Commit Graph

1142 Commits

Author SHA1 Message Date
matt335672
9b3174b723 Only use fuse_set_log_func() for libfuse >= 3.7
(cherry picked from commit b5772cef91)
2024-10-23 10:18:15 +01:00
matt335672
6f68496baf Migrate chansrv to FUSE3 interface
(cherry picked from commit edd4276633)
2024-10-23 10:17:59 +01:00
matt335672
ae190a51db Pick up correct includes/libraries for FUSE3
(cherry picked from commit b9703af7ee)
2024-10-23 10:15:28 +01:00
Bob Carroll
7bc1383ac6 update man page and fix code style issue
(cherry picked from commit 89a4a1b8f7)
2024-09-27 11:05:11 +01:00
Bob Carroll
e8e5673d22 add option to enable FUSE direct i/o on file open
(cherry picked from commit 66e5eebb1c)
2024-09-27 11:05:01 +01:00
matt335672
859b8a8f44 Minor update to policy description in sesman.ini
(cherry picked from commit 7efcaaf027)
2024-09-05 14:53:20 +01:00
matt335672
ace386d072 clipboard: Allow a file read to return 0 for EOF
When used with a FreeRDP client on Linux, a file copy operation from
the clipboard detects end-of-file by a read returning 0 bytes. This is
currently marked as an error.

It is assumed that mstsc.exe detects end-of-file in another way, which
is why this has not been found before.

(cherry picked from commit 0f6e731524)
2024-08-05 09:54:37 +01:00
matt335672
e59dc16be6 Remove unnecessary copy from clipboard_get_files()
The routine clipboard_get_files() parses a potentially long string,
and copies portions of it into a temporary buffer. This buffer is then
passed to clipboard_get_file() as pointer + length;

The buffer is inadequately sized for very long filenames which may
approach XFS_MAXFILENAMELEN in length. This can cause chansrv to fail
when the user copies such filenames.

It turns out the buffer is unnecessary, as the filenames can be
passed directly into clipboard_get_file() from the source string,
using pointer + length. This avoids the length limitation entirely.

(cherry picked from commit 34b5582460)
2024-08-05 09:54:26 +01:00
matt335672
f3070aef15 Allow for longer filenames from the redirector.
This commit ensures that filenames up to the maximum size supported
by our xfs can be supported.

(cherry picked from commit c3f7eec4f5)
2024-08-05 09:54:07 +01:00
matt335672
6c9d56efc2 Remove hard-coded filename limit for clipboard file lists
The limit of 256 characters for clipboard files is limiting for
many Asian locales, particularly as '%xx' notation is used to
communicate bytes with bit 7 set.

(cherry picked from commit a90228241d)
2024-08-05 09:53:55 +01:00
matt335672
f4153a493d Dynamically allocate XFS filesystem names
Replace the 256 byte buffer used for names in the XFS filesystem with a
dynamically allocated buffer.

The define XFS_MAXFILENAMELEN which used to be 255 has been retained,
but bumped to 1023. This value is no longer used for long-lived
allocations, but is used in chansrv_fuse.c for maintaining state
information for in-fligh I/O requests.

(cherry picked from commit d8b5435710)
2024-08-05 09:53:44 +01:00
Koichiro Iwao
19bacc6e49 Include {xrdp,sesman}.ini.in instead of substituted .ini in tarball
These config files are intended to be substituted during the build
process. The substituted .ini files should not be included in release
tarballs.

Fixes:  #3187
2024-08-01 20:39:03 +09:00
matt335672
5223672437 Fix potential name buffer overflows in redirector
The state buffers used by the following structs in chansrv_fuse.c
are one byte too small for filenames of length XFS_MAXFILENAMELEN:-
- struct state_lookup
- struct state_create
- struct state_rename

In practice, there is no runtime danger, as XFS_MAXFILENAMELEN is 255,
and these buffers will be followed by non-byte aligned data. Nevertheless
this should be fixed to prevent problems if the value is changed.

(cherry picked from commit c9e84dc16c)
2024-07-23 12:29:43 +01:00
matt335672
4a90879555 sesman: Copy IP address to pre_session_item struct
struct pre_session_item has an entry for the start_ip_addr which is not
being filled in. This is not normally needed, as the IP address of the
session is passed into the session another way, but it is needed if the
session selection Policy contains the 'I' selector.

(cherry picked from commit a4f57572e6)
2024-07-19 12:01:47 +01:00
Koichiro Iwao
e070902310
clipboard: tidy up bmp file header assembly
Sponsored by:   Krämer Pferdesport GmbH & Co KG
2024-06-18 11:13:40 +09:00
Koichiro Iwao
4968a34cd6
clipboard: fix a bug when pasting image to LibreOffice
While here, embed correct file size in BMP file header.

Fixes:          #3102
Sponsored by:   Krämer Pferdesport GmbH & Co KG
2024-06-17 21:08:30 +09:00
matt335672
0bef23f217 Fix session list processing
The get_sorted_session_displays() is broken in that it
doesn't produce a sorted list of displays.

The problem is the qsort comparison function which has 2 errors in 4 lines:-
1) The test is the wrong way round (i.e. arg1 < arg2 produces a +ve
   result instead of -ve)
2) Subtracting two unsigned ints in C will never return < 0

The broken function has been masked by other display checks which mean
that it is only visible in a few situations:-
1) Starting two sessions very closely to each other may allocate the
   same display to both sessions.
2) If /tmp is namespaced, the other display checks do not work, and
   more than two sessions cannot be started.

(cherry picked from commit 70f1b685ba)
2024-06-03 09:46:31 +01:00
matt335672
dcaa31ef16 chansrv FUSE fixes
1) [Regression] If the specified mountpoint is not immediately below an
   existing directory, the directory is not created.
2) The message to ask the user to unmount an existing mounted directory
   has been moved to the right place.

(cherry picked from commit e0a1339b34)
2024-05-22 09:55:01 +01:00
matt335672
252243ab6c Fix permissions on user socket directory
The user socket directory needs to be SGID so that they inherit
the group ownnership. Then xrdp can write to them.

(cherry picked from commit 200e4d84f4)
2024-03-27 09:50:27 +00:00
Koichiro Iwao
99cf0e19f7 Bump copyright year and make easier to bump
(cherry picked from commit ae249c6755)
2024-02-22 22:51:37 +09:00
metalefty
45fd497645
Merge pull request #2891 from neutrinolabs/gfx_mainline_merge_work
Gfx mainline merge work
2024-02-08 21:50:16 +09:00
Koichiro Iwao
47d4ab1339 Apply astyle 3.4 code formatter 2024-02-08 15:52:54 +09:00
Nexarian
584a894490 Add 0 as valid g_obj_wait timeout instead of having it be equivalent to -1. 2024-01-31 19:08:29 -05:00
matt335672
b80f07d2a7 Improve portability
- Use clearenv() if it exists
- Don't rely on <limits.h> being pulled in by <sys/param.h>
- Rename the DEFAULT_TYPE macro in sesrun.c.  This name appears to be
  used on Solaris. It's not a good choice.
2024-01-11 11:16:06 +00:00
matt335672
e529a04d26 Fix session_list scanning where some entries were skipped 2023-12-23 13:10:31 +00:00
matt335672
50cff2eb75
Merge pull request #2794 from matt335672/utf_changes_new
Improve Unicode support
2023-11-02 10:57:39 +00:00
matt335672
76d12c50a8
Merge pull request #2838 from matt335672/fix_devredir_ordering
Fix message ordering in devredir
2023-10-26 15:28:10 +01:00
matt335672
7ceff70c1c Fix message ordering in devredir
The drive redirector is not compliant with the message ordering
in [MS-RDPEFS], causing FreeRDP 2.11.2 ro fail on redirecting drives.
2023-10-26 15:17:17 +01:00
matt335672
c51ec2e8e9 Remove sesmanruntimedir
Now we've made the XRDP_SOCKET_PATH only writeable by root, it's
safe to move the sesman socket back into this directory. We no longer
need a separate sesmanruntimedir
2023-10-23 18:14:46 +01:00
matt335672
675dd77807 Parameterise the sockdir with the UID of the user
The top level socket directory is now called XRDP_SOCKET_ROOT_PATH.
Below that are user-specific directories referred to with the
XRDP_SOCKET_PATH macro - this name is hard-coded into xorgxrdp and
the audio modules as an environment variable.

XRDP_SOCKET_PATH now looks like $XRDP_SOCKET_ROOT_PATH/<uid>

XRDP_SOCKET_PATH is only writeable by the user, and readable by the user
and the xrdp process.
2023-10-23 18:14:46 +01:00
matt335672
63235eaafd Fix typo in error message 2023-10-23 15:51:17 +01:00
matt335672
547c619c2f Move g_mk_socket_path() to sesman
The sockdir is only used when sesman is active. The
call g_mk_socket_path() is removed from os_calls and moved to
sesman.

We also change the permissions on this directory to
0755 rather than 01777 (01000 is the 'sticky bit', S_ISVTX).

The behaviour of g_create_dir() has been modified to not
set S_ISVTX on Linux directories. This is implementation-defined
behaviour according to 1003.1, and is no longer required for the
sockdir.
2023-10-23 15:51:17 +01:00
matt335672
8f73f5ba73 Remove unnecessary assignments
As per title. Assigments are made to variables which are immediately
overwritten.
2023-10-23 15:23:07 +01:00
matt335672
d722ffe357 Update smartcard code to use new UTF-8 calls 2023-10-23 14:19:49 +01:00
matt335672
1b286a0469 Update RAIL code to use new UTF-8 calls 2023-10-23 14:19:49 +01:00
matt335672
8556f83905 Update drive redirection code to use new UTF-8 calls 2023-10-23 14:19:49 +01:00
matt335672
f8e7fd4c2c Update clipboard code to use new UTF-8 calls 2023-10-23 14:15:47 +01:00
firewave
f687174af1 provide more includes to Cppcheck
- added (temporary) suppression of Cppcheck `shiftTooManyBits` false positives in `libxrdp/xrdp_mppc_enc.c`
- added (temporary) suppression of Cppcheck `uninitMemberVar` true positives in `ulalaca/ulalaca.cpp` until fixes land downstream
- fix Cppcheck `nullPointerRedundantCheck` in `sesman/chansrv/clipboard.c`
- fix Cppcheck `syntaxError` in `fontutils/mkfv1.c` because it doesn't see the `freetype/fterrors.h` header / removed astyle workaround
2023-10-17 15:14:36 +02:00
matt335672
2a287963da devredir_proc_query_dir_response(): Conform to spec
This commit adds more error checking to the above function. The function
now conforms to [MS-FSCC] regarding processing of the NextEntryOffset
field.
2023-10-16 10:28:41 +01:00
matt335672
eb1c3cd4b3
Merge pull request #2810 from matt335672/remove_ss_clipboard_code
Remove client-server shortcut paste code
2023-10-11 10:38:16 +01:00
matt335672
cf5c2718af Update logging in sesman access control
Improve the built-in access checks for sesman/sesexec:-
- Group existence is checked for at login-time rather than program
  start time
- The name of the group is now included in the message

Also, check for UID == 0 when checking for root, rather than just
checking the name (which might be an alias)
2023-10-05 13:22:49 +01:00
matt335672
5837deae04 access_login_allowed: Remove primary group check
This check is now performed within g_check_user_in_group()
2023-10-05 12:25:40 +01:00
matt335672
284c17c0b2 Remove client-server shortcut paste code
When significant amounts of data is coming from the client in a
fragmented CLIPRDR_DATA_RESPONSE PDU, this code provides a way to
start copying it to a requesting client before it is all read.

The only advantage of this code is to provide a slight speedup
before a paste is visible on the server.

There are significant problems with this code. Notably, it is
very difficult to parse Unicode text coming through this route. Each
UTF-16 character can occupy up to 4 bytes, and a fragmentation
boundary could occur at any point within a UTF-16 character.
2023-09-29 12:07:19 +01:00
matt335672
e138c1a601 Update comments in smartcard code
Most of the Microsoft RDP documentation describes PDUs on-the-wire.
However, [MS-RDPESC] doesn't do this. It uses DCE IDL to describe the
contents of the PDUs sent over the File System Virtual Channel.

Ideally we'd use an IDL compiler to generate the interfaces in
[MS-RDPESC]. We don't have one though, so all PDUs are read and written
with the low-level streaming routines. It's not clear in the existing
code how IDL is mapped down to this level.

This commit updates the smartcard code with comments which will enable
maintainers to better understand the IDL-to-streaming mappings.
2023-09-25 16:13:00 +01:00
firewave
27d34e784d fixed Cppcheck unusedVariable warnings 2023-09-04 23:47:56 +02:00
matt335672
25a1fab5b6 Check auth_start_session() result 2023-08-19 13:35:26 +01:00
matt335672
84ae372a58 clipboard: Fix TODO action in clipboard_common.h
Use the official Windows clipboard format names where appropriate

Replace g_file_format_id with g_file_group_descriptor_format_id
as the latter name is more descriptive of what is described in
[MS-ECLIP]
2023-08-07 15:11:04 +01:00
matt335672
8eed7a395e clipboard: Only advertise text to X11 clients if it is available 2023-08-07 15:11:04 +01:00
matt335672
45ca9fe098 clipboard: Tell the X11 client if a selection is unavailable 2023-08-07 14:45:11 +01:00
matt335672
463cd8a543
Merge pull request #2719 from matt335672/log_xrdp_termination_signal
Log xrdp termination signals
2023-07-31 11:24:20 +01:00