Because the proxy uses freerdp_settings_copy to do re-negotiation after
first connection to remote server, all redirection information
(RedirectionPassword, RedirectionDomain, etc.) pointers were duplicated
(to both client and server settings structs). Then, at disconnection, a
double-free occured.
when disconnections/redirections occured, sometimes server/client
channels were not synced, meaning that for example the gfx server
received a message, then tried to use gfx client that was already freed.
freerdp_abort_connect calls the proxy's client stop function,
that closes the thread handle. if it already closed by the server,
a segfault will occur because CloseHandle will try to access free()'ed
memory.
Connection info must be set after the proxy's client connection
established, because if the client didn't provide credentials in .rdp
file, we don't know its username yet.
The client's `ClientStop` callback wasn't set, therefore calling
freerdp_client_stop wasn't really blocking until it has stopped, and a
race condition occured. Fixed by registring to `ClientStop` callback and
waiting for the client thread to finish.
* Move update notification related functions to new display.c: Not
related to `rdp.c`.
* Rename `rdp_write_monitor_layout_pdu` to `display_write_monitor_layout_pdu`.
* Add internal `display_convert_rdp_monitor_to_monitor_def` instead of
doing the conversion inside `display_write_monitor_layout_pdu`.
The async transport option is broken by design.
If used the main loop is called from the transport thread and the
main thread of the application.
Unless the transport layer is refactored to just work on queues
(input and output) this option will never work, therefore remove it.
(we overwrite the password and pin arguments).
This implies changes in the argument parsing tests that now must pass a mutable argv
(copied from the statically declared test argvs).
Some other const inconsistency have been dealt with too.
The sound and microphone redirection channels (and in part TSMF)
did not properly decouple encoding/decoding from the backends used
to play/record sound.
Encapsulating encoding/decoding in rewritten freerdp_dsp_* functions
with variable backends, simplifying alsa/oss/pulse/... audio backends.
When using pthread_once with destructors they are only called,
if each thread (including the main thread) is exited with pthread_exit.
Introducing winpr_exit as a wrapper for that purpose.
Legacy bitmap update might fail with 'fast path update size (xxxxx) exceeds the client's maximum request size (xxxxx)'
Original code might update last fragment with exceeded fragment size incorrectly. Fix the logic to prevent it.
[server/shadow/X11/x11_shadow.c:386] -> [server/shadow/X11/x11_shadow.c:390]: (warning) Either the condition '!subsystem' is redundant or there is possible null pointer dereference: subsystem.
[server/shadow/X11/x11_shadow.c:387] -> [server/shadow/X11/x11_shadow.c:390]: (warning) Either the condition '!subsystem' is redundant or there is possible null pointer dereference: subsystem.
[channels/drive/client/drive_file.c:125]: (error) Memory leak: path_slash
[server/Windows/wf_dxgi.c:195]: (error) Invalid number of character '(' when these macros are defined: 'WITH_DXGI_1_2'.
[server/Windows/wf_mirage.c:319]: (error) Invalid number of character '(' when these macros are defined: ''.
[server/Windows/wf_mirage.c:319]: (error) Invalid number of character '(' when these macros are defined: 'DFMIRAGE_LEAN'.
[server/Windows/wf_mirage.c:319]: (error) Invalid number of character '(' when these macros are defined: '_WIN64'.
[channels/tsmf/client/gstreamer/tsmf_X11.c:317] -> [channels/tsmf/client/gstreamer/tsmf_X11.c:322]: (warning) Either the condition '!decoder' is redundant or there is possible null pointer dereference: decoder.
[channels/tsmf/client/gstreamer/tsmf_X11.c:470] -> [channels/tsmf/client/gstreamer/tsmf_X11.c:475]: (warning) Either the condition '!decoder' is redundant or there is possible null pointer dereference: decoder.
[channels/tsmf/client/gstreamer/tsmf_X11.c:472] -> [channels/tsmf/client/gstreamer/tsmf_X11.c:475]: (warning) Either the condition '!decoder' is redundant or there is possible null pointer dereference: decoder.
[channels/tsmf/client/tsmf_media.c:179] -> [channels/tsmf/client/tsmf_media.c:181]: (warning) Either the condition '!stream' is redundant or there is possible null pointer dereference: stream.
[client/Windows/wf_cliprdr.c:2219] -> [client/Windows/wf_cliprdr.c:2222]: (warning) Either the condition '!formatDataResponse' is redundant or there is possible null pointer dereference: formatDataResponse
[client/Windows/wf_cliprdr.c:2445] -> [client/Windows/wf_cliprdr.c:2448]: (warning) Either the condition '!fileContentsResponse' is redundant or there is possible null pointer dereference: fileContentsResponse.
[client/X11/xf_cliprdr.c:911] -> [client/X11/xf_cliprdr.c:913]: (warning) Either the condition '!clipboard' is redundant or there is possible null pointer dereference: clipboard.
[client/X11/xf_graphics.c:504] -> [client/X11/xf_graphics.c:506]: (warning) Either the condition '!xfc' is redundant or there is possible null pointer dereference: xfc.
[libfreerdp/core/transport.c:861] -> [libfreerdp/core/transport.c:863]: (warning) Either the condition '!transport' is redundant or there is possible null pointer dereference: transport.
[server/shadow/shadow_server.c:777] -> [server/shadow/shadow_server.c:791]: (warning) Either the condition '!server' is redundant or there is possible null pointer dereference: server.
[server/shadow/shadow_server.c:778] -> [server/shadow/shadow_server.c:791]: (warning) Either the condition '!server' is redundant or there is possible null pointer dereference: server.
[server/shadow/shadow_server.c:779] -> [server/shadow/shadow_server.c:791]: (warning) Either the condition '!server' is redundant or there is possible null pointer dereference: server.
[server/shadow/shadow_server.c:781] -> [server/shadow/shadow_server.c:791]: (warning) Either the condition '!server' is redundant or there is possible null pointer dereference: server.
[server/shadow/shadow_server.c:782] -> [server/shadow/shadow_server.c:791]: (warning) Either the condition '!server' is redundant or there is possible null pointer dereference: server.
[server/shadow/shadow_server.c:783] -> [server/shadow/shadow_server.c:791]: (warning) Either the condition '!server' is redundant or there is possible null pointer dereference: server.
[server/shadow/shadow_server.c:784] -> [server/shadow/shadow_server.c:791]: (warning) Either the condition '!server' is redundant or there is possible null pointer dereference: server.
[server/shadow/shadow_server.c:785] -> [server/shadow/shadow_server.c:791]: (warning) Either the condition '!server' is redundant or there is possible null pointer dereference: server.
[server/shadow/shadow_server.c:787] -> [server/shadow/shadow_server.c:791]: (warning) Either the condition '!server' is redundant or there is possible null pointer dereference: server.
[server/shadow/shadow_server.c:789] -> [server/shadow/shadow_server.c:791]: (warning) Either the condition '!server' is redundant or there is possible null pointer dereference: server.
* man pages are only build/installed if WITH_MANPAGES is enabled
* create a new cmake function install_freerdp_man to unified install man
pages
* install all man pages using the new function
* update the nightly packages accordingly
Currently it is not possible to cleanly install multiple major version
of FreeRDP concurrently as some of the development libraries (.so files)
files can conflict.
This change renames all libraries to include the major version number in
the library name to fix this limitation.
The list of changed libraries:
libwinpr-tools.so -> libwinpr-tools2.so
libwinpr.so -> libwinpr2.so
libfreerdp.so -> libfreerdp2.so
libfreerdp-client.so -> libfreerdp-client2.so
libfreerdp-shadow.so -> libfreerdp-shadow2.so
libfreerdp-server.so -> libfreerdp-server2.so
libfreerdp-shadow-subsystem.so -> libfreerdp-shadow-subsystem2.so
libuwac.so -> libuwac0.so
As the library names have changed, projects that use FreeRDP will need to
update their dependencies. -
If pkg-config or cmake find modules are used, reconfiguration might be
sufficient.
Fixes#3460
- fixed invalid, missing or additional arguments
- removed all type casts from arguments
- added missing (void*) typecasts for %p arguments
- use inttypes defines where appropriate
[MS-RDPEGFX]:
3.2.5.13 Processing an RDPGFX_FRAME_ACKNOWLEDGE_PDU message
If the queueDepth field is less than 0xFFFFFFFF, the server MUST expect that
RDPGFX_FRAME_ACKNOWLEDGE_PDU messages will continue to be sent by the client.
Furthermore, if the queueDepth field is in the range 0x00000001 to 0xFFFFFFFE the server SHOULD
use this value to determine how far the client is lagging in terms of graphics decoding and then
attempt to throttle the graphics frame rate accordingly.
If the queueDepth field is set to SUSPEND_FRAME_ACKNOWLEDGEMENT (0xFFFFFFFF), the server
MUST clear the Unacknowledged Frames (section 3.2.1.2) ADM element and MUST NOT expect any
further RDPGFX_FRAME_ACKNOWLEDGE_PDU messages from the client. In this mode, the server
MUST NOT wait or block on unacknowledged frames (as the
RDPGFX_FRAME_ACKNOWLEDGE_PDU message is not sent by the client) and MUST assume that
the client is able to decode graphics data at a rate faster than it is receiving frames.
On the other hand, RDPGFX_QOE_FRAME_ACKNOWLEDGE_PDU SHOULD only be used for informational and debugging
purposes and should not be taken into account.
Request full screen update on RDPGFX_CAPS_ADVERTISE_PDU. Win10 client seems to clean the screen after gfx channel opened. If there happens to be no screen update from server, we will get black screen in mstsc client.
Shadow server crash with rdp8.0 with gfx enabled.
Root Cause: rdp8.0 is not support in shadow gfx and rdpgfx_caps_advertise returns an error. However setChannelError crashs because context->errorDescription is NULL
1. Fix shadow gfx to handle rdp8.0
2. Initialize context->errorDescription for server side new-context
1. Fix order of gfx reset and new-surface. Windows10 client will show black screen with this issue(FreeRDP itself is dramatically immune to this issue)
2. Handle RDPGFX_QOE_FRAME_ACKNOWLEDGE_PDU for FPS control
1. Fix stream leak in rdpgfx
2. Make src data const in zgfx. Harden zgfx to be independent to byte order
3. Fix written bytes return value in channel write
4. Add check for return value in shadow_client.c
5. Add gfx callback to send surface command with frame marker pdu.
6. Check remain length for recv subroutine
7. Fix compile errors
libwinpr-tools is a replacement for winpr-makecert-tool.a. Currently
it's basically the same as winpr-makecert-tool.a but in future
functionality that doesn't fit directly in winpr will be added here.
Add all missing dependencies found with --no-undefined. Since
dependencies aren't exported anymore (if not required) it is no necessary
to explicitly list all required libraries.
If a target is linked against libraries with cmake
(target_link_libraries) and the libraries are not marked as PRIVATE
they are "exported" and in case a other target is linked against this
target it is also linked against *all* (not private) libraries.
Without declaring private libraries PRIVATE a lot of over linking
(linking against unneeded libraries) was done.
- Added missing ConvertFromUnicode checks
- If ConvertToUnicode allocates memory, guarantee the null termination
similar to ConvertFromUnicode's implementation
- Fixed some TestUnicodeConversion.c CTest return values
- Added some CTests for ConvertFromUnicode and ConvertToUnicode
- Misc code and protocol hardening fixes in the surrounding code regions
that have been touched
Add freerdp-shadow-subsystem to 'libs' in order to avoid undefined
reference to shadow_subsystem_set_entry_builtin at runtime.
Remove cyclic dependency on itself.
When nothing is declared, only export symbols defined
with WINPR_API or FREERDP_API defined.
Override this setting if BUILD_TESTING to allow tests
access to internal functions usually not exposed.
Commit 60ae27b0 decoupled subsystem implementations and shadow framework
core by moving subsystem specific code right into freerdp-shadow-cli.
This, however, doesn't allow applications that would like to link
libfreerdp-shadow, in order to embed RDP shadow server, to reuse also
the subsystem module.
3rd party developers now have to either provide their own subsystem code
(copied from FreeRDP sources or written from scratch) or be limited to
usaging freerdp-shadow-cli executable, which doesn't expose all
functions of the shadow server library (e.g. enumeration of available
monitors).
This change moves the shadow subsystem out of the executable into new
freerdp-shadow-subsystem library, which freerdp-shadow-cli and
potentially other applications can link to.
Certificates can now be accepted temporarily.
The callbacks for certificate validation have been
modified to extend the information presented to the user.
With this commit the "exported" components (usable with pkg-config and
cmake find module package)
* winpr - winpr library and headers
* freerdp - core library and headers
* freerdp-client - client specific library
* freerdp-server - server specific library
* rdtk - rdtk headers and library
To allow the installation of multiple different version (different major
number) the include files were moved into the respective sub folder:
freerdp -> freerdp{MAJOR}/freerdp (currently freerdp2/freerdp/)
winpr -> winpr{MAJOR}/winpr (currently winrp1/winpr/)
rdtk -> rdpk{MAJOR}/rdtk (currently rdtk0/rdtk/
The generated pkg-config and cmake find modules now also include the major
version number. Currently the following pkg-config are generated and
installed.
* winpr1
* freerdp2
* freerdp-server2
* freerdp-client2
* rdtk0
As cmake is able to handle multiple versions out of the box the
following can be used to find a specific module:
find_package(WinPR)
find_package(FreeRDP)
find_package(FreeRDP-Server)
find_package(FreeRDP-Client)
find_package(RdTk)
As cmake doesn't automatically resolve dependencies for packages it is
necessary to manually include the requirements. For example if
FreeRDP-Client is required WinPR and FreeRDP need to be included
(find_package) as well.
This commit also fixes the installation when STATIC_CHANNELS are built.
WITH STATIC_CHANNELS all channels are linked into libfreerdp-client, for
this all channels are generated as linker archive and linked together in
the final step. Before the intermediate linker archives were, although
not required and useful, installed. Same applies for server side
channels.
It will be completely possible to implement subsystem with only include/freerdp/server/shadow.h and libfreerdp-shadow.
Details as following:
1. Exported surface structure as subsystem implementations deeply depend on it to send image update
2. Export capture APIs. They are actually indepent APIs to help compare and calculate image difference.
3. Introduce API to trigger client frame update. Conceal details in subsystem->updateEvent
4. Pass client to client callbacks. Subsystem implementation may need to know 'which client' send the interaction event as well as the authentication request.
Add this support in callback definition before anyone really use shadow framework APIs to implement a custom subsystem.
Also added callback for client capability exchange
5. Remove X11_ShadowSubsystem Mac_ShadowSubsystem Win_ShadowSubsystem from libfreerdp-shadow.
Discard FREERDP_API mark on ShadowSubsystemEntry functions and make them be compiled together with shadow.c in CMakeLists.txt.
This is required from PR #2751.
Now subsystem implementations and shadow.c could be regarded as an example for shadow framework.
build-config.h should contain configure/compile time settings that are
relevant for projects that use FreeRDP.
For example the compiled in plugin search paths.
Currently if username or password is not set, the authentication is always failed because the authentication callback is never tried.
Fix to always give a chance to try the subsystem authentication callback even if username / password is not set.
The rdpContext gets an event which will
get set if an error occoured in a channel.
If a thread or a void callback has to report an
error it will get signaled by this system.
winsock.h pulls in a lot of defines and dependencies that are not
required and partially unwanted in winpr's core (for parts that are not
related to network). In order to get rid of this dependency and have an
independent defines for extended winpr functions the WINPR_FD_* defines
are used internally (and for exposed functions). Where required, like in
WSAEventSelect, the FD_* is mapped to WINPR_FD_*.
* Added new command line argument --port to allow starting the
sample server on a port different than default 3389.
* Using GetKnownSubPath now to determine location of temporary
directory for server socket.
* Using distinct server socket files for each port.
Detail fixes:
1. Add resize support in shadow framework layer
2. Enhance X11 implementation to detect desktop resolution change
3. Fix the subRect feature.
It seems not completely finished and it looks incompatible in different source code.
Fix it to be consistent in all source code as following:
a. The subRect is only awared in framework layer, subsystem implementation should not be aware of it. It only take effect at shadow_client and corresponding shadow_input.
b. The screen and surface should only represent a monitor screen. They don't need to consider subRect feature.
4. A lobby should be alternative image shown to client when the client is not 'mayView'.
We don't need to have seperate lobby for each client, move it into server structure as 'another surface'
5. Fix display handle leak in enum monitor of X11
6. Suppress BadMatch Error while capturing the image
Original pointer alpha update message is too specific for x11 implementation.
It doesn't allow pointer alpha mask with both 'xor' color and 'and' mask, e.g.: the 'edit' pointer in windows text box.
1. Move shadow_client_convert_alpha_pointer_data to x11 implementation as it is specific for x11.
2. Update message definition to be more generic: to accept 'xor/and' mask directly.
Implementation of subsystem can implement its own way to convert pointer mask data.
3. Fixed fault handling to free the resource allocated.
1. Export fps related API so that subsystem implementation no longer need to know about details in encoder structure.
2. Discard frameList dictionary.
The 'value' in this dictionary is never used and not properly free'ed when client is disconnected.
The dictionary was used to calculate 'inflight' frame count. Once an ACK is received from client, an item in the dictionary is removed.
We then calculate 'inflight' frame by the count of the items in the dictionary.
However, some rdp clients (win7 mstsc) skips frame ACK if it is inactive, ACK of some frame would actually never arrive.
We actually don't need the dictionary. We only need to record the latest acknowledged frame id, and the difference between last sent frame id is the inflight frame count.
3. Minor fix in default fps calculation. encoder->frameAck is wrongly used as integer while it's actually bool flag.
This patch contains:
* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize