diff --git a/xrdp-pam_session.patch b/xrdp-pam_session.patch new file mode 100644 index 0000000..cc4fcb9 --- /dev/null +++ b/xrdp-pam_session.patch @@ -0,0 +1,229 @@ +diff --git a/sesman/auth.h b/sesman/auth.h +index a6c5e7f..86bfc96 100644 +--- a/sesman/auth.h ++++ b/sesman/auth.h +@@ -58,6 +58,16 @@ auth_start_session(long in_val, int in_display); + * + */ + int DEFAULT_CC ++auth_stop_session(long in_val); ++ ++/** ++ * ++ * @brief FIXME ++ * @param in_val ++ * @return 0 on success, 1 on failure ++ * ++ */ ++int DEFAULT_CC + auth_end(long in_val); + + /** +diff --git a/sesman/session.c b/sesman/session.c +index 36262ad..24e40d1 100644 +--- a/sesman/session.c ++++ b/sesman/session.c +@@ -310,7 +310,7 @@ session_start_fork(int width, int height, int bpp, char* username, + { + int display = 0; + int pid = 0; +- int wmpid = 0; ++ int wmpid = 0, pampid = 0; + int xpid = 0; + int i = 0; + char geometry[32]; +@@ -369,7 +369,6 @@ session_start_fork(int width, int height, int bpp, char* username, + } + else if (pid == 0) /* child sesman */ + { +- auth_start_session(data, display); + g_sprintf(geometry, "%dx%d", width, height); + g_sprintf(depth, "%d", bpp); + g_sprintf(screen, ":%d", display); +@@ -380,80 +379,94 @@ session_start_fork(int width, int height, int bpp, char* username, + else if (wmpid == 0) /* child (child sesman) xserver */ + { + wait_for_xserver(display); +- env_set_user(username, 0, display); +- if (x_server_running(display)) ++ auth_start_session(data, display); ++ pampid = g_fork(); ++ if(pampid == -1) + { +- auth_set_env(data); +- if (directory != 0) ++ } ++ else if (pampid == 0) /* child: X11/client */ ++ { ++ env_set_user(username, 0, display); ++ if (x_server_running(display)) + { +- if (directory[0] != 0) ++ auth_set_env(data); ++ if (directory != 0) + { +- g_set_current_dir(directory); ++ if (directory[0] != 0) ++ { ++ g_set_current_dir(directory); ++ } + } +- } +- if (program != 0) +- { +- if (program[0] != 0) ++ if (program != 0) + { +- g_execlp3(program, program, 0); +- log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS, +- "error starting program %s for user %s - pid %d", +- program, username, g_getpid()); ++ if (program[0] != 0) ++ { ++ g_execlp3(program, program, 0); ++ log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS, ++ "error starting program %s for user %s - pid %d", ++ program, username, g_getpid()); ++ } + } +- } +- /* try to execute user window manager if enabled */ +- if (g_cfg->enable_user_wm) +- { +- g_sprintf(text,"%s/%s", g_getenv("HOME"), g_cfg->user_wm); +- if (g_file_exist(text)) ++ /* try to execute user window manager if enabled */ ++ if (g_cfg->enable_user_wm) + { +- g_execlp3(text, g_cfg->user_wm, 0); +- log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS,"error starting user " +- "wm for user %s - pid %d", username, g_getpid()); +- /* logging parameters */ +- log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, " +- "description: %s", errno, g_get_strerror()); +- log_message(&(g_cfg->log), LOG_LEVEL_DEBUG,"execlp3 parameter " +- "list:"); +- log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[0] = %s", +- text); +- log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[1] = %s", +- g_cfg->user_wm); ++ g_sprintf(text,"%s/%s", g_getenv("HOME"), g_cfg->user_wm); ++ if (g_file_exist(text)) ++ { ++ g_execlp3(text, g_cfg->user_wm, 0); ++ log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS,"error starting user " ++ "wm for user %s - pid %d", username, g_getpid()); ++ /* logging parameters */ ++ log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, " ++ "description: %s", errno, g_get_strerror()); ++ log_message(&(g_cfg->log), LOG_LEVEL_DEBUG,"execlp3 parameter " ++ "list:"); ++ log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[0] = %s", ++ text); ++ log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[1] = %s", ++ g_cfg->user_wm); ++ } + } ++ /* if we're here something happened to g_execlp3 ++ so we try running the default window manager */ ++ g_sprintf(text, "%s/%s", XRDP_CFG_PATH, g_cfg->default_wm); ++ g_execlp3(text, g_cfg->default_wm, 0); ++ ++ log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS,"error starting default " ++ "wm for user %s - pid %d", username, g_getpid()); ++ /* logging parameters */ ++ log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, description: " ++ "%s", errno, g_get_strerror()); ++ log_message(&(g_cfg->log), LOG_LEVEL_DEBUG,"execlp3 parameter list:"); ++ log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[0] = %s", ++ text); ++ log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[1] = %s", ++ g_cfg->default_wm); ++ ++ /* still a problem starting window manager just start xterm */ ++ g_execlp3("xterm", "xterm", 0); ++ ++ /* should not get here */ ++ log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS,"error starting xterm " ++ "for user %s - pid %d", username, g_getpid()); ++ /* logging parameters */ ++ log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, description: " ++ "%s", errno, g_get_strerror()); + } +- /* if we're here something happened to g_execlp3 +- so we try running the default window manager */ +- g_sprintf(text, "%s/%s", XRDP_CFG_PATH, g_cfg->default_wm); +- g_execlp3(text, g_cfg->default_wm, 0); +- +- log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS,"error starting default " +- "wm for user %s - pid %d", username, g_getpid()); +- /* logging parameters */ +- log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, description: " +- "%s", errno, g_get_strerror()); +- log_message(&(g_cfg->log), LOG_LEVEL_DEBUG,"execlp3 parameter list:"); +- log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[0] = %s", +- text); +- log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[1] = %s", +- g_cfg->default_wm); +- +- /* still a problem starting window manager just start xterm */ +- g_execlp3("xterm", "xterm", 0); +- +- /* should not get here */ +- log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS,"error starting xterm " +- "for user %s - pid %d", username, g_getpid()); +- /* logging parameters */ +- log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, description: " +- "%s", errno, g_get_strerror()); ++ else ++ { ++ log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "another Xserver is " ++ "already active on display %d", display); ++ } ++ log_message(&(g_cfg->log), LOG_LEVEL_DEBUG,"aborting connection..."); ++ g_exit(0); + } + else + { +- log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "another Xserver is " +- "already active on display %d", display); ++ g_waitpid(pampid); ++ auth_stop_session(data); ++ g_exit(0); + } +- log_message(&(g_cfg->log), LOG_LEVEL_DEBUG,"aborting connection..."); +- g_exit(0); + } + else /* parent (child sesman) */ + { +diff --git a/sesman/verify_user_pam.c b/sesman/verify_user_pam.c +index e3d8596..54aaeaa 100644 +--- a/sesman/verify_user_pam.c ++++ b/sesman/verify_user_pam.c +@@ -173,6 +173,26 @@ auth_start_session(long in_val, int in_display) + + /******************************************************************************/ + /* returns error */ ++int DEFAULT_CC ++auth_stop_session(long in_val) ++{ ++ struct t_auth_info* auth_info; ++ int error; ++ ++ auth_info = (struct t_auth_info*)in_val; ++ error = pam_close_session(auth_info->ph, 0); ++ if (error != PAM_SUCCESS) ++ { ++ g_printf("pam_close_session failed: %s\r\n", ++ pam_strerror(auth_info->ph, error)); ++ return 1; ++ } ++ auth_info->session_opened = 0; ++ return 0; ++} ++ ++/******************************************************************************/ ++/* returns error */ + /* cleanup */ + int DEFAULT_CC + auth_end(long in_val)