mirrors/xrdp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,750 Commits 9 Branches 44 Tags 20 MiB
ddff9ebb32
Commit Graph

784 Commits

Author SHA1 Message Date
matt335672
2ee5e76ed7 Improve quality of SSL logging 2021-06-21 17:44:47 +01:00
matt335672
87bbfd96ca Use symbolic names for static virtual channel name strings 2021-06-08 14:11:17 +01:00
matt335672
3ea19ef0cd Create ms-rdpeclip.h and update ms-rdpbcgr.h 2021-06-08 14:11:17 +01:00
matt335672
85b101dfb2 Added string function g_strnchr() 2021-06-08 14:11:17 +01:00
matt335672
09d4e1db14 Fixes --enable-devel-streamcheck 2021-06-02 15:52:49 +01:00
matt335672
c714a555bd Added in --enable-devel-streamcheck 2021-05-28 10:57:12 +01:00
matt335672
52a52daddd Split development option into separate things 2021-05-28 10:57:12 +01:00
Alexandre Quesnel
52707ac686 Fixing formatting with astyle 2021-05-08 16:58:11 +00:00
Christopher Pitstick
deb66ce766 Resolution switching without reconnecting. 
- Based on https://github.com/jsorg71/xrdp/tree/dynamic_monitor
- Tested with xorgxrdp
- Tested with vnc
- Only works with single monitor.
- Update documentation to clarify the difference between MSTSC and
Microsoft Remote Desktop.
- Does not include compatibility with /gfx at this time, which is still
in testing.
- Updates to include ms-rdpedisp.h header for the 2.2.2 specification of
the protocol.
- Adds new dynamic_monitor_layout struct that shares the number of
monitors with xrdp_client_info.h
- Does not allow for BPP changes because the RDP protocol doesn't
support it.
- Option to disable feature as NeutrinoRDP doesn't support it (It was
based on FreeRDP 1.0.1 which didn't yet have this feature.)
- Add CLIENT_MONITOR_DATA_MAXIMUM_MONITORS constant and reference
spec definition.

Depends on https://github.com/neutrinolabs/xorgxrdp/pull/183
 2021-04-22 01:34:03 -04:00
Alexandre Quesnel
28bce37d04 Add -no-suppress to the libtool invocation for libcommon 2021-04-14 04:41:54 +00:00
Alexandre Quesnel
f5e4b53b11 Add logging to g_exec*() functions 2021-04-14 04:41:53 +00:00
Alexandre Quesnel
09174ccd4d Adding g_strnjoin() with units tests 2021-04-14 04:41:53 +00:00
matt335672
86c87b6f15 Move get_display_num_from_display to string_calls module 2021-04-13 12:16:00 +01:00
Alexandre Quesnel
bc7c9abd58 Fix spelling mistake in g_bytes_to_hexdump() doc 2021-04-08 15:10:12 +00:00
Alexandre Quesnel
b8d02823d1 Extracting bytes_to_hexdump function from logging implementation 2021-03-26 13:58:27 +00:00
Alexandre Quesnel
d73e45eff1 Removing DEBUG() macro 2021-03-14 23:33:31 +00:00
Alexandre Quesnel
2ab3b97ba0 Migrating logging to LOG() and LOG_DEVEL() in common/* 2021-03-14 23:33:31 +00:00
Alexandre Quesnel
bb9d3079c0 Fixing formatting with astyle in common/* 2021-03-14 23:33:31 +00:00
matt335672
feb8ef33f5
Merge pull request #1813 from matt335672/client-info-versioning 
Add versioning to xrdp_client_info #1813
 2021-03-09 09:21:31 +00:00
John Paul Adrian Glaubitz
a777ff9ee0 Add support for sh 2021-03-03 02:55:40 +01:00
John Paul Adrian Glaubitz
1d1ec9614f Add support for s390 and s390x 2021-03-03 02:55:24 +01:00
John Paul Adrian Glaubitz
3b81df3f9e Add support for little-endian powerpc 2021-03-03 02:54:00 +01:00
John Paul Adrian Glaubitz
9c39aa1b9f Add support for m68k 2021-03-03 02:52:23 +01:00
matt335672
89843b12f4 Add versioning to xrdp_client_info 2021-02-26 11:27:13 +00:00
aquesnel
b9bdee6ccc
Unify logging in mc/* (#1806) 
* Fixing formatting with astyle in mc/*
* Migrating logging to LOG() and LOG_DEVEL() in mc/*
* Removing LIB_DEBUG
 2021-02-12 12:09:42 +00:00
aquesnel
0ec471b02d
Add detailed logging to libxrdp (#1742) 
* Added s_rem(s) for getting the remaining bytes in a stream
* Added s_rem_out() macro
* Fixed 15bpp pointer error checking
* Combined the 512 and 2048 bit certificate sending  code paths
* Other detailed comments and logging added following MS-RDPBCGR
 2021-02-04 10:11:54 +00:00
matt335672
1e13533048 Remove output on stdout by default on daemon startuip 2021-01-07 10:50:16 +00:00
matt335672
cca057908c
Merge pull request #1778 from matt335672/ec-crypto 
Support EC cryptographic keys for TLS
 2021-01-07 10:47:42 +00:00
matt335672
ea582429e1 Load any private key type, not just RSA (#1776) 
Fix missing SSL logging and reformat with astyle
 2021-01-07 10:34:39 +00:00
matt335672
8ab3a2e9f8 Bumped cppcheck version to 2.3 
addressed resulting warnings
 2020-12-31 11:27:14 +00:00
metalefty
a033cf0ea4
Merge pull request #1753 from aquesnel/fix_location_logging 
Fixing code location log level filtering
 2020-12-23 21:39:39 +09:00
Khem Raj
9cd4acad49 riscv doesn't require pointers to be aligned 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2020-12-22 23:12:06 -08:00
Alexandre Quesnel
a4f3471707 Fixing code location log level filtering 2020-12-23 03:56:23 +00:00
metalefty
bba65b3592
Merge pull request #1738 from aquesnel/unify_logging_libxrdp 
Unify logging in libxrdp
 2020-12-23 09:59:21 +09:00
matt335672
0a1a8f40e5 Moved a lot of string funcs to string_calls module 2020-12-22 11:57:24 +00:00
matt335672
5523847540 Allow FuseMountName for chansrv to be absolute path 2020-12-21 12:36:31 +00:00
matt335672
633716bbad sesrun improvements and doc fixes 2020-12-09 11:44:17 +00:00
matt335672
8d994a547d Add log_config_init_for_console() for utilities 2020-11-30 11:04:21 +00:00
Alexandre Quesnel
51905d765a Migrating logging to LOG() and LOG_DEVEL() in libxrdp/* 2020-11-30 05:04:10 +00:00
Alexandre Quesnel
0c61a15fc5 Migrating logging to LOG() and LOG_DEVEL() in sesman/* 2020-11-30 00:36:20 +00:00
metalefty
0d8e4146a2
Merge pull request #1728 from aquesnel/add_github_actions 
Add GitHub actions
 2020-11-20 14:11:23 +09:00
matt335672
d78d46187f
Merge pull request #1706 from matt335672/neutrinordp-flow-control2 
Fix neutrinordp buffering. Addresses #1634 and #1608
 2020-11-17 09:31:13 +00:00
Alexandre Quesnel
9cb6bfc3a4 Fix SSL compiler warning 2020-11-17 05:46:36 +00:00
Jay Sorg
f3b47b33cd build fix for older gcc 2020-11-12 23:22:23 -08:00
Matt Burt
1f8bb57fd6 Improve source_info commenting and fix neutrino slow link 2020-10-20 09:55:17 +01:00
Alexandre Quesnel
a9ec1ebd99 Unifying logging in chanserv 
This commit adds:
* replace multiple logging macros with LOG and LOG_DEVEL
* logging configuration for chanserv
* logging configuration for console output
* logging configuration for per file or method log level filtering for
debug builds
* file, line, and method name in log message for debug builds
 2020-10-19 05:10:47 +00:00
matt335672
ebc21fe180 Added -c / --config to xrdp 2020-10-16 10:55:23 +01:00
matt335672
68f0fa7e4d
Merge pull request #1668 from bolkedebruin/enable_token_sso 
Add support for token authentication
 2020-09-09 10:10:13 +01:00
matt335672
61b9a42fc5 Fixed compiler warnings about snprintf truncations 2020-09-02 10:32:38 +01:00
Bolke de Bruin
a6a0e5e004 Allow domain name to be concatenated to username 
If a server is multihomed (i.e. mutiple domains) the
users are identified by their domain name. This change
allows to concat the domain name to the username with
a specific separator.
 2020-08-30 21:56:16 +02:00
Bolke de Bruin
b0bca1363e Add support for token authentication 
This feature allows to embed a token in the username field. Tokens
are separated from the username by the ASCII field separator character
0x1F (unicode 0x001F).
 2020-08-29 10:40:22 +02:00
Bolke de Bruin
4d7b916faf Improve description 2020-08-21 09:19:49 +02:00
Bolke de Bruin
47e1c5d359 Add description 2020-08-19 12:50:01 +02:00
bolkedebruin
5cd36c511c Set max character buffer len to 512 per MS specification 
The MS specs determine that the character buffer lenngths
for usernames, domains, passwords, alternate shells, etc
can be up to 512 characters including the mandatory null
terminator.
 2020-08-17 10:35:35 +02:00
Alexandre Quesnel
7e58209b19 Fixing the build with --enable-xrdpdebug and CFLAGS=-Werror -Wall 2020-07-25 23:53:26 +00:00
matt335672
27653f97f2 Code changes for cppcheck 2.1 warnings 2020-06-19 11:07:23 +01:00
metalefty
a618a67d4a
Merge pull request #1520 from qarmin/small_fixes 
Small fixes found by static analyzers.
 2020-05-08 15:27:18 +09:00
metalefty
cc384de392
Merge pull request #1549 from matt335672/hac425-1 
Address possible memory out-of-bounds accesses on connect requests
 2020-05-08 15:17:55 +09:00
matt335672
aa0dbbae15 Added CHANNEL_NAME_LEN to ms-rdpbcgr.h 2020-04-27 15:01:56 +01:00
matt335672
da3114007c Address possible memory out-of-bounds accesses 2020-04-15 09:57:05 +01:00
Rafał Mikrut
12c46664a2 Small fixes found by static analyzers. 2020-03-20 11:21:34 +01:00
matt335672
a3d429b4f7 Minor fixes to drive redirection 2020-03-03 16:14:24 +00:00
metalefty
627da8da3e
Merge pull request #1470 from matt335672/rename-includes 
Move MS-defined constants into separate includes
 2020-01-16 15:01:18 +09:00
okhowang(王沛文)
32ef6ea3dd support mousex button 8/9 2020-01-14 18:04:06 +08:00
Koichiro IWAO
e8c845e78b
common: switch _exit to exit 
mentioned in #1472.
 2020-01-08 09:21:39 +09:00
Koichiro IWAO
e928d8baf2
common: flush stream in g_deinit() 
unless flushing stream before exitting, `xrdp --version | cat` will
show empty output.

Fixes #1471.
 2020-01-07 19:24:17 +09:00
matt335672
6f881d47d3 Rationalise ms- constants 
Constants from MS documents (MS-RDPBCGR etc) moved out of
common/xrdp_constants.h into includes named after the documents.

Similar includes moved from sesman/chansrv to the common area.
 2020-01-06 15:46:37 +00:00
Jay Sorg
0fbbc47092 cleanup refresh rect and check stream bounds 2019-11-07 02:03:57 +00:00
Jay Sorg
ee65ccb31d use address for tcp:// and tcp6:// and vsock:// 2019-07-01 17:56:50 -07:00
Jay Sorg
0bc7803eaa add TCP V4 and V6 only socket functions 2019-06-29 23:59:18 -07:00
Jay Sorg
ecf4acf5f1 work on suppress 2019-04-25 14:54:25 -07:00
Jay Sorg
0ed82f71e8 xrdp: check term event for more responsive shutdown 2019-04-01 23:14:09 -07:00
Koichiro IWAO
062699334e
Fix typo s/BITMACACHE/BITMAPCACHE/ 2018-12-13 17:27:25 +09:00
Koichiro IWAO
0e9e25f100
use MS name for PDU types 
RDP_PDU_REDIRECT has been removed as it is not found in MS-RDPBCGR and
not used anywhere.
 2018-12-12 17:40:58 +09:00
Koichiro IWAO
b2a7bb0cf0
use MS for orderType constants 2018-12-12 17:40:58 +09:00
Koichiro IWAO
83d3349c5a
add some more constants and use them 2018-11-27 15:08:22 +09:00
Koichiro IWAO
43f6ac0723
use MS name for constants 2018-11-27 15:08:22 +09:00
daixj
fcb1b825c5 neutrinordp: don't enable remote_app if the INFO_RAIL flag is not set 2018-11-23 17:18:26 +08:00
daixj
8da22cf67a Merge branch 'devel' of https://github.com/neutrinolabs/xrdp into devel-mac 2018-10-25 16:19:54 +08:00
Koichiro IWAO
c15cd91198
common: add constants of glyph support level 2018-10-25 16:00:53 +09:00
daixj
b3a1889200 Support Cache Glyph Revison 2, issue #367 2018-10-25 10:34:00 +08:00
Koichiro IWAO
74497752dc
Add TLSv1.3 support 
Actually, TLSv1.3 will be enabled without this change if xrdp is compiled
with OpenSSL or alternatives which support TLSv1.3. This commit makes to
enable or disable TLSv1.3 explicitly.  Also, this commit adds a log
"TLSv1.3 enabled by config, but not supported by system OpenSSL". if
xrdp installation doesn't support TLSv1.3. It should be user-friendly.
 2018-09-14 11:50:55 +09:00
daixj
88b3c06311 fix issue #1112: set SSL object's read_ahead flag to be 0 2018-05-21 11:08:41 +08:00
metalefty
f52f632e21
Merge pull request #1096 from metalefty/version_info 
Show OpenSSL version to --version
 2018-04-13 14:49:26 +09:00
Koichiro IWAO
b2b42d28f3
xrdp: add OpenSSL version to --version 
While here, cleanup --help,  --version, and when unknown option.
 2018-04-10 23:58:31 +09:00
Ben Cohen
3b5b7a5935 UDS file deleted after first connection 
If you run xrdp with a Unix Domain Socket (UDS) for the port specified in
/etc/xrdp/xrdp.ini then the first connection succeeds but subsequent
connections fail.  In fact the UDS is deleted from the filesystem as soon
as the first connection is established.

Test case:

1. Edit /etc/xrdp/xrdp.ini to set "port=/var/run/xrdp-local.socket".

2. Restart xrdp.

3. Run the following.  When rdesktop starts up and the logon dialog is
   displayed, press "Cancel".

   sudo socat TCP-LISTEN:12345 UNIX-CONNECT:/var/run/xrdp-local.socket &
   rdesktop localhost:12345

4. Run the following:

    sudo socat TCP-LISTEN:12346 UNIX-CONNECT:/var/run/xrdp-local.socket &
    rdesktop localhost:12346

Expected behaviour: rdesktop starts up and displays the logon dialog.
Observed behaviour: rdesktop exits with "ERROR: Connection closed" and
                    socat exits with "No such file or directory.

This is because in the child process after forking, xrdp_listen_fork()
calls trans_delete() which deletes the UDS.  Simply commenting out the
g_file_delete() and g_free() fixes this, but that isn't a proper solution
because trans_delete() is called from elsewhere where the UDS might no
longer be wanted.

Fix by adding a function trans_delete_from_child() that frees and clears
listen_filename before calling trans_delete(), and call the new function
from xrdp_listen_fork().

(Workaround: set "fork=false" in /etc/xrdp/xrdp.ini, because
trans_delete() is then not called.)
 2018-03-27 09:22:49 +03:00
Fernando Seiti Furusato
9f80fcd74e Corrected endianness detection on ppc64el. 
In common/arch.h, the endianness detection considers all powerpc
architectures as big endian. Since that is not true for ppc64el, I
added a verification that checks other preprocessor macros, only for
ppc cases.

Signed-off-by: Fernando Seiti Furusato <ferseiti@gmail.com>
 2018-03-27 13:45:58 +09:00
speidy
a432969746 common: ssl_calls: add support for OpenSSL>=1.1.0 API for DH keys 
also fixes some memory leak introduced in PR#1024.
and adds a check that DH params generated successfully. write a proper log message if not.
 2018-03-22 02:20:47 +02:00
speidy
8effc09ab7 common: ssl_calls: check if SSL object created right after its creation. 2018-03-21 08:16:12 +02:00
Koichiro IWAO
e3d0fd6d46
common: temporarily disable DHE 
until make it possible to use generated DH parameters per installation.
 2018-03-18 21:14:06 +09:00
Koichiro IWAO
1690950cc8
common: regenerate dhparam 
Generated by: openssl dhparam -C 2236
 2018-03-01 13:48:22 +09:00
Koichiro IWAO
578d23477c
common: obey coding style, remove trailing space 2018-03-01 12:11:52 +09:00
Enrico Tagliavini
70b5adb396 add support for DHE ciphers via compiled in dhparam 
make it possible to use regular (non EC) EDH ciphers. To make this
possible a Diffie-Hellman parameter must be passed to the openssl
library. There are a few options possible as described in the manuals at
[1] and [2]. Simplest approach is to generate a DH parameter using
openssl dhparam -C <lenght> and include the code into the application.
The lenght used for this commit is 2236 bits long, which is the longest
possible without risking backward incompatibilities with old systems as
stated in [1]. Newer systems should use ECDH anyway, so it makes sense
to keep this method as compatible with older system as possible.
Paramters longer than 2048 should still be secure enough at the time of
writing.

[1] https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
[2] https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_tmp_dh_callback(3)
 2018-03-01 09:57:35 +09:00
Enrico Tagliavini
6cdc0f31b0 enable automatic ECDH when possible (openssl 1.0.2) 
Openssl 1.1.0 and later are enabling ECDH automatically, but for older
version it must be enabled explicitly or all Perfect Forward Secrecy
ciphers will be silently ignored. See also [1]. This commit applies the
same fix as found in CnetOS 7 httpd package to enable automatic ECDH as
found in [2].

[1] https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
[2] https://git.centos.org/blob/rpms!httpd.git/c7/SOURCES!httpd-2.4.6-ssl-ecdh-auto.patch
 2018-03-01 09:57:35 +09:00
Koichiro IWAO
793a418cfb
common: log what value is set to tls_ciphers 
Related to #1033.
 2018-02-20 13:13:37 +09:00
Koichiro IWAO
3da4d72323
common: quit using ! as comment out symbol in config files 
It is not used anywhere in default config. Some config like
`tls_ciphers` might contain `!` like this:

    tls_ciphers=FIPS:!aNULL:!eNULL

Fixes #1033.
 2018-02-20 13:13:34 +09:00
daixj
31ef2552c4 log: revert permission 2018-02-13 16:44:37 +09:00
daixj
ea6bb62410 log: fix fd checking 2018-02-13 16:44:37 +09:00
daixj
551bb185c5 log: remove unused code and fix potential memory leak 2018-02-13 16:44:37 +09:00
Koichiro IWAO
577bd8214f common: add more capset constants 
defined at MS-RDPBCGR 2.2.1.13.1.1.1 [1] and sort

[1] https://msdn.microsoft.com/en-us/library/cc240486.aspx
 2017-12-01 11:20:42 +09:00
Koichiro IWAO
77a34e0a7b common: express capability set constants in hex 
as same as done in  MS-RDPBCGR 2.2.1.13.1.1.1 [1].

[1] https://msdn.microsoft.com/en-us/library/cc240486.aspx
 2017-12-01 11:20:42 +09:00
Koichiro IWAO
788ae1467a xrdp_sec: constify color depth value 2017-12-01 11:20:42 +09:00
Koichiro IWAO
d0c27a2904 common: suppress log when closing log files 
because if xrdp is running 'fork=yes' mode, the log message
'shutting down log subsystem...' is logged everytime when the child
process is exitting. In other words, everytime when clients are
disconnecting.  This is a little bit too vebose.
 2017-11-30 15:13:18 +09:00
Koichiro IWAO
3de3a4fab5 common: add more references to constants' origin 
classify constants into these 5 types

* constants for xrdp
* constants come from ITU-T Recommendations
* constants come from Remote Desktop Protocol
* constants come from other MS products
* unclassified yet
 2017-11-24 21:45:48 +09:00
Koichiro IWAO
799c230998 common: add references to constants' origin 2017-11-24 21:45:48 +09:00
Jay Sorg
a9eb21e6d7 common: avoid 100% cpu on ssl accept, can be fake client 2017-11-22 16:17:34 -08:00
Justin Terry (VM)
d7d14d7462 Implements the accept/close logic for vsock 2017-11-17 20:23:20 -08:00
Jay Sorg
bc48578a90 remove crc16.h from common/Makefile.am 2017-11-09 21:13:53 -08:00
Jay Sorg
54285d26dd remove empty crc16.h file 2017-11-09 21:13:53 -08:00
Jay Sorg
285465a1f5 common, return -1 for bad socket 2017-11-07 18:20:45 -08:00
Jay Sorg
c6c513b23c use g_memcpy, braces 2017-11-07 18:20:45 -08:00
Jay Sorg
26507644e3 vsock, move some defines 2017-11-07 18:20:45 -08:00
Justin Terry (VM)
50bd624cc4 Implements XRDP over vsock 
1. Implements the ability to use AV_VSOCK for the transport rather than TCP.
2. Updates the ini file to be able to conditionally turn this feature on.
 2017-11-07 18:20:45 -08:00
Koichiro IWAO
a6fd518a48 fix typo s/Roration/Rotation/ 2017-11-06 16:18:42 +09:00
Koichiro IWAO
2475893402 Constify extended mouse events 2017-11-06 16:18:42 +09:00
Koichiro IWAO
27aef96e81 Constify mouse event flags, use the MS name for constants 2017-11-06 16:18:42 +09:00
Koichiro IWAO
4a2818e183 Add some more Input Capability Set constants 2017-11-06 16:18:42 +09:00
Koichiro IWAO
2411a0be14 log: add log level TRACE 
TRACE means more verbose than DEBUG. syslog doesn't have more verbose
level than DEBUG, map TRACE to DEBUG for syslog.
 2017-10-13 15:09:33 +09:00
Koichiro IWAO
00bf62bd42 common: prevent raw use of snprintf 2017-10-03 21:55:08 +09:00
Koichiro IWAO
ced3a4817f xrdp: constify input event type 2017-10-02 09:39:48 +09:00
Koichiro IWAO
f9ab4df7f2 common: fix g_write_ip_address() didn't return correct IP address 
Fixes: #878.
 2017-09-26 10:54:08 +09:00
Jay Sorg
021a78f4c6 chansrv: sound, use WAVE_FORMAT_AAC not WAVE_FORMAT_AAC_MS 2017-08-04 17:24:57 -07:00
Jay Sorg
bf0d56c314 chansrv: sound, add aac 2017-08-04 17:24:57 -07:00
Koichiro IWAO
4d14f344fd fix indent, no logic change 2017-08-01 08:40:30 +09:00
Koichiro IWAO
04187945a8 move base64 functions to base64.c 2017-08-01 08:40:30 +09:00
Koichiro IWAO
eae5cdf1fd pass through except for the first '=' 
if "foo=ba=r" is found in ini files, it should be parsed like this.
      key : foo
    value : ba=r
 2017-08-01 08:40:30 +09:00
Koichiro IWAO
d57e02626d add base64_decode function 2017-08-01 08:40:30 +09:00
Koichiro IWAO
dbaf23e93b chansrv: constify wFormatTag 2017-07-25 11:40:04 +09:00
Ian Geiser
324a334315 append a / to ensure the full path is created even when the config variable lacks a trailing / 2017-07-19 10:35:37 +09:00
Koichiro IWAO
aa0721a90e common: fix more glitches in IPv4 initialization 2017-07-14 21:21:15 +09:00
Ian Geiser
4b87548b71 Use g_create_path instead of g_create_dir 
Rename g_mk_temp_dir to g_mk_socket_path
 2017-07-14 20:52:38 +09:00
Koichiro IWAO
8d5010a202 common: use log_message 2017-07-13 13:41:26 +09:00
Koichiro IWAO
8c74fcb80c common: fix a glitch with IPv4 struct initialization 
Pointed out by: andrecbarros
Closes: #803
 2017-07-10 11:58:10 +09:00
Koichiro IWAO
aa4b90d250 Change log level DEBUG -> WARNING 
since unavailability of ssl protocols defined in config file
may weaken security and it is important for users.
 2017-07-06 13:14:27 +09:00
Koichiro IWAO
455c341efc Reword log messages in ssl_get_protocols_from_string() 2017-07-06 13:14:27 +09:00
Jay Sorg
8d63c32899 move openssl calls to common/libssl.c, check for defines 2017-06-22 11:47:48 +09:00
Koichiro IWAO
088bd2d811 common: implement g_file_readable for WIN32 2017-06-12 16:57:04 +09:00
Koichiro IWAO
65c1fe87d7 Log user-friendly message when certificate/privkey is inaccessible 
We shouldn't assume that xrdp daemon is running under root privilege.
In many cases, root privilege is not really needed for xrdp daemon.
xrdp may fail to load certificate/privkey due to lack of permissions
when running under user privilege. Checking existence of files is not
enough and xrdp should output user-friendly log in such case.

Reported by Debian user in bug 856436 [1].

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856436
 2017-06-12 16:57:04 +09:00
Koichiro IWAO
0e7844ab02 Constify MCS connectionType 2017-06-06 10:04:48 +09:00
Koichiro IWAO
c7f8e360fd common: separate sockets macros into basename and fullpath 
since sometimes socket directory is obtained from environment variable.
 2017-05-16 10:41:06 +09:00
Jay Sorg
2c96908ea5 common: if SSL_shutdown fails, only call one more time 2017-05-10 14:56:20 -07:00
Jay Sorg
75fd3fcf89 common: ssl_tls_write / read return 0 on socket close 2017-05-10 14:56:20 -07:00
MichaelSweden
5c668dc420 Removed error message while falling back to IPv4 (issue #714) 2017-04-25 09:31:22 +09:00
MichaelSweden
106ae2cd43 Fix to handle OS disabled IPv6, issue #714. 
- Changes made only in the os_calls.c file.
- Exported functions changed: g_tcp_bind g_tcp_bind_address g_tcp_connect
- Support three network configurations:
  1) Normal network, with IPv6
  2) Partly disabled IPv6 via sysctl.conf
  3) Total disabled IPv6 via grub
 2017-04-25 09:31:22 +09:00
Pavel Roskin
148afd1170 Rename file_loc.h to xrdp_sockets.h, install it 
Include xrdp_sockets.h directly, not through headers.
 2017-03-28 00:59:16 -07:00
speidy
2f382d2a16 libxrdp: print connected client name to log 2017-03-21 22:02:29 -07:00
Pavel Roskin
95506a169f Log socket fd in g_sck_accept(), fix AF_UNIX logging 2017-03-21 21:59:50 -07:00
Pavel Roskin
43899b7e0c Allocate space for tls_ciphers dynamically 2017-03-21 10:39:40 -07:00
Pavel Roskin
58c9cb43e9 Make socket directory configurable, don't hardcode /tmp/.xrdp 
Use XRDP_SOCKET_PATH in file_loc.h

Don't define any non-socket paths in file_loc.h, they should come from
the makefiles.

Define all paths unconditionally, they should not be defined elsewhere.

Pass XRDP_SOCKET_PATH as environment variable to the backends.
 2017-03-17 22:25:05 -07:00
Pavel Roskin
6ed4c969f4 Eliminate APP_CC and DEFAULT_CC 2017-03-14 00:21:48 -07:00
Pavel Roskin
30a7a947b1 Don't include config_ac.h from any header files 2017-03-04 00:52:34 -08:00
Pavel Roskin
b2d3dcf169 Include config_ac.h from all source files 2017-03-04 00:52:34 -08:00
Koichiro IWAO
c126f81d9a add comment to keep xorgxrdp/x11rdp compatibility 2017-02-27 14:17:25 +09:00
Koichiro IWAO
e94ab10e14 TLS: new method to specify SSL/TLS version 
SSL/TLS protocols only listed in ssl_protocols should be used.
The name "ssl_protocols" comes from nginx.

Resolves #428.
 2017-02-27 14:17:25 +09:00
Jay Sorg
657f6f3756 common: use select for SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE tls errors 2017-02-25 20:52:27 -08:00
Jay Sorg
e0ac84aaa4 change some casts to long long 2017-02-22 20:39:56 -08:00
Jay Sorg
c5e9bc7851 common: print list items as pointers 2017-02-22 20:39:56 -08:00
Jay Sorg
7825246d7a fix warning new since stdint.h change 2017-02-22 20:39:56 -08:00
Pavel Roskin
f8d22ce673 aarch64 doesn't require pointers to be aligned 2017-02-13 21:00:22 -08:00
Pavel Roskin
dc1e341f5a Constify input arguments of ssl_mod_exp() and ssl_gen_key_xrdp1() 2017-02-02 21:39:10 -08:00
Pavel Roskin
6a3f0a75bd Remove support for OpenSSL older than 0.9.8 
It's hard to find an older version of OpenSSL even on long term support
distros.
 2017-02-02 21:39:10 -08:00
Jay Sorg
d7967ec897 minor arch.h change 2017-01-29 23:14:33 -08:00
Jay Sorg
3b84314a1a arch.h changes to include stdint.h 2017-01-29 23:14:33 -08:00
mirabilos
6257bae23f Add GNU/kFreeBSD support (#645) 
* GNU/kFreeBSD is a FreeBSD variant, for code purposes.

* GNU/kFreeBSD uses GNU/Linux-ish init scripts, however.
 2017-01-26 23:02:41 -02:00
Idan Freiberg
19375dda7a Merge pull request #426 from metalefty/log-tls-version-and-cipher 
TLS: log TLS version and cipher
 2017-01-16 07:26:51 +02:00
Idan Freiberg
a64e1789c5 Merge pull request #615 from speidy/channels_fixes 
Channels improvements
 2017-01-15 08:55:00 +02:00
Pavel Roskin
f1a521204a Remove redundant function declarations 2017-01-11 23:25:42 -08:00
Koichiro IWAO
c89c1318f8 obey coding standard, no logic change 2017-01-12 09:28:22 +09:00
speidy
94cdbdcee6 libxrdp: change channel_code into a meaningful name 2017-01-06 07:59:49 +02:00
Pavel Roskin
6664aac00f Use "void" for empty argument list in declarations 
In C, an empty argument list in a declaration means that the function
can accept any arguments. Use "void" instead, it means "no arguments".

C++ treats void and empty list as "no arguments".
 2017-01-05 17:27:20 -08:00
volth
26a26ef906 fix build with --enable-xrdpdebug=yes 2017-01-04 19:20:44 +00:00
volth
37b4a14b54 fix build with --enable-xrdpdebug=yes 2017-01-04 13:00:01 +00:00
metalefty
25e5243ecf Merge pull request #553 from jsorg71/libpainter 
add libpainter for drawing when client does not have minimum orders
 2016-12-20 17:00:48 +09:00
Jay Sorg
1f51586769 add libpainter for drawing when client does not have minimum orders 2016-12-15 21:17:50 -08:00
speidy
4697354044 xrdp_constants: move CAPSET constants to their place 2016-12-13 19:35:56 -05:00
speidy
917aadd2d1 libxrdp: more constants 2016-12-13 18:18:34 -05:00
speidy
3dc0f2860c Merge branch 'surface_cmds' of git://github.com/speidy/xrdp into surface_cmds 2016-12-13 15:08:37 -05:00
speidy
5e39bb1f87 libxrdp: caps, group caps require fastpath output, use FASTPATH_OUTPUT_SUPPORTED constant 2016-12-13 15:05:39 -05:00
Speidy
a0cf6030df Merge branch 'devel' of https://github.com/neutrinolabs/xrdp into surface_cmds 2016-12-12 15:51:39 -08:00
jsorg71
5966de4ee2 Merge pull request #536 from jsorg71/unicode 
add unicode support
 2016-12-11 17:15:34 -08:00
Jay Sorg
c264862afe change some magics to defines 2016-12-10 01:06:45 -08:00
Jay Sorg
2f8d3ba9da add unicode support 2016-12-10 00:11:28 -08:00
Pavel Roskin
d97155e2f6 Don't use colon to separate IPv6 address from the port 
IPv6 addresses can have colons in their names, so the final colon can be
confusing.
 2016-12-09 08:42:56 -08:00
speidy
8a0fec5e66 o send RFX tiles as stream (Stream Surface Bits Command) 
o silent frame ack logging
o support surface commands in capsets
o fix some wrong constants
 2016-12-08 20:12:00 -05:00
Jay Sorg
9a517b34f0 vnc: code cleanup 2016-12-04 15:39:10 -08:00
metalefty
943dec86ca Merge pull request #512 from speidy/devel 
xrdp_encoder: do not initialize for non-UNIX rdp clients
 2016-12-02 15:25:48 +09:00
Pavel Roskin
c6307aa2b0 Use pkg-config to discover OpenSSL 
All supported versions of OpenSSL have pkg-config files.
 2016-11-29 17:00:09 -08:00
Pavel Roskin
06f4f72e28 Add -ldl to libcommon link flags if it's needed for dlopen() 2016-11-29 16:25:37 -08:00
speidy
1fe048b63d xrdp_encoder: do not initialize for non-UNIX rdp clients 
xrdp_encoder: comment about temporary workaround
 2016-11-29 15:25:14 -05:00
Koichiro IWAO
849a8075c5 common: If IPv6 not supported, fall back to IPv4 
The system to run xrdp does not necessarily support IPv6 even though
it is compiled with IPv6.

Fixes #432.
 2016-11-22 16:40:54 +09:00
Koichiro IWAO
40e8194122 TLS: log TLS version and cipher 2016-11-22 10:50:30 +09:00
Itamar Reis Peixoto
7cc1dd2ba8 Merge pull request #460 from metalefty/ipv6/logs 
common: Fix client IP address logging when IPv6 is enabled
 2016-11-20 16:00:26 -02:00
Pavel Roskin
2dcc69b752 Use g_get_strerror() instead of strerror(errno) for portability 2016-11-08 14:08:51 -08:00
Pavel Roskin
1fe368c5b3 Install headers used by X11rdp and xorgxrdp 
Installing the headers makes it possible to compile xorgxrdp as a
separate package, without xrdp sources.
 2016-11-06 22:36:13 -08:00
Koichiro IWAO
dcf36b592b common: Address family it not always AF_INET6 
even if XRDP_ENABLE_IPV6 defined.
 2016-11-04 17:31:36 +09:00
Koichiro IWAO
b2118450f4 common: Fix client IP address logging when IPv6 is enabled 
g_tcp_accept() and g_sck_accept() should use sockadd_in6 when IPv6 is
enabled. The former code logs client IP address always "0.0.0.0" in such
case.

Fixes #412.
 2016-11-04 17:31:36 +09:00
Pavel Roskin
4324084d58 Use static inline functions for OpenSSL 1.0 backport 
Conditional preprocessor directives spread throughout the code set a bad
example.

The new backport code is located in one place. The compiler checks
argument types. The backport code has no access to the caller variables.
The main code has all advantages of the new, more compact API.
 2016-11-01 11:09:15 -07:00
Dominik George
e5cf45d1ac
Add backwards compatibility to OpenSSL < 1.1.0. 2016-10-27 22:40:48 +02:00
Dominik George
1b5fb8f1c8
Fix ssl_calls for OpenSSL 1.1.0, closes #458. 2016-10-27 21:56:22 +02:00
Pavel Roskin
6fef1e4eb5 Use const pointers in function arguments when possible 2016-10-17 08:54:07 -07:00