mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,543 Commits 6 Branches 74 Tags 84 MiB
342ff8cf0b
Commit Graph

2062 Commits

Author SHA1 Message Date
Armin Novak
458e51eae8 Do not set password to identity if pth is used. 2018-05-04 10:40:55 +02:00
Martin Fleisz
99346d19c6
Merge pull request #4611 from akallabeth/argument_warnings 
Argument warnings
 2018-05-04 10:06:42 +02:00
Armin Novak
b59b0a4425 Added error log messages. 2018-05-04 09:11:41 +02:00
Ashley Davis
ae54f5bded
First person "they" pronouns in logoff message 2018-05-03 12:11:13 -04:00
Armin Novak
5b961e9c75 Fixed /pth: Consistently treat the hash offset to password length. 2018-05-03 17:51:11 +02:00
Armin Novak
d4c98e4e71 Fixed formatting. 2018-05-03 12:30:40 +02:00
Armin Novak
5765e9a422 Fixed #4476: broken casts/variable sizes for custom BIO calls. 2018-05-03 12:30:40 +02:00
Martin Fleisz
296b19e172
Merge pull request #4596 from p-pautov/rdg_ssl_fixes 
RDG related fixes for better compatibility with mstsc
 2018-05-03 10:23:12 +02:00
akallabeth
2215071b23
Merge pull request #4576 from ccpp/bugfix-rdg-poll 
Fix polling in RDG
 2018-05-02 17:59:10 +02:00
Armin Novak
f631958a08 Fixed argument warning. 2018-05-02 13:08:17 +02:00
Martin Fleisz
31c804c349
Merge pull request #4603 from hardening/socksplus 
SOCKS5 proxy support
 2018-05-02 11:26:13 +02:00
David Fort
0f968b782c proxy: cleanup SOCKS support and add user/password support 2018-05-02 10:51:16 +02:00
Armin Novak
e0af47d26d Fixed rebase introduced error. 2018-05-02 09:56:49 +02:00
Jiri Sasek
1ba31551a6 socks proxy reply fix 2018-05-02 09:43:03 +02:00
Armin Novak
f19a17d3ed Fixed surface bits command cleanup. 2018-05-02 08:54:21 +02:00
Armin Novak
4e66972616 Fixed remaining global order buffers. 2018-05-02 08:54:21 +02:00
Armin Novak
e5767f07ac Refactored order updates 
Unified order creation/copy/delete to avoid memory leaks.
 2018-05-02 08:54:21 +02:00
David Fort
8cba201999
Merge pull request #4548 from akallabeth/autoreconnect_fix 
Autoreconnect fix
 2018-04-27 09:39:30 +02:00
David Fort
782039c6aa
Merge pull request #4589 from oshogbo/token 
Recognize only the cookie format anything else treat as token.
 2018-04-26 11:59:15 +02:00
p-pautov
fda76349b9
Fix Windows build. 2018-04-26 02:11:04 -07:00
Pavel Pautov
a0019ec79c Fallback to RDG RPC transport only if server does not support RDG HTTP and 
error out in other cases - invalid RDG SSL cert, bad credentials, PAA failue, etc.
 2018-04-25 18:36:43 -07:00
Christian Plattner
4a19f49878 Fail on unimplemented BIO_ctrl for /gt:rpc 2018-04-24 20:45:52 +02:00
Christian Plattner
4739189cfc Implement BIO_ctrl more correctly for RDG 
See #3602

This change is discussed in https://github.com/FreeRDP/FreeRDP/pull/4576#pullrequestreview-113381733
 2018-04-24 16:47:33 +02:00
Mariusz Zaborski
6515453886 Recognize only the cookie format anything else treat as token. 
If in the RDP file we will set loadbalanceinfo.
Instead of getting the cookie value we will get load balance info.

For example:
0000 03 00 00 2a 25 e0 00 00 00 00 00 74 73 76 3a 2f ...*%......tsv:/
0010 2f 56 4d 52 65 73 6f 75 72 63 65 2e 31 2e 41 48 /VMResource.1.AH
0020 0d 0a 01 00 08 00 0b 00 00 00                   ..........

The MSFT-SDLBTS document don't describe this behavior.

For this reason lets treat the token as anything ended with seqance
CR and CL. To be honest we already did that because in the core/connection.c
file where we are seting the routing_token to the LoadBalanceInfo.
 2018-04-24 15:00:00 +02:00
Mariusz Zaborski
b9ddf2046c Fix comments where is cookie and where is token. 2018-04-24 14:34:45 +02:00
Jiri Sasek
b1c1549ad1 SOCKS proxy support 2018-04-23 21:01:01 +02:00
Christian Plattner
a15644365e Fix BIO_get_fd for RDG, again. 2018-04-18 21:50:47 +02:00
Christian Plattner
f9d036a874 Fix #3602 by implementing BIO_get_fd correctly for RDG 2018-04-18 10:47:06 +02:00
Pavel Pautov
c866923897 Avoid buffer to struct cast. 2018-04-16 19:06:16 -07:00
Pavel Pautov
8fc0ea7199 Send correct packet size in case of PAA. Some cleanup. 2018-04-16 19:06:16 -07:00
Pavel Pautov
bbee19ced2 Content-Length and Transfer-Encoding are mutually exclusive. 2018-04-16 19:06:16 -07:00
Pavel Pautov
ec42228b2a Consolidate IN/OUT data connections establishment into common function and clean up related code. 2018-04-16 19:06:16 -07:00
Pavel Pautov
00256bba1d Move NTLM auth related code into dedicated functions. 2018-04-16 19:06:16 -07:00
Pavel Pautov
269dec6377 Consolidate rdg_tls_out_connect/rdg_tls_in_connect into single function. This also fixes connections to RDG server via proxy. 2018-04-16 19:06:13 -07:00
Pavel Pautov
e639e2caf3 Removed unused "readEvent" - no one checks if it was set. 
Removed needless rdg_check_event_handles declaration.
 2018-04-16 16:05:40 -07:00
Pavel Pautov
1530bcf916 Consolidate rdg_send_in_channel_request/rdg_send_out_channel_request into single function. 2018-04-16 16:05:40 -07:00
Pavel Pautov
0fbf8f8957 Explicitly skip "seed" payload on RDG OUT connection, to avoid issues when it's split over several SSL records. 2018-04-16 16:05:40 -07:00
Pavel Pautov
44cb710496 Moved some repeated "read all" code into function. 2018-04-16 16:05:40 -07:00
Armin Novak
1feca7768e Fixed redirection with session brokers. 
* Only reconnect channels on redirect, if they have already been connected.
* Prefer TargetNetAddress over FQDN to connect.
 2018-04-16 16:46:48 +02:00
Martin Fleisz
855af9e941
Merge pull request #4557 from akallabeth/connect_error_fix 
Set connection error if TCP connect fails.
 2018-04-12 12:10:56 +02:00
David Fort
14cce798e8
Merge pull request #4544 from oshogbo/nSize 
Don't restrict the hostname size.
 2018-04-12 11:11:57 +02:00
Armin Novak
685f5a8d20 Do not clear last error if not reconnecting. 2018-04-11 10:06:11 +02:00
Armin Novak
2fc31fcb37 Set connection error if TCP connect fails. 2018-04-11 09:09:23 +02:00
Andre Esteve
d240069b5e Gateway (RDG) use same IP for both channels 2018-04-10 20:59:33 -07:00
akallabeth
09c766cdeb
Merge pull request #4551 from oshogbo/nego_0 
Fix setting of negotiated security protocol.
 2018-04-09 19:00:48 +02:00
Mariusz Zaborski
480abdde91 Fix setting of negotiated security protocol. 
PROTOCOL_RDP is equals 0 so if we and it with anything is still 0.
Correct way of doing it is to compare two values.
 2018-04-09 17:14:37 +02:00
Bernhard Miklautz
e818dd5679
Merge pull request #4549 from oshogbo/krb 
Fix checking of krb in encrypt public key echo.
 2018-04-09 16:26:18 +02:00
Mariusz Zaborski
dc2c826edd Fix checking of krb in encrypt public key echo. 
In commit 0e1a073384 there was a mistake -
originally code said different then kerberos. Because of that NLA authentication
of server side didn't work for me.
 2018-04-09 15:09:38 +02:00
Armin Novak
7af9ba9171 Refactored reconnect and redirect API 
Reconnect and redirect share the same code on disconnect.
Move that to a single function and export it as it may be required
to terminate the session properly before reconnect is called.
 2018-04-09 14:04:30 +02:00
Armin Novak
0a7691de58 Fixed channel (dis)connect on redirect or reconnect. 2018-04-09 11:26:12 +02:00
Armin Novak
1698a54b04 Removed unnecessarty string duplications. 2018-04-09 11:26:05 +02:00
Mariusz Zaborski
00374382d9 There is no reason to restrict nSize to 2 the hostname can be empty on 
UNIX-like machines.
 2018-04-06 21:07:51 +02:00
Armin Novak
3762e06714 Fixed RDP debug message invalid function. 2018-04-06 11:34:24 +02:00
Armin Novak
26d9957608 Fix pointer type mismatch struct sockaddr_storage* and struct sockaddr* 2018-04-05 10:47:50 +02:00
MartinHaimberger
a9ecd6a6cc
Merge pull request #4535 from akallabeth/warning_fixes 
Warning fixes
 2018-04-05 10:20:43 +02:00
MartinHaimberger
0af63d4c6f
Merge pull request #4481 from akallabeth/fastpath_fix 
Fastpath uncompressed length issue
 2018-04-05 10:17:51 +02:00
Martin Fleisz
ff8b2c1b0e core: Fix IPv6 handling on Windows 
On Windows the sockaddr struct is smaller than sockaddr_in6.
This causes getsockname to fail because the buffer is too small.
The new code uses sockaddr_storage which should be large enough to
hold any supported protocol address structure.

See: http://pubs.opengroup.org/onlinepubs/009696699/basedefs/sys/socket.h.html
 2018-04-04 17:19:18 +02:00
Armin Novak
e47d7eb968 Simplified fastpath buffer handling. 2018-04-04 13:24:43 +02:00
Armin Novak
f840150a54 Fixed missing return value checks. 2018-04-04 13:24:32 +02:00
Armin Novak
3f1ef0efc6 Removed unnecessary range check. 2018-04-04 10:45:32 +02:00
Martin Fleisz
edce38613a
Merge pull request #4529 from akallabeth/wlog_cleanup_fix 
Fix #4524: Initialize with cleanup handler
 2018-04-04 09:32:46 +02:00
Armin Novak
e0d112d548 Removed all calls to WLog_Init and WLog_Uninit 
Since the calls are no longer required remove their usage.
 2018-04-03 13:06:41 +02:00
Martin Fleisz
5c59b5f2b8 cssp: Fix handling of nonce 2018-03-29 21:42:14 +02:00
Martin Fleisz
eb1f693fc4 cssp: Separate client/server version handling (#4502) 2018-03-23 12:12:08 +01:00
Martin Fleisz
e9ba4b58ec cssp: Fix warnings (#4503) 2018-03-21 12:57:58 +01:00
Martin Fleisz
8df96364f2 cssp: Add support for protocol version 6 2018-03-20 10:37:38 +01:00
Bernhard Miklautz
e7ae3f6bab fix nla: don't use server version 
FreeRDP currently only supports CredSSP protocol version 3. However the
current implementation always sent back the version received by the
server indicating that this version was supported.
With recent windows updates applied the protocol changed and this approach
doesn't work anymore (see
https://msdn.microsoft.com/en-us/library/mt752485.aspx for protocol changes).

With this fix FreeRDP always sends version 3 as supported version.

Credit goes to @mfleisz.

Fixes #4449
 2018-03-14 14:04:56 +01:00
Armin Novak
2517755d25 Fixed thread function return and parameters. 2018-03-07 14:36:55 +01:00
akallabeth
dd538ccd4b
Merge pull request #4470 from mfleisz/misc_fixes 
Various fixes after running VS 2017 code analysis
 2018-03-07 14:05:22 +01:00
Martin Fleisz
811406382d core: Fix possible out-of-bounds read 2018-03-06 15:52:34 +01:00
Martin Fleisz
07f05c5cb3 nla: Add NULL pointer check 2018-03-06 15:39:03 +01:00
Armin Novak
a419677e8f Fix invalid handle offset. 2018-03-06 13:58:40 +01:00
Armin Novak
1f7d33a2f2 Fixed read/write of surface bits command. 
The optional field exBitmapDataHeader of TS_ BITMAP_DATA_EX was ignored.
Read and expose the data (currently unused)
 2018-03-01 11:38:59 +01:00
Jacco Braat
2af67baea3 Modified RDG connection setup using PAA Cookie. 
Skip NTLM auth on the IN/OUT channels. Add PAACookie to TUNNEL_CREATE.
 2018-02-15 10:56:58 +01:00
Jacco Braat
b592684734 Added to rdp file parsing: gatewayaccesstoken:s:<token> 
Added to commandline parsing: /gat:<token>
Added GatewayAccessToken to sings
 2018-02-15 10:56:57 +01:00
Armin Novak
92c62b1dbf Fixed #4436: double free of http response. 
Fixed #4436: reset of token split.
 2018-02-14 14:29:08 +01:00
Armin Novak
990b8c23a9 Fixed PubSub function pointer casts. 2018-02-14 11:00:52 +01:00
David Fort
6e5d86f332 http: fix compilation with valgrind memcheck helpers 2018-02-14 10:16:38 +01:00
Bernhard Miklautz
8566021a1c
Merge pull request #4425 from akallabeth/windows_nego_fix 
Fixed windows unicode authentication.
 2018-02-13 15:26:44 +01:00
Martin Fleisz
b8599b08f2
Merge pull request #4364 from akallabeth/gateway_refactor 
Gateway refactor
 2018-02-13 13:48:45 +01:00
Armin Novak
53d2150e00 Fixed windows unicode authentication. 2018-02-13 11:29:56 +01:00
Armin Novak
2cf10cc359 bitmap free now always deallocating all resources. 2018-02-13 10:18:43 +01:00
Armin Novak
8c7fe93cc6 Added client channel queue object free function. 2018-02-09 11:04:31 +01:00
Armin Novak
78de329f1f Fixed IPv4/IPv6 to string 2018-02-08 17:26:31 +01:00
Norbert Federa
46f03d5e78 disabled expensive debug call in channel send 2018-01-31 12:44:45 +01:00
Armin Novak
e1c00b878d Fixes argument size type, function static where appropriate. 2018-01-19 09:15:26 +01:00
Armin Novak
29f2d2d9bb Fixed missing packageName setup in server NLA 2018-01-17 09:09:58 +01:00
Armin Novak
0e1a073384 Simplified package name comparisons. 2018-01-17 08:18:45 +01:00
Armin Novak
dc3d536398 Changed length arguments and return to size_t 2018-01-17 08:14:06 +01:00
Armin Novak
20b4b286f0 Fixed strtoull not supported on windows. 2018-01-16 08:15:34 +01:00
Armin Novak
a49a2299b1 Refactored http parser 
* Using single buffer for all data
* Added response size limit of 64MiB
* Fixed various memory leaks
 2018-01-15 16:51:33 +01:00
Armin Novak
c3f008c36c Functions static where appropriate. 2018-01-15 13:22:01 +01:00
Armin Novak
59e8b67287 Fixed broken #ifdef 2018-01-15 10:18:03 +01:00
Armin Novak
97cc55deec Fixed bitmap capability debug. 2018-01-12 09:22:08 +01:00
David Fort
e1cc601963
Merge pull request #4323 from akallabeth/scanbuild_fixes 
Scanbuild and other warnings fixed
 2018-01-08 11:16:21 +01:00
akallabeth
4077d55a6c
Merge pull request #4332 from hardening/xrandr_and_fixes 
Xrandr and fixes
 2018-01-08 09:20:56 +01:00
David Fort
191b8f950f Fix for #4330 
Since ec027bf dynamic resolution is broken when used with egfx. Before that commit
we were tracking a server sent resize by setting a DesktopResize callback. This callback
is called when the desktop is resized by the server. Anyway the problem was that when this
callback is called, the activation sequence is not always completed, which were leading to
some freeze with 2012r2 servers (sending packets before the sequence is finished).
So with the faulty commit, we are tracking server resizes by subscribing to the Actived
event, that is called at the end of a reactivation sequence, so we're sure to not send packets
when not fully activated.
Anyway the issue that shows on (#4330) is that when you use egfx, no reactivation sequence happens,
the server only sends a ResetGraphics message with the new size, and so we miss the resized event.
This fix introduces a new GraphicsReset event, makes the display channel subscribe to that event,
and react accordingly.
 2017-12-23 13:50:54 +01:00
Armin Novak
c60c355a9d Added ROP to primary order debug message. 2017-12-22 10:37:04 +01:00
Armin Novak
e4766c656e Fixed missing initialization warnings. 2017-12-21 11:04:32 +01:00
Armin Novak
6a21bdae3d Fixed various scanbuild warnings. 2017-12-21 09:34:35 +01:00
akallabeth
e3e65734e8
Merge pull request #4303 from krisztian-kovacs-balabit/use-redirection-password 
Use redirection password
 2017-12-20 17:01:58 +01:00
Martin Fleisz
80a49f46dc
Merge pull request #4320 from ondrejholy/coverity-fixes 
Coverity Scan fixes
 2017-12-20 14:17:20 +01:00
Martin Fleisz
ec027bf46c
Merge pull request #4318 from hardening/display_improvement 
Dynamic resolution improvements
 2017-12-20 13:43:22 +01:00
Martin Fleisz
bfe8359b5b
Merge pull request #4239 from akallabeth/test_memleak_fixes 
Test memleak fixes
 2017-12-20 12:38:38 +01:00
David Fort
2a6c9e1b87 Add an activated event and a Timer event 
Added an event that is triggered when the activation sequence is finished.
We also define a timer event that is neat to have for regular operation.
 2017-12-19 15:21:15 +01:00
Ondrej Holy
4791970c09 core: Remove redundant stream position changes 
Stream_Seek() is used, but consequently Stream_SetPosition() is used
for position obtained by Stream_GetPosition() immediatelly before
Stream_Seek(). Let's remove this stream position changes due to its
redundancy.
 2017-12-19 13:02:55 +01:00
Ondrej Holy
0389cb129e core: Fix array overrunning during FIPS keys generation 
p is 20 and r is 1 in the last iteration of fips_expand_key_bits,
which means that buf[21] is read (of BYTE buf[21];). However,
the value is not needed, because it is consequently discarded by
"c & 0xfe" statement. Let's do not read buf[p + 1] when r is 1
to avoid this.
 2017-12-19 10:29:16 +01:00
Armin Novak
7305828122 Fix #4239: Various memory leaks 
* Fixed all tests, now can be run with -DWITH_ADDRESS_SANITIZER=ON compiled.
* Enabled address sanitizer for nightly builds.
 2017-12-12 11:40:48 +01:00
David Fort
41823080f9 Fix users of Stream_GetPosition() that returns size_t 2017-12-11 22:38:58 +01:00
David Fort
11ee81be60 Fix XRandr for old systems and MacOSX 
We need a recent enough version of XRandr to correctly detect monitor.
Also this patch adds some typo or style fixes.
 2017-12-08 10:59:38 +01:00
KOVACS Krisztian
7f5f40d392 core/nla: use RedirectionPassword if set in settings 
Previously, the code prompted for the password even if a RedirectionPassword
was provided.

With this change the prompt is only shown if both settins->Password and
settings->RedirectionPassword is absent.
 2017-12-06 16:32:56 +01:00
KOVACS Krisztian
6518e36c70 Revert "core/connection: use redirection password when reconnecting" 
This reverts commit 70c65e70d1.
 2017-12-06 14:58:34 +01:00
David Fort
cf33966f2e
Merge pull request #4282 from akallabeth/force_ipv6 
Fix #4281: Added option to prefer IPv6 over IPv4
 2017-11-28 10:48:53 +01:00
Armin Novak
3e4c274cc9 Fixed channel count exceed checks 
The check aborted on CHANNEL_MAX_COUNT - 1 instead
of correctly at CHANNEL_MAX_COUNT
 2017-11-28 09:40:04 +01:00
David Fort
2f4a2f8595
Merge pull request #4272 from akallabeth/static_channel_checks 
Fix #3378: 31 static channels are supported.
 2017-11-27 22:46:23 +01:00
Armin Novak
2cc64298f2 Fix #4281: Added option to prefer IPv6 over IPv4 2017-11-27 11:43:54 +01:00
Armin Novak
377bfeb227 Fix #3378: 31 static channels are supported. 2017-11-23 16:18:44 +01:00
Armin Novak
f68bc07a22 Fixed return value check for callbacks. 2017-11-23 15:10:42 +01:00
akallabeth
71e38a4ce7
Merge pull request #4267 from ondrejholy/autofips 
Enable FIPS mode automatically
 2017-11-23 10:49:15 +01:00
Ondrej Holy
74bbbdb5c3 Remove unused variable 
Unused variable was added together with FIPS mode support, let's remove it.
 2017-11-23 10:09:17 +01:00
Ondrej Holy
6973b14eed Enable FIPS mode automatically 
FreeRDP aborts if OpenSSL operates in FIPS mode and +fipsmode is not
manually specified. Let's prevent the abortion and enable the necessary
options in that case automatically.
 2017-11-23 10:09:17 +01:00
David Fort
a834ef8243
Merge pull request #4251 from akallabeth/openssl_warn_fixes 
Fix #4247: warnings introduced with #3904
 2017-11-23 09:22:02 +01:00
cedrozor
49f4b2a42e Fixed NLA for Negotiate and NTLM authentication (regression due to the recent addition of kerberos support) 2017-11-21 16:36:47 +01:00
Armin Novak
a376656b3c Disabled ceritficate signature check. 2017-11-21 11:37:42 +01:00
Armin Novak
4fe12b0ea3 Fix #4247: warnings introduced with #3904 2017-11-20 10:18:15 +01:00
akallabeth
b156b937fe
Merge pull request #3904 from bjcollins/master 
FIPS Mode support for xfreerdp
 2017-11-17 13:31:43 +01:00
Martin Fleisz
4ff1251488
Merge pull request #4236 from akallabeth/scan_fix_remastered 
Scanbuild warning fixes
 2017-11-17 13:02:46 +01:00
Brent Collins
9ca9df1ead Make the new winpr_Digest*MD5_Allow_FIPS functions more generic to no longer be MD5 specific in design. This way the FIPS override 
could easily be extended to more digests in the future. For now, an attempt to use these functions with anything other than MD5 will
not work.
 2017-11-17 12:43:07 +01:00
Brent Collins
e47123f05a Do not initialize SSL in freerdp_context_new, it is too early to detect the fips enabled flag 
and is redundant since it is initialized later before actually using SSL.
 2017-11-17 12:43:07 +01:00
Brent Collins
68ab485e63 Fix logic error in reworked MD5 call for establishing keys, and fix some minor whitespace issues. 2017-11-17 12:43:07 +01:00
Brent Collins
d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode. 
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
 2017-11-17 12:43:06 +01:00
Armin Novak
bd7e4cd35a Fixed uninitialized variables. 2017-11-15 15:56:25 +01:00
Armin Novak
032c0164d1 Fixed missing error check. 2017-11-15 15:56:25 +01:00
Armin Novak
99f6c27488 Fixed uninitialized arguments. 2017-11-15 15:56:25 +01:00
Armin Novak
4eb5b8e349 Replaced atoi 2017-11-15 15:52:16 +01:00
David Fort
7bbc3cb8b7 Fix logic in nla_read_ts_credentials 2017-11-13 16:20:57 +01:00
dodo040
e0a9999fb2 fix: GSS API init, enterprise name management, variable names and format code 2017-11-13 16:20:56 +01:00
dodo040
0a3c61d305 fix undefined symbol references at linking stage 2017-11-13 16:20:56 +01:00
dodo040
b81f168f0e initial commit for kerberos support 2017-11-13 16:20:55 +01:00
akallabeth
fcc9419922
Merge pull request #4225 from krisztian-kovacs-balabit/use-redirection-pdu-password-on-reconnect 
core/connection: use redirection password when reconnecting
 2017-11-10 09:32:39 +01:00
KOVACS Krisztian
c13c9035eb libfreerdp/core/certificate: open key file for reading only 
There's no point in writing the key file for read-write, and it makes it
impossible to run the shadow server with the key file being read only.
 2017-11-09 16:54:22 +01:00
KOVACS Krisztian
70c65e70d1 core/connection: use redirection password when reconnecting 
According to MS-RDPBCGR the server might send a password in the Redirection PDU
that then must be sent by the client to the server as password.

Since the field either contains a password string (unicode) or a binary cookie,
we try to convert the password from unicode and use it only if conversion
succeeds.
 2017-11-09 14:46:38 +01:00
Martin Fleisz
d5344c3396
Merge pull request #4219 from akallabeth/various_fixes 
Various fixes
 2017-11-09 09:37:18 +01:00
Martin Fleisz
ed1934cafe
Merge pull request #4211 from akallabeth/silence_duplicate_warnings 
Silence WLog_ERR messages if last error is set.
 2017-11-08 13:34:26 +01:00
Armin Novak
b86c0ba548 Fixed NLA default error to FREERDP_ERROR_AUTHENTICATION_FAILED 2017-11-08 11:32:34 +01:00
David Fort
b216e91cdd
Merge pull request #4210 from akallabeth/nla_errors_extended 
Added additional NLA error mappings.
 2017-11-06 14:23:50 +01:00
Armin Novak
ce00f4dd8f Silence WLog_ERR messages if last error is set. 2017-11-06 14:02:22 +01:00
akallabeth
e7b8833e9e
Merge pull request #4187 from hardening/multimon_fix 
Multimonitor fix
 2017-11-06 10:02:07 +01:00
Armin Novak
7a73a0eb1b Added additional NLA error mappings. 2017-11-06 09:49:03 +01:00
Youness Alaoui
02e4f1f256 Do not delete the listener socket right after creating it. 
The listener server socket file needs to be deleted before we bind it
otherwise it's an "address already in use" error. But it was getting
deleted after the bind, causing the file to disappear, and preventing
anyone from connecting to the listener socket since the socket stops
existing.

This is caused by commit 884e87fde4
 2017-10-27 15:01:29 -04:00
Armin Novak
367bddd7ad Added better error mapping for NEGO results. 2017-10-25 09:58:13 +02:00
David Fort
f90fe19fc7 multimon: correctly set the primary monitor 
According to the spec the primary monitor is supposed to be in (0,0) and other monitors
to be given relative to this one.
 2017-10-17 14:07:23 +02:00
David Fort
a132922376 Add checks for DR channel 2017-10-04 10:30:47 +02:00
akallabeth
e6d66d9d81 Merge pull request #4154 from hardening/misc_fixes 
Fix raw surfaces displaying + misc other changes
 2017-09-27 14:56:21 +02:00
Bernhard Miklautz
15c7cb8cb2 Enable clipboard channel per default 2017-09-27 09:45:07 +02:00
David Fort
ddca8f3a3b Check return value of malloc 2017-09-26 13:56:08 +02:00
Armin Novak
9f26f73709 Added delay for connect abort 
The connection abort must be called after freerdp_connect.
Ensure that this function is already running by waiting
a second.
 2017-09-26 12:05:24 +02:00
Armin Novak
ef9444bd35 TestConnect: Extend timeout, only listen locally 2017-09-26 10:59:34 +02:00
Armin Novak
ac454628ae Fixed TestConnect with dynamic channels. 2017-09-25 13:34:00 +02:00
Armin Novak
884e87fde4 Unlink file after binding to it. 
When unlinking the file before binding, a new entry is created
in the file system after binding. This is not desireable, so
unlink it after binding to remove the temporary file after the process
closes.
 2017-09-25 10:35:24 +02:00
Jukka-Pekka Virtanen
ad1425e145 Using PasswordIsSmartcardPin option when sending TS_INFO_PACKET 2017-09-23 14:28:17 +02:00
David Fort
b587daa416 Merge pull request #4136 from tditsch/master 
Fixed endless loop when RDP Server sends SERVER_DENIED_CONNECTION
 2017-09-22 09:52:27 +02:00
Armin Novak
bdae339268 Check and invalidate handles on free. 2017-09-19 12:36:13 +02:00
tditsch
a16d9a2ade refactored Bugfix 2017-09-19 10:18:41 +02:00
tditsch
feca6d9750 Fixed endless loop when RDP Server sends SERVER_DENIED_CONNECTION 2017-09-18 17:29:16 +02:00
Ondrej Holy
9cccd4888d orders: Fix OFFSCREEN_DELETE_LIST allocation size 
The size of OFFSCREEN_DELETE_LIST list allocation was incorrectly changed
by commit 99b1481 and consequently fixed incorrectly by commit 8a0fe086.
Let's count the allocation size based on new size and not based on current
size in order to prevent some memory issues.

https://github.com/FreeRDP/FreeRDP/issues/4117
 2017-09-07 09:38:44 +02:00
Ondrej Holy
048e7f264b orders: Fix ORDER_TYPE_GDIPLUS_END check 
Commit 6fd03ab introduced security checks for orders, but
ORDER_TYPE_GDIPLUS_END check fails in case of success and vice versa.
Let's add the missing question mark.

https://github.com/FreeRDP/FreeRDP/issues/4117
 2017-09-07 09:38:44 +02:00
David Fort
5115ecd948 Merge pull request #4063 from akallabeth/auth_fixes 
Fixed leaks, certificate comparison and channel context cleanup
 2017-08-30 10:19:12 +02:00
Bernhard Miklautz
52fbfb7b12 fix clang warnings, directly include wtypes.h (#4097) 
* build: clang use -Wno-unused-command-line-argument

With clang 5.0 builds are quite noisy otherwise.

* Directly include wtypes.h

Directly include winpr/wtypes.h where _fseeki64 or _ftelli64 is used.

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning: parentheses-equality

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning: tautological-compare

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning:
incompatible pointer types passing 'size_t *' (aka 'unsigned
long *') to parameter of type 'UINT32 *' (aka 'unsigned int *')
[-Wincompatible-pointer-types]
 2017-08-29 09:09:38 +02:00
Armin Novak
c3d4b7d262 fseeko and ftello for 64bit file support. 2017-08-14 08:42:49 +02:00
David Fort
b29658a859 Merge pull request #4066 from akallabeth/input_event_fixes 
Fixed capability checks for mouse and unicode input.
 2017-08-02 11:25:08 +02:00
David Fort
c84065f40c Merge pull request #4069 from yurashek/master 
Build on Solaris
 2017-08-02 09:53:38 +02:00
Armin Novak
d2d621106d Fixed capability checks for mouse and unicode input. 2017-07-31 12:30:35 +02:00
Armin Novak
523a881663 Channels with a context must free it themselves. 2017-07-28 08:39:51 +02:00
Armin Novak
11fa9f6753 Free credentials on exit. 2017-07-28 08:39:49 +02:00
Armin Novak
b0411d4faa Unexported internal NLA functions. 2017-07-28 08:38:07 +02:00
Armin Novak
c301f2d56a Fixed certificate check return. 2017-07-28 08:35:41 +02:00
Armin Novak
ceda244165 Fixed uninitialized values and leaks. 2017-07-28 08:35:31 +02:00
Armin Novak
dd4b5ea126 Disable JPEG codec support if not compiled in. 2017-07-24 15:23:36 +02:00
Armin Novak
b51a103b70 Fixed uninitialized values. 2017-07-20 09:35:41 +02:00
Armin Novak
8b9e3fa51e Fixed use of reserved keywords for include guards. 2017-07-20 09:35:41 +02:00
Armin Novak
0490aeb018 Fixed clang malloc integer overflow warnings. 2017-07-20 09:29:48 +02:00
Armin Novak
8292b4558f Fix TALOS issues 
Fix the following issues identified by the CISCO TALOS project:
 * TALOS-2017-0336 CVE-2017-2834
 * TALOS-2017-0337 CVE-2017-2834
 * TALOS-2017-0338 CVE-2017-2836
 * TALOS-2017-0339 CVE-2017-2837
 * TALOS-2017-0340 CVE-2017-2838
 * TALOS-2017-0341 CVE-2017-2839
 2017-07-20 09:28:47 +02:00
Armin Novak
96d53933d2 Deactivated all H264 related code paths. 2017-07-17 10:39:08 +02:00
Norbert Federa
36b8f54c5e Fixed a few compiler warnings 2017-07-10 17:52:05 +02:00
Bernhard Miklautz
e7cd3250c3 Fix a regression introduced with PR #4013 
If numWindowRects/numVisibilityRects is zero a realloc might either
return NULL or a free able memory. In the first case the introduced
regression caused a double free.
As 0 is a possible value that can be received in both cases rail was
broken.

Fixes #4022
 2017-06-29 11:28:03 +02:00
weizhenwei
ef540ee2df code format adjustment 2017-06-23 09:50:56 +08:00
weizhenwei
5d8d3b53c5 remove redundant NULL pointer check 2017-06-23 09:44:40 +08:00
weizhenwei
3b52a60d31 remove useless NULL pointer check before free 2017-06-23 09:21:16 +08:00
weizhenwei
61b24bf0b3 add NULL pointer check and set freed pointers to NULL afterward 2017-06-22 17:53:51 +08:00
weizhenwei
fa1c65b656 refactor to remove duplicate code and replace free+malloc with realloc 2017-06-22 10:21:20 +08:00
weizhenwei
2d56e22e9e refactor on redundant code copy 2017-06-21 22:07:07 +08:00
weizhenwei
d77802d5e9 fix memroy leak of window_icon->iconInfo at update_read_window_icon_order() 2017-06-21 15:26:28 +08:00
weizhenwei
2f96df25fa fix memory leak at update->window->window_state.windowRects/visibilityRects at update_read_window_state_order() 2017-06-21 15:26:28 +08:00
weizhenwei
5c19318ab5 fix memory leak at update->window->window_state.titleInfo.string at update_read_window_state_order() 2017-06-21 15:26:28 +08:00
weizhenwei
6a43fdc71a code clean on free(update->window->monitored_desktop.windowIds); 2017-06-21 15:26:27 +08:00
weizhenwei
63c81517b7 fix memory leak on update->window->monitored_desktop.windowIds which is realloced at update_read_desktop_actively_monitored_order() 2017-06-21 15:26:27 +08:00
Armin Novak
22f1fbe3d2 Fixed missing external declaration (#3982) 2017-05-31 11:44:33 +02:00
Jura Sasek
4edb5cf7e6 Build for Solaris 2017-05-24 04:27:01 -07:00
David Fort
b92a789dfd Merge pull request #3963 from akallabeth/qoe_ack 
Added client RDPGFX_QOE_FRAME_ACKNOWLEDGE_PDU
 2017-05-22 11:10:03 +02:00