Description of problem:
To be able to fix feature request from #1290449, we need to have newer FreeRDP available (at least 1.1). There is (*pVerifyChangedCertificate) callback defined in it which allows us to inform user about change of fingerprint of certificate of remote machine so that he can accept or reject the new certificate.
Steps to Reproduce:
1. Connect to remote Windows machine
2. Accept given certificate
3. Change fingerprint of the machine in ~/.freerdp/known_hosts to something else
4. Connect to the machine again
There is just a general connection error message
It asks user to accept or reject the changed certificate
There is more bugs which will be fixed by the rebase. The problem is that freerdp-1.0 is latest official upstream stable release. Though there were 1.1 and 1.2 beta releases, but they have never been released as stable. Upstream told that current master (future 2.0) is most stable version ever, but release isn't scheduled yet...
Another problem might be that the public API was changed a lot since 1.0 version and also cmd syntax is different...
See some recent discussions on mailing list regarding to releases:
Upstream wants to make API freeze around July and then they want to work towards 2.0-rc1, see:
So let's reconsider this for rhel-7.4.
*** Bug 1417798 has been marked as a duplicate of this bug. ***
Probably the latest info about the planned release can be found at:
However, it seems that there aren't any timelines yet...
Good news is that 2.0.0-rc0 has been finally released:
Let's move this in 7.6 since the stable release was not released yet...
Freerdp master is slowly reaching rc2 and after that, it will be likely stable release. I don't think it will be in time for RHEL 7.6 unfortunately, but I RHEL 7.7 sounds feasible. We can't do much here before the new stable release.
Also, I don't think that it will be possible to just simply rebase due to API changes, but freerdp2 packages will have to be added alongside probably.
rc2 is out, but one more release candidate (rc3) was announced before the final release:
Due to planned work load for 7.6 I would like to push this to 7.7 if possible.
1. Could you Red Hatters please make 1571842 public?
2. FreeRDP 2.0.0-dev prior to a 2018-03-20 cannot connect to Windows systems that have the patch for CVE-2018-0886 (CredSSP update) applied:
3. For RHEL6 & RHEL 7.5 systems, I have RPMs available here:
I modified the RPM packaging of the Fedora 26/27/28 version of FreeRDP 2.0.0-dev from 2018-04-05 (including the fix for #2, shortly before 2.0.0rc2 was released) so that it would build on RHEL 7.5, and then adapted it even more for RHEL6.
You can view the RPM packaging here:
Vinagre had to be rebuilt/patched for it too:
I intend to update it when Fedora releases updates, but it's not automatic.
4. Reminder: I am a Fedora contributor but I cannot speak for Red Hat. Maybe they'll use this packaging, maybe they won't.
We can't rebase before another official upstream release. 2.0-rc3 is almost ready, but still, there is long bug list, which needs to be resolved before 2.0. See:
Let's postpone this to RHEL-7.7.
However, I will try to convince Fedora maintainers to provide EPEL package for it:
(In reply to Michael DePaulo from comment #10)
> 1. Could you Red Hatters please make 1571842 public?
I don't think we can make 1571842 public, but it is only internal bug tracker for the upcoming release, nothing interesting.
> 3. For RHEL6 & RHEL 7.5 systems, I have RPMs available here:
Thanks for the COPR repository, however, I think the better way would be to provide EPEL packages. Aren't you interested in it? See my previous comment.
Just a note that 2.0.0-rc3 was released before some time and recently 2.0.0-rc4 milestone has been added and is expected to be out soon. There are still some issues which block 2.0.0 to be finally released.
The rebase requires vinagre rebuild due to API/ABI changes, see 1680229. I am not going to provide the compat package at this point, because vinagre is only package which uses freerdp libraries and freerdp is not on ABI compatibility list. We can add the compat package later if needed.
Just a note that kdenetwork-krdc depends on freerdp as well, but it just calls xfreerdp, so kdenetwork rebase is not needed. It seems it works correctly with the rebased version.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.