The prompt for credentials setting was incorrectly used in FreeRDP. If
this setting is set to 1 in a rdp file the client should prompt for
credentials even if it has credentials stored for this connection. If
the setting is set to 0 the client should either use the stored
credentials (if present) or ask for username/password otherwise.
This PR changes the old handling (if PromptForCredentials was set to 0
no credential prompting was done) to the desired behavior.
Added a library internal function freerdp_settings_set_default_order_support
which initializes the OrderSupport array of settings.
Now clients no longer need to set this up on their own, if they
do not implement their own hardware accelerated order processing.
The newly introduced option /tls-seclevel can be used to set the tls
security level on systems with openssl >= 1.1.0 or libressl.
As default level 1 is used as higher levels might prohibit connections
to older systems.
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.
Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.
Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.
Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.
Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
FreeRDP calculates default request size in server mode based upon
the desktop resolution. In practice, however, I've found clients (namely
MS Lync 2013) which would show only a black screen when the value is
greater than 0x3EFFFF.
This change allows to override the default in such special cases by
assigning a different value to server->settings->MultifragMaxRequestSize
after the shadow server structure is initialized in shadow_server_new().
This patch make it possible to limit the time that is passed when we call
XXX_check_fds functions. This should smooth the treatment between handling inputs
and handling incoming bitmap updates.
The default maximum time is set to 100 ms.
