Check minimum length of TS_UD_CS_CORE message

Added length checking to redirector response parsing

Not only was this unused, the way it was read could lead to a
buffer overflow (CVE-2022-23480)

Add length checks to client confirm active PDU parsing

Sanitise channel data being passed from application

Avoids OOB read if the size field is incorr...

Check chansrv channel ID on a channel close

Prevent OOB read if an invalid channel ID is sent.

Detect attempts to overflow input buffer

If application code hasn't properly sanitised the head...

Fix potential OOB write if invalid chansrv channel opened

Also removed an unnecessary dynamic m...

Prevent buffer overflow for oversized audio format from client

Login window - replace g_sprintf() withl g_snprintf() calls

There is no reason for any user other than the current one to be able
to communicate with the re...

SECURITY.md: mention including GitHub account in vuln report

When using PAM authentication, a copy is made of the username and password in the auth_info stru...

Fix regression use-after-free

93d97dcb introduced a use-after-free error. The default_font for the
window manager may be used ...

Disable touch events on XVNC session

Fix memory leak in font handler

The following sequence of events results in a memory leak as a font
is loaded twice
1) Invoke lo...

Fix freetype2 version checking

vnc: add mouse button 6,7,8 support

The version of freetype2 returned by pkg-config --modversion is
not the same as the product rele...

Constify some magic numbers

Bump autoconf ver

guid_new() returns GUIDs compatible with RFC4122

- CMDTYPE_FRAME_MARKER
- FASTPATH_UPDATETYPE_SURFCMDS

Support and document SIGHUP for xrdp-sesman

A --reload argument is now supported.

Adds a --reload switch to sesman and plumbs this in
to systemctl reload xrdp-sesman.service

On newer builds of openSUSE tumbleweed the path of pam.d has moved from
/usr/etc/pam.d to /usr/...

Fixes warning about obsolete macro AC_TRY_COMPILE with autoconf 2.71

* Autoconf version from 2.65 -> 2.69
* AC_PROG_LIBTOOL replaced with LT_INIT
* AC_HELP_STRING re...

docs/man/sesman.ini.5.in

Record codec GUID to identify unknown codec

ref. https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/86507fed-a0ee-4242...

Update github actions to address warnings

Since Ubuntu 20.04 supports less i386 functionality than 18.04,
it has been necessary to use a s...

log: change date format to ISO8601-like

xrdp.ini.5.in: Fix mixed up require_credentials/enable_token_login options

Former format: "[20221007-16:36:02] "
New format: "[2022-10-07T16:36:04.357+0900] "

Redesign the login screen

Replace various types used for auth_info

The loadable sesman authentication modules use different types for the
authentication handle ret...

Enable touchpad inertial scrolling

gitignore: add some built binaries

Add freetype2 to CI

The freetype2 library can now be used to create fv1 fonts. This
library is added to the 'max fea...

Scaled login screen support

Replace sans-10.fv1 with a modern version generated with the
new tools.
Also add a sans-18.fv1 f...

The dimensions from xrdp.ini are replaced with scaled and unscaled
versions. The unscaled versio...

This commit adds the variables fv1_select and default_dpi to
xrdp.ini. These variables allow for...

The font body height is now explicitly stored in the font
structure. This is the definition that...

The previous commit added utilities which work with fv1 files
with additional fields in the fv1 ...

To generate new fonts, the freetype2 library is required. This
can now be specified by configure...

mark variable with unused attribute for Clang 15

This may throw a warning with clang-15+ when devel logs are disabled
Fixes
../../../xrdp-0.9.19/...

Simple maintenance improvements

Bumped cppcheck version to 2.9

sesman.ini: mention FreeBSD Xorg path