Michael Saxl
d55e035260
[gateway,arm] Azure Virtual Desktop Gateway support
...
This PR creates a new /gateway:type:arm transport.
It depends on CJSON
The arm transport is not a transport by itself but is responsible
for getting the websocket endpoint from a configuration url derived from
the configured gateway host in the rdpw file or cmdline
2023-06-27 21:15:08 +02:00
Michael Saxl
44c1ec3276
[gateway,websocket] implement plain websocket transport
...
* factor out most websocket specific code parts into websocket.c
* create wst.c (Websocket Transport) as gateway transport implementation
* introduce GatewayUrl setting that holds the websocket url
* introduce GatewayHttpExtAuthBearer that holds the HTTP Bearer
* GatewayHttpExtAuthBearer can be used by both rdg and wst
2023-06-22 09:21:42 +02:00
Michael Saxl
6478edda5b
rdg bearer support
2023-06-22 09:21:42 +02:00
akallabeth
1fc0d5b4b1
[winpr] remove casts for winpr_RAND calls
2023-06-21 09:57:52 +02:00
Armin Novak
e264512220
[common,assistance] fix missing NULL check
2023-06-19 09:24:18 +02:00
Armin Novak
84320903c3
[common,assistance] add test case
2023-06-19 09:24:18 +02:00
akallabeth
18df3176e1
[common,assistance] fix assistance file parser
...
* ensure a valid delimiter is following the token searched for
* add a test case to ensure this works
2023-06-16 09:14:10 +02:00
Armin Novak
010e1252c4
[common,assistance] fix NULL argument for strstr
2023-06-14 13:50:59 +02:00
akallabeth
89bbed83db
[common,assistance] clean up assistance file parser
2023-06-13 10:03:57 +02:00
Sergey Bronnikov
62697e58d9
[libfreerdp] Pass a zero-terminated string to freerdp_assistance_parse_file_buffer
...
```
READ of size 2 at 0x602000000091 thread T0
SCARINESS: 14 (2-byte-read-heap-buffer-overflow)
#0 0x4c6fb9 in StrstrCheck(void*, char*, char const*, char const*) /src/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:580:5
#1 0x4c6df1 in strstr /src/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:597:5
#2 0x56c9ba in freerdp_assistance_parse_file_buffer /src/FreeRDP/libfreerdp/common/assistance.c:743:6
#3 0x56b58e in parse_file_buffer /src/FreeRDP/libfreerdp/common/test/TestFuzzCommonAssistanceParseFileBuffer.c:11:11
#4 0x56b58e in LLVMFuzzerTestOneInput /src/FreeRDP/libfreerdp/common/test/TestFuzzCommonAssistanceParseFileBuffer.c:20:2
#5 0x43f5e3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15
#6 0x440994 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:804:3
```
2023-06-07 14:25:57 +02:00
Sergey Bronnikov
3266dc984a
[libfreerdp] Fix TestFuzzCommonAssistanceHexStringToBin
...
Test breaks contract in freerdp_assistance_hex_string_to_bin():
function expects zero-terminated string. Patch fixes that.
2023-06-07 14:25:57 +02:00
Sergey Bronnikov
d8254c5ff3
[libfreerdp] Fix msan's use-of-uninitialized-value
...
Uninitialized bytes in __interceptor_strlen at offset 0 inside [0x701000000040, 1)
==220==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x535c13 in freerdp_assistance_hex_string_to_bin /src/FreeRDP/libfreerdp/common/assistance.c:711:11
#1 0x533deb in LLVMFuzzerTestOneInput /src/FreeRDP/libfreerdp/common/test/TestFuzzCommonAssistanceHexStringToBin.c:5:15
#2 0x43f5f3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15
#3 0x4409a4 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:804:3
#4 0x440e79 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:857:3
#5 0x4304df in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:912:6
#6 0x459b32 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#7 0x7effc08bb082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
#8 0x420f1d in _start (/tmp/not-out/tmpu5o6go0a/TestFuzzCommonAssistanceHexStringToBin+0x420f1d)
2023-06-07 14:25:57 +02:00
Armin Novak
a4c6b36a19
[build] fix memory sanitizer stack frame warnings
2023-06-07 09:14:45 +02:00
Sergey Bronnikov
b1ae467ae2
[libfreerdp/common] Add fuzzing tests
...
Part of #5063
Closes #6681
2023-06-05 11:28:48 +02:00
akallabeth
393577750e
[settings] add FreeRDP_ClipboardFeatureMask
2023-05-25 16:26:39 +02:00
Richard Markiewicz
13e52cfae2
[channels,settings] add a setting to ignore invalid devices
2023-04-24 11:29:05 +02:00
Armin Novak
391f5e0ddb
[settings] add freerdp_supported_color_depths_string
2023-04-13 14:35:51 +02:00
Armin Novak
39767c5423
[settings] add supported color depths setting
2023-04-13 14:35:51 +02:00
fifthdegree
4cbfa006f2
Implement support for RDS AAD
...
Have a working implementation of the RDS AAD enhanced security mechanism
for Azure AD logons
2023-03-10 16:38:07 +01:00
Joan Torres
7c24da917e
Add RDSTLS security protocol
...
The client tries to connect using RDSTLS only when it has received a
server redirection PDU with LB_PASSWORD_IS_ENCRYPTED flag.
The server exposes RDSTLS on negotiation if it has been configured on settings.
Then authenticates a client using configured credentials from settings:
RedirectionGuid, Username, Domain, Password.
2023-03-08 14:05:00 +01:00
Armin Novak
ae8f0106bd
[core,redirect] extract and check redirection cert
...
* extract the certificate from the redirection PDU
* if there is a certificate provided accept it if it matches the
redirection target certificate without further user checks
2023-02-28 15:49:58 +01:00
akallabeth
2d94ff3f9e
[settings] remove obsolete keys
...
* CertificateFile and CertificateContent are no longer used
* PrivateKeyFile and PrivateKeyContent are no longer used
2023-02-16 10:06:17 +01:00
Armin Novak
a7dac52a42
[license] updated copyright headers
2023-02-12 20:17:11 +01:00
akallabeth
af371bef6a
[crypto] rename rdpRsaKey to rdpPrivateKey
2023-02-12 20:17:11 +01:00
akallabeth
9b51df8b10
[core,crypto] refactor certificate management
...
* Properly split certificate_store, certificate_data, certificate and
private key functions to files
* Prefix all functions with freerdp_ to have a unique name
* Update certificate store to use one file per host instead of
known_hosts2
* Merge CryptoCert and rdpCertificate
2023-02-12 20:17:11 +01:00
akallabeth
2eda0aa2ea
[core,settings] remove unused setting
2023-02-03 11:24:32 +01:00
Armin Novak
cd48e17740
[gateway,settings] add GatewayAutoConsent option
...
with this option the client automatically accepts consent messages of
the gateway server.
2023-02-03 11:08:46 +01:00
Armin Novak
0c496681f5
[core,settings] fix use of FreeRDP_TargetNetPorts
2023-02-01 09:51:54 +01:00
akallabeth
da42a2141e
[core,settings] update getter/setter generation
...
fix issues with const and non const string pointer update
2023-02-01 09:51:54 +01:00
Armin Novak
641022b795
[logging] remove __FUNCTION__ from actual message
...
prefer the log formatter to provide that information.
2023-01-25 16:26:39 +01:00
Armin Novak
f4ee5226b0
[core,settings] fix freerdp_settings_set_string_from_utf16N
...
If the input string has a length, but the string length is 0 do not
return failure.
2023-01-25 16:26:39 +01:00
Armin Novak
e07fed8822
[core,settings] initialize variables
2023-01-24 10:16:55 +01:00
akallabeth
60424ef76f
[core] fixed client/server early capapbility flags
2023-01-20 10:57:30 +01:00
Martin Fleisz
22da7c532c
common: Fix RAIL support flags logging
2023-01-20 10:37:56 +01:00
Armin Novak
9e331a6fcb
[settings] add string functions for encryption
2023-01-18 09:55:06 +01:00
akallabeth
05dab47cbd
[core,settings] add missing redirection options
...
* RedirectionGuid
* TargetCertificate
2023-01-17 12:25:31 +01:00
Armin Novak
e2b5f41b2c
[settings] regenerated getter with updated script
2022-12-22 18:50:05 +01:00
akallabeth
b5e2c2a81d
[settings] added stringify function for RDPDR_RTYP_*
2022-12-15 14:57:29 +01:00
Armin Novak
5f81005ecb
[transport] remove polling loop
...
We no longer have a blocking polling loop in transport. Instead assume
there is more data after a packet was processed and let the transport
try again. If there is another packet ready, this repeats until only a
partly received (or no new data available) situation is reached.
2022-12-12 12:59:32 +01:00
Armin Novak
3e3ed445b4
[client,file] add rdgiskdcproxy to settings
...
Adds a new option FreeRDP_KerberosRdgIsKdc to manually set the KDC url
to the gateway server url
2022-12-06 14:07:53 +01:00
akallabeth
ca5684c968
[settings,caps] Removed ColorPointerFlag
...
* The setting is obsolete and can be replaced by a constant
* Only check the receive function for proper value and print a warning
2022-12-06 09:08:12 +01:00
akallabeth
97fd183d39
[core,settings] Added ColorPointerCacheSize
2022-12-06 09:08:12 +01:00
Armin Novak
ff266e9575
furter added settings documentation
2022-12-02 15:25:08 +01:00
akallabeth
d898f04e41
[core,settings] Added settings function docs
...
* Document settings functions
* Make rdpSettings* checks more uniform
2022-12-02 15:25:08 +01:00
akallabeth
c1a9c19308
[settings] Fixed UTF16 helpers
...
Do not copy the already allocated buffer
2022-12-02 15:08:09 +01:00
akallabeth
5799fb2018
Replace ConvertFromUnicode and ConvertToUnicode
...
* Use new ConvertUtf8ToWChar, ConvertUtf8NToWChar,
ConvertUtf8ToWCharAlloc and ConvertUtf8NToWCharAlloc
* Use new ConvertWCharToUtf8, ConvertWCharNToUtf8,
ConvertWCharToUtf8Alloc and ConvertWCharNToUtf8Alloc
* Use new Stream UTF16 to/from UTF8 read/write functions
* Use new settings UTF16 to/from UTF8 read/write functions
2022-11-28 10:42:36 +01:00
akallabeth
2ac2f43503
[freerdp,settings] Add UTF16 helper functions
...
This new function allows get or set settings as WCHAR
string directly. Converts the string automatically from/to utf-8
internally
2022-11-28 10:42:36 +01:00
Armin Novak
c5e425242a
[settings] Typo in GatewayHttpExtAuthSspiNtlm
2022-11-23 11:19:21 +01:00
akallabeth
af64cccae2
[core,settings] Ensure collection is empty
...
In freerdp_static_channel_collection_add delete the old entry before
adding a new one.
2022-11-22 15:30:31 +01:00
akarl10
b1583d56c0
[rdg] implementation of http_extauth_sspi_ntlm
2022-11-16 20:28:53 +01:00