in src/protocols/rdp/settings.c [1414:1652]
void guac_rdp_push_settings(guac_client* client,
guac_rdp_settings* guac_settings, freerdp* rdp) {
rdpSettings* rdp_settings = rdp->settings;
/* Authentication */
rdp_settings->Domain = guac_strdup(guac_settings->domain);
rdp_settings->Username = guac_strdup(guac_settings->username);
rdp_settings->Password = guac_strdup(guac_settings->password);
/* Connection */
rdp_settings->ServerHostname = guac_strdup(guac_settings->hostname);
rdp_settings->ServerPort = guac_settings->port;
/* Session */
rdp_settings->ColorDepth = guac_settings->color_depth;
rdp_settings->DesktopWidth = guac_settings->width;
rdp_settings->DesktopHeight = guac_settings->height;
rdp_settings->AlternateShell = guac_strdup(guac_settings->initial_program);
rdp_settings->KeyboardLayout = guac_settings->server_layout->freerdp_keyboard_layout;
/* Performance flags */
/* Explicitly set flag value */
rdp_settings->PerformanceFlags = guac_rdp_get_performance_flags(guac_settings);
/* Always request frame markers */
rdp_settings->FrameMarkerCommandEnabled = TRUE;
rdp_settings->SurfaceFrameMarkerEnabled = TRUE;
/* Enable RemoteFX / Graphics Pipeline */
if (guac_settings->enable_gfx) {
rdp_settings->SupportGraphicsPipeline = TRUE;
rdp_settings->RemoteFxCodec = TRUE;
if (rdp_settings->ColorDepth != RDP_GFX_REQUIRED_DEPTH) {
guac_client_log(client, GUAC_LOG_WARNING, "Ignoring requested "
"color depth of %i bpp, as the RDP Graphics Pipeline "
"requires %i bpp.", rdp_settings->ColorDepth, RDP_GFX_REQUIRED_DEPTH);
}
/* Required for RemoteFX / Graphics Pipeline */
rdp_settings->FastPathOutput = TRUE;
rdp_settings->ColorDepth = RDP_GFX_REQUIRED_DEPTH;
rdp_settings->SoftwareGdi = TRUE;
}
/* Set individual flags - some FreeRDP versions overwrite the above */
rdp_settings->AllowFontSmoothing = guac_settings->font_smoothing_enabled;
rdp_settings->DisableWallpaper = !guac_settings->wallpaper_enabled;
rdp_settings->DisableFullWindowDrag = !guac_settings->full_window_drag_enabled;
rdp_settings->DisableMenuAnims = !guac_settings->menu_animations_enabled;
rdp_settings->DisableThemes = !guac_settings->theming_enabled;
rdp_settings->AllowDesktopComposition = guac_settings->desktop_composition_enabled;
/* Client name */
if (guac_settings->client_name != NULL) {
guac_strlcpy(rdp_settings->ClientHostname, guac_settings->client_name,
RDP_CLIENT_HOSTNAME_SIZE);
}
/* Console */
rdp_settings->ConsoleSession = guac_settings->console;
rdp_settings->RemoteConsoleAudio = guac_settings->console_audio;
/* Audio */
rdp_settings->AudioPlayback = guac_settings->audio_enabled;
/* Audio capture */
rdp_settings->AudioCapture = guac_settings->enable_audio_input;
/* Display Update channel */
rdp_settings->SupportDisplayControl =
(guac_settings->resize_method == GUAC_RESIZE_DISPLAY_UPDATE);
/* Timezone redirection */
if (guac_settings->timezone) {
if (setenv("TZ", guac_settings->timezone, 1)) {
guac_client_log(client, GUAC_LOG_WARNING,
"Unable to forward timezone: TZ environment variable "
"could not be set: %s", strerror(errno));
}
}
/* Device redirection */
rdp_settings->DeviceRedirection = guac_settings->audio_enabled
|| guac_settings->drive_enabled
|| guac_settings->printing_enabled;
/* Security */
switch (guac_settings->security_mode) {
/* Legacy RDP encryption */
case GUAC_SECURITY_RDP:
rdp_settings->RdpSecurity = TRUE;
rdp_settings->TlsSecurity = FALSE;
rdp_settings->NlaSecurity = FALSE;
rdp_settings->ExtSecurity = FALSE;
rdp_settings->UseRdpSecurityLayer = TRUE;
rdp_settings->EncryptionLevel = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE;
rdp_settings->EncryptionMethods =
ENCRYPTION_METHOD_40BIT
| ENCRYPTION_METHOD_128BIT
| ENCRYPTION_METHOD_FIPS;
break;
/* TLS encryption */
case GUAC_SECURITY_TLS:
rdp_settings->RdpSecurity = FALSE;
rdp_settings->TlsSecurity = TRUE;
rdp_settings->NlaSecurity = FALSE;
rdp_settings->ExtSecurity = FALSE;
break;
/* Network level authentication */
case GUAC_SECURITY_NLA:
rdp_settings->RdpSecurity = FALSE;
rdp_settings->TlsSecurity = FALSE;
rdp_settings->NlaSecurity = TRUE;
rdp_settings->ExtSecurity = FALSE;
break;
/* Extended network level authentication */
case GUAC_SECURITY_EXTENDED_NLA:
rdp_settings->RdpSecurity = FALSE;
rdp_settings->TlsSecurity = FALSE;
rdp_settings->NlaSecurity = FALSE;
rdp_settings->ExtSecurity = TRUE;
break;
/* Hyper-V "VMConnect" negotiation mode */
case GUAC_SECURITY_VMCONNECT:
rdp_settings->RdpSecurity = FALSE;
rdp_settings->TlsSecurity = TRUE;
rdp_settings->NlaSecurity = TRUE;
rdp_settings->ExtSecurity = FALSE;
rdp_settings->VmConnectMode = TRUE;
break;
/* All security types */
case GUAC_SECURITY_ANY:
rdp_settings->RdpSecurity = TRUE;
rdp_settings->TlsSecurity = TRUE;
/* Explicitly disable NLA if FIPS mode is enabled - it won't work */
if (guac_fips_enabled()) {
guac_client_log(client, GUAC_LOG_INFO,
"FIPS mode is enabled. Excluding NLA security mode from security negotiation "
"(see: https://github.com/FreeRDP/FreeRDP/issues/3412).");
rdp_settings->NlaSecurity = FALSE;
}
/* NLA mode is allowed if FIPS is not enabled */
else
rdp_settings->NlaSecurity = TRUE;
rdp_settings->ExtSecurity = FALSE;
break;
}
/* Authentication */
rdp_settings->Authentication = !guac_settings->disable_authentication;
rdp_settings->IgnoreCertificate = guac_settings->ignore_certificate;
/* RemoteApp */
if (guac_settings->remote_app != NULL) {
rdp_settings->Workarea = TRUE;
rdp_settings->RemoteApplicationMode = TRUE;
rdp_settings->RemoteAppLanguageBarSupported = TRUE;
rdp_settings->RemoteApplicationProgram = guac_strdup(guac_settings->remote_app);
rdp_settings->ShellWorkingDirectory = guac_strdup(guac_settings->remote_app_dir);
rdp_settings->RemoteApplicationCmdLine = guac_strdup(guac_settings->remote_app_args);
}
/* Preconnection ID */
if (guac_settings->preconnection_id != -1) {
rdp_settings->NegotiateSecurityLayer = FALSE;
rdp_settings->SendPreconnectionPdu = TRUE;
rdp_settings->PreconnectionId = guac_settings->preconnection_id;
}
/* Preconnection BLOB */
if (guac_settings->preconnection_blob != NULL) {
rdp_settings->NegotiateSecurityLayer = FALSE;
rdp_settings->SendPreconnectionPdu = TRUE;
rdp_settings->PreconnectionBlob = guac_strdup(guac_settings->preconnection_blob);
}
/* Enable use of RD gateway if a gateway hostname is provided */
if (guac_settings->gateway_hostname != NULL) {
/* Enable RD gateway */
rdp_settings->GatewayEnabled = TRUE;
/* RD gateway connection details */
rdp_settings->GatewayHostname = guac_strdup(guac_settings->gateway_hostname);
rdp_settings->GatewayPort = guac_settings->gateway_port;
/* RD gateway credentials */
rdp_settings->GatewayUseSameCredentials = FALSE;
rdp_settings->GatewayDomain = guac_strdup(guac_settings->gateway_domain);
rdp_settings->GatewayUsername = guac_strdup(guac_settings->gateway_username);
rdp_settings->GatewayPassword = guac_strdup(guac_settings->gateway_password);
}
/* Store load balance info (and calculate length) if provided */
if (guac_settings->load_balance_info != NULL) {
rdp_settings->LoadBalanceInfo = (BYTE*) guac_strdup(guac_settings->load_balance_info);
rdp_settings->LoadBalanceInfoLength = strlen(guac_settings->load_balance_info);
}
rdp_settings->BitmapCacheEnabled = !guac_settings->disable_bitmap_caching;
rdp_settings->OffscreenSupportLevel = !guac_settings->disable_offscreen_caching;
rdp_settings->GlyphSupportLevel = !guac_settings->disable_glyph_caching ? GLYPH_SUPPORT_FULL : GLYPH_SUPPORT_NONE;
rdp_settings->OsMajorType = OSMAJORTYPE_UNSPECIFIED;
rdp_settings->OsMinorType = OSMINORTYPE_UNSPECIFIED;
rdp_settings->DesktopResize = TRUE;
/* Claim support only for specific updates, independent of FreeRDP defaults */
ZeroMemory(rdp_settings->OrderSupport, GUAC_RDP_ORDER_SUPPORT_LENGTH);
rdp_settings->OrderSupport[NEG_DSTBLT_INDEX] = TRUE;
rdp_settings->OrderSupport[NEG_SCRBLT_INDEX] = TRUE;
rdp_settings->OrderSupport[NEG_MEMBLT_INDEX] = !guac_settings->disable_bitmap_caching;
rdp_settings->OrderSupport[NEG_MEMBLT_V2_INDEX] = !guac_settings->disable_bitmap_caching;
rdp_settings->OrderSupport[NEG_GLYPH_INDEX_INDEX] = !guac_settings->disable_glyph_caching;
rdp_settings->OrderSupport[NEG_FAST_INDEX_INDEX] = !guac_settings->disable_glyph_caching;
rdp_settings->OrderSupport[NEG_FAST_GLYPH_INDEX] = !guac_settings->disable_glyph_caching;
#ifdef HAVE_RDPSETTINGS_ALLOWUNANOUNCEDORDERSFROMSERVER
/* Do not consider server use of unannounced orders to be a fatal error */
rdp_settings->AllowUnanouncedOrdersFromServer = TRUE;
#endif
}