Commit Graph

1891 Commits

Author SHA1 Message Date
Armin Novak
524e4635fd Fixed typos.
gdi_free now done on disconnect.
2015-01-13 12:00:51 +01:00
Armin Novak
600074373c Fixed rdp_reset. 2015-01-12 13:47:04 +01:00
Armin Novak
e3df1d3d5b Fixed freerdp_disconnect and freerdp_reconnect. 2015-01-12 13:44:34 +01:00
Armin Novak
e0139fc4d8 Added nego_disconnect. 2015-01-12 13:44:04 +01:00
Armin Novak
8a1f9c321c Added nego_disconnect function. 2015-01-12 13:43:29 +01:00
Armin Novak
9274de4921 Fixed rdp_client_disconnect and rdp_reset. 2015-01-12 13:36:38 +01:00
Armin Novak
5d3091bd1c Fixed transport cleanup on disconnect. 2015-01-12 13:32:59 +01:00
Norbert Federa
765b25933e license: fix for corrupted licensing packets
Since commit a228952 FreeRDP generates corrupt licensing packets if the rdp
security layer is used and the peer did not indicate that it is capable of
processing encrypted licensing packets:
That commit changed rdp->sec_flags after the rdp stream was already initialized
with encryption enabled which placed the PDU payload at an incorrect offset.

Instead of directly modifying the rdp->sec_flags this patch temporarily
disables rdp->do_crypt during rdp stream initialization if the client has not
advertised support for encrypted licensing packets.
2015-01-12 11:31:18 +01:00
Marc-André Moreau
51554ff16c channels: patch rdpdr/smartcard valgrind leaks, fix hang on disconnect 2014-12-28 14:56:13 -05:00
Marc-André Moreau
b552aa9363 libfreerdp-core: add support for multiple redirection target addresses 2014-12-27 18:53:27 -05:00
Marc-André Moreau
772a0aaf0c libfreerdp-core: fix TCP connection timeout (non-Windows) 2014-12-27 16:48:32 -05:00
Marc-André Moreau
ee5a354328 freerdp: more valgrind fixes 2014-12-27 15:34:45 -05:00
Marc-André Moreau
27a8e50e60 channels: fix drdynvc, patch memory leaks 2014-12-27 15:20:29 -05:00
Marc-André Moreau
6c2ebb2b58 channels: redirection valgrind fixes 2014-12-27 13:50:50 -05:00
Marc-André Moreau
9dd77ae14a libfreerdp-core: add usage of TargetNetAddresses in ip-based redirection when hostname resolution fails 2014-12-26 13:49:25 -05:00
Marc-André Moreau
d5edfa4721 Merge branch 'master' of github.com:FreeRDP/FreeRDP 2014-12-21 14:22:09 -05:00
Vic Lee
7449abefb1 libfreerdp-core: server synchronized access to dvc channel seq. 2014-12-19 12:31:36 +08:00
Bernhard Miklautz
78d68598ed core: fix problem with data for unknown channel
Some buggy server(s) send data for channels that weren't announced or
negotiated. When processing this data FreeRDP had a problem and always
used the last channel in the channels list even if it wasn't responsible
for the data. Depending on how the channel handled the data this could
lead to different kind of problems and also segmentation faults.

Now data for unknown channels is ignored and not processed further.
2014-12-16 16:27:55 +01:00
Marc-André Moreau
736bcf2bd6 libfreerdp-core: fix async input mode for FocusInEvent, KeyboardPauseEvent 2014-12-15 11:35:35 -05:00
Marc-André Moreau
9b28562cc1 libfreerdp-core: fix faulty rdpTransport server-side initialization 2014-12-15 10:23:06 -05:00
Marc-André Moreau
e2f377ae11 libfreerdp-core: fix TSG thread shutdown and input freeze problem 2014-12-15 09:42:04 -05:00
Marc-André Moreau
74bef0edca Merge pull request #2275 from awakecoding/master
TS Gateway Fixes
2014-12-12 09:33:52 -05:00
Marc-André Moreau
aa23c4eaaa libfreerdp-core: fix random TS Gateway disconnects with async modes 2014-12-12 09:08:39 -05:00
Norbert Federa
939f1c639a Standard RDP Security Layer Levels/Method Overhaul
[MS-RDPBCGR] Section 5.3 describes the encryption level and method values for
standard RDP security.

Looking at the current usage of these values in the FreeRDP code gives me
reason to believe that there is a certain lack of understanding of how these
values should be handled.

The encryption level is only configured on the server side in the "Encryption
Level" setting found in the Remote Desktop Session Host Configuration RDP-Tcp
properties dialog and this value is never transferred from the client to the
server over the wire.
The possible options are "None", "Low", "Client Compatible", "High" and
"FIPS Compliant". The client receices this value in the Server Security Data
block (TS_UD_SC_SEC1), probably only for informational purposes and maybe to
give the client the possibility to verify if the server's decision for the
encryption method confirms to the server's encryption level.
The possible encryption methods are "NONE", "40BIT", "56BIT", "128BIT" and
"FIPS" and the RDP client advertises the ones it supports to the server in the
Client Security Data block (TS_UD_CS_SEC).
The server's configured encryption level value restricts the possible final
encryption method.
Something that I was not able to find in the documentation is the priority
level of the individual encryption methods based on which the server makes its
final method decision if there are several options.
My analysis with Windows Servers reveiled that the order is 128, 56, 40, FIPS.
The server only chooses FIPS if the level is "FIPS Comliant" or if it is the
only method advertised by the client.

Bottom line:
* FreeRDP's client side does not need to set settings->EncryptionLevel
(which was done quite frequently).
* FreeRDP's server side does not have to set the supported encryption methods
list in settings->EncryptionMethods

Changes in this commit:

Removed unnecessary/confusing changes of EncryptionLevel/Methods settings

Refactor settings->DisableEncryption
* This value actually means "Advanced RDP Encryption (NLA/TLS) is NOT used"
* The old name caused lots of confusion among developers
* Renamed it to "UseRdpSecurityLayer" (the compare logic stays untouched)

Any client's setting of settings->EncryptionMethods were annihilated
* All clients "want" to set all supported methods
* Some clients forgot 56bit because 56bit was not supported at the time the
code was written
* settings->EncryptionMethods was overwritten anyways in nego_connect()
* Removed all client side settings of settings->EncryptionMethods
The default is "None" (0)
* Changed nego_connect() to advertise all supported methods if
settings->EncryptionMethods is 0 (None)
* Added a commandline option /encryption-methods:comma separated list of the
values "40", "56", "128", "FIPS". E.g. /encryption-methods:56,128
* Print warning if server chooses non-advertised method

Verify received level and method in client's gcc_read_server_security_data
* Only accept valid/known encryption methods
* Verify encryption level/method combinations according to MS-RDPBCGR 5.3.2

Server implementations can now set settings->EncryptionLevel
* The default for settings->EncryptionLevel is 0 (None)
* nego_send_negotiation_response() changes it to ClientCompatible in that case
* default to ClientCompatible if the server implementation set an invalid level

Fix server's gcc_write_server_security_data
* Verify server encryption level value set by server implementations
* Choose rdp encryption method based on level and supported client methods
* Moved FIPS to the lowest priority (only used if other methods are possible)

Updated sample server
* Support RDP Security (RdpKeyFile was not set)
* Added commented sample code for setting the security level
2014-12-12 02:17:12 +01:00
Marc-André Moreau
cc2321d359 libfreerdp-core: fix leak and use after free in tsg ListDictionary usage 2014-12-11 17:08:22 -05:00
Marc-André Moreau
d8e10ac04a freerdp: patch leaks reported by valgrind when using TS Gateway 2014-12-11 11:25:34 -05:00
Marc-André Moreau
b579ad3cec Merge pull request #2261 from akallabeth/more_memleak_fixes
More warning and memleak fixes
2014-12-11 08:28:48 -05:00
Bernhard Miklautz
7b413fb951 nego: print message when bypassing gateway
When "detect" is used as gateway usage method (which is the default)
it is tried to by-pass gateway connection for local hosts.
The detection might take some time therefore print a message that people
are aware that a detection is tried.

Fixes #2171
2014-12-08 19:00:05 +01:00
Armin Novak
528c5841d5 Fixed memory leak. 2014-12-07 00:50:20 +01:00
Marc-André Moreau
84bccaf3fc Merge pull request #2258 from nfedera/fix-2014-12-05-02
gdi: don't pollute invalid region with empty rects
2014-12-05 14:50:25 -05:00
Norbert Federa
443ee42db5 gdi: don't pollute invalid region with empty rects 2014-12-05 19:47:29 +01:00
Norbert Federa
a7c90e16a3 cache: fixes for GlyphIndex, FastIndex & FastGlyph
* update_process_glyph_fragments() ignored the text background rectangle

* moved the OpRight value fix-up to update_process_glyph_fragments() since
  it is required for all glyph primary drawing orders
2014-12-05 18:28:43 +01:00
Norbert Federa
3baaa9a523 Merge pull request #2256 from llyzs/llyzs
libfreerdp-core: enable ipv6 listener.
2014-12-05 16:06:23 +01:00
Vic Lee
bcee2ec3cd libfreerdp-core: enable ipv6 listener. 2014-12-05 10:06:35 +08:00
Marc-André Moreau
fdd2dc7601 freerdp: patch valgrind leaks, cleanup 2014-12-03 14:17:27 -05:00
Marc-André Moreau
01ac15a879 libfreerdp-core: fix crash on failed redirect 2014-12-03 11:48:27 -05:00
Marc-André Moreau
6ccce86140 Merge branch 'master' of github.com:FreeRDP/FreeRDP
Conflicts:
	winpr/libwinpr/thread/thread.c
2014-12-03 10:10:50 -05:00
Marc-André Moreau
c17a831367 Merge pull request #2240 from nfedera/fix-2014-12-01-01
xfreerdp: pinch/pan fixes and smart-sizing
2014-12-02 14:04:49 -05:00
Norbert Federa
25f66d2e6d xfreerdp: added smart sizing, mt gesture fixes
- removed setting ScalingFactor
- added settings SmartSizingWidth and SmartSizingHeight
- changed option /smart-sizing to optionally support <width>x<height>
- consolidated transformation of input event coordinates
- rdp8 gfx ignored scaling and panning offsets: fixed
- never resize window on panning/pinching
- simplified keyboard multitouch gesture debugging emulation
- disabled keyboard multitouch gesture emulation debug code via define
2014-12-01 11:56:44 +01:00
Bernhard Miklautz
e139bd0fb8 core client side: set flag to crypt license
Client side code always tells the server that it is capable of processing
encrypted licensing packages (SEC_LICENSE_ENCRYPT_SC) but didn't set
the recently added flag to indicate that.

Fixes #2196
2014-12-01 11:12:34 +01:00
Mario Lombardo
3c634f91db Rename tcp-functions as they are conflicting with qemu functions 2014-11-29 21:14:39 +01:00
Marc-André Moreau
a323a0823d Merge branch 'master' of github.com:FreeRDP/FreeRDP 2014-11-28 11:23:53 -05:00
Marc-André Moreau
88dd5eb8c5 Merge pull request #2225 from akallabeth/openh264_fix
Openh264 v1.2 API
2014-11-28 11:23:11 -05:00
Bernhard Miklautz
daa3e7c7f8 tsg: fix possible free of initialized memory 2014-11-27 15:08:07 +01:00
Bernhard Miklautz
5066a5e455 tsg: rpc_send_enqueue_pdu always free buffer
rpc_send_enqueue_pdu returns -1 on error but the type of error isn't
distinguishable. Therefore make sure that the buffer gets always freed.
The only exception to this is when the pdu was already queued. Then the
dequeuing function should take care of freeing the buffer when
processing the pdu.
2014-11-27 14:39:47 +01:00
Bernhard Miklautz
96ae2df5a4 tsg: unwind recursion in tsg_read 2014-11-26 19:46:32 +01:00
Bernhard Miklautz
c0525574c8 transport: handle all return values of tsg_read
tsg_read can also return 0 which means that no data (complete PDU) is
currently available. This case wasn't handled properly.

Fixes #2056
2014-11-26 19:46:32 +01:00
Bernhard Miklautz
f338e1f6c3 crypto: revert pull request #2130
The fix in #2130 eliminates the problem when connecting over a gateway
but introduces other problems server side and client side (client/server
can't detect anymore when a TCP connection was closed).
2014-11-26 19:46:32 +01:00
Bernhard Miklautz
81a6c43938 tsg: fix segfault
Revert false positive from commit 585d9101b7
buffer shouldn't be freed since it is set and used in a stream.
2014-11-26 19:46:32 +01:00
Marc-André Moreau
d95af00117 Merge branch 'awakecoding' of github.com:vworkspace/FreeRDP 2014-11-25 11:20:07 -05:00
Marc-André Moreau
1c88822ccb libfreerdp-core: treat GCC data block 0xC009 as CS_MULTITRANSPORT 2014-11-19 21:00:28 -05:00
Marc-André Moreau
3f5aa863cb libfreerdp-core: fix server-side activated state 2014-11-19 14:21:23 -05:00
Marc-André Moreau
d6e6db05e9 libfreerdp-core: sanitize NSCodec capabilities 2014-11-19 09:39:47 -05:00
Marc-André Moreau
8a7a71a7b6 Merge pull request #2213 from akallabeth/wlog_callback_appender
Wlog callback appender
2014-11-17 09:41:58 -05:00
Armin Novak
e61acfe6b4 Fixed null pointer dereference. 2014-11-17 01:26:31 +01:00
Armin Novak
deef61dfd0 Fixed memory leak. 2014-11-17 01:16:56 +01:00
Armin Novak
bc963c43d8 Fixed double free. 2014-11-17 01:13:47 +01:00
Armin Novak
83477e5344 Fixed memory leak. 2014-11-17 01:10:45 +01:00
Armin Novak
727a7a9aed Fixed memory leaks. 2014-11-17 01:08:38 +01:00
Armin Novak
9ea898a3c2 Fixed memory leaks. 2014-11-17 01:07:07 +01:00
Armin Novak
28a8a6fa7e Fixed memory leak. 2014-11-17 01:04:29 +01:00
Armin Novak
2958a2c0c5 Fixed memory leaks. 2014-11-17 01:00:55 +01:00
Armin Novak
037c612c33 Fixed memory leak. 2014-11-17 00:58:43 +01:00
Armin Novak
e4b33efdb2 Fixed memory leak. 2014-11-17 00:56:56 +01:00
Armin Novak
dac7c178a1 Fixed memory leak. 2014-11-17 00:44:22 +01:00
Armin Novak
458f948c7a Fixed memory leak. 2014-11-17 00:41:06 +01:00
Armin Novak
a9cfb1d07b Fixed memory leak. 2014-11-17 00:37:29 +01:00
Armin Novak
aa92017d86 Fixed memory leak. 2014-11-17 00:36:50 +01:00
Armin Novak
a594a15220 Fixed memory leaks. 2014-11-17 00:28:17 +01:00
Armin Novak
bde7b156a8 Fixed uninitialized data warning. 2014-11-17 00:05:12 +01:00
Armin Novak
9e5be6f7e8 Fixed API nonnull warning. 2014-11-17 00:00:09 +01:00
Armin Novak
e52fdc805a Fixed API nonnull warning. 2014-11-16 23:56:51 +01:00
Armin Novak
3a92a626fc Fixed memory leaks. 2014-11-16 23:11:28 +01:00
Armin Novak
585d9101b7 Fixed memory leaks. 2014-11-16 23:06:03 +01:00
Armin Novak
07051fb3d1 Fixed memory leaks. 2014-11-16 23:00:13 +01:00
Armin Novak
e8c7d97c9d Fixed memory leaks. 2014-11-16 22:58:36 +01:00
Armin Novak
ce3e70840c Fixed uninitialized value. 2014-11-16 22:22:44 +01:00
Armin Novak
cef228d0f4 Fixed memory leak. 2014-11-16 15:54:37 +01:00
Armin Novak
b5d7c30639 Added support for OpenH264v1.2 2014-11-16 14:32:52 +01:00
Armin Novak
8d4589b1e1 Replaced fprintf error messages with WLog. 2014-11-16 12:21:38 +01:00
Marc-André Moreau
496ce10637 Merge branch 'master' of github.com:FreeRDP/FreeRDP 2014-11-15 12:37:29 -05:00
Marc-André Moreau
7300f5efdb Merge pull request #2206 from nfedera/fix-2014-11-12-01
libfreerdp-codec: fix mppc decompression
2014-11-14 10:39:44 -05:00
Norbert Federa
be7a10e660 core: use zero padding in suppress output pdu
Some legacy rdp servers seem to expect a zero padding after the
allowDisplayUpdates byte, probably because they incorrectly parse the
value as uint32.
2014-11-14 11:25:05 +01:00
Norbert Federa
7c0c905683 libfreerdp-codec: fix mppc decompression
* protect against history buffer overflows
* fix replicating copy (CopyOffset can be > HistoryBufferSize!)
2014-11-13 14:55:15 +01:00
Marc-André Moreau
1c9231acf8 libfreerdp-rail: remove 2014-11-12 19:51:17 -05:00
Marc-André Moreau
ddedc574f3 freerdp: remove tcp, uds utils 2014-11-12 14:06:34 -05:00
Marc-André Moreau
8c98cbc247 libfreerdp-utils: remove old time utils 2014-11-12 13:45:03 -05:00
Marc-André Moreau
986dae429b freerdp: remove deprecated svc_plugin.c utils 2014-11-12 13:34:07 -05:00
Marc-André Moreau
0e7c95c421 freerdp: remove deprecated eventing system 2014-11-12 13:18:18 -05:00
Marc-André Moreau
589c21d819 libfreerdp-utils: remove rail utils 2014-11-12 10:18:53 -05:00
Marc-André Moreau
68ee5df7d9 winpr: fix build warnings 2014-11-11 11:21:34 -05:00
Marc-André Moreau
a48ed7239d Merge branch 'master' of github.com:FreeRDP/FreeRDP
Conflicts:
	libfreerdp/core/update.c
2014-11-11 09:55:48 -05:00
Marc-André Moreau
e685acdbc5 Merge pull request #2194 from hopToDev/master
Added SIGPIPE handling for iOS.
2014-11-11 09:43:38 -05:00
Martin Fleisz
53f38d3e89 Merge pull request #2189 from llyzs/llyzs
Support Continuous Auto-Detection.
2014-11-11 08:42:48 +01:00
Vic Lee
36f0281ff8 libfreerdp-core: auto-detect defines. 2014-11-11 10:14:44 +08:00
Marc-André Moreau
ee7299ec3f channels/tsmf: remove dependency on deprecated eventing system 2014-11-10 16:33:34 -05:00
Mehul Dhorda
256eab682b Added SIGPIPE handling for iOS. 2014-11-10 11:52:29 -08:00
Marc-André Moreau
b7c6e9c050 Merge pull request #2188 from hopToDev/master
Ignore T.128 FlowPDU in Share Control header
2014-11-10 13:54:12 -05:00
Marc-André Moreau
a6bb185760 channels/tsmf: add new callback interface 2014-11-07 18:33:45 -05:00
Mike McDonald
7d5963a1e6 Fixed crash caused by trying to cast and dereference a NULL hChannel. 2014-11-07 18:06:14 -05:00