Commit Graph

2317 Commits

Author SHA1 Message Date
Armin Novak
3e3ed445b4 [client,file] add rdgiskdcproxy to settings
Adds a new option FreeRDP_KerberosRdgIsKdc to manually set the KDC url
to the gateway server url
2022-12-06 14:07:53 +01:00
akallabeth
ca5684c968 [settings,caps] Removed ColorPointerFlag
* The setting is obsolete and can be replaced by a constant
* Only check the receive function for proper value and print a warning
2022-12-06 09:08:12 +01:00
akallabeth
97fd183d39 [core,settings] Added ColorPointerCacheSize 2022-12-06 09:08:12 +01:00
Armin Novak
ff266e9575 furter added settings documentation 2022-12-02 15:25:08 +01:00
akallabeth
d898f04e41 [core,settings] Added settings function docs
* Document settings functions
* Make rdpSettings* checks more uniform
2022-12-02 15:25:08 +01:00
David Fort
d59c0a49c3 proxy: fix channel shift between front and back
When some channels are filtered, some misalignement of channel ids could happen.
This patch keeps track of the back and front channel ids to correctly identify a
channel and send packets with the correct channel id.
2022-11-30 11:38:08 +01:00
akallabeth
2ac2f43503 [freerdp,settings] Add UTF16 helper functions
This new function allows get or set settings as WCHAR
string directly. Converts the string automatically from/to utf-8
internally
2022-11-28 10:42:36 +01:00
Armin Novak
c5e425242a [settings] Typo in GatewayHttpExtAuthSspiNtlm 2022-11-23 11:19:21 +01:00
Armin Novak
7b95014157 [winpr,crypto] Split crypto header renamed
* Renamed custom winpr crypto function header
* Added compatiblity header
2022-11-23 09:39:56 +01:00
akallabeth
c2bd2c8617 [server,proxy] fix const correctness
pf_context_create_client_context only creates a copy of the rdpSettings,
so just make the pointer const.
2022-11-22 15:30:31 +01:00
akarl10
3a10bcd36a [ntlm]: use rfc5929 binding hash algorithm
rfc5929 mandates some specific hashes for the binding algorithm
2022-11-21 13:27:08 +01:00
Armin Novak
8de60f9472 Fixed -Wextra-semi-stmt 2022-11-21 10:12:31 +01:00
akarl10
b1583d56c0 [rdg] implementation of http_extauth_sspi_ntlm 2022-11-16 20:28:53 +01:00
akallabeth
d83f70bc32 [core,transport] event handle for transportIO
With the latest client changes the internal event loop requires a handle
to wait on. Add a new function to (re)set the newly added transport event handle.
2022-11-16 15:32:32 +01:00
David Fort
4461144031 autodetect: prepare for multi-transport
Autodetect packets can be transported either in TCP TPKT packets or be contained
in multi-transport subheaders (transported on UDP). These changes do the appropriate
modifications so that in further developments we can take the transport type in account
when treating / writing these packets.
2022-11-16 11:50:46 +01:00
akallabeth
33827cb920 Updated RDP state machine
* More detailed states
* Better transition checks
* No more recursive calling of state machine functions
2022-11-11 11:51:27 +01:00
Armin Novak
325c03501e [gfx] Added new UpdateWindowFromSurface callback
* Adds a new callback and settings in gdiGfxSurface to allow updating
  a window directly from surface bitmap data
* Adds new BOOL in gdiGfxSurface windowMapped and
  handleInUpdateSurfaceArea to control where surface data update is
  being handled
2022-11-11 06:42:45 +01:00
Armin Novak
6a0df205b0 [proxy] add mouse ex and unicode event filters 2022-11-06 19:12:27 +01:00
akallabeth
498635a317 Added new functions to test validity of MCS
* freerdp_is_valid_mcs_create_request
* freerdp_is_valid_mcs_create_response
2022-11-04 14:46:58 +01:00
akallabeth
7d67adbc54 Refactored licensing module
* Make the whole module opaque for easier testing
2022-11-03 17:02:47 +01:00
akallabeth
3af13a0fb2 Add proper read/write for ordersupportflags et al
* Add new settings for OrderSupportFlags, OrderSupportFlagsEx,
  TerminalDescriptor and TextANSICodePage
* Add proper read/write routines for the new settings
* Add proper default values for the new settings
2022-11-03 17:02:15 +01:00
Armin Novak
7cef0cb8d6 Refactored capability parsing
* Add new settings for previously ignored capability options
* Store raw capability data in settings for later use
* Add function to extract settings from raw capability data
* Split capability read/write from client/server logic (e.g. enforce
  limits, ...)
2022-11-03 17:02:15 +01:00
akallabeth
108b8a47ba Refactored autodetect code
* Added assertions
* Eliminated warnings
* Eliminated unnecessary allocations
2022-11-03 11:56:12 +01:00
akallabeth
58599c91a3 Add setting name for invalid function access
Try to be helpful and resolve the settings index with a readable
name if possible to help diagnose wrong function use
2022-10-27 10:46:58 +02:00
fifthdegree
cbd310df52 Check smartcard certificates for correct EKU
To be used for login, smartcard certificates must have the Microsoft
Smart Card Logon EKU
2022-10-24 22:22:00 +02:00
Armin Novak
4b9c8e6393 Updated keyboard list API 2022-10-19 20:31:53 +02:00
fifthdegree
eb04eb0008 Support using smartcard for gateway authentication 2022-10-19 18:55:38 +02:00
fifthdegree
e847f159a6 Try to use the smartcard key name Windows uses
Windows expects the containerName field in TSSmartCardCreds to be what
it would use for a smartcard key's name. Try to accomodate that (at
least for PIV and GIDS cards).
2022-10-19 18:55:38 +02:00
fifthdegree
9d0beaccae smartcardlogon: choose a single smartcard to use
Require a single smartcard certificate to be chosen and define a
callback to choose when more than one is available.
2022-10-19 18:55:38 +02:00
Marc-André Moreau
e3594c91dc Add UserSpecifiedServerName setting, /server-name command-line parameter 2022-10-14 17:59:57 -04:00
David Fort
57d2a27980 fix smartcard listing
This commit fixes various bugs that I've noticed on some windows systems with
smartcards that contains multiple certificates:

* With some drivers if you retrieve the ATR while enumerating the NCrypt keys, it seems to
confuse the NCrypt key context (and you're unable to retrieve certificate property). As
we don't use the ATR, let's remove the ATR retrieval.
* if don't give any user or domain on the command line, in settings you get User=Domain=NULL,
but if you pass /u:user, you get User="user" and Domain = ""(empty string not NULL). The
smartcard filtering by user/domain was not ready for that.
2022-10-14 12:05:16 +02:00
akallabeth
6a2626498b Disable channel builds if -DWITH_CHANNEL=OFF 2022-10-13 14:38:06 +02:00
akallabeth
b58dd122b2 Disable functions that require WITH_CHANNEL if not defined 2022-10-13 14:38:06 +02:00
akallabeth
a38d584bf1 Do not compile client functions for encomsp if channel deactivated 2022-10-13 12:12:24 +02:00
David Fort
f76c14c256 fix smartcard logon with smartcard emulation
When smartcard emulation was enabled we were dumping the key and cert to
temporary files for PKINIT call, but they were deleted before we have
actually done the PKINIT. This patch fixes it.

It also add debug statement for the listing of smartcard keys / certs.

This also fixes the listing of smartcard on certain windows configurations
were we have to force NCRYPT_SILENT when doing a NCryptOpenKey.
2022-10-13 12:03:58 +02:00
Marc-André Moreau
27a865af74 Add Negotiate SSPI authentication module filtering 2022-10-12 22:07:45 +02:00
Armin Novak
3cf0bb91d6 Updated supported RDP versions
* New defines for 10.8, 10.9, 10.10, 10.11 protocol versions
* New function returning a string representation of the protocol version
* Use 10.11 by default now
2022-10-12 21:42:12 +02:00
akallabeth
f56b93b243 Set fragment cache size to fixed 256 elements 2022-10-07 11:01:25 +02:00
akallabeth
60720e7706 Improved streamdump file format 2022-10-07 10:38:03 +02:00
David Fort
3947294ffb Adjust smartcard listing
When no CSP is provided, we were listing smartcard materials by querying the
MS_SCARD_PROV_A CSP, unfortunately on some windows hosts, the smartcards aren't
listed in that CSP. So this patch does the key listing by browsing all CSPs
instead of just a default one. You can still force a CSP and you'll get keys only
from this one.

This patch also address cases where the certificate on the smartcard doesn't
have a UPN attribute, if that happen we try to get a UPN from the email address.
2022-10-06 16:06:35 +02:00
Marc-André Moreau
b324e49131 rename KerberosKdc setting to KerberosKdcUrl 2022-09-30 19:33:12 +02:00
Joan Torres
d63f2324d1 Add support to send a ServerRedirection PDU. 2022-09-28 13:54:00 +02:00
akallabeth
d2ab631c40
Test uri fix (#8232)
* Fixed TestUri unit test

* Make proper unit test out of the test function
* Add proper test cases

* Replace FindFirstFileA with FindFirstFileW for addins

This allows addin paths to contain unicode symbols.

* Fixed parse_uri_to_local_file definition

* Move to common clipboard.c file
* Move to header file so it can be included in test case

* Added WINPR_LOCAL for test builds

This macro exports internal functions in case of a unit test build
This way unit tests can access these without other workarounds.

* Fixed typo in function name is_dos_driver

* Cleaned up FindFirstFileW call

Use a wrapper function to convert to unicode and call the function

* Cleaned up BUILD_TESTING and EXPORT_ALL_SYMBOLS

* EXPORT_ALL_SYMBOLS now does as the name implies and exports all
  non static functions/variables from the library.
* BUILD_TESTING now only sets the defines for test code and
  activates EXPORT_ALL_SYMBOLS to allow tests to access internal
  code

* Fixed windows client warnings

* disable CMAKE_WINDOWS_EXPORT_ALL_SYMBOLS
2022-09-26 11:22:02 +02:00
David Fort
ee9c9e7c48 Remove duplicated definitions for file constants 2022-09-21 09:03:45 +02:00
Simon Nivault
82b58325a3 Add switch to declare printer as default or not 2022-09-20 13:25:05 +02:00
garbb
940317282c remember participantId for use with assistance set control request 2022-09-19 09:41:45 +02:00
Armin Novak
707b9348ee Unify encomsp request control code 2022-09-13 09:22:41 +02:00
David Fort
942273e9cb
tls: add an option to dump tls secrets for wireshark decoding (#8120)
This new option /tls-secret-file:<file> allows to dump TLS secrets in a file with
the SSLKEYLOGFILE format. So this way you can setup the TLS dissector of wireshark
(Pre-Master-Secret log filename) and see the traffic in clear in wireshark.
It also add some more PFS ciphers to remove for netmon captures.
2022-08-16 10:40:32 +02:00
akallabeth
bf56a39e6f
Fixed #8090: Duplicate definition of strndup (#8102)
* Fixed #8090: Duplicate definition of strndup

* Moved strndup detection to winpr

Co-authored-by: Armin Novak <anovak@thincast.com>
2022-08-02 09:15:38 +02:00
David Fort
3478051f15 dynamic channels: mutualize things for listeners and plugins
The same code is copied in all dynamic channels to create a plugin, have a listener,
and manage the channel lifecycle. This patch does a mutualization effort so that channels
only have to code things that are specific to them.
2022-07-07 12:21:23 +00:00