Commit Graph

1984 Commits

Author SHA1 Message Date
Martin Fleisz
19a00f2099
Merge pull request #4325 from akallabeth/fixes_com
Fixes serial redirection name check and SAM file parser
2018-02-15 10:39:33 +01:00
Martin Fleisz
13be71381c
Merge pull request #4434 from akallabeth/winpr_digest_param
Fixed winpr digest type.
2018-02-14 15:54:13 +01:00
Armin Novak
89859d4c54 Fixed missing error return. 2018-02-14 13:51:38 +01:00
Armin Novak
5903d5b375 Fixed winpr digest type. 2018-02-14 12:48:45 +01:00
Armin Novak
53d2150e00 Fixed windows unicode authentication. 2018-02-13 11:29:56 +01:00
Armin Novak
2d58e96dcc Exit main thread with winpr_exit to trigger resource cleanup.
When using pthread_once with destructors they are only called,
if each thread (including the main thread) is exited with pthread_exit.
Introducing winpr_exit as a wrapper for that purpose.
2018-02-12 10:33:02 +01:00
Armin Novak
855dc9abaf Clear message queue on free. 2018-02-09 10:29:18 +01:00
Armin Novak
c586a300cf Fixed init once return. 2018-02-07 13:22:07 +01:00
Bernhard Miklautz
c7f1656ea8
Merge pull request #4400 from hardening/defines_clean
set some define consistency
2018-02-07 12:34:27 +01:00
David Fort
7ceb85c7a8
Merge pull request #4340 from akallabeth/init_once
Fix remaining issues with #2006
2018-02-07 10:34:18 +01:00
David Fort
6c64aa4e20 fixed include path
It was working because of multiple include directories.
2018-02-05 14:34:49 +01:00
David Fort
917bc4b551 set some define consistency
This patch cleanup the defines to make then consistent.
2018-02-05 14:17:23 +01:00
Armin Novak
60ab8cc724 Fixed memory leak. 2018-01-24 14:11:33 +01:00
Armin Novak
29f2d2d9bb Fixed missing packageName setup in server NLA 2018-01-17 09:09:58 +01:00
Armin Novak
dc48c42926 Refactored NTLM, functions static where approprate 2018-01-16 11:34:07 +01:00
Armin Novak
1611ec16b1 Refactored kerberos SSPI
* Functions static where approrpriate
* Variables static const where appropriate
2018-01-16 10:58:30 +01:00
Armin Novak
609a4eb6ae Fixed ICU support for CP_ACP 2018-01-16 10:37:19 +01:00
Armin Novak
c62fde53a4 Fix #4306:
* Do not reset context when changing package.
* All functions not exported static.
2018-01-16 10:31:08 +01:00
Armin Novak
5550f6ffe1 Fixed #4357: NTLM debug message. 2018-01-12 09:22:08 +01:00
Armin Novak
9804d5a4a7 SamOpen return NULL if file was not opened. 2018-01-08 13:07:11 +01:00
Armin Novak
d03f9858af Fixed #2006: Use InitOnceExecuteOnce 2018-01-08 12:41:32 +01:00
David Fort
e1cc601963
Merge pull request #4323 from akallabeth/scanbuild_fixes
Scanbuild and other warnings fixed
2018-01-08 11:16:21 +01:00
Anton Afanasyev
ed2e4e576d StartHTML and EndHTML values can be left-padded with 0 characters. strtol and friends treat this as base-8 if base is specified as 0.
Because these values are always sent in base-10, fix is to always use base-10
2018-01-06 18:45:22 -08:00
Armin Novak
04708b37e1 Fixed serious issues with SAM file parser
The parser ommitted various checks during file parsing.
Invalid syntax did crash the whole thing.
2017-12-21 14:39:43 +01:00
Armin Novak
6f1b8f04c6 Fixed check for reserved com devices. 2017-12-21 14:39:32 +01:00
Armin Novak
a0b49f4e07 Removed unused functions, fixed feature define guards 2017-12-21 11:30:21 +01:00
Armin Novak
50a0968c6a Removed unused variables. 2017-12-21 11:29:24 +01:00
Armin Novak
6a21bdae3d Fixed various scanbuild warnings. 2017-12-21 09:34:35 +01:00
akallabeth
e3e65734e8
Merge pull request #4303 from krisztian-kovacs-balabit/use-redirection-password
Use redirection password
2017-12-20 17:01:58 +01:00
Martin Fleisz
bfe8359b5b
Merge pull request #4239 from akallabeth/test_memleak_fixes
Test memleak fixes
2017-12-20 12:38:38 +01:00
akallabeth
097f8edd97
Merge pull request #4312 from bmiklautz/smartcard-cleanup
Smartcard fixes and cleanup
2017-12-14 16:56:29 +01:00
Bernhard Miklautz
5a1c0081c5 fix smartcard: SCardStatus unicode handling
* fix StatusW_Call to rely and use SCardStatusW
* fix trace call in  StatusW_Call - needs to be called after the sizes
  are set
* unify SCardStatus functions for pcsc - let the internal function handle unicode directly

This fixes an issue with size calculations of SCardStatusW.
2017-12-14 15:46:14 +01:00
Martin Fleisz
5cec90c781
Merge pull request #4305 from hardening/xrandr_fix
Fix XRandr for old systems and MacOSX
2017-12-13 17:24:41 +01:00
Bernhard Miklautz
bff9b98e67 feat winpr/smartcard: add test for SCardStatus
Add an extensive test for SCardStatus. It's not enabled per default
as it requires a reader with card to be present.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
6b691948cf refactor winpr/smartcard/pcsc: reader/group naming
The PCSC SCard implementation in winpr tried to rename reader and group
names received from PCSC to something similar to what the windows smart
card service would return.

Because of the following reasons this mapping was removed:

* reader names are not standardized
* no mapping of reader name should be required at all
* the mapping added extra complexity
* the mapping didn't produce the same names as if the reader was
  directly connected on windows (or redirected from a windows host)

In case there are situations where this is nevertheless required this
feature can simple be (re-)implemented a part of the smart card channel.

Also the formatting was fixed.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
e3d45c4580 fix channel/smartcard: remove SCardAddReaderName
SCardAddReaderName isn't part of the SCard API.

Note: removing this also removes the possibility to redirect single
smartcard readers with /smartcard:READERNAME. However this features
wasn't implemented in a general way and will be re-added as part of
the smart card channel directly.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
6e63c6afd9 fix channel/smartcard: remove status mappings
The state tracking/modifications (presumably thought as optimization?!) in
PCSC_SCardGetStatusChange_Internal cause a lot of applications to behave
incorrectly and/or hang. Ideally no modifications of the states should
be necessary as PCSC implements the same API as passed over the channel.
2017-12-13 17:04:06 +01:00
Martin Fleisz
f6b8a6eaa2
Merge pull request #4276 from akallabeth/big_endian_more
Big endian fixes
2017-12-13 09:58:14 +01:00
Armin Novak
ae2a96293b Cleanup and initialization checks. 2017-12-12 11:40:48 +01:00
Armin Novak
7305828122 Fix #4239: Various memory leaks
* Fixed all tests, now can be run with -DWITH_ADDRESS_SANITIZER=ON compiled.
* Enabled address sanitizer for nightly builds.
2017-12-12 11:40:48 +01:00
Armin Novak
0a9ef97a57 Fixed uninitialized variable. 2017-12-12 10:35:02 +01:00
David Fort
41823080f9 Fix users of Stream_GetPosition() that returns size_t 2017-12-11 22:38:58 +01:00
KOVACS Krisztian
3c56300afa winpr/sspi: add possibility to set auth identity with Unicode password
To be able to avoid password conversion if the password is already unicode
this change adds the sspi_SetAuthIdentityWithUnicodePassword() function
that is identical to sspi_SetAuthIdentity() except that the password is
used without further conversions in the Unicode identity.
2017-12-06 16:30:57 +01:00
Martin Fleisz
876a7697be
Merge pull request #4297 from akallabeth/cmd_parser_hardening
Fix #4296: Hardened command line post filter.
2017-12-05 14:40:03 +01:00
Greg V
bfe3af4c72 Fix LibreSSL build
LibreSSL does not support FIPS mode.
2017-12-01 18:34:48 +03:00
Armin Novak
78a0c4c618 Fix #4296: Hardened command line post filter. 2017-12-01 13:13:21 +01:00
akallabeth
0cb5907664
Merge pull request #4275 from ondrejholy/big-endian-fixes
Big endian fixes
2017-12-01 11:24:50 +01:00
Bernhard Miklautz
0da2fb6915 fix/build: handle GNU/kFreeBSD like other BSDs
Based on a patch for Debian from
Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
2017-11-27 17:04:52 +01:00
Mike Gabriel
d4af7eaa59 fix/build: GNU/kFreeBSD is not FreeBSD 2017-11-27 17:04:52 +01:00
Armin Novak
c91900dfb3 Fixed big endian issues with bitmap read. 2017-11-24 12:03:46 +01:00
Ondrej Holy
e5574f276a winpr/nt: Fix wide char string on big endian
Wide char strings are always little endian encoded and thus
Data_Write_UINT16 has to be used in _RtlAnsiStringToUnicodeString.
It fixes TestIoDevice on big endian machines among others.

https://github.com/FreeRDP/FreeRDP/issues/4231
2017-11-23 20:01:01 +01:00
akallabeth
71e38a4ce7
Merge pull request #4267 from ondrejholy/autofips
Enable FIPS mode automatically
2017-11-23 10:49:15 +01:00
Ondrej Holy
6973b14eed Enable FIPS mode automatically
FreeRDP aborts if OpenSSL operates in FIPS mode and +fipsmode is not
manually specified. Let's prevent the abortion and enable the necessary
options in that case automatically.
2017-11-23 10:09:17 +01:00
Armin Novak
4fe12b0ea3 Fix #4247: warnings introduced with #3904 2017-11-20 10:18:15 +01:00
akallabeth
b156b937fe
Merge pull request #3904 from bjcollins/master
FIPS Mode support for xfreerdp
2017-11-17 13:31:43 +01:00
Martin Fleisz
4ff1251488
Merge pull request #4236 from akallabeth/scan_fix_remastered
Scanbuild warning fixes
2017-11-17 13:02:46 +01:00
Armin Novak
1bb4f121b4 Fixed formatting. 2017-11-17 12:45:28 +01:00
Brent Collins
9ca9df1ead Make the new winpr_Digest*MD5_Allow_FIPS functions more generic to no longer be MD5 specific in design. This way the FIPS override
could easily be extended to more digests in the future. For now, an attempt to use these functions with anything other than MD5 will
not work.
2017-11-17 12:43:07 +01:00
Brent Collins
922a0fa495 Fix checks for openssl version numbers around fips changes, they were using an incorrect version matching 1.1.0 and not 1.0.1
Simplify the logic to enable openssl fips mode
2017-11-17 12:43:07 +01:00
Brent Collins
a0526317ea Fix the return values of the winpr_Digest_Init functions which were accidentally removed
during rework in previous checkin.
2017-11-17 12:43:07 +01:00
Brent Collins
68ab485e63 Fix logic error in reworked MD5 call for establishing keys, and fix some minor whitespace issues. 2017-11-17 12:43:07 +01:00
Brent Collins
7aa9e7a97f Fix variable definition placement to adhere to older C standard. 2017-11-17 12:43:06 +01:00
Brent Collins
5284100bb0 FIPS_mode() and FIPS_mode_set() does not exist in OpenSSL versions before 1.0.1 2017-11-17 12:43:06 +01:00
Brent Collins
2dddae738f Change initialization of EVP_CIPHER_CTX to use API function instead of trying to calloc().
Fix some warnings noted from build output.
2017-11-17 12:43:06 +01:00
Brent Collins
497ba442be Workaround for missing EVP_CIPH_FLAG_FIPS_NON_ALLOW flag in openssl 1.0.0. 2017-11-17 12:43:06 +01:00
Brent Collins
d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode.
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
2017-11-17 12:43:06 +01:00
David Fort
0d92c725c6
Merge pull request #4000 from akallabeth/ign_keyword_fix
Command line ignore empty if flag set
2017-11-16 13:26:01 +01:00
Armin Novak
7b58495e7b Fixed warnings and formatting. 2017-11-15 15:56:24 +01:00
Armin Novak
1fd6308ef5 Functions static, warnings fixed. 2017-11-15 15:56:24 +01:00
Armin Novak
90e1d39fec Fixed formatting and warnings. 2017-11-15 15:56:24 +01:00
Armin Novak
44dfaf7841 Fixed dead store warning. 2017-11-15 15:56:24 +01:00
Armin Novak
3baba6f9c0 Removed unused argument. 2017-11-15 15:56:24 +01:00
Armin Novak
f24158fe07 Fixed missing function return check. 2017-11-15 15:56:24 +01:00
Armin Novak
0aa5a83536 Fixed multiple warnings in parser 2017-11-15 15:56:21 +01:00
Armin Novak
26d079e53b Fixed compile warnings. 2017-11-15 15:54:38 +01:00
Armin Novak
4eb5b8e349 Replaced atoi 2017-11-15 15:52:16 +01:00
Armin Novak
8c2bd951ae Allow printing of custom arguments in help. 2017-11-15 15:25:34 +01:00
Armin Novak
65f4c560d3 Fixed uninitialized values and leaks. 2017-11-13 16:20:57 +01:00
dodo040
60406794ce fix Kerberos flavour's detection (MIT/Heimdal) and double free for MIT<1.13 2017-11-13 16:20:56 +01:00
dodo040
335de159b0 use SSIZE_T instead of ssize_t 2017-11-13 16:20:56 +01:00
dodo040
3e897a63cb remove useless includes 2017-11-13 16:20:56 +01:00
dodo040
e0a9999fb2 fix: GSS API init, enterprise name management, variable names and format code 2017-11-13 16:20:56 +01:00
dodo040
b81f168f0e initial commit for kerberos support 2017-11-13 16:20:55 +01:00
David Fort
de7d7e43c9 serial redirection: implement event char
The signotec signature device requires the eventChar support to work properly in
serial redirection mode. This implementation is basic but does the job for this
device.

Sponsored by: Rangee GmbH (http://www.rangee.de)
2017-11-06 22:26:17 +01:00
Armin Novak
269c78802d Fixed #4199: ConvertFindDataAToW string length 2017-10-31 16:52:08 +01:00
Mike Gilbert
5cd230ac74 winpr: _IoCreateDeviceEx: fix mkdir error check
The mkdir(2) function returns 0 on success, and -1 on error.

This resolves an error in TestIoDevice when /tmp/.device/ does not
exist.

Bug: https://bugs.gentoo.org/635838
2017-10-30 11:59:35 -04:00
Roman Kalashnikov
612e8b0710
Update semaphore.c 2017-10-28 11:59:23 +03:00
Roman Kalashnikov
4db363f107
Fixed Expression 'pComm != NULL' is always true
pComm was checked earlier in 1363 string:
`if (pComm == NULL)`
2017-10-28 01:48:41 +03:00
Roman Kalashnikov
67a97612e6
Fixed duplicated assigne 2017-10-28 01:46:06 +03:00
Armin Novak
3840b27945 Fixed file timestamps. 2017-10-12 11:28:07 +02:00
Armin Novak
bcfa434da2 Fixed resizing of PubSub 2017-09-25 13:33:04 +02:00
David Fort
babeb34d88 Merge pull request #4060 from akallabeth/icu_support
Using ICU instead of custom unicode conversion.
2017-09-25 09:33:58 +02:00
Bernhard Miklautz
bbd11eef1d Merge pull request #4045 from akallabeth/drive_fixes_overlayfs
Drive fixes overlayfs
2017-09-22 17:22:00 +02:00
David Fort
5115ecd948 Merge pull request #4063 from akallabeth/auth_fixes
Fixed leaks, certificate comparison and channel context cleanup
2017-08-30 10:19:12 +02:00
Bernhard Miklautz
52fbfb7b12 fix clang warnings, directly include wtypes.h (#4097)
* build: clang use -Wno-unused-command-line-argument

With clang 5.0 builds are quite noisy otherwise.

* Directly include wtypes.h

Directly include winpr/wtypes.h where _fseeki64 or _ftelli64 is used.

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning: parentheses-equality

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning: tautological-compare

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning:
incompatible pointer types passing 'size_t *' (aka 'unsigned
long *') to parameter of type 'UINT32 *' (aka 'unsigned int *')
[-Wincompatible-pointer-types]
2017-08-29 09:09:38 +02:00
Armin Novak
f143fcc298 Fixed data type, eliminate warning. 2017-08-16 15:45:11 +02:00
Armin Novak
9ebfbc1fcb FindNextFileAx, continue if a inalid file is found. 2017-08-16 10:25:23 +02:00
Bernhard Miklautz
ed36f55f3e Merge pull request #4088 from akallabeth/file_api_64bit_fixes
fseeko and ftello for 64bit file support.
2017-08-16 10:04:13 +02:00
Armin Novak
c3d4b7d262 fseeko and ftello for 64bit file support. 2017-08-14 08:42:49 +02:00
Armin Novak
82d9ebc380 Fixed FileSetFilePointer warnings 2017-08-10 16:56:20 +02:00