guacamole-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sebastian Ohmsen (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (GUACAMOLE-349) Currupt user input for guacamole sessions over RDP
Date Mon, 17 Jul 2017 09:28:00 GMT

     [ https://issues.apache.org/jira/browse/GUACAMOLE-349?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Sebastian Ohmsen updated GUACAMOLE-349:
---------------------------------------
    Description: 
We've come across a bug that is corrupting the user input for guacamole sessions over rdp.
The problem only occurs when you open a RDP session inside the RDP session established by
guacamole. Our use case is that we connect to a Hyper-V server and would open the console
of a VM running on it. You can very well test that too with connecting to any RDP server from
the connection established by guacamole.

We've tested this extensively and we can observe the following: Whenever you press a key combination
that produces another result by adding a modifier key, like "SHIFT_R + ."(dot) which should
lead to an ">" sign, it's only a matter of time when this is mapped to a "."(dot) sign.
This does not only occur when you hold both keys down, it also occurs occasionally when you
press it the first time. This makes entering passwords super hard and seems to be a bug.

We've traced it down to the corresponding C code and think the problem is here:

https://github.com/apache/incubator-guacamole-server/blob/master/src/protocols/rdp/keyboard.c#L261

In some cases of extra mapped keys, for example in the above case, it's sending more keys
than expected. We can see that “SHIFT_L + .” results in following keysym updates:
 
* 0xFFE1 (SHIFT_R) pressed
* 0x003E (>) pressed
* 0x003E (>) released
* 0xFFE1 (SHIFT_R) released

and works perfectly fine. In contrast “SHIFT_R + .” results in following events:

* 0xFFE2 (SHIFT_R) pressed
* 0xFFE1 (SHIFT_L) pressed
* 0x003E (>) pressed
* 0xFFE1 (SHIFT_L) released
* 0xFFE1 (SHIFT_L) pressed
* 0x003E (>) released
* 0xFFE1 (SHIFT_L) released
* 0xFFE2 (SHIFT_R) released

which leads to the described behavior above.


  was:
We've come across a bug that is corrupting the user input for guacamole sessions over rdp.
The problem only occurs when you open a RDP session inside the RDP session established by
guacamole. Our use case is that we connect to a Hyper-V server and would open the console
of a VM running on it. You can very well test that too with connecting to any RDP server from
the connection established by guacamole.

We've tested this extensively and we can observe the following: Whenever you press a key combination
that produces another result by adding a modifier key, like "SHIFT_R + ."(dot) which should
lead to an ">" sign, it's only a matter of time when this is mapped to a "."(dot) sign.
This does not only occur when you hold both keys down, it also occurs occasionally when you
press it the first time. This makes entering passwords super hard and seems to be a bug.

We've traced it down to the corresponding C code and think the problem is here:

https://github.com/apache/incubator-guacamole-server/blob/master/src/protocols/rdp/keyboard.c#L261

In some cases of extra mapped keys, for example in the above case, it's sending more keys
than expected. We can see that “SHIFT_L + .” results in following keysym updates:
 
* FFE1 (SHIFT_R) pressed
* 003E (>) pressed
* 003E (>) released
* FFE1 (SHIFT_R) released

and works perfectly fine. In contrast “SHIFT_R + .” results in following events:

* FFE2 (SHIFT_R) pressed
* FFE1 (SHIFT_L) pressed
* 003E (>) pressed
* FFE1 (SHIFT_L) released
* FFE1 (SHIFT_L) pressed
* 003E (>) released
* FFE1 (SHIFT_L) released
* FFE2 (SHIFT_R) released

which leads to the described behavior above.



> Currupt user input for guacamole sessions over RDP
> --------------------------------------------------
>
>                 Key: GUACAMOLE-349
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-349
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole, RDP
>            Reporter: Sebastian Ohmsen
>
> We've come across a bug that is corrupting the user input for guacamole sessions over
rdp. The problem only occurs when you open a RDP session inside the RDP session established
by guacamole. Our use case is that we connect to a Hyper-V server and would open the console
of a VM running on it. You can very well test that too with connecting to any RDP server from
the connection established by guacamole.
> We've tested this extensively and we can observe the following: Whenever you press a
key combination that produces another result by adding a modifier key, like "SHIFT_R + ."(dot)
which should lead to an ">" sign, it's only a matter of time when this is mapped to a "."(dot)
sign. This does not only occur when you hold both keys down, it also occurs occasionally when
you press it the first time. This makes entering passwords super hard and seems to be a bug.
> We've traced it down to the corresponding C code and think the problem is here:
> https://github.com/apache/incubator-guacamole-server/blob/master/src/protocols/rdp/keyboard.c#L261
> In some cases of extra mapped keys, for example in the above case, it's sending more
keys than expected. We can see that “SHIFT_L + .” results in following keysym updates:
>  
> * 0xFFE1 (SHIFT_R) pressed
> * 0x003E (>) pressed
> * 0x003E (>) released
> * 0xFFE1 (SHIFT_R) released
> and works perfectly fine. In contrast “SHIFT_R + .” results in following events:
> * 0xFFE2 (SHIFT_R) pressed
> * 0xFFE1 (SHIFT_L) pressed
> * 0x003E (>) pressed
> * 0xFFE1 (SHIFT_L) released
> * 0xFFE1 (SHIFT_L) pressed
> * 0x003E (>) released
> * 0xFFE1 (SHIFT_L) released
> * 0xFFE2 (SHIFT_R) released
> which leads to the described behavior above.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message