sendnrw/rdpgw
2
0
Fork 0
mirror of https://github.com/bolkedebruin/rdpgw.git synced 2026-05-12 19:30:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
307 Commits 6 Branches 11 Tags
cbb1e5feb32beebb8eed76274db70fe137a180ab
Commit Graph

57 Commits

Author SHA1 Message Date
bolkedebruin
754896b473 Add type-safe URL override mechanism for RDP options (#182) 
Introduce a generic, allow-list-gated way for the /connect endpoint to
accept RDP setting overrides via URL query parameters. Operators opt in
via client.rdpoverridablekeys; absent that allow-list, URL-driven
overrides are rejected with 400.

Override values are routed through rdp.Builder.ApplyOverrides, which
matches query keys against the rdp struct tags of RdpSettings and
validates per Go field type. Overridden fields are tracked so explicit
values always serialize even when they equal the field default. The
override pass runs before authoritative server-controlled fields
(gateway address, access token, full address, username) so those
always win.

This replaces the per-option string-splice approach considered in #181:
multimon now works via ?usemultimon=1 against an operator allow-list
containing "use multimon", and any other RDP key follows the same path
without bespoke handler code.
 2026-04-30 11:58:47 +02:00
Bolke de Bruin
fd5b89a39c Add extra on mstsc 2025-09-26 00:25:58 +02:00
Bolke de Bruin
75a7ca62a9 Add header authentication 2025-09-18 22:36:04 +02:00
Andrew Heberle
2b9ec4a3f0 Allow signing downloaded RDP file (#156) 
Implement signing of RDP files downloaded from web
 2025-09-05 14:21:32 +02:00
Firman Alamsyah
80604075d0 docs: Add link to docker hub (#128) 
Added link to docker hub
 2025-01-15 23:24:19 +01:00
m7913d
372dc43ef2 Support for NTLM authentication added (#109) 
* Support for NTLM authentication added

To support NTLM authentication, a database is added as an authentication source.
Currently, only the configuration file is supported as a database.
Database authentication supports Basic and NTLM authentication protcols.

ServerConfig.BasicAuthEnabled renamed to LocalEnabled as Basic auth can be used with NTLM or Local.
 2024-04-24 14:12:41 +02:00
Bolke de Bruin
9c6d056d69 Use jose v4 and make clearer and fix signing/encryption 2024-04-12 12:33:46 +02:00
Bolke de Bruin
2d9a368fc4 More details about the clients 2024-03-21 16:36:47 +01:00
Bolke de Bruin
f95ff94a76 Add note about mstsc 2024-03-20 11:23:34 +01:00
Bolke de Bruin
dc60652b83 Add docker compose options 2024-03-19 09:30:03 +01:00
Bolke de Bruin
1006f2bac9 Further details 2024-03-18 12:08:58 +01:00
Bolke de Bruin
32693f4197 Update images 2024-03-18 12:07:56 +01:00
Bolke de Bruin
43ac78bf57 Fixes 2024-03-18 11:36:55 +01:00
Bolke de Bruin
918f1b9e93 Clarify usage 2024-03-18 11:34:43 +01:00
Bolke de Bruin
43493e9548 Add more docs 2024-03-18 11:18:44 +01:00
Bolke de Bruin
5d92dcff8d Improve security docs 2024-03-16 14:59:04 +01:00
Jonathan Giroux (Koltes)
8e117ad083 Can omit username from rendered RDP (#83) 2024-03-15 12:30:22 +01:00
ryanblenis
f72613c2ba Add BasicAuthTimeout setting versus static 5 seconds (#90) 2023-12-16 21:07:37 +01:00
bolkedebruin
769abae3ba Update README.md 
Kerberos is integrated
 2023-04-17 07:25:43 +00:00
Ben Westover
b11eb0879e Clarify build dependencies (#64) 2023-01-09 16:25:57 +01:00
bolkedebruin
236ddb4f9b Update README.md 
Some clarifications
 2022-10-18 11:59:03 +02:00
Bolke de Bruin
2a2edaa21c Update readme with settings for tls 2022-08-31 09:52:55 +02:00
bolkedebruin
159cf56154 Update README.md 2022-08-25 12:41:56 +02:00
Bolke de Bruin
be77ffef12 Update readme 2022-08-25 12:29:07 +02:00
Bolke de Bruin
16c087d3bf Add config items and checks 2022-08-25 12:26:03 +02:00
Bolke de Bruin
8bc3e25f83 Allow host query parameter 
the host query parameter can now be used
dependent on the `hostselection` config.
 2022-08-17 10:49:21 +02:00
Bolke de Bruin
40d9cdda57 Make config more docker friendly 2022-08-16 14:54:31 +02:00
bolkedebruin
3ca05cbf16 Encryption keys need to be 32 characters 2022-08-14 20:21:55 +02:00
Bolke de Bruin
bdd0155dbb Switch to uppercase due to koanf 2022-08-11 14:43:30 +02:00
Bolke de Bruin
cd4182c1f5 Switch from viper to koanf 2022-08-11 13:58:24 +02:00
bolkedebruin
c8acaeff0e Update README with docker badges 2022-08-09 10:52:21 +02:00
Bolke de Bruin
008ae03557 TLS updates 2022-08-04 21:49:59 +02:00
Bolke de Bruin
a548d2b30a Update doc on tls 2022-08-04 21:38:19 +02:00
Bolke de Bruin
188ce3586d Update build instructions 2021-05-17 11:42:18 +02:00
Bolke de Bruin
505eafdc1e Support setting send/receive buffers for the IP sockets 2020-09-11 22:01:40 +02:00
Bolke de Bruin
c6cfdc4dd4 Add support for splitting the username from the domain to enable smaller tokens 2020-08-31 21:07:58 +02:00
Bolke de Bruin
c66a2c9dd3 Change user templating and split domain name 2020-08-30 21:13:53 +02:00
Bolke de Bruin
6358eb1fa5 Add doc 2020-08-22 10:07:43 +02:00
Bolke de Bruin
27f2220a6e Make the use of a user token configurable 2020-08-22 10:04:31 +02:00
Bolke de Bruin
93c558786f Add description on endpoint 2020-08-19 14:44:53 +02:00
Bolke de Bruin
188f077da1 Work with go-jose to have encryption 2020-08-19 11:33:26 +02:00
bolkedebruin
007f93ed4a Update README.md 
Provide friendlier description on testing
 2020-07-28 08:57:42 +02:00
Krzysztof Adamski
94acec7529 Add local docker test environment (#1) 
* local docker test environment with keycloak and xrdp

Co-authored-by: Krzysztof Adamski <krzysztof.adamski@ing.com>
 2020-07-28 08:49:58 +02:00
Bolke de Bruin
263312dc7b Fix check and use 256 bit 2020-07-25 21:27:03 +02:00
Bolke de Bruin
0b299619ff Make sure to validate the client's ip address 2020-07-25 21:00:58 +02:00
Bolke de Bruin
5fc75ef877 More security documentation 2020-07-25 19:57:27 +02:00
Bolke de Bruin
6d7eb94deb Add extra info in readme 2020-07-25 19:50:00 +02:00
Bolke de Bruin
5de3767e70 Use encryption for cookies 2020-07-24 16:22:13 +02:00
Bolke de Bruin
46e1e9b9f4 Switch to jwt tokens and allow some extra rdp settings 2020-07-24 11:54:43 +02:00
Bolke de Bruin
3ace4610fc Make sample config work with current state 2020-07-23 13:09:29 +02:00