We do not release test anything except OpenSSL, so mark these
implementations experimental as they might break at any time and are
dependent on external contributions to keep them working.
Before this patch we had a behavior where there was a credit of 8 samples that
could be sent to the server with no corresponding sample request. So in the right
conditions, we were having situations where the server was receiving samples that
it has not requested, and so it was dropping them. The visible effect was small
artifacts in the camera stream when i-frames where dropped, and more serious ones
when the dropped content was containing key frames.
This issue has also been reported when xfreerdp connects on g-r-d as #11990.
This patch reworks the frame grabbing workflow: when the frame grabbing thread calls
the sample callback we check if a sample is already pending, waiting to be sent to the
server. If that's the case and the camera's input format supports frame dropping we just
refresh the pending frame with the new one. If the input format can't drop frames (like
with h264 and mjpg) we wait until the current pending frame is sent.
So now frames can be sent either when we receive a sample request from the server,
or when the sample callback is invoked.
This patch adds the handling of basic NTLM commands. Because there's some mysterious
4 zero bytes after pickle header in Kerberos packets, not present in NTLM commands, the
patch also had to rework a bit the packet parsing / forging.
The patch also addresses a server-side bug when parsing supplemental creds, if the client
was sending an empty list, we were considering this as an error.
And finally we also implement the parsing of MSV1_0_REMOTE_SUPPLEMENTAL_CREDENTIAL.
This breaks the public API, anyway this was basically unused (as not parsed before) and
the previous API was wrong as what we receive is MSV1_0_REMOTE_SUPPLEMENTAL_CREDENTIAL
not MSV1_0_SUPPLEMENTAL_CREDENTIAL, so I guess the API breakage is ok.
If a TYPE_RDP_NEG_FAILURE message is received, evaluate the failure code
and disable all modes except the one requested. This eliminates
unnecessary connection attempts with security modes not enabled.
