void DEFAULT_CC
scp_v1_mng_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
{
long data;
enum SCP_SERVER_STATES_E e;
struct SCP_DISCONNECTED_SESSION *slist = 0;
int scount;
int end = 0;
data = auth_userpass(s->username, s->password,NULL);
/*LOG_DBG("user: %s\npass: %s", s->username, s->password);*/
if (!data)
{
scp_v1s_mng_deny_connection(c, "Login failed");
log_message(LOG_LEVEL_INFO,
"[MNG] Login failed for user %s. Connection terminated", s->username);
scp_session_destroy(s);
auth_end(data);
return;
}
/* testing if login is allowed */
if (0 == access_login_mng_allowed(s->username))
{
scp_v1s_mng_deny_connection(c, "Access to Terminal Server not allowed.");
log_message(LOG_LEVEL_INFO,
"[MNG] User %s not allowed on TS. Connection terminated", s->username);
scp_session_destroy(s);
auth_end(data);
return;
}
e = scp_v1s_mng_allow_connection(c, s);
end = 1;
while (end)
{
switch (e)
{
case SCP_SERVER_STATE_MNG_ACTION:
log_message(LOG_LEVEL_INFO, "Connection cancelled after session listing");
break;
case SCP_SERVER_STATE_MNG_LISTREQ:
/* list disconnected sessions */
slist = session_get_byuser(NULL, &scount, SESMAN_SESSION_STATUS_ALL);
LOG_DBG("sessions on TS: %d (slist: %x)", scount, slist);
if (0 == slist)
{
// e=scp_v1s_connection_error(c, "Internal error");
log_message(LOG_LEVEL_INFO, "No sessions on Terminal Server");
end = 0;
}
else
{
e = scp_v1s_mng_list_sessions(c, s, scount, slist);
g_free(slist);
}
break;
default:
/* we check the other errors */
parseCommonStates(e, "scp_v1s_mng_list_sessions()");
end = 0;
break;
}
}
/* cleanup */
scp_session_destroy(s);
auth_end(data);
}
void DEFAULT_CC
scp_v1_process(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
{
long data;
int display;
int retries;
int current_try;
enum SCP_SERVER_STATES_E e;
struct SCP_DISCONNECTED_SESSION *slist;
struct session_item *sitem;
int scount;
SCP_SID sid;
retries = g_cfg->sec.login_retry;
current_try = retries;
data = auth_userpass(s->username, s->password);
/*LOG_DBG("user: %s\npass: %s", s->username, s->password);*/
while ((!data) && ((retries == 0) || (current_try > 0)))
{
LOG_DBG("data %d - retry %d - currenttry %d - expr %d",
data, retries, current_try,
((!data) && ((retries == 0) || (current_try > 0))));
e = scp_v1s_request_password(c, s, "Wrong username and/or password");
switch (e)
{
case SCP_SERVER_STATE_OK:
/* all ok, we got new username and password */
data = auth_userpass(s->username, s->password);
/* one try less */
if (current_try > 0)
{
current_try--;
}
break;
default:
/* we check the other errors */
parseCommonStates(e, "scp_v1s_list_sessions()");
scp_session_destroy(s);
return;
//break;
}
}
if (!data)
{
scp_v1s_deny_connection(c, "Login failed");
log_message( LOG_LEVEL_INFO,
"Login failed for user %s. Connection terminated", s->username);
scp_session_destroy(s);
return;
}
/* testing if login is allowed*/
if (0 == access_login_allowed(s->username))
{
scp_v1s_deny_connection(c, "Access to Terminal Server not allowed.");
log_message(LOG_LEVEL_INFO,
"User %s not allowed on TS. Connection terminated", s->username);
scp_session_destroy(s);
return;
}
//check if we need password change
/* list disconnected sessions */
slist = session_get_byuser(s->username, &scount, SESMAN_SESSION_STATUS_DISCONNECTED);
if (scount == 0)
{
/* no disconnected sessions - start a new one */
log_message(LOG_LEVEL_DEBUG, "No disconnected sessions for this user"
"- we create a new one");
if (0 != s->client_ip)
{
log_message(LOG_LEVEL_INFO, "++ created session (access granted): username %s, ip %s", s->username, s->client_ip);
}
else
{
log_message(LOG_LEVEL_INFO, "++ created session (access granted): username %s", s->username);
}
if (SCP_SESSION_TYPE_XVNC == s->type)
{
log_message(LOG_LEVEL_INFO, "starting Xvnc session...");
display = session_start(s->width, s->height, s->bpp, s->username,
s->password, data, SESMAN_SESSION_TYPE_XVNC,
s->domain, s->program, s->directory, s->client_ip);
}
else
{
log_message(LOG_LEVEL_INFO, "starting X11rdp session...");
display = session_start(s->width, s->height, s->bpp, s->username,
s->password, data, SESMAN_SESSION_TYPE_XRDP,
s->domain, s->program, s->directory, s->client_ip);
}
e = scp_v1s_connect_new_session(c, display);
switch (e)
{
case SCP_SERVER_STATE_OK:
/* all ok, we got new username and password */
break;
default:
/* we check the other errors */
parseCommonStates(e, "scp_v1s_connect_new_session()");
break;
}
}
else
{
/* one or more disconnected sessions - listing */
e = scp_v1s_list_sessions(c, scount, slist, &sid);
switch (e)
{
/*case SCP_SERVER_STATE_FORCE_NEW:*/
/* we should check for MaxSessions */
case SCP_SERVER_STATE_SELECTION_CANCEL:
log_message( LOG_LEVEL_INFO, "Connection cancelled after session listing");
break;
case SCP_SERVER_STATE_OK:
/* ok, reconnecting... */
sitem = session_get_bypid(sid);
if (0 == sitem)
{
e = scp_v1s_connection_error(c, "Internal error");
log_message(LOG_LEVEL_INFO, "Cannot find session item on the chain");
}
else
{
display = sitem->display;
/*e=scp_v1s_reconnect_session(c, sitem, display);*/
e = scp_v1s_reconnect_session(c, display);
if (0 != s->client_ip)
{
log_message(LOG_LEVEL_INFO, "++ reconnected session: username %s, display :%d.0, session_pid %d, ip %s", s->username, display, sitem->pid, s->client_ip);
}
else
{
log_message(LOG_LEVEL_INFO, "++ reconnected session: username %s, display :%d.0, session_pid %d", s->username, display, sitem->pid);
}
g_free(sitem);
}
break;
default:
/* we check the other errors */
parseCommonStates(e, "scp_v1s_list_sessions()");
break;
}
g_free(slist);
}
/* resource management */
if ((e == SCP_SERVER_STATE_OK) && (s->rsr))
{
/* here goes scp resource sharing code */
}
/* cleanup */
scp_session_destroy(s);
auth_end(data);
}
/* server API */
enum SCP_SERVER_STATES_E scp_v1s_accept(struct SCP_CONNECTION* c, struct SCP_SESSION** s, int skipVchk)
{
struct SCP_SESSION* session;
tui32 version;
tui32 size;
tui16 cmdset;
tui16 cmd;
tui8 sz;
char buf[257];
if (!skipVchk)
{
if (0 == scp_tcp_force_recv(c->in_sck, c->in_s->data, 8))
{
in_uint32_be(c->in_s, version);
if (version != 1)
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: version error", __LINE__);
return SCP_SERVER_STATE_VERSION_ERR;
}
}
else
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__);
return SCP_SERVER_STATE_NETWORK_ERR;
}
}
in_uint32_be(c->in_s, size);
if (size < 12)
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: size error", __LINE__);
return SCP_SERVER_STATE_SIZE_ERR;
}
init_stream(c->in_s, c->in_s->size);
if (0 != scp_tcp_force_recv(c->in_sck, c->in_s->data, (size-8)))
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__);
return SCP_SERVER_STATE_NETWORK_ERR;
}
/* reading command set */
in_uint16_be(c->in_s, cmdset);
/* if we are starting a management session */
if (cmdset == SCP_COMMAND_SET_MANAGE)
{
log_message(LOG_LEVEL_DEBUG, "[v1s:%d] requested management connection", __LINE__);
/* should return SCP_SERVER_STATE_START_MANAGE */
return scp_v1s_mng_accept(c, s);
}
/* if we started with resource sharing... */
if (cmdset == SCP_COMMAND_SET_RSR)
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__);
return SCP_SERVER_STATE_SEQUENCE_ERR;
}
/* reading command */
in_uint16_be(c->in_s, cmd);
if (cmd != 1)
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__);
return SCP_SERVER_STATE_SEQUENCE_ERR;
}
session = scp_session_create();
if (0 == session)
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error (malloc returned NULL)", __LINE__);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
scp_session_set_version(session, 1);
in_uint8(c->in_s, sz);
if ((sz != SCP_SESSION_TYPE_XVNC) && (sz != SCP_SESSION_TYPE_XRDP))
{
scp_session_destroy(session);
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: unknown session type", __LINE__);
return SCP_SERVER_STATE_SESSION_TYPE_ERR;
}
scp_session_set_type(session, sz);
in_uint16_be(c->in_s, cmd);
scp_session_set_height(session, cmd);
in_uint16_be(c->in_s, cmd);
scp_session_set_height(session, cmd);
in_uint8(c->in_s, sz);
scp_session_set_bpp(session, sz);
in_uint8(c->in_s, sz);
scp_session_set_rsr(session, sz);
in_uint8a(c->in_s, buf, 17);
buf[17]='\0';
scp_session_set_locale(session, buf);
in_uint8(c->in_s, sz);
if (sz == SCP_ADDRESS_TYPE_IPV4)
{
in_uint32_be(c->in_s, size);
scp_session_set_addr(session, SCP_ADDRESS_TYPE_IPV4_BIN, &size);
}
else if (sz == SCP_ADDRESS_TYPE_IPV6)
{
in_uint8a(c->in_s, buf, 16);
scp_session_set_addr(session, SCP_ADDRESS_TYPE_IPV6_BIN, buf);
}
buf[256] = '\0';
/* reading hostname */
in_uint8(c->in_s, sz);
buf[sz]='\0';
in_uint8a(c->in_s, buf, sz);
if (0 != scp_session_set_hostname(session, buf))
{
scp_session_destroy(session);
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error", __LINE__);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
/* reading username */
in_uint8(c->in_s, sz);
buf[sz]='\0';
in_uint8a(c->in_s, buf, sz);
if (0 != scp_session_set_username(session, buf))
{
scp_session_destroy(session);
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error", __LINE__);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
/* reading password */
in_uint8(c->in_s, sz);
buf[sz]='\0';
in_uint8a(c->in_s, buf, sz);
if (0 != scp_session_set_password(session, buf))
{
scp_session_destroy(session);
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error", __LINE__);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
/* returning the struct */
(*s)=session;
return SCP_SERVER_STATE_OK;
}
enum SCP_SERVER_STATES_E
scp_v1s_request_password(struct SCP_CONNECTION* c, struct SCP_SESSION* s, char* reason)
{
tui8 sz;
tui32 version;
tui32 size;
tui16 cmdset;
tui16 cmd;
int rlen;
char buf[257];
init_stream(c->in_s, c->in_s->size);
init_stream(c->out_s, c->out_s->size);
/* forcing message not to exceed 64k */
rlen = g_strlen(reason);
if (rlen > 65535)
{
rlen = 65535;
}
/* send password request */
version=1;
cmd=3;
out_uint32_be(c->out_s, version); /* version */
out_uint32_be(c->out_s, 14+rlen); /* size */
out_uint16_be(c->out_s, SCP_COMMAND_SET_DEFAULT); /* cmdset */
out_uint16_be(c->out_s, cmd); /* cmd */
out_uint16_be(c->out_s, rlen);
out_uint8p(c->out_s, reason, rlen);
if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, 14+rlen))
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__);
return SCP_SERVER_STATE_NETWORK_ERR;
}
/* receive password & username */
if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, 8))
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__);
return SCP_SERVER_STATE_NETWORK_ERR;
}
in_uint32_be(c->in_s, version);
if (version!=1)
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: version error", __LINE__);
return SCP_SERVER_STATE_VERSION_ERR;
}
in_uint32_be(c->in_s, size);
if (size<12)
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: size error", __LINE__);
return SCP_SERVER_STATE_SIZE_ERR;
}
init_stream(c->in_s, c->in_s->size);
if (0!=scp_tcp_force_recv(c->in_sck, c->in_s->data, (size-8)))
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__);
return SCP_SERVER_STATE_NETWORK_ERR;
}
in_uint16_be(c->in_s, cmdset);
if (cmdset != SCP_COMMAND_SET_DEFAULT)
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__);
return SCP_SERVER_STATE_SEQUENCE_ERR;
}
in_uint16_be(c->in_s, cmd);
if (cmd != 4)
{
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: sequence error", __LINE__);
return SCP_SERVER_STATE_SEQUENCE_ERR;
}
buf[256] = '\0';
/* reading username */
in_uint8(c->in_s, sz);
buf[sz] = '\0';
in_uint8a(c->in_s, buf, sz);
if (0 != scp_session_set_username(s, buf))
{
scp_session_destroy(s);
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error", __LINE__);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
/* reading password */
in_uint8(c->in_s, sz);
buf[sz]='\0';
in_uint8a(c->in_s, buf, sz);
if (0 != scp_session_set_password(s, buf))
{
scp_session_destroy(s);
log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: internal error", __LINE__);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
return SCP_SERVER_STATE_OK;
}
enum SCP_SERVER_STATES_E
scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
{
tui32 version = 0;
tui32 size;
struct SCP_SESSION *session = 0;
tui16 sz;
tui32 code = 0;
char buf[257];
if (!skipVchk)
{
LOG_DBG("[v0:%d] starting connection", __LINE__);
if (0 == scp_tcp_force_recv(c->in_sck, c->in_s->data, 8))
{
c->in_s->end = c->in_s->data + 8;
in_uint32_be(c->in_s, version);
if (version != 0)
{
log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: version error", __LINE__);
return SCP_SERVER_STATE_VERSION_ERR;
}
}
else
{
log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__);
return SCP_SERVER_STATE_NETWORK_ERR;
}
}
in_uint32_be(c->in_s, size);
init_stream(c->in_s, 8196);
if (0 != scp_tcp_force_recv(c->in_sck, c->in_s->data, size - 8))
{
log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__);
return SCP_SERVER_STATE_NETWORK_ERR;
}
c->in_s->end = c->in_s->data + (size - 8);
in_uint16_be(c->in_s, code);
if (code == 0 || code == 10 || code == 20)
{
session = scp_session_create();
if (0 == session)
{
log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
scp_session_set_version(session, version);
if (code == 0)
{
scp_session_set_type(session, SCP_SESSION_TYPE_XVNC);
}
else if (code == 10)
{
scp_session_set_type(session, SCP_SESSION_TYPE_XRDP);
}
else if (code == 20)
{
scp_session_set_type(session, SCP_SESSION_TYPE_XORG);
}
/* reading username */
in_uint16_be(c->in_s, sz);
buf[sz] = '\0';
in_uint8a(c->in_s, buf, sz);
if (0 != scp_session_set_username(session, buf))
{
scp_session_destroy(session);
log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting username", __LINE__);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
/* reading password */
in_uint16_be(c->in_s, sz);
buf[sz] = '\0';
in_uint8a(c->in_s, buf, sz);
if (0 != scp_session_set_password(session, buf))
{
scp_session_destroy(session);
log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting password", __LINE__);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
/* width */
in_uint16_be(c->in_s, sz);
scp_session_set_width(session, sz);
/* height */
in_uint16_be(c->in_s, sz);
scp_session_set_height(session, sz);
/* bpp */
in_uint16_be(c->in_s, sz);
scp_session_set_bpp(session, (tui8)sz);
if (s_check_rem(c->in_s, 2))
{
/* reading domain */
in_uint16_be(c->in_s, sz);
if (sz > 0)
{
in_uint8a(c->in_s, buf, sz);
buf[sz] = '\0';
scp_session_set_domain(session, buf);
}
}
if (s_check_rem(c->in_s, 2))
{
/* reading program */
in_uint16_be(c->in_s, sz);
if (sz > 0)
{
in_uint8a(c->in_s, buf, sz);
buf[sz] = '\0';
scp_session_set_program(session, buf);
}
}
if (s_check_rem(c->in_s, 2))
{
/* reading directory */
in_uint16_be(c->in_s, sz);
if (sz > 0)
{
in_uint8a(c->in_s, buf, sz);
buf[sz] = '\0';
scp_session_set_directory(session, buf);
}
}
if (s_check_rem(c->in_s, 2))
{
/* reading client IP address */
in_uint16_be(c->in_s, sz);
if (sz > 0)
{
in_uint8a(c->in_s, buf, sz);
buf[sz] = '\0';
scp_session_set_client_ip(session, buf);
}
}
}
else if (code == SCP_GW_AUTHENTICATION)
{
/* g_writeln("Command is SCP_GW_AUTHENTICATION"); */
session = scp_session_create();
if (0 == session)
{
/* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__);*/
return SCP_SERVER_STATE_INTERNAL_ERR;
}
scp_session_set_version(session, version);
scp_session_set_type(session, SCP_GW_AUTHENTICATION);
/* reading username */
in_uint16_be(c->in_s, sz);
buf[sz] = '\0';
in_uint8a(c->in_s, buf, sz);
/* g_writeln("Received user name: %s",buf); */
if (0 != scp_session_set_username(session, buf))
{
scp_session_destroy(session);
/* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting username", __LINE__);*/
return SCP_SERVER_STATE_INTERNAL_ERR;
}
/* reading password */
in_uint16_be(c->in_s, sz);
buf[sz] = '\0';
in_uint8a(c->in_s, buf, sz);
/* g_writeln("Received password: %s",buf); */
if (0 != scp_session_set_password(session, buf))
{
scp_session_destroy(session);
/* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting password", __LINE__); */
return SCP_SERVER_STATE_INTERNAL_ERR;
}
}
else
{
log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: sequence error", __LINE__);
return SCP_SERVER_STATE_SEQUENCE_ERR;
}
(*s) = session;
return SCP_SERVER_STATE_OK;
}
/* server API */
enum SCP_SERVER_STATES_E
scp_v1s_mng_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s)
{
struct SCP_SESSION *session;
tui32 ipaddr;
tui16 cmd;
tui8 sz;
char buf[257];
/* reading command */
in_uint16_be(c->in_s, cmd);
if (cmd != 1) /* manager login */
{
return SCP_SERVER_STATE_SEQUENCE_ERR;
}
session = scp_session_create();
if (0 == session)
{
return SCP_SERVER_STATE_INTERNAL_ERR;
}
scp_session_set_version(session, 1);
scp_session_set_type(session, SCP_SESSION_TYPE_MANAGE);
/* reading username */
in_uint8(c->in_s, sz);
buf[sz] = '\0';
in_uint8a(c->in_s, buf, sz);
if (0 != scp_session_set_username(session, buf))
{
scp_session_destroy(session);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
/* reading password */
in_uint8(c->in_s, sz);
buf[sz] = '\0';
in_uint8a(c->in_s, buf, sz);
if (0 != scp_session_set_password(session, buf))
{
scp_session_destroy(session);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
/* reading remote address */
in_uint8(c->in_s, sz);
if (sz == SCP_ADDRESS_TYPE_IPV4)
{
in_uint32_be(c->in_s, ipaddr);
scp_session_set_addr(session, SCP_ADDRESS_TYPE_IPV4_BIN, &ipaddr);
}
else if (sz == SCP_ADDRESS_TYPE_IPV6)
{
in_uint8a(c->in_s, buf, 16);
scp_session_set_addr(session, SCP_ADDRESS_TYPE_IPV6_BIN, buf);
}
/* reading hostname */
in_uint8(c->in_s, sz);
buf[sz] = '\0';
in_uint8a(c->in_s, buf, sz);
if (0 != scp_session_set_hostname(session, buf))
{
scp_session_destroy(session);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
/* returning the struct */
(*s) = session;
return SCP_SERVER_STATE_START_MANAGE;
}
