Commit Graph

894 Commits

Author SHA1 Message Date
akallabeth
450f8a1d7e Fixed wrong define check
The deprecated command line must only be used if
WITH_FREERDP_DEPRECATED_COMMANDLINE is defined
2022-11-04 14:46:58 +01:00
Armin Novak
5306c3ec0a Write an error log if a PEM file can not be read. 2022-11-03 11:06:15 +01:00
Armin Novak
3dc5ac74a9 Fix parsing of smartcard options 2022-10-27 11:55:49 +02:00
Armin Novak
5e1d7c0f8d Unified comparisons
* Use option_starts_with for all checks
* Use option_ends_with for all checks
* Use option_equals for all comparisons
2022-10-27 11:36:58 +02:00
Armin Novak
fa1bbfe1bd Fixed on/off string length checks 2022-10-27 10:13:57 +02:00
Armin Novak
605ff25269 Fixed string size for keyboard option parser 2022-10-27 10:13:57 +02:00
akallabeth
967749d43f Unify command line deprecation warning log messages 2022-10-27 10:13:57 +02:00
akallabeth
e3528e3728 Unified /app-* command line arguments 2022-10-27 10:13:57 +02:00
akallabeth
f7850f08aa Added option WITH_FREERDP_DEPRECATED_COMMANDLINE_COMMANDLINE
This allows building deprecated command line options without adding
deprecated functions to the build.
2022-10-27 10:13:57 +02:00
akallabeth
55362225cc Unified /kbd-* command line options
The number of /kbd-* options grew too large, unify them under a
single /kbd:<option1>,<option2>,... setting
2022-10-27 10:13:57 +02:00
akallabeth
d1a736273e Added deprecation log messages, fixed on|off parsing for /sec 2022-10-27 10:13:57 +02:00
akallabeth
391199cbeb Unified /*-cache command line options
There were multiple options enabling/disabling cache features.
Unifed them all under a single /cache:<option1>,<option2>,...
2022-10-27 10:13:57 +02:00
akallabeth
41284f47e7 Unify /gfx options
* Deprecate all gfx-* options
* Extend argument parsing for /gfx:<option1>,<option2>,...
2022-10-27 10:13:57 +02:00
akallabeth
181debc3d1 Remove /tls:enforce:ssl3 option
SSL3 is deactivated during connect anyway, so do not expose the
option
2022-10-20 10:51:50 +02:00
akallabeth
ef6842d249 Fixed TLS1_3_VERSION check and parse_tls_seclevel
* Only add TLS1_3_VERSION to array if the SSL library build against
  has support for TLS 1.3
* Fix wrong parse function call for 'seclevel'
2022-10-20 10:51:50 +02:00
Armin Novak
187b553b97 Allow overriding TLS version
Now use a generic option to allow setting all possible SSL/TLS versions.
Use /tls:enforce:[ssl3|1.0|1.1|1.2|1.3] to set accordingly
2022-10-19 20:31:53 +02:00
Armin Novak
119b8d4474 Unified command line options to list something
There are various options to list smartcards, monitors, keyboard
settings. Unify them all under a single /list:<something> option
2022-10-19 20:31:53 +02:00
Armin Novak
7e82c9f19f Cleaned up functions printing information 2022-10-19 20:31:53 +02:00
Armin Novak
1f6476016d Update command line option /sec*
* Deprecate /sec-* flags
* Allow multiple arguments for /sec
2022-10-19 20:31:53 +02:00
Armin Novak
ed3bc5c51a Only enable deprecated commandline with WITH_FREERDP_DEPRECATED 2022-10-19 20:31:53 +02:00
Armin Novak
1c8bcbeb6a Added deprecation warnings to /cert-* options 2022-10-19 20:31:53 +02:00
Armin Novak
d357fa3237 Added a unified /tls: option
There are too many tls settings scattered over multiple different
switches. Add a unified option and deprecate the old ones
2022-10-19 20:31:53 +02:00
fifthdegree
eb04eb0008 Support using smartcard for gateway authentication 2022-10-19 18:55:38 +02:00
fifthdegree
e847f159a6 Try to use the smartcard key name Windows uses
Windows expects the containerName field in TSSmartCardCreds to be what
it would use for a smartcard key's name. Try to accomodate that (at
least for PIV and GIDS cards).
2022-10-19 18:55:38 +02:00
fifthdegree
9d0beaccae smartcardlogon: choose a single smartcard to use
Require a single smartcard certificate to be chosen and define a
callback to choose when more than one is available.
2022-10-19 18:55:38 +02:00
Marc-André Moreau
e3594c91dc Add UserSpecifiedServerName setting, /server-name command-line parameter 2022-10-14 17:59:57 -04:00
Armin Novak
be9cc98c08 Refactored cmdline common
* Add settings setter where possible
* Load dynamic sound channel alongside static one
* Load clipboard channel if requested
2022-10-13 14:48:40 +02:00
akallabeth
b58dd122b2 Disable functions that require WITH_CHANNEL if not defined 2022-10-13 14:38:06 +02:00
akallabeth
a38d584bf1 Do not compile client functions for encomsp if channel deactivated 2022-10-13 12:12:24 +02:00
David Fort
f76c14c256 fix smartcard logon with smartcard emulation
When smartcard emulation was enabled we were dumping the key and cert to
temporary files for PKINIT call, but they were deleted before we have
actually done the PKINIT. This patch fixes it.

It also add debug statement for the listing of smartcard keys / certs.

This also fixes the listing of smartcard on certain windows configurations
were we have to force NCRYPT_SILENT when doing a NCryptOpenKey.
2022-10-13 12:03:58 +02:00
Marc-André Moreau
27a865af74 Add Negotiate SSPI authentication module filtering 2022-10-12 22:07:45 +02:00
akallabeth
60720e7706 Improved streamdump file format 2022-10-07 10:38:03 +02:00
akallabeth
ed0f258423 Use GFX small cache by default
RAILS does have some problems if this is not enabled and there is
no real benefit for not setting it, so default it
2022-10-06 16:20:47 +02:00
David Fort
3947294ffb Adjust smartcard listing
When no CSP is provided, we were listing smartcard materials by querying the
MS_SCARD_PROV_A CSP, unfortunately on some windows hosts, the smartcards aren't
listed in that CSP. So this patch does the key listing by browsing all CSPs
instead of just a default one. You can still force a CSP and you'll get keys only
from this one.

This patch also address cases where the certificate on the smartcard doesn't
have a UPN attribute, if that happen we try to get a UPN from the email address.
2022-10-06 16:06:35 +02:00
Marc-André Moreau
cd6fcaacb4 use kerberos command-line suboptions for KDC URL 2022-09-30 19:33:12 +02:00
Marc-André Moreau
21d28ab62d add --kdc-url command-line parameter 2022-09-30 19:33:12 +02:00
akallabeth
1849632c43
Fixed format strings to match arguments (#8254)
* Fixed format strings to match arguments

Reviewed and replaced all %d specifiers to match proper type

* Added proxy dynamic channel command type to log messages.
2022-09-29 14:55:27 +02:00
akallabeth
b18ca128c8
Fixed missing encomsp check (#8238)
The channel might not have been initialized and the pointer NULL
2022-09-22 10:27:52 +02:00
David Fort
e266784b24 client: fix channel loading for rdp2tcp
The RDP2Tcp channel has no associated bool in settings for configuring the loading
of the channel (only settings->RDP2TCPArgs for the args), so let's load it outside
of the big loading loop (prevent a warning for unknown bool setting 1519).
2022-09-21 16:04:02 +02:00
Simon Nivault
82b58325a3 Add switch to declare printer as default or not 2022-09-20 13:25:05 +02:00
garbb
940317282c remember participantId for use with assistance set control request 2022-09-19 09:41:45 +02:00
garbb
488b52405a change to c style comment 2022-09-15 10:25:35 +02:00
garbb
0413dfe7df if /auto-request-control, only request control once upon connect
if auto-request-control setting is enabled then only request control once upon connect, otherwise it will auto request control again every time server turns off control which is a bit annoying.
2022-09-15 10:25:35 +02:00
David Fort
1905524442
Channel loading (#8204)
* update .gitignore and cleanup conditionnal callback call

* client: rework channel loading

Automate the loading of channels that only depend on a given enabled setting.
2022-09-14 13:53:27 +02:00
Armin Novak
707b9348ee Unify encomsp request control code 2022-09-13 09:22:41 +02:00
liuyuh007
95b4d3cd3d
Update cmdline.c (#8140)
ipv6 port parse error
2022-08-19 13:43:44 +02:00
David Fort
942273e9cb
tls: add an option to dump tls secrets for wireshark decoding (#8120)
This new option /tls-secret-file:<file> allows to dump TLS secrets in a file with
the SSLKEYLOGFILE format. So this way you can setup the TLS dissector of wireshark
(Pre-Master-Secret log filename) and see the traffic in clear in wireshark.
It also add some more PFS ciphers to remove for netmon captures.
2022-08-16 10:40:32 +02:00
David Véron
a3712521a8 TLS version control
* added settings for minimal and maximal TLS versions supported
* refactorisation of the force TLSv1.2 setting
2022-07-07 07:13:11 +00:00
akallabeth
cb96e6143d Fixed -Wshadow warnings 2022-06-30 10:49:02 +02:00
akallabeth
ebf5de1d1d Preset LoadChannels function pointer 2022-06-29 09:18:53 +02:00