(we overwrite the password and pin arguments).
This implies changes in the argument parsing tests that now must pass a mutable argv
(copied from the statically declared test argvs).
Some other const inconsistency have been dealt with too.
The command line detection fails, if only one of the aforementioned
files is used as an argument. Detect those first and ignore command
line detection if found.
Move the cmd struct to a extra header file. This allows it to only
include the header file in generate_argument_docbook.c and therefore
remove a linker dependencies.
If the display channel is available we use it to allow the user to resize the
xfreerdp window. When the window is resized we announce a new monitor layout and
the server reacts by doing a reactivation sequence to the new size.
The minimum window size is limited to 300x300 as 2012 servers crash horribly
if we send them a smaller layout.
TestClientRdpFile fails on big endian machines due to some bug in
unicode processing. Let's drop all the unicode functions and convert
unicode input into ascii as soon as possible. This significantly
simplify RDP file processing and also fixes TestClientRdpFile on
big endian machines.
https://github.com/FreeRDP/FreeRDP/issues/4231
FreeRDP aborts if OpenSSL operates in FIPS mode and +fipsmode is not
manually specified. Let's prevent the abortion and enable the necessary
options in that case automatically.
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.
Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.
Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.
Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.
Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
The idea is based on #3257.
If a non NLA connection is requested the password callbacks are not executed
and there is currently no way to read from stdin.
This extension of /from-stdin allows reading the passwords
before the connection is established.
Add the sshagent plugin to forward the ssh-agent protocol over an RDP
dynamic virtual channel, just as the normal ssh-agent forwards it over
an SSH channel. Add the "/ssh-agent" command line option to enable it.
Usage:
Run FreeRDP with the ssh-agent plugin enabled:
xfreerdp /ssh-agent ...
In the remote desktop session run xrdp-ssh-agent and evaluate the output
in the shell as for ssh-agent to set the required environment variables
(specifically $SSH_AUTH_SOCK):
eval "$(xrdp-ssh-agent -s)"
This is the same as for the normal ssh-agent. You would typically do
this in your Xsession or /etc/xrdp/startwm.sh.
Limitations:
1. Error checking and handling could be improved.
2. This is only tested on Linux and will only work on systems where
clients talk to the ssh-agent via Unix domain sockets. It won't
currently work on Windows but it could be ported.
Added some checks so that when setting a cache entry fails, we close connection (or
we fail later when trying to use that empty entry).
The small cache egfx capability has also been fixed.
When building packages, especially when source packages are used, git is
not necessarily available or the source isn't provided in git. In those
cases it wasn't possible to set the GIT_REVISION and --version shows
"n/a" for the git revision.
If the file .source_version is available now the content of it is used
as GIT_REVISION. Packagers might want to add a .source_version file
when they don't build the packages from git.
Possible breaking change:
The variable PRODUCT_VERSION isn't available anymore. Use GIT_REVISION
instead.
This patch contains several improvements in order to make the help
output more readable (reduce length of first column):
- move default value into description
- use ... instead of too long format strings
- use [] for optional arguments
This patch contains several improvements for arguments list:
- use capitals consistently
- remove full stop sign at the end
- use "experimental" constiently for unstable and hacky features
- use <> for variables consistenly
- use [] for optional parts consistently.
- shorten some format strings to make /help more readable
- replace whitespace in variables for better readability (especialy man page)
- fix wrong argument tyes
- add missing formats
If the size parameter is used with a percentages like /size:50% now
an additional 'w' or 'h' can be appended (like /size:50%w) to specify
where the percentage should be applied. If both or none are set the
behavior is like it was before and the percentage is applied to width
and height.
Allow password to be stored in .RDP file and parsed and settings
updated, this will allow for dynamic .RDP files to be created with
complete login credentials, using this method the username, server and
password will no longer be visible within process lists.
Also fixed issue of username and domain being read from .RDP files and
set to null by command line processor.
Currently it is not possible to cleanly install multiple major version
of FreeRDP concurrently as some of the development libraries (.so files)
files can conflict.
This change renames all libraries to include the major version number in
the library name to fix this limitation.
The list of changed libraries:
libwinpr-tools.so -> libwinpr-tools2.so
libwinpr.so -> libwinpr2.so
libfreerdp.so -> libfreerdp2.so
libfreerdp-client.so -> libfreerdp-client2.so
libfreerdp-shadow.so -> libfreerdp-shadow2.so
libfreerdp-server.so -> libfreerdp-server2.so
libfreerdp-shadow-subsystem.so -> libfreerdp-shadow-subsystem2.so
libuwac.so -> libuwac0.so
As the library names have changed, projects that use FreeRDP will need to
update their dependencies. -
If pkg-config or cmake find modules are used, reconfiguration might be
sufficient.
Fixes#3460