Adds support for server-side remote credential guard in NLA. When enabled that allows
the remote user to connect without shipping credentials in TSCred packets. Instead
it will send his TGT encoded with a TGS from the remote server. This way the server
is able to populate that TGT in a local credential cache without knowing the user's
password.
The patch only treats the NLA part and does not contain the associated RDPEAR channel
that allows to have the complete interaction to retrieve new access tokens.
freerdp_client_settings_parse_command_line_arguments_ex allows supplying
user defined options to be parsed with the default ones from
client/common.
A callback must be implemented to handle the supplied arguments.
The mouse cursor channel enables remoting of the mouse cursor (bitmap)
over a DVC. The main use case is UDP, as only virtual channels can be
transported via UDP in RDP.
With the location channel, an RDP server can redirect the location of
the user from the client side to the server side.
The PDUs are almost the same as in the documentation, except for the
encoded types, these ones are here already parsed.
Optional values are accessed via pointers. If the pointer of a value is
NULL, then that value was not supplied by the client side.
Some virtual channels, like the location channel use encoded types to
lower the bandwidth usage.
Add common helper functions, so that each virtual channel doesn't have
to reimplement the parser functions again and again.
Under windows you can connect to a child session by requesting a named pipe to
the local server, and then do some RDP on this named pipe.
The protocol is like for /vmconnect with CredSSP, then Nego and then the "normal"
workflow for a connection. For CredSSP we force the usage of NTLM for the Negociate
SSPI, and the credentials are empty.
This patch moves the ARM configuration before starting the connection process, so
that we can do some provisioning of the FreeRDP settings with the items retrieved
from Azure.
Most notably that allows us to connect directly using RDSTLS security.
Some windows APIs do put \r\n every 64 characters of the output of a
base64 encoded blob. The extended version of crypto_base64_encode allows
to do the same.
C requires prototypes or compilers will complain about them missing. Our
library entry points do not have such, therefore add the macro
FREERDP_ENTRY_POINT which declares the function prototype automatically
before the function.