Commit Graph

404 Commits

Author SHA1 Message Date
Michael Saxl
6478edda5b rdg bearer support 2023-06-22 09:21:42 +02:00
akallabeth
393577750e [settings] add FreeRDP_ClipboardFeatureMask 2023-05-25 16:26:39 +02:00
Pascal Nowack
288f4d58f0 core: Make a couple of capability defines public
The settings for these defines are public, but these settings cannot be
properly used, when the respective defines are not public too.
2023-05-02 09:51:40 +02:00
Richard Markiewicz
13e52cfae2 [channels,settings] add a setting to ignore invalid devices 2023-04-24 11:29:05 +02:00
Armin Novak
391f5e0ddb [settings] add freerdp_supported_color_depths_string 2023-04-13 14:35:51 +02:00
Armin Novak
39767c5423 [settings] add supported color depths setting 2023-04-13 14:35:51 +02:00
akallabeth
a5b42f0f84 [includes] untangled circular includes 2023-03-15 08:22:23 +01:00
akallabeth
61779694ee [includes] improved c++ guards 2023-03-15 08:22:23 +01:00
fifthdegree
4cbfa006f2 Implement support for RDS AAD
Have a working implementation of the RDS AAD enhanced security mechanism
for Azure AD logons
2023-03-10 16:38:07 +01:00
Joan Torres
7c24da917e Add RDSTLS security protocol
The client tries to connect using RDSTLS only when it has received a
server redirection PDU with LB_PASSWORD_IS_ENCRYPTED flag.

The server exposes RDSTLS on negotiation if it has been configured on settings.
Then authenticates a client using configured credentials from settings:
RedirectionGuid, Username, Domain, Password.
2023-03-08 14:05:00 +01:00
Armin Novak
ae8f0106bd [core,redirect] extract and check redirection cert
* extract the certificate from the redirection PDU
* if there is a certificate provided accept it if it matches the
  redirection target certificate without further user checks
2023-02-28 15:49:58 +01:00
akallabeth
2d94ff3f9e [settings] remove obsolete keys
* CertificateFile and CertificateContent are no longer used
* PrivateKeyFile and PrivateKeyContent are no longer used
2023-02-16 10:06:17 +01:00
Armin Novak
a7dac52a42 [license] updated copyright headers 2023-02-12 20:17:11 +01:00
akallabeth
af371bef6a [crypto] rename rdpRsaKey to rdpPrivateKey 2023-02-12 20:17:11 +01:00
akallabeth
9b51df8b10 [core,crypto] refactor certificate management
* Properly split certificate_store, certificate_data, certificate and
  private key functions to files
* Prefix all functions with freerdp_ to have a unique name
* Update certificate store to use one file per host instead of
  known_hosts2
* Merge CryptoCert and rdpCertificate
2023-02-12 20:17:11 +01:00
akallabeth
2eda0aa2ea [core,settings] remove unused setting 2023-02-03 11:24:32 +01:00
akallabeth
2c2e9602b3 [core] refactor certificate handling
* Remove duplications in rdpRsaKey, reuse rdpCertificate for public
  components
* Move all private key and certificate code to certificate.c,
  remove the tssk_* variables from gcc
* Handle update of client and server random keys in wrapping functions
* Simplify gcc_write_server_security_data, use certificate.c functions
  to write the certificate data
* Refactor security_establish_keys, use the random values stored in
  settings directly
2023-02-03 11:09:59 +01:00
Armin Novak
cd48e17740 [gateway,settings] add GatewayAutoConsent option
with this option the client automatically accepts consent messages of
the gateway server.
2023-02-03 11:08:46 +01:00
akallabeth
ee07a13130 [cleanup] fix compiler warnings 2023-01-26 09:30:17 +01:00
Armin Novak
8dc6287d7a [setttings] added ServerSessionRedirectionVersionMask 2023-01-23 09:17:01 +01:00
akallabeth
60424ef76f [core] fixed client/server early capapbility flags 2023-01-20 10:57:30 +01:00
akallabeth
2fc5eaeb80 [core] implemented CS_CORE::EarlyCapabilityFlags filter
* Added missing definitions for RNS_UD_CS_SUPPORT_SKIP_CHANNELJOIN
  and RNS_UD_SC_SKIP_CHANNELJOIN_SUPPORTED flags
* Updated stringification functions for these flags
* Implemented client and server EarlyCapabilityFlags filter for
  these flags as FreeRDP currently does not implement them.
2023-01-20 10:57:30 +01:00
Armin Novak
9e331a6fcb [settings] add string functions for encryption 2023-01-18 09:55:06 +01:00
akallabeth
a2c7aa8de1 [core] restructure redirection
* Expose redirection functions via public API
* Add getter/setter for public API
2023-01-17 12:25:31 +01:00
akallabeth
05dab47cbd [core,settings] add missing redirection options
* RedirectionGuid
* TargetCertificate
2023-01-17 12:25:31 +01:00
akallabeth
b5e2c2a81d [settings] added stringify function for RDPDR_RTYP_* 2022-12-15 14:57:29 +01:00
David Fort
a1febe11f0 multi-transport: refactor multi-transport handling
Prepare the parts of the code that handle multi-transport to really establish
UDP connections and manage alternative transports.
2022-12-13 15:54:33 +01:00
akallabeth
37ab25e19d Fixed all Wdocumentation warnings 2022-12-12 14:24:55 +01:00
Armin Novak
5f81005ecb [transport] remove polling loop
We no longer have a blocking polling loop in transport. Instead assume
there is more data after a packet was processed and let the transport
try again. If there is another packet ready, this repeats until only a
partly received (or no new data available) situation is reached.
2022-12-12 12:59:32 +01:00
Armin Novak
3e3ed445b4 [client,file] add rdgiskdcproxy to settings
Adds a new option FreeRDP_KerberosRdgIsKdc to manually set the KDC url
to the gateway server url
2022-12-06 14:07:53 +01:00
akallabeth
ca5684c968 [settings,caps] Removed ColorPointerFlag
* The setting is obsolete and can be replaced by a constant
* Only check the receive function for proper value and print a warning
2022-12-06 09:08:12 +01:00
akallabeth
97fd183d39 [core,settings] Added ColorPointerCacheSize 2022-12-06 09:08:12 +01:00
Armin Novak
ff266e9575 furter added settings documentation 2022-12-02 15:25:08 +01:00
akallabeth
d898f04e41 [core,settings] Added settings function docs
* Document settings functions
* Make rdpSettings* checks more uniform
2022-12-02 15:25:08 +01:00
akallabeth
2ac2f43503 [freerdp,settings] Add UTF16 helper functions
This new function allows get or set settings as WCHAR
string directly. Converts the string automatically from/to utf-8
internally
2022-11-28 10:42:36 +01:00
Armin Novak
c5e425242a [settings] Typo in GatewayHttpExtAuthSspiNtlm 2022-11-23 11:19:21 +01:00
akarl10
b1583d56c0 [rdg] implementation of http_extauth_sspi_ntlm 2022-11-16 20:28:53 +01:00
akallabeth
7d67adbc54 Refactored licensing module
* Make the whole module opaque for easier testing
2022-11-03 17:02:47 +01:00
akallabeth
3af13a0fb2 Add proper read/write for ordersupportflags et al
* Add new settings for OrderSupportFlags, OrderSupportFlagsEx,
  TerminalDescriptor and TextANSICodePage
* Add proper read/write routines for the new settings
* Add proper default values for the new settings
2022-11-03 17:02:15 +01:00
Armin Novak
7cef0cb8d6 Refactored capability parsing
* Add new settings for previously ignored capability options
* Store raw capability data in settings for later use
* Add function to extract settings from raw capability data
* Split capability read/write from client/server logic (e.g. enforce
  limits, ...)
2022-11-03 17:02:15 +01:00
akallabeth
58599c91a3 Add setting name for invalid function access
Try to be helpful and resolve the settings index with a readable
name if possible to help diagnose wrong function use
2022-10-27 10:46:58 +02:00
Marc-André Moreau
e3594c91dc Add UserSpecifiedServerName setting, /server-name command-line parameter 2022-10-14 17:59:57 -04:00
Marc-André Moreau
27a865af74 Add Negotiate SSPI authentication module filtering 2022-10-12 22:07:45 +02:00
Armin Novak
3cf0bb91d6 Updated supported RDP versions
* New defines for 10.8, 10.9, 10.10, 10.11 protocol versions
* New function returning a string representation of the protocol version
* Use 10.11 by default now
2022-10-12 21:42:12 +02:00
Marc-André Moreau
b324e49131 rename KerberosKdc setting to KerberosKdcUrl 2022-09-30 19:33:12 +02:00
Simon Nivault
82b58325a3 Add switch to declare printer as default or not 2022-09-20 13:25:05 +02:00
David Fort
942273e9cb
tls: add an option to dump tls secrets for wireshark decoding (#8120)
This new option /tls-secret-file:<file> allows to dump TLS secrets in a file with
the SSLKEYLOGFILE format. So this way you can setup the TLS dissector of wireshark
(Pre-Master-Secret log filename) and see the traffic in clear in wireshark.
It also add some more PFS ciphers to remove for netmon captures.
2022-08-16 10:40:32 +02:00
David Véron
a3712521a8 TLS version control
* added settings for minimal and maximal TLS versions supported
* refactorisation of the force TLSv1.2 setting
2022-07-07 07:13:11 +00:00
Armin Novak
b672bda85e Removed RdpKeyFile and RdpKeyContent settings
They are a duplicate of PrivateKeyFile and PrivateKeyContent
2022-07-06 12:01:23 +02:00
akallabeth
8ecf841e71 Added RAIL compartmentinfo server to client message 2022-06-29 14:42:05 +02:00