struct session_item *DEFAULT_CC session_get_bydata(char *name, int width, int height, int bpp, int type) { struct session_chain *tmp; /*THREAD-FIX require chain lock */ lock_chain_acquire(); tmp = g_sessions; /* convert from SCP_SESSION_TYPE namespace to SESMAN_SESSION_TYPE namespace */ switch (type) { case SCP_SESSION_TYPE_XVNC: /* 0 */ type = SESMAN_SESSION_TYPE_XVNC; /* 2 */ break; case SCP_SESSION_TYPE_XRDP: /* 1 */ type = SESMAN_SESSION_TYPE_XRDP; /* 1 */ break; default: lock_chain_release(); return 0; } while (tmp != 0) { if (type == SESMAN_SESSION_TYPE_XRDP) { /* only name and bpp need to match for X11rdp, it can resize */ if (g_strncmp(name, tmp->item->name, 255) == 0 && tmp->item->bpp == bpp && tmp->item->type == type) { /*THREAD-FIX release chain lock */ lock_chain_release(); return tmp->item; } } if (g_strncmp(name, tmp->item->name, 255) == 0 && tmp->item->width == width && tmp->item->height == height && tmp->item->bpp == bpp && tmp->item->type == type) { /*THREAD-FIX release chain lock */ lock_chain_release(); return tmp->item; } tmp = tmp->next; } /*THREAD-FIX release chain lock */ lock_chain_release(); return 0; }
static int g_charclass(const Char **patternp, Char **bufnextp) { const Char *pattern = *patternp + 1; Char *bufnext = *bufnextp; const Char *colon; struct cclass *cc; size_t len; if ((colon = g_strchr(pattern, ':')) == NULL || colon[1] != ']') return 1; /* not a character class */ len = (size_t)(colon - pattern); for (cc = cclasses; cc->name != NULL; cc++) { if (!g_strncmp(pattern, cc->name, len) && cc->name[len] == '\0') break; } if (cc->name == NULL) return -1; /* invalid character class */ *bufnext++ = M_CLASS; *bufnext++ = (Char)(cc - &cclasses[0]); *bufnextp = bufnext; *patternp += len + 3; return 0; }
static int auth_crypt_pwd(char *pwd, char *pln, char *crp) { char salt[13] = "$1$"; int saltcnt = 0; char *encr; if (g_strncmp(pwd, "$1$", 3) == 0) { /* gnu style crypt(); */ saltcnt = 3; while ((pwd[saltcnt] != '$') && (saltcnt < 11)) { salt[saltcnt] = pwd[saltcnt]; saltcnt++; } salt[saltcnt] = '$'; salt[saltcnt + 1] = '\0'; } else { /* classic two char salt */ salt[0] = pwd[0]; salt[1] = pwd[1]; salt[2] = '\0'; } encr = crypt(pln, salt); g_strncpy(crp, encr, 34); return 0; }
int DEFAULT_CC auth_check_pwd_chg(char *user) { struct passwd *spw; struct spwd *stp; int now; long today; spw = getpwnam(user); if (spw == 0) { return AUTH_PWD_CHG_ERROR; } if (g_strncmp(spw->pw_passwd, "x", 3) != 0) { /* old system with only passwd */ return AUTH_PWD_CHG_OK; } /* the system is using shadow */ stp = getspnam(user); if (stp == 0) { return AUTH_PWD_CHG_ERROR; } /* check if we need a pwd change */ now = g_time1(); today = now / SECS_PER_DAY; if (stp->sp_expire == -1) { return AUTH_PWD_CHG_OK; } if (today >= (stp->sp_lstchg + stp->sp_max - stp->sp_warn)) { return AUTH_PWD_CHG_CHANGE; } if (today >= (stp->sp_lstchg + stp->sp_max)) { return AUTH_PWD_CHG_CHANGE_MANDATORY; } if (today < ((stp->sp_lstchg) + (stp->sp_min))) { /* cannot change pwd for now */ return AUTH_PWD_CHG_NOT_NOW; } return AUTH_PWD_CHG_OK; }
int DEFAULT_CC access_login_mng_allowed(char* user) { int gid; int ok; if ((0 == g_strncmp(user, "root", 5)) && (0 == g_cfg->sec.allow_root)) { log_message(LOG_LEVEL_WARNING, "[MNG] ROOT login attempted, but root login is disabled"); return 0; } if (0 == g_cfg->sec.ts_admins_enable) { LOG_DBG("[MNG] Terminal Server Admin group is disabled," "allowing authentication",1); return 1; } if (0 != g_getuser_info(user, &gid, 0, 0, 0, 0)) { log_message(LOG_LEVEL_ERROR, "[MNG] Cannot read user info! - login denied"); return 0; } if (g_cfg->sec.ts_admins == gid) { LOG_DBG("[MNG] ts_users is user's primary group"); return 1; } if (0 != g_check_user_in_group(user, g_cfg->sec.ts_admins, &ok)) { log_message(LOG_LEVEL_ERROR, "[MNG] Cannot read group info! - login denied"); return 0; } if (ok) { return 1; } log_message(LOG_LEVEL_INFO, "[MNG] login denied for user %s", user); return 0; }
/* returns boolean */ long DEFAULT_CC auth_userpass(char *user, char *pass, int *errorcode) { const char *encr; const char *epass; struct passwd *spw; struct spwd *stp; spw = getpwnam(user); if (spw == 0) { return 0; } if (g_strncmp(spw->pw_passwd, "x", 3) == 0) { /* the system is using shadow */ stp = getspnam(user); if (stp == 0) { return 0; } if (1 == auth_account_disabled(stp)) { log_message(LOG_LEVEL_INFO, "account %s is disabled", user); return 0; } encr = stp->sp_pwdp; } else { /* old system with only passwd */ encr = spw->pw_passwd; } epass = crypt(pass, encr); if (epass == 0) { return 0; } return (strcmp(encr, epass) == 0); }
struct session_item* DEFAULT_CC session_get_bydata(char* name, int width, int height, int bpp) { struct session_chain* tmp; /*THREAD-FIX require chain lock */ lock_chain_acquire(); tmp = g_sessions; while (tmp != 0) { if (g_strncmp(name, tmp->item->name, 255) == 0) { if (tmp->item->type == SESMAN_SESSION_TYPE_XDMX) { /*THREAD-FIX release chain lock */ lock_chain_release(); return tmp->item; } if (tmp->item->bpp == bpp && tmp->item->width == width && tmp->item->height == height) { /*THREAD-FIX release chain lock */ lock_chain_release(); return tmp->item; } } tmp = tmp->next; } /*THREAD-FIX release chain lock */ lock_chain_release(); return 0; }
int auth_change_pwd(char *user, char *newpwd) { struct passwd *spw; struct spwd *stp; char hash[35] = ""; long today; FILE *fd; if (0 != lckpwdf()) { return 1; } /* open passwd */ spw = getpwnam(user); if (spw == 0) { return 1; } if (g_strncmp(spw->pw_passwd, "x", 3) != 0) { /* old system with only passwd */ if (auth_crypt_pwd(spw->pw_passwd, newpwd, hash) != 0) { ulckpwdf(); return 1; } spw->pw_passwd = g_strdup(hash); fd = fopen("/etc/passwd", "rw"); putpwent(spw, fd); } else { /* the system is using shadow */ stp = getspnam(user); if (stp == 0) { return 1; } /* old system with only passwd */ if (auth_crypt_pwd(stp->sp_pwdp, newpwd, hash) != 0) { ulckpwdf(); return 1; } stp->sp_pwdp = g_strdup(hash); today = g_time1() / SECS_PER_DAY; stp->sp_lstchg = today; stp->sp_expire = today + stp->sp_max + stp->sp_inact; fd = fopen("/etc/shadow", "rw"); putspent(stp, fd); } ulckpwdf(); return 0; }
static int clipboard_get_file(const char *file, int bytes) { int sindex; int pindex; int flags; char full_fn[256]; /* /etc/xrdp/xrdp.ini */ char filename[256]; /* xrdp.ini */ char pathname[256]; /* /etc/xrdp */ struct cb_file_info *cfi; /* x-special/gnome-copied-files */ if ((g_strncmp(file, "copy", 4) == 0) && (bytes == 4)) { return 0; } if ((g_strncmp(file, "cut", 3) == 0) && (bytes == 3)) { return 0; } sindex = 0; flags = CB_FILE_ATTRIBUTE_ARCHIVE; /* text/uri-list */ /* x-special/gnome-copied-files */ if (g_strncmp(file, "file://", 7) == 0) { sindex = 7; } pindex = bytes; while (pindex > sindex) { if (file[pindex] == '/') { break; } pindex--; } g_memset(pathname, 0, 256); g_memset(filename, 0, 256); g_memcpy(pathname, file + sindex, pindex - sindex); if (pathname[0] == 0) { pathname[0] = '/'; } g_memcpy(filename, file + pindex + 1, (bytes - 1) - pindex); /* this should replace %20 with space */ clipboard_check_file(pathname); clipboard_check_file(filename); g_snprintf(full_fn, 255, "%s/%s", pathname, filename); if (g_directory_exist(full_fn)) { log_error("clipboard_get_file: file [%s] is a directory, " "not supported", full_fn); flags |= CB_FILE_ATTRIBUTE_DIRECTORY; return 1; } if (!g_file_exist(full_fn)) { log_error("clipboard_get_file: file [%s] does not exist", full_fn); return 1; } else { cfi = (struct cb_file_info*)g_malloc(sizeof(struct cb_file_info), 1); list_add_item(g_files_list, (tintptr)cfi); g_strcpy(cfi->filename, filename); g_strcpy(cfi->pathname, pathname); cfi->size = g_file_get_size(full_fn); cfi->flags = flags; cfi->time = (g_time1() + CB_EPOCH_DIFF) * 10000000LL; log_debug("ok filename [%s] pathname [%s] size [%d]", cfi->filename, cfi->pathname, cfi->size); } return 0; }