Commit Graph

1919 Commits

Author SHA1 Message Date
Armin Novak
e8c8e7b6d0 Updated EGFX support to 10.6 2019-02-27 16:36:15 +01:00
Armin Novak
69f4c4b4af Fixed version magic mismatch with [MS-RDPBCGR] 2019-02-27 16:30:55 +01:00
Armin Novak
0560ba0910 Fixed mixing of remote application mode requested and feature mask. 2019-02-20 08:45:36 +01:00
Armin Novak
aacf5bddc4 Updated rail channel, supporting all new messages. 2019-02-19 15:04:11 +01:00
Armin Novak
6a1ff5c485 Fixed compiler warnings #5210 2019-01-29 16:22:46 +01:00
Armin Novak
9d680904cc Fixed compiler warnings #5210 2019-01-29 16:14:55 +01:00
David Fort
70805402be
Merge pull request #5140 from akallabeth/print_custom_component
Added callback to handle printer custom components in printer backend.
2019-01-29 15:18:53 +01:00
David Fort
53c74beadc rdp: add a callback for ServerStatusInfo 2019-01-29 10:33:06 +01:00
David Fort
05d9d89796
Merge pull request #5149 from akallabeth/cert_deny
New option to disable user certificate dialog
2019-01-25 16:59:33 +01:00
MartinHaimberger
0f68ed390c
Merge pull request #5150 from akallabeth/gw_consent_callback
Fix #1195: Implement callback for Gateway Messages
2019-01-25 12:33:18 +01:00
Armin Novak
728cdfd689 Fixed warnings found by compiler and static analysis. 2019-01-24 11:53:52 +01:00
Armin Novak
65812bdbc0 Clipboard data pointer arguments are now const. 2019-01-23 16:55:13 +01:00
David Fort
f4b7a27c2b license: implement server-side management
Add server-side management of the licensing workflow. The default
behaviour is to accept the client, but if a server wants to implement
full licensing support as in MS-RDPELE it is possible by defining a callback.
2019-01-21 09:57:15 +01:00
Armin Novak
b60045af27 New option to disable user certificate dialog
The new option +cert-deny aborts a connection automatically if
the certificate can not be validated by OpenSSL or via known hosts.
2018-12-14 10:17:52 +01:00
Armin Novak
192680a001 Added callback to handle printer custom components in printer backend. 2018-12-12 10:57:53 +01:00
Armin Novak
8ddabd2654 Fix #1195: Implement callback for Gateway Messages 2018-12-11 15:24:24 +01:00
Armin Novak
ac702e073d Updated settings.h 2018-12-07 15:22:28 +01:00
Armin Novak
56156d217e Floatbar self contained. 2018-12-07 15:22:28 +01:00
Martin Fleisz
d0688f058b
Merge pull request #5102 from akallabeth/rail_cleanups
Cleaned up xf_rail_server_handshake
2018-12-07 11:28:22 +01:00
Martin Fleisz
8c7f8eb395
Merge pull request #5085 from akallabeth/cert_callbacks_update
Refactored Certificate callbacks (but keep compatible)
2018-12-06 10:08:17 +01:00
Martin Fleisz
7db6ac063a
Merge pull request #5036 from akallabeth/auth_fixes
Refactor NEGO NLA and redirection to use opaque handles
2018-12-05 11:20:34 +01:00
Armin Novak
e49adfc51a Updated error info from spec. 2018-12-05 10:55:06 +01:00
Armin Novak
f5e449a4f8 Cleaned up xf_rail_server_handshake 2018-12-05 09:13:04 +01:00
Martin Fleisz
df6d045f45
Merge pull request #5087 from hardening/remotefx_chunks
remotefx: don't require data messages to come all in one chunk
2018-12-04 16:40:44 +01:00
David Fort
579a13b054 remotefx: don't require data messages to come all in one chunk
The spec doesn't require that FRAME_BEGIN, REGION, TILESET, and FRAME_END come all in one
chunk. This patch adds the necessary state saving.
A unitary test is also added.
2018-12-04 11:38:01 +01:00
Armin Novak
e04c319d21 Added new default certificate callbacks with extended information.
The extended information provided by VerifyCertificateEx and
VerifyChangedCertificateEx is now exploited by the new functions
client_cli_verify_certificate_ex and client_cli_verify_changed_certificate_ex.

The old callbacks now print out deprecation warnings to inform the
user and developer about this deprecation.
2018-12-04 09:35:24 +01:00
Armin Novak
a8823fdf95 Cleaned up certificate verification code. 2018-12-04 09:35:24 +01:00
Armin Novak
7ab07ab980 Added certificate callbacks with source indications. 2018-12-04 09:35:24 +01:00
Armin Novak
dd3276d664 Prefer VerifyX509Certificate and fixed const arguments
If VerifyX509Certificate is set use it also when doing internal
certificate management. Added flags to ensure it is possible to
find out which type of connection is being made.
2018-12-04 09:35:24 +01:00
Armin Novak
2e019b2fd1 Implemented GFX locking and enforce return value checks.
To fix #4825 GFX functions must now aquire a lock before accessing surfaces.
This prevents simultaneous update of internal data by client and gfx threads.
Also enforce return value checks, where not already done.
2018-11-29 11:55:27 +01:00
Armin Novak
c8908c8be6 Updated windows shadow server assistance usage. 2018-11-22 11:11:31 +01:00
Armin Novak
6de2129a90 assistance v2 support 2018-11-22 11:11:31 +01:00
Armin Novak
d1112c279b Fixed CVE-2018-8788
Thanks to Eyal Itkin from Check Point Software Technologies.
2018-11-20 11:08:31 +01:00
Armin Novak
602f4a2e14 Fixed CVE-2018-8785
Thanks to Eyal Itkin from Check Point Software Technologies.
2018-11-20 11:08:31 +01:00
Armin Novak
d75c464dbd Fixed signed/unsigned warnings. 2018-11-19 17:25:19 +01:00
Armin Novak
75d532f87c Fixed glyph cache bounds setting. 2018-11-19 13:58:53 +01:00
akallabeth
b6eca4fc54 signed gdi regions to adjust negative coordinates 2018-11-19 12:52:43 +01:00
Martin Fleisz
b216520d5b
Merge pull request #5021 from akallabeth/profiler_api_rework
Fixed profiler API
2018-11-19 10:20:52 +01:00
Armin Novak
d2e1248b09 Fixed profiler API
* Duplicate the name internally to avoid issues with stack
* Made API opaque and removed direct dereferencing of struct.
2018-11-16 09:32:15 +01:00
Armin Novak
c0b13cf43f Added checks for order type window support. 2018-11-15 09:52:50 +01:00
akallabeth
268a2c0cf8
Merge pull request #4979 from hardening/CAL
license: support CAL license
2018-11-14 13:45:31 +01:00
Armin Novak
138eb13fea Updated RDP_VERSION definitions. 2018-11-14 10:14:48 +01:00
David Fort
b6e6575bf6 license: support CAL license
This patch simplifies the licensing code mutualizing encryption / decryption
routines. It also adds the support for client_info packet that allows to send a
previously saved CAL file.
2018-11-13 09:42:19 +01:00
Bernhard Miklautz
c5c1bac31a
Merge pull request #4960 from akallabeth/interleaved_fix
Fixed #4954: Check destination buffer bounds.
2018-11-09 12:25:55 +00:00
Armin Novak
9e2c203771 Fixed various issues with freerdp_bitmap_compress and interleaved_compress 2018-11-08 17:21:28 +01:00
Bernhard Miklautz
1222e7060b new [crypto/tls]: add support to set tls security level
The newly introduced option /tls-seclevel can be used to set the tls
security level on systems with openssl >= 1.1.0 or libressl.
As default level 1 is used as higher levels might prohibit connections
to older systems.
2018-11-08 11:13:15 +01:00
Armin Novak
9633e4576d Fixed signedness of MoniorCount 2018-10-25 14:08:20 +02:00
Armin Novak
5ea4a7d3b0 Proper order checks. 2018-10-16 15:56:17 +02:00
Armin Novak
f88ed950d3 Fixed various issues with primary orders. 2018-10-15 14:30:58 +02:00
Martin Fleisz
00af869cd3
Merge pull request #4889 from akallabeth/shadow_server_audin_refactor
Shadow server audin refactor
2018-10-08 12:56:09 +02:00
David Fort
2e1bf90bd9
Merge pull request #4885 from akallabeth/autoreconnect_handle_window_events
Fixed #3423: Process xevents when in reconnect mode.
2018-10-03 09:42:16 +02:00
Armin Novak
c60ab7d068 fixed stuff 2018-09-26 12:49:52 +02:00
Armin Novak
2cf0662559 Unified format support for rdpsnd. 2018-09-26 12:49:52 +02:00
Armin Novak
26ef8c9b3b Added export define. 2018-09-26 12:49:09 +02:00
Armin Novak
40dae15cff Moved server-common to public header. 2018-09-26 12:49:09 +02:00
Armin Novak
d56efaae8b Fixed server format selection. 2018-09-26 12:49:09 +02:00
Armin Novak
16531e1437 Fixed server audin callback, provide more information. 2018-09-26 12:49:09 +02:00
Armin Novak
5aa4b702c0 Fixed dst_format 2018-09-26 12:49:09 +02:00
Armin Novak
d513f184e9 Fixed shadow server callbacks. 2018-09-26 12:49:09 +02:00
Armin Novak
106dde9571 Working mic redirection for shadow server. 2018-09-26 12:49:09 +02:00
Armin Novak
28efbbc01f Refactored audio_format* functions. 2018-09-26 12:49:09 +02:00
akallabeth
0b8a66188c
Merge pull request #4865 from mmattes/feature/floatbar
Feature/floatbar for X11
2018-09-25 16:34:20 +02:00
Armin Novak
dab5770fed Added microphone support to shadow server. 2018-09-25 11:14:10 +02:00
Armin Novak
51f97f2d3e Fixed #3423: Process xevents when in reconnect mode.
Fixed crashes due to unloaded disp channel in reconnect mode.
2018-09-24 16:24:32 +02:00
Armin Novak
897c0c72a7 Unified auto_reconnect functions for all clients. 2018-09-24 10:31:43 +02:00
akallabeth
30601608e4
Merge pull request #4855 from r-barnett/fix-logoff-exit-code
Map a particular disconnect situation triggered by a user logging off…
2018-09-20 12:07:36 +02:00
rbarnett
5d3e76bd80 Replace cryptic names; move the disconnect ultimatum reasons enum into public API and rename; remove setter 2018-09-19 09:36:39 -05:00
rbarnett
8458266183 Store the disconnect provider ulimatum reason in a new field in struct rdp_context and move the test for a logoff reason to xf_client.c 2018-09-18 15:31:10 -05:00
Markus Mattes
21e4804a7f implemented floatbar for x11 2018-09-18 21:25:51 +02:00
Martin Fleisz
0b7b9c0dc4
Merge pull request #4842 from akallabeth/smartcard_rdp_logon
Added /smartcard-logon option to set flag. (Stripped version of #4837…
2018-09-17 09:08:47 +02:00
Armin Novak
5819946b84 Fixed rail unicode string conversion and const correctness. 2018-09-14 10:04:16 +02:00
Armin Novak
0de43c8b85 Added /smartcard-logon option to set flag. (Stripped version of #4837 by @informatimago) 2018-09-04 15:50:03 +02:00
akallabeth
9e3b48e0fb
Merge pull request #4829 from informatimago/smartcard-logon-rdp--x509-certificate-info-extraction
Smartcard Logon: restructured x509 certificate info extraction; added extracting the UPN.
2018-08-27 14:33:09 +02:00
Pascal J. Bourguignon
63d00f6f81 Corrected the compatibility function names: crypto_cert_subject_alt_name and crypto_cert_subject_alt_name_free. 2018-08-27 13:51:30 +02:00
Pascal J. Bourguignon
79d2294a23 Put back deprecated function names crypto_cert_get_alt_names and crypto_cert_alt_names_free for FREERDP_API compatibility. 2018-08-24 15:20:03 +02:00
Pascal J. Bourguignon
469f9bf488 Smartcard Logon: restructured x509 certificate info extraction; added extracting the UPN. 2018-08-24 14:03:04 +02:00
Armin Novak
5b0b18ae71 Device name now const. 2018-08-24 13:40:36 +02:00
Martin Fleisz
0fb19d04be
Merge pull request #4810 from akallabeth/no_proxy_support
No proxy support
2018-08-24 11:41:58 +02:00
Martin Fleisz
f9e52c1850
Merge pull request #4815 from akallabeth/async_transport_remove
Removed +async-transport options
2018-08-24 09:48:51 +02:00
Armin Novak
b5df39756d Added option to ignore proxy env. 2018-08-23 17:02:43 +02:00
Armin Novak
c3a26b0d6a Removed +async-transport options
The async transport option is broken by design.
If used the main loop is called from the transport thread and the
main thread of the application.
Unless the transport layer is refactored to just work on queues
(input and output) this option will never work, therefore remove it.
2018-08-22 13:56:37 +02:00
Armin Novak
cc5e402cda Added command line option /redirect-prefer:<fqdn|ip|netbios>
Since redirection sometimes happens with internal DNS names that
are resolved different by outside DNS it must be possible to override
the preferred redirection hint.
2018-08-08 11:24:13 +02:00
Armin Novak
ec0a0fef2a Added const to function buffer pointers 2018-08-01 12:56:18 +02:00
Armin Novak
e8393a22e2 Remember if drive was added by automout. 2018-07-30 12:31:11 +02:00
Armin Novak
c9cebf6ed6 Remember accepted PEM cert to avoid unnecessary user input. 2018-07-10 11:27:58 +02:00
Armin Novak
398da7340b Added no or missing credentail error. 2018-07-05 16:12:52 +02:00
Martin Fleisz
a0fddd1747
Merge pull request #4530 from akallabeth/order_refactor
[leak fixes] Refactored order updates
2018-07-04 14:21:36 +02:00
David Fort
a1d9399ca0
Merge pull request #4724 from akallabeth/wave2_server
Wave2 server side support
2018-07-04 13:10:38 +02:00
Martin Fleisz
aaaee80151
Merge pull request #4700 from informatimago/rdpsettings-script
Rdpsettings script
2018-07-03 16:07:05 +02:00
Pascal J. Bourguignon
45841f8e67 Applied autoformat.sh manually to settings.h 2018-07-03 14:39:35 +02:00
Pascal J. Bourguignon
35477c35d8 Use tabs to indent the comment in rdp_settings too. 2018-07-03 13:33:05 +02:00
Armin Novak
373bfac9ab Added support for WAVE2 PDU in server side audio channel. 2018-07-02 16:20:39 +02:00
Armin Novak
9a47ce3f76 Fixed missing variable type 2018-06-19 16:57:45 +02:00
Armin Novak
273655a850 Follow up fix for #4631
Remember the callback state to avoid calling reerdp_channels_post_connect
before the corresponding client callback has benn called.
This might happen during redirection and reconnection.
2018-06-18 10:44:35 +02:00
Pascal J. Bourguignon
a7c4022554 Corrected update-rdpSettings according to PR comments.
Updated settings.h with it.
2018-06-06 17:08:52 +02:00
Pascal J. Bourguignon
118ce7f122 Aligned columns in rdpSettings structure declaration. 2018-06-06 14:56:07 +02:00
Armin Novak
5b961e9c75 Fixed /pth: Consistently treat the hash offset to password length. 2018-05-03 17:51:11 +02:00
David Fort
456b0e8934
Merge pull request #4453 from akallabeth/sound_channel_refactor
Sound channel refactoring
2018-05-03 11:56:58 +02:00
Martin Fleisz
31c804c349
Merge pull request #4603 from hardening/socksplus
SOCKS5 proxy support
2018-05-02 11:26:13 +02:00
David Fort
0f968b782c proxy: cleanup SOCKS support and add user/password support 2018-05-02 10:51:16 +02:00
Armin Novak
4e66972616 Fixed remaining global order buffers. 2018-05-02 08:54:21 +02:00
Armin Novak
e5767f07ac Refactored order updates
Unified order creation/copy/delete to avoid memory leaks.
2018-05-02 08:54:21 +02:00
Jiri Sasek
b1c1549ad1 SOCKS proxy support 2018-04-23 21:01:01 +02:00
Armin Novak
7af9ba9171 Refactored reconnect and redirect API
Reconnect and redirect share the same code on disconnect.
Move that to a single function and export it as it may be required
to terminate the session properly before reconnect is called.
2018-04-09 14:04:30 +02:00
Armin Novak
2c98d85a34 Fixed function pointer typedef formatting. 2018-04-05 13:14:16 +02:00
Armin Novak
3f712cab70 Fixed formatting of changed files. 2018-04-05 13:14:16 +02:00
Armin Novak
f89c1857b9 Rewrite of sound and microphone channels
The sound and microphone redirection channels (and in part TSMF)
did not properly decouple encoding/decoding from the backends used
to play/record sound.
Encapsulating encoding/decoding in rewritten freerdp_dsp_* functions
with variable backends, simplifying alsa/oss/pulse/... audio backends.
2018-04-05 13:14:16 +02:00
MartinHaimberger
1a8234c74d
Merge pull request #4472 from akallabeth/win_mouse_button
[WIN] Added additional mouse mappings.
2018-04-04 10:12:04 +02:00
Jakob Kaivo
3a1d70d9ba add support for the "pcb" block in .rdp files provided by Project Honolulu in the VM interface 2018-03-31 22:15:39 -04:00
Armin Novak
9bd13c25c9 Added WaitableTimer implementation for mac OS. 2018-03-12 13:39:21 +01:00
Armin Novak
d1fc0e92b5 Added additional mouse mappings. 2018-03-08 13:21:04 +01:00
Armin Novak
1f7d33a2f2 Fixed read/write of surface bits command.
The optional field exBitmapDataHeader of TS_ BITMAP_DATA_EX was ignored.
Read and expose the data (currently unused)
2018-03-01 11:38:59 +01:00
Martin Fleisz
3cfa837b0c
Merge pull request #4441 from akallabeth/paa
[cleanup] Support for gatewayaccesstoken / PAA
2018-02-19 17:28:32 +01:00
Armin Novak
1a902c249c Fix PROFILER_* macros
Add the semicolon to the macro to allow clean
undefinition if the profiler is not used.
This used to break VisualC compilers.
2018-02-15 11:30:38 +01:00
Jacco Braat
b592684734 Added to rdp file parsing: gatewayaccesstoken:s:<token>
Added to commandline parsing: /gat:<token>
Added GatewayAccessToken to sings
2018-02-15 10:56:57 +01:00
Armin Novak
fca5df8960 Fixed broken extern C 2018-02-14 11:18:26 +01:00
Armin Novak
af8286b976 Added missing FREERDP_API function export. 2018-02-13 10:52:53 +01:00
Armin Novak
c7d701bdf8 Added software decoding fallback for RDPVOR 2018-02-13 10:52:53 +01:00
David Fort
73bef4ca23 video, geometry: fixed geometry handling
It was not working when moving the video window.
2018-02-13 10:52:53 +01:00
David Fort
b8e3b232de video: mutualize things in the common channel code 2018-02-13 10:52:53 +01:00
David Fort
a07efb73ec video: an implementation of MS-RDPEVOR for X11
Implements the decoding of video streams using common H264 decoders. We also implement
a trivial feedback algorithm.

Sponsored by: Rangee GmbH (http://www.rangee.de)
2018-02-13 10:51:07 +01:00
David Fort
b84839b21c video: a skeleton for MS-RDPEVOR client
Basics for implementing the client side of the MS-RDPEVOR channel.

Sponsored by: Rangee GmbH (http://www.rangee.de)
2018-02-13 10:51:07 +01:00
David Fort
adac409d1b geometry: change the channel API to mutualize things
Try to mutualize things that are platform independant in the geometry client
channel.

Sponsored by: Rangee GmbH (http://www.rangee.de)
2018-02-13 10:51:07 +01:00
Armin Novak
c0ec81c3c7 Do not update client if output suppressed. 2018-02-08 11:59:00 +01:00
Armin Novak
fac61bf48b Use dynamic logger in MediaFoundation backend 2018-02-07 13:26:39 +01:00
Armin Novak
7adc384d9a Using dynamic logger for GFX-H264 backend. 2018-02-07 13:26:39 +01:00
Bernhard Miklautz
db8519fd8a
Merge pull request #4397 from SriRamanujam/vaapi
Use libavcodec's VA-API to accelerate H.264 decoding.
2018-02-07 12:56:31 +01:00
MartinHaimberger
175361b01a
Merge pull request #4394 from akallabeth/shadow_avc444
Added AVC444 chroma support to shadow server.
2018-02-07 10:30:26 +01:00
rim
6ce9fb5555 Fix: #define ConvertColor FreeRDPFreeRDPConvertColor -> FreeRDPConvertColor 2018-02-07 03:15:58 +03:00
Armin Novak
3b70d1178b Added AVC444 chroma support to shadow server. 2018-02-02 10:39:33 +01:00
Sri Ramanujam
bedc1ac4c6 Use libavcodec's VA-API decoding.
Leverages libavcodec's hw decode support to provide VA-API based
hardware decoding. Depends on the local build of ffmpeg having hardware
VA-API support compiled in and the appropriate libva drivers and
libraries installed.
2018-02-02 02:31:23 -05:00
Armin Novak
8f7bc7990f Added SSE optimized RGB to AVC444 frame split and test. 2018-01-30 11:17:16 +01:00
Armin Novak
dc3d536398 Changed length arguments and return to size_t 2018-01-17 08:14:06 +01:00
Armin Novak
23e1afb44a Added new and optimized YUV primitives.
* RGBToAVC444YUVv2: Split a RGB frame in luma and/or chroma v2 YUV420 frames
* RGBX specific versions of RGBToAVC444YUV and RGBToYUV420_8u_P3AC4R
2018-01-10 14:46:18 +01:00
akallabeth
4077d55a6c
Merge pull request #4332 from hardening/xrandr_and_fixes
Xrandr and fixes
2018-01-08 09:20:56 +01:00
David Fort
191b8f950f Fix for #4330
Since ec027bf dynamic resolution is broken when used with egfx. Before that commit
we were tracking a server sent resize by setting a DesktopResize callback. This callback
is called when the desktop is resized by the server. Anyway the problem was that when this
callback is called, the activation sequence is not always completed, which were leading to
some freeze with 2012r2 servers (sending packets before the sequence is finished).
So with the faulty commit, we are tracking server resizes by subscribing to the Actived
event, that is called at the end of a reactivation sequence, so we're sure to not send packets
when not fully activated.
Anyway the issue that shows on (#4330) is that when you use egfx, no reactivation sequence happens,
the server only sends a ResetGraphics message with the new size, and so we miss the resized event.
This fix introduces a new GraphicsReset event, makes the display channel subscribe to that event,
and react accordingly.
2017-12-23 13:50:54 +01:00
Armin Novak
cf899eb5ba Fix #4299: gdi_CRgnToRect
The coordinates from RDP ROP commands do not (always) have
0,0 as the origin of the drawing operation.
Adjust the coordinates to our local coordinate system.
2017-12-22 13:43:37 +01:00
Armin Novak
b293b17ac9 Added ROP to string functions for log messages. 2017-12-22 10:25:05 +01:00
David Fort
2a6c9e1b87 Add an activated event and a Timer event
Added an event that is triggered when the activation sequence is finished.
We also define a timer event that is neat to have for regular operation.
2017-12-19 15:21:15 +01:00
akallabeth
71fd6f3116
Merge pull request #4313 from hardening/dyn_res_update
disp: implement dynamic resolution for X11
2017-12-19 13:49:02 +01:00
David Fort
80dab90f1a disp: implement dynamic resolution for X11
If the display channel is available we use it to allow the user to resize the
xfreerdp window. When the window is resized we announce a new monitor layout and
the server reacts by doing a reactivation sequence to the new size.
The minimum window size is limited to 300x300 as 2012 servers crash horribly
if we send them a smaller layout.
2017-12-14 15:13:11 +01:00
Bernhard Miklautz
1e6fea7fa7 fix channel/smartcard: simplify channel variables
Path was not really used and name was duplicated. Use the device->Name
directly.
2017-12-13 17:04:06 +01:00
Martin Fleisz
6aa914363a
Merge pull request #4301 from hardening/geometry
geometry: a skeleton for the MS-RDPEGT channel
2017-12-13 09:09:33 +01:00
David Fort
3b670703fb
Merge pull request #4277 from akallabeth/mac_server
Mac fixes
2017-12-12 10:40:14 +01:00
David Fort
a6cfd3c49a geometry: a skeleton for the MS-RDPEGT channel
The base for implementing the MS-RDPEGT client channel that allows to track window
geometry.
2017-12-08 11:26:29 +01:00
David Fort
e73da4a656 display control channel: add a callback called when we receive capabilities
We need a signal to know when the channel is ready and it's safe to send the
monitor layouts.
2017-12-01 14:19:39 +01:00
Armin Novak
2cc64298f2 Fix #4281: Added option to prefer IPv6 over IPv4 2017-11-27 11:43:54 +01:00
Armin Novak
57958cb178 Fixed #3810: Renamed color functions 2017-11-24 13:21:43 +01:00
Brent Collins
d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode.
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
2017-11-17 12:43:06 +01:00
Armin Novak
8c2bd951ae Allow printing of custom arguments in help. 2017-11-15 15:25:34 +01:00