The AAD and AVD authentication mechanisms both need an OAuth2 token.
They only differ in the provided arguments, so unify the callbacks into
a single one with variable argument lists.
- Move responsibility for obtaining access tokens to clients
- Add function for getting access tokens for AVD
- Get correct server hostname during AVD setup
- Add utility function for doing http requests
The purpose of clipboard data locking is to make the other peer
retaining the current file list until a pending paste operation is done,
even though the clipboard selection changed.
As it may be difficult to determine, when a lock is needed, imitate the
same behaviour as mstsc:
When the server side supports clipboard data locking, always attempt to
lock the file list on the server regardless of what is advertised in a
FormatList PDU.
The Lock Clipboard Data PDU can even be already sent, before the
Format List Response PDU is sent.
This is also what mstsc, does: First, lock the new (potential) file
list, then unlock the file list, when the pending paste operation is
done.
So, rework the current clipboard implementation in that direction.
Since the implementation for timeouts for old file lists is a bit hard,
for now always force unlock pending locks, when the selection changes.
However, timeouts for old file lists can still be added in the future.
The reworked clipboard handling is done with the help of three hash
tables:
1. The inode table: This hash table manages all inodes for each file.
The keys in this table are the inodes themselves, while the values
the files and directories and their attributes (file size, last write
time, etc.).
2. The clipdata table: This table manages the locks for each file list.
The keys in this table represent the clip data id and the values the
clip data entries, which have a reference to the clip data dir, a
directory containing the whole selection, and some helper attributes,
like the clip data id itself.
3. The request table: Every file size or file range request is managed
here. When a FileContentsRequest is made, its stream id with the
respective details are added to this table. When a response is
received, these details can then be easily looked up here.
This PR creates a new /gateway:type:arm transport.
It depends on CJSON
The arm transport is not a transport by itself but is responsible
for getting the websocket endpoint from a configuration url derived from
the configured gateway host in the rdpw file or cmdline
* factor out most websocket specific code parts into websocket.c
* create wst.c (Websocket Transport) as gateway transport implementation
* introduce GatewayUrl setting that holds the websocket url
* introduce GatewayHttpExtAuthBearer that holds the HTTP Bearer
* GatewayHttpExtAuthBearer can be used by both rdg and wst
Optionally build the SDL client with Qt WebEngine to create a popup
browser for authentication to AAD. Also change the URL output on the
command line to use the "nativeclient" redirect for easier copy/pasting
of the authorization code.
This new argument allows reading all command line options from a file or
from stdin. It is a standalone argument and can not be combined with any
other.
if a reader is detected, print out the number of (valid) certificates
detected. This avoids #8953 empty output if there are no valid
certificates installed on a smartcard.
Options like /gateway:type:http,no-websockets,port:1234 were not
properly parsed. The `type:http,no-websockets` must be considered as
separate options with weak dependency.
Thanks to @akarl10 for pointing out this problem.
