Merge remote-tracking branch 'upstream/master'

channels/rdpdr/disk/disk_file.c

@@ -566,7 +566,7 @@ boolean disk_file_query_directory(DISK_FILE* file, uint32 FsInformationClass, ui
 	}
 	xfree(ent_path);
 
-	DEBUG_SVC("  pattern %s matched %s\n", file->pattern, ent_path);
+	DEBUG_SVC("  pattern %s matched %s", file->pattern, ent_path);
 
 	uniconv = freerdp_uniconv_new();
 	ent_path = freerdp_uniconv_out(uniconv, ent->d_name, &len);

channels/rdpdr/disk/disk_main.c

@@ -76,7 +76,7 @@ disk_map_posix_err(int fs_errno)
 			rc = STATUS_UNSUCCESSFUL;
 			break;
 	}
-	DEBUG_SVC("errno 0x%x mapped to 0x%x\n", fs_errno, rc);
+	DEBUG_SVC("errno 0x%x mapped to 0x%x", fs_errno, rc);
 	return rc;
 }
 

channels/rdpdr/rdpdr_main.c

@@ -293,7 +293,7 @@ static void rdpdr_process_receive(rdpSvcPlugin* plugin, STREAM* data_in)
 	}
 	else
 	{
-		DEBUG_WARN("RDPDR component: 0x%02X packetID: 0x%02X\n", component, packetID);
+		DEBUG_WARN("RDPDR component: 0x%02X packetID: 0x%02X", component, packetID);
 	}
 
 	stream_free(data_in);

channels/rdpdr/smartcard/scard_operations.c

@@ -238,7 +238,7 @@ static uint32 sc_map_state(uint32 state)
 	if (state & SCARD_SPECIFIC)
 		state = 0x00000006;
 	else if (state & SCARD_NEGOTIABLE)
-		state = 0x00000005;
+		state = 0x00000006;
 	else if (state & SCARD_POWERED)
 		state = 0x00000004;
 	else if (state & SCARD_SWALLOWED)
@@ -497,7 +497,7 @@ static uint32 handle_GetStatusChange(IRP* irp, boolean wide)
 		cur = &readerStates[i];
 
 		DEBUG_SCARD("   \"%s\"", cur->szReader ? cur->szReader : "NULL");
-		DEBUG_SCARD("       user: 0x%08x, state: 0x%08x, event: 0x%08x\n",
+		DEBUG_SCARD("       user: 0x%08x, state: 0x%08x, event: 0x%08x",
 			(unsigned) cur->pvUserData, (unsigned) cur->dwCurrentState,
 			(unsigned) cur->dwEventState);
 
@@ -529,9 +529,9 @@ static uint32 handle_Cancel(IRP *irp)
 	rv = SCardCancel(hContext);
 
 	if (rv != SCARD_S_SUCCESS)
-		DEBUG_SCARD("Failure: %s (0x%08x)\n", pcsc_stringify_error(rv), (unsigned) rv);
+		DEBUG_SCARD("Failure: %s (0x%08x)", pcsc_stringify_error(rv), (unsigned) rv);
 	else
-		DEBUG_SCARD("Success context: 0x%08x %s\n", (unsigned) hContext, pcsc_stringify_error(rv));
+		DEBUG_SCARD("Success context: 0x%08x %s", (unsigned) hContext, pcsc_stringify_error(rv));
 
 	sc_output_alignment(irp, 8);
 
@@ -1062,7 +1062,7 @@ static uint32 handle_GetAttrib(IRP* irp)
 	stream_seek(irp->input, 0xC);
 	stream_read_uint32(irp->input, hCard);
 
-	DEBUG_SCARD("hcard: 0x%08x, attrib: 0x%08x (%d bytes)\n",
+	DEBUG_SCARD("hcard: 0x%08x, attrib: 0x%08x (%d bytes)",
 		(unsigned) hCard, (unsigned) dwAttrId, (int) dwAttrLen);
 
 #ifdef SCARD_AUTOALLOCATE

client/Windows/wf_event.c

@@ -40,7 +40,7 @@ LRESULT CALLBACK wf_ll_kbd_proc(int nCode, WPARAM wParam, LPARAM lParam)
 	uint16 kbdFlags;
 	PKBDLLHOOKSTRUCT p;
 
-	DEBUG_KBD("Low-level keyboard hook, hWnd %X nCode %X wParam %X\n", g_focus_hWnd, nCode, wParam);
+	DEBUG_KBD("Low-level keyboard hook, hWnd %X nCode %X wParam %X", g_focus_hWnd, nCode, wParam);
 
 	if (g_focus_hWnd && (nCode == HC_ACTION))
 	{
@@ -57,7 +57,7 @@ LRESULT CALLBACK wf_ll_kbd_proc(int nCode, WPARAM wParam, LPARAM lParam)
 				flags = p->flags;
 				kbdFlags = 0;
 
-				DEBUG_KBD("keydown %d scanCode %04X flags %02X vkCode %02X\n",
+				DEBUG_KBD("keydown %d scanCode %04X flags %02X vkCode %02X",
 					(wParam == WM_KEYDOWN), scanCode, flags, p->vkCode);
 
 				if (wfi->fs_toggle &&
@@ -75,7 +75,7 @@ LRESULT CALLBACK wf_ll_kbd_proc(int nCode, WPARAM wParam, LPARAM lParam)
 					if (flags & LLKHF_EXTENDED)
 					{
 						/* Windows sends NumLock as extended - rdp doesn't */
-						DEBUG_KBD("hack: NumLock (x45) should not be extended\n");
+						DEBUG_KBD("hack: NumLock (x45) should not be extended");
 						flags &= ~LLKHF_EXTENDED;
 					}
 					else
@@ -84,7 +84,7 @@ LRESULT CALLBACK wf_ll_kbd_proc(int nCode, WPARAM wParam, LPARAM lParam)
 						 * It must however be sent as a one-shot Ctrl+NumLock */
 						if (wParam == WM_KEYDOWN)
 						{
-							DEBUG_KBD("Pause, sent as Ctrl+NumLock\n");
+							DEBUG_KBD("Pause, sent as Ctrl+NumLock");
 							input->KeyboardEvent(input, KBD_FLAGS_DOWN, 0x1D); /* Ctrl down */
 							input->KeyboardEvent(input, KBD_FLAGS_DOWN, 0x45); /* NumLock down */
 							input->KeyboardEvent(input, KBD_FLAGS_RELEASE, 0x1D); /* Ctrl up */
@@ -92,7 +92,7 @@ LRESULT CALLBACK wf_ll_kbd_proc(int nCode, WPARAM wParam, LPARAM lParam)
 						}
 						else
 						{
-							DEBUG_KBD("Pause up\n");
+							DEBUG_KBD("Pause up");
 						}
 
 						return 1;
@@ -101,7 +101,7 @@ LRESULT CALLBACK wf_ll_kbd_proc(int nCode, WPARAM wParam, LPARAM lParam)
 
 				if ((scanCode == 0x36) && (flags & LLKHF_EXTENDED))
 				{
-					DEBUG_KBD("hack: right shift (x36) should not be extended\n");
+					DEBUG_KBD("hack: right shift (x36) should not be extended");
 					flags &= ~LLKHF_EXTENDED;
 				}
 
@@ -110,7 +110,7 @@ LRESULT CALLBACK wf_ll_kbd_proc(int nCode, WPARAM wParam, LPARAM lParam)
 				input->KeyboardEvent(input, kbdFlags, scanCode);
 
 				if (p->vkCode == VK_CAPITAL)
-					DEBUG_KBD("caps lock is processed on client side too to toggle caps lock indicator\n");
+					DEBUG_KBD("caps lock is processed on client side too to toggle caps lock indicator");
 				else
 					return 1;
 
@@ -204,12 +204,12 @@ LRESULT CALLBACK wf_event_proc(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM lParam
 			break;
 
 		case WM_SETFOCUS:
-			DEBUG_KBD("getting focus %X\n", hWnd);
+			DEBUG_KBD("getting focus %X", hWnd);
 			g_focus_hWnd = hWnd;
 			break;
 
 		case WM_KILLFOCUS:
-			DEBUG_KBD("loosing focus %X\n", hWnd);
+			DEBUG_KBD("loosing focus %X", hWnd);
 			if (g_focus_hWnd == hWnd)
 				g_focus_hWnd = NULL;
 			break;

client/X11/xfreerdp.1.xml

@@ -442,6 +442,14 @@
           </para>
         </listitem>
       </varlistentry>
+      <varlistentry>
+        <term>--kbd-list</term>
+        <listitem>
+          <para>
+            list all keyboard layout ids used by -k
+          </para>
+        </listitem>
+      </varlistentry>
       <varlistentry>
         <term>--version</term>
         <listitem>

client/X11/xfreerdp.c

@@ -796,22 +796,34 @@ int xf_process_client_args(rdpSettings* settings, const char* opt, const char* v
 		RDP_KEYBOARD_LAYOUT* layouts;
 
 		layouts = freerdp_keyboard_get_layouts(RDP_KEYBOARD_LAYOUT_TYPE_STANDARD);
+
 		printf("\nKeyboard Layouts\n");
 		for (i = 0; layouts[i].code; i++)
+		{
 			printf("0x%08X\t%s\n", layouts[i].code, layouts[i].name);
-		free(layouts);
+			xfree(layouts[i].name);
+		}
+		xfree(layouts);
 
 		layouts = freerdp_keyboard_get_layouts(RDP_KEYBOARD_LAYOUT_TYPE_VARIANT);
+
 		printf("\nKeyboard Layout Variants\n");
 		for (i = 0; layouts[i].code; i++)
+		{
 			printf("0x%08X\t%s\n", layouts[i].code, layouts[i].name);
-		free(layouts);
+			xfree(layouts[i].name);
+		}
+		xfree(layouts);
 
 		layouts = freerdp_keyboard_get_layouts(RDP_KEYBOARD_LAYOUT_TYPE_IME);
+
 		printf("\nKeyboard Input Method Editors (IMEs)\n");
 		for (i = 0; layouts[i].code; i++)
+		{
 			printf("0x%08X\t%s\n", layouts[i].code, layouts[i].name);
-		free(layouts);
+			xfree(layouts[i].name);
+		}
+		xfree(layouts);
 
 		exit(0);
 	}

cunit/CMakeLists.txt

@@ -62,6 +62,8 @@ add_executable(test_freerdp
 	test_drdynvc.h
 	test_rfx.c
 	test_rfx.h
+	test_sspi.c
+	test_sspi.h
 	test_freerdp.c
 	test_freerdp.h
 	test_rail.c

cunit/test_freerdp.c

@@ -27,6 +27,7 @@
 #include "test_bitmap.h"
 #include "test_gdi.h"
 #include "test_list.h"
+#include "test_sspi.h"
 #include "test_stream.h"
 #include "test_utils.h"
 #include "test_orders.h"
@@ -137,6 +138,7 @@ static test_suite suites[] =
 	{ "per", add_per_suite },
 	{ "rail", add_rail_suite },
 	{ "rfx", add_rfx_suite },
+	{ "sspi", add_sspi_suite },
 	{ "stream", add_stream_suite },
 	{ "utils", add_utils_suite },
 	{ "", NULL }

cunit/test_sspi.c

@@ -0,0 +1,134 @@
+/**
+ * FreeRDP: A Remote Desktop Protocol Implementation
+ * Security Support Provider Interface (SSPI) Tests
+ *
+ * Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <freerdp/freerdp.h>
+#include <freerdp/utils/stream.h>
+#include <freerdp/utils/memory.h>
+#include <freerdp/utils/hexdump.h>
+
+#include "test_sspi.h"
+#include <freerdp/auth/sspi.h>
+
+#define NTLM_PACKAGE_NAME		"NTLM"
+
+int init_sspi_suite(void)
+{
+	return 0;
+}
+
+int clean_sspi_suite(void)
+{
+	return 0;
+}
+
+int add_sspi_suite(void)
+{
+	add_test_suite(sspi);
+
+	add_test_function(EnumerateSecurityPackages);
+	add_test_function(QuerySecurityPackageInfo);
+	add_test_function(AcquireCredentialsHandle);
+
+	return 0;
+}
+
+void test_EnumerateSecurityPackages(void)
+{
+	uint32 cPackages;
+	SECURITY_STATUS status;
+	SEC_PKG_INFO* pPackageInfo;
+
+	status = EnumerateSecurityPackages(&cPackages, &pPackageInfo);
+
+	if (status == SEC_E_OK)
+	{
+		int index;
+
+		printf("\nEnumerateSecurityPackages (%d):\n", cPackages);
+
+		for (index = 0; index < cPackages; index++)
+		{
+			printf("\"%s\", \"%s\"\n",
+					pPackageInfo[index].Name, pPackageInfo[index].Comment);
+		}
+	}
+}
+
+void test_QuerySecurityPackageInfo(void)
+{
+	SECURITY_STATUS status;
+	SEC_PKG_INFO* pPackageInfo;
+
+	status = QuerySecurityPackageInfo("NTLM", &pPackageInfo);
+
+	if (status == SEC_E_OK)
+	{
+		printf("\nQuerySecurityPackageInfo:\n");
+		printf("\"%s\", \"%s\"\n", pPackageInfo->Name, pPackageInfo->Comment);
+	}
+}
+
+const char* test_User = "User";
+const char* test_Domain = "Domain";
+const char* test_Password = "Password";
+
+void test_AcquireCredentialsHandle(void)
+{
+	SECURITY_STATUS status;
+	CRED_HANDLE credentials;
+	SEC_TIMESTAMP expiration;
+	SEC_AUTH_IDENTITY identity;
+	SECURITY_FUNCTION_TABLE* table;
+
+	table = InitSecurityInterface();
+
+	identity.User = (uint16*) xstrdup(test_User);
+	identity.UserLength = sizeof(test_User);
+	identity.Domain = (uint16*) xstrdup(test_Domain);
+	identity.DomainLength = sizeof(test_Domain);
+	identity.Password = (uint16*) xstrdup(test_Password);
+	identity.PasswordLength = sizeof(test_Password);
+	identity.Flags = SEC_AUTH_IDENTITY_ANSI;
+
+	status = table->AcquireCredentialsHandle(NULL, NTLM_PACKAGE_NAME,
+			SECPKG_CRED_OUTBOUND, NULL, &identity, NULL, NULL, &credentials, &expiration);
+
+	if (status == SEC_E_OK)
+	{
+
+	}
+}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

cunit/test_sspi.h

@@ -0,0 +1,28 @@
+/**
+ * FreeRDP: A Remote Desktop Protocol Implementation
+ * Security Support Provider Interface (SSPI) Tests
+ *
+ * Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "test_freerdp.h"
+
+int init_sspi_suite(void);
+int clean_sspi_suite(void);
+int add_sspi_suite(void);
+
+void test_EnumerateSecurityPackages(void);
+void test_QuerySecurityPackageInfo(void);
+void test_AcquireCredentialsHandle(void);

include/CMakeLists.txt

@@ -24,7 +24,9 @@ install(DIRECTORY freerdp/utils DESTINATION include/freerdp FILES_MATCHING PATTE
 install(DIRECTORY freerdp/channels DESTINATION include/freerdp FILES_MATCHING PATTERN "*.h")
 install(DIRECTORY freerdp/cache DESTINATION include/freerdp FILES_MATCHING PATTERN "*.h")
 install(DIRECTORY freerdp/gdi DESTINATION include/freerdp FILES_MATCHING PATTERN "*.h")
-install(DIRECTORY freerdp/kbd DESTINATION include/freerdp FILES_MATCHING PATTERN "*.h")
 install(DIRECTORY freerdp/rail DESTINATION include/freerdp FILES_MATCHING PATTERN "*.h")
 install(DIRECTORY freerdp/codec DESTINATION include/freerdp FILES_MATCHING PATTERN "*.h")
 install(DIRECTORY freerdp/plugins DESTINATION include/freerdp FILES_MATCHING PATTERN "*.h")
+install(DIRECTORY freerdp/locale DESTINATION include/freerdp FILES_MATCHING PATTERN "*.h")
+install(DIRECTORY freerdp/crypto DESTINATION include/freerdp FILES_MATCHING PATTERN "*.h")
+install(DIRECTORY freerdp/auth DESTINATION include/freerdp FILES_MATCHING PATTERN "*.h")

include/freerdp/auth/credssp.h

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * Credential Security Support Provider (CredSSP)
  *
- * Copyright 2010 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2010-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,8 +17,8 @@
  * limitations under the License.
  */
 
-#ifndef __CREDSSP_H
-#define __CREDSSP_H
+#ifndef FREERDP_AUTH_CREDSSP_H
+#define FREERDP_AUTH_CREDSSP_H
 
 typedef struct rdp_credssp rdpCredssp;
 
@@ -26,6 +26,7 @@ typedef struct rdp_credssp rdpCredssp;
 #include <freerdp/crypto/ber.h>
 #include <freerdp/crypto/crypto.h>
 
+#include <freerdp/api.h>
 #include <freerdp/freerdp.h>
 #include <freerdp/utils/blob.h>
 #include <freerdp/utils/memory.h>
@@ -49,20 +50,20 @@ struct rdp_credssp
 	rdpSettings* settings;
 };
 
-int credssp_authenticate(rdpCredssp* credssp);
+FREERDP_API int credssp_authenticate(rdpCredssp* credssp);
 
-void credssp_send(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdpBlob* pubKeyAuth);
-int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdpBlob* pubKeyAuth);
+FREERDP_API void credssp_send(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdpBlob* pubKeyAuth);
+FREERDP_API int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdpBlob* pubKeyAuth);
 
-void credssp_encrypt_public_key(rdpCredssp* credssp, rdpBlob* d);
-void credssp_encrypt_ts_credentials(rdpCredssp* credssp, rdpBlob* d);
-int credssp_verify_public_key(rdpCredssp* credssp, rdpBlob* d);
-void credssp_encode_ts_credentials(rdpCredssp* credssp);
+FREERDP_API void credssp_encrypt_public_key(rdpCredssp* credssp, rdpBlob* d);
+FREERDP_API void credssp_encrypt_ts_credentials(rdpCredssp* credssp, rdpBlob* d);
+FREERDP_API int credssp_verify_public_key(rdpCredssp* credssp, rdpBlob* d);
+FREERDP_API void credssp_encode_ts_credentials(rdpCredssp* credssp);
 
-void credssp_current_time(uint8* timestamp);
-void credssp_rc4k(uint8* key, int length, uint8* plaintext, uint8* ciphertext);
+FREERDP_API void credssp_current_time(uint8* timestamp);
+FREERDP_API void credssp_rc4k(uint8* key, int length, uint8* plaintext, uint8* ciphertext);
 
-rdpCredssp* credssp_new(freerdp* instance, rdpTls* tls, rdpSettings* settings);
-void credssp_free(rdpCredssp* credssp);
+FREERDP_API rdpCredssp* credssp_new(freerdp* instance, rdpTls* tls, rdpSettings* settings);
+FREERDP_API void credssp_free(rdpCredssp* credssp);
 
-#endif /* __CREDSSP_H */
+#endif /* FREERDP_AUTH_CREDSSP_H */

include/freerdp/auth/ntlmssp.h

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * NT LAN Manager Security Support Provider (NTLMSSP)
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,11 +17,12 @@
  * limitations under the License.
  */
 
-#ifndef __NTLMSSP_H
-#define __NTLMSSP_H
+#ifndef FREERDP_AUTH_NTLMSSP_H
+#define FREERDP_AUTH_NTLMSSP_H
 
 #include <freerdp/crypto/crypto.h>
 
+#include <freerdp/api.h>
 #include <freerdp/freerdp.h>
 #include <freerdp/utils/blob.h>
 #include <freerdp/utils/debug.h>
@@ -115,51 +116,51 @@ struct _NTLMSSP
 };
 typedef struct _NTLMSSP NTLMSSP;
 
-void ntlmssp_set_username(NTLMSSP* ntlmssp, char* username);
-void ntlmssp_set_domain(NTLMSSP* ntlmssp, char* domain);
-void ntlmssp_set_password(NTLMSSP* ntlmssp, char* password);
-void ntlmssp_set_workstation(NTLMSSP* ntlmssp, char* workstation);
-void ntlmssp_set_target_name(NTLMSSP* ntlmssp, char* target_name);
+FREERDP_API void ntlmssp_set_username(NTLMSSP* ntlmssp, char* username);
+FREERDP_API void ntlmssp_set_domain(NTLMSSP* ntlmssp, char* domain);
+FREERDP_API void ntlmssp_set_password(NTLMSSP* ntlmssp, char* password);
+FREERDP_API void ntlmssp_set_workstation(NTLMSSP* ntlmssp, char* workstation);
+FREERDP_API void ntlmssp_set_target_name(NTLMSSP* ntlmssp, char* target_name);
 
-void ntlmssp_generate_client_challenge(NTLMSSP* ntlmssp);
-void ntlmssp_generate_server_challenge(NTLMSSP* ntlmssp);
-void ntlmssp_generate_key_exchange_key(NTLMSSP* ntlmssp);
-void ntlmssp_generate_random_session_key(NTLMSSP* ntlmssp);
-void ntlmssp_generate_exported_session_key(NTLMSSP* ntlmssp);
-void ntlmssp_encrypt_random_session_key(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_generate_client_challenge(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_generate_server_challenge(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_generate_key_exchange_key(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_generate_random_session_key(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_generate_exported_session_key(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_encrypt_random_session_key(NTLMSSP* ntlmssp);
 
-void ntlmssp_generate_timestamp(NTLMSSP* ntlmssp);
-void ntlmssp_generate_client_signing_key(NTLMSSP* ntlmssp);
-void ntlmssp_generate_server_signing_key(NTLMSSP* ntlmssp);
-void ntlmssp_generate_client_sealing_key(NTLMSSP* ntlmssp);
-void ntlmssp_generate_server_sealing_key(NTLMSSP* ntlmssp);
-void ntlmssp_init_rc4_seal_states(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_generate_timestamp(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_generate_client_signing_key(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_generate_server_signing_key(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_generate_client_sealing_key(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_generate_server_sealing_key(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_init_rc4_seal_states(NTLMSSP* ntlmssp);
 
-void ntlmssp_compute_lm_hash(char* password, char* hash);
-void ntlmssp_compute_ntlm_hash(rdpBlob* password, char* hash);
-void ntlmssp_compute_ntlm_v2_hash(NTLMSSP* ntlmssp, char* hash);
+FREERDP_API void ntlmssp_compute_lm_hash(char* password, char* hash);
+FREERDP_API void ntlmssp_compute_ntlm_hash(rdpBlob* password, char* hash);
+FREERDP_API void ntlmssp_compute_ntlm_v2_hash(NTLMSSP* ntlmssp, char* hash);
 
-void ntlmssp_compute_lm_response(char* password, char* challenge, char* response);
-void ntlmssp_compute_lm_v2_response(NTLMSSP* ntlmssp);
-void ntlmssp_compute_ntlm_v2_response(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_compute_lm_response(char* password, char* challenge, char* response);
+FREERDP_API void ntlmssp_compute_lm_v2_response(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_compute_ntlm_v2_response(NTLMSSP* ntlmssp);
 
-void ntlmssp_populate_av_pairs(NTLMSSP* ntlmssp);
-void ntlmssp_input_av_pairs(NTLMSSP* ntlmssp, STREAM* s);
-void ntlmssp_output_av_pairs(NTLMSSP* ntlmssp, STREAM* s);
-void ntlmssp_free_av_pairs(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_populate_av_pairs(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_input_av_pairs(NTLMSSP* ntlmssp, STREAM* s);
+FREERDP_API void ntlmssp_output_av_pairs(NTLMSSP* ntlmssp, STREAM* s);
+FREERDP_API void ntlmssp_free_av_pairs(NTLMSSP* ntlmssp);
 
-void ntlmssp_compute_message_integrity_check(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_compute_message_integrity_check(NTLMSSP* ntlmssp);
 
-void ntlmssp_encrypt_message(NTLMSSP* ntlmssp, rdpBlob* msg, rdpBlob* encrypted_msg, uint8* signature);
-int ntlmssp_decrypt_message(NTLMSSP* ntlmssp, rdpBlob* encrypted_msg, rdpBlob* msg, uint8* signature);
+FREERDP_API void ntlmssp_encrypt_message(NTLMSSP* ntlmssp, rdpBlob* msg, rdpBlob* encrypted_msg, uint8* signature);
+FREERDP_API int ntlmssp_decrypt_message(NTLMSSP* ntlmssp, rdpBlob* encrypted_msg, rdpBlob* msg, uint8* signature);
 
-int ntlmssp_recv(NTLMSSP* ntlmssp, STREAM* s);
-int ntlmssp_send(NTLMSSP* ntlmssp, STREAM* s);
+FREERDP_API int ntlmssp_recv(NTLMSSP* ntlmssp, STREAM* s);
+FREERDP_API int ntlmssp_send(NTLMSSP* ntlmssp, STREAM* s);
 
-NTLMSSP* ntlmssp_client_new();
-NTLMSSP* ntlmssp_server_new();
-void ntlmssp_init(NTLMSSP* ntlmssp);
-void ntlmssp_free(NTLMSSP* ntlmssp);
+FREERDP_API NTLMSSP* ntlmssp_client_new();
+FREERDP_API NTLMSSP* ntlmssp_server_new();
+FREERDP_API void ntlmssp_init(NTLMSSP* ntlmssp);
+FREERDP_API void ntlmssp_free(NTLMSSP* ntlmssp);
 
 #ifdef WITH_DEBUG_NLA
 #define DEBUG_NLA(fmt, ...) DEBUG_CLASS(NLA, fmt, ## __VA_ARGS__)
@@ -167,4 +168,4 @@ void ntlmssp_free(NTLMSSP* ntlmssp);
 #define DEBUG_NLA(fmt, ...) DEBUG_NULL(fmt, ## __VA_ARGS__)
 #endif
 
-#endif /* __NTLMSSP_H */
+#endif /* FREERDP_AUTH_NTLMSSP_H */

include/freerdp/auth/sspi.h

@@ -0,0 +1,339 @@
+/**
+ * FreeRDP: A Remote Desktop Protocol Implementation
+ * Security Support Provider Interface (SSPI)
+ *
+ * Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef FREERDP_AUTH_SSPI_H
+#define FREERDP_AUTH_SSPI_H
+
+#include <freerdp/api.h>
+#include <freerdp/types.h>
+
+#define SECPKG_ID_NONE				0xFFFF
+
+#define SECPKG_FLAG_INTEGRITY			0x00000001
+#define SECPKG_FLAG_PRIVACY			0x00000002
+#define SECPKG_FLAG_TOKEN_ONLY			0x00000004
+#define SECPKG_FLAG_DATAGRAM			0x00000008
+#define SECPKG_FLAG_CONNECTION			0x00000010
+#define SECPKG_FLAG_MULTI_REQUIRED		0x00000020
+#define SECPKG_FLAG_CLIENT_ONLY			0x00000040
+#define SECPKG_FLAG_EXTENDED_ERROR		0x00000080
+#define SECPKG_FLAG_IMPERSONATION		0x00000100
+#define SECPKG_FLAG_ACCEPT_WIN32_NAME		0x00000200
+#define SECPKG_FLAG_STREAM			0x00000400
+#define SECPKG_FLAG_NEGOTIABLE			0x00000800
+#define SECPKG_FLAG_GSS_COMPATIBLE		0x00001000
+#define SECPKG_FLAG_LOGON			0x00002000
+#define SECPKG_FLAG_ASCII_BUFFERS		0x00004000
+#define SECPKG_FLAG_FRAGMENT			0x00008000
+#define SECPKG_FLAG_MUTUAL_AUTH			0x00010000
+#define SECPKG_FLAG_DELEGATION			0x00020000
+#define SECPKG_FLAG_READONLY_WITH_CHECKSUM	0x00040000
+#define SECPKG_FLAG_RESTRICTED_TOKENS		0x00080000
+#define SECPKG_FLAG_NEGO_EXTENDER		0x00100000
+#define SECPKG_FLAG_NEGOTIABLE2			0x00200000
+
+typedef uint32 SECURITY_STATUS;
+
+#define SEC_E_OK				0x00000000
+#define SEC_E_INSUFFICIENT_MEMORY		0x80090300
+#define SEC_E_INVALID_HANDLE			0x80090301
+#define SEC_E_UNSUPPORTED_FUNCTION		0x80090302
+#define SEC_E_TARGET_UNKNOWN			0x80090303
+#define SEC_E_INTERNAL_ERROR			0x80090304
+#define SEC_E_SECPKG_NOT_FOUND			0x80090305
+#define SEC_E_NOT_OWNER				0x80090306
+#define SEC_E_CANNOT_INSTALL			0x80090307
+#define SEC_E_INVALID_TOKEN			0x80090308
+#define SEC_E_CANNOT_PACK			0x80090309
+#define SEC_E_QOP_NOT_SUPPORTED			0x8009030A
+#define SEC_E_NO_IMPERSONATION			0x8009030B
+#define SEC_E_LOGON_DENIED			0x8009030C
+#define SEC_E_UNKNOWN_CREDENTIALS		0x8009030D
+#define SEC_E_NO_CREDENTIALS			0x8009030E
+#define SEC_E_MESSAGE_ALTERED			0x8009030F
+#define SEC_E_OUT_OF_SEQUENCE			0x80090310
+#define SEC_E_NO_AUTHENTICATING_AUTHORITY	0x80090311
+#define SEC_E_BAD_PKGID				0x80090316
+#define SEC_E_CONTEXT_EXPIRED			0x80090317
+#define SEC_E_INCOMPLETE_MESSAGE		0x80090318
+#define SEC_E_INCOMPLETE_CREDENTIALS		0x80090320
+#define SEC_E_BUFFER_TOO_SMALL			0x80090321
+#define SEC_E_WRONG_PRINCIPAL			0x80090322
+#define SEC_E_TIME_SKEW				0x80090324
+#define SEC_E_UNTRUSTED_ROOT			0x80090325
+#define SEC_E_ILLEGAL_MESSAGE			0x80090326
+#define SEC_E_CERT_UNKNOWN			0x80090327
+#define SEC_E_CERT_EXPIRED			0x80090328
+#define SEC_E_ENCRYPT_FAILURE			0x80090329
+#define SEC_E_DECRYPT_FAILURE			0x80090330
+#define SEC_E_ALGORITHM_MISMATCH		0x80090331
+#define SEC_E_SECURITY_QOS_FAILED		0x80090332
+#define SEC_E_UNFINISHED_CONTEXT_DELETED	0x80090333
+#define SEC_E_NO_TGT_REPLY			0x80090334
+#define SEC_E_NO_IP_ADDRESSES			0x80090335
+#define SEC_E_WRONG_CREDENTIAL_HANDLE		0x80090336
+#define SEC_E_CRYPTO_SYSTEM_INVALID		0x80090337
+#define SEC_E_MAX_REFERRALS_EXCEEDED		0x80090338
+#define SEC_E_MUST_BE_KDC			0x80090339
+#define SEC_E_STRONG_CRYPTO_NOT_SUPPORTED	0x8009033A
+#define SEC_E_TOO_MANY_PRINCIPALS		0x8009033B
+#define SEC_E_NO_PA_DATA			0x8009033C
+#define SEC_E_PKINIT_NAME_MISMATCH		0x8009033D
+#define SEC_E_SMARTCARD_LOGON_REQUIRED		0x8009033E
+#define SEC_E_SHUTDOWN_IN_PROGRESS		0x8009033F
+#define SEC_E_KDC_INVALID_REQUEST		0x80090340
+#define SEC_E_KDC_UNABLE_TO_REFER		0x80090341
+#define SEC_E_KDC_UNKNOWN_ETYPE			0x80090342
+#define SEC_E_UNSUPPORTED_PREAUTH		0x80090343
+#define SEC_E_DELEGATION_REQUIRED		0x80090345
+#define SEC_E_BAD_BINDINGS			0x80090346
+#define SEC_E_MULTIPLE_ACCOUNTS			0x80090347
+#define SEC_E_NO_KERB_KEY			0x80090348
+#define SEC_E_CERT_WRONG_USAGE			0x80090349
+#define SEC_E_DOWNGRADE_DETECTED		0x80090350
+#define SEC_E_SMARTCARD_CERT_REVOKED		0x80090351
+#define SEC_E_ISSUING_CA_UNTRUSTED		0x80090352
+#define SEC_E_REVOCATION_OFFLINE_C		0x80090353
+#define SEC_E_PKINIT_CLIENT_FAILURE		0x80090354
+#define SEC_E_SMARTCARD_CERT_EXPIRED		0x80090355
+#define SEC_E_NO_S4U_PROT_SUPPORT		0x80090356
+#define SEC_E_CROSSREALM_DELEGATION_FAILURE	0x80090357
+#define SEC_E_REVOCATION_OFFLINE_KDC		0x80090358
+#define SEC_E_ISSUING_CA_UNTRUSTED_KDC		0x80090359
+#define SEC_E_KDC_CERT_EXPIRED			0x8009035A
+#define SEC_E_KDC_CERT_REVOKED			0x8009035B
+#define SEC_E_INVALID_PARAMETER			0x8009035D
+#define SEC_E_DELEGATION_POLICY			0x8009035E
+#define SEC_E_POLICY_NLTM_ONLY			0x8009035F
+#define SEC_E_NO_CONTEXT			0x80090361
+#define SEC_E_PKU2U_CERT_FAILURE		0x80090362
+#define SEC_E_MUTUAL_AUTH_FAILED		0x80090363
+
+#define SEC_I_CONTINUE_NEEDED			0x00090312
+#define SEC_I_COMPLETE_NEEDED			0x00090313
+#define SEC_I_COMPLETE_AND_CONTINUE		0x00090314
+#define SEC_I_LOCAL_LOGON			0x00090315
+#define SEC_I_CONTEXT_EXPIRED			0x00090317
+#define SEC_I_INCOMPLETE_CREDENTIALS		0x00090320
+#define SEC_I_RENEGOTIATE			0x00090321
+#define SEC_I_NO_LSA_CONTEXT			0x00090323
+#define SEC_I_SIGNATURE_NEEDED			0x0009035C
+#define SEC_I_NO_RENEGOTIATION			0x00090360
+
+#define SECPKG_CRED_INBOUND			0x00000001
+#define SECPKG_CRED_OUTBOUND			0x00000002
+#define SECPKG_CRED_BOTH			0x00000003
+#define SECPKG_CRED_AUTOLOGON_RESTRICTED	0x00000010
+#define SECPKG_CRED_PROCESS_POLICY_ONLY		0x00000020
+
+struct _SEC_PKG_INFO
+{
+	uint32 fCapabilities;
+	uint16 wVersion;
+	uint16 wRPCID;
+	uint32 cbMaxToken;
+	char* Name;
+	char* Comment;
+};
+typedef struct _SEC_PKG_INFO SEC_PKG_INFO;
+
+#define SEC_AUTH_IDENTITY_ANSI			0x1
+#define SEC_AUTH_IDENTITY_UNICODE		0x2
+
+struct _SEC_AUTH_IDENTITY
+{
+	uint16* User;
+	uint32 UserLength;
+	uint16* Domain;
+	uint32 DomainLength;
+	uint16* Password;
+	uint32 PasswordLength;
+	uint32 Flags;
+};
+typedef struct _SEC_AUTH_IDENTITY SEC_AUTH_IDENTITY;
+
+struct _SEC_HANDLE
+{
+	uint32* dwLower;
+	uint32* dwUpper;
+};
+typedef struct _SEC_HANDLE SEC_HANDLE;
+
+typedef SEC_HANDLE CRED_HANDLE;
+typedef SEC_HANDLE CTXT_HANDLE;
+
+struct _SEC_INTEGER
+{
+	uint32 LowPart;
+	sint32 HighPart;
+};
+typedef struct _SEC_INTEGER SEC_INTEGER;
+
+typedef SEC_INTEGER SEC_TIMESTAMP;
+
+struct _SEC_BUFFER
+{
+	uint32 cbBuffer;
+	uint32 BufferType;
+	void* pvBuffer;
+};
+typedef struct _SEC_BUFFER SEC_BUFFER;
+
+struct _SEC_BUFFER_DESC
+{
+	uint32 ulVersion;
+	uint32 cBuffers;
+	SEC_BUFFER* pBuffers;
+};
+typedef struct _SEC_BUFFER_DESC SEC_BUFFER_DESC;
+
+typedef SECURITY_STATUS (*ENUMERATE_SECURITY_PACKAGES_FN)(uint32* pcPackages, SEC_PKG_INFO** ppPackageInfo);
+
+typedef SECURITY_STATUS (*QUERY_CREDENTIAL_ATTRIBUTES_FN)(CRED_HANDLE* phCredential, uint32 ulAttribute, void* pBuffer);
+
+typedef SECURITY_STATUS (*ACQUIRE_CREDENTIALS_HANDLE_FN)(char* pszPrincipal, char* pszPackage,
+		uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+		void* pvGetKeyArgument, CRED_HANDLE* phCredential, SEC_TIMESTAMP* ptsExpiry);
+
+typedef SECURITY_STATUS (*FREE_CREDENTIALS_HANDLE_FN)(CRED_HANDLE* phCredential);
+
+typedef SECURITY_STATUS (*INITIALIZE_SECURITY_CONTEXT_FN)(CRED_HANDLE* phCredential, CTXT_HANDLE* phContext,
+		char* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
+		SEC_BUFFER_DESC* pInput, uint32 Reserved2, CTXT_HANDLE* phNewContext,
+		SEC_BUFFER_DESC* pOutput, uint32* pfContextAttr, SEC_TIMESTAMP* ptsExpiry);
+
+typedef SECURITY_STATUS (*ACCEPT_SECURITY_CONTEXT_FN)(CRED_HANDLE* phCredential, CTXT_HANDLE* phContext,
+		SEC_BUFFER_DESC* pInput, uint32 fContextReq, uint32 TargetDataRep, CTXT_HANDLE* phNewContext,
+		SEC_BUFFER_DESC* pOutput, uint32* pfContextAttr, SEC_TIMESTAMP* ptsTimeStamp);
+
+typedef SECURITY_STATUS (*COMPLETE_AUTH_TOKEN_FN)(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pToken);
+
+typedef SECURITY_STATUS (*DELETE_SECURITY_CONTEXT_FN)(CTXT_HANDLE* phContext);
+
+typedef SECURITY_STATUS (*APPLY_CONTROL_TOKEN_FN)(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pInput);
+
+typedef SECURITY_STATUS (*QUERY_CONTEXT_ATTRIBUTES_FN)(CTXT_HANDLE* phContext, uint32 ulAttribute, void* pBuffer);
+
+typedef SECURITY_STATUS (*IMPERSONATE_SECURITY_CONTEXT_FN)(CTXT_HANDLE* phContext);
+
+typedef SECURITY_STATUS (*REVERT_SECURITY_CONTEXT_FN)(CTXT_HANDLE* phContext);
+
+typedef SECURITY_STATUS (*MAKE_SIGNATURE_FN)(CTXT_HANDLE* phContext, uint32 fQOP, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo);
+
+typedef SECURITY_STATUS (*VERIFY_SIGNATURE_FN)(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo, uint32* pfQOP);
+
+typedef SECURITY_STATUS (*FREE_CONTEXT_BUFFER_FN)(void* pvContextBuffer);
+
+typedef SECURITY_STATUS (*QUERY_SECURITY_PACKAGE_INFO_FN)(char* pszPackageName, SEC_PKG_INFO** ppPackageInfo);
+
+typedef SECURITY_STATUS (*EXPORT_SECURITY_CONTEXT_FN)(CTXT_HANDLE* phContext, uint32 fFlags, SEC_BUFFER* pPackedContext, void* pToken);
+
+typedef SECURITY_STATUS (*IMPORT_SECURITY_CONTEXT_FN)(char* pszPackage, SEC_BUFFER* pPackedContext, void* pToken, CTXT_HANDLE* phContext);
+
+typedef SECURITY_STATUS (*ADD_CREDENTIALS_FN)(void);
+
+typedef SECURITY_STATUS (*QUERY_SECURITY_CONTEXT_TOKEN_FN)(CTXT_HANDLE* phContext, void* phToken);
+
+typedef SECURITY_STATUS (*ENCRYPT_MESSAGE_FN)(CTXT_HANDLE* phContext, uint32 fQOP, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo);
+
+typedef SECURITY_STATUS (*DECRYPT_MESSAGE_FN)(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo, uint32* pfQOP);
+
+typedef SECURITY_STATUS (*SET_CONTEXT_ATTRIBUTES_FN)(CTXT_HANDLE* phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer);
+
+struct _SECURITY_FUNCTION_TABLE
+{
+	uint32 dwVersion;
+	ENUMERATE_SECURITY_PACKAGES_FN EnumerateSecurityPackages;
+	void* Reserved1;
+	QUERY_CREDENTIAL_ATTRIBUTES_FN QueryCredentialsAttributes;
+	ACQUIRE_CREDENTIALS_HANDLE_FN AcquireCredentialsHandle;
+	FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
+	void* Reserved2;
+	INITIALIZE_SECURITY_CONTEXT_FN InitializeSecurityContext;
+	ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
+	COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
+	DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
+	APPLY_CONTROL_TOKEN_FN ApplyControlToken;
+	QUERY_CONTEXT_ATTRIBUTES_FN QueryContextAttributes;
+	IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
+	REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
+	MAKE_SIGNATURE_FN MakeSignature;
+	VERIFY_SIGNATURE_FN VerifySignature;
+	FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
+	QUERY_SECURITY_PACKAGE_INFO_FN QuerySecurityPackageInfo;
+	void* Reserved3;
+	void* Reserved4;
+	EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
+	IMPORT_SECURITY_CONTEXT_FN ImportSecurityContext;
+	ADD_CREDENTIALS_FN AddCredentials;
+	void* Reserved8;
+	QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
+	ENCRYPT_MESSAGE_FN EncryptMessage;
+	DECRYPT_MESSAGE_FN DecryptMessage;
+	SET_CONTEXT_ATTRIBUTES_FN SetContextAttributes;
+};
+typedef struct _SECURITY_FUNCTION_TABLE SECURITY_FUNCTION_TABLE;
+
+/* Package Management */
+
+FREERDP_API SECURITY_STATUS EnumerateSecurityPackages(uint32* pcPackages, SEC_PKG_INFO** ppPackageInfo);
+FREERDP_API SECURITY_FUNCTION_TABLE* InitSecurityInterface(void);
+FREERDP_API SECURITY_STATUS QuerySecurityPackageInfo(char* pszPackageName, SEC_PKG_INFO** ppPackageInfo);
+
+/* Credential Management */
+
+FREERDP_API SECURITY_STATUS AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage,
+		uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+		void* pvGetKeyArgument, CRED_HANDLE* phCredential, SEC_TIMESTAMP* ptsExpiry);
+
+FREERDP_API SECURITY_STATUS ExportSecurityContext(CTXT_HANDLE* phContext, uint32 fFlags, SEC_BUFFER* pPackedContext, void* pToken);
+FREERDP_API SECURITY_STATUS FreeCredentialsHandle(CRED_HANDLE* phCredential);
+FREERDP_API SECURITY_STATUS ImportSecurityContext(char* pszPackage, SEC_BUFFER* pPackedContext, void* pToken, CTXT_HANDLE* phContext);
+FREERDP_API SECURITY_STATUS QueryCredentialsAttributes(CRED_HANDLE* phCredential, uint32 ulAttribute, void* pBuffer);
+
+/* Context Management */
+
+FREERDP_API SECURITY_STATUS AcceptSecurityContext(CRED_HANDLE* phCredential, CTXT_HANDLE* phContext,
+		SEC_BUFFER_DESC* pInput, uint32 fContextReq, uint32 TargetDataRep, CTXT_HANDLE* phNewContext,
+		SEC_BUFFER_DESC* pOutput, uint32* pfContextAttr, SEC_TIMESTAMP* ptsTimeStamp);
+
+FREERDP_API SECURITY_STATUS ApplyControlToken(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pInput);
+FREERDP_API SECURITY_STATUS CompleteAuthToken(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pToken);
+FREERDP_API SECURITY_STATUS DeleteSecurityContext(CTXT_HANDLE* phContext);
+FREERDP_API SECURITY_STATUS FreeContextBuffer(void* pvContextBuffer);
+FREERDP_API SECURITY_STATUS ImpersonateSecurityContext(CTXT_HANDLE* phContext);
+
+FREERDP_API SECURITY_STATUS InitializeSecurityContext(CRED_HANDLE* phCredential, CTXT_HANDLE* phContext,
+		char* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
+		SEC_BUFFER_DESC* pInput, uint32 Reserved2, CTXT_HANDLE* phNewContext,
+		SEC_BUFFER_DESC* pOutput, uint32* pfContextAttr, SEC_TIMESTAMP* ptsExpiry);
+
+FREERDP_API SECURITY_STATUS QueryContextAttributes(CTXT_HANDLE* phContext, uint32 ulAttribute, void* pBuffer);
+FREERDP_API SECURITY_STATUS QuerySecurityContextToken(CTXT_HANDLE* phContext, void* phToken);
+FREERDP_API SECURITY_STATUS SetContextAttributes(CTXT_HANDLE* phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer);
+FREERDP_API SECURITY_STATUS RevertSecurityContext(CTXT_HANDLE* phContext);
+
+/* Message Support */
+
+FREERDP_API SECURITY_STATUS DecryptMessage(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo, uint32* pfQOP);
+FREERDP_API SECURITY_STATUS EncryptMessage(CTXT_HANDLE* phContext, uint32 fQOP, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo);
+FREERDP_API SECURITY_STATUS MakeSignature(CTXT_HANDLE* phContext, uint32 fQOP, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo);
+FREERDP_API SECURITY_STATUS VerifySignature(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo, uint32* pfQOP);
+
+#endif /* FREERDP_AUTH_SSPI_H */

include/freerdp/crypto/ber.h

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * ASN.1 Basic Encoding Rules (BER)
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,9 +17,10 @@
  * limitations under the License.
  */
 
-#ifndef __CRYPTO_BER_H
-#define __CRYPTO_BER_H
+#ifndef FREERDP_CRYPTO_BER_H
+#define FREERDP_CRYPTO_BER_H
 
+#include <freerdp/api.h>
 #include <freerdp/types.h>
 #include <freerdp/utils/stream.h>
 
@@ -50,34 +51,34 @@
 
 #define BER_PC(_pc)	(_pc ? BER_CONSTRUCT : BER_PRIMITIVE)
 
-void ber_read_length(STREAM* s, int* length);
-int ber_write_length(STREAM* s, int length);
-int _ber_skip_length(int length);
-int ber_get_content_length(int length);
-boolean ber_read_universal_tag(STREAM* s, uint8 tag, boolean pc);
-void ber_write_universal_tag(STREAM* s, uint8 tag, boolean pc);
-boolean ber_read_application_tag(STREAM* s, uint8 tag, int* length);
-void ber_write_application_tag(STREAM* s, uint8 tag, int length);
-boolean ber_read_application_tag(STREAM* s, uint8 tag, int* length);
-boolean ber_read_enumerated(STREAM* s, uint8* enumerated, uint8 count);
-void ber_write_enumerated(STREAM* s, uint8 enumerated, uint8 count);
-boolean ber_read_contextual_tag(STREAM* s, uint8 tag, int* length, boolean pc);
-int ber_write_contextual_tag(STREAM* s, uint8 tag, int length, boolean pc);
-int ber_skip_contextual_tag(int length);
-boolean ber_read_sequence_tag(STREAM* s, int* length);
-int ber_write_sequence_tag(STREAM* s, int length);
-int ber_skip_sequence(int length);
-int ber_skip_sequence_tag(int length);
-boolean ber_read_bit_string(STREAM* s, int* length, uint8* padding);
-boolean ber_read_octet_string(STREAM* s, int* length);
-void ber_write_octet_string(STREAM* s, const uint8* oct_str, int length);
-int ber_write_octet_string_tag(STREAM* s, int length);
-int ber_skip_octet_string(int length);
-boolean ber_read_boolean(STREAM* s, boolean* value);
-void ber_write_boolean(STREAM* s, boolean value);
-boolean ber_read_integer(STREAM* s, uint32* value);
-int ber_write_integer(STREAM* s, uint32 value);
-boolean ber_read_integer_length(STREAM* s, int* length);
-int ber_skip_integer(uint32 value);
+FREERDP_API void ber_read_length(STREAM* s, int* length);
+FREERDP_API int ber_write_length(STREAM* s, int length);
+FREERDP_API int _ber_skip_length(int length);
+FREERDP_API int ber_get_content_length(int length);
+FREERDP_API boolean ber_read_universal_tag(STREAM* s, uint8 tag, boolean pc);
+FREERDP_API void ber_write_universal_tag(STREAM* s, uint8 tag, boolean pc);
+FREERDP_API boolean ber_read_application_tag(STREAM* s, uint8 tag, int* length);
+FREERDP_API void ber_write_application_tag(STREAM* s, uint8 tag, int length);
+FREERDP_API boolean ber_read_application_tag(STREAM* s, uint8 tag, int* length);
+FREERDP_API boolean ber_read_enumerated(STREAM* s, uint8* enumerated, uint8 count);
+FREERDP_API void ber_write_enumerated(STREAM* s, uint8 enumerated, uint8 count);
+FREERDP_API boolean ber_read_contextual_tag(STREAM* s, uint8 tag, int* length, boolean pc);
+FREERDP_API int ber_write_contextual_tag(STREAM* s, uint8 tag, int length, boolean pc);
+FREERDP_API int ber_skip_contextual_tag(int length);
+FREERDP_API boolean ber_read_sequence_tag(STREAM* s, int* length);
+FREERDP_API int ber_write_sequence_tag(STREAM* s, int length);
+FREERDP_API int ber_skip_sequence(int length);
+FREERDP_API int ber_skip_sequence_tag(int length);
+FREERDP_API boolean ber_read_bit_string(STREAM* s, int* length, uint8* padding);
+FREERDP_API boolean ber_read_octet_string(STREAM* s, int* length);
+FREERDP_API void ber_write_octet_string(STREAM* s, const uint8* oct_str, int length);
+FREERDP_API int ber_write_octet_string_tag(STREAM* s, int length);
+FREERDP_API int ber_skip_octet_string(int length);
+FREERDP_API boolean ber_read_boolean(STREAM* s, boolean* value);
+FREERDP_API void ber_write_boolean(STREAM* s, boolean value);
+FREERDP_API boolean ber_read_integer(STREAM* s, uint32* value);
+FREERDP_API int ber_write_integer(STREAM* s, uint32 value);
+FREERDP_API boolean ber_read_integer_length(STREAM* s, int* length);
+FREERDP_API int ber_skip_integer(uint32 value);
 
-#endif /* __CRYPTO_BER_H */
+#endif /* FREERDP_CRYPTO_BER_H */

include/freerdp/crypto/certificate.h

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * Certificate Handling
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,8 +17,8 @@
  * limitations under the License.
  */
 
-#ifndef __CRYPTO_CERTIFICATE_H
-#define __CRYPTO_CERTIFICATE_H
+#ifndef FREERDP_CRYPTO_CERTIFICATE_H
+#define FREERDP_CRYPTO_CERTIFICATE_H
 
 typedef struct rdp_certificate_data rdpCertificateData;
 typedef struct rdp_certificate_store rdpCertificateStore;
@@ -26,6 +26,7 @@ typedef struct rdp_certificate_store rdpCertificateStore;
 #include <freerdp/crypto/ber.h>
 #include <freerdp/crypto/crypto.h>
 
+#include <freerdp/api.h>
 #include <freerdp/settings.h>
 #include <freerdp/utils/blob.h>
 #include <freerdp/utils/stream.h>
@@ -46,11 +47,11 @@ struct rdp_certificate_store
 	rdpCertificateData* certificate_data;
 };
 
-rdpCertificateData* certificate_data_new(char* hostname, char* fingerprint);
-void certificate_data_free(rdpCertificateData* certificate_data);
-rdpCertificateStore* certificate_store_new(rdpSettings* settings);
-void certificate_store_free(rdpCertificateStore* certificate_store);
-int certificate_data_match(rdpCertificateStore* certificate_store, rdpCertificateData* certificate_data);
-void certificate_data_print(rdpCertificateStore* certificate_store, rdpCertificateData* certificate_data);
+FREERDP_API rdpCertificateData* certificate_data_new(char* hostname, char* fingerprint);
+FREERDP_API void certificate_data_free(rdpCertificateData* certificate_data);
+FREERDP_API rdpCertificateStore* certificate_store_new(rdpSettings* settings);
+FREERDP_API void certificate_store_free(rdpCertificateStore* certificate_store);
+FREERDP_API int certificate_data_match(rdpCertificateStore* certificate_store, rdpCertificateData* certificate_data);
+FREERDP_API void certificate_data_print(rdpCertificateStore* certificate_store, rdpCertificateData* certificate_data);
 
-#endif /* __CRYPTO_CERTIFICATE_H */
+#endif /* FREERDP_CRYPTO_CERTIFICATE_H */

include/freerdp/crypto/crypto.h

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * Cryptographic Abstraction Layer
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,8 +17,8 @@
  * limitations under the License.
  */
 
-#ifndef __CRYPTO_H
-#define __CRYPTO_H
+#ifndef FREERDP_CRYPTO_H
+#define FREERDP_CRYPTO_H
 
 #include <openssl/ssl.h>
 #include <openssl/err.h>
@@ -39,6 +39,7 @@
 #define EXPONENT_MAX_SIZE			4
 #define MODULUS_MAX_SIZE			256
 
+#include <freerdp/api.h>
 #include <freerdp/freerdp.h>
 #include <freerdp/utils/blob.h>
 #include <freerdp/utils/memory.h>
@@ -75,62 +76,67 @@ struct crypto_cert_struct
 
 #define	CRYPTO_SHA1_DIGEST_LENGTH	SHA_DIGEST_LENGTH
 typedef struct crypto_sha1_struct* CryptoSha1;
-CryptoSha1 crypto_sha1_init(void);
-void crypto_sha1_update(CryptoSha1 sha1, const uint8* data, uint32 length);
-void crypto_sha1_final(CryptoSha1 sha1, uint8* out_data);
+
+FREERDP_API CryptoSha1 crypto_sha1_init(void);
+FREERDP_API void crypto_sha1_update(CryptoSha1 sha1, const uint8* data, uint32 length);
+FREERDP_API void crypto_sha1_final(CryptoSha1 sha1, uint8* out_data);
 
 #define	CRYPTO_MD5_DIGEST_LENGTH	MD5_DIGEST_LENGTH
 typedef struct crypto_md5_struct* CryptoMd5;
-CryptoMd5 crypto_md5_init(void);
-void crypto_md5_update(CryptoMd5 md5, const uint8* data, uint32 length);
-void crypto_md5_final(CryptoMd5 md5, uint8* out_data);
+
+FREERDP_API CryptoMd5 crypto_md5_init(void);
+FREERDP_API void crypto_md5_update(CryptoMd5 md5, const uint8* data, uint32 length);
+FREERDP_API void crypto_md5_final(CryptoMd5 md5, uint8* out_data);
 
 typedef struct crypto_rc4_struct* CryptoRc4;
-CryptoRc4 crypto_rc4_init(const uint8* key, uint32 length);
-void crypto_rc4(CryptoRc4 rc4, uint32 length, const uint8* in_data, uint8* out_data);
-void crypto_rc4_free(CryptoRc4 rc4);
+
+FREERDP_API CryptoRc4 crypto_rc4_init(const uint8* key, uint32 length);
+FREERDP_API void crypto_rc4(CryptoRc4 rc4, uint32 length, const uint8* in_data, uint8* out_data);
+FREERDP_API void crypto_rc4_free(CryptoRc4 rc4);
 
 typedef struct crypto_des3_struct* CryptoDes3;
-CryptoDes3 crypto_des3_encrypt_init(const uint8* key, const uint8* ivec);
-CryptoDes3 crypto_des3_decrypt_init(const uint8* key, const uint8* ivec);
-void crypto_des3_encrypt(CryptoDes3 des3, uint32 length, const uint8 *in_data, uint8 *out_data);
-void crypto_des3_decrypt(CryptoDes3 des3, uint32 length, const uint8 *in_data, uint8* out_data);
-void crypto_des3_free(CryptoDes3 des3);
+
+FREERDP_API CryptoDes3 crypto_des3_encrypt_init(const uint8* key, const uint8* ivec);
+FREERDP_API CryptoDes3 crypto_des3_decrypt_init(const uint8* key, const uint8* ivec);
+FREERDP_API void crypto_des3_encrypt(CryptoDes3 des3, uint32 length, const uint8 *in_data, uint8 *out_data);
+FREERDP_API void crypto_des3_decrypt(CryptoDes3 des3, uint32 length, const uint8 *in_data, uint8* out_data);
+FREERDP_API void crypto_des3_free(CryptoDes3 des3);
 
 typedef struct crypto_hmac_struct* CryptoHmac;
-CryptoHmac crypto_hmac_new(void);
-void crypto_hmac_sha1_init(CryptoHmac hmac, const uint8 *data, uint32 length);
-void crypto_hmac_update(CryptoHmac hmac, const uint8 *data, uint32 length);
-void crypto_hmac_final(CryptoHmac hmac, uint8 *out_data, uint32 length);
-void crypto_hmac_free(CryptoHmac hmac);
+
+FREERDP_API CryptoHmac crypto_hmac_new(void);
+FREERDP_API void crypto_hmac_sha1_init(CryptoHmac hmac, const uint8 *data, uint32 length);
+FREERDP_API void crypto_hmac_update(CryptoHmac hmac, const uint8 *data, uint32 length);
+FREERDP_API void crypto_hmac_final(CryptoHmac hmac, uint8 *out_data, uint32 length);
+FREERDP_API void crypto_hmac_free(CryptoHmac hmac);
 
 typedef struct crypto_cert_struct* CryptoCert;
 
 #include <freerdp/crypto/certificate.h>
 
-CryptoCert crypto_cert_read(uint8* data, uint32 length);
-char* crypto_cert_fingerprint(X509* xcert);
-char* crypto_cert_subject(X509* xcert);
-char* crypto_cert_subject_common_name(X509* xcert, int* length);
-char** crypto_cert_subject_alt_name(X509* xcert, int* count, int** lengths);
-char* crypto_cert_issuer(X509* xcert);
-void crypto_cert_print_info(X509* xcert);
-void crypto_cert_free(CryptoCert cert);
+FREERDP_API CryptoCert crypto_cert_read(uint8* data, uint32 length);
+FREERDP_API char* crypto_cert_fingerprint(X509* xcert);
+FREERDP_API char* crypto_cert_subject(X509* xcert);
+FREERDP_API char* crypto_cert_subject_common_name(X509* xcert, int* length);
+FREERDP_API char** crypto_cert_subject_alt_name(X509* xcert, int* count, int** lengths);
+FREERDP_API char* crypto_cert_issuer(X509* xcert);
+FREERDP_API void crypto_cert_print_info(X509* xcert);
+FREERDP_API void crypto_cert_free(CryptoCert cert);
 
-boolean x509_verify_certificate(CryptoCert cert, char* certificate_store_path);
-rdpCertificateData* crypto_get_certificate_data(X509* xcert, char* hostname);
-boolean crypto_cert_get_public_key(CryptoCert cert, rdpBlob* public_key);
+FREERDP_API boolean x509_verify_certificate(CryptoCert cert, char* certificate_store_path);
+FREERDP_API rdpCertificateData* crypto_get_certificate_data(X509* xcert, char* hostname);
+FREERDP_API boolean crypto_cert_get_public_key(CryptoCert cert, rdpBlob* public_key);
 
 #define	TSSK_KEY_LENGTH	64
 extern const uint8 tssk_modulus[];
 extern const uint8 tssk_privateExponent[];
 extern const uint8 tssk_exponent[];
 
-void crypto_rsa_public_encrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output);
-void crypto_rsa_public_decrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output);
-void crypto_rsa_private_encrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output);
-void crypto_rsa_private_decrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output);
-void crypto_reverse(uint8* data, int length);
-void crypto_nonce(uint8* nonce, int size);
+FREERDP_API void crypto_rsa_public_encrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output);
+FREERDP_API void crypto_rsa_public_decrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output);
+FREERDP_API void crypto_rsa_private_encrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output);
+FREERDP_API void crypto_rsa_private_decrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output);
+FREERDP_API void crypto_reverse(uint8* data, int length);
+FREERDP_API void crypto_nonce(uint8* nonce, int size);
 
-#endif /* __CRYPTO_H */
+#endif /* FREERDP_CRYPTO_H */

include/freerdp/crypto/per.h

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * ASN.1 Packed Encoding Rules (BER)
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,32 +17,33 @@
  * limitations under the License.
  */
 
-#ifndef __CRYPTO_PER_H
-#define __CRYTPO_PER_H
+#ifndef FREERDP_CRYPTO_PER_H
+#define FREERDP_CRYPTO_PER_H
 
+#include <freerdp/api.h>
 #include <freerdp/utils/stream.h>
 
-boolean per_read_length(STREAM* s, uint16* length);
-void per_write_length(STREAM* s, int length);
-boolean per_read_choice(STREAM* s, uint8* choice);
-void per_write_choice(STREAM* s, uint8 choice);
-boolean per_read_selection(STREAM* s, uint8* selection);
-void per_write_selection(STREAM* s, uint8 selection);
-boolean per_read_number_of_sets(STREAM* s, uint8* number);
-void per_write_number_of_sets(STREAM* s, uint8 number);
-boolean per_read_padding(STREAM* s, int length);
-void per_write_padding(STREAM* s, int length);
-boolean per_read_integer(STREAM* s, uint32* integer);
-boolean per_read_integer16(STREAM* s, uint16* integer, uint16 min);
-void per_write_integer(STREAM* s, uint32 integer);
-void per_write_integer16(STREAM* s, uint16 integer, uint16 min);
-boolean per_read_enumerated(STREAM* s, uint8* enumerated, uint8 count);
-void per_write_enumerated(STREAM* s, uint8 enumerated, uint8 count);
-void per_write_object_identifier(STREAM* s, uint8 oid[6]);
-boolean per_read_object_identifier(STREAM* s, uint8 oid[6]);
-boolean per_read_octet_string(STREAM* s, uint8* oct_str, int length, int min);
-void per_write_octet_string(STREAM* s, uint8* oct_str, int length, int min);
-boolean per_read_numeric_string(STREAM* s, int min);
-void per_write_numeric_string(STREAM* s, uint8* num_str, int length, int min);
+FREERDP_API boolean per_read_length(STREAM* s, uint16* length);
+FREERDP_API void per_write_length(STREAM* s, int length);
+FREERDP_API boolean per_read_choice(STREAM* s, uint8* choice);
+FREERDP_API void per_write_choice(STREAM* s, uint8 choice);
+FREERDP_API boolean per_read_selection(STREAM* s, uint8* selection);
+FREERDP_API void per_write_selection(STREAM* s, uint8 selection);
+FREERDP_API boolean per_read_number_of_sets(STREAM* s, uint8* number);
+FREERDP_API void per_write_number_of_sets(STREAM* s, uint8 number);
+FREERDP_API boolean per_read_padding(STREAM* s, int length);
+FREERDP_API void per_write_padding(STREAM* s, int length);
+FREERDP_API boolean per_read_integer(STREAM* s, uint32* integer);
+FREERDP_API boolean per_read_integer16(STREAM* s, uint16* integer, uint16 min);
+FREERDP_API void per_write_integer(STREAM* s, uint32 integer);
+FREERDP_API void per_write_integer16(STREAM* s, uint16 integer, uint16 min);
+FREERDP_API boolean per_read_enumerated(STREAM* s, uint8* enumerated, uint8 count);
+FREERDP_API void per_write_enumerated(STREAM* s, uint8 enumerated, uint8 count);
+FREERDP_API void per_write_object_identifier(STREAM* s, uint8 oid[6]);
+FREERDP_API boolean per_read_object_identifier(STREAM* s, uint8 oid[6]);
+FREERDP_API boolean per_read_octet_string(STREAM* s, uint8* oct_str, int length, int min);
+FREERDP_API void per_write_octet_string(STREAM* s, uint8* oct_str, int length, int min);
+FREERDP_API boolean per_read_numeric_string(STREAM* s, int min);
+FREERDP_API void per_write_numeric_string(STREAM* s, uint8* num_str, int length, int min);
 
-#endif /* __CRYTPO_PER_H */
+#endif /* FREERDP_CRYPTO_PER_H */

include/freerdp/crypto/tls.h

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * Transport Layer Security
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,8 +17,8 @@
  * limitations under the License.
  */
 
-#ifndef __CRYPTO_TLS_H
-#define __CRYPTO_TLS_H
+#ifndef FREERDP_CRYPTO_TLS_H
+#define FREERDP_CRYPTO_TLS_H
 
 #include "crypto.h"
 #include "certificate.h"
@@ -26,6 +26,7 @@
 #include <openssl/ssl.h>
 #include <openssl/err.h>
 
+#include <freerdp/api.h>
 #include <freerdp/types.h>
 #include <freerdp/utils/stream.h>
 
@@ -41,20 +42,20 @@ struct rdp_tls
 	rdpCertificateStore* certificate_store;
 };
 
-boolean tls_connect(rdpTls* tls);
-boolean tls_accept(rdpTls* tls, const char* cert_file, const char* privatekey_file);
-boolean tls_disconnect(rdpTls* tls);
+FREERDP_API boolean tls_connect(rdpTls* tls);
+FREERDP_API boolean tls_accept(rdpTls* tls, const char* cert_file, const char* privatekey_file);
+FREERDP_API boolean tls_disconnect(rdpTls* tls);
 
-int tls_read(rdpTls* tls, uint8* data, int length);
-int tls_write(rdpTls* tls, uint8* data, int length);
+FREERDP_API int tls_read(rdpTls* tls, uint8* data, int length);
+FREERDP_API int tls_write(rdpTls* tls, uint8* data, int length);
 
-boolean tls_verify_certificate(rdpTls* tls, CryptoCert cert, char* hostname);
-void tls_print_certificate_error(char* hostname, char* fingerprint);
-void tls_print_certificate_name_mismatch_error(char* hostname, char* common_name, char** alt_names, int alt_names_count);
+FREERDP_API boolean tls_verify_certificate(rdpTls* tls, CryptoCert cert, char* hostname);
+FREERDP_API void tls_print_certificate_error(char* hostname, char* fingerprint);
+FREERDP_API void tls_print_certificate_name_mismatch_error(char* hostname, char* common_name, char** alt_names, int alt_names_count);
 
-boolean tls_print_error(char* func, SSL* connection, int value);
+FREERDP_API boolean tls_print_error(char* func, SSL* connection, int value);
 
-rdpTls* tls_new(rdpSettings* settings);
-void tls_free(rdpTls* tls);
+FREERDP_API rdpTls* tls_new(rdpSettings* settings);
+FREERDP_API void tls_free(rdpTls* tls);
 
-#endif /* __CRYPTO_TLS_H */
+#endif /* FREERDP_CRYPTO_TLS_H */

keymaps/CMakeLists.txt

@@ -17,7 +17,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-install(FILES aliases amiga ataritt empty evdev fujitsu hp ibm macintosh macosx sony sun xfree86 xfree98 DESTINATION ${FREERDP_KEYMAP_PATH})
-install(DIRECTORY digital_vndr DESTINATION ${FREERDP_KEYMAP_PATH} FILES_MATCHING PATTERN "*")
-install(DIRECTORY sgi_vndr DESTINATION ${FREERDP_KEYMAP_PATH} FILES_MATCHING PATTERN "*")
-
+if(NOT WITH_XKBFILE)
+	install(FILES aliases amiga ataritt empty evdev fujitsu hp ibm macintosh macosx sony sun xfree86 xfree98 DESTINATION ${FREERDP_KEYMAP_PATH})
+	install(DIRECTORY digital_vndr DESTINATION ${FREERDP_KEYMAP_PATH} FILES_MATCHING PATTERN "*")
+	install(DIRECTORY sgi_vndr DESTINATION ${FREERDP_KEYMAP_PATH} FILES_MATCHING PATTERN "*")
+endif()

libfreerdp-auth/CMakeLists.txt

@@ -18,15 +18,20 @@
 # limitations under the License.
 
 set(FREERDP_AUTH_SRCS
+	sspi.c
 	credssp.c
 	ntlmssp.c)
 
 add_library(freerdp-auth ${FREERDP_AUTH_SRCS})
 
+include_directories(${OPENSSL_INCLUDE_DIR})
+include_directories(${ZLIB_INCLUDE_DIRS})
+
 set_target_properties(freerdp-auth PROPERTIES VERSION ${FREERDP_VERSION_FULL} SOVERSION ${FREERDP_VERSION} PREFIX "lib")
 
 target_link_libraries(freerdp-auth freerdp-utils)
 target_link_libraries(freerdp-auth freerdp-crypto)
+target_link_libraries(freerdp-auth ${ZLIB_LIBRARIES})	
 
 install(TARGETS freerdp-auth DESTINATION ${CMAKE_INSTALL_LIBDIR})
 

libfreerdp-auth/credssp.c

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * Credential Security Support Provider (CredSSP)
  *
- * Copyright 2010 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2010-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -26,6 +26,7 @@
 #include <freerdp/auth/ntlmssp.h>
 #include <freerdp/utils/stream.h>
 
+#include <freerdp/auth/sspi.h>
 #include <freerdp/auth/credssp.h>
 
 /**
@@ -719,3 +720,48 @@ void credssp_free(rdpCredssp* credssp)
 		xfree(credssp);
 	}
 }
+
+/* SSPI */
+
+const SECURITY_FUNCTION_TABLE CREDSSP_SECURITY_FUNCTION_TABLE =
+{
+	1, /* dwVersion */
+	NULL, /* EnumerateSecurityPackages */
+	NULL, /* Reserved1 */
+	NULL, /* QueryCredentialsAttributes */
+	NULL, /* AcquireCredentialsHandle */
+	NULL, /* FreeCredentialsHandle */
+	NULL, /* Reserved2 */
+	NULL, /* InitializeSecurityContext */
+	NULL, /* AcceptSecurityContext */
+	NULL, /* CompleteAuthToken */
+	NULL, /* DeleteSecurityContext */
+	NULL, /* ApplyControlToken */
+	NULL, /* QueryContextAttributes */
+	NULL, /* ImpersonateSecurityContext */
+	NULL, /* RevertSecurityContext */
+	NULL, /* MakeSignature */
+	NULL, /* VerifySignature */
+	NULL, /* FreeContextBuffer */
+	NULL, /* QuerySecurityPackageInfo */
+	NULL, /* Reserved3 */
+	NULL, /* Reserved4 */
+	NULL, /* ExportSecurityContext */
+	NULL, /* ImportSecurityContext */
+	NULL, /* AddCredentials */
+	NULL, /* Reserved8 */
+	NULL, /* QuerySecurityContextToken */
+	NULL, /* EncryptMessage */
+	NULL, /* DecryptMessage */
+	NULL, /* SetContextAttributes */
+};
+
+const SEC_PKG_INFO CREDSSP_SEC_PKG_INFO =
+{
+	0x000110733, /* fCapabilities */
+	1, /* wVersion */
+	0xFFFF, /* wRPCID */
+	0x000090A8, /* cbMaxToken */
+	"CREDSSP", /* Name */
+	"Microsoft CredSSP Security Provider" /* Comment */
+};

libfreerdp-auth/ntlmssp.c

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * NT LAN Manager Security Support Provider (NTLMSSP)
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -25,6 +25,7 @@
 #include <openssl/engine.h>
 #include <freerdp/utils/memory.h>
 
+#include <freerdp/auth/sspi.h>
 #include <freerdp/auth/credssp.h>
 
 #include <freerdp/auth/ntlmssp.h>
@@ -2223,3 +2224,60 @@ void ntlmssp_free(NTLMSSP* ntlmssp)
 		crypto_rc4_free(ntlmssp->recv_rc4_seal);
 	xfree(ntlmssp);
 }
+
+/* SSPI */
+
+SECURITY_STATUS ntlm_AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage,
+		uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+		void* pvGetKeyArgument, CRED_HANDLE* phCredential, SEC_TIMESTAMP* ptsExpiry)
+{
+	if (fCredentialUse == SECPKG_CRED_OUTBOUND)
+	{
+
+	}
+
+	return SEC_E_OK;
+}
+
+const SEC_PKG_INFO NTLM_SEC_PKG_INFO =
+{
+	0x00082B37, /* fCapabilities */
+	1, /* wVersion */
+	0x000A, /* wRPCID */
+	0x00000B48, /* cbMaxToken */
+	"NTLM", /* Name */
+	"NTLM Security Package" /* Comment */
+};
+
+const SECURITY_FUNCTION_TABLE NTLM_SECURITY_FUNCTION_TABLE =
+{
+	1, /* dwVersion */
+	NULL, /* EnumerateSecurityPackages */
+	NULL, /* Reserved1 */
+	NULL, /* QueryCredentialsAttributes */
+	ntlm_AcquireCredentialsHandle, /* AcquireCredentialsHandle */
+	NULL, /* FreeCredentialsHandle */
+	NULL, /* Reserved2 */
+	NULL, /* InitializeSecurityContext */
+	NULL, /* AcceptSecurityContext */
+	NULL, /* CompleteAuthToken */
+	NULL, /* DeleteSecurityContext */
+	NULL, /* ApplyControlToken */
+	NULL, /* QueryContextAttributes */
+	NULL, /* ImpersonateSecurityContext */
+	NULL, /* RevertSecurityContext */
+	NULL, /* MakeSignature */
+	NULL, /* VerifySignature */
+	NULL, /* FreeContextBuffer */
+	NULL, /* QuerySecurityPackageInfo */
+	NULL, /* Reserved3 */
+	NULL, /* Reserved4 */
+	NULL, /* ExportSecurityContext */
+	NULL, /* ImportSecurityContext */
+	NULL, /* AddCredentials */
+	NULL, /* Reserved8 */
+	NULL, /* QuerySecurityContextToken */
+	NULL, /* EncryptMessage */
+	NULL, /* DecryptMessage */
+	NULL, /* SetContextAttributes */
+};

libfreerdp-auth/sspi.c

@@ -0,0 +1,362 @@
+/**
+ * FreeRDP: A Remote Desktop Protocol Implementation
+ * Security Support Provider Interface (SSPI)
+ *
+ * Copyright 2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <freerdp/utils/memory.h>
+
+#include <freerdp/auth/sspi.h>
+
+/* Authentication Functions: http://msdn.microsoft.com/en-us/library/windows/desktop/aa374731/ */
+
+extern const SEC_PKG_INFO NTLM_SEC_PKG_INFO;
+extern const SEC_PKG_INFO CREDSSP_SEC_PKG_INFO;
+
+const SECURITY_FUNCTION_TABLE SSPI_SECURITY_FUNCTION_TABLE;
+extern const SECURITY_FUNCTION_TABLE NTLM_SECURITY_FUNCTION_TABLE;
+extern const SECURITY_FUNCTION_TABLE CREDSSP_SECURITY_FUNCTION_TABLE;
+
+const SEC_PKG_INFO* SEC_PKG_INFO_LIST[] =
+{
+	&NTLM_SEC_PKG_INFO,
+	&CREDSSP_SEC_PKG_INFO
+};
+
+struct _SECURITY_FUNCTION_TABLE_NAME
+{
+	char* Name;
+	const SECURITY_FUNCTION_TABLE* security_function_table;
+};
+typedef struct _SECURITY_FUNCTION_TABLE_NAME SECURITY_FUNCTION_TABLE_NAME;
+
+const SECURITY_FUNCTION_TABLE_NAME SECURITY_FUNCTION_TABLE_NAME_LIST[] =
+{
+	{ "NTLM", &NTLM_SECURITY_FUNCTION_TABLE },
+	{ "CREDSSP", &CREDSSP_SECURITY_FUNCTION_TABLE }
+};
+
+#define SEC_HANDLE_LOWER_MAX	0xFFFFFFFF
+#define SEC_HANDLE_UPPER_MAX	0xFFFFFFFE
+
+SECURITY_FUNCTION_TABLE* sspi_GetSecurityFunctionTableByName(const char* Name)
+{
+	int index;
+	uint32 cPackages;
+
+	cPackages = sizeof(SEC_PKG_INFO_LIST) / sizeof(SEC_PKG_INFO*);
+
+	for (index = 0; index < cPackages; index++)
+	{
+		if (strcmp(Name, SECURITY_FUNCTION_TABLE_NAME_LIST[index].Name) == 0)
+		{
+			return (SECURITY_FUNCTION_TABLE*) SECURITY_FUNCTION_TABLE_NAME_LIST[index].security_function_table;
+		}
+	}
+
+	return NULL;
+}
+
+/* Package Management */
+
+SECURITY_STATUS EnumerateSecurityPackages(uint32* pcPackages, SEC_PKG_INFO** ppPackageInfo)
+{
+	/*
+	 * Name: Negotiate
+	 * Comment: Microsoft Package Negotiator
+	 * fCapabilities: 0x00083BB3
+	 * wVersion: 1
+	 * wRPCID: 0x0009
+	 * cbMaxToken: 0x00002FE0
+	 */
+
+	/*
+	 * Name: NegoExtender
+	 * Comment: NegoExtender Security Package
+	 * fCapabilities: 0x00113913
+	 * wVersion: 1
+	 * wRPCID: 0x001E
+	 * cbMaxToken: 0x00002EE0
+	 */
+
+	/*
+	 * Name: Kerberos
+	 * Comment: Microsoft Kerberos V1.0
+	 * fCapabilities: 0x000F3BBF
+	 * wVersion: 1
+	 * wRPCID: 0x0010
+	 * cbMaxToken: 0x00002EE0
+	 */
+
+	/*
+	 * Name: NTLM
+	 * Comment: NTLM Security Package
+	 * fCapabilities: 0x00082B37
+	 * wVersion: 1
+	 * wRPCID: 0x000A
+	 * cbMaxToken: 0x00000B48
+	 */
+
+	/*
+	 * Name: Schannel
+	 * Comment: Schannel Security Package
+	 * fCapabilities: 0x000107B3
+	 * wVersion: 1
+	 * wRPCID: 0x000E
+	 * cbMaxToken: 0x00006000
+	 */
+
+	/*
+	 * Name: TSSSP
+	 * Comment: TS Service Security Package
+	 * fCapabilities: 0x00010230
+	 * wVersion: 1
+	 * wRPCID: 0x0016
+	 * cbMaxToken: 0x000032C8
+	 */
+
+	/*
+	 * Name: CREDSSP
+	 * Comment: Microsoft CredSSP Security Provider
+	 * fCapabilities: 0x000110733
+	 * wVersion: 1
+	 * wRPCID: 0xFFFF
+	 * cbMaxToken: 0x000090A8
+	 */
+
+	int index;
+	uint32 cPackages;
+	SEC_PKG_INFO* pPackageInfo;
+
+	cPackages = sizeof(SEC_PKG_INFO_LIST) / sizeof(SEC_PKG_INFO*);
+	pPackageInfo = (SEC_PKG_INFO*) xmalloc(sizeof(SEC_PKG_INFO) * cPackages);
+
+	for (index = 0; index < cPackages; index++)
+	{
+		pPackageInfo[index].fCapabilities = SEC_PKG_INFO_LIST[index]->fCapabilities;
+		pPackageInfo[index].wVersion = SEC_PKG_INFO_LIST[index]->wVersion;
+		pPackageInfo[index].wRPCID = SEC_PKG_INFO_LIST[index]->wRPCID;
+		pPackageInfo[index].cbMaxToken = SEC_PKG_INFO_LIST[index]->cbMaxToken;
+		pPackageInfo[index].Name = xstrdup(SEC_PKG_INFO_LIST[index]->Name);
+		pPackageInfo[index].Comment = xstrdup(SEC_PKG_INFO_LIST[index]->Comment);
+	}
+
+	*(pcPackages) = cPackages;
+	*(ppPackageInfo) = pPackageInfo;
+
+	return SEC_E_OK;
+}
+
+SECURITY_FUNCTION_TABLE* InitSecurityInterface(void)
+{
+	SECURITY_FUNCTION_TABLE* security_function_table;
+	security_function_table = xnew(SECURITY_FUNCTION_TABLE);
+	memcpy((void*) security_function_table, (void*) &SSPI_SECURITY_FUNCTION_TABLE, sizeof(SECURITY_FUNCTION_TABLE));
+	return security_function_table;
+}
+
+SECURITY_STATUS QuerySecurityPackageInfo(char* pszPackageName, SEC_PKG_INFO** ppPackageInfo)
+{
+	int index;
+	uint32 cPackages;
+	SEC_PKG_INFO* pPackageInfo;
+
+	cPackages = sizeof(SEC_PKG_INFO_LIST) / sizeof(SEC_PKG_INFO*);
+
+	for (index = 0; index < cPackages; index++)
+	{
+		if (strcmp(pszPackageName, SEC_PKG_INFO_LIST[index]->Name) == 0)
+		{
+			pPackageInfo = (SEC_PKG_INFO*) xmalloc(sizeof(SEC_PKG_INFO));
+
+			pPackageInfo->fCapabilities = SEC_PKG_INFO_LIST[index]->fCapabilities;
+			pPackageInfo->wVersion = SEC_PKG_INFO_LIST[index]->wVersion;
+			pPackageInfo->wRPCID = SEC_PKG_INFO_LIST[index]->wRPCID;
+			pPackageInfo->cbMaxToken = SEC_PKG_INFO_LIST[index]->cbMaxToken;
+			pPackageInfo->Name = xstrdup(SEC_PKG_INFO_LIST[index]->Name);
+			pPackageInfo->Comment = xstrdup(SEC_PKG_INFO_LIST[index]->Comment);
+
+			*(ppPackageInfo) = pPackageInfo;
+
+			return SEC_E_OK;
+		}
+	}
+
+	*(ppPackageInfo) = NULL;
+
+	return SEC_E_SECPKG_NOT_FOUND;
+}
+
+/* Credential Management */
+
+SECURITY_STATUS AcquireCredentialsHandle(char* pszPrincipal, char* pszPackage,
+		uint32 fCredentialUse, void* pvLogonID, void* pAuthData, void* pGetKeyFn,
+		void* pvGetKeyArgument, CRED_HANDLE* phCredential, SEC_TIMESTAMP* ptsExpiry)
+{
+	SECURITY_STATUS status;
+	SECURITY_FUNCTION_TABLE* table = sspi_GetSecurityFunctionTableByName(pszPackage);
+
+	if (!table)
+		return SEC_E_SECPKG_NOT_FOUND;
+
+	if (!(table->AcquireCredentialsHandle))
+		return SEC_E_UNSUPPORTED_FUNCTION;
+
+	status = table->AcquireCredentialsHandle(pszPrincipal, pszPackage, fCredentialUse,
+			pvLogonID, pAuthData, pGetKeyFn, pvGetKeyArgument, phCredential, ptsExpiry);
+
+	return status;
+}
+
+SECURITY_STATUS ExportSecurityContext(CTXT_HANDLE* phContext, uint32 fFlags, SEC_BUFFER* pPackedContext, void* pToken)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS FreeCredentialsHandle(CRED_HANDLE* phCredential)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS ImportSecurityContext(char* pszPackage, SEC_BUFFER* pPackedContext, void* pToken, CTXT_HANDLE* phContext)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS QueryCredentialsAttributes(CRED_HANDLE* phCredential, uint32 ulAttribute, void* pBuffer)
+{
+	return SEC_E_OK;
+}
+
+/* Context Management */
+
+SECURITY_STATUS AcceptSecurityContext(CRED_HANDLE* phCredential, CTXT_HANDLE* phContext,
+		SEC_BUFFER_DESC* pInput, uint32 fContextReq, uint32 TargetDataRep, CTXT_HANDLE* phNewContext,
+		SEC_BUFFER_DESC* pOutput, uint32* pfContextAttr, SEC_TIMESTAMP* ptsTimeStamp)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS ApplyControlToken(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pInput)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS CompleteAuthToken(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pToken)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS DeleteSecurityContext(CTXT_HANDLE* phContext)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS FreeContextBuffer(void* pvContextBuffer)
+{
+	if (pvContextBuffer != NULL)
+		xfree(pvContextBuffer);
+
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS ImpersonateSecurityContext(CTXT_HANDLE* phContext)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS InitializeSecurityContext(CRED_HANDLE* phCredential, CTXT_HANDLE* phContext,
+		char* pszTargetName, uint32 fContextReq, uint32 Reserved1, uint32 TargetDataRep,
+		SEC_BUFFER_DESC* pInput, uint32 Reserved2, CTXT_HANDLE* phNewContext,
+		SEC_BUFFER_DESC* pOutput, uint32* pfContextAttr, SEC_TIMESTAMP* ptsExpiry)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS QueryContextAttributes(CTXT_HANDLE* phContext, uint32 ulAttribute, void* pBuffer)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS QuerySecurityContextToken(CTXT_HANDLE* phContext, void* phToken)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS SetContextAttributes(CTXT_HANDLE* phContext, uint32 ulAttribute, void* pBuffer, uint32 cbBuffer)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS RevertSecurityContext(CTXT_HANDLE* phContext)
+{
+	return SEC_E_OK;
+}
+
+/* Message Support */
+
+SECURITY_STATUS DecryptMessage(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo, uint32* pfQOP)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS EncryptMessage(CTXT_HANDLE* phContext, uint32 fQOP, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS MakeSignature(CTXT_HANDLE* phContext, uint32 fQOP, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo)
+{
+	return SEC_E_OK;
+}
+
+SECURITY_STATUS VerifySignature(CTXT_HANDLE* phContext, SEC_BUFFER_DESC* pMessage, uint32 MessageSeqNo, uint32* pfQOP)
+{
+	return SEC_E_OK;
+}
+
+const SECURITY_FUNCTION_TABLE SSPI_SECURITY_FUNCTION_TABLE =
+{
+	1, /* dwVersion */
+	EnumerateSecurityPackages, /* EnumerateSecurityPackages */
+	NULL, /* Reserved1 */
+	QueryCredentialsAttributes, /* QueryCredentialsAttributes */
+	AcquireCredentialsHandle, /* AcquireCredentialsHandle */
+	FreeCredentialsHandle, /* FreeCredentialsHandle */
+	NULL, /* Reserved2 */
+	InitializeSecurityContext, /* InitializeSecurityContext */
+	AcceptSecurityContext, /* AcceptSecurityContext */
+	CompleteAuthToken, /* CompleteAuthToken */
+	DeleteSecurityContext, /* DeleteSecurityContext */
+	ApplyControlToken, /* ApplyControlToken */
+	QueryContextAttributes, /* QueryContextAttributes */
+	ImpersonateSecurityContext, /* ImpersonateSecurityContext */
+	RevertSecurityContext, /* RevertSecurityContext */
+	MakeSignature, /* MakeSignature */
+	VerifySignature, /* VerifySignature */
+	FreeContextBuffer, /* FreeContextBuffer */
+	QuerySecurityPackageInfo, /* QuerySecurityPackageInfo */
+	NULL, /* Reserved3 */
+	NULL, /* Reserved4 */
+	ExportSecurityContext, /* ExportSecurityContext */
+	ImportSecurityContext, /* ImportSecurityContext */
+	NULL, /* AddCredentials */
+	NULL, /* Reserved8 */
+	QuerySecurityContextToken, /* QuerySecurityContextToken */
+	EncryptMessage, /* EncryptMessage */
+	DecryptMessage, /* DecryptMessage */
+	SetContextAttributes, /* SetContextAttributes */
+};

libfreerdp-core/CMakeLists.txt

@@ -18,6 +18,7 @@
 # limitations under the License.
 
 add_definitions(-DEXT_PATH="/usr/lib/freerdp/extensions")
+
 include_directories(${OPENSSL_INCLUDE_DIR})
 include_directories(${ZLIB_INCLUDE_DIRS})
 
@@ -99,6 +100,7 @@ target_link_libraries(freerdp-core freerdp-codec)
 target_link_libraries(freerdp-core freerdp-crypto)
 target_link_libraries(freerdp-core freerdp-auth)
 target_link_libraries(freerdp-core freerdp-locale)
+target_link_libraries(freerdp-core ${OPENSSL_LIBRARIES})
 
 install(TARGETS freerdp-core DESTINATION ${CMAKE_INSTALL_LIBDIR})
 

libfreerdp-core/fastpath.c

@@ -546,9 +546,9 @@ boolean fastpath_send_input_pdu(rdpFastPath* fastpath, STREAM* s)
 	rdp = fastpath->rdp;
 
 	length = stream_get_length(s);
-	if (length > 127)
+	if (length >= (2 << 14))
 	{
-		printf("Maximum FastPath PDU length is 127\n");
+		printf("Maximum FastPath PDU length is 32767\n");
 		return false;
 	}
 
@@ -568,23 +568,25 @@ boolean fastpath_send_input_pdu(rdpFastPath* fastpath, STREAM* s)
 	 * because we can leave room for fixed-length header, store all
 	 * the data first and then store the header.
 	 */
-	stream_write_uint16_be(s, 0x8000 | (length + sec_bytes));
+	stream_write_uint16_be(s, 0x8000 | length);
 
 	if (sec_bytes > 0)
 	{
-		uint8* ptr;
+		uint8* fpInputEvents;
+		uint16 fpInputEvents_length;
 
-		ptr = stream_get_tail(s) + sec_bytes;
+		fpInputEvents = stream_get_tail(s) + sec_bytes;
+		fpInputEvents_length = length - 3 - sec_bytes;
 		if (rdp->sec_flags & SEC_SECURE_CHECKSUM)
-			security_salted_mac_signature(rdp, ptr, length - 3, true, stream_get_tail(s));
+			security_salted_mac_signature(rdp, fpInputEvents, fpInputEvents_length, true, stream_get_tail(s));
 		else
-			security_mac_signature(rdp, ptr, length - 3, stream_get_tail(s));
-		security_encrypt(ptr, length - 3, rdp);
+			security_mac_signature(rdp, fpInputEvents, fpInputEvents_length, stream_get_tail(s));
+		security_encrypt(fpInputEvents, fpInputEvents_length, rdp);
 	}
 
 	rdp->sec_flags = 0;
 
-	stream_set_pos(s, length + sec_bytes);
+	stream_set_pos(s, length);
 	if (transport_write(fastpath->rdp->transport, s) < 0)
 		return false;
 

libfreerdp-core/gcc.c

@@ -461,15 +461,15 @@ void gcc_write_user_data_header(STREAM* s, uint16 type, uint16 length)
 
 boolean gcc_read_client_core_data(STREAM* s, rdpSettings* settings, uint16 blockLength)
 {
+	char* str;
 	uint32 version;
+	uint32 color_depth;
 	uint16 colorDepth = 0;
 	uint16 postBeta2ColorDepth = 0;
 	uint16 highColorDepth = 0;
 	uint16 supportedColorDepths = 0;
 	uint16 earlyCapabilityFlags = 0;
 	uint32 serverSelectedProtocol = 0;
-	int color_depth;
-	char* str;
 
 	/* Length of all required fields, until imeFileName */
 	if (blockLength < 128)
@@ -852,6 +852,40 @@ static const uint8 initial_signature[] =
 	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x01
 };
 
+/*
+ * Terminal Services Signing Keys.
+ * Yes, Terminal Services Private Key is publicly available.
+ */
+
+const uint8 tssk_modulus[] =
+{
+	0x3d, 0x3a, 0x5e, 0xbd, 0x72, 0x43, 0x3e, 0xc9,
+	0x4d, 0xbb, 0xc1, 0x1e, 0x4a, 0xba, 0x5f, 0xcb,
+	0x3e, 0x88, 0x20, 0x87, 0xef, 0xf5, 0xc1, 0xe2,
+	0xd7, 0xb7, 0x6b, 0x9a, 0xf2, 0x52, 0x45, 0x95,
+	0xce, 0x63, 0x65, 0x6b, 0x58, 0x3a, 0xfe, 0xef,
+	0x7c, 0xe7, 0xbf, 0xfe, 0x3d, 0xf6, 0x5c, 0x7d,
+	0x6c, 0x5e, 0x06, 0x09, 0x1a, 0xf5, 0x61, 0xbb,
+	0x20, 0x93, 0x09, 0x5f, 0x05, 0x6d, 0xea, 0x87
+};
+
+const uint8 tssk_privateExponent[] =
+{
+	0x87, 0xa7, 0x19, 0x32, 0xda, 0x11, 0x87, 0x55,
+	0x58, 0x00, 0x16, 0x16, 0x25, 0x65, 0x68, 0xf8,
+	0x24, 0x3e, 0xe6, 0xfa, 0xe9, 0x67, 0x49, 0x94,
+	0xcf, 0x92, 0xcc, 0x33, 0x99, 0xe8, 0x08, 0x60,
+	0x17, 0x9a, 0x12, 0x9f, 0x24, 0xdd, 0xb1, 0x24,
+	0x99, 0xc7, 0x3a, 0xb8, 0x0a, 0x7b, 0x0d, 0xdd,
+	0x35, 0x07, 0x79, 0x17, 0x0b, 0x51, 0x9b, 0xb3,
+	0xc7, 0x10, 0x01, 0x13, 0xe7, 0x3f, 0xf3, 0x5f
+};
+
+const uint8 tssk_exponent[] =
+{
+	0x5b, 0x7b, 0x88, 0xc0
+};
+
 void gcc_write_server_security_data(STREAM* s, rdpSettings* settings)
 {
 	CryptoMd5 md5;

libfreerdp-core/rdp.h

@@ -136,8 +136,10 @@ struct rdp_rdp
 	struct rdp_mppc* mppc;
 	struct crypto_rc4_struct* rc4_decrypt_key;
 	int decrypt_use_count;
+	int decrypt_checksum_use_count;
 	struct crypto_rc4_struct* rc4_encrypt_key;
 	int encrypt_use_count;
+	int encrypt_checksum_use_count;
 	struct crypto_des3_struct* fips_encrypt;
 	struct crypto_des3_struct* fips_decrypt;
 	struct crypto_hmac_struct* fips_hmac;

libfreerdp-core/security.c

@@ -262,14 +262,17 @@ void security_salted_mac_signature(rdpRdp *rdp, uint8* data, uint32 length, bool
 
 	security_uint32_le(length_le, length); /* length must be little-endian */
 	if (encryption)
-		security_uint32_le(use_count_le, rdp->encrypt_use_count);
+	{
+		security_uint32_le(use_count_le, rdp->encrypt_checksum_use_count);
+	}
 	else
 	{
 		/*
 		 * We calculate checksum on plain text, so we must have already
-		 * decrypt it, which means decrypt_use_count is off by one.
+		 * decrypt it, which means decrypt_checksum_use_count is
+		 * off by one.
 		 */
-		security_uint32_le(use_count_le, rdp->decrypt_use_count - 1);
+		security_uint32_le(use_count_le, rdp->decrypt_checksum_use_count - 1);
 	}
 
 	/* SHA1_Digest = SHA1(MACKeyN + pad1 + length + data) */
@@ -461,7 +464,8 @@ boolean security_encrypt(uint8* data, int length, rdpRdp* rdp)
 		rdp->encrypt_use_count = 0;
 	}
 	crypto_rc4(rdp->rc4_encrypt_key, length, data, data);
-	rdp->encrypt_use_count += 1;
+	rdp->encrypt_use_count++;
+	rdp->encrypt_checksum_use_count++;
 	return true;
 }
 
@@ -476,6 +480,7 @@ boolean security_decrypt(uint8* data, int length, rdpRdp* rdp)
 	}
 	crypto_rc4(rdp->rc4_decrypt_key, length, data, data);
 	rdp->decrypt_use_count += 1;
+	rdp->decrypt_checksum_use_count++;
 	return true;
 }
 

libfreerdp-core/tcp.c

@@ -127,7 +127,7 @@ boolean tcp_connect(rdpTcp* tcp, const char* hostname, uint16 port)
 
 	if (status != 0)
 	{
-		printf("transport_connect: getaddrinfo (%s)\n", gai_strerror(status));
+		printf("tcp_connect: getaddrinfo (%s)\n", gai_strerror(status));
 		return false;
 	}
 

libfreerdp-crypto/CMakeLists.txt

@@ -26,10 +26,18 @@ set(FREERDP_CRYPTO_SRCS
 
 add_library(freerdp-crypto ${FREERDP_CRYPTO_SRCS})
 
+include_directories(${OPENSSL_INCLUDE_DIR})
+include_directories(${ZLIB_INCLUDE_DIRS})
+
 set_target_properties(freerdp-crypto PROPERTIES VERSION ${FREERDP_VERSION_FULL} SOVERSION ${FREERDP_VERSION} PREFIX "lib")
 
+if(WIN32)
+	target_link_libraries(freerdp-crypto ws2_32)
+else()
+	target_link_libraries(freerdp-crypto ${ZLIB_LIBRARIES})	
+endif()
+
 target_link_libraries(freerdp-crypto freerdp-utils)
 target_link_libraries(freerdp-crypto ${OPENSSL_LIBRARIES})
 
 install(TARGETS freerdp-crypto DESTINATION ${CMAKE_INSTALL_LIBDIR})
-

libfreerdp-crypto/ber.c

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * ASN.1 Basic Encoding Rules (BER)
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

libfreerdp-crypto/certificate.c

@@ -1,9 +1,9 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * Certificate Handling
  *
  * Copyright 2011 Jiten Pathy
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

libfreerdp-crypto/crypto.c

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * Cryptographic Abstraction Layer
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -195,40 +195,6 @@ exit:
 	return status;
 }
 
-/*
- * Terminal Services Signing Keys.
- * Yes, Terminal Services Private Key is publicly available.
- */
-
-const uint8 tssk_modulus[] =
-{
-	0x3d, 0x3a, 0x5e, 0xbd, 0x72, 0x43, 0x3e, 0xc9,
-	0x4d, 0xbb, 0xc1, 0x1e, 0x4a, 0xba, 0x5f, 0xcb,
-	0x3e, 0x88, 0x20, 0x87, 0xef, 0xf5, 0xc1, 0xe2,
-	0xd7, 0xb7, 0x6b, 0x9a, 0xf2, 0x52, 0x45, 0x95,
-	0xce, 0x63, 0x65, 0x6b, 0x58, 0x3a, 0xfe, 0xef,
-	0x7c, 0xe7, 0xbf, 0xfe, 0x3d, 0xf6, 0x5c, 0x7d,
-	0x6c, 0x5e, 0x06, 0x09, 0x1a, 0xf5, 0x61, 0xbb,
-	0x20, 0x93, 0x09, 0x5f, 0x05, 0x6d, 0xea, 0x87
-};
-
-const uint8 tssk_privateExponent[] =
-{
-	0x87, 0xa7, 0x19, 0x32, 0xda, 0x11, 0x87, 0x55,
-	0x58, 0x00, 0x16, 0x16, 0x25, 0x65, 0x68, 0xf8,
-	0x24, 0x3e, 0xe6, 0xfa, 0xe9, 0x67, 0x49, 0x94,
-	0xcf, 0x92, 0xcc, 0x33, 0x99, 0xe8, 0x08, 0x60,
-	0x17, 0x9a, 0x12, 0x9f, 0x24, 0xdd, 0xb1, 0x24,
-	0x99, 0xc7, 0x3a, 0xb8, 0x0a, 0x7b, 0x0d, 0xdd,
-	0x35, 0x07, 0x79, 0x17, 0x0b, 0x51, 0x9b, 0xb3,
-	0xc7, 0x10, 0x01, 0x13, 0xe7, 0x3f, 0xf3, 0x5f
-};
-
-const uint8 tssk_exponent[] =
-{
-	0x5b, 0x7b, 0x88, 0xc0
-};
-
 static void crypto_rsa_common(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, int exponent_size, uint8* output)
 {
 	BN_CTX* ctx;

libfreerdp-crypto/per.c

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * ASN.1 Packed Encoding Rules (BER)
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

libfreerdp-crypto/tls.c

@@ -1,8 +1,8 @@
 /**
- * FreeRDP: A Remote Desktop Protocol Client
+ * FreeRDP: A Remote Desktop Protocol Implementation
  * Transport Layer Security
  *
- * Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ * Copyright 2011-2012 Marc-Andre Moreau <marcandre.moreau@gmail.com>
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -128,7 +128,7 @@ boolean tls_accept(rdpTls* tls, const char* cert_file, const char* privatekey_fi
 {
 	int connection_status;
 
-	tls->ctx = SSL_CTX_new(TLSv1_server_method());
+	tls->ctx = SSL_CTX_new(SSLv23_server_method());
 
 	if (tls->ctx == NULL)
 	{
@@ -136,6 +136,12 @@ boolean tls_accept(rdpTls* tls, const char* cert_file, const char* privatekey_fi
 		return false;
 	}
 
+	/*
+	 * We only want SSLv3 and TLSv1, so disable SSLv2.
+	 * SSLv3 is used by, eg. Microsoft RDC for Mac OS X.
+	 */
+	SSL_CTX_set_options(tls->ctx, SSL_OP_NO_SSLv2);
+
 	if (SSL_CTX_use_RSAPrivateKey_file(tls->ctx, privatekey_file, SSL_FILETYPE_PEM) <= 0)
 	{
 		printf("SSL_CTX_use_RSAPrivateKey_file failed\n");
@@ -231,6 +237,14 @@ int tls_write(rdpTls* tls, uint8* data, int length)
 	return status;
 }
 
+static void tls_errors(const char *prefix)
+{
+	unsigned long error;
+
+	while ((error = ERR_get_error()) != 0)
+		printf("%s: %s\n", prefix, ERR_error_string(error, NULL));
+}
+
 boolean tls_print_error(char* func, SSL* connection, int value)
 {
 	switch (SSL_get_error(connection, value))
@@ -249,14 +263,17 @@ boolean tls_print_error(char* func, SSL* connection, int value)
 
 		case SSL_ERROR_SYSCALL:
 			printf("%s: I/O error\n", func);
+			tls_errors(func);
 			return true;
 
 		case SSL_ERROR_SSL:
 			printf("%s: Failure in SSL library (protocol error?)\n", func);
+			tls_errors(func);
 			return true;
 
 		default:
 			printf("%s: Unknown error\n", func);
+			tls_errors(func);
 			return true;
 	}
 }

libfreerdp-locale/keyboard.c

@@ -47,7 +47,8 @@ uint32 RDP_SCANCODE_TO_X11_KEYCODE[256][2];
 RDP_SCANCODE X11_KEYCODE_TO_RDP_SCANCODE[256];
 
 extern const VIRTUAL_KEY_CODE VIRTUAL_KEY_CODE_TABLE[256];
-extern const RDP_SCANCODE VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[256];
+extern const uint32 VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[256];
+extern const RDP_SCANCODE VIRTUAL_KEY_CODE_TO_DEFAULT_RDP_SCANCODE_TABLE[256];
 
 int freerdp_keyboard_load_map(uint32 keycode_to_vkcode[256], char* name)
 {
@@ -56,6 +57,8 @@ int freerdp_keyboard_load_map(uint32 keycode_to_vkcode[256], char* name)
 	char* beg;
 	char* end;
 	int i = 0;
+	uint32 vkcode;
+	uint32 scancode;
 	int kbd_found = 0;
 	char* keymap_path;
 	uint32 keycode = 0;
@@ -65,7 +68,8 @@ int freerdp_keyboard_load_map(uint32 keycode_to_vkcode[256], char* name)
 	char keymap_filename[256] = "";
 	char keycode_string[32] = "";
 	char vkcode_name[128] = "";
-	VIRTUAL_KEY_CODE* vkcode;
+	boolean found = false;
+	boolean extended = false;
 
 	beg = name;
 
@@ -144,17 +148,23 @@ int freerdp_keyboard_load_map(uint32 keycode_to_vkcode[256], char* name)
 				/* Load this key mapping in the keyboard mapping */
 
 				i = 0;
+				found = false;
+				extended = false;
 
-				do
+				for (i = 0; i < 256; i++)
 				{
-					vkcode = (VIRTUAL_KEY_CODE*) &VIRTUAL_KEY_CODE_TABLE[i];
-
-					if (strcmp(vkcode_name, vkcode->name) == 0)
-						keycode_to_vkcode[keycode] = vkcode->code;
-
-					i++;
+					if (VIRTUAL_KEY_CODE_TABLE[i].name)
+					{
+						if (strcmp(vkcode_name, VIRTUAL_KEY_CODE_TABLE[i].name) == 0)
+						{
+							found = true;
+							vkcode = VIRTUAL_KEY_CODE_TABLE[i].code;
+							scancode = VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode];
+							extended = VIRTUAL_KEY_CODE_TO_DEFAULT_RDP_SCANCODE_TABLE[vkcode].extended;
+							keycode_to_vkcode[keycode] = vkcode;
+						}
+					}
 				}
-				while (vkcode->code != 0);
 			}
 			else if ((pch = strstr(buffer, ": extends")) != NULL)
 			{
@@ -269,6 +279,9 @@ uint32 freerdp_keyboard_init(uint32 keyboardLayoutId)
 
 uint32 freerdp_keyboard_get_rdp_scancode_from_x11_keycode(uint32 keycode, boolean* extended)
 {
+	DEBUG_KBD("x11 keycode: %02X -> rdp code: %02X%s", keycode,
+		X11_KEYCODE_TO_RDP_SCANCODE[keycode].code,
+		X11_KEYCODE_TO_RDP_SCANCODE[keycode].extended ? " extended" : "");
 	*extended = X11_KEYCODE_TO_RDP_SCANCODE[keycode].extended;
 	return X11_KEYCODE_TO_RDP_SCANCODE[keycode].code;
 }
@@ -283,8 +296,8 @@ uint32 freerdp_keyboard_get_x11_keycode_from_rdp_scancode(uint32 scancode, boole
 
 uint32 freerdp_keyboard_get_rdp_scancode_from_virtual_key_code(uint32 vkcode, boolean* extended)
 {
-	*extended = VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode].extended;
-	return VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode].code;
+	*extended = VIRTUAL_KEY_CODE_TO_DEFAULT_RDP_SCANCODE_TABLE[vkcode].extended;
+	return VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode];
 }
 
 char* freerdp_keyboard_get_virtual_key_code_name(uint32 vkcode)

libfreerdp-locale/keyboard_layout.c

@@ -469,7 +469,269 @@ const VIRTUAL_KEY_CODE VIRTUAL_KEY_CODE_TABLE[256] =
 
 /* the index in this table is the virtual key code */
 
-const RDP_SCANCODE VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[256] =
+const uint32 VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[256] =
+{
+	0x00,
+	0x00, /* VK_LBUTTON */
+	0x00, /* VK_RBUTTON */
+	0x00, /* VK_CANCEL */
+	0x00, /* VK_MBUTTON */
+	0x00, /* VK_XBUTTON1 */
+	0x00, /* VK_XBUTTON2 */
+	0x00,
+	0x0E, /* VK_BACK */
+	0x0F, /* VK_TAB */
+	0x00,
+	0x00,
+	0x00, /* VK_CLEAR */
+	0x1C, /* VK_RETURN */
+	0x00,
+	0x00,
+	0x2A, /* VK_SHIFT */
+	0x00, /* VK_CONTROL */
+	0x38, /* VK_MENU */
+	0x46, /* VK_PAUSE */
+	0x3A, /* VK_CAPITAL */
+	0x72, /* VK_KANA / VK_HANGUL */
+	0x00,
+	0x00, /* VK_JUNJA */
+	0x00, /* VK_FINAL */
+	0x71, /* VK_HANJA / VK_KANJI */
+	0x00,
+	0x01, /* VK_ESCAPE */
+	0x00, /* VK_CONVERT */
+	0x00, /* VK_NONCONVERT */
+	0x00, /* VK_ACCEPT */
+	0x00, /* VK_MODECHANGE */
+	0x39, /* VK_SPACE */
+	0x49, /* VK_PRIOR */
+	0x51, /* VK_NEXT */
+	0x4F, /* VK_END */
+	0x47, /* VK_HOME */
+	0x4B, /* VK_LEFT */
+	0x48, /* VK_UP */
+	0x4D, /* VK_RIGHT */
+	0x50, /* VK_DOWN */
+	0x00, /* VK_SELECT */
+	0x37, /* VK_PRINT */
+	0x37, /* VK_EXECUTE */
+	0x37, /* VK_SNAPSHOT */
+	0x52, /* VK_INSERT */
+	0x53, /* VK_DELETE */
+	0x63, /* VK_HELP */
+	0x0B, /* VK_KEY_0 */
+	0x02, /* VK_KEY_1 */
+	0x03, /* VK_KEY_2 */
+	0x04, /* VK_KEY_3 */
+	0x05, /* VK_KEY_4 */
+	0x06, /* VK_KEY_5 */
+	0x07, /* VK_KEY_6 */
+	0x08, /* VK_KEY_7 */
+	0x09, /* VK_KEY_8 */
+	0x0A, /* VK_KEY_9 */
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x1E, /* VK_KEY_A */
+	0x30, /* VK_KEY_B */
+	0x2E, /* VK_KEY_C */
+	0x20, /* VK_KEY_D */
+	0x12, /* VK_KEY_E */
+	0x21, /* VK_KEY_F */
+	0x22, /* VK_KEY_G */
+	0x23, /* VK_KEY_H */
+	0x17, /* VK_KEY_I */
+	0x24, /* VK_KEY_J */
+	0x25, /* VK_KEY_K */
+	0x26, /* VK_KEY_L */
+	0x32, /* VK_KEY_M */
+	0x31, /* VK_KEY_N */
+	0x18, /* VK_KEY_O */
+	0x19, /* VK_KEY_P */
+	0x10, /* VK_KEY_Q */
+	0x13, /* VK_KEY_R */
+	0x1F, /* VK_KEY_S */
+	0x14, /* VK_KEY_T */
+	0x16, /* VK_KEY_U */
+	0x2F, /* VK_KEY_V */
+	0x11, /* VK_KEY_W */
+	0x2D, /* VK_KEY_X */
+	0x15, /* VK_KEY_Y */
+	0x2C, /* VK_KEY_Z */
+	0x5B, /* VK_LWIN */
+	0x5C, /* VK_RWIN */
+	0x5D, /* VK_APPS */
+	0x00,
+	0x5F, /* VK_SLEEP */
+	0x52, /* VK_NUMPAD0 */
+	0x4F, /* VK_NUMPAD1 */
+	0x50, /* VK_NUMPAD2 */
+	0x51, /* VK_NUMPAD3 */
+	0x4B, /* VK_NUMPAD4 */
+	0x4C, /* VK_NUMPAD5 */
+	0x4D, /* VK_NUMPAD6 */
+	0x47, /* VK_NUMPAD7 */
+	0x48, /* VK_NUMPAD8 */
+	0x49, /* VK_NUMPAD9 */
+	0x37, /* VK_MULTIPLY */
+	0x4E, /* VK_ADD */
+	0x00, /* VK_SEPARATOR */
+	0x4A, /* VK_SUBTRACT */
+	0x53, /* VK_DECIMAL */
+	0x35, /* VK_DIVIDE */
+	0x3B, /* VK_F1 */
+	0x3C, /* VK_F2 */
+	0x3D, /* VK_F3 */
+	0x3E, /* VK_F4 */
+	0x3F, /* VK_F5 */
+	0x40, /* VK_F6 */
+	0x41, /* VK_F7 */
+	0x42, /* VK_F8 */
+	0x43, /* VK_F9 */
+	0x44, /* VK_F10 */
+	0x57, /* VK_F11 */
+	0x58, /* VK_F12 */
+	0x64, /* VK_F13 */
+	0x65, /* VK_F14 */
+	0x66, /* VK_F15 */
+	0x67, /* VK_F16 */
+	0x68, /* VK_F17 */
+	0x69, /* VK_F18 */
+	0x6A, /* VK_F19 */
+	0x6B, /* VK_F20 */
+	0x6C, /* VK_F21 */
+	0x6D, /* VK_F22 */
+	0x6E, /* VK_F23 */
+	0x6F, /* VK_F24 */
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x45, /* VK_NUMLOCK */
+	0x46, /* VK_SCROLL */
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x2A, /* VK_LSHIFT */
+	0x36, /* VK_RSHIFT */
+	0x1D, /* VK_LCONTROL */
+	0x1D, /* VK_RCONTROL */
+	0x38, /* VK_LMENU */
+	0x38, /* VK_RMENU */
+	0x00, /* VK_BROWSER_BACK */
+	0x00, /* VK_BROWSER_FORWARD */
+	0x00, /* VK_BROWSER_REFRESH */
+	0x00, /* VK_BROWSER_STOP */
+	0x00, /* VK_BROWSER_SEARCH */
+	0x00, /* VK_BROWSER_FAVORITES */
+	0x00, /* VK_BROWSER_HOME */
+	0x00, /* VK_VOLUME_MUTE */
+	0x00, /* VK_VOLUME_DOWN */
+	0x00, /* VK_VOLUME_UP */
+	0x00, /* VK_MEDIA_NEXT_TRACK */
+	0x00, /* VK_MEDIA_PREV_TRACK */
+	0x00, /* VK_MEDIA_STOP */
+	0x00, /* VK_MEDIA_PLAY_PAUSE */
+	0x00, /* VK_LAUNCH_MAIL */
+	0x00, /* VK_MEDIA_SELECT */
+	0x00, /* VK_LAUNCH_APP1 */
+	0x00, /* VK_LAUNCH_APP2 */
+	0x00,
+	0x00,
+	0x27, /* VK_OEM_1 */
+	0x0D, /* VK_OEM_PLUS */
+	0x33, /* VK_OEM_COMMA */
+	0x0C, /* VK_OEM_MINUS */
+	0x34, /* VK_OEM_PERIOD */
+	0x35, /* VK_OEM_2 */
+	0x29, /* VK_OEM_3 */
+	0x73, /* VK_ABNT_C1 */
+	0x7E, /* VK_ABNT_C2 */
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x1A, /* VK_OEM_4 */
+	0x2B, /* VK_OEM_5 */
+	0x1B, /* VK_OEM_6 */
+	0x28, /* VK_OEM_7 */
+	0x1D, /* VK_OEM_8 */
+	0x00,
+	0x00,
+	0x56, /* VK_OEM_102 */
+	0x00,
+	0x00,
+	0x00, /* VK_PROCESSKEY */
+	0x00,
+	0x00, /* VK_PACKET */
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00,
+	0x00, /* VK_ATTN */
+	0x00, /* VK_CRSEL */
+	0x00, /* VK_EXSEL */
+	0x00, /* VK_EREOF */
+	0x00, /* VK_PLAY */
+	0x62, /* VK_ZOOM */
+	0x00, /* VK_NONAME */
+	0x00, /* VK_PA1 */
+	0x00, /* VK_OEM_CLEAR */
+	0x00
+};
+
+/* the index in this table is the virtual key code */
+
+const RDP_SCANCODE VIRTUAL_KEY_CODE_TO_DEFAULT_RDP_SCANCODE_TABLE[256] =
 {
 	{ 0x00, 0 },
 	{ 0x00, 0 }, /* VK_LBUTTON */
@@ -582,7 +844,7 @@ const RDP_SCANCODE VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[256] =
 	{ 0x00, 0 }, /* VK_SEPARATOR */
 	{ 0x4A, 0 }, /* VK_SUBTRACT */
 	{ 0x53, 0 }, /* VK_DECIMAL */
-	{ 0x35, 0 }, /* VK_DIVIDE */
+	{ 0x35, 1 }, /* VK_DIVIDE */
 	{ 0x3B, 0 }, /* VK_F1 */
 	{ 0x3C, 0 }, /* VK_F2 */
 	{ 0x3D, 0 }, /* VK_F3 */
@@ -740,13 +1002,12 @@ RDP_KEYBOARD_LAYOUT* freerdp_keyboard_get_layouts(uint32 types)
 	if ((types & RDP_KEYBOARD_LAYOUT_TYPE_STANDARD) != 0)
 	{
 		length = sizeof(RDP_KEYBOARD_LAYOUT_TABLE) / sizeof(RDP_KEYBOARD_LAYOUT);
-
 		layouts = (RDP_KEYBOARD_LAYOUT*) xrealloc(layouts, (num + length + 1) * sizeof(RDP_KEYBOARD_LAYOUT));
 
 		for (i = 0; i < length; i++, num++)
 		{
 			layouts[num].code = RDP_KEYBOARD_LAYOUT_TABLE[i].code;
-			strcpy(layouts[num].name, RDP_KEYBOARD_LAYOUT_TABLE[i].name);
+			layouts[num].name = xstrdup(RDP_KEYBOARD_LAYOUT_TABLE[i].name);
 		}
 	}
 	if ((types & RDP_KEYBOARD_LAYOUT_TYPE_VARIANT) != 0)
@@ -757,7 +1018,7 @@ RDP_KEYBOARD_LAYOUT* freerdp_keyboard_get_layouts(uint32 types)
 		for (i = 0; i < length; i++, num++)
 		{
 			layouts[num].code = RDP_KEYBOARD_LAYOUT_VARIANT_TABLE[i].code;
-			strcpy(layouts[num].name, RDP_KEYBOARD_LAYOUT_VARIANT_TABLE[i].name);
+			layouts[num].name = xstrdup(RDP_KEYBOARD_LAYOUT_VARIANT_TABLE[i].name);
 		}
 	}
 	if ((types & RDP_KEYBOARD_LAYOUT_TYPE_IME) != 0)
@@ -768,7 +1029,7 @@ RDP_KEYBOARD_LAYOUT* freerdp_keyboard_get_layouts(uint32 types)
 		for (i = 0; i < length; i++, num++)
 		{
 			layouts[num].code = RDP_KEYBOARD_IME_TABLE[i].code;
-			strcpy(layouts[num].name, RDP_KEYBOARD_IME_TABLE[i].name);
+			layouts[num].name = xstrdup(RDP_KEYBOARD_IME_TABLE[i].name);
 		}
 	}
 

libfreerdp-locale/keyboard_x11.c

@@ -22,6 +22,7 @@
 #include <string.h>
 
 #include "liblocale.h"
+#include <freerdp/utils/memory.h>
 #include <freerdp/locale/locale.h>
 #include <freerdp/locale/keyboard.h>
 
@@ -29,7 +30,8 @@
 
 extern uint32 RDP_SCANCODE_TO_X11_KEYCODE[256][2];
 extern RDP_SCANCODE X11_KEYCODE_TO_RDP_SCANCODE[256];
-extern const RDP_SCANCODE VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[];
+extern const uint32 VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[256];
+extern const RDP_SCANCODE VIRTUAL_KEY_CODE_TO_DEFAULT_RDP_SCANCODE_TABLE[256];
 
 struct _XKB_VARIANT
 {
@@ -896,48 +898,6 @@ static const XKB_LAYOUT xkbLayouts[] =
 	{ "tm",		 KBD_TURKISH_Q, tm_variants }, /* Turkmenistan */
 };
 
-uint32 freerdp_keyboard_init_x11(uint32 keyboardLayoutId)
-{
-	uint32 vkcode;
-	uint32 keycode;
-	uint32 keycode_to_vkcode[256];
-
-	memset(X11_KEYCODE_TO_RDP_SCANCODE, 0, sizeof(X11_KEYCODE_TO_RDP_SCANCODE));
-	memset(RDP_SCANCODE_TO_X11_KEYCODE, 0, sizeof(RDP_SCANCODE_TO_X11_KEYCODE));
-
-	if (keyboardLayoutId == 0)
-	{
-		keyboardLayoutId = freerdp_detect_keyboard_layout_from_system_locale();
-		DEBUG_KBD("using keyboard layout: %X", keyboardLayoutId);
-	}
-
-	if (keyboardLayoutId == 0)
-	{
-		keyboardLayoutId = 0x0409;
-		DEBUG_KBD("using default keyboard layout: %X", keyboardLayoutId);
-	}
-
-#ifdef __APPLE__
-	/* Apple X11 breaks XKB detection */
-	freerdp_keyboard_load_map(keycode_to_vkcode, "macosx(macosx)");
-#endif
-
-	for (keycode = 0; keycode < 256; keycode++)
-	{
-		vkcode = keycode_to_vkcode[keycode];
-
-		X11_KEYCODE_TO_RDP_SCANCODE[keycode].code = VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode].code;
-		X11_KEYCODE_TO_RDP_SCANCODE[keycode].extended = VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode].extended;
-
-		if (X11_KEYCODE_TO_RDP_SCANCODE[keycode].extended)
-			RDP_SCANCODE_TO_X11_KEYCODE[VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode].code][1] = keycode;
-		else
-			RDP_SCANCODE_TO_X11_KEYCODE[VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode].code][0] = keycode;
-	}
-
-	return keyboardLayoutId;
-}
-
 uint32 find_keyboard_layout_in_xorg_rules(char* layout, char* variant)
 {
 	int i, j;
@@ -945,7 +905,7 @@ uint32 find_keyboard_layout_in_xorg_rules(char* layout, char* variant)
 	if ((layout == NULL) || (variant == NULL))
 		return 0;
 
-	DEBUG_KBD("xkbLayout: %s\txkbVariant: %s\n", layout, variant);
+	DEBUG_KBD("xkbLayout: %s\txkbVariant: %s", layout, variant);
 
 	for (i = 0; i < sizeof(xkbLayouts) / sizeof(XKB_LAYOUT); i++)
 	{
@@ -965,3 +925,229 @@ uint32 find_keyboard_layout_in_xorg_rules(char* layout, char* variant)
 
 	return 0;
 }
+
+uint32 freerdp_detect_keyboard_layout_from_xkb(char** xkb_layout, char** xkb_variant)
+{
+	char* pch;
+	char* beg;
+	char* end;
+	FILE* xprop;
+	char buffer[1024];
+	char* layout = NULL;
+	char* variant = NULL;
+	uint32 keyboardLayoutId = 0;
+
+	/* We start by looking for _XKB_RULES_NAMES_BACKUP which appears to be used by libxklavier */
+
+        xprop = popen("xprop -root _XKB_RULES_NAMES_BACKUP", "r");
+
+	/* Sample output for "Canadian Multilingual Standard"
+	 *
+	 * _XKB_RULES_NAMES_BACKUP(STRING) = "xorg", "pc105", "ca", "multix", ""
+	 * Where "xorg" is the set of rules
+	 * "pc105" the keyboard type
+	 * "ca" the keyboard layout
+	 * "multi" the keyboard layout variant
+	 */
+
+        while(fgets(buffer, sizeof(buffer), xprop) != NULL)
+        {
+		if((pch = strstr(buffer, "_XKB_RULES_NAMES_BACKUP(STRING) = ")) != NULL)
+		{
+			/* "rules" */
+			pch = strchr(&buffer[34], ','); // We assume it is xorg
+			pch += 1;
+
+			/* "type" */
+			pch = strchr(pch, ',');
+
+			/* "layout" */
+			beg = strchr(pch + 1, '"');
+			beg += 1;
+
+			end = strchr(beg, '"');
+			*end = '\0';
+
+			layout = beg;
+
+			/* "variant" */
+			beg = strchr(end + 1, '"');
+			beg += 1;
+
+			end = strchr(beg, '"');
+			*end = '\0';
+
+			variant = beg;
+		}
+        }
+        pclose(xprop);
+
+	keyboardLayoutId = find_keyboard_layout_in_xorg_rules(layout, variant);
+
+	if (keyboardLayoutId > 0)
+	{
+		*xkb_layout = xstrdup(layout);
+		*xkb_variant = xstrdup(variant);
+		return keyboardLayoutId;
+	}
+
+	/* Check _XKB_RULES_NAMES if _XKB_RULES_NAMES_BACKUP fails */
+
+        xprop = popen("xprop -root _XKB_RULES_NAMES", "r");
+
+        while(fgets(buffer, sizeof(buffer), xprop) != NULL)
+        {
+		if((pch = strstr(buffer, "_XKB_RULES_NAMES(STRING) = ")) != NULL)
+		{
+			/* "rules" */
+			pch = strchr(&buffer[27], ','); // We assume it is xorg
+			pch += 1;
+
+			/* "type" */
+			pch = strchr(pch, ',');
+
+			/* "layout" */
+			beg = strchr(pch + 1, '"');
+			beg += 1;
+
+			end = strchr(beg, '"');
+			*end = '\0';
+
+			layout = beg;
+
+			/* "variant" */
+			beg = strchr(end + 1, '"');
+			beg += 1;
+
+			end = strchr(beg, '"');
+			*end = '\0';
+
+			variant = beg;
+		}
+        }
+        pclose(xprop);
+
+	keyboardLayoutId = find_keyboard_layout_in_xorg_rules(layout, variant);
+
+	if (keyboardLayoutId > 0)
+	{
+		*xkb_layout = xstrdup(layout);
+		*xkb_variant = xstrdup(variant);
+		return keyboardLayoutId;
+	}
+
+	return 0;
+}
+
+char* freerdp_detect_keymap_from_xkb()
+{
+	char* pch;
+	char* beg;
+	char* end;
+	int length;
+	FILE* setxkbmap;
+	char buffer[1024];
+	char* keymap = NULL;
+
+	/* this tells us about the current XKB configuration, if XKB is available */
+	setxkbmap = popen("setxkbmap -print", "r");
+
+	while (fgets(buffer, sizeof(buffer), setxkbmap) != NULL)
+	{
+		/* the line with xkb_keycodes is what interests us */
+		pch = strstr(buffer, "xkb_keycodes");
+
+		if (pch != NULL)
+		{
+			pch = strstr(pch, "include");
+
+			if (pch != NULL)
+			{
+				/* check for " " delimiter presence */
+				if ((beg = strchr(pch, '"')) == NULL)
+					break;
+				else
+					beg++;
+
+				if ((pch = strchr(beg + 1, '"')) == NULL)
+					break;
+
+				end = strcspn(beg + 1, "\"") + beg + 1;
+				*end = '\0';
+
+				length = (end - beg);
+				keymap = (char*) xmalloc(length + 1);
+				strncpy(keymap, beg, length);
+				keymap[length] = '\0';
+
+				break;
+			}
+		}
+	}
+
+	pclose(setxkbmap);
+
+	return keymap;
+}
+
+uint32 freerdp_keyboard_init_x11(uint32 keyboardLayoutId)
+{
+	char* keymap;
+	uint32 vkcode;
+	uint32 keycode;
+	uint32 scancode;
+	boolean extended;
+	char* xkb_layout;
+	char* xkb_variant;
+	uint32 keycode_to_vkcode[256];
+
+	memset(keycode_to_vkcode, 0, sizeof(keycode_to_vkcode));
+	memset(X11_KEYCODE_TO_RDP_SCANCODE, 0, sizeof(X11_KEYCODE_TO_RDP_SCANCODE));
+	memset(RDP_SCANCODE_TO_X11_KEYCODE, 0, sizeof(RDP_SCANCODE_TO_X11_KEYCODE));
+
+	if (keyboardLayoutId == 0)
+	{
+		keyboardLayoutId = freerdp_detect_keyboard_layout_from_system_locale();
+		DEBUG_KBD("using keyboard layout: %X", keyboardLayoutId);
+	}
+
+	if (keyboardLayoutId == 0)
+	{
+		keyboardLayoutId = 0x0409;
+		DEBUG_KBD("using default keyboard layout: %X", keyboardLayoutId);
+	}
+
+#ifdef __APPLE__
+	/* Apple X11 breaks XKB detection */
+	freerdp_keyboard_load_map(keycode_to_vkcode, "macosx(macosx)");
+#else
+	if (keyboardLayoutId == 0)
+		keyboardLayoutId = freerdp_detect_keyboard_layout_from_xkb(&xkb_layout, &xkb_variant);
+
+	keymap = freerdp_detect_keymap_from_xkb();
+
+	if (keymap != NULL)
+		freerdp_keyboard_load_maps(keycode_to_vkcode, keymap);
+#endif
+
+	for (keycode = 0; keycode < 256; keycode++)
+	{
+		vkcode = keycode_to_vkcode[keycode];
+
+		if (!(vkcode > 0 && vkcode < 256))
+			continue;
+
+		scancode = VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode];
+		extended = VIRTUAL_KEY_CODE_TO_DEFAULT_RDP_SCANCODE_TABLE[vkcode].extended;
+
+		X11_KEYCODE_TO_RDP_SCANCODE[keycode].code = scancode;
+		X11_KEYCODE_TO_RDP_SCANCODE[keycode].extended = extended;
+
+		if (extended)
+			RDP_SCANCODE_TO_X11_KEYCODE[scancode][1] = keycode;
+		else
+			RDP_SCANCODE_TO_X11_KEYCODE[scancode][0] = keycode;
+	}
+
+	return keyboardLayoutId;
+}

libfreerdp-locale/keyboard_xkb.c

@@ -25,7 +25,7 @@
 
 extern uint32 RDP_SCANCODE_TO_X11_KEYCODE[256][2];
 extern RDP_SCANCODE X11_KEYCODE_TO_RDP_SCANCODE[256];
-extern const RDP_SCANCODE VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[];
+extern const uint32 VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[256];
 
 #include <X11/Xlib.h>
 #include <X11/XKBlib.h>
@@ -36,261 +36,261 @@ extern const RDP_SCANCODE VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[];
 
 VIRTUAL_KEY_CODE_TO_XKB_KEY_NAME VIRTUAL_KEY_CODE_TO_XKB_KEY_NAME_TABLE[] =
 {
-	{ 0, "" },
-	{ VK_LBUTTON, "" },
-	{ VK_RBUTTON, "" },
-	{ VK_CANCEL, "" },
-	{ VK_MBUTTON, "" },
-	{ VK_XBUTTON1, "" },
-	{ VK_XBUTTON2, "" },
-	{ 0, "" },
-	{ VK_BACK, "BKSP" },
-	{ VK_TAB, "TAB" },
-	{ 0, "" },
-	{ 0, "" },
-	{ VK_CLEAR, "" },
-	{ VK_RETURN, "RTRN" },
-	{ 0, "" },
-	{ 0, "" },
-	{ VK_SHIFT, "LFSH" },
-	{ VK_CONTROL, "" },
-	{ VK_MENU, "LALT" },
-	{ VK_PAUSE, "PAUS" },
-	{ VK_CAPITAL, "CAPS" },
-	{ VK_KANA / VK_HANGUL, "" },
-	{ 0, "" },
-	{ VK_JUNJA, "" },
-	{ VK_FINAL, "" },
-	{ VK_HANJA / VK_KANJI, "" },
-	{ 0, "" },
-	{ VK_ESCAPE, "ESC" },
-	{ VK_CONVERT, "" },
-	{ VK_NONCONVERT, "" },
-	{ VK_ACCEPT, "" },
-	{ VK_MODECHANGE, "" },
-	{ VK_SPACE, "SPCE" },
-	{ VK_PRIOR, "PGUP" },
-	{ VK_NEXT, "PGDN" },
-	{ VK_END, "END" },
-	{ VK_HOME, "HOME" },
-	{ VK_LEFT, "LEFT" },
-	{ VK_UP, "UP" },
-	{ VK_RIGHT, "RGHT" },
-	{ VK_DOWN, "DOWN" },
-	{ VK_SELECT, "" },
-	{ VK_PRINT, "PRSC" },
-	{ VK_EXECUTE, "" },
-	{ VK_SNAPSHOT, "" },
-	{ VK_INSERT, "INS" },
-	{ VK_DELETE, "DELE" },
-	{ VK_HELP, "" },
-	{ VK_KEY_0, "AE10" },
-	{ VK_KEY_1, "AE01" },
-	{ VK_KEY_2, "AE02" },
-	{ VK_KEY_3, "AE03" },
-	{ VK_KEY_4, "AE04" },
-	{ VK_KEY_5, "AE05" },
-	{ VK_KEY_6, "AE06" },
-	{ VK_KEY_7, "AE07" },
-	{ VK_KEY_8, "AE08" },
-	{ VK_KEY_9, "AE09" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ VK_KEY_A, "AC01" },
-	{ VK_KEY_B, "AB05" },
-	{ VK_KEY_C, "AB03" },
-	{ VK_KEY_D, "AC03" },
-	{ VK_KEY_E, "AD03" },
-	{ VK_KEY_F, "AC04" },
-	{ VK_KEY_G, "AC05" },
-	{ VK_KEY_H, "AC06" },
-	{ VK_KEY_I, "AD08" },
-	{ VK_KEY_J, "AC07" },
-	{ VK_KEY_K, "AC08" },
-	{ VK_KEY_L, "AC09" },
-	{ VK_KEY_M, "AB07" },
-	{ VK_KEY_N, "AB06" },
-	{ VK_KEY_O, "AD09" },
-	{ VK_KEY_P, "AD10" },
-	{ VK_KEY_Q, "AD01" },
-	{ VK_KEY_R, "AD04" },
-	{ VK_KEY_S, "AC02" },
-	{ VK_KEY_T, "AD05" },
-	{ VK_KEY_U, "AD07" },
-	{ VK_KEY_V, "AB04" },
-	{ VK_KEY_W, "AD02" },
-	{ VK_KEY_X, "AB02" },
-	{ VK_KEY_Y, "AD06" },
-	{ VK_KEY_Z, "AB01" },
-	{ VK_LWIN, "LWIN" },
-	{ VK_RWIN, "RWIN" },
-	{ VK_APPS, "COMP" },
-	{ 0, "" },
-	{ VK_SLEEP, "" },
-	{ VK_NUMPAD0, "KP0" },
-	{ VK_NUMPAD1, "KP1" },
-	{ VK_NUMPAD2, "KP2" },
-	{ VK_NUMPAD3, "KP3" },
-	{ VK_NUMPAD4, "KP4" },
-	{ VK_NUMPAD5, "KP5" },
-	{ VK_NUMPAD6, "KP6" },
-	{ VK_NUMPAD7, "KP7" },
-	{ VK_NUMPAD8, "KP8" },
-	{ VK_NUMPAD9, "KP9" },
-	{ VK_MULTIPLY, "KPMU" },
-	{ VK_ADD, "KPAD" },
-	{ VK_SEPARATOR, "" },
-	{ VK_SUBTRACT, "KPSU" },
-	{ VK_DECIMAL, "KPDL" },
-	{ VK_DIVIDE, "KPDV" },
-	{ VK_F1, "FK01" },
-	{ VK_F2, "FK02" },
-	{ VK_F3, "FK03" },
-	{ VK_F4, "FK04" },
-	{ VK_F5, "FK05" },
-	{ VK_F6, "FK06" },
-	{ VK_F7, "FK07" },
-	{ VK_F8, "FK08" },
-	{ VK_F9, "FK09" },
-	{ VK_F10, "FK10" },
-	{ VK_F11, "FK11" },
-	{ VK_F12, "FK12" },
-	{ VK_F13, "" },
-	{ VK_F14, "" },
-	{ VK_F15, "" },
-	{ VK_F16, "" },
-	{ VK_F17, "" },
-	{ VK_F18, "" },
-	{ VK_F19, "" },
-	{ VK_F20, "" },
-	{ VK_F21, "" },
-	{ VK_F22, "" },
-	{ VK_F23, "" },
-	{ VK_F24, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ VK_NUMLOCK, "NMLK" },
-	{ VK_SCROLL, "SCLK" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ VK_LSHIFT, "" },
-	{ VK_RSHIFT, "RTSH" },
-	{ VK_LCONTROL, "LCTL" },
-	{ VK_RCONTROL, "RCTL" },
-	{ VK_LMENU, "" },
-	{ VK_RMENU, "RALT" },
-	{ VK_BROWSER_BACK, "" },
-	{ VK_BROWSER_FORWARD, "" },
-	{ VK_BROWSER_REFRESH, "" },
-	{ VK_BROWSER_STOP, "" },
-	{ VK_BROWSER_SEARCH, "" },
-	{ VK_BROWSER_FAVORITES, "" },
-	{ VK_BROWSER_HOME, "" },
-	{ VK_VOLUME_MUTE, "" },
-	{ VK_VOLUME_DOWN, "" },
-	{ VK_VOLUME_UP, "" },
-	{ VK_MEDIA_NEXT_TRACK, "" },
-	{ VK_MEDIA_PREV_TRACK, "" },
-	{ VK_MEDIA_STOP, "" },
-	{ VK_MEDIA_PLAY_PAUSE, "" },
-	{ VK_LAUNCH_MAIL, "" },
-	{ VK_MEDIA_SELECT, "" },
-	{ VK_LAUNCH_APP1, "" },
-	{ VK_LAUNCH_APP2, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ VK_OEM_1, "AC10" },
-	{ VK_OEM_PLUS, "AE12" },
-	{ VK_OEM_COMMA, "AB08" },
-	{ VK_OEM_MINUS, "AE11" },
-	{ VK_OEM_PERIOD, "AB09" },
-	{ VK_OEM_2, "AB10" },
-	{ VK_OEM_3, "TLDE" },
-	{ VK_ABNT_C1, "AB11" },
-	{ VK_ABNT_C2, "I129" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ VK_OEM_4, "AD11" },
-	{ VK_OEM_5, "BKSL" },
-	{ VK_OEM_6, "AD12" },
-	{ VK_OEM_7, "AC11" },
-	{ VK_OEM_8, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ VK_OEM_102, "LSGT" },
-	{ 0, "" },
-	{ 0, "" },
-	{ VK_PROCESSKEY, "" },
-	{ 0, "" },
-	{ VK_PACKET, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ 0, "" },
-	{ VK_ATTN, "" },
-	{ VK_CRSEL, "" },
-	{ VK_EXSEL, "" },
-	{ VK_EREOF, "" },
-	{ VK_PLAY, "" },
-	{ VK_ZOOM, "" },
-	{ VK_NONAME, "" },
-	{ VK_PA1, "" },
-	{ VK_OEM_CLEAR, "" },
+	{ 0, "", "" },
+	{ 0, "", "" }, /* VK_LBUTTON */
+	{ 0, "", "" }, /* VK_RBUTTON */
+	{ 0, "", "" }, /* VK_CANCEL */
+	{ 0, "", "" }, /* VK_MBUTTON */
+	{ 0, "", "" }, /* VK_XBUTTON1 */
+	{ 0, "", "" }, /* VK_XBUTTON2 */
+	{ 0, "", "" },
+	{ VK_BACK, "BKSP" }, /* VK_BACK */
+	{ VK_TAB, "TAB" }, /* VK_TAB */
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" }, /* VK_CLEAR */
+	{ VK_RETURN, "RTRN", "KPEN" }, /* VK_RETURN */
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ VK_SHIFT, "LFSH" }, /* VK_SHIFT */
+	{ VK_CONTROL, "" }, /* VK_CONTROL */
+	{ VK_MENU, "LALT" }, /* VK_MENU */
+	{ 0, "", "PAUS" }, /* VK_PAUSE */
+	{ VK_CAPITAL, "CAPS" }, /* VK_CAPITAL */
+	{ 0, "", "" }, /* VK_KANA / VK_HANGUL */
+	{ 0, "", "" },
+	{ 0, "", "" }, /* VK_JUNJA */
+	{ 0, "", "" }, /* VK_FINAL */
+	{ 0, "", "" }, /* VK_HANJA / VK_KANJI */
+	{ 0, "", "" },
+	{ VK_ESCAPE, "ESC" }, /* VK_ESCAPE */
+	{ 0, "", "" }, /* VK_CONVERT */
+	{ 0, "", "" }, /* VK_NONCONVERT */
+	{ 0, "", "" }, /* VK_ACCEPT */
+	{ 0, "", "" }, /* VK_MODECHANGE */
+	{ VK_SPACE, "SPCE" }, /* VK_SPACE */
+	{ 0, "", "PGUP" }, /* VK_PRIOR */
+	{ 0, "", "PGDN" }, /* VK_NEXT */
+	{ 0, "", "END" }, /* VK_END */
+	{ 0, "", "HOME" }, /* VK_HOME */
+	{ 0, "", "LEFT" }, /* VK_LEFT */
+	{ 0, "", "UP" }, /* VK_UP */
+	{ 0, "", "RGHT" }, /* VK_RIGHT */
+	{ 0, "", "DOWN" }, /* VK_DOWN */
+	{ 0, "", "" }, /* VK_SELECT */
+	{ 0, "", "PRSC" }, /* VK_PRINT */
+	{ 0, "", "" }, /* VK_EXECUTE */
+	{ 0, "", "" }, /* VK_SNAPSHOT */
+	{ 0, "", "INS" }, /* VK_INSERT */
+	{ 0, "", "DELE" }, /* VK_DELETE */
+	{ 0, "", "" }, /* VK_HELP */
+	{ VK_KEY_0, "AE10" }, /* VK_KEY_0 */
+	{ VK_KEY_1, "AE01" }, /* VK_KEY_1 */
+	{ VK_KEY_2, "AE02" }, /* VK_KEY_2 */
+	{ VK_KEY_3, "AE03" }, /* VK_KEY_3 */
+	{ VK_KEY_4, "AE04" }, /* VK_KEY_4 */
+	{ VK_KEY_5, "AE05" }, /* VK_KEY_5 */
+	{ VK_KEY_6, "AE06" }, /* VK_KEY_6 */
+	{ VK_KEY_7, "AE07" }, /* VK_KEY_7 */
+	{ VK_KEY_8, "AE08" }, /* VK_KEY_8 */
+	{ VK_KEY_9, "AE09" }, /* VK_KEY_9 */
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ VK_KEY_A, "AC01" }, /* VK_KEY_A */
+	{ VK_KEY_B, "AB05" }, /* VK_KEY_B */
+	{ VK_KEY_C, "AB03" }, /* VK_KEY_C */
+	{ VK_KEY_D, "AC03" }, /* VK_KEY_D */
+	{ VK_KEY_E, "AD03" }, /* VK_KEY_E */
+	{ VK_KEY_F, "AC04" }, /* VK_KEY_F */
+	{ VK_KEY_G, "AC05" }, /* VK_KEY_G */
+	{ VK_KEY_H, "AC06" }, /* VK_KEY_H */
+	{ VK_KEY_I, "AD08" }, /* VK_KEY_I */
+	{ VK_KEY_J, "AC07" }, /* VK_KEY_J */
+	{ VK_KEY_K, "AC08" }, /* VK_KEY_K */
+	{ VK_KEY_L, "AC09" }, /* VK_KEY_L */
+	{ VK_KEY_M, "AB07" }, /* VK_KEY_M */
+	{ VK_KEY_N, "AB06" }, /* VK_KEY_N */
+	{ VK_KEY_O, "AD09" }, /* VK_KEY_O */
+	{ VK_KEY_P, "AD10" }, /* VK_KEY_P */
+	{ VK_KEY_Q, "AD01" }, /* VK_KEY_Q */
+	{ VK_KEY_R, "AD04" }, /* VK_KEY_R */
+	{ VK_KEY_S, "AC02" }, /* VK_KEY_S */
+	{ VK_KEY_T, "AD05" }, /* VK_KEY_T */
+	{ VK_KEY_U, "AD07" }, /* VK_KEY_U */
+	{ VK_KEY_V, "AB04" }, /* VK_KEY_V */
+	{ VK_KEY_W, "AD02" }, /* VK_KEY_W */
+	{ VK_KEY_X, "AB02" }, /* VK_KEY_X */
+	{ VK_KEY_Y, "AD06" }, /* VK_KEY_Y */
+	{ VK_KEY_Z, "AB01" }, /* VK_KEY_Z */
+	{ 0, "", "LWIN" }, /* VK_LWIN */
+	{ 0, "", "RWIN" }, /* VK_RWIN */
+	{ 0, "", "COMP" }, /* VK_APPS */
+	{ 0, "", "" },
+	{ 0, "", "" }, /* VK_SLEEP */
+	{ VK_NUMPAD0, "KP0" }, /* VK_NUMPAD0 */
+	{ VK_NUMPAD1, "KP1" }, /* VK_NUMPAD1 */
+	{ VK_NUMPAD2, "KP2" }, /* VK_NUMPAD2 */
+	{ VK_NUMPAD3, "KP3" }, /* VK_NUMPAD3 */
+	{ VK_NUMPAD4, "KP4" }, /* VK_NUMPAD4 */
+	{ VK_NUMPAD5, "KP5" }, /* VK_NUMPAD5 */
+	{ VK_NUMPAD6, "KP6" }, /* VK_NUMPAD6 */
+	{ VK_NUMPAD7, "KP7" }, /* VK_NUMPAD7 */
+	{ VK_NUMPAD8, "KP8" }, /* VK_NUMPAD8 */
+	{ VK_NUMPAD9, "KP9" }, /* VK_NUMPAD9 */
+	{ VK_MULTIPLY, "KPMU" }, /* VK_MULTIPLY */
+	{ VK_ADD, "KPAD" }, /* VK_ADD */
+	{ 0, "", "" }, /* VK_SEPARATOR */
+	{ VK_SUBTRACT, "KPSU" }, /* VK_SUBTRACT */
+	{ VK_DECIMAL, "KPDL" }, /* VK_DECIMAL */
+	{ VK_DIVIDE, "AB10", "KPDV" }, /* VK_DIVIDE */
+	{ VK_F1, "FK01" }, /* VK_F1 */
+	{ VK_F2, "FK02" }, /* VK_F2 */
+	{ VK_F3, "FK03" }, /* VK_F3 */
+	{ VK_F4, "FK04" }, /* VK_F4 */
+	{ VK_F5, "FK05" }, /* VK_F5 */
+	{ VK_F6, "FK06" }, /* VK_F6 */
+	{ VK_F7, "FK07" }, /* VK_F7 */
+	{ VK_F8, "FK08" }, /* VK_F8 */
+	{ VK_F9, "FK09" }, /* VK_F9 */
+	{ VK_F10, "FK10" }, /* VK_F10 */
+	{ VK_F11, "FK11" }, /* VK_F11 */
+	{ VK_F12, "FK12" }, /* VK_F12 */
+	{ 0, "", "" }, /* VK_F13 */
+	{ 0, "", "" }, /* VK_F14 */
+	{ 0, "", "" }, /* VK_F15 */
+	{ 0, "", "" }, /* VK_F16 */
+	{ 0, "", "" }, /* VK_F17 */
+	{ 0, "", "" }, /* VK_F18 */
+	{ 0, "", "" }, /* VK_F19 */
+	{ 0, "", "" }, /* VK_F20 */
+	{ 0, "", "" }, /* VK_F21 */
+	{ 0, "", "" }, /* VK_F22 */
+	{ 0, "", "" }, /* VK_F23 */
+	{ 0, "", "" }, /* VK_F24 */
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ VK_NUMLOCK, "NMLK" }, /* VK_NUMLOCK */
+	{ VK_SCROLL, "SCLK" }, /* VK_SCROLL */
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ VK_LSHIFT, "" }, /* VK_LSHIFT */
+	{ VK_RSHIFT, "RTSH" }, /* VK_RSHIFT */
+	{ VK_LCONTROL, "LCTL" }, /* VK_LCONTROL */
+	{ 0, "", "RCTL" }, /* VK_RCONTROL */
+	{ VK_LMENU, "" }, /* VK_LMENU */
+	{ 0, "", "RALT" }, /* VK_RMENU */
+	{ 0, "", "" }, /* VK_BROWSER_BACK */
+	{ 0, "", "" }, /* VK_BROWSER_FORWARD */
+	{ 0, "", "" }, /* VK_BROWSER_REFRESH */
+	{ 0, "", "" }, /* VK_BROWSER_STOP */
+	{ 0, "", "" }, /* VK_BROWSER_SEARCH */
+	{ 0, "", "" }, /* VK_BROWSER_FAVORITES */
+	{ 0, "", "" }, /* VK_BROWSER_HOME */
+	{ 0, "", "" }, /* VK_VOLUME_MUTE */
+	{ 0, "", "" }, /* VK_VOLUME_DOWN */
+	{ 0, "", "" }, /* VK_VOLUME_UP */
+	{ 0, "", "" }, /* VK_MEDIA_NEXT_TRACK */
+	{ 0, "", "" }, /* VK_MEDIA_PREV_TRACK */
+	{ 0, "", "" }, /* VK_MEDIA_STOP */
+	{ 0, "", "" }, /* VK_MEDIA_PLAY_PAUSE */
+	{ 0, "", "" }, /* VK_LAUNCH_MAIL */
+	{ 0, "", "" }, /* VK_MEDIA_SELECT */
+	{ 0, "", "" }, /* VK_LAUNCH_APP1 */
+	{ 0, "", "" }, /* VK_LAUNCH_APP2 */
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ VK_OEM_1, "AC10" }, /* VK_OEM_1 */
+	{ VK_OEM_PLUS, "AE12" }, /* VK_OEM_PLUS */
+	{ VK_OEM_COMMA, "AB08" }, /* VK_OEM_COMMA */
+	{ VK_OEM_MINUS, "AE11" }, /* VK_OEM_MINUS */
+	{ VK_OEM_PERIOD, "AB09" }, /* VK_OEM_PERIOD */
+	{ VK_OEM_2, "AB10" }, /* VK_OEM_2 */
+	{ VK_OEM_3, "TLDE" }, /* VK_OEM_3 */
+	{ VK_ABNT_C1, "AB11" }, /* VK_ABNT_C1 */
+	{ VK_ABNT_C2, "I129" }, /* VK_ABNT_C2 */
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ VK_OEM_4, "AD11" }, /* VK_OEM_4 */
+	{ VK_OEM_5, "BKSL" }, /* VK_OEM_5 */
+	{ VK_OEM_6, "AD12" }, /* VK_OEM_6 */
+	{ VK_OEM_7, "AC11" }, /* VK_OEM_7 */
+	{ 0, "", "" }, /* VK_OEM_8 */
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ VK_OEM_102, "LSGT" }, /* VK_OEM_102 */
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" }, /* VK_PROCESSKEY */
+	{ 0, "", "" },
+	{ 0, "", "" }, /* VK_PACKET */
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" },
+	{ 0, "", "" }, /* VK_ATTN */
+	{ 0, "", "" }, /* VK_CRSEL */
+	{ 0, "", "" }, /* VK_EXSEL */
+	{ 0, "", "" }, /* VK_EREOF */
+	{ 0, "", "" }, /* VK_PLAY */
+	{ 0, "", "" }, /* VK_ZOOM */
+	{ 0, "", "" }, /* VK_NONAME */
+	{ 0, "", "" }, /* VK_PA1 */
+	{ 0, "", "" }, /* VK_OEM_CLEAR */
 	{ 0, "" }
 };
 
@@ -409,6 +409,7 @@ int freerdp_keyboard_load_map_from_xkb(void* display)
 	int i, j;
 	boolean found;
 	XkbDescPtr xkb;
+	boolean extended;
 	boolean status = false;
 
 	if (display && (xkb = XkbGetMap(display, 0, XkbUseCoreKbd)))
@@ -420,6 +421,7 @@ int freerdp_keyboard_load_map_from_xkb(void* display)
 			for (i = xkb->min_key_code; i <= xkb->max_key_code; i++)
 			{
 				found = false;
+				extended = false;
 				memcpy(xkb_keyname, xkb->names->keys[i].name, 4);
 
 				for (j = 0; j < 256; j++)
@@ -428,6 +430,17 @@ int freerdp_keyboard_load_map_from_xkb(void* display)
 					{
 						if (!strcmp(xkb_keyname, VIRTUAL_KEY_CODE_TO_XKB_KEY_NAME_TABLE[j].xkb_keyname))
 						{
+							extended = false;
+							found = true;
+							break;
+						}
+					}
+
+					if (VIRTUAL_KEY_CODE_TO_XKB_KEY_NAME_TABLE[j].xkb_keyname_extended)
+					{
+						if (!strcmp(xkb_keyname, VIRTUAL_KEY_CODE_TO_XKB_KEY_NAME_TABLE[j].xkb_keyname_extended))
+						{
+							extended = true;
 							found = true;
 							break;
 						}
@@ -437,14 +450,22 @@ int freerdp_keyboard_load_map_from_xkb(void* display)
 				if (found)
 				{
 					uint32 vkcode = VIRTUAL_KEY_CODE_TO_XKB_KEY_NAME_TABLE[j].vkcode;
+					uint32 scancode = VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode];
 
-					X11_KEYCODE_TO_RDP_SCANCODE[i].code = VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode].code;
-					X11_KEYCODE_TO_RDP_SCANCODE[i].extended = VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode].extended;
+					DEBUG_KBD("%4s: keycode: 0x%02X -> vkcode: 0x%02X -> rdp scancode: 0x%02X %s",
+							xkb_keyname, i, vkcode, scancode, extended ? " extended" : "");
 
-					if (X11_KEYCODE_TO_RDP_SCANCODE[i].extended)
-						RDP_SCANCODE_TO_X11_KEYCODE[VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode].code][1] = i;
+					X11_KEYCODE_TO_RDP_SCANCODE[i].code = scancode;
+					X11_KEYCODE_TO_RDP_SCANCODE[i].extended = extended;
+
+					if (extended)
+						RDP_SCANCODE_TO_X11_KEYCODE[scancode][1] = i;
 					else
-						RDP_SCANCODE_TO_X11_KEYCODE[VIRTUAL_KEY_CODE_TO_RDP_SCANCODE_TABLE[vkcode].code][0] = i;
+						RDP_SCANCODE_TO_X11_KEYCODE[scancode][0] = i;
+				}
+				else
+				{
+					DEBUG_KBD("%4s: keycode: 0x%02X -> no RDP scancode found", xkb_keyname, i);
 				}
 			}
 

libfreerdp-locale/keyboard_xkb.h

@@ -27,6 +27,7 @@ struct _VIRTUAL_KEY_CODE_TO_XKB_KEY_NAME
 {
 	uint32 vkcode; /* virtual key code */
 	const char* xkb_keyname; /* XKB keyname */
+	const char* xkb_keyname_extended; /* XKB keyname (extended) */
 };
 typedef struct _VIRTUAL_KEY_CODE_TO_XKB_KEY_NAME VIRTUAL_KEY_CODE_TO_XKB_KEY_NAME;
 

libfreerdp-utils/args.c

@@ -101,6 +101,7 @@ int freerdp_parse_args(rdpSettings* settings, int argc, char** argv,
 				"  --ntlm: force NTLM authentication protocol version (1 or 2)\n"
 				"  --ignore-certificate: ignore verification of logon certificate\n"
 				"  --sec: force protocol security (rdp, tls or nla)\n"
+				"  --kbd-list: list all keyboard layout ids used by -k\n"
 				"  --salted-checksum: use salted checksums with Standard RDP encryption\n"
 				"  --version: print version information\n"
 				"\n", argv[0]);

server/X11/xf_peer.c

@@ -627,8 +627,7 @@ void* xf_peer_main_loop(void* arg)
 	settings->cert_file = freerdp_construct_path(server_file_path, "server.crt");
 	settings->privatekey_file = freerdp_construct_path(server_file_path, "server.key");
 
-	//settings->nla_security = false;
-	settings->nla_security = true;
+	settings->nla_security = false;
 
 	settings->rfx_codec = true;