diff --git a/libfreerdp/core/capabilities.c b/libfreerdp/core/capabilities.c
index 1b209c137..454087452 100644
--- a/libfreerdp/core/capabilities.c
+++ b/libfreerdp/core/capabilities.c
@@ -4493,7 +4493,9 @@ BOOL rdp_recv_demand_active(rdpRdp* rdp, wStream* s, UINT16 pduSource, UINT16 le
 	if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
 		return FALSE;
 
-	const UINT32 SessionId = Stream_Get_UINT32(s); /* SessionId */
+	/* [MS-RDPBCGR] 2.2.1.13.1.1 Demand Active PDU Data (TS_DEMAND_ACTIVE_PDU)::sessionId
+	 * is ignored by client */
+	Stream_Seek_UINT32(s); /* SessionId */
 
 	{
 		rdp_secondary_update_internal* secondary = secondary_update_cast(rdp->update->secondary);
diff --git a/libfreerdp/core/gcc.c b/libfreerdp/core/gcc.c
index 3d2341365..043e9862f 100644
--- a/libfreerdp/core/gcc.c
+++ b/libfreerdp/core/gcc.c
@@ -1210,7 +1210,6 @@ BOOL gcc_read_client_core_data(wStream* s, rdpMcs* mcs)
 
 	do
 	{
-		UINT16 clientProductIdLen = 0;
 		if (blockLength < 2)
 			break;
 
@@ -1220,15 +1219,37 @@ BOOL gcc_read_client_core_data(wStream* s, rdpMcs* mcs)
 		if (blockLength < 2)
 			break;
 
-		Stream_Read_UINT16(s, clientProductIdLen); /* clientProductID (2 bytes) */
+		const UINT16 clientProductId = Stream_Get_UINT16(s); /* clientProductID (2 bytes) */
 		blockLength -= 2;
 
+		/* [MS-RDPBCGR] 2.2.1.3.2 Client Core Data (TS_UD_CS_CORE)::clientProductId (optional)
+		 * should be initialized to 1
+		 */
+		if (clientProductId != 1)
+		{
+			WLog_WARN(TAG,
+			          "[MS-RDPBCGR] 2.2.1.3.2 Client Core Data (TS_UD_CS_CORE)::clientProductId "
+			          "(optional) expected 1, got %" PRIu32,
+			          clientProductId);
+		}
+
 		if (blockLength < 4)
 			break;
 
-		Stream_Seek_UINT32(s); /* serialNumber (4 bytes) */
+		const UINT32 serialNumber = Stream_Get_UINT32(s); /* serialNumber (4 bytes) */
 		blockLength -= 4;
 
+		/* [MS-RDPBCGR] 2.2.1.3.2 Client Core Data (TS_UD_CS_CORE)::serialNumber (optional)
+		 * should be initialized to 0
+		 */
+		if (serialNumber != 0)
+		{
+			WLog_WARN(TAG,
+			          "[MS-RDPBCGR] 2.2.1.3.2 Client Core Data (TS_UD_CS_CORE)::serialNumber "
+			          "(optional) expected 0, got %" PRIu32,
+			          serialNumber);
+		}
+
 		if (blockLength < 2)
 			break;
 
@@ -1925,16 +1946,14 @@ BOOL gcc_write_client_network_data(wStream* s, const rdpMcs* mcs)
 BOOL gcc_read_server_network_data(wStream* s, rdpMcs* mcs)
 {
 	UINT16 channelId = 0;
-	UINT16 MCSChannelId = 0;
-	UINT16 channelCount = 0;
 	UINT32 parsedChannelCount = 0;
 	WINPR_ASSERT(s);
 	WINPR_ASSERT(mcs);
 	if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
 		return FALSE;
 
-	Stream_Read_UINT16(s, MCSChannelId); /* MCSChannelId */
-	Stream_Read_UINT16(s, channelCount); /* channelCount */
+	mcs->IOChannelId = Stream_Get_UINT16(s);            /* MCSChannelId */
+	const uint16_t channelCount = Stream_Get_UINT16(s); /* channelCount */
 	parsedChannelCount = channelCount;
 
 	if (channelCount != mcs->channelCount)
diff --git a/libfreerdp/core/license.c b/libfreerdp/core/license.c
index e5be3fdac..5319e9db7 100644
--- a/libfreerdp/core/license.c
+++ b/libfreerdp/core/license.c
@@ -1950,7 +1950,6 @@ fail:
 BOOL license_read_platform_challenge_packet(rdpLicense* license, wStream* s)
 {
 	BYTE macData[LICENSING_ENCRYPTION_KEY_LENGTH] = { 0 };
-	UINT32 ConnectFlags = 0;
 
 	WINPR_ASSERT(license);
 
@@ -1959,7 +1958,9 @@ BOOL license_read_platform_challenge_packet(rdpLicense* license, wStream* s)
 	if (!license_check_stream_length(s, 4, "license platform challenge"))
 		return FALSE;
 
-	Stream_Read_UINT32(s, ConnectFlags); /* ConnectFlags, Reserved (4 bytes) */
+	/* [MS-RDPELE] 2.2.2.4 Server Platform Challenge (SERVER_PLATFORM_CHALLENGE)
+	 * reserved field */
+	Stream_Seek_UINT32(s); /* ConnectFlags, Reserved (4 bytes) */
 
 	/* EncryptedPlatformChallenge */
 	license->EncryptedPlatformChallenge->type = BB_ANY_BLOB;
diff --git a/libfreerdp/core/mcs.h b/libfreerdp/core/mcs.h
index 38859bcd0..6745215a6 100644
--- a/libfreerdp/core/mcs.h
+++ b/libfreerdp/core/mcs.h
@@ -131,6 +131,7 @@ struct rdp_mcs
 
 	UINT16 userId;
 	UINT16 baseChannelId;
+	UINT16 IOChannelId;
 	UINT16 messageChannelId;
 
 	UINT32 flags;
diff --git a/libfreerdp/core/rdp.c b/libfreerdp/core/rdp.c
index c51d53043..ac640cb2b 100644
--- a/libfreerdp/core/rdp.c
+++ b/libfreerdp/core/rdp.c
@@ -643,7 +643,8 @@ BOOL rdp_read_header(rdpRdp* rdp, wStream* s, UINT16* length, UINT16* channelId)
 	if (!per_read_integer16(s, channelId, 0)) /* channelId */
 		return FALSE;
 
-	const uint8_t byte = Stream_Get_UINT8(s); /* dataPriority + Segmentation (0x70) */
+	const uint8_t dataPriority = Stream_Get_UINT8(s); /* dataPriority + Segmentation (0x70) */
+	WLog_Print(rdp->log, WLOG_TRACE, "dataPriority=%" PRIu8, dataPriority);
 
 	if (!per_read_length(s, length)) /* userData (OCTET_STRING) */
 		return FALSE;
@@ -991,27 +992,37 @@ static BOOL rdp_recv_server_set_keyboard_indicators_pdu(rdpRdp* rdp, wStream* s)
 		return FALSE;
 
 	const uint16_t unitId = Stream_Get_UINT16(s); /* unitId (2 bytes) */
+	if (unitId != 0)
+	{
+		WLog_Print(rdp->log, WLOG_WARN,
+		           "[MS-RDPBCGR] 2.2.8.2.1.1 Set Keyboard Indicators PDU Data "
+		           "(TS_SET_KEYBOARD_INDICATORS_PDU)::unitId should be 0, is %" PRIu8,
+		           unitId);
+	}
 	const UINT16 ledFlags = Stream_Get_UINT16(s); /* ledFlags (2 bytes) */
 	return IFCALLRESULT(TRUE, context->update->SetKeyboardIndicators, context, ledFlags);
 }
 
 static BOOL rdp_recv_server_set_keyboard_ime_status_pdu(rdpRdp* rdp, wStream* s)
 {
-	UINT16 unitId = 0;
-	UINT32 imeState = 0;
-	UINT32 imeConvMode = 0;
-
 	if (!rdp || !rdp->input)
 		return FALSE;
 
 	if (!Stream_CheckAndLogRequiredLengthWLog(rdp->log, s, 10))
 		return FALSE;
 
-	Stream_Read_UINT16(s, unitId);      /* unitId (2 bytes) */
-	Stream_Read_UINT32(s, imeState);    /* imeState (4 bytes) */
-	Stream_Read_UINT32(s, imeConvMode); /* imeConvMode (4 bytes) */
-	IFCALL(rdp->update->SetKeyboardImeStatus, rdp->context, unitId, imeState, imeConvMode);
-	return TRUE;
+	const uint16_t unitId = Stream_Get_UINT16(s); /* unitId (2 bytes) */
+	if (unitId != 0)
+	{
+		WLog_Print(rdp->log, WLOG_WARN,
+		           "[MS-RDPBCGR] 2.2.8.2.2.1 Set Keyboard IME Status PDU Data "
+		           "(TS_SET_KEYBOARD_IME_STATUS_PDU)::unitId should be 0, is %" PRIu8,
+		           unitId);
+	}
+	const uint32_t imeState = Stream_Get_UINT32(s);    /* imeState (4 bytes) */
+	const uint32_t imeConvMode = Stream_Get_UINT32(s); /* imeConvMode (4 bytes) */
+	return IFCALLRESULT(TRUE, rdp->update->SetKeyboardImeStatus, rdp->context, unitId, imeState,
+	                    imeConvMode);
 }
 
 static BOOL rdp_recv_set_error_info_data_pdu(rdpRdp* rdp, wStream* s)
diff --git a/libfreerdp/locale/test/TestLocaleKeyboard.c b/libfreerdp/locale/test/TestLocaleKeyboard.c
index 8da784f5d..aff2639d8 100644
--- a/libfreerdp/locale/test/TestLocaleKeyboard.c
+++ b/libfreerdp/locale/test/TestLocaleKeyboard.c
@@ -248,6 +248,7 @@ static DWORD get_random(DWORD offset)
 	return x;
 }
 
+#if defined(WITH_FREERDP_3x_DEPRECATED)
 static BOOL test_scancode_cnv(void)
 {
 	for (DWORD x = 0; x < UINT8_MAX; x++)
@@ -283,6 +284,7 @@ static BOOL test_scancode_cnv(void)
 	}
 	return TRUE;
 }
+#endif
 
 static BOOL test_codepages(void)
 {
@@ -325,6 +327,7 @@ static BOOL test_codepages(void)
 
 static BOOL test_init(void)
 {
+#if defined(WITH_FREERDP_3x_DEPRECATED)
 	const DWORD kbd = freerdp_keyboard_init(0);
 	if (kbd == 0)
 	{
@@ -352,6 +355,7 @@ static BOOL test_init(void)
 	// TODO: Test with valid remap list
 	// TODO: Test with invalid remap list
 	// TODO: Test with defaults != 0
+#endif
 	return TRUE;
 }
 
@@ -382,8 +386,10 @@ int TestLocaleKeyboard(int argc, char* argv[])
 	                 ~(RDP_KEYBOARD_LAYOUT_TYPE_STANDARD | RDP_KEYBOARD_LAYOUT_TYPE_VARIANT |
 	                   RDP_KEYBOARD_LAYOUT_TYPE_IME)))
 		return -1;
+#if defined(WITH_FREERDP_3x_DEPRECATED)
 	if (!test_scancode_cnv())
 		return -1;
+#endif
 	if (!test_codepages())
 		return -1;
 	if (!test_init())
diff --git a/winpr/libwinpr/crypto/test/TestCryptoCipher.c b/winpr/libwinpr/crypto/test/TestCryptoCipher.c
index afa661ddc..9aa0afdc5 100644
--- a/winpr/libwinpr/crypto/test/TestCryptoCipher.c
+++ b/winpr/libwinpr/crypto/test/TestCryptoCipher.c
@@ -23,8 +23,10 @@ static BOOL test_crypto_cipher_aes_128_cbc(BOOL ex)
 	if (ex)
 		ctx = winpr_Cipher_NewEx(WINPR_CIPHER_AES_128_CBC, WINPR_ENCRYPT, key, sizeof(key), iv,
 		                         sizeof(iv));
+#if defined(WITH_FREERDP_3x_DEPRECATED)
 	else
 		ctx = winpr_Cipher_New(WINPR_CIPHER_AES_128_CBC, WINPR_ENCRYPT, key, iv);
+#endif
 	if (!ctx)
 	{
 		(void)fprintf(stderr, "%s: winpr_Cipher_New (encrypt) failed\n", __func__);
@@ -60,10 +62,19 @@ static BOOL test_crypto_cipher_aes_128_cbc(BOOL ex)
 	}
 
 	winpr_Cipher_Free(ctx);
+	ctx = NULL;
 
 	/* decrypt */
 
-	if (!(ctx = winpr_Cipher_New(WINPR_CIPHER_AES_128_CBC, WINPR_DECRYPT, key, iv)))
+	if (ex)
+		ctx = winpr_Cipher_NewEx(WINPR_CIPHER_AES_128_CBC, WINPR_DECRYPT, key, sizeof(key), iv,
+		                         sizeof(iv));
+#if defined(WITH_FREERDP_3x_DEPRECATED)
+	else
+		ctx = winpr_Cipher_New(WINPR_CIPHER_AES_128_CBC, WINPR_DECRYPT, key, iv);
+
+#endif
+	if (!ctx)
 	{
 		(void)fprintf(stderr, "%s: winpr_Cipher_New (decrypt) failed\n", __func__);
 		return FALSE;