diff options
Diffstat (limited to 'sesman')
| -rw-r--r-- | sesman/Makefile | 5 | ||||
| -rw-r--r-- | sesman/access.c | 73 | ||||
| -rw-r--r-- | sesman/access.h | 12 | ||||
| -rw-r--r-- | sesman/config.c | 6 | ||||
| -rw-r--r-- | sesman/env.c | 12 | ||||
| -rw-r--r-- | sesman/libscp/Makefile | 5 | ||||
| -rw-r--r-- | sesman/libscp/libscp_connection.c | 3 | ||||
| -rw-r--r-- | sesman/libscp/libscp_init.c | 4 | ||||
| -rw-r--r-- | sesman/libscp/libscp_session.c | 106 | ||||
| -rw-r--r-- | sesman/libscp/libscp_session.h | 2 | ||||
| -rw-r--r-- | sesman/libscp/libscp_tcp.c | 8 | ||||
| -rw-r--r-- | sesman/libscp/libscp_types.h | 34 | ||||
| -rw-r--r-- | sesman/libscp/libscp_v0.c | 99 | ||||
| -rw-r--r-- | sesman/libscp/libscp_v1c.c | 19 | ||||
| -rw-r--r-- | sesman/libscp/libscp_v1s.c | 178 | ||||
| -rw-r--r-- | sesman/lock.c | 10 | ||||
| -rw-r--r-- | sesman/scp.c | 8 | ||||
| -rw-r--r-- | sesman/scp_v0.c | 14 | ||||
| -rw-r--r-- | sesman/scp_v1.c | 34 | ||||
| -rw-r--r-- | sesman/sesman.c | 40 | ||||
| -rw-r--r-- | sesman/session.c | 126 | ||||
| -rw-r--r-- | sesman/session.h | 17 | ||||
| -rw-r--r-- | sesman/sig.c | 37 | ||||
| -rw-r--r-- | sesman/tools/Makefile | 19 | ||||
| -rw-r--r-- | sesman/tools/sestest.c | 76 | ||||
| -rw-r--r-- | sesman/verify_user.c | 1 |
26 files changed, 643 insertions, 305 deletions
diff --git a/sesman/Makefile b/sesman/Makefile index 60007142..4483142d 100644 --- a/sesman/Makefile +++ b/sesman/Makefile @@ -4,7 +4,7 @@ SESMANOBJ = sesman.o config.o sig.o session.o env.o \ os_calls.o d3des.o list.o file.o log.o access.o \ scp.o scp_v0.o scp_v1.o thread.o lock.o -SESSVCOBJ = sessvc.o os_calls.o +SESSVCOBJ = sessvc.o os_calls.o log.o CFGDIR = /etc/xrdp PIDDIR = /var/run @@ -12,7 +12,7 @@ LIBDIR = /usr/local/lib/xrdp SBINDIR = /usr/local/sbin DEFINES = -DSESMAN_CFG_FILE=\"$(CFGDIR)/sesman.ini\" \ - -DSESMAN_PID_FILE=\"$(PIDDIR)/xrdp-sesman.pid\" + -DSESMAN_PID_FILE=\"$(PIDDIR)/xrdp-sesman.pid\" -DDEBUG CFLAGS = -Wall -O2 -I../common -I/usr/include/nptl -I./libscp $(DEFINES) LDFLAGS = -L/usr/gnu/lib -L/usr/lib/nptl -L./libscp -Wl,-rpath,$(LIBDIR) -lpthread -ldl -lscp @@ -76,3 +76,4 @@ file.o: ../common/file.c log.o: ../common/log.c $(CC) $(C_OS_FLAGS) -DLOG_ENABLE_THREAD ../common/log.c + diff --git a/sesman/access.c b/sesman/access.c index e5ce2f13..5e22b785 100644 --- a/sesman/access.c +++ b/sesman/access.c @@ -22,12 +22,12 @@ * @file access.c * @brief User access control code * @author Simone Fedele - * + * */ #include "sesman.h" -extern struct config_sesman g_cfg; +extern struct config_sesman* g_cfg; /******************************************************************************/ int DEFAULT_CC @@ -36,35 +36,84 @@ access_login_allowed(char* user) int gid; int ok; - if ((0 == g_strncmp(user, "root", 5)) && (0 == g_cfg.sec.allow_root)) + if ((0 == g_strncmp(user, "root", 5)) && (0 == g_cfg->sec.allow_root)) { - log_message(&(g_cfg.log), LOG_LEVEL_WARNING, + log_message(&(g_cfg->log), LOG_LEVEL_WARNING, "ROOT login attempted, but root login is disabled"); return 0; } - if (0 == g_cfg.sec.ts_users_enable) + if (0 == g_cfg->sec.ts_users_enable) + { + LOG_DBG(&(g_cfg->log), "Terminal Server Users group is disabled, allowing authentication", + 1); + return 1; + } + + if (0 != g_getuser_info(user, &gid, 0, 0, 0, 0)) + { + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "Cannot read user info! - login denied"); + return 0; + } + + if (g_cfg->sec.ts_users == gid) + { + LOG_DBG(&(g_cfg->log), "ts_users is user's primary group"); + return 1; + } + + if (0 != g_check_user_in_group(user, g_cfg->sec.ts_users, &ok)) + { + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "Cannot read group info! - login denied"); + return 0; + } + + if (ok) + { + return 1; + } + + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "login denied for user %s", user); + + return 0; +} + +/******************************************************************************/ +int DEFAULT_CC +access_login_mng_allowed(char* user) +{ + int gid; + int ok; + + if ((0 == g_strncmp(user, "root", 5)) && (0 == g_cfg->sec.allow_root)) + { + log_message(&(g_cfg->log), LOG_LEVEL_WARNING, + "[MNG] ROOT login attempted, but root login is disabled"); + return 0; + } + + if (0 == g_cfg->sec.ts_admins_enable) { - LOG_DBG(&(g_cfg.log), "Terminal Server Users group is disabled, allowing authentication", + LOG_DBG(&(g_cfg->log), "[MNG] Terminal Server Admin group is disabled, allowing authentication", 1); return 1; } if (0 != g_getuser_info(user, &gid, 0, 0, 0, 0)) { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "Cannot read user info! - login denied"); + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "[MNG] Cannot read user info! - login denied"); return 0; } - if (g_cfg.sec.ts_users == gid) + if (g_cfg->sec.ts_admins == gid) { - LOG_DBG("ts_users is user's primary group", 1); + LOG_DBG(&(g_cfg->log), "[MNG] ts_users is user's primary group"); return 1; } - if (0 != g_check_user_in_group(user, g_cfg.sec.ts_users, &ok)) + if (0 != g_check_user_in_group(user, g_cfg->sec.ts_admins, &ok)) { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "Cannot read group info! - login denied"); + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "[MNG] Cannot read group info! - login denied"); return 0; } @@ -73,7 +122,7 @@ access_login_allowed(char* user) return 1; } - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "login denied for user %s", user); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "[MNG] login denied for user %s", user); return 0; } diff --git a/sesman/access.h b/sesman/access.h index 42483e94..db56b70e 100644 --- a/sesman/access.h +++ b/sesman/access.h @@ -22,7 +22,7 @@ * @file access.h * @brief User access control definitions * @author Simone Fedele - * + * */ #ifndef ACCESS_H @@ -38,4 +38,14 @@ int DEFAULT_CC access_login_allowed(char* user); +/** + * + * @brief Checks if the user is allowed to access the terminal server for management + * @param user the user to check + * @return 0 if access is denied, !=0 if allowed + * + */ +int DEFAULT_CC +access_login_mng_allowed(char* user); + #endif diff --git a/sesman/config.c b/sesman/config.c index 4be3975c..4af7b696 100644 --- a/sesman/config.c +++ b/sesman/config.c @@ -30,7 +30,7 @@ #include "file.h" #include "sesman.h" -extern struct config_sesman g_cfg; +extern struct config_sesman* g_cfg; /******************************************************************************/ /** @@ -64,10 +64,10 @@ config_read(struct config_sesman* cfg) fd = g_file_open(SESMAN_CFG_FILE); if (-1 == fd) { - if (g_cfg.log.fd >= 0) + if (g_cfg->log.fd >= 0) { /* logging is already active */ - log_message(&(g_cfg.log), LOG_LEVEL_ALWAYS, "error opening %s in \ + log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS, "error opening %s in \ config_read", SESMAN_CFG_FILE); } else diff --git a/sesman/env.c b/sesman/env.c index c66f263f..066277d7 100644 --- a/sesman/env.c +++ b/sesman/env.c @@ -31,7 +31,7 @@ #include "grp.h" extern unsigned char g_fixedkey[8]; /* in sesman.c */ -extern struct config_sesman g_cfg; +extern struct config_sesman* g_cfg; /******************************************************************************/ int DEFAULT_CC @@ -47,7 +47,7 @@ env_check_password_file(char* filename, char* password) fd = g_file_open(filename); if (fd == -1) { - log_message(&(g_cfg.log), LOG_LEVEL_WARNING, + log_message(&(g_cfg->log), LOG_LEVEL_WARNING, "can't read vnc password file - %s", filename); return 1; @@ -99,7 +99,7 @@ env_set_user(char* username, char* passwd_file, int display) g_setenv("DISPLAY", text, 1); if (passwd_file != 0) { - if (0 == g_cfg.auth_file_path) + if (0 == g_cfg->auth_file_path) { /* if no auth_file_path is set, then we go for $HOME/.vnc/sesman_username_passwd */ @@ -109,15 +109,15 @@ env_set_user(char* username, char* passwd_file, int display) else { /* we use auth_file_path as requested */ - g_sprintf(passwd_file, g_cfg.auth_file_path, username); + g_sprintf(passwd_file, g_cfg->auth_file_path, username); } - LOG_DBG(&(g_cfg.log), "pass file: %s", passwd_file); + LOG_DBG(&(g_cfg->log), "pass file: %s", passwd_file); } } } else { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "error getting user info for user %s", username); } return error; diff --git a/sesman/libscp/Makefile b/sesman/libscp/Makefile index be53aff9..03779f92 100644 --- a/sesman/libscp/Makefile +++ b/sesman/libscp/Makefile @@ -3,7 +3,8 @@ LIBSCPOBJ = libscp_vX.o libscp_v0.o \ libscp_v1s.o libscp_v1c.o \ libscp_init.o libscp_lock.o libscp_tcp.o \ libscp_session.o libscp_connection.o \ - os_calls.o + os_calls.o \ +# libscp_v1s_mng.o libscp_v1c_mng.o CFGDIR = /etc/xrdp PIDDIR = /var/run @@ -34,7 +35,7 @@ clean: rm -f $(LIBSCPOBJ) $(LIBSCPFNAME) $(LIBSCPLNAME) install: - install $(LIBSCPFNAME) $(LIBDIR)/$(LIBSCPFNAME) + install -D $(LIBSCPFNAME) $(LIBDIR)/$(LIBSCPFNAME) ln -f -s $(LIBSCPFNAME) $(LIBDIR)/$(LIBSCPLNAME) os_calls.o: ../../common/os_calls.c diff --git a/sesman/libscp/libscp_connection.c b/sesman/libscp/libscp_connection.c index 06010a5b..7f6569d1 100644 --- a/sesman/libscp/libscp_connection.c +++ b/sesman/libscp/libscp_connection.c @@ -27,6 +27,8 @@ #include "libscp_connection.h" +extern struct log_config* s_log; + struct SCP_CONNECTION* scp_connection_create(int sck) { @@ -36,6 +38,7 @@ scp_connection_create(int sck) if (0 == conn) { + log_message(s_log, LOG_LEVEL_WARNING, "[connection:%d] connection create: malloc error", __LINE__); return 0; } diff --git a/sesman/libscp/libscp_init.c b/sesman/libscp/libscp_init.c index 4f54f6cc..899fd6c9 100644 --- a/sesman/libscp/libscp_init.c +++ b/sesman/libscp/libscp_init.c @@ -27,7 +27,7 @@ #include "libscp_init.h" -static struct log_config* s_log; +struct log_config* s_log; /* server API */ int DEFAULT_CC @@ -42,6 +42,8 @@ scp_init(struct log_config* log) scp_lock_init(); + log_message(s_log, LOG_LEVEL_WARNING, "[init:%d] libscp initialized", __LINE__); + return 0; } diff --git a/sesman/libscp/libscp_session.c b/sesman/libscp/libscp_session.c index 916424d9..a7b3397c 100644 --- a/sesman/libscp/libscp_session.c +++ b/sesman/libscp/libscp_session.c @@ -27,6 +27,12 @@ #include "libscp_session.h" +#include <sys/types.h> +#include <sys/socket.h> +#include <arpa/inet.h> + +extern struct log_config* s_log; + struct SCP_SESSION* scp_session_create() { @@ -36,14 +42,15 @@ scp_session_create() if (0 == s) { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] session create: malloc error", __LINE__); return 0; } - s->username=0; - s->password=0; - s->hostname=0; - s->errstr=0; -#warning FIXME use scp_session_set* to init session + s->username = 0; + s->password = 0; + s->hostname = 0; + s->errstr = 0; + s->locale[0]='\0'; return s; } @@ -60,7 +67,11 @@ scp_session_set_type(struct SCP_SESSION* s, tui8 type) case SCP_SESSION_TYPE_XRDP: s->type = SCP_SESSION_TYPE_XRDP; break; + case SCP_SESSION_TYPE_MANAGE: + s->type = SCP_SESSION_TYPE_MANAGE; + break; default: + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_type: unknown type", __LINE__); return 1; } return 0; @@ -79,6 +90,7 @@ scp_session_set_version(struct SCP_SESSION* s, tui32 version) s->version = 1; break; default: + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_version: unknown version", __LINE__); return 1; } return 0; @@ -137,6 +149,8 @@ scp_session_set_locale(struct SCP_SESSION* s, char* str) { if (0 == str) { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_locale: null locale", __LINE__); + s->locale[0]='\0'; return 1; } g_strncpy(s->locale, str, 17); @@ -150,13 +164,19 @@ scp_session_set_username(struct SCP_SESSION* s, char* str) { if (0 == str) { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_username: null username", __LINE__); return 1; } - if (0 != s->username) + if (0 != s->username) { g_free(s->username); } s->username = g_strdup(str); + if (0 == s->username) + { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_username: strdup error", __LINE__); + return 1; + } return 0; } @@ -166,13 +186,19 @@ scp_session_set_password(struct SCP_SESSION* s, char* str) { if (0 == str) { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_password: null password", __LINE__); return 1; } - if (0 != s->password) + if (0 != s->password) { g_free(s->password); } s->password = g_strdup(str); + if (0 == s->password) + { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_password: strdup error", __LINE__); + return 1; + } return 0; } @@ -180,15 +206,21 @@ scp_session_set_password(struct SCP_SESSION* s, char* str) int scp_session_set_hostname(struct SCP_SESSION* s, char* str) { - if (0 == str) + if (0 == str) { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_hostname: null hostname", __LINE__); return 1; } - if (0 != s->hostname) + if (0 != s->hostname) { g_free(s->hostname); } s->hostname = g_strdup(str); + if (0 == s->hostname) + { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_hostname: strdup error", __LINE__); + return 1; + } return 0; } @@ -196,15 +228,21 @@ scp_session_set_hostname(struct SCP_SESSION* s, char* str) int scp_session_set_errstr(struct SCP_SESSION* s, char* str) { - if (0 == str) + if (0 == str) { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_errstr: null string", __LINE__); return 1; } - if (0 != s->errstr) + if (0 != s->errstr) { g_free(s->errstr); } s->errstr = g_strdup(str); + if (0 == s->errstr) + { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_errstr: strdup error", __LINE__); + return 1; + } return 0; } @@ -212,16 +250,54 @@ scp_session_set_errstr(struct SCP_SESSION* s, char* str) int scp_session_set_display(struct SCP_SESSION* s, SCP_DISPLAY display) { - s->display=display; + s->display = display; return 0; } /*******************************************************************/ int -scp_session_set_addr(struct SCP_SESSION* s, int type, char* addr) +scp_session_set_addr(struct SCP_SESSION* s, int type, void* addr) { -#warning FIXME managing addresses - return 1; + struct in_addr ip4; + struct in6_addr ip6; + int ret; + + switch (type) + { + case SCP_ADDRESS_TYPE_IPV4: + /* convert from char to 32bit*/ + ret = inet_pton(AF_INET, addr, &ip4); + if (0 == ret) + { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_addr: invalid address", __LINE__); + inet_pton(AF_INET, "127.0.0.1", &ip4); + g_memcpy(&(s->ipv4addr), &(ip4.s_addr), 4); + return 1; + } + g_memcpy(&(s->ipv4addr), &(ip4.s_addr), 4); + break; + case SCP_ADDRESS_TYPE_IPV6: + /* convert from char to 128bit*/ + ret = inet_pton(AF_INET6, addr, &ip6); + if (0 == ret) + { + log_message(s_log, LOG_LEVEL_WARNING, "[session:%d] set_addr: invalid address", __LINE__); + inet_pton(AF_INET, "::1", &ip6); + g_memcpy(s->ipv6addr, &(ip6.s6_addr), 16); + return 1; + } + g_memcpy(s->ipv6addr, &(ip6.s6_addr), 16); + break; + case SCP_ADDRESS_TYPE_IPV4_BIN: + g_memcpy(&(s->ipv4addr), addr, 4); + break; + case SCP_ADDRESS_TYPE_IPV6_BIN: + g_memcpy(s->ipv6addr, addr, 16); + break; + default: + return 1; + } + return 0; } /*******************************************************************/ diff --git a/sesman/libscp/libscp_session.h b/sesman/libscp/libscp_session.h index be783ea3..aefeb201 100644 --- a/sesman/libscp/libscp_session.h +++ b/sesman/libscp/libscp_session.h @@ -72,7 +72,7 @@ int scp_session_set_hostname(struct SCP_SESSION* s, char* str); int -scp_session_set_addr(struct SCP_SESSION* s, int type, char* addr); +scp_session_set_addr(struct SCP_SESSION* s, int type, void* addr); int scp_session_set_display(struct SCP_SESSION* s, SCP_DISPLAY display); diff --git a/sesman/libscp/libscp_tcp.c b/sesman/libscp/libscp_tcp.c index 37aa7eac..0181f50c 100644 --- a/sesman/libscp/libscp_tcp.c +++ b/sesman/libscp/libscp_tcp.c @@ -33,13 +33,16 @@ #include <stdlib.h> #include <string.h> +extern struct log_config* s_log; + /*****************************************************************************/ int DEFAULT_CC scp_tcp_force_recv(int sck, char* data, int len) { int rcvd; int block; - + + LOG_DBG(s_log, "scp_tcp_force_recv()"); block = scp_lock_fork_critical_section_start(); while (len > 0) @@ -80,7 +83,8 @@ scp_tcp_force_send(int sck, char* data, int len) { int sent; int block; - + + LOG_DBG(s_log, "scp_tcp_force_send()"); block = scp_lock_fork_critical_section_start(); while (len > 0) diff --git a/sesman/libscp/libscp_types.h b/sesman/libscp/libscp_types.h index 991d855b..b8b5d6bd 100644 --- a/sesman/libscp/libscp_types.h +++ b/sesman/libscp/libscp_types.h @@ -31,7 +31,7 @@ #include "os_calls.h" #include "parse.h" #include "arch.h" -//#include "log.h" +#include "log.h" #define SCP_SID tui32 #define SCP_DISPLAY tui16 @@ -39,12 +39,17 @@ #define SCP_RESOURCE_SHARING_REQUEST_YES 0x01 #define SCP_RESOURCE_SHARING_REQUEST_NO 0x00 -#define SCP_SESSION_TYPE_XVNC 0x00 -#define SCP_SESSION_TYPE_XRDP 0x01 +#define SCP_SESSION_TYPE_XVNC 0x00 +#define SCP_SESSION_TYPE_XRDP 0x01 +#define SCP_SESSION_TYPE_MANAGE 0x02 #define SCP_ADDRESS_TYPE_IPV4 0x00 #define SCP_ADDRESS_TYPE_IPV6 0x01 +/* used in scp_session_set_addr() */ +#define SCP_ADDRESS_TYPE_IPV4_BIN 0x80 +#define SCP_ADDRESS_TYPE_IPV6_BIN 0x81 + #define SCP_COMMAND_SET_DEFAULT 0x0000 #define SCP_COMMAND_SET_MANAGE 0x0001 #define SCP_COMMAND_SET_RSR 0x0002 @@ -62,19 +67,19 @@ struct SCP_CONNECTION struct SCP_SESSION { - tui8 type; + tui8 type; tui32 version; tui16 height; tui16 width; - tui8 bpp; - tui8 rsr; - char locale[18]; + tui8 bpp; + tui8 rsr; + char locale[18]; char* username; char* password; char* hostname; - tui8 addr_type; - tui32 ipv4addr; //htons - tui32 ipv6addr; //should be 128bit + tui8 addr_type; + tui32 ipv4addr; + tui8 ipv6addr[16]; tui16 display; char* errstr; }; @@ -83,12 +88,21 @@ struct SCP_DISCONNECTED_SESSION { tui32 SID; tui8 type; + tui8 status; tui16 height; tui16 width; tui8 bpp; tui8 idle_days; tui8 idle_hours; tui8 idle_minutes; + tui16 conn_year; + tui8 conn_month; + tui8 conn_day; + tui8 conn_hour; + tui8 conn_minute; + tui8 addr_type; + tui32 ipv4addr; + tui8 ipv6addr[16]; }; enum SCP_CLIENT_STATES_E diff --git a/sesman/libscp/libscp_v0.c b/sesman/libscp/libscp_v0.c index 6c948b73..bd94146a 100644 --- a/sesman/libscp/libscp_v0.c +++ b/sesman/libscp/libscp_v0.c @@ -28,6 +28,9 @@ #include "libscp_v0.h" #include "os_calls.h" + +extern struct log_config* s_log; + /* client API */ /******************************************************************************/ enum SCP_CLIENT_STATES_E scp_v0c_connect(struct SCP_CONNECTION* c, struct SCP_SESSION* s) @@ -39,20 +42,23 @@ enum SCP_CLIENT_STATES_E scp_v0c_connect(struct SCP_CONNECTION* c, struct SCP_SE init_stream(c->in_s, c->in_s->size); init_stream(c->out_s, c->in_s->size); + LOG_DBG(s_log, "[v0:%d] starting connection", __LINE__); g_tcp_set_non_blocking(c->in_sck); g_tcp_set_no_delay(c->in_sck); s_push_layer(c->out_s, channel_hdr, 8); - if (s->type==SCP_SESSION_TYPE_XVNC) + /* code */ + if (s->type == SCP_SESSION_TYPE_XVNC) { - out_uint16_be(c->out_s, 0); // code + out_uint16_be(c->out_s, 0); } - else if (s->type==SCP_SESSION_TYPE_XRDP) + else if (s->type == SCP_SESSION_TYPE_XRDP) { - out_uint16_be(c->out_s, 10); // code + out_uint16_be(c->out_s, 10); } else { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_CLIENT_STATE_INTERNAL_ERR; } sz = g_strlen(s->username); @@ -69,52 +75,65 @@ enum SCP_CLIENT_STATES_E scp_v0c_connect(struct SCP_CONNECTION* c, struct SCP_SE s_mark_end(c->out_s); s_pop_layer(c->out_s, channel_hdr); - out_uint32_be(c->out_s, 0); // version - out_uint32_be(c->out_s, c->out_s->end - c->out_s->data); // size + /* version */ + out_uint32_be(c->out_s, 0); + /* size */ + out_uint32_be(c->out_s, c->out_s->end - c->out_s->data); if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, c->out_s->end - c->out_s->data)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_CLIENT_STATE_NETWORK_ERR; } if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, 8)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_CLIENT_STATE_NETWORK_ERR; } in_uint32_be(c->in_s, version); if (0 != version) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: version error", __LINE__); return SCP_CLIENT_STATE_VERSION_ERR; } in_uint32_be(c->in_s, size); if (size < 14) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: packet size error", __LINE__); return SCP_CLIENT_STATE_SIZE_ERR; } + /* getting payload */ init_stream(c->in_s, c->in_s->size); if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, size - 8)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_CLIENT_STATE_NETWORK_ERR; } + /* check code */ in_uint16_be(c->in_s, sz); - if (3!=sz) + if (3 != sz) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: sequence error", __LINE__); return SCP_CLIENT_STATE_SEQUENCE_ERR; } + /* message payload */ in_uint16_be(c->in_s, sz); - if (1!=sz) + if (1 != sz) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: connection denied", __LINE__); return SCP_CLIENT_STATE_CONNECTION_DENIED; } in_uint16_be(c->in_s, sz); - s->display=sz; + s->display = sz; + LOG_DBG(s_log, "[v0:%d] connection terminated", __LINE__); return SCP_CLIENT_STATE_END; } @@ -122,24 +141,28 @@ enum SCP_CLIENT_STATES_E scp_v0c_connect(struct SCP_CONNECTION* c, struct SCP_SE /******************************************************************************/ enum SCP_SERVER_STATES_E scp_v0s_accept(struct SCP_CONNECTION* c, struct SCP_SESSION** s, int skipVchk) { - tui32 version=0; + tui32 version = 0; tui32 size; - struct SCP_SESSION* session=0; + struct SCP_SESSION* session = 0; tui16 sz; - tui32 code=0; + tui32 code = 0; + char buf[257]; if (!skipVchk) { + LOG_DBG(s_log, "[v0:%d] starting connection", __LINE__); if (0==scp_tcp_force_recv(c->in_sck, c->in_s->data, 8)) { in_uint32_be(c->in_s, version); if (version != 0) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: version error", __LINE__); return SCP_SERVER_STATE_VERSION_ERR; } } else { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } } @@ -149,6 +172,7 @@ enum SCP_SERVER_STATES_E scp_v0s_accept(struct SCP_CONNECTION* c, struct SCP_SES init_stream(c->in_s, 8196); if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, size-8)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } @@ -156,53 +180,58 @@ enum SCP_SERVER_STATES_E scp_v0s_accept(struct SCP_CONNECTION* c, struct SCP_SES if (code == 0 || code == 10) { - session = g_malloc(sizeof(struct SCP_SESSION),1); + session = scp_session_create(); if (0 == session) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_INTERNAL_ERR; } - session->version=version; - + scp_session_set_version(session, version); if (code == 0) { - session->type=SCP_SESSION_TYPE_XVNC; + scp_session_set_type(session, SCP_SESSION_TYPE_XVNC); } else { - session->type=SCP_SESSION_TYPE_XRDP; + scp_session_set_type(session, SCP_SESSION_TYPE_XRDP); } /* reading username */ in_uint16_be(c->in_s, sz); - session->username=g_malloc(sz+1,0); - if (0==session->username) + buf[sz]='\0'; + in_uint8a(c->in_s, buf, sz); + if (0 != scp_session_set_username(session, buf)) { - g_free(session); + scp_session_destroy(session); + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting username", __LINE__); return SCP_SERVER_STATE_INTERNAL_ERR; } - session->username[sz]='\0'; - in_uint8a(c->in_s, session->username, sz); /* reading password */ in_uint16_be(c->in_s, sz); - session->password=g_malloc(sz+1,0); - if (0==session->password) + buf[sz]='\0'; + in_uint8a(c->in_s, buf, sz); + if (0 != scp_session_set_password(session, buf)) { - g_free(session->username); - g_free(session); + scp_session_destroy(session); + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting password", __LINE__); return SCP_SERVER_STATE_INTERNAL_ERR; } - session->password[sz]='\0'; - in_uint8a(c->in_s, session->password, sz); - in_uint16_be(c->in_s, session->width); - in_uint16_be(c->in_s, session->height); + /* width */ + in_uint16_be(c->in_s, sz); + scp_session_set_width(session, sz); + /* height */ in_uint16_be(c->in_s, sz); - session->bpp=(unsigned char)sz; + scp_session_set_height(session, sz); + /* bpp */ + in_uint16_be(c->in_s, sz); + scp_session_set_bpp(session, (tui8)sz); } else { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: sequence error", __LINE__); return SCP_SERVER_STATE_SEQUENCE_ERR; } @@ -220,11 +249,13 @@ enum SCP_SERVER_STATES_E scp_v0s_allow_connection(struct SCP_CONNECTION* c, SCP_ out_uint16_be(c->out_s, d); /* data */ s_mark_end(c->out_s); - if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, c->out_s->end - c->out_s->data)) + if (0 != scp_tcp_force_send(c->in_sck, c->out_s->data, c->out_s->end - c->out_s->data)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } + LOG_DBG(s_log, "[v0:%d] connection terminated (allowed)", __LINE__); return SCP_SERVER_STATE_OK; } @@ -238,10 +269,12 @@ enum SCP_SERVER_STATES_E scp_v0s_deny_connection(struct SCP_CONNECTION* c) out_uint16_be(c->out_s, 0); /* data */ s_mark_end(c->out_s); - if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, c->out_s->end - c->out_s->data)) + if (0 != scp_tcp_force_send(c->in_sck, c->out_s->data, c->out_s->end - c->out_s->data)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } + LOG_DBG(s_log, "[v0:%d] connection terminated (denied)", __LINE__); return SCP_SERVER_STATE_OK; } diff --git a/sesman/libscp/libscp_v1c.c b/sesman/libscp/libscp_v1c.c index f29e7e36..c3f4ce97 100644 --- a/sesman/libscp/libscp_v1c.c +++ b/sesman/libscp/libscp_v1c.c @@ -76,9 +76,9 @@ scp_v1c_connect(struct SCP_CONNECTION* c, struct SCP_SESSION* s) { out_uint32_be(c->out_s, s->ipv4addr); } - else + else if (s->addr_type == SCP_ADDRESS_TYPE_IPV6) { - #warning ipv6 address needed + out_uint8p(c->out_s, s->ipv6addr, 16); } sz = g_strlen(s->hostname); @@ -241,6 +241,21 @@ scp_v1c_get_session_list(struct SCP_CONNECTION* c, int* scount, in_uint8(c->in_s, (ds[totalcnt]).idle_days); in_uint8(c->in_s, (ds[totalcnt]).idle_hours); in_uint8(c->in_s, (ds[totalcnt]).idle_minutes); + + in_uint16_be(c->in_s, (ds[totalcnt]).conn_year); + in_uint8(c->in_s, (ds[totalcnt]).conn_month); + in_uint8(c->in_s, (ds[totalcnt]).conn_day); + in_uint8(c->in_s, (ds[totalcnt]).conn_hour); + in_uint8(c->in_s, (ds[totalcnt]).conn_minute); + in_uint8(c->in_s, (ds[totalcnt]).addr_type); + if ((ds[totalcnt]).addr_type == SCP_ADDRESS_TYPE_IPV4) + { + in_uint32_be(c->in_s, (ds[totalcnt]).ipv4addr); + } + else if ((ds[totalcnt]).addr_type == SCP_ADDRESS_TYPE_IPV6) + { + in_uint8a(c->in_s, (ds[totalcnt]).ipv6addr, 16); + } totalcnt++; } } diff --git a/sesman/libscp/libscp_v1s.c b/sesman/libscp/libscp_v1s.c index 192567a3..74ce187d 100644 --- a/sesman/libscp/libscp_v1s.c +++ b/sesman/libscp/libscp_v1s.c @@ -30,6 +30,8 @@ #include "libscp_v1s.h" +extern struct log_config* s_log; + /* server API */ enum SCP_SERVER_STATES_E scp_v1s_accept(struct SCP_CONNECTION* c, struct SCP_SESSION** s, int skipVchk) { @@ -39,6 +41,7 @@ enum SCP_SERVER_STATES_E scp_v1s_accept(struct SCP_CONNECTION* c, struct SCP_SES tui16 cmdset; tui16 cmd; tui8 sz; + char buf[257]; if (!skipVchk) { @@ -48,28 +51,32 @@ enum SCP_SERVER_STATES_E scp_v1s_accept(struct SCP_CONNECTION* c, struct SCP_SES in_uint32_be(c->in_s, version); if (version != 1) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: version error", __LINE__); return SCP_SERVER_STATE_VERSION_ERR; } } else { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } } else { - version=1; + version = 1; } in_uint32_be(c->in_s, size); - if (size<12) + if (size < 12) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: size error", __LINE__); return SCP_SERVER_STATE_SIZE_ERR; } init_stream(c->in_s, c->in_s->size); - if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, (size-8))) + if (0 != scp_tcp_force_recv(c->in_sck, c->in_s->data, (size-8))) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } @@ -77,14 +84,16 @@ enum SCP_SERVER_STATES_E scp_v1s_accept(struct SCP_CONNECTION* c, struct SCP_SES in_uint16_be(c->in_s, cmdset); /* if we are starting a management session */ - if (cmdset==SCP_COMMAND_SET_MANAGE) + if (cmdset == SCP_COMMAND_SET_MANAGE) { + log_message(s_log, LOG_LEVEL_DEBUG, "[v1s:%d] requested management connection", __LINE__); return SCP_SERVER_STATE_START_MANAGE; } /* if we started with resource sharing... */ - if (cmdset==SCP_COMMAND_SET_RSR) + if (cmdset == SCP_COMMAND_SET_RSR) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__); return SCP_SERVER_STATE_SEQUENCE_ERR; } @@ -92,75 +101,84 @@ enum SCP_SERVER_STATES_E scp_v1s_accept(struct SCP_CONNECTION* c, struct SCP_SES in_uint16_be(c->in_s, cmd); if (cmd != 1) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__); return SCP_SERVER_STATE_SEQUENCE_ERR; } - session = g_malloc(sizeof(struct SCP_SESSION),1); + session = scp_session_create(); if (0 == session) { - return SCP_SERVER_STATE_INTERNAL_ERR; + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error (malloc returned NULL)", __LINE__); + return SCP_SERVER_STATE_INTERNAL_ERR; } - session->version=1; + scp_session_set_version(session, 1); - in_uint8(c->in_s, session->type); - if ((session->type != SCP_SESSION_TYPE_XVNC) && (session->type != SCP_SESSION_TYPE_XRDP)) + in_uint8(c->in_s, sz); + if ((sz != SCP_SESSION_TYPE_XVNC) && (sz != SCP_SESSION_TYPE_XRDP)) { - g_free(session); + scp_session_destroy(session); + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: unknown session type", __LINE__); return SCP_SERVER_STATE_SESSION_TYPE_ERR; } + scp_session_set_type(session, sz); - in_uint16_be(c->in_s,session->height); - in_uint16_be(c->in_s, session->width); - in_uint8(c->in_s, session->bpp); - in_uint8(c->in_s, session->rsr); - in_uint8a(c->in_s, session->locale, 17); - session->locale[17]='\0'; + in_uint16_be(c->in_s, cmd); + scp_session_set_height(session, cmd); + in_uint16_be(c->in_s, cmd); + scp_session_set_height(session, cmd); + in_uint8(c->in_s, sz); + scp_session_set_bpp(session, sz); + in_uint8(c->in_s, sz); + scp_session_set_rsr(session, sz); + in_uint8a(c->in_s, buf, 17); + buf[17]='\0'; + scp_session_set_locale(session, buf); - in_uint8(c->in_s, session->addr_type); - if (session->addr_type==SCP_ADDRESS_TYPE_IPV4) + in_uint8(c->in_s, sz); + if (sz == SCP_ADDRESS_TYPE_IPV4) { - in_uint32_be(c->in_s, session->ipv4addr); + in_uint32_be(c->in_s, size); + scp_session_set_addr(session, SCP_ADDRESS_TYPE_IPV4_BIN, &size); } - else if (session->addr_type==SCP_ADDRESS_TYPE_IPV6) + else if (sz == SCP_ADDRESS_TYPE_IPV6) { - #warning how to handle ipv6 addresses? + in_uint8a(c->in_s, buf, 16); + scp_session_set_addr(session, SCP_ADDRESS_TYPE_IPV6_BIN, buf); } + buf[256] = '\0'; /* reading hostname */ in_uint8(c->in_s, sz); - session->hostname=g_malloc(sz+1,1); - if (0==session->hostname) + buf[sz]='\0'; + in_uint8a(c->in_s, buf, sz); + if (0 != scp_session_set_hostname(session, buf)) { - g_free(session); + scp_session_destroy(session); + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error", __LINE__); return SCP_SERVER_STATE_INTERNAL_ERR; } - session->hostname[sz]='\0'; - in_uint8a(c->in_s, session->hostname, sz); /* reading username */ in_uint8(c->in_s, sz); - session->username=g_malloc(sz+1,1); - if (0==session->username) + buf[sz]='\0'; + in_uint8a(c->in_s, buf, sz); + if (0 != scp_session_set_username(session, buf)) { - g_free(session->hostname); - g_free(session); + scp_session_destroy(session); + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error", __LINE__); return SCP_SERVER_STATE_INTERNAL_ERR; } - session->username[sz]='\0'; - in_uint8a(c->in_s, session->username, sz); /* reading password */ in_uint8(c->in_s, sz); - session->password=g_malloc(sz+1,1); - if (0==session->password) + buf[sz]='\0'; + in_uint8a(c->in_s, buf, sz); + if (0 != scp_session_set_password(session, buf)) { - g_free(session->username); - g_free(session->hostname); - g_free(session); + scp_session_destroy(session); + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error", __LINE__); return SCP_SERVER_STATE_INTERNAL_ERR; } - session->password[sz]='\0'; - in_uint8a(c->in_s, session->password, sz); /* returning the struct */ (*s)=session; @@ -193,6 +211,7 @@ scp_v1s_deny_connection(struct SCP_CONNECTION* c, char* reason) if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, rlen+14)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } @@ -203,13 +222,12 @@ enum SCP_SERVER_STATES_E scp_v1s_request_password(struct SCP_CONNECTION* c, struct SCP_SESSION* s, char* reason) { tui8 sz; - char *ubuf; - char *pbuf; tui32 version; tui32 size; tui16 cmdset; tui16 cmd; int rlen; + char buf[257]; init_stream(c->in_s, c->in_s->size); init_stream(c->out_s, c->out_s->size); @@ -237,71 +255,74 @@ scp_v1s_request_password(struct SCP_CONNECTION* c, struct SCP_SESSION* s, char* if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, 14+rlen)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } /* receive password & username */ if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, 8)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } in_uint32_be(c->in_s, version); if (version!=1) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: version error", __LINE__); return SCP_SERVER_STATE_VERSION_ERR; } in_uint32_be(c->in_s, size); if (size<12) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: size error", __LINE__); return SCP_SERVER_STATE_SIZE_ERR; } init_stream(c->in_s, c->in_s->size); if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, (size-8))) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } in_uint16_be(c->in_s, cmdset); if (cmdset != SCP_COMMAND_SET_DEFAULT) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__); return SCP_SERVER_STATE_SEQUENCE_ERR; } in_uint16_be(c->in_s, cmd); if (cmd != 4) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__); return SCP_SERVER_STATE_SEQUENCE_ERR; } + buf[256] = '\0'; /* reading username */ in_uint8(c->in_s, sz); - ubuf=g_malloc(sz+1,1); - if (0==ubuf) + buf[sz] = '\0'; + in_uint8a(c->in_s, buf, sz); + if (0 != scp_session_set_username(s, buf)) { + scp_session_destroy(s); + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error", __LINE__); return SCP_SERVER_STATE_INTERNAL_ERR; } - ubuf[sz]='\0'; - in_uint8a(c->in_s, ubuf, sz); /* reading password */ in_uint8(c->in_s, sz); - pbuf=g_malloc(sz+1,1); - if (0==pbuf) + buf[sz]='\0'; + in_uint8a(c->in_s, buf, sz); + if (0 != scp_session_set_password(s, buf)) { - g_free(ubuf); + scp_session_destroy(s); + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error", __LINE__); return SCP_SERVER_STATE_INTERNAL_ERR; } - pbuf[sz]='\0'; - in_uint8a(c->in_s, pbuf, sz); - - /* replacing username and password */ - g_free(s->username); - g_free(s->password); - s->username=ubuf; - s->password=pbuf; return SCP_SERVER_STATE_OK; } @@ -340,6 +361,7 @@ scp_v1s_connect_new_session(struct SCP_CONNECTION* c, SCP_DISPLAY d) if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, 14)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } @@ -377,6 +399,7 @@ scp_v1s_list_sessions(struct SCP_CONNECTION* c, int sescnt, struct SCP_DISCONNEC if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, size)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } @@ -386,36 +409,42 @@ scp_v1s_list_sessions(struct SCP_CONNECTION* c, int sescnt, struct SCP_DISCONNEC init_stream(c->in_s, c->in_s->size); if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, 8)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } in_uint32_be(c->in_s, version); if (version!=1) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: version error", __LINE__); return SCP_SERVER_STATE_VERSION_ERR; } in_uint32_be(c->in_s, size); if (size<12) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: size error", __LINE__); return SCP_SERVER_STATE_SIZE_ERR; } init_stream(c->in_s, c->in_s->size); if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, (size-8))) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } in_uint16_be(c->in_s, cmd); if (cmd != SCP_COMMAND_SET_DEFAULT) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__); return SCP_SERVER_STATE_SEQUENCE_ERR; } in_uint16_be(c->in_s, cmd); if (cmd != 41) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__); return SCP_SERVER_STATE_SEQUENCE_ERR; } @@ -474,16 +503,35 @@ scp_v1s_list_sessions(struct SCP_CONNECTION* c, int sescnt, struct SCP_DISCONNEC out_uint8(c->out_s, cds->idle_days); out_uint8(c->out_s, cds->idle_hours); out_uint8(c->out_s, cds->idle_minutes); + size += 13; + + out_uint16_be(c->out_s, cds->conn_year); + out_uint8(c->out_s, cds->conn_month); + out_uint8(c->out_s, cds->conn_day); + out_uint8(c->out_s, cds->conn_hour); + out_uint8(c->out_s, cds->conn_minute); + out_uint8(c->out_s, cds->addr_type); + size += 7; - size = size + 13; + if (cds->addr_type == SCP_ADDRESS_TYPE_IPV4) + { + in_uint32_be(c->out_s, cds->ipv4addr); + size += 4; + } + else if (cds->addr_type == SCP_ADDRESS_TYPE_IPV6) + { + in_uint8a(c->out_s, cds->ipv6addr, 16); + size += 16; + } } s_pop_layer(c->out_s, channel_hdr); out_uint32_be(c->out_s, version); out_uint32_be(c->out_s, size); - if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, size)) + if (0 != scp_tcp_force_send(c->in_sck, c->out_s->data, size)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } } @@ -492,18 +540,21 @@ scp_v1s_list_sessions(struct SCP_CONNECTION* c, int sescnt, struct SCP_DISCONNEC init_stream(c->in_s, c->in_s->size); if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, (8))) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } in_uint32_be(c->in_s, version); - if (version!=1) + if (version != 1) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: version error", __LINE__); return SCP_SERVER_STATE_VERSION_ERR; } in_uint32_be(c->in_s, size); - if (size<12) + if (size < 12) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: size error", __LINE__); return SCP_SERVER_STATE_SIZE_ERR; } @@ -511,12 +562,14 @@ scp_v1s_list_sessions(struct SCP_CONNECTION* c, int sescnt, struct SCP_DISCONNEC init_stream(c->in_s, c->in_s->size); if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, (size-8))) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } in_uint16_be(c->in_s, cmd); if (cmd != SCP_COMMAND_SET_DEFAULT) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__); return SCP_SERVER_STATE_SEQUENCE_ERR; } @@ -539,6 +592,7 @@ scp_v1s_list_sessions(struct SCP_CONNECTION* c, int sescnt, struct SCP_DISCONNEC /* if we got here, the requested sid wasn't one from the list we sent */ /* we should kill the connection */ + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error (no such session in list)", __LINE__); return SCP_CLIENT_STATE_INTERNAL_ERR; } else if (cmd == 44) @@ -554,6 +608,7 @@ scp_v1s_list_sessions(struct SCP_CONNECTION* c, int sescnt, struct SCP_DISCONNEC else { /* wrong response */ + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__); return SCP_SERVER_STATE_SEQUENCE_ERR; } @@ -590,6 +645,7 @@ scp_v1s_reconnect_session(struct SCP_CONNECTION* c, SCP_DISPLAY d) if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, size)) { + log_message(s_log, LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__); return SCP_SERVER_STATE_NETWORK_ERR; } diff --git a/sesman/lock.c b/sesman/lock.c index a6118861..912084a2 100644 --- a/sesman/lock.c +++ b/sesman/lock.c @@ -26,6 +26,8 @@ #include <semaphore.h> #include <pthread.h> +extern struct config_sesman* g_cfg; + pthread_mutex_t lock_chain; /* session chain lock */ pthread_mutexattr_t lock_chain_attr; /* mutex attributes */ @@ -54,7 +56,7 @@ void DEFAULT_CC lock_chain_acquire(void) { /*lock the chain*/ - LOG_DBG("lock_chain_acquire()",0); + LOG_DBG(&(g_cfg->log), "lock_chain_acquire()"); pthread_mutex_lock(&lock_chain); } @@ -63,7 +65,7 @@ void DEFAULT_CC lock_chain_release(void) { /*unlock the chain*/ - LOG_DBG("lock_chain_release()",0); + LOG_DBG(&(g_cfg->log), "lock_chain_release()"); pthread_mutex_unlock(&lock_chain); } @@ -72,7 +74,7 @@ void DEFAULT_CC lock_socket_acquire(void) { /* lock socket variable */ - LOG_DBG("lock_socket_acquire()",0); + LOG_DBG(&(g_cfg->log), "lock_socket_acquire()"); sem_wait(&lock_socket); } @@ -81,7 +83,7 @@ void DEFAULT_CC lock_socket_release(void) { /* unlock socket variable */ - LOG_DBG("lock_socket_release()",0); + LOG_DBG(&(g_cfg->log), "lock_socket_release()"); sem_post(&lock_socket); } diff --git a/sesman/scp.c b/sesman/scp.c index e964bed2..ea5a8ec0 100644 --- a/sesman/scp.c +++ b/sesman/scp.c @@ -25,7 +25,7 @@ * This code controls which version is being used and starts the * appropriate process * @author Jay Sorg, Simone Fedele - * + * */ #include "sesman.h" @@ -70,6 +70,12 @@ scp_process_start(void* sck) scp_v1_process(&scon, sdata); } break; + case SCP_SERVER_STATE_START_MANAGE: + /* starting a management session */ + log_message(&(g_cfg.log), LOG_LEVEL_WARNING, + "starting a sesman management session..."); +// scp_v1s_mng_process(&scon, sdata); + break; case SCP_SERVER_STATE_VERSION_ERR: /* an unknown scp version was requested, so we shut down the */ /* connection (and log the fact) */ diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c index 92856789..e006ad33 100644 --- a/sesman/scp_v0.c +++ b/sesman/scp_v0.c @@ -22,15 +22,15 @@ * @file scp_v0.c * @brief scp version 0 implementation * @author Jay Sorg, Simone Fedele - * + * */ #include "sesman.h" -extern struct config_sesman g_cfg; +extern struct config_sesman* g_cfg; /******************************************************************************/ -void DEFAULT_CC +void DEFAULT_CC scp_v0_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) { int display = 0; @@ -50,19 +50,19 @@ scp_v0_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) } else { - g_printf("pre auth"); + LOG_DBG(&(g_cfg->log), "pre auth"); if (1 == access_login_allowed(s->username)) { - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "granted TS access to user %s", s->username); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "granted TS access to user %s", s->username); if (SCP_SESSION_TYPE_XVNC == s->type) { - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "starting Xvnc session..."); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "starting Xvnc session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XVNC); } else { - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "starting X11rdp session..."); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "starting X11rdp session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XRDP); } diff --git a/sesman/scp_v1.c b/sesman/scp_v1.c index 32a3ffe8..c5ff2d4c 100644 --- a/sesman/scp_v1.c +++ b/sesman/scp_v1.c @@ -30,7 +30,7 @@ //#include "libscp_types.h" #include "libscp.h" -extern struct config_sesman g_cfg; +extern struct config_sesman* g_cfg; static void parseCommonStates(enum SCP_SERVER_STATES_E e, char* f); @@ -48,7 +48,7 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) int scount; SCP_SID sid; - retries = g_cfg.sec.login_retry; + retries = g_cfg->sec.login_retry; current_try = retries; data = auth_userpass(s->username, s->password); @@ -56,7 +56,7 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) while ((!data) && ((retries == 0) || (current_try > 0))) { - LOG_DBG("data %d - retry %d - currenttry %d - expr %d", data, retries, current_try, ((!data) && ((retries==0) || (current_try>0)))); + LOG_DBG(&(g_cfg->log), "data %d - retry %d - currenttry %d - expr %d", data, retries, current_try, ((!data) && ((retries==0) || (current_try>0)))); e=scp_v1s_request_password(c,s,"Wrong username and/or password"); @@ -83,7 +83,7 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) if (!data) { scp_v1s_deny_connection(c, "Login failed"); - log_message(&(g_cfg.log), LOG_LEVEL_INFO, + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "Login failed for user %s. Connection terminated", s->username); free_session(s); return; @@ -93,7 +93,7 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) if (0 == access_login_allowed(s->username)) { scp_v1s_deny_connection(c, "Access to Terminal Server not allowed."); - log_message(&(g_cfg.log), LOG_LEVEL_INFO, + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "User %s not allowed on TS. Connection terminated", s->username); free_session(s); return; @@ -107,16 +107,16 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) if (scount == 0) { /* no disconnected sessions - start a new one */ - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "granted TS access to user %s", s->username); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "granted TS access to user %s", s->username); if (SCP_SESSION_TYPE_XVNC == s->type) { - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "starting Xvnc session..."); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "starting Xvnc session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XVNC); } else { - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "starting X11rdp session..."); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "starting X11rdp session..."); display = session_start(s->width, s->height, s->bpp, s->username, s->password, data, SESMAN_SESSION_TYPE_XRDP); } @@ -145,7 +145,7 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) /*case SCP_SERVER_STATE_FORCE_NEW:*/ /* we should check for MaxSessions */ case SCP_SERVER_STATE_SELECTION_CANCEL: - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "Connection cancelled after session listing"); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "Connection cancelled after session listing"); break; case SCP_SERVER_STATE_OK: /* ok, reconnecting... */ @@ -153,14 +153,14 @@ scp_v1_process(struct SCP_CONNECTION* c, struct SCP_SESSION* s) if (0==sitem) { e=scp_v1s_connection_error(c, "Internal error"); - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "Cannot find session item on the chain"); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "Cannot find session item on the chain"); } else { display=sitem->display; /*e=scp_v1s_reconnect_session(c, sitem, display);*/ e=scp_v1s_reconnect_session(c, display); - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "User %s reconnected to session %d on port %d", \ + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "User %s reconnected to session %d on port %d", \ s->username, sitem->pid, display); } break; @@ -188,27 +188,27 @@ static void parseCommonStates(enum SCP_SERVER_STATES_E e, char* f) switch (e) { case SCP_SERVER_STATE_VERSION_ERR: - LOG_DBG(&(g_cfg.log), "version error") + LOG_DBG(&(g_cfg->log), "version error") case SCP_SERVER_STATE_SIZE_ERR: /* an unknown scp version was requested, so we shut down the */ /* connection (and log the fact) */ - log_message(&(g_cfg.log), LOG_LEVEL_WARNING, + log_message(&(g_cfg->log), LOG_LEVEL_WARNING, "protocol violation. connection closed."); break; case SCP_SERVER_STATE_NETWORK_ERR: - log_message(&(g_cfg.log), LOG_LEVEL_WARNING, "libscp network error."); + log_message(&(g_cfg->log), LOG_LEVEL_WARNING, "libscp network error."); break; case SCP_SERVER_STATE_SEQUENCE_ERR: - log_message(&(g_cfg.log), LOG_LEVEL_WARNING, "libscp sequence error."); + log_message(&(g_cfg->log), LOG_LEVEL_WARNING, "libscp sequence error."); break; case SCP_SERVER_STATE_INTERNAL_ERR: /* internal error occurred (eg. malloc() error, ecc.) */ - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "libscp internal error occurred."); + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "libscp internal error occurred."); break; default: /* dummy: scp_v1s_request_password won't generate any other */ /* error other than the ones before */ - log_message(&(g_cfg.log), LOG_LEVEL_ALWAYS, "unknown return from %s", f); + log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS, "unknown return from %s", f); break; } } diff --git a/sesman/sesman.c b/sesman/sesman.c index 89a4de9a..c7522c7b 100644 --- a/sesman/sesman.c +++ b/sesman/sesman.c @@ -22,7 +22,7 @@ * @file sesman.c * @brief Main program file * @author Jay Sorg - * + * */ #include "sesman.h" @@ -30,7 +30,7 @@ int g_sck; int g_pid; unsigned char g_fixedkey[8] = { 23, 82, 107, 6, 35, 78, 88, 7 }; -struct config_sesman g_cfg; /* config.h */ +struct config_sesman* g_cfg; /* config.h */ extern int thread_sck; @@ -40,17 +40,17 @@ extern int thread_sck; * @brief Starts sesman main loop * */ -static void DEFAULT_CC +static void DEFAULT_CC sesman_main_loop(void) { int in_sck; int error; /*main program loop*/ - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "listening..."); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "listening..."); g_sck = g_tcp_socket(); g_tcp_set_non_blocking(g_sck); - error = scp_tcp_bind(g_sck, g_cfg.listen_address, g_cfg.listen_port); + error = scp_tcp_bind(g_sck, g_cfg->listen_address, g_cfg->listen_port); if (error == 0) { error = g_tcp_listen(g_sck); @@ -65,8 +65,8 @@ sesman_main_loop(void) while (in_sck > 0) { /* we've got a connection, so we pass it to scp code */ - LOG_DBG("new connection",0); - thread_sck=in_sck; + LOG_DBG(&(g_cfg->log), "new connection"); + thread_sck=in_sck; //scp_process_start((void*)in_sck); thread_scp_start(in_sck); @@ -81,12 +81,12 @@ sesman_main_loop(void) } else { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "listen error"); + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "listen error"); } } else { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "bind error"); + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "bind error"); } g_tcp_close(g_sck); } @@ -188,15 +188,21 @@ main(int argc, char** argv) } /* reading config */ - g_cfg.log.fd = -1; /* don't use logging before reading its config */ - if (0 != config_read(&g_cfg)) + g_cfg = g_malloc(sizeof(struct config_sesman), 1); + if (0 == g_cfg) + { + g_printf("error creating config: quitting.\n"); + g_exit(1); + } + g_cfg->log.fd = -1; /* don't use logging before reading its config */ + if (0 != config_read(g_cfg)) { g_printf("error reading config: %s\nquitting.\n", g_get_strerror()); g_exit(1); } /* starting logging subsystem */ - error = log_start(&(g_cfg.log)); + error = log_start(&(g_cfg->log)); if (error != LOG_STARTUP_OK) { @@ -213,7 +219,7 @@ main(int argc, char** argv) } /* libscp initialization */ - scp_init(&(g_cfg.log)); + scp_init(&(g_cfg->log)); if (daemon) { @@ -255,9 +261,9 @@ main(int argc, char** argv) fd = g_file_open(SESMAN_PID_FILE); if (-1 == fd) { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "error opening pid file: %s", + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "error opening pid file: %s", g_get_strerror()); - log_end(&(g_cfg.log)); + log_end(&(g_cfg->log)); g_exit(1); } g_sprintf(pid_s, "%d", g_pid); @@ -265,7 +271,7 @@ main(int argc, char** argv) g_file_close(fd); /* start program main loop */ - log_message(&(g_cfg.log), LOG_LEVEL_ALWAYS, "starting sesman with pid %d", g_pid); + log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS, "starting sesman with pid %d", g_pid); /* make sure the /tmp/.X11-unix directory exist */ if (!g_directory_exist("/tmp/.X11-unix")) @@ -278,7 +284,7 @@ main(int argc, char** argv) if (!daemon) { - log_end(&(g_cfg.log)); + log_end(&(g_cfg->log)); } return 0; diff --git a/sesman/session.c b/sesman/session.c index 624494d2..54e02ad6 100644 --- a/sesman/session.c +++ b/sesman/session.c @@ -28,10 +28,11 @@ #include "sesman.h" #include "libscp_types.h" -#include "errno.h" +#include <errno.h> +//#include <time.h> extern unsigned char g_fixedkey[8]; -extern struct config_sesman g_cfg; /* config.h */ +extern struct config_sesman* g_cfg; /* config.h */ struct session_chain* g_sessions; int g_session_count; @@ -124,7 +125,7 @@ session_start_sessvc(int xpid, int wmpid, long data) /* new style waiting for clients */ g_sprintf(wmpid_str, "%d", wmpid); g_sprintf(xpid_str, "%d", xpid); - log_message(&(g_cfg.log), LOG_LEVEL_INFO, + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "starting xrdp-sessvc - xpid=%s - wmpid=%s", xpid_str, wmpid_str); @@ -143,19 +144,19 @@ session_start_sessvc(int xpid, int wmpid, long data) g_execvp(exe_path, ((char**)sessvc_params->items)); /* should not get here */ - log_message(&(g_cfg.log), LOG_LEVEL_ALWAYS, + log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS, "error starting xrdp-sessvc - pid %d - xpid=%s - wmpid=%s", g_getpid(), xpid_str, wmpid_str); /* logging parameters */ /* no problem calling strerror for thread safety: other threads are blocked */ - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, "errno: %d, description: %s", + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, description: %s", errno, g_get_strerror()); - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, "execve parameter list:"); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "execve parameter list:"); for (i = 0; i < (sessvc_params->count); i++) { - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, " argv[%d] = %s", i, + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[%d] = %s", i, (char*)list_get_item(sessvc_params, i)); } list_delete(sessvc_params); @@ -187,15 +188,17 @@ session_start(int width, int height, int bpp, char* username, char* password, char** pp1; struct session_chain* temp; struct list* xserver_params=0; + time_t ltime; + struct tm stime; /*THREAD-FIX lock to control g_session_count*/ lock_chain_acquire(); /* check to limit concurrent sessions */ - if (g_session_count >= g_cfg.sess.max_sessions) + if (g_session_count >= g_cfg->sess.max_sessions) { /*THREAD-FIX unlock chain*/ lock_chain_release(); - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "max concurrent session limit exceeded. login \ + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "max concurrent session limit exceeded. login \ for user %s denied", username); return 0; } @@ -206,7 +209,7 @@ for user %s denied", username); temp = (struct session_chain*)g_malloc(sizeof(struct session_chain), 0); if (temp == 0) { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "cannot create new chain element - user %s", + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "cannot create new chain element - user %s", username); return 0; } @@ -214,7 +217,7 @@ for user %s denied", username); if (temp->item == 0) { g_free(temp); - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "cannot create new session item - user %s", + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "cannot create new session item - user %s", username); return 0; } @@ -230,7 +233,7 @@ for user %s denied", username); while (x_server_running(display)) { display++; - if (((display - 10) > g_cfg.sess.max_sessions) || (display >= 50)) + if (((display - 10) > g_cfg->sess.max_sessions) || (display >= 50)) { return 0; } @@ -260,53 +263,53 @@ for user %s denied", username); { auth_set_env(data); /* try to execute user window manager if enabled */ - if (g_cfg.enable_user_wm) + if (g_cfg->enable_user_wm) { - g_sprintf(text,"%s/%s", g_getenv("HOME"), g_cfg.user_wm); + g_sprintf(text,"%s/%s", g_getenv("HOME"), g_cfg->user_wm); if (g_file_exist(text)) { - g_execlp3(text, g_cfg.user_wm, 0); - log_message(&(g_cfg.log), LOG_LEVEL_ALWAYS,"error starting user wm for user %s - pid %d", + g_execlp3(text, g_cfg->user_wm, 0); + log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS,"error starting user wm for user %s - pid %d", username, g_getpid()); /* logging parameters */ /* no problem calling strerror for thread safety: other threads are blocked */ - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, "errno: %d, description: %s", errno, + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, description: %s", errno, g_get_strerror()); - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG,"execlp3 parameter list:"); - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, " argv[0] = %s", text); - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, " argv[1] = %s", g_cfg.user_wm); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG,"execlp3 parameter list:"); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[0] = %s", text); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[1] = %s", g_cfg->user_wm); } } /* if we're here something happened to g_execlp3 so we try running the default window manager */ - g_sprintf(text, "%s/%s", XRDP_CFG_PATH, g_cfg.default_wm); - g_execlp3(text, g_cfg.default_wm, 0); + g_sprintf(text, "%s/%s", XRDP_CFG_PATH, g_cfg->default_wm); + g_execlp3(text, g_cfg->default_wm, 0); - log_message(&(g_cfg.log), LOG_LEVEL_ALWAYS,"error starting default wm for user %s - pid %d", + log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS,"error starting default wm for user %s - pid %d", username, g_getpid()); /* logging parameters */ /* no problem calling strerror for thread safety: other threads are blocked */ - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, "errno: %d, description: %s", errno, + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, description: %s", errno, g_get_strerror()); - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG,"execlp3 parameter list:"); - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, " argv[0] = %s", text); - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, " argv[1] = %s", g_cfg.default_wm); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG,"execlp3 parameter list:"); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[0] = %s", text); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[1] = %s", g_cfg->default_wm); /* still a problem starting window manager just start xterm */ g_execlp3("xterm", "xterm", 0); /* should not get here */ - log_message(&(g_cfg.log), LOG_LEVEL_ALWAYS,"error starting xterm for user %s - pid %d", + log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS,"error starting xterm for user %s - pid %d", username, g_getpid()); /* logging parameters */ /* no problem calling strerror for thread safety: other threads are blocked */ - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, "errno: %d, description: %s", errno, g_get_strerror()); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, description: %s", errno, g_get_strerror()); } else { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "another Xserver is already active on display %d", display); + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "another Xserver is already active on display %d", display); } - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG,"aborting connection..."); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG,"aborting connection..."); g_exit(0); } else /* parent (child sesman) */ @@ -336,7 +339,7 @@ for user %s denied", username); /* additional parameters from sesman.ini file */ //config_read_xserver_params(SESMAN_SESSION_TYPE_XVNC, // xserver_params); - list_append_list_strdup(g_cfg.vnc_params, xserver_params, 0); + list_append_list_strdup(g_cfg->vnc_params, xserver_params, 0); /* make sure it ends with a zero */ list_add_item(xserver_params, 0); @@ -358,7 +361,7 @@ for user %s denied", username); /* additional parameters from sesman.ini file */ //config_read_xserver_params(SESMAN_SESSION_TYPE_XRDP, // xserver_params); - list_append_list_strdup(g_cfg.rdp_params, xserver_params, 0); + list_append_list_strdup(g_cfg->rdp_params, xserver_params, 0); /* make sure it ends with a zero */ list_add_item(xserver_params, 0); @@ -367,23 +370,23 @@ for user %s denied", username); } else { - log_message(&(g_cfg.log), LOG_LEVEL_ALWAYS, "bad session type - user %s - pid %d", + log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS, "bad session type - user %s - pid %d", username, g_getpid()); g_exit(1); } /* should not get here */ - log_message(&(g_cfg.log), LOG_LEVEL_ALWAYS, "error starting X server - user %s - pid %d", + log_message(&(g_cfg->log), LOG_LEVEL_ALWAYS, "error starting X server - user %s - pid %d", username, g_getpid()); /* logging parameters */ /* no problem calling strerror for thread safety: other threads are blocked */ - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, "errno: %d, description: %s", errno, g_get_strerror()); - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, "execve parameter list: %d", (xserver_params)->count); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "errno: %d, description: %s", errno, g_get_strerror()); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, "execve parameter list: %d", (xserver_params)->count); for (i=0; i<(xserver_params->count); i++) { - log_message(&(g_cfg.log), LOG_LEVEL_DEBUG, " argv[%d] = %s", i, (char*)list_get_item(xserver_params, i)); + log_message(&(g_cfg->log), LOG_LEVEL_DEBUG, " argv[%d] = %s", i, (char*)list_get_item(xserver_params, i)); } list_delete(xserver_params); g_exit(1); @@ -408,9 +411,15 @@ for user %s denied", username); temp->item->data = data; g_strncpy(temp->item->name, username, 255); - temp->item->connect_time = g_time1(); - temp->item->disconnect_time = 0; - temp->item->idle_time = 0; + ltime = g_time1(); + gmtime_r(<ime, &stime); + temp->item->connect_time.year = (tui16)stime.tm_year; + temp->item->connect_time.month = (tui8)stime.tm_mon; + temp->item->connect_time.day = (tui8)stime.tm_mday; + temp->item->connect_time.hour = (tui8)stime.tm_hour; + temp->item->connect_time.minute = (tui8)stime.tm_min; + zero_time(&(temp->item->disconnect_time)); + zero_time(&(temp->item->idle_time)); temp->item->type=type; temp->item->status=SESMAN_SESSION_STATUS_ACTIVE; @@ -482,7 +491,7 @@ session_kill(int pid) { if (tmp->item == 0) { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "session descriptor for pid %d is null!", + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "session descriptor for pid %d is null!", pid); if (prev == 0) { @@ -502,7 +511,7 @@ session_kill(int pid) if (tmp->item->pid == pid) { /* deleting the session */ - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "session %d - user %s - terminated", + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "session %d - user %s - terminated", tmp->item->pid, tmp->item->name); g_free(tmp->item); if (prev == 0) @@ -547,7 +556,7 @@ session_sigkill_all() { if (tmp->item == 0) { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "found null session descriptor!"); + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "found null session descriptor!"); } else { @@ -576,7 +585,7 @@ session_get_bypid(int pid) { if (tmp->item == 0) { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "session descriptor for pid %d is null!", + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "session descriptor for pid %d is null!", pid); /*THREAD-FIX release chain lock */ lock_chain_release(); @@ -657,9 +666,30 @@ session_get_byuser(char* user, int* cnt) (sess[index]).width=tmp->item->width; (sess[index]).bpp=tmp->item->bpp; #warning FIXME: setting idle times and such - (sess[index]).idle_days=0; - (sess[index]).idle_hours=0; - (sess[index]).idle_minutes=0; + /*(sess[index]).connect_time.year = tmp->item->connect_time.year; + (sess[index]).connect_time.month = tmp->item->connect_time.month; + (sess[index]).connect_time.day = tmp->item->connect_time.day; + (sess[index]).connect_time.hour = tmp->item->connect_time.hour; + (sess[index]).connect_time.minute = tmp->item->connect_time.minute; + (sess[index]).disconnect_time.year = tmp->item->disconnect_time.year; + (sess[index]).disconnect_time.month = tmp->item->disconnect_time.month; + (sess[index]).disconnect_time.day = tmp->item->disconnect_time.day; + (sess[index]).disconnect_time.hour = tmp->item->disconnect_time.hour; + (sess[index]).disconnect_time.minute = tmp->item->disconnect_time.minute; + (sess[index]).idle_time.year = tmp->item->idle_time.year; + (sess[index]).idle_time.month = tmp->item->idle_time.month; + (sess[index]).idle_time.day = tmp->item->idle_time.day; + (sess[index]).idle_time.hour = tmp->item->idle_time.hour; + (sess[index]).idle_time.minute = tmp->item->idle_time.minute;*/ + (sess[index]).conn_year = tmp->item->connect_time.year; + (sess[index]).conn_month = tmp->item->connect_time.month; + (sess[index]).conn_day = tmp->item->connect_time.day; + (sess[index]).conn_hour = tmp->item->connect_time.hour; + (sess[index]).conn_minute = tmp->item->connect_time.minute; + (sess[index]).idle_days = tmp->item->idle_time.day; + (sess[index]).idle_hours = tmp->item->idle_time.hour; + (sess[index]).idle_minutes = tmp->item->idle_time.minute; + index++; } diff --git a/sesman/session.h b/sesman/session.h index e43e4b81..e6c6563b 100644 --- a/sesman/session.h +++ b/sesman/session.h @@ -45,6 +45,17 @@ #define SESMAN_SESSION_KILL_NULLITEM 1 #define SESMAN_SESSION_KILL_NOTFOUND 2 +struct session_date +{ + tui16 year; + tui8 month; + tui8 day; + tui8 hour; + tui8 minute; +}; + +#define zero_time(s) { (s)->year=0; (s)->month=0; (s)->day=0; (s)->hour=0; (s)->minute=0; } + struct session_item { char name[256]; @@ -60,9 +71,9 @@ struct session_item unsigned char type; /* time data */ - int connect_time; - int disconnect_time; - int idle_time; + struct session_date connect_time; + struct session_date disconnect_time; + struct session_date idle_time; }; struct session_chain diff --git a/sesman/sig.c b/sesman/sig.c index 8f37e767..cc4a2eb6 100644 --- a/sesman/sig.c +++ b/sesman/sig.c @@ -31,21 +31,21 @@ extern int g_sck; extern int g_pid; -extern struct config_sesman g_cfg; +extern struct config_sesman* g_cfg; /******************************************************************************/ void DEFAULT_CC sig_sesman_shutdown(int sig) { - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "shutting down sesman %d", 1); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "shutting down sesman %d", 1); if (g_getpid() != g_pid) { - LOG_DBG("g_getpid() [%d] differs from g_pid [%d]", (g_getpid()), g_pid); + LOG_DBG(&(g_cfg->log), "g_getpid() [%d] differs from g_pid [%d]", (g_getpid()), g_pid); return; } - LOG_DBG(" - getting signal %d pid %d", sig, g_getpid()); + LOG_DBG(&(g_cfg->log), " - getting signal %d pid %d", sig, g_getpid()); g_tcp_close(g_sck); @@ -58,25 +58,32 @@ sig_sesman_shutdown(int sig) void DEFAULT_CC sig_sesman_reload_cfg(int sig) { - struct config_sesman cfg; + struct config_sesman *cfg; -#warning FIXME reload configuration must NOT damage logging! - log_message(&(g_cfg.log), LOG_LEVEL_WARNING, "receiving SIGHUP %d", 1); + log_message(&(g_cfg->log), LOG_LEVEL_WARNING, "receiving SIGHUP %d", 1); if (g_getpid() != g_pid) { - LOG_DBG(&(g_cfg.log), "g_getpid() [%d] differs from g_pid [%d]", g_getpid(), g_pid); + LOG_DBG(&(g_cfg->log), "g_getpid() [%d] differs from g_pid [%d]", g_getpid(), g_pid); + return; + } + + cfg = g_malloc(sizeof(struct config_sesman), 1); + if (0 == cfg) + { + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "error creating new config: - keeping old cfg"); return; } - if (config_read(&cfg) != 0) + if (config_read(cfg) != 0) { - log_message(&(g_cfg.log), LOG_LEVEL_ERROR, "error reading config - keeping old cfg"); + log_message(&(g_cfg->log), LOG_LEVEL_ERROR, "error reading config - keeping old cfg"); return; } +#warning FIXME reload configuration must NOT damage logging! g_cfg = cfg; - log_message(&(g_cfg.log), LOG_LEVEL_INFO, "configuration reloaded"); + log_message(&(g_cfg->log), LOG_LEVEL_INFO, "configuration reloaded"); } /******************************************************************************/ @@ -122,7 +129,7 @@ sig_handler_thread(void* arg) do { - LOG_DBG(&(g_cfg.log), "calling sigwait()",0); + LOG_DBG(&(g_cfg->log), "calling sigwait()",0); sigwait(&waitmask, &recv_signal); switch (recv_signal) @@ -130,12 +137,12 @@ sig_handler_thread(void* arg) case SIGHUP: //reload cfg //we must stop & restart logging, or copy logging cfg!!!! - LOG_DBG(&(g_cfg.log), "sesman received SIGHUP",0); + LOG_DBG(&(g_cfg->log), "sesman received SIGHUP",0); //return 0; break; case SIGCHLD: /* a session died */ - LOG_DBG(&(g_cfg.log), "sesman received SIGCHLD",0); + LOG_DBG(&(g_cfg->log), "sesman received SIGCHLD",0); sig_sesman_session_end(SIGCHLD); break; /*case SIGKILL; @@ -145,7 +152,7 @@ sig_handler_thread(void* arg) break;*/ case SIGTERM: /* we die */ - LOG_DBG(&(g_cfg.log), "sesman received SIGTERM",0); + LOG_DBG(&(g_cfg->log), "sesman received SIGTERM",0); sig_sesman_shutdown(recv_signal); break; } diff --git a/sesman/tools/Makefile b/sesman/tools/Makefile index 7313b7fc..bde00374 100644 --- a/sesman/tools/Makefile +++ b/sesman/tools/Makefile @@ -1,10 +1,15 @@ # sesman tools makefile - -SESTESTOBJ = sestest.o os_calls.o log.o +SESTESTOBJ = sestest.o \ + os_calls.o log.o +# d3des.o list.o file.o \ +# libscp_v1c.o tcp.o SESRUNOBJ = sesrun.o config.o tcp.o \ os_calls.o d3des.o list.o file.o log.o +SESADMINOBJ = sesadmin.o \ + os_calls.o log.o + CFGDIR = /etc/xrdp PIDDIR = /var/run MANDIR = /usr/local/man @@ -17,10 +22,11 @@ DEFINES = -DLIBSCP_CLIENT CFLAGS = -Wall -g -I../../common -I../ -I/usr/include/nptl -I../libscp $(DEFINES) LDFLAGS = -L/usr/gnu/lib -L/usr/lib/nptl -L../libscp -lpthread -ldl -lscp -Wl,-rpath,$(LIBDIR) #LDFLAGS = -L /usr/gnu/lib -ldl $(DEFINES) -C_OS_FLAGS = $(CFLAGS) -c +C_OS_FLAGS = $(CFLAGS) -c -g CC = gcc -all: xrdp-sestest xrdp-sesrun +all: xrdp-sestest xrdp-sesrun +# xrdp-sesadmin xrdp-sestest: $(SESTESTOBJ) $(CC) $(LDFLAGS) -o xrdp-sestest $(SESTESTOBJ) @@ -28,8 +34,11 @@ xrdp-sestest: $(SESTESTOBJ) xrdp-sesrun: $(SESRUNOBJ) $(CC) $(LDFLAGS) -o xrdp-sesrun $(SESRUNOBJ) +xrdp-sesadmin: $(SESADMINOBJ) + $(CC) $(LDFLAGS) -o xrdp-sesadmin $(SESADMINOBJ) + clean: - rm -f *.o xrdp-sestest xrdp-sesrun + rm -f *.o xrdp-sestest xrdp-sesrun xrdp-sesadmin install: install xrdp-sesrun $(BINDIR)/xrdp-sesrun diff --git a/sesman/tools/sestest.c b/sesman/tools/sestest.c index 78f526b1..03cd1a18 100644 --- a/sesman/tools/sestest.c +++ b/sesman/tools/sestest.c @@ -1,5 +1,5 @@ -/* - * sestest.c - an scp_v1 testing tool +/* + * sestest.c - an scp_v1 testing tool * (c) 2008 Simone Fedele * */ @@ -17,7 +17,8 @@ unsigned int menuSelect(unsigned int choices); int main(int argc, char** argv) { - struct SCP_SESSION s; + char buf[256]; + struct SCP_SESSION* s; struct SCP_CONNECTION* c; /*struct SCP_DISCONNECTED_SESSION ds;*/ struct SCP_DISCONNECTED_SESSION* dsl; @@ -29,7 +30,6 @@ int main(int argc, char** argv) int sel; int sock; - log.enable_syslog=0; log.log_level=99; log.program_name=g_strdup("sestest"); @@ -38,12 +38,8 @@ int main(int argc, char** argv) scp_init(&log); sock=g_tcp_socket(); - c=scp_connection_create(sock); - /*make_stream(c.in_s); - init_stream(c.in_s, 8192); - make_stream(c.out_s); - init_stream(c.out_s, 8192); - c.in_sck = g_tcp_socket();*/ + s = scp_session_create(); + c = scp_connection_create(sock); if (0!=g_tcp_connect(sock, "localhost", "3350")) { @@ -53,71 +49,78 @@ int main(int argc, char** argv) g_printf("001 - send connect request\n"); -/*struct SCP_SESSION -{ - uint16_t display; - char* errstr; -};*/ - - s.type=SCP_SESSION_TYPE_XVNC; + scp_session_set_type(s, SCP_SESSION_TYPE_XVNC); + scp_session_set_version(s, 1); + scp_session_set_height(s, 600); + scp_session_set_width(s, 800); + scp_session_set_bpp(s, 16); + scp_session_set_rsr(s, 0); + scp_session_set_locale(s, "it_IT"); + scp_session_set_username(s, "prog"); + scp_session_set_password(s, "prog"); + scp_session_set_hostname(s, "odin"); +// scp_session_set_addr(s, SCP_ADDRESS_TYPE_IPV4, "127.0.0.1"); +// scp_session_set_display(struct SCP_SESSION* s, SCP_DISPLAY display); +// scp_session_set_errstr(struct SCP_SESSION* s, char* str); + + /*s.type=SCP_SESSION_TYPE_XVNC; s.version=1; s.height=600; s.width=800; s.bpp=8; s.rsr=0; g_strncpy(s.locale,"it_IT 0123456789",18); - s.username=g_malloc(256, 1); g_strncpy(s.username,"prog",255); - s.password=g_malloc(256,1); g_strncpy(s.password, "prog", 255); g_printf("%s - %s\n", s.username, s.password); - - s.hostname=g_malloc(256,1); g_strncpy(s.hostname, "odin", 255); - s.addr_type=SCP_ADDRESS_TYPE_IPV4; s.ipv4addr=0; - s.errstr=0; + s.errstr=0;*/ end=0; - e=scp_v1c_connect(c,&s); + e=scp_v1c_connect(c,s); while (!end) { switch (e) { case SCP_CLIENT_STATE_OK: - g_printf("OK : display is %d\n", (short int)s.display); + g_printf("OK : display is %d\n", (short int)s->display); end=1; break; case SCP_CLIENT_STATE_SESSION_LIST: g_printf("OK : session list needed\n"); e=scp_v1c_get_session_list(c, &scnt, &dsl); - printf("Sessions: %d\n", scnt); - for (idx=0; idx <scnt; idx++) - { - printf("Session \t%d - %d - %dx%dx%d - %d %d %d\n", (dsl[idx]).SID, (dsl[idx]).type, (dsl[idx]).height, (dsl[idx]).width, (dsl[idx]).bpp, (dsl[idx]).idle_days, (dsl[idx]).idle_hours, (dsl[idx]).idle_minutes); - } break; case SCP_CLIENT_STATE_LIST_OK: g_printf("OK : selecting a session:\n"); + for (idx=0; idx <scnt; idx++) + { + printf("Session \t%d - %d - %dx%dx%d - %d %d %d - %4d/%2d/%2d@%2d:%2d\n", \ + (dsl[idx]).SID, (dsl[idx]).type, (dsl[idx]).width, (dsl[idx]).height, (dsl[idx]).bpp, \ + (dsl[idx]).idle_days, (dsl[idx]).idle_hours, (dsl[idx]).idle_minutes, \ + (dsl[idx]).conn_year, (dsl[idx]).conn_month, (dsl[idx]).conn_day, (dsl[idx]).conn_hour, (dsl[idx]).conn_minute); + } sel = menuSelect(scnt); - e=scp_v1c_select_session(c, &s, dsl[sel-1].SID); + e=scp_v1c_select_session(c, s, dsl[sel-1].SID); g_printf("\n return: %d \n", e); break; case SCP_CLIENT_STATE_RESEND_CREDENTIALS: - g_printf("ERR: resend credentials - %s\n", s.errstr); + g_printf("ERR: resend credentials - %s\n", s->errstr); g_printf(" username:"); - scanf("%255s", s.username); + scanf("%255s", buf); + scp_session_set_username(s, buf); g_printf(" password:"); - scanf("%255s", s.password); - e=scp_v1c_resend_credentials(c,&s); + scanf("%255s", buf); + scp_session_set_password(s, buf); + e=scp_v1c_resend_credentials(c,s); break; case SCP_CLIENT_STATE_CONNECTION_DENIED: - g_printf("ERR: connection denied: %s\n", s.errstr); + g_printf("ERR: connection denied: %s\n", s->errstr); end=1; break; case SCP_CLIENT_STATE_PWD_CHANGE_REQ: @@ -136,6 +139,7 @@ int main(int argc, char** argv) } g_tcp_close(sock); + scp_session_destroy(s); scp_connection_destroy(c); /*free_stream(c.in_s); free_stream(c.out_s);*/ diff --git a/sesman/verify_user.c b/sesman/verify_user.c index b783724c..edfd4572 100644 --- a/sesman/verify_user.c +++ b/sesman/verify_user.c @@ -326,4 +326,3 @@ auth_account_disabled(struct spwd* stp) return 0; } - |