Koichiro IWAO
171f8e79ed
xrdp: deprecate TLSv1 and TLSv1.1
...
Most websites disabled TLSv1 (1.0) and TLSv1.1 since March 2018
[1][2][3]. It is HTTPS context but there's few differences between HTTPS
and other TLS connections. Users can whenever re-enable these deprecated
TLS versions by editing xrdp.ini but not enabled by default.
[1] https://www.globalsign.com/en/blog/disable-tls-10-and-all-ssl-versions/
[2] https://www.thesslstore.com/blog/deprecation-tls-1-0-1-1-underway/
[3] https://www.digicert.com/blog/depreciating-tls-1-0-and-1-1/
6 years ago
Koichiro IWAO
1ad8cbb2a0
Document TLSv1.3 support
6 years ago
Koichiro IWAO
74497752dc
Add TLSv1.3 support
...
Actually, TLSv1.3 will be enabled without this change if xrdp is compiled
with OpenSSL or alternatives which support TLSv1.3. This commit makes to
enable or disable TLSv1.3 explicitly. Also, this commit adds a log
"TLSv1.3 enabled by config, but not supported by system OpenSSL". if
xrdp installation doesn't support TLSv1.3. It should be user-friendly.
6 years ago
metalefty
98e8cec83d
Merge pull request #1206 from metalefty/xrdp-dis
...
show more helpful message if xrdp-dis failed
6 years ago
Koichiro IWAO
2a85a65d08
show more helpful message if xrdp-dis failed
6 years ago
metalefty
5f30ca2f87
Merge pull request #1198 from metalefty/pulse-socket-env
...
sesman: pass pulse socket name via environment variable
6 years ago
Koichiro IWAO
d6992cf62d
sesman: add XRDP_ prefix to xrdp related environment variable
...
and remove CHANSRV, use the shorter name
6 years ago
Koichiro IWAO
59f3a79fe4
sesman: pass pulse socket name via environment variable
6 years ago
Jay Sorg
e189be9d2e
.gitignore, change configure_params.h to xrdp_configure_options.h
6 years ago
metalefty
1e08bd041c
Merge pull request #1186 from speidy/pulse-remove
...
chansrv: remove pulseaudio modules from xrdp source tree
6 years ago
Idan Freiberg
5d2c5b1410
chansrv: remove pulseaudio modules from xrdp source tree
...
its actually an independent code which is not part of xrdp
moved to its own repoistory: https://github.com/neutrinolabs/pulseaudio-modules
Signed-off-by: Idan Freiberg <speidy@gmail.com>
6 years ago
Koichiro IWAO
ff85cb4530
Merge branch 'wfix-pulsechansrv-makefile' into devel
6 years ago
Brandon Wooldridge
8427c3601b
Corrected spacing between arguments to `cc` for Pulseaudio chanserv Makefile
6 years ago
metalefty
b8c7aadcb6
Merge pull request #1168 from metalefty/fix-xrdp-log-path-in-man
...
docs: fix xrdp's LogFile path in man
6 years ago
metalefty
5b77d2dc7f
Merge pull request #1140 from matt335672/chansrv-atexit
...
Add atexit() handler to unmount the filesystem on fatal X error
6 years ago
matt335672
c467ba6b04
Add handler for fatal X server conditions
...
Unless X server failures are caught, these can cause a premature
exit of chansrv, giving it no chance to clean up. This is currently a
particular problem for fuser mounts.
6 years ago
Koichiro IWAO
5d9ff0f544
docs: fix xrdp's LogFile path in man
6 years ago
metalefty
a9e2dcc99f
Merge pull request #1160 from metalefty/prepare-release
...
Prepare release
7 years ago
Koichiro IWAO
52fd17af0f
Update v0.9.7 release date
7 years ago
Koichiro IWAO
2d3170c007
Bump version to v0.9.7
7 years ago
Koichiro IWAO
860d01cf16
Update NEWS for v0.9.7
7 years ago
metalefty
cb06a28180
Merge pull request #1156 from metalefty/configure_echo
...
xrdp: print configure options to --version more pretty
7 years ago
Koichiro IWAO
c0c7c3f106
xrdp: unify inconsistent mixed use of
...
* configure params
* configure options
* configure string
7 years ago
Koichiro IWAO
be05afb30b
xrdp: print configure options to --version more pretty
7 years ago
metalefty
e7c0b11336
Merge pull request #1153 from metalefty/rc-script
...
FreeBSD: separate rc script into xrdp and xrdp-sesman
7 years ago
metalefty
dbee05d9ed
Merge pull request #1147 from metalefty/defaultwm-fullpath
...
Accept full path for DefaultWindowManager
7 years ago
Koichiro IWAO
eda1842825
sesman: add comments, no logic change
7 years ago
Koichiro IWAO
6e16b38ecc
sesman: fix potential buffer over flow
7 years ago
Koichiro IWAO
9192e95c96
sesman: fix logging after default_wm change
7 years ago
Koichiro IWAO
6fb18cd5fa
docs: document configurable reconnect script path
7 years ago
Koichiro IWAO
a39b413746
sesman: make the path of reconnect script configurable
7 years ago
Koichiro IWAO
e82f212f34
sesman: accept full path for DefaultWindowManager
...
Solves: #1143
Also, this idea is inspired by Fedora's patch [1]. Some distro wants to
put all scripts in libexec directory due to SELinux. This enables
distros to put such scripts anywhere.
[1] https://src.fedoraproject.org/cgit/rpms/xrdp.git/tree/xrdp-0.9.6-scripts-libexec.patch?id=02f845c1b8cea781313cf3e9efcd6d7d50341824
7 years ago
Idan Freiberg
036c292120
Merge pull request #1146 from metalefty/sesman-leak
...
sesman: fix leak in struct config_sesman
7 years ago
metalefty
f83d967f46
Merge pull request #1120 from matt335672/set-env-on-reconnect
...
Copy the PAM session environment for the reconnect script
7 years ago
Koichiro IWAO
037d4eeece
sesman: fix leak in struct config_sesman
7 years ago
metalefty
91c5ee4475
Merge pull request #1142 from metalefty/dont-spit-on-the-console-sesman
...
Dont spit on the console (sesman)
7 years ago
Koichiro IWAO
2262f1361f
sesman: close stdout/stderr earlier
...
not to spit on the console
7 years ago
Koichiro IWAO
6ae3052a0f
sesman: don't spit on the console when starting
...
As the Debian patch[1] expresses, spitting messages on the console when
a process starts in background is a bad idea. Everything should be
written to log file and daemon should start silently. This is a first
step to shut up daemons.
Got some idea from Debian Remote Maintainers and Thorsten Glaser,
thanks!
[1] 2751ad4d62/debian/patches/shutup-daemon.diff
7 years ago
Koichiro IWAO
19fa26a27e
sesman: don't print config in reader function
...
reader function should just read. Add config_dump function to print read
config.
7 years ago
Koichiro IWAO
de33a7832e
sesman: s/XOrg/Xorg/g, no logic change
...
X.Org is usually spelled X.Org or Xorg.
7 years ago
Koichiro IWAO
e4857b13fa
sesman: config_read_logging function no longer exists
7 years ago
matt335672
cde5b09129
Copy the PAM session environment for the reconnect script
...
This provides access to variables set at login which may be
required by the script (e.g. KRB5CCNAME)
7 years ago
Koichiro IWAO
72b5088449
FreeBSD: separate rc script into xrdp and xrdp-sesman
...
to improve fscd(8)[1] compatibility. fscd(8) monitors daemons and
restarts after daemons crashed. We usually want to start, stop, and
restart xrdp and xrdp-sesman separately because restarting xrdp-sesman
means losing existing sessions. This change will enable fscd(8) not to
restart xrdp-sesman together when only xrdp daemon crashes.
Now rc.d/xrdp mainly has following commands:
* start - starts xrdp
* stop - stops xrdp
* restart - stops xrdp, then starts it again
* allstart - starts both xrdp and xrdp-sesman
* allstop - stops both
* allrestart - stops both, then start them again
* status - returns status of xrdp
rc.d/xrdp-sesman doesn't have all- prefixed commands.
[1] https://www.freshports.org/sysutils/fsc/
7 years ago
jsorg71
57015aa088
Merge pull request #1132 from daixj-shterm/devel
...
fix issue #1112 : set SSL object's read_ahead flag to be 0
7 years ago
Jay Sorg
f6d3fd46b6
don't remove configure_params.h on make clean, only make distclean
7 years ago
Jay Sorg
04a5a0582e
distclean remove configure_params.h
7 years ago
Jay Sorg
349616a35d
add ipv6only to configure echo and add configure parameter to xrdp -h output
7 years ago
daixj
88b3c06311
fix issue #1112 : set SSL object's read_ahead flag to be 0
7 years ago
metalefty
a1576ccbf7
Merge pull request #1126 from metalefty/strict-locations
...
configure: set default value for enable_strict_locations
7 years ago
Koichiro IWAO
9d8816b41b
configure: set default value for enable_strict_locations
...
This change prints yes or no to configure summary introduced in #1118 .
7 years ago