From 789463ce7664677ae8bb3f893c1682ed6e75d7ee Mon Sep 17 00:00:00 2001
From: Michael Jumper <mjumper@apache.org>
Date: Mon, 2 Mar 2020 14:15:27 -0800
Subject: [PATCH 1/2] GUACAMOLE-978: Respond to Handshake/HandshakeEx PDU
 received via RAIL with client Handshake PDU.

---
 src/protocols/rdp/channels/rail.c | 30 ++++++++++++++++++++++++------
 1 file changed, 24 insertions(+), 6 deletions(-)

diff --git a/src/protocols/rdp/channels/rail.c b/src/protocols/rdp/channels/rail.c
index 3e800075..6a94eda0 100644
--- a/src/protocols/rdp/channels/rail.c
+++ b/src/protocols/rdp/channels/rail.c
@@ -48,12 +48,14 @@
 #endif
 
 /**
- * Completes initialization of the RemoteApp session, sending client system
- * parameters and executing the desired RemoteApp command using the Client
- * System Parameters Update PDU and Client Execute PDU respectively. These PDUs
- * MUST be sent for the desired RemoteApp to run, and MUST NOT be sent until
- * after a Handshake or HandshakeEx PDU has been received. See:
+ * Completes initialization of the RemoteApp session, responding to the server
+ * handshake, sending client system parameters, and executing the desired
+ * RemoteApp command. This is accomplished using the Handshake PDU, Client
+ * System Parameters Update PDU, and Client Execute PDU respectively. These
+ * PDUs MUST be sent for the desired RemoteApp to run, and MUST NOT be sent
+ * until after a Handshake or HandshakeEx PDU has been received. See:
  *
+ * https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdperp/cec4eb83-b304-43c9-8378-b5b8f5e7082a (Handshake PDU)
  * https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdperp/60344497-883f-4711-8b9a-828d1c580195 (System Parameters Update PDU)
  * https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdperp/98a6e3c3-c2a9-42cc-ad91-0d9a6c211138 (Client Execute PDU)
  *
@@ -67,9 +69,25 @@
  */
 static UINT guac_rdp_rail_complete_handshake(RailClientContext* rail) {
 
+    UINT status;
+
     guac_client* client = (guac_client*) rail->custom;
     guac_rdp_client* rdp_client = (guac_rdp_client*) client->data;
 
+    RAIL_HANDSHAKE_ORDER handshake = {
+
+        /* Build number 7600 (0x1DB0) apparently represents Windows 7 and
+         * compatibility with RDP 7.0. As of this writing, this is the same
+         * build number sent for RAIL connections by xfreerdp. */
+        .buildNumber = 7600
+
+    };
+
+    /* Send client handshake response */
+    status = rail->ClientHandshake(rail, &handshake);
+    if (status != CHANNEL_RC_OK)
+        return status;
+
     RAIL_SYSPARAM_ORDER sysparam = {
         .workArea = {
             .left   = 0,
@@ -81,7 +99,7 @@ static UINT guac_rdp_rail_complete_handshake(RailClientContext* rail) {
     };
 
     /* Send client system parameters */
-    UINT status = rail->ClientSystemParam(rail, &sysparam);
+    status = rail->ClientSystemParam(rail, &sysparam);
     if (status != CHANNEL_RC_OK)
         return status;
 

From 5e1b92cb65852ec9480e0b31699f395c1832daef Mon Sep 17 00:00:00 2001
From: Michael Jumper <mjumper@apache.org>
Date: Mon, 2 Mar 2020 15:01:58 -0800
Subject: [PATCH 2/2] GUACAMOLE-979: Ensure all FreeRDP settings strings are
 independent duplicates of their corresponding Guacamole settings.

FreeRDP 2.0.0 will automatically free all settings strings when the
settings structure is freed. As we will also do the same for our own
settings strings, the FreeRDP settings must be kept independent. There
is no guarantee that the FreeRDP settings will be pushed before an error
causes the connection to abort, nor that the FreeRDP settings will not
need to be pushed multiple times due to an automatic reconnect.
---
 src/protocols/rdp/settings.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/protocols/rdp/settings.c b/src/protocols/rdp/settings.c
index 864e6427..117b50bf 100644
--- a/src/protocols/rdp/settings.c
+++ b/src/protocols/rdp/settings.c
@@ -1296,9 +1296,9 @@ void guac_rdp_push_settings(guac_client* client,
         rdp_settings->Workarea = TRUE;
         rdp_settings->RemoteApplicationMode = TRUE;
         rdp_settings->RemoteAppLanguageBarSupported = TRUE;
-        rdp_settings->RemoteApplicationProgram = guac_settings->remote_app;
+        rdp_settings->RemoteApplicationProgram = guac_rdp_strdup(guac_settings->remote_app);
         rdp_settings->ShellWorkingDirectory = guac_rdp_strdup(guac_settings->remote_app_dir);
-        rdp_settings->RemoteApplicationCmdLine = guac_settings->remote_app_args;
+        rdp_settings->RemoteApplicationCmdLine = guac_rdp_strdup(guac_settings->remote_app_args);
     }
 
     /* Preconnection ID */
@@ -1312,7 +1312,7 @@ void guac_rdp_push_settings(guac_client* client,
     if (guac_settings->preconnection_blob != NULL) {
         rdp_settings->NegotiateSecurityLayer = FALSE;
         rdp_settings->SendPreconnectionPdu = TRUE;
-        rdp_settings->PreconnectionBlob = guac_settings->preconnection_blob;
+        rdp_settings->PreconnectionBlob = guac_rdp_strdup(guac_settings->preconnection_blob);
     }
 
     /* Enable use of RD gateway if a gateway hostname is provided */