FreeRDP
Loading...
Searching...
No Matches
pf_client.c
1
24#include <winpr/assert.h>
25#include <winpr/cast.h>
26
27#include <freerdp/config.h>
28
29#include <freerdp/freerdp.h>
30#include <freerdp/gdi/gdi.h>
31#include <freerdp/client/cmdline.h>
32
33#include <freerdp/server/proxy/proxy_log.h>
34#include <freerdp/channels/drdynvc.h>
35#include <freerdp/channels/encomsp.h>
36#include <freerdp/channels/rdpdr.h>
37#include <freerdp/channels/rdpsnd.h>
38#include <freerdp/channels/cliprdr.h>
39#include <freerdp/channels/channels.h>
40
41#include "pf_client.h"
42#include "pf_channel.h"
43#include <freerdp/server/proxy/proxy_context.h>
44#include "pf_update.h"
45#include "pf_input.h"
46#include <freerdp/server/proxy/proxy_config.h>
47#include "proxy_modules.h"
48#include "pf_utils.h"
49#include "channels/pf_channel_rdpdr.h"
50#include "channels/pf_channel_smartcard.h"
51
52#define TAG PROXY_TAG("client")
53
54static void channel_data_free(void* obj);
55
56WINPR_ATTR_NODISCARD
57static BOOL proxy_server_reactivate(rdpContext* ps, const rdpContext* pc)
58{
59 WINPR_ASSERT(ps);
60 WINPR_ASSERT(pc);
61
62 if (!pf_context_copy_settings(ps->settings, pc->settings))
63 return FALSE;
64
65 /*
66 * DesktopResize causes internal function rdp_server_reactivate to be called,
67 * which causes the reactivation.
68 */
69 WINPR_ASSERT(ps->update);
70 return (ps->update->DesktopResize(ps));
71}
72
73static void pf_client_on_error_info(void* ctx, const ErrorInfoEventArgs* e)
74{
75 pClientContext* pc = (pClientContext*)ctx;
76 pServerContext* ps = nullptr;
77
78 WINPR_ASSERT(pc);
79 WINPR_ASSERT(pc->pdata);
80 WINPR_ASSERT(e);
81 ps = pc->pdata->ps;
82 WINPR_ASSERT(ps);
83
84 if (e->code == ERRINFO_NONE)
85 return;
86
87 PROXY_LOG_WARN(TAG, pc, "received ErrorInfo PDU. code=0x%08" PRIu32 ", message: %s", e->code,
88 freerdp_get_error_info_string(e->code));
89
90 /* forward error back to client */
91 freerdp_set_error_info(ps->context.rdp, e->code);
92 if (!freerdp_send_error_info(ps->context.rdp))
93 {
94 PROXY_LOG_WARN(TAG, pc, "[fail] reply ErrorInfo PDU. code=0x%08" PRIu32 ", message: %s",
95 e->code, freerdp_get_error_info_string(e->code));
96 }
97}
98
99static void pf_client_on_activated(void* ctx, WINPR_ATTR_UNUSED const ActivatedEventArgs* e)
100{
101 pClientContext* pc = (pClientContext*)ctx;
102 pServerContext* ps = nullptr;
103 freerdp_peer* peer = nullptr;
104
105 WINPR_ASSERT(pc);
106 WINPR_ASSERT(pc->pdata);
107 WINPR_ASSERT(e);
108
109 ps = pc->pdata->ps;
110 WINPR_ASSERT(ps);
111 peer = ps->context.peer;
112 WINPR_ASSERT(peer);
113 WINPR_ASSERT(peer->context);
114}
115
116WINPR_ATTR_NODISCARD
117static BOOL pf_client_load_rdpsnd(pClientContext* pc)
118{
119 rdpContext* context = (rdpContext*)pc;
120
121 WINPR_ASSERT(pc);
122 WINPR_ASSERT(pc->pdata);
123 /*
124 * if AudioOutput is enabled in proxy and client connected with rdpsnd, use proxy as rdpsnd
125 * backend. Otherwise, use sys:fake.
126 */
127 if (!freerdp_static_channel_collection_find(context->settings, RDPSND_CHANNEL_NAME))
128 {
129 const char* params[2] = { RDPSND_CHANNEL_NAME, "sys:fake" };
130
131 if (!freerdp_client_add_static_channel(context->settings, ARRAYSIZE(params), params))
132 return FALSE;
133 }
134
135 return TRUE;
136}
137
138WINPR_ATTR_NODISCARD
139static BOOL pf_client_use_peer_load_balance_info(pClientContext* pc)
140{
141 pServerContext* ps = nullptr;
142 rdpSettings* settings = nullptr;
143 DWORD lb_info_len = 0;
144 const char* lb_info = nullptr;
145
146 WINPR_ASSERT(pc);
147 WINPR_ASSERT(pc->pdata);
148 ps = pc->pdata->ps;
149 WINPR_ASSERT(ps);
150 settings = pc->context.settings;
151 WINPR_ASSERT(settings);
152
153 lb_info = freerdp_nego_get_routing_token(&ps->context, &lb_info_len);
154 if (!lb_info)
155 return TRUE;
156
157 return freerdp_settings_set_pointer_len(settings, FreeRDP_LoadBalanceInfo, lb_info,
158 lb_info_len);
159}
160
161WINPR_ATTR_NODISCARD
162static BOOL str_is_empty(const char* str)
163{
164 if (!str)
165 return TRUE;
166 if (strlen(str) == 0)
167 return TRUE;
168 return FALSE;
169}
170
171WINPR_ATTR_NODISCARD
172static BOOL pf_client_use_proxy_smartcard_auth(const rdpSettings* settings)
173{
174 BOOL enable = freerdp_settings_get_bool(settings, FreeRDP_SmartcardLogon);
175 const char* key = freerdp_settings_get_string(settings, FreeRDP_SmartcardPrivateKey);
176 const char* cert = freerdp_settings_get_string(settings, FreeRDP_SmartcardCertificate);
177
178 if (!enable)
179 return FALSE;
180
181 if (str_is_empty(key))
182 return FALSE;
183
184 if (str_is_empty(cert))
185 return FALSE;
186
187 return TRUE;
188}
189
190WINPR_ATTR_NODISCARD
191static BOOL pf_client_pre_connect(freerdp* instance)
192{
193 pClientContext* pc = nullptr;
194 pServerContext* ps = nullptr;
195 const proxyConfig* config = nullptr;
196 rdpSettings* settings = nullptr;
197
198 WINPR_ASSERT(instance);
199 pc = (pClientContext*)instance->context;
200 WINPR_ASSERT(pc);
201 WINPR_ASSERT(pc->pdata);
202 ps = pc->pdata->ps;
203 WINPR_ASSERT(ps);
204 WINPR_ASSERT(ps->pdata);
205 config = ps->pdata->config;
206 WINPR_ASSERT(config);
207 settings = instance->context->settings;
208 WINPR_ASSERT(settings);
209
210 /*
211 * as the client's settings are copied from the server's, GlyphSupportLevel might not be
212 * GLYPH_SUPPORT_NONE. the proxy currently do not support GDI & GLYPH_SUPPORT_CACHE, so
213 * GlyphCacheSupport must be explicitly set to GLYPH_SUPPORT_NONE.
214 *
215 * Also, OrderSupport need to be zeroed, because it is currently not supported.
216 */
217 if (!freerdp_settings_set_uint32(settings, FreeRDP_GlyphSupportLevel, GLYPH_SUPPORT_NONE))
218 return FALSE;
219
220 void* OrderSupport = freerdp_settings_get_pointer_writable(settings, FreeRDP_OrderSupport);
221 ZeroMemory(OrderSupport, 32);
222
223 if (WTSVirtualChannelManagerIsChannelJoined(ps->vcm, DRDYNVC_SVC_CHANNEL_NAME))
224 {
225 if (!freerdp_settings_set_bool(settings, FreeRDP_SupportDynamicChannels, TRUE))
226 return FALSE;
227 }
228
229 /* Multimon */
230 if (!freerdp_settings_set_bool(settings, FreeRDP_UseMultimon, TRUE))
231 return FALSE;
232
233 /* Sound */
234 if (!freerdp_settings_set_bool(settings, FreeRDP_AudioCapture, config->AudioInput) ||
235 !freerdp_settings_set_bool(settings, FreeRDP_AudioPlayback, config->AudioOutput) ||
236 !freerdp_settings_set_bool(settings, FreeRDP_DeviceRedirection,
237 config->DeviceRedirection) ||
238 !freerdp_settings_set_bool(settings, FreeRDP_SupportDisplayControl,
239 config->DisplayControl) ||
240 !freerdp_settings_set_bool(settings, FreeRDP_MultiTouchInput, config->Multitouch))
241 return FALSE;
242
243 if (config->RemoteApp)
244 {
245 if (WTSVirtualChannelManagerIsChannelJoined(ps->vcm, RAIL_SVC_CHANNEL_NAME))
246 {
247 if (!freerdp_settings_set_bool(settings, FreeRDP_RemoteApplicationMode, TRUE))
248 return FALSE;
249 }
250 }
251
252 if (config->DeviceRedirection)
253 {
254 if (WTSVirtualChannelManagerIsChannelJoined(ps->vcm, RDPDR_SVC_CHANNEL_NAME))
255 {
256 if (!freerdp_settings_set_bool(settings, FreeRDP_DeviceRedirection, TRUE))
257 return FALSE;
258 }
259 }
260
261 /* Display control */
262 if (!freerdp_settings_set_bool(settings, FreeRDP_SupportDisplayControl, config->DisplayControl))
263 return FALSE;
264 if (!freerdp_settings_set_bool(settings, FreeRDP_DynamicResolutionUpdate,
265 config->DisplayControl))
266 return FALSE;
267
268 if (WTSVirtualChannelManagerIsChannelJoined(ps->vcm, ENCOMSP_SVC_CHANNEL_NAME))
269 {
270 if (!freerdp_settings_set_bool(settings, FreeRDP_EncomspVirtualChannel, TRUE))
271 return FALSE;
272 }
273
274 if (config->Clipboard)
275 {
276 if (WTSVirtualChannelManagerIsChannelJoined(ps->vcm, CLIPRDR_SVC_CHANNEL_NAME))
277 {
278 if (!freerdp_settings_set_bool(settings, FreeRDP_RedirectClipboard, config->Clipboard))
279 return FALSE;
280 }
281 }
282
283 if (!freerdp_settings_set_bool(settings, FreeRDP_AutoReconnectionEnabled, TRUE))
284 return FALSE;
285
286 if (PubSub_SubscribeErrorInfo(instance->context->pubSub, pf_client_on_error_info) < 0)
287 return FALSE;
288 if (PubSub_SubscribeActivated(instance->context->pubSub, pf_client_on_activated) < 0)
289 return FALSE;
290 if (!pf_client_use_peer_load_balance_info(pc))
291 return FALSE;
292
293 return pf_modules_run_hook(pc->pdata->module, HOOK_TYPE_CLIENT_PRE_CONNECT, pc->pdata, pc);
294}
295
297typedef struct
298{
299 pServerContext* ps;
300 const char* name;
301 UINT32 backId;
302} UpdateBackIdArgs;
303
304WINPR_ATTR_NODISCARD
305static BOOL updateBackIdFn(WINPR_ATTR_UNUSED const void* key, void* value, void* arg)
306{
307 pServerStaticChannelContext* current = (pServerStaticChannelContext*)value;
308 UpdateBackIdArgs* updateArgs = (UpdateBackIdArgs*)arg;
309
310 if (strcmp(updateArgs->name, current->channel_name) != 0)
311 return TRUE;
312
313 current->back_channel_id = updateArgs->backId;
314 if (!HashTable_Insert(updateArgs->ps->channelsByBackId, &current->back_channel_id, current))
315 {
316 WLog_ERR(TAG, "error inserting channel in channelsByBackId table");
317 }
318 return FALSE;
319}
320
321WINPR_ATTR_NODISCARD
322static BOOL pf_client_update_back_id(pServerContext* ps, const char* name, UINT32 backId)
323{
324 UpdateBackIdArgs res = { ps, name, backId };
325
326 return HashTable_Foreach(ps->channelsByFrontId, updateBackIdFn, &res) == FALSE;
327}
328
329WINPR_ATTR_NODISCARD
330static BOOL pf_client_load_channels(freerdp* instance)
331{
332 pClientContext* pc = nullptr;
333 pServerContext* ps = nullptr;
334 const proxyConfig* config = nullptr;
335 rdpSettings* settings = nullptr;
336
337 WINPR_ASSERT(instance);
338 pc = (pClientContext*)instance->context;
339 WINPR_ASSERT(pc);
340 WINPR_ASSERT(pc->pdata);
341 ps = pc->pdata->ps;
342 WINPR_ASSERT(ps);
343 WINPR_ASSERT(ps->pdata);
344 config = ps->pdata->config;
345 WINPR_ASSERT(config);
346 settings = instance->context->settings;
347 WINPR_ASSERT(settings);
352 PROXY_LOG_INFO(TAG, pc, "Loading addins");
353
354 if (!pf_client_load_rdpsnd(pc))
355 {
356 PROXY_LOG_ERR(TAG, pc, "Failed to load rdpsnd client");
357 return FALSE;
358 }
359
360 if (!pf_utils_is_passthrough(config))
361 {
362 if (!freerdp_client_load_addins(instance->context->channels, settings))
363 {
364 PROXY_LOG_ERR(TAG, pc, "Failed to load addins");
365 return FALSE;
366 }
367 }
368 else
369 {
370 if (!pf_channel_rdpdr_client_new(pc))
371 return FALSE;
372#if defined(WITH_PROXY_EMULATE_SMARTCARD)
373 if (!pf_channel_smartcard_client_new(pc))
374 return FALSE;
375#endif
376 /* Copy the current channel settings from the peer connection to the client. */
377 if (!freerdp_channels_from_mcs(settings, &ps->context))
378 return FALSE;
379
380 /* Filter out channels we do not want */
381 {
382 CHANNEL_DEF* channels = (CHANNEL_DEF*)freerdp_settings_get_pointer_array_writable(
383 settings, FreeRDP_ChannelDefArray, 0);
384 UINT32 size = freerdp_settings_get_uint32(settings, FreeRDP_ChannelCount);
385 UINT32 id = MCS_GLOBAL_CHANNEL_ID + 1;
386
387 WINPR_ASSERT(channels || (size == 0));
388
389 UINT32 x = 0;
390 for (; x < size;)
391 {
392 CHANNEL_DEF* cur = &channels[x];
393 proxyChannelDataEventInfo dev = WINPR_C_ARRAY_INIT;
394
395 dev.channel_name = cur->name;
396 dev.flags = cur->options;
397
398 /* Filter out channels blocked by config */
399 if (!pf_modules_run_filter(pc->pdata->module,
400 FILTER_TYPE_CLIENT_PASSTHROUGH_CHANNEL_CREATE, pc->pdata,
401 &dev))
402 {
403 const size_t s = size - MIN(size, x + 1);
404 memmove(cur, &cur[1], sizeof(CHANNEL_DEF) * s);
405 size--;
406 }
407 else
408 {
409 if (!pf_client_update_back_id(ps, cur->name, id++))
410 {
411 WLog_ERR(TAG, "unable to update backid for channel %s", cur->name);
412 return FALSE;
413 }
414 x++;
415 }
416 }
417
418 if (!freerdp_settings_set_uint32(settings, FreeRDP_ChannelCount, x))
419 return FALSE;
420 }
421 }
422 return pf_modules_run_hook(pc->pdata->module, HOOK_TYPE_CLIENT_LOAD_CHANNELS, pc->pdata, pc);
423}
424
425WINPR_ATTR_NODISCARD
426static BOOL pf_client_receive_channel_data_hook(freerdp* instance, UINT16 channelId,
427 const BYTE* xdata, size_t xsize, UINT32 flags,
428 size_t totalSize)
429{
430 pClientContext* pc = nullptr;
431 pServerContext* ps = nullptr;
432 proxyData* pdata = nullptr;
433 pServerStaticChannelContext* channel = nullptr;
434 UINT64 channelId64 = channelId;
435
436 WINPR_ASSERT(instance);
437 WINPR_ASSERT(xdata || (xsize == 0));
438
439 pc = (pClientContext*)instance->context;
440 WINPR_ASSERT(pc);
441 WINPR_ASSERT(pc->pdata);
442
443 ps = pc->pdata->ps;
444 WINPR_ASSERT(ps);
445
446 pdata = ps->pdata;
447 WINPR_ASSERT(pdata);
448
449 channel = HashTable_GetItemValue(ps->channelsByBackId, &channelId64);
450 if (!channel)
451 return TRUE;
452
453 WINPR_ASSERT(channel->onBackData);
454 switch (channel->onBackData(pdata, channel, xdata, xsize, flags, totalSize))
455 {
456 case PF_CHANNEL_RESULT_PASS:
457 /* Ignore messages for channels that can not be mapped.
458 * The client might not have enabled support for this specific channel,
459 * so just drop the message. */
460 if (channel->front_channel_id == 0)
461 return TRUE;
462
463 return ps->context.peer->SendChannelPacket(
464 ps->context.peer, WINPR_ASSERTING_INT_CAST(UINT16, channel->front_channel_id),
465 totalSize, flags, xdata, xsize);
466 case PF_CHANNEL_RESULT_DROP:
467 return TRUE;
468 case PF_CHANNEL_RESULT_ERROR:
469 default:
470 return FALSE;
471 }
472}
473
474WINPR_ATTR_NODISCARD
475static BOOL pf_client_on_server_heartbeat(freerdp* instance, BYTE period, BYTE count1, BYTE count2)
476{
477 pClientContext* pc = nullptr;
478 pServerContext* ps = nullptr;
479
480 WINPR_ASSERT(instance);
481 pc = (pClientContext*)instance->context;
482 WINPR_ASSERT(pc);
483 WINPR_ASSERT(pc->pdata);
484 ps = pc->pdata->ps;
485 WINPR_ASSERT(ps);
486
487 return freerdp_heartbeat_send_heartbeat_pdu(ps->context.peer, period, count1, count2);
488}
489
490WINPR_ATTR_NODISCARD
491static BOOL pf_client_send_channel_data(pClientContext* pc, const proxyChannelDataEventInfo* ev)
492{
493 WINPR_ASSERT(pc);
494 WINPR_ASSERT(ev);
495
496 return Queue_Enqueue(pc->cached_server_channel_data, ev);
497}
498
499WINPR_ATTR_NODISCARD
500static BOOL sendQueuedChannelData(pClientContext* pc)
501{
502 BOOL rc = TRUE;
503
504 WINPR_ASSERT(pc);
505
506 if (pc->connected)
507 {
508 proxyChannelDataEventInfo* ev = nullptr;
509
510 Queue_Lock(pc->cached_server_channel_data);
511 while (rc && (ev = Queue_Dequeue(pc->cached_server_channel_data)))
512 {
513 UINT16 channelId = 0;
514 WINPR_ASSERT(pc->context.instance);
515
516 channelId = freerdp_channels_get_id_by_name(pc->context.instance, ev->channel_name);
517 /* Ignore unmappable channels */
518 if ((channelId == 0) || (channelId == UINT16_MAX))
519 rc = TRUE;
520 else
521 {
522 WINPR_ASSERT(pc->context.instance->SendChannelPacket);
523 rc = pc->context.instance->SendChannelPacket(pc->context.instance, channelId,
524 ev->total_size, ev->flags, ev->data,
525 ev->data_len);
526 }
527 channel_data_free(ev);
528 }
529
530 Queue_Unlock(pc->cached_server_channel_data);
531 }
532
533 return rc;
534}
535
545WINPR_ATTR_NODISCARD
546static BOOL pf_client_post_connect(freerdp* instance)
547{
548 WINPR_ASSERT(instance);
549 rdpContext* context = instance->context;
550 WINPR_ASSERT(context);
551 rdpUpdate* update = context->update;
552 WINPR_ASSERT(update);
553 pClientContext* pc = (pClientContext*)context;
554 WINPR_ASSERT(pc);
555 WINPR_ASSERT(pc->pdata);
556 rdpContext* ps = (rdpContext*)pc->pdata->ps;
557 WINPR_ASSERT(ps);
558
559 if (!pf_modules_run_hook(pc->pdata->module, HOOK_TYPE_CLIENT_POST_CONNECT, pc->pdata, pc))
560 return FALSE;
561
562 if (!gdi_init(instance, PIXEL_FORMAT_BGRA32))
563 return FALSE;
564
565 WINPR_ASSERT(freerdp_settings_get_bool(context->settings, FreeRDP_SoftwareGdi));
566
567 pf_client_register_update_callbacks(update);
568
569 /* virtual channels receive data hook */
570 pc->client_receive_channel_data_original = instance->ReceiveChannelData;
571 instance->ReceiveChannelData = pf_client_receive_channel_data_hook;
572
573 instance->heartbeat->ServerHeartbeat = pf_client_on_server_heartbeat;
574
575 pc->connected = TRUE;
576
577 /* Send cached channel data */
578 if (!sendQueuedChannelData(pc))
579 return FALSE;
580
581 /*
582 * after the connection fully established and settings were negotiated with target server,
583 * send a reactivation sequence to the client with the negotiated settings. This way,
584 * settings are synchorinized between proxy's peer and and remote target.
585 */
586 return proxy_server_reactivate(ps, context);
587}
588
589/* This function is called whether a session ends by failure or success.
590 * Clean up everything allocated by pre_connect and post_connect.
591 */
592static void pf_client_post_disconnect(freerdp* instance)
593{
594 pClientContext* pc = nullptr;
595 proxyData* pdata = nullptr;
596
597 if (!instance)
598 return;
599
600 if (!instance->context)
601 return;
602
603 pc = (pClientContext*)instance->context;
604 WINPR_ASSERT(pc);
605 pdata = pc->pdata;
606 WINPR_ASSERT(pdata);
607
608#if defined(WITH_PROXY_EMULATE_SMARTCARD)
609 pf_channel_smartcard_client_free(pc);
610#endif
611
612 pf_channel_rdpdr_client_free(pc);
613
614 pc->connected = FALSE;
615 (void)pf_modules_run_hook(pc->pdata->module, HOOK_TYPE_CLIENT_POST_DISCONNECT, pc->pdata, pc);
616
617 PubSub_UnsubscribeErrorInfo(instance->context->pubSub, pf_client_on_error_info);
618 gdi_free(instance);
619
620 /* Only close the connection if NLA fallback process is done */
621 if (!pc->allow_next_conn_failure)
622 proxy_data_abort_connect(pdata);
623}
624
625WINPR_ATTR_NODISCARD
626static BOOL pf_client_redirect(freerdp* instance)
627{
628 if (!instance)
629 return FALSE;
630
631 if (!instance->context)
632 return FALSE;
633
634 pClientContext* pc = (pClientContext*)instance->context;
635 WINPR_ASSERT(pc);
636
637#if defined(WITH_PROXY_EMULATE_SMARTCARD)
638 pf_channel_smartcard_client_reset(pc);
639#endif
640 pf_channel_rdpdr_client_reset(pc);
641
642 return pf_modules_run_hook(pc->pdata->module, HOOK_TYPE_CLIENT_REDIRECT, pc->pdata, pc);
643}
644
645/*
646 * pf_client_should_retry_without_nla:
647 *
648 * returns TRUE if in case of connection failure, the client should try again without NLA.
649 * Otherwise, returns FALSE.
650 */
651WINPR_ATTR_NODISCARD
652static BOOL pf_client_should_retry_without_nla(pClientContext* pc)
653{
654 rdpSettings* settings = nullptr;
655 const proxyConfig* config = nullptr;
656
657 WINPR_ASSERT(pc);
658 WINPR_ASSERT(pc->pdata);
659 settings = pc->context.settings;
660 WINPR_ASSERT(settings);
661 config = pc->pdata->config;
662 WINPR_ASSERT(config);
663
664 if (!config->ClientAllowFallbackToTls ||
665 !freerdp_settings_get_bool(settings, FreeRDP_NlaSecurity))
666 return FALSE;
667
668 return config->ClientTlsSecurity || config->ClientRdpSecurity;
669}
670
671WINPR_ATTR_NODISCARD
672static BOOL pf_client_set_security_settings(pClientContext* pc)
673{
674 WINPR_ASSERT(pc);
675 WINPR_ASSERT(pc->pdata);
676 rdpSettings* settings = pc->context.settings;
677 WINPR_ASSERT(settings);
678 const proxyConfig* config = pc->pdata->config;
679 WINPR_ASSERT(config);
680
681 if (!freerdp_settings_set_bool(settings, FreeRDP_RdpSecurity, config->ClientRdpSecurity))
682 return FALSE;
683 if (!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, config->ClientTlsSecurity))
684 return FALSE;
685 if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, config->ClientNlaSecurity))
686 return FALSE;
687
688 if (pf_client_use_proxy_smartcard_auth(settings))
689 {
690 /* Smartcard authentication requires smartcard redirection to be enabled */
691 if (!freerdp_settings_set_bool(settings, FreeRDP_RedirectSmartCards, TRUE))
692 return FALSE;
693
694 /* Reset username/domain, we will get that info later from the sc cert */
695 if (!freerdp_settings_set_string(settings, FreeRDP_Username, nullptr))
696 return FALSE;
697 if (!freerdp_settings_set_string(settings, FreeRDP_Domain, nullptr))
698 return FALSE;
699 }
700
701 return TRUE;
702}
703
704WINPR_ATTR_NODISCARD
705static BOOL pf_client_connect_without_nla(pClientContext* pc)
706{
707 freerdp* instance = nullptr;
708 rdpSettings* settings = nullptr;
709
710 WINPR_ASSERT(pc);
711 instance = pc->context.instance;
712 WINPR_ASSERT(instance);
713
714 if (!freerdp_context_reset(instance))
715 return FALSE;
716
717 settings = pc->context.settings;
718 WINPR_ASSERT(settings);
719
720 /* If already disabled abort early. */
721 if (!freerdp_settings_get_bool(settings, FreeRDP_NlaSecurity))
722 return FALSE;
723
724 /* disable NLA */
725 if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE))
726 return FALSE;
727
728 /* do not allow next connection failure */
729 pc->allow_next_conn_failure = FALSE;
730 return freerdp_connect(instance);
731}
732
733WINPR_ATTR_NODISCARD
734static BOOL pf_client_connect(freerdp* instance)
735{
736 pClientContext* pc = nullptr;
737 rdpSettings* settings = nullptr;
738 BOOL rc = FALSE;
739 BOOL retry = FALSE;
740
741 WINPR_ASSERT(instance);
742 pc = (pClientContext*)instance->context;
743 WINPR_ASSERT(pc);
744 settings = instance->context->settings;
745 WINPR_ASSERT(settings);
746
747 PROXY_LOG_INFO(TAG, pc, "connecting using client info: Username: %s, Domain: %s",
748 freerdp_settings_get_string(settings, FreeRDP_Username),
749 freerdp_settings_get_string(settings, FreeRDP_Domain));
750
751 if (!pf_client_set_security_settings(pc))
752 return FALSE;
753
754 if (pf_client_should_retry_without_nla(pc))
755 retry = pc->allow_next_conn_failure = TRUE;
756
757 PROXY_LOG_INFO(TAG, pc, "connecting using security settings: rdp=%d, tls=%d, nla=%d",
758 freerdp_settings_get_bool(settings, FreeRDP_RdpSecurity),
759 freerdp_settings_get_bool(settings, FreeRDP_TlsSecurity),
760 freerdp_settings_get_bool(settings, FreeRDP_NlaSecurity));
761
762 if (!freerdp_connect(instance))
763 {
764 if (!pf_modules_run_hook(pc->pdata->module, HOOK_TYPE_CLIENT_LOGIN_FAILURE, pc->pdata, pc))
765 goto out;
766
767 if (!retry)
768 goto out;
769
770 PROXY_LOG_ERR(TAG, pc, "failed to connect with NLA. retrying to connect without NLA");
771 if (!pf_client_connect_without_nla(pc))
772 {
773 PROXY_LOG_ERR(TAG, pc, "pf_client_connect_without_nla failed!");
774 goto out;
775 }
776 }
777
778 rc = TRUE;
779out:
780 pc->allow_next_conn_failure = FALSE;
781 return rc;
782}
783
789WINPR_ATTR_NODISCARD
790static DWORD WINAPI pf_client_thread_proc(pClientContext* pc)
791{
792 freerdp* instance = nullptr;
793 proxyData* pdata = nullptr;
794 DWORD nCount = 0;
795 DWORD status = 0;
796 HANDLE handles[MAXIMUM_WAIT_OBJECTS] = WINPR_C_ARRAY_INIT;
797
798 WINPR_ASSERT(pc);
799
800 instance = pc->context.instance;
801 WINPR_ASSERT(instance);
802
803 pdata = pc->pdata;
804 WINPR_ASSERT(pdata);
805 /*
806 * during redirection, freerdp's abort event might be overridden (reset) by the library, after
807 * the server set it in order to shutdown the connection. it means that the server might signal
808 * the client to abort, but the library code will override the signal and the client will
809 * continue its work instead of exiting. That's why the client must wait on `pdata->abort_event`
810 * too, which will never be modified by the library.
811 */
812 handles[nCount++] = pdata->abort_event;
813
814 if (!pf_modules_run_hook(pdata->module, HOOK_TYPE_CLIENT_INIT_CONNECT, pdata, pc))
815 {
816 proxy_data_abort_connect(pdata);
817 goto end;
818 }
819
820 if (!pf_client_connect(instance))
821 {
822 proxy_data_abort_connect(pdata);
823 goto end;
824 }
825 handles[nCount++] = Queue_Event(pc->cached_server_channel_data);
826
827 while (!freerdp_shall_disconnect_context(instance->context))
828 {
829 UINT32 tmp = freerdp_get_event_handles(instance->context, &handles[nCount],
830 ARRAYSIZE(handles) - nCount);
831
832 if (tmp == 0)
833 {
834 PROXY_LOG_ERR(TAG, pc, "freerdp_get_event_handles failed!");
835 break;
836 }
837
838 status = WaitForMultipleObjects(nCount + tmp, handles, FALSE, INFINITE);
839
840 if (status == WAIT_FAILED)
841 {
842 WLog_ERR(TAG, "WaitForMultipleObjects failed with %" PRIu32 "", status);
843 break;
844 }
845
846 /* abort_event triggered */
847 if (status == WAIT_OBJECT_0)
848 break;
849
850 if (freerdp_shall_disconnect_context(instance->context))
851 break;
852
853 if (proxy_data_shall_disconnect(pdata))
854 break;
855
856 if (!freerdp_check_event_handles(instance->context))
857 {
858 if (freerdp_get_last_error(instance->context) == FREERDP_ERROR_SUCCESS)
859 WLog_ERR(TAG, "Failed to check FreeRDP event handles");
860
861 break;
862 }
863 if (!sendQueuedChannelData(pc))
864 break;
865 }
866
867 freerdp_disconnect(instance);
868
869end:
870 (void)pf_modules_run_hook(pdata->module, HOOK_TYPE_CLIENT_UNINIT_CONNECT, pdata, pc);
871
872 return 0;
873}
874
875WINPR_ATTR_NODISCARD
876static int pf_logon_error_info(freerdp* instance, UINT32 data, UINT32 type)
877{
878 const char* str_data = freerdp_get_logon_error_info_data(data);
879 const char* str_type = freerdp_get_logon_error_info_type(type);
880
881 if (!instance || !instance->context)
882 return -1;
883
884 WLog_INFO(TAG, "Logon Error Info %s [%s]", str_data, str_type);
885 return 1;
886}
887
888static void pf_client_context_free(freerdp* instance, rdpContext* context)
889{
890 pClientContext* pc = (pClientContext*)context;
891 WINPR_UNUSED(instance);
892
893 if (!pc)
894 return;
895
896 pc->sendChannelData = nullptr;
897 Queue_Free(pc->cached_server_channel_data);
898 Stream_Free(pc->remote_pem, TRUE);
899 free(pc->remote_hostname);
900 free(pc->computerName.v);
901 HashTable_Free(pc->interceptContextMap);
902}
903
904WINPR_ATTR_NODISCARD
905static int pf_client_verify_X509_certificate(freerdp* instance, const BYTE* data, size_t length,
906 const char* hostname, UINT16 port, DWORD flags)
907{
908 pClientContext* pc = nullptr;
909
910 WINPR_ASSERT(instance);
911 WINPR_ASSERT(data);
912 WINPR_ASSERT(length > 0);
913 WINPR_ASSERT(hostname);
914
915 pc = (pClientContext*)instance->context;
916 WINPR_ASSERT(pc);
917
918 if (!Stream_EnsureCapacity(pc->remote_pem, length))
919 return 0;
920 Stream_ResetPosition(pc->remote_pem);
921
922 free(pc->remote_hostname);
923 pc->remote_hostname = nullptr;
924
925 if (length > 0)
926 Stream_Write(pc->remote_pem, data, length);
927
928 if (hostname)
929 pc->remote_hostname = _strdup(hostname);
930 pc->remote_port = port;
931 pc->remote_flags = flags;
932
933 Stream_SealLength(pc->remote_pem);
934 if (!pf_modules_run_hook(pc->pdata->module, HOOK_TYPE_CLIENT_VERIFY_X509, pc->pdata, pc))
935 return 0;
936 return 1;
937}
938
939void channel_data_free(void* obj)
940{
941 union
942 {
943 const void* cpv;
944 void* pv;
945 } cnv;
946 proxyChannelDataEventInfo* dst = obj;
947 if (dst)
948 {
949 cnv.cpv = dst->data;
950 free(cnv.pv);
951
952 cnv.cpv = dst->channel_name;
953 free(cnv.pv);
954 free(dst);
955 }
956}
957
958WINPR_ATTR_MALLOC(channel_data_free, 1)
959WINPR_ATTR_NODISCARD
960static void* channel_data_copy(const void* obj)
961{
962 union
963 {
964 const void* cpv;
965 void* pv;
966 } cnv;
967 const proxyChannelDataEventInfo* src = obj;
968 proxyChannelDataEventInfo* dst = nullptr;
969
970 WINPR_ASSERT(src);
971
972 dst = calloc(1, sizeof(proxyChannelDataEventInfo));
973 if (!dst)
974 goto fail;
975
976 *dst = *src;
977 if (src->channel_name)
978 {
979 dst->channel_name = _strdup(src->channel_name);
980 if (!dst->channel_name)
981 goto fail;
982 }
983 dst->data = malloc(src->data_len);
984 if (!dst->data)
985 goto fail;
986
987 cnv.cpv = dst->data;
988 memcpy(cnv.pv, src->data, src->data_len);
989 return dst;
990
991fail:
992 channel_data_free(dst);
993 return nullptr;
994}
995
996WINPR_ATTR_NODISCARD
997static BOOL pf_client_client_new(freerdp* instance, rdpContext* context)
998{
999 wObject* obj = nullptr;
1000 pClientContext* pc = (pClientContext*)context;
1001
1002 if (!instance || !context)
1003 return FALSE;
1004
1005 instance->LoadChannels = pf_client_load_channels;
1006 instance->PreConnect = pf_client_pre_connect;
1007 instance->PostConnect = pf_client_post_connect;
1008 instance->PostDisconnect = pf_client_post_disconnect;
1009 instance->Redirect = pf_client_redirect;
1010 instance->LogonErrorInfo = pf_logon_error_info;
1011 instance->VerifyX509Certificate = pf_client_verify_X509_certificate;
1012
1013 pc->remote_pem = Stream_New(nullptr, 4096);
1014 if (!pc->remote_pem)
1015 return FALSE;
1016
1017 pc->sendChannelData = pf_client_send_channel_data;
1018 pc->cached_server_channel_data = Queue_New(TRUE, -1, -1);
1019 if (!pc->cached_server_channel_data)
1020 return FALSE;
1021 obj = Queue_Object(pc->cached_server_channel_data);
1022 WINPR_ASSERT(obj);
1023 obj->fnObjectNew = channel_data_copy;
1024 obj->fnObjectFree = channel_data_free;
1025
1026 pc->interceptContextMap = HashTable_New(FALSE);
1027 if (!pc->interceptContextMap)
1028 return FALSE;
1029
1030 if (!HashTable_SetupForStringData(pc->interceptContextMap, FALSE))
1031 return FALSE;
1032
1033 obj = HashTable_ValueObject(pc->interceptContextMap);
1034 WINPR_ASSERT(obj);
1035 obj->fnObjectFree = intercept_context_entry_free;
1036
1037 return TRUE;
1038}
1039
1040WINPR_ATTR_NODISCARD
1041static int pf_client_client_stop(rdpContext* context)
1042{
1043 pClientContext* pc = (pClientContext*)context;
1044 proxyData* pdata = nullptr;
1045
1046 WINPR_ASSERT(pc);
1047 pdata = pc->pdata;
1048 WINPR_ASSERT(pdata);
1049
1050 PROXY_LOG_DBG(TAG, pc, "aborting client connection");
1051 proxy_data_abort_connect(pdata);
1052 freerdp_abort_connect_context(context);
1053
1054 return 0;
1055}
1056
1057int RdpClientEntry(RDP_CLIENT_ENTRY_POINTS* pEntryPoints)
1058{
1059 WINPR_ASSERT(pEntryPoints);
1060
1061 ZeroMemory(pEntryPoints, sizeof(RDP_CLIENT_ENTRY_POINTS));
1062 pEntryPoints->Version = RDP_CLIENT_INTERFACE_VERSION;
1063 pEntryPoints->Size = sizeof(RDP_CLIENT_ENTRY_POINTS_V1);
1064 pEntryPoints->ContextSize = sizeof(pClientContext);
1065 /* Client init and finish */
1066 pEntryPoints->ClientNew = pf_client_client_new;
1067 pEntryPoints->ClientFree = pf_client_context_free;
1068 pEntryPoints->ClientStop = pf_client_client_stop;
1069 return 0;
1070}
1071
1075DWORD WINAPI pf_client_start(LPVOID arg)
1076{
1077 DWORD rc = 1;
1078 pClientContext* pc = (pClientContext*)arg;
1079
1080 WINPR_ASSERT(pc);
1081 if (freerdp_client_start(&pc->context) == 0)
1082 rc = pf_client_thread_proc(pc);
1083 freerdp_client_stop(&pc->context);
1084 return rc;
1085}
freerdp_settings_get_string
WINPR_ATTR_NODISCARD FREERDP_API const char * freerdp_settings_get_string(const rdpSettings *settings, FreeRDP_Settings_Keys_String id)
Returns a immutable string settings value.
freerdp_settings_set_bool
WINPR_ATTR_NODISCARD FREERDP_API BOOL freerdp_settings_set_bool(rdpSettings *settings, FreeRDP_Settings_Keys_Bool id, BOOL val)
Sets a BOOL settings value.
freerdp_settings_get_pointer_writable
WINPR_ATTR_NODISCARD FREERDP_API void * freerdp_settings_get_pointer_writable(rdpSettings *settings, FreeRDP_Settings_Keys_Pointer id)
Returns a mutable pointer settings value.
Definition settings_getters.c:4092
freerdp_settings_set_uint32
WINPR_ATTR_NODISCARD FREERDP_API BOOL freerdp_settings_set_uint32(rdpSettings *settings, FreeRDP_Settings_Keys_UInt32 id, UINT32 val)
Sets a UINT32 settings value.
freerdp_settings_set_pointer_len
WINPR_ATTR_NODISCARD FREERDP_API BOOL freerdp_settings_set_pointer_len(rdpSettings *settings, FreeRDP_Settings_Keys_Pointer id, const void *data, size_t len)
Set a pointer to value data.
Definition common/settings.c:1487
freerdp_settings_get_uint32
WINPR_ATTR_NODISCARD FREERDP_API UINT32 freerdp_settings_get_uint32(const rdpSettings *settings, FreeRDP_Settings_Keys_UInt32 id)
Returns a UINT32 settings value.
freerdp_settings_set_string
WINPR_ATTR_NODISCARD FREERDP_API BOOL freerdp_settings_set_string(rdpSettings *settings, FreeRDP_Settings_Keys_String id, const char *val)
Sets a string settings value. The param is copied.
Definition settings_getters.c:3733
freerdp_settings_get_bool
WINPR_ATTR_NODISCARD FREERDP_API BOOL freerdp_settings_get_bool(const rdpSettings *settings, FreeRDP_Settings_Keys_Bool id)
Returns a boolean settings value.
CHANNEL_DEF
Definition wtsapi.h:78
wObject
This struct contains function pointer to initialize/free objects.
Definition collections.h:52
wObject::fnObjectFree
OBJECT_FREE_FN fnObjectFree
Definition collections.h:59
wObject::fnObjectNew
WINPR_ATTR_NODISCARD OBJECT_NEW_FN fnObjectNew
Definition collections.h:54