Commit Graph

17280 Commits

Author SHA1 Message Date
Pascal Nowack
50c3559a43 core/capabilities: Fix handling of Virtual Channel Capability Set
The VirtualChannelChunkSize can only be larger than 1600 Bytes, when
both client and server write that value in their capability set
regardless of the value itself.
Also, Microsoft clients and servers only advertise the capabilities that
are relevant for the other peer, e.g. mstsc only tells the server that
it supports decompressing compressed data from the server, but it does
not advertise, that it is able to compress data for the server.

Additionally, correctly apply the read capabilities after reading them.
2023-05-02 09:51:40 +02:00
Pascal Nowack
264d19765c core/server: Use correct size for DVC data PDUs
The VirtualChannelChunkSize setting refers to the VCChunkSize for static
channels and not to the maximum size for DVC data PDUs.
DVC data PDUs are according to [MS-RDPEDYC] always limited to 1600
Bytes.
2023-05-02 09:51:40 +02:00
akallabeth
05edcbc357 [cmake] fix version from git tag
only consider tags that conform to the format  'somestring1.2.3' as
valid tags
2023-05-02 09:34:07 +02:00
Martin Fleisz
4859a5dfd4 core: Fix possible memory leak in smartcard certificate enumeration
When enumerating smartcard certificates we check if we have duplicates
in our certificate list. In case we detect a duplicate we just return
`TRUE` (indicating that we consumed the certificate info) but do not
free the smartcard info instance.
2023-04-28 11:45:59 +02:00
Armin Novak
ca13987e84 [core,gateway] tighten checks for fault PDU 2023-04-28 10:16:49 +02:00
akallabeth
60f36ed2d6 [emu,scard] use EVP_PKEY_decrypt to determine length 2023-04-28 08:33:06 +02:00
Armin Novak
8b6d05f90f [crypto] fix key decrypt inconsistencies 2023-04-28 08:33:06 +02:00
akallabeth
402cffdeb2 [emu,scard] openssl 3 support 2023-04-28 08:33:06 +02:00
akallabeth
6c38e20e4e [crypto,cert] add openssl3 support 2023-04-28 08:33:06 +02:00
akallabeth
9ebbeeb2f6 [crypto,pkey] add openssl3 support 2023-04-28 08:33:06 +02:00
akallabeth
be74ce00a7 [winpr,tools] add openssl3 support 2023-04-28 08:33:06 +02:00
Armin Novak
f8ac8f1773 [winpr,schannel] add compile option WITH_DEBUG_SCHANNEL 2023-04-28 08:33:06 +02:00
Armin Novak
55a8695cfe [winpr,crypto] add openssl 3 support
update hashing functions for openssl 3
2023-04-28 08:33:06 +02:00
akallabeth
c950ca375c [client,common] fix value present flag check
need to check for COMMAND_LINE_VALUE_PRESENT instad of COMMAND_LINE_ARGUMENT_PRESENT
2023-04-28 07:39:35 +02:00
akallabeth
516668d02b [fclose] ensure no invalid pointers are passed.
fclose has undefined behaviour for NULL pointers, so check for these.
2023-04-28 07:39:35 +02:00
akallabeth
09aa4e63a9 [winpr,utils] fix COMMAND_LINE_VALUE_PRESENT
the flag was set unconditionally, only set it if there actually is a
value present
2023-04-28 07:39:35 +02:00
fifthdegree
6abd9165e6 Only accept hostname for kdc-url
For compatibility with windows
2023-04-27 16:31:30 +02:00
fifthdegree
9368317a9f Plug some leaks in krb5glue_mit.c 2023-04-27 16:31:30 +02:00
fifthdegree
b1c4cb493f Set KDC URL in a way compatible with Windows 2023-04-27 16:31:30 +02:00
fifthdegree
201b743f20 Set pkinit_kdc_hostname when known
Since Windows doesn't use id-pkinit-san in its certificates, it is
necessary to manually configure which hosts are valid KDCs. In the case
where a kdcUrl (or hostname) is provided to us, we can do that
configuration ourselves.
2023-04-27 16:31:30 +02:00
David Fort
7b0b273ec1 mcs: drop a server-side warning on FreeRDP_ChannelDefArray::len
Server side we often see "FreeRDP_ChannelDefArray::len expected to be >= 31,
but have XXX", where XXX is lower than 31.

This patche fixes that, the old code was setting the size of ChannelDefArray to the
number of ChannelCount, which is usually not what we want. We want to keep it to 31
and have ChannelCount indicate how many of these channels are used.
2023-04-27 08:37:11 +02:00
Armin Novak
fad46c4455 [server,proxy] add additional PEM headers
there are some more PEM formats in use, add the headers
2023-04-26 09:55:26 +02:00
David Fort
0b16fcef18 rail: add missing server-side calls
This patch adds support for text_scale and caret_blink messages on the server-side.
2023-04-25 07:27:37 +02:00
Armin Novak
e0aec72d71 [pkg-config] unify exec_prefix 2023-04-24 22:01:15 +02:00
Armin Novak
f674b209ff [pkg-config] unify libdir 2023-04-24 22:01:15 +02:00
Armin Novak
4d3d1bfe4d [core,autodetect] revert to [MS-RDPBCGR] states
remove 'convenience' states in main RDP state machine for autodetect
2023-04-24 14:18:20 +02:00
Armin Novak
f357f1d418 [core,license] allow empty cert info 2023-04-24 13:03:40 +02:00
Richard Markiewicz
13e52cfae2 [channels,settings] add a setting to ignore invalid devices 2023-04-24 11:29:05 +02:00
Bernhard Miklautz
d1069b3bc1 new: use prefix in pkg-config files for libdir 2023-04-24 11:19:01 +02:00
Bernhard Miklautz
ddc9e5835f new: export plugin paths in pkg-config and cmake package
To simplify building external channels and other plugins related
paths are now exported in the pkg-config file and the cmake package.
The paths can be used to install channels/plugins/extensions in
the configured search paths.

For pkg-config the following variables are now available:
* datadir
* plugindir
* proxy_plugindir
* extensiondir

They can be queried like: `pkg-config freerdp3 --variable plugindir`

The cmake package has three new variables that can be used:
* FreeRDP_PLUGIN_DIR
* FreeRDP_PROXY_PLUGIN_DIR
* FreeRDP_EXTENSION_DIR

Note: Depending on the build the directories are not necessarily created.
2023-04-24 11:19:01 +02:00
akallabeth
ecc32eaf2e [core,info] unify string read, log unexpected
* unify reading of domain and username strings with all the checks
* add handling of (undocumented) padding in [MS-RDPBCGR]
  2.2.10.1.1.2 Logon Info Version 2 (TS_LOGON_INFO_VERSION_2)
  occurring with windows 11
2023-04-24 10:59:17 +02:00
Armin Novak
9005e1edfb [channels,printer] fix printer_save_default_config 2023-04-24 10:58:01 +02:00
Armin Novak
afc29ce777 [crypto,cert] fix cert_write_server_certificate_v2 2023-04-24 10:58:01 +02:00
Armin Novak
91b0f6d444 [crypto,cert] remove too strict assert 2023-04-24 10:58:01 +02:00
Armin Novak
41eb024d98 [channels,audin] add missing include 2023-04-24 10:58:01 +02:00
Armin Novak
c1cd48cb3c [server,proxy] allow PEM in config file
CertificateContent and PrivateKeyContent now have two valid formats:
It can be in format PEM (multiple lines) or a single line base64 encoded
PEM.
The first format is preferrable in case the pf_config* API is used to
set the certificate/key,  the latter in case an actual config file is in
use where multiline configuration data can not be directly entered.
2023-04-24 10:57:22 +02:00
Andrey Af
58cdc9e82b rdpdr_server_drive_close_file_callback remaining length fixed 2023-04-24 09:33:26 +02:00
akallabeth
c0dc193a39 [winpr,input] use enum for keyboard types
* move type definition to WinPR as used there too.
* supported keyboard types are defined in
  [MS-RDPBCGR] 2.2.1.3.2 Client Core Data (TS_UD_CS_CORE)]
  use a enum instead of magic numbers to make code more readable.
2023-04-21 12:31:51 +02:00
akallabeth
1318b813d6 [winpr,input] fix apple keyboard mapping
GetVirtualKeyCodeFromKeycode and GetVirtualKeyCodeFromKeycode used
an invalid index offset. this commit corrects that, but is API breaking.
2023-04-21 12:31:51 +02:00
Pascal Nowack
bb967d1533 winpr/input: Add actual evdev keyboard handling
WinPR provides APIs to convert between keycodes between virtual
keycodes.
These keycodes can currently be evdev keycodes or Apple keycodes.
The evdev handling, however, handles XKB keycodes and not evdev ones.
The main difference between these is that XKB keycodes are shifted by
the value 8, compared to evdev keycodes.

In order to fix this situation, rename the evdev keycodes to XKB ones,
and introduce additionally a new keycode evdev, including its handling
for this keycode type.
2023-04-21 12:31:51 +02:00
Martin Fleisz
73911425d4 gateway: Do not encrypt message during RPC NTLM auth
Commit 2de7a4c249 introduced major changes
in the gateway authentication code. One of these changes was to decouple
NTLM specific authentication from the gateway code.

However with these changes, gateway authenciation with the old RPC code
stopped working and returned an authentication error. The problem is
that currently `credssp_auth_encrypt` encrypts the given message along
creating a signature.

The old code prevented encryption of the message by specifying
`SECBUFFER_READONLY` on the message buffer. The native Windows SSPI then
leaves this buffer as-is and gateway authentication works again.

This fix only applies to Windows platforms using the native SSPI API.
Interestingly this works on other platforms using the WinPR SSPI so
there seems to be a difference between the implementations (but that's a
topic for another PR).
2023-04-21 08:15:00 +02:00
Pascal Nowack
4be3950fd8 rdpecam/server: Remove wrong assertion
Some PDUs, like the Activate Device Request only contain the header.
As a result, the size of the rest of the PDU is 0.
The assertion for the PDU size in device_server_packet_new only
considers the size of the body of the PDU.
When that value is 0, the assertion is hit and the server implementation
crashes.

To fix this issue, simply remove this assertion. Since the allocation
size is always at least the header size, there won't ever be an attempt
to create a stream with a size of 0.
2023-04-19 22:20:04 +02:00
akallabeth
dd57de8e19 [client,sdl] add function to context 2023-04-19 11:04:13 +02:00
akallabeth
0627baa939 [client,sdl] move functions to proper place 2023-04-19 11:04:13 +02:00
akallabeth
01293f4c3f [client,sdl] migrate sdl_kbd to class 2023-04-19 11:04:13 +02:00
akallabeth
63606b3c7c [client,sdl] migrate display channel to class 2023-04-19 11:04:13 +02:00
akallabeth
05a2291861 [client,sdl] split sdl_freerdp.hpp 2023-04-19 11:04:13 +02:00
Armin Novak
26ee0590d6 [client,sdl] use CriticalSectionLock
use c++ RAII to lock critical sections
2023-04-19 11:04:13 +02:00
Armin Novak
86470103c4 [client,sdl] rename c++ headers to hpp 2023-04-19 11:04:13 +02:00
akallabeth
c35b41c05d [client,sdl] rename update trigger helper class 2023-04-19 11:04:13 +02:00