Improve the built-in access checks for sesman/sesexec:-
- Group existence is checked for at login-time rather than program
start time
- The name of the group is now included in the message
Also, check for UID == 0 when checking for root, rather than just
checking the name (which might be an alias)
On enterprise systems, using getgrouplist() (if available)
is more efficient than iterating over the members of the group,
and is also more likely to work
When significant amounts of data is coming from the client in a
fragmented CLIPRDR_DATA_RESPONSE PDU, this code provides a way to
start copying it to a requesting client before it is all read.
The only advantage of this code is to provide a slight speedup
before a paste is visible on the server.
There are significant problems with this code. Notably, it is
very difficult to parse Unicode text coming through this route. Each
UTF-16 character can occupy up to 4 bytes, and a fragmentation
boundary could occur at any point within a UTF-16 character.
- font_items in struct xrdp_font renamed to chars to catch all
accesses to it. This name is consistent with the type of
the array elements (struct xrdp_font_char).
- Additional fields added to struct xrdp_font to allow for range
checking and for a default character to be provided
- Additional checks and logic added to xrdp_font_create()
- New macro XRDP_FONT_GET_CHAR() added to perform checked access
to chars field in struct xrdp_font
Most of the Microsoft RDP documentation describes PDUs on-the-wire.
However, [MS-RDPESC] doesn't do this. It uses DCE IDL to describe the
contents of the PDUs sent over the File System Virtual Channel.
Ideally we'd use an IDL compiler to generate the interfaces in
[MS-RDPESC]. We don't have one though, so all PDUs are read and written
with the low-level streaming routines. It's not clear in the existing
code how IDL is mapped down to this level.
This commit updates the smartcard code with comments which will enable
maintainers to better understand the IDL-to-streaming mappings.
Use the official Windows clipboard format names where appropriate
Replace g_file_format_id with g_file_group_descriptor_format_id
as the latter name is more descriptive of what is described in
[MS-ECLIP]