This patch adds support for authentication when the connection is done
through a HTTP proxy.
It only supports HTTP Basic Authentication (like `curl --proxy`).
It is tested against Apache 2.4.
This PR introduces per channel context so that we can speed up operations like
retrieving the channel name from its id, or knowing what shall be done for a
packet (no config ACL recomputation at each packet).
removed no more actually used count property of BITMAP_UPDATE struct,
fixed allocating twice as memory for its rectangles - as of refactoring
at e5767f07 BITMAP_UPDATE struct is reused no more
The settings have double meaning:
* Setting the default in client preconnect callback can disable
announcement of a flag to the server regardless of support
* If set it is overridden with the value the server supports
It's possible that FreeRDP was built against FFmpeg, but it doesn't support
H.264. In that case, just continue without H.264 support instead of failing
hard before even trying to connect.
This is especially useful for Linux distributions which can't ship H.264
support in FFmpeg out of the box (patent issues), but allow enabling H.264
later by installing a version of FFmpeg which has it enabled.
When uploading large ICON (96x96), we end up growing the stream
mid-update. Stream_EnsureCapacity end up reallocating the stream
with a larger capacity to accomodate the large ICON size, but in
doing so, also updating the sealed length for the data currently in
the stream. This breaks the assumption between update_begin_paint
and update_end_paint where the sealed lenght is used to keep track
of the location where we need to update the orders counts after
we're done accumulating update. As a result of the growth and lost
of that location, the number of orders is written to the wrong
location and the resulting stream is invalid which result in a
protocol violation and a connection drop.
The current fix uses a new offsetOrder in the update object to
keep track of where update_end_paint needs to write the number
of orders contained. I think a better fix would be for
Stream_EnsureCapacity to preserve the sealead length of the
stream on growth, but this has a much more significant impact and
careful analysis needs to be done to ensure this doesn't violate
other assumption. Need to follow up with FreeRDP developer to get
their take on this one.
This commit add support for connection over HyperV socket (hvsock) which are
used in scenario like WSLg on Windows. hvsock requires accept and close
to monitor in addition to read. Also mark hvsock connection as local.
mstsc/msrdc includes an optional correlation info
(RDP_NEG_CORRELATION_INFO) during connection negotiation. This confuses
FreeRDP which interpret this as a cookie and eventually fails the
negotiation, preventing a successful connection to these RDP client.
This commit addresses 3 things.
1) When processing connection token or cookie, skip if the remaining
bytes are neither.
2) After processing the RDP_NEG_REQ info, skip the optional correlation
info (RDP_NEG_CORRELATION_INFO) if one is present.
3) Allow local connection without server certificate when the client
inherently trust the server.
* All channels inheriting from RDPDR_DRIVE base struct
* Add functions to create/free a new device of a type
* Fixed settings array resize code, prevent 0 sizes
* Properly initialize the stream buffer
* Add Stream_StaticConstInit accepting a const buffer
* Modify API to return a pointer to the stream initialized
* Added checks for bitmap width and heigth values
Data received from the server might have invalid values for bitmap
with or height. Abort parsing if such a value is found.
Reported by Sunglin from the Knownsec 404 team & 0103 sec team
* Added checks for glyph width & height
* Do length/capacity checks in every read/write/seek function
if WINPR_ASSERT is defined.
* Ensure s->pointer is valid, e.g. within s->buffer + s->capacity
(Stream_Rewind, Stream_Seek, ...)
* Add return values to Stream_Set* functions so inalid arguments
can be reported to the caller
* Deprecated problematic stream manipulation functions
(Stream_SetBuffer, Stream_SetPointer, Stream_SetCapacity)
* Ensure length/capacity functions never return a value larger
than the actual length/capacity
* Added transport_get_context to get rdpContext in IO callbacks.
* Added WINPR_ASSERT where possible.
* Fixed handle count mismatch in transport_get_event_handles
* Split out proxy headers and moved to public API to allow external
modules to be built.
* Split proxy into proxy library and proxy binary. The library
can be used by other applications and provides a simple API
* Improved channel passthrough, now all channels including dynamic
channels work.
* Extended module API to hook more events, improved module samples
* Cleaned up proxy code, removed global static variables used,
added WINPR_ASSERT
When using NLA with a NULL identity (in AcquireCredentialsHandle) on
Windows the client sends the first NLA package with cbBuffer set to 0.
In that case the client currently incorrectly kills the connection. With
this PR the check is removed and the client correctly connects to the server.
* Added transport_get_context to get rdpContext in IO callbacks.
* Added WINPR_ASSERT where possible.
* Fixed handle count mismatch in transport_get_event_handles
* Use freerdp_settings_* for shadow and sample server
* Added freerdp_peer_set_local_and_hostname
* Code cleanups and WINPR_ASSERT
* Code cleanups
* Use CHANNEL_NAME_LEN where appropriate
* Use temporary variables in loop instead of direct array access
Covscan report contains various memory leak defects which were marked
as important. I have spent some time analyzing them and although they
were marked as important, most of them are in error cases, so probably
nothing serious. Let's fix most of them anyway. The rest are false
positives, or too complicated to fix, or already fixed in master, or
simply I am unsure about them.
Relates: https://github.com/FreeRDP/FreeRDP/issues/6981
(some client side channels and all server side channels still need to be
ported to new api)
server: build fix, do not disable threads for rfx encoder
cliprdr client channel: implemented support for DisableThreads option
looks like thread does not make sense at all for this channel
do not initialize disabled image codecs (respect settings)
channels: client: rail: added support for DisableThreads setting
changed "BOOL DisableThreads" to "UINT32 ThreadingFlags"
dropped unnecessary apu changes
draft implementation of threading settings aware message handling api
for addins/channels
rail: use new messaging api
fixed memory leak
msgs handlers external api changes (as requested)
msgs_handlers: init fix
fixed memory leak
logic fix
resolved problems appeared after rebase to master, dropped unnecessary
changes
git clang-format origin/master
fixed TestFreeRDPCodecRemoteFX.c
"formatting, run `clang-format` please"
properly use new "rfx_context_new(BOOL, UINT32)" everywhere
passed Threading Flags to "rfx_context_new" where available
in older C standarts veriables declaration must be done before any code
requested changes
clang-format as requested
use broken signatures of standert C functions for m$ s**tos
clang-format
requested changes
requested changes
moved ThreadingFlags to stable api zone
define type for channel msg handler
typo fix
clang-format
build fix
us ThreadingFlags from server settings
git clang-format origin/master
clang-format
Removes the changes to connection type in gcc_write_client_core_data and
adds some checks if network detection is enabled when receiving network
detection requests.
This PR removes the error code from the error string returned by
rpc_error_to_string. The error code is passed into the function so it is
not necessary to append it to the returned string as well.
The PR also fixes the screwed formatting of the error code tables.