From 94cdbdcee64ffbd480ed6ded973d1e3927f82f75 Mon Sep 17 00:00:00 2001 From: speidy Date: Fri, 6 Jan 2017 07:59:49 +0200 Subject: [PATCH 1/5] libxrdp: change channel_code into a meaningful name --- common/xrdp_client_info.h | 2 +- libxrdp/xrdp_rdp.c | 4 ++-- libxrdp/xrdp_sec.c | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/common/xrdp_client_info.h b/common/xrdp_client_info.h index e71f8d71..0ef03cfc 100644 --- a/common/xrdp_client_info.h +++ b/common/xrdp_client_info.h @@ -65,7 +65,7 @@ struct xrdp_client_info int rdp_compression; int rdp_autologin; int crypt_level; /* 1, 2, 3 = low, medium, high */ - int channel_code; /* 0 = no channels 1 = channels */ + int channels_allowed; /* 0 = no channels 1 = channels */ int sound_code; /* 1 = leave sound at server */ int is_mce; int rdp5_performanceflags; diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c index 219c0260..914b6277 100644 --- a/libxrdp/xrdp_rdp.c +++ b/libxrdp/xrdp_rdp.c @@ -105,8 +105,8 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info) } else if (g_strcasecmp(item, "allow_channels") == 0) { - client_info->channel_code = g_text2bool(value); - if (client_info->channel_code == 0) + client_info->channels_allowed = g_text2bool(value); + if (client_info->channels_allowed == 0) { log_message(LOG_LEVEL_DEBUG,"Info - All channels are disabled"); } diff --git a/libxrdp/xrdp_sec.c b/libxrdp/xrdp_sec.c index 06813d25..2197b3b9 100644 --- a/libxrdp/xrdp_sec.c +++ b/libxrdp/xrdp_sec.c @@ -1829,12 +1829,12 @@ xrdp_sec_process_mcs_data_channels(struct xrdp_sec *self, struct stream *s) client_info = &(self->rdp_layer->client_info); - DEBUG(("processing channels, channel_code is %d", client_info->channel_code)); + DEBUG(("processing channels, channels_allowed is %d", client_info->channels_allowed)); /* this is an option set in xrdp.ini */ - if (client_info->channel_code != 1) /* are channels on? */ + if (client_info->channels_allowed != 1) /* are channels on? */ { - g_writeln("Processing channel data from client - The channel is off"); + g_writeln("xrdp_sec_process_mcs_data_channels: all channels are disabled by configuration"); return 0; } From 58d8cb0fd2fb74a778d0bae4934c93a03203b2ff Mon Sep 17 00:00:00 2001 From: speidy Date: Fri, 6 Jan 2017 08:01:33 +0200 Subject: [PATCH 2/5] libxrdp: ignore incoming channels with empty names --- libxrdp/xrdp_sec.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/libxrdp/xrdp_sec.c b/libxrdp/xrdp_sec.c index 2197b3b9..15aa9786 100644 --- a/libxrdp/xrdp_sec.c +++ b/libxrdp/xrdp_sec.c @@ -1862,6 +1862,12 @@ xrdp_sec_process_mcs_data_channels(struct xrdp_sec *self, struct stream *s) return 1; } in_uint8a(s, channel_item->name, 8); + if (g_strlen(channel_item->name) == 0) + { + g_writeln("xrdp_sec_process_mcs_data_channels: got an empty channel name, ignoring it"); + g_free(channel_item); + continue; + } in_uint32_le(s, channel_item->flags); channel_item->chanid = MCS_GLOBAL_CHANNEL + (index + 1); list_add_item(self->mcs_layer->channel_list, (tintptr) channel_item); From a82d41275454fdad916c4599054fcab9ebda5123 Mon Sep 17 00:00:00 2001 From: speidy Date: Fri, 6 Jan 2017 08:22:43 +0200 Subject: [PATCH 3/5] libxrdp: channels, respect xrdp.ini channel blocking also for data coming in from chansrv --- xrdp/xrdp_mm.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/xrdp/xrdp_mm.c b/xrdp/xrdp_mm.c index ddbc89a8..d023305b 100644 --- a/xrdp/xrdp_mm.c +++ b/xrdp/xrdp_mm.c @@ -740,8 +740,11 @@ xrdp_mm_trans_process_channel_data(struct xrdp_mm *self, struct trans *trans) if (rv == 0) { - rv = libxrdp_send_to_channel(self->wm->session, chan_id, s->p, size, total_size, - chan_flags); + if (is_channel_allowed(self->wm, chan_id)) + { + rv = libxrdp_send_to_channel(self->wm->session, chan_id, s->p, size, total_size, + chan_flags); + } } return rv; From 6810aa3f7988ee7763cca4bab4e0fad984062218 Mon Sep 17 00:00:00 2001 From: speidy Date: Fri, 6 Jan 2017 08:23:19 +0200 Subject: [PATCH 4/5] libxrdp: libxrdp_send_to_channel, improve error message --- libxrdp/libxrdp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libxrdp/libxrdp.c b/libxrdp/libxrdp.c index c52829f8..827b1247 100644 --- a/libxrdp/libxrdp.c +++ b/libxrdp/libxrdp.c @@ -1242,7 +1242,7 @@ libxrdp_send_to_channel(struct xrdp_session *session, int channel_id, if (xrdp_channel_send(chan, s, channel_id, total_data_len, flags) != 0) { - g_writeln("Debug - data NOT sent to channel"); + g_writeln("libxrdp_send_to_channel: error, server channel data NOT sent to client channel"); free_stream(s); return 1; } From 0a5bc44a0bd8100be3592bc155cf4b28ccb9cd17 Mon Sep 17 00:00:00 2001 From: speidy Date: Sun, 15 Jan 2017 08:46:04 +0200 Subject: [PATCH 5/5] libxrdp: use log_message --- libxrdp/xrdp_sec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libxrdp/xrdp_sec.c b/libxrdp/xrdp_sec.c index 15aa9786..422acfe2 100644 --- a/libxrdp/xrdp_sec.c +++ b/libxrdp/xrdp_sec.c @@ -1864,7 +1864,7 @@ xrdp_sec_process_mcs_data_channels(struct xrdp_sec *self, struct stream *s) in_uint8a(s, channel_item->name, 8); if (g_strlen(channel_item->name) == 0) { - g_writeln("xrdp_sec_process_mcs_data_channels: got an empty channel name, ignoring it"); + log_message(LOG_LEVEL_WARNING, "xrdp_sec_process_mcs_data_channels: got an empty channel name, ignoring it"); g_free(channel_item); continue; }