Commit Graph

161 Commits

Author SHA1 Message Date
akallabeth
48013d75fc [core,test] add fuzzer for receive functions 2024-04-21 14:28:24 +02:00
akallabeth
f3b2aea781 [cmake] add fuzzer tests
tests imported from https://github.com/ergnoorr/fuzzrdp

reported by Evgeny Legerov of Kaspersky Lab.
2024-04-16 13:06:22 +02:00
akallabeth
1e325dc2de [core,settings] add missing autoreconnect option
Split settings, there was a double use for AutoReconnectEnabled.
AutoReconnectEnabled is a setting responsible for client side
autoreconnection.
AutoReconnectPacketSupported is a flag set by the server to announce
support for AutoReconnectPacket allowing fast reconnect.
2024-04-11 11:19:18 +02:00
akallabeth
93eb4df524 [core,gateway] implement RDG and TSG policy
* use dynamic logger in RDG
* honor [MS-TSGU] 2.2.9.2.1.5.2 TSG_REDIRECTION_FLAGS
* honor [MS-TSGU] 2.2.10.16 HTTP_TUNNEL_AUTH_RESPONSE
  HTTP_TUNNEL_AUTH_RESPONSE_FIELD_REDIR_FLAGS flag
* add setting GatewayIgnoreRedirectionPolicy to ignore the gateway
  policy if desired
2024-03-07 16:18:41 +01:00
akallabeth
acedd305d3 fixed unused-but-set-variable warnings 2024-02-22 12:31:50 +01:00
akallabeth
d7ebec5a65 [tidy] move loop variable declaration to loop 2024-02-22 12:31:50 +01:00
akallabeth
81d2c1f057 [clang-tidy] clang-analyzer-core.NullDereference 2024-02-15 11:49:16 +01:00
akallabeth
0ba995655d [clang-tidy] cppcoreguidelines-init-variables 2024-02-15 11:49:16 +01:00
akallabeth
207def5c56 [clang-tidy] readability-isolate-declaration 2024-02-15 11:49:16 +01:00
Vic Lee
5559e59f40 [channels] Add synchronous static channel setting. 2024-02-01 15:06:23 +01:00
Vic Lee
16206cb505 [channels,drdynvc] Add settings to enable synchronous dynamic channels. 2024-01-11 15:24:55 +01:00
akallabeth
af9e74273d [common,assist] improve test to cover full parsing 2024-01-09 15:18:37 +01:00
Armin Novak
0af308c1b5 [core,test] adjust TestConnect timeouts
when run on qemu systems for alternate architectures we need to lower
our speed expectations and increase the failure timeouts
2023-12-20 09:03:58 +01:00
David Fort
6a31820363 [core] allow to specify the hostname used for AAD
The previous code was assuming that the host name used for doing AAD was
ServerHostname parameter. But when you connect directly to Azure hosts you most
likely connect by IP and use short name for the AAD host, so you need to be able
to give ServerHostname=<IP of host> and AadServerHostname=<shortname>.
2023-12-15 14:37:15 +01:00
akallabeth
1b31852d32 [git] remove .gitignore
we do no longer allow in source builds, so remove all the .gitignore
files just hiding generated files
2023-11-28 12:14:55 +01:00
Armin Novak
4d50d59e7e [settings] renamed VirtualChannelCompressionFlags 2023-11-24 14:54:56 +01:00
Armin Novak
37bd7e0959 [settings] renamed VirtualChannelChunkSize
in [MS-RDPBCGR] it is named VCChunkSize
2023-11-24 14:54:56 +01:00
David Fort
061148f856 [nla] initial server-side remote credential guard support
Adds support for server-side remote credential guard in NLA. When enabled that allows
the remote user to connect without shipping credentials in TSCred packets. Instead
it will send his TGT encoded with a TGS from the remote server. This way the server
is able to populate that TGT in a local credential cache without knowing the user's
password.

The patch only treats the NLA part and does not contain the associated RDPEAR channel
that allows to have the complete interaction to retrieve new access tokens.
2023-11-20 16:17:00 +01:00
Mariusz Bialonczyk
1d1171489f [tools] update-settings-tests, update-rdpSettings, clang-format 2023-10-19 16:37:28 +02:00
akallabeth
4d99b4ff9b [settings] add ClipboardUseSelection 2023-10-19 14:22:19 +02:00
akallabeth
1f7bc15bb1 [settings] add HasQoeEvent 2023-10-13 16:05:27 +02:00
akallabeth
910e3b9fb4 [settings] added new setting for HasRelativeMouseEvent 2023-10-13 16:05:27 +02:00
David Fort
3c18a9980f [client,win32] implement connection to child session
Under windows you can connect to a child session by requesting a named pipe to
the local server, and then do some RDP on this named pipe.
The protocol is like for /vmconnect with CredSSP, then Nego and then the "normal"
workflow for a connection. For CredSSP we force the usage of NTLM for the Negociate
SSPI, and the credentials are empty.
2023-09-27 11:57:49 +02:00
akallabeth
635626be12 [client,common] avd related keys to rdp file parser 2023-09-21 10:30:09 +02:00
Marc-André Moreau
30c31d64e8 WinSCard dynamic API loading with /winscard-module cli argument 2023-08-23 12:26:27 +02:00
Armin Novak
e61880d077 [standard] replace __FUNCTION__ with __func__ 2023-07-27 20:02:43 +02:00
Armin Novak
3d1bb4e1d9 [client,common] allow forcing default callbacks
All clients can implement their own callbacks for
certificate/credential/smartcard/... but there is a common (default)
implementation for all clients.
with the new setting FreeRDP_UseCommonStdioCallbacks it is now possible
to force these over the client implementation provided ones
2023-07-20 14:25:08 +02:00
Armin Novak
10e010329c [client,file] add WebAuthN rdp file parsing support 2023-07-10 10:45:28 +02:00
akallabeth
18185e9dbc [test] disable TestConnect on windows
build directories are different and the test logic can not find the
binaries necessary to launch
2023-07-05 08:46:00 +02:00
akallabeth
d9b03b45ed [test] add executable suffix for TestConnect 2023-07-05 08:46:00 +02:00
akallabeth
a01f3ec5ab [client,common] allow adding a named keyboard pipe
This allows starting FreeRDP clients with a named pipe that will type in
text written to the named pipe as keyboard input
2023-07-03 13:21:43 +02:00
Michael Saxl
d55e035260 [gateway,arm] Azure Virtual Desktop Gateway support
This PR creates a new /gateway:type:arm transport.
It depends on CJSON

The arm transport is not a transport by itself but is responsible
for getting the websocket endpoint from a configuration url derived from
the configured gateway host in the rdpw file or cmdline
2023-06-27 21:15:08 +02:00
Michael Saxl
44c1ec3276 [gateway,websocket] implement plain websocket transport
* factor out most websocket specific code parts into websocket.c
* create wst.c (Websocket Transport) as gateway transport implementation
* introduce GatewayUrl setting that holds the websocket url
* introduce GatewayHttpExtAuthBearer that holds the HTTP Bearer
* GatewayHttpExtAuthBearer can be used by both rdg and wst
2023-06-22 09:21:42 +02:00
akallabeth
1fc0d5b4b1 [winpr] remove casts for winpr_RAND calls 2023-06-21 09:57:52 +02:00
Sergey Bronnikov
1c0c804981 [cmake] Introduce a target for building fuzzing tests
Part of #5063
2023-06-05 11:28:48 +02:00
Armin Novak
d0bf018e95 [test] fix uninitialized variables in test case 2023-05-31 17:44:41 +02:00
akallabeth
393577750e [settings] add FreeRDP_ClipboardFeatureMask 2023-05-25 16:26:39 +02:00
Sergey Bronnikov
c06be5dc35 core: fix api in a fuzzing test
API has been changed in d1ddf7a6c7
("[crypto,test] update to new cert/crypto API").
2023-05-16 22:33:49 +02:00
akallabeth
516668d02b [fclose] ensure no invalid pointers are passed.
fclose has undefined behaviour for NULL pointers, so check for these.
2023-04-28 07:39:35 +02:00
Richard Markiewicz
13e52cfae2 [channels,settings] add a setting to ignore invalid devices 2023-04-24 11:29:05 +02:00
Armin Novak
39767c5423 [settings] add supported color depths setting 2023-04-13 14:35:51 +02:00
fifthdegree
4cbfa006f2 Implement support for RDS AAD
Have a working implementation of the RDS AAD enhanced security mechanism
for Azure AD logons
2023-03-10 16:38:07 +01:00
Armin Novak
ae8f0106bd [core,redirect] extract and check redirection cert
* extract the certificate from the redirection PDU
* if there is a certificate provided accept it if it matches the
  redirection target certificate without further user checks
2023-02-28 15:49:58 +01:00
akallabeth
2d94ff3f9e [settings] remove obsolete keys
* CertificateFile and CertificateContent are no longer used
* PrivateKeyFile and PrivateKeyContent are no longer used
2023-02-16 10:06:17 +01:00
akallabeth
a7dc9eb82c [tests] explicitly deactivate client callbacks for test 2023-02-15 13:34:18 +01:00
akallabeth
af371bef6a [crypto] rename rdpRsaKey to rdpPrivateKey 2023-02-12 20:17:11 +01:00
akallabeth
9b51df8b10 [core,crypto] refactor certificate management
* Properly split certificate_store, certificate_data, certificate and
  private key functions to files
* Prefix all functions with freerdp_ to have a unique name
* Update certificate store to use one file per host instead of
  known_hosts2
* Merge CryptoCert and rdpCertificate
2023-02-12 20:17:11 +01:00
akallabeth
2eda0aa2ea [core,settings] remove unused setting 2023-02-03 11:24:32 +01:00
Armin Novak
cd48e17740 [gateway,settings] add GatewayAutoConsent option
with this option the client automatically accepts consent messages of
the gateway server.
2023-02-03 11:08:46 +01:00
akallabeth
60424ef76f [core] fixed client/server early capapbility flags 2023-01-20 10:57:30 +01:00