mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed missing encrypt / decrypt success check.

Browse Source 
The return of EncryptMessage and DecryptMessage was unchecked.
This lead to PLAINTEXT to be sent over the wire, a major security
issue.
This commit is contained in:
Martin Fleisz 2015-07-08 14:32:01 +02:00 committed by Armin Novak
parent 48ccf73a36
commit 9a2d33af12
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
libfreerdp/core/nla.c
View File

@ -45,7 +45,7 @@
#define TAG FREERDP_TAG("core.nla")
#define SERVER_KEY "Software\\"FREERDP_VENDOR_STRING"\\" \
FREERDP_PRODUCT_STRING"\\Server"
FREERDP_PRODUCT_STRING"\\Server"
/**
* TSRequest ::= SEQUENCE {
@ -430,9 +430,9 @@ int nla_client_recv(rdpNla* nla)
return -1;
}
nla_encrypt_public_key_echo(nla);
nla->status = nla_encrypt_public_key_echo(nla);
if (nla->status != SEC_E_OK)
return -1;
}
else if (nla->outputBuffer.cbBuffer < 1)
return -1;
@ -746,7 +746,9 @@ int nla_server_authenticate(rdpNla* nla)
sspi_SecBufferFree(&nla->negoToken);
nla->negoToken.pvBuffer = NULL;
nla->negoToken.cbBuffer = 0;
nla_encrypt_public_key_echo(nla);
nla->status = nla_encrypt_public_key_echo(nla);
if (nla->status != SEC_E_OK)
return -1;
}
if ((nla->status != SEC_E_OK) && (nla->status != SEC_I_CONTINUE_NEEDED))
@ -908,7 +910,7 @@ SECURITY_STATUS nla_encrypt_public_key_echo(rdpNla* nla)
if (status != SEC_E_OK)
{
WLog_ERR(TAG, "EncryptMessage status %s [%08X]",
GetSecurityStatusString(nla->status), nla->status);
GetSecurityStatusString(status), status);
return status;
}