* Changelog
* Added WINPR_ASSERT
Added a WinPR macro that can be used for WinPR and FreeRDP to
replace standard C assert.
It is more verbose and logs issues to WLog which makes it easier
for us to trace problems in the field.
(cherry picked from commit b435e6db9b)
* Added option do disable WINPR_ASSERT
(cherry picked from commit 3a75228242)
* Improve WINPR_ASSERT, log backtrace
(cherry picked from commit 9e94f1dace)
* Fixed warnings from WLOG_ASSERT
(cherry picked from commit 02896b0656)
* Removed cached wlog pointer
(cherry picked from commit 77580466ae)
* Replaced WINPR_ASSERT defines, use include
* Updated changelog
* Use GetComputerName instead of gethostname
(cherry picked from commit 82165d95a925a775f2f895518dba8ff6f1a732d1)
* Refactored WinPR::NTLM
* added assertions
* added log messages
* removed code duplication
(cherry picked from commit 813966da1a44acff1385de058dd89a8be93d2d1c)
* Removed unnecessary assert
(cherry picked from commit 4b1427639a9e29f911d92c0f33175e191cd5a503)
* Fixed NTLM flag handling
* NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED and NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED
* Problem with clients not supporting NTLMSSP_NEGOTIATE_LM_KEY
* Improve logging
(cherry picked from commit 3c657d58cd0e7c2398b5488902ecf77bdb2eb8d8)
* Fixed backport compile problems
* Updated changelog
* Fixed missing return check
(cherry picked from commit 46c78cf0f0)
* Fixed windows build (_snpnrintf)
(cherry picked from commit 6cccc95691ae015e9f30121a3d70f9286724413f)
* Fixed missing field read.
(cherry picked from commit cb538114ed0e0739ccc6c65754462265ba1072ed)
* Fixed#7745: Progressive surface cleanup
(cherry picked from commit edcb8284e7)
* Updated changelog
* Urbrdc fix (#7417)
* fix libusb libusb_device usage (manually unref required usb devices, versus freeing all when we still hold references to the ones we want)
* disabled detach_kernel_driver & attach_kernel_driver on win32 since libusb does not support them
* fixed libusb async event handling
* add log for transfer request error
* Update libusb_udevice.c
* refactor code
* Fix#7785: Missed GatewayHttpUseWebsockets initialization
In backport #6877 this was missed.
* Fixed FFMPEG detection without pkgconfig
(cherry picked from commit 2c31c36759)
* Supports 10bit X11 color (BGRX32 only)
(cherry picked from commit 8a86a4e8d98a26b7724640081302c7596e962a6e)
* Changelog
* Fixed /gt:xxx settings
* Disable websocket support with RPC
* Use settings getter/setter
(cherry picked from commit 882b91d98671fd072e96889587f4b98cc2ce4ff5)
* Updated Changelog
* Update header with missing flag
Added definition for TS_RAIL_CLIENTSTATUS_GET_APPID_RESPONSE_EX_SUPPORTED.
* Added support for AUDIO_PLAYBACK_DVC
Support audio on dynamic channel. Please refer to MS-RDPEA.
* fix x11 black RAIL window when connect to server 2019
Signed-off-by: 2fly2 <wjatchd@163.com>
(cherry picked from commit cb66a4c0df5f46f7f7d27d1673996dac51edd6e1)
* Changelog
* Update default android build config
Remove x86 and x86_64 to bring down pr build times
(cherry picked from commit 7e7394d905)
* Cleaned up ntlm_fetch_ntlm_v2_hash
(cherry picked from commit 4661492e5a617199457c8074bad22f766a116cdc)
* Implement BIO_CTRL_GET_KTLS_SEND and BIO_CTRL_GET_KTLS_SEND
Openssl 3.0 requires to respond to this controls. According to there
documentation it should not need them, but in practice openssl's own source
is full of places where negative return values are not checked.
(cherry picked from commit 9d7c20ce8fe50bd6de54e7480b5096761a510daf)
* Updated changelog
* Added missing WINPR_API
* Updated for 2.7.0 release
* Added app_id on wayland client
(cherry picked from commit eaae90998c0297b64c10ab62ddadc1fbb0f4c34e)
* Updated changelog
* Refactor thread condition logic
* Add better return value checks
* Combine logic blocks in structs
* Add (easier to read) static functions for blocks
* Use condition variables only in combination with BOOL
(cherry picked from commit a77038a0c78c62f63bb7372821de89074e5607a3)
* Do not mark WinPR implementation of ExitThread as noreturn
* Changelog
* Fixed leak in TestPipeCreateNamedPipeOverlapped.
(cherry picked from commit 1ee8370f28)
* Cleaned up NamedPipeOverlapped test.
(cherry picked from commit aeb2415af9)
* fix restore a maximized window when it is minimized
Signed-off-by: 2fly2 <wjatchd@163.com>
(cherry picked from commit ee8cf9e02387f0531918bf5a4bb0419c414cc37a)
* Changelog
* Fixed#7837: Overallocate zgfx output buffers
Some decoders require additional byte alignment to prevent out
of bound reads
(cherry picked from commit ce60606e190ceb72ef2ea92fe32e419cb9dd447e)
* Updated changelog
* Follow up to #7832: Add NULL checks
(cherry picked from commit 8b9ab80ef4f246befe4977f56e6e3cdfc2ecd7a7)
* Fixed#7158: detection of arm neon.
(cherry picked from commit 6e075a6a7d)
* Simplified CMake variable names
(cherry picked from commit bab6e3b3166e9d1737a03b71335edadd437cdadb)
* Moved execinfo backtrace to own file
* Moved windows backtrace to own file
(cherry picked from commit ca8c9ea7b90710a411c91e4d60af8d32f2af0650)
* Moved corkscrew backtrace to own file
(cherry picked from commit 3ef29a3275fe3c82df4525d30f7995b17075abe4)
* Added unwind.h support
(cherry picked from commit b52416da6ba37dfca70147408dfd486cc8f2567b)
* default android to unwind
(cherry picked from commit 734f90692b302008dfd0e549b06d77be03ac3454)
* Enable unwind.h and dladdr as default backtrace implementation
* config option USE_UNWIND to enable/disable
(cherry picked from commit 728d1c5892cbee981f778fa4774a14a094e5e1d5)
* Updated changelog
* Only build RFX neon path with -DWITH_NEON=ON
(cherry picked from commit d18187c949817b025f76772e065ded7cd5a69a63)
* Unified neon source options
(cherry picked from commit bfdbe180297f475fe585a1ec99e5f7ca22ab9bc2)
* Updated ios toolchain file with version from https://github.com/leetal/ios-cmake
(cherry picked from commit 0da860ad1f)
* Update iOS openssl build
(cherry picked from commit ad04153945)
* Removed obsolete toolchain file
* Fixed path of iOS toolchain file
(cherry picked from commit e53f0d781f)
* Fixed argument mismatch
(cherry picked from commit 400fe6f796)
* Defined and use _write
(cherry picked from commit 9330559d24)
* Removed manual IOS sysroot settings, let the toolchain file take care
* Fixed IOS timer detection
* Fixed IOS pthread_mutext_timedlock detection
* Fixed broken USE_UNWIND check
(cherry picked from commit 63a221d845c3a27d3e49b3510cab153a44602ef5)
* fix moving a window shrinks it 14x7 when connect to server 2019
Signed-off-by: 2fly2 <wjatchd@163.com>
(cherry picked from commit e1e2eef4e1)
* Fixed deprecated mac symbol
(cherry picked from commit 951a83e295)
* Fixed memory leaks in rdpsnd mac
(cherry picked from commit b0772fe2f0)
* changelog
* Android auto version code
(cherry picked from commit 6b7e1679cc1e42aab3ad228d3d2a392899360cdf)
* Made WITH_MEDIACODEC configurable, use newer openssl
(cherry picked from commit 0c7e5fdbfe24325007707abe208580a1e388a1c8)
* Updated openh264 and openssl versions
* Fixed memory leak in audin mac
(cherry picked from commit 24c87c5126b617f6c553fad41911ece29f01d119)
* changelog
* Use clang to build openh264
(cherry picked from commit c3787a7b8ac4abe3674f281e2432e0334c99b5d8)
* Fixed compilation warnings
* Remove android version from freeRDPCore
* Updated gradle
* rdpsnd/client: Fix handling of WaveConfirm PDUs (#7910) (#7911)
Currently, all FreeRDP-based clients don't send any WaveConfirm PDUs
for received samples, when using a dynamic channel for audio output
redirection.
[MS-RDPEA] 2.2.3.8 Wave Confirm PDU mentions, that a WaveConfirm PDU
MUST be sent, when a WaveInfo PDU + Wave PDU, or Wave2 PDU is received
and when the audio data sample is emitted to completion by the client.
The first WaveConfirm PDU is used by the server to determine the
network latency and the second WaveConfirm PDU is used by the server to
determine the render latency.
So, fix the current behaviour, where FreeRDP currently does not send
any WaveConfirm PDU, when using the dynamic channel, or only sends one
WaveConfirm PDU for the sample.
For the first WaveConfirm PDU, use the same timestamp, that was
included in the first WaveInfo/Wave2 PDU.
For the second WaveConfirm PDU, add the render latency on top of the
arrival timestamp.
* Updated RDPGFX_CAPSET_VERSION106 code to conform to spec
(cherry picked from commit 6ea15d36c423ec4ca97ea16d56602917a988cfb2)
* Add GFX 10.7 capsets
(cherry picked from commit 9190472e36b6994521fd5b670e34464261db0e9a)
* Disable scaled output PDU if no scaling support compiled
(cherry picked from commit 7e526e87708cf5530901ae2e7b8d49f67f19ae61)
* Changelog
* Fixed missing WINAPI for callback function declarations
(cherry picked from commit 3aca661f0e6adcbdace994fc2a554e55b4f58f86)
* Fixed RDPGFX_CAPVERSION_106 according to errata
The [MS-RDPEGFX] spec is not really sure which value to use, so we
just announce both, the one from the spec and the one from errata.
(cherry picked from commit 8df9170b5d2f96e17034b12525420761c504ef4c)
* Removed recursive xf_lock_x11 warning
(cherry picked from commit 298d32164c)
* Fix return of getlogin()
(cherry picked from commit 1e779f92ec5bcfd694239c2efb26614b79b0886d)
* core: server: add API to get peer accepted channel names
(cherry picked from commit 508ba9201f)
* Update ChangeLog
* Fixed format string for Stream_CheckAndLogRequiredLength
__LINE__ requires %d and not %PRIuz
(cherry picked from commit 74c1a006e9)
* rdpsnd: Enhance server implementation
The current server sided channel handling of RDPSND/AUDIO_PLAYBACK_DVC
is currently very constrained.
So, solve this. This means:
- Add the missing Training/Training Confirm PDUs
- Stop overriding the average bytes per second values, when submitting
the audio formats, as this currently makes the usage of codecs
impossible
- Add a way to send the server formats manually again, to be able to
restart the protocol after a Close PDU was sent
- Add a way to send already encoded audio data to let server
implementations to take care of the encoding process and to set
custom audio timestamps for the Video Optimized Remoting channel
- Add public attributes to let server implementations know the initial
volume and pitch values
- Add public attribute to let server implementations know the quality
mode setting
(cherry picked from commit 26488911be9ae8e00f77f075e03ddbe4dc70a402)
* Refactored rdpsnd server
* Assert all input arguments
* Unify stream buffer handling
(cherry picked from commit 33ec06083130e45a0b5db012ff2975da8798db00)
* core/server: Add APIs to get notified of DVC creation statuses
This allows server implementations to add handling for situations,
where the client side does not support them.
Particularly useful for the audio output channels (static channel as
fallback, when dynamic channel is not supported).
* server/rdpsnd: Add API to get notified of channel id
* server: Add channel handling for telemetry channel
* audin/server: Do not overwrite values of the server audio formats
It just makes the usage of codecs impossible.
* channels/server: Add APIs for DVCs to get notified of channel id
This allows server implementations to watch these channel ids for their
creation statuses.
* Update changelog
* Add WTSChannelGetOptions
* Update ChangeLog
* Invert RDPGFX_CAPVERSION_106_ERR and RDPGFX_CAPVERSION_106 values
Define the actual value as RDPGFX_CAPVERSION_106 and the wrongly
documented one as RDPGFX_CAPVERSION_106_ERR
(cherry picked from commit a42017996a3099ceeeaf49c20c1511316e3de512)
* Fix building with LibreSSL 2.7.0 or newer
With LibreSSL 2.7.0 (or newer versions) some more structs have made
opaque, which requires a few changes:
- BIO_meth_new() and related functions are now defined by LibreSSL, the
versions from opensslcompat.{h,c} does not need to be used anymore.
- HMAC_CTX is now opaque, HMAC_CTX_new(), EVP_MD_CTX_new, and related
functions should be used instead in winpr's hash.c.
* Improved RAIL order debug messages
(cherry picked from commit 44e7531847)
* Added rail_get_order_type_string_full for better debug logs
(cherry picked from commit 79ba632acb7d4c5ca0d9aaa28106fbed3d46d445)
* Added new rail orders textscaleinfo and caretblinkrate
(cherry picked from commit dfadfd3b769dc0c860087c9a0df237cab06317b6)
* Updated flags required by [MS-RDPERP]
(cherry picked from commit fc949e43874252d5fbfe27526417c2742c36b25a)
* Added RAIL compartmentinfo server to client message
(cherry picked from commit ad6dd99190657f42e44a59bd7a6ad5132f217d83)
* Removed duplicate defined symbols
stable has wnd.h defining this
* Unifiy string append functions
(cherry picked from commit f25261e271)
* freerdp/constants: Conform osMinorType values to documentation
The OSMINORTYPE_NATIVE_WAYLAND value does not officially exist in
[MS-RDPBCGR].
Its value also is the one for Windows RT.
Fix this situation, by introducing the os minor type
OSMINORTYPE_WINDOWS_RT with its correct value and by choosing a
different value for OSMINORTYPE_NATIVE_WAYLAND, as that value does not
exist officially.
* constants: Add missing OS major type constants
* channels/server: Fix channel name in license comments
* telemetry/server: Fix copyright in license comment
* server: Add channel handling for camera device and enumerator channel
* Used C style struct init
* Fixed reserved symbol use in struct name
* Fix rdpecam server channel naming
* Renamed server channel to rdpei
* Use C style struct init
* Merged camera-device.h with existing rdpecam.h
* Reordered stream advance and length check, always add header byte length
* Fixed stream advance before length checks
* Fixed copyright headers and stream length
* Update changelog
* Fixed broken format string in rdg.c
(cherry picked from commit f55a420a0001cd567f574789406f178a9f69860e)
* Added debug logs
* Added missing include for ainput server channel
(cherry picked from commit ae49581673)
* Fixed xf_Pointer_GetCursorForCurrentScale check
(cherry picked from commit a993db8e591ec9c731d9bae9cd615b1e709e90e6)
* Update scaled pointer on FocusIn
(cherry picked from commit 5f0d4fb9f7ba5f3cc502bb5a9a427bb23bdda618)
* Updated pointer debug log messages
(cherry picked from commit 73251193c2b13fd132ee5e6f2fd343bc33ed42fb)
* Removed ALAW/ULAW from alsa/oss/pulse backends
The codec does not work reliably with some hardware.
(cherry picked from commit 7b02aba636)
* Updated changelog
* freerdp/peer: Add APIs to get OS major and minor type strings
* winpr/clipboard: Allow overriding ValidFileNameComponent call
When using the wClipboard API, the connected peer might not be on the
Windows platform, where further filename restriction exists.
As a result, it is currently not possible to use the wClipboard API,
when intending to allow filenames, containing characters like ':'.
So, add a callback to the wClipboardDelegate, which is set to the
ValidFileNameComponent call by default.
This callback can be overridden by the API user, when it is known, that
there is no need to impose very strict filename restrictions.
* client/X11: Relieve CLIPRDR filename restriction when possible
Microsoft Windows imposes strict filename restrictions on its platform.
As RDP is developed by Microsoft and the RDS in MS Windows is typically
used as remote desktop server for the RDP protocol, these filename
restrictions are also enforced in WinPR, when copy-pasting files over
the clipboard.
However, in some connections no peer on MS Windows is involved and in
these situations, these filename restrictions are just an annoyance.
With a recent API addition in WinPR, it is now possible to override the
callback, where the filename is checked, whether it is valid.
So, use this new API to relieve the filename restriction, when the
connected remote desktop server is not on MS Windows.
* Update changelog
* Fixed xf_Pointer_GetCursorForCurrentScale double free
* [stable-2.0] codec/progressive: Fix wrong usage of subband diffing flag (#8077)
* codec/progressive: Fix wrong usage of subband diffing flag (#8076)
Currently, all Calista Progressive encoded streams contain tile
artifacts, when the RFX_SUBBAND_DIFFING is used, but not the
RFX_DWT_REDUCE_EXTRAPOLATE flag.
The reason is the wrong usage of the context and tile flags.
The RFX_SUBBAND_DIFFING flag should have no actual impact on the
decoder itself.
Especially, it does not affect the band sizes within a 64x64 tile.
The RFX_DWT_REDUCE_EXTRAPOLATE flag, on the other hand, MUST have an
effect on the band sizes.
However, FreeRDP currently uses the RFX_SUBBAND_DIFFING flag when
decoding a component to determine whether the Reduce-Extrapolate method
is used, resulting in tile artifacts, when that method was actually not
used.
The current behaviour did not result in tile artifacts with the MS
Windows RDS, as that server always sets both flags.
So, fix this issue by using the correct flag, when decoding a tile.
* Update changelog
* Moved clipboard utils to core library, fixes#6760 (#7752)
* Moved clipboard utils to core library, fixes#6760
(cherry picked from commit 4fb686d40f51a6a8315924ddfd1bd5d0c26b891c)
* Fixed compilation warnings in cliprdr_utils
(cherry picked from commit 8b7a086411d2563e7a44b71402d4467b7fe95630)
* Fixed backport API mismatch
* Added C++ guards to header
(cherry picked from commit 7626a2ce6a33c0cc976a69c0b8365d961fabe090)
* Backport TLS1.2 enforcement and version control from master to stable2.0 (#8094)
* Add a new command line arg to enforce tls1.2
* Add better explanation of FreeRDP_EnforceTLSv1_2
(cherry picked from commit ce2e3ab0c7)
* Regenerated settings helpers
* backport prev cherry-pick
* Cleanup tls_prepare
* TLS version control
* added settings for minimal and maximal TLS versions supported
* refactorisation of the force TLSv1.2 setting
* cleanup from prev cherry-pick
* updated change log
Co-authored-by: akallabeth <akallabeth@posteo.net>
Co-authored-by: David Véron <david.veron@rubycat.eu>
* Release 2.8.0 (#8096)
* Backport: fix test create process (#8112)
* winpr: fix unitary test when CreateProcess is CreateProcessW
As the second argument of CreateProcessW is modified to split with spaces and so
this can not be a const arg.
* winpr: removed a C++ style comment
* Fix#8186: AVCodec split version defines in two files...
* Update changelog
* Updated flatpak manifest
* Use current dependencies
* Bundle OpenSSL 1.1.1 for windows XP/vista/xp compatibility
* Build currently checked out FreeRDP instead of origin/master
(cherry picked from commit 541e8f88f6b79e0a47b4faf8b9b5cf3f8a296757)
* Add flatpak bundle build script
* Builds the flatpak manifest (uses a temporary directory for
intermediate files)
* Bundles the flatpak and writes it to the current directory
(cherry picked from commit 4a5d0df9540aa8fcd058b136b752618f5be5daec)
* Install required flathub remote and sdk automatically
(cherry picked from commit f013ebc49ab06d704ef6033eb3610519955c9123)
* Enable PKCS11
(cherry picked from commit f1569c5a7f67ebcd32f486b212b825d0b45d9c15)
* Disable execinfo support if only header detected
Some implementations (e.g. Android with API < 33) provide the
execinfo.h header file, but do not define the backtrace functions
expected. Disable the support for execinfo backtrace in such a case
(cherry picked from commit 09275bf4c7)
* winpr/{libwinpr/thread/thread.c,include/winpr/thread.h}: Keep DumpThreadHandles as a symbol even if WITH_DEBUG_THREADS is OFF.
(cherry picked from commit 8ab9809e8bb534930189b0d74fc8688048d57999)
* Updated changelog
* Fix length checks in parallel driver
The length requested was not checked against the length read from
the port.
(cherry picked from commit 094cc5a4596c299595b732effd59ee149181fd61)
* Fixed missing length check in video channel
Data received in video redirection channel was not checked for
proper length.
(cherry picked from commit eeffd1050e9284d1464b58e049b2b4d88726632b)
* Fixed tsmf ffmpeg context extra data size checks
tsmf_ffmpeg_init_stream did not abort if the video format ExtraDataSize
was not sufficiently large to satisfy expectations.
(cherry picked from commit 5beef2c5e66f8d71afb3243acea0fbc143d9b84b)
* Fixed missing input data length check
tsmf_ifman_exchange_capability_request did not check if the input
data stream actually contained the amount of bytes requested to
copy.
(cherry picked from commit 4182bfbf382ca92752595f3036744d50a3ea02fd)
* Fixed TSMF tsmf_ffmpeg_set_format length checks
ExtraDataSize of format was not checked for expected minimum length
(cherry picked from commit b7c0b43a37bc15f9bead4467a45a48368f3aae41)
* Fixed TSMF tsmf_read_format_type length checks
ExtraDataSize of format was not checked for expected minimum
length
(cherry picked from commit dc88cfc7257d741c6b0d007f569e851b81a8ff0b)
* Fixed TSMF tsmf_gstreamer_set_format length checks
ExtraDataSize of format was not checked for expected minimum
length
(cherry picked from commit 136d92bb466aa2420e8eea20420cb50da7334548)
* Fix#8176: Check fullscreen state and not setting
Timer based dynamic resolution updates are disabled in fullscreen
state. Check current value and not (permanent) setting
(cherry picked from commit a47dcd37052c38865afbaa1d0c1cf02f8730a60b)
* Send resize on window state change
(cherry picked from commit abbd1cd3802d3d7b7193f8b21fafe1950947bdf1)
* changelog
* Fixes https://github.com/FreeRDP/FreeRDP/issues/7408
(cherry picked from commit a8e80695030dd04aaba64032f04c977506010b19)
* Changelog
* Removed ALAW/ULAW from supported backend formats
pulse/alsa/oss do not reliably work with ALAW/ULAW codecs with all
hardware available.
Since these formats are poor quality anyway, deactivate them for
audin channel.
(cherry picked from commit c3e8720c87)
* Android build script updatee
* Remove JPEG build support (deprecated)
* Add sha256 check to tar/git checkout
* Update default dependency versions
(cherry picked from commit 7f13922370428149b6c86dfa34ecce1e287f538b)
* Updated version to 2.8.1
* Updated TestCryptoHash
Do multiple updates to hashes to better test implementation
(cherry picked from commit cfca31d3849c4c112952bf3f888b3310d8f72016)
* Added replacement MD4 implementation
(cherry picked from commit 095f1dca62035d05493e213300f787b80414c7a8)
* Added replacement MD5 implementation
(cherry picked from commit e6bb4fa29ae4e3dbc18fac478b1b526c0ddbd1fd)
* Added replacement HMAC-MD5 implementation
(cherry picked from commit cd7dcf71bf086d4a37bf69181dc009dd4c818074)
* Updated changelog
* Improve OpenSSL provider loading
* Added log messages for failure to load a provider
* Add code to clean up loaded providers on shutdown
(cherry picked from commit 4db4b4cb829239acb33e87b3e5f1b66a5acd6240)
* Added missing include
(cherry picked from commit d48cd82ccd4658c251727fc829ec23333eb28f82)
* Added missing return in winpr_Digest_New
(cherry picked from commit 0ea1957da5d574e2be0ad157aac397110377edf8)
* Check for NULL pointer in winpr_Digest_Free
(cherry picked from commit a806da90edb10228966fcf244908832e9f103554)
* Added support for audin version 2
(cherry picked from commit 6f62d30bfd23a386dc9597afbed1b100ae4ac0d3)
* Updated changelog
* Fixed compile error for old openssl
(cherry picked from commit f3082b3798ea77548d830de8dfd384da9274799d)
* Expose CONNECTION_STATE via public API
* Expose type CONNECTION_STATE
* Add getter freerdp_get_state
* Add helper freerdp_state_string
(cherry picked from commit 32b3f54bb3)
* Added proxy input state sync (#7282)
The proxy server component might receive input related events
before the proxy client has established the connection to the
target machine.
With this change, the current keyboard state is cached and sent
to the target when it is ready. All input events received before
the target is ready are discarded.
(cherry picked from commit 4d23bc9372)
* updated changelog
* Fixed division by zero in urbdrc
(cherry picked from commit 731f8419d04b481d7160de1f34062d630ed48765)
* Ensure urb_create_iocompletion uses size_t for calculation
(cherry picked from commit de7e0f062ee53d00b4a966a43855a716e3478150)
* Fixed missing input buffer length check in urbdrc
(cherry picked from commit 497df00f741dd4fc89292aaef2db7368aee45d0d)
* Added missing length check in urb_control_transfer
(cherry picked from commit ce838e2477cb8173ea5e98f35ad55ff41ea5117d)
* Added missing length checks in zgfx_decompress_segment
(cherry picked from commit 64716b335858109d14f27b51acc4c4d71a92a816)
* Fixed missing stream length check in drive_file_query_directory
(cherry picked from commit 4e4bb79795d6ac85473fb7a83e53ccf63d204b93)
* Added function _wcsncmp
* Compare WCHAR strings up to n characters
(cherry picked from commit 8178ed26a459356ece17414c6e871a7e0735a4ec)
* [winpr, crt] Fix wcs*cmp and wcs*len checks
(cherry picked from commit b60fac1a0470fe83e8d0b448f0fd7e9e6d6a0f96)
* [winpr, crt] Added wcsstr implementation
(cherry picked from commit 6c034ba6117a4efc9266e845fe9a9a92ed4ee61d)
* Fixed path validation in drive channel
Check that canonical path is a subpath of the shared directory
(cherry picked from commit 844c94e6d0438fa7bd8ff8d5513c3f69c3018b85)
* [capabilities] properly set RemoteFxOnly
The check was inverted, setting the flag properly now
(cherry picked from commit 73a722ec8e887d2f61bc8f80a9696701a07f84ae)
* [client,x11] Fixed#8397: Clamp scaled cursor sizes
If a cursor is scaled, ensure the result size is at least 1x1 pixel
wide.
(cherry picked from commit 0ebc468d12a8d71cf68df92787e8b8fcf9208ba8)
* Add support to send a ServerRedirection PDU.
(cherry picked from commit e35b0321213f9882ce0474dfa2a75dc1636ea115)
* Updated version to 2.9.0
* changelog
* Fix connection negotiation with mstsc/msrdc
mstsc/msrdc includes an optional correlation info
(RDP_NEG_CORRELATION_INFO) during connection negotiation. This confuses
FreeRDP which interpret this as a cookie and eventually fails the
negotiation, preventing a successful connection to these RDP client.
This commit addresses 3 things.
1) When processing connection token or cookie, skip if the remaining
bytes are neither.
2) After processing the RDP_NEG_REQ info, skip the optional correlation
info (RDP_NEG_CORRELATION_INFO) if one is present.
3) Allow local connection without server certificate when the client
inherently trust the server.
(cherry picked from commit 592f8d95be)
* [channels,printer] Fixed reference counting
* [ntlm]: use rfc5929 binding hash algorithm
rfc5929 mandates some specific hashes for the binding algorithm
(cherry picked from commit 3a10bcd36a)
* [winpr,crypto] Split headers
Split windows API emulation from custom functions
Including both might yield issues with OpenSSL headers
(cherry picked from commit d03f230426)
* [winpr,crypto] Split crypto header renamed
* Renamed custom winpr crypto function header
* Added compatiblity header
(cherry picked from commit 23f63668f535f8ac6c9054c64d6696c9aa2476aa)
* [crypto] Added sha3 define guards
sha3 is only supported with OpenSSL 1.1.1a or later
(cherry picked from commit deaf2b6666d7351e7da2389abc9827433fa68dec)
* [core,rdp] Add a check for broken RDP security
RDP security is rarely used nowadays, but there have been reports about
situations where the encryption key is missing.
Add this check to properly terminate the connection in case of such an
unexpected event.
(cherry picked from commit c8956513d6)
* [core,rdp] Refactor rdp security encryption
Unify rc4 encryption key handling, use common free and reset functions
(cherry picked from commit 1304af4748)
* [uwac] Add support for building against pixman
* [uwac] Fixed types and format strings
Do not rely on FreeRDP types, use inttypes.h and stdint.h supplied ones.
* [codec] fixed region16_union_rect
* If source and destination are equal, free the buffer on destination to
avoid compiler warnings.
* Remove assert that is not required
(cherry picked from commit 646ecd32cce8bded005b77719b031276f5574ac7)
* [channel,urbdrc] fix type of usb hotplug callback
The libusb_hotplug_callback_fn uses LIBUSB_CALL call type
(cherry picked from commit c9b806ba47b3f16793e5dc6300736d6a9c5adaf4)
* [client,x11] Fixed#8099: Detect key autorepeat
When a key is pressed in autorepeat mode, skip the KeyRelease events in
between.
(cherry picked from commit c06317c0d173ee185361a779476cb277e67f524b)
* [core,info] enforce extended info limits
the cbClientAddress field limits defined in [MS-RDPBCGR]
2.2.1.11.1.1.1 Extended Info Packet (TS_EXTENDED_INFO_PACKET) are now
properly enforced.
(cherry picked from commit 268520f9f7b22bff249be772c55f973ad60fc267)
* [core,info] enforce cbClientDir limits
the cbClientDir field limits defined in [MS-RDPBCGR] 2.2.1.11.1.1.1
Extended Info Packet (TS_EXTENDED_INFO_PACKET) are now properly enforced.
(cherry picked from commit 66de09c2b1042d6cc56a28b55d88968dea6dfe8e)
* [core,info] ensure stream length
ensure the stream is large enough for all info packets
(cherry picked from commit daaec60daefdf8be7b7905a7199ee28e907fe824)
* [core,info] improve rdp_read_info_null_string
* Removed comments with invalid assumptions
* Added arguments to rdp_read_info_null_string to indicate if the string
is expected to be '\0' terminated and what is actually read for error
logs
(cherry picked from commit 4fd3eb1469fffd3e4fce1fff7cba4d1bb146934b)
* [build] add channel path to RPATH
some parts of freerdp link in channel libraries. if they are build with
-DBUILTIN_CHANNELS=OFF the libraries are not found in the proper RPATH
locations.
* [build] add missing link targets for BUILTIN_CHANNELS
* [build] add cmake definition `WITH_PLUGIN_RPATH_ONLY`
If we compile with `BUILTIN_CHANNELS`, we need to set up a run path
to `FREERDP_PLUGIN_PATH`, even if we avoid using RPATHs in general.
Supplying `-DWITH_PLUGIN_RPATH_ONLY=ON` will do this for you.
* revert changes so that the osmajortype/osminortype is not overwritten
* core/server: Ignore data PDUs for DVCs that were not opened successfully
When a FreeRDP-based server tried to open a DVC, but the client answered
the DVC create request with a negative CreationStatus in the DVC create
response PDU, the server can then assume that no actual PDUs can be
received for that channel.
However, as long as the channel handle exists, FreeRDP happily forwards
any potential PDU for that handle disregarding the CreationStatus.
This is problematic, since the channel handling usually runs in its own
thread and as a result, the channel may not be destructed yet, when
receiving such stray PDU.
The PDU may be processed, even though it is not expected to be.
A situation, where this becomes problematic is the AUDIO_PLAYBACK_DVC
channel.
It may be the case, that the client answered the DVC create request
with a negative result, the server may try to close the handle and open
the static channel (RDPSND) instead, but before the server can close the
channel handle, the client actually sends PDUs regarding the format
negotiation.
In this case, the server may unintentionally already set things up,
which was not desired (the DVC is about to be closed anyway).
While this specific situation is hypothetical, since it would depend on
a malicious client, it is still possible to happen, especially since the
server implementation does not invoke the format negotiation, but
FreeRDP does it automatically, as soon as the DVC create request is
sent.
Fix this issue by discarding any data PDUs (DYNVC_DATA_FIRST and
DYNVC_DATA) of channels, that were not opened successfully.
* Update changelog
* [uwac] do not use iso C functions
* [winpr,ntlm] fix NTOWFvxxxA functions
MultiByte string encoding lenght might differ from WCHAR encoding
length. Pass on proper lengths.
* [winpr,sam] fix inalid NULL arguments
(cherry picked from commit efa2adc58790cfed5a355f6942f3ad04323f699a)
* uwac/input: Set the right serial when setting cursor
The serial in wl_pointer.set_cursor must exactly match the one from
wl_pointer.enter, it should not use whatever serial for any input class
is the newest.
(cherry picked from commit b2cf6f5c2c)
* uwac/input: Don't pass hotspot as offset when attaching cursor buffer
Passing a non-zero offset to cursor buffer and then calling
wl_pointer.set_cursor doesn't make much sense, as any offset will
immediately be reset. The protocol specifies the cursor set by
wl_pointer.set_cursor to be
> The parameters hotspot_x and hotspot_y define the position of
> the pointer surface relative to the pointer location. Its
> top-left corner is always at (x, y) - (hotspot_x, hotspot_y),
> where (x, y) are the coordinates of the pointer location, in
> surface-local coordinates.
This leaves no room available for any previously set offsets to be kept
in response to wl_pointer.set_cursor.
(cherry picked from commit 5b09cd57a7)
* Fix incompatible function pointer types
clang 16+ is flagging the function pointer prototype mismatches,
therefore fix it.
Fixes Issue #8487
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* [build,android] only use CMake from SDK
* only use CMake from android SDK
* abort if CMake or ndk-build are not detected
* update default OpenSSL
(cherry picked from commit de5899500623eedd8c08f5c954d85e3d378e68d9)
* Backported utils_str_*
(cherry picked from commit 50e9d3adf9)
* Cleaned up redirection code
(cherry picked from commit b545094664)
* Added utility module for string functions
(cherry picked from commit 44582f821b)
* [core,settings] add missing redirection options
* RedirectionGuid
* TargetCertificate
(cherry picked from commit a9482caff13ad253d30060959be14b1a5c0c85bf)
* [core] fix client side redirection handling
* Read previously ignored fields RedirectionGuid and TargetCertificate
* Check password requirements according to LB_PASSWORD_IS_PK_ENCRYPTED
(cherry picked from commit 968dfd7bc1c5f2e2bfadb0af658c68556b2dbf39)
* [core,nla] refactor buffer use
Use helper functions to ensure buffers are properly freed up only once
* [core,redirect] refactor settings update
* [core,redirection] fix string read, cleanup logs
(cherry picked from commit 7eb332fe983f560b76832c64ae7578db338d3947)
* [release] updated version to 2.10.0
* [release] updated changelog
* Minor fixes on FreeRDP
* AF_VSOCK as local address
* GFX redirection
* Application List support
* Track `working` branch
* remove rdpapplist from FreeRDP project (#1)
Co-authored-by: Hideyuki Nagase <hideyukn@ntdev.microsoft.com>
* add Hebrew (Standard) keyboard layout ID (#3)
Co-authored-by: Hideyuki Nagase <hideyukn@ntdev.microsoft.com>
* merge fixes
* remove RDPAPPLIST references
* merge fixes
* build verification by Ubuntu-20.04
---------
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Co-authored-by: Armin Novak <armin.novak@thincast.com>
Co-authored-by: akallabeth <akallabeth@posteo.net>
Co-authored-by: Alexandru Bagu <alexandru.bagu@gmail.com>
Co-authored-by: Kazuki Oikawa <k@oikw.org>
Co-authored-by: Steve Pronovost <spronovo@microsoft.com>
Co-authored-by: 2fly2 <wjatchd@163.com>
Co-authored-by: akarl <mike@mwsys.mine.bz>
Co-authored-by: Guillaume Démurgé <gdemurge@gmail.com>
Co-authored-by: Felix Deimel <office@lemonmojo.com>
Co-authored-by: Pascal Nowack <Pascal.Nowack@gmx.de>
Co-authored-by: kubistika <kmizrachi18@gmail.com>
Co-authored-by: Richard Dymond <rdymond@beyondtrust.com>
Co-authored-by: Adrian Perez de Castro <aperez@igalia.com>
Co-authored-by: akallabeth <akallabeth@users.noreply.github.com>
Co-authored-by: Siva Gudivada <98360053+sivagudivadaz@users.noreply.github.com>
Co-authored-by: David Véron <david.veron@rubycat.eu>
Co-authored-by: Bernhard Miklautz <bmiklautz@users.noreply.github.com>
Co-authored-by: David Fort <contact@hardening-consulting.com>
Co-authored-by: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
Co-authored-by: James Fu <james.fu@hp.com>
Co-authored-by: fifthdegree <fifthdegree@protonmail.com>
Co-authored-by: Joan Torres <joan.torres@suse.com>
Co-authored-by: Hans-Peter Jansen <hp@urpla.net>
Co-authored-by: Armin Novak <anovak@thincast.com>
Co-authored-by: Jonas Ådahl <jadahl@gmail.com>
Co-authored-by: Khem Raj <raj.khem@gmail.com>
Co-authored-by: Vinicius Jarina <viniciusjarina@gmail.com>
Co-authored-by: Hideyuki Nagase <hideyukn@ntdev.microsoft.com>
Co-authored-by: Hideyuki Nagase <hideyukn@HIDEYUKN-SB3>
* Use platform 19.08
* Remove shared-modules, no longer required (udev is now part of the
platform)
* Switch PCSC source to github to avoid rate limitations.
- The libavresample as part of FFmpeg was declared as deprecated in
favor of libswresample on Dec 25 2017 in commit "lavr: deprecate the
entire library"
(c29038f304
;
c29038f304).
As major Linux distributions (RPM, DEB and Archlinux) provide now
FFmpeg and libswresample as its part use the libswresample instead of
libavresample.
Signed-off-by: Vladimir Lomov <vladimir@smoon7.vl-lomov.ru>
* fix bogus date in %changelog
* add/extend %if conditions for %{rhel}
* disable wayland on rhel <= 7
* enable GSSAPI and add krb5-devel build dep
* don't add provides information for libs of this package
to prevent messing with packages depending on libs
provided by system freerdp packages
The nightly packages fail on some distributions on i386 if address
sanitizer is active (mostly due to oder libasan versions). Disable it
for now for i386.
* man pages are only build/installed if WITH_MANPAGES is enabled
* create a new cmake function install_freerdp_man to unified install man
pages
* install all man pages using the new function
* update the nightly packages accordingly
* fix spelling errors
* move man page from section 1 to section 7
* fix the man page header to match the actual section
* adapt the packages for wlog.7
Fixes#3632
It's unclear why this option would be necessary, and it causes problems
when people do not match it to their toolchain and CFLAGS.
To set the float abi, either use a toolchain with an appropriate default
or set the float-abi option in the CFLAGS environment variable.
This should resolve#2586.
Recent cmake versions (starting with 3.0) don't use multiarch
libdir when the install prefix is not /usr. To have the same library
directory for all packages explicitly set CMAKE_INSTALL_LIBDIR to lib.