Commit Graph

47 Commits

Author SHA1 Message Date
akallabeth
1fc0d5b4b1 [winpr] remove casts for winpr_RAND calls 2023-06-21 09:57:52 +02:00
akallabeth
87e90903ab [server,proxy] use rdpPrivateKey and rdpCertificate 2023-02-16 10:06:17 +01:00
akallabeth
f26079edf2 [proxy] implement dynamic channel filter
* Allow modules to configure intercept channels
* Allow modules to rewrite packets
2023-01-26 09:30:17 +01:00
David Fort
d59c0a49c3 proxy: fix channel shift between front and back
When some channels are filtered, some misalignement of channel ids could happen.
This patch keeps track of the back and front channel ids to correctly identify a
channel and send packets with the correct channel id.
2022-11-30 11:38:08 +01:00
akallabeth
c2bd2c8617 [server,proxy] fix const correctness
pf_context_create_client_context only creates a copy of the rdpSettings,
so just make the pointer const.
2022-11-22 15:30:31 +01:00
Armin Novak
b672bda85e Removed RdpKeyFile and RdpKeyContent settings
They are a duplicate of PrivateKeyFile and PrivateKeyContent
2022-07-06 12:01:23 +02:00
akallabeth
bc8b4ade1c reformatted 2022-06-23 08:48:39 +02:00
David Fort
aff8fdac26 proxy: correctly handle dynamic channel fragmentation
This big patch fixes fragmentation handling in the dynamic channel. We used to
have a single state to handle fragmentation at the main dynamic channel level, but
in fact packets can be fragmented per sub channel. So we have to maintain a fragmentation
state per sub channel, this involve treating dynamic and static channels differentely
(so the size of the patch that has to implement state tracking per dynamic channels).
2022-06-17 08:38:57 +02:00
akallabeth
73cdcdfe09
Logging and parser fixes (#7796)
* Fixed remdesk settings pointer

* Fixed sign warnings in display_write_monitor_layout_pdu

* Use freerdp_abort_connect_context and freerdp_shall_disconnect_context

* Added and updates settings

* info assert/dynamic timezone

* mcs assert/log/flags

* Fixed and added assertions for wStream

* Unified stream length checks

* Added new function to check for lenght and log
* Replace all usages with this new function

* Cleaned up PER, added parser logging

* Cleaned up BER, added parser logging

* log messages

* Modified Stream_CheckAndLogRequiredLengthEx

* Allow custom format and options
* Add Stream_CheckAndLogRequiredLengthExVa for prepared va_list

* Improved Stream_CheckAndLogRequiredLength

* Now have log level adjustable
* Added function equivalents for existing logger
* Added a backtrace in case of a failure is detected

* Fixed public API input checks
2022-04-19 14:29:17 +02:00
David Fort
63d0d3e4cf proxy: rework proxy channel treatments for statefull drdynvc
The rework introduce a stateful dynamic channel treatment, so that we can take early decisions
for data packet (dropping all the current packet or pass it), but also reassemble important
packets like channel creation.
2022-04-15 09:06:09 +02:00
David Fort
46eb50df2c proxy: improve channel treatment
This PR introduces per channel context so that we can speed up operations like
retrieving the channel name from its id, or knowing what shall be done for a
packet (no config ACL recomputation at each packet).
2022-02-04 08:44:22 +00:00
akallabeth
724c6f8192
Proxy cleanups (#7568)
* Fixed C++ issues with proxy context

* Added freerdp_settings_get_string_writable

* Define WITH_PROXY_EMULATE_SMARTCARD in config.h
2022-01-20 11:12:36 +01:00
Armin Novak
4e6e5be654 Added proxy intercept channels
* New configuration to intercept certain channels
* Added rdpdr intercept implementation
2022-01-11 12:34:43 +01:00
akallabeth
695e38398d Refactored proxy
* Removed unnecessary global data lists
* Improved error handling
* Do not initialize channel code in passthrough mode
2021-09-20 10:59:59 +02:00
Armin Novak
4463e5eda9 Added config dump function, improved resource cleanup 2021-09-09 08:53:20 +02:00
Armin Novak
5a2231172c Updated copyright for proxy 2021-09-09 08:53:20 +02:00
Armin Novak
976c3c2ab9 Refactored proxy and proxy-modules:
* Split out proxy headers and moved to public API to allow external
  modules to be built.
* Split proxy into proxy library and proxy binary. The library
  can be used by other applications and provides a simple API
* Improved channel passthrough, now all channels including dynamic
  channels work.
* Extended module API to hook more events, improved module samples
* Cleaned up proxy code, removed global static variables used,
  added WINPR_ASSERT
2021-09-09 08:53:20 +02:00
akallabeth
242f1734ec Fixed dpkg-buildpackage warnings 2021-06-30 11:57:23 +02:00
Armin Novak
cb642699c8 Modified HashTable API to be opaque
* Reuse wObject function pointers
* Add missing getters/setters
* Clean up return types, const correctness of arguments
2021-06-16 11:46:42 +02:00
akallabeth
e3445eefab Fixed progressive decoding without subbanddiff 2020-12-15 14:47:05 +01:00
Kobi Mizrachi
0bf225ec60 server: proxy: capture: send sid in SessionInfo 2020-06-22 12:37:53 +02:00
Kobi Mizrachi
9de59051f6 server: proxy: refactor 2020-05-19 14:42:26 +03:00
Kobi Mizrachi
079871ac65 server: proxy: support static vc passthrough 2020-02-26 11:47:01 +01:00
Kobi Mizrachi
92c3f76809 server: proxy: disconnect all active sessions on shutdown 2020-01-21 12:08:39 +01:00
Kobi Mizrachi
b2fad50cd3 server: proxy: rewrite modules API
* Add support for C++ plugins.
* Seperate between a "module" and a "plugin": a module is a shared
library that exposes a function called "proxy_module_entry_point". This
function gets a parameter to `proxyPluginsManager*`, which can be used to
register plugins.
* Refine the API of the modules infrastructure:
 * use proxyData* instead of rdpContext* when firing a hook or calling a filter.
 * use clearer names.
* Instead of having to specify a path for each module to be loaded in
the configuration, the proxy now loads modules from specificed
directory, using the CMAKE variable PROXY_PLUGINDIR.
* Add an option to specify required plugins: plugins that the proxy
wouldn't start without having them fully loaded.
2020-01-14 07:58:47 +01:00
Kobi Mizrachi
47ca28b5c3 server: proxy: fix leak in pf_context_copy_settings 2020-01-13 13:41:44 +01:00
Kobi Mizrachi
ca2e578acc server: proxy: add a unique id to each session and improve logs 2020-01-08 11:59:34 +01:00
Mati Shabtay
97606edeee proxy: Implement RAIL support in proxy 2019-12-12 11:10:44 +01:00
kubistika
09648834a0 server: proxy: fix sync issue in gfx opening 2019-11-12 12:45:01 +01:00
Armin Novak
72ca88f49c Reformatted to new style 2019-11-07 10:53:54 +01:00
kubistika
4d175f6008 server: proxy: refactor pf_context_create_client_context 2019-09-30 10:08:28 +02:00
kubistika
8a75e8f54e server: proxy: refactor 2019-09-09 17:42:18 +03:00
kubistika
f5d32f4617 server: proxy: refactor usage of pf_context_copy_settings 2019-09-09 17:35:07 +03:00
kubistika
32fff644da server: proxy: improve modules api 2019-08-23 11:58:08 +02:00
kubistika
ef306fbff6 server: proxy: pf_context.c: Fix nla crash
Because the proxy uses freerdp_settings_copy to do re-negotiation after
first connection to remote server, all redirection information
(RedirectionPassword, RedirectionDomain, etc.) pointers were duplicated
(to both client and server settings structs). Then, at disconnection, a
double-free occured.
2019-08-14 19:39:34 +02:00
kubistika
e9e1c5d748 server: proxy: naming refactor 2019-07-16 16:20:06 +03:00
kubistika
70ca028453 server: proxy: remove unnecessary files 2019-07-16 16:12:12 +03:00
kubistika
1b4371ed22 server: proxy: use freerdp_settings_copy 2019-07-16 13:47:35 +02:00
kubistika
8a115f2020 server/proxy: Refactor pdata_set_connection_info
Connection info must be set after the proxy's client connection
established, because if the client didn't provide credentials in .rdp
file, we don't know its username yet.
2019-06-26 14:25:07 +02:00
kubistika
255fab201a server/proxy: Fix rdpgfx and events leak 2019-06-26 14:25:07 +02:00
David Fort
5d1fc68629
Merge pull request #5405 from m4ntis/proxy/filters-api
Proxy: Filters API
2019-06-03 15:45:24 +02:00
kubistika
6224109a1d server/proxy: Add multimon support 2019-06-03 14:33:15 +03:00
kubistika
52e4baa949 server/proxy: Code refactor 2019-05-28 09:30:38 +03:00
kubistika
7477ac19a7 server/proxy: Fix free invalid memory when pf_server_parse_target_from_routing_token fails 2019-05-26 10:48:10 +03:00
kubistika
20e503421e server/proxy: Remove unnecessary wrap for connection info 2019-05-26 10:48:10 +03:00
kubistika
a39658fc2a server/proxy: Add external filters support 2019-05-26 10:48:10 +03:00
Mati Shabtay
b907324009 First version of an RDP proxy (#5372)
* server: Add proxy dir with barebones server

* sever/proxy: Remove licensing

* server/proxy: Add client files

* server/proxy: rm binary

* server/proxy: Formatting

* server/proxy: Fixed includes and added basic client creation functionality

* server/proxy: Remove licensing and fix ifndef

* proxy/server: Fix cmake indentation

* server/proxy: Fix licensing

* server/proxy: Forward connection on peer_post_connect

* server/proxy: Fix function signature

* server/proxy: Changed function signature of proxy_client_start

* server/proxy: Now peer_post_connect calls proxy_client_start in a new thread

* pfreerdp.c: Clean up useless comments and logs

* server/proxy: Fix license

* server/proxy: Remove all non-connection related data from proxy_context

* server/proxy: Move Log Tag definition to pf_log.h

* server/proxy: Move context definition to pf_context

* server/proxy: Delete pfreerdp.h

* pfreerdp.c: Move context callbacks to pf_context.c

* server/proxy: Update CMakeLists.txt

* pf_channels: Use new proxy context API

* pf_client: Move context to pf_context

* pf_client.c: Remove unnessecary event handling

* server/proxy: Formatting

* proxy/server: Move server logic to pf_server.c

* server/proxy: Handle client disconnection

* Merge stash

* pf_server.c: Open GFX Connection to client

* server: CMakeLists: build proxy along with other servers

* server: proxy: get target server from rdpNego->RoutingToken

Iv'e omitted a check from  which im not sure is right. Should check in docs

* server/proxy: Handle remote server -> client disconnection

* server/proxy: Move common function  to pf_common.c

* server/proxy: Move common function  to pf_common.c

* rdpgfx.h: Add reference to freerdp.h for rdpContext

* pf_channels: Pipe GFX on channel connection

* server/proxy: Add pf_rdpgfx for proxy gfx callbacks

* pf_client: Declare dynvc and gfx capabilities on connection

* server/proxy: Add graphics callbacks

* server/proxy: Add graphics callbacks

* pf_server: Listen to channel events

* Pass user settings to server

* pf_server: Proxy mouse events

* fixup! server/proxy: Add graphics callbacks

* pf_client: Fix setting initialization

* Merge feat/proxy-gfx to feat/proxy

* pf_server: Fix double freed credentials

* server/proxy: Remove unnecessary call to freerdp_client_settings_parse_command_line

* server/proxy: Refactor re-activation code

* server/proxy: Run format scripts

* server/proxy: Fix segfault when post_disconnect return FALSE

* server/proxy: Refactor proxy_settings_mirror

* server/proxy: Redirect credentials

* server/proxy: move proxy_settings_mirror to pf_common.c

* server/proxy: Redirect desktop_resize event

* pf_client: Remove interactive CLI auth methods

* fixup! server/proxy: Redirect credentials

* server/proxy: Rename proxy_mirror_settings to pf_common_copy_settings

* pf_server.c: Fixed non-freed context

When the disconnection is forced by the target server, the function
`pf_server_handle_client_disconnection` isn't called. Therefore, the
context of the connection between the proxy to tagrget isn't freed.

* fixup! pf_server.c: Fixed non-freed context

* pf_client: Prefix all client methods with pf_client

* pf_context: Add init client to proxy context method

* pf_server: Confirm all GFX caps regardless of settings

* pf_server: Prefix all methods with pf_server

* pf_server: Move variable decleration to start of method

* pf_server: Fix client setting

* pf_server: Fix GFX init method

* pf_server: Move variable decleration to start of methods

* server/proxy: Formatting

* Merge feat/proxy

* pf_server: Proxy synchronize event

* pf_server: Proxy refresh rect update events

* pf_server: Proxy suppress output messages

* server/proxy: Fix licensing

* server/proxy: Move client input callbacks to pf_input

* server/proxy: Move client update callbacks to pf_update

* server/proxy: Fix non-terminated target host string

* Feat/proxy config (#2)

* server/proxy: Add config loading support

* server/proxy: Add config file

* server/proxy: Format code

* server/proxy: Code refactor, rename update_register_callbacks and input_register_callbacks

* server/proxy: Update config file

* server/proxy: Remove config.ini from root directory

* Remove comment from config file

* server/proxy: Fix leak in pf_server_load_config

* server/proxy: Add rdpServerProxy struct and embed it in proxyContext

* server/proxy: Load configuration and pass it inside every proxyContext instance

* server/proxy: Move rdpProxyServer to proxy.h

* server/proxy: Use configuration while proxying input events

* server/proxy: Update CMakeLists

* server/proxy: Refactor pf_input.c

* server/proxy: Add AllowedChannels, DeniedChannels in configuration

* server/proxy: Remove unnecessary variable from parse_channels_from_str

* server/proxy: Update config file

* server/proxy: config: Rename  to

* server/proxy: config: Add mode - blacklist/whitelist

* server/proxy: Refactor, fix NULL deref

* server/proxy: Add license to proxy.h

* server/proxy: Fix newline in pf_config.c

* server/proxy: config: Rename Mode to WhitelistMode

* Add target in config. Add checks for configuration validity (#3)

* Add target in config. Add checks for configuration validity

* Update config file

* libfreerdp: nego: revert commented out check of routingToken length

* pf_server: Fix target host info from RoutingToken

* pf_server: Remove hardcoded lenght of routing token prefix

* Feat/refactor context (#8)

* Refactor main structs

* Update CMakeLists.txt

* pf_server.c: Free pdata at the end of the connection

* Run format scripts

* Rename tf to pc

* Fix licenses

* pf_server: Refactor names of structs and functions

* proxy: gfx: sync caps (#4)

* proxy: gfx: sync caps

* proxy: gfx: sync caps, hook gfx client's OnClose() call and close server resources

* fixup! Feat/refactor context (#8)

* fixup! fixup! Feat/refactor context (#8)

* rdpgfx/client: Fix rdpgfx_recv_caps_confirm_pdu caps set length parsing

* Run format scripts

* proxy config.ini: Change default port to 3389

* pf_rdpgfx: Limit caps version to freerdp's supported versions

* Gfx OnOpen() wait for dynvc ready (#10)

* proxy/gfx: Wait for dynvc ready state before open

* pf_channels: Initialize pc->gfx

* pf_rdpgfx: Add log and fix comments

* rdpgfx: Fix GFX v10.6 PDUs parsing and naming according to the spec

* pf_rdpgfx: Proxy rdpgfx v10.6 PDUs

* gfx client: Publish FrameAck sending and add auto ack flag

* proxy/gfx: Forward frame ack messages

* pf_context: Forward domain on connection

* pf_rdpgfx: Change max supported caps to 10.6

* proxy: Update config

* server/proxy: Use configuration in pf_server_handle_client

* rdpgfx/client: Fix size of surface_to_scaled_window, surface_to_window

* pf_rdpgfx: Fix formatting

* pf_server.c: Fix comments

* Move pf_server_rdpgfx_init to pf_rdpgfx

* server/proxy/CMakeLists.txt: Fix formatting

* pf_client.c: Add comment in proxy_server_reactivate

* Fixed const correctness of gfx function pointer

Signed-off-by: Mati Shabtay <matishabtay@gmail.com>

* server: proxy: update copyright

* server: proxy: wrap rdpNego and add a getter for routing token

* Refactor routing token getter (#14)

* Refactor routing token getter

* pf_server_parse_target_from_routing_token change routing_token_length to be DWORD

* libfreerdp/core/nego.c: Run format script

* pf_server: Run format script

* server/proxy: Fix os msbuild tests

* pf_channels.c: Remove unused channels

* pf_client: Remove unused callbacks

* proxy: Remove encomsp callbacks from proxy's client

* client/rdpgfx_main.c: Fix msbuild test

* pf_config.c: Use StrSep instead of strsep for Windows builds

* Removed nego struct from direct access.

Signed-off-by: Mati Shabtay <matishabtay@gmail.com>

* proxy: Rename binary to freerdp-proxy

* rdpgfx_main.c: Revert unwanted double change to send_supported_caps

* Cleaned up proxy server code.

* All internal functions static
* Added simple command line argument to supply a config file
* Silence compiler warnings

Signed-off-by: kubistika <kmizrachi18@gmail.com>
2019-05-17 14:32:54 +02:00