Every session uses its own VNC password, so keep then in separate files.
The old style password file uses the user's password encrypted with a
known key. Since we are not replacing it anymore, we should remove it.
- remove test on filename for xauth as we know what we send
- better names for variables in xauth
- if xauth fails, exit sesman
- g_bytes_to_hexstr returns a null-teminated string, don't set it twice.
The log file is created in the home directory, %s is replaced with the
display number (e.g. 10).
If Xorg is run setuid root, it can refuse to run if the log path is
absolute.
Include <fuse_lowlevel.h>, not <fuse/fuse_lowlevel.h>, the include path
should be set up for that.
Don't define _FILE_OFFSET_BITS in one file, FUSE_CFLAGS would enable it
for the whole xrdp-chansrv build if needed.
Include string.h for strcmp(). Don't define _XOPEN_SOURCE, it conflicts
with libc headers and hides putpwent(). Make input strings constant. Fix
functions to match their declarations.
strncat() will copy at most the specified number of characters and append
the null character on top of that. strlen() doesn't count the final null
character.
g_cfg->xorg_params, g_cfg->vnc_params and g_cfg->rdp_params don't have
auto_free enabled, so removing an item from one of those lists won't free
its contents.
It's better not to change those lists, as they represent the actual
config file and could be reused. Instead, omit the 0th parameter (the
executable path) from copying to xserver_params.
Found by Valgrind.
Call scp_session_destroy() in the functions that call
scp_session_create() and nowhere else.
As found by Valgrind, the session data is not freed if the session is
created successfully.
AM_CPPFLAGS is a documented Automake variable for C preprocessor flags
that should not be overridden when compiling the package.
There is no need to have two additional variables that are ultimately
merged into AM_CPPFLAGS.
Their names are also confusing. EXTDA_DIST is a documented Automake
variable. Everything else that starts with "EXTRA" is not.
because 1st argument to clipboard_get_file() is given as URL encoded.
Decoding only filename is incomplete.
Without this fix, clipboard file doesn't work in case pathname
contains non-ASCII characters or non-alphanumeric ASCII characters.
When xfuse_create_file_in_xrdp_fs is failed, it returns NULL.
Without this fix, xinode->size causes SEGV, so implementation is changed
to return -1 and check the return value in caller.
Using the same argument for binary and text data is not a good idea. If
string support is ever needed, it should be a separate function.
Remove SCP_ADDRESS_TYPE_IPV4_BIN and SCP_ADDRESS_TYPE_IPV6_BIN, use
SCP_ADDRESS_TYPE_IPV4 and SCP_ADDRESS_TYPE_IPV6, which simplifies the
code.
For xrdp-sesman, don't report that the daemon is listening to a port if
it fails to attach to that port. Don't use LOG_LEVEL_ALWAYS for startup
message, it's not a critical error.
sem_init() is not functional on Mac OS. Use the Grand Central Dispatch
implementation.
Make libscp_lock.c use semaphores through the thread_calls wrapper.
In RHEL and its clones, /usr/bin/Xorg is set suid-root. To execute
Xorg with user privileges, /etc/pam.d/xserver needs be edited [1],
or suid bit of Xorg binary needs to be dropped.
In order to keep Xorg and /etc/pam.d/xserver untouched, preparing
non-suid version of Xorg as /usr/bin/Xorg.non-suid for example is
the simplest solution. However, Xorg.non-suid cannot be executed
since it is hardcoded to execute Xorg in sesman.
This change makes more flexible to execute Xorg with non-standard
name or not in PATH environment variable.
[1] https://www.centos.org/forums/viewtopic.php?t=21185
Discovered in #321. The number of argument for pa_rtpoll_run have
been changed since 6.0.
>=6.0 : int pa_rtpoll_run(pa_rtpoll *f);
<6.0 : int pa_rtpoll_run(pa_rtpoll *f, bool wait);
Check pulseaudio version by PA_CHECK_VERSION macro introduced since
pulseaudio 0.9.16. In case PA_CHECK_VERSION is not defined,
pa_rtpoll_run takes 2 arguments.
tm_mon in `struct tm` uses 0 for January.
`struct session_data` and `struct SCP_DISCONNECTED_SESSION` don't specify
how dates are stored. But considering the code in sestest and sesadmin,
all date components are stored as displayed.
libdir is for shared and static libraries. Some xrdp libraries are loaded
dynamically from a non-standard directory, so they are used like modules.
Having separate libdir and moduledir would eventually allow to separate
dynamically loaded modules from shared libraries.
That can cause unexpected behavior, especially with third party tools.
The ignored files will be lost if the source tree is re-imported to
another git repository, unless special care is taken.
Whitelist all non-generated makefiles.
To whitelist instfiles/pam.d/xrdp-sesman, add path to all generated
executables listed in the top-level .gitignore, sort .gitignore
alphabetically.
Add mkinstalldir, it's used by Automake on some systems.
Strictly speaking, both existence and readability should be checked.
However, chances of ~/.profile being a directory or a FIFO are very small
compared to its chances of being non-readable due to some
misconfiguration.
Put "if" and "then" on the same line for consistency with other checks.
Improve comment and pseudocode formatting.
Notes about software design should not be shown as warnings to everybody
who compiles the code. Warnings should be about unexpected conditions
detected at the compile time.
Use AC_PATH_XTRA to search for X11 in configure.ac. In Makefiles, add
X_CFLAGS to AM_CFLAGS for the source compilation. Add X_LIBS to LDFLAGS.
Add X_PRE_LIBS and X_EXTRA_LIBS to LDADD.
With this patch, X Windows system is correctly detected on Mac OS X.
AM_CPPFLAGS is for flags passed to the preprocessor, such as defines and
includes. AM_CFLAGS is for flags affecting the compiler, such as debug
and optimization settings.
INCLUDES is an obsolete name. Users can pass INCLUDES and break
compilation. AM_CPPFLAGS is more explicit that the flags come from
Automake and should not be overridden.
Absolute symlinks break when the source is moved to another location. In
the best case, the symlink will be replaced with a copy, but that creates
code duplication. A user who got the packaged source may decide to change
one config.c without realizing that another config.c will get the same
changes.
Don't ignore config.c, it's a regular source file now, albeit very
short.
Testing done: compiled inside and outside build directory.
The session match logic had two versions - one for the
SESMAN_SESSION_TYPE_XRDP and SESMAN_SESSION_TYPE_XORG sessions and one
for every other type. The only difference was, that different display
sizes where ignored when searching for sessions to reconnect if the
policy does not have the SESMAN_CFG_SESS_POLICY_D flag set and the type
is SESMAN_SESSION_TYPE_XRDP or SESMAN_SESSION_TYPE_XORG.
The reason was that xvnc cannot resize and the others can do. This two
versions where not necessary because we set the
SESMAN_CFG_SESS_POLICY_D flag every time we have a xvnc session a few
lines above. So the two branches for the different types can be reduced
to one.
Signed-off-by: Jan Losinski <losinski@wh2.tu-dresden.de>