183 Commits

Author SHA1 Message Date
matt335672
79bec8110c Unify connection fields for the connected client
The connected client is currently described in two places in
the xrdp_client_info structure:-

1) In the connection_description field. This was introduced as
   field client_ip by commit d797b2cf497587355bbf25cd27d59edd1c3f2915
   for xrdp v0.6.0

2) In the client_addr and client_port fields introduced by commit
   25369460a1b2f204d03a6bc4821251d7ef2d7adf for xrdp v0.8.0

This commit unifies these two sets of fields into a single
set of fields describing the connection IP and port (for
AF_INET/AF_INET6 connections only) and a connection description
for all connection types.

The code in os_calls to provide client logging has been simplified
somewhat which should make it easier to add new connection types (e.g.
AF_VSOCK).

The old connection_description field used to be passed to sesman to
inform sesman of the IP address of the client, and also to provide
a string for 'C' field session policy matching. 'C' field session policy
matching does not actually need this string (see #2239), and so now only
the IP field is passed to sesman.
2022-05-18 12:35:07 +01:00
matt335672
c894ba5b40 Better logging of classic connection security 2022-01-28 12:23:40 +00:00
matt335672
c39bb18469 Fix buffer size check 2021-12-02 13:47:09 +00:00
matt335672
60016c1f75 Rename client_ip to connection_description 2021-10-25 11:35:35 +01:00
TOMATO-ONE
7847b23808 Bug fix when parameter is 0 2021-08-16 00:20:13 +09:00
TOMATO-ONE
badc612a8a override keyboard infomation #1950 2021-08-08 22:23:01 +09:00
matt335672
763f8fab7f xrdp_rdp_send_data() now works with --enable-devel-streamcheck 2021-05-28 10:57:12 +01:00
Koichiro IWAO
b7f5004008
Demote some too verbose logs to TRACE level
Fixes #1864.
2021-04-26 11:49:46 +09:00
matt335672
89843b12f4 Add versioning to xrdp_client_info 2021-02-26 11:27:13 +00:00
aquesnel
0ec471b02d
Add detailed logging to libxrdp (#1742)
* Added s_rem(s) for getting the remaining bytes in a stream
* Added s_rem_out() macro
* Fixed 15bpp pointer error checking
* Combined the 512 and 2048 bit certificate sending  code paths
* Other detailed comments and logging added following MS-RDPBCGR
2021-02-04 10:11:54 +00:00
metalefty
bba65b3592
Merge pull request #1738 from aquesnel/unify_logging_libxrdp
Unify logging in libxrdp
2020-12-23 09:59:21 +09:00
matt335672
5523847540 Allow FuseMountName for chansrv to be absolute path 2020-12-21 12:36:31 +00:00
Alexandre Quesnel
121c17e818 Removing duplicate logging statements 2020-12-12 17:05:09 +00:00
Alexandre Quesnel
a82ee03d4d Changing LOG_DEVEL to LOG to avoid silent failures. 2020-12-05 19:22:50 +00:00
Alexandre Quesnel
2d6d249f76 Fixing code formatting with astyle 2020-11-30 05:04:11 +00:00
Alexandre Quesnel
51905d765a Migrating logging to LOG() and LOG_DEVEL() in libxrdp/* 2020-11-30 05:04:10 +00:00
matt335672
ebc21fe180 Added -c / --config to xrdp 2020-10-16 10:55:23 +01:00
Bolke de Bruin
a6a0e5e004 Allow domain name to be concatenated to username
If a server is multihomed (i.e. mutiple domains) the
users are identified by their domain name. This change
allows to concat the domain name to the username with
a specific separator.
2020-08-30 21:56:16 +02:00
Bolke de Bruin
b0bca1363e Add support for token authentication
This feature allows to embed a token in the username field. Tokens
are separated from the username by the ASCII field separator character
0x1F (unicode 0x001F).
2020-08-29 10:40:22 +02:00
matt335672
6f881d47d3 Rationalise ms- constants
Constants from MS documents (MS-RDPBCGR etc) moved out of
common/xrdp_constants.h into includes named after the documents.

Similar includes moved from sesman/chansrv to the common area.
2020-01-06 15:46:37 +00:00
Jay Sorg
0fbbc47092 cleanup refresh rect and check stream bounds 2019-11-07 02:03:57 +00:00
Jay Sorg
21f90e3ca2 work on suppress 2019-04-25 14:54:25 -07:00
Jay Sorg
9e9cada4ec work on suppress 2019-04-25 14:54:25 -07:00
Jay Sorg
ecf4acf5f1 work on suppress 2019-04-25 14:54:25 -07:00
Koichiro IWAO
0e9e25f100
use MS name for PDU types
RDP_PDU_REDIRECT has been removed as it is not found in MS-RDPBCGR and
not used anywhere.
2018-12-12 17:40:58 +09:00
daixj
bc150c2e56 set use_cache_glyph_v2 on if the client support 2018-10-25 17:02:43 +08:00
daixj
b3a1889200 Support Cache Glyph Revison 2, issue #367 2018-10-25 10:34:00 +08:00
jsorg71
ae1514c167
dynamic virtual channel improvements
remove not used chansrv <-> xrdp messages
move static channel disable control into libxrdp
remove some blocking read, write chansrv calls
add drdynvc calls to libxrdp
add drdynvc calls to chansrv
channel cleanup
2018-10-11 22:09:20 -07:00
Jay Sorg
8d63c32899 move openssl calls to common/libssl.c, check for defines 2017-06-22 11:47:48 +09:00
Koichiro IWAO
a1b0344db5 Use the words "cannot read" rather than "cannot open"
as the code actually tests readability.
2017-06-12 16:57:04 +09:00
Koichiro IWAO
65c1fe87d7 Log user-friendly message when certificate/privkey is inaccessible
We shouldn't assume that xrdp daemon is running under root privilege.
In many cases, root privilege is not really needed for xrdp daemon.
xrdp may fail to load certificate/privkey due to lack of permissions
when running under user privilege. Checking existence of files is not
enough and xrdp should output user-friendly log in such case.

Reported by Debian user in bug 856436 [1].

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856436
2017-06-12 16:57:04 +09:00
Pavel Roskin
43899b7e0c Allocate space for tls_ciphers dynamically 2017-03-21 10:39:40 -07:00
Pavel Roskin
6ed4c969f4 Eliminate APP_CC and DEFAULT_CC 2017-03-14 00:21:48 -07:00
Pavel Roskin
9cdcb38d87 Fix memory leak in tls_ciphers parsing 2017-03-13 17:17:06 +09:00
Koichiro IWAO
08ba9ed4a8 Remove useless comment, no logic change
Now client addr and port are properly logged.
2017-03-09 15:42:14 +09:00
Pavel Roskin
b2d3dcf169 Include config_ac.h from all source files 2017-03-04 00:52:34 -08:00
Koichiro IWAO
096baec331 no cast is needed for NULL 2017-02-27 14:17:25 +09:00
Koichiro IWAO
849c1a22a2 TLS: switch ssl_protocols to a comma separated list 2017-02-27 14:17:25 +09:00
Koichiro IWAO
c64e9992e6 TLS: warn if no SSL/TLS protocols enabled 2017-02-27 14:17:25 +09:00
Koichiro IWAO
e94ab10e14 TLS: new method to specify SSL/TLS version
SSL/TLS protocols only listed in ssl_protocols should be used.
The name "ssl_protocols" comes from nginx.

Resolves #428.
2017-02-27 14:17:25 +09:00
Idan Freiberg
482671fd18 Merge pull request #625 from speidy/proxy_session_info
Pass session info in proxy mode
2017-01-23 08:15:18 +02:00
Idan Freiberg
19375dda7a Merge pull request #426 from metalefty/log-tls-version-and-cipher
TLS: log TLS version and cipher
2017-01-16 07:26:51 +02:00
speidy
b7da395b5e libxrdp: use constant RDP_DATA_PDU_LOGON 2017-01-15 08:51:43 +02:00
Jay Sorg
6f74efa70a add session_info
Conflicts:
	libxrdp/libxrdp.h
2017-01-15 08:20:50 +02:00
Koichiro IWAO
f29a98b243 TLS: log client port in addition to ssl protocol and cipher 2017-01-13 17:59:29 +09:00
speidy
94cdbdcee6 libxrdp: change channel_code into a meaningful name 2017-01-06 07:59:49 +02:00
speidy
a96c91b38e libxrdp: fix Fast-Path Synchronize Update message 2016-12-27 09:53:53 +02:00
Pavel Roskin
8069b29429 Recognize security_layer=negotiate in xrdp.ini, improve logging
security_layer=negotiate is documented, but the code is complaining
loudly about it. Fix it, make sure not to change the actual behavior
apart from the logging.

Improve the log message for unrecognized security_layer setting.
2016-11-27 23:49:32 -08:00
Koichiro IWAO
2c9ff1a4d4 log non TLS session 2016-11-22 10:50:31 +09:00
Koichiro IWAO
40e8194122 TLS: log TLS version and cipher 2016-11-22 10:50:30 +09:00