xrdp: update to 0.9.15

2021-02-09 20:33:01 +00:00 · 2021-02-09 20:33:01 +00:00 · c1404855cf
parent f848da0275
commit c1404855cf
6 changed files with 170 additions and 437 deletions
--- a/x11-packages/xrdp/build.sh
+++ b/x11-packages/xrdp/build.sh
@ -2,10 +2,9 @@ TERMUX_PKG_HOMEPAGE=https://github.com/neutrinolabs/xrdp
 TERMUX_PKG_DESCRIPTION="An open source remote desktop protocol (RDP) server"
 TERMUX_PKG_LICENSE="Apache-2.0"
 TERMUX_PKG_MAINTAINER="Leonid Pliushch <leonid.pliushch@gmail.com>"
-TERMUX_PKG_VERSION=0.9.14
-TERMUX_PKG_REVISION=1
+TERMUX_PKG_VERSION=0.9.15
 TERMUX_PKG_SRCURL=https://github.com/neutrinolabs/xrdp/releases/download/v${TERMUX_PKG_VERSION}/xrdp-${TERMUX_PKG_VERSION}.tar.gz
-TERMUX_PKG_SHA256=e3a9d27da7881dbfb7fd22b33c11dd7390d42ca8ff94541e88f552b8dce1b5d2
+TERMUX_PKG_SHA256=ad0381e45fe5236c34ff750850df9545c5bef45fc3b3c9386217cb65a6f9b541
 TERMUX_PKG_DEPENDS="libandroid-shmem, libcrypt, libice, libsm, libuuid, libx11, libxau, libxcb, libxfixes, libxdmcp, libxrandr, openssl, procps, tigervnc"
 TERMUX_PKG_BUILD_IN_SRC=true
 TERMUX_PKG_EXTRA_CONFIGURE_ARGS="
@ -15,6 +14,9 @@ TERMUX_PKG_EXTRA_CONFIGURE_ARGS="
 "

 TERMUX_PKG_CONFFILES="
+etc/xrdp/cert.pem
+etc/xrdp/key.pem
+etc/xrdp/km-00000406.ini
 etc/xrdp/km-00000407.ini
 etc/xrdp/km-00000409.ini
 etc/xrdp/km-0000040a.ini
@ -30,16 +32,18 @@ etc/xrdp/km-00000419.ini
 etc/xrdp/km-0000041d.ini
 etc/xrdp/km-00000807.ini
 etc/xrdp/km-00000809.ini
+etc/xrdp/km-0000080a.ini
 etc/xrdp/km-0000080c.ini
 etc/xrdp/km-00000813.ini
 etc/xrdp/km-00000816.ini
 etc/xrdp/km-0000100c.ini
 etc/xrdp/km-00010409.ini
+etc/xrdp/km-19360409.ini
+etc/xrdp/pulse/default.pa
 etc/xrdp/reconnectwm.sh
 etc/xrdp/sesman.ini
 etc/xrdp/startwm.sh
 etc/xrdp/xrdp.ini
-etc/xrdp/xrdp.sh
 etc/xrdp/xrdp_keyboard.ini
 "

@ -49,27 +53,10 @@ etc/init.d
 "

 termux_step_pre_configure() {
+	LDFLAGS+=" -Wl,-rpath=${TERMUX_PREFIX}/lib/xrdp -Wl,--enable-new-dtags"
 	export LIBS="-landroid-shmem -llog"
 }

-termux_step_post_make_install() {
-	mv -f "${TERMUX_PREFIX}/sbin/xrdp" "${TERMUX_PREFIX}/bin/xrdp"
-	mv -f "${TERMUX_PREFIX}/sbin/xrdp-chansrv" "${TERMUX_PREFIX}/bin/xrdp-chansrv"
-	mv -f "${TERMUX_PREFIX}/sbin/xrdp-sesman" "${TERMUX_PREFIX}/bin/xrdp-sesman"
-	mkdir -p "${TERMUX_PREFIX}/libexec/xrdp"
-
-	for bin in xrdp xrdp-chansrv xrdp-genkeymap xrdp-keygen xrdp-sesadmin xrdp-sesman xrdp-sesrun; do
-		mv -f "${TERMUX_PREFIX}/bin/${bin}" "${TERMUX_PREFIX}/libexec/xrdp/${bin}"
-		{
-			echo "#!${TERMUX_PREFIX}/bin/sh"
-			echo "export LD_LIBRARY_PATH=\${LD_LIBRARY_PATH}:${TERMUX_PREFIX}/lib/xrdp"
-			echo "exec ${TERMUX_PREFIX}/libexec/xrdp/${bin} \"\${@}\""
-		} > "${TERMUX_PREFIX}/bin/${bin}"
-		chmod 700 "${TERMUX_PREFIX}/bin/${bin}"
-	done
-	unset bin
-}
-
 termux_step_create_debscripts() {
 	{
 		echo "#!${TERMUX_PREFIX}/bin/sh"
--- a/x11-packages/xrdp/fix-configs.patch
+++ b/x11-packages/xrdp/fix-configs.patch
@ -1,6 +1,6 @@
-diff -uNr xrdp-0.9.14/sesman/sesman.ini xrdp-0.9.14.mod/sesman/sesman.ini
--- xrdp-0.9.14/sesman/sesman.ini	2020-08-31 06:33:40.000000000 +0000
-+++ xrdp-0.9.14.mod/sesman/sesman.ini	2020-09-12 21:30:47.582018081 +0000
+diff -uNr xrdp-0.9.15/sesman/sesman.ini xrdp-0.9.15.mod/sesman/sesman.ini
+--- xrdp-0.9.15/sesman/sesman.ini	2020-12-28 14:06:46.000000000 +0000
+++ xrdp-0.9.15.mod/sesman/sesman.ini	2021-02-09 20:49:43.840603310 +0000
@@ -4,11 +4,14 @@
 ListenAddress=127.0.0.1
 ListenPort=3350
@ -26,67 +26,24 @@ diff -uNr xrdp-0.9.14/sesman/sesman.ini xrdp-0.9.14.mod/sesman/sesman.ini
 ; When AlwaysGroupCheck=false access will be permitted
 ; if the group TerminalServerUsers is not defined.
 AlwaysGroupCheck=false
-@@ -66,35 +70,13 @@
- [Logging]
+@@ -67,7 +71,7 @@
+ ; Note: Log levels can be any of: core, error, warning, info, debug, or trace
 LogFile=xrdp-sesman.log
- LogLevel=DEBUG
-EnableSyslog=1
-+EnableSyslog=0
- SyslogLevel=DEBUG
- 
- ;
- ; Session definitions - startup command-line parameters for each session type
- ;
- 
-[Xorg]
-; Specify the path of non-suid Xorg executable. It might differ depending
-; on your distribution and version. Find out the appropreate path for your
-; environment. The typical path is known as follows:
-;
-; Fedora 26 or later    :  param=/usr/libexec/Xorg
-; Debian 9 or later     :  param=/usr/lib/xorg/Xorg
-; Ubuntu 16.04 or later :  param=/usr/lib/xorg/Xorg
-; Arch Linux            :  param=/usr/lib/Xorg
-; CentOS 7              :  param=/usr/bin/Xorg or param=Xorg
-; CentOS 8              :  param=/usr/libexec/Xorg
-;
-param=Xorg
-; Leave the rest paramaters as-is unless you understand what will happen.
-param=-config
-param=xrdp/xorg.conf
-param=-noreset
-param=-nolisten
-param=tcp
-param=-logfile
-param=.xorgxrdp.%s.log
-
- [Xvnc]
- param=Xvnc
- param=-bs
-@@ -112,4 +94,4 @@
- FileUmask=077
+ LogLevel=INFO
+-EnableSyslog=true
+EnableSyslog=false
+ #SyslogLevel=INFO
+ #EnableConsole=false
+ #ConsoleLevel=INFO
+@@ -144,4 +148,4 @@
+ #main()=INFO
 
 [SessionVariables]
 -PULSE_SCRIPT=/etc/xrdp/pulse/default.pa
 +PULSE_SCRIPT=@TERMUX_PREFIX@/etc/xrdp/pulse/default.pa
-diff -uNr xrdp-0.9.14/sesman/startwm.sh xrdp-0.9.14.mod/sesman/startwm.sh
--- xrdp-0.9.14/sesman/startwm.sh	2020-06-26 11:13:58.000000000 +0000
-+++ xrdp-0.9.14.mod/sesman/startwm.sh	2020-09-12 21:30:20.244107105 +0000
-@@ -4,12 +4,12 @@
- # depending on your distro if it doesn't work for you.
- #
- # Uncomment the following line for debug:
-# exec xterm
-+# exec aterm
- 
- 
- # Execution sequence for interactive login shell - pseudocode
- #
-# IF /etc/profile is readable THEN
-+# IF @TERMUX_PREFIX@/etc/profile is readable THEN
- #     execute ~/.bash_profile
- # END IF
- # IF ~/.bash_profile is readable THEN
+diff -uNr xrdp-0.9.15/sesman/startwm.sh xrdp-0.9.15.mod/sesman/startwm.sh
+--- xrdp-0.9.15/sesman/startwm.sh	2020-12-28 14:03:43.000000000 +0000
+++ xrdp-0.9.15.mod/sesman/startwm.sh	2021-02-09 20:48:25.124354950 +0000
@@ -25,8 +25,8 @@
 # END IF
 pre_start()
@ -98,48 +55,27 @@ diff -uNr xrdp-0.9.14/sesman/startwm.sh xrdp-0.9.14.mod/sesman/startwm.sh
   fi
   if [ -r ~/.bash_profile ]; then
     . ~/.bash_profile
-@@ -58,53 +58,13 @@
+@@ -58,6 +58,7 @@
 #start the window manager
 wm_start()
 {
-  if [ -r /etc/default/locale ]; then
-    . /etc/default/locale
-    export LANG LANGUAGE
-  fi
-
-  # debian
-  if [ -r /etc/X11/Xsession ]; then
-    pre_start
-    . /etc/X11/Xsession
-    post_start
-    exit 0
-  fi
-
-  # el
-  if [ -r /etc/X11/xinit/Xsession ]; then
-    pre_start
-    . /etc/X11/xinit/Xsession
-    post_start
-    exit 0
-  fi
-
-  # suse
-  if [ -r /etc/X11/xdm/Xsession ]; then
-    # since the following script run a user login shell,
-    # do not execute the pseudo login shell scripts
-    . /etc/X11/xdm/Xsession
-    exit 0
-  fi
-
+  if ! [ -d "@TERMUX_PREFIX@" ]; then # !Termux
+   if [ -r /etc/default/locale ]; then
+     . /etc/default/locale
+     export LANG LANGUAGE
+@@ -89,26 +90,13 @@
+     . /usr/etc/X11/xdm/Xsession
+     exit 0
+   fi
+  fi # end !Termux
+ 
   pre_start
-  xterm
-+  aterm
+   xterm
   post_start
 }
 
 -#. /etc/environment
-+#PATH="@TERMUX_PREFIX@/bin:@TERMUX_PREFIX@/bin/applets"
- #export PATH=$PATH
+-#export PATH=$PATH
 -#export LANG=$LANG
 -
 -# change PATH to be what your environment needs usually what is in
@ -151,37 +87,23 @@ diff -uNr xrdp-0.9.14/sesman/startwm.sh xrdp-0.9.14.mod/sesman/startwm.sh
 -# pam will auto process the environment file if /etc/pam.d/xrdp-sesman
 -# includes
 -# auth       required     pam_env.so readenv=1
- 
+-
 wm_start
 
-diff -uNr xrdp-0.9.14/xrdp/xrdp.ini xrdp-0.9.14.mod/xrdp/xrdp.ini
--- xrdp-0.9.14/xrdp/xrdp.ini	2020-08-31 06:33:40.000000000 +0000
-+++ xrdp-0.9.14.mod/xrdp/xrdp.ini	2020-09-12 21:31:50.324403885 +0000
-@@ -72,12 +72,12 @@
- #hidelogwindow=true
- max_bpp=32
- new_cursors=true
-+
- ; fastpath - can be 'input', 'output', 'both', 'none'
- use_fastpath=both
-+
- ; when true, userid/password *must* be passed on cmd line
- #require_credentials=true
-; You can set the PAM error text in a gateway setup (MAX 256 chars)
-#pamerrortxt=change your password according to policy at http://url
- 
- ;
- ; colors used by windows in RGB format
-@@ -145,7 +145,7 @@
- [Logging]
+ exit 1
+diff -uNr xrdp-0.9.15/xrdp/xrdp.ini xrdp-0.9.15.mod/xrdp/xrdp.ini
+--- xrdp-0.9.15/xrdp/xrdp.ini	2020-12-28 14:06:46.000000000 +0000
+++ xrdp-0.9.15.mod/xrdp/xrdp.ini	2021-02-09 20:50:21.452544512 +0000
+@@ -153,7 +153,7 @@
+ ; Note: Log levels can be any of: core, error, warning, info, debug, or trace
 LogFile=xrdp.log
- LogLevel=DEBUG
+ LogLevel=INFO
 -EnableSyslog=true
 +EnableSyslog=false
- SyslogLevel=DEBUG
- ; LogLevel and SysLogLevel could by any of: core, error, warning, info or debug
- 
-@@ -165,32 +165,20 @@
+ #SyslogLevel=INFO
+ #EnableConsole=false
+ #ConsoleLevel=INFO
+@@ -180,32 +180,20 @@
 tcutils=true
 
 ; for debugging xrdp, in section xrdp1, change port=-1 to this:
@ -217,7 +139,7 @@ diff -uNr xrdp-0.9.14/xrdp/xrdp.ini xrdp-0.9.14.mod/xrdp/xrdp.ini
 password=ask
 ip=127.0.0.1
 port=-1
-@@ -200,27 +188,6 @@
+@@ -215,27 +203,6 @@
 ; (1 = ExtendedDesktopSize)
 #disabled_encodings_mask=0
 
--- a/x11-packages/xrdp/fix-tmpdir.patch
+++ b/x11-packages/xrdp/fix-tmpdir.patch
@ -1,7 +1,7 @@
-diff -uNr xrdp-0.9.8/sesman/sesman.c xrdp-0.9.8.mod/sesman/sesman.c
--- xrdp-0.9.8/sesman/sesman.c	2018-08-02 03:02:02.000000000 +0300
-+++ xrdp-0.9.8.mod/sesman/sesman.c	2018-12-27 15:39:08.642579869 +0200
-@@ -430,14 +430,14 @@
+diff -uNr xrdp-0.9.15/sesman/sesman.c xrdp-0.9.15.mod/sesman/sesman.c
+--- xrdp-0.9.15/sesman/sesman.c	2020-12-28 14:03:43.000000000 +0000
+++ xrdp-0.9.15.mod/sesman/sesman.c	2021-02-09 20:42:04.596481217 +0000
+@@ -573,14 +573,14 @@
     g_mk_socket_path("xrdp-sesman");
 
     /* make sure the /tmp/.X11-unix directory exists */
@ -11,7 +11,7 @@ diff -uNr xrdp-0.9.8/sesman/sesman.c xrdp-0.9.8.mod/sesman/sesman.c
 -        if (!g_create_dir("/tmp/.X11-unix"))
 +        if (!g_create_dir("@TERMUX_PREFIX@/tmp/.X11-unix"))
         {
-             log_message(LOG_LEVEL_ERROR,
+             LOG(LOG_LEVEL_ERROR,
 -                "sesman.c: error creating dir /tmp/.X11-unix");
 +                "sesman.c: error creating dir @TERMUX_PREFIX@/tmp/.X11-unix");
         }
@ -20,10 +20,10 @@ diff -uNr xrdp-0.9.8/sesman/sesman.c xrdp-0.9.8.mod/sesman/sesman.c
     }
 
     g_snprintf(text, 255, "xrdp_sesman_%8.8x_main_term", g_pid);
-diff -uNr xrdp-0.9.8/sesman/session.c xrdp-0.9.8.mod/sesman/session.c
--- xrdp-0.9.8/sesman/session.c	2018-09-18 07:21:13.000000000 +0300
-+++ xrdp-0.9.8.mod/sesman/session.c	2018-12-27 15:39:08.645913187 +0200
-@@ -171,12 +171,12 @@
+diff -uNr xrdp-0.9.15/sesman/session.c xrdp-0.9.15.mod/sesman/session.c
+--- xrdp-0.9.15/sesman/session.c	2020-12-28 14:03:43.000000000 +0000
+++ xrdp-0.9.15.mod/sesman/session.c	2021-02-09 20:40:54.773164884 +0000
+@@ -168,12 +168,12 @@
     int x_running;
     int sck;
 
@ -38,7 +38,7 @@ diff -uNr xrdp-0.9.8/sesman/session.c xrdp-0.9.8.mod/sesman/session.c
         x_running = g_file_exist(text);
     }
 
-@@ -257,12 +257,12 @@
+@@ -254,12 +254,12 @@
     char text[256];
     int x_running;
 
@ -53,10 +53,10 @@ diff -uNr xrdp-0.9.8/sesman/session.c xrdp-0.9.8.mod/sesman/session.c
         x_running = g_file_exist(text);
     }
 
-diff -uNr xrdp-0.9.8/xrdp/xrdp_mm.c xrdp-0.9.8.mod/xrdp/xrdp_mm.c
--- xrdp-0.9.8/xrdp/xrdp_mm.c	2018-07-12 12:02:33.000000000 +0300
-+++ xrdp-0.9.8.mod/xrdp/xrdp_mm.c	2018-12-27 15:39:08.649246505 +0200
-@@ -2123,7 +2123,7 @@
+diff -uNr xrdp-0.9.15/xrdp/xrdp_mm.c xrdp-0.9.15.mod/xrdp/xrdp_mm.c
+--- xrdp-0.9.15/xrdp/xrdp_mm.c	2020-12-28 14:03:43.000000000 +0000
+++ xrdp-0.9.15.mod/xrdp/xrdp_mm.c	2021-02-09 20:40:54.773164884 +0000
+@@ -2458,7 +2458,7 @@
     header.bytes_follow = enc_done->comp_bytes - (2 + pheader_bytes[0]);
     if (ii == 0)
     {
--- a/x11-packages/xrdp/no-getlogin_r.patch
+++ b/x11-packages/xrdp/no-getlogin_r.patch
@ -0,0 +1,12 @@
+diff -uNr xrdp-0.9.15/common/os_calls.c xrdp-0.9.15.mod/common/os_calls.c
+--- xrdp-0.9.15/common/os_calls.c	2020-12-28 14:03:43.000000000 +0000
+++ xrdp-0.9.15.mod/common/os_calls.c	2021-02-09 20:54:21.613711012 +0000
+@@ -2799,7 +2799,7 @@
+ int
+ g_getlogin(char *name, unsigned int len)
+ {
+-#if defined(_WIN32)
+#if defined(_WIN32) || defined(__ANDROID__)
+     return -1;
+ #else
+     return getlogin_r(name, len);
--- a/x11-packages/xrdp/sesman-no-shadow.patch
+++ b/x11-packages/xrdp/sesman-no-shadow.patch
@ -1,281 +0,0 @@
-diff -uNr xrdp-0.9.8/sesman/verify_user.c xrdp-0.9.8.mod/sesman/verify_user.c
--- xrdp-0.9.8/sesman/verify_user.c	2018-03-26 09:18:26.000000000 +0300
-+++ xrdp-0.9.8.mod/sesman/verify_user.c	2018-12-27 15:46:20.210152209 +0200
-@@ -33,8 +33,6 @@
- #include <stdio.h>
- #include <string.h>
- #include <sys/types.h>
-#include <crypt.h>
-#include <shadow.h>
- #include <pwd.h>
- 
- #ifndef SECS_PER_DAY
-@@ -43,58 +41,12 @@
- 
- extern struct config_sesman *g_cfg; /* in sesman.c */
- 
-static int
-auth_crypt_pwd(const char *pwd, const char *pln, char *crp);
-
-static int
-auth_account_disabled(struct spwd *stp);
-
- /******************************************************************************/
- /* returns boolean */
- long
- auth_userpass(const char *user, const char *pass, int *errorcode)
- {
-    const char *encr;
-    const char *epass;
-    struct passwd *spw;
-    struct spwd *stp;
-
-    spw = getpwnam(user);
-
-    if (spw == 0)
-    {
-        return 0;
-    }
-
-    if (g_strncmp(spw->pw_passwd, "x", 3) == 0)
-    {
-        /* the system is using shadow */
-        stp = getspnam(user);
-
-        if (stp == 0)
-        {
-            return 0;
-        }
-
-        if (1 == auth_account_disabled(stp))
-        {
-            log_message(LOG_LEVEL_INFO, "account %s is disabled", user);
-            return 0;
-        }
-
-        encr = stp->sp_pwdp;
-    }
-    else
-    {
-        /* old system with only passwd */
-        encr = spw->pw_passwd;
-    }
-    epass = crypt(pass, encr);
-    if (epass == 0)
-    {
-        return 0;
-    }
-    return (strcmp(encr, epass) == 0);
-+    return 1;
- }
- 
- /******************************************************************************/
-@@ -131,207 +83,11 @@
- int
- auth_check_pwd_chg(const char *user)
- {
-    struct passwd *spw;
-    struct spwd *stp;
-    int now;
-    long today;
-
-    spw = getpwnam(user);
-
-    if (spw == 0)
-    {
-        return AUTH_PWD_CHG_ERROR;
-    }
-
-    if (g_strncmp(spw->pw_passwd, "x", 3) != 0)
-    {
-        /* old system with only passwd */
-        return AUTH_PWD_CHG_OK;
-    }
-
-    /* the system is using shadow */
-    stp = getspnam(user);
-
-    if (stp == 0)
-    {
-        return AUTH_PWD_CHG_ERROR;
-    }
-
-    /* check if we need a pwd change */
-    now = g_time1();
-    today = now / SECS_PER_DAY;
-
-    if (stp->sp_expire == -1)
-    {
-        return AUTH_PWD_CHG_OK;
-    }
-
-    if (today >= (stp->sp_lstchg + stp->sp_max - stp->sp_warn))
-    {
-        return AUTH_PWD_CHG_CHANGE;
-    }
-
-    if (today >= (stp->sp_lstchg + stp->sp_max))
-    {
-        return AUTH_PWD_CHG_CHANGE_MANDATORY;
-    }
-
-    if (today < ((stp->sp_lstchg) + (stp->sp_min)))
-    {
-        /* cannot change pwd for now */
-        return AUTH_PWD_CHG_NOT_NOW;
-    }
-
-     return AUTH_PWD_CHG_OK;
- }
- 
- int
- auth_change_pwd(const char *user, const char *newpwd)
- {
-    struct passwd *spw;
-    struct spwd *stp;
-    char hash[35] = "";
-    long today;
-
-    FILE *fd;
-
-    if (0 != lckpwdf())
-    {
-        return 1;
-    }
-
-    /* open passwd */
-    spw = getpwnam(user);
-
-    if (spw == 0)
-    {
-        return 1;
-    }
-
-    if (g_strncmp(spw->pw_passwd, "x", 3) != 0)
-    {
-        /* old system with only passwd */
-        if (auth_crypt_pwd(spw->pw_passwd, newpwd, hash) != 0)
-        {
-            ulckpwdf();
-            return 1;
-        }
-
-        spw->pw_passwd = g_strdup(hash);
-        fd = fopen("/etc/passwd", "rw");
-        putpwent(spw, fd);
-    }
-    else
-    {
-        /* the system is using shadow */
-        stp = getspnam(user);
-
-        if (stp == 0)
-        {
-            return 1;
-        }
-
-        /* old system with only passwd */
-        if (auth_crypt_pwd(stp->sp_pwdp, newpwd, hash) != 0)
-        {
-            ulckpwdf();
-            return 1;
-        }
-
-        stp->sp_pwdp = g_strdup(hash);
-        today = g_time1() / SECS_PER_DAY;
-        stp->sp_lstchg = today;
-        stp->sp_expire = today + stp->sp_max + stp->sp_inact;
-        fd = fopen("/etc/shadow", "rw");
-        putspent(stp, fd);
-    }
-
-    ulckpwdf();
-    return 0;
-}
-
-/**
- *
- * @brief Password encryption
- * @param pwd Old password
- * @param pln Plaintext new password
- * @param crp Crypted new password
- *
- */
-
-static int
-auth_crypt_pwd(const char *pwd, const char *pln, char *crp)
-{
-    char salt[13] = "$1$";
-    int saltcnt = 0;
-    char *encr;
-
-    if (g_strncmp(pwd, "$1$", 3) == 0)
-    {
-        /* gnu style crypt(); */
-        saltcnt = 3;
-
-        while ((pwd[saltcnt] != '$') && (saltcnt < 11))
-        {
-            salt[saltcnt] = pwd[saltcnt];
-            saltcnt++;
-        }
-
-        salt[saltcnt] = '$';
-        salt[saltcnt + 1] = '\0';
-    }
-    else
-    {
-        /* classic two char salt */
-        salt[0] = pwd[0];
-        salt[1] = pwd[1];
-        salt[2] = '\0';
-    }
-
-    encr = crypt(pln, salt);
-    g_strncpy(crp, encr, 34);
-
-    return 0;
-}
-
-/**
- *
- * @return 1 if the account is disabled, 0 otherwise
- *
- */
-static int
-auth_account_disabled(struct spwd *stp)
-{
-    int today;
-
-    if (0 == stp)
-    {
-        /* if an invalid struct was passed we assume a disabled account */
-        return 1;
-    }
-
-    today = g_time1() / SECS_PER_DAY;
-
-    LOG_DBG("last   %d", stp->sp_lstchg);
-    LOG_DBG("min    %d", stp->sp_min);
-    LOG_DBG("max    %d", stp->sp_max);
-    LOG_DBG("inact  %d", stp->sp_inact);
-    LOG_DBG("warn   %d", stp->sp_warn);
-    LOG_DBG("expire %d", stp->sp_expire);
-    LOG_DBG("today  %d", today);
-
-    if ((stp->sp_expire != -1) && (today >= stp->sp_expire))
-    {
-        return 1;
-    }
-
-    if ((stp->sp_max >= 0) &&
-        (stp->sp_inact >= 0) &&
-        (stp->sp_lstchg > 0) &&
-        (today >= (stp->sp_lstchg + stp->sp_max + stp->sp_inact)))
-    {
-        return 1;
-    }
-
-    return 0;
-+    return 1;
- }
--- a/x11-packages/xrdp/termux-dont-have-shadow.patch
+++ b/x11-packages/xrdp/termux-dont-have-shadow.patch
@ -0,0 +1,93 @@
+diff -uNr xrdp-0.9.15/sesman/verify_user.c xrdp-0.9.15.mod/sesman/verify_user.c
+--- xrdp-0.9.15/sesman/verify_user.c	2020-12-28 14:03:43.000000000 +0000
+++ xrdp-0.9.15.mod/sesman/verify_user.c	2021-02-09 20:39:29.340212904 +0000
+@@ -33,8 +33,10 @@
+ #include <stdio.h>
+ #include <string.h>
+ #include <sys/types.h>
+#ifndef __ANDROID__
+ #include <crypt.h>
+ #include <shadow.h>
+#endif
+ #include <pwd.h>
+ 
+ #ifndef SECS_PER_DAY
+@@ -43,17 +45,20 @@
+ 
+ extern struct config_sesman *g_cfg; /* in sesman.c */
+ 
+#ifndef __ANDROID__
+ static int
+ auth_crypt_pwd(const char *pwd, const char *pln, char *crp);
+ 
+ static int
+ auth_account_disabled(struct spwd *stp);
+#endif
+ 
+ /******************************************************************************/
+ /* returns boolean */
+ long
+ auth_userpass(const char *user, const char *pass, int *errorcode)
+ {
+#ifndef __ANDROID__
+     const char *encr;
+     const char *epass;
+     struct passwd *spw;
+@@ -95,6 +100,9 @@
+         return 0;
+     }
+     return (strcmp(encr, epass) == 0);
+#else
+    return 1;
+#endif
+ }
+ 
+ /******************************************************************************/
+@@ -131,6 +139,7 @@
+ int
+ auth_check_pwd_chg(const char *user)
+ {
+#ifndef __ANDROID__
+     struct passwd *spw;
+     struct spwd *stp;
+     int now;
+@@ -181,13 +190,14 @@
+         /* cannot change pwd for now */
+         return AUTH_PWD_CHG_NOT_NOW;
+     }
+-
+#endif
+     return AUTH_PWD_CHG_OK;
+ }
+ 
+ int
+ auth_change_pwd(const char *user, const char *newpwd)
+ {
+#ifndef __ANDROID__
+     struct passwd *spw;
+     struct spwd *stp;
+     char hash[35] = "";
+@@ -248,6 +258,9 @@
+ 
+     ulckpwdf();
+     return 0;
+#else
+    return 1;
+#endif
+ }
+ 
+ /**
+@@ -258,7 +271,7 @@
+  * @param crp Crypted new password
+  *
+  */
+-
+#ifndef __ANDROID__
+ static int
+ auth_crypt_pwd(const char *pwd, const char *pln, char *crp)
+ {
+@@ -335,3 +348,4 @@
+ 
+     return 0;
+ }
+#endif // __ANDROID__