Split settings, there was a double use for AutoReconnectEnabled.
AutoReconnectEnabled is a setting responsible for client side
autoreconnection.
AutoReconnectPacketSupported is a flag set by the server to announce
support for AutoReconnectPacket allowing fast reconnect.
* use dynamic logger in RDG
* honor [MS-TSGU] 2.2.9.2.1.5.2 TSG_REDIRECTION_FLAGS
* honor [MS-TSGU] 2.2.10.16 HTTP_TUNNEL_AUTH_RESPONSE
HTTP_TUNNEL_AUTH_RESPONSE_FIELD_REDIR_FLAGS flag
* add setting GatewayIgnoreRedirectionPolicy to ignore the gateway
policy if desired
The ArrayList, HashTable, ... New functions require
void* (*fkt)(const void* ptr) type functions. Provide a generic wrapper
for CHAR and WCHAR strdup to eliminate warnings. Also export a
corresponding free function to avoid issues with runtime
differences.
The previous code was assuming that the host name used for doing AAD was
ServerHostname parameter. But when you connect directly to Azure hosts you most
likely connect by IP and use short name for the AAD host, so you need to be able
to give ServerHostname=<IP of host> and AadServerHostname=<shortname>.
* use enum types for settings getter/setter to have compiler check if
keys are valid
* generate enum types from struct at compile time
* CMake option WITH_OPAQUE_SETTINGS to hide rdpStruct implementation
from external projects
Adds support for server-side remote credential guard in NLA. When enabled that allows
the remote user to connect without shipping credentials in TSCred packets. Instead
it will send his TGT encoded with a TGS from the remote server. This way the server
is able to populate that TGT in a local credential cache without knowing the user's
password.
The patch only treats the NLA part and does not contain the associated RDPEAR channel
that allows to have the complete interaction to retrieve new access tokens.
Under windows you can connect to a child session by requesting a named pipe to
the local server, and then do some RDP on this named pipe.
The protocol is like for /vmconnect with CredSSP, then Nego and then the "normal"
workflow for a connection. For CredSSP we force the usage of NTLM for the Negociate
SSPI, and the credentials are empty.
akallabeth