maride/guacamole-spice-protocol
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
2,887 Commits 27 Branches 31 Tags 8.7 MiB
c750b18f60
Commit Graph

185 Commits

Author SHA1 Message Date
Nick Couchman
5583748b54 GUACAMOLE-269: Move constant declaration to ttymode.c 2018-03-08 10:48:21 -05:00
Nick Couchman
f1bf70a4a2 GUACAMOLE-269: Add basic support for sending TTY mode encoding. 2018-03-08 10:48:21 -05:00
Michael Jumper
4fb17d5610 GUACAMOLE-313: Add flags for controlling the contents of session recordings. 2018-01-26 16:42:24 -08:00
Michael Jumper
876516a1fb GUACAMOLE-313: Add support for including key states within session recordings. 2018-01-26 16:42:14 -08:00
Michael Jumper
81a0e66d9f GUACAMOLE-313: Include current button state within mouse update for completeness. 2018-01-26 16:21:53 -08:00
Michael Jumper
df770ae4ea GUACAMOLE-313: Add support for including mouse location within session recordings. 2018-01-26 16:21:28 -08:00
Michael Jumper
b37e73488f GUACAMOLE-313: Provide reference to in-progress screen recording. 2018-01-26 16:21:24 -08:00
sanhex
d33bd8deff GUACAMOLE-384: fixing segfault during ssh disconnect 
Root Cause:
See the core dump and Valgrind report posted on Jira. guacd was reading a ssh terminal which had been freed. When a ssh connection is terminated, guac_ssh_client_free_handler() will be called from guacd_exec_proc() -> guac_client_free() with pointer client->free_handler. In guac_ssh_client_free_handler(), when ssh_client->term is freed, ssh_client->client_thread may still be using the ssh_client->term. It causes the crash reported in this bug.

The stack trace exposing the problem can be found by running guacd under Valgrind with a ssh test script. The test script repeats doing ssh login and logout for 5000 times.

Solution:
In guac_ssh_client_free_handler(), before calling guac_terminal_free(ssh_client->term), close the stdin pipe of the terminal to stop reading the pipe with guac_terminal_read_stdin() in ssh_input_thread(). So that ssh_input_thread() can be terminated in this case. Call pthread_join() to wait for ssh_client_thread() terminating before freeing the terminal.

Add a new function guac_terminal_stop() to close the pipe and set the fds to invalid (-1). Call it in guac_ssh_client_free_handler() and guac_terminal_free().

Checking the client running state in ssh_input_thread() and ssh_client_thread() to make sure they can be terminated when the client is stopped in guacd_exec_proc() by another thread.

Test:
- Confirmed ssh connection works normally.
- Observed the child process of guacd exits when ssh connection is terminated.
- Reran the ssh test script. Observed no crash.
 2017-10-29 18:11:15 -07:00
sanhex
3c7a09f52b GUACAMOLE-400: Fix guacd crash when ssh key fails 
Root Cause:
In the ssh library of guacd, function ssh_client_thread(), when guac_ssh_get_user() fails to load private key for ssh authentication, it will return NULL. In this case, the subsequent call to guac_common_ssh_create_session() with parameter 'user=0x0' will cause guacd crash in function guac_common_ssh_authenticate() by accessing 'user->username'.

Solution:
- Update the comment of function guac_ssh_get_user() to document that NULL will be returned if fails to import key for the user.
- In function ssh_client_thread(), verify the return of guac_ssh_get_user(). If ssh_client->user is NULL, return NULL.

Test:
- Configured a ssh app with an encrypted private key and a wrong passphrase.
- Ran the ssh app from web portal and observed guacd crash.
- Applied the fix and reran the ssh app. Observed no crash.
 2017-09-29 11:04:48 -07:00
Michael Jumper
d51e92eb31 GUACAMOLE-303: Add "sftp-root-directory" parameter to VNC, RDP, and SSH. 2017-06-29 15:48:23 -07:00
Michael Jumper
0474f86c46 GUACAMOLE-303: Extend common SFTP filesystem such that arbitrary directories can be used as the root of the filesystem. 2017-06-29 15:36:10 -07:00
Nick Couchman
041fcc4651 GUACAMOLE-203: Change remaining instances of timer to timeout. 2017-06-25 05:13:22 -04:00
Nick Couchman
05dfb1a6ae GUACAMOLE-203: Deal correctly with negative keepalive values. 2017-06-25 05:10:22 -04:00
Nick Couchman
8c24c77d55 GUACAMOLE-203: Change timer to timeout 2017-06-14 13:00:30 -04:00
Nick Couchman
af4d762147 GUACAMOLE-203: Move warning about minimum alive interval to single place in common code. 2017-06-14 12:49:49 -04:00
Nick Couchman
df718395e8 GUACAMOLE-203: Change alive interval from int to unsigned. 2017-06-14 10:17:28 -04:00
Nick Couchman
070bd25721 GUACAMOLE-203: if statement style tweak 2017-06-14 08:27:09 -04:00
Nick Couchman
e7fc8a0d98 GUACAMOLE-203: Expand SSH keepalives to cover SFTP connections for other protocols. 2017-05-31 21:03:09 -04:00
Nick Couchman
9993684205 GUACAMOLE-203: Warn user if they try to enter keepalive value < 2 seconds. 2017-05-31 21:03:06 -04:00
Nick Couchman
1e3d82cc63 GUACAMOLE-203: Update comment for keep alive interval. 2017-05-31 21:03:04 -04:00
Nick Couchman
f693b02e12 GUACAMOLE-203: Tighten up code, implement constant for socket poll timer. 2017-05-31 21:02:59 -04:00
Nick Couchman
75019f5e4b GUACAMOLE-203: Add a few more comments to code. 2017-05-31 21:02:53 -04:00
Nick Couchman
8ab7e56972 GUACAMOLE-203: Implement keepalive config in SSH connection. 2017-05-31 21:02:50 -04:00
Nick Couchman
f42f05aab7 GUACAMOLE-203: Add option entries for ServerAliveInterval. 2017-05-31 21:02:38 -04:00
Michael Jumper
61896e829c GUACAMOLE-257: Set VNC/SSH file upload handlers only if SFTP is enabled. 2017-03-28 10:48:38 -07:00
Michael Jumper
3f7ccb6b9a GUACAMOLE-169: Move terminal headers to namespaced directory. 2017-02-27 14:34:46 -08:00
Michael Jumper
d371f2d9ee GUACAMOLE-169: Move common-ssh headers to namespaced directory. 2017-02-27 14:28:23 -08:00
Michael Jumper
eee928548d GUACAMOLE-169: Use proper namespace for internal common headers. 2017-01-23 23:26:26 -08:00
Michael Jumper
e5b3af8ffe GUACAMOLE-86: Remove terminal emulator's STDOUT pipe. Use pthread_cond_t to signal modification. 2017-01-16 00:02:30 -08:00
Michael Jumper
2421fc2f11 GUACAMOLE-118: Use poll() when waiting for data from SSH. 2016-11-11 13:16:57 -08:00
Michael Jumper
1ad99a312e GUACAMOLE-5: Add "read-only" parameter to RDP, SSH, and telnet (per-user, just like VNC). 2016-07-24 22:36:25 -07:00
Michael Jumper
0641ccf601 GUACAMOLE-5: Store connection parameters at user level. Maintain reference to owner's connection parameters at client level. 2016-07-24 22:05:04 -07:00
James Muehlner
ec93a2989f GUACAMOLE-33: Merge mouse duplication user disconnect fix. 2016-05-23 20:45:18 -07:00
Michael Jumper
82fd6a279b GUACAMOLE-33: Implement leave handlers for RDP, SSH, and telnet. 2016-05-23 13:58:30 -07:00
Michael Jumper
a64c3e0179 GUACAMOLE-34: Ensure guac_client_stop() or guac_client_abort() are called in ALL cases where the client thread terminates. 2016-05-23 13:58:01 -07:00
Michael Jumper
f4b8c70f79 GUACAMOLE-1: Relicense build/shell scripts. 2016-03-28 20:39:38 -07:00
Michael Jumper
4da3bef4ec GUACAMOLE-1: Relicense C files. 2016-03-28 20:39:19 -07:00
Michael Jumper
0a5e57362e GUAC-236: Add missing plurals. 2016-03-16 10:45:11 -07:00
Michael Jumper
6fc208554d GUAC-236: Add session recording parameters to VNC, RDP, and SSH. 2016-03-14 20:22:02 -07:00
Michael Jumper
3a4aec3708 GUAC-1389: Document parameters of SSH client thread. 2016-03-14 18:32:03 -07:00
Michael Jumper
fa43a94e02 GUAC-1389: Rely on API definition for handler. 2016-03-14 18:27:52 -07:00
Michael Jumper
075b7ffba9 GUAC-1389: Add screen sharing support to SSH. 2016-03-14 17:33:17 -07:00
Michael Jumper
4661f432f0 GUAC-1452: Parse and handle typescript parameters within SSH and telnet. 2016-01-27 12:43:53 -08:00
Michael Jumper
ad34aa99b4 GUAC-1452: Add typescript parameters for SSH/telnet. 2016-01-25 13:12:24 -08:00
Michael Jumper
e8b98abfc4 GUAC-1038: Add support for running specific commands via SSH (instead of a shell). 2015-10-19 15:58:44 -07:00
Michael Jumper
677c3ce6e8 GUAC-1195: Add "color-scheme" parameter to SSH and telnet. 2015-07-28 16:46:32 -07:00
Michael Jumper
fa443249c9 GUAC-1195: Use color scheme constants and names. 2015-07-28 16:43:23 -07:00
Michael Jumper
b2c2779465 GUAC-1195: Define and use color constants for terminal. 2015-07-28 16:20:14 -07:00
Michael Jumper
029b3bdb80 GUAC-1195: Configure default foreground/background when terminal is created. 2015-07-28 15:59:20 -07:00
Michael Jumper
49beb7d7fd GUAC-1264: Require explicit free for users and sessions. Ensure SSH client data is zeroed upon allocation. 2015-07-24 13:20:36 -07:00
Michael Jumper
bfe4895408 GUAC-1171: Remove extra trailing spaces from parameter comments. 2015-07-10 21:01:17 -07:00
Michael Jumper
3d1d2ea334 GUAC-1171: Migrate to common SSH for SFTP transfers. 2015-07-10 17:21:58 -07:00
Michael Jumper
a6b46a0ea0 GUAC-1171: Add and document SFTP functionality within common SSH. 2015-07-10 17:21:27 -07:00
Michael Jumper
0fcea2738b GUAC-1171: Migrate to common SSH within client. 2015-07-10 12:46:11 -07:00
Michael Jumper
fbcf8a1e0d GUAC-1171: Move initialization of SSH, OpenSSL, etc. to common SSH base. 2015-07-09 12:02:31 -07:00
Michael Jumper
c199cfc8d7 GUAC-1171: Adopt cleaner style for Makefile.am. 2015-07-08 15:39:25 -07:00
Michael Jumper
77cde6ae4b GUAC-1171: Stub out common SSH client within build. 2015-07-08 14:55:18 -07:00
Michael Jumper
58621ca42b GUAC-1172: Move JSON functions to common. 2015-07-05 18:08:22 -07:00
Michael Jumper
ddbbcf032a GUAC-1172: Ensure empty directories are valid JSON. 2015-07-05 12:56:10 -07:00
Michael Jumper
054698a3ad GUAC-1172: Append. Do not appaned. 2015-07-01 11:11:07 -07:00
Michael Jumper
42c36f5b84 GUAC-1172: Properly store/free filesystem object. 2015-07-01 10:48:25 -07:00
Michael Jumper
0bbc958373 GUAC-1172: Implement file upload via filesystem object. 2015-07-01 10:48:25 -07:00
Michael Jumper
5fba93594d GUAC-1172: Implement directory listing and file download via filesystem object. 2015-07-01 10:48:25 -07:00
Michael Jumper
482b3a728c GUAC-1172: Simplify filename validation and manipulation. 2015-07-01 10:48:25 -07:00
Michael Jumper
5fe8917bdc GUAC-974: Log reason for auth key failures. Add debug logging. 2015-01-04 19:56:32 -08:00
Michael Jumper
0b0c2aae93 GUAC-974: Auth key failures should abort as UNAUTHORIZED. 2015-01-04 19:17:40 -08:00
Michael Jumper
4b53f9f3a6 GUAC-911: Expand logging within SSH and telnet. 2014-11-28 17:20:02 -08:00
Michael Jumper
431fd2de6f GUAC-911: Add log levels. Refactor guac_client_log_*() into guac_client_log(). 2014-11-07 16:32:19 -08:00
Michael Jumper
2fa1468386 GUAC-779: Terminal channel mutex must exist before terminal channel. 2014-07-21 11:23:36 -07:00
Michael Jumper
be9c56f9a3 GUAC-779: Synchronize access to shared libssh2 handles. 2014-07-21 11:15:55 -07:00
Michael Jumper
d608b3a30b GUAC-780: Init OpenSSL for sake of threads. 2014-07-21 10:48:02 -07:00
Michael Jumper
98c6e6496d GUAC-780: Ensure libgcrypt is initialized for pthreads if used by libssh2. OpenSSL should be OK. 2014-07-21 10:27:39 -07:00
Michael Jumper
46faa7ab85 GUAC-493: Coding style changes. 2014-07-17 12:54:40 -07:00
Felipe Weckx
e543d9eeb5 GUAC-493 Add keyboard-interactive ssh authentication method 2014-07-17 12:51:35 -07:00
Michael Jumper
8d99c35a86 GUAC-769: Ensure socket output is handled in a threadsafe manner. 2014-07-10 16:49:13 -07:00
Michael Jumper
48d1597418 GUAC-730: Fix headers for SSH. 2014-06-11 10:06:18 -07:00
Michael Jumper
c84a88d35a GUAC-718: Set locale (for sake of wcwidth()). Warn if locale does not use UTF-8. 2014-06-02 16:01:13 -07:00
Michael Jumper
3bd145a059 GUAC-678: Add missing OpenSSL init. 2014-05-27 12:34:05 -07:00
Michael Jumper
7c08593b83 GUAC-653: Restore file upload for SSH. 2014-05-06 17:14:40 -07:00
Michael Jumper
0acd219a88 GUAC-653: Remove unneeded includes. 2014-05-06 16:45:36 -07:00
Michael Jumper
92f0d4b36b GUAC-653: Remove direct reference to internal terminal pipes. 2014-05-06 16:41:48 -07:00
Michael Jumper
470dc67c34 GUAC-653: Implement render_frame function. 2014-05-06 16:12:29 -07:00
Michael Jumper
f2781ed0cc GUAC-653: Move mouse and key handling into terminal. Move clipboard into terminal. 2014-05-05 19:02:41 -07:00
Michael Jumper
455f2e543a GUAC-653: Update namespace in common terminal code. 2014-05-05 16:36:49 -07:00
Michael Jumper
b4e7f95603 GUAC-653: Move terminal code to common location. 2014-05-05 16:17:59 -07:00
Michael Jumper
4766970015 GUAC-621: During resize, keep cursor on screen and redraw cursor if necessary. 2014-04-16 14:46:00 -07:00
Michael Jumper
9229457dd4 GUAC-621: Only increase buffer length if real character data was written (not cleared). 2014-04-16 14:31:51 -07:00
Michael Jumper
3823165d7f GUAC-598: Fix warnings against SSH. 2014-04-11 13:48:06 -07:00
Michael Jumper
5f84cbc5e4 GUAC-598: Use unsigned instead of u_ type. 2014-04-11 13:48:06 -07:00
Michael Jumper
7be9a87fae GUAC-614: Remove old prototype. 2014-04-10 15:40:40 -07:00
Michael Jumper
83093f1bd3 GUAC-614: Migrate SSH to simpler stream API. 2014-04-10 13:47:36 -07:00
Michael Jumper
78b4ad56a1 GUAC-611: Add missing headers. 2014-04-09 19:09:41 -07:00
Michael Jumper
2c4ae68da0 GUAC-608: Add support for outbound clipboard for SSH. Partial inbound support. 2014-04-09 11:40:09 -07:00
Michael Jumper
6e6af91cfa GUAC-556: Send proper errors for SSH. 2014-03-21 19:47:42 -07:00
Michael Jumper
fdf2036cfe GUAC-548: Migrate to new error codes throughout protocol support. 2014-03-18 12:26:01 -07:00
Michael Jumper
735c5778db Ensure read errors result in the client closing. 2014-01-01 20:18:43 -08:00
Michael Jumper
442ed427a0 Clean up includes, clean up build. 2014-01-01 14:52:01 -08:00
Michael Jumper
0303c4e24b Relicense everything (except French keymap) as MIT. Status of French keymap is TBD. 2014-01-01 14:46:18 -08:00
Michael Jumper
78202d25ba Pay attention to DPI when rendering terminal. 2013-12-27 00:28:23 -08:00
Michael Jumper
497996c48e Only read from agent if agent enabled. 2013-12-03 09:21:47 -08:00