/* This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. xrdp: A Remote Desktop Protocol server. Copyright (C) Jay Sorg 2005 session manager linux only */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include "d3des.h" #include #include "arch.h" #include "parse.h" #include "os_calls.h" #define SERVICE "xrdp" int g_sck; int g_pid; struct session_item { char name[256]; int pid; // pid of sesman waiting for wm to end int display; int width; int height; int bpp; }; static unsigned char s_fixedkey[8] = {23, 82, 107, 6, 35, 78, 88, 7}; struct session_item session_items[100]; /*****************************************************************************/ int tcp_force_recv(int sck, char* data, int len) { int rcvd; while (len > 0) { rcvd = g_tcp_recv(sck, data, len, 0); if (rcvd == -1) { if (g_tcp_last_error_would_block(sck)) { g_sleep(1); } else { return 1; } } else if (rcvd == 0) { return 1; } else { data += rcvd; len -= rcvd; } } return 0; } /*****************************************************************************/ int tcp_force_send(int sck, char* data, int len) { int sent; while (len > 0) { sent = g_tcp_send(sck, data, len, 0); if (sent == -1) { if (g_tcp_last_error_would_block(sck)) { g_sleep(1); } else { return 1; } } else if (sent == 0) { return 1; } else { data += sent; len -= sent; } } return 0; } /******************************************************************************/ struct session_item* find_session_item(char* name, int width, int height, int bpp) { int i; for (i = 0; i < 100; i++) { if (g_strcmp(name, session_items[i].name) == 0 && session_items[i].width == width && session_items[i].height == height && session_items[i].bpp == bpp) { return session_items + i; } } return 0; } /******************************************************************************/ struct session_item* find_session_item_by_name(char* name) { int i; for (i = 0; i < 100; i++) { if (g_strcmp(name, session_items[i].name) == 0) { return session_items + i; } } return 0; } /******************************************************************************/ struct session_item* find_session_item_by_display(int display) { int i; for (i = 0; i < 100; i++) { if (session_items[i].display == display) { return session_items + i; } } return 0; } /******************************************************************************/ int x_server_running(int display) { char text[256]; g_sprintf(text, "/tmp/.X11-unix/X%d", display); return access(text, F_OK) == 0; } /******************************************************************************/ /* returns boolean */ int auth_pam_userpass(const char* user, const char* pass) { pam_handle_t* pamh; pam_userpass_t userpass; struct pam_conv conv = {pam_userpass_conv, &userpass}; const void* template1; int status; userpass.user = user; userpass.pass = pass; if (pam_start(SERVICE, user, &conv, &pamh) != PAM_SUCCESS) { return 0; } status = pam_authenticate(pamh, 0); if (status != PAM_SUCCESS) { pam_end(pamh, status); return 0; } status = pam_acct_mgmt(pamh, 0); if (status != PAM_SUCCESS) { pam_end(pamh, status); return 0; } status = pam_get_item(pamh, PAM_USER, &template1); if (status != PAM_SUCCESS) { pam_end(pamh, status); return 0; } if (pam_end(pamh, PAM_SUCCESS) != PAM_SUCCESS) { return 0; } return 1; } /******************************************************************************/ void cterm(int s) { int i; int pid; int wstat; pid = waitpid(0, &wstat, WNOHANG); if (pid > 0) { for (i = 0; i < 100; i++) { if (session_items[i].pid == pid) { g_memset(session_items + i, 0, sizeof(struct session_item)); } } } } /******************************************************************************/ /* ge the next available X display */ int get_next_display(void) { int i; for (i = 10; i < 100; i++) { if (!x_server_running(i)) { return i; } } return -1; } /******************************************************************************/ int check_password_file(char* filename, char* password) { char encryptedPasswd[16]; int fd; g_memset(encryptedPasswd, 0, 16); g_strncpy(encryptedPasswd, password, 8); rfbDesKey(s_fixedkey, 0); rfbDes(encryptedPasswd, encryptedPasswd); fd = g_file_open(filename); if (fd == 0) { return 1; } g_file_write(fd, encryptedPasswd, 8); g_file_close(fd); chmod(filename, S_IRUSR | S_IWUSR); return 0; } /******************************************************************************/ int start_session(int width, int height, int bpp, char* username, char* password) { int display; int pid; int uid; int wmpid; int xpid; int error; struct passwd* pwd_1; char text[256]; char passwd_file[256]; char geometry[32]; char depth[32]; char screen[32]; char cur_dir[256]; getcwd(cur_dir, 255); display = 10; while (x_server_running(display) && display < 50) { display++; } if (display >= 50) { return 0; } wmpid = 0; pid = fork(); if (pid == -1) { } else if (pid == 0) // child { pwd_1 = getpwnam(username); if (pwd_1 != 0) { /* set uid and groups */ error = initgroups(pwd_1->pw_name, pwd_1->pw_gid); if (error == 0) { error = setgid(pwd_1->pw_gid); } if (error == 0) { uid = pwd_1->pw_uid; error = setuid(uid); } if (error == 0) { clearenv(); setenv("SHELL", pwd_1->pw_shell, 1); setenv("PATH", "/bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin", 1); setenv("USER", username, 1); g_sprintf(text, "%d", uid); setenv("UID", text, 1); setenv("HOME", pwd_1->pw_dir, 1); chdir(pwd_1->pw_dir); g_sprintf(text, ":%d.0", display); setenv("DISPLAY", text, 1); g_sprintf(geometry, "%dx%d", width, height); g_sprintf(depth, "%d", bpp); g_sprintf(screen, ":%d", display); mkdir(".vnc", S_IRWXU); g_sprintf(passwd_file, "%s/.vnc/sesman_passwd", pwd_1->pw_dir); check_password_file(passwd_file, password); wmpid = fork(); if (wmpid == -1) { } else if (wmpid == 0) // child { // give X a bit to start g_sleep(500); if (x_server_running(display)) { g_sprintf(text, "%s/startwm.sh", cur_dir); execlp(text, "startwm.sh", NULL); // should not get here } g_printf("error\n"); _exit(0); } else // parent { xpid = fork(); if (xpid == -1) { } else if (xpid == 0) // child { execlp("Xvnc", "Xvnc", screen, "-geometry", geometry, "-depth", depth, "-bs", "-rfbauth", passwd_file, NULL); // should not get here g_printf("error\n"); _exit(0); } else // parent { waitpid(wmpid, 0, 0); kill(xpid, SIGTERM); kill(wmpid, SIGTERM); _exit(0); } } } } } else // parent { signal(SIGCHLD, cterm); session_items[display].pid = pid; g_strcpy(session_items[display].name, username); session_items[display].display = display; session_items[display].width = width; session_items[display].height = height; session_items[display].bpp = bpp; g_sleep(5000); } return display; } /******************************************************************************/ void sesman_shutdown(int sig) { if (getpid() != g_pid) { return; } g_printf("shutting down\n\r"); g_printf("signal %d pid %d\n\r", sig, getpid()); g_tcp_close(g_sck); } /******************************************************************************/ int main(int argc, char** argv) { int sck; int in_sck; int code; int i; int size; int version; int ok; int width; int height; int bpp; int display; int error; struct stream* in_s; struct stream* out_s; char* username; char* password; char user[256]; char pass[256]; struct session_item* s_item; signal(2, sesman_shutdown); signal(9, sesman_shutdown); signal(15, sesman_shutdown); g_memset(&session_items, 0, sizeof(session_items)); g_pid = getpid(); if (argc == 1) { g_printf("xrdp session manager v0.1\n"); g_printf("usage\n"); g_printf("sesman wait - wait for connection\n"); g_printf("sesman server username password width height bpp - \ start session\n"); } else if (argc == 2 && g_strcmp(argv[1], "wait") == 0) { make_stream(in_s); init_stream(in_s, 8192); make_stream(out_s); init_stream(out_s, 8192); g_printf("listening\n"); g_sck = g_tcp_socket(); g_tcp_set_non_blocking(g_sck); error = g_tcp_bind(g_sck, "3350"); if (error == 0) { error = g_tcp_listen(g_sck); if (error == 0) { in_sck = g_tcp_accept(g_sck); while (in_sck == -1 && g_tcp_last_error_would_block(g_sck)) { g_sleep(1000); in_sck = g_tcp_accept(g_sck); } while (in_sck > 0) { init_stream(in_s, 8192); if (tcp_force_recv(in_sck, in_s->data, 8) == 0) { in_uint32_be(in_s, version); in_uint32_be(in_s, size); init_stream(in_s, 8192); if (tcp_force_recv(in_sck, in_s->data, size - 8) == 0) { if (version == 0) { in_uint16_be(in_s, code); if (code == 0) // check username - password, start session { in_uint16_be(in_s, i); in_uint8a(in_s, user, i); user[i] = 0; //g_printf("%s\n", user); in_uint16_be(in_s, i); in_uint8a(in_s, pass, i); pass[i] = 0; //g_printf("%s\n", pass); in_uint16_be(in_s, width); in_uint16_be(in_s, height); in_uint16_be(in_s, bpp); //g_printf("%d %d %d\n", width, height, bpp); ok = auth_pam_userpass(user, pass); display = 0; if (ok) { s_item = find_session_item(user, width, height, bpp); if (s_item != 0) { display = s_item->display; } else { display = start_session(width, height, bpp, user, pass); } if (display == 0) { ok = 0; } } init_stream(out_s, 8192); out_uint32_be(out_s, 0); // version out_uint32_be(out_s, 14); // size out_uint16_be(out_s, 3); // cmd out_uint16_be(out_s, ok); // data out_uint16_be(out_s, display); // data s_mark_end(out_s); tcp_force_send(in_sck, out_s->data, out_s->end - out_s->data); } } } } g_tcp_close(in_sck); in_sck = g_tcp_accept(g_sck); while (in_sck == -1 && g_tcp_last_error_would_block(g_sck)) { g_sleep(1000); in_sck = g_tcp_accept(g_sck); } } } else { g_printf("listen error\n"); } } else { g_printf("bind error\n"); } g_tcp_close(g_sck); free_stream(in_s); free_stream(out_s); } else if (argc == 7) { username = argv[2]; password = argv[3]; width = atoi(argv[4]); height = atoi(argv[5]); bpp = atoi(argv[6]); make_stream(in_s); init_stream(in_s, 8192); make_stream(out_s); init_stream(out_s, 8192); sck = g_tcp_socket(); if (g_tcp_connect(sck, argv[1], "3350") == 0) { s_push_layer(out_s, channel_hdr, 8); out_uint16_be(out_s, 0); // code i = g_strlen(username); out_uint16_be(out_s, i); out_uint8a(out_s, username, i); i = g_strlen(password); out_uint16_be(out_s, i); out_uint8a(out_s, password, i); //g_printf("%d\n", width); out_uint16_be(out_s, width); out_uint16_be(out_s, height); out_uint16_be(out_s, bpp); s_mark_end(out_s); s_pop_layer(out_s, channel_hdr); out_uint32_be(out_s, 0); // version out_uint32_be(out_s, out_s->end - out_s->data); // size tcp_force_send(sck, out_s->data, out_s->end - out_s->data); if (tcp_force_recv(sck, in_s->data, 8) == 0) { in_uint32_be(in_s, version); in_uint32_be(in_s, size); init_stream(in_s, 8192); if (tcp_force_recv(sck, in_s->data, size - 8) == 0) { if (version == 0) { in_uint16_be(in_s, code); if (code == 3) { in_uint16_be(in_s, ok); in_uint16_be(in_s, display); g_printf("ok %d display %d\n", ok, display); } } } } } else { g_printf("connect error\n"); } g_tcp_close(sck); free_stream(in_s); free_stream(out_s); } return 0; }