FreeRDP
Loading...
Searching...
No Matches
shadow_server.c
1
21#include <freerdp/config.h>
22
23#include <errno.h>
24#include <stdint.h>
25
26#include <winpr/assert.h>
27#include <winpr/crt.h>
28#include <winpr/ssl.h>
29#include <winpr/path.h>
30#include <winpr/cmdline.h>
31#include <winpr/winsock.h>
32
33#include <freerdp/log.h>
34#include <freerdp/version.h>
35
36#include <winpr/tools/makecert.h>
37
38#ifndef _WIN32
39#include <sys/select.h>
40#include <signal.h>
41#endif
42
43#include "shadow.h"
44
45#define TAG SERVER_TAG("shadow")
46
47static const char bind_address[] = "bind-address,";
48
49#define fail_at(arg, rc) fail_at_((arg), (rc), __FILE__, __func__, __LINE__)
50static int fail_at_(const COMMAND_LINE_ARGUMENT_A* arg, int rc, const char* file, const char* fkt,
51 size_t line)
52{
53 const DWORD level = WLOG_ERROR;
54 wLog* log = WLog_Get(TAG);
55 if (WLog_IsLevelActive(log, level))
56 WLog_PrintMessage(log, WLOG_MESSAGE_TEXT, level, line, file, fkt,
57 "Command line parsing failed at '%s' value '%s' [%d]", arg->Name,
58 arg->Value, rc);
59 return rc;
60}
61
62static int command_line_compare(const void* pa, const void* pb)
63{
64 const COMMAND_LINE_ARGUMENT_A* a = pa;
65 const COMMAND_LINE_ARGUMENT_A* b = pb;
66
67 if (!a && !b)
68 return 0;
69 if (!a)
70 return -1;
71 if (!b)
72 return 1;
73
74 return strcmp(a->Name, b->Name);
75}
76
77static int shadow_server_print_command_line_help(int argc, char** argv,
78 const COMMAND_LINE_ARGUMENT_A* largs)
79{
80 if ((argc < 1) || !largs || !argv)
81 return -1;
82
83 {
84 char* path = winpr_GetConfigFilePath(TRUE, "SAM");
85 printf("Usage: %s [options]\n", argv[0]);
86 printf("\n");
87 printf("Notes: By default NLA security is active.\n");
88 printf("\tIn this mode a SAM database is required.\n");
89 printf("\tProvide one with /sam-file:<file with path>\n");
90 printf("\telse the default path %s is used.\n", path);
91 printf("\tIf there is no existing SAM file authentication for all users will fail.\n");
92 printf("\n\tIf authentication against PAM is desired, start with -sec-nla (requires "
93 "compiled in "
94 "support for PAM)\n\n");
95 printf("Syntax:\n");
96 printf(" /flag (enables flag)\n");
97 printf(" /option:<value> (specifies option with value)\n");
98 printf(" +toggle -toggle (enables or disables toggle, where '/' is a synonym of '+')\n");
99 printf("\n");
100 free(path);
101 }
102
103 // TODO: Sort arguments
104 size_t nrArgs = 0;
105 {
106 const COMMAND_LINE_ARGUMENT_A* arg = largs;
107 while (arg->Name != NULL)
108 {
109 nrArgs++;
110 arg++;
111 }
112 nrArgs++;
113 }
114 COMMAND_LINE_ARGUMENT_A* args_copy = calloc(nrArgs, sizeof(COMMAND_LINE_ARGUMENT_A));
115 if (!args_copy)
116 return -1;
117 memcpy(args_copy, largs, nrArgs * sizeof(COMMAND_LINE_ARGUMENT_A));
118 qsort(args_copy, nrArgs - 1, sizeof(COMMAND_LINE_ARGUMENT_A), command_line_compare);
119
120 const COMMAND_LINE_ARGUMENT_A* arg = args_copy;
121
122 int rc = -1;
123 do
124 {
125 if (arg->Flags & COMMAND_LINE_VALUE_FLAG)
126 {
127 printf(" %s", "/");
128 printf("%-20s\n", arg->Name);
129 printf("\t%s\n", arg->Text);
130 }
131 else if ((arg->Flags & COMMAND_LINE_VALUE_REQUIRED) ||
132 (arg->Flags & COMMAND_LINE_VALUE_OPTIONAL))
133 {
134 printf(" %s", "/");
135
136 if (arg->Format)
137 {
138 const size_t length = (strlen(arg->Name) + strlen(arg->Format) + 2);
139 char* str = (char*)calloc(length + 1, sizeof(char));
140
141 if (!str)
142 goto fail;
143
144 (void)sprintf_s(str, length + 1, "%s:%s", arg->Name, arg->Format);
145 (void)printf("%-20s\n", str);
146 free(str);
147 }
148 else
149 {
150 printf("%-20s\n", arg->Name);
151 }
152
153 printf("\t%s\n", arg->Text);
154 }
155 else if (arg->Flags & COMMAND_LINE_VALUE_BOOL)
156 {
157 const size_t length = strlen(arg->Name) + 32;
158 char* str = calloc(length + 1, sizeof(char));
159
160 if (!str)
161 goto fail;
162
163 (void)sprintf_s(str, length + 1, "%s (default:%s)", arg->Name,
164 arg->Default ? "on" : "off");
165 (void)printf(" %s", arg->Default ? "-" : "+");
166 (void)printf("%-20s\n", str);
167 (void)printf("\t%s\n", arg->Text);
168
169 free(str);
170 }
171 } while ((arg = CommandLineFindNextArgumentA(arg)) != NULL);
172
173 rc = 1;
174fail:
175 free(args_copy);
176 return rc;
177}
178
179int shadow_server_command_line_status_print(rdpShadowServer* server, int argc, char** argv,
180 int status, const COMMAND_LINE_ARGUMENT_A* cargs)
181{
182 WINPR_UNUSED(server);
183
184 if (status == COMMAND_LINE_STATUS_PRINT_VERSION)
185 {
186 printf("FreeRDP version %s (git %s)\n", FREERDP_VERSION_FULL, FREERDP_GIT_REVISION);
187 return COMMAND_LINE_STATUS_PRINT_VERSION;
188 }
189 else if (status == COMMAND_LINE_STATUS_PRINT_BUILDCONFIG)
190 {
191 printf("%s\n", freerdp_get_build_config());
192 return COMMAND_LINE_STATUS_PRINT_BUILDCONFIG;
193 }
194 else if (status == COMMAND_LINE_STATUS_PRINT)
195 {
196 return COMMAND_LINE_STATUS_PRINT;
197 }
198 else if (status < 0)
199 {
200 if (shadow_server_print_command_line_help(argc, argv, cargs) < 0)
201 return -1;
202
203 return COMMAND_LINE_STATUS_PRINT_HELP;
204 }
205
206 return 1;
207}
208
209int shadow_server_parse_command_line(rdpShadowServer* server, int argc, char** argv,
210 COMMAND_LINE_ARGUMENT_A* cargs)
211{
212 int status = 0;
213 DWORD flags = 0;
214 const COMMAND_LINE_ARGUMENT_A* arg = NULL;
215 rdpSettings* settings = server->settings;
216
217 if ((argc < 2) || !argv || !cargs)
218 return 1;
219
220 CommandLineClearArgumentsA(cargs);
221 flags = COMMAND_LINE_SEPARATOR_COLON;
222 flags |= COMMAND_LINE_SIGIL_SLASH | COMMAND_LINE_SIGIL_PLUS_MINUS;
223 status = CommandLineParseArgumentsA(argc, argv, cargs, flags, server, NULL, NULL);
224
225 if (status < 0)
226 return status;
227
228 arg = cargs;
229 errno = 0;
230
231 do
232 {
233 if (!(arg->Flags & COMMAND_LINE_ARGUMENT_PRESENT))
234 continue;
235
236 CommandLineSwitchStart(arg) CommandLineSwitchCase(arg, "port")
237 {
238 long val = strtol(arg->Value, NULL, 0);
239
240 if ((errno != 0) || (val <= 0) || (val > UINT16_MAX))
241 return fail_at(arg, COMMAND_LINE_ERROR);
242
243 server->port = (DWORD)val;
244 }
245 CommandLineSwitchCase(arg, "ipc-socket")
246 {
247 /* /bind-address is incompatible */
248 if (server->ipcSocket)
249 return fail_at(arg, COMMAND_LINE_ERROR);
250 server->ipcSocket = _strdup(arg->Value);
251
252 if (!server->ipcSocket)
253 return fail_at(arg, COMMAND_LINE_ERROR);
254 }
255 CommandLineSwitchCase(arg, "bind-address")
256 {
257 int rc = 0;
258 size_t len = strlen(arg->Value) + sizeof(bind_address);
259 /* /ipc-socket is incompatible */
260 if (server->ipcSocket)
261 return fail_at(arg, COMMAND_LINE_ERROR);
262 server->ipcSocket = calloc(len, sizeof(CHAR));
263
264 if (!server->ipcSocket)
265 return fail_at(arg, COMMAND_LINE_ERROR);
266
267 rc = _snprintf(server->ipcSocket, len, "%s%s", bind_address, arg->Value);
268 if ((rc < 0) || ((size_t)rc != len - 1))
269 return fail_at(arg, COMMAND_LINE_ERROR);
270 }
271 CommandLineSwitchCase(arg, "may-view")
272 {
273 server->mayView = arg->Value ? TRUE : FALSE;
274 }
275 CommandLineSwitchCase(arg, "bitmap-compat")
276 {
277 server->SupportMultiRectBitmapUpdates = arg->Value ? FALSE : TRUE;
278 }
279 CommandLineSwitchCase(arg, "may-interact")
280 {
281 server->mayInteract = arg->Value ? TRUE : FALSE;
282 }
283 CommandLineSwitchCase(arg, "server-side-cursor")
284 {
285 server->ShowMouseCursor = arg->Value ? TRUE : FALSE;
286 }
287 CommandLineSwitchCase(arg, "mouse-relative")
288 {
289 const BOOL val = arg->Value ? TRUE : FALSE;
290 if (!freerdp_settings_set_bool(settings, FreeRDP_MouseUseRelativeMove, val) ||
291 !freerdp_settings_set_bool(settings, FreeRDP_HasRelativeMouseEvent, val))
292 return fail_at(arg, COMMAND_LINE_ERROR);
293 }
294 CommandLineSwitchCase(arg, "max-connections")
295 {
296 errno = 0;
297 unsigned long val = strtoul(arg->Value, NULL, 0);
298
299 if ((errno != 0) || (val > UINT32_MAX))
300 return fail_at(arg, COMMAND_LINE_ERROR);
301 server->maxClientsConnected = val;
302 }
303 CommandLineSwitchCase(arg, "rect")
304 {
305 char* p = NULL;
306 char* tok[4];
307 long x = -1;
308 long y = -1;
309 long w = -1;
310 long h = -1;
311 char* str = _strdup(arg->Value);
312
313 if (!str)
314 return fail_at(arg, COMMAND_LINE_ERROR);
315
316 tok[0] = p = str;
317 p = strchr(p + 1, ',');
318
319 if (!p)
320 {
321 free(str);
322 return fail_at(arg, COMMAND_LINE_ERROR);
323 }
324
325 *p++ = '\0';
326 tok[1] = p;
327 p = strchr(p + 1, ',');
328
329 if (!p)
330 {
331 free(str);
332 return fail_at(arg, COMMAND_LINE_ERROR);
333 }
334
335 *p++ = '\0';
336 tok[2] = p;
337 p = strchr(p + 1, ',');
338
339 if (!p)
340 {
341 free(str);
342 return fail_at(arg, COMMAND_LINE_ERROR);
343 }
344
345 *p++ = '\0';
346 tok[3] = p;
347 x = strtol(tok[0], NULL, 0);
348
349 if (errno != 0)
350 goto fail;
351
352 y = strtol(tok[1], NULL, 0);
353
354 if (errno != 0)
355 goto fail;
356
357 w = strtol(tok[2], NULL, 0);
358
359 if (errno != 0)
360 goto fail;
361
362 h = strtol(tok[3], NULL, 0);
363
364 if (errno != 0)
365 goto fail;
366
367 fail:
368 free(str);
369
370 if ((x < 0) || (y < 0) || (w < 1) || (h < 1) || (errno != 0))
371 return fail_at(arg, COMMAND_LINE_ERROR);
372
373 if ((x > UINT16_MAX) || (y > UINT16_MAX) || (x + w > UINT16_MAX) ||
374 (y + h > UINT16_MAX))
375 return fail_at(arg, COMMAND_LINE_ERROR);
376 server->subRect.left = (UINT16)x;
377 server->subRect.top = (UINT16)y;
378 server->subRect.right = (UINT16)(x + w);
379 server->subRect.bottom = (UINT16)(y + h);
380 server->shareSubRect = TRUE;
381 }
382 CommandLineSwitchCase(arg, "auth")
383 {
384 server->authentication = arg->Value ? TRUE : FALSE;
385 }
386 CommandLineSwitchCase(arg, "remote-guard")
387 {
388 if (!freerdp_settings_set_bool(settings, FreeRDP_RemoteCredentialGuard,
389 arg->Value ? TRUE : FALSE))
390 return fail_at(arg, COMMAND_LINE_ERROR);
391 }
392 CommandLineSwitchCase(arg, "sec")
393 {
394 if (strcmp("rdp", arg->Value) == 0) /* Standard RDP */
395 {
396 if (!freerdp_settings_set_bool(settings, FreeRDP_RdpSecurity, TRUE))
397 return fail_at(arg, COMMAND_LINE_ERROR);
398 if (!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, FALSE))
399 return fail_at(arg, COMMAND_LINE_ERROR);
400 if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE))
401 return fail_at(arg, COMMAND_LINE_ERROR);
402 if (!freerdp_settings_set_bool(settings, FreeRDP_ExtSecurity, FALSE))
403 return fail_at(arg, COMMAND_LINE_ERROR);
404 if (!freerdp_settings_set_bool(settings, FreeRDP_UseRdpSecurityLayer, TRUE))
405 return fail_at(arg, COMMAND_LINE_ERROR);
406 }
407 else if (strcmp("tls", arg->Value) == 0) /* TLS */
408 {
409 if (!freerdp_settings_set_bool(settings, FreeRDP_RdpSecurity, FALSE))
410 return fail_at(arg, COMMAND_LINE_ERROR);
411 if (!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, TRUE))
412 return fail_at(arg, COMMAND_LINE_ERROR);
413 if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE))
414 return fail_at(arg, COMMAND_LINE_ERROR);
415 if (!freerdp_settings_set_bool(settings, FreeRDP_ExtSecurity, FALSE))
416 return fail_at(arg, COMMAND_LINE_ERROR);
417 }
418 else if (strcmp("nla", arg->Value) == 0) /* NLA */
419 {
420 if (!freerdp_settings_set_bool(settings, FreeRDP_RdpSecurity, FALSE))
421 return fail_at(arg, COMMAND_LINE_ERROR);
422 if (!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, FALSE))
423 return fail_at(arg, COMMAND_LINE_ERROR);
424 if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, TRUE))
425 return fail_at(arg, COMMAND_LINE_ERROR);
426 if (!freerdp_settings_set_bool(settings, FreeRDP_ExtSecurity, FALSE))
427 return fail_at(arg, COMMAND_LINE_ERROR);
428 }
429 else if (strcmp("ext", arg->Value) == 0) /* NLA Extended */
430 {
431 if (!freerdp_settings_set_bool(settings, FreeRDP_RdpSecurity, FALSE))
432 return fail_at(arg, COMMAND_LINE_ERROR);
433 if (!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, FALSE))
434 return fail_at(arg, COMMAND_LINE_ERROR);
435 if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE))
436 return fail_at(arg, COMMAND_LINE_ERROR);
437 if (!freerdp_settings_set_bool(settings, FreeRDP_ExtSecurity, TRUE))
438 return fail_at(arg, COMMAND_LINE_ERROR);
439 }
440 else
441 {
442 WLog_ERR(TAG, "unknown protocol security: %s", arg->Value);
443 return fail_at(arg, COMMAND_LINE_ERROR_UNEXPECTED_VALUE);
444 }
445 }
446 CommandLineSwitchCase(arg, "sec-rdp")
447 {
448 if (!freerdp_settings_set_bool(settings, FreeRDP_RdpSecurity,
449 arg->Value ? TRUE : FALSE))
450 return fail_at(arg, COMMAND_LINE_ERROR);
451 }
452 CommandLineSwitchCase(arg, "sec-tls")
453 {
454 if (!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity,
455 arg->Value ? TRUE : FALSE))
456 return fail_at(arg, COMMAND_LINE_ERROR);
457 }
458 CommandLineSwitchCase(arg, "sec-nla")
459 {
460 if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity,
461 arg->Value ? TRUE : FALSE))
462 return fail_at(arg, COMMAND_LINE_ERROR);
463 }
464 CommandLineSwitchCase(arg, "sec-ext")
465 {
466 if (!freerdp_settings_set_bool(settings, FreeRDP_ExtSecurity,
467 arg->Value ? TRUE : FALSE))
468 return fail_at(arg, COMMAND_LINE_ERROR);
469 }
470 CommandLineSwitchCase(arg, "sam-file")
471 {
472 if (!freerdp_settings_set_string(settings, FreeRDP_NtlmSamFile, arg->Value))
473 return fail_at(arg, COMMAND_LINE_ERROR);
474 }
475 CommandLineSwitchCase(arg, "log-level")
476 {
477 wLog* root = WLog_GetRoot();
478
479 if (!WLog_SetStringLogLevel(root, arg->Value))
480 return fail_at(arg, COMMAND_LINE_ERROR);
481 }
482 CommandLineSwitchCase(arg, "log-filters")
483 {
484 if (!WLog_AddStringLogFilters(arg->Value))
485 return fail_at(arg, COMMAND_LINE_ERROR);
486 }
487 CommandLineSwitchCase(arg, "nsc")
488 {
489 if (!freerdp_settings_set_bool(settings, FreeRDP_NSCodec, arg->Value ? TRUE : FALSE))
490 return fail_at(arg, COMMAND_LINE_ERROR);
491 }
492 CommandLineSwitchCase(arg, "rfx")
493 {
494 if (!freerdp_settings_set_bool(settings, FreeRDP_RemoteFxCodec,
495 arg->Value ? TRUE : FALSE))
496 return fail_at(arg, COMMAND_LINE_ERROR);
497 }
498 CommandLineSwitchCase(arg, "gfx")
499 {
500 if (!freerdp_settings_set_bool(settings, FreeRDP_SupportGraphicsPipeline,
501 arg->Value ? TRUE : FALSE))
502 return fail_at(arg, COMMAND_LINE_ERROR);
503 }
504 CommandLineSwitchCase(arg, "gfx-progressive")
505 {
506 if (!freerdp_settings_set_bool(settings, FreeRDP_GfxProgressive,
507 arg->Value ? TRUE : FALSE))
508 return fail_at(arg, COMMAND_LINE_ERROR);
509 }
510 CommandLineSwitchCase(arg, "gfx-rfx")
511 {
512 if (!freerdp_settings_set_bool(settings, FreeRDP_RemoteFxCodec,
513 arg->Value ? TRUE : FALSE))
514 return fail_at(arg, COMMAND_LINE_ERROR);
515 }
516 CommandLineSwitchCase(arg, "gfx-planar")
517 {
518 if (!freerdp_settings_set_bool(settings, FreeRDP_GfxPlanar, arg->Value ? TRUE : FALSE))
519 return fail_at(arg, COMMAND_LINE_ERROR);
520 }
521 CommandLineSwitchCase(arg, "gfx-avc420")
522 {
523 if (!freerdp_settings_set_bool(settings, FreeRDP_GfxH264, arg->Value ? TRUE : FALSE))
524 return fail_at(arg, COMMAND_LINE_ERROR);
525 }
526 CommandLineSwitchCase(arg, "gfx-avc444")
527 {
528 if (!freerdp_settings_set_bool(settings, FreeRDP_GfxAVC444v2,
529 arg->Value ? TRUE : FALSE))
530 return fail_at(arg, COMMAND_LINE_ERROR);
531 if (!freerdp_settings_set_bool(settings, FreeRDP_GfxAVC444, arg->Value ? TRUE : FALSE))
532 return fail_at(arg, COMMAND_LINE_ERROR);
533 }
534 CommandLineSwitchCase(arg, "keytab")
535 {
536 if (!freerdp_settings_set_string(settings, FreeRDP_KerberosKeytab, arg->Value))
537 return fail_at(arg, COMMAND_LINE_ERROR);
538 }
539 CommandLineSwitchCase(arg, "ccache")
540 {
541 if (!freerdp_settings_set_string(settings, FreeRDP_KerberosCache, arg->Value))
542 return fail_at(arg, COMMAND_LINE_ERROR);
543 }
544 CommandLineSwitchCase(arg, "tls-secrets-file")
545 {
546 if (!freerdp_settings_set_string(settings, FreeRDP_TlsSecretsFile, arg->Value))
547 return fail_at(arg, COMMAND_LINE_ERROR);
548 }
549 CommandLineSwitchDefault(arg)
550 {
551 }
552 CommandLineSwitchEnd(arg)
553 } while ((arg = CommandLineFindNextArgumentA(arg)) != NULL);
554
555 arg = CommandLineFindArgumentA(cargs, "monitors");
556
557 if (arg && (arg->Flags & COMMAND_LINE_ARGUMENT_PRESENT))
558 {
559 UINT32 numMonitors = 0;
560 MONITOR_DEF monitors[16] = { 0 };
561 numMonitors = shadow_enum_monitors(monitors, 16);
562
563 if (arg->Flags & COMMAND_LINE_VALUE_PRESENT)
564 {
565 /* Select monitors */
566 long val = strtol(arg->Value, NULL, 0);
567
568 if ((val < 0) || (errno != 0) || ((UINT32)val >= numMonitors))
569 status = COMMAND_LINE_STATUS_PRINT;
570
571 server->selectedMonitor = (UINT32)val;
572 }
573 else
574 {
575 /* List monitors */
576
577 for (UINT32 index = 0; index < numMonitors; index++)
578 {
579 const MONITOR_DEF* monitor = &monitors[index];
580 const INT64 width = monitor->right - monitor->left + 1;
581 const INT64 height = monitor->bottom - monitor->top + 1;
582 WLog_INFO(TAG, " %s [%d] %" PRId64 "x%" PRId64 "\t+%" PRId32 "+%" PRId32 "",
583 (monitor->flags == 1) ? "*" : " ", index, width, height, monitor->left,
584 monitor->top);
585 }
586
587 status = COMMAND_LINE_STATUS_PRINT;
588 }
589 }
590
591 /* If we want to disable authentication we need to ensure that NLA security
592 * is not activated. Only TLS and RDP security allow anonymous login.
593 */
594 if (!server->authentication)
595 {
596 if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE))
597 return COMMAND_LINE_ERROR;
598 }
599 return status;
600}
601
602static DWORD WINAPI shadow_server_thread(LPVOID arg)
603{
604 rdpShadowServer* server = (rdpShadowServer*)arg;
605 BOOL running = TRUE;
606 DWORD status = 0;
607 freerdp_listener* listener = server->listener;
608 shadow_subsystem_start(server->subsystem);
609
610 while (running)
611 {
612 HANDLE events[MAXIMUM_WAIT_OBJECTS] = { 0 };
613 DWORD nCount = 0;
614 events[nCount++] = server->StopEvent;
615 nCount += listener->GetEventHandles(listener, &events[nCount], ARRAYSIZE(events) - nCount);
616
617 if (nCount <= 1)
618 {
619 WLog_ERR(TAG, "Failed to get FreeRDP file descriptor");
620 break;
621 }
622
623 status = WaitForMultipleObjects(nCount, events, FALSE, INFINITE);
624
625 switch (status)
626 {
627 case WAIT_FAILED:
628 case WAIT_OBJECT_0:
629 running = FALSE;
630 break;
631
632 default:
633 {
634 if (!listener->CheckFileDescriptor(listener))
635 {
636 WLog_ERR(TAG, "Failed to check FreeRDP file descriptor");
637 running = FALSE;
638 }
639 else
640 {
641#ifdef _WIN32
642 Sleep(100); /* FIXME: listener event handles */
643#endif
644 }
645 }
646 break;
647 }
648 }
649
650 listener->Close(listener);
651 shadow_subsystem_stop(server->subsystem);
652
653 /* Signal to the clients that server is being stopped and wait for them
654 * to disconnect. */
655 if (shadow_client_boardcast_quit(server, 0))
656 {
657 while (ArrayList_Count(server->clients) > 0)
658 {
659 Sleep(100);
660 }
661 }
662
663 ExitThread(0);
664 return 0;
665}
666
667static BOOL open_port(rdpShadowServer* server, char* address)
668{
669 BOOL status = 0;
670 char* modaddr = address;
671
672 if (modaddr)
673 {
674 if (modaddr[0] == '[')
675 {
676 char* end = strchr(address, ']');
677 if (!end)
678 {
679 WLog_ERR(TAG, "Could not parse bind-address %s", address);
680 return -1;
681 }
682 *end++ = '\0';
683 if (strlen(end) > 0)
684 {
685 WLog_ERR(TAG, "Excess data after IPv6 address: '%s'", end);
686 return -1;
687 }
688 modaddr++;
689 }
690 }
691 status = server->listener->Open(server->listener, modaddr, (UINT16)server->port);
692
693 if (!status)
694 {
695 WLog_ERR(TAG,
696 "Problem creating TCP listener. (Port already used or insufficient permissions?)");
697 }
698
699 return status;
700}
701
702int shadow_server_start(rdpShadowServer* server)
703{
704 BOOL ipc = 0;
705 BOOL status = 0;
706 WSADATA wsaData;
707
708 if (!server)
709 return -1;
710
711 if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0)
712 return -1;
713
714#ifndef _WIN32
715 (void)signal(SIGPIPE, SIG_IGN);
716#endif
717 server->screen = shadow_screen_new(server);
718
719 if (!server->screen)
720 {
721 WLog_ERR(TAG, "screen_new failed");
722 return -1;
723 }
724
725 server->capture = shadow_capture_new(server);
726
727 if (!server->capture)
728 {
729 WLog_ERR(TAG, "capture_new failed");
730 return -1;
731 }
732
733 /* Bind magic:
734 *
735 * empty ... bind TCP all
736 * <local path> ... bind local (IPC)
737 * bind-socket,<address> ... bind TCP to specified interface
738 */
739 ipc = server->ipcSocket && (strncmp(bind_address, server->ipcSocket,
740 strnlen(bind_address, sizeof(bind_address))) != 0);
741 if (!ipc)
742 {
743 size_t count = 0;
744
745 char** ptr = CommandLineParseCommaSeparatedValuesEx(NULL, server->ipcSocket, &count);
746 if (!ptr || (count <= 1))
747 {
748 if (server->ipcSocket == NULL)
749 {
750 if (!open_port(server, NULL))
751 {
752 CommandLineParserFree(ptr);
753 return -1;
754 }
755 }
756 else
757 {
758 CommandLineParserFree(ptr);
759 return -1;
760 }
761 }
762
763 WINPR_ASSERT(ptr || (count == 0));
764 for (size_t x = 1; x < count; x++)
765 {
766 BOOL success = open_port(server, ptr[x]);
767 if (!success)
768 {
769 CommandLineParserFree(ptr);
770 return -1;
771 }
772 }
773 CommandLineParserFree(ptr);
774 }
775 else
776 {
777 status = server->listener->OpenLocal(server->listener, server->ipcSocket);
778
779 if (!status)
780 {
781 WLog_ERR(TAG, "Problem creating local socket listener. (Port already used or "
782 "insufficient permissions?)");
783 return -1;
784 }
785 }
786
787 if (!(server->thread = CreateThread(NULL, 0, shadow_server_thread, (void*)server, 0, NULL)))
788 {
789 return -1;
790 }
791
792 return 0;
793}
794
795int shadow_server_stop(rdpShadowServer* server)
796{
797 if (!server)
798 return -1;
799
800 if (server->thread)
801 {
802 (void)SetEvent(server->StopEvent);
803 (void)WaitForSingleObject(server->thread, INFINITE);
804 (void)CloseHandle(server->thread);
805 server->thread = NULL;
806 if (server->listener && server->listener->Close)
807 server->listener->Close(server->listener);
808 }
809
810 if (server->screen)
811 {
812 shadow_screen_free(server->screen);
813 server->screen = NULL;
814 }
815
816 if (server->capture)
817 {
818 shadow_capture_free(server->capture);
819 server->capture = NULL;
820 }
821
822 return 0;
823}
824
825static int shadow_server_init_config_path(rdpShadowServer* server)
826{
827 if (!server->ConfigPath)
828 {
829 char* configHome = freerdp_settings_get_config_path();
830
831 if (configHome)
832 {
833 if (!winpr_PathFileExists(configHome) && !winpr_PathMakePath(configHome, 0))
834 {
835 WLog_ERR(TAG, "Failed to create directory '%s'", configHome);
836 free(configHome);
837 return -1;
838 }
839
840 server->ConfigPath = configHome;
841 }
842 }
843
844 if (!server->ConfigPath)
845 return -1; /* no usable config path */
846
847 return 1;
848}
849
850static BOOL shadow_server_create_certificate(rdpShadowServer* server, const char* filepath)
851{
852 BOOL rc = FALSE;
853 char* makecert_argv[6] = { "makecert", "-rdp", "-live", "-silent", "-y", "5" };
854
855 WINPR_STATIC_ASSERT(ARRAYSIZE(makecert_argv) <= INT_MAX);
856 const size_t makecert_argc = ARRAYSIZE(makecert_argv);
857
858 MAKECERT_CONTEXT* makecert = makecert_context_new();
859
860 if (!makecert)
861 goto out_fail;
862
863 if (makecert_context_process(makecert, (int)makecert_argc, makecert_argv) < 0)
864 goto out_fail;
865
866 if (makecert_context_set_output_file_name(makecert, "shadow") != 1)
867 goto out_fail;
868
869 WINPR_ASSERT(server);
870 WINPR_ASSERT(filepath);
871 if (!winpr_PathFileExists(server->CertificateFile))
872 {
873 if (makecert_context_output_certificate_file(makecert, filepath) != 1)
874 goto out_fail;
875 }
876
877 if (!winpr_PathFileExists(server->PrivateKeyFile))
878 {
879 if (makecert_context_output_private_key_file(makecert, filepath) != 1)
880 goto out_fail;
881 }
882 rc = TRUE;
883out_fail:
884 makecert_context_free(makecert);
885 return rc;
886}
887static BOOL shadow_server_init_certificate(rdpShadowServer* server)
888{
889 char* filepath = NULL;
890 BOOL ret = FALSE;
891
892 WINPR_ASSERT(server);
893
894 if (!winpr_PathFileExists(server->ConfigPath) && !winpr_PathMakePath(server->ConfigPath, 0))
895 {
896 WLog_ERR(TAG, "Failed to create directory '%s'", server->ConfigPath);
897 return FALSE;
898 }
899
900 if (!(filepath = GetCombinedPath(server->ConfigPath, "shadow")))
901 return FALSE;
902
903 if (!winpr_PathFileExists(filepath) && !winpr_PathMakePath(filepath, 0))
904 {
905 if (!CreateDirectoryA(filepath, 0))
906 {
907 WLog_ERR(TAG, "Failed to create directory '%s'", filepath);
908 goto out_fail;
909 }
910 }
911
912 server->CertificateFile = GetCombinedPath(filepath, "shadow.crt");
913 server->PrivateKeyFile = GetCombinedPath(filepath, "shadow.key");
914
915 if (!server->CertificateFile || !server->PrivateKeyFile)
916 goto out_fail;
917
918 if ((!winpr_PathFileExists(server->CertificateFile)) ||
919 (!winpr_PathFileExists(server->PrivateKeyFile)))
920 {
921 if (!shadow_server_create_certificate(server, filepath))
922 goto out_fail;
923 }
924
925 rdpSettings* settings = server->settings;
926 WINPR_ASSERT(settings);
927
928 rdpPrivateKey* key = freerdp_key_new_from_file_enc(server->PrivateKeyFile, NULL);
929 if (!key)
930 goto out_fail;
931 if (!freerdp_settings_set_pointer_len(settings, FreeRDP_RdpServerRsaKey, key, 1))
932 goto out_fail;
933
934 rdpCertificate* cert = freerdp_certificate_new_from_file(server->CertificateFile);
935 if (!cert)
936 goto out_fail;
937
938 if (!freerdp_settings_set_pointer_len(settings, FreeRDP_RdpServerCertificate, cert, 1))
939 goto out_fail;
940
941 if (!freerdp_certificate_is_rdp_security_compatible(cert))
942 {
943 if (!freerdp_settings_set_bool(settings, FreeRDP_UseRdpSecurityLayer, FALSE))
944 goto out_fail;
945 if (!freerdp_settings_set_bool(settings, FreeRDP_RdpSecurity, FALSE))
946 goto out_fail;
947 }
948 ret = TRUE;
949out_fail:
950 free(filepath);
951 return ret;
952}
953
954static BOOL shadow_server_check_peer_restrictions(freerdp_listener* listener)
955{
956 WINPR_ASSERT(listener);
957
958 rdpShadowServer* server = (rdpShadowServer*)listener->info;
959 WINPR_ASSERT(server);
960
961 if (server->maxClientsConnected > 0)
962 {
963 const size_t count = ArrayList_Count(server->clients);
964 if (count >= server->maxClientsConnected)
965 {
966 WLog_WARN(TAG, "connection limit [%" PRIuz "] reached, discarding client",
967 server->maxClientsConnected);
968 return FALSE;
969 }
970 }
971 return TRUE;
972}
973
974int shadow_server_init(rdpShadowServer* server)
975{
976 int status = 0;
977 winpr_InitializeSSL(WINPR_SSL_INIT_DEFAULT);
978 WTSRegisterWtsApiFunctionTable(FreeRDP_InitWtsApi());
979
980 if (!(server->clients = ArrayList_New(TRUE)))
981 goto fail;
982
983 if (!(server->StopEvent = CreateEvent(NULL, TRUE, FALSE, NULL)))
984 goto fail;
985
986 if (!InitializeCriticalSectionAndSpinCount(&(server->lock), 4000))
987 goto fail;
988
989 status = shadow_server_init_config_path(server);
990
991 if (status < 0)
992 goto fail;
993
994 if (!shadow_server_init_certificate(server))
995 goto fail;
996
997 server->listener = freerdp_listener_new();
998
999 if (!server->listener)
1000 goto fail;
1001
1002 server->listener->info = (void*)server;
1003 server->listener->CheckPeerAcceptRestrictions = shadow_server_check_peer_restrictions;
1004 server->listener->PeerAccepted = shadow_client_accepted;
1005 server->subsystem = shadow_subsystem_new();
1006
1007 if (!server->subsystem)
1008 goto fail;
1009
1010 status = shadow_subsystem_init(server->subsystem, server);
1011 if (status < 0)
1012 goto fail;
1013
1014 return status;
1015
1016fail:
1017 shadow_server_uninit(server);
1018 WLog_ERR(TAG, "Failed to initialize shadow server");
1019 return -1;
1020}
1021
1022int shadow_server_uninit(rdpShadowServer* server)
1023{
1024 if (!server)
1025 return -1;
1026
1027 shadow_server_stop(server);
1028 shadow_subsystem_uninit(server->subsystem);
1029 shadow_subsystem_free(server->subsystem);
1030 server->subsystem = NULL;
1031 freerdp_listener_free(server->listener);
1032 server->listener = NULL;
1033 free(server->CertificateFile);
1034 server->CertificateFile = NULL;
1035 free(server->PrivateKeyFile);
1036 server->PrivateKeyFile = NULL;
1037 free(server->ConfigPath);
1038 server->ConfigPath = NULL;
1039 DeleteCriticalSection(&(server->lock));
1040 (void)CloseHandle(server->StopEvent);
1041 server->StopEvent = NULL;
1042 ArrayList_Free(server->clients);
1043 server->clients = NULL;
1044 return 1;
1045}
1046
1047rdpShadowServer* shadow_server_new(void)
1048{
1049 rdpShadowServer* server = NULL;
1050 server = (rdpShadowServer*)calloc(1, sizeof(rdpShadowServer));
1051
1052 if (!server)
1053 return NULL;
1054
1055 server->SupportMultiRectBitmapUpdates = TRUE;
1056 server->port = 3389;
1057 server->mayView = TRUE;
1058 server->mayInteract = TRUE;
1059 server->h264RateControlMode = H264_RATECONTROL_VBR;
1060 server->h264BitRate = 10000000;
1061 server->h264FrameRate = 30;
1062 server->h264QP = 0;
1063 server->authentication = TRUE;
1064 server->settings = freerdp_settings_new(FREERDP_SETTINGS_SERVER_MODE);
1065 return server;
1066}
1067
1068void shadow_server_free(rdpShadowServer* server)
1069{
1070 if (!server)
1071 return;
1072
1073 free(server->ipcSocket);
1074 server->ipcSocket = NULL;
1075 freerdp_settings_free(server->settings);
1076 server->settings = NULL;
1077 free(server);
1078}
freerdp_settings_set_string
FREERDP_API BOOL freerdp_settings_set_string(rdpSettings *settings, FreeRDP_Settings_Keys_String id, const char *param)
Sets a string settings value. The param is copied.
Definition settings_getters.c:3683
freerdp_settings_new
FREERDP_API rdpSettings * freerdp_settings_new(DWORD flags)
creates a new setting struct
Definition core/settings.c:786
freerdp_settings_set_pointer_len
FREERDP_API BOOL freerdp_settings_set_pointer_len(rdpSettings *settings, FreeRDP_Settings_Keys_Pointer id, const void *data, size_t len)
Set a pointer to value data.
Definition common/settings.c:1431
freerdp_settings_free
FREERDP_API void freerdp_settings_free(rdpSettings *settings)
Free a settings struct with all data in it.
Definition core/settings.c:1278
FREERDP_SETTINGS_SERVER_MODE
#define FREERDP_SETTINGS_SERVER_MODE
Definition include/freerdp/settings.h:80
freerdp_settings_get_config_path
FREERDP_API char * freerdp_settings_get_config_path(void)
return the configuration directory for the library
Definition core/settings.c:767
freerdp_settings_set_bool
FREERDP_API BOOL freerdp_settings_set_bool(rdpSettings *settings, FreeRDP_Settings_Keys_Bool id, BOOL param)
Sets a BOOL settings value.
MONITOR_DEF
Definition settings_types.h:405
COMMAND_LINE_ARGUMENT_A
Definition winpr/include/winpr/cmdline.h:100