Hello community,
here is the log from the commit of package xrdp for openSUSE:Factory checked in at 2017-07-01 14:05:51
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/xrdp (Old)
and /work/SRC/openSUSE:Factory/.xrdp.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xrdp"
Sat Jul 1 14:05:51 2017 rev:7 rq:507245 version:0.9.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/xrdp/xrdp.changes 2017-06-08 15:04:40.668842532 +0200
+++ /work/SRC/openSUSE:Factory/.xrdp.new/xrdp.changes 2017-07-01 14:05:54.529023395 +0200
@@ -1,0 +2,9 @@
+Sun Jun 25 16:56:29 UTC 2017 - fezhang@suse.com
+
+- Rebase SLE patches:
+ + xrdp-avahi.diff
+ + xrdp-bsc965647-allow-admin-choose-desktop.patch
+ + xrdp-fate318398-change-expired-password.patch
+ + xrdp-fate319683-allow-vnc-resizing.patch
+
+-------------------------------------------------------------------
@@ -42,0 +52 @@
+ + xrdp-dont-set-LANG.patch
@@ -52,0 +63,15 @@
+
+-------------------------------------------------------------------
+Thu May 18 09:08:57 UTC 2017 - fezhang@suse.com
+
+- Add xrdp-dont-set-LANG.patch: Backport upstream commit 5575197,
+ sesman should stop setting LANG and let initialization scripts
+ take care of it (bsc#1023988).
+
+-------------------------------------------------------------------
+Thu May 11 04:12:48 UTC 2017 - fezhang@suse.com
+
+- Update xrdp-fate319683-allow-vnc-resizing.patch:
+ + Fix a crash caused by double freeing stream (bsc#1034606).
+ + Remove DisplaySize from Xvnc default policy to enable it
+ resizing.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ xrdp-avahi.diff ++++++
--- /var/tmp/diff_new_pack.waDiIc/_old 2017-07-01 14:05:55.764849493 +0200
+++ /var/tmp/diff_new_pack.waDiIc/_new 2017-07-01 14:05:55.764849493 +0200
@@ -1,89 +1,75 @@
-From 71ebbe34d841d3f29ae2d21fbae25889de5d4a57 Mon Sep 17 00:00:00 2001
-From: Felix Zhang
-Date: Mon, 1 Aug 2016 17:04:31 +0800
-Subject: [PATCH] avahi
-
----
- configure.ac | 1 +
- xrdp/Makefile.am | 9 +++--
- xrdp/xrdp.h | 8 ++++
- xrdp/xrdp_avahi.c | 117 +++++++++++++++++++++++++++++++++++++++++++++++++++++
- xrdp/xrdp_listen.c | 2 +-
- 5 files changed, 133 insertions(+), 4 deletions(-)
- create mode 100644 xrdp/xrdp_avahi.c
-
diff --git a/configure.ac b/configure.ac
-index e1a150e..2cfe026 100644
+index 47212ec..b011897 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -7,6 +7,7 @@ AM_INIT_AUTOMAKE([1.6 foreign])
- AC_PROG_CC
+@@ -9,6 +9,7 @@ AC_PROG_CC
AC_C_CONST
AC_PROG_LIBTOOL
+
+PKG_CHECK_MODULES(AVAHI, avahi-client >= 0.6.4)
PKG_PROG_PKG_CONFIG
- AC_ARG_WITH([systemdsystemunitdir],
- AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
+ if test "x$PKG_CONFIG" = "x"; then
+ AC_MSG_ERROR([please install pkg-config])
diff --git a/xrdp/Makefile.am b/xrdp/Makefile.am
-index 4fd9a68..e00bc2f 100644
+index a259ef3..2cbb762 100644
--- a/xrdp/Makefile.am
+++ b/xrdp/Makefile.am
-@@ -33,7 +33,8 @@ INCLUDES = \
+@@ -12,7 +12,9 @@ AM_CPPFLAGS = \
+ -DXRDP_SOCKET_PATH=\"${socketdir}\" \
-I$(top_builddir) \
-I$(top_srcdir)/common \
- -I$(top_srcdir)/libxrdp \
-- $(EXTRA_INCLUDES)
-+ $(EXTRA_INCLUDES) \
+- -I$(top_srcdir)/libxrdp
++ -I$(top_srcdir)/libxrdp \
+ $(AVAHI_CFLAGS)
++
- sbin_PROGRAMS = \
- xrdp
-@@ -52,12 +53,14 @@ xrdp_SOURCES = \
- xrdp_process.c \
- xrdp_region.c \
- xrdp_wm.c \
-- xrdp_encoder.c
-+ xrdp_encoder.c \
-+ xrdp_avahi.c
+ XRDP_EXTRA_LIBS =
+@@ -46,6 +48,7 @@ xrdp_SOURCES = \
+ lang.c \
+ xrdp.c \
+ xrdp.h \
++ xrdp_avahi.c \
+ xrdp_bitmap.c \
+ xrdp_cache.c \
+ xrdp_encoder.c \
+@@ -63,7 +66,8 @@ xrdp_SOURCES = \
xrdp_LDADD = \
$(top_builddir)/common/libcommon.la \
$(top_builddir)/libxrdp/libxrdp.la \
-- $(EXTRA_LIBS)
-+ $(EXTRA_LIBS) \
+- $(XRDP_EXTRA_LIBS)
++ $(XRDP_EXTRA_LIBS) \
+ $(AVAHI_LIBS)
- xrdp_LDFLAGS = \
- $(EXTRA_FLAGS)
+ xrdpsysconfdir=$(sysconfdir)/xrdp
+
diff --git a/xrdp/xrdp.h b/xrdp/xrdp.h
-index 67488a6..e71fb9b 100644
+index 82e8a57..ae70874 100644
--- a/xrdp/xrdp.h
+++ b/xrdp/xrdp.h
-@@ -164,6 +164,8 @@ void APP_CC
+@@ -163,6 +163,8 @@ void
xrdp_listen_delete(struct xrdp_listen* self);
- int APP_CC
+ int
xrdp_listen_main_loop(struct xrdp_listen* self);
-+int APP_CC
++int
+xrdp_listen_get_port(char* port, int port_bytes);
/* xrdp_region.c */
- struct xrdp_region* APP_CC
-@@ -510,3 +512,9 @@ int DEFAULT_CC
- server_add_char_alpha(struct xrdp_mod* mod, int font, int charactor,
- int offset, int baseline,
- int width, int height, char* data);
-+
+ struct xrdp_region*
+@@ -514,3 +516,8 @@ server_add_char_alpha(struct xrdp_mod* mod, int font, int character,
+ int
+ server_session_info(struct xrdp_mod *mod, const char *data, int data_bytes);
+
+/* xrdp_avahi.c */
-+int APP_CC
++int
+xrdp_avahi_init(void);
-+void APP_CC
++void
+xrdp_avahi_fini(void);
diff --git a/xrdp/xrdp_avahi.c b/xrdp/xrdp_avahi.c
-new file mode 100644
-index 0000000..7fa1656
---- /dev/null
+index e69de29..642a333 100644
+--- a/xrdp/xrdp_avahi.c
+++ b/xrdp/xrdp_avahi.c
-@@ -0,0 +1,117 @@
+@@ -0,0 +1,115 @@
+/*
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
@@ -106,10 +92,8 @@
+
+*/
+
-+#include "xrdp.h"
-+
-+#include
+#include
++#include
+#include
+#include
+#include
@@ -136,7 +120,7 @@
+ char port[8];
+ /* dummy parameters */
+ char address[256];
-+ struct xrdp_startup_params* startup_param = {"", 0, 0, 0, 0};
++ struct xrdp_startup_params* startup_param = {(const char[]) {""}, 0, 0, 0, 0, 0, 0, 0};
+
+ if (gethostname (hname, sizeof (hname)))
+ break;
@@ -173,7 +157,7 @@
+ }
+}
+
-+int APP_CC
++int
+xrdp_avahi_init (void)
+{
+ if (!(threaded_poll = avahi_threaded_poll_new ()))
@@ -192,7 +176,7 @@
+ return 0;
+}
+
-+void APP_CC
++void
+xrdp_avahi_fini (void)
+{
+ avahi_threaded_poll_stop (threaded_poll);
@@ -202,10 +186,10 @@
+ avahi_threaded_poll_free (threaded_poll);
+}
diff --git a/xrdp/xrdp_listen.c b/xrdp/xrdp_listen.c
-index b2b19ca..c1ae4c5 100644
+index 0fbe61f..ed0af63 100644
--- a/xrdp/xrdp_listen.c
+++ b/xrdp/xrdp_listen.c
-@@ -145,7 +145,7 @@ xrdp_process_run(void *in_val)
+@@ -149,7 +149,7 @@ xrdp_process_run(void *in_val)
}
/*****************************************************************************/
@@ -214,6 +198,3 @@
xrdp_listen_get_port_address(char *port, int port_bytes,
char *address, int address_bytes,
int *tcp_nodelay, int *tcp_keepalive,
---
-2.6.6
-
++++++ xrdp-bsc965647-allow-admin-choose-desktop.patch ++++++
--- /var/tmp/diff_new_pack.waDiIc/_old 2017-07-01 14:05:55.780847241 +0200
+++ /var/tmp/diff_new_pack.waDiIc/_new 2017-07-01 14:05:55.780847241 +0200
@@ -1,20 +1,117 @@
-From b14f40d4567b884623936a8b3c20350d1ea37ffd Mon Sep 17 00:00:00 2001
-From: Felix Zhang
-Date: Mon, 1 Aug 2016 17:55:35 +0800
-Subject: [PATCH] bsc#965647 allow admin choose desktop
-
----
- sesman/startwm.sh | 44 +++++++++++++++++++++-----------------------
- 1 file changed, 21 insertions(+), 23 deletions(-)
-
diff --git a/sesman/startwm.sh b/sesman/startwm.sh
-index ee48263..ace62a0 100755
+index 452917a..ace62a0 100755
--- a/sesman/startwm.sh
+++ b/sesman/startwm.sh
-@@ -3,30 +3,28 @@
- #start the window manager
- wm_start()
+@@ -1,33 +1,62 @@
+ #!/bin/sh
+
+-# Execution sequence for interactive login shell - pseudocode
+-#
+-# IF /etc/profile is readable THEN
+-# execute ~/.bash_profile
+-# END IF
+-# IF ~/.bash_profile is readable THEN
+-# execute ~/.bash_profile
+-# ELSE
+-# IF ~/.bash_login is readable THEN
+-# execute ~/.bash_login
+-# ELSE
+-# IF ~/.profile is readable THEN
+-# execute ~/.profile
+-# END IF
+-# END IF
+-# END IF
++#start the window manager
++wm_start()
++{
++ #Customize your preferred session mode here
++ SESSION="sle"
++
++ case $SESSION in
++ sle)
++ if [ -r /usr/bin/gnome-session ]; then
++ export GNOME_SHELL_SESSION_MODE=classic
++ export SLE_CLASSIC_MODE=1
++ /usr/bin/gnome-session --session gnome-classic
++ fi
++ ;;
++ gnome)
++ if [ -r /usr/bin/gnome-session ]; then
++ /usr/bin/gnome-session
++ fi
++ ;;
++ icewm)
++ if [ -r /usr/bin/icewm-session ]; then
++ /usr/bin/icewm-session
++ fi
++ ;;
++ esac
++}
++
++#Execution sequence for interactive login shell
++#Following pseudo code explains the sequence of execution of these files.
++#execute /etc/profile
++#IF ~/.bash_profile exists THEN
++# execute ~/.bash_profile
++#ELSE
++# IF ~/.bash_login exist THEN
++# execute ~/.bash_login
++# ELSE
++# IF ~/.profile exist THEN
++# execute ~/.profile
++# END IF
++# END IF
++#END IF
+ pre_start()
+ {
+- if [ -r /etc/profile ]; then
++ if [ -f /etc/profile ]
++ then
+ . /etc/profile
+ fi
+- if [ -r ~/.bash_profile ]; then
++ if [ -f ~/.bash_profile ]
++ then
+ . ~/.bash_profile
+ else
+- if [ -r ~/.bash_login ]; then
++ if [ -f ~/.bash_login ]
++ then
+ . ~/.bash_login
+ else
+- if [ -r ~/.profile ]; then
++ if [ -f ~/.profile ]
++ then
+ . ~/.profile
+ fi
+ fi
+@@ -35,56 +64,20 @@ pre_start()
+ return 0
+ }
+
+-# When loging out from the interactive shell, the execution sequence is:
+-#
+-# IF ~/.bash_logout exists THEN
+-# execute ~/.bash_logout
+-# END IF
++#When you logout of the interactive shell, following is the
++#sequence of execution:
++#IF ~/.bash_logout exists THEN
++# execute ~/.bash_logout
++#END IF
+ post_start()
{
+- if [ -r ~/.bash_logout ]; then
++ if [ -f ~/.bash_logout ]
++ then
+ . ~/.bash_logout
+ fi
+ return 0
+ }
+
+-#start the window manager
+-wm_start()
+-{
- if [ -r /etc/default/locale ]; then
- . /etc/default/locale
- export LANG LANGUAGE
@@ -22,47 +119,42 @@
-
- # debian
- if [ -r /etc/X11/Xsession ]; then
+- pre_start
- . /etc/X11/Xsession
+- post_start
- exit 0
- fi
-
- # el
- if [ -r /etc/X11/xinit/Xsession ]; then
+- pre_start
- . /etc/X11/xinit/Xsession
+- post_start
- exit 0
- fi
-+ #Customize your preferred session mode here
-+ SESSION="sle"
-
+-
- # suse
- if [ -r /etc/X11/xdm/Xsession ]; then
+- # since the following script run a user login shell,
+- # do not execute the pseudo login shell scripts
- . /etc/X11/xdm/Xsession
- exit 0
- fi
-
+- pre_start
- xterm
-+ case $SESSION in
-+ sle)
-+ if [ -r /usr/bin/gnome-session ]; then
-+ export GNOME_SHELL_SESSION_MODE=classic
-+ export SLE_CLASSIC_MODE=1
-+ /usr/bin/gnome-session --session gnome-classic
-+ fi
-+ ;;
-+ gnome)
-+ if [ -r /usr/bin/gnome-session ]; then
-+ /usr/bin/gnome-session
-+ fi
-+ ;;
-+ icewm)
-+ if [ -r /usr/bin/icewm-session ]; then
-+ /usr/bin/icewm-session
-+ fi
-+ ;;
-+ esac
- }
+- post_start
+-}
+-
+ #. /etc/environment
+ #export PATH=$PATH
+ #export LANG=$LANG
+@@ -99,6 +92,8 @@ wm_start()
+ # includes
+ # auth required pam_env.so readenv=1
+
++pre_start
+ wm_start
++post_start
- #Execution sequence for interactive login shell
---
-2.6.6
-
+ exit 1
++++++ xrdp-fate318398-change-expired-password.patch ++++++
--- /var/tmp/diff_new_pack.waDiIc/_old 2017-07-01 14:05:55.804843864 +0200
+++ /var/tmp/diff_new_pack.waDiIc/_new 2017-07-01 14:05:55.804843864 +0200
@@ -1,39 +1,19 @@
-From 7eed33d99e93432c2b425a8ce1d2955b3532da39 Mon Sep 17 00:00:00 2001
-From: Felix Zhang
-Date: Mon, 1 Aug 2016 17:26:41 +0800
-Subject: [PATCH] FATE#318398: Enable xrdp to allow a required password change
- for users
-
----
- sesman/auth.h | 2 +
- sesman/libscp/libscp_session.c | 30 ++++++++
- sesman/libscp/libscp_types.h | 2 +
- sesman/libscp/libscp_v0.c | 23 ++++--
- sesman/libscp/libscp_v0.h | 2 +-
- sesman/scp_v0.c | 13 +++-
- sesman/verify_user_pam.c | 95 ++++++++++++++++++++++++
- xrdp/xrdp_login_wnd.c | 155 +++++++++++++++++++++++++++++++++++++-
- xrdp/xrdp_mm.c | 164 ++++++++++++++++++++++++++++++-----------
- xrdp/xrdp_types.h | 1 +
- xrdp/xrdp_wm.c | 41 ++++++++++-
- 11 files changed, 475 insertions(+), 53 deletions(-)
-
diff --git a/sesman/auth.h b/sesman/auth.h
-index e06b9eb..ee33e94 100644
+index 56f7809..4dd3836 100644
--- a/sesman/auth.h
+++ b/sesman/auth.h
-@@ -106,4 +106,6 @@ auth_check_pwd_chg(char* user);
- int DEFAULT_CC
- auth_change_pwd(char* user, char* newpwd);
+@@ -106,4 +106,6 @@ auth_check_pwd_chg(const char *user);
+ int
+ auth_change_pwd(const char *user, const char *newpwd);
-+int DEFAULT_CC
++int
+auth_change_pwd_pam(char* user, char* pass, char* newpwd);
#endif
diff --git a/sesman/libscp/libscp_session.c b/sesman/libscp/libscp_session.c
-index d25fc64..35bc223 100644
+index 8df34b3..54d08ae 100644
--- a/sesman/libscp/libscp_session.c
+++ b/sesman/libscp/libscp_session.c
-@@ -71,6 +71,10 @@ scp_session_set_type(struct SCP_SESSION *s, tui8 type)
+@@ -75,6 +75,10 @@ scp_session_set_type(struct SCP_SESSION *s, tui8 type)
s->type = SCP_GW_AUTHENTICATION;
break;
@@ -44,7 +24,7 @@
case SCP_SESSION_TYPE_MANAGE:
s->type = SCP_SESSION_TYPE_MANAGE;
s->mng = (struct SCP_MNG_DATA *)g_malloc(sizeof(struct SCP_MNG_DATA), 1);
-@@ -231,6 +235,32 @@ scp_session_set_password(struct SCP_SESSION *s, char *str)
+@@ -236,6 +240,32 @@ scp_session_set_password(struct SCP_SESSION *s, const char *str)
/*******************************************************************/
int
@@ -74,11 +54,11 @@
+
+/*******************************************************************/
+int
- scp_session_set_domain(struct SCP_SESSION *s, char *str)
+ scp_session_set_domain(struct SCP_SESSION *s, const char *str)
{
if (0 == str)
diff --git a/sesman/libscp/libscp_types.h b/sesman/libscp/libscp_types.h
-index de85186..f6be582 100644
+index 8cb9166..b4441da 100644
--- a/sesman/libscp/libscp_types.h
+++ b/sesman/libscp/libscp_types.h
@@ -47,6 +47,7 @@
@@ -89,7 +69,7 @@
#define SCP_ADDRESS_TYPE_IPV4 0x00
#define SCP_ADDRESS_TYPE_IPV6 0x01
-@@ -81,6 +82,7 @@ struct SCP_SESSION
+@@ -77,6 +78,7 @@ struct SCP_SESSION
char locale[18];
char* username;
char* password;
@@ -98,10 +78,10 @@
tui8 addr_type;
tui32 ipv4addr;
diff --git a/sesman/libscp/libscp_v0.c b/sesman/libscp/libscp_v0.c
-index 8cf1340..2b3d203 100644
+index 5a0c8bf..4b3fc98 100644
--- a/sesman/libscp/libscp_v0.c
+++ b/sesman/libscp/libscp_v0.c
-@@ -306,9 +306,8 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
+@@ -317,9 +317,8 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
}
}
}
@@ -112,7 +92,7 @@
session = scp_session_create();
if (0 == session)
-@@ -318,7 +317,7 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
+@@ -329,7 +328,7 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
}
scp_session_set_version(session, version);
@@ -121,8 +101,8 @@
/* reading username */
in_uint16_be(c->in_s, sz);
buf[sz] = '\0';
-@@ -344,6 +343,19 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
- /* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting password", __LINE__); */
+@@ -342,6 +341,19 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
+ /* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting username", __LINE__);*/
return SCP_SERVER_STATE_INTERNAL_ERR;
}
+ if (code == SCP_GW_CHAUTHTOK)
@@ -138,10 +118,10 @@
+ return SCP_SERVER_STATE_INTERNAL_ERR;
+ }
+ }
- }
- else
- {
-@@ -399,12 +411,13 @@ scp_v0s_deny_connection(struct SCP_CONNECTION *c)
+
+ /* reading password */
+ in_uint16_be(c->in_s, sz);
+@@ -417,12 +429,13 @@ scp_v0s_deny_connection(struct SCP_CONNECTION *c)
/******************************************************************************/
enum SCP_SERVER_STATES_E
@@ -158,7 +138,7 @@
out_uint16_be(c->out_s, 0); /* dummy data */
s_mark_end(c->out_s);
diff --git a/sesman/libscp/libscp_v0.h b/sesman/libscp/libscp_v0.h
-index 16e49e0..3199db0 100644
+index 21fc16c..ae54619 100644
--- a/sesman/libscp/libscp_v0.h
+++ b/sesman/libscp/libscp_v0.h
@@ -79,6 +79,6 @@ scp_v0s_deny_connection(struct SCP_CONNECTION* c);
@@ -170,12 +150,12 @@
#endif
diff --git a/sesman/scp_v0.c b/sesman/scp_v0.c
-index ce528d4..3fc788f 100644
+index de00068..51f1af7 100644
--- a/sesman/scp_v0.c
+++ b/sesman/scp_v0.c
-@@ -37,6 +37,13 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
- struct session_item *s_item;
- int errorcode = 0 ;
+@@ -42,6 +42,13 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
+ int errorcode = 0;
+ bool_t do_auth_end = 1;
+ if (s->type == SCP_GW_CHAUTHTOK)
+ {
@@ -184,10 +164,10 @@
+ return ;
+ }
+
- data = auth_userpass(s->username, s->password,&errorcode);
+ data = auth_userpass(s->username, s->password, &errorcode);
if (s->type == SCP_GW_AUTHENTICATION)
-@@ -48,14 +55,14 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
+@@ -53,14 +60,14 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
if (1 == access_login_allowed(s->username))
{
/* the user is member of the correct groups. */
@@ -199,25 +179,25 @@
}
else
{
-- scp_v0s_replyauthentication(c, 32+3); /* all first 32 are reserved for PAM errors */
+- scp_v0s_replyauthentication(c, 32 + 3); /* all first 32 are reserved for PAM errors */
+ scp_v0s_replyauthentication(c, 32 + 3, SCP_GW_AUTHENTICATION); /* all first 32 are reserved for PAM errors */
log_message(LOG_LEVEL_INFO, "Username okey but group problem for "
"user: %s", s->username);
/* g_writeln("user password ok, but group problem"); */
-@@ -66,7 +73,7 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
+@@ -71,7 +78,7 @@ scp_v0_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
/* g_writeln("username or password error"); */
log_message(LOG_LEVEL_INFO, "Username or password error for user: %s",
s->username);
- scp_v0s_replyauthentication(c, errorcode);
+ scp_v0s_replyauthentication(c, errorcode, SCP_GW_AUTHENTICATION);
}
-
- auth_end(data);
+ }
+ else if (data)
diff --git a/sesman/verify_user_pam.c b/sesman/verify_user_pam.c
-index a2b3f93..4eb61fa 100644
+index 15174c2..d996470 100644
--- a/sesman/verify_user_pam.c
+++ b/sesman/verify_user_pam.c
-@@ -34,6 +34,7 @@ struct t_user_pass
+@@ -38,6 +38,7 @@ struct t_user_pass
{
char user[256];
char pass[256];
@@ -225,11 +205,11 @@
};
struct t_auth_info
-@@ -82,6 +83,55 @@ verify_pam_conv(int num_msg, const struct pam_message **msg,
+@@ -86,6 +87,55 @@ verify_pam_conv(int num_msg, const struct pam_message **msg,
}
/******************************************************************************/
-+static int DEFAULT_CC
++static int
+chauth_pam_conv(int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *appdata_ptr)
+{
@@ -278,17 +258,16 @@
+}
+
+/******************************************************************************/
- static void DEFAULT_CC
+ static void
get_service_name(char *service_name)
{
-@@ -309,3 +359,48 @@ auth_set_env(long in_val)
-
- return 0;
+@@ -102,6 +152,52 @@ get_service_name(char *service_name)
}
-+/******************************************************************************/
+
+ /******************************************************************************/
+/* returns boolean */
+/* update to the new pass */
-+int DEFAULT_CC
++int
+auth_change_pwd_pam(char *user, char *pass, char *newpwd)
+{
+ int error;
@@ -330,11 +309,16 @@
+ }
+ return error;
+}
++
++/******************************************************************************/
+ /* returns long, zero is no go
+ Stores the detailed error code in the errorcode variable*/
+
diff --git a/xrdp/xrdp_login_wnd.c b/xrdp/xrdp_login_wnd.c
-index 357b4e2..c74eedd 100644
+index 49477a1..160a1ef 100644
--- a/xrdp/xrdp_login_wnd.c
+++ b/xrdp/xrdp_login_wnd.c
-@@ -178,7 +178,14 @@ xrdp_wm_cancel_clicked(struct xrdp_bitmap *wnd)
+@@ -181,7 +181,14 @@ xrdp_wm_cancel_clicked(struct xrdp_bitmap *wnd)
{
if (wnd->wm != 0)
{
@@ -350,7 +334,7 @@
{
g_set_wait_obj(wnd->wm->pro_layer->self_term_event);
}
-@@ -236,7 +243,29 @@ xrdp_wm_ok_clicked(struct xrdp_bitmap *wnd)
+@@ -239,7 +246,29 @@ xrdp_wm_ok_clicked(struct xrdp_bitmap *wnd)
}
else
{
@@ -381,13 +365,13 @@
}
return 0;
-@@ -520,6 +549,31 @@ xrdp_wm_login_notify(struct xrdp_bitmap *wnd,
-
+@@ -516,6 +545,32 @@ xrdp_wm_login_notify(struct xrdp_bitmap *wnd,
return 0;
}
+
+/*****************************************************************************/
+/* change new password window events go here */
-+static int DEFAULT_CC
++static int
+xrdp_wm_newpass_notify(struct xrdp_bitmap *wnd,
+ struct xrdp_bitmap *sender,
+ int msg, long param1, long param2)
@@ -410,15 +394,16 @@
+ }
+ return 0;
+}
-
++
/******************************************************************************/
- static int APP_CC
-@@ -767,6 +821,103 @@ xrdp_login_wnd_create(struct xrdp_wm *self)
+ static int
+ xrdp_wm_login_fill_in_combo(struct xrdp_wm *self, struct xrdp_bitmap *b)
+@@ -789,6 +844,103 @@ xrdp_login_wnd_create(struct xrdp_wm *self)
return 0;
}
+/******************************************************************************/
-+int APP_CC
++int
+xrdp_newpass_wnd_create(struct xrdp_wm *self)
+{
+ struct xrdp_bitmap *but;
@@ -518,19 +503,19 @@
* Load configuration from xrdp.ini file
*
diff --git a/xrdp/xrdp_mm.c b/xrdp/xrdp_mm.c
-index 76957ad..0ab173b 100644
+index ba4227c..4e15f88 100644
--- a/xrdp/xrdp_mm.c
+++ b/xrdp/xrdp_mm.c
-@@ -1425,7 +1425,7 @@ xrdp_mm_sesman_data_in(struct trans *trans)
+@@ -1458,7 +1458,7 @@ xrdp_mm_sesman_data_in(struct trans *trans)
/*********************************************************************/
/* return 0 on success */
- static int APP_CC
+ static int
-access_control(char *username, char *password, char *srv)
+access_control(char *username, char *password, char *newpass, char *srv, int type)
{
int reply;
int rec = 32+1; /* 32 is reserved for PAM failures this means connect failure */
-@@ -1451,7 +1451,8 @@ access_control(char *username, char *password, char *srv)
+@@ -1484,7 +1484,8 @@ access_control(char *username, char *password, char *srv)
make_stream(out_s);
init_stream(out_s, 500);
s_push_layer(out_s, channel_hdr, 8);
@@ -540,7 +525,7 @@
index = g_strlen(username);
out_uint16_be(out_s, index);
out_uint8a(out_s, username, index);
-@@ -1459,6 +1460,14 @@ access_control(char *username, char *password, char *srv)
+@@ -1492,6 +1493,14 @@ access_control(char *username, char *password, char *srv)
index = g_strlen(password);
out_uint16_be(out_s, index);
out_uint8a(out_s, password, index);
@@ -555,7 +540,7 @@
s_mark_end(out_s);
s_pop_layer(out_s, channel_hdr);
out_uint32_be(out_s, 0); /* version */
-@@ -1488,15 +1497,19 @@ access_control(char *username, char *password, char *srv)
+@@ -1521,15 +1530,19 @@ access_control(char *username, char *password, char *srv)
in_uint16_be(in_s, pAM_errorcode); /* this variable holds the PAM error code if the variable is >32 it is a "invented" code */
in_uint16_be(in_s, dummy);
@@ -579,16 +564,16 @@
}
else
{
-@@ -1709,7 +1722,7 @@ xrdp_mm_connect(struct xrdp_mm *self)
+@@ -1847,7 +1860,7 @@ xrdp_mm_connect(struct xrdp_mm *self)
+ char port[8];
char chansrvport[256];
- #ifdef ACCESS
#ifndef USE_NOPAM
- int use_pam_auth = 0;
+ int use_pam_auth_explicit = 0;
char pam_auth_sessionIP[256];
char pam_auth_password[256];
char pam_auth_username[256];
-@@ -1752,7 +1765,7 @@ xrdp_mm_connect(struct xrdp_mm *self)
+@@ -1887,7 +1900,7 @@ xrdp_mm_connect(struct xrdp_mm *self)
#ifndef USE_NOPAM
else if (g_strcasecmp(name, "pamusername") == 0)
{
@@ -597,32 +582,22 @@
g_strncpy(pam_auth_username, value, 255);
}
else if (g_strcasecmp(name, "pamsessionmng") == 0)
-@@ -1783,51 +1796,67 @@ xrdp_mm_connect(struct xrdp_mm *self)
+@@ -1915,45 +1928,56 @@ xrdp_mm_connect(struct xrdp_mm *self)
+ }
- #ifdef ACCESS
#ifndef USE_NOPAM
- if (use_pam_auth)
+- {
+- int reply;
+- char pam_error[128];
+- const char *additionalError;
+- xrdp_wm_log_msg(self->wm, LOG_LEVEL_DEBUG,
+- "Please wait, we now perform access control...");
+ int reply;
+ char replytxt[128];
+ char pam_error[128];
+ const char *additionalError;
-+ xrdp_wm_log_msg(self->wm, "Please wait, we now perform access control...");
-+
-+ /* g_writeln("we use pam modules to check if we can approve this user"); */
-+
-+ /* use pam either way, copy from normal user name when not explicitly inputed */
-+ if (use_pam_auth_explicit == 0)
- {
-- int reply;
-- char replytxt[128];
-- char pam_error[128];
-- const char *additionalError;
-- xrdp_wm_log_msg(self->wm, "Please wait, we now perform access control...");
-+ log_message(LOG_LEVEL_DEBUG, "pam parameters not defined, copy from user input");
-+ g_strncpy(pam_auth_username, username, 255);
-+ g_strncpy(pam_auth_password, password, 255);
-+ g_strncpy(pam_auth_sessionIP, "127.0.0.1", 255);
-+ }
++ xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO, "Please wait, we now perform access control...");
- /* g_writeln("we use pam modules to check if we can approve this user"); */
- if (!g_strncmp(pam_auth_username, "same", 255))
@@ -630,10 +605,13 @@
- log_message(LOG_LEVEL_DEBUG, "pamusername copied from username - same: %s", username);
- g_strncpy(pam_auth_username, username, 255);
- }
-+ if (!g_strncmp(pam_auth_username, "same", 255))
++ /* use pam either way, copy from normal user name when not explicitly inputed */
++ if (use_pam_auth_explicit == 0)
+ {
-+ log_message(LOG_LEVEL_DEBUG, "pamusername copied from username - same: %s", username);
++ log_message(LOG_LEVEL_DEBUG, "pam parameters not defined, copy from user input");
+ g_strncpy(pam_auth_username, username, 255);
++ g_strncpy(pam_auth_password, password, 255);
++ g_strncpy(pam_auth_sessionIP, "127.0.0.1", 255);
+ }
- if (!g_strncmp(pam_auth_password, "same", 255))
@@ -641,49 +619,45 @@
- log_message(LOG_LEVEL_DEBUG, "pam_auth_password copied from username - same: %s", password);
- g_strncpy(pam_auth_password, password, 255);
- }
-+ if (!g_strncmp(pam_auth_password, "same", 255))
++ if (!g_strncmp(pam_auth_username, "same", 255))
+ {
-+ log_message(LOG_LEVEL_DEBUG, "pam_auth_password copied from username - same: %s", password);
-+ g_strncpy(pam_auth_password, password, 255);
++ log_message(LOG_LEVEL_DEBUG, "pamusername copied from username - same: %s", username);
++ g_strncpy(pam_auth_username, username, 255);
+ }
- /* access_control return 0 on success */
- reply = access_control(pam_auth_username, pam_auth_password, pam_auth_sessionIP);
++ if (!g_strncmp(pam_auth_password, "same", 255))
++ {
++ log_message(LOG_LEVEL_DEBUG, "pam_auth_password copied from password - same: %s", password);
++ g_strncpy(pam_auth_password, password, 255);
++ }
+
+- xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO,
+- "Reply from access control: %s",
+- getPAMError(reply, pam_error, 127));
+ /* access_control return 0 on success */
+ reply = access_control(pam_auth_username, pam_auth_password, NULL, pam_auth_sessionIP, 4);
++ xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO,
++ "Reply from access control: %s",
++ getPAMError(reply, pam_error, 127));
-- g_sprintf(replytxt, "Reply from access control: %s",
-- getPAMError(reply, pam_error, 127));
-+ g_sprintf(replytxt, "Reply from access control: %s",
-+ getPAMError(reply, pam_error, 127));
-
-- xrdp_wm_log_msg(self->wm, replytxt);
-- log_message(LOG_LEVEL_INFO, replytxt);
- additionalError = getPAMAdditionalErrorInfo(reply, self);
-- if (additionalError)
-+ xrdp_wm_log_msg(self->wm, replytxt);
-+ log_message(LOG_LEVEL_INFO, replytxt);
+- if (additionalError && additionalError[0])
+- {
+- xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO, "%s", additionalError);
+- }
+ additionalError = getPAMAdditionalErrorInfo(reply, self);
-+ if (additionalError)
++ if (additionalError && additionalError[0])
+ {
-+ g_snprintf(replytxt, 127, "%s", additionalError);
-+ if (replytxt[0])
- {
-- g_snprintf(replytxt, 127, "%s", additionalError);
-- if (replytxt[0])
-- {
-- xrdp_wm_log_msg(self->wm, replytxt);
-- }
-+ xrdp_wm_log_msg(self->wm, replytxt);
- }
++ xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO, "%s", additionalError);
+ }
-+
+
+- if (reply != 0)
+ if (reply != 0)
+ {
+ /* show PAM errors */
+ xrdp_wm_show_log(self->wm);
-
-- if (reply != 0)
+ if (reply == PAM_NEW_AUTHTOK_REQD)
{
- rv = 1;
@@ -694,16 +668,14 @@
+ rv = 1;
+ return rv;
}
-+
- #endif
#endif
-@@ -1923,6 +1952,59 @@ xrdp_mm_connect(struct xrdp_mm *self)
+@@ -2047,6 +2071,59 @@ xrdp_mm_connect(struct xrdp_mm *self)
}
/*****************************************************************************/
+/* return 0 on success */
-+int APP_CC
++int
+xrdp_mm_change_expired_password(struct xrdp_mm *self)
+{
+ int rv = -1;
@@ -755,14 +727,14 @@
+}
+
+/*****************************************************************************/
- int APP_CC
+ int
xrdp_mm_get_wait_objs(struct xrdp_mm *self,
tbus *read_objs, int *rcount,
diff --git a/xrdp/xrdp_types.h b/xrdp/xrdp_types.h
-index 29aaac8..498e8dd 100644
+index 75c70ee..344e7fc 100644
--- a/xrdp/xrdp_types.h
+++ b/xrdp/xrdp_types.h
-@@ -335,6 +335,7 @@ struct xrdp_wm
+@@ -325,6 +325,7 @@ struct xrdp_wm
struct xrdp_cache* cache;
int palette[256];
struct xrdp_bitmap* login_window;
@@ -771,10 +743,10 @@
int black;
int grey;
diff --git a/xrdp/xrdp_wm.c b/xrdp/xrdp_wm.c
-index 39bd038..7661408 100644
+index 8a6695f..238c5cf 100644
--- a/xrdp/xrdp_wm.c
+++ b/xrdp/xrdp_wm.c
-@@ -1786,6 +1786,34 @@ xrdp_wm_login_mode_changed(struct xrdp_wm *self)
+@@ -1855,6 +1855,34 @@ xrdp_wm_login_mode_changed(struct xrdp_wm *self)
self->dragging = 0;
xrdp_wm_set_login_mode(self, 11);
}
@@ -783,7 +755,7 @@
+ /* keep log window open */
+ if (self->log_wnd == 0)
+ {
-+ xrdp_wm_delete_all_childs(self);
++ xrdp_wm_delete_all_children(self);
+ }
+ /* show update expired password window */
+ self->dragging = 0;
@@ -795,7 +767,7 @@
+ else if (self->login_mode == 22)
+ {
+ /* do change expired password session */
-+ xrdp_wm_delete_all_childs(self);
++ xrdp_wm_delete_all_children(self);
+ self->dragging = 0;
+ if (xrdp_mm_change_expired_password(self->mm) == 0)
+ {
@@ -809,7 +781,7 @@
return 0;
}
-@@ -1830,11 +1858,19 @@ xrdp_wm_log_wnd_notify(struct xrdp_bitmap *wnd,
+@@ -1899,11 +1927,19 @@ xrdp_wm_log_wnd_notify(struct xrdp_bitmap *wnd,
xrdp_bitmap_invalidate(wm->screen, &rect);
/* if module is gone, reset the session when ok is clicked */
@@ -830,16 +802,13 @@
}
}
}
-@@ -1893,6 +1929,9 @@ xrdp_wm_show_log(struct xrdp_wm *self)
+@@ -1965,6 +2001,9 @@ xrdp_wm_show_log(struct xrdp_wm *self)
return 0;
}
+ /* delete all dialogs, they will be created when needed anyway */
-+ xrdp_wm_delete_all_childs(self);
++ xrdp_wm_delete_all_children(self);
+
if (self->log_wnd == 0)
{
w = DEFAULT_WND_LOG_W;
---
-2.6.6
-
++++++ xrdp-fate319683-allow-vnc-resizing.patch ++++++
--- /var/tmp/diff_new_pack.waDiIc/_old 2017-07-01 14:05:55.816842176 +0200
+++ /var/tmp/diff_new_pack.waDiIc/_new 2017-07-01 14:05:55.816842176 +0200
@@ -1,21 +1,36 @@
+diff --git a/sesman/sesman.ini b/sesman/sesman.ini
+index 37c7816..4a428ec 100644
+--- a/sesman/sesman.ini
++++ b/sesman/sesman.ini
+@@ -40,7 +40,7 @@ DisconnectedTimeLimit=0
+
+ ;; Policy - session allocation policy
+ ; Type: enum [ "Default" | "UBD" | "UBI" | "UBC" | "UBDI" | "UBDC" ]
+-; Default: Xrdp: and Xvnc:
++; Default: Xrdp and Xvnc:
+ ; "UBD" session per
+ ; "UBI" session per
+ ; "UBC" session per
diff --git a/sesman/session.c b/sesman/session.c
-index 4ea48d3..def4179 100644
+index 0b8bb6a..3a0164b 100644
--- a/sesman/session.c
+++ b/sesman/session.c
-@@ -105,7 +105,6 @@ session_get_bydata(char *name, int width, int height, int bpp, int type, char *c
+@@ -105,9 +105,6 @@ session_get_bydata(const char *name, int width, int height, int bpp, int type,
{
case SCP_SESSION_TYPE_XVNC: /* 0 */
type = SESMAN_SESSION_TYPE_XVNC; /* 2 */
-- policy |= SESMAN_CFG_SESS_POLICY_D; /* Xvnc cannot resize */
+- /* Xvnc cannot resize */
+- policy = (enum SESMAN_CFG_SESS_POLICY)
+- (policy | SESMAN_CFG_SESS_POLICY_D);
break;
case SCP_SESSION_TYPE_XRDP: /* 1 */
type = SESMAN_SESSION_TYPE_XRDP; /* 1 */
diff --git a/vnc/vnc.c b/vnc/vnc.c
-index c3ee3bf..03bb5b5 100644
+index db593da..0db68b9 100644
--- a/vnc/vnc.c
+++ b/vnc/vnc.c
-@@ -359,7 +359,8 @@ lib_mod_event(struct vnc *v, int msg, long param1, long param2,
- /* FrambufferUpdateRequest */
+@@ -383,7 +383,8 @@ lib_mod_event(struct vnc *v, int msg, long param1, long param2,
+ /* FramebufferUpdateRequest */
init_stream(s, 8192);
out_uint8(s, 3);
- out_uint8(s, 0);
@@ -24,7 +39,7 @@
x = (param1 >> 16) & 0xffff;
out_uint16_be(s, x);
y = param1 & 0xffff;
-@@ -707,7 +708,24 @@ lib_framebuffer_update(struct vnc *v)
+@@ -724,7 +725,24 @@ lib_framebuffer_update(struct vnc *v)
{
v->mod_width = cx;
v->mod_height = cy;
@@ -50,11 +65,10 @@
}
else
{
-@@ -724,13 +742,23 @@ lib_framebuffer_update(struct vnc *v)
+@@ -740,12 +758,22 @@ lib_framebuffer_update(struct vnc *v)
+ error = v->server_end_update(v);
}
- g_free(data);
-+ free_stream(s);
+ if (v->mod_width != v->server_width || v->mod_height != v->server_height)
+ {
+ /* perform actual resize outside the update */
@@ -63,10 +77,10 @@
+ error = v->server_reset(v, v->mod_width, v->mod_height, v->mod_bpp);
+ v->incremental = 0;
+ }
-
++
if (error == 0)
{
- /* FrambufferUpdateRequest */
+ /* FramebufferUpdateRequest */
init_stream(s, 8192);
out_uint8(s, 3);
- out_uint8(s, 1);
@@ -75,7 +89,7 @@
out_uint16_be(s, 0);
out_uint16_be(s, 0);
out_uint16_be(s, v->mod_width);
-@@ -1238,13 +1266,14 @@ lib_mod_connect(struct vnc *v)
+@@ -1327,11 +1355,12 @@ lib_mod_connect(struct vnc *v)
init_stream(s, 8192);
out_uint8(s, 2);
out_uint8(s, 0);
@@ -87,13 +101,10 @@
out_uint32_be(s, 0xffffff21); /* desktop size */
+ out_uint32_be(s, 0xfffffecc); /* extended desktop resize */
v->server_msg(v, "VNC sending encodings", 0);
-- error = lib_send(v, s->data, 4 + 4 * 4);
-+ error = lib_send(v, s->data, 4 + 5 * 4);
- }
-
- if (error == 0)
-@@ -1257,7 +1286,8 @@ lib_mod_connect(struct vnc *v)
- /* FrambufferUpdateRequest */
+ s_mark_end(s);
+ error = trans_force_write_s(v->trans, s);
+@@ -1347,7 +1376,8 @@ lib_mod_connect(struct vnc *v)
+ /* FramebufferUpdateRequest */
init_stream(s, 8192);
out_uint8(s, 3);
- out_uint8(s, 0);
@@ -103,12 +114,14 @@
out_uint16_be(s, 0);
out_uint16_be(s, v->mod_width);
diff --git a/vnc/vnc.h b/vnc/vnc.h
-index 6d265be..69e899b 100644
+index 3eee4e0..1990778 100644
--- a/vnc/vnc.h
+++ b/vnc/vnc.h
-@@ -116,4 +116,5 @@ struct vnc
- int clip_data_size;
- tbus sck_obj;
+@@ -113,6 +113,7 @@ struct vnc
+ int clip_chanid;
+ struct stream *clip_data_s;
int delay_ms;
+ int incremental;
- };
+ struct trans *trans;
+ int got_guid;
+ tui8 guid[16];