Commit Graph

147 Commits

Author SHA1 Message Date
matt335672
ce355fc235 Allow for xrdp not being able to delete PID file
If xrdp is running with dropped privileges it won't be able to delete
the PID file it's created. Places where xrdp is stopped need to cater
for this.

It's prefereable to do this than make the PID file writeable by xrdp
with dropped privileges, as this can still lead to DoS attacks if an
attacker manages to modify the PID file from a compromised xrdp
process.
2024-07-01 11:11:21 +01:00
matt335672
b1d8428579 Add code to drop privileges of xrdp daemon 2024-07-01 11:11:21 +01:00
matt335672
bc9b35c38c Rename struct exit_status in os_calls
This conflicts with struct exit_status in <utmp.h>
2024-02-21 09:24:48 +00:00
jsorg71
c961563403 GFX: sort versions, flags to return the highest version we support in… (#2911)
* GFX: sort versions, flags to return the highest version we support in caps advertise

* GFX: simpify swtich in caps_advertise

* GFX: log skipped capability versions in caps_advertise
2024-01-31 19:08:29 -05:00
Nexarian
584a894490 Add 0 as valid g_obj_wait timeout instead of having it be equivalent to -1. 2024-01-31 19:08:29 -05:00
matt335672
547c619c2f Move g_mk_socket_path() to sesman
The sockdir is only used when sesman is active. The
call g_mk_socket_path() is removed from os_calls and moved to
sesman.

We also change the permissions on this directory to
0755 rather than 01777 (01000 is the 'sticky bit', S_ISVTX).

The behaviour of g_create_dir() has been modified to not
set S_ISVTX on Linux directories. This is implementation-defined
behaviour according to 1003.1, and is no longer required for the
sockdir.
2023-10-23 15:51:17 +01:00
matt335672
d11617adbe Remove dependency on signal() function
Replaces uses of signal() with sigaction() which should be far
more portable.
2023-10-09 14:05:29 +01:00
matt335672
cf677da22c Add getgrouplist() support to os_calls
On enterprise systems, using getgrouplist() (if available)
is more efficient than iterating over the members of the group,
and is also more likely to work
2023-10-04 11:02:07 +01:00
Jay Sorg
c250529e8e add large cursor support, posix shm 2023-05-16 10:20:24 -07:00
Daniel Richard G
b191d87e33 Move Linux's no_new_privs call into os_calls
This helps keep the application code free of platform-specific cruft.
Also remove a needless #include<sys/prctl.h> from sesman/session_list.c.
2023-05-15 17:40:46 -04:00
Daniel Richard G
1c0c923ad1 Split g_file_open() into _ro() and _rw() variants
Rename g_file_open() to g_file_open_rw(), and add a new g_file_open_ro()
call that wraps the common g_file_open_ex(file, 1, 0, 0, 0) idiom. This
will make the file access mode more explicit in the code.

Change all calls to g_file_open() to the _ro() or _rw() variant as
appropriate, and replace g_file_open_ex(file, 1, 0, 0, 0) with the _ro()
call.

Lastly, add tests for the two new calls to test_os_calls.c (code
courteously provided by matt335672).
2023-05-15 17:38:31 -04:00
matt335672
e96d77bac1 Remove g_mk_socket_path() from codepaths
The socket dir is only used if we are starting a session
with sesman. Consequently, it only makes sense to create
this directory within sesman itself.
2023-05-02 11:55:22 +01:00
matt335672
cf5e1961d3 os_calls: Add g_setpgid() 2023-05-02 11:55:22 +01:00
matt335672
65ff618479 os_calls: Add g_executable_exist() 2023-05-02 11:55:22 +01:00
matt335672
ff24984cf3 os_calls: Add g_file_is_open() 2023-05-02 11:55:22 +01:00
matt335672
d712f3527a os_calls: Add g_get_open_fds() 2023-04-24 11:57:38 +01:00
matt335672
b811fdb36b os_calls: Add g_file_{get,set}_cloexec() functions
Allows us to avoid file descriptor leaks when running a new executable
2023-04-24 11:11:04 +01:00
matt335672
3ee8eb9c9e
Merge pull request #2592 from matt335672/restructure_session_start
Restructure session start
2023-03-27 10:38:37 +01:00
Jay Sorg
2d8b52f744 common: change g_malloc, g_free, g_memset, g_memcpy, and g_memmove to macros 2023-03-25 12:22:19 -07:00
matt335672
8b9f9b40c8 os_calls changes
- Add g_pipe()
- Add g_file_duplicate_on()
- Rework struct exit_status to make it easier to parse
- Add optional status return to g_waitchild()
2023-03-23 18:12:06 +00:00
matt335672
621b3fc6dc Add g_execvp_list() to os_calls 2023-03-06 16:03:55 +00:00
matt335672
86d0d0e9fd Addressed review comments 2023-02-13 14:28:29 +00:00
matt335672
78fa1c15b2 Replace select() system call with poll()
poll() is specified in POSIX.1-2001 as a simpler interface for
multiplexed file descriptors than select(). It also provides more
functionality.

This PR replaces the select() calls used in xrdp with poll()
equivalents.
2023-02-13 14:28:29 +00:00
Derek Schrock
1e5b42893c Add g_set_alarm to set an alarm calling func after secs seconds 2023-02-11 18:01:12 -05:00
matt335672
a5034e3572 Implement g_sck_send_fd_set() and g_sck_recv_fd_set() 2023-01-30 14:31:16 +00:00
matt335672
1fbcdffff1 Use unsigned int for some data lengths 2023-01-30 14:31:16 +00:00
matt335672
48e46d183a Add g_setallusercontext() for *BSD systems 2023-01-05 10:52:08 +00:00
matt335672
a16e56f711 Add function to get user information by UID
Moving to a uid_t to store the user information makes a lot
of sense. When doing this, we need a function to get information
about a user from the uid_t

As well as creating the function g_getuser_info_by_uid() we also
rename g_getuser_info() to g_getuser_info_by_name() and make the
parameter ordering more usual.
2022-12-22 11:35:02 +00:00
matt335672
df83fbf9bf Fix const-correctness for g_system() 2022-12-12 19:52:27 +00:00
matt335672
3a0a932472 Add --reload option to sesman
Adds a --reload switch to sesman and plumbs this in
to systemctl reload xrdp-sesman.service
2022-11-09 09:46:36 +00:00
matt335672
9875f0c0d8 Add g_memmove() to os_calls 2022-09-06 09:31:47 +01:00
matt335672
79bec8110c Unify connection fields for the connected client
The connected client is currently described in two places in
the xrdp_client_info structure:-

1) In the connection_description field. This was introduced as
   field client_ip by commit d797b2cf49
   for xrdp v0.6.0

2) In the client_addr and client_port fields introduced by commit
   25369460a1 for xrdp v0.8.0

This commit unifies these two sets of fields into a single
set of fields describing the connection IP and port (for
AF_INET/AF_INET6 connections only) and a connection description
for all connection types.

The code in os_calls to provide client logging has been simplified
somewhat which should make it easier to add new connection types (e.g.
AF_VSOCK).

The old connection_description field used to be passed to sesman to
inform sesman of the IP address of the client, and also to provide
a string for 'C' field session policy matching. 'C' field session policy
matching does not actually need this string (see #2239), and so now only
the IP field is passed to sesman.
2022-05-18 12:35:07 +01:00
matt335672
34fe9b60eb
Merge pull request #1983 from matt335672/pam_group_fix
Moved g_initgroups() call to before auth_start_session()
2022-05-04 09:29:15 +01:00
matt335672
0a54106866 Added g_umask_hex() call 2022-04-15 11:12:01 +01:00
matt335672
4183d8ddbf Moved initgroups call to before auth_start_session()
This is required for PAM systems that depend on group membership being
available during PAM processing. This is used by pam_group on FreeBSD
and pam_group on Linux-PAM, although the functionality of both is
different.
2022-04-05 16:07:26 +01:00
matt335672
6cf053c9df Add libipm test suite 2022-03-15 10:23:27 +00:00
matt335672
ce23c824ea
Merge pull request #1976 from matt335672/fail2ban_support
Fail2ban support (#1076)
2021-11-18 10:11:12 +00:00
matt335672
50e37bf673 Add more file info functions
- g_file_get_device_number()
- g_file_get_inode_num()
2021-10-25 15:24:27 +01:00
matt335672
5fb621ca53 Logged IP address for fail2ban on login failure 2021-10-25 11:35:35 +01:00
matt335672
60016c1f75 Rename client_ip to connection_description 2021-10-25 11:35:35 +01:00
Alexandre Quesnel
52707ac686 Fixing formatting with astyle 2021-05-08 16:58:11 +00:00
Alexandre Quesnel
f5e4b53b11 Add logging to g_exec*() functions 2021-04-14 04:41:53 +00:00
Alexandre Quesnel
bb9d3079c0 Fixing formatting with astyle in common/* 2021-03-14 23:33:31 +00:00
matt335672
0a1a8f40e5 Moved a lot of string funcs to string_calls module 2020-12-22 11:57:24 +00:00
matt335672
5523847540 Allow FuseMountName for chansrv to be absolute path 2020-12-21 12:36:31 +00:00
Bolke de Bruin
a6a0e5e004 Allow domain name to be concatenated to username
If a server is multihomed (i.e. mutiple domains) the
users are identified by their domain name. This change
allows to concat the domain name to the username with
a specific separator.
2020-08-30 21:56:16 +02:00
Jay Sorg
ee65ccb31d use address for tcp:// and tcp6:// and vsock:// 2019-07-01 17:56:50 -07:00
Jay Sorg
0bc7803eaa add TCP V4 and V6 only socket functions 2019-06-29 23:59:18 -07:00
Jay Sorg
26507644e3 vsock, move some defines 2017-11-07 18:20:45 -08:00
Justin Terry (VM)
50bd624cc4 Implements XRDP over vsock
1. Implements the ability to use AV_VSOCK for the transport rather than TCP.
2. Updates the ini file to be able to conditionally turn this feature on.
2017-11-07 18:20:45 -08:00