Commit Graph

1970 Commits

Author SHA1 Message Date
Armin Novak
69e9571d9e Fixed EGFX capability parsing, respect length fields.
Disable RDPGFX_CAPVERSION_106 as we currently do not support scaled
outputs.
2019-02-27 17:15:43 +01:00
Armin Novak
e8c8e7b6d0 Updated EGFX support to 10.6 2019-02-27 16:36:15 +01:00
Armin Novak
69f4c4b4af Fixed version magic mismatch with [MS-RDPBCGR] 2019-02-27 16:30:55 +01:00
Armin Novak
0560ba0910 Fixed mixing of remote application mode requested and feature mask. 2019-02-20 08:45:36 +01:00
Armin Novak
aacf5bddc4 Updated rail channel, supporting all new messages. 2019-02-19 15:04:11 +01:00
Armin Novak
6a1ff5c485 Fixed compiler warnings #5210 2019-01-29 16:22:46 +01:00
Armin Novak
9d680904cc Fixed compiler warnings #5210 2019-01-29 16:14:55 +01:00
David Fort
70805402be
Merge pull request #5140 from akallabeth/print_custom_component
Added callback to handle printer custom components in printer backend.
2019-01-29 15:18:53 +01:00
David Fort
53c74beadc rdp: add a callback for ServerStatusInfo 2019-01-29 10:33:06 +01:00
David Fort
05d9d89796
Merge pull request #5149 from akallabeth/cert_deny
New option to disable user certificate dialog
2019-01-25 16:59:33 +01:00
MartinHaimberger
0f68ed390c
Merge pull request #5150 from akallabeth/gw_consent_callback
Fix #1195: Implement callback for Gateway Messages
2019-01-25 12:33:18 +01:00
Armin Novak
728cdfd689 Fixed warnings found by compiler and static analysis. 2019-01-24 11:53:52 +01:00
Armin Novak
65812bdbc0 Clipboard data pointer arguments are now const. 2019-01-23 16:55:13 +01:00
David Fort
f4b7a27c2b license: implement server-side management
Add server-side management of the licensing workflow. The default
behaviour is to accept the client, but if a server wants to implement
full licensing support as in MS-RDPELE it is possible by defining a callback.
2019-01-21 09:57:15 +01:00
Armin Novak
b60045af27 New option to disable user certificate dialog
The new option +cert-deny aborts a connection automatically if
the certificate can not be validated by OpenSSL or via known hosts.
2018-12-14 10:17:52 +01:00
Armin Novak
192680a001 Added callback to handle printer custom components in printer backend. 2018-12-12 10:57:53 +01:00
Armin Novak
8ddabd2654 Fix #1195: Implement callback for Gateway Messages 2018-12-11 15:24:24 +01:00
Armin Novak
ac702e073d Updated settings.h 2018-12-07 15:22:28 +01:00
Armin Novak
56156d217e Floatbar self contained. 2018-12-07 15:22:28 +01:00
Martin Fleisz
d0688f058b
Merge pull request #5102 from akallabeth/rail_cleanups
Cleaned up xf_rail_server_handshake
2018-12-07 11:28:22 +01:00
Martin Fleisz
8c7f8eb395
Merge pull request #5085 from akallabeth/cert_callbacks_update
Refactored Certificate callbacks (but keep compatible)
2018-12-06 10:08:17 +01:00
Martin Fleisz
7db6ac063a
Merge pull request #5036 from akallabeth/auth_fixes
Refactor NEGO NLA and redirection to use opaque handles
2018-12-05 11:20:34 +01:00
Armin Novak
e49adfc51a Updated error info from spec. 2018-12-05 10:55:06 +01:00
Armin Novak
f5e449a4f8 Cleaned up xf_rail_server_handshake 2018-12-05 09:13:04 +01:00
Martin Fleisz
df6d045f45
Merge pull request #5087 from hardening/remotefx_chunks
remotefx: don't require data messages to come all in one chunk
2018-12-04 16:40:44 +01:00
David Fort
579a13b054 remotefx: don't require data messages to come all in one chunk
The spec doesn't require that FRAME_BEGIN, REGION, TILESET, and FRAME_END come all in one
chunk. This patch adds the necessary state saving.
A unitary test is also added.
2018-12-04 11:38:01 +01:00
Armin Novak
e04c319d21 Added new default certificate callbacks with extended information.
The extended information provided by VerifyCertificateEx and
VerifyChangedCertificateEx is now exploited by the new functions
client_cli_verify_certificate_ex and client_cli_verify_changed_certificate_ex.

The old callbacks now print out deprecation warnings to inform the
user and developer about this deprecation.
2018-12-04 09:35:24 +01:00
Armin Novak
a8823fdf95 Cleaned up certificate verification code. 2018-12-04 09:35:24 +01:00
Armin Novak
7ab07ab980 Added certificate callbacks with source indications. 2018-12-04 09:35:24 +01:00
Armin Novak
dd3276d664 Prefer VerifyX509Certificate and fixed const arguments
If VerifyX509Certificate is set use it also when doing internal
certificate management. Added flags to ensure it is possible to
find out which type of connection is being made.
2018-12-04 09:35:24 +01:00
Armin Novak
2e019b2fd1 Implemented GFX locking and enforce return value checks.
To fix #4825 GFX functions must now aquire a lock before accessing surfaces.
This prevents simultaneous update of internal data by client and gfx threads.
Also enforce return value checks, where not already done.
2018-11-29 11:55:27 +01:00
Armin Novak
c8908c8be6 Updated windows shadow server assistance usage. 2018-11-22 11:11:31 +01:00
Armin Novak
6de2129a90 assistance v2 support 2018-11-22 11:11:31 +01:00
Armin Novak
d1112c279b Fixed CVE-2018-8788
Thanks to Eyal Itkin from Check Point Software Technologies.
2018-11-20 11:08:31 +01:00
Armin Novak
602f4a2e14 Fixed CVE-2018-8785
Thanks to Eyal Itkin from Check Point Software Technologies.
2018-11-20 11:08:31 +01:00
Armin Novak
d75c464dbd Fixed signed/unsigned warnings. 2018-11-19 17:25:19 +01:00
Armin Novak
75d532f87c Fixed glyph cache bounds setting. 2018-11-19 13:58:53 +01:00
akallabeth
b6eca4fc54 signed gdi regions to adjust negative coordinates 2018-11-19 12:52:43 +01:00
Martin Fleisz
b216520d5b
Merge pull request #5021 from akallabeth/profiler_api_rework
Fixed profiler API
2018-11-19 10:20:52 +01:00
Armin Novak
d2e1248b09 Fixed profiler API
* Duplicate the name internally to avoid issues with stack
* Made API opaque and removed direct dereferencing of struct.
2018-11-16 09:32:15 +01:00
Armin Novak
c0b13cf43f Added checks for order type window support. 2018-11-15 09:52:50 +01:00
akallabeth
268a2c0cf8
Merge pull request #4979 from hardening/CAL
license: support CAL license
2018-11-14 13:45:31 +01:00
Armin Novak
138eb13fea Updated RDP_VERSION definitions. 2018-11-14 10:14:48 +01:00
David Fort
b6e6575bf6 license: support CAL license
This patch simplifies the licensing code mutualizing encryption / decryption
routines. It also adds the support for client_info packet that allows to send a
previously saved CAL file.
2018-11-13 09:42:19 +01:00
Bernhard Miklautz
c5c1bac31a
Merge pull request #4960 from akallabeth/interleaved_fix
Fixed #4954: Check destination buffer bounds.
2018-11-09 12:25:55 +00:00
Armin Novak
9e2c203771 Fixed various issues with freerdp_bitmap_compress and interleaved_compress 2018-11-08 17:21:28 +01:00
Bernhard Miklautz
1222e7060b new [crypto/tls]: add support to set tls security level
The newly introduced option /tls-seclevel can be used to set the tls
security level on systems with openssl >= 1.1.0 or libressl.
As default level 1 is used as higher levels might prohibit connections
to older systems.
2018-11-08 11:13:15 +01:00
Armin Novak
9633e4576d Fixed signedness of MoniorCount 2018-10-25 14:08:20 +02:00
Armin Novak
5ea4a7d3b0 Proper order checks. 2018-10-16 15:56:17 +02:00
Armin Novak
f88ed950d3 Fixed various issues with primary orders. 2018-10-15 14:30:58 +02:00
Martin Fleisz
00af869cd3
Merge pull request #4889 from akallabeth/shadow_server_audin_refactor
Shadow server audin refactor
2018-10-08 12:56:09 +02:00
David Fort
2e1bf90bd9
Merge pull request #4885 from akallabeth/autoreconnect_handle_window_events
Fixed #3423: Process xevents when in reconnect mode.
2018-10-03 09:42:16 +02:00
Armin Novak
c60ab7d068 fixed stuff 2018-09-26 12:49:52 +02:00
Armin Novak
2cf0662559 Unified format support for rdpsnd. 2018-09-26 12:49:52 +02:00
Armin Novak
26ef8c9b3b Added export define. 2018-09-26 12:49:09 +02:00
Armin Novak
40dae15cff Moved server-common to public header. 2018-09-26 12:49:09 +02:00
Armin Novak
d56efaae8b Fixed server format selection. 2018-09-26 12:49:09 +02:00
Armin Novak
16531e1437 Fixed server audin callback, provide more information. 2018-09-26 12:49:09 +02:00
Armin Novak
5aa4b702c0 Fixed dst_format 2018-09-26 12:49:09 +02:00
Armin Novak
d513f184e9 Fixed shadow server callbacks. 2018-09-26 12:49:09 +02:00
Armin Novak
106dde9571 Working mic redirection for shadow server. 2018-09-26 12:49:09 +02:00
Armin Novak
28efbbc01f Refactored audio_format* functions. 2018-09-26 12:49:09 +02:00
akallabeth
0b8a66188c
Merge pull request #4865 from mmattes/feature/floatbar
Feature/floatbar for X11
2018-09-25 16:34:20 +02:00
Armin Novak
dab5770fed Added microphone support to shadow server. 2018-09-25 11:14:10 +02:00
Armin Novak
51f97f2d3e Fixed #3423: Process xevents when in reconnect mode.
Fixed crashes due to unloaded disp channel in reconnect mode.
2018-09-24 16:24:32 +02:00
Armin Novak
897c0c72a7 Unified auto_reconnect functions for all clients. 2018-09-24 10:31:43 +02:00
akallabeth
30601608e4
Merge pull request #4855 from r-barnett/fix-logoff-exit-code
Map a particular disconnect situation triggered by a user logging off…
2018-09-20 12:07:36 +02:00
rbarnett
5d3e76bd80 Replace cryptic names; move the disconnect ultimatum reasons enum into public API and rename; remove setter 2018-09-19 09:36:39 -05:00
rbarnett
8458266183 Store the disconnect provider ulimatum reason in a new field in struct rdp_context and move the test for a logoff reason to xf_client.c 2018-09-18 15:31:10 -05:00
Markus Mattes
21e4804a7f implemented floatbar for x11 2018-09-18 21:25:51 +02:00
Martin Fleisz
0b7b9c0dc4
Merge pull request #4842 from akallabeth/smartcard_rdp_logon
Added /smartcard-logon option to set flag. (Stripped version of #4837…
2018-09-17 09:08:47 +02:00
Armin Novak
5819946b84 Fixed rail unicode string conversion and const correctness. 2018-09-14 10:04:16 +02:00
Armin Novak
0de43c8b85 Added /smartcard-logon option to set flag. (Stripped version of #4837 by @informatimago) 2018-09-04 15:50:03 +02:00
akallabeth
9e3b48e0fb
Merge pull request #4829 from informatimago/smartcard-logon-rdp--x509-certificate-info-extraction
Smartcard Logon: restructured x509 certificate info extraction; added extracting the UPN.
2018-08-27 14:33:09 +02:00
Pascal J. Bourguignon
63d00f6f81 Corrected the compatibility function names: crypto_cert_subject_alt_name and crypto_cert_subject_alt_name_free. 2018-08-27 13:51:30 +02:00
Pascal J. Bourguignon
79d2294a23 Put back deprecated function names crypto_cert_get_alt_names and crypto_cert_alt_names_free for FREERDP_API compatibility. 2018-08-24 15:20:03 +02:00
Pascal J. Bourguignon
469f9bf488 Smartcard Logon: restructured x509 certificate info extraction; added extracting the UPN. 2018-08-24 14:03:04 +02:00
Armin Novak
5b0b18ae71 Device name now const. 2018-08-24 13:40:36 +02:00
Martin Fleisz
0fb19d04be
Merge pull request #4810 from akallabeth/no_proxy_support
No proxy support
2018-08-24 11:41:58 +02:00
Martin Fleisz
f9e52c1850
Merge pull request #4815 from akallabeth/async_transport_remove
Removed +async-transport options
2018-08-24 09:48:51 +02:00
Armin Novak
b5df39756d Added option to ignore proxy env. 2018-08-23 17:02:43 +02:00
Armin Novak
c3a26b0d6a Removed +async-transport options
The async transport option is broken by design.
If used the main loop is called from the transport thread and the
main thread of the application.
Unless the transport layer is refactored to just work on queues
(input and output) this option will never work, therefore remove it.
2018-08-22 13:56:37 +02:00
Armin Novak
cc5e402cda Added command line option /redirect-prefer:<fqdn|ip|netbios>
Since redirection sometimes happens with internal DNS names that
are resolved different by outside DNS it must be possible to override
the preferred redirection hint.
2018-08-08 11:24:13 +02:00
Armin Novak
ec0a0fef2a Added const to function buffer pointers 2018-08-01 12:56:18 +02:00
Armin Novak
e8393a22e2 Remember if drive was added by automout. 2018-07-30 12:31:11 +02:00
Armin Novak
c9cebf6ed6 Remember accepted PEM cert to avoid unnecessary user input. 2018-07-10 11:27:58 +02:00
Armin Novak
398da7340b Added no or missing credentail error. 2018-07-05 16:12:52 +02:00
Martin Fleisz
a0fddd1747
Merge pull request #4530 from akallabeth/order_refactor
[leak fixes] Refactored order updates
2018-07-04 14:21:36 +02:00
David Fort
a1d9399ca0
Merge pull request #4724 from akallabeth/wave2_server
Wave2 server side support
2018-07-04 13:10:38 +02:00
Martin Fleisz
aaaee80151
Merge pull request #4700 from informatimago/rdpsettings-script
Rdpsettings script
2018-07-03 16:07:05 +02:00
Pascal J. Bourguignon
45841f8e67 Applied autoformat.sh manually to settings.h 2018-07-03 14:39:35 +02:00
Pascal J. Bourguignon
35477c35d8 Use tabs to indent the comment in rdp_settings too. 2018-07-03 13:33:05 +02:00
Armin Novak
373bfac9ab Added support for WAVE2 PDU in server side audio channel. 2018-07-02 16:20:39 +02:00
Armin Novak
9a47ce3f76 Fixed missing variable type 2018-06-19 16:57:45 +02:00
Armin Novak
273655a850 Follow up fix for #4631
Remember the callback state to avoid calling reerdp_channels_post_connect
before the corresponding client callback has benn called.
This might happen during redirection and reconnection.
2018-06-18 10:44:35 +02:00
Pascal J. Bourguignon
a7c4022554 Corrected update-rdpSettings according to PR comments.
Updated settings.h with it.
2018-06-06 17:08:52 +02:00
Pascal J. Bourguignon
118ce7f122 Aligned columns in rdpSettings structure declaration. 2018-06-06 14:56:07 +02:00
Armin Novak
5b961e9c75 Fixed /pth: Consistently treat the hash offset to password length. 2018-05-03 17:51:11 +02:00
David Fort
456b0e8934
Merge pull request #4453 from akallabeth/sound_channel_refactor
Sound channel refactoring
2018-05-03 11:56:58 +02:00
Martin Fleisz
31c804c349
Merge pull request #4603 from hardening/socksplus
SOCKS5 proxy support
2018-05-02 11:26:13 +02:00
David Fort
0f968b782c proxy: cleanup SOCKS support and add user/password support 2018-05-02 10:51:16 +02:00
Armin Novak
4e66972616 Fixed remaining global order buffers. 2018-05-02 08:54:21 +02:00
Armin Novak
e5767f07ac Refactored order updates
Unified order creation/copy/delete to avoid memory leaks.
2018-05-02 08:54:21 +02:00
Jiri Sasek
b1c1549ad1 SOCKS proxy support 2018-04-23 21:01:01 +02:00
Armin Novak
7af9ba9171 Refactored reconnect and redirect API
Reconnect and redirect share the same code on disconnect.
Move that to a single function and export it as it may be required
to terminate the session properly before reconnect is called.
2018-04-09 14:04:30 +02:00
Armin Novak
2c98d85a34 Fixed function pointer typedef formatting. 2018-04-05 13:14:16 +02:00
Armin Novak
3f712cab70 Fixed formatting of changed files. 2018-04-05 13:14:16 +02:00
Armin Novak
f89c1857b9 Rewrite of sound and microphone channels
The sound and microphone redirection channels (and in part TSMF)
did not properly decouple encoding/decoding from the backends used
to play/record sound.
Encapsulating encoding/decoding in rewritten freerdp_dsp_* functions
with variable backends, simplifying alsa/oss/pulse/... audio backends.
2018-04-05 13:14:16 +02:00
MartinHaimberger
1a8234c74d
Merge pull request #4472 from akallabeth/win_mouse_button
[WIN] Added additional mouse mappings.
2018-04-04 10:12:04 +02:00
Jakob Kaivo
3a1d70d9ba add support for the "pcb" block in .rdp files provided by Project Honolulu in the VM interface 2018-03-31 22:15:39 -04:00
Armin Novak
9bd13c25c9 Added WaitableTimer implementation for mac OS. 2018-03-12 13:39:21 +01:00
Armin Novak
d1fc0e92b5 Added additional mouse mappings. 2018-03-08 13:21:04 +01:00
Armin Novak
1f7d33a2f2 Fixed read/write of surface bits command.
The optional field exBitmapDataHeader of TS_ BITMAP_DATA_EX was ignored.
Read and expose the data (currently unused)
2018-03-01 11:38:59 +01:00
Martin Fleisz
3cfa837b0c
Merge pull request #4441 from akallabeth/paa
[cleanup] Support for gatewayaccesstoken / PAA
2018-02-19 17:28:32 +01:00
Armin Novak
1a902c249c Fix PROFILER_* macros
Add the semicolon to the macro to allow clean
undefinition if the profiler is not used.
This used to break VisualC compilers.
2018-02-15 11:30:38 +01:00
Jacco Braat
b592684734 Added to rdp file parsing: gatewayaccesstoken:s:<token>
Added to commandline parsing: /gat:<token>
Added GatewayAccessToken to sings
2018-02-15 10:56:57 +01:00
Armin Novak
fca5df8960 Fixed broken extern C 2018-02-14 11:18:26 +01:00
Armin Novak
af8286b976 Added missing FREERDP_API function export. 2018-02-13 10:52:53 +01:00
Armin Novak
c7d701bdf8 Added software decoding fallback for RDPVOR 2018-02-13 10:52:53 +01:00
David Fort
73bef4ca23 video, geometry: fixed geometry handling
It was not working when moving the video window.
2018-02-13 10:52:53 +01:00
David Fort
b8e3b232de video: mutualize things in the common channel code 2018-02-13 10:52:53 +01:00
David Fort
a07efb73ec video: an implementation of MS-RDPEVOR for X11
Implements the decoding of video streams using common H264 decoders. We also implement
a trivial feedback algorithm.

Sponsored by: Rangee GmbH (http://www.rangee.de)
2018-02-13 10:51:07 +01:00
David Fort
b84839b21c video: a skeleton for MS-RDPEVOR client
Basics for implementing the client side of the MS-RDPEVOR channel.

Sponsored by: Rangee GmbH (http://www.rangee.de)
2018-02-13 10:51:07 +01:00
David Fort
adac409d1b geometry: change the channel API to mutualize things
Try to mutualize things that are platform independant in the geometry client
channel.

Sponsored by: Rangee GmbH (http://www.rangee.de)
2018-02-13 10:51:07 +01:00
Armin Novak
c0ec81c3c7 Do not update client if output suppressed. 2018-02-08 11:59:00 +01:00
Armin Novak
fac61bf48b Use dynamic logger in MediaFoundation backend 2018-02-07 13:26:39 +01:00
Armin Novak
7adc384d9a Using dynamic logger for GFX-H264 backend. 2018-02-07 13:26:39 +01:00
Bernhard Miklautz
db8519fd8a
Merge pull request #4397 from SriRamanujam/vaapi
Use libavcodec's VA-API to accelerate H.264 decoding.
2018-02-07 12:56:31 +01:00
MartinHaimberger
175361b01a
Merge pull request #4394 from akallabeth/shadow_avc444
Added AVC444 chroma support to shadow server.
2018-02-07 10:30:26 +01:00
rim
6ce9fb5555 Fix: #define ConvertColor FreeRDPFreeRDPConvertColor -> FreeRDPConvertColor 2018-02-07 03:15:58 +03:00
Armin Novak
3b70d1178b Added AVC444 chroma support to shadow server. 2018-02-02 10:39:33 +01:00
Sri Ramanujam
bedc1ac4c6 Use libavcodec's VA-API decoding.
Leverages libavcodec's hw decode support to provide VA-API based
hardware decoding. Depends on the local build of ffmpeg having hardware
VA-API support compiled in and the appropriate libva drivers and
libraries installed.
2018-02-02 02:31:23 -05:00
Armin Novak
8f7bc7990f Added SSE optimized RGB to AVC444 frame split and test. 2018-01-30 11:17:16 +01:00
Armin Novak
dc3d536398 Changed length arguments and return to size_t 2018-01-17 08:14:06 +01:00
Armin Novak
23e1afb44a Added new and optimized YUV primitives.
* RGBToAVC444YUVv2: Split a RGB frame in luma and/or chroma v2 YUV420 frames
* RGBX specific versions of RGBToAVC444YUV and RGBToYUV420_8u_P3AC4R
2018-01-10 14:46:18 +01:00
akallabeth
4077d55a6c
Merge pull request #4332 from hardening/xrandr_and_fixes
Xrandr and fixes
2018-01-08 09:20:56 +01:00
David Fort
191b8f950f Fix for #4330
Since ec027bf dynamic resolution is broken when used with egfx. Before that commit
we were tracking a server sent resize by setting a DesktopResize callback. This callback
is called when the desktop is resized by the server. Anyway the problem was that when this
callback is called, the activation sequence is not always completed, which were leading to
some freeze with 2012r2 servers (sending packets before the sequence is finished).
So with the faulty commit, we are tracking server resizes by subscribing to the Actived
event, that is called at the end of a reactivation sequence, so we're sure to not send packets
when not fully activated.
Anyway the issue that shows on (#4330) is that when you use egfx, no reactivation sequence happens,
the server only sends a ResetGraphics message with the new size, and so we miss the resized event.
This fix introduces a new GraphicsReset event, makes the display channel subscribe to that event,
and react accordingly.
2017-12-23 13:50:54 +01:00
Armin Novak
cf899eb5ba Fix #4299: gdi_CRgnToRect
The coordinates from RDP ROP commands do not (always) have
0,0 as the origin of the drawing operation.
Adjust the coordinates to our local coordinate system.
2017-12-22 13:43:37 +01:00
Armin Novak
b293b17ac9 Added ROP to string functions for log messages. 2017-12-22 10:25:05 +01:00
David Fort
2a6c9e1b87 Add an activated event and a Timer event
Added an event that is triggered when the activation sequence is finished.
We also define a timer event that is neat to have for regular operation.
2017-12-19 15:21:15 +01:00
akallabeth
71fd6f3116
Merge pull request #4313 from hardening/dyn_res_update
disp: implement dynamic resolution for X11
2017-12-19 13:49:02 +01:00
David Fort
80dab90f1a disp: implement dynamic resolution for X11
If the display channel is available we use it to allow the user to resize the
xfreerdp window. When the window is resized we announce a new monitor layout and
the server reacts by doing a reactivation sequence to the new size.
The minimum window size is limited to 300x300 as 2012 servers crash horribly
if we send them a smaller layout.
2017-12-14 15:13:11 +01:00
Bernhard Miklautz
1e6fea7fa7 fix channel/smartcard: simplify channel variables
Path was not really used and name was duplicated. Use the device->Name
directly.
2017-12-13 17:04:06 +01:00
Martin Fleisz
6aa914363a
Merge pull request #4301 from hardening/geometry
geometry: a skeleton for the MS-RDPEGT channel
2017-12-13 09:09:33 +01:00
David Fort
3b670703fb
Merge pull request #4277 from akallabeth/mac_server
Mac fixes
2017-12-12 10:40:14 +01:00
David Fort
a6cfd3c49a geometry: a skeleton for the MS-RDPEGT channel
The base for implementing the MS-RDPEGT client channel that allows to track window
geometry.
2017-12-08 11:26:29 +01:00
David Fort
e73da4a656 display control channel: add a callback called when we receive capabilities
We need a signal to know when the channel is ready and it's safe to send the
monitor layouts.
2017-12-01 14:19:39 +01:00
Armin Novak
2cc64298f2 Fix #4281: Added option to prefer IPv6 over IPv4 2017-11-27 11:43:54 +01:00
Armin Novak
57958cb178 Fixed #3810: Renamed color functions 2017-11-24 13:21:43 +01:00
Brent Collins
d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode.
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
2017-11-17 12:43:06 +01:00
Armin Novak
8c2bd951ae Allow printing of custom arguments in help. 2017-11-15 15:25:34 +01:00
Ben Cohen
6093ec62e0 Fix comments at the start of these files and adjust copyrights 2017-11-10 20:16:00 +00:00
Ben Cohen
0e90841a18 Forward ssh-agent data between ssh-agent and RDP
Add the sshagent plugin to forward the ssh-agent protocol over an RDP
dynamic virtual channel, just as the normal ssh-agent forwards it over
an SSH channel.  Add the "/ssh-agent" command line option to enable it.
Usage:

Run FreeRDP with the ssh-agent plugin enabled:

   xfreerdp /ssh-agent ...

In the remote desktop session run xrdp-ssh-agent and evaluate the output
in the shell as for ssh-agent to set the required environment variables
(specifically $SSH_AUTH_SOCK):

   eval "$(xrdp-ssh-agent -s)"

This is the same as for the normal ssh-agent.  You would typically do
this in your Xsession or /etc/xrdp/startwm.sh.

Limitations:

1. Error checking and handling could be improved.

2. This is only tested on Linux and will only work on systems where
clients talk to the ssh-agent via Unix domain sockets.  It won't
currently work on Windows but it could be ported.
2017-11-10 20:16:00 +00:00
Armin Novak
7a73a0eb1b Added additional NLA error mappings. 2017-11-06 09:49:03 +01:00
Armin Novak
367bddd7ad Added better error mapping for NEGO results. 2017-10-25 09:58:13 +02:00
Bernhard Miklautz
4592deee72 extend /size to allow width or height percentages (#4146)
If the size parameter is used with a percentages like /size:50% now
an additional 'w' or 'h' can be appended (like /size:50%w) to specify
where the percentage should be applied. If both or none are set the
behavior is like it was before and the percentage is applied to width
and height.
2017-09-25 09:35:49 +02:00
Armin Novak
d3df6ed40f Removed unused variable. 2017-08-31 09:57:49 +02:00
Armin Novak
c3d4b7d262 fseeko and ftello for 64bit file support. 2017-08-14 08:42:49 +02:00
Armin Novak
d2d621106d Fixed capability checks for mouse and unicode input. 2017-07-31 12:30:35 +02:00
Armin Novak
1fb63aea5f Fixed wrong type for AuthenticationLevel.
Replaced type BOOL with INT32 as according to MSDN they are typedefed.
This keeps the ABI compatible and fixes the wrong data type.
2017-07-20 09:35:41 +02:00
Armin Novak
8b9e3fa51e Fixed use of reserved keywords for include guards. 2017-07-20 09:35:41 +02:00
Armin Novak
14c6dd91f5 Readded H264 struct pointers, keep API compatible. 2017-07-17 11:38:06 +02:00
Armin Novak
96d53933d2 Deactivated all H264 related code paths. 2017-07-17 10:39:08 +02:00
Armin Novak
5764d5a78a Disable GFX H264 if no backend compiled in. 2017-07-17 09:25:21 +02:00
David Fort
5ef9232703 Merge pull request #3905 from ilammy/x11-cliprdr/file-clipping
Local-to-remote file clipping for xfreerdp
2017-06-07 21:20:34 +02:00
David Fort
b92a789dfd Merge pull request #3963 from akallabeth/qoe_ack
Added client RDPGFX_QOE_FRAME_ACKNOWLEDGE_PDU
2017-05-22 11:10:03 +02:00
davewheel
4bfb4dddbf Add a callback to provide NTLM hashes on server-side
Adds a callback that allows servers to compute NTLM hashes by themselves. The typical
use of this callback is to provide a function that gives precomputed hash values.

Sponsored by: Wheel Systems (http://www.wheelsystems.com)
2017-05-18 14:24:24 +02:00
Armin Novak
f414522b7a Added setting for QoeAck. 2017-05-18 14:07:09 +02:00
David Fort
17a4e95a5b Drop some annoying warning
Probably that some unused functions should be removed, but at least it makes
it compile with no warnings.
2017-05-12 13:54:16 +02:00
Armin Novak
b1d631f1e5 Added support for Set Keyboard IME Status 2017-05-12 09:43:58 +02:00
akallabeth
8df8cc6fb5 Merge pull request #3937 from hardening/h264_multimon
Fix h264 in multimon scenario
2017-05-09 11:16:12 +02:00
Armin Novak
f3e0c95d45 Added a GFX area update callback. 2017-05-03 08:48:03 +02:00
David Fort
b2ee8a19ab Fixed progressive code style and added error handling 2017-05-02 18:39:33 +02:00
David Fort
d170c10ee6 Fix H264 in multi monitor case
The H264 context is surface specific, so in multi-monitor (with multiple surfaces)
the decoding was failing. This patch fixes that by introducing a surface specific
h264 context.
2017-05-02 18:39:33 +02:00
Armin Novak
a2167d5417 Added surface width and heigth for YUV combine. 2017-04-18 14:12:40 +02:00
Armin Novak
b0d3cfda4d Added AVC444v2 client support. 2017-04-11 11:29:14 +02:00
ilammy
ef4421fc77 channels/cliprdr: fix CLIPRDR_FILECONTENTS_REQUEST
clipDataId is an optional field of CLIPRDR_FILECONTENTS_REQUEST.
The client should not send it to the server without sending a prior
CLIPRDR_LOCK_CLIPDATA request. The reverse is true as well: the
server should not include these additional 4 bytes without locking
the file in question.

The value zero is a valid ID, it cannot be used as a sentinel value.
Introduce a separate flag to tell whether the clipDataId has been set
and can be relied upon.

Also fix formatting. These stupid line breaks have negative impact on
readability, and the lines do fit into the 100 column limit either way.
2017-04-09 03:15:49 +03:00
ilammy
5fb89985f0 x11/cliprdr: handle text/uri-list format
To handle a new format we should first be able to transform the format
name from the local clipboard owner into its remote representation. In
our case this will be trasforming the "text/uri-list" target into the
"FileGroupDescriptorW" named format.

Add CB_FORMAT_TEXTURILIST to identify the local format by its ID during
the data conversion step. This numeric ID has nothing to do with the ID
which will be sent to server. It's a bit weird, but that's how XFreeRDP
works.

After that add a new client format with this ID and appropriate local
and remote format names (in atom and formatName fields respectively).
Do this only if wClipboard actually supports "text/uri-list" format.
(It could fail to initialize the local file subsystem, in which case
it will fail all file-related requests and there would be no point in
advertising the file format support in the first place.)

Finally, handle the actual format data request for a new named format
in xf_cliprdr_process_requested_data(). Remember to convert the
FILEDESCRIPTOR array we receive from wClipboard into the
CLIPRDR_FILELIST expected by the server. Also take care to not leak
memory during this conversion.

Note that this handles only the CLIPRDR_FORMAT_DATA_REQUEST. The server
is still not able to retrieve the file content as this is done via a
separate request-reply sequence.
2017-04-09 03:15:49 +03:00
ilammy
a992743d99 channels/cliprdr: CLIPRDR_FILELIST utilities
The format is described in MS-RDPECLIP 2.2.5.2.3 Packed File List
(CLIPRDR_FILELIST). These functions handle conversion between the
on-the-wire data from cliprdr and arrays of FILEDESCRIPTOR structs.

FILETIME handling is a bit wacky, but that's what we currently have.
2017-04-09 03:15:48 +03:00
ilammy
6ad05d5ea3 winpr: define file attribute flags
The flags are defined by MS-RDPECLIP 2.2.5.2.3.1 File Descriptor
(CLIPRDR_FILEDESCRIPTOR) as well as by 'File Attribute Constants'
in WinAPI reference [1].

The idea is to delegate FILEDESCRIPTOR format processing to WinPR
instead of cliprdr channel, so move the struct definition there. The
definition used by cliprdr protocol is identical but with some fields
treated as reserved.

The defintions are placed into <winpr/shell.h> as FileGroupDescriptorW
is a shell clipboard format.

Also remove the definition of CLIPRDR_FILELIST. The clients would be
using WinPR to handle the file clipping, so CLIPRDR_FILELIST does not
have to be handled explicitly. The clients will have serialization and
deserialization functions to handle CLIPRDR_FILELIST.

[1]: https://msdn.microsoft.com/en-us/library/windows/desktop/gg258117(v=vs.85).aspx
2017-04-09 03:15:48 +03:00
Norbert Federa
1739f27b82 rdpegfx: fix RemoteFX Progressive Codec decoding
Since this comes via a Wire-To-Surface-2 PDU we don't have
any left/top/right/bottom destination values.
The current code has always dealt with zeros when updating the
invalid region which resulted in black rectangles.
The correct update region is determined during decompression.
2017-04-03 18:59:58 +02:00
Armin Novak
d119745d97 String representation of logon_error_info 2017-03-02 18:09:51 +01:00
akallabeth
7ce1dd0a6c Merge pull request #3791 from akallabeth/kerberos
Kerberos (Rebased #3417)
2017-02-23 13:46:34 +01:00
Armin Novak
70baa6fe26 Added additional connect errors. 2017-02-22 09:50:59 +01:00
David Fort
7b437178bb Add a ClientCapabilities callback
This callback is called when the client capabilities have been received. This callback
appears to be more useful than the Capabilities one that is called just before the server
sends its capabilities.
2017-02-21 23:44:47 +01:00
HenryJacques
3f9cbfe31d Update error.h 2017-02-20 15:59:56 +01:00
Bernhard Miklautz
23cfd34525 Merge pull request #3746 from volth/command-line-action-script-rebased
Add command line option to override action script path
2017-02-20 14:08:14 +01:00
akallabeth
2e64cca742 Merge pull request #3775 from nfedera/rgb_to_avc444yuv
RGB to AVC444YUV converter with SSSE3 support
2017-02-17 10:06:38 +01:00
akallabeth
4065581c98 Merge pull request #3756 from bigpjo/master
.RDP Password Attribute
2017-02-17 09:52:22 +01:00
Norbert Federa
13a60ae138 primitives: added RGB to AVC444YUV converter 2017-02-16 17:03:40 +01:00
Armin Novak
6960ca209b Added GFX surface command profiler. 2017-02-15 15:42:14 +01:00
Armin Novak
f24b112514 Refactored AVC444 decoding to single YUV420 buffer
Since not all H264 decoders support multiple YUV420 output
buffers process H264 decoding and YUV to RGB conversion
sequentially to avoid overriding the input data.
2017-02-15 09:28:10 +01:00
bigpjo
f0a52d431d .RDP Password Attribute
Allow password to be stored in .RDP file and parsed and settings
updated, this will allow for dynamic .RDP files to be created with
complete login credentials, using this method the username, server and
password will no longer be visible within process lists.

Also fixed issue of username and domain being read from .RDP files and
set to null by command line processor.
2017-02-10 20:38:52 +00:00
Volth
e7487cea27 Add command line option to override action script path 2017-02-08 08:30:24 +00:00
David Fort
a6dbc32cf3 Added missing const modifiers for source pointers in codecs 2017-01-27 11:23:08 +01:00
Bernhard Miklautz
85da68c334 Merge pull request #3703 from akallabeth/prim_optimize
[PERFORMANCE] Inlined heavily used functions
2017-01-23 10:39:02 +01:00
David Fort
f68888a978 Add a callback that allows to adjust monitors layout
This callback is useful in server mode when you want to adjust the monitor
layout just before the server monitor layout PDU is built and sent.
2017-01-19 18:05:44 +01:00
Armin Novak
d9810dd7a4 Progressive struct now opaque. 2017-01-18 16:16:29 +01:00
Armin Novak
ace5100e21 Progressive conversion and speed fixes
* Using destination color format and precomputed tile stride
* Using preallocated logger
2017-01-18 15:28:53 +01:00
Armin Novak
7198970a4e Removed obsolete primitive usage. 2017-01-18 15:28:53 +01:00