09:00
Koichiro Iwao
2546bfa842 Support screens larger than 4096 pixels (update submodule)
Fixes:  #3083
2024-07-09 08:15:37 +09:00
metalefty
1d30c81323
Merge pull request #3150 from metalefty/v0.10-makedist
docs: always include docs/man/xrdp-mkfv1.8.in to dist tarball
2024-07-08 21:27:08 +09:00
Koichiro Iwao
e83dcc52eb docs: always include docs/man/xrdp-mkfv1.8.in to dist tarball
Files included in distribution tarball must always be enumerated,
not be enumerated conditionally.

Resolves:   #3149
2024-07-08 16:34:23 +09:00
matt335672
61b509f1d5 Enforce no login screen if require_credentials is set
If the setting require_credentials is true, there should be no way
for the user to get to a login screen.

This commit makes the following changes if this flag is active:-
- Makes the checks around TS_INFO_PACKET more explicit.
- Closes the connection if the first login attempt fails.

(cherry picked from commit 8ac2f6db34)
2024-06-27 11:55:26 +01:00
matt335672
8ddbe77e7c
Merge pull request #3127 from matt335672/v0_10_investigate_gfx_min_max_issue
[v0.10] Fix min/max monitor placing issue
2024-06-21 09:49:39 +01:00