Timer based dynamic resolution updates are disabled in fullscreen
state. Check current value and not (permanent) setting
(cherry picked from commit a47dcd3705)
* Add a new command line arg to enforce tls1.2
* Add better explanation of FreeRDP_EnforceTLSv1_2
(cherry picked from commit ce2e3ab0c7)
* Regenerated settings helpers
* backport prev cherry-pick
* Cleanup tls_prepare
* TLS version control
* added settings for minimal and maximal TLS versions supported
* refactorisation of the force TLSv1.2 setting
* cleanup from prev cherry-pick
* updated change log
Co-authored-by: akallabeth <akallabeth@posteo.net>
Co-authored-by: David Véron <david.veron@rubycat.eu>
Microsoft Windows imposes strict filename restrictions on its platform.
As RDP is developed by Microsoft and the RDS in MS Windows is typically
used as remote desktop server for the RDP protocol, these filename
restrictions are also enforced in WinPR, when copy-pasting files over
the clipboard.
However, in some connections no peer on MS Windows is involved and in
these situations, these filename restrictions are just an annoyance.
With a recent API addition in WinPR, it is now possible to override the
callback, where the filename is checked, whether it is valid.
So, use this new API to relieve the filename restriction, when the
connected remote desktop server is not on MS Windows.
If no arguments are supplied, default to the behaviour of
/network:auto. This ensures the default experience is using the
best available graphics options.
As soon as any /network, /bpp, /rfx, /gfx, ... argument is used
only use these.
(cherry picked from commit d3168a1436)
* Fixed typo in changelog
* Fix FIPS mode support and build with OpenSSL 3.0
FreeRDP fails to build with OpenSSL 3.0 because of usage of the `FIPS_mode`
and `FIPS_mode_set` functions, which were removed there. Just a note that
the FIPS mode is not supported by OpenSSL 1.1.* although the mentioned
functions are still there (see https://wiki.openssl.org/index.php/FIPS_modules).
Let's make FreeRDP build with OpenSSL 3.0 and fix the FIPS mode support.
See: https://bugzilla.redhat.com/show_bug.cgi?id=1952937
(cherry picked from commit 26bf2816c3)
* winpr: avoid calling FIPS_mode() with OpenSSL 3.0
Fixes: 26bf2816c3
(cherry picked from commit 0c81c73c8d)
* winpr/crypto: Load legacy provider to fix rc4 with OpenSSL 3.0 (#7210)
* winpr/crypto: Exit cleanly when EVP_EncryptInit_ex fails
The `EVP_EncryptInit_ex` function may fail in certain configurations.
Consequently, FreeRDP segfaults in `EVP_CIPHER_CTX_set_key_length`.
Let's handle the `EVP_EncryptInit_ex` failures and exit cleanly in
such case.
* winpr/crypto: Load legacy provider to fix rc4 with OpenSSL 3.0
Currently, the `EVP_EncryptInit_ex` function fails for rc4 with OpenSSL 3.0.
This is becuase rc4 is provided by the legacy provider which is not loaded
by default. Let's explicitly load the legacy provider to make FreeRDP work
with OpenSSL 3.0.
Relates: https://github.com/openssl/openssl/issues/14392
Fixes: https://github.com/FreeRDP/FreeRDP/issues/6604
(cherry picked from commit 67f3fff2c8)
Conflicts:
winpr/libwinpr/crypto/cipher.c
* Fix TestUnicodeConversion on big endian machines (#7219)
Wide character literals are stored in native byte order.
Use an array of bytes as a reference instead.
Fixes: https://github.com/FreeRDP/FreeRDP/issues/6968
(cherry picked from commit 5208a67ea7)
* Fixed async-input quit
* Fix data write on usb channel
* Bitmap update fix (#7349)
* Added checks for bitmap width and heigth values
Data received from the server might have invalid values for bitmap
with or height. Abort parsing if such a value is found.
Reported by Sunglin from the Knownsec 404 team & 0103 sec team
* Added checks for glyph width & height
* Fixed#7363: Length checks in ConvertUTF8toUTF16
(cherry picked from commit 623a77258a)
* Implemented missing TSG debug functions
(cherry picked from commit c06c463806)
* Refactored RPC gateway parser
Utilize wStream instead of custom binary parsing code, add proper
input validation.
Reported by Sunglin from the Knownsec 404 team & 0103 sec team
(cherry picked from commit f0b44da67c)
* Replaced chmod with safer fchmod
* Use fchmod so the file may not change underneath
* Add unit tests for SetFileAttributesA
* Add warning logs for unsupported flags
(cherry picked from commit c8571dd5fd)
* Updated changelog and version
* Added more explicit warning for deprecated command line
* Add exit codes for more errors
(cherry picked from commit aa4c3dfb8a)
* Updated changelog.
Co-authored-by: Ondrej Holy <oholy@redhat.com>
Co-authored-by: Mike Gilbert <floppym@gentoo.org>
Co-authored-by: Ondrej Holy <ondrejholy@users.noreply.github.com>
Co-authored-by: Ian Weir <mr.weir@me.com>
