Patch CVE-2017-6967.
This commit is contained in:
parent
fdd3ba2522
commit
34847db9aa
999
xrdp-0.9.1-CVE-2017-6967.patch
Normal file
999
xrdp-0.9.1-CVE-2017-6967.patch
Normal file
@ -0,0 +1,999 @@
|
|||||||
|
From 9d9c842b7861ef7a419c78d69b72202f7a7dbfc8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Sorg <jay.sorg@gmail.com>
|
||||||
|
Date: Tue, 14 Mar 2017 09:53:17 -0700
|
||||||
|
Subject: [PATCH 01/10] sesman: auth session before fork
|
||||||
|
|
||||||
|
---
|
||||||
|
sesman/session.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/sesman/session.c b/sesman/session.c
|
||||||
|
index 06e44cf..2241e54 100644
|
||||||
|
--- a/sesman/session.c
|
||||||
|
+++ b/sesman/session.c
|
||||||
|
@@ -531,6 +531,7 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
|
||||||
|
g_getpid());
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
+ auth_start_session(data, display);
|
||||||
|
wmpid = g_fork(); /* parent becomes X,
|
||||||
|
child forks wm, and waits, todo */
|
||||||
|
if (wmpid == -1)
|
||||||
|
@@ -539,7 +540,6 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
|
||||||
|
else if (wmpid == 0)
|
||||||
|
{
|
||||||
|
wait_for_xserver(display);
|
||||||
|
- auth_start_session(data, display);
|
||||||
|
pampid = g_fork(); /* parent waits, todo
|
||||||
|
child becomes wm */
|
||||||
|
if (pampid == -1)
|
||||||
|
|
||||||
|
From 49e7de2621ca73999cdeb28990d0d06ea67b7205 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Sorg <jay.sorg@gmail.com>
|
||||||
|
Date: Wed, 15 Mar 2017 20:47:06 -0700
|
||||||
|
Subject: [PATCH 02/10] sesman: do not start up sessvc, just do wait, kill in
|
||||||
|
sesman
|
||||||
|
|
||||||
|
---
|
||||||
|
sesman/scp_v0.c | 6 +-
|
||||||
|
sesman/scp_v1.c | 4 +-
|
||||||
|
sesman/session.c | 275 +++++++++++++++++++++++--------------------------------
|
||||||
|
sesman/session.h | 3 +-
|
||||||
|
4 files changed, 121 insertions(+), 167 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c
|
||||||
|
index a6a1060..a1c919e 100644
|
||||||
|
--- a/sesman/scp_v0.c
|
||||||
|
+++ b/sesman/scp_v0.c
|
||||||
|
@@ -122,18 +122,18 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
|
||||||
|
if (SCP_SESSION_TYPE_XVNC == s->type)
|
||||||
|
{
|
||||||
|
log_message( LOG_LEVEL_INFO, "starting Xvnc session...");
|
||||||
|
- display = session_start(data, SESMAN_SESSION_TYPE_XVNC, s);
|
||||||
|
+ display = session_start(data, SESMAN_SESSION_TYPE_XVNC, c, s);
|
||||||
|
}
|
||||||
|
else if (SCP_SESSION_TYPE_XRDP == s->type)
|
||||||
|
{
|
||||||
|
log_message(LOG_LEVEL_INFO, "starting X11rdp session...");
|
||||||
|
- display = session_start(data, SESMAN_SESSION_TYPE_XRDP, s);
|
||||||
|
+ display = session_start(data, SESMAN_SESSION_TYPE_XRDP, c, s);
|
||||||
|
}
|
||||||
|
else if (SCP_SESSION_TYPE_XORG == s->type)
|
||||||
|
{
|
||||||
|
/* type is SCP_SESSION_TYPE_XORG */
|
||||||
|
log_message(LOG_LEVEL_INFO, "starting Xorg session...");
|
||||||
|
- display = session_start(data, SESMAN_SESSION_TYPE_XORG, s);
|
||||||
|
+ display = session_start(data, SESMAN_SESSION_TYPE_XORG, c, s);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
diff --git a/sesman/scp_v1.c b/sesman/scp_v1.c
|
||||||
|
index 74668ef..f865271 100644
|
||||||
|
--- a/sesman/scp_v1.c
|
||||||
|
+++ b/sesman/scp_v1.c
|
||||||
|
@@ -126,12 +126,12 @@ scp_v1_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
|
||||||
|
if (SCP_SESSION_TYPE_XVNC == s->type)
|
||||||
|
{
|
||||||
|
log_message(LOG_LEVEL_INFO, "starting Xvnc session...");
|
||||||
|
- display = session_start(data, SESMAN_SESSION_TYPE_XVNC, s);
|
||||||
|
+ display = session_start(data, SESMAN_SESSION_TYPE_XVNC, c, s);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
log_message(LOG_LEVEL_INFO, "starting X11rdp session...");
|
||||||
|
- display = session_start(data, SESMAN_SESSION_TYPE_XRDP, s);
|
||||||
|
+ display = session_start(data, SESMAN_SESSION_TYPE_XRDP, c, s);
|
||||||
|
}
|
||||||
|
|
||||||
|
e = scp_v1s_connect_new_session(c, display);
|
||||||
|
diff --git a/sesman/session.c b/sesman/session.c
|
||||||
|
index 2241e54..d3f30a6 100644
|
||||||
|
--- a/sesman/session.c
|
||||||
|
+++ b/sesman/session.c
|
||||||
|
@@ -269,77 +269,6 @@ x_server_running(int display)
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
-static void
|
||||||
|
-session_start_sessvc(int xpid, int wmpid, long data, char *username, int display)
|
||||||
|
-{
|
||||||
|
- struct list *sessvc_params = (struct list *)NULL;
|
||||||
|
- char wmpid_str[25];
|
||||||
|
- char xpid_str[25];
|
||||||
|
- char exe_path[262];
|
||||||
|
- int i = 0;
|
||||||
|
-
|
||||||
|
- /* initialize (zero out) local variables: */
|
||||||
|
- g_memset(wmpid_str, 0, sizeof(char) * 25);
|
||||||
|
- g_memset(xpid_str, 0, sizeof(char) * 25);
|
||||||
|
- g_memset(exe_path, 0, sizeof(char) * 262);
|
||||||
|
-
|
||||||
|
- /* new style waiting for clients */
|
||||||
|
- g_sprintf(wmpid_str, "%d", wmpid);
|
||||||
|
- g_sprintf(xpid_str, "%d", xpid);
|
||||||
|
- log_message(LOG_LEVEL_INFO,
|
||||||
|
- "starting xrdp-sessvc - xpid=%s - wmpid=%s",
|
||||||
|
- xpid_str, wmpid_str);
|
||||||
|
-
|
||||||
|
- sessvc_params = list_create();
|
||||||
|
- sessvc_params->auto_free = 1;
|
||||||
|
-
|
||||||
|
- /* building parameters */
|
||||||
|
- g_snprintf(exe_path, 261, "%s/xrdp-sessvc", XRDP_SBIN_PATH);
|
||||||
|
-
|
||||||
|
- list_add_item(sessvc_params, (tintptr)g_strdup(exe_path));
|
||||||
|
- list_add_item(sessvc_params, (tintptr)g_strdup(xpid_str));
|
||||||
|
- list_add_item(sessvc_params, (tintptr)g_strdup(wmpid_str));
|
||||||
|
- list_add_item(sessvc_params, 0); /* mandatory */
|
||||||
|
-
|
||||||
|
- env_set_user(username,
|
||||||
|
- 0,
|
||||||
|
- display,
|
||||||
|
- g_cfg->session_variables1,
|
||||||
|
- g_cfg->session_variables2);
|
||||||
|
-
|
||||||
|
- /* executing sessvc */
|
||||||
|
- g_execvp(exe_path, ((char **)sessvc_params->items));
|
||||||
|
-
|
||||||
|
- /* should not get here */
|
||||||
|
- log_message(LOG_LEVEL_ALWAYS,
|
||||||
|
- "error starting xrdp-sessvc - pid %d - xpid=%s - wmpid=%s",
|
||||||
|
- g_getpid(), xpid_str, wmpid_str);
|
||||||
|
-
|
||||||
|
- /* logging parameters */
|
||||||
|
- /* no problem calling strerror for thread safety: other threads
|
||||||
|
- are blocked */
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, "errno: %d, description: %s",
|
||||||
|
- g_get_errno(), g_get_strerror());
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, "execve parameter list:");
|
||||||
|
-
|
||||||
|
- for (i = 0; i < (sessvc_params->count); i++)
|
||||||
|
- {
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, " argv[%d] = %s", i,
|
||||||
|
- (char *)list_get_item(sessvc_params, i));
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- list_delete(sessvc_params);
|
||||||
|
-
|
||||||
|
- /* keep the old waitpid if some error occurs during execlp */
|
||||||
|
- g_waitpid(wmpid);
|
||||||
|
- g_sigterm(xpid);
|
||||||
|
- g_sigterm(wmpid);
|
||||||
|
- g_sleep(1000);
|
||||||
|
- auth_end(data);
|
||||||
|
- g_exit(0);
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-/******************************************************************************/
|
||||||
|
/* called with the main thread
|
||||||
|
returns boolean */
|
||||||
|
static int
|
||||||
|
@@ -420,15 +349,48 @@ wait_for_xserver(int display)
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
+static int
|
||||||
|
+session_start_chansrv(char *username, int display)
|
||||||
|
+{
|
||||||
|
+ struct list *chansrv_params;
|
||||||
|
+ char exe_path[262];
|
||||||
|
+ int cspid;
|
||||||
|
+
|
||||||
|
+ cspid = g_fork();
|
||||||
|
+ if (cspid == 0)
|
||||||
|
+ {
|
||||||
|
+ chansrv_params = list_create();
|
||||||
|
+ chansrv_params->auto_free = 1;
|
||||||
|
+
|
||||||
|
+ /* building parameters */
|
||||||
|
+ g_snprintf(exe_path, 261, "%s/xrdp-chansrv", XRDP_SBIN_PATH);
|
||||||
|
+
|
||||||
|
+ list_add_item(chansrv_params, (intptr_t) g_strdup(exe_path));
|
||||||
|
+ list_add_item(chansrv_params, 0); /* mandatory */
|
||||||
|
+
|
||||||
|
+ env_set_user(username, 0, display,
|
||||||
|
+ g_cfg->session_variables1,
|
||||||
|
+ g_cfg->session_variables2);
|
||||||
|
+
|
||||||
|
+ /* executing chansrv */
|
||||||
|
+ g_execvp(exe_path, (char **) (chansrv_params->items));
|
||||||
|
+ /* failed */
|
||||||
|
+ g_exit(1);
|
||||||
|
+ }
|
||||||
|
+ return cspid;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/******************************************************************************/
|
||||||
|
/* called with the main thread */
|
||||||
|
static int
|
||||||
|
-session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
|
||||||
|
+session_start_fork(tbus data, tui8 type, struct SCP_CONNECTION *c,
|
||||||
|
+ struct SCP_SESSION *s)
|
||||||
|
{
|
||||||
|
int display = 0;
|
||||||
|
int pid = 0;
|
||||||
|
int wmpid = 0;
|
||||||
|
- int pampid = 0;
|
||||||
|
int xpid = 0;
|
||||||
|
+ int cspid = 0;
|
||||||
|
int i = 0;
|
||||||
|
char geometry[32];
|
||||||
|
char depth[32];
|
||||||
|
@@ -540,100 +502,85 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
|
||||||
|
else if (wmpid == 0)
|
||||||
|
{
|
||||||
|
wait_for_xserver(display);
|
||||||
|
- pampid = g_fork(); /* parent waits, todo
|
||||||
|
- child becomes wm */
|
||||||
|
- if (pampid == -1)
|
||||||
|
- {
|
||||||
|
- }
|
||||||
|
- else if (pampid == 0)
|
||||||
|
+ env_set_user(s->username,
|
||||||
|
+ 0,
|
||||||
|
+ display,
|
||||||
|
+ g_cfg->session_variables1,
|
||||||
|
+ g_cfg->session_variables2);
|
||||||
|
+ if (x_server_running(display))
|
||||||
|
{
|
||||||
|
- env_set_user(s->username,
|
||||||
|
- 0,
|
||||||
|
- display,
|
||||||
|
- g_cfg->session_variables1,
|
||||||
|
- g_cfg->session_variables2);
|
||||||
|
- if (x_server_running(display))
|
||||||
|
+ auth_set_env(data);
|
||||||
|
+ if (s->directory != 0)
|
||||||
|
{
|
||||||
|
- auth_set_env(data);
|
||||||
|
- if (s->directory != 0)
|
||||||
|
+ if (s->directory[0] != 0)
|
||||||
|
{
|
||||||
|
- if (s->directory[0] != 0)
|
||||||
|
- {
|
||||||
|
- g_set_current_dir(s->directory);
|
||||||
|
- }
|
||||||
|
+ g_set_current_dir(s->directory);
|
||||||
|
}
|
||||||
|
- if (s->program != 0)
|
||||||
|
- {
|
||||||
|
- if (s->program[0] != 0)
|
||||||
|
- {
|
||||||
|
- g_execlp3(s->program, s->program, 0);
|
||||||
|
- log_message(LOG_LEVEL_ALWAYS,
|
||||||
|
- "error starting program %s for user %s - pid %d",
|
||||||
|
- s->program, s->username, g_getpid());
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
- /* try to execute user window manager if enabled */
|
||||||
|
- if (g_cfg->enable_user_wm)
|
||||||
|
+ }
|
||||||
|
+ if (s->program != 0)
|
||||||
|
+ {
|
||||||
|
+ if (s->program[0] != 0)
|
||||||
|
{
|
||||||
|
- g_sprintf(text, "%s/%s", g_getenv("HOME"), g_cfg->user_wm);
|
||||||
|
- if (g_file_exist(text))
|
||||||
|
- {
|
||||||
|
- g_execlp3(text, g_cfg->user_wm, 0);
|
||||||
|
- log_message(LOG_LEVEL_ALWAYS, "error starting user "
|
||||||
|
- "wm for user %s - pid %d", s->username, g_getpid());
|
||||||
|
- /* logging parameters */
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, "errno: %d, "
|
||||||
|
- "description: %s", g_get_errno(), g_get_strerror());
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, "execlp3 parameter "
|
||||||
|
- "list:");
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, " argv[0] = %s",
|
||||||
|
- text);
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, " argv[1] = %s",
|
||||||
|
- g_cfg->user_wm);
|
||||||
|
- }
|
||||||
|
+ g_execlp3(s->program, s->program, 0);
|
||||||
|
+ log_message(LOG_LEVEL_ALWAYS,
|
||||||
|
+ "error starting program %s for user %s - pid %d",
|
||||||
|
+ s->program, s->username, g_getpid());
|
||||||
|
}
|
||||||
|
- /* if we're here something happened to g_execlp3
|
||||||
|
- so we try running the default window manager */
|
||||||
|
- g_sprintf(text, "%s/%s", XRDP_CFG_PATH, g_cfg->default_wm);
|
||||||
|
- g_execlp3(text, g_cfg->default_wm, 0);
|
||||||
|
-
|
||||||
|
- log_message(LOG_LEVEL_ALWAYS, "error starting default "
|
||||||
|
- "wm for user %s - pid %d", s->username, g_getpid());
|
||||||
|
- /* logging parameters */
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, "errno: %d, description: "
|
||||||
|
- "%s", g_get_errno(), g_get_strerror());
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, "execlp3 parameter list:");
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, " argv[0] = %s",
|
||||||
|
- text);
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, " argv[1] = %s",
|
||||||
|
- g_cfg->default_wm);
|
||||||
|
-
|
||||||
|
- /* still a problem starting window manager just start xterm */
|
||||||
|
- g_execlp3("xterm", "xterm", 0);
|
||||||
|
-
|
||||||
|
- /* should not get here */
|
||||||
|
- log_message(LOG_LEVEL_ALWAYS, "error starting xterm "
|
||||||
|
- "for user %s - pid %d", s->username, g_getpid());
|
||||||
|
- /* logging parameters */
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, "errno: %d, description: "
|
||||||
|
- "%s", g_get_errno(), g_get_strerror());
|
||||||
|
}
|
||||||
|
- else
|
||||||
|
+ /* try to execute user window manager if enabled */
|
||||||
|
+ if (g_cfg->enable_user_wm)
|
||||||
|
{
|
||||||
|
- log_message(LOG_LEVEL_ERROR, "another Xserver might "
|
||||||
|
- "already be active on display %d - see log", display);
|
||||||
|
+ g_sprintf(text, "%s/%s", g_getenv("HOME"), g_cfg->user_wm);
|
||||||
|
+ if (g_file_exist(text))
|
||||||
|
+ {
|
||||||
|
+ g_execlp3(text, g_cfg->user_wm, 0);
|
||||||
|
+ log_message(LOG_LEVEL_ALWAYS, "error starting user "
|
||||||
|
+ "wm for user %s - pid %d", s->username, g_getpid());
|
||||||
|
+ /* logging parameters */
|
||||||
|
+ log_message(LOG_LEVEL_DEBUG, "errno: %d, "
|
||||||
|
+ "description: %s", g_get_errno(), g_get_strerror());
|
||||||
|
+ log_message(LOG_LEVEL_DEBUG, "execlp3 parameter "
|
||||||
|
+ "list:");
|
||||||
|
+ log_message(LOG_LEVEL_DEBUG, " argv[0] = %s",
|
||||||
|
+ text);
|
||||||
|
+ log_message(LOG_LEVEL_DEBUG, " argv[1] = %s",
|
||||||
|
+ g_cfg->user_wm);
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
+ /* if we're here something happened to g_execlp3
|
||||||
|
+ so we try running the default window manager */
|
||||||
|
+ g_sprintf(text, "%s/%s", XRDP_CFG_PATH, g_cfg->default_wm);
|
||||||
|
+ g_execlp3(text, g_cfg->default_wm, 0);
|
||||||
|
|
||||||
|
- log_message(LOG_LEVEL_DEBUG, "aborting connection...");
|
||||||
|
- g_exit(0);
|
||||||
|
+ log_message(LOG_LEVEL_ALWAYS, "error starting default "
|
||||||
|
+ "wm for user %s - pid %d", s->username, g_getpid());
|
||||||
|
+ /* logging parameters */
|
||||||
|
+ log_message(LOG_LEVEL_DEBUG, "errno: %d, description: "
|
||||||
|
+ "%s", g_get_errno(), g_get_strerror());
|
||||||
|
+ log_message(LOG_LEVEL_DEBUG, "execlp3 parameter list:");
|
||||||
|
+ log_message(LOG_LEVEL_DEBUG, " argv[0] = %s",
|
||||||
|
+ text);
|
||||||
|
+ log_message(LOG_LEVEL_DEBUG, " argv[1] = %s",
|
||||||
|
+ g_cfg->default_wm);
|
||||||
|
+
|
||||||
|
+ /* still a problem starting window manager just start xterm */
|
||||||
|
+ g_execlp3("xterm", "xterm", 0);
|
||||||
|
+
|
||||||
|
+ /* should not get here */
|
||||||
|
+ log_message(LOG_LEVEL_ALWAYS, "error starting xterm "
|
||||||
|
+ "for user %s - pid %d", s->username, g_getpid());
|
||||||
|
+ /* logging parameters */
|
||||||
|
+ log_message(LOG_LEVEL_DEBUG, "errno: %d, description: "
|
||||||
|
+ "%s", g_get_errno(), g_get_strerror());
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
- g_waitpid(pampid);
|
||||||
|
- auth_stop_session(data);
|
||||||
|
- g_deinit();
|
||||||
|
- g_exit(0);
|
||||||
|
+ log_message(LOG_LEVEL_ERROR, "another Xserver might "
|
||||||
|
+ "already be active on display %d - see log", display);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ log_message(LOG_LEVEL_DEBUG, "aborting connection...");
|
||||||
|
+ g_exit(0);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
@@ -828,12 +775,17 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
|
||||||
|
else
|
||||||
|
{
|
||||||
|
wait_for_xserver(display);
|
||||||
|
- g_snprintf(text, 255, "%d", display);
|
||||||
|
- g_setenv("XRDP_SESSVC_DISPLAY", text, 1);
|
||||||
|
- g_snprintf(text, 255, ":%d.0", display);
|
||||||
|
- g_setenv("DISPLAY", text, 1);
|
||||||
|
- /* new style waiting for clients */
|
||||||
|
- session_start_sessvc(xpid, wmpid, data, s->username, display);
|
||||||
|
+ g_sck_close(c->in_sck);
|
||||||
|
+ log_end();
|
||||||
|
+ cspid = session_start_chansrv(s->username, display);
|
||||||
|
+ g_waitpid(wmpid);
|
||||||
|
+ auth_stop_session(data);
|
||||||
|
+ auth_end(data);
|
||||||
|
+ g_sigterm(xpid);
|
||||||
|
+ g_sigterm(wmpid);
|
||||||
|
+ g_sigterm(cspid);
|
||||||
|
+ g_deinit();
|
||||||
|
+ g_exit(0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -911,9 +863,10 @@ session_reconnect_fork(int display, char *username)
|
||||||
|
/* called by a worker thread, ask the main thread to call session_sync_start
|
||||||
|
and wait till done */
|
||||||
|
int
|
||||||
|
-session_start(long data, tui8 type, struct SCP_SESSION *s)
|
||||||
|
+session_start(long data, tui8 type, struct SCP_CONNECTION *c,
|
||||||
|
+ struct SCP_SESSION *s)
|
||||||
|
{
|
||||||
|
- return session_start_fork(data, type, s);
|
||||||
|
+ return session_start_fork(data, type, c, s);
|
||||||
|
}
|
||||||
|
|
||||||
|
/******************************************************************************/
|
||||||
|
diff --git a/sesman/session.h b/sesman/session.h
|
||||||
|
index 4533a1a..a9884a2 100644
|
||||||
|
--- a/sesman/session.h
|
||||||
|
+++ b/sesman/session.h
|
||||||
|
@@ -105,7 +105,8 @@ session_get_bydata(const char *name, int width, int height, int bpp, int type,
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
-session_start(long data, tui8 type, struct SCP_SESSION *s);
|
||||||
|
+session_start(long data, tui8 type, struct SCP_CONNECTION *c,
|
||||||
|
+ struct SCP_SESSION *s);
|
||||||
|
|
||||||
|
int
|
||||||
|
session_reconnect(int display, char* username);
|
||||||
|
|
||||||
|
From e40b9e3142033a5a67ef22ae645c47dd7574a983 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Sorg <jay.sorg@gmail.com>
|
||||||
|
Date: Wed, 15 Mar 2017 21:36:10 -0700
|
||||||
|
Subject: [PATCH 03/10] sesman: remove sessvc from build
|
||||||
|
|
||||||
|
---
|
||||||
|
configure.ac | 1 -
|
||||||
|
sesman/Makefile.am | 1 -
|
||||||
|
sesman/sessvc/Makefile.am | 16 -----
|
||||||
|
sesman/sessvc/sessvc.c | 166 ----------------------------------------------
|
||||||
|
4 files changed, 184 deletions(-)
|
||||||
|
delete mode 100644 sesman/sessvc/Makefile.am
|
||||||
|
delete mode 100644 sesman/sessvc/sessvc.c
|
||||||
|
|
||||||
|
diff --git a/configure.ac b/configure.ac
|
||||||
|
index 68620e1..0e2aaf7 100644
|
||||||
|
--- a/configure.ac
|
||||||
|
+++ b/configure.ac
|
||||||
|
@@ -328,7 +328,6 @@ AC_CONFIG_FILES([
|
||||||
|
sesman/chansrv/Makefile
|
||||||
|
sesman/libscp/Makefile
|
||||||
|
sesman/Makefile
|
||||||
|
- sesman/sessvc/Makefile
|
||||||
|
sesman/tools/Makefile
|
||||||
|
vnc/Makefile
|
||||||
|
xrdpapi/Makefile
|
||||||
|
diff --git a/sesman/Makefile.am b/sesman/Makefile.am
|
||||||
|
index d965f46..e1ccaaa 100644
|
||||||
|
--- a/sesman/Makefile.am
|
||||||
|
+++ b/sesman/Makefile.am
|
||||||
|
@@ -82,5 +82,4 @@ dist_sesmansysconf_SCRIPTS = \
|
||||||
|
SUBDIRS = \
|
||||||
|
libscp \
|
||||||
|
tools \
|
||||||
|
- sessvc \
|
||||||
|
chansrv
|
||||||
|
diff --git a/sesman/sessvc/Makefile.am b/sesman/sessvc/Makefile.am
|
||||||
|
deleted file mode 100644
|
||||||
|
index c2714b9..0000000
|
||||||
|
--- a/sesman/sessvc/Makefile.am
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1,16 +0,0 @@
|
||||||
|
-
|
||||||
|
-AM_CPPFLAGS = \
|
||||||
|
- -DXRDP_CFG_PATH=\"${sysconfdir}/xrdp\" \
|
||||||
|
- -DXRDP_SBIN_PATH=\"${sbindir}\" \
|
||||||
|
- -DXRDP_SHARE_PATH=\"${datadir}/xrdp\" \
|
||||||
|
- -DXRDP_PID_PATH=\"${localstatedir}/run\" \
|
||||||
|
- -I$(top_srcdir)/common
|
||||||
|
-
|
||||||
|
-sbin_PROGRAMS = \
|
||||||
|
- xrdp-sessvc
|
||||||
|
-
|
||||||
|
-xrdp_sessvc_SOURCES = \
|
||||||
|
- sessvc.c
|
||||||
|
-
|
||||||
|
-xrdp_sessvc_LDADD = \
|
||||||
|
- $(top_builddir)/common/libcommon.la
|
||||||
|
diff --git a/sesman/sessvc/sessvc.c b/sesman/sessvc/sessvc.c
|
||||||
|
deleted file mode 100644
|
||||||
|
index 2426b69..0000000
|
||||||
|
--- a/sesman/sessvc/sessvc.c
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1,166 +0,0 @@
|
||||||
|
-/**
|
||||||
|
- * xrdp: A Remote Desktop Protocol server.
|
||||||
|
- *
|
||||||
|
- * Copyright (C) Jay Sorg 2004-2013
|
||||||
|
- *
|
||||||
|
- * Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
- * you may not use this file except in compliance with the License.
|
||||||
|
- * You may obtain a copy of the License at
|
||||||
|
- *
|
||||||
|
- * http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
- *
|
||||||
|
- * Unless required by applicable law or agreed to in writing, software
|
||||||
|
- * distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
- * See the License for the specific language governing permissions and
|
||||||
|
- * limitations under the License.
|
||||||
|
- */
|
||||||
|
-
|
||||||
|
-/**
|
||||||
|
- *
|
||||||
|
- * @file sessvc.c
|
||||||
|
- * @brief Session supervisor
|
||||||
|
- * @author Simone Fedele
|
||||||
|
- *
|
||||||
|
- */
|
||||||
|
-
|
||||||
|
-#if defined(HAVE_CONFIG_H)
|
||||||
|
-#include "config_ac.h"
|
||||||
|
-#endif
|
||||||
|
-#include "file_loc.h"
|
||||||
|
-#include "os_calls.h"
|
||||||
|
-#include "arch.h"
|
||||||
|
-
|
||||||
|
-static int g_term = 0;
|
||||||
|
-
|
||||||
|
-/*****************************************************************************/
|
||||||
|
-void
|
||||||
|
-term_signal_handler(int sig)
|
||||||
|
-{
|
||||||
|
- g_writeln("xrdp-sessvc: term_signal_handler: got signal %d", sig);
|
||||||
|
- g_term = 1;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-/*****************************************************************************/
|
||||||
|
-void
|
||||||
|
-nil_signal_handler(int sig)
|
||||||
|
-{
|
||||||
|
- g_writeln("xrdp-sessvc: nil_signal_handler: got signal %d", sig);
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-/******************************************************************************/
|
||||||
|
-/* chansrv can exit at any time without cleaning up, it's an xlib app */
|
||||||
|
-int
|
||||||
|
-chansrv_cleanup(int pid)
|
||||||
|
-{
|
||||||
|
- char text[256];
|
||||||
|
-
|
||||||
|
- g_snprintf(text, 255, "/tmp/.xrdp/xrdp_chansrv_%8.8x_main_term", pid);
|
||||||
|
-
|
||||||
|
- if (g_file_exist(text))
|
||||||
|
- {
|
||||||
|
- g_file_delete(text);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- g_snprintf(text, 255, "/tmp/.xrdp/xrdp_chansrv_%8.8x_thread_done", pid);
|
||||||
|
-
|
||||||
|
- if (g_file_exist(text))
|
||||||
|
- {
|
||||||
|
- g_file_delete(text);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- return 0;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
-/******************************************************************************/
|
||||||
|
-int
|
||||||
|
-main(int argc, char **argv)
|
||||||
|
-{
|
||||||
|
- int ret = 0;
|
||||||
|
- int chansrv_pid = 0;
|
||||||
|
- int wm_pid = 0;
|
||||||
|
- int x_pid = 0;
|
||||||
|
- int lerror = 0;
|
||||||
|
- char exe_path[262];
|
||||||
|
-
|
||||||
|
- g_init("xrdp-sessvc");
|
||||||
|
- g_memset(exe_path, 0, sizeof(exe_path));
|
||||||
|
-
|
||||||
|
- if (argc < 3)
|
||||||
|
- {
|
||||||
|
- g_writeln("xrdp-sessvc: exiting, not enough parameters");
|
||||||
|
- g_deinit();
|
||||||
|
- return 1;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- g_signal_terminate(term_signal_handler); /* SIGTERM */
|
||||||
|
- g_signal_user_interrupt(term_signal_handler); /* SIGINT */
|
||||||
|
- g_signal_pipe(nil_signal_handler); /* SIGPIPE */
|
||||||
|
- x_pid = g_atoi(argv[1]);
|
||||||
|
- wm_pid = g_atoi(argv[2]);
|
||||||
|
- g_writeln("xrdp-sessvc: waiting for X (pid %d) and WM (pid %d)",
|
||||||
|
- x_pid, wm_pid);
|
||||||
|
- /* run xrdp-chansrv as a separate process */
|
||||||
|
- chansrv_pid = g_fork();
|
||||||
|
-
|
||||||
|
- if (chansrv_pid == -1)
|
||||||
|
- {
|
||||||
|
- g_writeln("xrdp-sessvc: fork error");
|
||||||
|
- g_deinit();
|
||||||
|
- return 1;
|
||||||
|
- }
|
||||||
|
- else if (chansrv_pid == 0) /* child */
|
||||||
|
- {
|
||||||
|
- g_set_current_dir(XRDP_SBIN_PATH);
|
||||||
|
- g_snprintf(exe_path, 261, "%s/xrdp-chansrv", XRDP_SBIN_PATH);
|
||||||
|
- g_execlp3(exe_path, "xrdp-chansrv", 0);
|
||||||
|
- /* should not get here */
|
||||||
|
- g_writeln("xrdp-sessvc: g_execlp3() failed");
|
||||||
|
- g_deinit();
|
||||||
|
- return 1;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- lerror = 0;
|
||||||
|
- /* wait for window manager to get done */
|
||||||
|
- ret = g_waitpid(wm_pid);
|
||||||
|
-
|
||||||
|
- while ((ret == 0) && !g_term)
|
||||||
|
- {
|
||||||
|
- ret = g_waitpid(wm_pid);
|
||||||
|
- g_sleep(1);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- if (ret < 0)
|
||||||
|
- {
|
||||||
|
- lerror = g_get_errno();
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- g_writeln("xrdp-sessvc: WM is dead (waitpid said %d, errno is %d) "
|
||||||
|
- "exiting...", ret, lerror);
|
||||||
|
- /* kill channel server */
|
||||||
|
- g_writeln("xrdp-sessvc: stopping channel server");
|
||||||
|
- g_sigterm(chansrv_pid);
|
||||||
|
- ret = g_waitpid(chansrv_pid);
|
||||||
|
-
|
||||||
|
- while ((ret == 0) && !g_term)
|
||||||
|
- {
|
||||||
|
- ret = g_waitpid(chansrv_pid);
|
||||||
|
- g_sleep(1);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- chansrv_cleanup(chansrv_pid);
|
||||||
|
- /* kill X server */
|
||||||
|
- g_writeln("xrdp-sessvc: stopping X server");
|
||||||
|
- g_sigterm(x_pid);
|
||||||
|
- ret = g_waitpid(x_pid);
|
||||||
|
-
|
||||||
|
- while ((ret == 0) && !g_term)
|
||||||
|
- {
|
||||||
|
- ret = g_waitpid(x_pid);
|
||||||
|
- g_sleep(1);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- g_writeln("xrdp-sessvc: clean exit");
|
||||||
|
- g_deinit();
|
||||||
|
- return 0;
|
||||||
|
-}
|
||||||
|
|
||||||
|
From 30b0831cf4925753e8490a4dbbd930f6546e7627 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Sorg <jay.sorg@gmail.com>
|
||||||
|
Date: Wed, 15 Mar 2017 21:42:35 -0700
|
||||||
|
Subject: [PATCH 04/10] sesman: close in_sck with other cleanup
|
||||||
|
|
||||||
|
---
|
||||||
|
sesman/session.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/sesman/session.c b/sesman/session.c
|
||||||
|
index d3f30a6..31c1f83 100644
|
||||||
|
--- a/sesman/session.c
|
||||||
|
+++ b/sesman/session.c
|
||||||
|
@@ -462,6 +462,7 @@ session_start_fork(tbus data, tui8 type, struct SCP_CONNECTION *c,
|
||||||
|
{
|
||||||
|
g_delete_wait_obj(g_term_event);
|
||||||
|
g_tcp_close(g_sck);
|
||||||
|
+ g_tcp_close(c->in_sck);
|
||||||
|
g_sprintf(geometry, "%dx%d", s->width, s->height);
|
||||||
|
g_sprintf(depth, "%d", s->bpp);
|
||||||
|
g_sprintf(screen, ":%d", display);
|
||||||
|
@@ -775,7 +776,6 @@ session_start_fork(tbus data, tui8 type, struct SCP_CONNECTION *c,
|
||||||
|
else
|
||||||
|
{
|
||||||
|
wait_for_xserver(display);
|
||||||
|
- g_sck_close(c->in_sck);
|
||||||
|
log_end();
|
||||||
|
cspid = session_start_chansrv(s->username, display);
|
||||||
|
g_waitpid(wmpid);
|
||||||
|
|
||||||
|
From cd145b26327eda3129989774430df02ea7ae2377 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Sorg <jay.sorg@gmail.com>
|
||||||
|
Date: Wed, 15 Mar 2017 21:51:28 -0700
|
||||||
|
Subject: [PATCH 05/10] docs: remove sessvc from man pages
|
||||||
|
|
||||||
|
---
|
||||||
|
docs/man/Makefile.am | 3 +--
|
||||||
|
docs/man/xrdp-sessvc.8.in | 26 --------------------------
|
||||||
|
2 files changed, 1 insertion(+), 28 deletions(-)
|
||||||
|
delete mode 100644 docs/man/xrdp-sessvc.8.in
|
||||||
|
|
||||||
|
diff --git a/docs/man/Makefile.am b/docs/man/Makefile.am
|
||||||
|
index 705def0..39b2216 100644
|
||||||
|
--- a/docs/man/Makefile.am
|
||||||
|
+++ b/docs/man/Makefile.am
|
||||||
|
@@ -8,8 +8,7 @@ man_MANS = \
|
||||||
|
xrdp-keygen.8 \
|
||||||
|
xrdp-sesadmin.8 \
|
||||||
|
xrdp-sesman.8 \
|
||||||
|
- xrdp-sesrun.8 \
|
||||||
|
- xrdp-sessvc.8
|
||||||
|
+ xrdp-sesrun.8
|
||||||
|
|
||||||
|
EXTRA_DIST = $(man_MANS:=.in)
|
||||||
|
|
||||||
|
diff --git a/docs/man/xrdp-sessvc.8.in b/docs/man/xrdp-sessvc.8.in
|
||||||
|
deleted file mode 100644
|
||||||
|
index 92ca7c2..0000000
|
||||||
|
--- a/docs/man/xrdp-sessvc.8.in
|
||||||
|
+++ /dev/null
|
||||||
|
@@ -1,26 +0,0 @@
|
||||||
|
-.TH "xrdp\-sessvc" "8" "@PACKAGE_VERSION@" "xrdp team" ""
|
||||||
|
-.SH "NAME"
|
||||||
|
-xrdp\-sessvc \- \fBxrdp\fR session supervisor
|
||||||
|
-
|
||||||
|
-.SH "SYNTAX"
|
||||||
|
-.B xrdp\-sessvc
|
||||||
|
-.I x_pid wm_pid
|
||||||
|
-
|
||||||
|
-.SH "DESCRIPTION"
|
||||||
|
-\fBxrdp\-sessvc\fR is the \fBxrdp\fR(8) session supervisor, which monitors the running X server and Windows Manager.
|
||||||
|
-As soon as one of them quits, the other process is terminated as well.
|
||||||
|
-.br
|
||||||
|
-This program is only executed internally by \fBxrdp\-sesman\fP(8).
|
||||||
|
-
|
||||||
|
-.SH "OPTIONS"
|
||||||
|
-.TP
|
||||||
|
-.I x_pid
|
||||||
|
-The process ID of the forked X server to monitor.
|
||||||
|
-.TP
|
||||||
|
-.I wm_pid
|
||||||
|
-The process ID of the forked Window Manager to monitor.
|
||||||
|
-
|
||||||
|
-.SH "SEE ALSO"
|
||||||
|
-.BR xrdp\-sesrun (8).
|
||||||
|
-
|
||||||
|
-for more info on \fBxrdp\fR see http://www.xrdp.org/
|
||||||
|
|
||||||
|
From c6e831a491145dcd215abd1631df802f89b5e38c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Sorg <jay.sorg@gmail.com>
|
||||||
|
Date: Wed, 15 Mar 2017 22:47:03 -0700
|
||||||
|
Subject: [PATCH 06/10] sesman: log if chansrv can not start up
|
||||||
|
|
||||||
|
---
|
||||||
|
sesman/session.c | 6 ++++--
|
||||||
|
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/sesman/session.c b/sesman/session.c
|
||||||
|
index 31c1f83..0d734ec 100644
|
||||||
|
--- a/sesman/session.c
|
||||||
|
+++ b/sesman/session.c
|
||||||
|
@@ -374,7 +374,10 @@ session_start_chansrv(char *username, int display)
|
||||||
|
|
||||||
|
/* executing chansrv */
|
||||||
|
g_execvp(exe_path, (char **) (chansrv_params->items));
|
||||||
|
- /* failed */
|
||||||
|
+ /* should not get here */
|
||||||
|
+ log_message(LOG_LEVEL_ALWAYS, "error starting chansrv "
|
||||||
|
+ "- user %s - pid %d", username, g_getpid());
|
||||||
|
+ list_delete(chansrv_params);
|
||||||
|
g_exit(1);
|
||||||
|
}
|
||||||
|
return cspid;
|
||||||
|
@@ -776,7 +779,6 @@ session_start_fork(tbus data, tui8 type, struct SCP_CONNECTION *c,
|
||||||
|
else
|
||||||
|
{
|
||||||
|
wait_for_xserver(display);
|
||||||
|
- log_end();
|
||||||
|
cspid = session_start_chansrv(s->username, display);
|
||||||
|
g_waitpid(wmpid);
|
||||||
|
auth_stop_session(data);
|
||||||
|
|
||||||
|
From 4dab6c3606ebfb307179b1984f07e96e4772cf55 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Sorg <jay.sorg@gmail.com>
|
||||||
|
Date: Wed, 15 Mar 2017 23:06:02 -0700
|
||||||
|
Subject: [PATCH 07/10] sesman: add some logging
|
||||||
|
|
||||||
|
---
|
||||||
|
sesman/session.c | 4 ++++
|
||||||
|
1 file changed, 4 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/sesman/session.c b/sesman/session.c
|
||||||
|
index 0d734ec..d13a3d0 100644
|
||||||
|
--- a/sesman/session.c
|
||||||
|
+++ b/sesman/session.c
|
||||||
|
@@ -780,7 +780,11 @@ session_start_fork(tbus data, tui8 type, struct SCP_CONNECTION *c,
|
||||||
|
{
|
||||||
|
wait_for_xserver(display);
|
||||||
|
cspid = session_start_chansrv(s->username, display);
|
||||||
|
+ log_message(LOG_LEVEL_ALWAYS, "waiting for window manager "
|
||||||
|
+ "pid(%d) to exit", wmpid);
|
||||||
|
g_waitpid(wmpid);
|
||||||
|
+ log_message(LOG_LEVEL_ALWAYS, "window manager pid(%d) did "
|
||||||
|
+ "exit, cleaning up session", wmpid);
|
||||||
|
auth_stop_session(data);
|
||||||
|
auth_end(data);
|
||||||
|
g_sigterm(xpid);
|
||||||
|
|
||||||
|
From 44129acd210c803fc8bbcfaf1b0db05e5bb4034f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Sorg <jay.sorg@gmail.com>
|
||||||
|
Date: Thu, 16 Mar 2017 20:36:50 -0700
|
||||||
|
Subject: [PATCH 08/10] sesman: call auth_start_session, auth_stop_session,
|
||||||
|
auth_end only from main process
|
||||||
|
|
||||||
|
---
|
||||||
|
sesman/scp_v0.c | 5 ++++-
|
||||||
|
sesman/scp_v1.c | 5 ++++-
|
||||||
|
sesman/session.c | 7 ++++---
|
||||||
|
3 files changed, 12 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c
|
||||||
|
index a1c919e..2780196 100644
|
||||||
|
--- a/sesman/scp_v0.c
|
||||||
|
+++ b/sesman/scp_v0.c
|
||||||
|
@@ -42,6 +42,10 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
|
||||||
|
int errorcode = 0;
|
||||||
|
|
||||||
|
data = auth_userpass(s->username, s->password, &errorcode);
|
||||||
|
+ if (data != NULL)
|
||||||
|
+ {
|
||||||
|
+ auth_start_session(data, display);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (s->type == SCP_GW_AUTHENTICATION)
|
||||||
|
{
|
||||||
|
@@ -155,5 +159,4 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
|
||||||
|
{
|
||||||
|
scp_v0s_deny_connection(c);
|
||||||
|
}
|
||||||
|
- auth_end(data);
|
||||||
|
}
|
||||||
|
diff --git a/sesman/scp_v1.c b/sesman/scp_v1.c
|
||||||
|
index f865271..509a9a0 100644
|
||||||
|
--- a/sesman/scp_v1.c
|
||||||
|
+++ b/sesman/scp_v1.c
|
||||||
|
@@ -56,6 +56,10 @@ scp_v1_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
|
||||||
|
|
||||||
|
data = auth_userpass(s->username, s->password,NULL);
|
||||||
|
/*LOG_DBG("user: %s\npass: %s", s->username, s->password);*/
|
||||||
|
+ if (data != NULL)
|
||||||
|
+ {
|
||||||
|
+ auth_start_session(data, display);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
while ((!data) && ((retries == 0) || (current_try > 0)))
|
||||||
|
{
|
||||||
|
@@ -201,7 +205,6 @@ scp_v1_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
|
||||||
|
}
|
||||||
|
|
||||||
|
/* cleanup */
|
||||||
|
- auth_end(data);
|
||||||
|
g_free(slist);
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/sesman/session.c b/sesman/session.c
|
||||||
|
index d13a3d0..775795b 100644
|
||||||
|
--- a/sesman/session.c
|
||||||
|
+++ b/sesman/session.c
|
||||||
|
@@ -497,7 +497,6 @@ session_start_fork(tbus data, tui8 type, struct SCP_CONNECTION *c,
|
||||||
|
g_getpid());
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
- auth_start_session(data, display);
|
||||||
|
wmpid = g_fork(); /* parent becomes X,
|
||||||
|
child forks wm, and waits, todo */
|
||||||
|
if (wmpid == -1)
|
||||||
|
@@ -785,8 +784,6 @@ session_start_fork(tbus data, tui8 type, struct SCP_CONNECTION *c,
|
||||||
|
g_waitpid(wmpid);
|
||||||
|
log_message(LOG_LEVEL_ALWAYS, "window manager pid(%d) did "
|
||||||
|
"exit, cleaning up session", wmpid);
|
||||||
|
- auth_stop_session(data);
|
||||||
|
- auth_end(data);
|
||||||
|
g_sigterm(xpid);
|
||||||
|
g_sigterm(wmpid);
|
||||||
|
g_sigterm(cspid);
|
||||||
|
@@ -917,6 +914,10 @@ session_kill(int pid)
|
||||||
|
|
||||||
|
if (tmp->item->pid == pid)
|
||||||
|
{
|
||||||
|
+
|
||||||
|
+ auth_stop_session(tmp->item->data);
|
||||||
|
+ auth_end(tmp->item->data);
|
||||||
|
+
|
||||||
|
/* deleting the session */
|
||||||
|
log_message(LOG_LEVEL_INFO, "++ terminated session: username %s, display :%d.0, session_pid %d, ip %s", tmp->item->name, tmp->item->display, tmp->item->pid, tmp->item->client_ip);
|
||||||
|
g_free(tmp->item);
|
||||||
|
|
||||||
|
From 8ec23e005c77d4f9e349b735357a059a80ab3b42 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Sorg <jay.sorg@gmail.com>
|
||||||
|
Date: Thu, 16 Mar 2017 20:50:24 -0700
|
||||||
|
Subject: [PATCH 09/10] sesman: fix a warning
|
||||||
|
|
||||||
|
---
|
||||||
|
sesman/scp_v0.c | 2 +-
|
||||||
|
sesman/scp_v1.c | 2 +-
|
||||||
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c
|
||||||
|
index 2780196..11c1652 100644
|
||||||
|
--- a/sesman/scp_v0.c
|
||||||
|
+++ b/sesman/scp_v0.c
|
||||||
|
@@ -42,7 +42,7 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
|
||||||
|
int errorcode = 0;
|
||||||
|
|
||||||
|
data = auth_userpass(s->username, s->password, &errorcode);
|
||||||
|
- if (data != NULL)
|
||||||
|
+ if (data != 0)
|
||||||
|
{
|
||||||
|
auth_start_session(data, display);
|
||||||
|
}
|
||||||
|
diff --git a/sesman/scp_v1.c b/sesman/scp_v1.c
|
||||||
|
index 509a9a0..b0f6b20 100644
|
||||||
|
--- a/sesman/scp_v1.c
|
||||||
|
+++ b/sesman/scp_v1.c
|
||||||
|
@@ -56,7 +56,7 @@ scp_v1_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
|
||||||
|
|
||||||
|
data = auth_userpass(s->username, s->password,NULL);
|
||||||
|
/*LOG_DBG("user: %s\npass: %s", s->username, s->password);*/
|
||||||
|
- if (data != NULL)
|
||||||
|
+ if (data != 0)
|
||||||
|
{
|
||||||
|
auth_start_session(data, display);
|
||||||
|
}
|
||||||
|
|
||||||
|
From c0df4bc26afdc8a0c96c3035be462e36c86d1cf4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jay Sorg <jay.sorg@gmail.com>
|
||||||
|
Date: Thu, 16 Mar 2017 21:13:03 -0700
|
||||||
|
Subject: [PATCH 10/10] sesman: auth_start_session needs to be in
|
||||||
|
session_start_fork for display
|
||||||
|
|
||||||
|
---
|
||||||
|
sesman/scp_v0.c | 4 ----
|
||||||
|
sesman/scp_v1.c | 5 -----
|
||||||
|
sesman/session.c | 1 +
|
||||||
|
3 files changed, 1 insertion(+), 9 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c
|
||||||
|
index 11c1652..3eb11f5 100644
|
||||||
|
--- a/sesman/scp_v0.c
|
||||||
|
+++ b/sesman/scp_v0.c
|
||||||
|
@@ -42,10 +42,6 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
|
||||||
|
int errorcode = 0;
|
||||||
|
|
||||||
|
data = auth_userpass(s->username, s->password, &errorcode);
|
||||||
|
- if (data != 0)
|
||||||
|
- {
|
||||||
|
- auth_start_session(data, display);
|
||||||
|
- }
|
||||||
|
|
||||||
|
if (s->type == SCP_GW_AUTHENTICATION)
|
||||||
|
{
|
||||||
|
diff --git a/sesman/scp_v1.c b/sesman/scp_v1.c
|
||||||
|
index b0f6b20..7266072 100644
|
||||||
|
--- a/sesman/scp_v1.c
|
||||||
|
+++ b/sesman/scp_v1.c
|
||||||
|
@@ -56,11 +56,6 @@ scp_v1_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
|
||||||
|
|
||||||
|
data = auth_userpass(s->username, s->password,NULL);
|
||||||
|
/*LOG_DBG("user: %s\npass: %s", s->username, s->password);*/
|
||||||
|
- if (data != 0)
|
||||||
|
- {
|
||||||
|
- auth_start_session(data, display);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
while ((!data) && ((retries == 0) || (current_try > 0)))
|
||||||
|
{
|
||||||
|
LOG_DBG("data %d - retry %d - currenttry %d - expr %d",
|
||||||
|
diff --git a/sesman/session.c b/sesman/session.c
|
||||||
|
index 775795b..f8e5844 100644
|
||||||
|
--- a/sesman/session.c
|
||||||
|
+++ b/sesman/session.c
|
||||||
|
@@ -455,6 +455,7 @@ session_start_fork(tbus data, tui8 type, struct SCP_CONNECTION *c,
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ auth_start_session(data, display);
|
||||||
|
pid = g_fork(); /* parent is fork from tcp accept,
|
||||||
|
child forks X and wm, then becomes scp */
|
||||||
|
|
@ -4,7 +4,7 @@ Summary: Open source remote desktop protocol (RDP) server
|
|||||||
Name: xrdp
|
Name: xrdp
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
Version: 0.9.1
|
Version: 0.9.1
|
||||||
Release: 8%{?dist}
|
Release: 9%{?dist}
|
||||||
License: ASL 2.0
|
License: ASL 2.0
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
URL: http://www.xrdp.org/
|
URL: http://www.xrdp.org/
|
||||||
@ -17,6 +17,7 @@ Patch0: xrdp-0.9.1-sesman.patch
|
|||||||
Patch1: xrdp-0.9.1-xrdp-ini.patch
|
Patch1: xrdp-0.9.1-xrdp-ini.patch
|
||||||
Patch2: xrdp-0.9.1-service.patch
|
Patch2: xrdp-0.9.1-service.patch
|
||||||
Patch3: xrdp-0.9.1-fastpath.patch
|
Patch3: xrdp-0.9.1-fastpath.patch
|
||||||
|
Patch4: xrdp-0.9.1-CVE-2017-6967.patch
|
||||||
|
|
||||||
BuildRequires: libX11-devel
|
BuildRequires: libX11-devel
|
||||||
BuildRequires: libXfixes-devel
|
BuildRequires: libXfixes-devel
|
||||||
@ -186,6 +187,9 @@ systemctl try-restart xrdp.service >/dev/null 2>&1 || :
|
|||||||
%{_libdir}/pkgconfig/xrdp.pc
|
%{_libdir}/pkgconfig/xrdp.pc
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Mar 21 2017 Bojan Smojver <bojan@rexurive.com> - 1:0.9.1-9
|
||||||
|
- Patch CVE-2017-6967
|
||||||
|
|
||||||
* Tue Mar 14 2017 Bojan Smojver <bojan@rexurive.com> - 1:0.9.1-8
|
* Tue Mar 14 2017 Bojan Smojver <bojan@rexurive.com> - 1:0.9.1-8
|
||||||
- Require tigervnc-server-minimal again, make it default
|
- Require tigervnc-server-minimal again, make it default
|
||||||
- Comment out references to X11rdp
|
- Comment out references to X11rdp
|
||||||
|
Loading…
Reference in New Issue
Block a user