Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
xrdp.27260
xrdp-CVE-2013-1430.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xrdp-CVE-2013-1430.patch of Package xrdp.27260
Index: b/common/os_calls.c =================================================================== --- a/common/os_calls.c 2016-08-01 15:28:23.000000000 +0800 +++ b/common/os_calls.c 2019-06-11 18:18:26.750390765 +0800 @@ -2427,6 +2427,34 @@ g_htoi(char *str) } /*****************************************************************************/ +/* returns number of bytes copied into out_str */ +int APP_CC +g_bytes_to_hexstr(const void *bytes, int num_bytes, char *out_str, + int bytes_out_str) +{ + int rv; + int index; + char *lout_str; + const tui8 *lbytes; + + rv = 0; + lbytes = (const tui8 *) bytes; + lout_str = out_str; + for (index = 0; index < num_bytes; index++) + { + if (bytes_out_str < 3) + { + break; + } + g_snprintf(lout_str, bytes_out_str, "%2.2x", lbytes[index]); + lout_str += 2; + bytes_out_str -= 2; + rv += 2; + } + return rv; +} + +/*****************************************************************************/ int APP_CC g_pos(const char *str, const char *to_find) { @@ -3374,3 +3402,60 @@ g_gethostname(char *name, int len) { return gethostname(name, len); } + +static unsigned char g_reverse_byte[0x100] = +{ + 0x00, 0x80, 0x40, 0xc0, 0x20, 0xa0, 0x60, 0xe0, + 0x10, 0x90, 0x50, 0xd0, 0x30, 0xb0, 0x70, 0xf0, + 0x08, 0x88, 0x48, 0xc8, 0x28, 0xa8, 0x68, 0xe8, + 0x18, 0x98, 0x58, 0xd8, 0x38, 0xb8, 0x78, 0xf8, + 0x04, 0x84, 0x44, 0xc4, 0x24, 0xa4, 0x64, 0xe4, + 0x14, 0x94, 0x54, 0xd4, 0x34, 0xb4, 0x74, 0xf4, + 0x0c, 0x8c, 0x4c, 0xcc, 0x2c, 0xac, 0x6c, 0xec, + 0x1c, 0x9c, 0x5c, 0xdc, 0x3c, 0xbc, 0x7c, 0xfc, + 0x02, 0x82, 0x42, 0xc2, 0x22, 0xa2, 0x62, 0xe2, + 0x12, 0x92, 0x52, 0xd2, 0x32, 0xb2, 0x72, 0xf2, + 0x0a, 0x8a, 0x4a, 0xca, 0x2a, 0xaa, 0x6a, 0xea, + 0x1a, 0x9a, 0x5a, 0xda, 0x3a, 0xba, 0x7a, 0xfa, + 0x06, 0x86, 0x46, 0xc6, 0x26, 0xa6, 0x66, 0xe6, + 0x16, 0x96, 0x56, 0xd6, 0x36, 0xb6, 0x76, 0xf6, + 0x0e, 0x8e, 0x4e, 0xce, 0x2e, 0xae, 0x6e, 0xee, + 0x1e, 0x9e, 0x5e, 0xde, 0x3e, 0xbe, 0x7e, 0xfe, + 0x01, 0x81, 0x41, 0xc1, 0x21, 0xa1, 0x61, 0xe1, + 0x11, 0x91, 0x51, 0xd1, 0x31, 0xb1, 0x71, 0xf1, + 0x09, 0x89, 0x49, 0xc9, 0x29, 0xa9, 0x69, 0xe9, + 0x19, 0x99, 0x59, 0xd9, 0x39, 0xb9, 0x79, 0xf9, + 0x05, 0x85, 0x45, 0xc5, 0x25, 0xa5, 0x65, 0xe5, + 0x15, 0x95, 0x55, 0xd5, 0x35, 0xb5, 0x75, 0xf5, + 0x0d, 0x8d, 0x4d, 0xcd, 0x2d, 0xad, 0x6d, 0xed, + 0x1d, 0x9d, 0x5d, 0xdd, 0x3d, 0xbd, 0x7d, 0xfd, + 0x03, 0x83, 0x43, 0xc3, 0x23, 0xa3, 0x63, 0xe3, + 0x13, 0x93, 0x53, 0xd3, 0x33, 0xb3, 0x73, 0xf3, + 0x0b, 0x8b, 0x4b, 0xcb, 0x2b, 0xab, 0x6b, 0xeb, + 0x1b, 0x9b, 0x5b, 0xdb, 0x3b, 0xbb, 0x7b, 0xfb, + 0x07, 0x87, 0x47, 0xc7, 0x27, 0xa7, 0x67, 0xe7, + 0x17, 0x97, 0x57, 0xd7, 0x37, 0xb7, 0x77, 0xf7, + 0x0f, 0x8f, 0x4f, 0xcf, 0x2f, 0xaf, 0x6f, 0xef, + 0x1f, 0x9f, 0x5f, 0xdf, 0x3f, 0xbf, 0x7f, 0xff +}; + +/*****************************************************************************/ +/* mirror each byte while copying */ +int +g_mirror_memcpy(void *dst, const void *src, int len) +{ + tui8 *dst8; + const tui8 *src8; + + dst8 = (tui8 *) dst; + src8 = (const tui8 *) src; + while (len > 0) + { + *dst8 = g_reverse_byte[*src8]; + dst8++; + src8++; + len--; + } + return 0; +} + Index: b/common/os_calls.h =================================================================== --- a/common/os_calls.h 2019-06-11 18:18:26.514388632 +0800 +++ b/common/os_calls.h 2019-06-11 18:18:26.750390765 +0800 @@ -120,6 +120,8 @@ int APP_CC g_strcasecmp(const char* int APP_CC g_strncasecmp(const char* c1, const char* c2, int len); int APP_CC g_atoi(const char* str); int APP_CC g_htoi(char* str); +int APP_CC g_bytes_to_hexstr(const void *bytes, int num_bytes, char *out_str, + int bytes_out_str); int APP_CC g_pos(const char* str, const char* to_find); int APP_CC g_mbstowcs(twchar* dest, const char* src, int n); int APP_CC g_wcstombs(char* dest, const twchar* src, int n); @@ -167,6 +169,7 @@ int APP_CC g_text2bool(const char * void * APP_CC g_shmat(int shmid); int APP_CC g_shmdt(const void *shmaddr); int APP_CC g_gethostname(char *name, int len); +int APP_CC g_mirror_memcpy(void *dst, const void *src, int len); #define g_new0(struct_type, n_structs) \ (struct_type *) calloc((n_structs), sizeof(struct_type)) Index: b/sesman/libscp/libscp_session.c =================================================================== --- a/sesman/libscp/libscp_session.c 2019-06-11 18:18:25.066375543 +0800 +++ b/sesman/libscp/libscp_session.c 2019-06-11 18:18:40.970519302 +0800 @@ -450,6 +450,21 @@ scp_session_set_addr(struct SCP_SESSION } /*******************************************************************/ +int +scp_session_set_guid(struct SCP_SESSION *s, const tui8 *guid) +{ + if (0 == guid) + { + log_message(LOG_LEVEL_WARNING, "[session:%d] set_guid: null guid", __LINE__); + return 1; + } + + g_memcpy(s->guid, guid, 16); + + return 0; +} + +/*******************************************************************/ void scp_session_destroy(struct SCP_SESSION *s) { Index: b/sesman/libscp/libscp_session.h =================================================================== --- a/sesman/libscp/libscp_session.h 2016-08-01 15:28:23.000000000 +0800 +++ b/sesman/libscp/libscp_session.h 2019-06-11 18:18:26.750390765 +0800 @@ -91,6 +91,9 @@ scp_session_set_display(struct SCP_SESSI int scp_session_set_errstr(struct SCP_SESSION* s, char* str); +int +scp_session_set_guid(struct SCP_SESSION *s, const tui8 *guid); + /** * * @brief destroys a session object Index: b/sesman/libscp/libscp_types.h =================================================================== --- a/sesman/libscp/libscp_types.h 2016-08-01 15:28:23.000000000 +0800 +++ b/sesman/libscp/libscp_types.h 2019-06-11 18:18:40.970519302 +0800 @@ -92,6 +92,7 @@ struct SCP_SESSION char* program; char* directory; char* client_ip; + tui8 guid[16]; }; struct SCP_DISCONNECTED_SESSION Index: b/sesman/libscp/libscp_v0.c =================================================================== --- a/sesman/libscp/libscp_v0.c 2019-06-11 18:18:26.514388632 +0800 +++ b/sesman/libscp/libscp_v0.c 2019-06-11 18:18:40.970519302 +0800 @@ -375,13 +375,20 @@ scp_v0s_accept(struct SCP_CONNECTION *c, /******************************************************************************/ enum SCP_SERVER_STATES_E -scp_v0s_allow_connection(struct SCP_CONNECTION *c, SCP_DISPLAY d) +scp_v0s_allow_connection(struct SCP_CONNECTION *c, SCP_DISPLAY d, const tui8 *guid) { + int msg_size; + + msg_size = guid == 0 ? 14 : 14 + 16; out_uint32_be(c->out_s, 0); /* version */ - out_uint32_be(c->out_s, 14); /* size */ + out_uint32_be(c->out_s, msg_size); /* size */ out_uint16_be(c->out_s, 3); /* cmd */ out_uint16_be(c->out_s, 1); /* data */ out_uint16_be(c->out_s, d); /* data */ + if (msg_size > 14) + { + out_uint8a(c->out_s, guid, 16); + } s_mark_end(c->out_s); if (0 != scp_tcp_force_send(c->in_sck, c->out_s->data, c->out_s->end - c->out_s->data)) Index: b/sesman/libscp/libscp_v0.h =================================================================== --- a/sesman/libscp/libscp_v0.h 2016-08-01 15:28:23.000000000 +0800 +++ b/sesman/libscp/libscp_v0.h 2019-06-11 18:18:40.970519302 +0800 @@ -61,7 +61,7 @@ scp_v0s_accept(struct SCP_CONNECTION* c, * */ enum SCP_SERVER_STATES_E -scp_v0s_allow_connection(struct SCP_CONNECTION* c, SCP_DISPLAY d); +scp_v0s_allow_connection(struct SCP_CONNECTION* c, SCP_DISPLAY d, const tui8 *guid); /** * Index: b/sesman/scp_v0.c =================================================================== --- a/sesman/scp_v0.c 2019-06-11 18:18:25.910383173 +0800 +++ b/sesman/scp_v0.c 2019-06-11 18:18:40.970519302 +0800 @@ -80,7 +80,7 @@ scp_v0_process(struct SCP_CONNECTION *c, if (s_item != 0) { display = s_item->display; - + g_memcpy(s->guid, s_item->guid, 16); if (0 != s->client_ip) { log_message( LOG_LEVEL_INFO, "++ reconnected session: username %s, " @@ -104,6 +104,11 @@ scp_v0_process(struct SCP_CONNECTION *c, if (1 == access_login_allowed(s->username)) { + tui8 guid[16]; + + g_random((char*)guid, 16); + scp_session_set_guid(s, guid); + if (0 != s->client_ip) { log_message(LOG_LEVEL_INFO, "++ created session (access granted): " @@ -121,7 +126,7 @@ scp_v0_process(struct SCP_CONNECTION *c, display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XVNC, s->domain, s->program, s->directory, - s->client_ip); + s->client_ip, s->guid); } else if (SCP_SESSION_TYPE_XRDP == s->type) { @@ -129,7 +134,7 @@ scp_v0_process(struct SCP_CONNECTION *c, display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XRDP, s->domain, s->program, s->directory, - s->client_ip); + s->client_ip, s->guid); } else if (SCP_SESSION_TYPE_XORG == s->type) { @@ -138,7 +143,7 @@ scp_v0_process(struct SCP_CONNECTION *c, display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XORG, s->domain, s->program, s->directory, - s->client_ip); + s->client_ip, s->guid); } /* if the session started up ok, auth_end will be called on sig child */ @@ -156,7 +161,7 @@ scp_v0_process(struct SCP_CONNECTION *c, } else { - scp_v0s_allow_connection(c, display); + scp_v0s_allow_connection(c, display, s->guid); } } else Index: b/sesman/scp_v1.c =================================================================== --- a/sesman/scp_v1.c 2019-06-11 18:18:25.910383173 +0800 +++ b/sesman/scp_v1.c 2019-06-11 18:18:26.750390765 +0800 @@ -128,21 +128,21 @@ scp_v1_process(struct SCP_CONNECTION *c, log_message(LOG_LEVEL_INFO, "starting Xvnc session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XVNC, - s->domain, s->program, s->directory, s->client_ip); + s->domain, s->program, s->directory, s->client_ip, s->guid); } else if (SCP_SESSION_TYPE_XRDP == s->type) { log_message(LOG_LEVEL_INFO, "starting X11rdp session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XRDP, - s->domain, s->program, s->directory, s->client_ip); + s->domain, s->program, s->directory, s->client_ip, s->guid); } else if (SCP_SESSION_TYPE_XORG == s->type) { log_message(LOG_LEVEL_INFO, "starting Xorg session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XORG, - s->domain, s->program, s->directory, s->client_ip); + s->domain, s->program, s->directory, s->client_ip, s->guid); } /* if the session started up ok, auth_end will be called on sig child */ Index: b/sesman/session.c =================================================================== --- a/sesman/session.c 2019-06-11 18:18:25.910383173 +0800 +++ b/sesman/session.c 2019-06-11 18:18:39.874509395 +0800 @@ -1,7 +1,7 @@ /** * xrdp: A Remote Desktop Protocol server. * - * Copyright (C) Jay Sorg 2004-2013 + * Copyright (C) Jay Sorg 2004-2015 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,30 +27,12 @@ #include "sesman.h" #include "libscp_types.h" -#include <errno.h> -//#include <time.h> - -extern tbus g_sync_event; extern unsigned char g_fixedkey[8]; extern struct config_sesman *g_cfg; /* in sesman.c */ extern int g_sck; /* in sesman.c */ -extern int g_thread_sck; /* in thread.c */ struct session_chain *g_sessions; int g_session_count; -static int g_sync_width; -static int g_sync_height; -static int g_sync_bpp; -static char *g_sync_username; -static char *g_sync_password; -static char *g_sync_domain; -static char *g_sync_program; -static char *g_sync_directory; -static char *g_sync_client_ip; -static tbus g_sync_data; -static tui8 g_sync_type; -static int g_sync_result; -static int g_sync_cmd; /** * Creates a string consisting of all parameters that is hosted in the param list @@ -63,7 +45,6 @@ char *APP_CC dumpItemsToString(struct list *self, char *outstr, int len) { int index; - tbus item; int totalLen = 0; g_memset(outstr, 0, len); @@ -95,9 +76,6 @@ session_get_bydata(char *name, int width struct session_chain *tmp; enum SESMAN_CFG_SESS_POLICY policy = g_cfg->sess.policy; - /*THREAD-FIX require chain lock */ - lock_chain_acquire(); - tmp = g_sessions; /* convert from SCP_SESSION_TYPE namespace to SESMAN_SESSION_TYPE namespace */ @@ -114,7 +92,6 @@ session_get_bydata(char *name, int width type = SESMAN_SESSION_TYPE_XORG; break; default: - lock_chain_release(); return 0; } @@ -149,8 +126,6 @@ session_get_bydata(char *name, int width tmp->item->bpp == bpp && tmp->item->type == type) { - /*THREAD-FIX release chain lock */ - lock_chain_release(); return tmp->item; } } @@ -164,16 +139,12 @@ session_get_bydata(char *name, int width tmp->item->bpp == bpp && tmp->item->type == type) { - /*THREAD-FIX release chain lock */ - lock_chain_release(); return tmp->item; } tmp = tmp->next; } - /*THREAD-FIX release chain lock */ - lock_chain_release(); return 0; } @@ -277,7 +248,6 @@ x_server_running(int display) { char text[256]; int x_running; - int sck; g_sprintf(text, "/tmp/.X11-unix/X%d", display); x_running = g_file_exist(text); @@ -319,9 +289,9 @@ session_start_sessvc(int xpid, int wmpid /* building parameters */ g_snprintf(exe_path, 261, "%s/xrdp-sessvc", XRDP_SBIN_PATH); - list_add_item(sessvc_params, (long)g_strdup(exe_path)); - list_add_item(sessvc_params, (long)g_strdup(xpid_str)); - list_add_item(sessvc_params, (long)g_strdup(wmpid_str)); + list_add_item(sessvc_params, (tintptr)g_strdup(exe_path)); + list_add_item(sessvc_params, (tintptr)g_strdup(xpid_str)); + list_add_item(sessvc_params, (tintptr)g_strdup(wmpid_str)); list_add_item(sessvc_params, 0); /* mandatory */ env_set_user(username, 0, display, @@ -339,7 +309,7 @@ session_start_sessvc(int xpid, int wmpid /* no problem calling strerror for thread safety: other threads are blocked */ log_message(LOG_LEVEL_DEBUG, "errno: %d, description: %s", - errno, g_get_strerror()); + g_get_errno(), g_get_strerror()); log_message(LOG_LEVEL_DEBUG, "execve parameter list:"); for (i = 0; i < (sessvc_params->count); i++) @@ -393,7 +363,6 @@ session_get_aval_display_from_chain(void int display; display = g_cfg->sess.x11_display_offset; - lock_chain_acquire(); while ((display - g_cfg->sess.x11_display_offset) <= g_cfg->sess.max_sessions) { @@ -401,7 +370,6 @@ session_get_aval_display_from_chain(void { if (!x_server_running_check_ports(display)) { - lock_chain_release(); return display; } } @@ -409,7 +377,6 @@ session_get_aval_display_from_chain(void display++; } - lock_chain_release(); log_message(LOG_LEVEL_ERROR, "X server -- no display in range is available"); return 0; } @@ -447,7 +414,7 @@ wait_for_xserver(int display) static int APP_CC session_start_fork(int width, int height, int bpp, char *username, char *password, tbus data, tui8 type, char *domain, - char *program, char *directory, char *client_ip) + char *program, char *directory, char *client_ip, tui8* guid) { int display = 0; int pid = 0; @@ -519,10 +486,9 @@ session_start_fork(int width, int height if (pid == -1) { } - else if (pid == 0) /* child sesman */ + else if (pid == 0) { g_tcp_close(g_sck); - g_tcp_close(g_thread_sck); g_sprintf(geometry, "%dx%d", width, height); g_sprintf(depth, "%d", bpp); g_sprintf(screen, ":%d", display); @@ -573,7 +539,7 @@ session_start_fork(int width, int height "wm for user %s - pid %d", username, g_getpid()); /* logging parameters */ log_message(LOG_LEVEL_DEBUG, "errno: %d, " - "description: %s", errno, g_get_strerror()); + "description: %s", g_get_errno(), g_get_strerror()); log_message(LOG_LEVEL_DEBUG, "execlp3 parameter " "list:"); log_message(LOG_LEVEL_DEBUG, " argv[0] = %s", @@ -591,7 +557,7 @@ session_start_fork(int width, int height "wm for user %s - pid %d", username, g_getpid()); /* logging parameters */ log_message(LOG_LEVEL_DEBUG, "errno: %d, description: " - "%s", errno, g_get_strerror()); + "%s", g_get_errno(), g_get_strerror()); log_message(LOG_LEVEL_DEBUG, "execlp3 parameter list:"); log_message(LOG_LEVEL_DEBUG, " argv[0] = %s", text); @@ -606,7 +572,7 @@ session_start_fork(int width, int height "for user %s - pid %d", username, g_getpid()); /* logging parameters */ log_message(LOG_LEVEL_DEBUG, "errno: %d, description: " - "%s", errno, g_get_strerror()); + "%s", g_get_errno(), g_get_strerror()); } else { @@ -624,10 +590,10 @@ session_start_fork(int width, int height g_exit(0); } } - else /* parent (child sesman) */ + else { - xpid = g_fork(); - + xpid = g_fork(); /* parent becomes scp, + child becomes X */ if (xpid == -1) { } @@ -655,8 +621,8 @@ session_start_fork(int width, int height xserver_params->auto_free = 1; /* these are the must have parameters */ - list_add_item(xserver_params, (long) g_strdup("/usr/bin/Xorg")); - list_add_item(xserver_params, (long) g_strdup(screen)); + list_add_item(xserver_params, (tintptr) g_strdup("/usr/bin/Xorg")); + list_add_item(xserver_params, (tintptr) g_strdup(screen)); /* additional parameters from sesman.ini file */ list_append_list_strdup(g_cfg->xorg_params, xserver_params, 0); @@ -680,19 +646,21 @@ session_start_fork(int width, int height } else if (type == SESMAN_SESSION_TYPE_XVNC) { - env_check_password_file(passwd_file, password); + char guid_str[64]; + g_bytes_to_hexstr(guid, 16, guid_str, 64); + env_check_password_file(passwd_file, guid_str); xserver_params = list_create(); xserver_params->auto_free = 1; /* these are the must have parameters */ - list_add_item(xserver_params, (long)g_strdup("Xvnc")); - list_add_item(xserver_params, (long)g_strdup(screen)); - list_add_item(xserver_params, (long)g_strdup("-geometry")); - list_add_item(xserver_params, (long)g_strdup(geometry)); - list_add_item(xserver_params, (long)g_strdup("-depth")); - list_add_item(xserver_params, (long)g_strdup(depth)); - list_add_item(xserver_params, (long)g_strdup("-rfbauth")); - list_add_item(xserver_params, (long)g_strdup(passwd_file)); + list_add_item(xserver_params, (tintptr)g_strdup("Xvnc")); + list_add_item(xserver_params, (tintptr)g_strdup(screen)); + list_add_item(xserver_params, (tintptr)g_strdup("-geometry")); + list_add_item(xserver_params, (tintptr)g_strdup(geometry)); + list_add_item(xserver_params, (tintptr)g_strdup("-depth")); + list_add_item(xserver_params, (tintptr)g_strdup(depth)); + list_add_item(xserver_params, (tintptr)g_strdup("-rfbauth")); + list_add_item(xserver_params, (tintptr)g_strdup(passwd_file)); /* additional parameters from sesman.ini file */ //config_read_xserver_params(SESMAN_SESSION_TYPE_XVNC, @@ -711,12 +679,12 @@ session_start_fork(int width, int height xserver_params->auto_free = 1; /* these are the must have parameters */ - list_add_item(xserver_params, (long)g_strdup("X11rdp")); - list_add_item(xserver_params, (long)g_strdup(screen)); - list_add_item(xserver_params, (long)g_strdup("-geometry")); - list_add_item(xserver_params, (long)g_strdup(geometry)); - list_add_item(xserver_params, (long)g_strdup("-depth")); - list_add_item(xserver_params, (long)g_strdup(depth)); + list_add_item(xserver_params, (tintptr)g_strdup("X11rdp")); + list_add_item(xserver_params, (tintptr)g_strdup(screen)); + list_add_item(xserver_params, (tintptr)g_strdup("-geometry")); + list_add_item(xserver_params, (tintptr)g_strdup(geometry)); + list_add_item(xserver_params, (tintptr)g_strdup("-depth")); + list_add_item(xserver_params, (tintptr)g_strdup(depth)); /* additional parameters from sesman.ini file */ //config_read_xserver_params(SESMAN_SESSION_TYPE_XRDP, @@ -742,7 +710,7 @@ session_start_fork(int width, int height /* logging parameters */ log_message(LOG_LEVEL_DEBUG, "errno: %d, description: " - "%s", errno, g_get_strerror()); + "%s", g_get_errno(), g_get_strerror()); log_message(LOG_LEVEL_DEBUG, "execve parameter list size: " "%d", (xserver_params)->count); @@ -755,7 +723,7 @@ session_start_fork(int width, int height list_delete(xserver_params); g_exit(1); } - else /* parent (child sesman)*/ + else { wait_for_xserver(display); g_snprintf(text, 255, "%d", display); @@ -767,7 +735,7 @@ session_start_fork(int width, int height } } } - else /* parent sesman process */ + else { temp->item->pid = pid; temp->item->display = display; @@ -777,6 +745,7 @@ session_start_fork(int width, int height temp->item->data = data; g_strncpy(temp->item->client_ip, client_ip, 255); /* store client ip data */ g_strncpy(temp->item->name, username, 255); + g_memcpy(temp->item->guid, guid, 16); ltime = g_time1(); localtime_r(<ime, &stime); @@ -791,16 +760,10 @@ session_start_fork(int width, int height temp->item->type = type; temp->item->status = SESMAN_SESSION_STATUS_ACTIVE; - /*THREAD-FIX require chain lock */ - lock_chain_acquire(); - temp->next = g_sessions; g_sessions = temp; g_session_count++; - /*THREAD-FIX release chain lock */ - lock_chain_release(); - return display; } @@ -845,34 +808,10 @@ session_reconnect_fork(int display, char int DEFAULT_CC session_start(int width, int height, int bpp, char *username, char *password, long data, tui8 type, char *domain, char *program, - char *directory, char *client_ip) + char *directory, char *client_ip, tui8* guid) { - int display; - - /* lock mutex */ - lock_sync_acquire(); - /* set shared vars */ - g_sync_cmd = 0; - g_sync_width = width; - g_sync_height = height; - g_sync_bpp = bpp; - g_sync_username = username; - g_sync_password = password; - g_sync_domain = domain; - g_sync_program = program; - g_sync_directory = directory; - g_sync_client_ip = client_ip; - g_sync_data = data; - g_sync_type = type; - /* set event for main thread to see */ - g_set_wait_obj(g_sync_event); - /* wait for main thread to get done */ - lock_sync_sem_acquire(); - /* read result(display) from shared var */ - display = g_sync_result; - /* unlock mutex */ - lock_sync_release(); - return display; + return session_start_fork(width, height, bpp, username, password, data, + type, domain, program, directory, client_ip, guid); } /******************************************************************************/ @@ -881,42 +820,7 @@ session_start(int width, int height, int int DEFAULT_CC session_reconnect(int display, char *username) { - /* lock mutex */ - lock_sync_acquire(); - /* set shared vars */ - g_sync_cmd = 1; - g_sync_width = display; - g_sync_username = username; - /* set event for main thread to see */ - g_set_wait_obj(g_sync_event); - /* wait for main thread to get done */ - lock_sync_sem_acquire(); - /* unlock mutex */ - lock_sync_release(); - return 0; -} - -/******************************************************************************/ -/* called with the main thread */ -int APP_CC -session_sync_start(void) -{ - if (g_sync_cmd == 0) - { - g_sync_result = session_start_fork(g_sync_width, g_sync_height, g_sync_bpp, - g_sync_username, g_sync_password, - g_sync_data, g_sync_type, g_sync_domain, - g_sync_program, g_sync_directory, - g_sync_client_ip); - } - else - { - /* g_sync_width is really display */ - g_sync_result = session_reconnect_fork(g_sync_width, g_sync_username); - } - - lock_sync_sem_release(); - return 0; + return session_reconnect_fork(display, username); } /******************************************************************************/ @@ -926,9 +830,6 @@ session_kill(int pid) struct session_chain *tmp; struct session_chain *prev; - /*THREAD-FIX require chain lock */ - lock_chain_acquire(); - tmp = g_sessions; prev = 0; @@ -950,8 +851,6 @@ session_kill(int pid) prev->next = tmp->next; } - /*THREAD-FIX release chain lock */ - lock_chain_release(); return SESMAN_SESSION_KILL_NULLITEM; } @@ -976,8 +875,6 @@ session_kill(int pid) g_free(tmp); g_session_count--; - /*THREAD-FIX release chain lock */ - lock_chain_release(); return SESMAN_SESSION_KILL_OK; } @@ -986,8 +883,6 @@ session_kill(int pid) tmp = tmp->next; } - /*THREAD-FIX release chain lock */ - lock_chain_release(); return SESMAN_SESSION_KILL_NOTFOUND; } @@ -997,9 +892,6 @@ session_sigkill_all() { struct session_chain *tmp; - /*THREAD-FIX require chain lock */ - lock_chain_acquire(); - tmp = g_sessions; while (tmp != 0) @@ -1017,9 +909,6 @@ session_sigkill_all() /* go on */ tmp = tmp->next; } - - /*THREAD-FIX release chain lock */ - lock_chain_release(); } /******************************************************************************/ @@ -1037,9 +926,6 @@ session_get_bypid(int pid) return 0; } - /*THREAD-FIX require chain lock */ - lock_chain_acquire(); - tmp = g_sessions; while (tmp != 0) @@ -1048,18 +934,13 @@ session_get_bypid(int pid) { log_message(LOG_LEVEL_ERROR, "session descriptor for " "pid %d is null!", pid); - /*THREAD-FIX release chain lock */ - lock_chain_release(); g_free(dummy); return 0; } if (tmp->item->pid == pid) { - /*THREAD-FIX release chain lock */ g_memcpy(dummy, tmp->item, sizeof(struct session_item)); - lock_chain_release(); - /*return tmp->item;*/ return dummy; } @@ -1067,8 +948,6 @@ session_get_bypid(int pid) tmp = tmp->next; } - /*THREAD-FIX release chain lock */ - lock_chain_release(); g_free(dummy); return 0; } @@ -1084,9 +963,6 @@ session_get_byuser(char *user, int *cnt, count = 0; - /*THREAD-FIX require chain lock */ - lock_chain_acquire(); - tmp = g_sessions; while (tmp != 0) @@ -1112,8 +988,6 @@ session_get_byuser(char *user, int *cnt, if (count == 0) { (*cnt) = 0; - /*THREAD-FIX release chain lock */ - lock_chain_release(); return 0; } @@ -1123,8 +997,6 @@ session_get_byuser(char *user, int *cnt, if (sess == 0) { (*cnt) = 0; - /*THREAD-FIX release chain lock */ - lock_chain_release(); return 0; } @@ -1133,7 +1005,7 @@ session_get_byuser(char *user, int *cnt, while (tmp != 0) { -#warning FIXME: we should get only disconnected sessions! +/* #warning FIXME: we should get only disconnected sessions! */ if ((NULL == user) || (!g_strncasecmp(user, tmp->item->name, 256))) { if ((tmp->item->status) & flags) @@ -1143,7 +1015,7 @@ session_get_byuser(char *user, int *cnt, (sess[index]).height = tmp->item->height; (sess[index]).width = tmp->item->width; (sess[index]).bpp = tmp->item->bpp; -#warning FIXME: setting idle times and such +/* #warning FIXME: setting idle times and such */ /*(sess[index]).connect_time.year = tmp->item->connect_time.year; (sess[index]).connect_time.month = tmp->item->connect_time.month; (sess[index]).connect_time.day = tmp->item->connect_time.day; @@ -1176,8 +1048,6 @@ session_get_byuser(char *user, int *cnt, tmp = tmp->next; } - /*THREAD-FIX release chain lock */ - lock_chain_release(); (*cnt) = count; return sess; } Index: b/sesman/session.h =================================================================== --- a/sesman/session.h 2016-08-01 15:28:23.000000000 +0800 +++ b/sesman/session.h 2019-06-11 18:18:26.754390801 +0800 @@ -76,6 +76,7 @@ struct session_item struct session_date disconnect_time; struct session_date idle_time; char client_ip[256]; + tui8 guid[16]; }; struct session_chain @@ -105,22 +106,13 @@ session_get_bydata(char* name, int width int DEFAULT_CC session_start(int width, int height, int bpp, char* username, char* password, long data, tui8 type, char* domain, char* program, - char* directory, char* client_ip); + char* directory, char* client_ip, tui8* guid); int DEFAULT_CC session_reconnect(int display, char* username); /** * - * @brief starts a session - * @return error - * - */ -int APP_CC -session_sync_start(void); - -/** - * * @brief kills a session * @param pid the pid of the session to be killed * @return Index: b/vnc/vnc.c =================================================================== --- a/vnc/vnc.c 2019-06-11 18:18:25.490379376 +0800 +++ b/vnc/vnc.c 2019-06-11 19:46:35.396855364 +0800 @@ -21,19 +21,55 @@ #include "vnc.h" #include "log.h" +#include "ssl_calls.h" /******************************************************************************/ /* taken from vncauth.c */ -void DEFAULT_CC -rfbEncryptBytes(char *bytes, char *passwd) +/* performing the des3 crypt on the password so it can not be seen + on the wire + 'bytes' in, contains 16 bytes server random + out, random and 'passwd' conbined */ +static void APP_CC +rfbEncryptBytes(char *bytes, const char *passwd) { - char key[12]; + char key[24]; + void *des; + int len; /* key is simply password padded with nulls */ g_memset(key, 0, sizeof(key)); - g_strncpy(key, passwd, 8); - rfbDesKey((unsigned char *)key, EN0); /* 0, encrypt */ - rfbDes((unsigned char *)bytes, (unsigned char *)bytes); - rfbDes((unsigned char *)(bytes + 8), (unsigned char *)(bytes + 8)); + len = MIN(g_strlen(passwd), 8); + g_mirror_memcpy(key, passwd, len); + des = ssl_des3_encrypt_info_create(key, 0); + ssl_des3_encrypt(des, 8, bytes, bytes); + ssl_des3_info_delete(des); + des = ssl_des3_encrypt_info_create(key, 0); + ssl_des3_encrypt(des, 8, bytes + 8, bytes + 8); + ssl_des3_info_delete(des); +} + +/******************************************************************************/ +/* sha1 hash 'passwd', create a string from the hash and call rfbEncryptBytes */ +static void APP_CC +rfbHashEncryptBytes(char *bytes, char *passwd) +{ + char passwd_hash[20]; + char passwd_hash_text[40]; + void *sha1; + int passwd_bytes; + + /* create password hash from password */ + passwd_bytes = g_strlen(passwd); + sha1 = ssl_sha1_info_create(); + ssl_sha1_transform(sha1, "xrdp_vnc", 8); + ssl_sha1_transform(sha1, passwd, passwd_bytes); + ssl_sha1_transform(sha1, passwd, passwd_bytes); + ssl_sha1_complete(sha1, passwd_hash); + ssl_sha1_info_delete(sha1); + g_snprintf(passwd_hash_text, 39, "%2.2x%2.2x%2.2x%2.2x", + (tui8)passwd_hash[0], (tui8)passwd_hash[1], + (tui8)passwd_hash[2], (tui8)passwd_hash[3]); + passwd_hash_text[39] = 0; + rfbEncryptBytes(bytes, passwd_hash_text); } /******************************************************************************/ @@ -1037,7 +1073,19 @@ lib_mod_connect(struct vnc *v) if (error == 0) { - rfbEncryptBytes(s->data, v->password); + init_stream(s, 8192); + if (v->got_guid) + { + char guid_str[64]; + g_bytes_to_hexstr(v->guid, 16, guid_str, 64); + rfbHashEncryptBytes(s->data, guid_str); + } + else + { + rfbEncryptBytes(s->data, v->password); + } + s->p += 16; + s_mark_end(s); error = lib_send(v, s->data, 16); check_sec_result = 1; // not needed } @@ -1351,6 +1399,11 @@ lib_mod_set_param(struct vnc *v, char *n { v->delay_ms = g_atoi(value); } + else if (g_strcasecmp(name, "guid") == 0) + { + v->got_guid = 1; + g_memcpy(v->guid, value, 16); + } return 0; } Index: b/vnc/vnc.h =================================================================== --- a/vnc/vnc.h 2016-08-01 15:28:23.000000000 +0800 +++ b/vnc/vnc.h 2019-06-11 18:18:39.874509395 +0800 @@ -116,4 +116,6 @@ struct vnc int clip_data_size; tbus sck_obj; int delay_ms; + int got_guid; + tui8 guid[16]; }; Index: b/xrdp/xrdp_mm.c =================================================================== --- a/xrdp/xrdp_mm.c 2019-06-11 18:18:26.150385342 +0800 +++ b/xrdp/xrdp_mm.c 2019-06-11 18:18:40.970519302 +0800 @@ -504,7 +504,7 @@ xrdp_mm_setup_mod1(struct xrdp_mm *self) /*****************************************************************************/ static int APP_CC -xrdp_mm_setup_mod2(struct xrdp_mm *self) +xrdp_mm_setup_mod2(struct xrdp_mm *self, tui8 *guid) { char text[256]; char *name; @@ -584,6 +584,10 @@ xrdp_mm_setup_mod2(struct xrdp_mm *self) self->mod->mod_set_param(self->mod, "hostname", name); g_snprintf(text, 255, "%d", self->wm->session->client_info->keylayout); self->mod->mod_set_param(self->mod, "keylayout", text); + if (guid != 0) + { + self->mod->mod_set_param(self->mod, "guid", (char *) guid); + } for (i = 0; i < self->login_names->count; i++) { @@ -1211,11 +1215,18 @@ xrdp_mm_process_login_response(struct xr char text[256]; char ip[256]; char port[256]; + tui8 guid[16]; + tui8* pguid; rv = 0; in_uint16_be(s, ok); in_uint16_be(s, display); - + pguid = 0; + if (s_check_rem(s, 16)) + { + in_uint8a(s, guid, 16); + pguid = guid; + } if (ok) { self->display = display; @@ -1225,7 +1236,7 @@ xrdp_mm_process_login_response(struct xr if (xrdp_mm_setup_mod1(self) == 0) { - if (xrdp_mm_setup_mod2(self) == 0) + if (xrdp_mm_setup_mod2(self, pguid) == 0) { xrdp_mm_get_value(self, "ip", ip, 255); xrdp_wm_set_login_mode(self->wm, 10); @@ -1885,7 +1896,7 @@ xrdp_mm_connect(struct xrdp_mm *self) { if (xrdp_mm_setup_mod1(self) == 0) { - if (xrdp_mm_setup_mod2(self) == 0) + if (xrdp_mm_setup_mod2(self, 0) == 0) { xrdp_wm_set_login_mode(self->wm, 10); rv = 0; /*sucess*/ Index: b/sesman/env.c =================================================================== --- a/sesman/env.c 2019-06-11 18:18:25.702381293 +0800 +++ b/sesman/env.c 2019-06-11 19:47:05.889122108 +0800 @@ -27,6 +27,7 @@ #include "list.h" #include "sesman.h" +#include "ssl_calls.h" #include "sys/types.h" #include "grp.h" @@ -36,30 +37,51 @@ extern struct config_sesman *g_cfg; /* /******************************************************************************/ int DEFAULT_CC -env_check_password_file(char *filename, char *password) +env_check_password_file(char *filename, char *passwd) { char encryptedPasswd[16]; + char key[24]; + char passwd_hash[20]; + char passwd_hash_text[40]; int fd; - - g_memset(encryptedPasswd, 0, 16); - g_strncpy(encryptedPasswd, password, 8); - rfbDesKey(g_fixedkey, 0); - rfbDes((unsigned char *)encryptedPasswd, (unsigned char *)encryptedPasswd); - fd = g_file_open(filename); - + int passwd_bytes; + void *des; + void *sha1; + + /* create password hash from password */ + passwd_bytes = g_strlen(passwd); + sha1 = ssl_sha1_info_create(); + ssl_sha1_transform(sha1, "xrdp_vnc", 8); + ssl_sha1_transform(sha1, passwd, passwd_bytes); + ssl_sha1_transform(sha1, passwd, passwd_bytes); + ssl_sha1_complete(sha1, passwd_hash); + ssl_sha1_info_delete(sha1); + g_snprintf(passwd_hash_text, 39, "%2.2x%2.2x%2.2x%2.2x", + (tui8)passwd_hash[0], (tui8)passwd_hash[1], + (tui8)passwd_hash[2], (tui8)passwd_hash[3]); + passwd_hash_text[39] = 0; + passwd = passwd_hash_text; + + /* create file from password */ + g_memset(encryptedPasswd, 0, sizeof(encryptedPasswd)); + g_strncpy(encryptedPasswd, passwd, 8); + g_memset(key, 0, sizeof(key)); + g_mirror_memcpy(key, g_fixedkey, 8); + des = ssl_des3_encrypt_info_create(key, 0); + ssl_des3_encrypt(des, 8, encryptedPasswd, encryptedPasswd); + ssl_des3_info_delete(des); + fd = g_file_open_ex(filename, 0, 1, 1, 1); if (fd == -1) { log_message(LOG_LEVEL_WARNING, - "can't read vnc password file - %s", - filename); + "Cannot write VNC password hash to file %s: %s", + filename, g_get_strerror()); return 1; } - g_file_write(fd, encryptedPasswd, 8); g_file_close(fd); return 0; } - /******************************************************************************/ int DEFAULT_CC env_set_user(char *username, char *passwd_file, int display, Index: b/sesman/Makefile.am =================================================================== --- a/sesman/Makefile.am 2016-08-01 15:28:23.000000000 +0800 +++ b/sesman/Makefile.am 2019-06-11 18:18:26.754390801 +0800 @@ -1,4 +1,4 @@ -EXTRA_DIST = sesman.ini startwm.sh sesman.h access.h auth.h config.h env.h lock.h scp.h scp_v0.h scp_v1.h scp_v1_mng.h session.h sig.h thread.h +EXTRA_DIST = sesman.ini startwm.sh sesman.h access.h auth.h config.h env.h scp.h scp_v0.h scp_v1.h scp_v1_mng.h session.h sig.h AM_CFLAGS = \ -DXRDP_CFG_PATH=\"${sysconfdir}/xrdp\" \ @@ -44,8 +44,6 @@ xrdp_sesman_SOURCES = \ sesman.c \ session.c \ sig.c \ - thread.c \ - lock.c \ access.c \ config.c \ env.c \ Index: b/sesman/lock.c =================================================================== --- a/sesman/lock.c 2016-08-01 15:28:23.000000000 +0800 +++ /dev/null 1970-01-01 00:00:00.000000000 +0000 @@ -1,121 +0,0 @@ -/** - * xrdp: A Remote Desktop Protocol server. - * - * Copyright (C) Jay Sorg 2004-2013 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * session manager - * linux only - */ - -#include "sesman.h" - -extern struct config_sesman *g_cfg; /* in sesman.c */ - -static tbus g_sync_mutex = 0; -static tbus g_lock_chain = 0; -static tbus g_sync_sem = 0; -static tbus g_lock_socket = 0; - -/******************************************************************************/ -void APP_CC -lock_init(void) -{ - g_sync_mutex = tc_mutex_create(); - g_lock_chain = tc_mutex_create(); - g_sync_sem = tc_sem_create(0); - g_lock_socket = tc_sem_create(1); -} - -/******************************************************************************/ -void APP_CC -lock_deinit(void) -{ - tc_mutex_delete(g_sync_mutex); - tc_mutex_delete(g_lock_chain); - tc_sem_delete(g_sync_sem); - tc_sem_delete(g_lock_socket); -} - -/******************************************************************************/ -void APP_CC -lock_chain_acquire(void) -{ - /* lock the chain */ - LOG_DBG("lock_chain_acquire()"); - tc_mutex_lock(g_lock_chain); -} - -/******************************************************************************/ -void APP_CC -lock_chain_release(void) -{ - /* unlock the chain */ - LOG_DBG("lock_chain_release()"); - tc_mutex_unlock(g_lock_chain); -} - -/******************************************************************************/ -void APP_CC -lock_socket_acquire(void) -{ - /* lock socket variable */ - LOG_DBG("lock_socket_acquire()"); - tc_sem_dec(g_lock_socket); -} - -/******************************************************************************/ -void APP_CC -lock_socket_release(void) -{ - /* unlock socket variable */ - LOG_DBG("lock_socket_release()"); - tc_sem_inc(g_lock_socket); -} - -/******************************************************************************/ -void APP_CC -lock_sync_acquire(void) -{ - /* lock sync variable */ - LOG_DBG("lock_sync_acquire()"); - tc_mutex_lock(g_sync_mutex); -} - -/******************************************************************************/ -void APP_CC -lock_sync_release(void) -{ - /* unlock socket variable */ - LOG_DBG("lock_sync_release()"); - tc_mutex_unlock(g_sync_mutex); -} - -/******************************************************************************/ -void APP_CC -lock_sync_sem_acquire(void) -{ - /* dec sem */ - LOG_DBG("lock_sync_sem_acquire()"); - tc_sem_dec(g_sync_sem); -} - -/******************************************************************************/ -void APP_CC -lock_sync_sem_release(void) -{ - /* inc sem */ - LOG_DBG("lock_sync_sem_release()"); - tc_sem_inc(g_sync_sem); -} Index: b/sesman/lock.h =================================================================== --- a/sesman/lock.h 2016-08-01 15:28:23.000000000 +0800 +++ /dev/null 1970-01-01 00:00:00.000000000 +0000 @@ -1,104 +0,0 @@ -/** - * xrdp: A Remote Desktop Protocol server. - * - * Copyright (C) Jay Sorg 2004-2013 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef LOCK_H -#define LOCK_H - -#include "sesman.h" - -/** - * - * @brief initializes all the locks - * - */ -void APP_CC -lock_init(void); - -/** - * - * @brief cleanup all the locks - * - */ -void APP_CC -lock_deinit(void); - -/** - * - * @brief acquires the lock for the session chain - * - */ -void APP_CC -lock_chain_acquire(void); - -/** - * - * @brief releases the session chain lock - * - */ -void APP_CC -lock_chain_release(void); - -/** - * - * @brief request the socket lock - * - */ -void APP_CC -lock_socket_acquire(void); - -/** - * - * @brief releases the socket lock - * - */ -void APP_CC -lock_socket_release(void); - -/** - * - * @brief request the main sync lock - * - */ -void APP_CC -lock_sync_acquire(void); - -/** - * - * @brief releases the main sync lock - * - */ -void APP_CC -lock_sync_release(void); - -/** - * - * @brief request the sync sem lock - * - */ -void APP_CC -lock_sync_sem_acquire(void); - -/** - * - * @brief releases the sync sem lock - * - */ -void APP_CC -lock_sync_sem_release(void); - -#endif Index: b/sesman/scp.c =================================================================== --- a/sesman/scp.c 2016-08-01 15:28:23.000000000 +0800 +++ b/sesman/scp.c 2019-06-11 18:18:26.754390801 +0800 @@ -1,7 +1,7 @@ /** * xrdp: A Remote Desktop Protocol server. * - * Copyright (C) Jay Sorg 2004-2013 + * Copyright (C) Jay Sorg 2004-2015 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,7 +29,6 @@ #include "sesman.h" -extern int g_thread_sck; /* in thread.c */ extern struct config_sesman *g_cfg; /* in sesman.c */ /******************************************************************************/ @@ -39,14 +38,9 @@ scp_process_start(void *sck) struct SCP_CONNECTION scon; struct SCP_SESSION *sdata; - /* making a local copy of the socket (it's on the stack) */ - /* probably this is just paranoia */ - scon.in_sck = g_thread_sck; + scon.in_sck = (int)(tintptr)sck; LOG_DBG("started scp thread on socket %d", scon.in_sck); - /* unlocking g_thread_sck */ - lock_socket_release(); - make_stream(scon.in_s); make_stream(scon.out_s); Index: b/sesman/sesman.c =================================================================== --- a/sesman/sesman.c 2016-08-01 15:28:23.000000000 +0800 +++ b/sesman/sesman.c 2019-06-11 18:19:26.874934235 +0800 @@ -1,7 +1,7 @@ /** * xrdp: A Remote Desktop Protocol server. * - * Copyright (C) Jay Sorg 2004-2013 + * Copyright (C) Jay Sorg 2004-2015 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -31,10 +31,7 @@ int g_pid; unsigned char g_fixedkey[8] = { 23, 82, 107, 6, 35, 78, 88, 7 }; struct config_sesman *g_cfg; /* defined in config.h */ -tbus g_term_event = 0; -tbus g_sync_event = 0; - -extern int g_thread_sck; /* in thread.c */ +tintptr g_term_event = 0; /******************************************************************************/ /** @@ -49,6 +46,7 @@ sesman_main_loop(void) int error; int robjs_count; int cont; + int pid; tbus sck_obj; tbus robjs[8]; @@ -80,7 +78,6 @@ sesman_main_loop(void) robjs_count = 0; robjs[robjs_count++] = sck_obj; robjs[robjs_count++] = g_term_event; - robjs[robjs_count++] = g_sync_event; /* wait */ if (g_obj_wait(robjs, robjs_count, 0, 0, -1) != 0) @@ -94,12 +91,6 @@ sesman_main_loop(void) break; } - if (g_is_wait_obj_set(g_sync_event)) /* sync */ - { - g_reset_wait_obj(g_sync_event); - session_sync_start(); - } - if (g_is_wait_obj_set(sck_obj)) /* incoming connection */ { in_sck = g_tcp_accept(g_sck); @@ -118,8 +109,8 @@ sesman_main_loop(void) { /* we've got a connection, so we pass it to scp code */ LOG_DBG("new connection"); - thread_scp_start(in_sck); - /* todo, do we have to wait here ? */ + scp_process_start((void*)(tintptr)in_sck); + g_tcp_close(in_sck); } } } @@ -138,9 +129,7 @@ sesman_main_loop(void) "port '%s': %d (%s)", g_cfg->listen_port, g_get_errno(), g_get_strerror()); } - - if (g_sck != -1) - g_tcp_close(g_sck); + g_tcp_close(g_sck); } /******************************************************************************/ @@ -292,6 +281,9 @@ main(int argc, char **argv) g_writeln("error opening log file [%s]. quitting.", getLogFile(text, 255)); break; + default: + g_writeln("error"); + break; } g_deinit(); @@ -329,9 +321,6 @@ main(int argc, char **argv) } } - /* initializing locks */ - lock_init(); - /* signal handling */ g_pid = g_getpid(); /* old style signal handling is now managed synchronously by a @@ -387,8 +376,6 @@ main(int argc, char **argv) g_snprintf(text, 255, "xrdp_sesman_%8.8x_main_term", g_pid); g_term_event = g_create_wait_obj(text); - g_snprintf(text, 255, "xrdp_sesman_%8.8x_main_sync", g_pid); - g_sync_event = g_create_wait_obj(text); sesman_main_loop(); @@ -399,7 +386,6 @@ main(int argc, char **argv) } g_delete_wait_obj(g_term_event); - g_delete_wait_obj(g_sync_event); if (!daemon) { Index: b/sesman/sesman.h =================================================================== --- a/sesman/sesman.h 2016-08-01 15:28:23.000000000 +0800 +++ b/sesman/sesman.h 2019-06-11 18:18:26.754390801 +0800 @@ -44,9 +44,6 @@ #include "session.h" #include "access.h" #include "scp.h" -#include "thread.h" -#include "lock.h" -#include "thread_calls.h" #include "libscp.h" Index: b/sesman/thread.c =================================================================== --- a/sesman/thread.c 2016-08-01 15:28:23.000000000 +0800 +++ /dev/null 1970-01-01 00:00:00.000000000 +0000 @@ -1,173 +0,0 @@ -/** - * xrdp: A Remote Desktop Protocol server. - * - * Copyright (C) Jay Sorg 2004-2013 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * - * @file thread.c - * @brief thread stuff... - * @author Simone Fedele - * - */ - -#include "sesman.h" - -#include <errno.h> -#include <signal.h> -#include <pthread.h> - -extern struct config_sesman *g_cfg; /* in sesman.c */ - -static pthread_t g_thread_sighandler; -//static pthread_t g_thread_updater; - -/* a variable to pass the socket of s connection to a thread */ -int g_thread_sck; - -/******************************************************************************/ -int DEFAULT_CC -thread_sighandler_start(void) -{ - int ret; - sigset_t sigmask; - sigset_t oldmask; - sigset_t waitmask; - - /* mask signals to be able to wait for them... */ - sigfillset(&sigmask); - pthread_sigmask(SIG_BLOCK, &sigmask, &oldmask); - - /* unblock some signals... */ - sigemptyset(&waitmask); - - /* it is a good idea not to block SIGILL SIGSEGV */ - /* SIGFPE -- see sigaction(2) NOTES */ - sigaddset(&waitmask, SIGILL); - sigaddset(&waitmask, SIGSEGV); - sigaddset(&waitmask, SIGFPE); - pthread_sigmask(SIG_UNBLOCK, &waitmask, NULL); - - log_message(LOG_LEVEL_INFO, "starting signal handling thread..."); - - ret = pthread_create(&g_thread_sighandler, NULL, sig_handler_thread, ""); - pthread_detach(g_thread_sighandler); - - if (ret == 0) - { - log_message(LOG_LEVEL_INFO, "signal handler thread started successfully"); - return 0; - } - - /* if something happened while starting a new thread... */ - switch (ret) - { - case EINVAL: - log_message(LOG_LEVEL_ERROR, "invalid attributes for signal handling thread (creation returned EINVAL)"); - break; - case EAGAIN: - log_message(LOG_LEVEL_ERROR, "not enough resources to start signal handling thread (creation returned EAGAIN)"); - break; - case EPERM: - log_message(LOG_LEVEL_ERROR, "invalid permissions for signal handling thread (creation returned EPERM)"); - break; - default: - log_message(LOG_LEVEL_ERROR, "unknown error starting signal handling thread"); - } - - return 1; -} - -#ifdef JUST_TO_AVOID_COMPILER_ERRORS -/******************************************************************************/ -int DEFAULT_CC -thread_session_update_start(void) -{ - int ret; - //starts the session update thread - //that checks for idle time, destroys sessions, ecc... - -#warning this thread should always request lock_fork before read or write -#warning (so we can Fork() In Peace) - ret = pthread_create(&g_thread_updater, NULL, , ""); - pthread_detach(g_thread_updater); - - if (ret == 0) - { - log_message(&(g_cfg->log), LOG_LEVEL_INFO, "session update thread started successfully"); - return 0; - } - - /* if something happened while starting a new thread... */ - switch (ret) - { - case EINVAL: - log_message(LOG_LEVEL_ERROR, "invalid attributes for session update thread (creation returned EINVAL)"); - break; - case EAGAIN: - log_message(LOG_LEVEL_ERROR, "not enough resources to start session update thread (creation returned EAGAIN)"); - break; - case EPERM: - log_message(LOG_LEVEL_ERROR, "invalid permissions for session update thread (creation returned EPERM)"); - break; - default: - log_message(LOG_LEVEL_ERROR, "unknown error starting session update thread"); - } - - return 1; -} -#endif - -/******************************************************************************/ -int DEFAULT_CC -thread_scp_start(int skt) -{ - int ret; - pthread_t th; - - /* blocking the use of thread_skt */ - lock_socket_acquire(); - g_thread_sck = skt; - - /* start a thread that processes a connection */ - ret = pthread_create(&th, NULL, scp_process_start, ""); - //ret = pthread_create(&th, NULL, scp_process_start, (void*) (&g_thread_sck)); - pthread_detach(th); - - if (ret == 0) - { - log_message(LOG_LEVEL_INFO, "scp thread on sck %d started successfully", skt); - return 0; - } - - /* if something happened while starting a new thread... */ - switch (ret) - { - case EINVAL: - log_message(LOG_LEVEL_ERROR, "invalid attributes for scp thread on sck %d (creation returned EINVAL)", skt); - break; - case EAGAIN: - log_message(LOG_LEVEL_ERROR, "not enough resources to start scp thread on sck %d (creation returned EAGAIN)", skt); - break; - case EPERM: - log_message(LOG_LEVEL_ERROR, "invalid permissions for scp thread on sck %d (creation returned EPERM)", skt); - break; - default: - log_message(LOG_LEVEL_ERROR, "unknown error starting scp thread on sck %d"); - } - - return 1; -} Index: b/sesman/thread.h =================================================================== --- a/sesman/thread.h 2016-08-01 15:28:23.000000000 +0800 +++ /dev/null 1970-01-01 00:00:00.000000000 +0000 @@ -1,56 +0,0 @@ -/** - * xrdp: A Remote Desktop Protocol server. - * - * Copyright (C) Jay Sorg 2004-2013 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * - * @file thread.h - * @brief thread stuff... - * @author Simone Fedele - * - */ - -#ifndef THREAD_H -#define THREAD_H - -/** - * - * @brief Starts the signal handling thread - * @retval 0 on success - * @retval 1 on error - * - */ -int DEFAULT_CC -thread_sighandler_start(void); - -/** - * - * @brief Starts the session update thread - * - */ -int DEFAULT_CC -thread_session_update_start(void); - -/** - * - * @brief Starts a thread to handle an incoming connection - * - */ -int DEFAULT_CC -thread_scp_start(int skt); - -#endif
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor