Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
xrdp.7006
xrdp-CVE-2017-6967.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xrdp-CVE-2017-6967.patch of Package xrdp.7006
diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c index 3fc788f..73dd51b 100644 --- a/sesman/scp_v0.c +++ b/sesman/scp_v0.c @@ -36,6 +36,7 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s) tbus data; struct session_item *s_item; int errorcode = 0 ; + int do_auth_end = 1; data = auth_userpass(s->username, s->password,&errorcode); @@ -146,6 +147,9 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s) s->domain, s->program, s->directory, s->client_ip); } + /* if the session started up ok, auth_end will be called on + sig child */ + do_auth_end = display == 0; } else { @@ -155,7 +159,6 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s) if (display == 0) { - auth_end(data); scp_v0s_deny_connection(c); } else @@ -167,4 +170,8 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s) { scp_v0s_deny_connection(c); } + if (do_auth_end) + { + auth_end(data); + } } diff --git a/sesman/scp_v1.c b/sesman/scp_v1.c index 2324b75..21924e1 100644 --- a/sesman/scp_v1.c +++ b/sesman/scp_v1.c @@ -38,7 +38,7 @@ void DEFAULT_CC scp_v1_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s) { long data; - int display; + int display = 0; int retries; int current_try; enum SCP_SERVER_STATES_E e; @@ -46,6 +46,7 @@ scp_v1_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s) struct session_item *sitem; int scount; SCP_SID sid; + int do_auth_end = 1; retries = g_cfg->sec.login_retry; current_try = retries; @@ -129,13 +129,23 @@ scp_v1_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s) s->password, data, SESMAN_SESSION_TYPE_XVNC, s->domain, s->program, s->directory, s->client_ip); } - else + else if (SCP_SESSION_TYPE_XRDP == s->type) { log_message(LOG_LEVEL_INFO, "starting X11rdp session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XRDP, s->domain, s->program, s->directory, s->client_ip); } + else if (SCP_SESSION_TYPE_XORG == s->type) + { + log_message(LOG_LEVEL_INFO, "starting Xorg session..."); + display = session_start(s->width, s->height, s->bpp, s->username, + s->password, data, SESMAN_SESSION_TYPE_XORG, + s->domain, s->program, s->directory, s->client_ip); + } + /* if the session started up ok, auth_end will be called on + sig child */ + do_auth_end = display == 0; e = scp_v1s_connect_new_session(c, display); @@ -205,7 +214,10 @@ scp_v1_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s) /* cleanup */ scp_session_destroy(s); - auth_end(data); + if (do_auth_end) + { + auth_end(data); + } g_free(slist); } diff --git a/sesman/session.c b/sesman/session.c index 4ea48d3..efc97e5 100644 --- a/sesman/session.c +++ b/sesman/session.c @@ -513,6 +513,7 @@ session_start_fork(int width, int height, int bpp, char *username, return 0; } + auth_start_session(data, display); pid = g_fork(); if (pid == -1) @@ -532,7 +533,6 @@ session_start_fork(int width, int height, int bpp, char *username, else if (wmpid == 0) /* child (child sesman) xserver */ { wait_for_xserver(display); - auth_start_session(data, display); pampid = g_fork(); if (pampid == -1) { @@ -620,7 +620,6 @@ session_start_fork(int width, int height, int bpp, char *username, else { g_waitpid(pampid); - auth_stop_session(data); g_deinit(); g_exit(0); } @@ -958,6 +957,8 @@ session_kill(int pid) if (tmp->item->pid == pid) { + auth_stop_session(tmp->item->data); + auth_end(tmp->item->data); /* deleting the session */ log_message(LOG_LEVEL_INFO, "++ terminated session: username %s, display :%d.0, session_pid %d, ip %s", tmp->item->name, tmp->item->display, tmp->item->pid, tmp->item->client_ip); g_free(tmp->item);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor