The purpose of clipboard data locking is to make the other peer
retaining the current file list until a pending paste operation is done,
even though the clipboard selection changed.
As it may be difficult to determine, when a lock is needed, imitate the
same behaviour as mstsc:
When the server side supports clipboard data locking, always attempt to
lock the file list on the server regardless of what is advertised in a
FormatList PDU.
The Lock Clipboard Data PDU can even be already sent, before the
Format List Response PDU is sent.
This is also what mstsc, does: First, lock the new (potential) file
list, then unlock the file list, when the pending paste operation is
done.
So, rework the current clipboard implementation in that direction.
Since the implementation for timeouts for old file lists is a bit hard,
for now always force unlock pending locks, when the selection changes.
However, timeouts for old file lists can still be added in the future.
The reworked clipboard handling is done with the help of three hash
tables:
1. The inode table: This hash table manages all inodes for each file.
The keys in this table are the inodes themselves, while the values
the files and directories and their attributes (file size, last write
time, etc.).
2. The clipdata table: This table manages the locks for each file list.
The keys in this table represent the clip data id and the values the
clip data entries, which have a reference to the clip data dir, a
directory containing the whole selection, and some helper attributes,
like the clip data id itself.
3. The request table: Every file size or file range request is managed
here. When a FileContentsRequest is made, its stream id with the
respective details are added to this table. When a response is
received, these details can then be easily looked up here.
This PR creates a new /gateway:type:arm transport.
It depends on CJSON
The arm transport is not a transport by itself but is responsible
for getting the websocket endpoint from a configuration url derived from
the configured gateway host in the rdpw file or cmdline
* factor out most websocket specific code parts into websocket.c
* create wst.c (Websocket Transport) as gateway transport implementation
* introduce GatewayUrl setting that holds the websocket url
* introduce GatewayHttpExtAuthBearer that holds the HTTP Bearer
* GatewayHttpExtAuthBearer can be used by both rdg and wst
Optionally build the SDL client with Qt WebEngine to create a popup
browser for authentication to AAD. Also change the URL output on the
command line to use the "nativeclient" redirect for easier copy/pasting
of the authorization code.
This new argument allows reading all command line options from a file or
from stdin. It is a standalone argument and can not be combined with any
other.
if a reader is detected, print out the number of (valid) certificates
detected. This avoids #8953 empty output if there are no valid
certificates installed on a smartcard.
Options like /gateway:type:http,no-websockets,port:1234 were not
properly parsed. The `type:http,no-websockets` must be considered as
separate options with weak dependency.
Thanks to @akarl10 for pointing out this problem.
This PR contains various changes to rdp file handling:
The old code had a strange mixture of handling settings. When loading a
file every line of the file was cached in `rdpFile::lines`. Sometimes
functions would operate on these cached lines, sometimes they would
operate on the actual values in the `rdpFile` instance.
On the other hand if an `rdpFile` instance was created from
`rdpSettings`, this line cache simply did not exist, causing functions
to behave differently, depending on whether the instance was created by
reading a file or by populating it from `rdpSettings`.
The new implementation has now a single way of accessing values (
`find_integer_entry`/`find_string_entry`) and the `rdpFile::lines` data
is used to handle unknown settings.
The PR also adds some argument checking and assertions.
`freerdp_parse_username` always returns non-NULL domain information when
called. This currently results in `settings->domain` being overridden in
every case, even though we might have read domain information from the
file before.
This PR fixes this issue by checking if domain information was present
in the file and if not use the parsed domain informatin.
* use proper permissions (no read/write for group and others)
* handle streamID for multiple simultaneous copy/paste operations
* properly handle requests with a queue
Added helper functions to inform a user about current state of a client
in use:
* freerdp_client_warn_exeprimental warns about unstable clients
* freerdp_client_warn_deprecated warns about clients to be dropped
We no longer have a blocking polling loop in transport. Instead assume
there is more data after a packet was processed and let the transport
try again. If there is another packet ready, this repeats until only a
partly received (or no new data available) situation is reached.
* Use new ConvertUtf8ToWChar, ConvertUtf8NToWChar,
ConvertUtf8ToWCharAlloc and ConvertUtf8NToWCharAlloc
* Use new ConvertWCharToUtf8, ConvertWCharNToUtf8,
ConvertWCharToUtf8Alloc and ConvertWCharNToUtf8Alloc
* Use new Stream UTF16 to/from UTF8 read/write functions
* Use new settings UTF16 to/from UTF8 read/write functions
Windows expects the containerName field in TSSmartCardCreds to be what
it would use for a smartcard key's name. Try to accomodate that (at
least for PIV and GIDS cards).
When smartcard emulation was enabled we were dumping the key and cert to
temporary files for PKINIT call, but they were deleted before we have
actually done the PKINIT. This patch fixes it.
It also add debug statement for the listing of smartcard keys / certs.
This also fixes the listing of smartcard on certain windows configurations
were we have to force NCRYPT_SILENT when doing a NCryptOpenKey.
When no CSP is provided, we were listing smartcard materials by querying the
MS_SCARD_PROV_A CSP, unfortunately on some windows hosts, the smartcards aren't
listed in that CSP. So this patch does the key listing by browsing all CSPs
instead of just a default one. You can still force a CSP and you'll get keys only
from this one.
This patch also address cases where the certificate on the smartcard doesn't
have a UPN attribute, if that happen we try to get a UPN from the email address.
* Fixed format strings to match arguments
Reviewed and replaced all %d specifiers to match proper type
* Added proxy dynamic channel command type to log messages.
The RDP2Tcp channel has no associated bool in settings for configuring the loading
of the channel (only settings->RDP2TCPArgs for the args), so let's load it outside
of the big loading loop (prevent a warning for unknown bool setting 1519).
if auto-request-control setting is enabled then only request control once upon connect, otherwise it will auto request control again every time server turns off control which is a bit annoying.
* update .gitignore and cleanup conditionnal callback call
* client: rework channel loading
Automate the loading of channels that only depend on a given enabled setting.
This new option /tls-secret-file:<file> allows to dump TLS secrets in a file with
the SSLKEYLOGFILE format. So this way you can setup the TLS dissector of wireshark
(Pre-Master-Secret log filename) and see the traffic in clear in wireshark.
It also add some more PFS ciphers to remove for netmon captures.
* Fixed remdesk settings pointer
* Fixed sign warnings in display_write_monitor_layout_pdu
* Use freerdp_abort_connect_context and freerdp_shall_disconnect_context
* Added and updates settings
* info assert/dynamic timezone
* mcs assert/log/flags
* Fixed and added assertions for wStream
* Unified stream length checks
* Added new function to check for lenght and log
* Replace all usages with this new function
* Cleaned up PER, added parser logging
* Cleaned up BER, added parser logging
* log messages
* Modified Stream_CheckAndLogRequiredLengthEx
* Allow custom format and options
* Add Stream_CheckAndLogRequiredLengthExVa for prepared va_list
* Improved Stream_CheckAndLogRequiredLength
* Now have log level adjustable
* Added function equivalents for existing logger
* Added a backtrace in case of a failure is detected
* Fixed public API input checks
A proxy URI was parsed both in the function `proxy_read_environment()` in
`libfreerdp/core/proxy.c` and in the function
`freerdp_client_settings_parse_command_line_arguments()` in
`client/common/cmdline.c`. But only the latter was taking into account
that the URI can contain a user and password, which made it impossible
to use a proxy with authentication by just using an environment
variable like `https_proxy`.
The function `proxy_parse_uri()` in `libfreerdp/core/proxy.c` was
clearly not parsing the optional username and password.
This commit moves the code from `client/common/cmdline.c` to
`libfreerdp/common/settings.c` into a function `proxy_parse_uri()` so
redundant code is avoided. This function is then called in both
instances where a proxy URI is parsed.
Some minor adjustment were made to the code, so the `WLog_INFO()`
statement at the end works in both cases, where credentials were either
provided or not. Also, some error messages were added or clarified.
If the parsing of the environment variable fails, we ignore it entirely
(with a warning) and proceed.
* Early return authenticate if TLS smartcard logon
* Removed obsolete SmartcardPin and unified AuthenticateEx calls
* Remove password-is-pin from command line
The setting is implied by smartcard-logon and only of interest in
server side code, so the setting is useless
* Rework AUTH_SMARTCARD_PIN
Just prompt for PIN and not user/domain if this is requested.
* Fixed a memory leak in nla.c
* Align credentail prompt
* Handle AUTH_NLA & smartcard, just ask for PIN
* Added assertions, removed duplicate password prompt check
* Move smartcard logon after credential prompt
Always reinitialize NetworkAutoDetect, otherwise it might end set to
previous value and not the desired one. This happens when the client
sets /network:lan , in which case NetworkAutoDetect remains set to
TRUE because freerdp_set_connection_type() was previously called in
prepare_default_settings() and NetworkAutoDetect is never updated by
freerdp_set_connection_type() afterward.
Signed-off-by: Marek Vasut <marex@denx.de>
* All channels inheriting from RDPDR_DRIVE base struct
* Add functions to create/free a new device of a type
* Fixed settings array resize code, prevent 0 sizes
* Fix temporary settings allocation for command line
Detection of legacy command line requires a temporary settings
struct. This was previously manyally allocated instead of using
freerdp_settings_new and freerdp_settings_free.
* Fixed CommandLineParseCommaSeparatedValuesEx
The name argument was not copied into the returned array.
If no arguments are supplied, default to the behaviour of
/network:auto. This ensures the default experience is using the
best available graphics options.
As soon as any /network, /bpp, /rfx, /gfx, ... argument is used
only use these.
RDPSND channel is special, as it has many names.
(e.g. static channel, dynamic channel and UDP one.
Use RDPSND_CHANNEL_NAME to identify the module name instad of
RDPSND_DVC_CHANNEL_NAME
Since the last change untouched string settings were written to the rdp
file because their default value was set to NULL instead of ~0. This
resulted in settings being written to the rdp file with a value of
"(null)" instead of just being skipped.
