summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--sesman/env.c40
-rw-r--r--sesman/env.h13
-rw-r--r--sesman/sesman.h1
-rw-r--r--sesman/session.c20
4 files changed, 74 insertions, 0 deletions
diff --git a/sesman/env.c b/sesman/env.c
index 1a4fa679..c29db8f9 100644
--- a/sesman/env.c
+++ b/sesman/env.c
@@ -28,6 +28,7 @@
#include "sesman.h"
#include "grp.h"
#include "ssl_calls.h"
+#include "os_calls.h"
extern unsigned char g_fixedkey[8]; /* in sesman.c */
extern struct config_sesman *g_cfg; /* in sesman.c */
@@ -200,3 +201,42 @@ env_set_user(const char *username, char **passwd_file, int display,
return error;
}
+
+
+/******************************************************************************/
+int DEFAULT_CC
+env_add_xauth_user(int display, char *cookie, char *file)
+{
+ FILE *dp, *fd;
+ char xauth_str[256];
+
+ if ( file == NULL )
+ {
+ fd=fopen(".Xauthority", "a");
+ if (fd == NULL)
+ freopen(".Xauthority", "a", fd);
+ fclose(fd);
+
+ g_sprintf(xauth_str, "xauth -q add :%d . %s", display, cookie);
+ }
+ else
+ {
+ fd=fopen(file, "a");
+ if (fd == NULL)
+ freopen(file, "a", fd);
+ fclose(fd);
+
+ g_sprintf(xauth_str, "xauth -q -f %s add :%d . %s", file, display, cookie);
+ }
+ log_message(LOG_LEVEL_DEBUG,
+ "xauth command: %s", xauth_str);
+
+ if ( (dp = popen(xauth_str,"r")) == NULL ) {
+ log_message(LOG_LEVEL_INFO, "xauth failed, no X security");
+ return 1;
+ }
+
+ pclose(dp);
+
+ return 0;
+}
diff --git a/sesman/env.h b/sesman/env.h
index a7156508..15920512 100644
--- a/sesman/env.h
+++ b/sesman/env.h
@@ -53,4 +53,17 @@ int DEFAULT_CC
env_set_user(const char *username, char **passwd_file, int display,
const struct list *env_names, const struct list *env_values);
+/**
+ *
+ * @brief create the XAUTORITY file for the user according to the display and the cookie
+ * xauth uses XAUTORITY if defined, ~/.Xauthority otherwise
+ * @param display The session display
+ * @param cookie The cookie
+ * @param file If not NULL, write the autorization in the file instead of default location
+ * @return 0 if adding the cookie is ok
+ */
+
+int DEFAULT_CC
+env_add_xauth_user(int display, char *cookie, char * file);
+
#endif
diff --git a/sesman/sesman.h b/sesman/sesman.h
index 09b781bc..9abf866e 100644
--- a/sesman/sesman.h
+++ b/sesman/sesman.h
@@ -30,6 +30,7 @@
#if defined(HAVE_CONFIG_H)
#include "config_ac.h"
#endif
+#include <stdio.h>
#include "arch.h"
#include "parse.h"
#include "os_calls.h"
diff --git a/sesman/session.c b/sesman/session.c
index 783665cf..ea3a7ee8 100644
--- a/sesman/session.c
+++ b/sesman/session.c
@@ -676,6 +676,20 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
g_snprintf(text, 255, "%d", g_cfg->sess.kill_disconnected);
g_setenv("XRDP_SESMAN_KILL_DISCONNECTED", text, 1);
+ /* now the Xauthority stuff */
+ char cookie[33] = "";
+ char authfile[255] = ".Xauthority";
+
+ if (g_getenv("XAUTHORITY") !=NULL)
+ g_sprintf(authfile, "%s", g_getenv("XAUTHORITY"));
+ /* Create the cookie */
+ srand((unsigned int) time(0));
+ for (i = 0; i < 32; i += 2)
+ sprintf(&cookie[i], "%02X", rand() % 16);
+
+ /* Add the entry in XAUTORITY file */
+ env_add_xauth_user(display, cookie, NULL);
+
if (type == SESMAN_SESSION_TYPE_XORG)
{
#ifdef HAVE_SYS_PRCTL_H
@@ -702,6 +716,8 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
/* these are the must have parameters */
list_add_item(xserver_params, (tintptr) g_strdup(xserver));
list_add_item(xserver_params, (tintptr) g_strdup(screen));
+ list_add_item(xserver_params, (tintptr) g_strdup("-auth"));
+ list_add_item(xserver_params, (tintptr) g_strdup(authfile));
/* additional parameters from sesman.ini file */
list_append_list_strdup(g_cfg->xorg_params, xserver_params, 1);
@@ -737,6 +753,8 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
/* these are the must have parameters */
list_add_item(xserver_params, (tintptr)g_strdup(xserver));
list_add_item(xserver_params, (tintptr)g_strdup(screen));
+ list_add_item(xserver_params, (tintptr)g_strdup("-auth"));
+ list_add_item(xserver_params, (tintptr)g_strdup(authfile));
list_add_item(xserver_params, (tintptr)g_strdup("-geometry"));
list_add_item(xserver_params, (tintptr)g_strdup(geometry));
list_add_item(xserver_params, (tintptr)g_strdup("-depth"));
@@ -768,6 +786,8 @@ session_start_fork(tbus data, tui8 type, struct SCP_SESSION *s)
/* these are the must have parameters */
list_add_item(xserver_params, (tintptr)g_strdup(xserver));
list_add_item(xserver_params, (tintptr)g_strdup(screen));
+ list_add_item(xserver_params, (tintptr)g_strdup("-auth"));
+ list_add_item(xserver_params, (tintptr)g_strdup(authfile));
list_add_item(xserver_params, (tintptr)g_strdup("-geometry"));
list_add_item(xserver_params, (tintptr)g_strdup(geometry));
list_add_item(xserver_params, (tintptr)g_strdup("-depth"));