pool/xrdp
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 507245 from X11:RemoteDesktop

Browse Source 
1

OBS-URL: https://build.opensuse.org/request/show/507245
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xrdp?expand=0&rev=7
This commit is contained in:
Dominique Leuenberger 2017-07-01 12:05:51 +00:00 committed by Git OBS Bridge
commit e641f57f8b
5 changed files with 356 additions and 276 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
xrdp-avahi.diff
View File

@ -1,89 +1,75 @@
From 71ebbe34d841d3f29ae2d21fbae25889de5d4a57 Mon Sep 17 00:00:00 2001
From: Felix Zhang <fezhang@suse.com>
Date: Mon, 1 Aug 2016 17:04:31 +0800
Subject: [PATCH] avahi
---
configure.ac | 1 +
xrdp/Makefile.am | 9 +++--
xrdp/xrdp.h | 8 ++++
xrdp/xrdp_avahi.c | 117 +++++++++++++++++++++++++++++++++++++++++++++++++++++
xrdp/xrdp_listen.c | 2 +-
5 files changed, 133 insertions(+), 4 deletions(-)
create mode 100644 xrdp/xrdp_avahi.c
diff --git a/configure.ac b/configure.ac
index e1a150e..2cfe026 100644
index 47212ec..b011897 100644
--- a/configure.ac
+++ b/configure.ac
@@ -7,6 +7,7 @@ AM_INIT_AUTOMAKE([1.6 foreign])
AC_PROG_CC
@@ -9,6 +9,7 @@ AC_PROG_CC
AC_C_CONST
AC_PROG_LIBTOOL
+PKG_CHECK_MODULES(AVAHI, avahi-client >= 0.6.4)
PKG_PROG_PKG_CONFIG
AC_ARG_WITH([systemdsystemunitdir],
AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
if test "x$PKG_CONFIG" = "x"; then
AC_MSG_ERROR([please install pkg-config])
diff --git a/xrdp/Makefile.am b/xrdp/Makefile.am
index 4fd9a68..e00bc2f 100644
index a259ef3..2cbb762 100644
--- a/xrdp/Makefile.am
+++ b/xrdp/Makefile.am
@@ -33,7 +33,8 @@ INCLUDES = \
@@ -12,7 +12,9 @@ AM_CPPFLAGS = \
-DXRDP_SOCKET_PATH=\"${socketdir}\" \
-I$(top_builddir) \
-I$(top_srcdir)/common \
-I$(top_srcdir)/libxrdp \
- $(EXTRA_INCLUDES)
+ $(EXTRA_INCLUDES) \
- -I$(top_srcdir)/libxrdp
+ -I$(top_srcdir)/libxrdp \
+ $(AVAHI_CFLAGS)
+
sbin_PROGRAMS = \
xrdp
@@ -52,12 +53,14 @@ xrdp_SOURCES = \
xrdp_process.c \
xrdp_region.c \
xrdp_wm.c \
- xrdp_encoder.c
+ xrdp_encoder.c \
+ xrdp_avahi.c
XRDP_EXTRA_LIBS =
@@ -46,6 +48,7 @@ xrdp_SOURCES = \
lang.c \
xrdp.c \
xrdp.h \
+ xrdp_avahi.c \
xrdp_bitmap.c \
xrdp_cache.c \
xrdp_encoder.c \
@@ -63,7 +66,8 @@ xrdp_SOURCES = \
xrdp_LDADD = \
$(top_builddir)/common/libcommon.la \
$(top_builddir)/libxrdp/libxrdp.la \
- $(EXTRA_LIBS)
+ $(EXTRA_LIBS) \
- $(XRDP_EXTRA_LIBS)
+ $(XRDP_EXTRA_LIBS) \
+ $(AVAHI_LIBS)
xrdp_LDFLAGS = \
$(EXTRA_FLAGS)
xrdpsysconfdir=$(sysconfdir)/xrdp
diff --git a/xrdp/xrdp.h b/xrdp/xrdp.h
index 67488a6..e71fb9b 100644
index 82e8a57..ae70874 100644
--- a/xrdp/xrdp.h
+++ b/xrdp/xrdp.h
@@ -164,6 +164,8 @@ void APP_CC
@@ -163,6 +163,8 @@ void
xrdp_listen_delete(struct xrdp_listen* self);
int APP_CC
int
xrdp_listen_main_loop(struct xrdp_listen* self);
+int APP_CC
+int
+xrdp_listen_get_port(char* port, int port_bytes);
/* xrdp_region.c */
struct xrdp_region* APP_CC
@@ -510,3 +512,9 @@ int DEFAULT_CC
server_add_char_alpha(struct xrdp_mod* mod, int font, int charactor,
int offset, int baseline,
int width, int height, char* data);
+
struct xrdp_region*
@@ -514,3 +516,8 @@ server_add_char_alpha(struct xrdp_mod* mod, int font, int character,
int
server_session_info(struct xrdp_mod *mod, const char *data, int data_bytes);
+/* xrdp_avahi.c */
+int APP_CC
+int
+xrdp_avahi_init(void);
+void APP_CC
+void
+xrdp_avahi_fini(void);
diff --git a/xrdp/xrdp_avahi.c b/xrdp/xrdp_avahi.c
new file mode 100644
index 0000000..7fa1656
--- /dev/null
index e69de29..642a333 100644
--- a/xrdp/xrdp_avahi.c
+++ b/xrdp/xrdp_avahi.c
@@ -0,0 +1,117 @@
@@ -0,0 +1,115 @@
+/*
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
@ -106,10 +92,8 @@ index 0000000..7fa1656
+
+*/
+
+#include "xrdp.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <avahi-client/client.h>
+#include <avahi-client/publish.h>
@ -136,7 +120,7 @@ index 0000000..7fa1656
+ char port[8];
+ /* dummy parameters */
+ char address[256];
+ struct xrdp_startup_params* startup_param = {"", 0, 0, 0, 0};
+ struct xrdp_startup_params* startup_param = {(const char[]) {""}, 0, 0, 0, 0, 0, 0, 0};
+
+ if (gethostname (hname, sizeof (hname)))
+ break;
@ -173,7 +157,7 @@ index 0000000..7fa1656
+ }
+}
+
+int APP_CC
+int
+xrdp_avahi_init (void)
+{
+ if (!(threaded_poll = avahi_threaded_poll_new ()))
@ -192,7 +176,7 @@ index 0000000..7fa1656
+ return 0;
+}
+
+void APP_CC
+void
+xrdp_avahi_fini (void)
+{
+ avahi_threaded_poll_stop (threaded_poll);
@ -202,10 +186,10 @@ index 0000000..7fa1656
+ avahi_threaded_poll_free (threaded_poll);
+}
diff --git a/xrdp/xrdp_listen.c b/xrdp/xrdp_listen.c
index b2b19ca..c1ae4c5 100644
index 0fbe61f..ed0af63 100644
--- a/xrdp/xrdp_listen.c
+++ b/xrdp/xrdp_listen.c
@@ -145,7 +145,7 @@ xrdp_process_run(void *in_val)
@@ -149,7 +149,7 @@ xrdp_process_run(void *in_val)
}
/*****************************************************************************/
@ -214,6 +198,3 @@ index b2b19ca..c1ae4c5 100644
xrdp_listen_get_port_address(char *port, int port_bytes,
char *address, int address_bytes,
int *tcp_nodelay, int *tcp_keepalive,
--
2.6.6

174
xrdp-bsc965647-allow-admin-choose-desktop.patch
View File

@ -1,46 +1,32 @@
From b14f40d4567b884623936a8b3c20350d1ea37ffd Mon Sep 17 00:00:00 2001
From: Felix Zhang <fezhang@suse.com>
Date: Mon, 1 Aug 2016 17:55:35 +0800
Subject: [PATCH] bsc#965647 allow admin choose desktop
---
sesman/startwm.sh | 44 +++++++++++++++++++++-----------------------
1 file changed, 21 insertions(+), 23 deletions(-)
diff --git a/sesman/startwm.sh b/sesman/startwm.sh
index ee48263..ace62a0 100755
index 452917a..ace62a0 100755
--- a/sesman/startwm.sh
+++ b/sesman/startwm.sh
@@ -3,30 +3,28 @@
#start the window manager
wm_start()
{
- if [ -r /etc/default/locale ]; then
- . /etc/default/locale
- export LANG LANGUAGE
- fi
-
- # debian
- if [ -r /etc/X11/Xsession ]; then
- . /etc/X11/Xsession
- exit 0
- fi
-
- # el
- if [ -r /etc/X11/xinit/Xsession ]; then
- . /etc/X11/xinit/Xsession
- exit 0
- fi
@@ -1,33 +1,62 @@
#!/bin/sh
-# Execution sequence for interactive login shell - pseudocode
-#
-# IF /etc/profile is readable THEN
-# execute ~/.bash_profile
-# END IF
-# IF ~/.bash_profile is readable THEN
-# execute ~/.bash_profile
-# ELSE
-# IF ~/.bash_login is readable THEN
-# execute ~/.bash_login
-# ELSE
-# IF ~/.profile is readable THEN
-# execute ~/.profile
-# END IF
-# END IF
-# END IF
+#start the window manager
+wm_start()
+{
+ #Customize your preferred session mode here
+ SESSION="sle"
- # suse
- if [ -r /etc/X11/xdm/Xsession ]; then
- . /etc/X11/xdm/Xsession
- exit 0
- fi
-
- xterm
+
+ case $SESSION in
+ sle)
+ if [ -r /usr/bin/gnome-session ]; then
@ -60,9 +46,115 @@ index ee48263..ace62a0 100755
+ fi
+ ;;
+ esac
+}
+
+#Execution sequence for interactive login shell
+#Following pseudo code explains the sequence of execution of these files.
+#execute /etc/profile
+#IF ~/.bash_profile exists THEN
+# execute ~/.bash_profile
+#ELSE
+# IF ~/.bash_login exist THEN
+# execute ~/.bash_login
+# ELSE
+# IF ~/.profile exist THEN
+# execute ~/.profile
+# END IF
+# END IF
+#END IF
pre_start()
{
- if [ -r /etc/profile ]; then
+ if [ -f /etc/profile ]
+ then
. /etc/profile
fi
- if [ -r ~/.bash_profile ]; then
+ if [ -f ~/.bash_profile ]
+ then
. ~/.bash_profile
else
- if [ -r ~/.bash_login ]; then
+ if [ -f ~/.bash_login ]
+ then
. ~/.bash_login
else
- if [ -r ~/.profile ]; then
+ if [ -f ~/.profile ]
+ then
. ~/.profile
fi
fi
@@ -35,56 +64,20 @@ pre_start()
return 0
}
#Execution sequence for interactive login shell
--
2.6.6
-# When loging out from the interactive shell, the execution sequence is:
-#
-# IF ~/.bash_logout exists THEN
-# execute ~/.bash_logout
-# END IF
+#When you logout of the interactive shell, following is the
+#sequence of execution:
+#IF ~/.bash_logout exists THEN
+# execute ~/.bash_logout
+#END IF
post_start()
{
- if [ -r ~/.bash_logout ]; then
+ if [ -f ~/.bash_logout ]
+ then
. ~/.bash_logout
fi
return 0
}
-#start the window manager
-wm_start()
-{
- if [ -r /etc/default/locale ]; then
- . /etc/default/locale
- export LANG LANGUAGE
- fi
-
- # debian
- if [ -r /etc/X11/Xsession ]; then
- pre_start
- . /etc/X11/Xsession
- post_start
- exit 0
- fi
-
- # el
- if [ -r /etc/X11/xinit/Xsession ]; then
- pre_start
- . /etc/X11/xinit/Xsession
- post_start
- exit 0
- fi
-
- # suse
- if [ -r /etc/X11/xdm/Xsession ]; then
- # since the following script run a user login shell,
- # do not execute the pseudo login shell scripts
- . /etc/X11/xdm/Xsession
- exit 0
- fi
-
- pre_start
- xterm
- post_start
-}
-
#. /etc/environment
#export PATH=$PATH
#export LANG=$LANG
@@ -99,6 +92,8 @@ wm_start()
# includes
# auth required pam_env.so readenv=1
+pre_start
wm_start
+post_start
exit 1

251
xrdp-fate318398-change-expired-password.patch
View File

@ -1,39 +1,19 @@
From 7eed33d99e93432c2b425a8ce1d2955b3532da39 Mon Sep 17 00:00:00 2001
From: Felix Zhang <fezhang@suse.com>
Date: Mon, 1 Aug 2016 17:26:41 +0800
Subject: [PATCH] FATE#318398: Enable xrdp to allow a required password change
for users
---
sesman/auth.h | 2 +
sesman/libscp/libscp_session.c | 30 ++++++++
sesman/libscp/libscp_types.h | 2 +
sesman/libscp/libscp_v0.c | 23 ++++--
sesman/libscp/libscp_v0.h | 2 +-
sesman/scp_v0.c | 13 +++-
sesman/verify_user_pam.c | 95 ++++++++++++++++++++++++
xrdp/xrdp_login_wnd.c | 155 +++++++++++++++++++++++++++++++++++++-
xrdp/xrdp_mm.c | 164 ++++++++++++++++++++++++++++++-----------
xrdp/xrdp_types.h | 1 +
xrdp/xrdp_wm.c | 41 ++++++++++-
11 files changed, 475 insertions(+), 53 deletions(-)
diff --git a/sesman/auth.h b/sesman/auth.h
index e06b9eb..ee33e94 100644
index 56f7809..4dd3836 100644
--- a/sesman/auth.h
+++ b/sesman/auth.h
@@ -106,4 +106,6 @@ auth_check_pwd_chg(char* user);
int DEFAULT_CC
auth_change_pwd(char* user, char* newpwd);
@@ -106,4 +106,6 @@ auth_check_pwd_chg(const char *user);
int
auth_change_pwd(const char *user, const char *newpwd);
+int DEFAULT_CC
+int
+auth_change_pwd_pam(char* user, char* pass, char* newpwd);
#endif
diff --git a/sesman/libscp/libscp_session.c b/sesman/libscp/libscp_session.c
index d25fc64..35bc223 100644
index 8df34b3..54d08ae 100644
--- a/sesman/libscp/libscp_session.c
+++ b/sesman/libscp/libscp_session.c
@@ -71,6 +71,10 @@ scp_session_set_type(struct SCP_SESSION *s, tui8 type)
@@ -75,6 +75,10 @@ scp_session_set_type(struct SCP_SESSION *s, tui8 type)
s->type = SCP_GW_AUTHENTICATION;
break;
@ -44,7 +24,7 @@ index d25fc64..35bc223 100644
case SCP_SESSION_TYPE_MANAGE:
s->type = SCP_SESSION_TYPE_MANAGE;
s->mng = (struct SCP_MNG_DATA *)g_malloc(sizeof(struct SCP_MNG_DATA), 1);
@@ -231,6 +235,32 @@ scp_session_set_password(struct SCP_SESSION *s, char *str)
@@ -236,6 +240,32 @@ scp_session_set_password(struct SCP_SESSION *s, const char *str)
/*******************************************************************/
int
@ -74,11 +54,11 @@ index d25fc64..35bc223 100644
+
+/*******************************************************************/
+int
scp_session_set_domain(struct SCP_SESSION *s, char *str)
scp_session_set_domain(struct SCP_SESSION *s, const char *str)
{
if (0 == str)
diff --git a/sesman/libscp/libscp_types.h b/sesman/libscp/libscp_types.h
index de85186..f6be582 100644
index 8cb9166..b4441da 100644
--- a/sesman/libscp/libscp_types.h
+++ b/sesman/libscp/libscp_types.h
@@ -47,6 +47,7 @@
@ -89,7 +69,7 @@ index de85186..f6be582 100644
#define SCP_ADDRESS_TYPE_IPV4 0x00
#define SCP_ADDRESS_TYPE_IPV6 0x01
@@ -81,6 +82,7 @@ struct SCP_SESSION
@@ -77,6 +78,7 @@ struct SCP_SESSION
char locale[18];
char* username;
char* password;
@ -98,10 +78,10 @@ index de85186..f6be582 100644
tui8 addr_type;
tui32 ipv4addr;
diff --git a/sesman/libscp/libscp_v0.c b/sesman/libscp/libscp_v0.c
index 8cf1340..2b3d203 100644
index 5a0c8bf..4b3fc98 100644
--- a/sesman/libscp/libscp_v0.c
+++ b/sesman/libscp/libscp_v0.c
@@ -306,9 +306,8 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
@@ -317,9 +317,8 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
}
}
}
@ -112,7 +92,7 @@ index 8cf1340..2b3d203 100644
session = scp_session_create();
if (0 == session)
@@ -318,7 +317,7 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
@@ -329,7 +328,7 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
}
scp_session_set_version(session, version);
@ -121,8 +101,8 @@ index 8cf1340..2b3d203 100644
/* reading username */
in_uint16_be(c->in_s, sz);
buf[sz] = '\0';
@@ -344,6 +343,19 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
/* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting password", __LINE__); */
@@ -342,6 +341,19 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
/* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting username", __LINE__);*/
return SCP_SERVER_STATE_INTERNAL_ERR;
}
+ if (code == SCP_GW_CHAUTHTOK)
@ -138,10 +118,10 @@ index 8cf1340..2b3d203 100644
+ return SCP_SERVER_STATE_INTERNAL_ERR;
+ }
+ }
}
else
{
@@ -399,12 +411,13 @@ scp_v0s_deny_connection(struct SCP_CONNECTION *c)
/* reading password */
in_uint16_be(c->in_s, sz);
@@ -417,12 +429,13 @@ scp_v0s_deny_connection(struct SCP_CONNECTION *c)
/******************************************************************************/
enum SCP_SERVER_STATES_E
@ -158,7 +138,7 @@ index 8cf1340..2b3d203 100644
out_uint16_be(c->out_s, 0); /* dummy data */
s_mark_end(c->out_s);
diff --git a/sesman/libscp/libscp_v0.h b/sesman/libscp/libscp_v0.h
index 16e49e0..3199db0 100644
index 21fc16c..ae54619 100644
--- a/sesman/libscp/libscp_v0.h
+++ b/sesman/libscp/libscp_v0.h
@@ -79,6 +79,6 @@ scp_v0s_deny_connection(struct SCP_CONNECTION* c);
@ -170,12 +150,12 @@ index 16e49e0..3199db0 100644
#endif
diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c
index ce528d4..3fc788f 100644
index de00068..51f1af7 100644
--- a/sesman/scp_v0.c
+++ b/sesman/scp_v0.c
@@ -37,6 +37,13 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
struct session_item *s_item;
@@ -42,6 +42,13 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
int errorcode = 0;
bool_t do_auth_end = 1;
+ if (s->type == SCP_GW_CHAUTHTOK)
+ {
@ -187,7 +167,7 @@ index ce528d4..3fc788f 100644
data = auth_userpass(s->username, s->password, &errorcode);
if (s->type == SCP_GW_AUTHENTICATION)
@@ -48,14 +55,14 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
@@ -53,14 +60,14 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
if (1 == access_login_allowed(s->username))
{
/* the user is member of the correct groups. */
@ -204,20 +184,20 @@ index ce528d4..3fc788f 100644
log_message(LOG_LEVEL_INFO, "Username okey but group problem for "
"user: %s", s->username);
/* g_writeln("user password ok, but group problem"); */
@@ -66,7 +73,7 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
@@ -71,7 +78,7 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
/* g_writeln("username or password error"); */
log_message(LOG_LEVEL_INFO, "Username or password error for user: %s",
s->username);
- scp_v0s_replyauthentication(c, errorcode);
+ scp_v0s_replyauthentication(c, errorcode, SCP_GW_AUTHENTICATION);
}
auth_end(data);
}
else if (data)
diff --git a/sesman/verify_user_pam.c b/sesman/verify_user_pam.c
index a2b3f93..4eb61fa 100644
index 15174c2..d996470 100644
--- a/sesman/verify_user_pam.c
+++ b/sesman/verify_user_pam.c
@@ -34,6 +34,7 @@ struct t_user_pass
@@ -38,6 +38,7 @@ struct t_user_pass
{
char user[256];
char pass[256];
@ -225,11 +205,11 @@ index a2b3f93..4eb61fa 100644
};
struct t_auth_info
@@ -82,6 +83,55 @@ verify_pam_conv(int num_msg, const struct pam_message **msg,
@@ -86,6 +87,55 @@ verify_pam_conv(int num_msg, const struct pam_message **msg,
}
/******************************************************************************/
+static int DEFAULT_CC
+static int
+chauth_pam_conv(int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *appdata_ptr)
+{
@ -278,17 +258,16 @@ index a2b3f93..4eb61fa 100644
+}
+
+/******************************************************************************/
static void DEFAULT_CC
static void
get_service_name(char *service_name)
{
@@ -309,3 +359,48 @@ auth_set_env(long in_val)
return 0;
@@ -102,6 +152,52 @@ get_service_name(char *service_name)
}
+/******************************************************************************/
/******************************************************************************/
+/* returns boolean */
+/* update to the new pass */
+int DEFAULT_CC
+int
+auth_change_pwd_pam(char *user, char *pass, char *newpwd)
+{
+ int error;
@ -330,11 +309,16 @@ index a2b3f93..4eb61fa 100644
+ }
+ return error;
+}
+
+/******************************************************************************/
/* returns long, zero is no go
Stores the detailed error code in the errorcode variable*/
diff --git a/xrdp/xrdp_login_wnd.c b/xrdp/xrdp_login_wnd.c
index 357b4e2..c74eedd 100644
index 49477a1..160a1ef 100644
--- a/xrdp/xrdp_login_wnd.c
+++ b/xrdp/xrdp_login_wnd.c
@@ -178,7 +178,14 @@ xrdp_wm_cancel_clicked(struct xrdp_bitmap *wnd)
@@ -181,7 +181,14 @@ xrdp_wm_cancel_clicked(struct xrdp_bitmap *wnd)
{
if (wnd->wm != 0)
{
@ -350,7 +334,7 @@ index 357b4e2..c74eedd 100644
{
g_set_wait_obj(wnd->wm->pro_layer->self_term_event);
}
@@ -236,7 +243,29 @@ xrdp_wm_ok_clicked(struct xrdp_bitmap *wnd)
@@ -239,7 +246,29 @@ xrdp_wm_ok_clicked(struct xrdp_bitmap *wnd)
}
else
{
@ -381,13 +365,13 @@ index 357b4e2..c74eedd 100644
}
return 0;
@@ -520,6 +549,31 @@ xrdp_wm_login_notify(struct xrdp_bitmap *wnd,
@@ -516,6 +545,32 @@ xrdp_wm_login_notify(struct xrdp_bitmap *wnd,
return 0;
}
+/*****************************************************************************/
+/* change new password window events go here */
+static int DEFAULT_CC
+static int
+xrdp_wm_newpass_notify(struct xrdp_bitmap *wnd,
+ struct xrdp_bitmap *sender,
+ int msg, long param1, long param2)
@ -410,15 +394,16 @@ index 357b4e2..c74eedd 100644
+ }
+ return 0;
+}
+
/******************************************************************************/
static int APP_CC
@@ -767,6 +821,103 @@ xrdp_login_wnd_create(struct xrdp_wm *self)
static int
xrdp_wm_login_fill_in_combo(struct xrdp_wm *self, struct xrdp_bitmap *b)
@@ -789,6 +844,103 @@ xrdp_login_wnd_create(struct xrdp_wm *self)
return 0;
}
+/******************************************************************************/
+int APP_CC
+int
+xrdp_newpass_wnd_create(struct xrdp_wm *self)
+{
+ struct xrdp_bitmap *but;
@ -518,19 +503,19 @@ index 357b4e2..c74eedd 100644
* Load configuration from xrdp.ini file
*
diff --git a/xrdp/xrdp_mm.c b/xrdp/xrdp_mm.c
index 76957ad..0ab173b 100644
index ba4227c..4e15f88 100644
--- a/xrdp/xrdp_mm.c
+++ b/xrdp/xrdp_mm.c
@@ -1425,7 +1425,7 @@ xrdp_mm_sesman_data_in(struct trans *trans)
@@ -1458,7 +1458,7 @@ xrdp_mm_sesman_data_in(struct trans *trans)
/*********************************************************************/
/* return 0 on success */
static int APP_CC
static int
-access_control(char *username, char *password, char *srv)
+access_control(char *username, char *password, char *newpass, char *srv, int type)
{
int reply;
int rec = 32+1; /* 32 is reserved for PAM failures this means connect failure */
@@ -1451,7 +1451,8 @@ access_control(char *username, char *password, char *srv)
@@ -1484,7 +1484,8 @@ access_control(char *username, char *password, char *srv)
make_stream(out_s);
init_stream(out_s, 500);
s_push_layer(out_s, channel_hdr, 8);
@ -540,7 +525,7 @@ index 76957ad..0ab173b 100644
index = g_strlen(username);
out_uint16_be(out_s, index);
out_uint8a(out_s, username, index);
@@ -1459,6 +1460,14 @@ access_control(char *username, char *password, char *srv)
@@ -1492,6 +1493,14 @@ access_control(char *username, char *password, char *srv)
index = g_strlen(password);
out_uint16_be(out_s, index);
out_uint8a(out_s, password, index);
@ -555,7 +540,7 @@ index 76957ad..0ab173b 100644
s_mark_end(out_s);
s_pop_layer(out_s, channel_hdr);
out_uint32_be(out_s, 0); /* version */
@@ -1488,15 +1497,19 @@ access_control(char *username, char *password, char *srv)
@@ -1521,15 +1530,19 @@ access_control(char *username, char *password, char *srv)
in_uint16_be(in_s, pAM_errorcode); /* this variable holds the PAM error code if the variable is >32 it is a "invented" code */
in_uint16_be(in_s, dummy);
@ -579,16 +564,16 @@ index 76957ad..0ab173b 100644
}
else
{
@@ -1709,7 +1722,7 @@ xrdp_mm_connect(struct xrdp_mm *self)
@@ -1847,7 +1860,7 @@ xrdp_mm_connect(struct xrdp_mm *self)
char port[8];
char chansrvport[256];
#ifdef ACCESS
#ifndef USE_NOPAM
- int use_pam_auth = 0;
+ int use_pam_auth_explicit = 0;
char pam_auth_sessionIP[256];
char pam_auth_password[256];
char pam_auth_username[256];
@@ -1752,7 +1765,7 @@ xrdp_mm_connect(struct xrdp_mm *self)
@@ -1887,7 +1900,7 @@ xrdp_mm_connect(struct xrdp_mm *self)
#ifndef USE_NOPAM
else if (g_strcasecmp(name, "pamusername") == 0)
{
@ -597,32 +582,22 @@ index 76957ad..0ab173b 100644
g_strncpy(pam_auth_username, value, 255);
}
else if (g_strcasecmp(name, "pamsessionmng") == 0)
@@ -1783,51 +1796,67 @@ xrdp_mm_connect(struct xrdp_mm *self)
@@ -1915,45 +1928,56 @@ xrdp_mm_connect(struct xrdp_mm *self)
}
#ifdef ACCESS
#ifndef USE_NOPAM
- if (use_pam_auth)
- {
- int reply;
- char pam_error[128];
- const char *additionalError;
- xrdp_wm_log_msg(self->wm, LOG_LEVEL_DEBUG,
- "Please wait, we now perform access control...");
+ int reply;
+ char replytxt[128];
+ char pam_error[128];
+ const char *additionalError;
+ xrdp_wm_log_msg(self->wm, "Please wait, we now perform access control...");
+
+ /* g_writeln("we use pam modules to check if we can approve this user"); */
+
+ /* use pam either way, copy from normal user name when not explicitly inputed */
+ if (use_pam_auth_explicit == 0)
{
- int reply;
- char replytxt[128];
- char pam_error[128];
- const char *additionalError;
- xrdp_wm_log_msg(self->wm, "Please wait, we now perform access control...");
+ log_message(LOG_LEVEL_DEBUG, "pam parameters not defined, copy from user input");
+ g_strncpy(pam_auth_username, username, 255);
+ g_strncpy(pam_auth_password, password, 255);
+ g_strncpy(pam_auth_sessionIP, "127.0.0.1", 255);
+ }
+ xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO, "Please wait, we now perform access control...");
- /* g_writeln("we use pam modules to check if we can approve this user"); */
- if (!g_strncmp(pam_auth_username, "same", 255))
@ -630,10 +605,13 @@ index 76957ad..0ab173b 100644
- log_message(LOG_LEVEL_DEBUG, "pamusername copied from username - same: %s", username);
- g_strncpy(pam_auth_username, username, 255);
- }
+ if (!g_strncmp(pam_auth_username, "same", 255))
+ /* use pam either way, copy from normal user name when not explicitly inputed */
+ if (use_pam_auth_explicit == 0)
+ {
+ log_message(LOG_LEVEL_DEBUG, "pamusername copied from username - same: %s", username);
+ log_message(LOG_LEVEL_DEBUG, "pam parameters not defined, copy from user input");
+ g_strncpy(pam_auth_username, username, 255);
+ g_strncpy(pam_auth_password, password, 255);
+ g_strncpy(pam_auth_sessionIP, "127.0.0.1", 255);
+ }
- if (!g_strncmp(pam_auth_password, "same", 255))
@ -641,49 +619,45 @@ index 76957ad..0ab173b 100644
- log_message(LOG_LEVEL_DEBUG, "pam_auth_password copied from username - same: %s", password);
- g_strncpy(pam_auth_password, password, 255);
- }
+ if (!g_strncmp(pam_auth_password, "same", 255))
+ if (!g_strncmp(pam_auth_username, "same", 255))
+ {
+ log_message(LOG_LEVEL_DEBUG, "pam_auth_password copied from username - same: %s", password);
+ g_strncpy(pam_auth_password, password, 255);
+ log_message(LOG_LEVEL_DEBUG, "pamusername copied from username - same: %s", username);
+ g_strncpy(pam_auth_username, username, 255);
+ }
- /* access_control return 0 on success */
- reply = access_control(pam_auth_username, pam_auth_password, pam_auth_sessionIP);
+ if (!g_strncmp(pam_auth_password, "same", 255))
+ {
+ log_message(LOG_LEVEL_DEBUG, "pam_auth_password copied from password - same: %s", password);
+ g_strncpy(pam_auth_password, password, 255);
+ }
- xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO,
- "Reply from access control: %s",
- getPAMError(reply, pam_error, 127));
+ /* access_control return 0 on success */
+ reply = access_control(pam_auth_username, pam_auth_password, NULL, pam_auth_sessionIP, 4);
- g_sprintf(replytxt, "Reply from access control: %s",
- getPAMError(reply, pam_error, 127));
+ g_sprintf(replytxt, "Reply from access control: %s",
+ xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO,
+ "Reply from access control: %s",
+ getPAMError(reply, pam_error, 127));
- xrdp_wm_log_msg(self->wm, replytxt);
- log_message(LOG_LEVEL_INFO, replytxt);
- additionalError = getPAMAdditionalErrorInfo(reply, self);
- if (additionalError)
+ xrdp_wm_log_msg(self->wm, replytxt);
+ log_message(LOG_LEVEL_INFO, replytxt);
+ additionalError = getPAMAdditionalErrorInfo(reply, self);
+ if (additionalError)
+ {
+ g_snprintf(replytxt, 127, "%s", additionalError);
+ if (replytxt[0])
{
- g_snprintf(replytxt, 127, "%s", additionalError);
- if (replytxt[0])
- if (additionalError && additionalError[0])
- {
- xrdp_wm_log_msg(self->wm, replytxt);
- xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO, "%s", additionalError);
- }
+ xrdp_wm_log_msg(self->wm, replytxt);
}
+ additionalError = getPAMAdditionalErrorInfo(reply, self);
+ if (additionalError && additionalError[0])
+ {
+ xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO, "%s", additionalError);
+ }
+
- if (reply != 0)
+ if (reply != 0)
+ {
+ /* show PAM errors */
+ xrdp_wm_show_log(self->wm);
- if (reply != 0)
+ if (reply == PAM_NEW_AUTHTOK_REQD)
{
- rv = 1;
@ -694,16 +668,14 @@ index 76957ad..0ab173b 100644
+ rv = 1;
+ return rv;
}
+
#endif
#endif
@@ -1923,6 +1952,59 @@ xrdp_mm_connect(struct xrdp_mm *self)
@@ -2047,6 +2071,59 @@ xrdp_mm_connect(struct xrdp_mm *self)
}
/*****************************************************************************/
+/* return 0 on success */
+int APP_CC
+int
+xrdp_mm_change_expired_password(struct xrdp_mm *self)
+{
+ int rv = -1;
@ -755,14 +727,14 @@ index 76957ad..0ab173b 100644
+}
+
+/*****************************************************************************/
int APP_CC
int
xrdp_mm_get_wait_objs(struct xrdp_mm *self,
tbus *read_objs, int *rcount,
diff --git a/xrdp/xrdp_types.h b/xrdp/xrdp_types.h
index 29aaac8..498e8dd 100644
index 75c70ee..344e7fc 100644
--- a/xrdp/xrdp_types.h
+++ b/xrdp/xrdp_types.h
@@ -335,6 +335,7 @@ struct xrdp_wm
@@ -325,6 +325,7 @@ struct xrdp_wm
struct xrdp_cache* cache;
int palette[256];
struct xrdp_bitmap* login_window;
@ -771,10 +743,10 @@ index 29aaac8..498e8dd 100644
int black;
int grey;
diff --git a/xrdp/xrdp_wm.c b/xrdp/xrdp_wm.c
index 39bd038..7661408 100644
index 8a6695f..238c5cf 100644
--- a/xrdp/xrdp_wm.c
+++ b/xrdp/xrdp_wm.c
@@ -1786,6 +1786,34 @@ xrdp_wm_login_mode_changed(struct xrdp_wm *self)
@@ -1855,6 +1855,34 @@ xrdp_wm_login_mode_changed(struct xrdp_wm *self)
self->dragging = 0;
xrdp_wm_set_login_mode(self, 11);
}
@ -783,7 +755,7 @@ index 39bd038..7661408 100644
+ /* keep log window open */
+ if (self->log_wnd == 0)
+ {
+ xrdp_wm_delete_all_childs(self);
+ xrdp_wm_delete_all_children(self);
+ }
+ /* show update expired password window */
+ self->dragging = 0;
@ -795,7 +767,7 @@ index 39bd038..7661408 100644
+ else if (self->login_mode == 22)
+ {
+ /* do change expired password session */
+ xrdp_wm_delete_all_childs(self);
+ xrdp_wm_delete_all_children(self);
+ self->dragging = 0;
+ if (xrdp_mm_change_expired_password(self->mm) == 0)
+ {
@ -809,7 +781,7 @@ index 39bd038..7661408 100644
return 0;
}
@@ -1830,11 +1858,19 @@ xrdp_wm_log_wnd_notify(struct xrdp_bitmap *wnd,
@@ -1899,11 +1927,19 @@ xrdp_wm_log_wnd_notify(struct xrdp_bitmap *wnd,
xrdp_bitmap_invalidate(wm->screen, &rect);
/* if module is gone, reset the session when ok is clicked */
@ -830,16 +802,13 @@ index 39bd038..7661408 100644
}
}
}
@@ -1893,6 +1929,9 @@ xrdp_wm_show_log(struct xrdp_wm *self)
@@ -1965,6 +2001,9 @@ xrdp_wm_show_log(struct xrdp_wm *self)
return 0;
}
+ /* delete all dialogs, they will be created when needed anyway */
+ xrdp_wm_delete_all_childs(self);
+ xrdp_wm_delete_all_children(self);
+
if (self->log_wnd == 0)
{
w = DEFAULT_WND_LOG_W;
--
2.6.6

63
xrdp-fate319683-allow-vnc-resizing.patch
View File

@ -1,21 +1,36 @@
diff --git a/sesman/sesman.ini b/sesman/sesman.ini
index 37c7816..4a428ec 100644
--- a/sesman/sesman.ini
+++ b/sesman/sesman.ini
@@ -40,7 +40,7 @@ DisconnectedTimeLimit=0
;; Policy - session allocation policy
; Type: enum [ "Default" | "UBD" | "UBI" | "UBC" | "UBDI" | "UBDC" ]
-; Default: Xrdp:<User,BitPerPixel> and Xvnc:<User,BitPerPixel,DisplaySize>
+; Default: Xrdp and Xvnc:<User,BitPerPixel>
; "UBD" session per <User,BitPerPixel,DisplaySize>
; "UBI" session per <User,BitPerPixel,IPAddr>
; "UBC" session per <User,BitPerPixel,Connection>
diff --git a/sesman/session.c b/sesman/session.c
index 4ea48d3..def4179 100644
index 0b8bb6a..3a0164b 100644
--- a/sesman/session.c
+++ b/sesman/session.c
@@ -105,7 +105,6 @@ session_get_bydata(char *name, int width, int height, int bpp, int type, char *c
@@ -105,9 +105,6 @@ session_get_bydata(const char *name, int width, int height, int bpp, int type,
{
case SCP_SESSION_TYPE_XVNC: /* 0 */
type = SESMAN_SESSION_TYPE_XVNC; /* 2 */
- policy |= SESMAN_CFG_SESS_POLICY_D; /* Xvnc cannot resize */
- /* Xvnc cannot resize */
- policy = (enum SESMAN_CFG_SESS_POLICY)
- (policy | SESMAN_CFG_SESS_POLICY_D);
break;
case SCP_SESSION_TYPE_XRDP: /* 1 */
type = SESMAN_SESSION_TYPE_XRDP; /* 1 */
diff --git a/vnc/vnc.c b/vnc/vnc.c
index c3ee3bf..03bb5b5 100644
index db593da..0db68b9 100644
--- a/vnc/vnc.c
+++ b/vnc/vnc.c
@@ -359,7 +359,8 @@ lib_mod_event(struct vnc *v, int msg, long param1, long param2,
/* FrambufferUpdateRequest */
@@ -383,7 +383,8 @@ lib_mod_event(struct vnc *v, int msg, long param1, long param2,
/* FramebufferUpdateRequest */
init_stream(s, 8192);
out_uint8(s, 3);
- out_uint8(s, 0);
@ -24,7 +39,7 @@ index c3ee3bf..03bb5b5 100644
x = (param1 >> 16) & 0xffff;
out_uint16_be(s, x);
y = param1 & 0xffff;
@@ -707,7 +708,24 @@ lib_framebuffer_update(struct vnc *v)
@@ -724,7 +725,24 @@ lib_framebuffer_update(struct vnc *v)
{
v->mod_width = cx;
v->mod_height = cy;
@ -50,11 +65,10 @@ index c3ee3bf..03bb5b5 100644
}
else
{
@@ -724,13 +742,23 @@ lib_framebuffer_update(struct vnc *v)
@@ -740,12 +758,22 @@ lib_framebuffer_update(struct vnc *v)
error = v->server_end_update(v);
}
g_free(data);
+ free_stream(s);
+ if (v->mod_width != v->server_width || v->mod_height != v->server_height)
+ {
+ /* perform actual resize outside the update */
@ -63,10 +77,10 @@ index c3ee3bf..03bb5b5 100644
+ error = v->server_reset(v, v->mod_width, v->mod_height, v->mod_bpp);
+ v->incremental = 0;
+ }
+
if (error == 0)
{
/* FrambufferUpdateRequest */
/* FramebufferUpdateRequest */
init_stream(s, 8192);
out_uint8(s, 3);
- out_uint8(s, 1);
@ -75,7 +89,7 @@ index c3ee3bf..03bb5b5 100644
out_uint16_be(s, 0);
out_uint16_be(s, 0);
out_uint16_be(s, v->mod_width);
@@ -1238,13 +1266,14 @@ lib_mod_connect(struct vnc *v)
@@ -1327,11 +1355,12 @@ lib_mod_connect(struct vnc *v)
init_stream(s, 8192);
out_uint8(s, 2);
out_uint8(s, 0);
@ -87,13 +101,10 @@ index c3ee3bf..03bb5b5 100644
out_uint32_be(s, 0xffffff21); /* desktop size */
+ out_uint32_be(s, 0xfffffecc); /* extended desktop resize */
v->server_msg(v, "VNC sending encodings", 0);
- error = lib_send(v, s->data, 4 + 4 * 4);
+ error = lib_send(v, s->data, 4 + 5 * 4);
}
if (error == 0)
@@ -1257,7 +1286,8 @@ lib_mod_connect(struct vnc *v)
/* FrambufferUpdateRequest */
s_mark_end(s);
error = trans_force_write_s(v->trans, s);
@@ -1347,7 +1376,8 @@ lib_mod_connect(struct vnc *v)
/* FramebufferUpdateRequest */
init_stream(s, 8192);
out_uint8(s, 3);
- out_uint8(s, 0);
@ -103,12 +114,14 @@ index c3ee3bf..03bb5b5 100644
out_uint16_be(s, 0);
out_uint16_be(s, v->mod_width);
diff --git a/vnc/vnc.h b/vnc/vnc.h
index 6d265be..69e899b 100644
index 3eee4e0..1990778 100644
--- a/vnc/vnc.h
+++ b/vnc/vnc.h
@@ -116,4 +116,5 @@ struct vnc
int clip_data_size;
tbus sck_obj;
@@ -113,6 +113,7 @@ struct vnc
int clip_chanid;
struct stream *clip_data_s;
int delay_ms;
+ int incremental;
};
struct trans *trans;
int got_guid;
tui8 guid[16];

25
xrdp.changes
View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Sun Jun 25 16:56:29 UTC 2017 - fezhang@suse.com
- Rebase SLE patches:
+ xrdp-avahi.diff
+ xrdp-bsc965647-allow-admin-choose-desktop.patch
+ xrdp-fate318398-change-expired-password.patch
+ xrdp-fate319683-allow-vnc-resizing.patch
-------------------------------------------------------------------
Wed Jun 7 11:24:14 UTC 2017 - jengelh@inai.de
@ -40,6 +49,7 @@ Sat May 20 07:36:25 UTC 2017 - ftake@geeko.jp
+ xrdp-Allow-sessions-with-32-bpp.patch.patch
+ xrdp-vnc-enable-32-bpp-support-for-Xvnc-it-actually-works.patch
+ xrdp-Fix-support-for-32-bpp-clients-connecting-to-16-bpp-.patch
+ xrdp-dont-set-LANG.patch
- Refresh patches
+ xrdp-pam.patch
- its main part has been merged by the upstream
@ -51,6 +61,21 @@ Sat May 20 07:36:25 UTC 2017 - ftake@geeko.jp
- Add xrdp-do-not-execute-psuedo-login-shell.patch
+ prevent ~/.profile from being executed twice
-------------------------------------------------------------------
Thu May 18 09:08:57 UTC 2017 - fezhang@suse.com
- Add xrdp-dont-set-LANG.patch: Backport upstream commit 5575197,
sesman should stop setting LANG and let initialization scripts
take care of it (bsc#1023988).
-------------------------------------------------------------------
Thu May 11 04:12:48 UTC 2017 - fezhang@suse.com
- Update xrdp-fate319683-allow-vnc-resizing.patch:
+ Fix a crash caused by double freeing stream (bsc#1034606).
+ Remove DisplaySize from Xvnc default policy to enable it
resizing.
-------------------------------------------------------------------
Mon Feb 6 10:31:26 UTC 2017 - fezhang@suse.com