80d349cbd6
Merge pull request #1193 from metalefty/TLSv1.3
...
TLSv1.3
7 years ago
171f8e79ed
xrdp: deprecate TLSv1 and TLSv1.1
...
Most websites disabled TLSv1 (1.0) and TLSv1.1 since March 2018
[1][2][3]. It is HTTPS context but there's few differences between HTTPS
and other TLS connections. Users can whenever re-enable these deprecated
TLS versions by editing xrdp.ini but not enabled by default.
[1] https://www.globalsign.com/en/blog/disable-tls-10-and-all-ssl-versions/
[2] https://www.thesslstore.com/blog/deprecation-tls-1-0-1-1-underway/
[3] https://www.digicert.com/blog/depreciating-tls-1-0-and-1-1/
7 years ago
1ad8cbb2a0
Document TLSv1.3 support
7 years ago
74497752dc
Add TLSv1.3 support
...
Actually, TLSv1.3 will be enabled without this change if xrdp is compiled
with OpenSSL or alternatives which support TLSv1.3. This commit makes to
enable or disable TLSv1.3 explicitly. Also, this commit adds a log
"TLSv1.3 enabled by config, but not supported by system OpenSSL". if
xrdp installation doesn't support TLSv1.3. It should be user-friendly.
7 years ago
98e8cec83d
Merge pull request #1206 from metalefty/xrdp-dis
...
show more helpful message if xrdp-dis failed
7 years ago
2a85a65d08
show more helpful message if xrdp-dis failed
7 years ago
5f30ca2f87
Merge pull request #1198 from metalefty/pulse-socket-env
...
sesman: pass pulse socket name via environment variable
7 years ago
d6992cf62d
sesman: add XRDP_ prefix to xrdp related environment variable
...
and remove CHANSRV, use the shorter name
7 years ago
59f3a79fe4
sesman: pass pulse socket name via environment variable
7 years ago
e189be9d2e
.gitignore, change configure_params.h to xrdp_configure_options.h
7 years ago
1e08bd041c
Merge pull request #1186 from speidy/pulse-remove
...
chansrv: remove pulseaudio modules from xrdp source tree
7 years ago
5d2c5b1410
chansrv: remove pulseaudio modules from xrdp source tree
...
its actually an independent code which is not part of xrdp
moved to its own repoistory: https://github.com/neutrinolabs/pulseaudio-modules
Signed-off-by: Idan Freiberg <speidy@gmail.com>
7 years ago
ff85cb4530
Merge branch 'wfix-pulsechansrv-makefile' into devel
7 years ago
8427c3601b
Corrected spacing between arguments to `cc` for Pulseaudio chanserv Makefile
7 years ago
b8c7aadcb6
Merge pull request #1168 from metalefty/fix-xrdp-log-path-in-man
...
docs: fix xrdp's LogFile path in man
7 years ago
5b77d2dc7f
Merge pull request #1140 from matt335672/chansrv-atexit
...
Add atexit() handler to unmount the filesystem on fatal X error
7 years ago
c467ba6b04
Add handler for fatal X server conditions
...
Unless X server failures are caught, these can cause a premature
exit of chansrv, giving it no chance to clean up. This is currently a
particular problem for fuser mounts.
7 years ago
5d9ff0f544
docs: fix xrdp's LogFile path in man
7 years ago
a9e2dcc99f
Merge pull request #1160 from metalefty/prepare-release
...
Prepare release
7 years ago
52fd17af0f
Update v0.9.7 release date
7 years ago
2d3170c007
Bump version to v0.9.7
7 years ago
860d01cf16
Update NEWS for v0.9.7
7 years ago
cb06a28180
Merge pull request #1156 from metalefty/configure_echo
...
xrdp: print configure options to --version more pretty
7 years ago
c0c7c3f106
xrdp: unify inconsistent mixed use of
...
* configure params
* configure options
* configure string
7 years ago
be05afb30b
xrdp: print configure options to --version more pretty
7 years ago
e7c0b11336
Merge pull request #1153 from metalefty/rc-script
...
FreeBSD: separate rc script into xrdp and xrdp-sesman
7 years ago
dbee05d9ed
Merge pull request #1147 from metalefty/defaultwm-fullpath
...
Accept full path for DefaultWindowManager
7 years ago
eda1842825
sesman: add comments, no logic change
7 years ago
6e16b38ecc
sesman: fix potential buffer over flow
7 years ago
9192e95c96
sesman: fix logging after default_wm change
7 years ago
6fb18cd5fa
docs: document configurable reconnect script path
7 years ago
a39b413746
sesman: make the path of reconnect script configurable
7 years ago
e82f212f34
sesman: accept full path for DefaultWindowManager
...
Solves: #1143
Also, this idea is inspired by Fedora's patch [1]. Some distro wants to
put all scripts in libexec directory due to SELinux. This enables
distros to put such scripts anywhere.
[1] https://src.fedoraproject.org/cgit/rpms/xrdp.git/tree/xrdp-0.9.6-scripts-libexec.patch?id=02f845c1b8cea781313cf3e9efcd6d7d50341824
7 years ago
036c292120
Merge pull request #1146 from metalefty/sesman-leak
...
sesman: fix leak in struct config_sesman
7 years ago
f83d967f46
Merge pull request #1120 from matt335672/set-env-on-reconnect
...
Copy the PAM session environment for the reconnect script
7 years ago
037d4eeece
sesman: fix leak in struct config_sesman
7 years ago
91c5ee4475
Merge pull request #1142 from metalefty/dont-spit-on-the-console-sesman
...
Dont spit on the console (sesman)
7 years ago
2262f1361f
sesman: close stdout/stderr earlier
...
not to spit on the console
7 years ago
6ae3052a0f
sesman: don't spit on the console when starting
...
As the Debian patch[1] expresses, spitting messages on the console when
a process starts in background is a bad idea. Everything should be
written to log file and daemon should start silently. This is a first
step to shut up daemons.
Got some idea from Debian Remote Maintainers and Thorsten Glaser,
thanks!
[1] 2751ad4d62/debian/patches/shutup-daemon.diff
7 years ago
19fa26a27e
sesman: don't print config in reader function
...
reader function should just read. Add config_dump function to print read
config.
7 years ago
de33a7832e
sesman: s/XOrg/Xorg/g, no logic change
...
X.Org is usually spelled X.Org or Xorg.
7 years ago
e4857b13fa
sesman: config_read_logging function no longer exists
7 years ago
cde5b09129
Copy the PAM session environment for the reconnect script
...
This provides access to variables set at login which may be
required by the script (e.g. KRB5CCNAME)
7 years ago
72b5088449
FreeBSD: separate rc script into xrdp and xrdp-sesman
...
to improve fscd(8)[1] compatibility. fscd(8) monitors daemons and
restarts after daemons crashed. We usually want to start, stop, and
restart xrdp and xrdp-sesman separately because restarting xrdp-sesman
means losing existing sessions. This change will enable fscd(8) not to
restart xrdp-sesman together when only xrdp daemon crashes.
Now rc.d/xrdp mainly has following commands:
* start - starts xrdp
* stop - stops xrdp
* restart - stops xrdp, then starts it again
* allstart - starts both xrdp and xrdp-sesman
* allstop - stops both
* allrestart - stops both, then start them again
* status - returns status of xrdp
rc.d/xrdp-sesman doesn't have all- prefixed commands.
[1] https://www.freshports.org/sysutils/fsc/
7 years ago
57015aa088
Merge pull request #1132 from daixj-shterm/devel
...
fix issue #1112 : set SSL object's read_ahead flag to be 0
7 years ago
f6d3fd46b6
don't remove configure_params.h on make clean, only make distclean
7 years ago
04a5a0582e
distclean remove configure_params.h
7 years ago
349616a35d
add ipv6only to configure echo and add configure parameter to xrdp -h output
7 years ago
88b3c06311
fix issue #1112 : set SSL object's read_ahead flag to be 0
7 years ago
a1576ccbf7
Merge pull request #1126 from metalefty/strict-locations
...
configure: set default value for enable_strict_locations
7 years ago
metalefty
Jay Sorg
Idan Freiberg
Brandon Wooldridge
matt335672
daixj