Hardening consulting

I've recently done some fixes in winPR with timers with completion and I've encoutered a case that may find interesting.

It's about handling EINTR: when a system call in interrupted by an incoming signal, you'll get a -1 return code and errno set to EINTR. So usually when you want to be protected against that behaviour you'll code something like:

#include <sys/select.h>
#include <errno.h>

void myFunction() {
    struct fd_set rset;
    int status, max_fd;

    ...


    do {
        ret = select(max_fd, &rset, NULL, NULL, NULL);
    } while (ret < 0 && errno == EINTR);
}

Ok, so problem treated, you can apply that scheme for any system call and you're done, isn't it ?

The poll case

Read more…

Months that I have not posted anything. So let's begin with some wishes for the new year, let's hope the Covid will be more quiet in 2021.

I'm currently working on implementing UDP support in FreeRDP, so let's have a serie of post on that subject. I'm gonna begin with an overview, how it works, implications and I'll certainly go more in the details in the next posts.


Overview of the UDP transport

Documentation and specifications

The UDP transport is described in multiple specifications:

  • MS-RDPBCGR : the core RDP specification, we have some flags in GCC packets, and of course the description of multi-transport;
  • MS-RDPEMT : this document describes multi-transport, that allows to install multiple transports at the same time;
  • MS-RDPEUDP : the UDP transport itself;
  • MS-RDPEUDP2 : the new version of the protocol;
  • MS_RDPEDYC : dynamic channels specification;

Read more…

Long time no post. I did quite a lot of things around ogon these last months, and for testing purpose, I had to deploy ogon on many hosts. The deployment guide is ok, but it's a long and repetitive operation. And thinking of it, if we can write these instructions in a manual, then for sure we can automate these operations in a script.


Accendino

So I've created that little software accendino (lighter in italian) that will allow you to start a big fire (ogon in russian).

Read more…

Windows VMs are so slow under KVM. When you're a FreeRDP developper, you always end up with being forced to have windows VMs to test that old features are still working, or to test new shiny features (yes I love unicorns).


Read more…

When you're working on FreeRDP, it's quite usual to increase the log level and to have to collect a massive amount of logs. And most often it doesn't fit in the terminal backscroll history, or it is so slow (terminal rendering is CPU intensive) that you need a file storage. Another case is when you're on a remote host and you want to retrieve the log over the network.

As each time I want to use the WLog capacities I'm looking at the source code, I had the idea to write that post on the subject, so that next time I will look at this text.

Read more…

While working on topka, I've used the twisted framework. Twisted tutorials are really good with lots of practical examples, anyway after using the framework for weeks, I gain enough experience to write a post about some tricks I've discovered.

Disclaimer: you will not find here something that is not already in the twisted docs.

Using deferred

While using twisted, it happens that you can be a situation where you can either return a final value or do the computation asynchronously and return a Deferred. The code looks like:

import twisted.internet.defer as defer

def myFunc():
    def treatRet():
        ...

    ret = functionThatProcess(...)
    if isinstance(ret, defer.Deferred):
        ret.addCallback(treatRet)
    else:
        ret = treatRet(ret)

    return ret

Read more…

Better late than never. Four years ago I was giving a talk on FreeRDS at the XDC 2014 and I was announcing that we would opensource the project at the end of the year. The opensourcing is finally here but in April 2018, you can observe a kind of delay !


About

We were late

So obviously lots of things have occured since 2014. First the project's name has changed: it was initially FreeRDS but the name was owned by one of the project's member. And our fork has diverged a lot, so there was the necessity for a new name. We thought at fireRDS,

Read more…

After watching a video on meson, it made me want to play with this software to see how it was in practise. So I did a first shot on a OGON subproject that uses cmake as build system.


Lovely CMake

I often hear that everybody hates cmake, but lots of projects use it anyway. So most probably it's for bad reasons. I'm not an exception, and as soon as I have to touch these lovely CMakeFile.txt, I always feel dirty, or at least I never have the impression to have done some nice job. This happens even when everything goes as I wanted. Not even talking of when things go wrong, with epic debugging sessions. I must be missing the cmake pĥilosophy because everytime I suspect a behaviour, cmake does it the opposite way. So everytime there's some cmake involved I'm reticent to go in that work.

Read more…

The LCA (inux Conference Australia) is one of my favorite conference, with talks of good technical level. Some years ago, it's a talk by Daniel Stone that lead me to start playing with Wayland.

A selection of my preferred talks:

  • The talk by Keith Packard on VR helmet in X, it was very interesting. A nice trip in the Xorg world;

    Read more…

Let's start this new year (best wishes) with some RDP stuff, in this post I will talk of an implementation to resize the window in xfreerdp.

Context

FreeRDP already had the smart-sizing option, it allows to see the window with a given aspect ratio: 100, 150 ou 180 percent.

With the MS-RDPEDISP specification, the client can send its monitors layout to the server in real time, that allows the server to react when an output is plugged or unplugged, or when the resolution changes. You can experiment that with mstsc in fullscreen mode, if you change resolution while the mstsc window is iconized, when you uniconize, it is supposed to resize.

You can also use that specification to make the RDP window resizable: you announce a monitor that has the size of the client window.

Read more…