Merge pull request #784 from bmiklautz/1.0-stable

1.0 stability fixes

client/X11/xfreerdp.1.xml

@@ -288,6 +288,26 @@
           </para>
         </listitem>
       </varlistentry>
+      <varlistentry>
+        <term>--authonly</term>
+        <listitem>
+          <para>
+            Only authenticates. This is useful to test your credentials (username and password).
+						Returns status code 0 if the client can connect, 1 otherwise. Requires a username,
+						password and connection host at the command line.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>--from-stdin</term>
+        <listitem>
+          <para>
+						Prompts for unspecified arguments -u username, -p password, -d domain and connection host.
+						This is useful to hide arguments from ps. Also useful for scripts that will feed these arguments
+						to the client via (what else?) stdin.
+          </para>
+        </listitem>
+      </varlistentry>
       <varlistentry>
         <term>--no-fastpath</term>
         <listitem>

client/X11/xfreerdp.c

@@ -516,6 +516,21 @@ boolean xf_pre_connect(freerdp* instance)
 
 	freerdp_channels_pre_connect(xfi->_context->channels, instance);
 
+  if (settings->authentication_only) {
+		/* Check --authonly has a username and password. */
+		if (settings->username == NULL ) {
+			fprintf(stderr, "--authonly, but no -u username. Please provide one.\n");
+			exit(1);
+		}
+		if (settings->password == NULL ) {
+			fprintf(stderr, "--authonly, but no -p password. Please provide one.\n");
+			exit(1);
+		}
+		fprintf(stderr, "%s:%d: Authenication only. Don't connect to X.\n", __FILE__, __LINE__);
+		// Avoid XWindows initialization and configuration below.
+		return true;
+	}
+
 	xfi->display = XOpenDisplay(NULL);
 
 	if (xfi->display == NULL)
@@ -743,7 +758,7 @@ boolean xf_authenticate(freerdp* instance, char** username, char** password, cha
 {
 	*password = xmalloc(password_size * sizeof(char));
 
-	if (freerdp_passphrase_read("Password: ", *password, password_size) == NULL)
+	if (freerdp_passphrase_read("Password: ", *password, password_size, instance->settings->from_stdin) == NULL)
 		return false;
 
 	return true;

include/freerdp/settings.h

@@ -270,7 +270,16 @@ struct rdp_settings
 	boolean compression; /* 59 */
 	uint32 performance_flags; /* 60 */
 	rdpBlob* password_cookie; /* 61 */
-	uint32 paddingC[80 - 62]; /* 62 */
+	char* kerberos_kdc; /* 62 */
+	char* kerberos_realm; /* 63 */
+	boolean ts_gateway; /* 64 */
+	char* tsg_hostname; /* 65 */
+	char* tsg_username; /* 66 */
+	char* tsg_password; /* 67 */
+	boolean local; /* 68 */
+	boolean authentication_only; /* 69 */
+	boolean from_stdin; /* 70 */
+	uint32 paddingC[80 - 71]; /* 71 */
 
 	/* User Interface Parameters */
 	boolean sw_gdi; /* 80 */

include/freerdp/utils/passphrase.h

@@ -23,6 +23,6 @@
 #include <stdlib.h>
 #include <freerdp/api.h>
 
-FREERDP_API char* freerdp_passphrase_read(const char* prompt, char* buf, size_t bufsiz);
+FREERDP_API char* freerdp_passphrase_read(const char* prompt, char* buf, size_t bufsiz, int from_stdin);
 
 #endif /* __UTILS_PASSPHRASE_H */

libfreerdp-core/freerdp.c

@@ -35,8 +35,6 @@ boolean freerdp_connect(freerdp* instance)
 
 	rdp = instance->context->rdp;
 
-	extension_pre_connect(rdp->extension);
-
 	IFCALLRET(instance->PreConnect, status, instance);
 
 	if (status != true)
@@ -45,6 +43,9 @@ boolean freerdp_connect(freerdp* instance)
 		return false;
 	}
 
+	rdp->extension = extension_new(instance);
+	extension_pre_connect(rdp->extension);
+
 	status = rdp_client_connect(rdp);
 
 	if (status)

libfreerdp-core/rdp.c

@@ -878,7 +878,7 @@ rdpRdp* rdp_new(freerdp* instance)
 		rdp->settings = settings_new((void*) instance);
 		if (instance != NULL)
 			instance->settings = rdp->settings;
-		rdp->extension = extension_new(instance);
+
 		rdp->transport = transport_new(rdp->settings);
 		rdp->license = license_new(rdp);
 		rdp->input = input_new(rdp);

libfreerdp-core/settings.c

@@ -72,6 +72,8 @@ rdpSettings* settings_new(void* instance)
 		settings->encryption_level = ENCRYPTION_LEVEL_NONE;
 
 		settings->authentication = true;
+		settings->authentication_only = false;
+		settings->from_stdin = false;
 
 		settings->order_support[NEG_DSTBLT_INDEX] = true;
 		settings->order_support[NEG_PATBLT_INDEX] = true;

libfreerdp-utils/args.c

@@ -22,10 +22,36 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
 #include <freerdp/settings.h>
 #include <freerdp/utils/print.h>
 #include <freerdp/utils/memory.h>
 #include <freerdp/utils/args.h>
+#include <freerdp/utils/passphrase.h>
+
+
+void freerdp_parse_hostname(rdpSettings* settings, char* hostname) {
+	char* p;
+	if (hostname[0] == '[' && (p = strchr(hostname, ']'))
+			&& (p[1] == 0 || (p[1] == ':' && !strchr(p + 2, ':')))) {
+			/* Either "[...]" or "[...]:..." with at most one : after the brackets */
+		settings->hostname = xstrdup(hostname + 1);
+		if ((p = strchr((char*)settings->hostname, ']'))) {
+			*p = 0;
+			if (p[1] == ':')
+				settings->port = atoi(p + 2);
+		}
+	} else {
+		/* Port number is cut off and used if exactly one : in the string */
+		settings->hostname = xstrdup(hostname);
+		if ((p = strchr((char*)settings->hostname, ':')) && !strchr(p + 1, ':')) {
+			*p = 0;
+			settings->port = atoi(p + 1);
+		}
+	}
+}
+
+
 
 /**
  * Parse command-line arguments and update rdpSettings members accordingly.
@@ -82,6 +108,8 @@ int freerdp_parse_args(rdpSettings* settings, int argc, char** argv,
 				"  --app: RemoteApp connection. This implies -g workarea\n"
 				"  --ext: load an extension\n"
 				"  --no-auth: disable authentication\n"
+				"  --authonly: authentication only, no UI\n"
+				"  --from-stdin: unspecified username, password, domain and hostname params are prompted\n"
 				"  --no-fastpath: disable fast-path\n"
 				"  --gdi: graphics rendering (hw, sw)\n"
 				"  --no-osb: disable offscreen bitmaps\n"
@@ -302,6 +330,14 @@ int freerdp_parse_args(rdpSettings* settings, int argc, char** argv,
 		{
 			settings->authentication = false;
 		}
+		else if (strcmp("--authonly", argv[index]) == 0)
+		{
+			settings->authentication_only = true;
+		}
+		else if (strcmp("--from-stdin", argv[index]) == 0)
+		{
+			settings->from_stdin = true;
+		}
 		else if (strcmp("--ignore-certificate", argv[index]) == 0)
 		{
 			settings->ignore_certificate = true;
@@ -633,28 +669,8 @@ int freerdp_parse_args(rdpSettings* settings, int argc, char** argv,
 		}
 		else if (argv[index][0] != '-')
 		{
-			if (argv[index][0] == '[' && (p = strchr(argv[index], ']'))
-				&& (p[1] == 0 || (p[1] == ':' && !strchr(p + 2, ':'))))
-			{
-				/* Either "[...]" or "[...]:..." with at most one : after the brackets */
-				settings->hostname = xstrdup(argv[index] + 1);
-				if ((p = strchr((char*)settings->hostname, ']')))
-				{
-					*p = 0;
-					if (p[1] == ':')
-						settings->port = atoi(p + 2);
-				}
-			}
-			else
-			{
-				/* Port number is cut off and used if exactly one : in the string */
-				settings->hostname = xstrdup(argv[index]);
-				if ((p = strchr((char*)settings->hostname, ':')) && !strchr(p + 1, ':'))
-				{
-					*p = 0;
-					settings->port = atoi(p + 1);
-				}
-			}
+			freerdp_parse_hostname(settings, argv[index]);
+
 			/* server is the last argument for the current session. arguments
 			   followed will be parsed for the next session. */
 			index++;
@@ -677,7 +693,8 @@ int freerdp_parse_args(rdpSettings* settings, int argc, char** argv,
 			if (settings->disable_theming)
 				settings->performance_flags |= PERF_DISABLE_THEMING;
 
-			return index;
+			break; /* post process missing arguments */
+
 		}
 		else
 		{
@@ -695,6 +712,65 @@ int freerdp_parse_args(rdpSettings* settings, int argc, char** argv,
 		}
 		index++;
 	}
-	printf("missing server name\n");
-	return FREERDP_ARGS_PARSE_FAILURE;
+
+
+	/* --from-stdin will prompt for missing arguments only.
+		 You can prompt for username, password, domain and hostname to avoid disclosing
+		 these settings to ps. */
+
+	if (settings->from_stdin) {
+		/* username */
+		if (NULL == settings->username) {
+			char input[512];
+			input[0] = '\0';
+			printf("username: ");
+			if (scanf("%511s", input) > 0) {
+				settings->username = xstrdup(input);
+			}
+		}
+		/* password */
+		if (NULL == settings->password) {
+			settings->password = xmalloc(512 * sizeof(char));
+			if (isatty(STDIN_FILENO))
+				freerdp_passphrase_read("password: ", settings->password, 512, settings->from_stdin);
+			else {
+				printf("password: ");
+				if (scanf("%511s", settings->password) <= 0) {
+					free(settings->password);
+					settings->password = NULL;
+				}
+			}
+		}
+		/* domain */
+		if (NULL == settings->domain) {
+			char input[512];
+			input[0] = '\0';
+			printf("domain (control-D to skip): ");
+			if (scanf("%511s", input) > 0) {
+				/* Try to catch the cases where the string is NULL-ish right
+				   at the get go */
+				if (input[0] != '\0' && !(input[0] == '.' && input[1] == '\0')) {
+					settings->domain = xstrdup(input);
+				}
+			}
+		}
+		/* hostname */
+		if (NULL == settings->hostname) {
+			char input[512];
+			input[0] = '\0';
+			printf("hostname: ");
+			if (scanf("%511s", input) > 0) {
+				freerdp_parse_hostname(settings, input);
+			}
+		}
+	}
+
+	/* Must have a hostname. Do you? */
+	if (NULL == settings->hostname) {
+		printf("missing server name\n");
+		return FREERDP_ARGS_PARSE_FAILURE;
+	} else {
+		return index;
+	}
+
 }

libfreerdp-utils/passphrase.c

@@ -20,7 +20,7 @@
 #include <errno.h>
 #include <freerdp/utils/passphrase.h>
 #ifdef _WIN32
-char* freerdp_passphrase_read(const char* prompt, char* buf, size_t bufsiz)
+char* freerdp_passphrase_read(const char* prompt, char* buf, size_t bufsiz, int from_stdin)
 {
 	errno=ENOSYS;
 	return NULL;
@@ -34,7 +34,7 @@ char* freerdp_passphrase_read(const char* prompt, char* buf, size_t bufsiz)
 #include <unistd.h>
 #include <freerdp/utils/signal.h>
 
-char* freerdp_passphrase_read(const char* prompt, char* buf, size_t bufsiz)
+char* freerdp_passphrase_read(const char* prompt, char* buf, size_t bufsiz, int from_stdin)
 {
 	char read_char;
 	char* buf_iter;
@@ -50,7 +50,7 @@ char* freerdp_passphrase_read(const char* prompt, char* buf, size_t bufsiz)
 	}
 
 	ctermid(term_name);
-	if(strcmp(term_name, "") == 0
+	if(from_stdin || strcmp(term_name, "") == 0
 		|| (term_file = open(term_name, O_RDWR)) == -1)
 	{
 		write_file = STDERR_FILENO;

libfreerdp-utils/registry.c

@@ -140,13 +140,6 @@ void registry_init(rdpRegistry* registry)
 
 	registry->available = true;
 
-	if (home_path == NULL)
-	{
-		printf("could not get home path\n");
-		registry->available = false;
-		return;
-	}
-
 	registry->home = (char*) xstrdup(home_path);
 	printf("home path: %s\n", registry->home);
 

libfreerdp-utils/svc_plugin.c

@@ -144,6 +144,15 @@ static void svc_plugin_process_received(rdpSvcPlugin* plugin, void* pData, uint3
 {
 	STREAM* data_in;
 	svc_data_in_item* item;
+	
+	if ( (dataFlags & CHANNEL_FLAG_SUSPEND) || (dataFlags & CHANNEL_FLAG_RESUME))
+	{
+		/* According to MS-RDPBCGR 2.2.6.1, "All virtual channel traffic MUST be suspended.
+		This flag is only valid in server-to-client virtual channel traffic. It MUST be
+		ignored in client-to-server data." Thus it would be best practice to cease data
+		transmission. However, simply returing here avoids a crash. */
+		return;
+	}
 
 	if (dataFlags & CHANNEL_FLAG_FIRST)
 	{