diff --git a/sesman/config.c b/sesman/config.c index 877a949c..897164af 100644 --- a/sesman/config.c +++ b/sesman/config.c @@ -74,9 +74,10 @@ config_read(struct config_sesman *cfg) /* read global config */ config_read_globals(fd, cfg, param_n, param_v); - /* read Xvnc/X11rdp parameter list */ + /* read Xvnc/X11rdp/XOrg parameter list */ config_read_vnc_params(fd, cfg, param_n, param_v); config_read_rdp_params(fd, cfg, param_n, param_v); + config_read_xorg_params(fd, cfg, param_n, param_v); /* read logging config */ // config_read_logging(fd, &(cfg->log), param_n, param_v); @@ -410,6 +411,38 @@ config_read_rdp_params(int file, struct config_sesman *cs, struct list *param_n, return 0; } +/******************************************************************************/ +int DEFAULT_CC +config_read_xorg_params(int file, struct config_sesman *cs, + struct list *param_n, struct list *param_v) +{ + int i; + + list_clear(param_v); + list_clear(param_n); + + cs->xorg_params = list_create(); + + file_read_section(file, SESMAN_CFG_XORG_PARAMS, param_n, param_v); + + for (i = 0; i < param_n->count; i++) + { + list_add_item(cs->xorg_params, + (long) g_strdup((char *) list_get_item(param_v, i))); + } + + /* printing security config */ + g_printf("XOrg parameters:\r\n"); + + for (i = 0; i < cs->xorg_params->count; i++) + { + g_printf("\tParameter %02d %s\r\n", + i, (char *) list_get_item(cs->xorg_params, i)); + } + + return 0; +} + /******************************************************************************/ int DEFAULT_CC config_read_vnc_params(int file, struct config_sesman *cs, struct list *param_n, diff --git a/sesman/config.h b/sesman/config.h index b011ca9b..6238b9e3 100644 --- a/sesman/config.h +++ b/sesman/config.h @@ -42,6 +42,7 @@ #define SESMAN_CFG_AUTH_FILE_PATH "AuthFilePath" #define SESMAN_CFG_RDP_PARAMS "X11rdp" +#define SESMAN_CFG_XORG_PARAMS "XOrg" #define SESMAN_CFG_VNC_PARAMS "Xvnc" /* @@ -192,6 +193,13 @@ struct config_sesman * @var log * @brief Log configuration struct */ + + struct list* xorg_params; + /** + * @var log + * @brief Log configuration struct + */ + //struct log_config log; /** * @var sec @@ -285,7 +293,20 @@ int DEFAULT_CC config_read_rdp_params(int file, struct config_sesman* cs, struct list* param_n, struct list* param_v); - +/** + * + * @brief Reads sesman [XOrg] configuration section + * @param file configuration file descriptor + * @param cs pointer to a config_sesman struct + * @param param_n parameter name list + * @param param_v parameter value list + * @return 0 on success, 1 on failure + * + */ +int DEFAULT_CC +config_read_xorg_params(int file, struct config_sesman* cs, struct list* param_n, + struct list* param_v); + /** * * @brief Reads sesman [Xvnc] configuration section diff --git a/sesman/libscp/libscp_session.c b/sesman/libscp/libscp_session.c index 4c389655..8f5841a5 100644 --- a/sesman/libscp/libscp_session.c +++ b/sesman/libscp/libscp_session.c @@ -58,12 +58,19 @@ scp_session_set_type(struct SCP_SESSION *s, tui8 type) case SCP_SESSION_TYPE_XVNC: s->type = SCP_SESSION_TYPE_XVNC; break; + case SCP_SESSION_TYPE_XRDP: s->type = SCP_SESSION_TYPE_XRDP; break; + + case SCP_SESSION_TYPE_XORG: + s->type = SCP_SESSION_TYPE_XORG; + break; + case SCP_GW_AUTHENTICATION: s->type = SCP_GW_AUTHENTICATION; break; + case SCP_SESSION_TYPE_MANAGE: s->type = SCP_SESSION_TYPE_MANAGE; s->mng = (struct SCP_MNG_DATA *)g_malloc(sizeof(struct SCP_MNG_DATA), 1); @@ -75,6 +82,7 @@ scp_session_set_type(struct SCP_SESSION *s, tui8 type) } break; + default: log_message(LOG_LEVEL_WARNING, "[session:%d] set_type: unknown type", __LINE__); return 1; diff --git a/sesman/libscp/libscp_types.h b/sesman/libscp/libscp_types.h index 2140eced..de851867 100644 --- a/sesman/libscp/libscp_types.h +++ b/sesman/libscp/libscp_types.h @@ -41,6 +41,8 @@ #define SCP_SESSION_TYPE_XVNC 0x00 #define SCP_SESSION_TYPE_XRDP 0x01 #define SCP_SESSION_TYPE_MANAGE 0x02 +#define SCP_SESSION_TYPE_XORG 0x03 + /* SCP_GW_AUTHENTICATION can be used when XRDP + sesman act as a gateway * XRDP sends this command to let sesman verify if the user is allowed * to use the gateway */ diff --git a/sesman/libscp/libscp_v0.c b/sesman/libscp/libscp_v0.c index afa09bd8..eab616ff 100644 --- a/sesman/libscp/libscp_v0.c +++ b/sesman/libscp/libscp_v0.c @@ -56,6 +56,10 @@ scp_v0c_connect(struct SCP_CONNECTION *c, struct SCP_SESSION *s) { out_uint16_be(c->out_s, 10); } + else if (s->type == SCP_SESSION_TYPE_XORG) + { + out_uint16_be(c->out_s, 20); + } else { log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); @@ -191,7 +195,7 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk) in_uint16_be(c->in_s, code); - if (code == 0 || code == 10) + if (code == 0 || code == 10 || code == 20) { session = scp_session_create(); @@ -207,10 +211,20 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk) { scp_session_set_type(session, SCP_SESSION_TYPE_XVNC); } - else + else if (code == 10) { scp_session_set_type(session, SCP_SESSION_TYPE_XRDP); } + else if (code == 20) + { + scp_session_set_type(session, SCP_SESSION_TYPE_XORG); + } + else + { + log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: " + "invalid code in xrdp.ini file: code=%d", __LINE__, code); + return SCP_SERVER_STATE_INTERNAL_ERR; + } /* reading username */ in_uint16_be(c->in_s, sz); diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c index aeaa22ee..cf5aa047 100644 --- a/sesman/scp_v0.c +++ b/sesman/scp_v0.c @@ -122,12 +122,21 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s) s->domain, s->program, s->directory, s->client_ip); } - else + else if (SCP_SESSION_TYPE_XRDP == s->type) { log_message(LOG_LEVEL_INFO, "starting X11rdp session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XRDP, s->domain, s->program, s->directory, + s->client_ip); + } + else + { + /* type is SCP_SESSION_TYPE_XORG */ + log_message(LOG_LEVEL_INFO, "starting XOrg session..."); + display = session_start(s->width, s->height, s->bpp, s->username, + s->password, data, SESMAN_SESSION_TYPE_XORG, + s->domain, s->program, s->directory, s->client_ip); } } diff --git a/sesman/sesman.ini b/sesman/sesman.ini index 5ee0b4cd..767014e0 100644 --- a/sesman/sesman.ini +++ b/sesman/sesman.ini @@ -47,3 +47,16 @@ param4=tcp param5=-localhost param6=-dpi param7=96 + +[XOrg] +param1=-modulepath +param2=/home/lk/xorg-modules +param3=-config +param4=xrdp/xorg.conf +param5=-logfile +param6=/tmp/Xtmp.log +param7=-novtswitch +param8=-sharevts +param9=-noreset +param10=-ac +param11=vt7 diff --git a/sesman/session.c b/sesman/session.c index 32b2e6be..d75ba17b 100644 --- a/sesman/session.c +++ b/sesman/session.c @@ -574,10 +574,40 @@ session_start_fork(int width, int height, int bpp, char *username, g_snprintf(text, 255, "%d", g_cfg->sess.kill_disconnected); g_setenv("XRDP_SESMAN_KILL_DISCONNECTED", text, 1); - if (type == SESMAN_SESSION_TYPE_XVNC) + if (type == SESMAN_SESSION_TYPE_XORG) + { + xserver_params = list_create(); + xserver_params->auto_free = 1; + + /* these are the must have parameters */ + list_add_item(xserver_params, (long) g_strdup("/usr/bin/Xorg")); + list_add_item(xserver_params, (long) g_strdup(screen)); + + /* additional parameters from sesman.ini file */ + list_append_list_strdup(g_cfg->xorg_params, xserver_params, 0); + + /* make sure it ends with a zero */ + list_add_item(xserver_params, 0); + + pp1 = (char **) xserver_params->items; + + log_message(LOG_LEVEL_INFO, "%s", dumpItemsToString(xserver_params, execvpparams, 2048)); + + /* some args are passed via env vars */ + g_sprintf(geometry, "%d", width); + g_setenv("XRDP_START_WIDTH", geometry, 1); + + g_sprintf(geometry, "%d", height); + g_setenv("XRDP_START_HEIGHT", geometry, 1); + + /* fire up Xorg */ + g_execvp("/usr/bin/Xorg", pp1); + } + else if (type == SESMAN_SESSION_TYPE_XVNC) { xserver_params = list_create(); xserver_params->auto_free = 1; + /* these are the must have parameters */ list_add_item(xserver_params, (long)g_strdup("Xvnc")); list_add_item(xserver_params, (long)g_strdup(screen)); @@ -596,13 +626,14 @@ session_start_fork(int width, int height, int bpp, char *username, /* make sure it ends with a zero */ list_add_item(xserver_params, 0); pp1 = (char **)xserver_params->items; - log_message(LOG_LEVEL_INFO, "Xvnc start:%s", dumpItemsToString(xserver_params, execvpparams, 2048)); + log_message(LOG_LEVEL_INFO, "%s", dumpItemsToString(xserver_params, execvpparams, 2048)); g_execvp("Xvnc", pp1); } else if (type == SESMAN_SESSION_TYPE_XRDP) { xserver_params = list_create(); xserver_params->auto_free = 1; + /* these are the must have parameters */ list_add_item(xserver_params, (long)g_strdup("X11rdp")); list_add_item(xserver_params, (long)g_strdup(screen)); @@ -619,7 +650,7 @@ session_start_fork(int width, int height, int bpp, char *username, /* make sure it ends with a zero */ list_add_item(xserver_params, 0); pp1 = (char **)xserver_params->items; - log_message(LOG_LEVEL_INFO, "X11rdp start:%s", dumpItemsToString(xserver_params, execvpparams, 2048)); + log_message(LOG_LEVEL_INFO, "%s", dumpItemsToString(xserver_params, execvpparams, 2048)); g_execvp("X11rdp", pp1); } else diff --git a/sesman/session.h b/sesman/session.h index 4329df12..185fa803 100644 --- a/sesman/session.h +++ b/sesman/session.h @@ -30,8 +30,9 @@ #include "libscp_types.h" -#define SESMAN_SESSION_TYPE_XRDP 1 -#define SESMAN_SESSION_TYPE_XVNC 2 +#define SESMAN_SESSION_TYPE_XRDP 1 +#define SESMAN_SESSION_TYPE_XVNC 2 +#define SESMAN_SESSION_TYPE_XORG 3 #define SESMAN_SESSION_STATUS_ACTIVE 0x01 #define SESMAN_SESSION_STATUS_IDLE 0x02 diff --git a/xrdp/xrdp.ini b/xrdp/xrdp.ini index 56357794..079ed7b9 100644 --- a/xrdp/xrdp.ini +++ b/xrdp/xrdp.ini @@ -45,7 +45,7 @@ grey=dedede # You can set the PAM error text in a gateway setup (MAX 256 chars) #pamerrortxt=change your password according to policy at http://url -#new_cursors=no +new_cursors=no #nego_sec_layer=0 allow_multimon=true @@ -179,6 +179,16 @@ port=ask3389 username=ask password=ask +[Session manager] +name=Session manager +lib=libxup.so +username=ask +password=ask +ip=127.0.0.1 +port=-1 +xserverbpp=24 +code=20 + # You can override the common channel settings for each session type #channel.rdpdr=true #channel.rdpsnd=true