Commit Graph

2449 Commits

Author SHA1 Message Date
akarl
97957fcde0 Implement BIO_CTRL_GET_KTLS_SEND and BIO_CTRL_GET_KTLS_SEND
Openssl 3.0 requires to respond to this controls. According to there
documentation it should not need them, but in practice openssl's own source
is full of places where negative return values are not checked.

(cherry picked from commit 9d7c20ce8f)
2022-04-25 09:19:45 +02:00
akallabeth
9ab0667b54 Fix #7785: Missed GatewayHttpUseWebsockets initialization
In backport #6877 this was missed.
2022-04-07 12:25:24 +02:00
Armin Novak
061edc109f Fixed backport compile problems 2022-04-06 10:22:06 +02:00
Armin Novak
c6bd48f926 Use GetComputerName instead of gethostname
(cherry picked from commit 82165d95a9)
2022-04-06 10:22:06 +02:00
Armin Novak
2008751c04 Replaced WINPR_ASSERT defines, use include 2022-03-28 12:08:51 +02:00
Armin Novak
6462eca724 Workaround for [MS-RDPBCGR] 2.2.9.2.3 Frame Marker Command (TS_FRAME_MARKER)
Connections with  windows 2016 and 2019 sometimes receive short
frame marker. Ignore these to prevent disconnects

(cherry picked from commit 91ef44ed35)
2022-03-09 16:19:34 +01:00
Armin Novak
631e71bebd Added more log messages for SurfaceCommand failures
(cherry picked from commit c6f2040912)
2022-03-08 15:35:54 +01:00
Armin Novak
1e9485e4d9 Fixed #7696: Abort freerdp_connect if manually canceled
If freerdp_abort_connect is called, set FREERDP_ERROR_CONNECT_CANCELLED
This way freerdp_reconnect can distinguish between network issues and
user interaction and abort a retry attempt.

(cherry picked from commit a6b42ff6c9)
2022-03-07 15:24:08 +01:00
akallabeth
de805f8565 Decreased logging verbosity for INFO level
(cherry picked from commit e6b0373859)
2022-03-03 10:52:00 +01:00
Hiroshi Ota
e480e97ea0 Fix missing KBD_JAPANESE condition
(cherry picked from commit 18e8a67f75)
2022-02-14 09:21:41 +00:00
Armin Novak
bbeb3e08eb Added adjustable tcp connect timeout
(cherry picked from commit 2a91afb0cf)
2022-01-10 12:05:36 +01:00
Steve Pronovost
6b8558f3fa Fix protocol violation when uploading large ICON
When uploading large ICON (96x96), we end up growing the stream
mid-update. Stream_EnsureCapacity end up reallocating the stream
with a larger capacity to accomodate the large ICON size, but in
doing so, also updating the sealed length for the data currently in
the stream. This breaks the assumption between update_begin_paint
and update_end_paint where the sealed lenght is used to keep track
of the location where we need to update the orders counts after
we're done accumulating update. As a result of the growth and lost
of that location, the number of orders is written to the wrong
location and the resulting stream is invalid which result in a
protocol violation and a connection drop.

The current fix uses a new offsetOrder in the update object to
keep track of where update_end_paint needs to write the number
of orders contained. I think a better fix would be for
Stream_EnsureCapacity to preserve the sealead length of the
stream on growth, but this has a much more significant impact and
careful analysis needs to be done to ensure this doesn't violate
other assumption. Need to follow up with FreeRDP developer to get
their take on this one.
2021-12-17 11:47:45 +01:00
akallabeth
4034026072 Fixed #7436: Datatype mismatch 2021-11-12 17:03:23 +01:00
akallabeth
2ddb22f7a4 Fixed #7436: Datatype mismatch to crypto_base64_decode 2021-11-12 12:12:04 +01:00
akallabeth
101fe1d877 Ignore redirection password in case of smartcard auth
(cherry picked from commit 11d1c0308b)
2021-11-05 14:57:11 +01:00
akallabeth
d39a7ba5c3
Stable 2.0 backports (#7366)
* Fixed typo in changelog

* Fix FIPS mode support and build with OpenSSL 3.0

FreeRDP fails to build with OpenSSL 3.0 because of usage of the `FIPS_mode`
and `FIPS_mode_set` functions, which were removed there. Just a note that
the FIPS mode is not supported by OpenSSL 1.1.* although the mentioned
functions are still there (see https://wiki.openssl.org/index.php/FIPS_modules).
Let's make FreeRDP build with OpenSSL 3.0 and fix the FIPS mode support.

See: https://bugzilla.redhat.com/show_bug.cgi?id=1952937
(cherry picked from commit 26bf2816c3)

* winpr: avoid calling FIPS_mode() with OpenSSL 3.0

Fixes: 26bf2816c3
(cherry picked from commit 0c81c73c8d)

* winpr/crypto: Load legacy provider to fix rc4 with OpenSSL 3.0 (#7210)

* winpr/crypto: Exit cleanly when EVP_EncryptInit_ex fails

The `EVP_EncryptInit_ex` function may fail in certain configurations.
Consequently, FreeRDP segfaults in `EVP_CIPHER_CTX_set_key_length`.
Let's handle the `EVP_EncryptInit_ex` failures and exit cleanly in
such case.

* winpr/crypto: Load legacy provider to fix rc4 with OpenSSL 3.0

Currently, the `EVP_EncryptInit_ex` function fails for rc4 with OpenSSL 3.0.
This is becuase rc4 is provided by the legacy provider which is not loaded
by default. Let's explicitly load the legacy provider to make FreeRDP work
with OpenSSL 3.0.

Relates: https://github.com/openssl/openssl/issues/14392
Fixes: https://github.com/FreeRDP/FreeRDP/issues/6604
(cherry picked from commit 67f3fff2c8)

Conflicts:
	winpr/libwinpr/crypto/cipher.c

* Fix TestUnicodeConversion on big endian machines (#7219)

Wide character literals are stored in native byte order.
Use an array of bytes as a reference instead.

Fixes: https://github.com/FreeRDP/FreeRDP/issues/6968
(cherry picked from commit 5208a67ea7)

* Fixed async-input quit

* Fix data write on usb channel

* Bitmap update fix (#7349)

* Added checks for bitmap width and heigth values

Data received from the server might have invalid values for bitmap
with or height. Abort parsing if such a value is found.
Reported by Sunglin from the Knownsec 404 team & 0103 sec team

* Added checks for glyph width & height

* Fixed #7363: Length checks in ConvertUTF8toUTF16

(cherry picked from commit 623a77258a)

* Implemented missing TSG debug functions

(cherry picked from commit c06c463806)

* Refactored RPC gateway parser

Utilize wStream instead of custom binary parsing code, add proper
input validation.
Reported by Sunglin from the Knownsec 404 team & 0103 sec team

(cherry picked from commit f0b44da67c)

* Replaced chmod with safer fchmod

* Use fchmod so the file may not change underneath
* Add unit tests for SetFileAttributesA
* Add warning logs for unsupported flags

(cherry picked from commit c8571dd5fd)

* Updated changelog and version

* Added more explicit warning for deprecated command line

* Add exit codes for more errors

(cherry picked from commit aa4c3dfb8a)

* Updated changelog.

Co-authored-by: Ondrej Holy <oholy@redhat.com>
Co-authored-by: Mike Gilbert <floppym@gentoo.org>
Co-authored-by: Ondrej Holy <ondrejholy@users.noreply.github.com>
Co-authored-by: Ian Weir <mr.weir@me.com>
2021-10-21 08:30:50 +02:00
akallabeth
537a877627 Replace fopen and path functions with wrappers (#7043)
Functions like fopen, PathFileExists, PathMakePath need to call
the wide character versions on windows for utf-8 support.

(cherry picked from commit 6b36c6d417)
2021-07-27 11:57:33 +02:00
akallabeth
3c908de5a4 Added rdg_read_http_unicode_string error messages
Added log entries in case something in the packet is wrong

(cherry picked from commit 7c2855b4a8)
2021-05-25 15:30:50 +02:00
akallabeth
7beda29158 Fixed CodeQL warnings
(cherry picked from commit 95a9e60827)
2021-03-12 12:41:44 +01:00
akarl
c138785669 use tlsOut BIO when using websocket in rdg_bio_ctrl
(cherry picked from commit 0e19c443e4)
2021-03-12 07:49:50 +01:00
akallabeth
f4c87729e3 Backported #6865: Disable websockets command line option 2021-03-08 15:33:23 +01:00
akallabeth
136a58fbd0 Added -DDEFINE_NO_DEPRECATED CMake option
With that option all symbols marked deprecated are no longer
compiled. This helps testing compatibility of external apps.
2021-03-01 10:58:24 +01:00
akallabeth
73753f8af4 Reverted connectErrorCode removal
Reverted changes from e4b30a5cb6
removing the symbol/define, keep the changes for the clients.
Mark as deprecated
2021-03-01 10:58:24 +01:00
akallabeth
fba23b8ef7 Fixed formatting and source/destination length use
(cherry picked from commit f0ba8d7fb9)
2021-02-25 09:51:41 +01:00
mingfang
707828df8f libfreerdp: core: deep copy ServerCertificate
(cherry picked from commit b078377105)
2021-02-25 09:51:41 +01:00
Armin Novak
0428ec9e21 Fixed issue with backported websockets support 2021-02-25 09:51:41 +01:00
Armin Novak
ee65815128 Added ConnectionStateChangeEvent for clients
Clients can now subscribe to connection state change events to
prevend data from being transmitted on sessions being redirected.

(cherry picked from commit 27f6df9778)
2021-02-25 09:51:41 +01:00
Michael Saxl
4516c2bc15 rdg websocket support
(cherry picked from commit 99489318f4)
2021-02-25 09:51:41 +01:00
Armin Novak
377c61648f Do not recreate already initialized codecs
GFX and SurfaceBits commands share a common codec backend.
Recreating all codec context on GFX initialization will break
clients that are decoding SurfaceBits codec while having the GFX
channel initialized.

(cherry picked from commit 91a6ac131370c48a742b8bcc58ad188bb7ed60f8)
2021-02-25 09:51:41 +01:00
akallabeth
176893e6da Fixed default return for DrawOrderInfo
(cherry picked from commit 4587ef976c)
2021-02-25 09:51:41 +01:00
Armin Novak
1c590a71e7 Added option to remap scancodes
(cherry picked from commit d7bf6553c5)
2021-02-25 09:51:41 +01:00
Martin Fleisz
856316f2c6 core: Enable network auto detection by default
(cherry picked from commit ce3edb00ef)
2021-02-25 09:51:41 +01:00
Martin Fleisz
2b0958173a core: Remove connection type manipulation in gcc_write_client_core_data
Removes the changes to connection type in gcc_write_client_core_data and
adds some checks if network detection is enabled when receiving network
detection requests.

(cherry picked from commit 43825e364e)
2021-02-25 09:51:41 +01:00
kubistika
609c54512c libfreerdp: core: add checks in gcc_write_client_data_blocks
(cherry picked from commit afa213b5e5)
2021-02-25 09:51:41 +01:00
Martin Fleisz
21bce4625c gateway: Fix consent/service message in legacy gateway code
(cherry picked from commit 00d5642921)
2021-02-25 09:51:41 +01:00
akallabeth
5e5e25284b Added OrderInfo callback for primary, seconardy and altsec orders
This allows gathering statistics about which orders have been
received

(cherry picked from commit f45f92f7bb)
2021-02-25 09:51:41 +01:00
Simon Tatham
aa9b644e3a Command-line option to choose an X selection.
I personally find it more convenient to have pasted data written to
the X11 PRIMARY selection, so that I can paste it with a fast middle-
button click, than to write to CLIPBOARD which typically needs a key
sequence or menu action.

This commit adds a command-line option to let me express that
preference: now I can say "/clipboard:use-selection:PRIMARY" on the
command line, which not only enables clipboard transfer but also says
which X selection I want it to talk to. The previous options
"+clipboard" and "-clipboard" are also still supported.

(cherry picked from commit 64948b96c4)
2021-02-25 09:51:41 +01:00
akallabeth
43516beb70 Fixed support for huge files in clipboard
(cherry picked from commit f3dad4106a)
2021-02-25 09:51:41 +01:00
akallabeth
b9f00a97e3 Refactored RDG chunked data struct
(cherry picked from commit eafb4b8d5f)
2021-02-25 09:51:41 +01:00
akallabeth
971341dd37 Fixed RDP gateway types and use after free
(cherry picked from commit 8c78e67425)
2021-02-25 09:51:41 +01:00
akarl10
b3be5e49b3 Implement chunked encoding for RDG_OUT_DATA
(cherry picked from commit cfb1a878a3)
2021-02-25 09:51:41 +01:00
Armin Novak
cbf2a59dd9 Fixed unit tests run under memory sanitizer
(cherry picked from commit 816e792e3f)
2021-02-25 09:51:41 +01:00
akallabeth
ff14073182 Removed invalid check
(cherry picked from commit e019ed6566)
2021-02-25 09:51:41 +01:00
akallabeth
812233e180 Implemented 2.2.1.17.1 Persistent Key List PDU Data, added checks
* Implemented missing server side version of PDU (just skip data)
* Refactored read/write functions to properly check stream
  length/capacity and handle return values.

(cherry picked from commit ec3c333656)
2021-02-25 09:51:41 +01:00
akallabeth
db1287ddad Fixed rdp_capability_set_start checks
(cherry picked from commit a13e0f1a08)
2021-02-25 09:51:41 +01:00
akallabeth
104f3f043e Check stream capacity in rdp_capability_set_finish
(cherry picked from commit 6b0d2a2c3e)
2021-02-25 09:51:41 +01:00
akallabeth
51bf892909 Added data_pdu_type_to_string
(cherry picked from commit b6b8d74521)
2021-02-25 09:51:41 +01:00
akallabeth
bd0558c47f Fixed missing check for fastpath input messages
Input events are only allowed after a connection was established
(connection state is active)
This check aborts input sending when done before that.

(cherry picked from commit 102869f6a8)
2021-02-25 09:51:41 +01:00
Armin Novak
847de7f4ae Fix ColorFidelity use
(cherry picked from commit 8187ab7732)
2021-02-25 09:51:41 +01:00
Armin Novak
605e89a38d Fix color fidelity issues with windows 7
(cherry picked from commit 57b58df806)
2021-02-25 09:51:41 +01:00