mirrors/xrdp - xrdp - SynapseOS git

Author	SHA1	Message	Date
matt335672	3c98420517	Merge pull request #2713 from CynCeyd/devel Included os_calls.h first in unit tests	2023-06-05 11:11:41 +01:00
CynCeyd	f4210a20ae	Switched os_calls.h and test_common.h include order since HAVE_STDINT_H would get undefined by check.h.	2023-06-04 12:05:33 +02:00
jsorg71	dab1443e87	Merge pull request #2686 from matt335672/update_fifo_code Re-work FIFO code	2023-06-01 22:29:59 -07:00
matt335672	07ac4c3eca	Merge pull request #2711 from matt335672/allow_long_strings_in_pam_env Remove size limit for PAM environment variables	2023-06-01 15:33:44 +01:00
matt335672	c0f9c55de6	Remove size limit for PAM environment variables The current logic in auth_set_env() for PAM environments only allows environment variables to be around 256 characters in length.	2023-05-31 16:39:42 +01:00
metalefty	73b7bd5ebc	Merge pull request #2704 from neutrinolabs/security Update SECURITY.md	2023-05-29 09:47:42 +09:00
metalefty	6853048a0c	Update SECURITY.md Now vulnerability report form is open. Anyone who use GitHub can report vulnerabilities privately the form.	2023-05-28 23:45:56 +09:00
matt335672	05d1733950	Change chansrv to use common fifo code	2023-05-22 14:43:22 +01:00
matt335672	3d87d40d0a	Modify xrdp encoder for new fifo interface	2023-05-22 14:43:22 +01:00
matt335672	d5684e0633	Add module tests for new fifo module	2023-05-22 14:43:22 +01:00
matt335672	ac65538a48	Re-implement fifo code Following informal option testing, a more performant fifo implementation has been chosen which makes fewer, larger allocations, but which does not have bad edge-case performance Clearing the contents of a fifo is a common operation which generally involves freeing memory. Support has been added to the fifo interface for doing this.	2023-05-22 14:43:22 +01:00
matt335672	8535f8e08c	Merge pull request #2675 from matt335672/fix_chansrv_signal_handling Fix signal handling in chansrv.c	2023-05-22 10:03:02 +01:00
matt335672	2fa92be379	Merge pull request #2672 from iskunk/new-2 Simplify interaction with systemd	2023-05-17 11:05:53 +01:00
jsorg71	24d115824d	Merge pull request #2670 from jsorg71/large_cursor_posix add large cursor support, posix shm	2023-05-16 22:41:36 -07:00
Jay Sorg	c250529e8e	add large cursor support, posix shm	2023-05-16 10:20:24 -07:00
matt335672	544ead05e7	Merge pull request #2265 from iskunk/apparmor-harden Hardening xrdp with AppArmor	2023-05-16 09:57:09 +01:00
Daniel Richard G	fdfe47668b	Add XorgNoNewPrivileges configuration option This allows Linux's no_new_privs restriction to be disabled when starting the X server, which may be desirable if xrdp is running inside a kernel confinement framework such as AppArmor or SELinux.	2023-05-15 17:40:46 -04:00
Daniel Richard G	b191d87e33	Move Linux's no_new_privs call into os_calls This helps keep the application code free of platform-specific cruft. Also remove a needless #include<sys/prctl.h> from sesman/session_list.c.	2023-05-15 17:40:46 -04:00
Daniel Richard G	1c0c923ad1	Split g_file_open() into _ro() and _rw() variants Rename g_file_open() to g_file_open_rw(), and add a new g_file_open_ro() call that wraps the common g_file_open_ex(file, 1, 0, 0, 0) idiom. This will make the file access mode more explicit in the code. Change all calls to g_file_open() to the _ro() or _rw() variant as appropriate, and replace g_file_open_ex(file, 1, 0, 0, 0) with the _ro() call. Lastly, add tests for the two new calls to test_os_calls.c (code courteously provided by matt335672).	2023-05-15 17:38:31 -04:00
Daniel Richard G	e199dba32f	Simplify interaction with systemd	2023-05-15 11:05:35 -04:00
matt335672	0a44594f51	Fix signal handling in chansrv.c Signal handlers now only use signal-safe code See signal-safety(7) on Linux	2023-05-15 14:16:29 +01:00
matt335672	4b37e1a508	Merge pull request #2674 from matt335672/ci_fix Fix (again) broken 32-bit CI	2023-05-15 11:27:37 +01:00
matt335672	41ae2f4efa	Fix (again) broken 32-bit CI	2023-05-15 11:17:14 +01:00
matt335672	f57e0b959f	Merge pull request #2667 from iskunk/new-1 Use config_ac.h consistently and correctly	2023-05-13 10:17:32 +01:00
Daniel Richard G	42d32e7496	Use config_ac.h consistently and correctly	2023-05-12 13:49:53 -04:00
matt335672	7fe7ce9434	Merge pull request #2644 from matt335672/split_session_driver Split sesman into sesman and sesexec	2023-05-09 10:23:51 +01:00
matt335672	8853b1c4ee	New files for sesexec	2023-05-02 11:55:23 +01:00
matt335672	ae94891ab7	Add sesexec to .gitignore	2023-05-02 11:55:23 +01:00
matt335672	4dcaa84fbe	Changes to autotools stuff for sesexec	2023-05-02 11:55:23 +01:00
matt335672	c5971b535d	sesexec: Changes to existing files from sesman env.c : The value of XRDP_SESSION in the environment is now set to the PID of the sesexec process, which ties up the session with the output of "xrdp-sesadmin -c=list". Later versions of xrdp-sesadmin can use this value to get information about the current process.	2023-05-02 11:55:23 +01:00
matt335672	74cd7d1837	Rework sesman with new files	2023-05-02 11:55:23 +01:00
matt335672	3895954b75	Add libipm interfaces to sesman Add modules to sesman to handle incoming EICP and ERCP messages	2023-05-02 11:55:22 +01:00
matt335672	9c2c43693c	Move files from sesman to sesexec directory	2023-05-02 11:55:22 +01:00
matt335672	8e291846d5	Create pre-session list This is made from the old sesman_con structure. It describes a connection to sesman which is not yet running a session.	2023-05-02 11:55:22 +01:00
matt335672	dadb393443	Add sesexec control module This module provides a secure way for sesman to start the sesexec program and establish a private communications channel with it.	2023-05-02 11:55:22 +01:00
matt335672	3d95954d87	Move session_list to struct list * This commit now uses the standard list module to manage the active session list, rather than having special code to do this.	2023-05-02 11:55:22 +01:00
matt335672	1a9d15bef0	Remove explicit auth_stop_session() call Now that authentication/authorization and session creation are happening in the same process, there is no need for a separate call to finish an auth session. This change prevents the upper software layers from needing to track whether auth_start_session() has been called or not.	2023-05-02 11:55:22 +01:00
matt335672	82ede29388	libsesman: Make x11_display_offset and max_sessions unsigned	2023-05-02 11:55:22 +01:00
matt335672	06580ec448	sesman config: Add MaxDisplayNumber When allocating a display number, we should be aware that IANA only allow TCP displays up to :63. This PR adds that restriction in to sesman.ini as a default, to prevent us allocating unavailable TCP ports. By default TCP ports are not enabled for X servers, but users can easily change this if they wish to access X displays directly over the network. This restriction is in addition to the MaxSessions limit already present in sesman.ini	2023-05-02 11:55:22 +01:00
matt335672	970d936106	libsesman config: Define default sesman.ini name	2023-05-02 11:55:22 +01:00
matt335672	dec05f91fa	libipm: Add ERCP	2023-05-02 11:55:22 +01:00
matt335672	8064a463c9	libipm: Add libipm_change_facility() call	2023-05-02 11:55:22 +01:00
matt335672	c3f02f5107	libipm: Add EICP	2023-05-02 11:55:22 +01:00
matt335672	f79f8bfa70	SCP: Add scp_init_trans_from_fd()	2023-05-02 11:55:22 +01:00
matt335672	e96d77bac1	Remove g_mk_socket_path() from codepaths The socket dir is only used if we are starting a session with sesman. Consequently, it only makes sense to create this directory within sesman itself.	2023-05-02 11:55:22 +01:00
matt335672	cf5e1961d3	os_calls: Add g_setpgid()	2023-05-02 11:55:22 +01:00
matt335672	65ff618479	os_calls: Add g_executable_exist()	2023-05-02 11:55:22 +01:00
matt335672	ff24984cf3	os_calls: Add g_file_is_open()	2023-05-02 11:55:22 +01:00
matt335672	563cfaf009	Merge pull request #2643 from matt335672/close_unwanted_fds Fix leaking file descriptors	2023-05-02 11:54:05 +01:00
matt335672	c0ed83a022	Merge pull request #2651 from matt335672/allow_longer_user_wm_str Allow longer UserWindowManager strings	2023-05-02 11:53:46 +01:00

... 2 3 4 5 6 ...

4585 Commits