Armin Novak
69aa1ff9db
[build] add cJSON to android build scripts
2023-03-10 16:38:07 +01:00
Armin Novak
9f1fc5adaf
[client,common] add /sec:aad to command line help
2023-03-10 16:38:07 +01:00
Armin Novak
233ac929ea
[client,common] use interruptible getline
2023-03-10 16:38:07 +01:00
Armin Novak
dc38b94263
[ci] add cJSON dependency
2023-03-10 16:38:07 +01:00
Armin Novak
4d12c22f4e
[core,aad] fixed warnings and openssl compat
2023-03-10 16:38:07 +01:00
fifthdegree
304ce6d702
Test base64url en/decoding
...
Add tests for base64url and fix a bug discovered while doing that
2023-03-10 16:38:07 +01:00
akallabeth
429c361435
[core,aad] fix cJSON usage
2023-03-10 16:38:07 +01:00
fifthdegree
f4431cdc8c
fixup! Implement support for RDS AAD
2023-03-10 16:38:07 +01:00
fifthdegree
7f54770fd0
fixup! Implement support for RDS AAD
2023-03-10 16:38:07 +01:00
akallabeth
af2a74cbbb
[core,aad] refactor aad parser
...
* split functions into smaller elements
* improve return code checks
* add log messages for error results
2023-03-10 16:38:07 +01:00
akallabeth
0af370c04b
[core,aad] use dynamic logger
2023-03-10 16:38:07 +01:00
akallabeth
157d71e802
[core,aad] migrate to cJSON parser library
2023-03-10 16:38:07 +01:00
akallabeth
c5406d79c5
[core,aad] typedef AAD_STATE
2023-03-10 16:38:07 +01:00
akallabeth
3d9eaf59dc
[core,aad] typedef AAD_STATE
2023-03-10 16:38:07 +01:00
akallabeth
2117cdcb0f
[core,transport] rewritten aad transport read
...
use a do {} while loop to make it easier to read.
2023-03-10 16:38:07 +01:00
akallabeth
f5423caace
[auth,aad] add freerdp* argument to callback
2023-03-10 16:38:07 +01:00
fifthdegree
4cbfa006f2
Implement support for RDS AAD
...
Have a working implementation of the RDS AAD enhanced security mechanism
for Azure AD logons
2023-03-10 16:38:07 +01:00
fifthdegree
5df4d4c934
Implement a basic JSON parser
2023-03-10 16:38:07 +01:00
fifthdegree
8d6c92c037
Implement base64url encoding/decoding
...
Tweak the base64 functions to allow for encoding and decoding base64url
as well
2023-03-10 16:38:07 +01:00
Armin Novak
85cff3a7dc
[server,proxy] fix private/public library linking
2023-03-10 11:40:08 +01:00
Armin Novak
c23dc3ba9d
[CMake] Fix use of BUILD_SHARED_LIBS
...
the option is named BUILD_SHARED_LIBS and not CMAKE_BUILD_SHARED_LIBS
2023-03-10 11:40:08 +01:00
Armin Novak
6e5307c037
[client,common] fix on off option parsing
...
* Return an enum to allow evaluation of what option was provided
* fix /sec:nla and /sec:nla:on behaviour.
2023-03-10 11:40:08 +01:00
Martin Fleisz
384642f95f
core: Fix sending incorrect GUID in RDSTLS auth request
...
The spec states that the GUID must be sent as a Base64-encoded GUID in
Unicode format. However in the redirection code we read the (correctly
formatted) GUID and convert it to a binary BLOB.
This PR removes the unnecessary conversion which now results in a
correct RDSTLS auth request.
It also removes some dead code in `rdstls_write_data`.
2023-03-09 14:29:41 +01:00
Armin Novak
1580daecbc
[core,rdstls] fix uninitialized wStream
2023-03-09 11:17:37 +01:00
Armin Novak
ec60ebaf37
[core] parse whole wStream instead of current
2023-03-09 11:17:37 +01:00
Armin Novak
5c49fae477
[core,transport] split pdu parser function
...
split according to which PDU type is being parsed.
2023-03-09 11:17:37 +01:00
Joan Torres
5bcc5326d0
[core,rdstls] fix rdstls_parse_pdu
...
When this function returns <= 0 the caller was considering it a pduLength
creating a bug.
Also fixed length calculation on some rdstls pdu types.
2023-03-09 11:17:37 +01:00
Joan Torres
b469f53c43
[core,transport] check for rdstls == NULL on accept_rdstls too
2023-03-09 11:17:37 +01:00
akallabeth
151baa9ae5
[client,sdl] fix va_arg casts to match void* size
2023-03-09 11:17:37 +01:00
akallabeth
22f5bd48c4
[client,wayland] fix function arguments to match
...
the function pointer expected different arguments from the one provided.
2023-03-09 11:17:37 +01:00
akallabeth
387dcd4001
[client,sdl] fix missing type cast
2023-03-09 11:17:37 +01:00
akallabeth
d56487717f
[core,redirection] fix const warnings
2023-03-09 11:17:37 +01:00
akallabeth
6646ff9eb0
[client,common] fix wrong arguments for file clipboard
2023-03-09 11:17:37 +01:00
akallabeth
41cb69b135
[winpr,stream] fix Stream_Read_UTF16_String
...
Fix wrong arguments for stream length check
2023-03-09 11:17:37 +01:00
akallabeth
34c056e163
[core,smartcard] fix WCHAR compare, use _wcscmp
2023-03-09 11:17:37 +01:00
akallabeth
4154bc500e
[core,transport] check for rdstls == NULL
2023-03-09 11:17:37 +01:00
Martin Fleisz
093bf79837
common:: Fix const issues with current rdp file API
2023-03-08 14:08:34 +01:00
akallabeth
9a51f3b77b
[core,rdstls] log state checks
...
when checking expected states print a proper log message when the
requirement is not met
2023-03-08 14:05:00 +01:00
akallabeth
bc1d291b44
[core,rdstls] add state transition checks and logs
2023-03-08 14:05:00 +01:00
akallabeth
adbecf71c6
[core,rdstls] use dynamic logger
2023-03-08 14:05:00 +01:00
akallabeth
0dc59f3a41
[core,rdstls] hide rdstls parsing
...
* move rdstls specific code from transport_parse_pdu to rdstls_parse_pdu
* hide rdstls implementation details
2023-03-08 14:05:00 +01:00
Joan Torres
c7f214435e
[core,transport] use modern stream funcs on transport_parse_pdu
2023-03-08 14:05:00 +01:00
Joan Torres
d3eab544bd
[core,rdstls] validate state transitions
2023-03-08 14:05:00 +01:00
akallabeth
15b5026260
[core,rdstls] rdstls_read_data no heap
...
do not allocate and copy the returned data, just return a pointer in the
stream and the length of the data.
2023-03-08 14:05:00 +01:00
akallabeth
f5a8da4f62
[core,rdstls] ensure stream length on empy return
2023-03-08 14:05:00 +01:00
Joan Torres
7c24da917e
Add RDSTLS security protocol
...
The client tries to connect using RDSTLS only when it has received a
server redirection PDU with LB_PASSWORD_IS_ENCRYPTED flag.
The server exposes RDSTLS on negotiation if it has been configured on settings.
Then authenticates a client using configured credentials from settings:
RedirectionGuid, Username, Domain, Password.
2023-03-08 14:05:00 +01:00
Armin Novak
49f44303b1
[server,shadow] clean up certificate generation
2023-03-08 13:07:20 +01:00
Armin Novak
00f8cd350b
[server,shadow] abort on invalid key/certificate
2023-03-08 13:07:20 +01:00
Joan Torres
689bf6daab
[core,nla]: Fix using password from redirection
...
If a client reconnects on redirection process and uses NLA authentication,
the client was using the old password because it wasn't setting
usePassword to false.
With this commit the client will use the new password.
2023-03-08 08:36:42 +01:00
Joan Torres
5f8e64f89c
[core,connection]: Fix load balance setting on redirection
...
The routing token is already set for the nego on rdp_client_connect func.
2023-03-08 08:36:42 +01:00