Koichiro IWAO
8c74fcb80c
common: fix a glitch with IPv4 struct initialization
...
Pointed out by: andrecbarros
Closes : #803
7 years ago
Koichiro IWAO
aa4b90d250
Change log level DEBUG -> WARNING
...
since unavailability of ssl protocols defined in config file
may weaken security and it is important for users.
8 years ago
Koichiro IWAO
455c341efc
Reword log messages in ssl_get_protocols_from_string()
8 years ago
Jay Sorg
8d63c32899
move openssl calls to common/libssl.c, check for defines
8 years ago
Koichiro IWAO
088bd2d811
common: implement g_file_readable for WIN32
8 years ago
Koichiro IWAO
65c1fe87d7
Log user-friendly message when certificate/privkey is inaccessible
...
We shouldn't assume that xrdp daemon is running under root privilege.
In many cases, root privilege is not really needed for xrdp daemon.
xrdp may fail to load certificate/privkey due to lack of permissions
when running under user privilege. Checking existence of files is not
enough and xrdp should output user-friendly log in such case.
Reported by Debian user in bug 856436 [1].
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856436
8 years ago
Koichiro IWAO
0e7844ab02
Constify MCS connectionType
8 years ago
Koichiro IWAO
c7f8e360fd
common: separate sockets macros into basename and fullpath
...
since sometimes socket directory is obtained from environment variable.
8 years ago
Jay Sorg
2c96908ea5
common: if SSL_shutdown fails, only call one more time
8 years ago
Jay Sorg
75fd3fcf89
common: ssl_tls_write / read return 0 on socket close
8 years ago
MichaelSweden
5c668dc420
Removed error message while falling back to IPv4 (issue #714 )
8 years ago
MichaelSweden
106ae2cd43
Fix to handle OS disabled IPv6, issue #714 .
...
- Changes made only in the os_calls.c file.
- Exported functions changed: g_tcp_bind g_tcp_bind_address g_tcp_connect
- Support three network configurations:
1) Normal network, with IPv6
2) Partly disabled IPv6 via sysctl.conf
3) Total disabled IPv6 via grub
8 years ago
Pavel Roskin
148afd1170
Rename file_loc.h to xrdp_sockets.h, install it
...
Include xrdp_sockets.h directly, not through headers.
8 years ago
speidy
2f382d2a16
libxrdp: print connected client name to log
8 years ago
Pavel Roskin
95506a169f
Log socket fd in g_sck_accept(), fix AF_UNIX logging
8 years ago
Pavel Roskin
43899b7e0c
Allocate space for tls_ciphers dynamically
8 years ago
Pavel Roskin
58c9cb43e9
Make socket directory configurable, don't hardcode /tmp/.xrdp
...
Use XRDP_SOCKET_PATH in file_loc.h
Don't define any non-socket paths in file_loc.h, they should come from
the makefiles.
Define all paths unconditionally, they should not be defined elsewhere.
Pass XRDP_SOCKET_PATH as environment variable to the backends.
8 years ago
Pavel Roskin
6ed4c969f4
Eliminate APP_CC and DEFAULT_CC
8 years ago
Pavel Roskin
30a7a947b1
Don't include config_ac.h from any header files
8 years ago
Pavel Roskin
b2d3dcf169
Include config_ac.h from all source files
8 years ago
Koichiro IWAO
c126f81d9a
add comment to keep xorgxrdp/x11rdp compatibility
8 years ago
Koichiro IWAO
e94ab10e14
TLS: new method to specify SSL/TLS version
...
SSL/TLS protocols only listed in ssl_protocols should be used.
The name "ssl_protocols" comes from nginx.
Resolves #428 .
8 years ago
Jay Sorg
657f6f3756
common: use select for SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE tls errors
8 years ago
Jay Sorg
e0ac84aaa4
change some casts to long long
8 years ago
Jay Sorg
c5e9bc7851
common: print list items as pointers
8 years ago
Jay Sorg
7825246d7a
fix warning new since stdint.h change
8 years ago
Pavel Roskin
f8d22ce673
aarch64 doesn't require pointers to be aligned
8 years ago
Pavel Roskin
dc1e341f5a
Constify input arguments of ssl_mod_exp() and ssl_gen_key_xrdp1()
8 years ago
Pavel Roskin
6a3f0a75bd
Remove support for OpenSSL older than 0.9.8
...
It's hard to find an older version of OpenSSL even on long term support
distros.
8 years ago
Jay Sorg
d7967ec897
minor arch.h change
8 years ago
Jay Sorg
3b84314a1a
arch.h changes to include stdint.h
8 years ago
mirabilos
6257bae23f
Add GNU/kFreeBSD support ( #645 )
...
* GNU/kFreeBSD is a FreeBSD variant, for code purposes.
* GNU/kFreeBSD uses GNU/Linux-ish init scripts, however.
8 years ago
Idan Freiberg
19375dda7a
Merge pull request #426 from metalefty/log-tls-version-and-cipher
...
TLS: log TLS version and cipher
8 years ago
Idan Freiberg
a64e1789c5
Merge pull request #615 from speidy/channels_fixes
...
Channels improvements
8 years ago
Pavel Roskin
f1a521204a
Remove redundant function declarations
8 years ago
Koichiro IWAO
c89c1318f8
obey coding standard, no logic change
8 years ago
speidy
94cdbdcee6
libxrdp: change channel_code into a meaningful name
8 years ago
Pavel Roskin
6664aac00f
Use "void" for empty argument list in declarations
...
In C, an empty argument list in a declaration means that the function
can accept any arguments. Use "void" instead, it means "no arguments".
C++ treats void and empty list as "no arguments".
8 years ago
volth
26a26ef906
fix build with --enable-xrdpdebug=yes
8 years ago
volth
37b4a14b54
fix build with --enable-xrdpdebug=yes
8 years ago
metalefty
25e5243ecf
Merge pull request #553 from jsorg71/libpainter
...
add libpainter for drawing when client does not have minimum orders
8 years ago
Jay Sorg
1f51586769
add libpainter for drawing when client does not have minimum orders
8 years ago
speidy
4697354044
xrdp_constants: move CAPSET constants to their place
8 years ago
speidy
917aadd2d1
libxrdp: more constants
8 years ago
speidy
3dc0f2860c
Merge branch 'surface_cmds' of git://github.com/speidy/xrdp into surface_cmds
8 years ago
speidy
5e39bb1f87
libxrdp: caps, group caps require fastpath output, use FASTPATH_OUTPUT_SUPPORTED constant
8 years ago
Speidy
a0cf6030df
Merge branch 'devel' of https://github.com/neutrinolabs/xrdp into surface_cmds
8 years ago
jsorg71
5966de4ee2
Merge pull request #536 from jsorg71/unicode
...
add unicode support
8 years ago
Jay Sorg
c264862afe
change some magics to defines
8 years ago
Jay Sorg
2f8d3ba9da
add unicode support
8 years ago
Pavel Roskin
d97155e2f6
Don't use colon to separate IPv6 address from the port
...
IPv6 addresses can have colons in their names, so the final colon can be
confusing.
8 years ago
speidy
8a0fec5e66
o send RFX tiles as stream (Stream Surface Bits Command)
...
o silent frame ack logging
o support surface commands in capsets
o fix some wrong constants
8 years ago
Jay Sorg
9a517b34f0
vnc: code cleanup
8 years ago
metalefty
943dec86ca
Merge pull request #512 from speidy/devel
...
xrdp_encoder: do not initialize for non-UNIX rdp clients
8 years ago
Pavel Roskin
c6307aa2b0
Use pkg-config to discover OpenSSL
...
All supported versions of OpenSSL have pkg-config files.
8 years ago
Pavel Roskin
06f4f72e28
Add -ldl to libcommon link flags if it's needed for dlopen()
8 years ago
speidy
1fe048b63d
xrdp_encoder: do not initialize for non-UNIX rdp clients
...
xrdp_encoder: comment about temporary workaround
8 years ago
Koichiro IWAO
849a8075c5
common: If IPv6 not supported, fall back to IPv4
...
The system to run xrdp does not necessarily support IPv6 even though
it is compiled with IPv6.
Fixes #432 .
8 years ago
Koichiro IWAO
40e8194122
TLS: log TLS version and cipher
8 years ago
Itamar Reis Peixoto
7cc1dd2ba8
Merge pull request #460 from metalefty/ipv6/logs
...
common: Fix client IP address logging when IPv6 is enabled
8 years ago
Pavel Roskin
2dcc69b752
Use g_get_strerror() instead of strerror(errno) for portability
8 years ago
Pavel Roskin
1fe368c5b3
Install headers used by X11rdp and xorgxrdp
...
Installing the headers makes it possible to compile xorgxrdp as a
separate package, without xrdp sources.
8 years ago
Koichiro IWAO
dcf36b592b
common: Address family it not always AF_INET6
...
even if XRDP_ENABLE_IPV6 defined.
8 years ago
Koichiro IWAO
b2118450f4
common: Fix client IP address logging when IPv6 is enabled
...
g_tcp_accept() and g_sck_accept() should use sockadd_in6 when IPv6 is
enabled. The former code logs client IP address always "0.0.0.0" in such
case.
Fixes #412 .
8 years ago
Pavel Roskin
4324084d58
Use static inline functions for OpenSSL 1.0 backport
...
Conditional preprocessor directives spread throughout the code set a bad
example.
The new backport code is located in one place. The compiler checks
argument types. The backport code has no access to the caller variables.
The main code has all advantages of the new, more compact API.
8 years ago
Dominik George
e5cf45d1ac
Add backwards compatibility to OpenSSL < 1.1.0.
8 years ago
Dominik George
1b5fb8f1c8
Fix ssl_calls for OpenSSL 1.1.0, closes #458 .
8 years ago
Pavel Roskin
6fef1e4eb5
Use const pointers in function arguments when possible
8 years ago
Pavel Roskin
bc868b96b1
Remove text2bool() from log.h, there is no such function
8 years ago
Pavel Roskin
a618d4f757
Don't use final newline in log calls, it's already appended
8 years ago
Pavel Roskin
7d03d1a3e9
Fix outgoing connections on Mac OSX
...
connect() on an already established connection returns error with errno
set to EISCONN. Treat it as success.
8 years ago
Pavel Roskin
5465b8c85e
Add socklen_t check with substitution, use socklen_t as needed
8 years ago
Pavel Roskin
6f4ffa769c
Improve debug information when closing a socket
...
Don't assume AF_INET family. Don't assume the socket is connected. Report
local address and port. Don't try to close non-sockets and invalid file
descriptors. Report errors getting socket information and closing the
socket. Use more appropriate log levels.
8 years ago
Jay Sorg
8f747e37ca
always set SSL_OP_NO_SSLv2 in TLS options
8 years ago
Alex Illsley
47124df4ed
new options for xrdp.ini disableSSlv3=yes and tls_ciphers=HIGH and code to implement
8 years ago
Koichiro IWAO
ceb4b7b2a4
Fix clipboard when text/filename contains non-ASCII characters
...
broken by #314 . This is compatible with the fix introduced in #314 .
To use non-ASCII text/filename in clipboard, chansrv needs to be run
with LC_CTYPE=*.UTF-8 because the behaviour of mbstowcs(3) function
called in chansrv depends on LC_CTYPE[1]. However #314 made
LC_CTYPE=C in chansrv context. Even if LANG and LC_* are set in
.bashrc, /etc/profile, /etc/locale.conf or something like that,
it doesn't affect in chansrv context because chansrv doesn't source
any of them unlike sesman.
So do not set LC_CTYPE to blank or "C" in g_init() in order to get
g_mbstowcs and g_wcstombs to work properly with non-ASCII UTF-8
characters in any context.
Setting LC_CTYPE to *.UTF-8 doesn't obstruct applying system
language in RHEL [2].
[1] Linux man page says:
The behavior of mbstowcs() depends on the LC_CTYPE category of
the current locale.
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1290820
8 years ago
Jay Sorg
f4f23b0a7d
Include stdint.h, don't redefine MAX/MIN constants if already defined
8 years ago
Jay Sorg
d35e57b117
Pixman fixes
8 years ago
Jay Sorg
bb7bac2d9b
add region intersect
8 years ago
Jay Sorg
58c777783b
add more advances region support using pixman
8 years ago
jsorg71
8353baab3d
Merge pull request #390 from proski/june21
...
Cleanups and C++ compatibility
8 years ago
speidy
c9b55e3691
sesman: env_set_user, fix potential bof issues
8 years ago
Pavel Roskin
ace7d2c822
Declare unified module interface and use it in modules
...
This fixes loading modules compiled with a C++ compiler. Remote thandle
type, it's unused. Use tintptr for module data. Don't cast pointers to
long, they won't fit on Win64.
9 years ago
Pavel Roskin
2c13ef5c6d
Use enum logLevels consistently for log levels
9 years ago
Pavel Roskin
0c72ee2371
Use char* for TLS send and receive
...
This is consistent with ssl_tls_read() and ssl_tls_write(). C++ warnings
are fixed without adding any casts.
9 years ago
Pavel Roskin
28a1a090b3
Use correct types for ssl and ctx fields in struct ssl_tls
9 years ago
Pavel Roskin
d1efb0d5ba
Fix signed to unsigned comparisons reported by g++ 6.1.0
9 years ago
Pavel Roskin
5829323ad8
Use g_new or g_new0 when C++ compiler would complain about implicit cast
9 years ago
Pavel Roskin
a24df49241
Introduce glib style macros for allocating memory with type
9 years ago
Pavel Roskin
aeeb3d2c2e
Fix warnings detected by -Wwrite-strings
9 years ago
Pavel Roskin
951e632757
Make program_name constant, don't duplicate or free it
9 years ago
Pavel Roskin
77b380c0b5
Fix format warnings in log_message() calls
9 years ago
Pavel Roskin
b1527b7947
Check string format in log_message
...
Move "printflike" definition to arch.h, it's used both by log.h and
os_calls.h.
9 years ago
Pavel Roskin
ae5bb5bf9c
Fix incorrect use of "it's" and "its", adjust wording
9 years ago
speidy
b38dcf1bb0
xrdp_wm: fix for multimon, draw login window and log window on primary
...
monitor
9 years ago
Itamar Reis Peixoto
0a6a55b547
Merge pull request #370 from proski/typos
...
Typo fixes and more
9 years ago
jsorg71
8249091183
Merge pull request #332 from metalefty/freebsd/ipv6
...
common: add log for g_tcp_connect
9 years ago
Pavel Roskin
c3f6e1f58a
Use uniform comments for GUIDs
9 years ago
Pavel Roskin
ca9cbcafc8
Typo fixes
9 years ago
jsorg71
fdb146740f
Merge pull request #360 from proski/format-warnings
...
Warning fixes
9 years ago