akallabeth
a8650d9a3d
Fix certificate and private key checks for smartcard logon
2022-10-25 13:58:05 +02:00
fifthdegree
cbd310df52
Check smartcard certificates for correct EKU
...
To be used for login, smartcard certificates must have the Microsoft
Smart Card Logon EKU
2022-10-24 22:22:00 +02:00
fifthdegree
78ba60f50f
Check for NULL pointer in winpr_Digest_Free
2022-10-24 08:33:57 +02:00
akallabeth
68ad8d5a1c
Added missing return in winpr_Digest_New
2022-10-20 19:24:41 +02:00
akallabeth
181debc3d1
Remove /tls:enforce:ssl3 option
...
SSL3 is deactivated during connect anyway, so do not expose the
option
2022-10-20 10:51:50 +02:00
akallabeth
ef6842d249
Fixed TLS1_3_VERSION check and parse_tls_seclevel
...
* Only add TLS1_3_VERSION to array if the SSL library build against
has support for TLS 1.3
* Fix wrong parse function call for 'seclevel'
2022-10-20 10:51:50 +02:00
Armin Novak
2a181c19c5
Added missing include
2022-10-19 20:33:17 +02:00
Armin Novak
a66d9d1706
Improve OpenSSL provider loading
...
* Added log messages for failure to load a provider
* Add code to clean up loaded providers on shutdown
2022-10-19 20:33:17 +02:00
Armin Novak
6ab2cb6d99
Fixed mutially exclusive CAIRO and SWSCALE includes
...
When both are defined there was a build error due to missing
includes.
2022-10-19 20:31:53 +02:00
Armin Novak
187b553b97
Allow overriding TLS version
...
Now use a generic option to allow setting all possible SSL/TLS versions.
Use /tls:enforce:[ssl3|1.0|1.1|1.2|1.3] to set accordingly
2022-10-19 20:31:53 +02:00
Armin Novak
119b8d4474
Unified command line options to list something
...
There are various options to list smartcards, monitors, keyboard
settings. Unify them all under a single /list:<something> option
2022-10-19 20:31:53 +02:00
Armin Novak
7e82c9f19f
Cleaned up functions printing information
2022-10-19 20:31:53 +02:00
Armin Novak
4b9c8e6393
Updated keyboard list API
2022-10-19 20:31:53 +02:00
Armin Novak
1f6476016d
Update command line option /sec*
...
* Deprecate /sec-* flags
* Allow multiple arguments for /sec
2022-10-19 20:31:53 +02:00
Armin Novak
ed3bc5c51a
Only enable deprecated commandline with WITH_FREERDP_DEPRECATED
2022-10-19 20:31:53 +02:00
Armin Novak
1c8bcbeb6a
Added deprecation warnings to /cert-* options
2022-10-19 20:31:53 +02:00
Armin Novak
d357fa3237
Added a unified /tls: option
...
There are too many tls settings scattered over multiple different
switches. Add a unified option and deprecate the old ones
2022-10-19 20:31:53 +02:00
fifthdegree
f13fd769f7
Use mutual auth for gateway
...
Windows seems to bug out when not using mutual auth; it accepts the
connection without sending the last auth message.
2022-10-19 18:55:38 +02:00
fifthdegree
ffe8e45aff
Pass bindings through Negotiate on first call
2022-10-19 18:55:38 +02:00
fifthdegree
eb04eb0008
Support using smartcard for gateway authentication
2022-10-19 18:55:38 +02:00
fifthdegree
e847f159a6
Try to use the smartcard key name Windows uses
...
Windows expects the containerName field in TSSmartCardCreds to be what
it would use for a smartcard key's name. Try to accomodate that (at
least for PIV and GIDS cards).
2022-10-19 18:55:38 +02:00
fifthdegree
9d0beaccae
smartcardlogon: choose a single smartcard to use
...
Require a single smartcard certificate to be chosen and define a
callback to choose when more than one is available.
2022-10-19 18:55:38 +02:00
Benoît Gschwind
1cf69f04e6
uwac: fix wl_buffer_destroy of wl_cursor buffer
...
Following the wayland-cursor documentation [1] the buffer created by
wl_cursor_image_get_buffer should not be destroyed. The new code avoid to
destroy it by avoiding to connect the release callback to this buffer.
[1] https://gitlab.freedesktop.org/wayland/wayland/-/blob/main/cursor/wayland-cursor.c#L147-L154
2022-10-19 17:18:07 +02:00
akallabeth
eb77fd7b0d
Added replacement HMAC-MD5 implementation
2022-10-19 08:17:11 +02:00
akallabeth
3a5fb5e3a3
Added replacement MD5 implementation
2022-10-19 08:17:11 +02:00
akallabeth
309a6bea77
Added replacement MD4 implementation
2022-10-19 08:17:11 +02:00
akallabeth
1e1b3b6c3c
Updated TestCryptoHash
...
Do multiple updates to hashes to better test implementation
2022-10-19 08:17:11 +02:00
akallabeth
08d2d559c3
Increase yuv decoder worker count
...
The yuv decoder might run out of workers if the rectangles are
smaller than 64x64. Assume 16x16 tiles for the decoder
2022-10-19 08:16:53 +02:00
xiaopengzhou@hotmail.com
34afe6b23e
Fix Format List PDU is not sent when the Clipboard Redirection Virtual Channel is initialized for the second time. (X11 client)
2022-10-18 09:14:21 +02:00
Marc-André Moreau
e3594c91dc
Add UserSpecifiedServerName setting, /server-name command-line parameter
2022-10-14 17:59:57 -04:00
akallabeth
43c5289928
Replaced memset/ZeroMemory with initializer
...
* Addes WINPR_ASSERT on many occations
* Replaced memset with array initializer
* Replaced ZeroMemory with array initializer
2022-10-14 12:11:01 +02:00
David Fort
57d2a27980
fix smartcard listing
...
This commit fixes various bugs that I've noticed on some windows systems with
smartcards that contains multiple certificates:
* With some drivers if you retrieve the ATR while enumerating the NCrypt keys, it seems to
confuse the NCrypt key context (and you're unable to retrieve certificate property). As
we don't use the ATR, let's remove the ATR retrieval.
* if don't give any user or domain on the command line, in settings you get User=Domain=NULL,
but if you pass /u:user, you get User="user" and Domain = ""(empty string not NULL). The
smartcard filtering by user/domain was not ready for that.
2022-10-14 12:05:16 +02:00
akallabeth
b70db86e51
Fixed uninitialized variable warnings
2022-10-14 11:16:23 +02:00
akallabeth
97e183d082
With #8292 ClusterInfoFlags became application settable
...
This pull adds the (previously lost) default value to keep compatible
with older code that does not care about that field.
2022-10-14 09:41:54 +02:00
Martin Fleisz
4bc74392c2
nla: Fix some issues with server-side NLA authentication
...
This PR fixes following issues with server-side NLA authentication:
- The client nonce should only be sent by the client
- The final stage in the nego token exchange checked the negoToken
buffer for data. Instead the corresponding credssp API is now used
which checks the correct buffer (output_buffer).
- The negoToken buffer needs to be cleared before sending the public key
echo. In some cases the buffer was not empty and incorrectly was part
of the response to the client.
2022-10-13 17:16:07 +02:00
Marc-André Moreau
47aaaf4693
Fix CredSSP extended credential attributes on Windows (SECPKG_CRED_ATTR_KDC_URL)
2022-10-13 16:49:01 +02:00
Armin Novak
be9cc98c08
Refactored cmdline common
...
* Add settings setter where possible
* Load dynamic sound channel alongside static one
* Load clipboard channel if requested
2022-10-13 14:48:40 +02:00
akallabeth
6a2626498b
Disable channel builds if -DWITH_CHANNEL=OFF
2022-10-13 14:38:06 +02:00
akallabeth
b58dd122b2
Disable functions that require WITH_CHANNEL if not defined
2022-10-13 14:38:06 +02:00
akallabeth
dfb6e9200c
Fixed build without RDPEI channel
2022-10-13 14:38:06 +02:00
akallabeth
bba18b7af5
Fixed -Waddress warnings
2022-10-13 14:38:06 +02:00
Armin Novak
d69bbaee28
Updated GCC
...
* Better logging
* Improved error checks
2022-10-13 13:57:11 +02:00
Armin Novak
a3ec857278
Improved MCS checks, added settings to MCS function
2022-10-13 13:57:11 +02:00
Armin Novak
b706676d1a
[server] Store channel name for later use
2022-10-13 13:57:11 +02:00
Armin Novak
e249e355f8
Clone original settings before redirect
...
This eliminates all settings negotiated during initial connect and
allows to renegotiate the proper settings with the final target
2022-10-13 13:57:11 +02:00
Armin Novak
3100eb8238
Add return values to TPDU functions
2022-10-13 13:57:11 +02:00
Armin Novak
19f44a5734
Decreased logging verbosity for smartcard emulation
2022-10-13 13:57:11 +02:00
Armin Novak
1d71ace487
Fixed PubSub, return error on NULL
2022-10-13 13:57:11 +02:00
Armin Novak
2acf21b592
Improved error checks in server side rdpdr
2022-10-13 13:57:11 +02:00
akallabeth
a38d584bf1
Do not compile client functions for encomsp if channel deactivated
2022-10-13 12:12:24 +02:00