Move scp to standard transport #1925
Conversation
matt335672
force-pushed
the
move_scp_to_trans
branch
2 times, most recently
from
8315e46 to
eeaf8cd
Compare
sesman/libscp/libscp_v1s.c
Outdated
| case 1: | ||
| s->current_cmd = cmd; | ||
| result = scp_v1s_init_session(t, s); | ||
| break; |
There was a problem hiding this comment.
is it worth it to change these magic numbers to constants now or will all of this code be refactored with your next change?
There was a problem hiding this comment.
I was going to replace all of this, but intentions are not the same as reality! I'll replace the magic numbers.
| @@ -0,0 +1,58 @@ | |||
|
|
|||
There was a problem hiding this comment.
Assuming that committing this file was intentional, can you please add a header, or change the file name to clarify that this file is documenting the SCP protocol messages.
sesman/scp_v1.c
Outdated
| e = scp_v1s_list_sessions42(t, scount, slist); | ||
| if (SCP_SERVER_STATE_OK != e) | ||
| { | ||
| /* here goes scp resource sharing code */ | ||
| LOG(LOG_LEVEL_ERROR, "scp_v1s_list_sessions42 failed"); | ||
| } | ||
|
|
||
| /* cleanup */ | ||
| if (do_auth_end) | ||
| return SCP_SERVER_STATE_OK; |
There was a problem hiding this comment.
the log message here is at the error level, but the connection is not disconnected. I think this should be lowered to Warning.
sesman/scp_v1.c
Outdated
| { | ||
| auth_end(data); | ||
| e = scp_v1s_connection_error(t, "Internal error"); | ||
| LOG(LOG_LEVEL_INFO, "Cannot find session item on the chain"); |
There was a problem hiding this comment.
What's the "chain"? can you please make this log message more informative, like "The server does not have a session with id %s"?
sesman/sesman.c
Outdated
| /* reset for next message */ | ||
| self->header_size = 8; | ||
| self->extra_flags = 0; | ||
| init_stream(self->in_s, 0); |
There was a problem hiding this comment.
setting the transport input stream to size zero doesn't feel right. Can you please clarify this?
There was a problem hiding this comment.
I'll add a comment. The effect is to reset the stream pointers, but leave the buffer size unchanged.
sesman/sesman.c
Outdated
| sesman_listen_conn_in(struct trans *self, struct trans *new_self) | ||
| { | ||
| struct sesman_con *sc; | ||
| if (g_con_list->count >= 16) |
There was a problem hiding this comment.
why a maximum of 16 connections to sesman? are the connections to sesman short lived or do they last the duration of the client rdp connection?
There was a problem hiding this comment.
The '16' is somewhat inherited. Your question is however, like most of your questions, very incisive.
At the moment, connections to sesman are short lived, and last for the duration of making a request and receiving a response.
This may, however, have to change in the future. There are two reasons I'm aware of for this:-
- To support reconnections, sesman is going to need to keep a copy of a secret which is shared with the RDP client. This secret is regenerated hourly - see [MS-RDPBCGR] 5.5 which implies either a permanent connection between sesman and the xrdp instance, or xrdp reconnecting to sesman at regular intervals.
- The
xrdp-sesadminutility should support more functionality that it currently does. Implentation of (e.g.) a 'disconnect session' command implies sesman will ned to talk to the relevant xrdp instance.
For now I'll add a define for this with a short comment.
matt335672
force-pushed
the
move_scp_to_trans
branch
from
eeaf8cd to
f2dd07e
Compare
|
Review comments addressed. |
|
Thanks for this, it will be great to removing this unnecessary TCP listener. |
|
There's 1 month until the next release. This is a breaking change so we need to triage if shipping this to August release or December release. Do you think 1 month is enough to test and debug this? |
|
I should point out that a fair bit of this code isn't actually used at present. The server-side SCP V0 code is used by xrdp and sesrun, and even they aren't using the SCP client-side library at the moment. The SCP V1 admin code is used by sesadmin, and the other SCP V1 code is used by sestest which isn't shipped by default, primarily as it isn't completed yet. I've tested all the interfaces I can. xrdp/sesrun appear to work well, as does what there is of sesadmin. The sestest code run OK, but has other (existing) problems which I'm not planning on addressing right now. In other words, I think an August release for this is realistic, but happy to discuss this further. I'm about for most of August apart from a few days from the 15th onwards. If we need to bounce it until December that's fine, but I'd suggest a merge straight after v0.9.17 early in September if we do that. There are other changes to make in this area, but they're dependent on this one going in. |
matt335672
force-pushed
the
move_scp_to_trans
branch
from
f2dd07e to
5c9839a
Compare
|
Then, I'm fine with shipping this to next August release. |
|
No it doesn't. That's a subsequent part of Jay's original #1602. Because that's a significantly more user-visible change however, it will be good to get some more preparation done before we make that switch, so it's clearer what's going on. In particular, at the moment, xrdp and sesrun don't use libscp to talk to sesman. This PR doesn't address that, but I've got another one planned that will. After what we should be able to move to UDS with a relatively simple PR. |
|
Okay, let's ship this to the next release. |
The PR is based on part of #1602.
#1602 is in two parts:-
struct SCP_CONNECTIONas a connection type to the more standardstruct transtransport type used everywhere elseBoth of these are necessary moving forwards to modernise SCP. This PR focusses on the first half only.
I've taken @jsorg71's original commits and rebased them. I've then completely removed the
struct SCP_CONNECTIONto avoid confusion, and to ensure that the transition tostruct transis complete. This has entailed updating the utilities.There's still a lot to do for SCP. This is only a start.