libfreerdp-core: fix check for null certificate

This commit is contained in:
Marc-André Moreau 2013-01-25 13:47:56 -05:00
parent f6080b0c22
commit abca3f8c10
5 changed files with 28 additions and 23 deletions

View File

@ -558,20 +558,20 @@ BOOL certificate_read_server_x509_certificate_chain(rdpCertificate* certificate,
* @param length certificate length
*/
BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* server_cert, int length)
int certificate_read_server_certificate(rdpCertificate* certificate, BYTE* server_cert, int length)
{
STREAM* s;
UINT32 dwVersion;
BOOL ret = TRUE;
int status = 1;
if (length < 1)
{
DEBUG_CERTIFICATE("null server certificate\n");
return FALSE;
return 0;
}
if (length < 4)
return FALSE;
return -1;
s = stream_new(0);
stream_attach(s, server_cert, length);
@ -581,20 +581,22 @@ BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* serv
switch (dwVersion & CERT_CHAIN_VERSION_MASK)
{
case CERT_CHAIN_VERSION_1:
ret = certificate_read_server_proprietary_certificate(certificate, s);
status = certificate_read_server_proprietary_certificate(certificate, s);
break;
case CERT_CHAIN_VERSION_2:
ret = certificate_read_server_x509_certificate_chain(certificate, s);
status = certificate_read_server_x509_certificate_chain(certificate, s);
break;
default:
printf("invalid certificate chain version:%d\n", dwVersion & CERT_CHAIN_VERSION_MASK);
status = -1;
break;
}
free(s);
return ret;
return status;
}
rdpRsaKey* key_new(const char* keyfile)

View File

@ -49,7 +49,7 @@ void certificate_free_x509_certificate_chain(rdpX509CertChain* x509_cert_chain);
BOOL certificate_read_server_proprietary_certificate(rdpCertificate* certificate, STREAM* s);
BOOL certificate_read_server_x509_certificate_chain(rdpCertificate* certificate, STREAM* s);
BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* server_cert, int length);
int certificate_read_server_certificate(rdpCertificate* certificate, BYTE* server_cert, int length);
rdpCertificate* certificate_new();
void certificate_free(rdpCertificate* certificate);

View File

@ -32,16 +32,16 @@
enum CONNECTION_STATE
{
CONNECTION_STATE_INITIAL = 0,
CONNECTION_STATE_NEGO,
CONNECTION_STATE_MCS_CONNECT,
CONNECTION_STATE_MCS_ERECT_DOMAIN,
CONNECTION_STATE_MCS_ATTACH_USER,
CONNECTION_STATE_MCS_CHANNEL_JOIN,
CONNECTION_STATE_ESTABLISH_KEYS,
CONNECTION_STATE_LICENSE,
CONNECTION_STATE_CAPABILITY,
CONNECTION_STATE_FINALIZATION,
CONNECTION_STATE_ACTIVE
CONNECTION_STATE_NEGO = 1,
CONNECTION_STATE_MCS_CONNECT = 2,
CONNECTION_STATE_MCS_ERECT_DOMAIN = 3,
CONNECTION_STATE_MCS_ATTACH_USER = 4,
CONNECTION_STATE_MCS_CHANNEL_JOIN = 5,
CONNECTION_STATE_ESTABLISH_KEYS = 6,
CONNECTION_STATE_LICENSE = 7,
CONNECTION_STATE_CAPABILITY = 8,
CONNECTION_STATE_FINALIZATION = 9,
CONNECTION_STATE_ACTIVE = 10
};
BOOL rdp_client_connect(rdpRdp* rdp);

View File

@ -870,7 +870,7 @@ BOOL gcc_read_server_security_data(STREAM* s, rdpSettings* settings)
data = settings->ServerCertificate;
length = settings->ServerCertificateLength;
if (!certificate_read_server_certificate(settings->RdpServerCertificate, data, length))
if (certificate_read_server_certificate(settings->RdpServerCertificate, data, length) < 1)
return FALSE;
}
else

View File

@ -192,8 +192,9 @@ BOOL license_recv(rdpLicense* license, STREAM* s)
return FALSE;
}
if(!rdp_read_security_header(s, &sec_flags))
if (!rdp_read_security_header(s, &sec_flags))
return FALSE;
if (!(sec_flags & SEC_LICENSE_PKT))
{
stream_rewind(s, RDP_SECURITY_HEADER_LENGTH);
@ -205,7 +206,7 @@ BOOL license_recv(rdpLicense* license, STREAM* s)
return TRUE;
}
if(!license_read_preamble(s, &bMsgType, &flags, &wMsgSize)) /* preamble (4 bytes) */
if (!license_read_preamble(s, &bMsgType, &flags, &wMsgSize)) /* preamble (4 bytes) */
return FALSE;
DEBUG_LICENSE("Receiving %s Packet", LICENSE_MESSAGE_STRINGS[bMsgType & 0x1F]);
@ -642,8 +643,9 @@ void license_free_scope_list(SCOPE_LIST* scopeList)
BOOL license_read_license_request_packet(rdpLicense* license, STREAM* s)
{
/* ServerRandom (32 bytes) */
if(stream_get_left(s) < 32)
if (stream_get_left(s) < 32)
return FALSE;
stream_read(s, license->server_random, 32);
/* ProductInfo */
@ -664,12 +666,13 @@ BOOL license_read_license_request_packet(rdpLicense* license, STREAM* s)
/* Parse Server Certificate */
if (!certificate_read_server_certificate(license->certificate,
license->server_certificate->data, license->server_certificate->length))
license->server_certificate->data, license->server_certificate->length) < 0)
return FALSE;
license_generate_keys(license);
license_generate_hwid(license);
license_encrypt_premaster_secret(license);
return TRUE;
}