feat(client): support HyperV VM Connect

[irvingoujAtDevolution]

The main changes primarily involves changing in sequence of the connector state. With vmconnect, our connection goes from
Preconnection Blob -> TLS -> CredSSP -> Cookie/InitRequest

where as oppose to original sequence, the cookie is sent before TLS

[Copilot]

Pull Request Overview

This PR adds support for Hyper-V VM Connect by introducing a Preconnection Blob exchange before TLS, updating connector state handling, and exposing a vmconnect option throughout FFI, connector, CLI, and web session layers.

• Exposed a new vmconnect flag (String) in configs and FFI APIs
• Introduced a PreconnectionBlob state to send a VM Connect Pcb before TLS, then reordered the sequence
• Added --vmconnect CLI argument and propagated the flag through async/blocking connectors

Reviewed Changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
ffi/src/credssp/mod.rs	Added vmconnect: bool to sequence_init signature
ffi/src/connector/state.rs	Updated match to handle ConnectionInitiationSendRequest { .. }
ffi/src/connector/config.rs	Introduced vmconnect field and set_vm_connect setter
crates/ironrdp-web/src/session.rs	Added vmconnect: None placeholder with TODO
crates/ironrdp-testsuite-extra/tests/tests.rs	Updated default_client_config to include vmconnect: None
crates/ironrdp-testsuite-core/tests/pcb.rs	Added Hyper-V GUID case in encode_decode_test!
crates/ironrdp-pdu/src/rdp/client_info.rs	Wrote reserved1/2 fields in ExtendedClientOptionalInfo encode
crates/ironrdp-core/src/cursor.rs	Added bytes_written() method
crates/ironrdp-connector/src/lib.rs	Added vmconnect to Config struct
crates/ironrdp-connector/src/credssp.rs	Stored vmconnect in CredsspSequence
crates/ironrdp-connector/src/connection.rs	Added PreconnectionBlob state and updated sequence logic
crates/ironrdp-client/src/rdp.rs	Enhanced debug logging and state matching patterns
crates/ironrdp-client/src/config.rs	Added --vmconnect arg and refactored credential prompts
crates/ironrdp-blocking/src/connector.rs	Passed vmconnect flag into blocking connect_begin
crates/ironrdp-async/src/connector.rs	Passed vmconnect flag into async connect_begin

Comments suppressed due to low confidence (2)

ffi/src/connector/config.rs:45

• [nitpick] The field is named vmconnect, but the setter is set_vm_connect. Consider renaming either the field to vm_connect or the setter to set_vmconnect for consistent snake_case naming.

pub vmconnect: Option<String>,

crates/ironrdp-client/src/config.rs:305

• Defaulting to a literal password ("password") on prompt failure may introduce security risks. Consider returning an error or requiring explicit user input instead of using an insecure fallback.

.unwrap_or_else(|_| "password".to_owned())

[irvingoujAtDevolution]

I don't know why but there's file is blocking fmt from working

error: expected item, found `..`
 --> \\?\C:\dev\IronRDP\crates\ironrdp-testsuite-core\tests\server\fast_path.rs:1:1
  |
1 | ../../../ironrdp-server/src/encoder/fast_path.rs
  | ^^ expected item
  |
  = note: for a full list of items that can appear in modules, see <https://doc.rust-lang.org/reference/items.html>

I'm not sure if it suppose to be like this?

[CBenoit]

I don't know why but there's file is blocking fmt from working

error: expected item, found `..`
 --> \\?\C:\dev\IronRDP\crates\ironrdp-testsuite-core\tests\server\fast_path.rs:1:1
  |
1 | ../../../ironrdp-server/src/encoder/fast_path.rs
  | ^^ expected item
  |
  = note: for a full list of items that can appear in modules, see <https://doc.rust-lang.org/reference/items.html>

I'm not sure if it suppose to be like this?

Looks like the symlink was not handled properly. I think you can actually enable an option in git for that, verify you enabled it:

git config --global core.symlinks true

You may need re-clone the repository, though there may be alternate ways of fixing this.

[CBenoit]

question: What is the purpose of this field? I don’t see where it is used

[CBenoit]

issue: Remove this method. You can use pos() instead which is the same thing. Also, strictly speaking, it’s not necessarily the number of bytes written because it’s possible to "rewind" the cursor.

[CBenoit]

question: Did you fix a bug? Could you elaborate on that? Please, open a separate PR dedicated to this with a fix commit type.

[CBenoit]

issue: I think this test case does nothing more than the one just above, so let’s not add it

[CBenoit]

issue: We already support a pcb extension. My understanding is that all you need to do is te place a UUID into it. No need to add extra parameters.

[CBenoit]

issue: I don’t think we should expose a vmconnect option. Also, since the PCB is something outside of the RDP protocol itself, let’s not handle it in the connector at all.

[CBenoit]

nitpick: Add a debug! log before TcpStream::connect instead

[CBenoit]

suggestion: I think you could use a Uuid type here

[CBenoit]

General review: do not add knowledge of the PCB into ironrdp-connector, since it’s outside of the RDP connection sequence itself. Instead, I think it’s fine to have this code in ironrdp-client directly.

Also, it would be worth adding a --pcb parameter that would cover much more use cases. It does not seems necessary to have a "vmconnect" parameter that is a special case of the pcb string, but if you really want to add a parameter, configure clap so that these options are "conflicting".

[irvingoujAtDevolution]

You might be right, let me draft this PR, I need to make some experiment on another branch

[irvingoujAtDevolution]

Closed in favor of #841