summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * sesman: s/XOrg/Xorg/g, no logic changeKoichiro IWAO2018-06-052-4/+4
| | | | | | | | X.Org is usually spelled X.Org or Xorg.
| * sesman: config_read_logging function no longer existsKoichiro IWAO2018-06-052-17/+0
|/
* Merge pull request #1132 from daixj-shterm/develjsorg712018-05-271-1/+1
|\ | | | | fix issue #1112: set SSL object's read_ahead flag to be 0
| * fix issue #1112: set SSL object's read_ahead flag to be 0daixj2018-05-211-1/+1
| |
* | don't remove configure_params.h on make clean, only make distcleanJay Sorg2018-05-271-1/+1
| |
* | distclean remove configure_params.hJay Sorg2018-05-251-0/+3
| |
* | add ipv6only to configure echo and add configure parameter to xrdp -h outputJay Sorg2018-05-253-1/+9
|/
* Merge pull request #1126 from metalefty/strict-locationsmetalefty2018-05-121-1/+2
|\ | | | | configure: set default value for enable_strict_locations
| * configure: set default value for enable_strict_locationsKoichiro IWAO2018-05-101-1/+2
|/ | | | This change prints yes or no to configure summary introduced in #1118.
* echo configure summaryJay Sorg2018-05-021-0/+25
|
* Merge pull request #1108 from aiden0z/develmetalefty2018-04-221-3/+6
|\ | | | | sesrun support start other session based on session_code argument
| * sesrun support start other session based on session_code argumentAiden Luo2018-04-201-3/+6
| |
* | Merge pull request #1107 from metalefty/sesman-xorg-wrappermetalefty2018-04-201-1/+1
|\ \ | | | | | | sesman: Update Xorg help comment for Arch Linux
| * | sesman: Update Xorg help comment for Arch LinuxKoichiro IWAO2018-04-191-1/+1
| |/ | | | | | | As reported in #1106, Arch Linux looks to me like using Xorg wrapper now.
* | Merge pull request #1104 from metalefty/remove-x11rdpmetalefty2018-04-1989-19419/+1
|\ \ | | | | | | Remove x11rdp
| * | Remove x11rdp from README and EXTRA_DISTKoichiro IWAO2018-04-172-3/+1
| | |
| * | Remove x11rdp from xrdp repositoryKoichiro IWAO2018-04-1787-19416/+0
| |/ | | | | | | | | Now x11rdp is replaced with xorgxrdp. Deprecating it. Repository moved to https://github.com/neutrinolabs/x11rdp.
* | Merge pull request #1103 from metalefty/docsmetalefty2018-04-181-1/+1
|\ \ | |/ |/| docs: '!' is no longer a comment out symbol
| * docs: '!' is no longer a comment out symbolKoichiro IWAO2018-04-171-1/+1
|/
* Merge pull request #1096 from metalefty/version_infometalefty2018-04-134-24/+68
|\ | | | | Show OpenSSL version to --version
| * xrdp: show which CLI option is unknown to xrdpKoichiro IWAO2018-04-101-4/+14
| |
| * xrdp: add OpenSSL version to --versionKoichiro IWAO2018-04-104-20/+54
| | | | | | | | While here, cleanup --help, --version, and when unknown option.
| * xrdp: xrdp should exit with error code when unknown CLI option givenKoichiro IWAO2018-04-101-1/+1
| |
* | UDS file deleted after first connectionBen Cohen2018-03-273-1/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If you run xrdp with a Unix Domain Socket (UDS) for the port specified in /etc/xrdp/xrdp.ini then the first connection succeeds but subsequent connections fail. In fact the UDS is deleted from the filesystem as soon as the first connection is established. Test case: 1. Edit /etc/xrdp/xrdp.ini to set "port=/var/run/xrdp-local.socket". 2. Restart xrdp. 3. Run the following. When rdesktop starts up and the logon dialog is displayed, press "Cancel". sudo socat TCP-LISTEN:12345 UNIX-CONNECT:/var/run/xrdp-local.socket & rdesktop localhost:12345 4. Run the following: sudo socat TCP-LISTEN:12346 UNIX-CONNECT:/var/run/xrdp-local.socket & rdesktop localhost:12346 Expected behaviour: rdesktop starts up and displays the logon dialog. Observed behaviour: rdesktop exits with "ERROR: Connection closed" and socat exits with "No such file or directory. This is because in the child process after forking, xrdp_listen_fork() calls trans_delete() which deletes the UDS. Simply commenting out the g_file_delete() and g_free() fixes this, but that isn't a proper solution because trans_delete() is called from elsewhere where the UDS might no longer be wanted. Fix by adding a function trans_delete_from_child() that frees and clears listen_filename before calling trans_delete(), and call the new function from xrdp_listen_fork(). (Workaround: set "fork=false" in /etc/xrdp/xrdp.ini, because trans_delete() is then not called.)
* | Corrected endianness detection on ppc64el.Fernando Seiti Furusato2018-03-271-4/+8
| | | | | | | | | | | | | | | | | | In common/arch.h, the endianness detection considers all powerpc architectures as big endian. Since that is not true for ppc64el, I added a verification that checks other preprocessor macros, only for ppc cases. Signed-off-by: Fernando Seiti Furusato <ferseiti@gmail.com>
* | Configure.ac: Add missing macos option for pam configBoris Bopp2018-03-271-1/+1
| |
* | instfiles: Add pam.d config for arch linux.Boris Bopp2018-03-274-2/+13
|/
* Update README a little bitKoichiro IWAO2018-03-261-9/+5
|
* Bump version to v0.9.6Koichiro IWAO2018-03-263-3/+3
|
* Update NEWS for v0.9.6Koichiro IWAO2018-03-261-0/+37
|
* sesman: rename vnc password file, just a cosmetic changeKoichiro IWAO2018-03-231-5/+5
|
* sesman: add hostname to vnc password fileJay Sorg2018-03-231-8/+17
|
* Revert "devredir: fix xinode leak"Koichiro IWAO2018-03-231-2/+0
| | | | | | | | | | | | | | | | | This reverts commit 5daa09171e1e6e65a1a3ab969775fdf8affffc37. Causes "double free". Fix #990 was not correct. ``` [1271363627]: DEV_REDIR dev_redir_proc_device_iocompletion: 738 : entered: IoStatus=0x0 CompletionId=1 [1271363627]: DEV_REDIR dev_redir_proc_device_iocompletion: 839 : got CID_DIRECTORY_CONTROL [1271363627]: DEV_REDIR dev_redir_proc_query_dir_response: 933 : processing FILE_DIRECTORY_INFORMATION structs [1271363627]: DEV_REDIR dev_redir_proc_query_dir_response: 968 : FileName: . [1271363627]: DEV_REDIR devredir_fuse_data_peek: 1335 : returning 0x7f2a9c013410 *** Error in `/usr/sbin/xrdp-chansrv': double free or corruption (out): 0x00007f2a9c13a330 *** ``` Closes: #1025
* common: ssl_calls: add support for OpenSSL>=1.1.0 API for DH keysspeidy2018-03-221-13/+68
| | | | | also fixes some memory leak introduced in PR#1024. and adds a check that DH params generated successfully. write a proper log message if not.
* common: ssl_calls: check if SSL object created right after its creation.speidy2018-03-211-7/+8
|
* common: temporarily disable DHEKoichiro IWAO2018-03-181-0/+4
| | | | until make it possible to use generated DH parameters per installation.
* sesman: default startwm.sh should use bashKoichiro IWAO2018-03-091-1/+8
| | | | | as it sources bash_profile. And add comments. Closes #1009.
* Update xrdp_keyboard.ini fbourqui2018-03-051-0/+3
| | | Add the missing Swiss French rdp_layout_ definitions, ch(fr) in X11
* common: regenerate dhparamKoichiro IWAO2018-03-011-28/+24
| | | | Generated by: openssl dhparam -C 2236
* common: obey coding style, remove trailing spaceKoichiro IWAO2018-03-011-11/+15
|
* add support for DHE ciphers via compiled in dhparamEnrico Tagliavini2018-03-011-0/+61
| | | | | | | | | | | | | | | | | make it possible to use regular (non EC) EDH ciphers. To make this possible a Diffie-Hellman parameter must be passed to the openssl library. There are a few options possible as described in the manuals at [1] and [2]. Simplest approach is to generate a DH parameter using openssl dhparam -C <lenght> and include the code into the application. The lenght used for this commit is 2236 bits long, which is the longest possible without risking backward incompatibilities with old systems as stated in [1]. Newer systems should use ECDH anyway, so it makes sense to keep this method as compatible with older system as possible. Paramters longer than 2048 should still be secure enough at the time of writing. [1] https://wiki.openssl.org/index.php/Diffie-Hellman_parameters [2] https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_tmp_dh_callback(3)
* enable automatic ECDH when possible (openssl 1.0.2)Enrico Tagliavini2018-03-011-0/+3
| | | | | | | | | | | Openssl 1.1.0 and later are enabling ECDH automatically, but for older version it must be enabled explicitly or all Perfect Forward Secrecy ciphers will be silently ignored. See also [1]. This commit applies the same fix as found in CnetOS 7 httpd package to enable automatic ECDH as found in [2]. [1] https://wiki.openssl.org/index.php/Diffie-Hellman_parameters [2] https://git.centos.org/blob/rpms!httpd.git/c7/SOURCES!httpd-2.4.6-ssl-ecdh-auto.patch
* common: log what value is set to tls_ciphersKoichiro IWAO2018-02-201-0/+1
| | | | Related to #1033.
* common: quit using `!` as comment out symbol in config filesKoichiro IWAO2018-02-201-1/+1
| | | | | | | | | It is not used anywhere in default config. Some config like `tls_ciphers` might contain `!` like this: tls_ciphers=FIPS:!aNULL:!eNULL Fixes #1033.
* Make sesman.ini dynamic for the location of the configuration fileVraiment2018-02-193-1/+13
|
* Make xrdp.ini to be dynamic for each operating systemVraiment2018-02-193-7/+25
|
* log: revert permissiondaixj2018-02-131-0/+0
|
* libxrdp: fix memory leakdaixj2018-02-131-0/+1
|
* log: fix fd checkingdaixj2018-02-131-2/+2
|
* log: remove unused code and fix potential memory leakdaixj2018-02-131-11/+0
|
generated by cgit v1.2.1 (git 2.18.0) at 2025-01-05 16:24:22 +0000