- from PLD

diff --git a/build.patch b/build.patch
new file mode 100644 (file)
index 0000000..78662ea
--- /dev/null
+++ b/build.patch
@@ -0,0 +1,11 @@
+--- xrdp-v0.6.1/sesman/tools/Makefile.am~      2013-11-09 21:11:15.000000000 +0100
++++ xrdp-v0.6.1/sesman/tools/Makefile.am       2013-12-07 18:41:21.172980720 +0100
+@@ -20,7 +20,7 @@
+ xrdp_sesrun_SOURCES = \
+   sesrun.c \
+   tcp.c \
+-  config.c
++  ../config.c
+ 
+ xrdp_sestest_SOURCES = \
+   sestest.c

diff --git a/format-security.patch b/format-security.patch
new file mode 100644 (file)
index 0000000..f8a1d66
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,11 @@
+--- xrdp-v0.6.1/common/log.c~  2013-11-09 21:11:15.000000000 +0100
++++ xrdp-v0.6.1/common/log.c   2013-12-07 18:38:21.836315352 +0100
+@@ -160,7 +160,7 @@
+   if (l_cfg->enable_syslog  && (lvl <= l_cfg->log_level))
+   {
+     /* log to syslog */
+-    syslog(log_xrdp2syslog(lvl), buff + 20);
++    syslog(log_xrdp2syslog(lvl), "%s", buff + 20);
+   }
+ 
+   if (lvl <= l_cfg->log_level)

diff --git a/heimdal.patch b/heimdal.patch
new file mode 100644 (file)
index 0000000..80f3750
--- /dev/null
+++ b/heimdal.patch
@@ -0,0 +1,42 @@
+--- xrdp-v0.6.1/sesman/verify_user_kerberos.c~ 2013-11-09 21:11:15.000000000 +0100
++++ xrdp-v0.6.1/sesman/verify_user_kerberos.c  2013-12-07 19:01:56.670626777 +0100
+@@ -187,11 +187,15 @@
+ 
+   u_info = (struct user_info*)data;
+   rc = 0;
++#ifndef HEIMDAL
+   types = krb5_get_prompt_types(ctx);
++#endif
+   for (i = 0; i < num_prompts; i++)
+   {
++#ifndef HEIMDAL
+     if (types[i] == KRB5_PROMPT_TYPE_PASSWORD ||
+         types[i] == KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN)
++#endif
+     {
+       g_strncpy(prompts[i].reply->data, u_info->pass, 255);
+     }
+@@ -214,7 +214,11 @@
+   krb5_creds my_creds;
+   krb5_error_code code = 0;
+   krb5_get_init_creds_opt options;
++#ifdef HEIMDAL
++  krb5_addresses* addresses;
++#else
+   krb5_address** addresses;
++#endif
+ 
+   krb5_get_init_creds_opt_init(&options);
+   g_memset(&my_creds, 0, sizeof(my_creds));
+@@ -245,7 +249,11 @@
+   if (opts->addresses)
+   {
+     addresses = NULL;
++#ifdef HEIMDAL
++    code = krb5_get_all_client_addrs(k5->ctx, addresses);
++#else
+     code = krb5_os_localaddr(k5->ctx, &addresses);
++#endif
+     if (code != 0)
+     {
+       g_printf("krb5_os_localaddr failed in k5_kinit\n");

diff --git a/link.patch b/link.patch
new file mode 100644 (file)
index 0000000..44a9c5f
--- /dev/null
+++ b/link.patch
@@ -0,0 +1,9 @@
+--- xrdp-v0.6.1/common/Makefile.am~    2013-11-09 21:11:15.000000000 +0100
++++ xrdp-v0.6.1/common/Makefile.am     2013-12-07 20:09:12.855037515 +0100
+@@ -23,4 +23,5 @@
+ libcommon_la_LIBADD = \
+   -lcrypto \
+   -lssl \
+-  -lpthread
++  -lpthread \
++  -ldl

diff --git a/xrdp.README.PLD b/xrdp.README.PLD
new file mode 100644 (file)
index 0000000..3ea2748
--- /dev/null
+++ b/xrdp.README.PLD
@@ -0,0 +1,12 @@
+=== X Session: ===
+
+Sesman uses the /etc/X11/xinit/Xclients script. If you want to change your
+desktop environment, you have to edit your ~/.desktop file.
+
+You can also use another script - just modify "UserWindowManager" in the
+sesman config file: /etc/xrdp/sesman.ini.
+
+=== Users permitted to log in: ===
+
+By default, members of the "users" group are permitted to log in.  You can
+change this by editing "TerminalServerUsers" in the sesman config file.

diff --git a/xrdp.README.PLD.pl b/xrdp.README.PLD.pl
new file mode 100644 (file)
index 0000000..7777483
--- /dev/null
+++ b/xrdp.README.PLD.pl
@@ -0,0 +1,13 @@
+=== Sesja: ===
+
+Sesman, uruchamiając sesję użytkownika, korzysta ze skryptu
+/etc/X11/xinit/Xclients. Dlatego, aby zmienić manager okien, najprościej
+wpisać odpowiedni program w pliku ~/.desktop
+
+Mozna również wskazać inny skrypt uruchamiający sesję Xów w konfiguracji
+sesmana: /etc/xrdp/sesman.ini.
+
+=== Uprawnieni użytkownicy: ===
+
+Aby ograniczyć prawo do korzystania z xrdp do określonej grupy uzytkowników,
+można wpisać tą grupę w pliku /etc/xrdp/sesman.ini w polu TerminalServerUsers.

diff --git a/xrdp.init b/xrdp.init
new file mode 100644 (file)
index 0000000..eccea19
--- /dev/null
+++ b/xrdp.init
@@ -0,0 +1,105 @@
+#!/bin/sh
+#
+# xrdp         Start/Stop the remote desktop protocol server
+#
+# chkconfig:   2345 60 40
+# description: Starts the remote desktop protocol server.
+# processname: xrdp
+# config:      /etc/xrdp/xrdp.ini
+# pidfile:     /var/run/xrdp.pid
+
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Get service config
+[ -f /etc/sysconfig/xrdp ] && . /etc/sysconfig/xrdp
+
+start() {
+       # Check if the service is already running?
+       if [ ! -f /var/lock/subsys/xrdp ]; then
+               msg_starting "xrdp"
+               daemon xrdp </dev/null
+               RETVAL_XRDP=$?
+               [ $RETVAL -eq 0 ] && touch /var/lock/subsys/xrdp
+
+               msg_starting "xrdp-sesman"
+               daemon xrdp-sesman </dev/null
+               RETVAL_SESMAN=$?
+               RETVAL=$RETVAL_XRDP$RETVAL_SESMAN
+               if [ "$RETVAL" == "00" ]; then
+                 touch /var/lock/subsys/xrdp
+               else
+                 msg_stopping "xrdp"
+                 killproc xrdp
+                 msg_stopping "xrdp-sesman"
+                 killproc xrdp-sesman
+               fi
+       else
+               msg_already_running "xrdp"
+       fi
+}
+
+stop() {
+       if [ -f /var/lock/subsys/xrdp ]; then
+               msg_stopping "xrdp"
+               killproc xrdp
+               msg_stopping "xrdp-sesman"
+               killproc xrdp-sesman
+               rm -f /var/lock/subsys/xrdp
+       else
+               msg_not_running "xrdp"
+       fi
+}
+
+reload() {
+       if [ -f /var/lock/subsys/xrdp ]; then
+               msg_reloading "xrdp"
+               killproc xrdp -HUP
+               killproc xrdp-sesman -HUP
+               RETVAL=$?
+       else
+               msg_not_running "xrdp"
+               exit 7
+       fi
+}
+
+condrestart() {
+       if [ -f /var/lock/subsys/xrdp ]; then
+               stop
+               start
+       else
+               msg_not_running "xrdp"
+               RETVAL=$1
+       fi
+}
+
+RETVAL=0
+# See how we were called.
+case "$1" in
+  start)
+       start
+       ;;
+  stop)
+       stop
+       ;;
+  restart)
+       stop
+       start
+       ;;
+  try-restart)
+       condrestart 0
+       ;;
+  reload|force-reload)
+       reload
+       ;;
+  status)
+       status xrdp
+       exit $?
+       ;;
+  *)
+       msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|status}"
+       exit 3
+esac
+
+exit $RETVAL

diff --git a/xrdp.pamd b/xrdp.pamd
new file mode 100644 (file)
index 0000000..6c90689
--- /dev/null
+++ b/xrdp.pamd
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth            required        pam_listfile.so item=user sense=deny file=/etc/security/blacklist.sesman onerr=succeed
+auth            include         system-auth
+account         include         system-auth
+password        include         system-auth
+session         include         system-auth

diff --git a/xrdp.sesman.ini b/xrdp.sesman.ini
new file mode 100644 (file)
index 0000000..e11b161
--- /dev/null
+++ b/xrdp.sesman.ini
@@ -0,0 +1,40 @@
+[Globals]
+ListenAddress=127.0.0.1
+ListenPort=3350
+EnableUserWindowManager=1
+UserWindowManager=/etc/X11/xinit/Xclients
+DefaultWindowManager=/etc/X11/xinit/Xclients
+
+[Security]
+AllowRootLogin=1
+MaxLoginRetry=4
+TerminalServerUsers=users
+TerminalServerAdmins=root
+
+[Sessions]
+X11DisplayOffset=10
+MaxSessions=10
+KillDisconnected=0
+IdleTimeLimit=0
+DisconnectedTimeLimit=0
+
+[Logging]
+LogFile=/dev/null
+LogLevel=CORE
+EnableSyslog=1
+SyslogLevel=CORE
+
+[X11rdp]
+param1=-bs
+param2=-ac
+#param3=-nolisten
+#param4=tcp
+
+[Xvnc]
+param1=-bs
+param2=-ac
+#param3=-nolisten
+#param4=tcp
+#param5=-localhost
+#param6=-dpi
+#param7=96

diff --git a/xrdp.spec b/xrdp.spec
new file mode 100644 (file)
index 0000000..0cadc31
--- /dev/null
+++ b/xrdp.spec
@@ -0,0 +1,152 @@
+Summary:       Remote desktop server
+Summary(pl.UTF-8):     Serwer remote desktop
+Name:          xrdp
+Version:       0.6.1
+Release:       1
+License:       GPL
+Group:         X11/Applications/Networking
+Source0:       http://download.sourceforge.net/xrdp/%{name}-v%{version}.tar.gz
+# Source0-md5: 26099c6588943262023607c1b4e774d8
+Source1:       %{name}.init
+Source2:       %{name}.pamd
+Source3:       %{name}.xrdp.ini
+Source4:       %{name}.sesman.ini
+Source5:       %{name}.README.PLD
+Source6:       %{name}.README.PLD.pl
+Patch0:                format-security.patch
+Patch1:                build.patch
+Patch2:                heimdal.patch
+Patch3:                link.patch
+URL:           http://xrdp.sourceforge.net/
+BuildRequires: autoconf
+BuildRequires: automake
+BuildRequires: freerdp-devel
+BuildRequires: heimdal-devel >= 1.5.3-4
+BuildRequires: libtool
+BuildRequires: openssl-devel
+BuildRequires: pam-devel
+BuildRequires: rpmbuild(macros) >= 1.268
+Requires(post,preun):  /sbin/chkconfig
+Requires:      /usr/bin/Xvnc
+Requires:      rc-scripts
+Requires:      xinitrc-ng
+BuildRoot:     %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+xrdp is an open source Remote Desktop Protocol (rdp) server for
+UNIX-like systems. It is capable of accepting connections from
+rdesktop and Microsoft's own terminal server / remote desktop clients.
+
+Unlike Windows NT/2000/2003 server, xrdp will not display a Windows
+desktop but an X window desktop to the user.
+
+Xrdp uses Xvnc or X11rdp backends to manage the X session.
+
+%description -l pl.UTF-8
+xrdp jest serwerem protokołu Remote Desktop (rdp) dla systemów
+UNIXowych. Do xrdp można się łączyć zarówno programem rdesktop, jak i
+klientami protokołu rdp Microsoftu.
+
+xrdp używa jako backendu Xvnc lub X11rdp.
+
+%prep
+%setup -q -n %{name}-v%{version}
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+
+install %{SOURCE5} README.PLD
+install %{SOURCE6} README.PLD.pl
+awk '{gsub("LIBDIR","%{_libdir}"); print}' < %{SOURCE3} > xrdp.ini
+
+%build
+%{__libtoolize}
+%{__aclocal}
+%{__autoconf}
+%{__autoheader}
+%{__automake}
+export CFLAGS="%{rpmcflags} -DHEIMDAL"
+%configure \
+       --enable-freerdp1
+%{__make}
+
+%install
+rm -rf $RPM_BUILD_ROOT
+install -d $RPM_BUILD_ROOT%{_sysconfdir}/{%{name},pam.d,rc.d/init.d}
+
+%{__make} install \
+       DESTDIR=$RPM_BUILD_ROOT
+
+install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/xrdp
+install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/sesman
+install %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/sesman.ini
+
+%{__rm} $RPM_BUILD_ROOT%{_libdir}/%{name}/lib*.{a,la,so}
+
+%post
+/sbin/ldconfig
+/sbin/chkconfig --add xrdp
+%service xrdp restart "xrdp server"
+
+%postun -p /sbin/ldconfig
+
+%preun
+if [ "$1" = "0" ]; then
+       %service xrdp stop
+       /sbin/chkconfig --del xrdp
+fi
+
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(644,root,root,755)
+%doc *.txt
+%doc README.PLD
+%doc README.PLD.pl
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/sesman
+%attr(754,root,root) /etc/rc.d/init.d/xrdp
+%dir %{_sysconfdir}/%{name}
+%config(noreplace) %{_sysconfdir}/%{name}/xrdp.ini
+%config(noreplace) %{_sysconfdir}/%{name}/rsakeys.ini
+%config(noreplace) %{_sysconfdir}/%{name}/sesman.ini
+%{_sysconfdir}/%{name}/km-0407.ini
+%{_sysconfdir}/%{name}/km-0409.ini
+%{_sysconfdir}/%{name}/km-040c.ini
+%{_sysconfdir}/%{name}/km-0410.ini
+%{_sysconfdir}/%{name}/km-0419.ini
+%{_sysconfdir}/%{name}/km-041d.ini
+%attr(755,root,root) %{_bindir}/xrdp-dis
+%attr(755,root,root) %{_bindir}/xrdp-genkeymap
+%attr(755,root,root) %{_bindir}/xrdp-keygen
+%attr(755,root,root) %{_bindir}/xrdp-sesadmin
+%attr(755,root,root) %{_bindir}/xrdp-sesrun
+%attr(755,root,root) %{_bindir}/xrdp-sestest
+%attr(755,root,root) %{_sbindir}/xrdp
+%attr(755,root,root) %{_sbindir}/xrdp-chansrv
+%attr(755,root,root) %{_sbindir}/xrdp-sesman
+%attr(755,root,root) %{_sbindir}/xrdp-sessvc
+%dir %{_libdir}/xrdp
+%attr(755,root,root) %{_libdir}/xrdp/libcommon.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libmc.so.*
+%attr(755,root,root) %{_libdir}/xrdp/librdp.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libscp.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libvnc.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libxrdp.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libxrdpfreerdp1.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libxup.so.*
+%dir %{_datadir}/xrdp
+%{_datadir}/xrdp/ad24b.bmp
+%{_datadir}/xrdp/ad256.bmp
+%{_datadir}/xrdp/cursor0.cur
+%{_datadir}/xrdp/cursor1.cur
+%{_datadir}/xrdp/sans-10.fv1
+%{_datadir}/xrdp/xrdp24b.bmp
+%{_datadir}/xrdp/xrdp256.bmp
+%{_mandir}/man5/sesman.ini.5*
+%{_mandir}/man5/xrdp.ini.5*
+%{_mandir}/man8/xrdp-sesman.8*
+%{_mandir}/man8/xrdp-sesrun.8*
+%{_mandir}/man8/xrdp.8*

diff --git a/xrdp.xrdp.ini b/xrdp.xrdp.ini
new file mode 100644 (file)
index 0000000..8217a8c
--- /dev/null
+++ b/xrdp.xrdp.ini
@@ -0,0 +1,72 @@
+
+[globals]
+bitmap_cache=yes
+bitmap_compression=yes
+port=3389
+crypt_level=low
+channel_code=1
+max_bpp=24
+#black=000000
+#grey=d6d3ce
+#dark_grey=808080
+#blue=08246b
+#dark_blue=08246b
+#white=ffffff
+#red=ff0000
+#green=00ff00
+#background=626c72
+
+[xrdp1]
+name=sesman-Xvnc
+lib=LIBDIR/xrdp/libvnc.so
+username=ask
+password=ask
+ip=127.0.0.1
+port=-1
+
+[xrdp2]
+name=console
+lib=LIBDIR/xrdp/libvnc.so
+ip=127.0.0.1
+port=5900
+username=na
+password=ask
+
+[xrdp3]
+name=vnc-any
+lib=LIBDIR/xrdp/libvnc.so
+ip=ask
+port=ask5900
+username=na
+password=ask
+
+[xrdp4]
+name=sesman-any
+lib=LIBDIR/xrdp/libvnc.so
+ip=ask
+port=-1
+username=ask
+password=ask
+
+[xrdp5]
+name=rdp-any
+lib=LIBDIR/xrdp/librdp.so
+ip=ask
+port=ask3389
+
+[xrdp6]
+name=freerdp-any
+lib=LIBDIR/xrdp/libxrdpfreerdp1.so
+ip=ask
+port=ask3389
+username=ask
+password=ask
+
+[xrdp7]
+name=sesman-X11rdp
+lib=LIBDIR/xrdp/libxup.so
+username=ask
+password=ask
+ip=127.0.0.1
+port=-1
+xserverbpp=24