Commit Graph

544 Commits

Author SHA1 Message Date
Brent Collins
5284100bb0 FIPS_mode() and FIPS_mode_set() does not exist in OpenSSL versions before 1.0.1 2017-11-17 12:43:06 +01:00
Brent Collins
d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode.
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
2017-11-17 12:43:06 +01:00
David Fort
0d92c725c6
Merge pull request #4000 from akallabeth/ign_keyword_fix
Command line ignore empty if flag set
2017-11-16 13:26:01 +01:00
Armin Novak
f24158fe07 Fixed missing function return check. 2017-11-15 15:56:24 +01:00
Armin Novak
0aa5a83536 Fixed multiple warnings in parser 2017-11-15 15:56:21 +01:00
Armin Novak
26d079e53b Fixed compile warnings. 2017-11-15 15:54:38 +01:00
Armin Novak
4eb5b8e349 Replaced atoi 2017-11-15 15:52:16 +01:00
Armin Novak
8c2bd951ae Allow printing of custom arguments in help. 2017-11-15 15:25:34 +01:00
Armin Novak
bcfa434da2 Fixed resizing of PubSub 2017-09-25 13:33:04 +02:00
Bernhard Miklautz
52fbfb7b12 fix clang warnings, directly include wtypes.h (#4097)
* build: clang use -Wno-unused-command-line-argument

With clang 5.0 builds are quite noisy otherwise.

* Directly include wtypes.h

Directly include winpr/wtypes.h where _fseeki64 or _ftelli64 is used.

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning: parentheses-equality

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning: tautological-compare

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning:
incompatible pointer types passing 'size_t *' (aka 'unsigned
long *') to parameter of type 'UINT32 *' (aka 'unsigned int *')
[-Wincompatible-pointer-types]
2017-08-29 09:09:38 +02:00
Armin Novak
c3d4b7d262 fseeko and ftello for 64bit file support. 2017-08-14 08:42:49 +02:00
Valery Kartel
9bf9ff9e8a Fix build with LibreSSL 2017-07-26 17:12:14 +03:00
Armin Novak
0490aeb018 Fixed clang malloc integer overflow warnings. 2017-07-20 09:29:48 +02:00
Armin Novak
33a153c07d Command line ignore empty if flag set
When CommandLineParseArgumentsA is called with flag
COMMAND_LINE_IGN_UNKNOWN_KEYWORD return success if the
command line is empty.
2017-06-12 12:23:10 +02:00
Armin Novak
4be62f7047 Fixed OpenSSL 1.1 no legacy compile issues. 2017-04-06 11:25:25 +02:00
Armin Novak
09d43a66f4 Fixed tests and dead store warnings. 2017-03-28 16:49:56 +02:00
Aric Belsito
70ab61c8e6
Support LibreSSL
Broken by the addition of OpenSSL 1.1.0 support.
2017-03-19 13:58:24 -07:00
Armin Novak
3b56cd652f Fix format string is not a string literal 2017-03-14 10:56:00 +01:00
Alexander Zakharov
3f139108ff Fix Stack_Peek 2017-03-13 15:45:27 +03:00
Armin Novak
b574e196d9 Fixed WLog_PrintMessagePrefixVA
WLog_PrintMessagePrefixVA is called with format being a stack variable.
Always copy the data to message->PrefixString otherwise the information
will be lost whenever the stack is destroyed.
2017-03-03 14:11:28 +01:00
Armin Novak
99c45405cb Fixed GetEnvironmentVariable. 2017-03-03 12:43:00 +01:00
Armin Novak
b2c29158be Scanbuild warning, argument checks and leak fixes.
* Added Stream_GetRemainingCapacity to check remaining stream size
  before writes.
* Fixed shadow server memory leak.
* Fixed lots of scanbuild warnings
* Added missing argument checks in many functions
* Added missing static function declarations
2017-03-02 18:13:43 +01:00
Armin Novak
e9b5d78673 Fixed scanbuild warnings. 2017-02-20 14:28:33 +01:00
Armin Novak
c249705085 Fixed scanbuild warnings. 2017-02-20 13:45:19 +01:00
Armin Novak
198bc6d9e1 Fixed compiler warnings. 2017-02-16 13:17:49 +01:00
pony
a57adc3fde libwinpr-utils: fix 3 logic errors 2017-02-15 10:08:53 +01:00
Ilya Shipitsin
102913e808 make cppcheck a bit happier:
[channels/printer/client/printer_cups.c:103]: (error) Resource leak: fp
[server/Mac/mf_event.c:195]: (error) Memory leak: event_queue
[server/shadow/shadow_capture.c:233]: (error) Memory leak: capture
[winpr/libwinpr/sspi/test/TestSchannel.c:440]: (error) Memory leak: lpTokenIn
[winpr/libwinpr/thread/argv.c:198]: (error) Memory leak: lpEscapedChars
[winpr/libwinpr/utils/sam.c:312]: (error) Memory leak: entry
2017-01-25 17:09:25 +05:00
Norbert Federa
71ce3378da Merge pull request #3665 from realjiangms/fix_ssl_add_all_digests
Winpr/openssl: Fix digests initialization in multi-thread
2017-01-13 09:46:14 +01:00
Martin Fleisz
ac090520c3 Fix compilation with OpenSSL 1.1.0 using MSVC 2017-01-09 16:43:28 +01:00
zihao.jiang
a505a6cd27 Winpr/openssl: Fix digests initialization in multi-thread
SSL functions like OpenSSL_add_all_digests should be invoked at very beginning as they are not MT safe.
If not we might meet double free exception as following:

 #0  0x00007f23ddd71c37 in raise () from /lib/x86_64-linux-gnu/libc.so.6
 #1  0x00007f23ddd75028 in abort () from /lib/x86_64-linux-gnu/libc.so.6
 #2  0x00007f23dddae2a4 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
 #3  0x00007f23dddba55e in ?? () from /lib/x86_64-linux-gnu/libc.so.6
 #4  0x00007f23dc6ecfcd in CRYPTO_free () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 #5  0x00007f23dc6ef8d1 in OBJ_NAME_add () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 #6  0x00007f23dc77dcd8 in EVP_add_digest () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 #7  0x00007f23dc782321 in OpenSSL_add_all_digests () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 #8  0x00007f23c781da28 in winpr_openssl_get_evp_md (md=4) at /home/zihao/workspace/zihao_FreeRDP/winpr/libwinpr/crypto/hash.c:52
 #9  0x00007f23c781dccb in winpr_Digest_Init (ctx=0x7f22d064d470, md=<optimized out>) at /home/zihao/workspace/zihao_FreeRDP/winpr/libwinpr/crypto/hash.c:344
 #10 0x00007f23d486139b in security_salted_mac_signature (rdp=0x7f23859f5a20, data=0x7f238542d4fb "\004\204\022\004", length=4743, encryption=<optimized out>, output=0x7
     at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/security.c:378
 #11 0x00007f23d488d73f in fastpath_send_update_pdu (fastpath=<optimized out>, updateCode=4 '\004', s=0x7f23859f5f40, skipCompression=true)
     at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/fastpath.c:1076
 #12 0x00007f23d4891c4f in update_send_surface_frame_bits (context=0x7f23859f5540, cmd=0x7f22b2ffcc80, first=true, last=true, frameId=6)
     at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/update.c:1041

Related reports: https://rt.openssl.org/Ticket/Display.html?id=2216&user=guest&pass=guest
2016-12-28 03:48:40 +08:00
Norbert Federa
f71b6b46e8 fix string format specifiers
- fixed invalid, missing or additional arguments
- removed all type casts from arguments
- added missing (void*) typecasts for %p arguments
- use inttypes defines where appropriate
2016-12-16 13:48:43 +01:00
Armin Novak
8a80a10bc3 Fixed format specifier mismatch. 2016-12-02 12:04:53 +01:00
Norbert Federa
c6e6b44143 countless WLog/printf format specifier fixes 2016-11-25 17:06:25 +01:00
Norbert Federa
b2ad9803b7 disable ERR_remove_thread_state if not required 2016-11-25 10:39:20 +01:00
Norbert Federa
53bd98883e winpr/crypt api changes and memory leak fixes
- winpr_HMAC_New() now just returnes the opaque WINPR_HMAC_CTX* pointer
  which has to be passed to winpr_HMAC_Init() for (re)initialization
  and since winpr_HMAC_Final() no more frees the context you always have to
  use the new function winpr_HMAC_Free() once winpr_HMAC_New() has succeded

- winpr_Digest_New() now just returns the opaque WINPR_DIGEST_CTX* pointer
  which has to be passed to winpr_Digest_Init() for (re)initialization
  and since winpr_Digest_Final() no more frees the context you always have to
  use the new function winpr_Digest_Free() once winpr_Digest_New() has succeded
2016-11-24 18:27:29 +01:00
Norbert Federa
7befab856c Support for OpenSSL 1.1.0 2016-11-24 17:50:09 +01:00
Armin Novak
943e295714 WLog using C99 compatible variadic macros. 2016-10-07 14:05:27 +02:00
Armin Novak
44b8756617 Warning fixes. 2016-10-06 13:43:10 +02:00
Armin Novak
a3fd9bf5af Fixed warnings. 2016-10-06 13:43:10 +02:00
Martin Fleisz
71765b72e3 Merge pull request #3284 from ondrejholy/endianness
Endianness fixes
2016-08-25 08:17:52 +02:00
Marc-André Moreau
801dc0f826 freerdp: add configurable NTLM SAM file option for server-side NLA 2016-07-21 18:58:24 -04:00
Armin Novak
d96fbd1bce Initialise WLog PrefixString for each message type. 2016-07-05 13:00:54 +02:00
Norbert Federa
62d73dcb75 winpr: fix PathMakePathA and TestWLog
PathMakePathA:
- This function had an endless loop if no native delimiter was in the string
- Use SHCreateDirectoryExA on Windows
- Replaced old code with a new implementation

TestWLog:
- Windows has no "/tmp" by default
- Use GetKnownPath(KNOWN_PATH_TEMP) for the WLog "outputfilepath"
2016-06-13 19:19:28 +02:00
Ondrej Holy
44ce6b02ed winpr/stream: Make TestStream endian-independent
The TestStream_PeekAndRead expects LE byte order and consequently
fails on BE. Change the test to be endian-independent.
2016-05-31 16:04:16 +02:00
Norbert Federa
e8c4910e2e fix segfaults casused by size_t format specifier
win32/msvc cc does not recognize the %z format specifier which caused
invalid references and segfaults on win32.
Until FreeRDP gets format specifier macros we'll cast size_t to
unsigned long and use the %lu specifier.

Also simplified winpr_backtrace_symbols() a little bit and fixed it
to allocate the correct amount of bytes for the return buffer.
2016-05-27 15:55:28 +02:00
Armin Novak
eacf2b542e Fixed memory leaks. 2016-05-12 10:01:30 +02:00
Marc-André Moreau
915b9a15b1 Merge branch 'master' of github.com:FreeRDP/FreeRDP
Conflicts:
	winpr/libwinpr/bcrypt/CMakeLists.txt
2016-05-11 11:05:17 -04:00
Armin Novak
ee186bec73 ListDictionary handle NULL list argument. 2016-04-26 09:34:12 +02:00
Marc-André Moreau
8fcc2aabf1 Merge branch 'master' of github.com:awakecoding/FreeRDP 2016-03-30 10:47:01 -04:00
Marc-André Moreau
9211f44e46 Merge branch 'master' of github.com:FreeRDP/FreeRDP 2016-03-15 20:19:15 -04:00
Hardening
19494bd75a Make systemd appender honor layout and log off 2016-03-10 23:41:12 +01:00
Marc-André Moreau
c78a142388 Merge branch 'master' of github.com:awakecoding/FreeRDP 2016-03-07 21:21:17 -05:00
Marc-André Moreau
d61c2d4535 winpr: fix ini utils leak 2016-03-07 21:21:06 -05:00
Marc-André Moreau
ceefc4b099 Merge branch 'master' of github.com:FreeRDP/FreeRDP 2016-03-07 10:19:50 -05:00
Armin Novak
ee2839fc7f Caching log filter after first use.
Reduce runtime penalty for log level checks by
remembering the log level found during first call.
2016-03-03 12:43:39 +01:00
Armin Novak
0ea7aea6d9 Remember filter log level. 2016-03-02 19:07:32 +01:00
Armin Novak
41fdac2667 Respecting filter in WLog_GetLogLevel 2016-03-02 14:11:15 +01:00
Bernhard Miklautz
e02af8287e Merge pull request #3160 from akallabeth/stream_fixes
Stream fixes
2016-03-01 16:44:19 +01:00
Armin Novak
a79072a87c Added tests for remaining stream functions. 2016-03-01 12:58:09 +01:00
Armin Novak
1036f1e296 Fixed default visibility.
When nothing is declared, only export symbols defined
with WINPR_API or FREERDP_API defined.
Override this setting if BUILD_TESTING to allow tests
access to internal functions usually not exposed.
2016-02-26 19:44:14 +01:00
Armin Novak
f997421098 Unified hmac functions. 2016-02-24 21:50:08 +01:00
Marc-André Moreau
0547a31832 winpr: fix ini loader on Windows 2016-02-10 10:51:33 -05:00
Marc-André Moreau
d0f413db12 winpr: initial port to Universal Windows Platform (UWP) 2016-02-05 16:28:45 -05:00
Marc-André Moreau
bfca674f2d Merge branch 'master' of github.com:FreeRDP/FreeRDP 2016-02-05 11:39:45 -05:00
Martin Fleisz
56a0c4c336 Merge pull request #3097 from akallabeth/android_api_upgrade_v4
Android api upgrade and restructuring
2016-02-04 16:20:59 +01:00
Armin Novak
f835744a88 Removed unused variable. 2016-02-03 12:45:49 +01:00
Armin Novak
d1c59f7574 Fixed invalid boolean check. 2016-02-03 11:23:41 +01:00
Armin Novak
61633a1c66 Fixed android build issues. 2016-02-01 15:21:07 +01:00
MartinHaimberger
83b706c4be Merge pull request #3092 from akallabeth/get_build_config
Added get_build_config functions.
2016-01-28 15:23:24 +01:00
Armin Novak
035f127081 Added get_build_config functions. 2016-01-28 14:26:50 +01:00
Armin Novak
c2515340c3 Fixed return value of WLog_FileAppender_WriteImageMessage 2016-01-28 12:08:57 +01:00
Martin Fleisz
7294a7f27d Merge pull request #3078 from akallabeth/wlog_cmd_options
Added new command line options for logger.
2016-01-28 10:33:17 +01:00
David PHAM-VAN
3d22cbe2b8 Fix png image loading that needed write access 2016-01-27 11:02:16 -08:00
Armin Novak
06adbc971a Fixed realloc check, renamed filter variable. 2016-01-27 11:21:04 +01:00
Armin Novak
46a079fcb6 Added new command line options for logger.
The new command line options /log-level:<level> and
/log-filters:<filter>:<level> allow setting default log
level and log module filter to be set.
2016-01-23 15:16:13 +01:00
Armin Novak
d2ab27626a Fix memory leak in lodepng_zlib_compress 2016-01-15 10:16:08 +01:00
Bernhard Miklautz
7c03db342c add parameter buildconfig
Extend winpr and client/common to support a new option "/buildconfig".
When used build the following build specific information is print:
* cmake options
* cflags
* compiler
* target architecture
* cmake build type
2016-01-12 17:32:33 +01:00
Armin Novak
03a1ff814d Fixed unused warnings. 2015-12-16 15:15:46 +01:00
Armin Novak
d0e3528c8e Added winpr_strerror function. 2015-12-09 18:27:37 +01:00
Xiaodong Qi
602d2715a2 Fix compilation error under Visual Studio 2010
Visual Studio 2010 use a compiler that supports only C89, which
only supports declaring variable at top of a local scope. Moving
scope variable to the top of function should solve this problem.
2015-11-29 00:14:29 +08:00
Marc-André Moreau
2f5d159448 winpr: fix WinXP backwards compatibility 2015-11-25 13:46:10 -05:00
Bernhard Miklautz
bff63b3ee2 wlog: cleanup API includes
Only include necessary header files.
2015-11-10 16:29:09 +01:00
Bernhard Miklautz
be0845b46c wlog/journald: don't set a default identifier
Don't set the identifier to "winpr" as default value because journald
will use the programs name as default if no identifier is set.
This way a program using WLog doesn't need to set an identifier (except
it want something different then it's name).
2015-11-10 13:40:52 +01:00
Bernhard Miklautz
34c707304b wlog: change variable naming and fix documentation
* change State to active and make it BOOL since it's only got two
  used values
* fix some typos in the documentation
2015-11-10 12:05:23 +01:00
Bernhard Miklautz
25137988fe wlog: fix build on windows 2015-11-09 19:47:51 +01:00
Bernhard Miklautz
57f952bbbc wlog: fix android build 2015-11-09 19:37:02 +01:00
Bernhard Miklautz
67368b2ec7 Adapt error level for debug messages
When using xfreerdp a regular invocation should really only report grave
problems as error. "Regular" messages should be either info or even
debug.
2015-11-09 18:27:38 +01:00
Bernhard Miklautz
07417599ce wlog: rework, cleanup and stabilize API
* only expose necessary functions and types in header
* don't expose appender internals
* add generic function WLog_ConfigureAppender to have the possibility
  to configure appender specific settings
* detect appender availability if WLog_SetLogAppenderType or
  WLog_Appender_New return FALSE or NULL respectively the appender isn't
  available or the initialization failed. This is very useful for the
  use with optional appenders.
* add Free to the appender interface. At the time of the Free the
  appender is known and available so it can be called directly (instead
  of calling the right function according to the type)
* make all appender internal function static
* all appenders return the generic wLogAppender type now. Typecasts
  are internally done where necessary this abstracts the appenders more
  cleanly
2015-11-09 18:25:45 +01:00
David FORT
458aaa1213 Take in account @nfedera's remarks 2015-11-06 23:17:11 +01:00
David FORT
5fbf26acf2 Add an UDP appender to wLog
This appender allows to receive the logs over a network connection using UDP packets.
You can see the logs using a listening netcat, for example: nc -ul 127.0.0.1 20000.
2015-11-04 18:11:19 +01:00
Hardening
3d6e1fb418 Merge pull request #2951 from bmiklautz/friday
Misc fixes
2015-11-02 10:50:16 +01:00
David FORT
2a8de84342 Take in account @bmiklautz remarks
* I have added a function to set the journal identifier
* the appender name has been changed from SYSTEMD to JOURNALD
2015-11-01 21:34:03 +01:00
David FORT
e3915b66b7 Fix the env var leak 2015-10-30 20:22:25 +01:00
David FORT
89156e53b7 Use unbuffered output 2015-10-30 20:20:42 +01:00
David FORT
9ea301983d Adds a systemd journal appender 2015-10-30 14:50:14 +01:00
Bernhard Miklautz
a011719831 Merge pull request #2940 from hardening/syslog_appender
Add a wLog syslog appender
2015-10-29 18:44:14 +01:00
David FORT
8d2aadfccd Fixed a warning 2015-10-29 18:33:42 +01:00
David FORT
c2a322f4d0 Support syslog type for the WLOG_APPENDER env var 2015-10-29 18:31:22 +01:00
Bernhard Miklautz
ab05a79c21 winpr/stream: don't allow 0-size streams 2015-10-23 18:38:41 +02:00
Bernhard Miklautz
a9d81ad083 winpr: fix compiler warning
winpr/libwinpr/utils/wlog/wlog.c: In function ‘WLog_PrintMessageVA’:
winpr/libwinpr/utils/wlog/wlog.c:234:7: warning: ‘status’ may be
		used uninitialized in this function [-Wmaybe-uninitialized]
	BOOL status;
	      ^

gcc 4.9.2
2015-10-23 18:37:39 +02:00