mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
19,715 Commits 6 Branches 74 Tags 84 MiB
0146deb4c0
Commit Graph

576 Commits

Author SHA1 Message Date
Armin Novak
0146deb4c0
[crypto,tls] global certificate configuration 
Add a global configuration file which allows predefined settings for
certificate handling.
 2024-10-02 23:28:03 +02:00
akallabeth
239440e28d
[warnings] remove or comment unused macros 2024-09-20 18:49:38 +02:00
akallabeth
ba41d5e532
[warnings] fix unchecked return 2024-09-15 09:08:02 +02:00
akallabeth
5f2ed9b8ce
[crypto,tls] explicitly cast function pointer 2024-09-14 08:24:40 +02:00
akallabeth
afff514ca7
[compiler] add WINPR_ATTR_MALLOC 
Add WINPR_ATTR_MALLOC checks to allocating functions to help compilers
find memory leaks or allocation mismatches
 2024-09-12 20:09:22 +02:00
akallabeth
384cd284d8
[warnings] use WINPR_CAST_CONST_AWAY 
on locations that require (ugly) const to non const casts usw
WINPR_CAST_CONST_AWAY to do proper compiler specific casts to avoid
warnings
 2024-09-11 23:41:50 +02:00
akallabeth
9738fc40f3
Merge pull request #10548 from akallabeth/serial-port 
[BSD] build-serial-port
 2024-09-09 09:41:12 +02:00
akallabeth
245afb706c
[function pointers] unify casts with macro 2024-09-04 20:06:45 +02:00
akallabeth
9776cc109e
[crypto,tls] simplify function pointer cast 2024-09-04 20:06:40 +02:00
akallabeth
e37dffaca4
[crypto,tls] disable linter warning 
the argument is #ifdefed, so some configurations produce a warning
 2024-09-04 12:50:46 +02:00
akallabeth
5aff241096
Merge pull request #10554 from akallabeth/tidy-silence 
Tidy silence
 2024-09-04 10:35:22 +02:00
akallabeth
3e933203e2 [crypto,tls] fix bad-function-cast 
do silence the compiler warning and add a comment why we do that.
 2024-09-04 09:41:53 +02:00
akallabeth
c5f346488f
[crypto,tls] revert const argument 
with some build options this needs to be writeable.
 2024-09-04 09:03:21 +02:00
akallabeth
190929c018
[warnings] fix function pointer casts 2024-08-30 15:40:01 +02:00
akallabeth
36c3184a0f
[warnings] fix clang-tidy issues in libfreerdp 2024-08-29 15:34:22 +02:00
akallabeth
9c9d74e920
[warnings] fix redundant casts 2024-08-29 12:03:09 +02:00
akallabeth
1d33095500
[warnings] fix cert-err33-c 
Fix unused return values, cast to void if on purpose
 2024-08-29 10:19:27 +02:00
akallabeth
380c5808a0
Merge pull request #10518 from akallabeth/clang-tidy-cleanup 
Clang tidy cleanup
 2024-08-28 16:36:16 +02:00
Armin Novak
03449da9e9
[warnings] fix uninitialized variables 2024-08-28 10:46:40 +02:00
Armin Novak
d71af44bb1
[warnings] disable warnings for generated code 
* Disable clang-tidy in test build directories
* Disable compiler warnings for test binary directories.

These contain generated code we can not change, so the warnings are just noise
 2024-08-28 09:18:30 +02:00
akallabeth
56d660f258
[cmake] mark dependency includes SYSTEM 
Mark all dependency include paths SYSTEM so warnings from system headers
are excluded from ci warning statistics
 2024-08-26 11:10:49 +02:00
akallabeth
ba7fd06ec4
[coverity] fix some warnings 
* mostly dead store and identical code branches.
* some possible integer overflows
 2024-08-23 12:38:41 +02:00
Armin Novak
17d44e847f
[coverity] fix various warnings 2024-08-21 09:47:34 +02:00
akallabeth
c2d30a07e9
[crypto,cert] add getter for notBefore and notAfter 
Add getters for ceritificate dates notBefore and notAfter. Returns the
date as RFC822 string.
 2024-08-20 12:42:46 +02:00
akallabeth
dac0ae4976
[crypto,cert] extend certificate store API 
Use the certificate PEM without trustchain in the local trust store, but
keep the full PEM with chain for the user facing callbacks.
 2024-08-13 15:56:08 +02:00
akallabeth
22fb6aad31
[crypto,tls] fix AcceptedKey checks 
* Add freerdp_certificate_get_pem_ex to extract PEM for cert only
* Compare only certificate without certificate chain
* Store only certificate PEM without chain for later comparison
 2024-08-13 07:40:07 +02:00
akallabeth
7d2afe4f5a
[crypto,base64] fix sign warnings 2024-07-22 15:08:51 +02:00
akallabeth
45a7e5fd37
[crypto,base64] fix compiler warning 2024-07-22 15:08:43 +02:00
akallabeth
1de8f5a7aa
[core,gateway] pass rdpContext 
* pass rdpContext to freerdp_tls_new
* check freerdp_shall_disconnect_context in http_response_recv
 2024-06-27 08:42:08 +02:00
akallabeth
0633623b6d
Merge pull request #10281 from mfleisz/fix/cert-chain-pem 
crypto: Fix handling of cert chain in get PEM function
 2024-06-17 18:24:16 +02:00
akallabeth
d9473be307
[crypto,base64] force signed char 
for lookup force signed char to avoid (unsigned)-1 casts
 2024-06-17 17:02:41 +02:00
Martin Fleisz
7368c65240 crypto: Fix handling of cert chain in get PEM function 2024-06-17 14:48:15 +02:00
akallabeth
87ee8f5b77
[crypto,base64] use lookup tables 2024-06-08 08:34:02 +02:00
akallabeth
a93658cd06
[crypto,base64] apply INLINE and WINPR_RESTRICT 2024-06-07 12:32:16 +02:00
Armin Novak
8d783d5189
[covertity] fix various warnings 2024-06-05 09:19:59 +02:00
akallabeth
53d8e0f203
[crypto,tls] fix missing return 2024-05-25 09:17:06 +02:00
akallabeth
ef86df9a26
[crypto,tls] log BIO_do_handshake errors 
add proper logging to make details of failures auditable
 2024-05-23 14:48:39 +02:00
akallabeth
71e78bedd7 [warnings] fixed sign and const 
* fix various char/BYTE sign warnings
* fix various const warnings
* fix format string size_t
* remove unused CMake variables
 2024-04-18 11:05:58 +02:00
Ilya Shipitsin
25edec803b libfreerdp/crypto/certificate.c: handle malloc error 2024-04-06 07:11:14 +02:00
akallabeth
31a131b9e4 [crypto,cert] follow up to #10002 
Ensure we always compare the lowercase hostname when looking for a
stored certificate or calculating a hash.
 2024-03-21 15:07:58 +01:00
akallabeth
f98d0dd60a [crypto,cert] allow NULL certificate 
If a certificate can not be read and is NULL return NULL for all queries
on that NULL certificate. Fixes #10002
 2024-03-21 14:26:37 +01:00
akallabeth
6a7c375831 [crypto,cert] add better logging of certificate read 
add missing log entries for possible failures due to invalid data
received. This allows better debugging if a server sends garbage or the
crypto routines have direct RSA routine access disabled.
 2024-03-07 14:59:32 +01:00
David Fort
aebe9742e0 [client,win32] Child session fixes 
It seems like WaitFor[Single|Multiple]Object calls aren't reliable on pipes, especially
on the pipe opened for childSession access. The object can be marked as signaled even if
no data is available, making the connection laggy and unresponsive (nearly unusable in some
cases).
This patch works around that by using ReadFileEx() with overlapped instead of simple
ReadFile() and use asynchronous reads.
 2024-03-01 09:46:53 +01:00
amazingfate
e21afefb86 fix build with openssl < 1.1.1 2024-02-23 12:45:36 +01:00
akallabeth
d7ebec5a65 [tidy] move loop variable declaration to loop 2024-02-22 12:31:50 +01:00
akallabeth
0ba995655d [clang-tidy] cppcoreguidelines-init-variables 2024-02-15 11:49:16 +01:00
akallabeth
207def5c56 [clang-tidy] readability-isolate-declaration 2024-02-15 11:49:16 +01:00
David Benjamin
72bc3578a0 clang-format 2024-02-07 07:53:37 +01:00
David Benjamin
7548be62c3 Support RSA-PSS certificates in x509_utils_get_signature_alg 
RSA-PSS in X.509 is truly horrible, and OpenSSL does not expose very good APIs
to extract this, even though the library does handle it internally. Instead, we
must tediously unwrap RFC 4055's unnecessarily complicated encoding of
RFC 8017's unnecessarily flexible RSA-PSS definition.
 2024-02-07 07:53:37 +01:00
David Benjamin
f987e304ee Add some tests for x509_utils_get_signature_alg 
Temporarily disable the RSA-PSS tests for now, but this is enough for a
regression test for the previous issue.
 2024-02-07 07:53:37 +01:00