Esempio n. 1
0
struct session_item *DEFAULT_CC
session_get_bydata(char *name, int width, int height, int bpp, int type)
{
    struct session_chain *tmp;

    /*THREAD-FIX require chain lock */
    lock_chain_acquire();

    tmp = g_sessions;

    /* convert from SCP_SESSION_TYPE namespace to SESMAN_SESSION_TYPE namespace */
    switch (type)
    {
        case SCP_SESSION_TYPE_XVNC: /* 0 */
            type = SESMAN_SESSION_TYPE_XVNC; /* 2 */
            break;
        case SCP_SESSION_TYPE_XRDP: /* 1 */
            type = SESMAN_SESSION_TYPE_XRDP; /* 1 */
            break;
        default:
            lock_chain_release();
            return 0;
    }

    while (tmp != 0)
    {
        if (type == SESMAN_SESSION_TYPE_XRDP)
        {
            /* only name and bpp need to match for X11rdp, it can resize */
            if (g_strncmp(name, tmp->item->name, 255) == 0 &&
                    tmp->item->bpp == bpp &&
                    tmp->item->type == type)
            {
                /*THREAD-FIX release chain lock */
                lock_chain_release();
                return tmp->item;
            }
        }

        if (g_strncmp(name, tmp->item->name, 255) == 0 &&
                tmp->item->width == width &&
                tmp->item->height == height &&
                tmp->item->bpp == bpp &&
                tmp->item->type == type)
        {
            /*THREAD-FIX release chain lock */
            lock_chain_release();
            return tmp->item;
        }

        tmp = tmp->next;
    }

    /*THREAD-FIX release chain lock */
    lock_chain_release();
    return 0;
}
Esempio n. 2
0
static int
g_charclass(const Char **patternp, Char **bufnextp)
{
	const Char *pattern = *patternp + 1;
	Char *bufnext = *bufnextp;
	const Char *colon;
	struct cclass *cc;
	size_t len;

	if ((colon = g_strchr(pattern, ':')) == NULL || colon[1] != ']')
		return 1;	/* not a character class */

	len = (size_t)(colon - pattern);
	for (cc = cclasses; cc->name != NULL; cc++) {
		if (!g_strncmp(pattern, cc->name, len) && cc->name[len] == '\0')
			break;
	}
	if (cc->name == NULL)
		return -1;	/* invalid character class */
	*bufnext++ = M_CLASS;
	*bufnext++ = (Char)(cc - &cclasses[0]);
	*bufnextp = bufnext;
	*patternp += len + 3;

	return 0;
}
Esempio n. 3
0
static int auth_crypt_pwd(char *pwd, char *pln, char *crp)
{
	char salt[13] = "$1$";
	int saltcnt = 0;
	char *encr;

	if (g_strncmp(pwd, "$1$", 3) == 0)
	{
		/* gnu style crypt(); */
		saltcnt = 3;

		while ((pwd[saltcnt] != '$') && (saltcnt < 11))
		{
			salt[saltcnt] = pwd[saltcnt];
			saltcnt++;
		}

		salt[saltcnt] = '$';
		salt[saltcnt + 1] = '\0';
	}
	else
	{
		/* classic two char salt */
		salt[0] = pwd[0];
		salt[1] = pwd[1];
		salt[2] = '\0';
	}

	encr = crypt(pln, salt);
	g_strncpy(crp, encr, 34);

	return 0;
}
Esempio n. 4
0
int DEFAULT_CC
auth_check_pwd_chg(char *user)
{
    struct passwd *spw;
    struct spwd *stp;
    int now;
    long today;

    spw = getpwnam(user);

    if (spw == 0)
    {
        return AUTH_PWD_CHG_ERROR;
    }

    if (g_strncmp(spw->pw_passwd, "x", 3) != 0)
    {
        /* old system with only passwd */
        return AUTH_PWD_CHG_OK;
    }

    /* the system is using shadow */
    stp = getspnam(user);

    if (stp == 0)
    {
        return AUTH_PWD_CHG_ERROR;
    }

    /* check if we need a pwd change */
    now = g_time1();
    today = now / SECS_PER_DAY;

    if (stp->sp_expire == -1)
    {
        return AUTH_PWD_CHG_OK;
    }

    if (today >= (stp->sp_lstchg + stp->sp_max - stp->sp_warn))
    {
        return AUTH_PWD_CHG_CHANGE;
    }

    if (today >= (stp->sp_lstchg + stp->sp_max))
    {
        return AUTH_PWD_CHG_CHANGE_MANDATORY;
    }

    if (today < ((stp->sp_lstchg) + (stp->sp_min)))
    {
        /* cannot change pwd for now */
        return AUTH_PWD_CHG_NOT_NOW;
    }

    return AUTH_PWD_CHG_OK;
}
Esempio n. 5
0
int DEFAULT_CC
access_login_mng_allowed(char* user)
{
  int gid;
  int ok;

  if ((0 == g_strncmp(user, "root", 5)) && (0 == g_cfg->sec.allow_root))
  {
    log_message(LOG_LEVEL_WARNING,
                "[MNG] ROOT login attempted, but root login is disabled");
    return 0;
  }

  if (0 == g_cfg->sec.ts_admins_enable)
  {
    LOG_DBG("[MNG] Terminal Server Admin group is disabled,"
            "allowing authentication",1);
    return 1;
  }

  if (0 != g_getuser_info(user, &gid, 0, 0, 0, 0))
  {
    log_message(LOG_LEVEL_ERROR, "[MNG] Cannot read user info! - login denied");
    return 0;
  }

  if (g_cfg->sec.ts_admins == gid)
  {
    LOG_DBG("[MNG] ts_users is user's primary group");
    return 1;
  }

  if (0 != g_check_user_in_group(user, g_cfg->sec.ts_admins, &ok))
  {
    log_message(LOG_LEVEL_ERROR, "[MNG] Cannot read group info! - login denied");
    return 0;
  }

  if (ok)
  {
    return 1;
  }

  log_message(LOG_LEVEL_INFO, "[MNG] login denied for user %s", user);

  return 0;
}
Esempio n. 6
0
/* returns boolean */
long DEFAULT_CC
auth_userpass(char *user, char *pass, int *errorcode)
{
    const char *encr;
    const char *epass;
    struct passwd *spw;
    struct spwd *stp;

    spw = getpwnam(user);

    if (spw == 0)
    {
        return 0;
    }

    if (g_strncmp(spw->pw_passwd, "x", 3) == 0)
    {
        /* the system is using shadow */
        stp = getspnam(user);

        if (stp == 0)
        {
            return 0;
        }

        if (1 == auth_account_disabled(stp))
        {
            log_message(LOG_LEVEL_INFO, "account %s is disabled", user);
            return 0;
        }

        encr = stp->sp_pwdp;
    }
    else
    {
        /* old system with only passwd */
        encr = spw->pw_passwd;
    }
    epass = crypt(pass, encr);
    if (epass == 0)
    {
        return 0;
    }
    return (strcmp(encr, epass) == 0);
}
Esempio n. 7
0
struct session_item* DEFAULT_CC
session_get_bydata(char* name, int width, int height, int bpp)
{
  struct session_chain* tmp;

  /*THREAD-FIX require chain lock */
  lock_chain_acquire();

  tmp = g_sessions;

  while (tmp != 0)
  {
    if (g_strncmp(name, tmp->item->name, 255) == 0)
    {
      if (tmp->item->type == SESMAN_SESSION_TYPE_XDMX)
      {
	/*THREAD-FIX release chain lock */
        lock_chain_release();
        return tmp->item;
      }

      if (tmp->item->bpp == bpp &&
	  tmp->item->width == width &&
	  tmp->item->height == height)
      {
        /*THREAD-FIX release chain lock */
        lock_chain_release();
        return tmp->item;
      }
    }
    tmp = tmp->next;
  }

  /*THREAD-FIX release chain lock */
  lock_chain_release();
  return 0;
}
Esempio n. 8
0
int auth_change_pwd(char *user, char *newpwd)
{
	struct passwd *spw;
	struct spwd *stp;
	char hash[35] = "";
	long today;

	FILE *fd;

	if (0 != lckpwdf())
	{
		return 1;
	}

	/* open passwd */
	spw = getpwnam(user);

	if (spw == 0)
	{
		return 1;
	}

	if (g_strncmp(spw->pw_passwd, "x", 3) != 0)
	{
		/* old system with only passwd */
		if (auth_crypt_pwd(spw->pw_passwd, newpwd, hash) != 0)
		{
			ulckpwdf();
			return 1;
		}

		spw->pw_passwd = g_strdup(hash);
		fd = fopen("/etc/passwd", "rw");
		putpwent(spw, fd);
	}
	else
	{
		/* the system is using shadow */
		stp = getspnam(user);

		if (stp == 0)
		{
			return 1;
		}

		/* old system with only passwd */
		if (auth_crypt_pwd(stp->sp_pwdp, newpwd, hash) != 0)
		{
			ulckpwdf();
			return 1;
		}

		stp->sp_pwdp = g_strdup(hash);
		today = g_time1() / SECS_PER_DAY;
		stp->sp_lstchg = today;
		stp->sp_expire = today + stp->sp_max + stp->sp_inact;
		fd = fopen("/etc/shadow", "rw");
		putspent(stp, fd);
	}

	ulckpwdf();
	return 0;
}
Esempio n. 9
0
static int
clipboard_get_file(const char *file, int bytes)
{
    int sindex;
    int pindex;
    int flags;
    char full_fn[256]; /* /etc/xrdp/xrdp.ini */
    char filename[256]; /* xrdp.ini */
    char pathname[256]; /* /etc/xrdp */
    struct cb_file_info *cfi;

    /* x-special/gnome-copied-files */
    if ((g_strncmp(file, "copy", 4) == 0) && (bytes == 4))
    {
        return 0;
    }
    if ((g_strncmp(file, "cut", 3) == 0) && (bytes == 3))
    {
        return 0;
    }
    sindex = 0;
    flags = CB_FILE_ATTRIBUTE_ARCHIVE;
    /* text/uri-list */
    /* x-special/gnome-copied-files */
    if (g_strncmp(file, "file://", 7) == 0)
    {
        sindex = 7;
    }
    pindex = bytes;
    while (pindex > sindex)
    {
        if (file[pindex] == '/')
        {
            break;
        }
        pindex--;
    }
    g_memset(pathname, 0, 256);
    g_memset(filename, 0, 256);
    g_memcpy(pathname, file + sindex, pindex - sindex);
    if (pathname[0] == 0)
    {
        pathname[0] = '/';
    }
    g_memcpy(filename, file + pindex + 1, (bytes - 1) - pindex);
    /* this should replace %20 with space */
    clipboard_check_file(pathname);
    clipboard_check_file(filename);
    g_snprintf(full_fn, 255, "%s/%s", pathname, filename);
    if (g_directory_exist(full_fn))
    {
        log_error("clipboard_get_file: file [%s] is a directory, "
                   "not supported", full_fn);
        flags |= CB_FILE_ATTRIBUTE_DIRECTORY;
        return 1;
    }
    if (!g_file_exist(full_fn))
    {
        log_error("clipboard_get_file: file [%s] does not exist",
                   full_fn);
        return 1;
    }
    else
    {
        cfi = (struct cb_file_info*)g_malloc(sizeof(struct cb_file_info), 1);
        list_add_item(g_files_list, (tintptr)cfi);
        g_strcpy(cfi->filename, filename);
        g_strcpy(cfi->pathname, pathname);
        cfi->size = g_file_get_size(full_fn);
        cfi->flags = flags;
        cfi->time = (g_time1() + CB_EPOCH_DIFF) * 10000000LL;
        log_debug("ok filename [%s] pathname [%s] size [%d]",
                    cfi->filename, cfi->pathname, cfi->size);
    }
    return 0;
}