mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,185 Commits 6 Branches 74 Tags
Commit Graph

2363 Commits

Author SHA1 Message Date
Greg V
bfe3af4c72 Fix LibreSSL build 
LibreSSL does not support FIPS mode.
 2017-12-01 18:34:48 +03:00
Armin Novak
78a0c4c618 Fix #4296: Hardened command line post filter. 2017-12-01 13:13:21 +01:00
akallabeth
0cb5907664
Merge pull request #4275 from ondrejholy/big-endian-fixes 
Big endian fixes
 2017-12-01 11:24:50 +01:00
akallabeth
ae0fb64656
Merge pull request #4283 from bmiklautz/kfreebsd 
fix build: GNU/kFreeBSD
 2017-11-28 09:19:58 +01:00
David Fort
2f4a2f8595
Merge pull request #4272 from akallabeth/static_channel_checks 
Fix #3378: 31 static channels are supported.
 2017-11-27 22:46:23 +01:00
Bernhard Miklautz
0da2fb6915 fix/build: handle GNU/kFreeBSD like other BSDs 
Based on a patch for Debian from
Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
 2017-11-27 17:04:52 +01:00
Mike Gabriel
d4af7eaa59 fix/build: GNU/kFreeBSD is not FreeBSD 2017-11-27 17:04:52 +01:00
Bernhard Miklautz
50105c8157
Merge pull request #3991 from akallabeth/stream_string_helper 
Stream convenience functions to read/write strings.
 2017-11-27 11:49:46 +01:00
Armin Novak
c91900dfb3 Fixed big endian issues with bitmap read. 2017-11-24 12:03:46 +01:00
Ondrej Holy
e5574f276a winpr/nt: Fix wide char string on big endian 
Wide char strings are always little endian encoded and thus
Data_Write_UINT16 has to be used in _RtlAnsiStringToUnicodeString.
It fixes TestIoDevice on big endian machines among others.

https://github.com/FreeRDP/FreeRDP/issues/4231
 2017-11-23 20:01:01 +01:00
Armin Novak
377bfeb227 Fix #3378: 31 static channels are supported. 2017-11-23 16:18:44 +01:00
akallabeth
71e38a4ce7
Merge pull request #4267 from ondrejholy/autofips 
Enable FIPS mode automatically
 2017-11-23 10:49:15 +01:00
Ondrej Holy
6973b14eed Enable FIPS mode automatically 
FreeRDP aborts if OpenSSL operates in FIPS mode and +fipsmode is not
manually specified. Let's prevent the abortion and enable the necessary
options in that case automatically.
 2017-11-23 10:09:17 +01:00
Armin Novak
4fe12b0ea3 Fix #4247: warnings introduced with #3904 2017-11-20 10:18:15 +01:00
akallabeth
b156b937fe
Merge pull request #3904 from bjcollins/master 
FIPS Mode support for xfreerdp
 2017-11-17 13:31:43 +01:00
Martin Fleisz
4ff1251488
Merge pull request #4236 from akallabeth/scan_fix_remastered 
Scanbuild warning fixes
 2017-11-17 13:02:46 +01:00
Armin Novak
1bb4f121b4 Fixed formatting. 2017-11-17 12:45:28 +01:00
Brent Collins
9ca9df1ead Make the new winpr_Digest*MD5_Allow_FIPS functions more generic to no longer be MD5 specific in design. This way the FIPS override 
could easily be extended to more digests in the future. For now, an attempt to use these functions with anything other than MD5 will
not work.
 2017-11-17 12:43:07 +01:00
Brent Collins
922a0fa495 Fix checks for openssl version numbers around fips changes, they were using an incorrect version matching 1.1.0 and not 1.0.1 
Simplify the logic to enable openssl fips mode
 2017-11-17 12:43:07 +01:00
Brent Collins
a0526317ea Fix the return values of the winpr_Digest_Init functions which were accidentally removed 
during rework in previous checkin.
 2017-11-17 12:43:07 +01:00
Brent Collins
68ab485e63 Fix logic error in reworked MD5 call for establishing keys, and fix some minor whitespace issues. 2017-11-17 12:43:07 +01:00
Brent Collins
7aa9e7a97f Fix variable definition placement to adhere to older C standard. 2017-11-17 12:43:06 +01:00
Brent Collins
5284100bb0 FIPS_mode() and FIPS_mode_set() does not exist in OpenSSL versions before 1.0.1 2017-11-17 12:43:06 +01:00
Brent Collins
2dddae738f Change initialization of EVP_CIPHER_CTX to use API function instead of trying to calloc(). 
Fix some warnings noted from build output.
 2017-11-17 12:43:06 +01:00
Brent Collins
497ba442be Workaround for missing EVP_CIPH_FLAG_FIPS_NON_ALLOW flag in openssl 1.0.0. 2017-11-17 12:43:06 +01:00
Brent Collins
d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode. 
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
 2017-11-17 12:43:06 +01:00
David Fort
0d92c725c6
Merge pull request #4000 from akallabeth/ign_keyword_fix 
Command line ignore empty if flag set
 2017-11-16 13:26:01 +01:00
Armin Novak
7b58495e7b Fixed warnings and formatting. 2017-11-15 15:56:24 +01:00
Armin Novak
1fd6308ef5 Functions static, warnings fixed. 2017-11-15 15:56:24 +01:00
Armin Novak
90e1d39fec Fixed formatting and warnings. 2017-11-15 15:56:24 +01:00
Armin Novak
44dfaf7841 Fixed dead store warning. 2017-11-15 15:56:24 +01:00
Armin Novak
3baba6f9c0 Removed unused argument. 2017-11-15 15:56:24 +01:00
Armin Novak
f24158fe07 Fixed missing function return check. 2017-11-15 15:56:24 +01:00
Armin Novak
0aa5a83536 Fixed multiple warnings in parser 2017-11-15 15:56:21 +01:00
Armin Novak
26d079e53b Fixed compile warnings. 2017-11-15 15:54:38 +01:00
Armin Novak
4eb5b8e349 Replaced atoi 2017-11-15 15:52:16 +01:00
Armin Novak
8c2bd951ae Allow printing of custom arguments in help. 2017-11-15 15:25:34 +01:00
Armin Novak
65f4c560d3 Fixed uninitialized values and leaks. 2017-11-13 16:20:57 +01:00
dodo040
60406794ce fix Kerberos flavour's detection (MIT/Heimdal) and double free for MIT<1.13 2017-11-13 16:20:56 +01:00
dodo040
1d97286a76 fix undeclared identifier on Windows 2017-11-13 16:20:56 +01:00
dodo040
335de159b0 use SSIZE_T instead of ssize_t 2017-11-13 16:20:56 +01:00
dodo040
9adb971181 handle missing ssize_t on Windows 2017-11-13 16:20:56 +01:00
dodo040
3e897a63cb remove useless includes 2017-11-13 16:20:56 +01:00
dodo040
e0a9999fb2 fix: GSS API init, enterprise name management, variable names and format code 2017-11-13 16:20:56 +01:00
dodo040
b81f168f0e initial commit for kerberos support 2017-11-13 16:20:55 +01:00
David Fort
de7d7e43c9 serial redirection: implement event char 
The signotec signature device requires the eventChar support to work properly in
serial redirection mode. This implementation is basic but does the job for this
device.

Sponsored by: Rangee GmbH (http://www.rangee.de)
 2017-11-06 22:26:17 +01:00
Armin Novak
269c78802d Fixed #4199: ConvertFindDataAToW string length 2017-10-31 16:52:08 +01:00
Mike Gilbert
5cd230ac74 winpr: _IoCreateDeviceEx: fix mkdir error check 
The mkdir(2) function returns 0 on success, and -1 on error.

This resolves an error in TestIoDevice when /tmp/.device/ does not
exist.

Bug: https://bugs.gentoo.org/635838
 2017-10-30 11:59:35 -04:00
Roman Kalashnikov
612e8b0710
Update semaphore.c 2017-10-28 11:59:23 +03:00
Roman Kalashnikov
4db363f107
Fixed Expression 'pComm != NULL' is always true 
pComm was checked earlier in 1363 string:
`if (pComm == NULL)`
 2017-10-28 01:48:41 +03:00