fifthdegree
304ce6d702
Test base64url en/decoding
...
Add tests for base64url and fix a bug discovered while doing that
2023-03-10 16:38:07 +01:00
akallabeth
429c361435
[core,aad] fix cJSON usage
2023-03-10 16:38:07 +01:00
fifthdegree
f4431cdc8c
fixup! Implement support for RDS AAD
2023-03-10 16:38:07 +01:00
fifthdegree
7f54770fd0
fixup! Implement support for RDS AAD
2023-03-10 16:38:07 +01:00
akallabeth
af2a74cbbb
[core,aad] refactor aad parser
...
* split functions into smaller elements
* improve return code checks
* add log messages for error results
2023-03-10 16:38:07 +01:00
akallabeth
0af370c04b
[core,aad] use dynamic logger
2023-03-10 16:38:07 +01:00
akallabeth
157d71e802
[core,aad] migrate to cJSON parser library
2023-03-10 16:38:07 +01:00
akallabeth
c5406d79c5
[core,aad] typedef AAD_STATE
2023-03-10 16:38:07 +01:00
akallabeth
3d9eaf59dc
[core,aad] typedef AAD_STATE
2023-03-10 16:38:07 +01:00
akallabeth
2117cdcb0f
[core,transport] rewritten aad transport read
...
use a do {} while loop to make it easier to read.
2023-03-10 16:38:07 +01:00
akallabeth
f5423caace
[auth,aad] add freerdp* argument to callback
2023-03-10 16:38:07 +01:00
fifthdegree
4cbfa006f2
Implement support for RDS AAD
...
Have a working implementation of the RDS AAD enhanced security mechanism
for Azure AD logons
2023-03-10 16:38:07 +01:00
fifthdegree
5df4d4c934
Implement a basic JSON parser
2023-03-10 16:38:07 +01:00
fifthdegree
8d6c92c037
Implement base64url encoding/decoding
...
Tweak the base64 functions to allow for encoding and decoding base64url
as well
2023-03-10 16:38:07 +01:00
Armin Novak
85cff3a7dc
[server,proxy] fix private/public library linking
2023-03-10 11:40:08 +01:00
Armin Novak
c23dc3ba9d
[CMake] Fix use of BUILD_SHARED_LIBS
...
the option is named BUILD_SHARED_LIBS and not CMAKE_BUILD_SHARED_LIBS
2023-03-10 11:40:08 +01:00
Armin Novak
6e5307c037
[client,common] fix on off option parsing
...
* Return an enum to allow evaluation of what option was provided
* fix /sec:nla and /sec:nla:on behaviour.
2023-03-10 11:40:08 +01:00
Martin Fleisz
384642f95f
core: Fix sending incorrect GUID in RDSTLS auth request
...
The spec states that the GUID must be sent as a Base64-encoded GUID in
Unicode format. However in the redirection code we read the (correctly
formatted) GUID and convert it to a binary BLOB.
This PR removes the unnecessary conversion which now results in a
correct RDSTLS auth request.
It also removes some dead code in `rdstls_write_data`.
2023-03-09 14:29:41 +01:00
Armin Novak
1580daecbc
[core,rdstls] fix uninitialized wStream
2023-03-09 11:17:37 +01:00
Armin Novak
ec60ebaf37
[core] parse whole wStream instead of current
2023-03-09 11:17:37 +01:00
Armin Novak
5c49fae477
[core,transport] split pdu parser function
...
split according to which PDU type is being parsed.
2023-03-09 11:17:37 +01:00
Joan Torres
5bcc5326d0
[core,rdstls] fix rdstls_parse_pdu
...
When this function returns <= 0 the caller was considering it a pduLength
creating a bug.
Also fixed length calculation on some rdstls pdu types.
2023-03-09 11:17:37 +01:00
Joan Torres
b469f53c43
[core,transport] check for rdstls == NULL on accept_rdstls too
2023-03-09 11:17:37 +01:00
akallabeth
151baa9ae5
[client,sdl] fix va_arg casts to match void* size
2023-03-09 11:17:37 +01:00
akallabeth
22f5bd48c4
[client,wayland] fix function arguments to match
...
the function pointer expected different arguments from the one provided.
2023-03-09 11:17:37 +01:00
akallabeth
387dcd4001
[client,sdl] fix missing type cast
2023-03-09 11:17:37 +01:00
akallabeth
d56487717f
[core,redirection] fix const warnings
2023-03-09 11:17:37 +01:00
akallabeth
6646ff9eb0
[client,common] fix wrong arguments for file clipboard
2023-03-09 11:17:37 +01:00
akallabeth
41cb69b135
[winpr,stream] fix Stream_Read_UTF16_String
...
Fix wrong arguments for stream length check
2023-03-09 11:17:37 +01:00
akallabeth
34c056e163
[core,smartcard] fix WCHAR compare, use _wcscmp
2023-03-09 11:17:37 +01:00
akallabeth
4154bc500e
[core,transport] check for rdstls == NULL
2023-03-09 11:17:37 +01:00
Martin Fleisz
093bf79837
common:: Fix const issues with current rdp file API
2023-03-08 14:08:34 +01:00
akallabeth
9a51f3b77b
[core,rdstls] log state checks
...
when checking expected states print a proper log message when the
requirement is not met
2023-03-08 14:05:00 +01:00
akallabeth
bc1d291b44
[core,rdstls] add state transition checks and logs
2023-03-08 14:05:00 +01:00
akallabeth
adbecf71c6
[core,rdstls] use dynamic logger
2023-03-08 14:05:00 +01:00
akallabeth
0dc59f3a41
[core,rdstls] hide rdstls parsing
...
* move rdstls specific code from transport_parse_pdu to rdstls_parse_pdu
* hide rdstls implementation details
2023-03-08 14:05:00 +01:00
Joan Torres
c7f214435e
[core,transport] use modern stream funcs on transport_parse_pdu
2023-03-08 14:05:00 +01:00
Joan Torres
d3eab544bd
[core,rdstls] validate state transitions
2023-03-08 14:05:00 +01:00
akallabeth
15b5026260
[core,rdstls] rdstls_read_data no heap
...
do not allocate and copy the returned data, just return a pointer in the
stream and the length of the data.
2023-03-08 14:05:00 +01:00
akallabeth
f5a8da4f62
[core,rdstls] ensure stream length on empy return
2023-03-08 14:05:00 +01:00
Joan Torres
7c24da917e
Add RDSTLS security protocol
...
The client tries to connect using RDSTLS only when it has received a
server redirection PDU with LB_PASSWORD_IS_ENCRYPTED flag.
The server exposes RDSTLS on negotiation if it has been configured on settings.
Then authenticates a client using configured credentials from settings:
RedirectionGuid, Username, Domain, Password.
2023-03-08 14:05:00 +01:00
Armin Novak
49f44303b1
[server,shadow] clean up certificate generation
2023-03-08 13:07:20 +01:00
Armin Novak
00f8cd350b
[server,shadow] abort on invalid key/certificate
2023-03-08 13:07:20 +01:00
Joan Torres
689bf6daab
[core,nla]: Fix using password from redirection
...
If a client reconnects on redirection process and uses NLA authentication,
the client was using the old password because it wasn't setting
usePassword to false.
With this commit the client will use the new password.
2023-03-08 08:36:42 +01:00
Joan Torres
5f8e64f89c
[core,connection]: Fix load balance setting on redirection
...
The routing token is already set for the nego on rdp_client_connect func.
2023-03-08 08:36:42 +01:00
Joan Torres
8c998e67f3
[core,redirection]: Debug redirection fields ordered
2023-03-08 08:36:42 +01:00
Martin Fleisz
ee06d70bfe
common: Fix handling of networkautodetect rdp file setting
...
According to
https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/rdp-files#session-behavior
both, `bandwidthautodetect` and `networkautodetect` are now enabled with
a value of 1 and disabled with a value of 0.
Earlier rdp files interpreted the `networkautodetect` setting inverted.
2023-03-07 15:42:40 +01:00
Martin Fleisz
b3ae857805
common: Minor code cleanup of rdp file handling
...
This PR contains various changes to rdp file handling:
The old code had a strange mixture of handling settings. When loading a
file every line of the file was cached in `rdpFile::lines`. Sometimes
functions would operate on these cached lines, sometimes they would
operate on the actual values in the `rdpFile` instance.
On the other hand if an `rdpFile` instance was created from
`rdpSettings`, this line cache simply did not exist, causing functions
to behave differently, depending on whether the instance was created by
reading a file or by populating it from `rdpSettings`.
The new implementation has now a single way of accessing values (
`find_integer_entry`/`find_string_entry`) and the `rdpFile::lines` data
is used to handle unknown settings.
The PR also adds some argument checking and assertions.
2023-03-07 15:42:40 +01:00
Armin Novak
f01aaab35a
[client,x11] fix variable shadow
2023-03-07 07:51:52 +01:00
Armin Novak
c016562478
[client,x11] enable XSync with debug builds
2023-03-07 07:51:52 +01:00