From: Marcin Krol <hawk@tld-linux.org>
Date: Wed, 26 Nov 2014 19:09:31 +0000 (+0000)
Subject: - from PLD
X-Git-Url: https://git.tld-linux.org/?p=packages%2Fxrdp.git;a=commitdiff_plain;h=78be958bc0ce9502861cfc2d05e64e1cf4c87998

- from PLD
---

78be958bc0ce9502861cfc2d05e64e1cf4c87998
diff --git a/build.patch b/build.patch
new file mode 100644
index 0000000..78662ea
--- /dev/null
+++ b/build.patch
@@ -0,0 +1,11 @@
+--- xrdp-v0.6.1/sesman/tools/Makefile.am~	2013-11-09 21:11:15.000000000 +0100
++++ xrdp-v0.6.1/sesman/tools/Makefile.am	2013-12-07 18:41:21.172980720 +0100
+@@ -20,7 +20,7 @@
+ xrdp_sesrun_SOURCES = \
+   sesrun.c \
+   tcp.c \
+-  config.c
++  ../config.c
+ 
+ xrdp_sestest_SOURCES = \
+   sestest.c
diff --git a/format-security.patch b/format-security.patch
new file mode 100644
index 0000000..f8a1d66
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,11 @@
+--- xrdp-v0.6.1/common/log.c~	2013-11-09 21:11:15.000000000 +0100
++++ xrdp-v0.6.1/common/log.c	2013-12-07 18:38:21.836315352 +0100
+@@ -160,7 +160,7 @@
+   if (l_cfg->enable_syslog  && (lvl <= l_cfg->log_level))
+   {
+     /* log to syslog */
+-    syslog(log_xrdp2syslog(lvl), buff + 20);
++    syslog(log_xrdp2syslog(lvl), "%s", buff + 20);
+   }
+ 
+   if (lvl <= l_cfg->log_level)
diff --git a/heimdal.patch b/heimdal.patch
new file mode 100644
index 0000000..80f3750
--- /dev/null
+++ b/heimdal.patch
@@ -0,0 +1,42 @@
+--- xrdp-v0.6.1/sesman/verify_user_kerberos.c~	2013-11-09 21:11:15.000000000 +0100
++++ xrdp-v0.6.1/sesman/verify_user_kerberos.c	2013-12-07 19:01:56.670626777 +0100
+@@ -187,11 +187,15 @@
+ 
+   u_info = (struct user_info*)data;
+   rc = 0;
++#ifndef HEIMDAL
+   types = krb5_get_prompt_types(ctx);
++#endif
+   for (i = 0; i < num_prompts; i++)
+   {
++#ifndef HEIMDAL
+     if (types[i] == KRB5_PROMPT_TYPE_PASSWORD ||
+         types[i] == KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN)
++#endif
+     {
+       g_strncpy(prompts[i].reply->data, u_info->pass, 255);
+     }
+@@ -214,7 +214,11 @@
+   krb5_creds my_creds;
+   krb5_error_code code = 0;
+   krb5_get_init_creds_opt options;
++#ifdef HEIMDAL
++  krb5_addresses* addresses;
++#else
+   krb5_address** addresses;
++#endif
+ 
+   krb5_get_init_creds_opt_init(&options);
+   g_memset(&my_creds, 0, sizeof(my_creds));
+@@ -245,7 +249,11 @@
+   if (opts->addresses)
+   {
+     addresses = NULL;
++#ifdef HEIMDAL
++    code = krb5_get_all_client_addrs(k5->ctx, addresses);
++#else
+     code = krb5_os_localaddr(k5->ctx, &addresses);
++#endif
+     if (code != 0)
+     {
+       g_printf("krb5_os_localaddr failed in k5_kinit\n");
diff --git a/link.patch b/link.patch
new file mode 100644
index 0000000..44a9c5f
--- /dev/null
+++ b/link.patch
@@ -0,0 +1,9 @@
+--- xrdp-v0.6.1/common/Makefile.am~	2013-11-09 21:11:15.000000000 +0100
++++ xrdp-v0.6.1/common/Makefile.am	2013-12-07 20:09:12.855037515 +0100
+@@ -23,4 +23,5 @@
+ libcommon_la_LIBADD = \
+   -lcrypto \
+   -lssl \
+-  -lpthread
++  -lpthread \
++  -ldl
diff --git a/xrdp.README.PLD b/xrdp.README.PLD
new file mode 100644
index 0000000..3ea2748
--- /dev/null
+++ b/xrdp.README.PLD
@@ -0,0 +1,12 @@
+=== X Session: ===
+
+Sesman uses the /etc/X11/xinit/Xclients script. If you want to change your
+desktop environment, you have to edit your ~/.desktop file.
+
+You can also use another script - just modify "UserWindowManager" in the
+sesman config file: /etc/xrdp/sesman.ini.
+
+=== Users permitted to log in: ===
+
+By default, members of the "users" group are permitted to log in.  You can
+change this by editing "TerminalServerUsers" in the sesman config file.
diff --git a/xrdp.README.PLD.pl b/xrdp.README.PLD.pl
new file mode 100644
index 0000000..7777483
--- /dev/null
+++ b/xrdp.README.PLD.pl
@@ -0,0 +1,13 @@
+=== Sesja: ===
+
+Sesman, uruchamiajÄc sesjÄ uÅ¼ytkownika, korzysta ze skryptu
+/etc/X11/xinit/Xclients. Dlatego, aby zmieniÄ manager okien, najproÅciej
+wpisaÄ odpowiedni program w pliku ~/.desktop
+
+Mozna rÃ³wnieÅ¼ wskazaÄ inny skrypt uruchamiajÄcy sesjÄ XÃ³w w konfiguracji
+sesmana: /etc/xrdp/sesman.ini.
+
+=== Uprawnieni uÅ¼ytkownicy: ===
+
+Aby ograniczyÄ prawo do korzystania z xrdp do okreÅlonej grupy uzytkownikÃ³w,
+moÅ¼na wpisaÄ tÄ grupÄ w pliku /etc/xrdp/sesman.ini w polu TerminalServerUsers.
diff --git a/xrdp.init b/xrdp.init
new file mode 100644
index 0000000..eccea19
--- /dev/null
+++ b/xrdp.init
@@ -0,0 +1,105 @@
+#!/bin/sh
+#
+# xrdp		Start/Stop the remote desktop protocol server
+#
+# chkconfig:	2345 60 40
+# description:	Starts the remote desktop protocol server.
+# processname:	xrdp
+# config:	/etc/xrdp/xrdp.ini
+# pidfile:	/var/run/xrdp.pid
+
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Get service config
+[ -f /etc/sysconfig/xrdp ] && . /etc/sysconfig/xrdp
+
+start() {
+	# Check if the service is already running?
+	if [ ! -f /var/lock/subsys/xrdp ]; then
+		msg_starting "xrdp"
+		daemon xrdp </dev/null
+		RETVAL_XRDP=$?
+		[ $RETVAL -eq 0 ] && touch /var/lock/subsys/xrdp
+
+		msg_starting "xrdp-sesman"
+		daemon xrdp-sesman </dev/null
+		RETVAL_SESMAN=$?
+		RETVAL=$RETVAL_XRDP$RETVAL_SESMAN
+		if [ "$RETVAL" == "00" ]; then
+		  touch /var/lock/subsys/xrdp
+		else
+		  msg_stopping "xrdp"
+		  killproc xrdp
+		  msg_stopping "xrdp-sesman"
+		  killproc xrdp-sesman
+		fi
+	else
+		msg_already_running "xrdp"
+	fi
+}
+
+stop() {
+	if [ -f /var/lock/subsys/xrdp ]; then
+		msg_stopping "xrdp"
+		killproc xrdp
+		msg_stopping "xrdp-sesman"
+		killproc xrdp-sesman
+		rm -f /var/lock/subsys/xrdp
+	else
+		msg_not_running "xrdp"
+	fi
+}
+
+reload() {
+	if [ -f /var/lock/subsys/xrdp ]; then
+		msg_reloading "xrdp"
+		killproc xrdp -HUP
+		killproc xrdp-sesman -HUP
+		RETVAL=$?
+	else
+		msg_not_running "xrdp"
+		exit 7
+	fi
+}
+
+condrestart() {
+	if [ -f /var/lock/subsys/xrdp ]; then
+		stop
+		start
+	else
+		msg_not_running "xrdp"
+		RETVAL=$1
+	fi
+}
+
+RETVAL=0
+# See how we were called.
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  restart)
+	stop
+	start
+	;;
+  try-restart)
+	condrestart 0
+	;;
+  reload|force-reload)
+	reload
+	;;
+  status)
+	status xrdp
+	exit $?
+	;;
+  *)
+	msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|status}"
+	exit 3
+esac
+
+exit $RETVAL
diff --git a/xrdp.pamd b/xrdp.pamd
new file mode 100644
index 0000000..6c90689
--- /dev/null
+++ b/xrdp.pamd
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth            required        pam_listfile.so item=user sense=deny file=/etc/security/blacklist.sesman onerr=succeed
+auth            include         system-auth
+account         include         system-auth
+password        include         system-auth
+session         include         system-auth
diff --git a/xrdp.sesman.ini b/xrdp.sesman.ini
new file mode 100644
index 0000000..e11b161
--- /dev/null
+++ b/xrdp.sesman.ini
@@ -0,0 +1,40 @@
+[Globals]
+ListenAddress=127.0.0.1
+ListenPort=3350
+EnableUserWindowManager=1
+UserWindowManager=/etc/X11/xinit/Xclients
+DefaultWindowManager=/etc/X11/xinit/Xclients
+
+[Security]
+AllowRootLogin=1
+MaxLoginRetry=4
+TerminalServerUsers=users
+TerminalServerAdmins=root
+
+[Sessions]
+X11DisplayOffset=10
+MaxSessions=10
+KillDisconnected=0
+IdleTimeLimit=0
+DisconnectedTimeLimit=0
+
+[Logging]
+LogFile=/dev/null
+LogLevel=CORE
+EnableSyslog=1
+SyslogLevel=CORE
+
+[X11rdp]
+param1=-bs
+param2=-ac
+#param3=-nolisten
+#param4=tcp
+
+[Xvnc]
+param1=-bs
+param2=-ac
+#param3=-nolisten
+#param4=tcp
+#param5=-localhost
+#param6=-dpi
+#param7=96
diff --git a/xrdp.spec b/xrdp.spec
new file mode 100644
index 0000000..0cadc31
--- /dev/null
+++ b/xrdp.spec
@@ -0,0 +1,152 @@
+Summary:	Remote desktop server
+Summary(pl.UTF-8):	Serwer remote desktop
+Name:		xrdp
+Version:	0.6.1
+Release:	1
+License:	GPL
+Group:		X11/Applications/Networking
+Source0:	http://download.sourceforge.net/xrdp/%{name}-v%{version}.tar.gz
+# Source0-md5:	26099c6588943262023607c1b4e774d8
+Source1:	%{name}.init
+Source2:	%{name}.pamd
+Source3:	%{name}.xrdp.ini
+Source4:	%{name}.sesman.ini
+Source5:	%{name}.README.PLD
+Source6:	%{name}.README.PLD.pl
+Patch0:		format-security.patch
+Patch1:		build.patch
+Patch2:		heimdal.patch
+Patch3:		link.patch
+URL:		http://xrdp.sourceforge.net/
+BuildRequires:	autoconf
+BuildRequires:	automake
+BuildRequires:	freerdp-devel
+BuildRequires:	heimdal-devel >= 1.5.3-4
+BuildRequires:	libtool
+BuildRequires:	openssl-devel
+BuildRequires:	pam-devel
+BuildRequires:	rpmbuild(macros) >= 1.268
+Requires(post,preun):	/sbin/chkconfig
+Requires:	/usr/bin/Xvnc
+Requires:	rc-scripts
+Requires:	xinitrc-ng
+BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%description
+xrdp is an open source Remote Desktop Protocol (rdp) server for
+UNIX-like systems. It is capable of accepting connections from
+rdesktop and Microsoft's own terminal server / remote desktop clients.
+
+Unlike Windows NT/2000/2003 server, xrdp will not display a Windows
+desktop but an X window desktop to the user.
+
+Xrdp uses Xvnc or X11rdp backends to manage the X session.
+
+%description -l pl.UTF-8
+xrdp jest serwerem protokoÅu Remote Desktop (rdp) dla systemÃ³w
+UNIXowych. Do xrdp moÅ¼na siÄ ÅÄczyÄ zarÃ³wno programem rdesktop, jak i
+klientami protokoÅu rdp Microsoftu.
+
+xrdp uÅ¼ywa jako backendu Xvnc lub X11rdp.
+
+%prep
+%setup -q -n %{name}-v%{version}
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+
+install %{SOURCE5} README.PLD
+install %{SOURCE6} README.PLD.pl
+awk '{gsub("LIBDIR","%{_libdir}"); print}' < %{SOURCE3} > xrdp.ini
+
+%build
+%{__libtoolize}
+%{__aclocal}
+%{__autoconf}
+%{__autoheader}
+%{__automake}
+export CFLAGS="%{rpmcflags} -DHEIMDAL"
+%configure \
+	--enable-freerdp1
+%{__make}
+
+%install
+rm -rf $RPM_BUILD_ROOT
+install -d $RPM_BUILD_ROOT%{_sysconfdir}/{%{name},pam.d,rc.d/init.d}
+
+%{__make} install \
+	DESTDIR=$RPM_BUILD_ROOT
+
+install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/xrdp
+install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/sesman
+install %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/sesman.ini
+
+%{__rm} $RPM_BUILD_ROOT%{_libdir}/%{name}/lib*.{a,la,so}
+
+%post
+/sbin/ldconfig
+/sbin/chkconfig --add xrdp
+%service xrdp restart "xrdp server"
+
+%postun -p /sbin/ldconfig
+
+%preun
+if [ "$1" = "0" ]; then
+	%service xrdp stop
+	/sbin/chkconfig --del xrdp
+fi
+
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(644,root,root,755)
+%doc *.txt
+%doc README.PLD
+%doc README.PLD.pl
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/sesman
+%attr(754,root,root) /etc/rc.d/init.d/xrdp
+%dir %{_sysconfdir}/%{name}
+%config(noreplace) %{_sysconfdir}/%{name}/xrdp.ini
+%config(noreplace) %{_sysconfdir}/%{name}/rsakeys.ini
+%config(noreplace) %{_sysconfdir}/%{name}/sesman.ini
+%{_sysconfdir}/%{name}/km-0407.ini
+%{_sysconfdir}/%{name}/km-0409.ini
+%{_sysconfdir}/%{name}/km-040c.ini
+%{_sysconfdir}/%{name}/km-0410.ini
+%{_sysconfdir}/%{name}/km-0419.ini
+%{_sysconfdir}/%{name}/km-041d.ini
+%attr(755,root,root) %{_bindir}/xrdp-dis
+%attr(755,root,root) %{_bindir}/xrdp-genkeymap
+%attr(755,root,root) %{_bindir}/xrdp-keygen
+%attr(755,root,root) %{_bindir}/xrdp-sesadmin
+%attr(755,root,root) %{_bindir}/xrdp-sesrun
+%attr(755,root,root) %{_bindir}/xrdp-sestest
+%attr(755,root,root) %{_sbindir}/xrdp
+%attr(755,root,root) %{_sbindir}/xrdp-chansrv
+%attr(755,root,root) %{_sbindir}/xrdp-sesman
+%attr(755,root,root) %{_sbindir}/xrdp-sessvc
+%dir %{_libdir}/xrdp
+%attr(755,root,root) %{_libdir}/xrdp/libcommon.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libmc.so.*
+%attr(755,root,root) %{_libdir}/xrdp/librdp.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libscp.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libvnc.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libxrdp.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libxrdpfreerdp1.so.*
+%attr(755,root,root) %{_libdir}/xrdp/libxup.so.*
+%dir %{_datadir}/xrdp
+%{_datadir}/xrdp/ad24b.bmp
+%{_datadir}/xrdp/ad256.bmp
+%{_datadir}/xrdp/cursor0.cur
+%{_datadir}/xrdp/cursor1.cur
+%{_datadir}/xrdp/sans-10.fv1
+%{_datadir}/xrdp/xrdp24b.bmp
+%{_datadir}/xrdp/xrdp256.bmp
+%{_mandir}/man5/sesman.ini.5*
+%{_mandir}/man5/xrdp.ini.5*
+%{_mandir}/man8/xrdp-sesman.8*
+%{_mandir}/man8/xrdp-sesrun.8*
+%{_mandir}/man8/xrdp.8*
diff --git a/xrdp.xrdp.ini b/xrdp.xrdp.ini
new file mode 100644
index 0000000..8217a8c
--- /dev/null
+++ b/xrdp.xrdp.ini
@@ -0,0 +1,72 @@
+
+[globals]
+bitmap_cache=yes
+bitmap_compression=yes
+port=3389
+crypt_level=low
+channel_code=1
+max_bpp=24
+#black=000000
+#grey=d6d3ce
+#dark_grey=808080
+#blue=08246b
+#dark_blue=08246b
+#white=ffffff
+#red=ff0000
+#green=00ff00
+#background=626c72
+
+[xrdp1]
+name=sesman-Xvnc
+lib=LIBDIR/xrdp/libvnc.so
+username=ask
+password=ask
+ip=127.0.0.1
+port=-1
+
+[xrdp2]
+name=console
+lib=LIBDIR/xrdp/libvnc.so
+ip=127.0.0.1
+port=5900
+username=na
+password=ask
+
+[xrdp3]
+name=vnc-any
+lib=LIBDIR/xrdp/libvnc.so
+ip=ask
+port=ask5900
+username=na
+password=ask
+
+[xrdp4]
+name=sesman-any
+lib=LIBDIR/xrdp/libvnc.so
+ip=ask
+port=-1
+username=ask
+password=ask
+
+[xrdp5]
+name=rdp-any
+lib=LIBDIR/xrdp/librdp.so
+ip=ask
+port=ask3389
+
+[xrdp6]
+name=freerdp-any
+lib=LIBDIR/xrdp/libxrdpfreerdp1.so
+ip=ask
+port=ask3389
+username=ask
+password=ask
+
+[xrdp7]
+name=sesman-X11rdp
+lib=LIBDIR/xrdp/libxup.so
+username=ask
+password=ask
+ip=127.0.0.1
+port=-1
+xserverbpp=24