maride/guacamole-spice-protocol
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
2,852 Commits 27 Branches 31 Tags 8.7 MiB
254615509a
Commit Graph

182 Commits

Author SHA1 Message Date
Michael Jumper
876516a1fb GUACAMOLE-313: Add support for including key states within session recordings. 2018-01-26 16:42:14 -08:00
Michael Jumper
81a0e66d9f GUACAMOLE-313: Include current button state within mouse update for completeness. 2018-01-26 16:21:53 -08:00
Michael Jumper
df770ae4ea GUACAMOLE-313: Add support for including mouse location within session recordings. 2018-01-26 16:21:28 -08:00
Michael Jumper
b37e73488f GUACAMOLE-313: Provide reference to in-progress screen recording. 2018-01-26 16:21:24 -08:00
sanhex
d33bd8deff GUACAMOLE-384: fixing segfault during ssh disconnect 
Root Cause:
See the core dump and Valgrind report posted on Jira. guacd was reading a ssh terminal which had been freed. When a ssh connection is terminated, guac_ssh_client_free_handler() will be called from guacd_exec_proc() -> guac_client_free() with pointer client->free_handler. In guac_ssh_client_free_handler(), when ssh_client->term is freed, ssh_client->client_thread may still be using the ssh_client->term. It causes the crash reported in this bug.

The stack trace exposing the problem can be found by running guacd under Valgrind with a ssh test script. The test script repeats doing ssh login and logout for 5000 times.

Solution:
In guac_ssh_client_free_handler(), before calling guac_terminal_free(ssh_client->term), close the stdin pipe of the terminal to stop reading the pipe with guac_terminal_read_stdin() in ssh_input_thread(). So that ssh_input_thread() can be terminated in this case. Call pthread_join() to wait for ssh_client_thread() terminating before freeing the terminal.

Add a new function guac_terminal_stop() to close the pipe and set the fds to invalid (-1). Call it in guac_ssh_client_free_handler() and guac_terminal_free().

Checking the client running state in ssh_input_thread() and ssh_client_thread() to make sure they can be terminated when the client is stopped in guacd_exec_proc() by another thread.

Test:
- Confirmed ssh connection works normally.
- Observed the child process of guacd exits when ssh connection is terminated.
- Reran the ssh test script. Observed no crash.
 2017-10-29 18:11:15 -07:00
sanhex
3c7a09f52b GUACAMOLE-400: Fix guacd crash when ssh key fails 
Root Cause:
In the ssh library of guacd, function ssh_client_thread(), when guac_ssh_get_user() fails to load private key for ssh authentication, it will return NULL. In this case, the subsequent call to guac_common_ssh_create_session() with parameter 'user=0x0' will cause guacd crash in function guac_common_ssh_authenticate() by accessing 'user->username'.

Solution:
- Update the comment of function guac_ssh_get_user() to document that NULL will be returned if fails to import key for the user.
- In function ssh_client_thread(), verify the return of guac_ssh_get_user(). If ssh_client->user is NULL, return NULL.

Test:
- Configured a ssh app with an encrypted private key and a wrong passphrase.
- Ran the ssh app from web portal and observed guacd crash.
- Applied the fix and reran the ssh app. Observed no crash.
 2017-09-29 11:04:48 -07:00
Michael Jumper
d51e92eb31 GUACAMOLE-303: Add "sftp-root-directory" parameter to VNC, RDP, and SSH. 2017-06-29 15:48:23 -07:00
Michael Jumper
0474f86c46 GUACAMOLE-303: Extend common SFTP filesystem such that arbitrary directories can be used as the root of the filesystem. 2017-06-29 15:36:10 -07:00
Nick Couchman
041fcc4651 GUACAMOLE-203: Change remaining instances of timer to timeout. 2017-06-25 05:13:22 -04:00
Nick Couchman
05dfb1a6ae GUACAMOLE-203: Deal correctly with negative keepalive values. 2017-06-25 05:10:22 -04:00
Nick Couchman
8c24c77d55 GUACAMOLE-203: Change timer to timeout 2017-06-14 13:00:30 -04:00
Nick Couchman
af4d762147 GUACAMOLE-203: Move warning about minimum alive interval to single place in common code. 2017-06-14 12:49:49 -04:00
Nick Couchman
df718395e8 GUACAMOLE-203: Change alive interval from int to unsigned. 2017-06-14 10:17:28 -04:00
Nick Couchman
070bd25721 GUACAMOLE-203: if statement style tweak 2017-06-14 08:27:09 -04:00
Nick Couchman
e7fc8a0d98 GUACAMOLE-203: Expand SSH keepalives to cover SFTP connections for other protocols. 2017-05-31 21:03:09 -04:00
Nick Couchman
9993684205 GUACAMOLE-203: Warn user if they try to enter keepalive value < 2 seconds. 2017-05-31 21:03:06 -04:00
Nick Couchman
1e3d82cc63 GUACAMOLE-203: Update comment for keep alive interval. 2017-05-31 21:03:04 -04:00
Nick Couchman
f693b02e12 GUACAMOLE-203: Tighten up code, implement constant for socket poll timer. 2017-05-31 21:02:59 -04:00
Nick Couchman
75019f5e4b GUACAMOLE-203: Add a few more comments to code. 2017-05-31 21:02:53 -04:00
Nick Couchman
8ab7e56972 GUACAMOLE-203: Implement keepalive config in SSH connection. 2017-05-31 21:02:50 -04:00
Nick Couchman
f42f05aab7 GUACAMOLE-203: Add option entries for ServerAliveInterval. 2017-05-31 21:02:38 -04:00
Michael Jumper
61896e829c GUACAMOLE-257: Set VNC/SSH file upload handlers only if SFTP is enabled. 2017-03-28 10:48:38 -07:00
Michael Jumper
3f7ccb6b9a GUACAMOLE-169: Move terminal headers to namespaced directory. 2017-02-27 14:34:46 -08:00
Michael Jumper
d371f2d9ee GUACAMOLE-169: Move common-ssh headers to namespaced directory. 2017-02-27 14:28:23 -08:00
Michael Jumper
eee928548d GUACAMOLE-169: Use proper namespace for internal common headers. 2017-01-23 23:26:26 -08:00
Michael Jumper
e5b3af8ffe GUACAMOLE-86: Remove terminal emulator's STDOUT pipe. Use pthread_cond_t to signal modification. 2017-01-16 00:02:30 -08:00
Michael Jumper
2421fc2f11 GUACAMOLE-118: Use poll() when waiting for data from SSH. 2016-11-11 13:16:57 -08:00
Michael Jumper
1ad99a312e GUACAMOLE-5: Add "read-only" parameter to RDP, SSH, and telnet (per-user, just like VNC). 2016-07-24 22:36:25 -07:00
Michael Jumper
0641ccf601 GUACAMOLE-5: Store connection parameters at user level. Maintain reference to owner's connection parameters at client level. 2016-07-24 22:05:04 -07:00
James Muehlner
ec93a2989f GUACAMOLE-33: Merge mouse duplication user disconnect fix. 2016-05-23 20:45:18 -07:00
Michael Jumper
82fd6a279b GUACAMOLE-33: Implement leave handlers for RDP, SSH, and telnet. 2016-05-23 13:58:30 -07:00
Michael Jumper
a64c3e0179 GUACAMOLE-34: Ensure guac_client_stop() or guac_client_abort() are called in ALL cases where the client thread terminates. 2016-05-23 13:58:01 -07:00
Michael Jumper
f4b8c70f79 GUACAMOLE-1: Relicense build/shell scripts. 2016-03-28 20:39:38 -07:00
Michael Jumper
4da3bef4ec GUACAMOLE-1: Relicense C files. 2016-03-28 20:39:19 -07:00
Michael Jumper
0a5e57362e GUAC-236: Add missing plurals. 2016-03-16 10:45:11 -07:00
Michael Jumper
6fc208554d GUAC-236: Add session recording parameters to VNC, RDP, and SSH. 2016-03-14 20:22:02 -07:00
Michael Jumper
3a4aec3708 GUAC-1389: Document parameters of SSH client thread. 2016-03-14 18:32:03 -07:00
Michael Jumper
fa43a94e02 GUAC-1389: Rely on API definition for handler. 2016-03-14 18:27:52 -07:00
Michael Jumper
075b7ffba9 GUAC-1389: Add screen sharing support to SSH. 2016-03-14 17:33:17 -07:00
Michael Jumper
4661f432f0 GUAC-1452: Parse and handle typescript parameters within SSH and telnet. 2016-01-27 12:43:53 -08:00
Michael Jumper
ad34aa99b4 GUAC-1452: Add typescript parameters for SSH/telnet. 2016-01-25 13:12:24 -08:00
Michael Jumper
e8b98abfc4 GUAC-1038: Add support for running specific commands via SSH (instead of a shell). 2015-10-19 15:58:44 -07:00
Michael Jumper
677c3ce6e8 GUAC-1195: Add "color-scheme" parameter to SSH and telnet. 2015-07-28 16:46:32 -07:00
Michael Jumper
fa443249c9 GUAC-1195: Use color scheme constants and names. 2015-07-28 16:43:23 -07:00
Michael Jumper
b2c2779465 GUAC-1195: Define and use color constants for terminal. 2015-07-28 16:20:14 -07:00
Michael Jumper
029b3bdb80 GUAC-1195: Configure default foreground/background when terminal is created. 2015-07-28 15:59:20 -07:00
Michael Jumper
49beb7d7fd GUAC-1264: Require explicit free for users and sessions. Ensure SSH client data is zeroed upon allocation. 2015-07-24 13:20:36 -07:00
Michael Jumper
bfe4895408 GUAC-1171: Remove extra trailing spaces from parameter comments. 2015-07-10 21:01:17 -07:00
Michael Jumper
3d1d2ea334 GUAC-1171: Migrate to common SSH for SFTP transfers. 2015-07-10 17:21:58 -07:00
Michael Jumper
a6b46a0ea0 GUAC-1171: Add and document SFTP functionality within common SSH. 2015-07-10 17:21:27 -07:00
Michael Jumper
0fcea2738b GUAC-1171: Migrate to common SSH within client. 2015-07-10 12:46:11 -07:00
Michael Jumper
fbcf8a1e0d GUAC-1171: Move initialization of SSH, OpenSSL, etc. to common SSH base. 2015-07-09 12:02:31 -07:00
Michael Jumper
c199cfc8d7 GUAC-1171: Adopt cleaner style for Makefile.am. 2015-07-08 15:39:25 -07:00
Michael Jumper
77cde6ae4b GUAC-1171: Stub out common SSH client within build. 2015-07-08 14:55:18 -07:00
Michael Jumper
58621ca42b GUAC-1172: Move JSON functions to common. 2015-07-05 18:08:22 -07:00
Michael Jumper
ddbbcf032a GUAC-1172: Ensure empty directories are valid JSON. 2015-07-05 12:56:10 -07:00
Michael Jumper
054698a3ad GUAC-1172: Append. Do not appaned. 2015-07-01 11:11:07 -07:00
Michael Jumper
42c36f5b84 GUAC-1172: Properly store/free filesystem object. 2015-07-01 10:48:25 -07:00
Michael Jumper
0bbc958373 GUAC-1172: Implement file upload via filesystem object. 2015-07-01 10:48:25 -07:00
Michael Jumper
5fba93594d GUAC-1172: Implement directory listing and file download via filesystem object. 2015-07-01 10:48:25 -07:00
Michael Jumper
482b3a728c GUAC-1172: Simplify filename validation and manipulation. 2015-07-01 10:48:25 -07:00
Michael Jumper
5fe8917bdc GUAC-974: Log reason for auth key failures. Add debug logging. 2015-01-04 19:56:32 -08:00
Michael Jumper
0b0c2aae93 GUAC-974: Auth key failures should abort as UNAUTHORIZED. 2015-01-04 19:17:40 -08:00
Michael Jumper
4b53f9f3a6 GUAC-911: Expand logging within SSH and telnet. 2014-11-28 17:20:02 -08:00
Michael Jumper
431fd2de6f GUAC-911: Add log levels. Refactor guac_client_log_*() into guac_client_log(). 2014-11-07 16:32:19 -08:00
Michael Jumper
2fa1468386 GUAC-779: Terminal channel mutex must exist before terminal channel. 2014-07-21 11:23:36 -07:00
Michael Jumper
be9c56f9a3 GUAC-779: Synchronize access to shared libssh2 handles. 2014-07-21 11:15:55 -07:00
Michael Jumper
d608b3a30b GUAC-780: Init OpenSSL for sake of threads. 2014-07-21 10:48:02 -07:00
Michael Jumper
98c6e6496d GUAC-780: Ensure libgcrypt is initialized for pthreads if used by libssh2. OpenSSL should be OK. 2014-07-21 10:27:39 -07:00
Michael Jumper
46faa7ab85 GUAC-493: Coding style changes. 2014-07-17 12:54:40 -07:00
Felipe Weckx
e543d9eeb5 GUAC-493 Add keyboard-interactive ssh authentication method 2014-07-17 12:51:35 -07:00
Michael Jumper
8d99c35a86 GUAC-769: Ensure socket output is handled in a threadsafe manner. 2014-07-10 16:49:13 -07:00
Michael Jumper
48d1597418 GUAC-730: Fix headers for SSH. 2014-06-11 10:06:18 -07:00
Michael Jumper
c84a88d35a GUAC-718: Set locale (for sake of wcwidth()). Warn if locale does not use UTF-8. 2014-06-02 16:01:13 -07:00
Michael Jumper
3bd145a059 GUAC-678: Add missing OpenSSL init. 2014-05-27 12:34:05 -07:00
Michael Jumper
7c08593b83 GUAC-653: Restore file upload for SSH. 2014-05-06 17:14:40 -07:00
Michael Jumper
0acd219a88 GUAC-653: Remove unneeded includes. 2014-05-06 16:45:36 -07:00
Michael Jumper
92f0d4b36b GUAC-653: Remove direct reference to internal terminal pipes. 2014-05-06 16:41:48 -07:00
Michael Jumper
470dc67c34 GUAC-653: Implement render_frame function. 2014-05-06 16:12:29 -07:00
Michael Jumper
f2781ed0cc GUAC-653: Move mouse and key handling into terminal. Move clipboard into terminal. 2014-05-05 19:02:41 -07:00
Michael Jumper
455f2e543a GUAC-653: Update namespace in common terminal code. 2014-05-05 16:36:49 -07:00
Michael Jumper
b4e7f95603 GUAC-653: Move terminal code to common location. 2014-05-05 16:17:59 -07:00
Michael Jumper
4766970015 GUAC-621: During resize, keep cursor on screen and redraw cursor if necessary. 2014-04-16 14:46:00 -07:00
Michael Jumper
9229457dd4 GUAC-621: Only increase buffer length if real character data was written (not cleared). 2014-04-16 14:31:51 -07:00
Michael Jumper
3823165d7f GUAC-598: Fix warnings against SSH. 2014-04-11 13:48:06 -07:00
Michael Jumper
5f84cbc5e4 GUAC-598: Use unsigned instead of u_ type. 2014-04-11 13:48:06 -07:00
Michael Jumper
7be9a87fae GUAC-614: Remove old prototype. 2014-04-10 15:40:40 -07:00
Michael Jumper
83093f1bd3 GUAC-614: Migrate SSH to simpler stream API. 2014-04-10 13:47:36 -07:00
Michael Jumper
78b4ad56a1 GUAC-611: Add missing headers. 2014-04-09 19:09:41 -07:00
Michael Jumper
2c4ae68da0 GUAC-608: Add support for outbound clipboard for SSH. Partial inbound support. 2014-04-09 11:40:09 -07:00
Michael Jumper
6e6af91cfa GUAC-556: Send proper errors for SSH. 2014-03-21 19:47:42 -07:00
Michael Jumper
fdf2036cfe GUAC-548: Migrate to new error codes throughout protocol support. 2014-03-18 12:26:01 -07:00
Michael Jumper
735c5778db Ensure read errors result in the client closing. 2014-01-01 20:18:43 -08:00
Michael Jumper
442ed427a0 Clean up includes, clean up build. 2014-01-01 14:52:01 -08:00
Michael Jumper
0303c4e24b Relicense everything (except French keymap) as MIT. Status of French keymap is TBD. 2014-01-01 14:46:18 -08:00
Michael Jumper
78202d25ba Pay attention to DPI when rendering terminal. 2013-12-27 00:28:23 -08:00
Michael Jumper
497996c48e Only read from agent if agent enabled. 2013-12-03 09:21:47 -08:00
Michael Jumper
9aed54d33a Remove unnecessary include. 2013-12-03 02:23:12 -08:00
Michael Jumper
1baaa6ddee Use non-blocking I/O on non-SFTP session to avoid unnecessary waiting for data during reads. With multiple threads, libssh2 reads will call poll() to wait for available data, one read will handle ALL data, while the other read comes up dry. 2013-12-03 02:22:46 -08:00
Michael Jumper
9738197653 Differentiate between connection attempts. 2013-12-02 09:28:46 -08:00