|
|
|
@ -33,7 +33,7 @@
|
|
|
|
extern struct config_sesman g_cfg;
|
|
|
|
extern struct config_sesman g_cfg;
|
|
|
|
|
|
|
|
|
|
|
|
/******************************************************************************/
|
|
|
|
/******************************************************************************/
|
|
|
|
void DEFAULT_CC
|
|
|
|
void DEFAULT_CC
|
|
|
|
scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s)
|
|
|
|
scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
long data;
|
|
|
|
long data;
|
|
|
|
@ -46,77 +46,82 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s)
|
|
|
|
int scount;
|
|
|
|
int scount;
|
|
|
|
SCP_SID sid;
|
|
|
|
SCP_SID sid;
|
|
|
|
|
|
|
|
|
|
|
|
retries=g_cfg.sec.login_retry;
|
|
|
|
retries = g_cfg.sec.login_retry;
|
|
|
|
current_try=retries;
|
|
|
|
current_try = retries;
|
|
|
|
|
|
|
|
|
|
|
|
data=auth_userpass(s->username, s->password);
|
|
|
|
data = auth_userpass(s->username, s->password);
|
|
|
|
LOG_DBG("user: %s\npass: %s", s->username, s->password);
|
|
|
|
LOG_DBG("user: %s\npass: %s", s->username, s->password);
|
|
|
|
|
|
|
|
|
|
|
|
while ((!data) && ((retries==0) || (current_try>0)))
|
|
|
|
while ((!data) && ((retries == 0) || (current_try > 0)))
|
|
|
|
{
|
|
|
|
{
|
|
|
|
LOG_DBG("data %d - retry %d - currenttry %d - expr %d", data, retries, current_try, ((!data) && ((retries==0) || (current_try>0))));
|
|
|
|
LOG_DBG("data %d - retry %d - currenttry %d - expr %d", data, retries,
|
|
|
|
|
|
|
|
current_try, ((!data) && ((retries == 0) || (current_try > 0))));
|
|
|
|
e=scp_v1s_request_password(c,s,"Wrong username and/or password");
|
|
|
|
|
|
|
|
|
|
|
|
e = scp_v1s_request_password(c, s, "Wrong username and/or password");
|
|
|
|
|
|
|
|
|
|
|
|
switch (e)
|
|
|
|
switch (e)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
case SCP_SERVER_STATE_OK:
|
|
|
|
case SCP_SERVER_STATE_OK:
|
|
|
|
/* all ok, we got new username and password */
|
|
|
|
/* all ok, we got new username and password */
|
|
|
|
data=auth_userpass(s->username, s->password);
|
|
|
|
data = auth_userpass(s->username, s->password);
|
|
|
|
/* one try less */
|
|
|
|
/* one try less */
|
|
|
|
if (current_try>0)
|
|
|
|
if (current_try > 0)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
current_try--;
|
|
|
|
current_try--;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
break;
|
|
|
|
case SCP_SERVER_STATE_VERSION_ERR:
|
|
|
|
case SCP_SERVER_STATE_VERSION_ERR:
|
|
|
|
LOG_DBG("version error",0)
|
|
|
|
LOG_DBG("version error", 0)
|
|
|
|
case SCP_SERVER_STATE_SIZE_ERR:
|
|
|
|
case SCP_SERVER_STATE_SIZE_ERR:
|
|
|
|
/* an unknown scp version was requested, so we shut down the */
|
|
|
|
/* an unknown scp version was requested, so we shut down the */
|
|
|
|
/* connection (and log the fact) */
|
|
|
|
/* connection (and log the fact) */
|
|
|
|
log_message(LOG_LEVEL_WARNING,"protocol violation. connection closed.");
|
|
|
|
log_message(LOG_LEVEL_WARNING,
|
|
|
|
|
|
|
|
"protocol violation. connection closed.");
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
case SCP_SERVER_STATE_NETWORK_ERR:
|
|
|
|
case SCP_SERVER_STATE_NETWORK_ERR:
|
|
|
|
log_message(LOG_LEVEL_WARNING,"libscp network error.");
|
|
|
|
log_message(LOG_LEVEL_WARNING, "libscp network error.");
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
case SCP_SERVER_STATE_SEQUENCE_ERR:
|
|
|
|
case SCP_SERVER_STATE_SEQUENCE_ERR:
|
|
|
|
log_message(LOG_LEVEL_WARNING,"libscp sequence error.");
|
|
|
|
log_message(LOG_LEVEL_WARNING, "libscp sequence error.");
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
case SCP_SERVER_STATE_INTERNAL_ERR:
|
|
|
|
case SCP_SERVER_STATE_INTERNAL_ERR:
|
|
|
|
/* internal error occurred (eg. malloc() error, ecc.) */
|
|
|
|
/* internal error occurred (eg. malloc() error, ecc.) */
|
|
|
|
log_message(LOG_LEVEL_ERROR, "libscp internal error occurred.");
|
|
|
|
log_message(LOG_LEVEL_ERROR, "libscp internal error occurred.");
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
default:
|
|
|
|
default:
|
|
|
|
/* dummy: scp_v1s_request_password won't generate any other */
|
|
|
|
/* dummy: scp_v1s_request_password won't generate any other */
|
|
|
|
/* error other than the ones before */
|
|
|
|
/* error other than the ones before */
|
|
|
|
log_message(LOG_LEVEL_ALWAYS, "unknown return from scp_v1s_request_password()");
|
|
|
|
log_message(LOG_LEVEL_ALWAYS,
|
|
|
|
return;
|
|
|
|
"unknown return from scp_v1s_request_password()");
|
|
|
|
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (!data)
|
|
|
|
if (!data)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
scp_v1s_deny_connection(c,"Login failed");
|
|
|
|
scp_v1s_deny_connection(c, "Login failed");
|
|
|
|
log_message(LOG_LEVEL_INFO,"Login failed for user %s. Connection terminated", s->username);
|
|
|
|
log_message(LOG_LEVEL_INFO,
|
|
|
|
|
|
|
|
"Login failed for user %s. Connection terminated", s->username);
|
|
|
|
free_session(s);
|
|
|
|
free_session(s);
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* testing if login is allowed*/
|
|
|
|
/* testing if login is allowed*/
|
|
|
|
if (0==access_login_allowed(s->username))
|
|
|
|
if (0 == access_login_allowed(s->username))
|
|
|
|
{
|
|
|
|
{
|
|
|
|
scp_v1s_deny_connection(c,"Access to Terminal Server not allowed.");
|
|
|
|
scp_v1s_deny_connection(c, "Access to Terminal Server not allowed.");
|
|
|
|
log_message(LOG_LEVEL_INFO,"User %s not allowed on TS. Connection terminated", s->username);
|
|
|
|
log_message(LOG_LEVEL_INFO,
|
|
|
|
|
|
|
|
"User %s not allowed on TS. Connection terminated", s->username);
|
|
|
|
free_session(s);
|
|
|
|
free_session(s);
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//check if we need password change
|
|
|
|
//check if we need password change
|
|
|
|
|
|
|
|
|
|
|
|
/* list disconnected sessions */
|
|
|
|
/* list disconnected sessions */
|
|
|
|
slist=session_get_byuser(s->username, &scount);
|
|
|
|
slist = session_get_byuser(s->username, &scount);
|
|
|
|
|
|
|
|
|
|
|
|
if (scount==0)
|
|
|
|
if (scount == 0)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
#warning FIXME we should check for MaxSessions
|
|
|
|
#warning FIXME we should check for MaxSessions
|
|
|
|
/* no disconnected sessions - start a new one */
|
|
|
|
/* no disconnected sessions - start a new one */
|
|
|
|
@ -124,45 +129,46 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s)
|
|
|
|
if (SCP_SESSION_TYPE_XVNC == s->type)
|
|
|
|
if (SCP_SESSION_TYPE_XVNC == s->type)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
log_message(LOG_LEVEL_INFO, "starting Xvnc session...");
|
|
|
|
log_message(LOG_LEVEL_INFO, "starting Xvnc session...");
|
|
|
|
display = session_start(s->width, s->height, s->bpp, s->username, s->password,
|
|
|
|
display = session_start(s->width, s->height, s->bpp, s->username,
|
|
|
|
data, SESMAN_SESSION_TYPE_XVNC);
|
|
|
|
s->password, data, SESMAN_SESSION_TYPE_XVNC);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
else
|
|
|
|
{
|
|
|
|
{
|
|
|
|
log_message(LOG_LEVEL_INFO, "starting Xrdp session...");
|
|
|
|
log_message(LOG_LEVEL_INFO, "starting Xrdp session...");
|
|
|
|
display = session_start(s->width, s->height, s->bpp, s->username, s->password,
|
|
|
|
display = session_start(s->width, s->height, s->bpp, s->username,
|
|
|
|
data, SESMAN_SESSION_TYPE_XRDP);
|
|
|
|
s->password, data, SESMAN_SESSION_TYPE_XRDP);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
e=scp_v1s_connect_new_session(c, display);
|
|
|
|
e = scp_v1s_connect_new_session(c, display);
|
|
|
|
switch (e)
|
|
|
|
switch (e)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
case SCP_SERVER_STATE_OK:
|
|
|
|
case SCP_SERVER_STATE_OK:
|
|
|
|
/* all ok, we got new username and password */
|
|
|
|
/* all ok, we got new username and password */
|
|
|
|
break;
|
|
|
|
break;
|
|
|
|
case SCP_SERVER_STATE_NETWORK_ERR:
|
|
|
|
case SCP_SERVER_STATE_NETWORK_ERR:
|
|
|
|
log_message(LOG_LEVEL_WARNING,"libscp network error.");
|
|
|
|
log_message(LOG_LEVEL_WARNING, "libscp network error.");
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
default:
|
|
|
|
default:
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if (scount==1)
|
|
|
|
else if (scount == 1)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
/* there's only one session - returning that */
|
|
|
|
/* there's only one session - returning that */
|
|
|
|
sitem=session_get_bypid(slist->SID);
|
|
|
|
sitem = session_get_bypid(slist->SID);
|
|
|
|
#warning FIXME session_get_by*() should return a malloc()ated struct
|
|
|
|
#warning FIXME session_get_by*() should return a malloc()ated struct
|
|
|
|
#warning FIXME or at least lock the chain
|
|
|
|
#warning FIXME or at least lock the chain
|
|
|
|
if (0==sitem)
|
|
|
|
if (0 == sitem)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
e=scp_v1s_connection_error(c, "Internal error");
|
|
|
|
e = scp_v1s_connection_error(c, "Internal error");
|
|
|
|
log_message(LOG_LEVEL_INFO, "Cannot find session item on the chain");
|
|
|
|
log_message(LOG_LEVEL_INFO, "Cannot find session item on the chain");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else
|
|
|
|
else
|
|
|
|
{
|
|
|
|
{
|
|
|
|
display=sitem->display;
|
|
|
|
display = sitem->display;
|
|
|
|
e=scp_v1s_reconnect_session(c, slist, display);
|
|
|
|
e = scp_v1s_reconnect_session(c, slist, display);
|
|
|
|
log_message(LOG_LEVEL_INFO, "User %s reconnected to session %d on port %d", \
|
|
|
|
log_message(LOG_LEVEL_INFO,
|
|
|
|
|
|
|
|
"User %s reconnected to session %d on port %d",
|
|
|
|
s->username, sitem->pid, display);
|
|
|
|
s->username, sitem->pid, display);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
g_free(slist);
|
|
|
|
g_free(slist);
|
|
|
|
@ -170,21 +176,20 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s)
|
|
|
|
else
|
|
|
|
else
|
|
|
|
{
|
|
|
|
{
|
|
|
|
/* 2 or more disconnected sessions - listing */
|
|
|
|
/* 2 or more disconnected sessions - listing */
|
|
|
|
|
|
|
|
|
|
|
|
//max session x packet = 100 => pkt size = 1300 (13x100)
|
|
|
|
//max session x packet = 100 => pkt size = 1300 (13x100)
|
|
|
|
e=scp_v1s_list_sessions(c, scount, slist, &sid);
|
|
|
|
e = scp_v1s_list_sessions(c, scount, slist, &sid);
|
|
|
|
|
|
|
|
|
|
|
|
//CHECK RETURN
|
|
|
|
//CHECK RETURN
|
|
|
|
|
|
|
|
|
|
|
|
g_free(slist);
|
|
|
|
g_free(slist);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* resource management */
|
|
|
|
/* resource management */
|
|
|
|
if ((e==SCP_SERVER_STATE_OK) && (s->rsr))
|
|
|
|
if ((e == SCP_SERVER_STATE_OK) && (s->rsr))
|
|
|
|
{
|
|
|
|
{
|
|
|
|
/* here goes scp resource sharing code */
|
|
|
|
/* here goes scp resource sharing code */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* cleanup */
|
|
|
|
/* cleanup */
|
|
|
|
free_session(s);
|
|
|
|
free_session(s);
|
|
|
|
auth_end(data);
|
|
|
|
auth_end(data);
|
|
|
|
|
jsorg71
18 years ago