From: SourceForge.net <no...@so...> - 2011-10-26 09:50:20
|
Bugs item #3428380, was opened at 2011-10-25 22:21 Message generated for change (Comment added) made by m_etscheid You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Open Resolution: None >Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) >Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- >Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 11:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2011-10-26 10:54:09
|
Bugs item #3428380, was opened at 2011-10-25 22:21 Message generated for change (Comment added) made by astrand You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Open Resolution: None Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- >Comment By: Peter Åstrand (astrand) Date: 2011-10-26 12:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 11:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2011-10-26 11:26:30
|
Bugs item #3428380, was opened at 2011-10-25 22:21 Message generated for change (Comment added) made by m_etscheid You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 >Status: Closed Resolution: None Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- >Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 13:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 12:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 11:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2011-10-26 11:33:22
|
Bugs item #3428380, was opened at 2011-10-25 22:21 Message generated for change (Settings changed) made by astrand You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Closed >Resolution: Fixed Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 13:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 12:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 11:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2011-10-29 02:21:40
|
Bugs item #3428380, was opened at 2011-10-25 20:21 Message generated for change (Comment added) made by You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Closed Resolution: Fixed Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- Comment By: https://www.google.com/accounts () Date: 2011-10-29 02:21 Message: I haven't tried r1639 from svn yet, but I suspect it will not work in my case. The problem I have is that the redirect is coming with a 120 byte cookie instead of a password, so the iconv() on it fails because it's not a unicode string. It's just binary. To be clear, I'm sure the username will remain intact after a Broker redurect, but the password will not, so even though a user has entered the correct password they will have to enter it again if they are redirected to a different server. This redirection without re-entering your password feature works correctly in Mac and Windows RDP clients (or so I am told). I'm going to work on a patch, but my C skills are super rusty so I'm offering this comment in case someone is inspired to come up with a fix faster than I can. I'm also not sure if this bug should be re-opened or if I should open a separate bug for the "password not kept" behavior. I kinda lump it all together in my head as "redirect data not kept intact between receipt and re-connection." ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 11:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 10:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 09:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2011-10-29 02:29:05
|
Bugs item #3428380, was opened at 2011-10-25 13:21 Message generated for change (Comment added) made by You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Closed Resolution: Fixed Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:29 Message: Sorry, I left out some information. The systems I'm connecting to are setting the flags such that the password field has a length of 120 bytes and is definitely not unicode (I get an EINVAL from iconv()). I also saw at the RDP protocol docs that the password field could also be a cookie (http://msdn.microsoft.com/en-us/library/ee443575(v=PROT.10).aspx). The relevant portion of the protocol text is below the packet diagram and says, "Password (variable): A variable-length array of bytes containing the password used by the user in Unicode format, including a null-terminator or a cookie value that MUST be passed to the target server on successful connection." I think it's the "or a cookie value" portion that is messing stuff up for me. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:21 Message: I haven't tried r1639 from svn yet, but I suspect it will not work in my case. The problem I have is that the redirect is coming with a 120 byte cookie instead of a password, so the iconv() on it fails because it's not a unicode string. It's just binary. To be clear, I'm sure the username will remain intact after a Broker redurect, but the password will not, so even though a user has entered the correct password they will have to enter it again if they are redirected to a different server. This redirection without re-entering your password feature works correctly in Mac and Windows RDP clients (or so I am told). I'm going to work on a patch, but my C skills are super rusty so I'm offering this comment in case someone is inspired to come up with a fix faster than I can. I'm also not sure if this bug should be re-opened or if I should open a separate bug for the "password not kept" behavior. I kinda lump it all together in my head as "redirect data not kept intact between receipt and re-connection." ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 04:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 03:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 02:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2011-10-29 17:43:30
|
Bugs item #3428380, was opened at 2011-10-25 13:21 Message generated for change (Comment added) made by You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Closed Resolution: Fixed Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-29 10:43 Message: I tested r1639 and confirmed it does not address the password handling. The result is that a user is prompted for their password again if they are redirected after logging in. From reading the protocol docs, I think the redirect may need to be handled as a re-connect rather than a re-auth? I also get the feeling that I'm in way over my head and should wait to hear from someone with experience with this stuff. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:29 Message: Sorry, I left out some information. The systems I'm connecting to are setting the flags such that the password field has a length of 120 bytes and is definitely not unicode (I get an EINVAL from iconv()). I also saw at the RDP protocol docs that the password field could also be a cookie (http://msdn.microsoft.com/en-us/library/ee443575(v=PROT.10).aspx). The relevant portion of the protocol text is below the packet diagram and says, "Password (variable): A variable-length array of bytes containing the password used by the user in Unicode format, including a null-terminator or a cookie value that MUST be passed to the target server on successful connection." I think it's the "or a cookie value" portion that is messing stuff up for me. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:21 Message: I haven't tried r1639 from svn yet, but I suspect it will not work in my case. The problem I have is that the redirect is coming with a 120 byte cookie instead of a password, so the iconv() on it fails because it's not a unicode string. It's just binary. To be clear, I'm sure the username will remain intact after a Broker redurect, but the password will not, so even though a user has entered the correct password they will have to enter it again if they are redirected to a different server. This redirection without re-entering your password feature works correctly in Mac and Windows RDP clients (or so I am told). I'm going to work on a patch, but my C skills are super rusty so I'm offering this comment in case someone is inspired to come up with a fix faster than I can. I'm also not sure if this bug should be re-opened or if I should open a separate bug for the "password not kept" behavior. I kinda lump it all together in my head as "redirect data not kept intact between receipt and re-connection." ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 04:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 03:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 02:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2011-10-31 07:40:19
|
Bugs item #3428380, was opened at 2011-10-25 22:21 Message generated for change (Comment added) made by astrand You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Closed Resolution: Fixed Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- >Comment By: Peter Åstrand (astrand) Date: 2011-10-31 08:40 Message: Unfortunately it seems like a few people have experience in this area. Your comments are very useful. If it is really iconv that is the problem, it should work if you build rdesktop without iconv support. You can do this by editing the Makefile after running configure. Replace HAVE_ICONV_H and HAVE_ICONV with anything (suggesting adding an X as a prefix). ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-29 19:43 Message: I tested r1639 and confirmed it does not address the password handling. The result is that a user is prompted for their password again if they are redirected after logging in. From reading the protocol docs, I think the redirect may need to be handled as a re-connect rather than a re-auth? I also get the feeling that I'm in way over my head and should wait to hear from someone with experience with this stuff. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-29 04:29 Message: Sorry, I left out some information. The systems I'm connecting to are setting the flags such that the password field has a length of 120 bytes and is definitely not unicode (I get an EINVAL from iconv()). I also saw at the RDP protocol docs that the password field could also be a cookie (http://msdn.microsoft.com/en-us/library/ee443575(v=PROT.10).aspx). The relevant portion of the protocol text is below the packet diagram and says, "Password (variable): A variable-length array of bytes containing the password used by the user in Unicode format, including a null-terminator or a cookie value that MUST be passed to the target server on successful connection." I think it's the "or a cookie value" portion that is messing stuff up for me. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-29 04:21 Message: I haven't tried r1639 from svn yet, but I suspect it will not work in my case. The problem I have is that the redirect is coming with a 120 byte cookie instead of a password, so the iconv() on it fails because it's not a unicode string. It's just binary. To be clear, I'm sure the username will remain intact after a Broker redurect, but the password will not, so even though a user has entered the correct password they will have to enter it again if they are redirected to a different server. This redirection without re-entering your password feature works correctly in Mac and Windows RDP clients (or so I am told). I'm going to work on a patch, but my C skills are super rusty so I'm offering this comment in case someone is inspired to come up with a fix faster than I can. I'm also not sure if this bug should be re-opened or if I should open a separate bug for the "password not kept" behavior. I kinda lump it all together in my head as "redirect data not kept intact between receipt and re-connection." ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 13:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 12:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 11:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2011-11-17 23:44:53
|
Bugs item #3428380, was opened at 2011-10-25 13:21 Message generated for change (Comment added) made by You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Closed Resolution: Fixed Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:44 Message: I just tried the latest trunk build. I'm still seeing a problem. The username is being passed correctly, but when it tries to redirect to the correct computer, I get a "The user name or password is incorrect". In the console, I get: WARNING: rdp_in_unistr: iconv fail, errno 84 ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-31 00:40 Message: Unfortunately it seems like a few people have experience in this area. Your comments are very useful. If it is really iconv that is the problem, it should work if you build rdesktop without iconv support. You can do this by editing the Makefile after running configure. Replace HAVE_ICONV_H and HAVE_ICONV with anything (suggesting adding an X as a prefix). ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-29 10:43 Message: I tested r1639 and confirmed it does not address the password handling. The result is that a user is prompted for their password again if they are redirected after logging in. From reading the protocol docs, I think the redirect may need to be handled as a re-connect rather than a re-auth? I also get the feeling that I'm in way over my head and should wait to hear from someone with experience with this stuff. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:29 Message: Sorry, I left out some information. The systems I'm connecting to are setting the flags such that the password field has a length of 120 bytes and is definitely not unicode (I get an EINVAL from iconv()). I also saw at the RDP protocol docs that the password field could also be a cookie (http://msdn.microsoft.com/en-us/library/ee443575(v=PROT.10).aspx). The relevant portion of the protocol text is below the packet diagram and says, "Password (variable): A variable-length array of bytes containing the password used by the user in Unicode format, including a null-terminator or a cookie value that MUST be passed to the target server on successful connection." I think it's the "or a cookie value" portion that is messing stuff up for me. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:21 Message: I haven't tried r1639 from svn yet, but I suspect it will not work in my case. The problem I have is that the redirect is coming with a 120 byte cookie instead of a password, so the iconv() on it fails because it's not a unicode string. It's just binary. To be clear, I'm sure the username will remain intact after a Broker redurect, but the password will not, so even though a user has entered the correct password they will have to enter it again if they are redirected to a different server. This redirection without re-entering your password feature works correctly in Mac and Windows RDP clients (or so I am told). I'm going to work on a patch, but my C skills are super rusty so I'm offering this comment in case someone is inspired to come up with a fix faster than I can. I'm also not sure if this bug should be re-opened or if I should open a separate bug for the "password not kept" behavior. I kinda lump it all together in my head as "redirect data not kept intact between receipt and re-connection." ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 04:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 03:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 02:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2011-11-17 23:52:26
|
Bugs item #3428380, was opened at 2011-10-25 13:21 Message generated for change (Comment added) made by You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Closed Resolution: Fixed Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:52 Message: I also tried replacing the HAVE_ICONV stuff in the Makefile. That gets rid of iconv error, but the redirect still doesn't work. And I just realized I'm using Win2k8 R2, not win2k3. So maybe it needs to be a different bug report? ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:44 Message: I just tried the latest trunk build. I'm still seeing a problem. The username is being passed correctly, but when it tries to redirect to the correct computer, I get a "The user name or password is incorrect". In the console, I get: WARNING: rdp_in_unistr: iconv fail, errno 84 ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-31 00:40 Message: Unfortunately it seems like a few people have experience in this area. Your comments are very useful. If it is really iconv that is the problem, it should work if you build rdesktop without iconv support. You can do this by editing the Makefile after running configure. Replace HAVE_ICONV_H and HAVE_ICONV with anything (suggesting adding an X as a prefix). ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-29 10:43 Message: I tested r1639 and confirmed it does not address the password handling. The result is that a user is prompted for their password again if they are redirected after logging in. From reading the protocol docs, I think the redirect may need to be handled as a re-connect rather than a re-auth? I also get the feeling that I'm in way over my head and should wait to hear from someone with experience with this stuff. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:29 Message: Sorry, I left out some information. The systems I'm connecting to are setting the flags such that the password field has a length of 120 bytes and is definitely not unicode (I get an EINVAL from iconv()). I also saw at the RDP protocol docs that the password field could also be a cookie (http://msdn.microsoft.com/en-us/library/ee443575(v=PROT.10).aspx). The relevant portion of the protocol text is below the packet diagram and says, "Password (variable): A variable-length array of bytes containing the password used by the user in Unicode format, including a null-terminator or a cookie value that MUST be passed to the target server on successful connection." I think it's the "or a cookie value" portion that is messing stuff up for me. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:21 Message: I haven't tried r1639 from svn yet, but I suspect it will not work in my case. The problem I have is that the redirect is coming with a 120 byte cookie instead of a password, so the iconv() on it fails because it's not a unicode string. It's just binary. To be clear, I'm sure the username will remain intact after a Broker redurect, but the password will not, so even though a user has entered the correct password they will have to enter it again if they are redirected to a different server. This redirection without re-entering your password feature works correctly in Mac and Windows RDP clients (or so I am told). I'm going to work on a patch, but my C skills are super rusty so I'm offering this comment in case someone is inspired to come up with a fix faster than I can. I'm also not sure if this bug should be re-opened or if I should open a separate bug for the "password not kept" behavior. I kinda lump it all together in my head as "redirect data not kept intact between receipt and re-connection." ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 04:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 03:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 02:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2011-11-22 12:13:19
|
Bugs item #3428380, was opened at 2011-10-25 13:21 Message generated for change (Comment added) made by astrand You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 >Status: Open >Resolution: None Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- >Comment By: Peter Åstrand (astrand) Date: 2011-11-22 04:13 Message: I think patch r1639 is correct, but there might be other bugs lurking. To everyone that still have problems: Does any revision/version of rdesktop work for you? Ie, does the latest revision cause any regression, or is it just that it still needs some work? ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:52 Message: I also tried replacing the HAVE_ICONV stuff in the Makefile. That gets rid of iconv error, but the redirect still doesn't work. And I just realized I'm using Win2k8 R2, not win2k3. So maybe it needs to be a different bug report? ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:44 Message: I just tried the latest trunk build. I'm still seeing a problem. The username is being passed correctly, but when it tries to redirect to the correct computer, I get a "The user name or password is incorrect". In the console, I get: WARNING: rdp_in_unistr: iconv fail, errno 84 ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-31 00:40 Message: Unfortunately it seems like a few people have experience in this area. Your comments are very useful. If it is really iconv that is the problem, it should work if you build rdesktop without iconv support. You can do this by editing the Makefile after running configure. Replace HAVE_ICONV_H and HAVE_ICONV with anything (suggesting adding an X as a prefix). ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-29 10:43 Message: I tested r1639 and confirmed it does not address the password handling. The result is that a user is prompted for their password again if they are redirected after logging in. From reading the protocol docs, I think the redirect may need to be handled as a re-connect rather than a re-auth? I also get the feeling that I'm in way over my head and should wait to hear from someone with experience with this stuff. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:29 Message: Sorry, I left out some information. The systems I'm connecting to are setting the flags such that the password field has a length of 120 bytes and is definitely not unicode (I get an EINVAL from iconv()). I also saw at the RDP protocol docs that the password field could also be a cookie (http://msdn.microsoft.com/en-us/library/ee443575(v=PROT.10).aspx). The relevant portion of the protocol text is below the packet diagram and says, "Password (variable): A variable-length array of bytes containing the password used by the user in Unicode format, including a null-terminator or a cookie value that MUST be passed to the target server on successful connection." I think it's the "or a cookie value" portion that is messing stuff up for me. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:21 Message: I haven't tried r1639 from svn yet, but I suspect it will not work in my case. The problem I have is that the redirect is coming with a 120 byte cookie instead of a password, so the iconv() on it fails because it's not a unicode string. It's just binary. To be clear, I'm sure the username will remain intact after a Broker redurect, but the password will not, so even though a user has entered the correct password they will have to enter it again if they are redirected to a different server. This redirection without re-entering your password feature works correctly in Mac and Windows RDP clients (or so I am told). I'm going to work on a patch, but my C skills are super rusty so I'm offering this comment in case someone is inspired to come up with a fix faster than I can. I'm also not sure if this bug should be re-opened or if I should open a separate bug for the "password not kept" behavior. I kinda lump it all together in my head as "redirect data not kept intact between receipt and re-connection." ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 04:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 03:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 02:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2012-03-20 14:22:34
|
Bugs item #3428380, was opened at 2011-10-25 13:21 Message generated for change (Comment added) made by You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Open Resolution: None Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- Comment By: https://www.google.com/accounts () Date: 2012-03-20 07:22 Message: I just built r1658 (1.7.1post) and tried against our farm with 2008R2 machines, and I redirect is still broken. I dont get any iconv errors this time, it just freezes for a while, then gives me a "broken pipe" error and exits. I also tried removing the iconv stuff from the makefile, same error. What more info can I provide to help get this fixed? ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-11-22 04:13 Message: I think patch r1639 is correct, but there might be other bugs lurking. To everyone that still have problems: Does any revision/version of rdesktop work for you? Ie, does the latest revision cause any regression, or is it just that it still needs some work? ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:52 Message: I also tried replacing the HAVE_ICONV stuff in the Makefile. That gets rid of iconv error, but the redirect still doesn't work. And I just realized I'm using Win2k8 R2, not win2k3. So maybe it needs to be a different bug report? ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:44 Message: I just tried the latest trunk build. I'm still seeing a problem. The username is being passed correctly, but when it tries to redirect to the correct computer, I get a "The user name or password is incorrect". In the console, I get: WARNING: rdp_in_unistr: iconv fail, errno 84 ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-31 00:40 Message: Unfortunately it seems like a few people have experience in this area. Your comments are very useful. If it is really iconv that is the problem, it should work if you build rdesktop without iconv support. You can do this by editing the Makefile after running configure. Replace HAVE_ICONV_H and HAVE_ICONV with anything (suggesting adding an X as a prefix). ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-29 10:43 Message: I tested r1639 and confirmed it does not address the password handling. The result is that a user is prompted for their password again if they are redirected after logging in. From reading the protocol docs, I think the redirect may need to be handled as a re-connect rather than a re-auth? I also get the feeling that I'm in way over my head and should wait to hear from someone with experience with this stuff. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:29 Message: Sorry, I left out some information. The systems I'm connecting to are setting the flags such that the password field has a length of 120 bytes and is definitely not unicode (I get an EINVAL from iconv()). I also saw at the RDP protocol docs that the password field could also be a cookie (http://msdn.microsoft.com/en-us/library/ee443575(v=PROT.10).aspx). The relevant portion of the protocol text is below the packet diagram and says, "Password (variable): A variable-length array of bytes containing the password used by the user in Unicode format, including a null-terminator or a cookie value that MUST be passed to the target server on successful connection." I think it's the "or a cookie value" portion that is messing stuff up for me. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:21 Message: I haven't tried r1639 from svn yet, but I suspect it will not work in my case. The problem I have is that the redirect is coming with a 120 byte cookie instead of a password, so the iconv() on it fails because it's not a unicode string. It's just binary. To be clear, I'm sure the username will remain intact after a Broker redurect, but the password will not, so even though a user has entered the correct password they will have to enter it again if they are redirected to a different server. This redirection without re-entering your password feature works correctly in Mac and Windows RDP clients (or so I am told). I'm going to work on a patch, but my C skills are super rusty so I'm offering this comment in case someone is inspired to come up with a fix faster than I can. I'm also not sure if this bug should be re-opened or if I should open a separate bug for the "password not kept" behavior. I kinda lump it all together in my head as "redirect data not kept intact between receipt and re-connection." ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 04:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 03:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 02:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2012-04-10 10:06:05
|
Bugs item #3428380, was opened at 2011-10-25 13:21 Message generated for change (Comment added) made by girolimetti You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Open Resolution: None Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- Comment By: Stefano Girolimetti (girolimetti) Date: 2012-04-10 03:06 Message: This bug seems a duplictae of 2845414. I've just left some notes there. I'm also affected and I'm on version 1.71. We should get this fixed. I can provide packet captures / straces if needed. ---------------------------------------------------------------------- Comment By: https://www.google.com/accounts () Date: 2012-03-20 07:22 Message: I just built r1658 (1.7.1post) and tried against our farm with 2008R2 machines, and I redirect is still broken. I dont get any iconv errors this time, it just freezes for a while, then gives me a "broken pipe" error and exits. I also tried removing the iconv stuff from the makefile, same error. What more info can I provide to help get this fixed? ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-11-22 04:13 Message: I think patch r1639 is correct, but there might be other bugs lurking. To everyone that still have problems: Does any revision/version of rdesktop work for you? Ie, does the latest revision cause any regression, or is it just that it still needs some work? ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:52 Message: I also tried replacing the HAVE_ICONV stuff in the Makefile. That gets rid of iconv error, but the redirect still doesn't work. And I just realized I'm using Win2k8 R2, not win2k3. So maybe it needs to be a different bug report? ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:44 Message: I just tried the latest trunk build. I'm still seeing a problem. The username is being passed correctly, but when it tries to redirect to the correct computer, I get a "The user name or password is incorrect". In the console, I get: WARNING: rdp_in_unistr: iconv fail, errno 84 ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-31 00:40 Message: Unfortunately it seems like a few people have experience in this area. Your comments are very useful. If it is really iconv that is the problem, it should work if you build rdesktop without iconv support. You can do this by editing the Makefile after running configure. Replace HAVE_ICONV_H and HAVE_ICONV with anything (suggesting adding an X as a prefix). ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-29 10:43 Message: I tested r1639 and confirmed it does not address the password handling. The result is that a user is prompted for their password again if they are redirected after logging in. From reading the protocol docs, I think the redirect may need to be handled as a re-connect rather than a re-auth? I also get the feeling that I'm in way over my head and should wait to hear from someone with experience with this stuff. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:29 Message: Sorry, I left out some information. The systems I'm connecting to are setting the flags such that the password field has a length of 120 bytes and is definitely not unicode (I get an EINVAL from iconv()). I also saw at the RDP protocol docs that the password field could also be a cookie (http://msdn.microsoft.com/en-us/library/ee443575(v=PROT.10).aspx). The relevant portion of the protocol text is below the packet diagram and says, "Password (variable): A variable-length array of bytes containing the password used by the user in Unicode format, including a null-terminator or a cookie value that MUST be passed to the target server on successful connection." I think it's the "or a cookie value" portion that is messing stuff up for me. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:21 Message: I haven't tried r1639 from svn yet, but I suspect it will not work in my case. The problem I have is that the redirect is coming with a 120 byte cookie instead of a password, so the iconv() on it fails because it's not a unicode string. It's just binary. To be clear, I'm sure the username will remain intact after a Broker redurect, but the password will not, so even though a user has entered the correct password they will have to enter it again if they are redirected to a different server. This redirection without re-entering your password feature works correctly in Mac and Windows RDP clients (or so I am told). I'm going to work on a patch, but my C skills are super rusty so I'm offering this comment in case someone is inspired to come up with a fix faster than I can. I'm also not sure if this bug should be re-opened or if I should open a separate bug for the "password not kept" behavior. I kinda lump it all together in my head as "redirect data not kept intact between receipt and re-connection." ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 04:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 03:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 02:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |
From: SourceForge.net <no...@so...> - 2012-10-19 21:17:42
|
Bugs item #3428380, was opened at 2011-10-25 13:21 Message generated for change (Comment added) made by You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Authentication Group: v1.7.1 Status: Open Resolution: None Priority: 7 Private: No Submitted By: m_etscheid (m_etscheid) Assigned to: Nobody/Anonymous (nobody) Summary: session redirection broken in 1.7.0 Initial Comment: Hi, the support for session redirection for W2003 is broken in 1.7.0. The RDP redirect paket does not contain the complete user name. Version 1.6.0 works fine. ---------------------------------------------------------------------- Comment By: Jarosław (Jarek) Polok () Date: 2012-10-19 14:07 Message: Hello, Please see: https://sourceforge.net/tracker/?func=detail&aid=3575645&group_id=24366&atid=381349 (tracker patches item 3575645) Cheers Jarek ---------------------------------------------------------------------- Comment By: Stefano Girolimetti (girolimetti) Date: 2012-04-10 03:06 Message: This bug seems a duplictae of 2845414. I've just left some notes there. I'm also affected and I'm on version 1.71. We should get this fixed. I can provide packet captures / straces if needed. ---------------------------------------------------------------------- Comment By: https://www.google.com/accounts () Date: 2012-03-20 07:22 Message: I just built r1658 (1.7.1post) and tried against our farm with 2008R2 machines, and I redirect is still broken. I dont get any iconv errors this time, it just freezes for a while, then gives me a "broken pipe" error and exits. I also tried removing the iconv stuff from the makefile, same error. What more info can I provide to help get this fixed? ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-11-22 04:13 Message: I think patch r1639 is correct, but there might be other bugs lurking. To everyone that still have problems: Does any revision/version of rdesktop work for you? Ie, does the latest revision cause any regression, or is it just that it still needs some work? ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:52 Message: I also tried replacing the HAVE_ICONV stuff in the Makefile. That gets rid of iconv error, but the redirect still doesn't work. And I just realized I'm using Win2k8 R2, not win2k3. So maybe it needs to be a different bug report? ---------------------------------------------------------------------- Comment By: Steve Cleveland () Date: 2011-11-17 15:44 Message: I just tried the latest trunk build. I'm still seeing a problem. The username is being passed correctly, but when it tries to redirect to the correct computer, I get a "The user name or password is incorrect". In the console, I get: WARNING: rdp_in_unistr: iconv fail, errno 84 ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-31 00:40 Message: Unfortunately it seems like a few people have experience in this area. Your comments are very useful. If it is really iconv that is the problem, it should work if you build rdesktop without iconv support. You can do this by editing the Makefile after running configure. Replace HAVE_ICONV_H and HAVE_ICONV with anything (suggesting adding an X as a prefix). ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-29 10:43 Message: I tested r1639 and confirmed it does not address the password handling. The result is that a user is prompted for their password again if they are redirected after logging in. From reading the protocol docs, I think the redirect may need to be handled as a re-connect rather than a re-auth? I also get the feeling that I'm in way over my head and should wait to hear from someone with experience with this stuff. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:29 Message: Sorry, I left out some information. The systems I'm connecting to are setting the flags such that the password field has a length of 120 bytes and is definitely not unicode (I get an EINVAL from iconv()). I also saw at the RDP protocol docs that the password field could also be a cookie (http://msdn.microsoft.com/en-us/library/ee443575(v=PROT.10).aspx). The relevant portion of the protocol text is below the packet diagram and says, "Password (variable): A variable-length array of bytes containing the password used by the user in Unicode format, including a null-terminator or a cookie value that MUST be passed to the target server on successful connection." I think it's the "or a cookie value" portion that is messing stuff up for me. ---------------------------------------------------------------------- Comment By: Robert de Forest () Date: 2011-10-28 19:21 Message: I haven't tried r1639 from svn yet, but I suspect it will not work in my case. The problem I have is that the redirect is coming with a 120 byte cookie instead of a password, so the iconv() on it fails because it's not a unicode string. It's just binary. To be clear, I'm sure the username will remain intact after a Broker redurect, but the password will not, so even though a user has entered the correct password they will have to enter it again if they are redirected to a different server. This redirection without re-entering your password feature works correctly in Mac and Windows RDP clients (or so I am told). I'm going to work on a patch, but my C skills are super rusty so I'm offering this comment in case someone is inspired to come up with a fix faster than I can. I'm also not sure if this bug should be re-opened or if I should open a separate bug for the "password not kept" behavior. I kinda lump it all together in my head as "redirect data not kept intact between receipt and re-connection." ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 04:26 Message: I used last SVN version and it works. Thanks ---------------------------------------------------------------------- Comment By: Peter Åstrand (astrand) Date: 2011-10-26 03:54 Message: I've committed a patch to trunk now. Can you try the latest SVN version and see if it works? ---------------------------------------------------------------------- Comment By: m_etscheid (m_etscheid) Date: 2011-10-26 02:50 Message: Found following changes: --- rdesktop-1.7.0.org/rdp.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdp.c 2011-10-26 01:01:00.789038907 -0700 @@ -1520,7 +1520,7 @@ /* read username string */ g_redirect_username = (char *) xmalloc(len + 1); - rdp_in_unistr(s, g_redirect_username, strlen(g_redirect_username), len); + rdp_in_unistr(s, g_redirect_username, len + 1, len); } if (g_redirect_flags & PDU_REDIRECT_HAS_DOMAIN) --- rdesktop-1.7.0.org/rdesktop.c 2011-04-18 04:21:57.000000000 -0700 +++ rdesktop-1.7.0/rdesktop.c 2011-10-26 00:58:33.445042788 -0700 @@ -988,7 +988,7 @@ STRNCPY(domain, g_redirect_domain, sizeof(domain)); xfree(g_username); g_username = (char *) xmalloc(strlen(g_redirect_username) + 1); - STRNCPY(g_username, g_redirect_username, sizeof(g_username)); + STRNCPY(g_username, g_redirect_username, strlen(g_redirect_username) + 1); STRNCPY(password, g_redirect_password, sizeof(password)); STRNCPY(server, g_redirect_server, sizeof(server)); flags |= RDP_LOGON_AUTO; ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=381347&aid=3428380&group_id=24366 |