Skip to content

Commit

Permalink
Add optional UID to DISPLAY() in chansrvport
Browse files Browse the repository at this point in the history 
The code to determine the socket address of chansrv when using
a manually started xrdp-chansrv may need some help determining
the UID of the session.

This commit allows a UID to be optionally specified in the
DISPLAY() function, if the code is unable to determine the
UID automatically from the connection parameters.

If a manual chansrvport is entered, xrdp now logs what it is
connecting to, to assist in debugging.

(cherry picked from commit d17d12d)
  • Loading branch information
@matt335672
matt335672 committed Oct 22, 2024
1 parent eb10985 commit 0ff734b
Show file tree
Hide file tree
Showing 3 changed files with 60 additions and 16 deletions.
9 changes: 6 additions & 3 deletions docs/man/xrdp.ini.5.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -358,14 +358,17 @@ Specifies the session type. The default, \fI0\fR, is Xvnc,
and \fI20\fR is Xorg with xorgxrdp modules.

.TP
\fBchansrvport\fR=\fBDISPLAY(\fR\fIn\fR\fB)\fR|\fI/path/to/domain-socket\fR
\fBchansrvport\fR=\fBDISPLAY(\fR\fIn\fR\fB)\fR|\fBDISPLAY(\fR\fIn,u\fR\fB)\fR||\fI/path/to/domain-socket\fR
Asks xrdp to connect to a manually started \fBxrdp-chansrv\fR instance.
This can be useful if you wish to use to use xrdp to connect to a VNC session
which has been started other than by \fBxrdp-sesman\fR, as you can then make
use of \fBxrdp\-chansrv\fR facilities in the VNC session.

The first form of this setting is recommended, replacing \fIn\fR with the
X11 display number of the session.
Either the first or second form of this setting is recommended. Replace
\fIn\fR with the X11 display number of the session, and (if applicable)
\fIu\fR with the numeric ID of the session. The second form is only
required if \fBxrdp\fR is unable to determine the session uid from the
other values in the connection block.

.SH "EXAMPLES"
This is an example \fBxrdp.ini\fR:
Expand Down
13 changes: 9 additions & 4 deletions xrdp/xrdp.ini.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -255,10 +255,6 @@ port=-1
; Disable requested encodings to support buggy VNC servers
; (1 = ExtendedDesktopSize)
#disabled_encodings_mask=0
; Use this to connect to a chansrv instance created outside of sesman
; (e.g. as part of an x11vnc console session). Replace '0' with the
; display number of the session
#chansrvport=DISPLAY(0)

; Generic VNC Proxy
; Tailor this to specific hosts and VNC instances by specifying an ip
Expand All @@ -273,6 +269,15 @@ password=ask
#pamusername=asksame
#pampassword=asksame
#delay_ms=2000
; Use one of these to connect to a chansrv instance created outside of sesman
; (e.g. as part of an x11vnc console session). Replace 'n' with the
; display number of the session, and (if applicable) 'u' with the numeric
; UID of the session.
;
; If 'username' or 'pamusername' is set, you probably don't need to use
; the two parameter variant with 'u'.
#chansrvport=DISPLAY(n)
#chansrvport=DISPLAY(n,u)

; Generic RDP proxy using NeutrinoRDP
; Tailor this to specific hosts by specifying an ip and port and setting
Expand Down
54 changes: 45 additions & 9 deletions xrdp/xrdp_mm.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2859,28 +2859,60 @@ static int
parse_chansrvport(const char *value, char *dest, int dest_size, int uid)
{
int rv = 0;
int dnum = 0;

if (g_strncmp(value, "DISPLAY(", 8) == 0)
{
const char *p = value + 8;
const char *end = p;

/* Check next chars are digits followed by ')' */
/* Check next chars are digits */
while (isdigit(*end))
{
++end;
}

if (end == p || *end != ')')
if (end == p)
{
LOG(LOG_LEVEL_WARNING, "Ignoring invalid chansrvport string '%s'",
LOG(LOG_LEVEL_WARNING,
"Ignoring chansrvport string with bad display number '%s'",
value);
rv = -1;
return -1;
}
else

dnum = g_atoi(p);

if (*end == ',')
{
g_snprintf(dest, dest_size, XRDP_CHANSRV_STR, uid, g_atoi(p));
/* User has specified a UID override
* Check next chars are digits */
p = end + 1;
end = p;

while (isdigit(*end))
{
++end;
}

if (end == p)
{
LOG(LOG_LEVEL_WARNING,
"Ignoring chansrvport string with bad uid '%s'",
value);
return -1;
}
uid = g_atoi(p);
}

if (*end != ')')
{
LOG(LOG_LEVEL_WARNING,
"Ignoring badly-terminated chansrvport string '%s'",
value);
return -1;
}

g_snprintf(dest, dest_size, XRDP_CHANSRV_STR, uid, dnum);
}
else
{
Expand Down Expand Up @@ -3152,13 +3184,14 @@ xrdp_mm_connect_sm(struct xrdp_mm *self)
case MMCS_SESSION_LOGIN:
{
// Finished with the gateway login
// Leave the UID set in case we need it for the chansrvport
// string
if (self->use_gw_login)
{
xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO,
"access control check was successful");
// No reply needed for this one
status = scp_send_logout_request(self->sesman_trans);
self->uid = -1;
}

if (status == 0 && self->use_sesman)
Expand Down Expand Up @@ -3232,12 +3265,12 @@ xrdp_mm_connect_sm(struct xrdp_mm *self)
{
char portbuff[XRDP_SOCKETS_MAXPATH];

xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO,
"Connecting to chansrv");
if (self->use_sesman)
{
g_snprintf(portbuff, sizeof(portbuff),
XRDP_CHANSRV_STR, self->uid, self->display);
xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO,
"Connecting to chansrv");
}
else
{
Expand All @@ -3246,6 +3279,9 @@ xrdp_mm_connect_sm(struct xrdp_mm *self)
parse_chansrvport(cp, portbuff, sizeof(portbuff),
self->uid);

xrdp_wm_log_msg(self->wm, LOG_LEVEL_INFO,
"Connecting to chansrv on %s",
portbuff);
}
xrdp_mm_update_allowed_channels(self);
xrdp_mm_chansrv_connect(self, portbuff);
Expand Down

0 comments on commit 0ff734b

Please sign in to comment.