Session Allocation Policy 'I' not working (client IP address is always NULL) #3167
Comments
|
@fpaquet - thank you for an excellent fault report. If you're in a position where you can take a patch, this will fix it for you:- --- a/sesman/scp_process.c
+++ b/sesman/scp_process.c
@@ -102,6 +102,14 @@ process_sys_login_request(struct pre_session_item *psi)
}
else
{
+ /*
+ * Copy the IP address of the requesting user, anticipating a
+ * successful login. We need this so we can search for a session
+ * with a matching IP address if required.
+ */
+ g_snprintf(psi->start_ip_addr, sizeof(psi->start_ip_addr),
+ "%s", ip_addr);
+
/* Create a sesexec process to handle the login
*
* We won't check for the user being valid here, as this mightAfter you've had to spend so much time on this, I feel I owe you an explanation. The basic explanation, is that I omitted to initialise this field, so not being able to find where it is initialised is not surprising! The more detailed explanation needs an understanding of the Session Management Architecture The IP address for a login attempt is passed from sesman to sesexec when the user is authenticated. This IP address is received back from sesexec via a 'session announce' event, and this is used to populate the session entry. This is a little convoluted, but it's there to support sesman restarts in the future. The idea is that when sesman restarts, all the sesexec processes send a session announce event to sesman, and sesman is able to reconstruct its state. At the moment though, this isn't implemented. If you can't take a patch, I'll add a PR here and we'll get this in the next xrdp release. Being on EPEL, you will get this when we release it. |
|
Hello Matt For the time being, we can live with installing the old xrdp-0.9.25-2.el8.x86_64.rpm on RHEL8, We'll give it a try when new release is out. The new feature seams very useful to us, to prevent lost sessions when restarting sesman. |
|
I'll keep this open for now, so I don't lose track of it... |
|
Hello Matt ;; Policy - session allocation policy Using the following setting fails: Using this setting is very successful: regards |
|
Thanks for raising this @fpaquet |
Uh oh!
There was an error while loading. Please reload this page.
xrdp version
0.10.0
Detailed xrdp version, build options
Operating system & version
RHEL8, RHEL9
Installation method
dnf / apt / zypper / pkg / etc
Which backend do you use?
Xvnc
What desktop environment do you use?
Xfce
Environment xrdp running on
VM
What's your client?
Remmina
Area(s) with issue?
Session manager (sesman)
Steps to reproduce
Set Policy to UBDI in sesman.ini
✔️ Expected Behavior
Should reconnect to the running session
❌ Actual Behavior
Always opens a new session
Anything else?
Activating debug output shows, that session_list.c::session_list_get_bydata(363ff) is always receiving psi->start_ip_addr NULL.
Causing IP check always to fail in same function at line 401.
In V0.9.26, the IP check is working as expected.
It seams that the field psi->start_ip_addr is not filled when a new connection arrives.
We found a call to session_list_get_bydata() in scp_process.c::process_create_session_request(411)
but didn't find out where psi get's initialized upon reception of a new connection.
The text was updated successfully, but these errors were encountered: