* update .gitignore and cleanup conditionnal callback call
* client: rework channel loading
Automate the loading of channels that only depend on a given enabled setting.
* fix remote assistance connection string1 parsing
Fails to parse when connection string only has one host:port because there is no ";" character. Also when multiple host:port;host:port it skip first host:port and parses remaining host:port as ";host:port...end" of connection string:
eg:
;192.168.93.138:49626;192.168.93.139:49627;192.168.93.140:49628
;192.168.93.139:49627;192.168.93.140:49628
;192.168.93.140:49628
* Update assistance.c
* Update assistance.c
* Update assistance.c
* unescape & in PassStub
windows sometimes creates .msrcincident file with escaped ampersand as `&` in PassStub. Need to unescape or server will deny connection and complain about incorrect password.
* Update assistance.c
* add support for 64-bit big-endian encoding
* kerberos: drop reliance on gssapi and add user 2 user support
* Fix local variable declared in the middle of the function body
* kerberos: add ccache server option
Co-authored-by: fifthdegree <fifthdegree@protonmail.com>
Co-authored-by: David Fort <contact@hardening-consulting.com>
This new option /tls-secret-file:<file> allows to dump TLS secrets in a file with
the SSLKEYLOGFILE format. So this way you can setup the TLS dissector of wireshark
(Pre-Master-Secret log filename) and see the traffic in clear in wireshark.
It also add some more PFS ciphers to remove for netmon captures.
* winpr: add lock operation on HashTables
* drdynvc: change the listeners array for a hashtable and other micro cleanups
* logonInfo: drop warning that is shown at every connection
Let's avoid this log, we can't do anything if at Microsoft they don't respect
their own specs.
* rdpei: fix terminate of rdpei
* drdynvc: implement the channel list with a hashtable by channelId
Currently, all Calista Progressive encoded streams contain tile
artifacts, when the RFX_SUBBAND_DIFFING is used, but not the
RFX_DWT_REDUCE_EXTRAPOLATE flag.
The reason is the wrong usage of the context and tile flags.
The RFX_SUBBAND_DIFFING flag should have no actual impact on the
decoder itself.
Especially, it does not affect the band sizes within a 64x64 tile.
The RFX_DWT_REDUCE_EXTRAPOLATE flag, on the other hand, MUST have an
effect on the band sizes.
However, FreeRDP currently uses the RFX_SUBBAND_DIFFING flag when
decoding a component to determine whether the Reduce-Extrapolate method
is used, resulting in tile artifacts, when that method was actually not
used.
The current behaviour did not result in tile artifacts with the MS
Windows RDS, as that server always sets both flags.
So, fix this issue by using the correct flag, when decoding a tile.
According to the RFC the websocket key in the request header should be
base-64 encoded:
The request MUST include a header field with the name |Sec-WebSocket-Key|. The value of this header field MUST be a nonce consisting of a randomly selected 16-byte value that has been base64-encoded (see Section 4 of [RFC4648]). The nonce MUST be selected randomly for each connection.
If we just send a random key this might cause problems with
gateways/proxies that try to decode the key, resulting in an error (i.e.
HAProxy returns 400 Bad Request).
Microsoft Windows imposes strict filename restrictions on its platform.
As RDP is developed by Microsoft and the RDS in MS Windows is typically
used as remote desktop server for the RDP protocol, these filename
restrictions are also enforced in WinPR, when copy-pasting files over
the clipboard.
However, in some connections no peer on MS Windows is involved and in
these situations, these filename restrictions are just an annoyance.
With a recent API addition in WinPR, it is now possible to override the
callback, where the filename is checked, whether it is valid.
So, use this new API to relieve the filename restriction, when the
connected remote desktop server is not on MS Windows.
