From 86f2b1e26ace48006c1b1191ea9229e477562c21 Mon Sep 17 00:00:00 2001 From: akallabeth Date: Thu, 25 Jul 2024 10:50:51 +0200 Subject: [PATCH 1/4] [core,capabilities] skip stream bytes read in substream --- libfreerdp/core/capabilities.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libfreerdp/core/capabilities.c b/libfreerdp/core/capabilities.c index 497830188..f9299ad6d 100644 --- a/libfreerdp/core/capabilities.c +++ b/libfreerdp/core/capabilities.c @@ -3307,7 +3307,9 @@ static BOOL rdp_read_codec_ts_rfx_clnt_caps_container(wStream* s, rdpSettings* s wStream* sub = Stream_StaticConstInit(&sbuffer, Stream_Pointer(s), rfxPropsLength - 4ull); WINPR_ASSERT(sub); - if (!Stream_CheckAndLogRequiredLength(TAG, s, 8)) + Stream_Seek(s, rfxPropsLength - 4ull); + + if (!Stream_CheckAndLogRequiredLength(TAG, sub, 8)) return FALSE; Stream_Read_UINT32(sub, captureFlags); /* captureFlags (4 bytes) */ From 784f9eab24735aa625fb66f454d617d80a8e2fbc Mon Sep 17 00:00:00 2001 From: akallabeth Date: Thu, 25 Jul 2024 10:51:13 +0200 Subject: [PATCH 2/4] [server,proxy] only intercept drdynvc if requested --- server/proxy/pf_channel.c | 1 + server/proxy/pf_server.c | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/server/proxy/pf_channel.c b/server/proxy/pf_channel.c index a8f66c4e7..1d771beeb 100644 --- a/server/proxy/pf_channel.c +++ b/server/proxy/pf_channel.c @@ -291,6 +291,7 @@ static PfChannelResult pf_channel_generic_front_data(proxyData* pdata, BOOL pf_channel_setup_generic(pServerStaticChannelContext* channel) { + WINPR_ASSERT(channel); channel->onBackData = pf_channel_generic_back_data; channel->onFrontData = pf_channel_generic_front_data; return TRUE; diff --git a/server/proxy/pf_server.c b/server/proxy/pf_server.c index 5a4828b2a..1562bb123 100644 --- a/server/proxy/pf_server.c +++ b/server/proxy/pf_server.c @@ -213,7 +213,8 @@ static BOOL pf_server_setup_channels(freerdp_peer* peer) goto fail; } - if (strcmp(cname, DRDYNVC_SVC_CHANNEL_NAME) == 0) + if ((strcmp(cname, DRDYNVC_SVC_CHANNEL_NAME) == 0) && + (channelContext->channelMode == PF_UTILS_CHANNEL_INTERCEPT)) { if (!pf_channel_setup_drdynvc(ps->pdata, channelContext)) { From eaf0bd8a69164bf0625df9624c3a3909e4c0d2ff Mon Sep 17 00:00:00 2001 From: akallabeth Date: Thu, 25 Jul 2024 11:15:52 +0200 Subject: [PATCH 3/4] [server,proxy] automatic intercept for drdynvc * By default no special treatment for drdynvc * If any of the configuration options requires drdynvc intercept do that independently of the intercept/passthrough lists --- server/proxy/pf_context.c | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/server/proxy/pf_context.c b/server/proxy/pf_context.c index 04433d9dc..8c6b107c4 100644 --- a/server/proxy/pf_context.c +++ b/server/proxy/pf_context.c @@ -26,6 +26,7 @@ #include #include +#include #include "pf_client.h" #include "pf_utils.h" @@ -52,6 +53,31 @@ static BOOL ChannelId_Compare(const void* pv1, const void* pv2) return (*v1 == *v2); } +static BOOL dyn_intercept(pServerContext* ps, const char* name) +{ + if (strncmp(DRDYNVC_SVC_CHANNEL_NAME, name, sizeof(DRDYNVC_SVC_CHANNEL_NAME)) != 0) + return FALSE; + + WINPR_ASSERT(ps); + WINPR_ASSERT(ps->pdata); + + const proxyConfig* cfg = ps->pdata->config; + WINPR_ASSERT(cfg); + if (!cfg->GFX) + return TRUE; + if (!cfg->AudioOutput) + return TRUE; + if (!cfg->AudioInput) + return TRUE; + if (!cfg->Multitouch) + return TRUE; + if (!cfg->VideoRedirection) + return TRUE; + if (!cfg->CameraRedirection) + return TRUE; + return FALSE; +} + pServerStaticChannelContext* StaticChannelContext_new(pServerContext* ps, const char* name, UINT32 id) { @@ -77,6 +103,8 @@ pServerStaticChannelContext* StaticChannelContext_new(pServerContext* ps, const &channel) && channel.intercept) ret->channelMode = PF_UTILS_CHANNEL_INTERCEPT; + else if (dyn_intercept(ps, name)) + ret->channelMode = PF_UTILS_CHANNEL_INTERCEPT; else ret->channelMode = pf_utils_get_channel_mode(ps->pdata->config, name); return ret; From 3820858c636827bcb536e44d8da4bdde4ccd2bb1 Mon Sep 17 00:00:00 2001 From: akallabeth Date: Thu, 25 Jul 2024 12:01:46 +0200 Subject: [PATCH 4/4] [server,proxy] discard closed dyn channel data If a dynamic channel does no longer exist or has been closed discard the channel data received from client --- server/proxy/channels/pf_channel_drdynvc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server/proxy/channels/pf_channel_drdynvc.c b/server/proxy/channels/pf_channel_drdynvc.c index 9d8cab905..112d39941 100644 --- a/server/proxy/channels/pf_channel_drdynvc.c +++ b/server/proxy/channels/pf_channel_drdynvc.c @@ -311,9 +311,9 @@ static PfChannelResult DynvcTrackerPeekFn(ChannelStateTracker* tracker, BOOL fir */ dynChannel = (pServerDynamicChannelContext*)HashTable_GetItemValue( dynChannelContext->channels, &dynChannelId); - if (cmd != CREATE_REQUEST_PDU || !isBackData) + if ((cmd != CREATE_REQUEST_PDU) || !isBackData) { - if (!dynChannel) + if (!dynChannel || (dynChannel->openStatus == CHANNEL_OPENSTATE_CLOSED)) { /* we've not found the target channel, so we drop this chunk, plus all the rest of * the packet */