Update xrdp for separate AA and session creation

xrdp is updated to use the separate authenticate/authorization (AA) and command processing interface now provided by sesman. PAM processing has been removed entirely and moved into the seman PAM module. As a result, gateway processing for proxy use-cases can be made use of by non-PAM systems.
neutrinolabs · Dec 14, 2022 · cbeeb6c · cbeeb6c
1 parent 7f52637
commit cbeeb6c
Show file tree

Hide file tree

Showing 5 changed files with 211 additions and 419 deletions.
diff --git a/configure.ac b/configure.ac
@@ -424,11 +424,6 @@ then
   AC_DEFINE([XRDP_ENABLE_IPV6],1,[Enable IPv6])
 fi
 
-if test "x$enable_pam" = "xyes"
-then
-  AC_DEFINE([USE_PAM],1,[Enable PAM])
-fi
-
 AS_IF( [test "x$enable_neutrinordp" = "xyes"] , [PKG_CHECK_MODULES(FREERDP, freerdp >= 1.0.0)] )
 
 # checking for libjpeg

diff --git a/docs/man/xrdp.ini.5.in b/docs/man/xrdp.ini.5.in
@@ -107,7 +107,9 @@ If not specified or set to \fB0\fP, unlimited.
 
 .TP
 \fBpamerrortxt\fP=\fIerror_text\fP
-Specify text passed to PAM when authentication failed. The maximum length is \fB256\fP.
+Specify additional text displayed to user if authentication fails. The maximum length is \fB256\fP.
+
+The use of 'pam' in the name of this option is historic
 
 .TP
 \fBport\fP=\fIport\fP