Commit Graph

637 Commits

Author SHA1 Message Date
Armin Novak
e6e87eb3b3 Unified strto[u]l in cmdline.c
To clean up code all integer conversions are now done by
a helper function with proper checks in place.
2018-11-22 16:28:30 +01:00
Armin Novak
2f8737d973 Improved formatting of terminal help messages. 2018-11-22 15:56:37 +01:00
Armin Novak
f79eeb7446 Fixed NULL access checks. 2018-11-22 11:19:12 +01:00
Armin Novak
c8908c8be6 Updated windows shadow server assistance usage. 2018-11-22 11:11:31 +01:00
Armin Novak
a531930f36 Disable NLA for remote assistance. 2018-11-22 11:11:31 +01:00
Armin Novak
6de2129a90 assistance v2 support 2018-11-22 11:11:31 +01:00
David Fort
e118d14f6a cmdline: add window-position argument to set initial window position
This is useful if you want the window to be at a given position. The patch also mutualizes
the parsing of <xpos>x<ypos> or <width>x<height> arguments.
2018-11-15 14:40:03 +01:00
akallabeth
268a2c0cf8
Merge pull request #4979 from hardening/CAL
license: support CAL license
2018-11-14 13:45:31 +01:00
David Fort
b6e6575bf6 license: support CAL license
This patch simplifies the licensing code mutualizing encryption / decryption
routines. It also adds the support for client_info packet that allows to send a
previously saved CAL file.
2018-11-13 09:42:19 +01:00
Bernhard Miklautz
8be6ec9720 fix [cmdline]: parameter parsing
use strtoul instead of strtol
2018-11-08 11:13:57 +01:00
Bernhard Miklautz
1222e7060b new [crypto/tls]: add support to set tls security level
The newly introduced option /tls-seclevel can be used to set the tls
security level on systems with openssl >= 1.1.0 or libressl.
As default level 1 is used as higher levels might prohibit connections
to older systems.
2018-11-08 11:13:15 +01:00
Armin Novak
88d310ff2c Fixed compiler warnings (casts, ...) 2018-10-18 09:09:30 +02:00
Martin Fleisz
e46d1d95ff
Merge pull request #4926 from akallabeth/primary_order_checks
Order data validation and correction
2018-10-17 16:02:28 +02:00
Armin Novak
7b860ce96a Add command line option /relax-order-checks 2018-10-17 12:16:58 +02:00
Armin Novak
9729590870 Fixed command line setting of flags, unified string replace 2018-10-15 12:04:33 +02:00
David Fort
2e1bf90bd9
Merge pull request #4885 from akallabeth/autoreconnect_handle_window_events
Fixed #3423: Process xevents when in reconnect mode.
2018-10-03 09:42:16 +02:00
Martin Fleisz
a90b74b8dc
Merge pull request #4879 from akallabeth/clip_fix
Fixes for clipboard #4876
2018-09-26 09:37:41 +02:00
akallabeth
0b8a66188c
Merge pull request #4865 from mmattes/feature/floatbar
Feature/floatbar for X11
2018-09-25 16:34:20 +02:00
Armin Novak
51f97f2d3e Fixed #3423: Process xevents when in reconnect mode.
Fixed crashes due to unloaded disp channel in reconnect mode.
2018-09-24 16:24:32 +02:00
Armin Novak
228e63d619 Free RDP_KEYBOARD_LAYOUT with freerdp_keyboard_layouts_free 2018-09-24 12:47:32 +02:00
Armin Novak
897c0c72a7 Unified auto_reconnect functions for all clients. 2018-09-24 10:31:43 +02:00
Markus Mattes
21e4804a7f implemented floatbar for x11 2018-09-18 21:25:51 +02:00
Martin Fleisz
0b7b9c0dc4
Merge pull request #4842 from akallabeth/smartcard_rdp_logon
Added /smartcard-logon option to set flag. (Stripped version of #4837…
2018-09-17 09:08:47 +02:00
rbarnett
e296a55fad Reject unknown connection type values for /network command line option. 2018-09-11 10:17:52 -05:00
Armin Novak
cbb4be4122 Removed manipulation of authentication modes.
Let +smartcard-logon be a simple flag not changing authentication
settings. This can be done with the /sec options already.
2018-09-07 10:54:33 +02:00
Armin Novak
0de43c8b85 Added /smartcard-logon option to set flag. (Stripped version of #4837 by @informatimago) 2018-09-04 15:50:03 +02:00
Armin Novak
456b95cbfc Fixed size of command line value string. 2018-08-27 14:34:42 +02:00
Armin Novak
114abad767 Removed use of strcpy. 2018-08-27 14:34:09 +02:00
Martin Fleisz
0fb19d04be
Merge pull request #4810 from akallabeth/no_proxy_support
No proxy support
2018-08-24 11:41:58 +02:00
Martin Fleisz
f9e52c1850
Merge pull request #4815 from akallabeth/async_transport_remove
Removed +async-transport options
2018-08-24 09:48:51 +02:00
Armin Novak
b5df39756d Added option to ignore proxy env. 2018-08-23 17:02:43 +02:00
Armin Novak
a0facc329f Added option to deactivate proxy. 2018-08-23 17:02:43 +02:00
Martin Fleisz
3381ca46e6
Merge pull request #4787 from akallabeth/redirect_fqdn_fix
Redirect fqdn fix
2018-08-23 16:07:48 +02:00
Armin Novak
c3a26b0d6a Removed +async-transport options
The async transport option is broken by design.
If used the main loop is called from the transport thread and the
main thread of the application.
Unless the transport layer is refactored to just work on queues
(input and output) this option will never work, therefore remove it.
2018-08-22 13:56:37 +02:00
Ondrej Holy
f36054b379 client/cmdline: Fix leak found by covscan
leaked_storage: Variable "base64" going out of scope leaks the storage it points to.
2018-08-22 13:35:43 +02:00
Ondrej Holy
e9549a3bdc client/common: Fix leak found by covscan
leaked_storage: Variable "file" going out of scope leaks the storage it points to.
2018-08-22 13:35:43 +02:00
Armin Novak
13564dbb41 Allow redirect address override with a list of values. 2018-08-08 12:30:47 +02:00
Armin Novak
cc5e402cda Added command line option /redirect-prefer:<fqdn|ip|netbios>
Since redirection sometimes happens with internal DNS names that
are resolved different by outside DNS it must be possible to override
the preferred redirection hint.
2018-08-08 11:24:13 +02:00
Armin Novak
eed5a41b6e Fixed funtion to function pointer argument mismatch 2018-08-01 12:56:18 +02:00
Martin Fleisz
b34e3bcf73
Merge pull request #4681 from akallabeth/wording_consistent
Fixed #4636: Consistent wording for boolean options depending on default
2018-06-26 10:19:41 +02:00
Armin Novak
348ecc4c81 Fixed memory leak in command line value parsing. 2018-06-19 12:57:28 +02:00
Pascal J. Bourguignon
15f2bafeab Cleaned up const char** -> char** for argv, since we definitely do modify the argv!
(we overwrite the password and pin arguments).
This implies changes in the argument parsing tests that now must pass a mutable argv
(copied from the statically declared test argvs).
Some other const inconsistency have been dealt with too.
2018-06-06 16:43:09 +02:00
Armin Novak
8dba31ea0e Fixed #4636: Consistent wording for boolean options depending on default. 2018-05-17 10:30:13 +02:00
Martin Fleisz
7eb12bb028
Merge pull request #4610 from akallabeth/cmd_strtol_fix
Fix #4597: Do string argument checks before a possible strtol
2018-05-04 13:28:18 +02:00
Martin Fleisz
296b19e172
Merge pull request #4596 from p-pautov/rdg_ssl_fixes
RDG related fixes for better compatibility with mstsc
2018-05-03 10:23:12 +02:00
Armin Novak
1fd5c53a74 Fix #4597: Do string argument checks before a possible strtol
strtol sets errno, which must be reset if it is no abort condition.
Invert the comparisons to avoid that.
2018-05-02 12:57:34 +02:00
David Fort
0f968b782c proxy: cleanup SOCKS support and add user/password support 2018-05-02 10:51:16 +02:00
Jiri Sasek
1ba31551a6 socks proxy reply fix 2018-05-02 09:43:03 +02:00
Pavel Pautov
32505fda13 Apply "authentication level" RDP property only to non-RDG connections (as mstsc does). 2018-04-25 18:12:23 -07:00
Jiri Sasek
b1c1549ad1 SOCKS proxy support 2018-04-23 21:01:01 +02:00
MartinHaimberger
c73c54a626
Merge pull request #4477 from akallabeth/command_line_fix
Detect command line flags in case RDP or MSINCIDENT files are used.
2018-04-04 10:06:07 +02:00
Martin Fleisz
edce38613a
Merge pull request #4529 from akallabeth/wlog_cleanup_fix
Fix #4524: Initialize with cleanup handler
2018-04-04 09:32:46 +02:00
Kai Harms
2dffc3ef96 Fix spelling of network commandline values 2018-04-03 12:12:58 +00:00
Armin Novak
e0d112d548 Removed all calls to WLog_Init and WLog_Uninit
Since the calls are no longer required remove their usage.
2018-04-03 13:06:41 +02:00
Jakob Kaivo
3a1d70d9ba add support for the "pcb" block in .rdp files provided by Project Honolulu in the VM interface 2018-03-31 22:15:39 -04:00
Armin Novak
9bd13c25c9 Added WaitableTimer implementation for mac OS. 2018-03-12 13:39:21 +01:00
Armin Novak
f430b55abf Detect command line flags in case RDP or MSINCIDENT files are used. 2018-03-09 14:25:45 +01:00
Martin Fleisz
8e5d5fa8ea
Merge pull request #4450 from akallabeth/assist_fix
Assistance and RDP file parser fix
2018-02-21 16:56:55 +01:00
Martin Fleisz
3cfa837b0c
Merge pull request #4441 from akallabeth/paa
[cleanup] Support for gatewayaccesstoken / PAA
2018-02-19 17:28:32 +01:00
Armin Novak
68641f109b Fixed .rdp and .msrcIncident checks.
The command line detection fails, if only one of the aforementioned
files is used as an argument. Detect those first and ignore command
line detection if found.
2018-02-19 10:00:54 +01:00
Martin Fleisz
5d1ff02d02
Merge pull request #4414 from akallabeth/pthread_cleanup_fix
Pthread cleanup fix
2018-02-15 11:02:37 +01:00
Jacco Braat
b592684734 Added to rdp file parsing: gatewayaccesstoken:s:<token>
Added to commandline parsing: /gat:<token>
Added GatewayAccessToken to sings
2018-02-15 10:56:57 +01:00
Martin Fleisz
19a00f2099
Merge pull request #4325 from akallabeth/fixes_com
Fixes serial redirection name check and SAM file parser
2018-02-15 10:39:33 +01:00
David Fort
b8e3b232de video: mutualize things in the common channel code 2018-02-13 10:52:53 +01:00
David Fort
b84839b21c video: a skeleton for MS-RDPEVOR client
Basics for implementing the client side of the MS-RDPEVOR channel.

Sponsored by: Rangee GmbH (http://www.rangee.de)
2018-02-13 10:51:07 +01:00
Armin Novak
7e26c54866 Set up and tear down WLog 2018-02-09 12:08:39 +01:00
Bernhard Miklautz
db2d1ffcce cmdline refactor: move cmd struct to extra file
Move the cmd struct to a extra header file. This allows it to only
include the header file in generate_argument_docbook.c and therefore
remove a linker dependencies.
2018-02-01 17:13:44 +01:00
David Fort
e1cc601963
Merge pull request #4323 from akallabeth/scanbuild_fixes
Scanbuild and other warnings fixed
2018-01-08 11:16:21 +01:00
akallabeth
27aac21c03 Fixed drive redirection argument check
Allow special cases '*' and '%' to pass parameter checks.
2017-12-28 14:05:11 +01:00
Armin Novak
4483751e08 Fixed help for /parallel 2017-12-21 15:19:29 +01:00
Armin Novak
6a21bdae3d Fixed various scanbuild warnings. 2017-12-21 09:34:35 +01:00
Armin Novak
a202476422 Fixed RDP file parser for unicode.
There was a memory corruption hidden due to ignoring the
buffer size argument.
2017-12-20 13:44:24 +01:00
akallabeth
71fd6f3116
Merge pull request #4313 from hardening/dyn_res_update
disp: implement dynamic resolution for X11
2017-12-19 13:49:02 +01:00
David Fort
80dab90f1a disp: implement dynamic resolution for X11
If the display channel is available we use it to allow the user to resize the
xfreerdp window. When the window is resized we announce a new monitor layout and
the server reacts by doing a reactivation sequence to the new size.
The minimum window size is limited to 300x300 as 2012 servers crash horribly
if we send them a smaller layout.
2017-12-14 15:13:11 +01:00
Bernhard Miklautz
1e6fea7fa7 fix channel/smartcard: simplify channel variables
Path was not really used and name was duplicated. Use the device->Name
directly.
2017-12-13 17:04:06 +01:00
David Fort
a6cfd3c49a geometry: a skeleton for the MS-RDPEGT channel
The base for implementing the MS-RDPEGT client channel that allows to track window
geometry.
2017-12-08 11:26:29 +01:00
Martin Fleisz
876a7697be
Merge pull request #4297 from akallabeth/cmd_parser_hardening
Fix #4296: Hardened command line post filter.
2017-12-05 14:40:03 +01:00
Armin Novak
78a0c4c618 Fix #4296: Hardened command line post filter. 2017-12-01 13:13:21 +01:00
akallabeth
0cb5907664
Merge pull request #4275 from ondrejholy/big-endian-fixes
Big endian fixes
2017-12-01 11:24:50 +01:00
David Fort
cf33966f2e
Merge pull request #4282 from akallabeth/force_ipv6
Fix #4281: Added option to prefer IPv6 over IPv4
2017-11-28 10:48:53 +01:00
Bernhard Miklautz
baf52f529f
Merge pull request #4261 from akallabeth/doc_ssl_store
Fix #3890: Point to OpenSSL doc for private CA
2017-11-27 11:46:54 +01:00
Armin Novak
2cc64298f2 Fix #4281: Added option to prefer IPv6 over IPv4 2017-11-27 11:43:54 +01:00
David Fort
8f8ce70f3d
Merge pull request #4229 from akallabeth/from_stdin_args
Option to force password prompt before connection
2017-11-24 15:51:46 +01:00
Ondrej Holy
90000fd36e client/common: Fix two memory leaks in RDP file processing
FALSE is returned immediately in case of parsing error and thus buffer
copy is leaked. Let's release the memory properly.
2017-11-24 10:24:47 +01:00
Ondrej Holy
5dcd1ebb06 client/common: Fix RDP file processing on big endian
TestClientRdpFile fails on big endian machines due to some bug in
unicode processing. Let's drop all the unicode functions and convert
unicode input into ascii as soon as possible. This significantly
simplify RDP file processing and also fixes TestClientRdpFile on
big endian machines.

https://github.com/FreeRDP/FreeRDP/issues/4231
2017-11-23 20:00:09 +01:00
akallabeth
71e38a4ce7
Merge pull request #4267 from ondrejholy/autofips
Enable FIPS mode automatically
2017-11-23 10:49:15 +01:00
Ondrej Holy
6973b14eed Enable FIPS mode automatically
FreeRDP aborts if OpenSSL operates in FIPS mode and +fipsmode is not
manually specified. Let's prevent the abortion and enable the necessary
options in that case automatically.
2017-11-23 10:09:17 +01:00
Martin Fleisz
2f281c06ba
Merge pull request #4244 from akallabeth/drivestoredirect
Fix parsing of drivestoredirect (#3267)
2017-11-22 12:23:04 +01:00
Armin Novak
7183189328 Fix #4257: Proper error checks for /kbd argument 2017-11-22 11:03:43 +01:00
akallabeth
77a921240b Testing argument to end with file extension. 2017-11-21 19:10:28 +01:00
Armin Novak
65482ee9bf Fixed #4249: Corruption due to recursive parser 2017-11-21 13:47:28 +01:00
Armin Novak
12a9b9a0b4 Fix #3890: Point to OpenSSL doc for private CA 2017-11-21 11:47:33 +01:00
Armin Novak
6504b81b9e Fix parsing of drivestoredirect (#3267) 2017-11-21 10:46:50 +01:00
Armin Novak
a3fb3270dc Fix #3509: Added Ctrl+Alt+Enter description 2017-11-20 13:22:53 +01:00
Armin Novak
d593b3ef58 Better description for drive redirection (Fix #3513) 2017-11-17 13:44:56 +01:00
Armin Novak
1bb4f121b4 Fixed formatting. 2017-11-17 12:45:28 +01:00
Brent Collins
1129634617 Move the disabling nla and setting the fips encryption mode based on fips
mode to happen after argument parsing to ensure it always enforced.
2017-11-17 12:43:07 +01:00
Brent Collins
d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode.
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
2017-11-17 12:43:06 +01:00
Armin Novak
ac0a912a20 Option to force password prompt before connection
The idea is based on #3257.
If a non NLA connection is requested the password callbacks are not executed
and there is currently no way to read from stdin.
This extension of /from-stdin allows reading the passwords
before the connection is established.
2017-11-16 09:55:45 +01:00
Armin Novak
4eb5b8e349 Replaced atoi 2017-11-15 15:52:16 +01:00