metalefty
80d349cbd6
Merge pull request #1193 from metalefty/TLSv1.3
...
TLSv1.3
2018-09-14 16:18:33 +09:00
Koichiro IWAO
171f8e79ed
xrdp: deprecate TLSv1 and TLSv1.1
...
Most websites disabled TLSv1 (1.0) and TLSv1.1 since March 2018
[1][2][3]. It is HTTPS context but there's few differences between HTTPS
and other TLS connections. Users can whenever re-enable these deprecated
TLS versions by editing xrdp.ini but not enabled by default.
[1] https://www.globalsign.com/en/blog/disable-tls-10-and-all-ssl-versions/
[2] https://www.thesslstore.com/blog/deprecation-tls-1-0-1-1-underway/
[3] https://www.digicert.com/blog/depreciating-tls-1-0-and-1-1/
2018-09-14 11:50:55 +09:00
Koichiro IWAO
1ad8cbb2a0
Document TLSv1.3 support
2018-09-14 11:50:55 +09:00
Koichiro IWAO
74497752dc
Add TLSv1.3 support
...
Actually, TLSv1.3 will be enabled without this change if xrdp is compiled
with OpenSSL or alternatives which support TLSv1.3. This commit makes to
enable or disable TLSv1.3 explicitly. Also, this commit adds a log
"TLSv1.3 enabled by config, but not supported by system OpenSSL". if
xrdp installation doesn't support TLSv1.3. It should be user-friendly.
2018-09-14 11:50:55 +09:00
metalefty
98e8cec83d
Merge pull request #1206 from metalefty/xrdp-dis
...
show more helpful message if xrdp-dis failed
2018-09-12 15:51:07 +09:00
Koichiro IWAO
2a85a65d08
show more helpful message if xrdp-dis failed
2018-09-11 11:58:44 +09:00
jsane
fadbd20baf
xrdp: Use configured values instead of hardcoded ones in login_wnd inputs.
...
Configured ls_label_width and ls_input_width currently only apply to the combo l
abel and dropdown. Other labels and inputs (username, password, port, ...) use hardcoded defaults.
Also had to change the default label width; for the previous value of 60, "username" ends up just a few pixels too wide.
2018-09-07 14:50:45 +02:00
metalefty
5f30ca2f87
Merge pull request #1198 from metalefty/pulse-socket-env
...
sesman: pass pulse socket name via environment variable
2018-09-04 16:20:09 +09:00
Koichiro IWAO
d6992cf62d
sesman: add XRDP_ prefix to xrdp related environment variable
...
and remove CHANSRV, use the shorter name
2018-09-04 16:01:40 +09:00
Koichiro IWAO
59f3a79fe4
sesman: pass pulse socket name via environment variable
2018-09-04 16:01:40 +09:00
Jay Sorg
e189be9d2e
.gitignore, change configure_params.h to xrdp_configure_options.h
2018-08-13 22:33:45 -07:00
metalefty
1e08bd041c
Merge pull request #1186 from speidy/pulse-remove
...
chansrv: remove pulseaudio modules from xrdp source tree
2018-08-11 21:54:31 +09:00
Idan Freiberg
5d2c5b1410
chansrv: remove pulseaudio modules from xrdp source tree
...
its actually an independent code which is not part of xrdp
moved to its own repoistory: https://github.com/neutrinolabs/pulseaudio-modules
Signed-off-by: Idan Freiberg <speidy@gmail.com>
2018-08-03 06:12:53 +03:00
Koichiro IWAO
ff85cb4530
Merge branch 'wfix-pulsechansrv-makefile' into devel
2018-08-03 10:05:46 +09:00
Brandon Wooldridge
8427c3601b
Corrected spacing between arguments to cc
for Pulseaudio chanserv Makefile
2018-08-02 15:24:46 -07:00
metalefty
b8c7aadcb6
Merge pull request #1168 from metalefty/fix-xrdp-log-path-in-man
...
docs: fix xrdp's LogFile path in man
2018-07-20 09:15:39 +09:00
metalefty
5b77d2dc7f
Merge pull request #1140 from matt335672/chansrv-atexit
...
Add atexit() handler to unmount the filesystem on fatal X error
2018-07-20 09:15:18 +09:00
matt335672
c467ba6b04
Add handler for fatal X server conditions
...
Unless X server failures are caught, these can cause a premature
exit of chansrv, giving it no chance to clean up. This is currently a
particular problem for fuser mounts.
2018-07-19 08:16:29 +01:00
Koichiro IWAO
5d9ff0f544
docs: fix xrdp's LogFile path in man
2018-07-12 18:04:32 +09:00
metalefty
a9e2dcc99f
Merge pull request #1160 from metalefty/prepare-release
...
Prepare release
2018-06-29 16:58:51 +09:00
Koichiro IWAO
52fd17af0f
Update v0.9.7 release date
2018-06-29 00:37:06 +09:00
Koichiro IWAO
2d3170c007
Bump version to v0.9.7
2018-06-29 00:04:25 +09:00
Koichiro IWAO
860d01cf16
Update NEWS for v0.9.7
2018-06-29 00:04:14 +09:00
metalefty
cb06a28180
Merge pull request #1156 from metalefty/configure_echo
...
xrdp: print configure options to --version more pretty
2018-06-27 15:27:11 +09:00
Koichiro IWAO
c0c7c3f106
xrdp: unify inconsistent mixed use of
...
* configure params
* configure options
* configure string
2018-06-27 09:00:55 +09:00
Koichiro IWAO
be05afb30b
xrdp: print configure options to --version more pretty
2018-06-27 09:00:52 +09:00
metalefty
e7c0b11336
Merge pull request #1153 from metalefty/rc-script
...
FreeBSD: separate rc script into xrdp and xrdp-sesman
2018-06-21 09:24:54 +09:00
metalefty
dbee05d9ed
Merge pull request #1147 from metalefty/defaultwm-fullpath
...
Accept full path for DefaultWindowManager
2018-06-19 13:06:04 +09:00
Koichiro IWAO
eda1842825
sesman: add comments, no logic change
2018-06-19 12:57:30 +09:00
Koichiro IWAO
6e16b38ecc
sesman: fix potential buffer over flow
2018-06-16 16:44:37 +09:00
Koichiro IWAO
9192e95c96
sesman: fix logging after default_wm change
2018-06-16 16:44:37 +09:00
Koichiro IWAO
6fb18cd5fa
docs: document configurable reconnect script path
2018-06-16 16:44:37 +09:00
Koichiro IWAO
a39b413746
sesman: make the path of reconnect script configurable
2018-06-16 16:44:37 +09:00
Koichiro IWAO
e82f212f34
sesman: accept full path for DefaultWindowManager
...
Solves: #1143
Also, this idea is inspired by Fedora's patch [1]. Some distro wants to
put all scripts in libexec directory due to SELinux. This enables
distros to put such scripts anywhere.
[1] https://src.fedoraproject.org/cgit/rpms/xrdp.git/tree/xrdp-0.9.6-scripts-libexec.patch?id=02f845c1b8cea781313cf3e9efcd6d7d50341824
2018-06-16 16:44:37 +09:00
Idan Freiberg
036c292120
Merge pull request #1146 from metalefty/sesman-leak
...
sesman: fix leak in struct config_sesman
2018-06-14 12:43:02 +03:00
metalefty
f83d967f46
Merge pull request #1120 from matt335672/set-env-on-reconnect
...
Copy the PAM session environment for the reconnect script
2018-06-14 11:04:43 +09:00
Koichiro IWAO
037d4eeece
sesman: fix leak in struct config_sesman
2018-06-13 17:20:03 +09:00
metalefty
91c5ee4475
Merge pull request #1142 from metalefty/dont-spit-on-the-console-sesman
...
Dont spit on the console (sesman)
2018-06-11 11:56:40 +09:00
Koichiro IWAO
2262f1361f
sesman: close stdout/stderr earlier
...
not to spit on the console
2018-06-05 00:19:36 +09:00
Koichiro IWAO
6ae3052a0f
sesman: don't spit on the console when starting
...
As the Debian patch[1] expresses, spitting messages on the console when
a process starts in background is a bad idea. Everything should be
written to log file and daemon should start silently. This is a first
step to shut up daemons.
Got some idea from Debian Remote Maintainers and Thorsten Glaser,
thanks!
[1] 2751ad4d62/debian/patches/shutup-daemon.diff
2018-06-05 00:19:36 +09:00
Koichiro IWAO
19fa26a27e
sesman: don't print config in reader function
...
reader function should just read. Add config_dump function to print read
config.
2018-06-05 00:19:35 +09:00
Koichiro IWAO
de33a7832e
sesman: s/XOrg/Xorg/g, no logic change
...
X.Org is usually spelled X.Org or Xorg.
2018-06-05 00:19:35 +09:00
Koichiro IWAO
e4857b13fa
sesman: config_read_logging function no longer exists
2018-06-05 00:19:33 +09:00
matt335672
cde5b09129
Copy the PAM session environment for the reconnect script
...
This provides access to variables set at login which may be
required by the script (e.g. KRB5CCNAME)
2018-05-31 10:54:38 +01:00
Koichiro IWAO
72b5088449
FreeBSD: separate rc script into xrdp and xrdp-sesman
...
to improve fscd(8)[1] compatibility. fscd(8) monitors daemons and
restarts after daemons crashed. We usually want to start, stop, and
restart xrdp and xrdp-sesman separately because restarting xrdp-sesman
means losing existing sessions. This change will enable fscd(8) not to
restart xrdp-sesman together when only xrdp daemon crashes.
Now rc.d/xrdp mainly has following commands:
* start - starts xrdp
* stop - stops xrdp
* restart - stops xrdp, then starts it again
* allstart - starts both xrdp and xrdp-sesman
* allstop - stops both
* allrestart - stops both, then start them again
* status - returns status of xrdp
rc.d/xrdp-sesman doesn't have all- prefixed commands.
[1] https://www.freshports.org/sysutils/fsc/
2018-05-30 01:27:23 +09:00
jsorg71
57015aa088
Merge pull request #1132 from daixj-shterm/devel
...
fix issue #1112 : set SSL object's read_ahead flag to be 0
2018-05-27 01:09:14 -07:00
Jay Sorg
f6d3fd46b6
don't remove configure_params.h on make clean, only make distclean
2018-05-27 01:05:08 -07:00
Jay Sorg
04a5a0582e
distclean remove configure_params.h
2018-05-25 22:17:31 -07:00
Jay Sorg
349616a35d
add ipv6only to configure echo and add configure parameter to xrdp -h output
2018-05-25 22:17:31 -07:00
daixj
88b3c06311
fix issue #1112 : set SSL object's read_ahead flag to be 0
2018-05-21 11:08:41 +08:00