libfreerdp-core: fix check for null certificate
This commit is contained in:
parent
f6080b0c22
commit
abca3f8c10
@ -558,20 +558,20 @@ BOOL certificate_read_server_x509_certificate_chain(rdpCertificate* certificate,
|
||||
* @param length certificate length
|
||||
*/
|
||||
|
||||
BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* server_cert, int length)
|
||||
int certificate_read_server_certificate(rdpCertificate* certificate, BYTE* server_cert, int length)
|
||||
{
|
||||
STREAM* s;
|
||||
UINT32 dwVersion;
|
||||
BOOL ret = TRUE;
|
||||
int status = 1;
|
||||
|
||||
if (length < 1)
|
||||
{
|
||||
DEBUG_CERTIFICATE("null server certificate\n");
|
||||
return FALSE;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (length < 4)
|
||||
return FALSE;
|
||||
return -1;
|
||||
|
||||
s = stream_new(0);
|
||||
stream_attach(s, server_cert, length);
|
||||
@ -581,20 +581,22 @@ BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* serv
|
||||
switch (dwVersion & CERT_CHAIN_VERSION_MASK)
|
||||
{
|
||||
case CERT_CHAIN_VERSION_1:
|
||||
ret = certificate_read_server_proprietary_certificate(certificate, s);
|
||||
status = certificate_read_server_proprietary_certificate(certificate, s);
|
||||
break;
|
||||
|
||||
case CERT_CHAIN_VERSION_2:
|
||||
ret = certificate_read_server_x509_certificate_chain(certificate, s);
|
||||
status = certificate_read_server_x509_certificate_chain(certificate, s);
|
||||
break;
|
||||
|
||||
default:
|
||||
printf("invalid certificate chain version:%d\n", dwVersion & CERT_CHAIN_VERSION_MASK);
|
||||
status = -1;
|
||||
break;
|
||||
}
|
||||
|
||||
free(s);
|
||||
return ret;
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
rdpRsaKey* key_new(const char* keyfile)
|
||||
|
@ -49,7 +49,7 @@ void certificate_free_x509_certificate_chain(rdpX509CertChain* x509_cert_chain);
|
||||
|
||||
BOOL certificate_read_server_proprietary_certificate(rdpCertificate* certificate, STREAM* s);
|
||||
BOOL certificate_read_server_x509_certificate_chain(rdpCertificate* certificate, STREAM* s);
|
||||
BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* server_cert, int length);
|
||||
int certificate_read_server_certificate(rdpCertificate* certificate, BYTE* server_cert, int length);
|
||||
|
||||
rdpCertificate* certificate_new();
|
||||
void certificate_free(rdpCertificate* certificate);
|
||||
|
@ -32,16 +32,16 @@
|
||||
enum CONNECTION_STATE
|
||||
{
|
||||
CONNECTION_STATE_INITIAL = 0,
|
||||
CONNECTION_STATE_NEGO,
|
||||
CONNECTION_STATE_MCS_CONNECT,
|
||||
CONNECTION_STATE_MCS_ERECT_DOMAIN,
|
||||
CONNECTION_STATE_MCS_ATTACH_USER,
|
||||
CONNECTION_STATE_MCS_CHANNEL_JOIN,
|
||||
CONNECTION_STATE_ESTABLISH_KEYS,
|
||||
CONNECTION_STATE_LICENSE,
|
||||
CONNECTION_STATE_CAPABILITY,
|
||||
CONNECTION_STATE_FINALIZATION,
|
||||
CONNECTION_STATE_ACTIVE
|
||||
CONNECTION_STATE_NEGO = 1,
|
||||
CONNECTION_STATE_MCS_CONNECT = 2,
|
||||
CONNECTION_STATE_MCS_ERECT_DOMAIN = 3,
|
||||
CONNECTION_STATE_MCS_ATTACH_USER = 4,
|
||||
CONNECTION_STATE_MCS_CHANNEL_JOIN = 5,
|
||||
CONNECTION_STATE_ESTABLISH_KEYS = 6,
|
||||
CONNECTION_STATE_LICENSE = 7,
|
||||
CONNECTION_STATE_CAPABILITY = 8,
|
||||
CONNECTION_STATE_FINALIZATION = 9,
|
||||
CONNECTION_STATE_ACTIVE = 10
|
||||
};
|
||||
|
||||
BOOL rdp_client_connect(rdpRdp* rdp);
|
||||
|
@ -870,7 +870,7 @@ BOOL gcc_read_server_security_data(STREAM* s, rdpSettings* settings)
|
||||
data = settings->ServerCertificate;
|
||||
length = settings->ServerCertificateLength;
|
||||
|
||||
if (!certificate_read_server_certificate(settings->RdpServerCertificate, data, length))
|
||||
if (certificate_read_server_certificate(settings->RdpServerCertificate, data, length) < 1)
|
||||
return FALSE;
|
||||
}
|
||||
else
|
||||
|
@ -192,8 +192,9 @@ BOOL license_recv(rdpLicense* license, STREAM* s)
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if(!rdp_read_security_header(s, &sec_flags))
|
||||
if (!rdp_read_security_header(s, &sec_flags))
|
||||
return FALSE;
|
||||
|
||||
if (!(sec_flags & SEC_LICENSE_PKT))
|
||||
{
|
||||
stream_rewind(s, RDP_SECURITY_HEADER_LENGTH);
|
||||
@ -205,7 +206,7 @@ BOOL license_recv(rdpLicense* license, STREAM* s)
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
if(!license_read_preamble(s, &bMsgType, &flags, &wMsgSize)) /* preamble (4 bytes) */
|
||||
if (!license_read_preamble(s, &bMsgType, &flags, &wMsgSize)) /* preamble (4 bytes) */
|
||||
return FALSE;
|
||||
|
||||
DEBUG_LICENSE("Receiving %s Packet", LICENSE_MESSAGE_STRINGS[bMsgType & 0x1F]);
|
||||
@ -642,8 +643,9 @@ void license_free_scope_list(SCOPE_LIST* scopeList)
|
||||
BOOL license_read_license_request_packet(rdpLicense* license, STREAM* s)
|
||||
{
|
||||
/* ServerRandom (32 bytes) */
|
||||
if(stream_get_left(s) < 32)
|
||||
if (stream_get_left(s) < 32)
|
||||
return FALSE;
|
||||
|
||||
stream_read(s, license->server_random, 32);
|
||||
|
||||
/* ProductInfo */
|
||||
@ -664,12 +666,13 @@ BOOL license_read_license_request_packet(rdpLicense* license, STREAM* s)
|
||||
|
||||
/* Parse Server Certificate */
|
||||
if (!certificate_read_server_certificate(license->certificate,
|
||||
license->server_certificate->data, license->server_certificate->length))
|
||||
license->server_certificate->data, license->server_certificate->length) < 0)
|
||||
return FALSE;
|
||||
|
||||
license_generate_keys(license);
|
||||
license_generate_hwid(license);
|
||||
license_encrypt_premaster_secret(license);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user