* Keep BUILD_TESTING, but only run tests compatible with API (for
packaging)
* Add BUILD_TESTING_INTERNAL for all tests including internal function
tests that modify API to be run on our CI
* Disable clang-tidy in test build directories
* Disable compiler warnings for test binary directories.
These contain generated code we can not change, so the warnings are just noise
Split settings, there was a double use for AutoReconnectEnabled.
AutoReconnectEnabled is a setting responsible for client side
autoreconnection.
AutoReconnectPacketSupported is a flag set by the server to announce
support for AutoReconnectPacket allowing fast reconnect.
* use dynamic logger in RDG
* honor [MS-TSGU] 2.2.9.2.1.5.2 TSG_REDIRECTION_FLAGS
* honor [MS-TSGU] 2.2.10.16 HTTP_TUNNEL_AUTH_RESPONSE
HTTP_TUNNEL_AUTH_RESPONSE_FIELD_REDIR_FLAGS flag
* add setting GatewayIgnoreRedirectionPolicy to ignore the gateway
policy if desired
The previous code was assuming that the host name used for doing AAD was
ServerHostname parameter. But when you connect directly to Azure hosts you most
likely connect by IP and use short name for the AAD host, so you need to be able
to give ServerHostname=<IP of host> and AadServerHostname=<shortname>.
Adds support for server-side remote credential guard in NLA. When enabled that allows
the remote user to connect without shipping credentials in TSCred packets. Instead
it will send his TGT encoded with a TGS from the remote server. This way the server
is able to populate that TGT in a local credential cache without knowing the user's
password.
The patch only treats the NLA part and does not contain the associated RDPEAR channel
that allows to have the complete interaction to retrieve new access tokens.
Under windows you can connect to a child session by requesting a named pipe to
the local server, and then do some RDP on this named pipe.
The protocol is like for /vmconnect with CredSSP, then Nego and then the "normal"
workflow for a connection. For CredSSP we force the usage of NTLM for the Negociate
SSPI, and the credentials are empty.
All clients can implement their own callbacks for
certificate/credential/smartcard/... but there is a common (default)
implementation for all clients.
with the new setting FreeRDP_UseCommonStdioCallbacks it is now possible
to force these over the client implementation provided ones
This PR creates a new /gateway:type:arm transport.
It depends on CJSON
The arm transport is not a transport by itself but is responsible
for getting the websocket endpoint from a configuration url derived from
the configured gateway host in the rdpw file or cmdline
