FreeRDP
Loading...
Searching...
No Matches
pf_config.c
1
23#include <stdio.h>
24#include <string.h>
25#include <winpr/crt.h>
26#include <winpr/path.h>
27#include <winpr/collections.h>
28#include <winpr/cmdline.h>
29
30#include "pf_server.h"
31#include <freerdp/server/proxy/proxy_config.h>
32
33#include <freerdp/server/proxy/proxy_log.h>
34
35#include <freerdp/crypto/crypto.h>
36#include <freerdp/channels/cliprdr.h>
37#include <freerdp/channels/rdpsnd.h>
38#include <freerdp/channels/audin.h>
39#include <freerdp/channels/rdpdr.h>
40#include <freerdp/channels/disp.h>
41#include <freerdp/channels/rail.h>
42#include <freerdp/channels/rdpei.h>
43#include <freerdp/channels/tsmf.h>
44#include <freerdp/channels/video.h>
45#include <freerdp/channels/rdpecam.h>
46
47#include "pf_utils.h"
48
49#define TAG PROXY_TAG("config")
50
51#define CONFIG_PRINT_SECTION(section) WLog_INFO(TAG, "\t%s:", section)
52#define CONFIG_PRINT_SECTION_KEY(section, key) WLog_INFO(TAG, "\t%s/%s:", section, key)
53#define CONFIG_PRINT_STR(config, key) WLog_INFO(TAG, "\t\t%s: %s", #key, (config)->key)
54#define CONFIG_PRINT_SECRET_STR(config, key) \
55 WLog_INFO(TAG, "\t\t%s: %s", #key, (config)->key ? "********" : nullptr)
56#define CONFIG_PRINT_BOOL(config, key) WLog_INFO(TAG, "\t\t%s: %s", #key, boolstr((config)->key))
57#define CONFIG_PRINT_UINT16(config, key) WLog_INFO(TAG, "\t\t%s: %" PRIu16 "", #key, (config)->key)
58#define CONFIG_PRINT_UINT32(config, key) WLog_INFO(TAG, "\t\t%s: %" PRIu32 "", #key, (config)->key)
59
60static const char* bool_str_true = "true";
61static const char* bool_str_false = "false";
62
63WINPR_ATTR_NODISCARD
64static const char* boolstr(BOOL rc)
65{
66 return rc ? bool_str_true : bool_str_false;
67}
68
69static const char* section_server = "Server";
70static const char* key_host = "Host";
71static const char* key_port = "Port";
72static const char* key_sam_file = "SamFile";
73
74static const char* section_target = "Target";
75static const char* key_target_fixed = "FixedTarget";
76static const char* key_target_user = "User";
77static const char* key_target_pwd = "Password";
78static const char* key_target_domain = "Domain";
79static const char* key_target_tls_seclevel = "TlsSecLevel";
80static const char* key_target_scard_auth = "SmartcardAuth";
81static const char* key_target_scard_cert = "SmartcardCert";
82static const char* key_target_scard_key = "SmartcardKey";
83static const char* key_target_scard_pem_cert = "SmartcardCertPEMContent";
84static const char* key_target_scard_pem_key = "SmartcardKeyPEMContent";
85
86static const char* section_plugins = "Plugins";
87static const char* key_plugins_modules = "Modules";
88static const char* key_plugins_required = "Required";
89
90static const char* section_codecs = "Codecs";
91static const char* key_codecs_rfx = "RFX";
92static const char* key_codecs_nsc = "NSC";
93
94static const char* section_channels = "Channels";
95static const char* key_channels_gfx = "GFX";
96static const char* key_channels_disp = "DisplayControl";
97static const char* key_channels_clip = "Clipboard";
98static const char* key_channels_mic = "AudioInput";
99static const char* key_channels_sound = "AudioOutput";
100static const char* key_channels_rdpdr = "DeviceRedirection";
101static const char* key_channels_video = "VideoRedirection";
102static const char* key_channels_camera = "CameraRedirection";
103static const char* key_channels_rails = "RemoteApp";
104static const char* key_channels_blacklist = "PassthroughIsBlacklist";
105static const char* key_channels_pass = "Passthrough";
106static const char* key_channels_intercept = "Intercept";
107
108static const char* section_input = "Input";
109static const char* key_input_kbd = "Keyboard";
110static const char* key_input_mouse = "Mouse";
111static const char* key_input_multitouch = "Multitouch";
112
113static const char* section_security = "Security";
114static const char* key_security_server_nla = "ServerNlaSecurity";
115static const char* key_security_server_tls = "ServerTlsSecurity";
116static const char* key_security_server_rdp = "ServerRdpSecurity";
117static const char* key_security_client_nla = "ClientNlaSecurity";
118static const char* key_security_client_tls = "ClientTlsSecurity";
119static const char* key_security_client_rdp = "ClientRdpSecurity";
120static const char* key_security_client_fallback = "ClientAllowFallbackToTls";
121
122static const char* section_certificates = "Certificates";
123static const char* key_private_key_file = "PrivateKeyFile";
124static const char* key_private_key_content = "PrivateKeyContent";
125static const char* key_cert_file = "CertificateFile";
126static const char* key_cert_content = "CertificateContent";
127
128WINPR_ATTR_MALLOC(free, 1)
129static char* pf_config_decode_base64(const char* data, const char* name, size_t* pLength);
130
131WINPR_ATTR_MALLOC(CommandLineParserFree, 1)
132WINPR_ATTR_NODISCARD
133static char** pf_config_parse_comma_separated_list(const char* list, size_t* count)
134{
135 if (!list || !count)
136 return nullptr;
137
138 if (strlen(list) == 0)
139 {
140 *count = 0;
141 return nullptr;
142 }
143
144 return CommandLineParseCommaSeparatedValues(list, count);
145}
146
147WINPR_ATTR_NODISCARD
148static BOOL pf_config_get_uint16(wIniFile* ini, const char* section, const char* key,
149 UINT16* result, BOOL required)
150{
151 int val = 0;
152 const char* strval = nullptr;
153
154 WINPR_ASSERT(result);
155
156 strval = IniFile_GetKeyValueString(ini, section, key);
157 if (!strval && required)
158 {
159 WLog_ERR(TAG, "key '%s.%s' does not exist.", section, key);
160 return FALSE;
161 }
162 else if (!strval)
163 goto out;
164
165 val = IniFile_GetKeyValueInt(ini, section, key);
166 if ((val <= 0) || (val > UINT16_MAX))
167 {
168 WLog_ERR(TAG, "invalid value %d for key '%s.%s'.", val, section, key);
169 return FALSE;
170 }
171
172out:
173 *result = (UINT16)val;
174 return TRUE;
175}
176
177WINPR_ATTR_NODISCARD
178static BOOL pf_config_get_uint32(wIniFile* ini, const char* section, const char* key,
179 UINT32* result, BOOL required)
180{
181 WINPR_ASSERT(result);
182
183 const char* strval = IniFile_GetKeyValueString(ini, section, key);
184 if (!strval)
185 {
186 if (required)
187 WLog_ERR(TAG, "key '%s.%s' does not exist.", section, key);
188 return !required;
189 }
190
191 const int val = IniFile_GetKeyValueInt(ini, section, key);
192 if (val < 0)
193 {
194 WLog_ERR(TAG, "invalid value %d for key '%s.%s'.", val, section, key);
195 return FALSE;
196 }
197
198 *result = (UINT32)val;
199 return TRUE;
200}
201
202WINPR_ATTR_NODISCARD
203static BOOL pf_config_get_bool(wIniFile* ini, const char* section, const char* key, BOOL fallback)
204{
205 int num_value = 0;
206 const char* str_value = nullptr;
207
208 str_value = IniFile_GetKeyValueString(ini, section, key);
209 if (!str_value)
210 {
211 WLog_WARN(TAG, "key '%s.%s' not found, value defaults to %s.", section, key,
212 fallback ? bool_str_true : bool_str_false);
213 return fallback;
214 }
215
216 if (_stricmp(str_value, bool_str_true) == 0)
217 return TRUE;
218 if (_stricmp(str_value, bool_str_false) == 0)
219 return FALSE;
220
221 num_value = IniFile_GetKeyValueInt(ini, section, key);
222
223 return (num_value != 0);
224}
225
226WINPR_ATTR_NODISCARD
227static const char* pf_config_get_str(wIniFile* ini, const char* section, const char* key,
228 BOOL required)
229{
230 const char* value = IniFile_GetKeyValueString(ini, section, key);
231
232 if (!value)
233 {
234 if (required)
235 WLog_ERR(TAG, "key '%s.%s' not found.", section, key);
236 return nullptr;
237 }
238
239 return value;
240}
241
242static void zfree(char* str)
243{
244 if (!str)
245 return;
246 const size_t len = strlen(str);
247 memset(str, 0, len);
248 free(str);
249}
250
251static void znfree(char* str, size_t len)
252{
253 if (!str)
254 return;
255 memset(str, 0, len);
256 free(str);
257}
258
259WINPR_ATTR_NODISCARD
260static BOOL pf_config_copy_string(char** dst, const char* src)
261{
262 WINPR_ASSERT(dst);
263 *dst = nullptr;
264 if (src)
265 *dst = _strdup(src);
266 return TRUE;
267}
268
269WINPR_ATTR_NODISCARD
270static BOOL pf_config_free_and_copy_string(char** dst, const char* src)
271{
272 WINPR_ASSERT(dst);
273 zfree(*dst);
274 return pf_config_copy_string(dst, src);
275}
276
277WINPR_ATTR_NODISCARD
278static BOOL pf_config_load_server(wIniFile* ini, proxyConfig* config)
279{
280 WINPR_ASSERT(config);
281 const char* host = pf_config_get_str(ini, section_server, key_host, FALSE);
282
283 if (host)
284 {
285 if (!pf_config_free_and_copy_string(&config->Host, host))
286 return FALSE;
287 }
288
289 if (!pf_config_get_uint16(ini, section_server, key_port, &config->Port, FALSE))
290 return FALSE;
291
292 const char* sam = pf_config_get_str(ini, section_server, key_sam_file, FALSE);
293 if (sam)
294 {
295 if (!pf_config_free_and_copy_string(&config->SamFile, sam))
296 return FALSE;
297 }
298
299 return TRUE;
300}
301
302WINPR_ATTR_NODISCARD
303static BOOL pf_config_load_target(wIniFile* ini, proxyConfig* config)
304{
305 const char* target_value = nullptr;
306
307 WINPR_ASSERT(config);
308 config->FixedTarget = pf_config_get_bool(ini, section_target, key_target_fixed, FALSE);
309
310 if (!pf_config_get_uint32(ini, section_target, key_target_tls_seclevel,
311 &config->TargetTlsSecLevel, FALSE))
312 return FALSE;
313
314 if (config->FixedTarget)
315 {
316 if (!pf_config_get_uint16(ini, section_target, key_port, &config->TargetPort, FALSE))
317 return FALSE;
318
319 target_value = pf_config_get_str(ini, section_target, key_host, FALSE);
320 if (target_value)
321 {
322 if (!pf_config_free_and_copy_string(&config->TargetHost, target_value))
323 return FALSE;
324 }
325 }
326
327 target_value = pf_config_get_str(ini, section_target, key_target_user, FALSE);
328 if (target_value)
329 {
330 if (!pf_config_free_and_copy_string(&config->TargetUser, target_value))
331 return FALSE;
332 }
333
334 target_value = pf_config_get_str(ini, section_target, key_target_pwd, FALSE);
335 if (target_value)
336 {
337 if (!pf_config_free_and_copy_string(&config->TargetPassword, target_value))
338 return FALSE;
339 }
340
341 target_value = pf_config_get_str(ini, section_target, key_target_domain, FALSE);
342 if (target_value)
343 {
344 if (!pf_config_free_and_copy_string(&config->TargetDomain, target_value))
345 return FALSE;
346 }
347
348 config->TargetSmartcardAuth =
349 pf_config_get_bool(ini, section_target, key_target_scard_auth, FALSE);
350
351 target_value = pf_config_get_str(ini, section_target, key_target_scard_cert, FALSE);
352 if (target_value)
353 {
354 size_t len = 0;
355 char* pem = crypto_read_pem(target_value, &len);
356 if (!pem)
357 return FALSE;
358 znfree(config->TargetSmartcardCert, config->TargetSmartcardCertLength);
359 config->TargetSmartcardCert = pem;
360 config->TargetSmartcardCertLength = len;
361 }
362
363 {
364 const char* pem_value =
365 pf_config_get_str(ini, section_target, key_target_scard_pem_cert, FALSE);
366 if (pem_value)
367 {
368 if (target_value)
369 WLog_WARN(TAG, "In section [%s] both, '%s' and '%s' are provided. Ignoring %s",
370 section_target, key_target_scard_cert, key_target_scard_pem_cert,
371 key_target_scard_cert);
372 znfree(config->TargetSmartcardCert, config->TargetSmartcardCertLength);
373 size_t len = 0;
374 config->TargetSmartcardCert =
375 pf_config_decode_base64(pem_value, key_target_scard_pem_cert, &len);
376 if (!config->TargetSmartcardCert)
377 return FALSE;
378 config->TargetSmartcardCertLength = len;
379 }
380 }
381
382 target_value = pf_config_get_str(ini, section_target, key_target_scard_key, FALSE);
383 if (target_value)
384 {
385 size_t len = 0;
386 char* pem = crypto_read_pem(target_value, &len);
387 if (!pem)
388 return FALSE;
389 znfree(config->TargetSmartcardKey, config->TargetSmartcardKeyLength);
390 config->TargetSmartcardKey = pem;
391 config->TargetSmartcardKeyLength = len;
392 }
393
394 {
395 const char* pem_value =
396 pf_config_get_str(ini, section_target, key_target_scard_pem_key, FALSE);
397 if (pem_value)
398 {
399 if (target_value)
400 WLog_WARN(TAG, "In section [%s] both, '%s' and '%s' are provided. Ignoring %s",
401 section_target, key_target_scard_key, key_target_scard_pem_key,
402 key_target_scard_key);
403 znfree(config->TargetSmartcardKey, config->TargetSmartcardKeyLength);
404
405 size_t len = 0;
406 config->TargetSmartcardKey =
407 pf_config_decode_base64(pem_value, key_target_scard_pem_key, &len);
408 if (!config->TargetSmartcardKey)
409 return FALSE;
410 config->TargetSmartcardKeyLength = len;
411 }
412 }
413
414 return TRUE;
415}
416
417WINPR_ATTR_NODISCARD
418static BOOL pf_config_load_codecs(wIniFile* ini, proxyConfig* config)
419{
420 WINPR_ASSERT(config);
421 config->RFX = pf_config_get_bool(ini, section_codecs, key_codecs_rfx, TRUE);
422 config->NSC = pf_config_get_bool(ini, section_codecs, key_codecs_nsc, TRUE);
423 return TRUE;
424}
425
426WINPR_ATTR_NODISCARD
427static BOOL pf_config_load_channels(wIniFile* ini, proxyConfig* config)
428{
429 WINPR_ASSERT(config);
430 config->GFX = pf_config_get_bool(ini, section_channels, key_channels_gfx, TRUE);
431 config->DisplayControl = pf_config_get_bool(ini, section_channels, key_channels_disp, TRUE);
432 config->Clipboard = pf_config_get_bool(ini, section_channels, key_channels_clip, FALSE);
433 config->AudioOutput = pf_config_get_bool(ini, section_channels, key_channels_sound, TRUE);
434 config->AudioInput = pf_config_get_bool(ini, section_channels, key_channels_mic, TRUE);
435 config->DeviceRedirection = pf_config_get_bool(ini, section_channels, key_channels_rdpdr, TRUE);
436 config->VideoRedirection = pf_config_get_bool(ini, section_channels, key_channels_video, TRUE);
437 config->CameraRedirection =
438 pf_config_get_bool(ini, section_channels, key_channels_camera, TRUE);
439 config->RemoteApp = pf_config_get_bool(ini, section_channels, key_channels_rails, FALSE);
440 config->PassthroughIsBlacklist =
441 pf_config_get_bool(ini, section_channels, key_channels_blacklist, FALSE);
442 config->Passthrough = pf_config_parse_comma_separated_list(
443 pf_config_get_str(ini, section_channels, key_channels_pass, FALSE),
444 &config->PassthroughCount);
445 config->Intercept = pf_config_parse_comma_separated_list(
446 pf_config_get_str(ini, section_channels, key_channels_intercept, FALSE),
447 &config->InterceptCount);
448
449 return TRUE;
450}
451
452WINPR_ATTR_NODISCARD
453static BOOL pf_config_load_input(wIniFile* ini, proxyConfig* config)
454{
455 WINPR_ASSERT(config);
456 config->Keyboard = pf_config_get_bool(ini, section_input, key_input_kbd, TRUE);
457 config->Mouse = pf_config_get_bool(ini, section_input, key_input_mouse, TRUE);
458 config->Multitouch = pf_config_get_bool(ini, section_input, key_input_multitouch, TRUE);
459 return TRUE;
460}
461
462WINPR_ATTR_NODISCARD
463static BOOL pf_config_load_security(wIniFile* ini, proxyConfig* config)
464{
465 WINPR_ASSERT(config);
466 config->ServerTlsSecurity =
467 pf_config_get_bool(ini, section_security, key_security_server_tls, TRUE);
468 config->ServerNlaSecurity =
469 pf_config_get_bool(ini, section_security, key_security_server_nla, FALSE);
470 config->ServerRdpSecurity =
471 pf_config_get_bool(ini, section_security, key_security_server_rdp, TRUE);
472
473 config->ClientTlsSecurity =
474 pf_config_get_bool(ini, section_security, key_security_client_tls, TRUE);
475 config->ClientNlaSecurity =
476 pf_config_get_bool(ini, section_security, key_security_client_nla, TRUE);
477 config->ClientRdpSecurity =
478 pf_config_get_bool(ini, section_security, key_security_client_rdp, TRUE);
479 config->ClientAllowFallbackToTls =
480 pf_config_get_bool(ini, section_security, key_security_client_fallback, TRUE);
481 return TRUE;
482}
483
484WINPR_ATTR_NODISCARD
485static BOOL pf_config_load_modules(wIniFile* ini, proxyConfig* config)
486{
487 const char* modules_to_load = nullptr;
488 const char* required_modules = nullptr;
489
490 modules_to_load = pf_config_get_str(ini, section_plugins, key_plugins_modules, FALSE);
491 required_modules = pf_config_get_str(ini, section_plugins, key_plugins_required, FALSE);
492
493 WINPR_ASSERT(config);
494 config->Modules = pf_config_parse_comma_separated_list(modules_to_load, &config->ModulesCount);
495
496 config->RequiredPlugins =
497 pf_config_parse_comma_separated_list(required_modules, &config->RequiredPluginsCount);
498 return TRUE;
499}
500
501char* pf_config_decode_base64(const char* data, const char* name, size_t* pLength)
502{
503 const char* headers[] = { "-----BEGIN PUBLIC KEY-----", "-----BEGIN RSA PUBLIC KEY-----",
504 "-----BEGIN CERTIFICATE-----", "-----BEGIN PRIVATE KEY-----",
505 "-----BEGIN RSA PRIVATE KEY-----" };
506
507 size_t decoded_length = 0;
508 char* decoded = nullptr;
509 if (!data)
510 {
511 WLog_ERR(TAG, "Invalid base64 data [nullptr] for %s", name);
512 return nullptr;
513 }
514
515 WINPR_ASSERT(name);
516 WINPR_ASSERT(pLength);
517
518 const size_t length = strlen(data);
519
520 if (strncmp(data, "-----", 5) == 0)
521 {
522 BOOL expected = FALSE;
523 for (size_t x = 0; x < ARRAYSIZE(headers); x++)
524 {
525 const char* header = headers[x];
526
527 if (strncmp(data, header, strlen(header)) == 0)
528 expected = TRUE;
529 }
530
531 if (!expected)
532 {
533 /* Extract header for log message
534 * expected format is '----- SOMETEXT -----'
535 */
536 char hdr[128] = WINPR_C_ARRAY_INIT;
537 const char* end = strchr(&data[5], '-');
538 if (end)
539 {
540 while (*end == '-')
541 end++;
542
543 const size_t s = MIN(ARRAYSIZE(hdr) - 1ULL, (size_t)(end - data));
544 memcpy(hdr, data, s);
545 }
546
547 WLog_WARN(TAG, "PEM has unexpected header '%s'. Known supported headers are:", hdr);
548 for (size_t x = 0; x < ARRAYSIZE(headers); x++)
549 {
550 const char* header = headers[x];
551 WLog_WARN(TAG, "%s", header);
552 }
553 }
554
555 *pLength = length + 1;
556 return _strdup(data);
557 }
558
559 crypto_base64_decode(data, length, (BYTE**)&decoded, &decoded_length);
560 if (!decoded || decoded_length == 0)
561 {
562 WLog_ERR(TAG, "Failed to decode base64 data of length %" PRIuz " for %s", length, name);
563 zfree(decoded);
564 return nullptr;
565 }
566
567 *pLength = strnlen(decoded, decoded_length) + 1;
568 return decoded;
569}
570
571WINPR_ATTR_NODISCARD
572static BOOL pf_config_load_certificates(wIniFile* ini, proxyConfig* config)
573{
574 const char* tmp1 = nullptr;
575 const char* tmp2 = nullptr;
576
577 WINPR_ASSERT(ini);
578 WINPR_ASSERT(config);
579
580 tmp1 = pf_config_get_str(ini, section_certificates, key_cert_file, FALSE);
581 if (tmp1)
582 {
583 if (!winpr_PathFileExists(tmp1))
584 {
585 WLog_ERR(TAG, "%s/%s file %s does not exist", section_certificates, key_cert_file,
586 tmp1);
587 return FALSE;
588 }
589 config->CertificateFile = _strdup(tmp1);
590 config->CertificatePEM =
591 crypto_read_pem(config->CertificateFile, &config->CertificatePEMLength);
592 if (!config->CertificatePEM)
593 return FALSE;
594 config->CertificatePEMLength += 1;
595 }
596 tmp2 = pf_config_get_str(ini, section_certificates, key_cert_content, FALSE);
597 if (tmp2)
598 {
599 if (strlen(tmp2) < 1)
600 {
601 WLog_ERR(TAG, "%s/%s has invalid empty value", section_certificates, key_cert_content);
602 return FALSE;
603 }
604 config->CertificateContent = _strdup(tmp2);
605 config->CertificatePEM = pf_config_decode_base64(
606 config->CertificateContent, "CertificateContent", &config->CertificatePEMLength);
607 if (!config->CertificatePEM)
608 return FALSE;
609 }
610 if (tmp1 && tmp2)
611 {
612 WLog_ERR(TAG,
613 "%s/%s and %s/%s are "
614 "mutually exclusive options",
615 section_certificates, key_cert_file, section_certificates, key_cert_content);
616 return FALSE;
617 }
618 else if (!tmp1 && !tmp2)
619 {
620 WLog_ERR(TAG,
621 "%s/%s or %s/%s are "
622 "required settings",
623 section_certificates, key_cert_file, section_certificates, key_cert_content);
624 return FALSE;
625 }
626
627 tmp1 = pf_config_get_str(ini, section_certificates, key_private_key_file, FALSE);
628 if (tmp1)
629 {
630 if (!winpr_PathFileExists(tmp1))
631 {
632 WLog_ERR(TAG, "%s/%s file %s does not exist", section_certificates,
633 key_private_key_file, tmp1);
634 return FALSE;
635 }
636 config->PrivateKeyFile = _strdup(tmp1);
637 config->PrivateKeyPEM =
638 crypto_read_pem(config->PrivateKeyFile, &config->PrivateKeyPEMLength);
639 if (!config->PrivateKeyPEM)
640 return FALSE;
641 config->PrivateKeyPEMLength += 1;
642 }
643 tmp2 = pf_config_get_str(ini, section_certificates, key_private_key_content, FALSE);
644 if (tmp2)
645 {
646 if (strlen(tmp2) < 1)
647 {
648 WLog_ERR(TAG, "%s/%s has invalid empty value", section_certificates,
649 key_private_key_content);
650 return FALSE;
651 }
652 config->PrivateKeyContent = _strdup(tmp2);
653 config->PrivateKeyPEM = pf_config_decode_base64(
654 config->PrivateKeyContent, "PrivateKeyContent", &config->PrivateKeyPEMLength);
655 if (!config->PrivateKeyPEM)
656 return FALSE;
657 }
658
659 if (tmp1 && tmp2)
660 {
661 WLog_ERR(TAG,
662 "%s/%s and %s/%s are "
663 "mutually exclusive options",
664 section_certificates, key_private_key_file, section_certificates,
665 key_private_key_content);
666 return FALSE;
667 }
668 else if (!tmp1 && !tmp2)
669 {
670 WLog_ERR(TAG,
671 "%s/%s or %s/%s are "
672 "are required settings",
673 section_certificates, key_private_key_file, section_certificates,
674 key_private_key_content);
675 return FALSE;
676 }
677
678 return TRUE;
679}
680
681proxyConfig* server_config_load_ini(wIniFile* ini)
682{
683 proxyConfig* config = nullptr;
684
685 WINPR_ASSERT(ini);
686
687 config = calloc(1, sizeof(proxyConfig));
688 if (config)
689 {
690 /* Set default values != 0 */
691 config->TargetTlsSecLevel = 1;
692
693 /* Load from ini */
694 if (!pf_config_load_server(ini, config))
695 goto out;
696
697 if (!pf_config_load_target(ini, config))
698 goto out;
699
700 if (!pf_config_load_codecs(ini, config))
701 goto out;
702
703 if (!pf_config_load_channels(ini, config))
704 goto out;
705
706 if (!pf_config_load_input(ini, config))
707 goto out;
708
709 if (!pf_config_load_security(ini, config))
710 goto out;
711
712 if (!pf_config_load_modules(ini, config))
713 goto out;
714
715 if (!pf_config_load_certificates(ini, config))
716 goto out;
717 config->ini = IniFile_Clone(ini);
718 if (!config->ini)
719 goto out;
720 }
721 return config;
722out:
723 WINPR_PRAGMA_DIAG_PUSH
724 WINPR_PRAGMA_DIAG_IGNORED_MISMATCHED_DEALLOC
725 pf_server_config_free(config);
726 WINPR_PRAGMA_DIAG_POP
727
728 return nullptr;
729}
730
731BOOL pf_server_config_dump(const char* file)
732{
733 BOOL rc = FALSE;
734 wIniFile* ini = IniFile_New();
735 if (!ini)
736 return FALSE;
737
738 /* Proxy server configuration */
739 if (IniFile_SetKeyValueString(ini, section_server, key_host, "0.0.0.0") < 0)
740 goto fail;
741 if (IniFile_SetKeyValueInt(ini, section_server, key_port, 3389) < 0)
742 goto fail;
743 if (IniFile_SetKeyValueString(ini, section_server, key_sam_file,
744 "optional/path/some/file.sam") < 0)
745 goto fail;
746
747 /* Target configuration */
748 if (IniFile_SetKeyValueString(ini, section_target, key_host, "somehost.example.com") < 0)
749 goto fail;
750 if (IniFile_SetKeyValueInt(ini, section_target, key_port, 3389) < 0)
751 goto fail;
752 if (IniFile_SetKeyValueString(ini, section_target, key_target_fixed, bool_str_true) < 0)
753 goto fail;
754 if (IniFile_SetKeyValueInt(ini, section_target, key_target_tls_seclevel, 1) < 0)
755 goto fail;
756 if (IniFile_SetKeyValueString(ini, section_target, key_target_user, "optionaltargetuser") < 0)
757 goto fail;
758 if (IniFile_SetKeyValueString(ini, section_target, key_target_domain, "optionaltargetdomain") <
759 0)
760 goto fail;
761 if (IniFile_SetKeyValueString(ini, section_target, key_target_pwd, "optionaltargetpassword") <
762 0)
763 goto fail;
764 if (IniFile_SetKeyValueString(ini, section_target, key_target_scard_auth, bool_str_false) < 0)
765 goto fail;
766 if (IniFile_SetKeyValueString(ini, section_target, key_target_scard_cert,
767 "optional/path/some/file.pem.crt") < 0)
768 goto fail;
769 if (IniFile_SetKeyValueString(ini, section_target, key_target_scard_pem_cert,
770 "<base64 encoded PEM>") < 0)
771 goto fail;
772 if (IniFile_SetKeyValueString(ini, section_target, key_target_scard_key,
773 "optional/path/some/file.pem.key") < 0)
774 goto fail;
775
776 if (IniFile_SetKeyValueString(ini, section_target, key_target_scard_pem_key,
777 "<base64 encoded PEM>") < 0)
778 goto fail;
779 /* Codec configuration */
780 if (IniFile_SetKeyValueString(ini, section_codecs, key_codecs_rfx, bool_str_true) < 0)
781 goto fail;
782 if (IniFile_SetKeyValueString(ini, section_codecs, key_codecs_nsc, bool_str_true) < 0)
783 goto fail;
784
785 /* Channel configuration */
786 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_gfx, bool_str_true) < 0)
787 goto fail;
788 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_disp, bool_str_true) < 0)
789 goto fail;
790 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_clip, bool_str_true) < 0)
791 goto fail;
792 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_mic, bool_str_true) < 0)
793 goto fail;
794 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_sound, bool_str_true) < 0)
795 goto fail;
796 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_rdpdr, bool_str_true) < 0)
797 goto fail;
798 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_video, bool_str_true) < 0)
799 goto fail;
800 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_camera, bool_str_true) < 0)
801 goto fail;
802 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_rails, bool_str_false) < 0)
803 goto fail;
804
805 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_blacklist, bool_str_true) < 0)
806 goto fail;
807 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_pass, "") < 0)
808 goto fail;
809 if (IniFile_SetKeyValueString(ini, section_channels, key_channels_intercept, "") < 0)
810 goto fail;
811
812 /* Input configuration */
813 if (IniFile_SetKeyValueString(ini, section_input, key_input_kbd, bool_str_true) < 0)
814 goto fail;
815 if (IniFile_SetKeyValueString(ini, section_input, key_input_mouse, bool_str_true) < 0)
816 goto fail;
817 if (IniFile_SetKeyValueString(ini, section_input, key_input_multitouch, bool_str_true) < 0)
818 goto fail;
819
820 /* Security settings */
821 if (IniFile_SetKeyValueString(ini, section_security, key_security_server_tls, bool_str_true) <
822 0)
823 goto fail;
824 if (IniFile_SetKeyValueString(ini, section_security, key_security_server_nla, bool_str_false) <
825 0)
826 goto fail;
827 if (IniFile_SetKeyValueString(ini, section_security, key_security_server_rdp, bool_str_true) <
828 0)
829 goto fail;
830
831 if (IniFile_SetKeyValueString(ini, section_security, key_security_client_tls, bool_str_true) <
832 0)
833 goto fail;
834 if (IniFile_SetKeyValueString(ini, section_security, key_security_client_nla, bool_str_true) <
835 0)
836 goto fail;
837 if (IniFile_SetKeyValueString(ini, section_security, key_security_client_rdp, bool_str_true) <
838 0)
839 goto fail;
840 if (IniFile_SetKeyValueString(ini, section_security, key_security_client_fallback,
841 bool_str_true) < 0)
842 goto fail;
843
844 /* Module configuration */
845 if (IniFile_SetKeyValueString(ini, section_plugins, key_plugins_modules,
846 "module1,module2,...") < 0)
847 goto fail;
848 if (IniFile_SetKeyValueString(ini, section_plugins, key_plugins_required,
849 "module1,module2,...") < 0)
850 goto fail;
851
852 /* Certificate configuration */
853 if (IniFile_SetKeyValueString(ini, section_certificates, key_cert_file,
854 "<absolute path to some certificate file> OR") < 0)
855 goto fail;
856 if (IniFile_SetKeyValueString(ini, section_certificates, key_cert_content,
857 "<base64 encoded PEM>") < 0)
858 goto fail;
859
860 if (IniFile_SetKeyValueString(ini, section_certificates, key_private_key_file,
861 "<absolute path to some private key file> OR") < 0)
862 goto fail;
863 if (IniFile_SetKeyValueString(ini, section_certificates, key_private_key_content,
864 "<base64 encoded PEM>") < 0)
865 goto fail;
866
867 if ((strcmp("stdout", file) == 0) || (strcmp("stderr", file) == 0))
868 {
869 char* buffer = IniFile_WriteBuffer(ini);
870 if (!buffer)
871 goto fail;
872 FILE* fp = stderr;
873 if (strcmp("stdout", file) == 0)
874 fp = stdout;
875 (void)fprintf(fp, "%s", buffer);
876 zfree(buffer);
877 }
878 else
879 {
880 /* store configuration */
881 if (IniFile_WriteFile(ini, file) < 0)
882 goto fail;
883 }
884
885 rc = TRUE;
886
887fail:
888 IniFile_Free(ini);
889 return rc;
890}
891
892proxyConfig* pf_server_config_load_buffer(const char* buffer)
893{
894 proxyConfig* config = nullptr;
895 wIniFile* ini = nullptr;
896
897 ini = IniFile_New();
898
899 if (!ini)
900 {
901 WLog_ERR(TAG, "IniFile_New() failed!");
902 return nullptr;
903 }
904
905 if (IniFile_ReadBuffer(ini, buffer) < 0)
906 {
907 WLog_ERR(TAG, "failed to parse ini: '%s'", buffer);
908 goto out;
909 }
910
911 config = server_config_load_ini(ini);
912out:
913 IniFile_Free(ini);
914 return config;
915}
916
917proxyConfig* pf_server_config_load_file(const char* path)
918{
919 proxyConfig* config = nullptr;
920 wIniFile* ini = IniFile_New();
921
922 if (!ini)
923 {
924 WLog_ERR(TAG, "IniFile_New() failed!");
925 return nullptr;
926 }
927
928 if (IniFile_ReadFile(ini, path) < 0)
929 {
930 WLog_ERR(TAG, "failed to parse ini file: '%s'", path);
931 goto out;
932 }
933
934 config = server_config_load_ini(ini);
935out:
936 IniFile_Free(ini);
937 return config;
938}
939
940static void pf_server_config_print_list(char** list, size_t count)
941{
942 WINPR_ASSERT(list);
943 for (size_t i = 0; i < count; i++)
944 WLog_INFO(TAG, "\t\t- %s", list[i]);
945}
946
947void pf_server_config_print(const proxyConfig* config)
948{
949 WINPR_ASSERT(config);
950 WLog_INFO(TAG, "Proxy configuration:");
951
952 CONFIG_PRINT_SECTION(section_server);
953 CONFIG_PRINT_STR(config, Host);
954 CONFIG_PRINT_STR(config, SamFile);
955 CONFIG_PRINT_UINT16(config, Port);
956
957 if (config->FixedTarget)
958 {
959 CONFIG_PRINT_SECTION(section_target);
960 CONFIG_PRINT_STR(config, TargetHost);
961 CONFIG_PRINT_UINT16(config, TargetPort);
962 CONFIG_PRINT_UINT32(config, TargetTlsSecLevel);
963
964 CONFIG_PRINT_STR(config, TargetUser);
965 CONFIG_PRINT_STR(config, TargetDomain);
966 CONFIG_PRINT_SECRET_STR(config, TargetPassword);
967
968 CONFIG_PRINT_BOOL(config, TargetSmartcardAuth);
969 CONFIG_PRINT_SECRET_STR(config, TargetSmartcardCert);
970 CONFIG_PRINT_SECRET_STR(config, TargetSmartcardKey);
971 }
972
973 CONFIG_PRINT_SECTION(section_input);
974 CONFIG_PRINT_BOOL(config, Keyboard);
975 CONFIG_PRINT_BOOL(config, Mouse);
976 CONFIG_PRINT_BOOL(config, Multitouch);
977
978 CONFIG_PRINT_SECTION(section_security);
979 CONFIG_PRINT_BOOL(config, ServerNlaSecurity);
980 CONFIG_PRINT_BOOL(config, ServerTlsSecurity);
981 CONFIG_PRINT_BOOL(config, ServerRdpSecurity);
982 CONFIG_PRINT_BOOL(config, ClientNlaSecurity);
983 CONFIG_PRINT_BOOL(config, ClientTlsSecurity);
984 CONFIG_PRINT_BOOL(config, ClientRdpSecurity);
985 CONFIG_PRINT_BOOL(config, ClientAllowFallbackToTls);
986
987 CONFIG_PRINT_SECTION(section_codecs);
988 CONFIG_PRINT_BOOL(config, RFX);
989 CONFIG_PRINT_BOOL(config, NSC);
990
991 CONFIG_PRINT_SECTION(section_channels);
992 CONFIG_PRINT_BOOL(config, GFX);
993 CONFIG_PRINT_BOOL(config, DisplayControl);
994 CONFIG_PRINT_BOOL(config, Clipboard);
995 CONFIG_PRINT_BOOL(config, AudioOutput);
996 CONFIG_PRINT_BOOL(config, AudioInput);
997 CONFIG_PRINT_BOOL(config, DeviceRedirection);
998 CONFIG_PRINT_BOOL(config, VideoRedirection);
999 CONFIG_PRINT_BOOL(config, CameraRedirection);
1000 CONFIG_PRINT_BOOL(config, RemoteApp);
1001 CONFIG_PRINT_BOOL(config, PassthroughIsBlacklist);
1002
1003 if (config->PassthroughCount)
1004 {
1005 WLog_INFO(TAG, "\tStatic Channels Proxy:");
1006 pf_server_config_print_list(config->Passthrough, config->PassthroughCount);
1007 }
1008
1009 if (config->InterceptCount)
1010 {
1011 WLog_INFO(TAG, "\tStatic Channels Proxy-Intercept:");
1012 pf_server_config_print_list(config->Intercept, config->InterceptCount);
1013 }
1014
1015 /* modules */
1016 CONFIG_PRINT_SECTION_KEY(section_plugins, key_plugins_modules);
1017 for (size_t x = 0; x < config->ModulesCount; x++)
1018 CONFIG_PRINT_STR(config, Modules[x]);
1019
1020 /* Required plugins */
1021 CONFIG_PRINT_SECTION_KEY(section_plugins, key_plugins_required);
1022 for (size_t x = 0; x < config->RequiredPluginsCount; x++)
1023 CONFIG_PRINT_STR(config, RequiredPlugins[x]);
1024
1025 CONFIG_PRINT_SECTION(section_certificates);
1026 CONFIG_PRINT_STR(config, CertificateFile);
1027 CONFIG_PRINT_SECRET_STR(config, CertificateContent);
1028 CONFIG_PRINT_STR(config, PrivateKeyFile);
1029 CONFIG_PRINT_SECRET_STR(config, PrivateKeyContent);
1030}
1031
1032void pf_server_config_free(proxyConfig* config)
1033{
1034 if (config == nullptr)
1035 return;
1036
1037 zfree(config->Host);
1038 zfree(config->SamFile);
1039 zfree(config->TargetHost);
1040 zfree(config->TargetUser);
1041 zfree(config->TargetDomain);
1042 zfree(config->TargetPassword);
1043 znfree(config->TargetSmartcardCert, config->TargetSmartcardCertLength);
1044 znfree(config->TargetSmartcardKey, config->TargetSmartcardKeyLength);
1045
1046 CommandLineParserFree(config->Passthrough);
1047 CommandLineParserFree(config->Intercept);
1048 CommandLineParserFree(config->Modules);
1049 CommandLineParserFree(config->RequiredPlugins);
1050
1051 zfree(config->CertificateFile);
1052 zfree(config->CertificateContent);
1053 znfree(config->CertificatePEM, config->CertificatePEMLength);
1054 zfree(config->PrivateKeyFile);
1055 zfree(config->PrivateKeyContent);
1056 znfree(config->PrivateKeyPEM, config->PrivateKeyPEMLength);
1057 IniFile_Free(config->ini);
1058 free(config);
1059}
1060
1061size_t pf_config_required_plugins_count(const proxyConfig* config)
1062{
1063 WINPR_ASSERT(config);
1064 return config->RequiredPluginsCount;
1065}
1066
1067const char* pf_config_required_plugin(const proxyConfig* config, size_t index)
1068{
1069 WINPR_ASSERT(config);
1070 if (index >= config->RequiredPluginsCount)
1071 return nullptr;
1072
1073 return config->RequiredPlugins[index];
1074}
1075
1076size_t pf_config_modules_count(const proxyConfig* config)
1077{
1078 WINPR_ASSERT(config);
1079 return config->ModulesCount;
1080}
1081
1082const char** pf_config_modules(const proxyConfig* config)
1083{
1084 union
1085 {
1086 char** ppc;
1087 const char** cppc;
1088 } cnv;
1089
1090 WINPR_ASSERT(config);
1091
1092 cnv.ppc = config->Modules;
1093 return cnv.cppc;
1094}
1095
1096WINPR_ATTR_NODISCARD
1097static BOOL pf_config_copy_string_n(char** dst, const char* src, size_t size)
1098{
1099 *dst = nullptr;
1100
1101 if (src && (size > 0))
1102 {
1103 WINPR_ASSERT(strnlen(src, size) == size - 1);
1104 *dst = calloc(size, sizeof(char));
1105 if (!*dst)
1106 return FALSE;
1107 memcpy(*dst, src, size);
1108 }
1109
1110 return TRUE;
1111}
1112
1113WINPR_ATTR_NODISCARD
1114static BOOL pf_config_copy_string_list(char*** dst, size_t* size, char** src, size_t srcSize)
1115{
1116 WINPR_ASSERT(dst);
1117 WINPR_ASSERT(size);
1118 WINPR_ASSERT(src || (srcSize == 0));
1119
1120 *dst = nullptr;
1121 *size = 0;
1122 if (srcSize > INT32_MAX)
1123 return FALSE;
1124
1125 if (srcSize != 0)
1126 {
1127 char* csv = CommandLineToCommaSeparatedValues((INT32)srcSize, src);
1128 *dst = CommandLineParseCommaSeparatedValues(csv, size);
1129 zfree(csv);
1130 }
1131
1132 return TRUE;
1133}
1134
1135BOOL pf_config_clone(proxyConfig** dst, const proxyConfig* config)
1136{
1137 proxyConfig* tmp = calloc(1, sizeof(proxyConfig));
1138
1139 WINPR_ASSERT(dst);
1140 WINPR_ASSERT(config);
1141
1142 if (!tmp)
1143 return FALSE;
1144
1145 *tmp = *config;
1146
1147 if (!pf_config_copy_string(&tmp->Host, config->Host))
1148 goto fail;
1149 if (!pf_config_copy_string(&tmp->SamFile, config->SamFile))
1150 goto fail;
1151 if (!pf_config_copy_string(&tmp->TargetHost, config->TargetHost))
1152 goto fail;
1153 if (!pf_config_copy_string(&tmp->TargetUser, config->TargetUser))
1154 goto fail;
1155 if (!pf_config_copy_string(&tmp->TargetDomain, config->TargetDomain))
1156 goto fail;
1157 if (!pf_config_copy_string(&tmp->TargetPassword, config->TargetPassword))
1158 goto fail;
1159 if (!pf_config_copy_string_n(&tmp->TargetSmartcardCert, config->TargetSmartcardCert,
1160 config->TargetSmartcardCertLength))
1161 goto fail;
1162 if (!pf_config_copy_string_n(&tmp->TargetSmartcardKey, config->TargetSmartcardKey,
1163 config->TargetSmartcardKeyLength))
1164 goto fail;
1165 if (!pf_config_copy_string_list(&tmp->Passthrough, &tmp->PassthroughCount, config->Passthrough,
1166 config->PassthroughCount))
1167 goto fail;
1168 if (!pf_config_copy_string_list(&tmp->Intercept, &tmp->InterceptCount, config->Intercept,
1169 config->InterceptCount))
1170 goto fail;
1171 if (!pf_config_copy_string_list(&tmp->Modules, &tmp->ModulesCount, config->Modules,
1172 config->ModulesCount))
1173 goto fail;
1174 if (!pf_config_copy_string_list(&tmp->RequiredPlugins, &tmp->RequiredPluginsCount,
1175 config->RequiredPlugins, config->RequiredPluginsCount))
1176 goto fail;
1177 if (!pf_config_copy_string(&tmp->CertificateFile, config->CertificateFile))
1178 goto fail;
1179 if (!pf_config_copy_string(&tmp->CertificateContent, config->CertificateContent))
1180 goto fail;
1181 if (!pf_config_copy_string_n(&tmp->CertificatePEM, config->CertificatePEM,
1182 config->CertificatePEMLength))
1183 goto fail;
1184 if (!pf_config_copy_string(&tmp->PrivateKeyFile, config->PrivateKeyFile))
1185 goto fail;
1186 if (!pf_config_copy_string(&tmp->PrivateKeyContent, config->PrivateKeyContent))
1187 goto fail;
1188 if (!pf_config_copy_string_n(&tmp->PrivateKeyPEM, config->PrivateKeyPEM,
1189 config->PrivateKeyPEMLength))
1190 goto fail;
1191
1192 tmp->ini = IniFile_Clone(config->ini);
1193 if (!tmp->ini)
1194 goto fail;
1195
1196 *dst = tmp;
1197 return TRUE;
1198
1199fail:
1200 WINPR_PRAGMA_DIAG_PUSH
1201 WINPR_PRAGMA_DIAG_IGNORED_MISMATCHED_DEALLOC
1202 pf_server_config_free(tmp);
1203 WINPR_PRAGMA_DIAG_POP
1204 return FALSE;
1205}
1206
1207struct config_plugin_data
1208{
1209 proxyPluginsManager* mgr;
1210 const proxyConfig* config;
1211};
1212
1213static const char config_plugin_name[] = "config";
1214static const char config_plugin_desc[] =
1215 "A plugin filtering according to proxy configuration file rules";
1216
1217WINPR_ATTR_NODISCARD
1218static BOOL config_plugin_unload(proxyPlugin* plugin)
1219{
1220 WINPR_ASSERT(plugin);
1221
1222 /* Here we have to free up our custom data storage. */
1223 if (plugin)
1224 {
1225 free(plugin->custom);
1226 plugin->custom = nullptr;
1227 }
1228
1229 return TRUE;
1230}
1231
1232WINPR_ATTR_NODISCARD
1233static BOOL config_plugin_keyboard_event(proxyPlugin* plugin, WINPR_ATTR_UNUSED proxyData* pdata,
1234 void* param)
1235{
1236 BOOL rc = 0;
1237 const struct config_plugin_data* custom = nullptr;
1238 const proxyConfig* cfg = nullptr;
1239 const proxyKeyboardEventInfo* event_data = (const proxyKeyboardEventInfo*)(param);
1240
1241 WINPR_ASSERT(plugin);
1242 WINPR_ASSERT(pdata);
1243 WINPR_ASSERT(event_data);
1244
1245 WINPR_UNUSED(event_data);
1246
1247 custom = plugin->custom;
1248 WINPR_ASSERT(custom);
1249
1250 cfg = custom->config;
1251 WINPR_ASSERT(cfg);
1252
1253 rc = cfg->Keyboard;
1254 WLog_DBG(TAG, "%s", boolstr(rc));
1255 return rc;
1256}
1257
1258WINPR_ATTR_NODISCARD
1259static BOOL config_plugin_unicode_event(proxyPlugin* plugin, WINPR_ATTR_UNUSED proxyData* pdata,
1260 void* param)
1261{
1262 BOOL rc = 0;
1263 const struct config_plugin_data* custom = nullptr;
1264 const proxyConfig* cfg = nullptr;
1265 const proxyUnicodeEventInfo* event_data = (const proxyUnicodeEventInfo*)(param);
1266
1267 WINPR_ASSERT(plugin);
1268 WINPR_ASSERT(pdata);
1269 WINPR_ASSERT(event_data);
1270
1271 WINPR_UNUSED(event_data);
1272
1273 custom = plugin->custom;
1274 WINPR_ASSERT(custom);
1275
1276 cfg = custom->config;
1277 WINPR_ASSERT(cfg);
1278
1279 rc = cfg->Keyboard;
1280 WLog_DBG(TAG, "%s", boolstr(rc));
1281 return rc;
1282}
1283
1284WINPR_ATTR_NODISCARD
1285static BOOL config_plugin_mouse_event(proxyPlugin* plugin, WINPR_ATTR_UNUSED proxyData* pdata,
1286 void* param)
1287{
1288 BOOL rc = 0;
1289 const struct config_plugin_data* custom = nullptr;
1290 const proxyConfig* cfg = nullptr;
1291 const proxyMouseEventInfo* event_data = (const proxyMouseEventInfo*)(param);
1292
1293 WINPR_ASSERT(plugin);
1294 WINPR_ASSERT(pdata);
1295 WINPR_ASSERT(event_data);
1296
1297 WINPR_UNUSED(event_data);
1298
1299 custom = plugin->custom;
1300 WINPR_ASSERT(custom);
1301
1302 cfg = custom->config;
1303 WINPR_ASSERT(cfg);
1304
1305 rc = cfg->Mouse;
1306 return rc;
1307}
1308
1309WINPR_ATTR_NODISCARD
1310static BOOL config_plugin_mouse_ex_event(proxyPlugin* plugin, WINPR_ATTR_UNUSED proxyData* pdata,
1311 void* param)
1312{
1313 BOOL rc = 0;
1314 const struct config_plugin_data* custom = nullptr;
1315 const proxyConfig* cfg = nullptr;
1316 const proxyMouseExEventInfo* event_data = (const proxyMouseExEventInfo*)(param);
1317
1318 WINPR_ASSERT(plugin);
1319 WINPR_ASSERT(pdata);
1320 WINPR_ASSERT(event_data);
1321
1322 WINPR_UNUSED(event_data);
1323
1324 custom = plugin->custom;
1325 WINPR_ASSERT(custom);
1326
1327 cfg = custom->config;
1328 WINPR_ASSERT(cfg);
1329
1330 rc = cfg->Mouse;
1331 return rc;
1332}
1333
1334WINPR_ATTR_NODISCARD
1335static BOOL config_plugin_client_channel_data(WINPR_ATTR_UNUSED proxyPlugin* plugin,
1336 WINPR_ATTR_UNUSED proxyData* pdata, void* param)
1337{
1338 const proxyChannelDataEventInfo* channel = (const proxyChannelDataEventInfo*)(param);
1339
1340 WINPR_ASSERT(plugin);
1341 WINPR_ASSERT(pdata);
1342 WINPR_ASSERT(channel);
1343
1344 WLog_DBG(TAG, "%s [0x%04" PRIx16 "] got %" PRIuz, channel->channel_name, channel->channel_id,
1345 channel->data_len);
1346 return TRUE;
1347}
1348
1349WINPR_ATTR_NODISCARD
1350static BOOL config_plugin_server_channel_data(WINPR_ATTR_UNUSED proxyPlugin* plugin,
1351 WINPR_ATTR_UNUSED proxyData* pdata, void* param)
1352{
1353 const proxyChannelDataEventInfo* channel = (const proxyChannelDataEventInfo*)(param);
1354
1355 WINPR_ASSERT(plugin);
1356 WINPR_ASSERT(pdata);
1357 WINPR_ASSERT(channel);
1358
1359 WLog_DBG(TAG, "%s [0x%04" PRIx16 "] got %" PRIuz, channel->channel_name, channel->channel_id,
1360 channel->data_len);
1361 return TRUE;
1362}
1363
1364WINPR_ATTR_NODISCARD
1365static BOOL config_plugin_dynamic_channel_create(proxyPlugin* plugin,
1366 WINPR_ATTR_UNUSED proxyData* pdata, void* param)
1367{
1368 BOOL accept = 0;
1369 const proxyChannelDataEventInfo* channel = (const proxyChannelDataEventInfo*)(param);
1370
1371 WINPR_ASSERT(plugin);
1372 WINPR_ASSERT(pdata);
1373 WINPR_ASSERT(channel);
1374
1375 const struct config_plugin_data* custom = plugin->custom;
1376 WINPR_ASSERT(custom);
1377
1378 const proxyConfig* cfg = custom->config;
1379 WINPR_ASSERT(cfg);
1380
1381 pf_utils_channel_mode rc = pf_utils_get_channel_mode(cfg, channel->channel_name);
1382 switch (rc)
1383 {
1384
1385 case PF_UTILS_CHANNEL_INTERCEPT:
1386 case PF_UTILS_CHANNEL_PASSTHROUGH:
1387 accept = TRUE;
1388 break;
1389 case PF_UTILS_CHANNEL_BLOCK:
1390 default:
1391 accept = FALSE;
1392 break;
1393 }
1394
1395 if (accept)
1396 {
1397 if (strncmp(RDPGFX_DVC_CHANNEL_NAME, channel->channel_name,
1398 sizeof(RDPGFX_DVC_CHANNEL_NAME)) == 0)
1399 accept = cfg->GFX;
1400 else if (strncmp(RDPSND_DVC_CHANNEL_NAME, channel->channel_name,
1401 sizeof(RDPSND_DVC_CHANNEL_NAME)) == 0)
1402 accept = cfg->AudioOutput;
1403 else if (strncmp(RDPSND_LOSSY_DVC_CHANNEL_NAME, channel->channel_name,
1404 sizeof(RDPSND_LOSSY_DVC_CHANNEL_NAME)) == 0)
1405 accept = cfg->AudioOutput;
1406 else if (strncmp(AUDIN_DVC_CHANNEL_NAME, channel->channel_name,
1407 sizeof(AUDIN_DVC_CHANNEL_NAME)) == 0)
1408 accept = cfg->AudioInput;
1409 else if (strncmp(RDPEI_DVC_CHANNEL_NAME, channel->channel_name,
1410 sizeof(RDPEI_DVC_CHANNEL_NAME)) == 0)
1411 accept = cfg->Multitouch;
1412 else if (strncmp(TSMF_DVC_CHANNEL_NAME, channel->channel_name,
1413 sizeof(TSMF_DVC_CHANNEL_NAME)) == 0)
1414 accept = cfg->VideoRedirection;
1415 else if (strncmp(VIDEO_CONTROL_DVC_CHANNEL_NAME, channel->channel_name,
1416 sizeof(VIDEO_CONTROL_DVC_CHANNEL_NAME)) == 0)
1417 accept = cfg->VideoRedirection;
1418 else if (strncmp(VIDEO_DATA_DVC_CHANNEL_NAME, channel->channel_name,
1419 sizeof(VIDEO_DATA_DVC_CHANNEL_NAME)) == 0)
1420 accept = cfg->VideoRedirection;
1421 else if (strncmp(RDPECAM_DVC_CHANNEL_NAME, channel->channel_name,
1422 sizeof(RDPECAM_DVC_CHANNEL_NAME)) == 0)
1423 accept = cfg->CameraRedirection;
1424 }
1425
1426 WLog_DBG(TAG, "%s [0x%04" PRIx16 "]: %s", channel->channel_name, channel->channel_id,
1427 boolstr(accept));
1428 return accept;
1429}
1430
1431WINPR_ATTR_NODISCARD
1432static BOOL config_plugin_channel_create(proxyPlugin* plugin, WINPR_ATTR_UNUSED proxyData* pdata,
1433 void* param)
1434{
1435 BOOL accept = 0;
1436 const proxyChannelDataEventInfo* channel = (const proxyChannelDataEventInfo*)(param);
1437
1438 WINPR_ASSERT(plugin);
1439 WINPR_ASSERT(pdata);
1440 WINPR_ASSERT(channel);
1441
1442 const struct config_plugin_data* custom = plugin->custom;
1443 WINPR_ASSERT(custom);
1444
1445 const proxyConfig* cfg = custom->config;
1446 WINPR_ASSERT(cfg);
1447
1448 pf_utils_channel_mode rc = pf_utils_get_channel_mode(cfg, channel->channel_name);
1449 switch (rc)
1450 {
1451 case PF_UTILS_CHANNEL_INTERCEPT:
1452 case PF_UTILS_CHANNEL_PASSTHROUGH:
1453 accept = TRUE;
1454 break;
1455 case PF_UTILS_CHANNEL_BLOCK:
1456 default:
1457 accept = FALSE;
1458 break;
1459 }
1460 if (accept)
1461 {
1462 if (strncmp(CLIPRDR_SVC_CHANNEL_NAME, channel->channel_name,
1463 sizeof(CLIPRDR_SVC_CHANNEL_NAME)) == 0)
1464 accept = cfg->Clipboard;
1465 else if (strncmp(RDPSND_CHANNEL_NAME, channel->channel_name, sizeof(RDPSND_CHANNEL_NAME)) ==
1466 0)
1467 accept = cfg->AudioOutput;
1468 else if (strncmp(RDPDR_SVC_CHANNEL_NAME, channel->channel_name,
1469 sizeof(RDPDR_SVC_CHANNEL_NAME)) == 0)
1470 accept = cfg->DeviceRedirection;
1471 else if (strncmp(DISP_DVC_CHANNEL_NAME, channel->channel_name,
1472 sizeof(DISP_DVC_CHANNEL_NAME)) == 0)
1473 accept = cfg->DisplayControl;
1474 else if (strncmp(RAIL_SVC_CHANNEL_NAME, channel->channel_name,
1475 sizeof(RAIL_SVC_CHANNEL_NAME)) == 0)
1476 accept = cfg->RemoteApp;
1477 }
1478
1479 WLog_DBG(TAG, "%s [static]: %s", channel->channel_name, boolstr(accept));
1480 return accept;
1481}
1482
1483BOOL pf_config_plugin(proxyPluginsManager* plugins_manager, void* userdata)
1484{
1485 struct config_plugin_data* custom = nullptr;
1486 proxyPlugin plugin = WINPR_C_ARRAY_INIT;
1487
1488 plugin.name = config_plugin_name;
1489 plugin.description = config_plugin_desc;
1490 plugin.PluginUnload = config_plugin_unload;
1491
1492 plugin.KeyboardEvent = config_plugin_keyboard_event;
1493 plugin.UnicodeEvent = config_plugin_unicode_event;
1494 plugin.MouseEvent = config_plugin_mouse_event;
1495 plugin.MouseExEvent = config_plugin_mouse_ex_event;
1496 plugin.ClientChannelData = config_plugin_client_channel_data;
1497 plugin.ServerChannelData = config_plugin_server_channel_data;
1498 plugin.ChannelCreate = config_plugin_channel_create;
1499 plugin.DynamicChannelCreate = config_plugin_dynamic_channel_create;
1500 plugin.userdata = userdata;
1501
1502 custom = calloc(1, sizeof(struct config_plugin_data));
1503 if (!custom)
1504 return FALSE;
1505
1506 custom->mgr = plugins_manager;
1507 custom->config = userdata;
1508
1509 plugin.custom = custom;
1510 plugin.userdata = userdata;
1511
1512 return plugins_manager->RegisterPlugin(plugins_manager, &plugin);
1513}
1514
1515const char* pf_config_get(const proxyConfig* config, const char* section, const char* key)
1516{
1517 WINPR_ASSERT(config);
1518 WINPR_ASSERT(config->ini);
1519 WINPR_ASSERT(section);
1520 WINPR_ASSERT(key);
1521
1522 return IniFile_GetKeyValueString(config->ini, section, key);
1523}
pf_server_config_load_buffer
proxyConfig * pf_server_config_load_buffer(const char *buffer)
pf_server_config_load_buffer Create a proxyConfig from a memory string buffer in INI file format
Definition pf_config.c:892
pf_server_config_free
void pf_server_config_free(proxyConfig *config)
pf_server_config_free Releases all resources associated with proxyConfig
Definition pf_config.c:1032
pf_server_config_print
void pf_server_config_print(const proxyConfig *config)
pf_server_config_print Print the configuration to stdout
Definition pf_config.c:947
pf_config_modules
const char ** pf_config_modules(const proxyConfig *config)
pf_config_modules
Definition pf_config.c:1082
pf_config_required_plugin
const char * pf_config_required_plugin(const proxyConfig *config, size_t index)
pf_config_required_plugin
Definition pf_config.c:1067
pf_config_modules_count
size_t pf_config_modules_count(const proxyConfig *config)
pf_config_modules_count
Definition pf_config.c:1076
pf_config_clone
BOOL pf_config_clone(proxyConfig **dst, const proxyConfig *config)
pf_config_clone Create a copy of the configuration
Definition pf_config.c:1135
pf_config_required_plugins_count
size_t pf_config_required_plugins_count(const proxyConfig *config)
pf_config_required_plugins_count
Definition pf_config.c:1061
server_config_load_ini
proxyConfig * server_config_load_ini(wIniFile *ini)
server_config_load_ini Create a proxyConfig from a already loaded INI file.
Definition pf_config.c:681
pf_server_config_load_file
proxyConfig * pf_server_config_load_file(const char *path)
pf_server_config_load_file Create a proxyConfig from a INI file found at path.
Definition pf_config.c:917
pf_server_config_dump
BOOL pf_server_config_dump(const char *file)
pf_server_config_dump Dumps a default INI configuration file
Definition pf_config.c:731
pf_config_plugin
BOOL pf_config_plugin(proxyPluginsManager *plugins_manager, void *userdata)
pf_config_plugin Register a proxy plugin handling event filtering defined in the configuration.
Definition pf_config.c:1483
pf_config_get
const char * pf_config_get(const proxyConfig *config, const char *section, const char *key)
pf_config_get get a value for a section/key
Definition pf_config.c:1515