diff --git a/xrdp-0.9.2.tar.gz b/xrdp-0.9.2.tar.gz deleted file mode 100644 index 54e9ab7..0000000 --- a/xrdp-0.9.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2179c324d2223ad30011b53ad6c5d215fd5c917282476de17bbfcc56a5cd04f3 -size 3034364 diff --git a/xrdp-0.9.2.tar.gz.asc b/xrdp-0.9.2.tar.gz.asc deleted file mode 100644 index 68b49b4..0000000 --- a/xrdp-0.9.2.tar.gz.asc +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEcBAABCAAGBQJY3KSxAAoJEIrTLQQzex8YLpkH/iZFGqlJ4oDEGmHPoXWfzEzJ -v1cmAWB8W/BOFBX+Dn+azQUustwzqIDIobUDGOq2tNdqqcTNYtpLCjvPXtfk5k6e -1+AozCBJMv3XmpUiADJlib6eIumD6slXUMw8Uf6Riq2a6R/NNnd597+EASKjQw2I -mJ+n4opjUcM0uVi3VVmxRjWiaECxSIvl6ApVYJV55LHGM5QXqVK5ZsxfFDTimThl -/fs3dLRwQYmLkC3cwImZgyXglcmXsku4ndAlYXsE+RI9R7JOM2vp3WhP7euaKjQn -LHsA3gr8i0YpAd2bfP6X5Z6tFtB8gd+q4epfvMwue0Jy18KwMs6zB4s1BGZxvng= -=rrTq ------END PGP SIGNATURE----- diff --git a/xrdp-0.9.3.tar.gz b/xrdp-0.9.3.tar.gz new file mode 100644 index 0000000..0b715c1 --- /dev/null +++ b/xrdp-0.9.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5adf20be485b6093fa59b20a5911c52974e05f0bfae0add29e864b134f801f17 +size 3062126 diff --git a/xrdp-0.9.3.tar.gz.asc b/xrdp-0.9.3.tar.gz.asc new file mode 100644 index 0000000..03db528 --- /dev/null +++ b/xrdp-0.9.3.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEYezqu/K7QOOjXfMKn3LNvAG/EOsFAllqG2kACgkQn3LNvAG/ +EOsTVA//cZnsCBDHTD0QK54aU8WI2ghTZ2ZCwjOKEbkxLaBHgvJ95EgHVQIJ5Eii +SLqfzPO5P9cn99NI97WsvkpfAjAaRfnfRF5UYQ+T7f9SIHQ7mdzr3x7J5S6GuZDa +ID69t+sgg0tTbx7x2P5TEiUeJLmrOevPHZ/86Lr+94jmc+HSjieIMjMYpHsbb/X6 +6FINYGnPhwf82rqJBrWHZlxbnWzM9x0N0N5x2rhywgvOHlxN6HESFBn4PzSYLzCf +wVAfp5Qq9A0/4fhl0lGQNDraAJR9w34Zj0YuntLslwUB7b8tLmvLySW5gGtoKmsl +89q6BbvY8FN9d4FEuGdpV8t77kRlsAz8ri9CQmcan7y0reOprbZOD1jWOXuYZNan +LQPB0N0FrJKAyqL7olJmWAFx4gub6KRumARPZuG6h7kcpjZGDwJbZfv+SjpAjjmM +4VxOwElK33bk5/cvE0JkkGARBBM51FgBUV477pT3ZuAVx6KgPlvr3w7B1lFvXIZs +v/3xmlyo3SpPEpISpE5DyS6HbEMtLRUGt6sMjggFsPuEy4eqz4veQKMoYSik4l57 +RZIb1nHcOcAPE0Q+Txhstuzm/GSm4Qiobeh2xGm+AvBB4TdzsySGXrAOlJRob+d0 +Fz4tka6hJYuWk2ZoL28pTJac/r3hecTKM1VT4VVI/gXsDfviGXc= +=nw7c +-----END PGP SIGNATURE----- diff --git a/xrdp-avahi.diff b/xrdp-avahi.diff index c16f474..0b9ec02 100644 --- a/xrdp-avahi.diff +++ b/xrdp-avahi.diff @@ -48,9 +48,9 @@ index 82e8a57..ae70874 100644 --- a/xrdp/xrdp.h +++ b/xrdp/xrdp.h @@ -163,6 +163,8 @@ void - xrdp_listen_delete(struct xrdp_listen* self); - int xrdp_listen_main_loop(struct xrdp_listen* self); + int + xrdp_listen_test(void); +int +xrdp_listen_get_port(char* port, int port_bytes); diff --git a/xrdp-do-not-execute-psuedo-login-shell.patch b/xrdp-do-not-execute-psuedo-login-shell.patch deleted file mode 100644 index 2d2ac67..0000000 --- a/xrdp-do-not-execute-psuedo-login-shell.patch +++ /dev/null @@ -1,102 +0,0 @@ -commit 97b6b8c2f2988eb570d04c6d7929d0090f887798 -Author: Fuminobu TAKEYAMA -Date: Thu May 4 10:49:57 2017 +0900 - - startwm.sh: do not call psuedo shell for /etc/X11/xdm/Xsession - - Since /etc/X11/xdm/Xsession calls user's login shell, startwm.sh - may not execute the psuedo code; It causes executing - ~/.profile twice. - -diff --git a/sesman/startwm.sh b/sesman/startwm.sh -index b81d3646..452917a4 100755 ---- a/sesman/startwm.sh -+++ b/sesman/startwm.sh -@@ -1,34 +1,5 @@ - #!/bin/sh - --#start the window manager --wm_start() --{ -- if [ -r /etc/default/locale ]; then -- . /etc/default/locale -- export LANG LANGUAGE -- fi -- -- # debian -- if [ -r /etc/X11/Xsession ]; then -- . /etc/X11/Xsession -- exit 0 -- fi -- -- # el -- if [ -r /etc/X11/xinit/Xsession ]; then -- . /etc/X11/xinit/Xsession -- exit 0 -- fi -- -- # suse -- if [ -r /etc/X11/xdm/Xsession ]; then -- . /etc/X11/xdm/Xsession -- exit 0 -- fi -- -- xterm --} -- - # Execution sequence for interactive login shell - pseudocode - # - # IF /etc/profile is readable THEN -@@ -77,6 +48,43 @@ post_start() - return 0 - } - -+#start the window manager -+wm_start() -+{ -+ if [ -r /etc/default/locale ]; then -+ . /etc/default/locale -+ export LANG LANGUAGE -+ fi -+ -+ # debian -+ if [ -r /etc/X11/Xsession ]; then -+ pre_start -+ . /etc/X11/Xsession -+ post_start -+ exit 0 -+ fi -+ -+ # el -+ if [ -r /etc/X11/xinit/Xsession ]; then -+ pre_start -+ . /etc/X11/xinit/Xsession -+ post_start -+ exit 0 -+ fi -+ -+ # suse -+ if [ -r /etc/X11/xdm/Xsession ]; then -+ # since the following script run a user login shell, -+ # do not execute the pseudo login shell scripts -+ . /etc/X11/xdm/Xsession -+ exit 0 -+ fi -+ -+ pre_start -+ xterm -+ post_start -+} -+ - #. /etc/environment - #export PATH=$PATH - #export LANG=$LANG -@@ -91,8 +99,6 @@ post_start() - # includes - # auth required pam_env.so readenv=1 - --pre_start - wm_start --post_start - - exit 1 diff --git a/xrdp.changes b/xrdp.changes index fa73ba0..74b775a 100644 --- a/xrdp.changes +++ b/xrdp.changes @@ -1,10 +1,41 @@ +------------------------------------------------------------------- +Mon Aug 14 05:04:30 UTC 2017 - ftake@geeko.jp + +- Add workaround for the upstream issue #848, fix xrdp does not + start by wrong path in *.service. + +------------------------------------------------------------------- +Wed Jul 19 09:03:29 UTC 2017 - fezhang@suse.com + +- Update to version 0.9.3 + + Log user-friendly messages when certificate/privkey is + inaccessible + + Now sesman sets mandatory LOGNAME environment variable #725 + + Now sesman ensures socket directory present #801 + + Exit with failure status if port already in use #644 + + Fix glitches with IPv4 struct initialization #803 + + Fix some keyboard layout integration (UK, Spanish) + + Fix handle OS when IPv6 disabled #714 + + Fix issues around systemd session #778 + + Fix protocol error when 32 bit color and non RemoteFX session + #737 #804 + + Fix sesadmin shows error when no sessions #797 + + Fix TLS spins 100% CPU #728 + + Fix Xvnc backend disconnects when some data copied to clipboard + #755 + + Optimize startwm.sh for SUSE + * Drop xrdp-do-not-execute-psuedo-login-shell.patch + + Update xrdp-avahi.diff +- Update xrdp.keyring: add key from upstream signer (Koichiro IWAO, + metalefty@github, 01BF10EB) + ------------------------------------------------------------------- Tue Jul 11 16:58:40 UTC 2017 - fezhang@suse.com - Add source verification: + Add xrdp-0.9.2.tar.gz.asc - + Add xrdp.keyring, from the signer Idan Freiberg (@speidy on - github) + + Add xrdp.keyring: add key from upstream signer (Idan Freiberg, + speidy@github, 337B1F18) - Drop _service and _servicedata: not needed for stable releases - Drop xrdp-openSUSE-logo.patch and openSUSE.bmp: not really necessary @@ -32,6 +63,8 @@ Sat May 20 07:36:25 UTC 2017 - ftake@geeko.jp + TLS ciphers suites and version, and connected computer name is now logged + Miscellaneous RemoteFX codec mode improvements + + Move auth/pam calls to appropriate locations, fix potential + bypass in PAM (bsc#1029912, #694, #704, CVE-2017-6967). - Update to version 0.9.1 + Support for TLS security layer (preferred over RDP layer if supported by the client) diff --git a/xrdp.keyring b/xrdp.keyring index f5b7e83..f8ccedb 100644 --- a/xrdp.keyring +++ b/xrdp.keyring @@ -2,6 +2,10 @@ pub 2048R/337B1F18 2016-09-19 [expires: 2018-09-19] uid [ unknown] Idan Freiberg sub 2048R/F0F5E810 2016-09-19 +pub 4096R/01BF10EB 2017-06-20 [expires: 2019-06-20] +uid [ unknown] Koichiro IWAO +sub 4096R/CCDE08AA 2017-06-20 [expires: 2019-06-20] + -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2 @@ -29,6 +33,53 @@ SaQ1AJ1n5hyXZQblA+rQpuSpXn4o7y2w4+Vytz6Z5sfF1lcX4WJPIaiskEzUKJu1 lP7Vqu3A1C9q8Qc2ixQrVwGHLC1kzJggYqn6UdYezYPYoDA0YlAEpVdPZ2ks8ERR JpXlP/fvu3F8gR+1GeZCU77fncrpZhaxW9Qt189eHFKT1tVS0wkbg0Bfslx9SlPJ zEWgPS2aqENxNOXl7ZLUyvfUp+yf1ZCBYJbWzXNfQkq5EBc3hvGTCwrxOn/HDGas -TCO7hF2ZpkgNUYyi1x9HW5CK4fO9jz6eg3iB7q1eXee6hQRnlHs= -=3XXn +TCO7hF2ZpkgNUYyi1x9HW5CK4fO9jz6eg3iB7q1eXee6hQRnlHuZAg0EWUjLPwEQ +AOAKWi3WQ0Yqr35d7aVStgagKt8Ug1TTjSCt6tZm1ccfuRYrYKgi5vH6ZN78iAju +rYy/C6M/ttJbmmnvOTRS9s2XrghZAgZPMvJMvYxz2cWewID+2DMj5eqc0ASds6Xo +NJOwMOWotG1eR06IL6ibU2IYKJMn9Cxa0K4ibn1iBRpwBghDGc4fQDm+XXjwnFEn +uZxq2z15kmWAam8JGs8I4YWex9nD9XrOFtb64L0TN/oqhAMefQfCK+qwg3rNmija +2JlX2b2q/bmL++xBmbNb0iJ9JlolPbFZvqTWDoUsVAyR+XUaIZVfNICy9r+CdBy2 +cTmd4FYgEzH24R4crw3jCg1nF3puguDAfrr014tWmpBmi1h3DfW4BDaCwX7K9Gwt +Vru38FLSEqRRBsYw7Lck8zdJpGF3vspsI962gjlL5yW4kSE1hnpC9gPv478K2H1I +tlWtQS9mP2NopaQUoHm5NXgUn0BpeqAtabjEA1bPd3hQZt1ptMcVPl6K3NvtRrrN +Ku1F+kl0tSOWaL1SbBiQlHSCVXoXX0Hze5Prbw2Q86vX7UlY0lgKtdHRbAInYh+A +/mhlspSbu87F7+Ljvtlj6fHjVjqlP+cDMBsxAW0FrAIwBadQyAdVRK4LxUHcDcyu +8DUFJ/6PnwHvvB23l+2CEcusUFBfQvrb64Iyi3/NortzABEBAAG0HUtvaWNoaXJv +IElXQU8gPG1ldGFAdm1ldGEuanA+iQJUBBMBCAA+FiEEYezqu/K7QOOjXfMKn3LN +vAG/EOsFAllIyz8CGwMFCQPCZwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ +n3LNvAG/EOvzaRAA2HIVDUtl4ieUsZ5kn7F4LlN2wxToLM4psHwBihst2eVdXKna +8gJ7jsPTaVfw7/WVT2rGToJ+erb/l25jvyaWrrTSkqGMBuNHh6z3JIw3kYKeWsLb +MfmSQjpZgkcxtgQjz5xmMaHpvx4+umynfFBh/o2Y3ej01wlt5euXl07SyWOp65Rd +X+XvvfU/mmTYy8UY/ecsQIC9Uai5az0LBP7/678Psbqb6GDORkoG8Xm6jBYTmAHk +nuSZ7nRR1gtFRm+caFUrxwTNWbGsggp9KL96TYFpbvku4fdSqVNFaYwh0+XFaLVp +ZTveX+j8r9iS8F9TCvgIN9RydR91aJOMKdUYLGapRU8/WE3wwMKN0iML1kGDyjC3 +79GiO3CXwZKFiWjf65vdhSvRo5Jo8jN20ECOWKgiciVCswwTvIlEogv9qVZUYMB0 +P8pEHiMOKE6EQcmVtG/Cj2Ae9fqyh8hj/p7TSHQhAG9mFxIDintZfjQxwKHcuhV4 +nRwmkr0pV6BKxsgn0NFax9S+Ex+bEHhnaVpPgAxGCLnIkJyRAGM3Yih0PCK17ZXh +2EOqqCMN02g+U7MxHolljtKOBc/20eaQZjzNAr2bCnyAI0VsjX/b5BRTypMJuFib +s3FI+ewnUsI9L5GFcopYWynI1jxtAO+uueETSArK4aqwYYqYMJC5aKg32RO5Ag0E +WUjLPwEQAKZwKHT2gTcV/U2C+C0Qtmd6oSl5Kvnt9dcRBZLLOu+0gmxK1e3zX/4k +SMt4xxk0Ocwhob7BJs891M+9h0+5hw532cwfWTKrgy5010hs17unoW5UR5fKuSDw +wXKW4o1GjQcCYpyH07luKHuKL2o5Co8Iir3XQKT07ow67setsiaVGzAoLYuyZ3xi +cegq/fh8lJ1NAQ31SMAgabiVtx2j8us/Tv+5uT6X07MFASFkLUqOR8RHqkNnTgPZ +zJJS4AeHM3LJZxcZ1fxekK+irbu2qtXQryzj4vm4XfAjBuKQUAhW+PVfGNlu+V6D +7qpChcMZy3Qk/XIIBKhFjSROStlJ0lpJg1EXXiAeIi9EhGNw5VFE+037zB5GwYRA +lWaG/hpWSl43qyPGK5pH6EJQ0gHZ+//hWt25RgQqaIi8v8X7ChFLATGzzvLmbwO/ +3nhBcjDXQO8FGjhW2MVLl2LA/PQYESaPKu5JujxrFEizX8kj5BGPubR4ueDxlPxd +Xpd1eKVrWtQ7b42KAjD5Pa8ChKxYALHfk7J352cV1ycOnWzbhZECC+W+fDzPJqPm +7DBby4wD8c4BHscgacyAcwgVpYJ/tc3aAy0ptN3V8m6jAeaEYgRRvxbgUOmMQukM +SN76GSav5IJVw1NG4rkFJFKkbJKqqNTAFadXBPpsXgwK0L+oDaVZABEBAAGJAjwE +GAEIACYWIQRh7Oq78rtA46Nd8wqfcs28Ab8Q6wUCWUjLPwIbDAUJA8JnAAAKCRCf +cs28Ab8Q68NbEADXdfommHmQVmN7mmRLDNHeOmfllC3x8RVA5R5VM/MJcYgz5DWJ +s6madRCOu2Fncu9px+5RR+uOyq+XR6V111Nqg6yuGdwtADNRKrE4NI34TJrfBCGh ++tldAcbHefdHyk9VLPb0Cro856aLDUuc4i+DDfC3K3g0SUQ7AY9K/3sEc1dJiWYJ +bdjZPXSKkSpETe4Geuptr3Dyy5Wfr+hsByT19a7Rtwpg+6+zqPs7DLJHGJ8ep7eK +ainl2SU7WTBAOJGAaY600XLqRSFBGY85fck9O4JWlnhv+TlOm1EEZ+FWtpYzh74V +7UDMBVmZLwTRy9XnKVN6ag935nNWYTFfjO7by+CtIGpxSKdZYuGh3z8ALMZmRMgw +Xf+8zc1UzJaQGLNOHTSYFclO72PtmPBPkP9TmarcidgVGTRc4z1PAymE7YB22sBa +4pb+2QX1qBjID1ahiXHJhH3jzoQTiqvtFhtx0pgPT1TtDhAtO1+oLMrqL1+X5ziw +XGdUVBFkfzT0Lkyg7fVVlNwmnhHt850YYm/8IbQiTvzEvu0Am9vh1AA0tv1trEoI +fZOb67+7B0+WiwPg3M9TEDzX5x2G5TbZSNPyCg7QoyxZGEOHEqWXhgTqA1rZ69vf +P4D/4BJaZUH6GdJR/cboPMxL8Xa7zyrgvKeLwNKLPC+lREwNpMjUrNz4vQ== +=IksA -----END PGP PUBLIC KEY BLOCK----- diff --git a/xrdp.spec b/xrdp.spec index 9111b8a..c7a9dfa 100644 --- a/xrdp.spec +++ b/xrdp.spec @@ -18,7 +18,7 @@ %define _fwdefdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services Name: xrdp -Version: 0.9.2 +Version: 0.9.3 Release: 0 Summary: Remote desktop protocol (RDP) server License: Apache-2.0 and GPL-2.0+ @@ -37,8 +37,6 @@ Patch1: xrdp-pam.patch Patch3: xrdp-default-config.patch # PATCH-FIX-OPENSUSE xrdp-disable-8-bpp-vnc-support.patch bsc#991059 - fezhang@suse.com -- disable 8 bpp support for vnc connections Patch4: xrdp-disable-8-bpp-vnc-support.patch -# PATCH-FIX-UPSTREAM xrdp-do-not-execute-psuedo-login-shell.patch - ftake@geeko.jp -Patch5: xrdp-do-not-execute-psuedo-login-shell.patch # PATCH-FEATURE-SLE xrdp-avahi.diff bnc#586785 - hfiguiere@novell.com -- Add Avahi support Patch11: xrdp-avahi.diff # PATCH-FIX-SLE xrdp-filter-tab-from-mstsc-on-focus-change.patch bnc#601996 bnc#623534 - dliang@novell.com -- filter the fake tab key which is used to notify the session @@ -98,7 +96,6 @@ This package contains libraries for the JPEG2000 codec for RDP. %patch1 -p1 %patch3 -p1 %patch4 -p1 -%patch5 -p1 %if ! 0%{?is_opensuse} %patch11 -p1 %patch12 -p1 @@ -107,6 +104,9 @@ This package contains libraries for the JPEG2000 codec for RDP. %patch15 -p1 %endif +# workaround the issue #848 +rm instfiles/*.service + %build sh ./bootstrap %configure \