Commit Graph

1355 Commits

Author SHA1 Message Date
Armin Novak
4803ba046c [server,shadow] implement CheckPeerAcceptRestrictions
Implement a (optional) peer limitation check for shadow server.
with the command line option /max-connections:<number> the maximum
number of simultaneous connections can be limited.
2023-06-14 17:15:21 +02:00
Armin Novak
3648c05c56 [shadow,subsystem] refactor builtin loader 2023-06-13 08:02:02 +02:00
akallabeth
a71da162ae [server,shadow] require NLA off if -auth is requested.
* Default to authentication required for shadow server (invert previous
  default)
* force NLA off if authentication is disabled
2023-06-12 15:04:05 +02:00
Armin Novak
c991f73041 [CMake] refactor shadow build scripts
* fix a bug with platform modules not being correctly build
* simplify build, use subdirectory CMakeLists.txt
2023-06-12 15:04:05 +02:00
Armin Novak
98b7c88df7 [proxy,modules] fix bitmap filter drdynvc write 2023-06-08 08:13:16 +02:00
Armin Novak
970f0c54e8 [stream] use const correct Stream_Pointer access 2023-06-08 08:09:33 +02:00
Armin Novak
a4c6b36a19 [build] fix memory sanitizer stack frame warnings 2023-06-07 09:14:45 +02:00
Armin Novak
3e44efc841 [cmake] use FindX11 from CMake 3.13 2023-05-31 11:05:56 +02:00
akallabeth
105f0d2366 [channel,audin] move common code to server channel
* manage channel related callbacks with default implementations
* use dynamic logger for server audin channel
2023-05-17 13:33:35 +02:00
Pascal Nowack
c5278c874f channels/audin: Rework API to be closer to documentation
The current server side channel handling of AUDIO_INPUT is currently
very constrained:

- Server implementations cannot measure the clients uplink, since the
  Incoming Data PDU is currently unhandled and FreeRDPs DSP handling
  delays the callback call of ReceiveSamples
- Servers currently cannot prefer a different protocol version
- Servers currently cannot change the used format

To solve these issues without running into the risk that some
simplifications constraint certain API usage, rework the current channel
handling to be very close to the documentation.
This means, that all documented API calls can be made by server
implementations and all documented PDUs, that the server side is
expected to receive are just parsed inside FreeRDP and then forwarded to
the API implementation.
2023-05-17 13:33:35 +02:00
Armin Novak
16a78e07dd [server,sample] move assert in SuppressOutput
if allowDisplayUpdates == 0 no area rectangle is available.
2023-05-15 22:42:05 +02:00
akallabeth
52786d0f12 [input] update to use new WINPR_KEYBOARD_TYPE*
* Use new enum constants with WINPR_KEYBOARD_* prefix
* Fix mapping of keycodes and scancodes, the offset of 8 is no longer
  required if the proper keyboard type is used.
2023-05-12 09:52:01 +02:00
akallabeth
2b3c8c47a4 [build] fix install with BUILD_SHARED_LIBS=OFF
generate proper CMake targets so static linking works again.
2023-05-12 08:03:56 +02:00
David Fort
7b84f2f740 proxy: fix treatment of client channels
Iteration on channels was done with the wrong counter leading to incorrect behaviour.
2023-05-09 07:52:06 +02:00
Armin Novak
7212621eae [proxy,config] PEM length must contain '\0' 2023-05-08 22:54:53 +02:00
akallabeth
516668d02b [fclose] ensure no invalid pointers are passed.
fclose has undefined behaviour for NULL pointers, so check for these.
2023-04-28 07:39:35 +02:00
Armin Novak
fad46c4455 [server,proxy] add additional PEM headers
there are some more PEM formats in use, add the headers
2023-04-26 09:55:26 +02:00
Armin Novak
e0aec72d71 [pkg-config] unify exec_prefix 2023-04-24 22:01:15 +02:00
Armin Novak
f674b209ff [pkg-config] unify libdir 2023-04-24 22:01:15 +02:00
Armin Novak
c1cd48cb3c [server,proxy] allow PEM in config file
CertificateContent and PrivateKeyContent now have two valid formats:
It can be in format PEM (multiple lines) or a single line base64 encoded
PEM.
The first format is preferrable in case the pf_config* API is used to
set the certificate/key,  the latter in case an actual config file is in
use where multiline configuration data can not be directly entered.
2023-04-24 10:57:22 +02:00
akallabeth
c0dc193a39 [winpr,input] use enum for keyboard types
* move type definition to WinPR as used there too.
* supported keyboard types are defined in
  [MS-RDPBCGR] 2.2.1.3.2 Client Core Data (TS_UD_CS_CORE)]
  use a enum instead of magic numbers to make code more readable.
2023-04-21 12:31:51 +02:00
Pascal Nowack
bb967d1533 winpr/input: Add actual evdev keyboard handling
WinPR provides APIs to convert between keycodes between virtual
keycodes.
These keycodes can currently be evdev keycodes or Apple keycodes.
The evdev handling, however, handles XKB keycodes and not evdev ones.
The main difference between these is that XKB keycodes are shifted by
the value 8, compared to evdev keycodes.

In order to fix this situation, rename the evdev keycodes to XKB ones,
and introduce additionally a new keycode evdev, including its handling
for this keycode type.
2023-04-21 12:31:51 +02:00
akallabeth
4d663682bc [server,proxy] ensure PEM length is strlen(pem) + 1
The decoded base64 data might contain PEM with/without/with multiple
'\0' at the end of the string. We do not want to drag this through our
code so ensure the length matches the string length including '\0'
2023-04-17 17:59:06 +02:00
akallabeth
48bbb08793 [server,proxy] remove too strict assert 2023-04-14 15:54:26 +02:00
akallabeth
c3f6b665cc [server,proxy] improve error message for invalid base64
If the certificate or private key are supplied as base64 encoded string
inform what happened before aborting.
2023-04-14 15:54:26 +02:00
Armin Novak
eb20b4ad5f [server,mac] fix missing includes, API changes 2023-04-14 15:50:50 +02:00
Pascal Nowack
8362b3707e pointer: Rename position to hotspot position in Color Pointer Update
The attributes xPos and yPos for a Color Pointer Update are confusing,
as they may be confused with the xPos and yPos of the pointer bitmap on
the actual screen.
Rename these attributes to what they actually represent, and that is the
hotspot position.
xPos and yPos are still members of the hotspot. However, hotSpotX and
hotSpotY are much more clearer.
In addition to that, the Large Pointer Update uses the same names for
the hotspot coordinates.
2023-04-14 08:31:20 +02:00
Armin Novak
ba7840f8ad [server,proxy] fix rdpdr rewrite
do not touch the stream if no rewrite is done.
2023-04-14 08:02:49 +02:00
akallabeth
7739815a90 [codec,h264] add getter/setter for h264 options 2023-04-11 10:58:03 +02:00
Armin Novak
f66110c611 [codec,rfx] refactor API
* Hide implementation details
* Add missing getter/setter
2023-04-05 20:41:42 +02:00
Armin Novak
50ce5b834d [core,server] warn if cert not RDP security compatible 2023-03-28 17:19:03 +02:00
akallabeth
a5b42f0f84 [includes] untangled circular includes 2023-03-15 08:22:23 +01:00
akallabeth
e40b1614f2 [server,shadow] fix assertion in shadow context free 2023-03-14 17:38:59 +01:00
Armin Novak
85cff3a7dc [server,proxy] fix private/public library linking 2023-03-10 11:40:08 +01:00
Armin Novak
c23dc3ba9d [CMake] Fix use of BUILD_SHARED_LIBS
the option is named BUILD_SHARED_LIBS and not CMAKE_BUILD_SHARED_LIBS
2023-03-10 11:40:08 +01:00
Armin Novak
49f44303b1 [server,shadow] clean up certificate generation 2023-03-08 13:07:20 +01:00
Armin Novak
00f8cd350b [server,shadow] abort on invalid key/certificate 2023-03-08 13:07:20 +01:00
Armin Novak
340101e35e [server,shadow] do not fall back to surfacebits
If GFX channel is desired, do not fall back to surface bits command.
This will break mstsc connections after a DesktopResize was sent.
2023-03-06 21:46:51 +01:00
Armin Novak
e796508c1a [server,shadow] disable AVC modes if none compiled in 2023-03-06 21:46:51 +01:00
Armin Novak
1bf0bb1a26 [server] fixed build without CHANNEL_AUDIN_SERVER 2023-03-06 21:46:51 +01:00
akallabeth
273bb6a7a8 [build] use static libraries as intermediate 2023-03-01 08:18:34 +01:00
akallabeth
b4e9c8b39f [build] removed complex libraries
* remove obsolete complex libraries helper
* fix static linking
2023-03-01 08:18:34 +01:00
David Fort
b8814e723a fix some warning with the use of new crypto functions 2023-02-28 07:59:40 +01:00
Armin Novak
f0e9797b4c [build] require CMake >= 3.13
required for target_link_options
2023-02-27 11:18:02 +01:00
akallabeth
abec62c3af [server,mac] fixed certificate loading 2023-02-16 10:06:17 +01:00
akallabeth
ea42df2ccd [server,windows] update certificate loading 2023-02-16 10:06:17 +01:00
akallabeth
ad1af95438 Removed duplicate rdp security checks 2023-02-16 10:06:17 +01:00
akallabeth
87e90903ab [server,proxy] use rdpPrivateKey and rdpCertificate 2023-02-16 10:06:17 +01:00
akallabeth
fe287e199b [server,shadow] use rdpPrivateKey and rdpCertificate 2023-02-16 10:06:17 +01:00
akallabeth
4d4be4d892 [server,sample] only use rdpRsaKey and rdpCertificate 2023-02-16 10:06:17 +01:00