File xrdp-CVE-2013-1430.patch of Package xrdp.29105
Index: b/common/os_calls.c
===================================================================
--- a/common/os_calls.c 2016-08-01 15:28:23.000000000 +0800
+++ b/common/os_calls.c 2019-06-11 18:18:26.750390765 +0800
@@ -2427,6 +2427,34 @@ g_htoi(char *str)
}
/*****************************************************************************/
+/* returns number of bytes copied into out_str */
+int APP_CC
+g_bytes_to_hexstr(const void *bytes, int num_bytes, char *out_str,
+ int bytes_out_str)
+{
+ int rv;
+ int index;
+ char *lout_str;
+ const tui8 *lbytes;
+
+ rv = 0;
+ lbytes = (const tui8 *) bytes;
+ lout_str = out_str;
+ for (index = 0; index < num_bytes; index++)
+ {
+ if (bytes_out_str < 3)
+ {
+ break;
+ }
+ g_snprintf(lout_str, bytes_out_str, "%2.2x", lbytes[index]);
+ lout_str += 2;
+ bytes_out_str -= 2;
+ rv += 2;
+ }
+ return rv;
+}
+
+/*****************************************************************************/
int APP_CC
g_pos(const char *str, const char *to_find)
{
@@ -3374,3 +3402,60 @@ g_gethostname(char *name, int len)
{
return gethostname(name, len);
}
+
+static unsigned char g_reverse_byte[0x100] =
+{
+ 0x00, 0x80, 0x40, 0xc0, 0x20, 0xa0, 0x60, 0xe0,
+ 0x10, 0x90, 0x50, 0xd0, 0x30, 0xb0, 0x70, 0xf0,
+ 0x08, 0x88, 0x48, 0xc8, 0x28, 0xa8, 0x68, 0xe8,
+ 0x18, 0x98, 0x58, 0xd8, 0x38, 0xb8, 0x78, 0xf8,
+ 0x04, 0x84, 0x44, 0xc4, 0x24, 0xa4, 0x64, 0xe4,
+ 0x14, 0x94, 0x54, 0xd4, 0x34, 0xb4, 0x74, 0xf4,
+ 0x0c, 0x8c, 0x4c, 0xcc, 0x2c, 0xac, 0x6c, 0xec,
+ 0x1c, 0x9c, 0x5c, 0xdc, 0x3c, 0xbc, 0x7c, 0xfc,
+ 0x02, 0x82, 0x42, 0xc2, 0x22, 0xa2, 0x62, 0xe2,
+ 0x12, 0x92, 0x52, 0xd2, 0x32, 0xb2, 0x72, 0xf2,
+ 0x0a, 0x8a, 0x4a, 0xca, 0x2a, 0xaa, 0x6a, 0xea,
+ 0x1a, 0x9a, 0x5a, 0xda, 0x3a, 0xba, 0x7a, 0xfa,
+ 0x06, 0x86, 0x46, 0xc6, 0x26, 0xa6, 0x66, 0xe6,
+ 0x16, 0x96, 0x56, 0xd6, 0x36, 0xb6, 0x76, 0xf6,
+ 0x0e, 0x8e, 0x4e, 0xce, 0x2e, 0xae, 0x6e, 0xee,
+ 0x1e, 0x9e, 0x5e, 0xde, 0x3e, 0xbe, 0x7e, 0xfe,
+ 0x01, 0x81, 0x41, 0xc1, 0x21, 0xa1, 0x61, 0xe1,
+ 0x11, 0x91, 0x51, 0xd1, 0x31, 0xb1, 0x71, 0xf1,
+ 0x09, 0x89, 0x49, 0xc9, 0x29, 0xa9, 0x69, 0xe9,
+ 0x19, 0x99, 0x59, 0xd9, 0x39, 0xb9, 0x79, 0xf9,
+ 0x05, 0x85, 0x45, 0xc5, 0x25, 0xa5, 0x65, 0xe5,
+ 0x15, 0x95, 0x55, 0xd5, 0x35, 0xb5, 0x75, 0xf5,
+ 0x0d, 0x8d, 0x4d, 0xcd, 0x2d, 0xad, 0x6d, 0xed,
+ 0x1d, 0x9d, 0x5d, 0xdd, 0x3d, 0xbd, 0x7d, 0xfd,
+ 0x03, 0x83, 0x43, 0xc3, 0x23, 0xa3, 0x63, 0xe3,
+ 0x13, 0x93, 0x53, 0xd3, 0x33, 0xb3, 0x73, 0xf3,
+ 0x0b, 0x8b, 0x4b, 0xcb, 0x2b, 0xab, 0x6b, 0xeb,
+ 0x1b, 0x9b, 0x5b, 0xdb, 0x3b, 0xbb, 0x7b, 0xfb,
+ 0x07, 0x87, 0x47, 0xc7, 0x27, 0xa7, 0x67, 0xe7,
+ 0x17, 0x97, 0x57, 0xd7, 0x37, 0xb7, 0x77, 0xf7,
+ 0x0f, 0x8f, 0x4f, 0xcf, 0x2f, 0xaf, 0x6f, 0xef,
+ 0x1f, 0x9f, 0x5f, 0xdf, 0x3f, 0xbf, 0x7f, 0xff
+};
+
+/*****************************************************************************/
+/* mirror each byte while copying */
+int
+g_mirror_memcpy(void *dst, const void *src, int len)
+{
+ tui8 *dst8;
+ const tui8 *src8;
+
+ dst8 = (tui8 *) dst;
+ src8 = (const tui8 *) src;
+ while (len > 0)
+ {
+ *dst8 = g_reverse_byte[*src8];
+ dst8++;
+ src8++;
+ len--;
+ }
+ return 0;
+}
+
Index: b/common/os_calls.h
===================================================================
--- a/common/os_calls.h 2019-06-11 18:18:26.514388632 +0800
+++ b/common/os_calls.h 2019-06-11 18:18:26.750390765 +0800
@@ -120,6 +120,8 @@ int APP_CC g_strcasecmp(const char*
int APP_CC g_strncasecmp(const char* c1, const char* c2, int len);
int APP_CC g_atoi(const char* str);
int APP_CC g_htoi(char* str);
+int APP_CC g_bytes_to_hexstr(const void *bytes, int num_bytes, char *out_str,
+ int bytes_out_str);
int APP_CC g_pos(const char* str, const char* to_find);
int APP_CC g_mbstowcs(twchar* dest, const char* src, int n);
int APP_CC g_wcstombs(char* dest, const twchar* src, int n);
@@ -167,6 +169,7 @@ int APP_CC g_text2bool(const char *
void * APP_CC g_shmat(int shmid);
int APP_CC g_shmdt(const void *shmaddr);
int APP_CC g_gethostname(char *name, int len);
+int APP_CC g_mirror_memcpy(void *dst, const void *src, int len);
#define g_new0(struct_type, n_structs) \
(struct_type *) calloc((n_structs), sizeof(struct_type))
Index: b/sesman/libscp/libscp_session.c
===================================================================
--- a/sesman/libscp/libscp_session.c 2019-06-11 18:18:25.066375543 +0800
+++ b/sesman/libscp/libscp_session.c 2019-06-11 18:18:40.970519302 +0800
@@ -450,6 +450,21 @@ scp_session_set_addr(struct SCP_SESSION
}
/*******************************************************************/
+int
+scp_session_set_guid(struct SCP_SESSION *s, const tui8 *guid)
+{
+ if (0 == guid)
+ {
+ log_message(LOG_LEVEL_WARNING, "[session:%d] set_guid: null guid", __LINE__);
+ return 1;
+ }
+
+ g_memcpy(s->guid, guid, 16);
+
+ return 0;
+}
+
+/*******************************************************************/
void
scp_session_destroy(struct SCP_SESSION *s)
{
Index: b/sesman/libscp/libscp_session.h
===================================================================
--- a/sesman/libscp/libscp_session.h 2016-08-01 15:28:23.000000000 +0800
+++ b/sesman/libscp/libscp_session.h 2019-06-11 18:18:26.750390765 +0800
@@ -91,6 +91,9 @@ scp_session_set_display(struct SCP_SESSI
int
scp_session_set_errstr(struct SCP_SESSION* s, char* str);
+int
+scp_session_set_guid(struct SCP_SESSION *s, const tui8 *guid);
+
/**
*
* @brief destroys a session object
Index: b/sesman/libscp/libscp_types.h
===================================================================
--- a/sesman/libscp/libscp_types.h 2016-08-01 15:28:23.000000000 +0800
+++ b/sesman/libscp/libscp_types.h 2019-06-11 18:18:40.970519302 +0800
@@ -92,6 +92,7 @@ struct SCP_SESSION
char* program;
char* directory;
char* client_ip;
+ tui8 guid[16];
};
struct SCP_DISCONNECTED_SESSION
Index: b/sesman/libscp/libscp_v0.c
===================================================================
--- a/sesman/libscp/libscp_v0.c 2019-06-11 18:18:26.514388632 +0800
+++ b/sesman/libscp/libscp_v0.c 2019-06-11 18:18:40.970519302 +0800
@@ -375,13 +375,20 @@ scp_v0s_accept(struct SCP_CONNECTION *c,
/******************************************************************************/
enum SCP_SERVER_STATES_E
-scp_v0s_allow_connection(struct SCP_CONNECTION *c, SCP_DISPLAY d)
+scp_v0s_allow_connection(struct SCP_CONNECTION *c, SCP_DISPLAY d, const tui8 *guid)
{
+ int msg_size;
+
+ msg_size = guid == 0 ? 14 : 14 + 16;
out_uint32_be(c->out_s, 0); /* version */
- out_uint32_be(c->out_s, 14); /* size */
+ out_uint32_be(c->out_s, msg_size); /* size */
out_uint16_be(c->out_s, 3); /* cmd */
out_uint16_be(c->out_s, 1); /* data */
out_uint16_be(c->out_s, d); /* data */
+ if (msg_size > 14)
+ {
+ out_uint8a(c->out_s, guid, 16);
+ }
s_mark_end(c->out_s);
if (0 != scp_tcp_force_send(c->in_sck, c->out_s->data, c->out_s->end - c->out_s->data))
Index: b/sesman/libscp/libscp_v0.h
===================================================================
--- a/sesman/libscp/libscp_v0.h 2016-08-01 15:28:23.000000000 +0800
+++ b/sesman/libscp/libscp_v0.h 2019-06-11 18:18:40.970519302 +0800
@@ -61,7 +61,7 @@ scp_v0s_accept(struct SCP_CONNECTION* c,
*
*/
enum SCP_SERVER_STATES_E
-scp_v0s_allow_connection(struct SCP_CONNECTION* c, SCP_DISPLAY d);
+scp_v0s_allow_connection(struct SCP_CONNECTION* c, SCP_DISPLAY d, const tui8 *guid);
/**
*
Index: b/sesman/scp_v0.c
===================================================================
--- a/sesman/scp_v0.c 2019-06-11 18:18:25.910383173 +0800
+++ b/sesman/scp_v0.c 2019-06-11 18:18:40.970519302 +0800
@@ -80,7 +80,7 @@ scp_v0_process(struct SCP_CONNECTION *c,
if (s_item != 0)
{
display = s_item->display;
-
+ g_memcpy(s->guid, s_item->guid, 16);
if (0 != s->client_ip)
{
log_message( LOG_LEVEL_INFO, "++ reconnected session: username %s, "
@@ -104,6 +104,11 @@ scp_v0_process(struct SCP_CONNECTION *c,
if (1 == access_login_allowed(s->username))
{
+ tui8 guid[16];
+
+ g_random((char*)guid, 16);
+ scp_session_set_guid(s, guid);
+
if (0 != s->client_ip)
{
log_message(LOG_LEVEL_INFO, "++ created session (access granted): "
@@ -121,7 +126,7 @@ scp_v0_process(struct SCP_CONNECTION *c,
display = session_start(s->width, s->height, s->bpp, s->username,
s->password, data, SESMAN_SESSION_TYPE_XVNC,
s->domain, s->program, s->directory,
- s->client_ip);
+ s->client_ip, s->guid);
}
else if (SCP_SESSION_TYPE_XRDP == s->type)
{
@@ -129,7 +134,7 @@ scp_v0_process(struct SCP_CONNECTION *c,
display = session_start(s->width, s->height, s->bpp, s->username,
s->password, data, SESMAN_SESSION_TYPE_XRDP,
s->domain, s->program, s->directory,
- s->client_ip);
+ s->client_ip, s->guid);
}
else if (SCP_SESSION_TYPE_XORG == s->type)
{
@@ -138,7 +143,7 @@ scp_v0_process(struct SCP_CONNECTION *c,
display = session_start(s->width, s->height, s->bpp, s->username,
s->password, data, SESMAN_SESSION_TYPE_XORG,
s->domain, s->program, s->directory,
- s->client_ip);
+ s->client_ip, s->guid);
}
/* if the session started up ok, auth_end will be called on
sig child */
@@ -156,7 +161,7 @@ scp_v0_process(struct SCP_CONNECTION *c,
}
else
{
- scp_v0s_allow_connection(c, display);
+ scp_v0s_allow_connection(c, display, s->guid);
}
}
else
Index: b/sesman/scp_v1.c
===================================================================
--- a/sesman/scp_v1.c 2019-06-11 18:18:25.910383173 +0800
+++ b/sesman/scp_v1.c 2019-06-11 18:18:26.750390765 +0800
@@ -128,21 +128,21 @@ scp_v1_process(struct SCP_CONNECTION *c,
log_message(LOG_LEVEL_INFO, "starting Xvnc session...");
display = session_start(s->width, s->height, s->bpp, s->username,
s->password, data, SESMAN_SESSION_TYPE_XVNC,
- s->domain, s->program, s->directory, s->client_ip);
+ s->domain, s->program, s->directory, s->client_ip, s->guid);
}
else if (SCP_SESSION_TYPE_XRDP == s->type)
{
log_message(LOG_LEVEL_INFO, "starting X11rdp session...");
display = session_start(s->width, s->height, s->bpp, s->username,
s->password, data, SESMAN_SESSION_TYPE_XRDP,
- s->domain, s->program, s->directory, s->client_ip);
+ s->domain, s->program, s->directory, s->client_ip, s->guid);
}
else if (SCP_SESSION_TYPE_XORG == s->type)
{
log_message(LOG_LEVEL_INFO, "starting Xorg session...");
display = session_start(s->width, s->height, s->bpp, s->username,
s->password, data, SESMAN_SESSION_TYPE_XORG,
- s->domain, s->program, s->directory, s->client_ip);
+ s->domain, s->program, s->directory, s->client_ip, s->guid);
}
/* if the session started up ok, auth_end will be called on
sig child */
Index: b/sesman/session.c
===================================================================
--- a/sesman/session.c 2019-06-11 18:18:25.910383173 +0800
+++ b/sesman/session.c 2019-06-11 18:18:39.874509395 +0800
@@ -1,7 +1,7 @@
/**
* xrdp: A Remote Desktop Protocol server.
*
- * Copyright (C) Jay Sorg 2004-2013
+ * Copyright (C) Jay Sorg 2004-2015
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -27,30 +27,12 @@
#include "sesman.h"
#include "libscp_types.h"
-#include <errno.h>
-//#include <time.h>
-
-extern tbus g_sync_event;
extern unsigned char g_fixedkey[8];
extern struct config_sesman *g_cfg; /* in sesman.c */
extern int g_sck; /* in sesman.c */
-extern int g_thread_sck; /* in thread.c */
struct session_chain *g_sessions;
int g_session_count;
-static int g_sync_width;
-static int g_sync_height;
-static int g_sync_bpp;
-static char *g_sync_username;
-static char *g_sync_password;
-static char *g_sync_domain;
-static char *g_sync_program;
-static char *g_sync_directory;
-static char *g_sync_client_ip;
-static tbus g_sync_data;
-static tui8 g_sync_type;
-static int g_sync_result;
-static int g_sync_cmd;
/**
* Creates a string consisting of all parameters that is hosted in the param list
@@ -63,7 +45,6 @@ char *APP_CC
dumpItemsToString(struct list *self, char *outstr, int len)
{
int index;
- tbus item;
int totalLen = 0;
g_memset(outstr, 0, len);
@@ -95,9 +76,6 @@ session_get_bydata(char *name, int width
struct session_chain *tmp;
enum SESMAN_CFG_SESS_POLICY policy = g_cfg->sess.policy;
- /*THREAD-FIX require chain lock */
- lock_chain_acquire();
-
tmp = g_sessions;
/* convert from SCP_SESSION_TYPE namespace to SESMAN_SESSION_TYPE namespace */
@@ -114,7 +92,6 @@ session_get_bydata(char *name, int width
type = SESMAN_SESSION_TYPE_XORG;
break;
default:
- lock_chain_release();
return 0;
}
@@ -149,8 +126,6 @@ session_get_bydata(char *name, int width
tmp->item->bpp == bpp &&
tmp->item->type == type)
{
- /*THREAD-FIX release chain lock */
- lock_chain_release();
return tmp->item;
}
}
@@ -164,16 +139,12 @@ session_get_bydata(char *name, int width
tmp->item->bpp == bpp &&
tmp->item->type == type)
{
- /*THREAD-FIX release chain lock */
- lock_chain_release();
return tmp->item;
}
tmp = tmp->next;
}
- /*THREAD-FIX release chain lock */
- lock_chain_release();
return 0;
}
@@ -277,7 +248,6 @@ x_server_running(int display)
{
char text[256];
int x_running;
- int sck;
g_sprintf(text, "/tmp/.X11-unix/X%d", display);
x_running = g_file_exist(text);
@@ -319,9 +289,9 @@ session_start_sessvc(int xpid, int wmpid
/* building parameters */
g_snprintf(exe_path, 261, "%s/xrdp-sessvc", XRDP_SBIN_PATH);
- list_add_item(sessvc_params, (long)g_strdup(exe_path));
- list_add_item(sessvc_params, (long)g_strdup(xpid_str));
- list_add_item(sessvc_params, (long)g_strdup(wmpid_str));
+ list_add_item(sessvc_params, (tintptr)g_strdup(exe_path));
+ list_add_item(sessvc_params, (tintptr)g_strdup(xpid_str));
+ list_add_item(sessvc_params, (tintptr)g_strdup(wmpid_str));
list_add_item(sessvc_params, 0); /* mandatory */
env_set_user(username, 0, display,
@@ -339,7 +309,7 @@ session_start_sessvc(int xpid, int wmpid
/* no problem calling strerror for thread safety: other threads
are blocked */
log_message(LOG_LEVEL_DEBUG, "errno: %d, description: %s",
- errno, g_get_strerror());
+ g_get_errno(), g_get_strerror());
log_message(LOG_LEVEL_DEBUG, "execve parameter list:");
for (i = 0; i < (sessvc_params->count); i++)
@@ -393,7 +363,6 @@ session_get_aval_display_from_chain(void
int display;
display = g_cfg->sess.x11_display_offset;
- lock_chain_acquire();
while ((display - g_cfg->sess.x11_display_offset) <= g_cfg->sess.max_sessions)
{
@@ -401,7 +370,6 @@ session_get_aval_display_from_chain(void
{
if (!x_server_running_check_ports(display))
{
- lock_chain_release();
return display;
}
}
@@ -409,7 +377,6 @@ session_get_aval_display_from_chain(void
display++;
}
- lock_chain_release();
log_message(LOG_LEVEL_ERROR, "X server -- no display in range is available");
return 0;
}
@@ -447,7 +414,7 @@ wait_for_xserver(int display)
static int APP_CC
session_start_fork(int width, int height, int bpp, char *username,
char *password, tbus data, tui8 type, char *domain,
- char *program, char *directory, char *client_ip)
+ char *program, char *directory, char *client_ip, tui8* guid)
{
int display = 0;
int pid = 0;
@@ -519,10 +486,9 @@ session_start_fork(int width, int height
if (pid == -1)
{
}
- else if (pid == 0) /* child sesman */
+ else if (pid == 0)
{
g_tcp_close(g_sck);
- g_tcp_close(g_thread_sck);
g_sprintf(geometry, "%dx%d", width, height);
g_sprintf(depth, "%d", bpp);
g_sprintf(screen, ":%d", display);
@@ -573,7 +539,7 @@ session_start_fork(int width, int height
"wm for user %s - pid %d", username, g_getpid());
/* logging parameters */
log_message(LOG_LEVEL_DEBUG, "errno: %d, "
- "description: %s", errno, g_get_strerror());
+ "description: %s", g_get_errno(), g_get_strerror());
log_message(LOG_LEVEL_DEBUG, "execlp3 parameter "
"list:");
log_message(LOG_LEVEL_DEBUG, " argv[0] = %s",
@@ -591,7 +557,7 @@ session_start_fork(int width, int height
"wm for user %s - pid %d", username, g_getpid());
/* logging parameters */
log_message(LOG_LEVEL_DEBUG, "errno: %d, description: "
- "%s", errno, g_get_strerror());
+ "%s", g_get_errno(), g_get_strerror());
log_message(LOG_LEVEL_DEBUG, "execlp3 parameter list:");
log_message(LOG_LEVEL_DEBUG, " argv[0] = %s",
text);
@@ -606,7 +572,7 @@ session_start_fork(int width, int height
"for user %s - pid %d", username, g_getpid());
/* logging parameters */
log_message(LOG_LEVEL_DEBUG, "errno: %d, description: "
- "%s", errno, g_get_strerror());
+ "%s", g_get_errno(), g_get_strerror());
}
else
{
@@ -624,10 +590,10 @@ session_start_fork(int width, int height
g_exit(0);
}
}
- else /* parent (child sesman) */
+ else
{
- xpid = g_fork();
-
+ xpid = g_fork(); /* parent becomes scp,
+ child becomes X */
if (xpid == -1)
{
}
@@ -655,8 +621,8 @@ session_start_fork(int width, int height
xserver_params->auto_free = 1;
/* these are the must have parameters */
- list_add_item(xserver_params, (long) g_strdup("/usr/bin/Xorg"));
- list_add_item(xserver_params, (long) g_strdup(screen));
+ list_add_item(xserver_params, (tintptr) g_strdup("/usr/bin/Xorg"));
+ list_add_item(xserver_params, (tintptr) g_strdup(screen));
/* additional parameters from sesman.ini file */
list_append_list_strdup(g_cfg->xorg_params, xserver_params, 0);
@@ -680,19 +646,21 @@ session_start_fork(int width, int height
}
else if (type == SESMAN_SESSION_TYPE_XVNC)
{
- env_check_password_file(passwd_file, password);
+ char guid_str[64];
+ g_bytes_to_hexstr(guid, 16, guid_str, 64);
+ env_check_password_file(passwd_file, guid_str);
xserver_params = list_create();
xserver_params->auto_free = 1;
/* these are the must have parameters */
- list_add_item(xserver_params, (long)g_strdup("Xvnc"));
- list_add_item(xserver_params, (long)g_strdup(screen));
- list_add_item(xserver_params, (long)g_strdup("-geometry"));
- list_add_item(xserver_params, (long)g_strdup(geometry));
- list_add_item(xserver_params, (long)g_strdup("-depth"));
- list_add_item(xserver_params, (long)g_strdup(depth));
- list_add_item(xserver_params, (long)g_strdup("-rfbauth"));
- list_add_item(xserver_params, (long)g_strdup(passwd_file));
+ list_add_item(xserver_params, (tintptr)g_strdup("Xvnc"));
+ list_add_item(xserver_params, (tintptr)g_strdup(screen));
+ list_add_item(xserver_params, (tintptr)g_strdup("-geometry"));
+ list_add_item(xserver_params, (tintptr)g_strdup(geometry));
+ list_add_item(xserver_params, (tintptr)g_strdup("-depth"));
+ list_add_item(xserver_params, (tintptr)g_strdup(depth));
+ list_add_item(xserver_params, (tintptr)g_strdup("-rfbauth"));
+ list_add_item(xserver_params, (tintptr)g_strdup(passwd_file));
/* additional parameters from sesman.ini file */
//config_read_xserver_params(SESMAN_SESSION_TYPE_XVNC,
@@ -711,12 +679,12 @@ session_start_fork(int width, int height
xserver_params->auto_free = 1;
/* these are the must have parameters */
- list_add_item(xserver_params, (long)g_strdup("X11rdp"));
- list_add_item(xserver_params, (long)g_strdup(screen));
- list_add_item(xserver_params, (long)g_strdup("-geometry"));
- list_add_item(xserver_params, (long)g_strdup(geometry));
- list_add_item(xserver_params, (long)g_strdup("-depth"));
- list_add_item(xserver_params, (long)g_strdup(depth));
+ list_add_item(xserver_params, (tintptr)g_strdup("X11rdp"));
+ list_add_item(xserver_params, (tintptr)g_strdup(screen));
+ list_add_item(xserver_params, (tintptr)g_strdup("-geometry"));
+ list_add_item(xserver_params, (tintptr)g_strdup(geometry));
+ list_add_item(xserver_params, (tintptr)g_strdup("-depth"));
+ list_add_item(xserver_params, (tintptr)g_strdup(depth));
/* additional parameters from sesman.ini file */
//config_read_xserver_params(SESMAN_SESSION_TYPE_XRDP,
@@ -742,7 +710,7 @@ session_start_fork(int width, int height
/* logging parameters */
log_message(LOG_LEVEL_DEBUG, "errno: %d, description: "
- "%s", errno, g_get_strerror());
+ "%s", g_get_errno(), g_get_strerror());
log_message(LOG_LEVEL_DEBUG, "execve parameter list size: "
"%d", (xserver_params)->count);
@@ -755,7 +723,7 @@ session_start_fork(int width, int height
list_delete(xserver_params);
g_exit(1);
}
- else /* parent (child sesman)*/
+ else
{
wait_for_xserver(display);
g_snprintf(text, 255, "%d", display);
@@ -767,7 +735,7 @@ session_start_fork(int width, int height
}
}
}
- else /* parent sesman process */
+ else
{
temp->item->pid = pid;
temp->item->display = display;
@@ -777,6 +745,7 @@ session_start_fork(int width, int height
temp->item->data = data;
g_strncpy(temp->item->client_ip, client_ip, 255); /* store client ip data */
g_strncpy(temp->item->name, username, 255);
+ g_memcpy(temp->item->guid, guid, 16);
ltime = g_time1();
localtime_r(<ime, &stime);
@@ -791,16 +760,10 @@ session_start_fork(int width, int height
temp->item->type = type;
temp->item->status = SESMAN_SESSION_STATUS_ACTIVE;
- /*THREAD-FIX require chain lock */
- lock_chain_acquire();
-
temp->next = g_sessions;
g_sessions = temp;
g_session_count++;
- /*THREAD-FIX release chain lock */
- lock_chain_release();
-
return display;
}
@@ -845,34 +808,10 @@ session_reconnect_fork(int display, char
int DEFAULT_CC
session_start(int width, int height, int bpp, char *username, char *password,
long data, tui8 type, char *domain, char *program,
- char *directory, char *client_ip)
+ char *directory, char *client_ip, tui8* guid)
{
- int display;
-
- /* lock mutex */
- lock_sync_acquire();
- /* set shared vars */
- g_sync_cmd = 0;
- g_sync_width = width;
- g_sync_height = height;
- g_sync_bpp = bpp;
- g_sync_username = username;
- g_sync_password = password;
- g_sync_domain = domain;
- g_sync_program = program;
- g_sync_directory = directory;
- g_sync_client_ip = client_ip;
- g_sync_data = data;
- g_sync_type = type;
- /* set event for main thread to see */
- g_set_wait_obj(g_sync_event);
- /* wait for main thread to get done */
- lock_sync_sem_acquire();
- /* read result(display) from shared var */
- display = g_sync_result;
- /* unlock mutex */
- lock_sync_release();
- return display;
+ return session_start_fork(width, height, bpp, username, password, data,
+ type, domain, program, directory, client_ip, guid);
}
/******************************************************************************/
@@ -881,42 +820,7 @@ session_start(int width, int height, int
int DEFAULT_CC
session_reconnect(int display, char *username)
{
- /* lock mutex */
- lock_sync_acquire();
- /* set shared vars */
- g_sync_cmd = 1;
- g_sync_width = display;
- g_sync_username = username;
- /* set event for main thread to see */
- g_set_wait_obj(g_sync_event);
- /* wait for main thread to get done */
- lock_sync_sem_acquire();
- /* unlock mutex */
- lock_sync_release();
- return 0;
-}
-
-/******************************************************************************/
-/* called with the main thread */
-int APP_CC
-session_sync_start(void)
-{
- if (g_sync_cmd == 0)
- {
- g_sync_result = session_start_fork(g_sync_width, g_sync_height, g_sync_bpp,
- g_sync_username, g_sync_password,
- g_sync_data, g_sync_type, g_sync_domain,
- g_sync_program, g_sync_directory,
- g_sync_client_ip);
- }
- else
- {
- /* g_sync_width is really display */
- g_sync_result = session_reconnect_fork(g_sync_width, g_sync_username);
- }
-
- lock_sync_sem_release();
- return 0;
+ return session_reconnect_fork(display, username);
}
/******************************************************************************/
@@ -926,9 +830,6 @@ session_kill(int pid)
struct session_chain *tmp;
struct session_chain *prev;
- /*THREAD-FIX require chain lock */
- lock_chain_acquire();
-
tmp = g_sessions;
prev = 0;
@@ -950,8 +851,6 @@ session_kill(int pid)
prev->next = tmp->next;
}
- /*THREAD-FIX release chain lock */
- lock_chain_release();
return SESMAN_SESSION_KILL_NULLITEM;
}
@@ -976,8 +875,6 @@ session_kill(int pid)
g_free(tmp);
g_session_count--;
- /*THREAD-FIX release chain lock */
- lock_chain_release();
return SESMAN_SESSION_KILL_OK;
}
@@ -986,8 +883,6 @@ session_kill(int pid)
tmp = tmp->next;
}
- /*THREAD-FIX release chain lock */
- lock_chain_release();
return SESMAN_SESSION_KILL_NOTFOUND;
}
@@ -997,9 +892,6 @@ session_sigkill_all()
{
struct session_chain *tmp;
- /*THREAD-FIX require chain lock */
- lock_chain_acquire();
-
tmp = g_sessions;
while (tmp != 0)
@@ -1017,9 +909,6 @@ session_sigkill_all()
/* go on */
tmp = tmp->next;
}
-
- /*THREAD-FIX release chain lock */
- lock_chain_release();
}
/******************************************************************************/
@@ -1037,9 +926,6 @@ session_get_bypid(int pid)
return 0;
}
- /*THREAD-FIX require chain lock */
- lock_chain_acquire();
-
tmp = g_sessions;
while (tmp != 0)
@@ -1048,18 +934,13 @@ session_get_bypid(int pid)
{
log_message(LOG_LEVEL_ERROR, "session descriptor for "
"pid %d is null!", pid);
- /*THREAD-FIX release chain lock */
- lock_chain_release();
g_free(dummy);
return 0;
}
if (tmp->item->pid == pid)
{
- /*THREAD-FIX release chain lock */
g_memcpy(dummy, tmp->item, sizeof(struct session_item));
- lock_chain_release();
- /*return tmp->item;*/
return dummy;
}
@@ -1067,8 +948,6 @@ session_get_bypid(int pid)
tmp = tmp->next;
}
- /*THREAD-FIX release chain lock */
- lock_chain_release();
g_free(dummy);
return 0;
}
@@ -1084,9 +963,6 @@ session_get_byuser(char *user, int *cnt,
count = 0;
- /*THREAD-FIX require chain lock */
- lock_chain_acquire();
-
tmp = g_sessions;
while (tmp != 0)
@@ -1112,8 +988,6 @@ session_get_byuser(char *user, int *cnt,
if (count == 0)
{
(*cnt) = 0;
- /*THREAD-FIX release chain lock */
- lock_chain_release();
return 0;
}
@@ -1123,8 +997,6 @@ session_get_byuser(char *user, int *cnt,
if (sess == 0)
{
(*cnt) = 0;
- /*THREAD-FIX release chain lock */
- lock_chain_release();
return 0;
}
@@ -1133,7 +1005,7 @@ session_get_byuser(char *user, int *cnt,
while (tmp != 0)
{
-#warning FIXME: we should get only disconnected sessions!
+/* #warning FIXME: we should get only disconnected sessions! */
if ((NULL == user) || (!g_strncasecmp(user, tmp->item->name, 256)))
{
if ((tmp->item->status) & flags)
@@ -1143,7 +1015,7 @@ session_get_byuser(char *user, int *cnt,
(sess[index]).height = tmp->item->height;
(sess[index]).width = tmp->item->width;
(sess[index]).bpp = tmp->item->bpp;
-#warning FIXME: setting idle times and such
+/* #warning FIXME: setting idle times and such */
/*(sess[index]).connect_time.year = tmp->item->connect_time.year;
(sess[index]).connect_time.month = tmp->item->connect_time.month;
(sess[index]).connect_time.day = tmp->item->connect_time.day;
@@ -1176,8 +1048,6 @@ session_get_byuser(char *user, int *cnt,
tmp = tmp->next;
}
- /*THREAD-FIX release chain lock */
- lock_chain_release();
(*cnt) = count;
return sess;
}
Index: b/sesman/session.h
===================================================================
--- a/sesman/session.h 2016-08-01 15:28:23.000000000 +0800
+++ b/sesman/session.h 2019-06-11 18:18:26.754390801 +0800
@@ -76,6 +76,7 @@ struct session_item
struct session_date disconnect_time;
struct session_date idle_time;
char client_ip[256];
+ tui8 guid[16];
};
struct session_chain
@@ -105,22 +106,13 @@ session_get_bydata(char* name, int width
int DEFAULT_CC
session_start(int width, int height, int bpp, char* username, char* password,
long data, tui8 type, char* domain, char* program,
- char* directory, char* client_ip);
+ char* directory, char* client_ip, tui8* guid);
int DEFAULT_CC
session_reconnect(int display, char* username);
/**
*
- * @brief starts a session
- * @return error
- *
- */
-int APP_CC
-session_sync_start(void);
-
-/**
- *
* @brief kills a session
* @param pid the pid of the session to be killed
* @return
Index: b/vnc/vnc.c
===================================================================
--- a/vnc/vnc.c 2019-06-11 18:18:25.490379376 +0800
+++ b/vnc/vnc.c 2019-06-11 19:46:35.396855364 +0800
@@ -21,19 +21,55 @@
#include "vnc.h"
#include "log.h"
+#include "ssl_calls.h"
/******************************************************************************/
/* taken from vncauth.c */
-void DEFAULT_CC
-rfbEncryptBytes(char *bytes, char *passwd)
+/* performing the des3 crypt on the password so it can not be seen
+ on the wire
+ 'bytes' in, contains 16 bytes server random
+ out, random and 'passwd' conbined */
+static void APP_CC
+rfbEncryptBytes(char *bytes, const char *passwd)
{
- char key[12];
+ char key[24];
+ void *des;
+ int len;
/* key is simply password padded with nulls */
g_memset(key, 0, sizeof(key));
- g_strncpy(key, passwd, 8);
- rfbDesKey((unsigned char *)key, EN0); /* 0, encrypt */
- rfbDes((unsigned char *)bytes, (unsigned char *)bytes);
- rfbDes((unsigned char *)(bytes + 8), (unsigned char *)(bytes + 8));
+ len = MIN(g_strlen(passwd), 8);
+ g_mirror_memcpy(key, passwd, len);
+ des = ssl_des3_encrypt_info_create(key, 0);
+ ssl_des3_encrypt(des, 8, bytes, bytes);
+ ssl_des3_info_delete(des);
+ des = ssl_des3_encrypt_info_create(key, 0);
+ ssl_des3_encrypt(des, 8, bytes + 8, bytes + 8);
+ ssl_des3_info_delete(des);
+}
+
+/******************************************************************************/
+/* sha1 hash 'passwd', create a string from the hash and call rfbEncryptBytes */
+static void APP_CC
+rfbHashEncryptBytes(char *bytes, char *passwd)
+{
+ char passwd_hash[20];
+ char passwd_hash_text[40];
+ void *sha1;
+ int passwd_bytes;
+
+ /* create password hash from password */
+ passwd_bytes = g_strlen(passwd);
+ sha1 = ssl_sha1_info_create();
+ ssl_sha1_transform(sha1, "xrdp_vnc", 8);
+ ssl_sha1_transform(sha1, passwd, passwd_bytes);
+ ssl_sha1_transform(sha1, passwd, passwd_bytes);
+ ssl_sha1_complete(sha1, passwd_hash);
+ ssl_sha1_info_delete(sha1);
+ g_snprintf(passwd_hash_text, 39, "%2.2x%2.2x%2.2x%2.2x",
+ (tui8)passwd_hash[0], (tui8)passwd_hash[1],
+ (tui8)passwd_hash[2], (tui8)passwd_hash[3]);
+ passwd_hash_text[39] = 0;
+ rfbEncryptBytes(bytes, passwd_hash_text);
}
/******************************************************************************/
@@ -1037,7 +1073,19 @@ lib_mod_connect(struct vnc *v)
if (error == 0)
{
- rfbEncryptBytes(s->data, v->password);
+ init_stream(s, 8192);
+ if (v->got_guid)
+ {
+ char guid_str[64];
+ g_bytes_to_hexstr(v->guid, 16, guid_str, 64);
+ rfbHashEncryptBytes(s->data, guid_str);
+ }
+ else
+ {
+ rfbEncryptBytes(s->data, v->password);
+ }
+ s->p += 16;
+ s_mark_end(s);
error = lib_send(v, s->data, 16);
check_sec_result = 1; // not needed
}
@@ -1351,6 +1399,11 @@ lib_mod_set_param(struct vnc *v, char *n
{
v->delay_ms = g_atoi(value);
}
+ else if (g_strcasecmp(name, "guid") == 0)
+ {
+ v->got_guid = 1;
+ g_memcpy(v->guid, value, 16);
+ }
return 0;
}
Index: b/vnc/vnc.h
===================================================================
--- a/vnc/vnc.h 2016-08-01 15:28:23.000000000 +0800
+++ b/vnc/vnc.h 2019-06-11 18:18:39.874509395 +0800
@@ -116,4 +116,6 @@ struct vnc
int clip_data_size;
tbus sck_obj;
int delay_ms;
+ int got_guid;
+ tui8 guid[16];
};
Index: b/xrdp/xrdp_mm.c
===================================================================
--- a/xrdp/xrdp_mm.c 2019-06-11 18:18:26.150385342 +0800
+++ b/xrdp/xrdp_mm.c 2019-06-11 18:18:40.970519302 +0800
@@ -504,7 +504,7 @@ xrdp_mm_setup_mod1(struct xrdp_mm *self)
/*****************************************************************************/
static int APP_CC
-xrdp_mm_setup_mod2(struct xrdp_mm *self)
+xrdp_mm_setup_mod2(struct xrdp_mm *self, tui8 *guid)
{
char text[256];
char *name;
@@ -584,6 +584,10 @@ xrdp_mm_setup_mod2(struct xrdp_mm *self)
self->mod->mod_set_param(self->mod, "hostname", name);
g_snprintf(text, 255, "%d", self->wm->session->client_info->keylayout);
self->mod->mod_set_param(self->mod, "keylayout", text);
+ if (guid != 0)
+ {
+ self->mod->mod_set_param(self->mod, "guid", (char *) guid);
+ }
for (i = 0; i < self->login_names->count; i++)
{
@@ -1211,11 +1215,18 @@ xrdp_mm_process_login_response(struct xr
char text[256];
char ip[256];
char port[256];
+ tui8 guid[16];
+ tui8* pguid;
rv = 0;
in_uint16_be(s, ok);
in_uint16_be(s, display);
-
+ pguid = 0;
+ if (s_check_rem(s, 16))
+ {
+ in_uint8a(s, guid, 16);
+ pguid = guid;
+ }
if (ok)
{
self->display = display;
@@ -1225,7 +1236,7 @@ xrdp_mm_process_login_response(struct xr
if (xrdp_mm_setup_mod1(self) == 0)
{
- if (xrdp_mm_setup_mod2(self) == 0)
+ if (xrdp_mm_setup_mod2(self, pguid) == 0)
{
xrdp_mm_get_value(self, "ip", ip, 255);
xrdp_wm_set_login_mode(self->wm, 10);
@@ -1885,7 +1896,7 @@ xrdp_mm_connect(struct xrdp_mm *self)
{
if (xrdp_mm_setup_mod1(self) == 0)
{
- if (xrdp_mm_setup_mod2(self) == 0)
+ if (xrdp_mm_setup_mod2(self, 0) == 0)
{
xrdp_wm_set_login_mode(self->wm, 10);
rv = 0; /*sucess*/
Index: b/sesman/env.c
===================================================================
--- a/sesman/env.c 2019-06-11 18:18:25.702381293 +0800
+++ b/sesman/env.c 2019-06-11 19:47:05.889122108 +0800
@@ -27,6 +27,7 @@
#include "list.h"
#include "sesman.h"
+#include "ssl_calls.h"
#include "sys/types.h"
#include "grp.h"
@@ -36,30 +37,51 @@ extern struct config_sesman *g_cfg; /*
/******************************************************************************/
int DEFAULT_CC
-env_check_password_file(char *filename, char *password)
+env_check_password_file(char *filename, char *passwd)
{
char encryptedPasswd[16];
+ char key[24];
+ char passwd_hash[20];
+ char passwd_hash_text[40];
int fd;
-
- g_memset(encryptedPasswd, 0, 16);
- g_strncpy(encryptedPasswd, password, 8);
- rfbDesKey(g_fixedkey, 0);
- rfbDes((unsigned char *)encryptedPasswd, (unsigned char *)encryptedPasswd);
- fd = g_file_open(filename);
-
+ int passwd_bytes;
+ void *des;
+ void *sha1;
+
+ /* create password hash from password */
+ passwd_bytes = g_strlen(passwd);
+ sha1 = ssl_sha1_info_create();
+ ssl_sha1_transform(sha1, "xrdp_vnc", 8);
+ ssl_sha1_transform(sha1, passwd, passwd_bytes);
+ ssl_sha1_transform(sha1, passwd, passwd_bytes);
+ ssl_sha1_complete(sha1, passwd_hash);
+ ssl_sha1_info_delete(sha1);
+ g_snprintf(passwd_hash_text, 39, "%2.2x%2.2x%2.2x%2.2x",
+ (tui8)passwd_hash[0], (tui8)passwd_hash[1],
+ (tui8)passwd_hash[2], (tui8)passwd_hash[3]);
+ passwd_hash_text[39] = 0;
+ passwd = passwd_hash_text;
+
+ /* create file from password */
+ g_memset(encryptedPasswd, 0, sizeof(encryptedPasswd));
+ g_strncpy(encryptedPasswd, passwd, 8);
+ g_memset(key, 0, sizeof(key));
+ g_mirror_memcpy(key, g_fixedkey, 8);
+ des = ssl_des3_encrypt_info_create(key, 0);
+ ssl_des3_encrypt(des, 8, encryptedPasswd, encryptedPasswd);
+ ssl_des3_info_delete(des);
+ fd = g_file_open_ex(filename, 0, 1, 1, 1);
if (fd == -1)
{
log_message(LOG_LEVEL_WARNING,
- "can't read vnc password file - %s",
- filename);
+ "Cannot write VNC password hash to file %s: %s",
+ filename, g_get_strerror());
return 1;
}
-
g_file_write(fd, encryptedPasswd, 8);
g_file_close(fd);
return 0;
}
-
/******************************************************************************/
int DEFAULT_CC
env_set_user(char *username, char *passwd_file, int display,
Index: b/sesman/Makefile.am
===================================================================
--- a/sesman/Makefile.am 2016-08-01 15:28:23.000000000 +0800
+++ b/sesman/Makefile.am 2019-06-11 18:18:26.754390801 +0800
@@ -1,4 +1,4 @@
-EXTRA_DIST = sesman.ini startwm.sh sesman.h access.h auth.h config.h env.h lock.h scp.h scp_v0.h scp_v1.h scp_v1_mng.h session.h sig.h thread.h
+EXTRA_DIST = sesman.ini startwm.sh sesman.h access.h auth.h config.h env.h scp.h scp_v0.h scp_v1.h scp_v1_mng.h session.h sig.h
AM_CFLAGS = \
-DXRDP_CFG_PATH=\"${sysconfdir}/xrdp\" \
@@ -44,8 +44,6 @@ xrdp_sesman_SOURCES = \
sesman.c \
session.c \
sig.c \
- thread.c \
- lock.c \
access.c \
config.c \
env.c \
Index: b/sesman/lock.c
===================================================================
--- a/sesman/lock.c 2016-08-01 15:28:23.000000000 +0800
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
@@ -1,121 +0,0 @@
-/**
- * xrdp: A Remote Desktop Protocol server.
- *
- * Copyright (C) Jay Sorg 2004-2013
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * session manager
- * linux only
- */
-
-#include "sesman.h"
-
-extern struct config_sesman *g_cfg; /* in sesman.c */
-
-static tbus g_sync_mutex = 0;
-static tbus g_lock_chain = 0;
-static tbus g_sync_sem = 0;
-static tbus g_lock_socket = 0;
-
-/******************************************************************************/
-void APP_CC
-lock_init(void)
-{
- g_sync_mutex = tc_mutex_create();
- g_lock_chain = tc_mutex_create();
- g_sync_sem = tc_sem_create(0);
- g_lock_socket = tc_sem_create(1);
-}
-
-/******************************************************************************/
-void APP_CC
-lock_deinit(void)
-{
- tc_mutex_delete(g_sync_mutex);
- tc_mutex_delete(g_lock_chain);
- tc_sem_delete(g_sync_sem);
- tc_sem_delete(g_lock_socket);
-}
-
-/******************************************************************************/
-void APP_CC
-lock_chain_acquire(void)
-{
- /* lock the chain */
- LOG_DBG("lock_chain_acquire()");
- tc_mutex_lock(g_lock_chain);
-}
-
-/******************************************************************************/
-void APP_CC
-lock_chain_release(void)
-{
- /* unlock the chain */
- LOG_DBG("lock_chain_release()");
- tc_mutex_unlock(g_lock_chain);
-}
-
-/******************************************************************************/
-void APP_CC
-lock_socket_acquire(void)
-{
- /* lock socket variable */
- LOG_DBG("lock_socket_acquire()");
- tc_sem_dec(g_lock_socket);
-}
-
-/******************************************************************************/
-void APP_CC
-lock_socket_release(void)
-{
- /* unlock socket variable */
- LOG_DBG("lock_socket_release()");
- tc_sem_inc(g_lock_socket);
-}
-
-/******************************************************************************/
-void APP_CC
-lock_sync_acquire(void)
-{
- /* lock sync variable */
- LOG_DBG("lock_sync_acquire()");
- tc_mutex_lock(g_sync_mutex);
-}
-
-/******************************************************************************/
-void APP_CC
-lock_sync_release(void)
-{
- /* unlock socket variable */
- LOG_DBG("lock_sync_release()");
- tc_mutex_unlock(g_sync_mutex);
-}
-
-/******************************************************************************/
-void APP_CC
-lock_sync_sem_acquire(void)
-{
- /* dec sem */
- LOG_DBG("lock_sync_sem_acquire()");
- tc_sem_dec(g_sync_sem);
-}
-
-/******************************************************************************/
-void APP_CC
-lock_sync_sem_release(void)
-{
- /* inc sem */
- LOG_DBG("lock_sync_sem_release()");
- tc_sem_inc(g_sync_sem);
-}
Index: b/sesman/lock.h
===================================================================
--- a/sesman/lock.h 2016-08-01 15:28:23.000000000 +0800
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
@@ -1,104 +0,0 @@
-/**
- * xrdp: A Remote Desktop Protocol server.
- *
- * Copyright (C) Jay Sorg 2004-2013
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef LOCK_H
-#define LOCK_H
-
-#include "sesman.h"
-
-/**
- *
- * @brief initializes all the locks
- *
- */
-void APP_CC
-lock_init(void);
-
-/**
- *
- * @brief cleanup all the locks
- *
- */
-void APP_CC
-lock_deinit(void);
-
-/**
- *
- * @brief acquires the lock for the session chain
- *
- */
-void APP_CC
-lock_chain_acquire(void);
-
-/**
- *
- * @brief releases the session chain lock
- *
- */
-void APP_CC
-lock_chain_release(void);
-
-/**
- *
- * @brief request the socket lock
- *
- */
-void APP_CC
-lock_socket_acquire(void);
-
-/**
- *
- * @brief releases the socket lock
- *
- */
-void APP_CC
-lock_socket_release(void);
-
-/**
- *
- * @brief request the main sync lock
- *
- */
-void APP_CC
-lock_sync_acquire(void);
-
-/**
- *
- * @brief releases the main sync lock
- *
- */
-void APP_CC
-lock_sync_release(void);
-
-/**
- *
- * @brief request the sync sem lock
- *
- */
-void APP_CC
-lock_sync_sem_acquire(void);
-
-/**
- *
- * @brief releases the sync sem lock
- *
- */
-void APP_CC
-lock_sync_sem_release(void);
-
-#endif
Index: b/sesman/scp.c
===================================================================
--- a/sesman/scp.c 2016-08-01 15:28:23.000000000 +0800
+++ b/sesman/scp.c 2019-06-11 18:18:26.754390801 +0800
@@ -1,7 +1,7 @@
/**
* xrdp: A Remote Desktop Protocol server.
*
- * Copyright (C) Jay Sorg 2004-2013
+ * Copyright (C) Jay Sorg 2004-2015
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -29,7 +29,6 @@
#include "sesman.h"
-extern int g_thread_sck; /* in thread.c */
extern struct config_sesman *g_cfg; /* in sesman.c */
/******************************************************************************/
@@ -39,14 +38,9 @@ scp_process_start(void *sck)
struct SCP_CONNECTION scon;
struct SCP_SESSION *sdata;
- /* making a local copy of the socket (it's on the stack) */
- /* probably this is just paranoia */
- scon.in_sck = g_thread_sck;
+ scon.in_sck = (int)(tintptr)sck;
LOG_DBG("started scp thread on socket %d", scon.in_sck);
- /* unlocking g_thread_sck */
- lock_socket_release();
-
make_stream(scon.in_s);
make_stream(scon.out_s);
Index: b/sesman/sesman.c
===================================================================
--- a/sesman/sesman.c 2016-08-01 15:28:23.000000000 +0800
+++ b/sesman/sesman.c 2019-06-11 18:19:26.874934235 +0800
@@ -1,7 +1,7 @@
/**
* xrdp: A Remote Desktop Protocol server.
*
- * Copyright (C) Jay Sorg 2004-2013
+ * Copyright (C) Jay Sorg 2004-2015
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -31,10 +31,7 @@ int g_pid;
unsigned char g_fixedkey[8] = { 23, 82, 107, 6, 35, 78, 88, 7 };
struct config_sesman *g_cfg; /* defined in config.h */
-tbus g_term_event = 0;
-tbus g_sync_event = 0;
-
-extern int g_thread_sck; /* in thread.c */
+tintptr g_term_event = 0;
/******************************************************************************/
/**
@@ -49,6 +46,7 @@ sesman_main_loop(void)
int error;
int robjs_count;
int cont;
+ int pid;
tbus sck_obj;
tbus robjs[8];
@@ -80,7 +78,6 @@ sesman_main_loop(void)
robjs_count = 0;
robjs[robjs_count++] = sck_obj;
robjs[robjs_count++] = g_term_event;
- robjs[robjs_count++] = g_sync_event;
/* wait */
if (g_obj_wait(robjs, robjs_count, 0, 0, -1) != 0)
@@ -94,12 +91,6 @@ sesman_main_loop(void)
break;
}
- if (g_is_wait_obj_set(g_sync_event)) /* sync */
- {
- g_reset_wait_obj(g_sync_event);
- session_sync_start();
- }
-
if (g_is_wait_obj_set(sck_obj)) /* incoming connection */
{
in_sck = g_tcp_accept(g_sck);
@@ -118,8 +109,8 @@ sesman_main_loop(void)
{
/* we've got a connection, so we pass it to scp code */
LOG_DBG("new connection");
- thread_scp_start(in_sck);
- /* todo, do we have to wait here ? */
+ scp_process_start((void*)(tintptr)in_sck);
+ g_tcp_close(in_sck);
}
}
}
@@ -138,9 +129,7 @@ sesman_main_loop(void)
"port '%s': %d (%s)", g_cfg->listen_port,
g_get_errno(), g_get_strerror());
}
-
- if (g_sck != -1)
- g_tcp_close(g_sck);
+ g_tcp_close(g_sck);
}
/******************************************************************************/
@@ -292,6 +281,9 @@ main(int argc, char **argv)
g_writeln("error opening log file [%s]. quitting.",
getLogFile(text, 255));
break;
+ default:
+ g_writeln("error");
+ break;
}
g_deinit();
@@ -329,9 +321,6 @@ main(int argc, char **argv)
}
}
- /* initializing locks */
- lock_init();
-
/* signal handling */
g_pid = g_getpid();
/* old style signal handling is now managed synchronously by a
@@ -387,8 +376,6 @@ main(int argc, char **argv)
g_snprintf(text, 255, "xrdp_sesman_%8.8x_main_term", g_pid);
g_term_event = g_create_wait_obj(text);
- g_snprintf(text, 255, "xrdp_sesman_%8.8x_main_sync", g_pid);
- g_sync_event = g_create_wait_obj(text);
sesman_main_loop();
@@ -399,7 +386,6 @@ main(int argc, char **argv)
}
g_delete_wait_obj(g_term_event);
- g_delete_wait_obj(g_sync_event);
if (!daemon)
{
Index: b/sesman/sesman.h
===================================================================
--- a/sesman/sesman.h 2016-08-01 15:28:23.000000000 +0800
+++ b/sesman/sesman.h 2019-06-11 18:18:26.754390801 +0800
@@ -44,9 +44,6 @@
#include "session.h"
#include "access.h"
#include "scp.h"
-#include "thread.h"
-#include "lock.h"
-#include "thread_calls.h"
#include "libscp.h"
Index: b/sesman/thread.c
===================================================================
--- a/sesman/thread.c 2016-08-01 15:28:23.000000000 +0800
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
@@ -1,173 +0,0 @@
-/**
- * xrdp: A Remote Desktop Protocol server.
- *
- * Copyright (C) Jay Sorg 2004-2013
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- *
- * @file thread.c
- * @brief thread stuff...
- * @author Simone Fedele
- *
- */
-
-#include "sesman.h"
-
-#include <errno.h>
-#include <signal.h>
-#include <pthread.h>
-
-extern struct config_sesman *g_cfg; /* in sesman.c */
-
-static pthread_t g_thread_sighandler;
-//static pthread_t g_thread_updater;
-
-/* a variable to pass the socket of s connection to a thread */
-int g_thread_sck;
-
-/******************************************************************************/
-int DEFAULT_CC
-thread_sighandler_start(void)
-{
- int ret;
- sigset_t sigmask;
- sigset_t oldmask;
- sigset_t waitmask;
-
- /* mask signals to be able to wait for them... */
- sigfillset(&sigmask);
- pthread_sigmask(SIG_BLOCK, &sigmask, &oldmask);
-
- /* unblock some signals... */
- sigemptyset(&waitmask);
-
- /* it is a good idea not to block SIGILL SIGSEGV */
- /* SIGFPE -- see sigaction(2) NOTES */
- sigaddset(&waitmask, SIGILL);
- sigaddset(&waitmask, SIGSEGV);
- sigaddset(&waitmask, SIGFPE);
- pthread_sigmask(SIG_UNBLOCK, &waitmask, NULL);
-
- log_message(LOG_LEVEL_INFO, "starting signal handling thread...");
-
- ret = pthread_create(&g_thread_sighandler, NULL, sig_handler_thread, "");
- pthread_detach(g_thread_sighandler);
-
- if (ret == 0)
- {
- log_message(LOG_LEVEL_INFO, "signal handler thread started successfully");
- return 0;
- }
-
- /* if something happened while starting a new thread... */
- switch (ret)
- {
- case EINVAL:
- log_message(LOG_LEVEL_ERROR, "invalid attributes for signal handling thread (creation returned EINVAL)");
- break;
- case EAGAIN:
- log_message(LOG_LEVEL_ERROR, "not enough resources to start signal handling thread (creation returned EAGAIN)");
- break;
- case EPERM:
- log_message(LOG_LEVEL_ERROR, "invalid permissions for signal handling thread (creation returned EPERM)");
- break;
- default:
- log_message(LOG_LEVEL_ERROR, "unknown error starting signal handling thread");
- }
-
- return 1;
-}
-
-#ifdef JUST_TO_AVOID_COMPILER_ERRORS
-/******************************************************************************/
-int DEFAULT_CC
-thread_session_update_start(void)
-{
- int ret;
- //starts the session update thread
- //that checks for idle time, destroys sessions, ecc...
-
-#warning this thread should always request lock_fork before read or write
-#warning (so we can Fork() In Peace)
- ret = pthread_create(&g_thread_updater, NULL, , "");
- pthread_detach(g_thread_updater);
-
- if (ret == 0)
- {
- log_message(&(g_cfg->log), LOG_LEVEL_INFO, "session update thread started successfully");
- return 0;
- }
-
- /* if something happened while starting a new thread... */
- switch (ret)
- {
- case EINVAL:
- log_message(LOG_LEVEL_ERROR, "invalid attributes for session update thread (creation returned EINVAL)");
- break;
- case EAGAIN:
- log_message(LOG_LEVEL_ERROR, "not enough resources to start session update thread (creation returned EAGAIN)");
- break;
- case EPERM:
- log_message(LOG_LEVEL_ERROR, "invalid permissions for session update thread (creation returned EPERM)");
- break;
- default:
- log_message(LOG_LEVEL_ERROR, "unknown error starting session update thread");
- }
-
- return 1;
-}
-#endif
-
-/******************************************************************************/
-int DEFAULT_CC
-thread_scp_start(int skt)
-{
- int ret;
- pthread_t th;
-
- /* blocking the use of thread_skt */
- lock_socket_acquire();
- g_thread_sck = skt;
-
- /* start a thread that processes a connection */
- ret = pthread_create(&th, NULL, scp_process_start, "");
- //ret = pthread_create(&th, NULL, scp_process_start, (void*) (&g_thread_sck));
- pthread_detach(th);
-
- if (ret == 0)
- {
- log_message(LOG_LEVEL_INFO, "scp thread on sck %d started successfully", skt);
- return 0;
- }
-
- /* if something happened while starting a new thread... */
- switch (ret)
- {
- case EINVAL:
- log_message(LOG_LEVEL_ERROR, "invalid attributes for scp thread on sck %d (creation returned EINVAL)", skt);
- break;
- case EAGAIN:
- log_message(LOG_LEVEL_ERROR, "not enough resources to start scp thread on sck %d (creation returned EAGAIN)", skt);
- break;
- case EPERM:
- log_message(LOG_LEVEL_ERROR, "invalid permissions for scp thread on sck %d (creation returned EPERM)", skt);
- break;
- default:
- log_message(LOG_LEVEL_ERROR, "unknown error starting scp thread on sck %d");
- }
-
- return 1;
-}
Index: b/sesman/thread.h
===================================================================
--- a/sesman/thread.h 2016-08-01 15:28:23.000000000 +0800
+++ /dev/null 1970-01-01 00:00:00.000000000 +0000
@@ -1,56 +0,0 @@
-/**
- * xrdp: A Remote Desktop Protocol server.
- *
- * Copyright (C) Jay Sorg 2004-2013
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- *
- * @file thread.h
- * @brief thread stuff...
- * @author Simone Fedele
- *
- */
-
-#ifndef THREAD_H
-#define THREAD_H
-
-/**
- *
- * @brief Starts the signal handling thread
- * @retval 0 on success
- * @retval 1 on error
- *
- */
-int DEFAULT_CC
-thread_sighandler_start(void);
-
-/**
- *
- * @brief Starts the session update thread
- *
- */
-int DEFAULT_CC
-thread_session_update_start(void);
-
-/**
- *
- * @brief Starts a thread to handle an incoming connection
- *
- */
-int DEFAULT_CC
-thread_scp_start(int skt);
-
-#endif
