rdesktop is an open source client for Microsoft's RDP protocol

Overview

rdesktop - A Remote Desktop Protocol client

rdesktop is an open source client for Microsoft's RDP protocol. It is known to work with Windows versions ranging from NT 4 Terminal Server to Windows 2012 R2 RDS. rdesktop currently has implemented the RDP version 4 and 5 protocols.

Installation

rdesktop uses a GNU-style build procedure. Typically all that is necessary to install rdesktop is the following:

% ./configure
% make
% make install

The default is to install under /usr/local. This can be changed by adding --prefix= to the configure line.

The smart-card support module uses PCSC-lite. You should use PCSC-lite 1.2.9 or later. To enable smart-card support in the rdesktop add --enable-smartcard to the configure line.

Note for users building from source

If you have retrieved a snapshot of the rdesktop source, you will first need to run ./bootstrap in order to generate the build infrastructure. This is not necessary for release versions of rdesktop.

Usage

Connect to an RDP server with:

% rdesktop server

where server is the name of the Terminal Services machine. If you receive "Connection refused", this probably means that the server does not have Terminal Services enabled, or there is a firewall blocking access.

You can also specify a number of options on the command line. These are listed in the rdesktop manual page (run man rdesktop).

Issues
  • Passing `-a 16` causes wrong colors

    Passing `-a 16` causes wrong colors

    With rdesktop 1.8.3, on two systems, one with a monitor with a resolution of 2560x1440 (AMDGPU graphics driver) and the other HiDPI/4K (3840x2160) monitor Dell U2718Q with Intel graphics, explicitly setting the color depth to 16 bit to get rid of the message below, results in inverted colors.

    WARNING: Remote desktop does not support colour depth 24; falling back to 16

    The resolution doesn’t matter.

    Strangely, when not passing -a 16, the message quoted above suggests that 16 bit color depth is used.

    Good:

    20180104 rdesktop

    Bad (passing -a 16):

    20180104 rdesktop-a-16

    opened by paulmenzel 55
  • Login at RDP Cluster with Session Broker

    Login at RDP Cluster with Session Broker

    I experience a problem when connecting rdesktop 1.8.3 to a RDP cluster with a session broker (DNS round robin). The parameters used are

    rdesktop -d domain cluster-name
    

    The first connection (no session for the connecting user is running on the cluster) is working. After disconnecting the session and reconnecting, the client is entering the session for about a second (we can see the desktop applications) and is then thrown back to the login screen.

    The console output is

    RDP packet #6, (type a)
    [...]
    Redirected to [email protected] session n.
    ERROR: CredSSP: Initialize failed, do you have correct kerberos tgt initialized ?
    Connection established using SSL.
    [...]
    Disconnecting...
    Failed to parse crypt info
    Received licensing PDU (message type 0x01)
    Sending licensing PDU (message type 0x12)
    Received licensing PDU (message type 0xff)
    RDP packet #7, (type 1)
    [...]
    

    When using the Microsoft RDP Client from Windows 8, there is a certificate error displayed after entering the session which can be accepted, then the session is entered. I assume this is the moment where the rdesktop session ends. The same effect happens more clearly when a smartcard login is used. But I couldn't find this inside the rdesktop debug logs.

    As a matter of fact. the connection is working only when the DNS round robin returns the server where the session has been created. The "redirected to" output is always leading to a short login and a session disruption (means back to the login screen).

    The problem seems to be independent from the pcsc lib when using a smartcard or the underlying Linux System since FreeRDP handles this correctly (with and without smartcard redirection).

    Please tell what debug information I can provide if you are interested in fixing this.

    bug 
    opened by MartinOehler 46
  • Add Windows 10 support: add option to send DPI to server as Windows 1…

    Add Windows 10 support: add option to send DPI to server as Windows 1…

    …0 lost the ability to remember remote desktop DPI and add ability to ignore remote mouse cursor as Windows 10 sometimes sends a dumb cursor (not auto-enabled as we can't really detect when we need to do this) #65

    enhancement 
    opened by joshudson 35
  • Mouse Cursor Invisible

    Mouse Cursor Invisible

    I am running RPi 3, and rdesktop 1.8.2, connecting to Windows Server 2012 R2. Upon connection the mouse pointer becomes invisible. The "disable pointer shadow" does not work. I've tried to manually set the pointer to something else and that doesn't work either. It's either always invisible, or it's stuck on the black line text selection cursor.

    I apologize if this has been fixed, but I've tried all the fixes listed and nothing has worked.

    bug 
    opened by bendparker 33
  • High network usage & smartcard issues windows 2012r2 services

    High network usage & smartcard issues windows 2012r2 services

    Hi,

    We have tried latest stable versions rdesktop 1.8.3 with an environment that rdp server and session broker is windows 2012r2.

    1. High network usage with rdesktop We have detected that rdesktop uses a high bandwith (0.5MB) for only one connection, this 10x than a normal traffic. We have sniffed traffic and all traffic is tpkt and continuosly is generating traffic and remote sites can't use this client because uses all WAN traffic
    2. After to add this rdesktop usrs we have detected that two windows services related with smartcard are increasing memory usage, CertPropSvc i ScDeviceEnum, both services increase ram usage more than 8GB RAM for every service!!! Only workaround found, at this moment is restart both services every a few hours...

    I'm not sure if both issues are related but, we have tried with mstsc and freerdp and this error is not reproduced

    Anybody can help?

    Thanks

    update: Not sure if this issue could be related with https://github.com/rdesktop/rdesktop/issues/18

    bug 
    opened by trentasis 28
  • Enhancement: add a switch to NOT provide a password

    Enhancement: add a switch to NOT provide a password

    Hello,

    this is just a proposal. I have a shortcut on my desktop that runs rdesktop and connects to my laptop, which is running windows 10. After commit 1aaafc80c037f57c3742ccb25b279467fcbf58b5 this shortcut broke, since rdesktop wants a password. I do not wish to write the password in the shortcut and I do not wish to run rdesktop from a terminal. Can we opt out from providing a password? Windows 10 asks me to type it anyway.

    opened by posgnach 22
  • ./configure says that libxcursor are missing, but it's not

    ./configure says that libxcursor are missing, but it's not

    Hi!

    Running ./configure on rdesktop 1.9.0 says that libxcursor is missing, but it's not. What am I missing here?

    Ubuntu 18.04 Mate (i386)

    checking sysexits.h presence... yes
    checking for sysexits.h... yes
    checking for strip... strip
    checking for pkg-config... no
    
    rdesktop requires libXcursor, install the dependency
    
    [email protected]:~/rdesktop-1.9.0# dpkg -l | grep libxcursor
    ii  libxcursor-dev:i386                     1:1.1.15-1                                   i386         X cursor management library (development files)
    ii  libxcursor1:i386                        1:1.1.15-1                                   i386         X cursor management library
    [email protected]:~/rdesktop-1.9.0# 
    

    Thanks!

    opened by enoch85 18
  • "next order pointer would overrun stream" error connecting to Windows Server 2003 R2

    One of our users is reporting the following crash:

    Connection established using SSL.
    Protocol(error): rdp_protocol_error(), process_secondary_order(), next order pointer would overrun stream
    0000 ff ff 18 04 05 10 01 40 01 00 10 59 0d 38 10 01 [email protected]
    0010 cc 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
    0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
    

    [on for pages....]

    This message seems to have come in with the recent security fixes: https://github.com/rdesktop/rdesktop/commit/4dca546d04321a610c1835010b5dad85163b65e1

    bug 
    opened by opoplawski 18
  • No window when the broker redirects to another 2012R2 TSE of a collection using NLA authentification

    No window when the broker redirects to another 2012R2 TSE of a collection using NLA authentification

    I have 3 servers (1 broker 2012r2 & 2 RDS 2012R2 with NLA authentification. (credssp)) When I want reconnect to my session the redirection does not open any window.

    Command line rdesktop serverIp1 -u user -d domain
    my session was previously opened on serverIp2

    if I call rdesktop serverIp2 -u user -d domain
    then no redirection and the desktop opens asking me my password after an error message "incorrect password"

    "kinit user" command line has been done

    bug 
    opened by gilbsfr24 18
  • Replace OpenSSL with GnuTLS Nettle, libtasn1

    Replace OpenSSL with GnuTLS Nettle, libtasn1

    This is a work branch of GnuTLS provided by Alexander's PR #137

    • Added our own tdb cache for storing pubkeys, this solves the issue were several keys for same host was saved upon update of key.

    • Added routine for handling a dialog with a choice input from user which easily could be converted to fl_choice() if wanted..

    opened by hean01-cendio 17
  • Handle insufficient server side buffer for smartcard operations

    Handle insufficient server side buffer for smartcard operations

    We should pay attention to OutputBufferLength of DR_CONTROL_REQ and send STATUS_BUFFER_TOO_SMALL if it's insufficient for returned result.

    Begining ca. 2006 there's was a common belief that we can't transfer more than 448 bytes from smartcard to TS due to "unknown issues on Windows side".

    https://sourceforge.net/p/rdesktop/patches/83/ https://sourceforge.net/p/rdesktop/mailman/message/8331212/ https://bugzilla.redhat.com/show_bug.cgi?id=981954

    At the same time there was at least one report of successful transfer up to 1440 bytes (naturally the person had to increase artificial limit in scard.c from 448 bytes to 1440 bytes).

    https://sourceforge.net/p/rdesktop/mailman/message/26468376/

    I hit this very problem myself recently. The trouble was that one of responses for series of APDUs has length of 4145 bytes. Studying the issues clearly has shown that data transfer is done in full comformance with RDP protocol (section 3.1.5.2.1 in MS-RDPBCGR).

    In DR_CONTROL_REQ description (section 2.2.1.4.5 of MS-RDPEFS) the length of server side output buffer is described as: OutputBufferLength (4 bytes) : A 32-bit unsigned integer that specifies the maximum number of bytes expected in the OutputBuffer field of the Device Control Response (section 2.2.1.5.5).

    But nowhere in smartcard handling part of rdesktop source code I found comparison against this value. Furthermore buffer for result was allocated with additional 4Kb which made such comparison pointless even if it were there.

    If the response length is bigger than OutputBufferLength there's no point to send data at all because the server has not enough space to put the result into. We have to inform the server about this condition by sending DR_CONTROL_RSP with IoStatus equal to STATUS_BUFFER_TOO_SMALL (p.389 in MS-ERREF).

    In response, server sends us the same DR_CONTROL_REQ but with increased OutputBufferLength (actually the server will double the OutputBufferLength each time it receives STATUS_BUFFER_TOO_SMALL from us).

    Compare the following two examples of protocol packet flow:

    Example 1 (w/o this patch):

    1. Trasmit_Call. OutputBufferLength = 2048

    Transmit_Return. data length = 4143 data bytes + 2 SW bytes.

    We don't pay any attention to the fact that OutputBufferLength is actually less than result's length and send the result anyway using multiple (depending on CHANNEL_CHUNK_LENGTH) VC (virtual channel) PDUs according to protocol description (section 3.1.5.2.1 in MS-RDPBCGR).

    SmartCard Manager dies and fails to recognize our card (effectively blocking us from using this card) until we reconnect RDP session.

    Example 2 (with this patch):

    1. Trasmit_Call. OutputBufferLength = 2048

    Transmit_Return. data length = 4143 data bytes + 2 SW bytes. Not enough so we have to send STATUS_BUFFER_TOO_SMALL as IoStatus in DR_CONTROL_RSP.

    1. Same Trasmit_Call but with OutputBufferLength increased to 4096

    Transmit_Return. data length = 4143 data bytes + 2 SW bytes.

    Still not enough so we again have to send STATUS_BUFFER_TOO_SMALL as IoStatus in DR_CONTROL_RSP.

    1. Same Trasmit_Call but with OutputBufferLength increased to 8192

    Transmit_Return. data length = 4143 data bytes + 2 SW bytes. It's now OK to send the actual response data using multiple (depending on CHANNEL_CHUNK_LENGTH) VC (virtual channel) PDUs according to protocol description (section 3.1.5.2.1 in MS-RDPBCGR).

    We can see correct APDU result and are able to continue to communicate with card.

    P.S. A few words about CHANNEL_CHUNK_LENGTH:

    I also added a pair of functions to deal with Virtual Channels Capabilities (2.2.7.1.10 MS-RDPBCGR) though VCChunkSize field described as "optional". IMHO there's no harm to check it in a case the server wants to set it to something different from default 1600 bytes but sure I'm open to the further discussion on this matter.

    Fun fact: I tried to actually increase CHANNEL_CHUNK_SIZE, but after I failed to do so I continued to read just to find out in the next two lines that server doesn't take into account the client wish and it's the server's wish that matters:)

    help wanted tester wanted 
    opened by uglym8 17
  • [FS] Support for “Restricted Admin mode” (no forwarding of domain credentials)

    [FS] Support for “Restricted Admin mode” (no forwarding of domain credentials)

    Microsoft's RDP implementation has a feature called Restricted Admin mode that allows a user “to log on to the server as local administrator, so an attacker cannot act on behalf of the domain user” that is used to authenticate the user. As a result, if the server is compromised, the administrator logging in via this route will not risk their Kerberos (or NTLM) credentials to be stolen. Essentially this disables delegation of credentials, which is very useful if administrator need to rdesktop into a compromised machine.

    On Windows, this feature is enabled with

    reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v DisableRestrictedAdmin /d 0 /t REG_DWORD
    

    on the host, and requested with command-line option

    mstsc.exe /restrictedAdmin
    

    on the client side. The meaning of that option according to \? is

    /restrictedAdmin -- Connects you to the remote PC or server in Restricted Administration mode. In this mode, credentials won't be sent to the remote PC or servetr, which can protect you if you connect to a PC that has been compromised. However, connections made from the remote PC might not be authenticated by other PCs and servers, which might impact app functionality and compatibility. Implies /admin

    I have not yet found an equivalent option for rdesktop 1.9.0 (Ubuntu 20.04).

    Could this be added?

    I suspect that implementing my closely related feature suggestion #401 (Kerberos authentication) may be a prerequisite for this option. For references that might contain the relevant protocol details, see #401.

    opened by mgkuhn 0
  • [FS] Support for “Remote Credential Guard” (aka Kerberos/GSSAPI authentication and delegation)

    [FS] Support for “Remote Credential Guard” (aka Kerberos/GSSAPI authentication and delegation)

    In 2016, Microsoft added a new authentication mode to their remote-desktop implementation, which they call Windows Defender Remote Credential Guard. This allows single-signon authentication via Kerberos, without sending either the user's password nor their NTLM credentials to the host. Instead, a Kerberos ticket is used to authenticate the user on the RDP host, and that time-limited ticket is then also forwarded to the RDP host such that the user can then use from there other servers via delegated Kerberos authentication.

    On Windows this requires:

    • Windows 10, version 1607 or Windows Server 2016 or newer.
    • The host requires a registry attribute set to allow “Restricted Admin connections”, which also enables Kerberos.
    • The host (probably) needs to be be “trusted for Kerberos delegation” in Active Directory

    I was able to use Kerberos authentication and delegation on Windows after enabling it with

    reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v DisableRestrictedAdmin /d 0 /t REG_DWORD
    

    on the host, and requesting it with command-line option

    mstsc.exe /remoteGuard
    

    on the Windows client. I then was able to login without having to provide any password and got a Kerberos ticket at the remote end.

    Unfortunately, rdesktop 1.9.0 (Ubuntu 20.04) does not yet appear to support Kerberos user authentication and delegation. It appears to already be able to use Kerberos to establish a secure tunnel for the connection via CredSSP, but not yet to complete the authentication using a Kerberos ticket.

    Could this be added?

    As I mentioned in #197, this forum thread points at the specification that would have to be implemented:

    In [MS-CSSP], TSCredentials can now have a TSRemoteGuardCreds credential type.

    References:

    opened by mgkuhn 0
  • Cannot consistently connect to my Windows 10 machine

    Cannot consistently connect to my Windows 10 machine

    Update Sorry for already writing an update to the bug, that wasn't even submitted yet. I found the problem. In one of the outputs it said that a size was requested that I didn't enter (it requested 2560x1369 instead of 2560x1370). So when I changed this to the size requested it works. I had similar weird experiences with setting the "geometry" parameter to 80% and 90%, which didn't work, but 70% worked. For me the workaround is enough (at least I hope that the problem won't come back), so not sure if someone would like to fix this.

    Describe the bug I've been having this problem for a couple of months now. Then I did an update to the current rdesktop version and it initially worked, but after a couple of days I had the same problem. When I just turned on my Windows 10 machine and try to login I almost always get the message "disconnect: Logout initiated by user" (looks just like here: https://github.com/rdesktop/rdesktop/issues/358) When I'm already logged in the connection sometimes works after 5+ tries, after which I can just continue using it without problems. If it doesn't work, I get the message "disconnect: Unknown reason". The connection works without problems using FreeRDP, however, I'd really like to continue using rdesktop as the keyboard handling works flawlessly for me.

    Reproduction Steps Try to connect via: `rdesktop -u -p<password -g 2560x1370

    Expected behavior Connection is successful

    Important Information:

    • rdesktop Version (*): 1.9.0
    • Client OS (*): Gentoo
    • Server OS: Windows 10

    Checklist

    • [x] This bug prevents me from using rdesktop
    • [ ] This bug is a security issue
    • [x] This bug causes a bad experience with rdesktop
    • [x] I have supplied all possible sections of the bug report template

    Additional Information Output:

    `is_wm_active(): WM name: Xfwm
    Connecting to server using NLA...
    Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
    TLS  Session info: (TLS1.0)-(RSA)-(AES-256-CBC)-(SHA1)
    
    Failed to initialize NLA, do you have correct Kerberos TGT initialized ?
    Failed to connect using NLA, trying with SSL
    Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
    TLS  Session info: (TLS1.0)-(RSA)-(AES-256-CBC)-(SHA1)
    
    Connection established using SSL.
    Remote desktop does not support colour depth 24; falling back to 32
    Connection successful
    Clipboard(error): xclip_handle_SelectionNotify(), unable to find a textual target to satisfy RDP clipboard text request
    Established dynamic virtual channel 'Microsoft::Windows::RDS::DisplayControl'
    Window resize detected, requesting matching session size 2560x1369
    Protocol(warning): process_pdu_logon(), Unhandled login infotype 1
    Disconnecting...
    disconnect: Unknown reason.
    

    With Clipboard off (-r clipboard:off):

    s_wm_active(): WM name: Xfwm
    Connecting to server using NLA...
    Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
    TLS  Session info: (TLS1.2)-(RSA)-(AES-256-GCM)
    
    Failed to initialize NLA, do you have correct Kerberos TGT initialized ?
    Failed to connect using NLA, trying with SSL
    Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
    TLS  Session info: (TLS1.2)-(RSA)-(AES-256-GCM)
    
    Connection established using SSL.
    Remote desktop does not support colour depth 24; falling back to 32
    Connection successful
    Established dynamic virtual channel 'Microsoft::Windows::RDS::DisplayControl'
    Window resize detected, requesting matching session size 2560x1369
    Protocol(warning): process_pdu_logon(), Unhandled login infotype 1
    Protocol(warning): process_data_pdu(), unhandled data PDU type 41
    Disconnecting...
    X Error of failed request:  BadAtom (invalid Atom parameter)
      Major opcode of failed request:  23 (X_GetSelectionOwner)
      Atom id in failed request:  0x0
      Serial number of failed request:  754
      Current serial number in output stream:  754
    

    Sometimes it's also stuck like that:

    s_wm_active(): WM name: Xfwm
    Connecting to server using NLA...
    Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
    TLS  Session info: (TLS1.2)-(RSA)-(AES-256-GCM)
    
    Failed to initialize NLA, do you have correct Kerberos TGT initialized ?
    Failed to connect using NLA, trying with SSL
    Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
    TLS  Session info: (TLS1.2)-(RSA)-(AES-256-GCM)
    
    Connection established using SSL.
    Remote desktop does not support colour depth 24; falling back to 32
    Connection successful
    Protocol(warning): process_pdu_logon(), Unhandled login infotype 1
    Window resize detected, reconnecting to new size 2560x1369
    Disconnecting...
    Resize reconnect loop triggered, new size 2560x1369
    Connecting to server using NLA...
    Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
    TLS  Session info: (TLS1.2)-(RSA)-(AES-256-GCM)
    
    Failed to initialize NLA, do you have correct Kerberos TGT initialized ?
    Failed to connect using NLA, trying with SSL
    Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate.
    TLS  Session info: (TLS1.2)-(RSA)-(AES-256-GCM)
    
    Connection established using SSL.
    Connecting to server using NLA...
    Core(error): tcp_recv(), gnutls_record_recv() failed with -110: The TLS connection was non-properly terminated.
    
    Connecting to server using NLA...
    Core(error): tcp_send(), gnutls_record_send() failed with -10: The specified session has been invalidated for some reason.
    
    Connecting to server using NLA...
    Core(error): tcp_send(), gnutls_record_send() failed with -10: The specified session has been invalidated for some reason.
    
    Connecting to server using NLA...
    Core(error): tcp_send(), gnutls_record_send() failed with -10: The specified session has been invalidated for some reason.
    
    opened by Outtay 0
  • when I use params -0 and -s

    when I use params -0 and -s "cmd /k ping 127.0.0.1" ,-s can not running

    Hello. when i use use params -0 and -s "cmd /k ping 127.0.0.1" ,-s can not running ,can you help me please . but I only use -s "cmd /k ping 127.0.0.1" it can work.

    awaiting reply 
    opened by cnxieyang 1
  • floating point exception (divide by zero)

    floating point exception (divide by zero)

    Hi,

    Somehow my RDP server gave a response to rdesktop that caused pz_powm(y, x, exp, mod); (mod) to be 0 presumably, causing a SIGFPE arithmetic exception.

    [#0] 0x7ffff7b5b55a → __gmp_exception()
    [#1] 0x7ffff7b5b58e → __gmp_divide_by_zero()
    [#2] 0x7ffff7b70b0d → __gmpz_powm()
    [#3] 0x555555680280 → rdssl_rsa_encrypt(out=0x5555558b5440 <g_sec_crypted_random> "", in=0x5555559c60a0 <g_client_random> "", len=0x20, modulus_size=0x0, modulus=0x7fffffffd930 "", exponent=0x7fffffffd8a8 "")
    [#4] 0x5555555e12ea → sec_rsa_encrypt(exponent=0x7fffffffd8a8 "", modulus=0x7fffffffd930 "", modulus_size=<optimized out>, len=0x20, in=<optimized out>, out=0x5555558b5440 <g_sec_crypted_random> "")
    [#5] 0x5555555e12ea → sec_process_crypt_info(s=0x5555558b5220 <g_in>)
    [#6] 0x5555555e487c → sec_process_mcs_data(s=0x5555558b5220 <g_in>)
    [#7] 0x5555555dddf7 → mcs_recv_connect_response(mcs_data=0x1fd)
    [#8] 0x5555555dddf7 → mcs_connect_finalize(mcs_data=0x555555c106f0)
    [#9] 0x5555555e8cb3 → sec_connect(server=<optimized out>, username=<optimized out>, domain=0x7fffffffdfe0 "", password=0x5555558b23a0 <g_password> "", reconnect=0x0)
    

    If I break at _gmpz_powm (to see what values are in the registers):

    Breakpoint 1, 0x00007ffff7b70284 in __gmpz_powm () from /usr/lib/x86_64-linux-gnu/libgmp.so.10
    gef➤  reg
    $rax   : 0x00007fffffffd750  →  0x0000000000000004
    $rbx   : 0x0               
    $rcx   : 0x00007fffffffd730  →  0x0000000000000001
    $rdx   : 0x00007fffffffd720  →  0x0000000000000001
    $rsp   : 0x00007fffffffd6d0  →  0x00007fffffffd730  →  0x0000000000000001
    $rbp   : 0x00007fffffffd6d0  →  0x00007fffffffd730  →  0x0000000000000001
    $rsi   : 0x00007fffffffd750  →  0x0000000000000004
    $rdi   : 0x00007fffffffd740  →  0x0000000000000001
    $rip   : 0x00007ffff7b70284  →  <__gmpz_powm+4> push r15
    $r8    : 0x1               
    $r9    : 0x00005555559c60c0  →  0x0000000000000000
    $r10   : 0x0               
    $r11   : 0x00005555559c60c0  →  0x0000000000000000
    $r12   : 0x00007fffffffd720  →  0x0000000000000001
    $r13   : 0x00007fffffffd750  →  0x0000000000000004
    $r14   : 0x00007fffffffd740  →  0x0000000000000001
    $r15   : 0x00005555558b5440  →  0x0000000000000000
    $eflags: [zero carry parity adjust sign trap INTERRUPT direction overflow resume virtualx86 identification]
    $cs: 0x0033 $ss: 0x002b $ds: 0x0000 $es: 0x0000 $fs: 0x0000 $gs: 0x0000 
    

    Doesn't really make sense since the 4th arg (rcx) is 1 not 0. Perhaps _gmpz_powm internally subtracts 1 first or smth?

    If I break at rdssl_rsa_encrypt:

    [#0] 0x555555680150 → rdssl_rsa_encrypt(out=0x5555558b5440 <g_sec_crypted_random> "", in=0x5555559c60a0 <g_client_random> "", len=0x20, modulus_size=0x0, modulus=0x7fffffffd930 "", exponent=0x7fffffffd8a8 "")
    

    modulus is "\0"!

    Is the correct solution here to add a assert(modulus) to prevent undefined behavior? Happy to submit a PR

    opened by Arinerron 0
  • cannot connect from Cent OS 8 to Cent OS 8

    cannot connect from Cent OS 8 to Cent OS 8

    Hello

    I am trying to connect with rdesktop from Cent OS 8 to another Cent OS 8 machine and I see this after runnning the following over an ssh tunnel: rdesktop -k /usr/share/rdesktop/keymaps/es -u $USER localhost:3389 -p $PASSWORD

    You can find below the output I saw: Core(warning): Certificate received from server is NOT trusted by this system, an exception has been added by the user to trust this specific certificate. Connection established using SSL.

    image

    Connection Log connecting to seesman ip 127.0.0.1 port 2250 sesman connect ok sending login info to session manager, please wait ... login failed for display 0

    image

    I think this means rdesktop does not grab the correct password while I type. This might happen due to an incorrect layout but the layout of the keyboard of my local computer is Spanish as I pointed out in "-k /usr/share/rdesktop/keymaps/es"

    Moreover, if I retype the password in the username blank just to check whether the remote computer grabs the correct keys, I can tell it grabs the correct keys because I see the password typed in correctly on the username blank.

    image

    Furthermore, if I retype the user and the password on the corresponding blanks of the login GUI, rdesktop takes me back to the screen displayed below: https://user-images.githubusercontent.com/71354661/142718741-1cbbefd2-f54e-4912-b15d-ab546bedd463.png

    I know my user and password credentials are correct because I can already connect by RDP with Remmina with the same login credentials I use with rdesktop. I just wanted to give rdesktop a try because Remmina does not get the correct layout of my local comoputer on the remote desktop and some keys such as alt or the @ do not work remotely while I user Remmina.

    Do you know how to fix this? Thanks

    discussion awaiting reply 
    opened by jorgekoronis 1
Releases(v1.9.0)
  • v1.9.0(Oct 11, 2019)

    It's been several years since a last major release of rdesktop, but now it's finally time. This means there has been lots and lots of changes, too many to reasonably list here. But these are the main changes included in this release:

    • Use GnuTLS and nettle instead of OpenSSL
    • Improved certificate handling
    • Add support for dynamic resize of sessions
    • Add support for alpha cursors
    • Add PulseAudio support
    • Add Kerberos support on macOS
    • Kerberos support no longer requires libgssglue
    • Remove support for rdesktop's custom microphone extension
    • Several fixes to improve compatibility with modern desktops
    • macOS compatibility fixes
    • Improved handling of redirections
    • Many smart card bug fixes
    • Many disk redirection bug fixes
    • Improved logging
    • Lots of other small bug fixes
    Source code(tar.gz)
    Source code(zip)
    rdesktop-1.9.0.tar.gz(360.33 KB)
  • v1.9.0-beta(Sep 20, 2019)

    It's been several years since a last major release of rdesktop, but now it's finally time. This means there has been lots and lots of changes, too many to reasonably list here. But these are the main changes included in this release:

    • Use GnuTLS and nettle instead of OpenSSL
    • Improved certificate handling
    • Add support for dynamic resize of sessions
    • Add support for alpha cursors
    • Add PulseAudio support
    • Add Kerberos support on macOS
    • Kerberos support no longer requires libgssglue
    • Remove support for rdesktop's custom microphone extension
    • Several fixes to improve compatibility with modern desktops
    • macOS compatibility fixes
    • Improved handling of redirections
    • Many smart card bug fixes
    • Many disk redirection bug fixes
    • Improved logging
    • Lots of other small bug fixes
    Source code(tar.gz)
    Source code(zip)
    rdesktop-1.9.0.tar.gz(360.33 KB)
  • v1.8.6(May 21, 2019)

  • v1.8.5(May 8, 2019)

    This is a security release to address various buffer overflow and overrun issues in the rdesktop protocol handling. rdesktop will now detect any attempts to access invalid areas and refuse to continue. Users are adviced to upgrade as soon as possible.

    A big thank you to Kaspersky Lab and National Cyber Security Centre for identifying these issues.

    Source code(tar.gz)
    Source code(zip)
    rdesktop-1.8.5.tar.gz(314.89 KB)
  • v1.8.4(Jan 2, 2019)

    • Add rdp_protocol_error function that is used in several fixes
    • Refactor of process_bitmap_updates
    • Fix possible integer overflow in s_check_rem() on 32bit arch
    • Fix memory corruption in process_bitmap_data - CVE-2018-8794
    • Fix remote code execution in process_bitmap_data - CVE-2018-8795
    • Fix remote code execution in process_plane - CVE-2018-8797
    • Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175
    • Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175
    • Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176
    • Fix Denial of Service in sec_recv - CVE-2018-20176
    • Fix minor information leak in rdpdr_process - CVE-2018-8791
    • Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792
    • Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793
    • Fix Denial of Service in process_bitmap_data - CVE-2018-8796
    • Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798
    • Fix Denial of Service in process_secondary_order - CVE-2018-8799
    • Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800
    • Fix major information leak in ui_clip_handle_data - CVE-2018-20174
    • Fix memory corruption in rdp_in_unistr - CVE-2018-20177
    • Fix Denial of Service in process_demand_active - CVE-2018-20178
    • Fix remote code execution in lspci_process - CVE-2018-20179
    • Fix remote code execution in rdpsnddbg_process - CVE-2018-20180
    • Fix remote code execution in seamless_process - CVE-2018-20181
    • Fix remote code execution in seamless_process_line - CVE-2018-20182
    • Fix building against OpenSSL 1.1
    Source code(tar.gz)
    Source code(zip)
    rdesktop-1.8.4.tar.gz(313.91 KB)
  • v1.8.3(Aug 17, 2015)

    • Added a persistent mode used with SeamlessRDP
    • Added US international keyboard layout with dead keys
    • Code cleanup to match specifications, use constants defined instead of magic numbers, remove of dead code
    • Fix regression with failed connection and a invalid licensing message, introduced in 1.8.2
    • Fix issue with Non ASCII user / password when using CredSSP
    • Fix issues using smartcard redirection with Windows 2012 R2
    • Fix issue with windows key functionality
    • Fix memory corruption when using rdp_out_unistr()
    • Fix workaround for the lack of support for alpha cursors
    • Fix silent exit when redirected when using CredSSP
    • Fix crash when starting rdesktop without domain specified while using CredSSP
    • Fix issue in SeamlessRDP protocol parser upon reconnect
    • Fix issue were a new SeamlessRDP application is respawned upon a reconnection
    Source code(tar.gz)
    Source code(zip)
    rdesktop-1.8.3.tar.gz(311.87 KB)
  • v1.8.2(Aug 17, 2015)

    • Support enhanced server redirection (Session broker 2012)
    • Support License Error Alert PDU
    • Changed default driver for printer redirection
    • Fix CredSSP login using non-ASCII username/password
    • Fix double login prompt bug with Win2008 server redirection
    • Fix keysym collisions
    • Fix mouse cursor with 2012 R2
    • Fix local drive redirection with Win8 / Win2012
    • Fix issue with mouse cursor hotspot
    • Fix issue with mouse / keyboard against VirtualBox RDP
    • Fix uncomplete czech keymap
    • Fix error in dutch keymap
    Source code(tar.gz)
    Source code(zip)
  • v1.8.1(Aug 17, 2015)

    • Fix a typo in configure.ac
    • Fix a bug which made rdesktop steal CPU cycles.
    • Fix issue with reconnect, make use of deactivate variable
    • Added 4 new disconnect reasons with exit codes
    • Fix issues of window handling in SeamlessRDP parts of rdesktop
    • Fix a backward compability with OpenSSL < 0.9.9
    • Fix a bug when code needs a x window available but there are none.
    • Fix a sigsegv zeroing memory
    • Fix a 64bit portability issue
    Source code(tar.gz)
    Source code(zip)
  • v1.8.0(Aug 17, 2015)

    • Support for protocol negotiation eg. SSL/TLSv1 and CredSSP
    • Support for CredSSP + Kerberos authentication (NLA)
    • Support for smart card single-sign-on
    • Support passing smart card pin as password as argument
    • Added IPC for controlling a master rdesktop process
    • Support for connection sharing when using SeamlessRDP
    • Improved handling of network connection failures
    • Autoreconnect using the connection cookie at network failure
    • Fix a few smart card issues
    • Fix bug with mouse scroll handling
    • Fix for left/right braces in Italian keymap
    • Fix crash and memory leak in local drive redirection
    • Fixes issues with license files loading/saving
    Source code(tar.gz)
    Source code(zip)
  • v1.7.1(Aug 17, 2015)

    • Fix clipboard issue when not building with unicode support
    • Fix compilation against newer PCSC lite versions
    • Fix for per-device license mode on Windows 2008 R2 terminal server
    • Fix building 64bit version with static openssl linkage
    • Rewrite of smartcard handling for 64bit support, fixes several bugs
    • Improved license handling using XDG directories
    Source code(tar.gz)
    Source code(zip)
  • v1.7.0(Aug 17, 2015)

    • Security: Directory traversal vulnerability with disk redirection (disallow /.. requests)
    • New maintainer: Peter Åstrand [email protected]
    • Brush cache support
    • Removed the hardcoded limit of the username length
    • Increased domain name length to 255 chars
    • Improved compatibility with PulseAudio/padsp
    • Cleaned up and documented the return values
    • Keyboard fix: avoid stuck keys in certain cases
    • Support for new pointers
    • License has been changed to GPLv3
    • EWMH fixes for 64-bit machines
    • RandR support: automatically resize session if using relative screen size
    • Improved support for Windows 2008 Session Broker
    • Japanese keyboard map has been improved
    • New keyboard map: fr-bepo
    • Many stability fixes regarding smart card redirection
    • Windows 2008 R2 / 7: Fix sound playback when not using other redirections
    • Windows 2008 R2 / 7: Solve disk redirection read-only issues
    • Windows 2008 R2 / 7: Solve issue with recursive deletion
    • Avoid exit when printing, if lpr command terminates early
    Source code(tar.gz)
    Source code(zip)
  • v1.6.0(Aug 17, 2015)

    • Fix for crash with recent versions of X.Org
    • Fix for potential vulnerability against compromised/malicious servers (reported by iDefense)
    • Fix for Windows 2008 Server
    • ALSA driver added
    • Sound drivers can now be selected at runtime
    • Smartcard support (Alexi Volkov [email protected])
    • Send physical mouse buttons rather than logical ones
    Source code(tar.gz)
    Source code(zip)
Owner
Unix client for Microsoft Remote Desktop Services
null
Linux Terminal Service Manager (LTSM) is a set of service programs that allows remote computers to connect to a Linux operating system computer using a remote terminal session (over VNC or RDP)

Linux Terminal Service Manager (LTSM) is a set of service programs that allows remote computers to connect to a Linux operating system computer using a remote terminal session (over VNC)

null 14 Jan 5, 2022
Enable RDP and set firewall by Windows API.

fast-enable-rdp This toool Enable RDP and set firewall by Windows API. How to use? enablerdp.exe -- this help enablerdp.exe any --

YangHaoi 4 May 30, 2022
Eclipse Paho C Client Library for the MQTT Protocol

Eclipse Paho C Client Library for the MQTT Protocol This repository contains the source code for the Eclipse Paho MQTT C client library. This code bui

null 2 Apr 27, 2022
mvfst is a client and server implementation of IETF QUIC protocol in C++ by Facebook.

mvfst (Pronounced move fast) is a client and server implementation of IETF QUIC protocol in C++ by Facebook.

Meta Incubator 1.1k Jul 1, 2022
Multi-protocol Port Mapping client library

libplum - Multi-protocol Port Mapping client library libplum (Port Lightweight and Universal Mapping) is a library allowing to forward ports on Networ

Paul-Louis Ageneau 14 Jun 18, 2022
A protocol for secure client/server connections over UDP

netcode netcode is a simple connection based client/server protocol built on top of UDP. It has the following features: Encrypted and signed packets S

The Network Protocol Company 2.2k Jun 26, 2022
A protocol for secure client/server connections over UDP

netcode netcode is a simple connection based client/server protocol built on top of UDP. It has the following features: Encrypted and signed packets S

The Network Protocol Company 2.2k Jun 26, 2022
C and C++ client for QuestDB Input Line Protocol over TCP

c-questdb-client QuestDB - InfluxDB Line Protocol - Ingestion Client Library for C and C++ This library makes it easy to insert data into QuestDB. Thi

QuestDB 13 Jun 2, 2022
A virtual network Differential GNSS server-client project using Precise Point Positioning (PPP). Global coverage. Without physical base station construction needed. An open-source virtual base station approach.

Virtual-Network-DGNSS-Project This project is the software implementation for a publicly available, open-source, client/server VN-DGNSS implementation

null 10 May 20, 2022
aria2 is a lightweight multi-protocol & multi-source, cross platform download utility operated in command-line.

aria2 is a lightweight multi-protocol & multi-source, cross platform download utility operated in command-line. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink.

aria2 26.7k Jun 22, 2022
Triton Python and C++ client libraries and example, and client examples for go, java and scala.

Triton Client Libraries and Examples To simplify communication with Triton, the Triton project provides several client libraries and examples of how t

Triton Inference Server 141 Jun 24, 2022
VEngine-Client - vEngine: Official Client Module

━ S Y N O P S I S ━ Maintainer(s): Aviril, Tron vEngine is Next-Gen Sandbox-Engine being crafted in C++. In contrast to UE/Unity/ReverseEngineered-Mod

ᴠ : ꜱᴛᴜᴅɪᴏ 13 Apr 13, 2022
Pyth-client - client API for on-chain pyth programs

pyth-client client API for on-chain pyth programs Build Instructions # depends on openssl apt install libssl-dev # depends on libz apt install zlib1g

Pyth Network 99 Jun 24, 2022
Webdav-client-cpp - C++ WebDAV Client provides easy and convenient to work with WebDAV-servers.

WebDAV Client Package WebDAV Client provides easy and convenient to work with WebDAV-servers: Yandex.Disk Dropbox Google Drive Box 4shared ownCloud ..

Cloud Polis 100 Apr 13, 2022
This repository provides a C++ client SDK for Unleash that meets the Unleash Client Specifications.

Unleash Client SDK for C++ This repository provides a C++ client SDK for Unleash that meets the Unleash Client Specifications. Features The below tabl

Antonio Ruiz 4 Jan 30, 2022
Mongoose Embedded Web Server Library - a multi-protocol embedded networking library with TCP/UDP, HTTP, WebSocket, MQTT built-in protocols, async DNS resolver, and non-blocking API.

Mongoose - Embedded Web Server / Embedded Networking Library Mongoose is a networking library for C/C++. It implements event-driven non-blocking APIs

Cesanta Software 8.5k Jun 29, 2022
:zap: KCP - A Fast and Reliable ARQ Protocol

KCP - A Fast and Reliable ARQ Protocol README in English 简介 KCP是一个快速可靠协议,能以比 TCP 浪费 10%-20% 的带宽的代价,换取平均延迟降低 30%-40%,且最大延迟降低三倍的传输效果。纯算法实现,并不负责底层协议(如UDP

Linwei 11.3k Jun 22, 2022
FreeRDP is a free remote desktop protocol library and clients

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Enjoy the freedom of using your software wherever you want, the way you want it, in a world where interoperability can finally liberate your computing experience.

null 7k Jun 27, 2022
Lightway Core is a modern VPN protocol by ExpressVPN, to deliver a VPN experience that’s faster, more secure, and more reliable.

Lightway Core NOTE: This is a preview snapshot of the Lightway repository used for both our client and server. We will be publishing a live, actively

ExpressVPN 22 Feb 17, 2022