If no domain is passed, self->session->client_info->domain is an empty
string that is incorrectly treated as if the domain were passed by the
client.
The regression was introduced in fc753a95, when an incorrect check for
non-empty domain was added. That check was removed in 67119ecc based on
coverity report, leaving no trace of the original intention.
Check domain both for '_' and '\0' as the initial character. In either
case, select the first session type section in xrdp.ini.
strncat() will copy at most the specified number of characters and append
the null character on top of that. strlen() doesn't count the final null
character.
upper 16 bits of keylayout value indicates keyboard layout.
lower 16 bits of keylayout value indicates country/language.
If the keymap file doesn't match exactly to keylayout value,
the typical keyboard of the country/language should be used.
For example [1]:
0x00000409: US English
0x00010409: US Dvorak
0x00020409: US International
0x00030409: US Dvorak for left hand
0x00040409: US Dvorak for right hang
0x0000040e: Hungarian
0x0001040e: Hungarian 101-key
[1] https://msdn.microsoft.com/windows/hardware/commercialize/manufacture/desktop/windows-language-pack-default-values
Make section names equal to the names in the "name=" setting to avoid
confusion and the need to renumber sections. Avoid "sesman-" in the
names, it's not helpful to the user. Move "Xorg" just below "X11rdp",
that would give xorgxrdp more visibility.
Conditional preprocessor directives spread throughout the code set a bad
example.
The new backport code is located in one place. The compiler checks
argument types. The backport code has no access to the caller variables.
The main code has all advantages of the new, more compact API.
g_cfg->xorg_params, g_cfg->vnc_params and g_cfg->rdp_params don't have
auto_free enabled, so removing an item from one of those lists won't free
its contents.
It's better not to change those lists, as they represent the actual
config file and could be reused. Instead, omit the 0th parameter (the
executable path) from copying to xserver_params.
Found by Valgrind.
Call scp_session_destroy() in the functions that call
scp_session_create() and nowhere else.
As found by Valgrind, the session data is not freed if the session is
created successfully.
metalefty
Pavel Roskin
Idan Freiberg
Itamar Reis Peixoto
Jay Sorg
Dominik George