uLab
/
xrdp-proprietary
mirror of https://mirror.git.trinitydesktop.org/gitea/uLab/xrdp-proprietary
0
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'devel'

Browse Source
master
Jay Sorg 10 years ago
parent 32f172853f 2d514e666a
commit 1d3329b49b
15 changed files with 495 additions and 348 deletions
Show Stats Download Patch File Download Diff File

3
common/Makefile.am
Unescape View File

@ -39,8 +39,7 @@ libcommon_la_SOURCES = \
os_calls.c \
ssl_calls.c \
thread_calls.c \
trans.c \
xrdp_tls.c
trans.c
libcommon_la_LIBADD = \
-lcrypto \

270
common/ssl_calls.c
Unescape View File

@ -2,6 +2,7 @@
* xrdp: A Remote Desktop Protocol server.
*
* Copyright (C) Jay Sorg 2004-2014
* Copyright (C) Idan Freiberg 2013-2014
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -31,6 +32,7 @@
#include "os_calls.h"
#include "arch.h"
#include "ssl_calls.h"
#include "trans.h"
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800f)
#undef OLD_RSA_GEN1
@ -524,3 +526,271 @@ ssl_gen_key_xrdp1(int key_size_in_bits, char *exp, int exp_len,
return error;
}
#endif
/*****************************************************************************/
struct ssl_tls *
APP_CC
ssl_tls_create(struct trans *trans, const char *key, const char *cert)
{
struct ssl_tls *self;
int pid;
char buf[1024];
self = (struct ssl_tls *) g_malloc(sizeof(struct ssl_tls), 1);
if (self != NULL)
{
self->trans = trans;
self->cert = (char *) cert;
self->key = (char *) key;
pid = g_getpid();
g_snprintf(buf, 1024, "xrdp_%8.8x_tls_rwo", pid);
self->rwo = g_create_wait_obj(buf);
}
return self;
}
/*****************************************************************************/
int APP_CC
ssl_tls_print_error(char *func, SSL *connection, int value)
{
switch (SSL_get_error(connection, value))
{
case SSL_ERROR_ZERO_RETURN:
g_writeln("ssl_tls_print_error: %s: Server closed TLS connection",
func);
return 1;
case SSL_ERROR_WANT_READ:
g_writeln("ssl_tls_print_error: SSL_ERROR_WANT_READ");
return 0;
case SSL_ERROR_WANT_WRITE:
g_writeln("ssl_tls_print_error: SSL_ERROR_WANT_WRITE");
return 0;
case SSL_ERROR_SYSCALL:
g_writeln("ssl_tls_print_error: %s: I/O error", func);
return 1;
case SSL_ERROR_SSL:
g_writeln("ssl_tls_print_error: %s: Failure in SSL library (protocol error?)",
func);
return 1;
default:
g_writeln("ssl_tls_print_error: %s: Unknown error", func);
return 1;
}
}
/*****************************************************************************/
int APP_CC
ssl_tls_accept(struct ssl_tls *self)
{
int connection_status;
long options = 0;
/**
* SSL_OP_NO_SSLv2:
*
* We only want SSLv3 and TLSv1, so disable SSLv2.
* SSLv3 is used by, eg. Microsoft RDC for Mac OS X.
*/
options |= SSL_OP_NO_SSLv2;
#if defined(SSL_OP_NO_COMPRESSION)
/**
* SSL_OP_NO_COMPRESSION:
*
* The Microsoft RDP server does not advertise support
* for TLS compression, but alternative servers may support it.
* This was observed between early versions of the FreeRDP server
* and the FreeRDP client, and caused major performance issues,
* which is why we're disabling it.
*/
options |= SSL_OP_NO_COMPRESSION;
#endif
/**
* SSL_OP_TLS_BLOCK_PADDING_BUG:
*
* The Microsoft RDP server does *not* support TLS padding.
* It absolutely needs to be disabled otherwise it won't work.
*/
options |= SSL_OP_TLS_BLOCK_PADDING_BUG;
/**
* SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS:
*
* Just like TLS padding, the Microsoft RDP server does not
* support empty fragments. This needs to be disabled.
*/
options |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
self->ctx = SSL_CTX_new(SSLv23_server_method());
/* set context options */
SSL_CTX_set_mode(self->ctx,
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_options(self->ctx, options);
SSL_CTX_set_read_ahead(self->ctx, 1);
if (self->ctx == NULL)
{
g_writeln("ssl_tls_accept: SSL_CTX_new failed");
return 1;
}
if (SSL_CTX_use_RSAPrivateKey_file(self->ctx, self->key, SSL_FILETYPE_PEM)
<= 0)
{
g_writeln("ssl_tls_accept: SSL_CTX_use_RSAPrivateKey_file failed");
return 1;
}
self->ssl = SSL_new(self->ctx);
if (self->ssl == NULL)
{
g_writeln("ssl_tls_accept: SSL_new failed");
return 1;
}
if (SSL_use_certificate_file(self->ssl, self->cert, SSL_FILETYPE_PEM) <= 0)
{
g_writeln("ssl_tls_accept: SSL_use_certificate_file failed");
return 1;
}
if (SSL_set_fd(self->ssl, self->trans->sck) < 1)
{
g_writeln("ssl_tls_accept: SSL_set_fd failed");
return 1;
}
connection_status = SSL_accept(self->ssl);
if (connection_status <= 0)
{
if (ssl_tls_print_error("SSL_accept", self->ssl, connection_status))
{
return 1;
}
}
g_writeln("ssl_tls_accept: TLS connection accepted");
return 0;
}
/*****************************************************************************/
int APP_CC
ssl_tls_disconnect(struct ssl_tls *self)
{
int status = SSL_shutdown(self->ssl);
while (status != 1)
{
status = SSL_shutdown(self->ssl);
if (status <= 0)
{
if (ssl_tls_print_error("SSL_shutdown", self->ssl, status))
{
return 1;
}
}
}
return 0;
}
/*****************************************************************************/
void APP_CC
ssl_tls_delete(struct ssl_tls *self)
{
if (self != NULL)
{
if (self->ssl)
SSL_free(self->ssl);
if (self->ctx)
SSL_CTX_free(self->ctx);
g_delete_wait_obj(self->rwo);
g_free(self);
}
}
/*****************************************************************************/
int APP_CC
ssl_tls_read(struct ssl_tls *tls, char *data, int length)
{
int status;
status = SSL_read(tls->ssl, data, length);
switch (SSL_get_error(tls->ssl, status))
{
case SSL_ERROR_NONE:
break;
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
status = 0;
break;
default:
ssl_tls_print_error("SSL_read", tls->ssl, status);
status = -1;
break;
}
if (SSL_pending(tls->ssl) > 0)
{
g_set_wait_obj(tls->rwo);
}
return status;
}
/*****************************************************************************/
int APP_CC
ssl_tls_write(struct ssl_tls *tls, const char *data, int length)
{
int status;
status = SSL_write(tls->ssl, data, length);
switch (SSL_get_error(tls->ssl, status))
{
case SSL_ERROR_NONE:
break;
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
status = 0;
break;
default:
ssl_tls_print_error("SSL_write", tls->ssl, status);
status = -1;
break;
}
return status;
}
/*****************************************************************************/
/* returns boolean */
int APP_CC
ssl_tls_can_recv(struct ssl_tls *tls, int sck, int millis)
{
if (SSL_pending(tls->ssl) > 0)
{
return 1;
}
g_reset_wait_obj(tls->rwo);
return g_tcp_can_recv(sck, millis);
}

28
common/ssl_calls.h
Unescape View File

@ -2,6 +2,7 @@
* xrdp: A Remote Desktop Protocol server.
*
* Copyright (C) Jay Sorg 2004-2014
* Copyright (C) Idan Freiberg 2013-2014
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -80,4 +81,31 @@ int APP_CC
ssl_gen_key_xrdp1(int key_size_in_bits, char* exp, int exp_len,
char* mod, int mod_len, char* pri, int pri_len);
/* ssl_tls */
struct ssl_tls
{
void *ssl; /* SSL * */
void *ctx; /* SSL_CTX * */
char *cert;
char *key;
struct trans *trans;
tintptr rwo; /* wait obj */
};
/* xrdp_tls.c */
struct ssl_tls *APP_CC
ssl_tls_create(struct trans *trans, const char *key, const char *cert);
int APP_CC
ssl_tls_accept(struct ssl_tls *self);
int APP_CC
ssl_tls_disconnect(struct ssl_tls *self);
void APP_CC
ssl_tls_delete(struct ssl_tls *self);
int APP_CC
ssl_tls_read(struct ssl_tls *tls, char *data, int length);
int APP_CC
ssl_tls_write(struct ssl_tls *tls, const char *data, int length);
int APP_CC
ssl_tls_can_recv(struct ssl_tls *tls, int sck, int millis);
#endif

60
common/trans.c
Unescape View File

@ -22,6 +22,7 @@
#include "trans.h"
#include "arch.h"
#include "parse.h"
#include "ssl_calls.h"
/*****************************************************************************/
int APP_CC
@ -31,7 +32,7 @@ trans_tls_recv(struct trans *self, void *ptr, int len)
{
return 1;
}
return xrdp_tls_read(self->tls, ptr, len);
return ssl_tls_read(self->tls, ptr, len);
}
/*****************************************************************************/
@ -42,7 +43,18 @@ trans_tls_send(struct trans *self, const void *data, int len)
{
return 1;
}
return xrdp_tls_write(self->tls, data, len);
return ssl_tls_write(self->tls, data, len);
}
/*****************************************************************************/
int APP_CC
trans_tls_can_recv(struct trans *self, int sck, int millis)
{
if (self->tls == NULL)
{
return 1;
}
return ssl_tls_can_recv(self->tls, sck, millis);
}
/*****************************************************************************/
@ -59,6 +71,13 @@ trans_tcp_send(struct trans *self, const void *data, int len)
return g_tcp_send(self->sck, data, len, 0);
}
/*****************************************************************************/
int APP_CC
trans_tcp_can_recv(struct trans *self, int sck, int millis)
{
return g_tcp_can_recv(sck, millis);
}
/*****************************************************************************/
struct trans *
APP_CC
@ -79,6 +98,7 @@ trans_create(int mode, int in_size, int out_size)
/* assign tcp calls by default */
self->trans_recv = trans_tcp_recv;
self->trans_send = trans_tcp_send;
self->trans_can_recv = trans_tcp_can_recv;
}
return self;
@ -111,7 +131,7 @@ trans_delete(struct trans *self)
if (self->tls != 0)
{
xrdp_tls_delete(self->tls);
ssl_tls_delete(self->tls);
}
g_free(self);
@ -133,6 +153,16 @@ trans_get_wait_objs(struct trans *self, tbus *objs, int *count)
objs[*count] = self->sck;
(*count)++;
if (self->tls != 0)
{
if (self->tls->rwo != 0)
{
objs[*count] = self->tls->rwo;
(*count)++;
}
}
return 0;
}
@ -141,19 +171,11 @@ int APP_CC
trans_get_wait_objs_rw(struct trans *self, tbus *robjs, int *rcount,
tbus *wobjs, int *wcount)
{
if (self == 0)
if (trans_get_wait_objs(self, robjs, rcount) != 0)
{
return 1;
}
if (self->status != TRANS_STATUS_UP)
{
return 1;
}
robjs[*rcount] = self->sck;
(*rcount)++;
if (self->wait_s != 0)
{
wobjs[*wcount] = self->sck;
@ -288,7 +310,7 @@ trans_check_wait_objs(struct trans *self)
}
else /* connected server or client (2 or 3) */
{
if (g_tcp_can_recv(self->sck, 0))
if (self->trans_can_recv(self, self->sck, 0))
{
read_so_far = (int) (self->in_s->end - self->in_s->data);
to_read = self->header_size - read_so_far;
@ -700,22 +722,23 @@ trans_get_out_s(struct trans *self, int size)
int APP_CC
trans_set_tls_mode(struct trans *self, const char *key, const char *cert)
{
self->tls = xrdp_tls_create(self, key, cert);
self->tls = ssl_tls_create(self, key, cert);
if (self->tls == NULL)
{
g_writeln("trans_set_tls_mode: xrdp_tls_create malloc error");
g_writeln("trans_set_tls_mode: ssl_tls_create malloc error");
return 1;
}
if (xrdp_tls_accept(self->tls) != 0)
if (ssl_tls_accept(self->tls) != 0)
{
g_writeln("trans_set_tls_mode: xrdp_tls_accept failed");
g_writeln("trans_set_tls_mode: ssl_tls_accept failed");
return 1;
}
/* assign tls functions */
self->trans_recv = trans_tls_recv;
self->trans_send = trans_tls_send;
self->trans_can_recv = trans_tls_can_recv;
return 0;
}
@ -726,12 +749,13 @@ trans_shutdown_tls_mode(struct trans *self)
{
if (self->tls != NULL)
{
return xrdp_tls_disconnect(self->tls);
return ssl_tls_disconnect(self->tls);
}
/* assign callback back to tcp cal */
self->trans_recv = trans_tcp_recv;
self->trans_send = trans_tcp_send;
self->trans_can_recv = trans_tcp_can_recv;
return 0;
}

32
common/trans.h
Unescape View File

@ -41,8 +41,9 @@ typedef int (DEFAULT_CC *ttrans_data_in)(struct trans* self);
typedef int (DEFAULT_CC *ttrans_conn_in)(struct trans* self,
struct trans* new_self);
typedef int (DEFAULT_CC *tis_term)(void);
typedef int (APP_CC *trans_recv) (struct trans *self, void *ptr, int len);
typedef int (APP_CC *trans_send) (struct trans *self, const void *data, int len);
typedef int (APP_CC *trans_recv_proc) (struct trans *self, void *ptr, int len);
typedef int (APP_CC *trans_send_proc) (struct trans *self, const void *data, int len);
typedef int (APP_CC *trans_can_recv_proc) (struct trans *self, int sck, int millis);
struct trans
{
@ -63,31 +64,12 @@ struct trans
char port[256];
int no_stream_init_on_data_in;
int extra_flags; /* user defined */
struct xrdp_tls *tls;
trans_recv trans_recv;
trans_send trans_send;
struct ssl_tls *tls;
trans_recv_proc trans_recv;
trans_send_proc trans_send;
trans_can_recv_proc trans_can_recv;
};
/* xrdp_tls */
struct xrdp_tls
{
void *ssl; /* SSL * */
void *ctx; /* SSL_CTX * */
char *cert;
char *key;
struct trans *trans;
};
/* xrdp_tls.c */
struct xrdp_tls *APP_CC
xrdp_tls_create(struct trans *trans, const char *key, const char *cert);
int APP_CC
xrdp_tls_accept(struct xrdp_tls *self);
int APP_CC
xrdp_tls_disconnect(struct xrdp_tls *self);
void APP_CC
xrdp_tls_delete(struct xrdp_tls *self);
struct trans* APP_CC
trans_create(int mode, int in_size, int out_size);
void APP_CC

269
common/xrdp_tls.c
Unescape View File

@ -1,269 +0,0 @@
/**
* xrdp: A Remote Desktop Protocol server.
*
* Copyright (C) Idan Freiberg 2013-2014
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* transport layer security
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/ssl.h>
#include "os_calls.h"
#include "trans.h"
#include "ssl_calls.h"
/*****************************************************************************/
struct xrdp_tls *
APP_CC
xrdp_tls_create(struct trans *trans, const char *key, const char *cert)
{
struct xrdp_tls *self;
self = (struct xrdp_tls *) g_malloc(sizeof(struct xrdp_tls), 1);
if (self != NULL)
{
self->trans = trans;
self->cert = (char *) cert;
self->key = (char *) key;
}
return self;
}
/*****************************************************************************/
int APP_CC
xrdp_tls_print_error(char *func, SSL *connection, int value)
{
switch (SSL_get_error(connection, value))
{
case SSL_ERROR_ZERO_RETURN:
g_writeln("xrdp_tls_print_error: %s: Server closed TLS connection",
func);
return 1;
case SSL_ERROR_WANT_READ:
g_writeln("xrdp_tls_print_error: SSL_ERROR_WANT_READ");
return 0;
case SSL_ERROR_WANT_WRITE:
g_writeln("xrdp_tls_print_error: SSL_ERROR_WANT_WRITE");
return 0;
case SSL_ERROR_SYSCALL:
g_writeln("xrdp_tls_print_error: %s: I/O error", func);
return 1;
case SSL_ERROR_SSL:
g_writeln("xrdp_tls_print_error: %s: Failure in SSL library (protocol error?)",
func);
return 1;
default:
g_writeln("xrdp_tls_print_error: %s: Unknown error", func);
return 1;
}
}
/*****************************************************************************/
int APP_CC
xrdp_tls_accept(struct xrdp_tls *self)
{
int connection_status;
long options = 0;
/**
* SSL_OP_NO_SSLv2:
*
* We only want SSLv3 and TLSv1, so disable SSLv2.
* SSLv3 is used by, eg. Microsoft RDC for Mac OS X.
*/
options |= SSL_OP_NO_SSLv2;
#if defined(SSL_OP_NO_COMPRESSION)
/**
* SSL_OP_NO_COMPRESSION:
*
* The Microsoft RDP server does not advertise support
* for TLS compression, but alternative servers may support it.
* This was observed between early versions of the FreeRDP server
* and the FreeRDP client, and caused major performance issues,
* which is why we're disabling it.
*/
options |= SSL_OP_NO_COMPRESSION;
#endif
/**
* SSL_OP_TLS_BLOCK_PADDING_BUG:
*
* The Microsoft RDP server does *not* support TLS padding.
* It absolutely needs to be disabled otherwise it won't work.
*/
options |= SSL_OP_TLS_BLOCK_PADDING_BUG;
/**
* SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS:
*
* Just like TLS padding, the Microsoft RDP server does not
* support empty fragments. This needs to be disabled.
*/
options |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
self->ctx = SSL_CTX_new(SSLv23_server_method());
/* set context options */
SSL_CTX_set_mode(self->ctx,
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_options(self->ctx, options);
SSL_CTX_set_read_ahead(self->ctx, 1);
if (self->ctx == NULL)
{
g_writeln("xrdp_tls_accept: SSL_CTX_new failed");
return 1;
}
if (SSL_CTX_use_RSAPrivateKey_file(self->ctx, self->key, SSL_FILETYPE_PEM)
<= 0)
{
g_writeln("xrdp_tls_accept: SSL_CTX_use_RSAPrivateKey_file failed");
return 1;
}
self->ssl = SSL_new(self->ctx);
if (self->ssl == NULL)
{
g_writeln("xrdp_tls_accept: SSL_new failed");
return 1;
}
if (SSL_use_certificate_file(self->ssl, self->cert, SSL_FILETYPE_PEM) <= 0)
{
g_writeln("xrdp_tls_accept: SSL_use_certificate_file failed");
return 1;
}
if (SSL_set_fd(self->ssl, self->trans->sck) < 1)
{
g_writeln("xrdp_tls_accept: SSL_set_fd failed");
return 1;
}
connection_status = SSL_accept(self->ssl);
if (connection_status <= 0)
{
if (xrdp_tls_print_error("SSL_accept", self->ssl, connection_status))
{
return 1;
}
}
g_writeln("xrdp_tls_accept: TLS connection accepted");
return 0;
}
/*****************************************************************************/
int APP_CC
xrdp_tls_disconnect(struct xrdp_tls *self)
{
int status = SSL_shutdown(self->ssl);
while (status != 1)
{
status = SSL_shutdown(self->ssl);
if (status <= 0)
{
if (xrdp_tls_print_error("SSL_shutdown", self->ssl, status))
{
return 1;
}
}
}
return 0;
}
/*****************************************************************************/
void APP_CC
xrdp_tls_delete(struct xrdp_tls *self)
{
if (self != NULL)
{
if (self->ssl)
SSL_free(self->ssl);
if (self->ctx)
SSL_CTX_free(self->ctx);
g_free(self);
}
}
/*****************************************************************************/
int APP_CC
xrdp_tls_read(struct xrdp_tls *tls, char *data, int length)
{
int status;
status = SSL_read(tls->ssl, data, length);
switch (SSL_get_error(tls->ssl, status))
{
case SSL_ERROR_NONE:
break;
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
status = 0;
break;
default:
xrdp_tls_print_error("SSL_read", tls->ssl, status);
status = -1;
break;
}
return status;
}
/*****************************************************************************/
int APP_CC
xrdp_tls_write(struct xrdp_tls *tls, char *data, int length)
{
int status;
status = SSL_write(tls->ssl, data, length);
switch (SSL_get_error(tls->ssl, status))
{
case SSL_ERROR_NONE:
break;
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
status = 0;
break;
default:
xrdp_tls_print_error("SSL_write", tls->ssl, status);
status = -1;
break;
}
return status;
}

13
configure.ac
Unescape View File

@ -32,6 +32,10 @@ AM_CONDITIONAL(SESMAN_NOPAM, [test x$enable_pam != xyes])
AC_ARG_ENABLE(kerberos, AS_HELP_STRING([--enable-kerberos],
[Build kerberos support (default: no)]),
[], [enable_kerberos=no])
AC_ARG_ENABLE(bsd, AS_HELP_STRING([--enable-bsd],
[Build BSD auth support (default: no)]),
[bsd=true], [bsd=false])
AM_CONDITIONAL(SESMAN_BSD, [test x$bsd = xtrue])
AM_CONDITIONAL(SESMAN_KERBEROS, [test x$enable_kerberos = xyes])
AC_ARG_ENABLE(pamuserpass, AS_HELP_STRING([--enable-pamuserpass],
[Build pam userpass support (default: no)]),
@ -78,8 +82,11 @@ if test "x$enable_pam" = "xyes"
then
if test "x$enable_kerberos" != "xyes"
then
AC_CHECK_HEADER([security/pam_appl.h], [],
[AC_MSG_ERROR([please install libpam0g-dev or pam-devel])])
if test -z "$enable_bsd"
then
AC_CHECK_HEADER([security/pam_appl.h], [],
[AC_MSG_ERROR([please install libpam0g-dev or pam-devel])])
fi
fi
fi
@ -88,7 +95,7 @@ AC_CHECK_MEMBER([struct in6_addr.s6_addr],
[AC_DEFINE(NO_ARPA_INET_H_IP6, 1, [for IPv6])],
[#include <arpa/inet.h>])
if test "x$enable_pam" != "xyes"
if test "x$enable_pam" != "xyes" || test "x$bsd" = "xtrue"
then
AC_DEFINE([USE_NOPAM],1,[Disable PAM])
fi

27
libxrdp/libxrdp.c
Unescape View File

@ -89,33 +89,6 @@ libxrdp_get_pdu_bytes(const char *aheader)
/* TPKT */
rv = (header[2] << 8) | header[3];
}
else if (header[0] == 0x30)
{
/* TSRequest (NLA) */
if (header[1] & 0x80)
{
if ((header[1] & ~(0x80)) == 1)
{
rv = header[2];
rv += 3;
}
else if ((header[1] & ~(0x80)) == 2)
{
rv = (header[2] << 8) | header[3];
rv += 4;
}
else
{
g_writeln("libxrdp_get_pdu_bytes: error TSRequest!");
return -1;
}
}
else
{
rv = header[1];
rv += 2;
}
}
else
{
/* Fast-Path */

6
libxrdp/xrdp_rdp.c
Unescape View File

@ -155,7 +155,7 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info)
}
else
{
log_message(LOG_LEVEL_ALWAYS,"Warning: Your configured fastpath level is"
log_message(LOG_LEVEL_ALWAYS,"Warning: Your configured fastpath level is "
"undefined, fastpath will not be used");
client_info->use_fast_path = 0;
}
@ -176,7 +176,7 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info)
}
else
{
log_message(LOG_LEVEL_ALWAYS,"Warning: Your configured security layer is"
log_message(LOG_LEVEL_ALWAYS,"Warning: Your configured security layer is "
"undefined, xrdp will negotiate client compatible");
client_info->security_layer = PROTOCOL_SSL | PROTOCOL_HYBRID | PROTOCOL_HYBRID_EX;
}
@ -369,7 +369,7 @@ xrdp_rdp_recv(struct xrdp_rdp *self, struct stream *s, int *code)
{
/* check for fastpath first */
header = (const tui8 *) (s->p);
if ((header[0] != 0x3) && (header[0] != 0x3c))
if (header[0] != 0x3)
{
if (xrdp_sec_recv_fastpath(self->sec_layer, s) != 0)
{

5
sesman/Makefile.am
Unescape View File

@ -14,6 +14,10 @@ if SESMAN_NOPAM
AUTH_C = verify_user.c
AUTH_LIB = -lcrypt
else
if SESMAN_BSD
AUTH_C = verify_user_bsd.c
AUTH_LIB =
else
if SESMAN_PAMUSERPASS
AUTH_C = verify_user_pam_userpass.c
AUTH_LIB = -lpam -lpam_userpass
@ -27,6 +31,7 @@ AUTH_LIB = -lpam
endif
endif
endif
endif
sbin_PROGRAMS = \
xrdp-sesman

1
sesman/chansrv/chansrv_common.h
Unescape View File

@ -20,6 +20,7 @@
#define _CHANSRV_COMMON_H
#include "parse.h"
#include "os_calls.h"
int read_entire_packet(struct stream *src, struct stream **dest, int chan_flags, int length, int total_length);

1
sesman/chansrv/sound.c
Unescape View File

@ -28,6 +28,7 @@
#include "defines.h"
#include "fifo.h"
#include "file_loc.h"
#include "chansrv_common.h"
extern int g_rdpsnd_chan_id; /* in chansrv.c */
extern int g_display_num; /* in chansrv.c */

8
sesman/verify_user.c
Unescape View File

@ -101,6 +101,14 @@ auth_start_session(long in_val, int in_display)
return 0;
}
/******************************************************************************/
/* returns error */
int DEFAULT_CC
auth_stop_session(long in_val)
{
return 0;
}
/******************************************************************************/
int DEFAULT_CC
auth_end(long in_val)

118
sesman/verify_user_bsd.c
Unescape View File

@ -0,0 +1,118 @@
/**
* xrdp: A Remote Desktop Protocol server.
*
* Copyright (C) Jay Sorg 2005-2014
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
*
* @file verify_user_bsd.c
* @brief Authenticate user using BSD password system
* @author Renaud Allard
*
*/
#include "sesman.h"
#define _XOPEN_SOURCE
#include <stdio.h>
#include <sys/types.h>
#include <stdlib.h>
#include <unistd.h>
#include <time.h>
#include <login_cap.h>
#include <bsd_auth.h>
#ifndef SECS_PER_DAY
#define SECS_PER_DAY (24L*3600L)
#endif
extern struct config_sesman* g_cfg; /* in sesman.c */
/******************************************************************************/
/* returns boolean */
long DEFAULT_CC
auth_userpass(char *user, char *pass, int *errorcode)
{
int ret = auth_userokay(user, NULL, "auth-xrdp", pass);
return ret;
}
/******************************************************************************/
/* returns error */
int DEFAULT_CC
auth_start_session(long in_val, int in_display)
{
return 0;
}
/******************************************************************************/
int DEFAULT_CC
auth_end(long in_val)
{
return 0;
}
/******************************************************************************/
int DEFAULT_CC
auth_set_env(long in_val)
{
return 0;
}
/******************************************************************************/
int DEFAULT_CC
auth_check_pwd_chg(char* user)
{
return 0;
}
int DEFAULT_CC
auth_change_pwd(char* user, char* newpwd)
{
return 0;
}
int DEFAULT_CC
auth_stop_session(long in_val)
{
return 0;
}
/**
*
* @brief Password encryption
* @param pwd Old password
* @param pln Plaintext new password
* @param crp Crypted new password
*
*/
static int DEFAULT_CC
auth_crypt_pwd(char* pwd, char* pln, char* crp)
{
return 0;
}
/**
*
* @return 1 if the account is disabled, 0 otherwise
*
*/
static int DEFAULT_CC
auth_account_disabled(struct spwd* stp)
{
return 0;
}

2
xrdp/lang.c
Unescape View File

@ -246,7 +246,7 @@ get_keymaps(int keylayout, struct xrdp_keymap *keymap)
if (fd != -1)
{
lkeymap = (struct xrdp_keymap *)g_malloc(sizeof(struct xrdp_keymap), 0);
/* make a copy of the build in kaymap */
/* make a copy of the built-in keymap */
g_memcpy(lkeymap, keymap, sizeof(struct xrdp_keymap));
/* clear the keymaps */
g_memset(keymap, 0, sizeof(struct xrdp_keymap));

Write Preview
Loading…
Cancel
Save