Armin Novak
6e6559c41a
[settings] fix type mismatch warnings
2023-11-24 14:54:56 +01:00
akallabeth
cd4d77af86
[settings] add deprecation warnings
...
direct struct access to rdpSettings now produces warnings if not
explicitly deactiaved by defining FREERDP_SETTINGS_INTERNAL_USE
2023-11-24 14:54:56 +01:00
akallabeth
1163cc4d5c
[core] add internal settings.h include
2023-11-24 14:54:56 +01:00
Armin Novak
32c65dbdfc
[crypto,tls] only print fingerprint in log
...
printing the whole PEM to log is too verbose, just use the fingerprint
instead.
2023-10-25 13:15:35 +02:00
Armin Novak
53b65ff7bd
[documentation] fix Wdocumentation warnings
2023-10-16 15:10:13 +02:00
akallabeth
d44f9528a1
[ssl] use proper names for TLS_*_method
...
only use deprecated SSLv23_*method on old versions of SSL
2023-10-10 19:35:27 +02:00
akallabeth
b9fdd88bd7
[crypto,tls] reset tls context before setting
...
clean up old tls context before setting a new one
2023-09-21 10:00:19 +02:00
akallabeth
9a460d38fc
[crypto,tls] free tls bindings before set
...
Free possibly allocated bindings before setting new ones
2023-09-21 10:00:19 +02:00
akallabeth
d275e083ec
[crypto,tls] free existing public key
...
before updating the public key free possible existing data.
2023-09-21 10:00:19 +02:00
Armin Novak
6399635abf
[core] fix leaks reported in #9400
2023-09-19 09:35:52 +02:00
David Fort
8a39859612
[arm] various improvements
...
This patch moves the ARM configuration before starting the connection process, so
that we can do some provisioning of the FreeRDP settings with the items retrieved
from Azure.
Most notably that allows us to connect directly using RDSTLS security.
2023-09-04 10:24:56 +02:00
David Fort
361da15eed
[crypto] extend base64 to output crLf when encoding
...
Some windows APIs do put \r\n every 64 characters of the output of a
base64 encoded blob. The extended version of crypto_base64_encode allows
to do the same.
2023-09-04 10:24:56 +02:00
Rubycat
68b1614b66
Do not fail on certificates without subject
...
It is possible to implement an rdp client that accepts certificates by
fingerprint by using VerifyCertificateEx. In case the server uses a
certificate without subject (which, apparently, is not mandated by X509)
freerdp_certificate_data_load_cache fails and the certificate is refused
even before calling VerifyCertificateEx. This commit changes
freerdp_certificate_data_load_cache to consider that missing subject is
the same as an empty string.
Also downgrade the log message complaining about missing subject and
issuer to a warning.
2023-08-21 16:03:36 +02:00
Marc-André Moreau
8c670b177b
fix freerdp_key_generate for some versions of OpenSSL (null key->evp)
2023-08-15 15:00:49 +02:00
Armin Novak
0afa2e88b5
[crypto,cert] imrove logged warnings for certificates
2023-07-31 08:32:43 +02:00
Armin Novak
0bdb62e9b5
[libfreerdp] fix integere narrow warnings
2023-07-28 15:48:32 +02:00
Armin Novak
64f4fe397c
[crypto,tls] fixed sign warnings
2023-07-27 21:05:43 +02:00
Armin Novak
e61880d077
[standard] replace __FUNCTION__ with __func__
2023-07-27 20:02:43 +02:00
akallabeth
e03b6596c6
[build] fix unused but set variable warnings
2023-06-29 18:34:51 +02:00
Marc-André Moreau
4d4dcd4511
Fix usage of explicit server name when different from connection host
2023-06-13 09:20:17 -04:00
akallabeth
a64dd36073
[build] fixed const warnings
2023-06-12 16:32:23 +02:00
Armin Novak
b05eacb99e
[build] fixed compilation warnings
2023-06-08 08:13:16 +02:00
Armin Novak
970f0c54e8
[stream] use const correct Stream_Pointer access
2023-06-08 08:09:33 +02:00
Armin Novak
a4c6b36a19
[build] fix memory sanitizer stack frame warnings
2023-06-07 09:14:45 +02:00
akallabeth
b8f7b59fff
[warnings] fix casts and return
2023-05-24 08:24:32 +02:00
akallabeth
df76b59da7
[warnings] fix -Wshadow
2023-05-24 08:24:32 +02:00
akallabeth
066276a85a
[warnings] fix -Wsometimes-uninitialized
2023-05-24 08:24:32 +02:00
akallabeth
3f6ed5ed84
[crypto,cert] fix debug print messages
2023-05-23 08:51:18 +02:00
Armin Novak
d684acb0a3
[crypto,cert] fix update_x509_from_info for OpenSSL3
...
loading a RSA public key from the parameters was broken, fix with this
commit.
2023-05-17 14:06:58 +02:00
akallabeth
cba9db727d
[crypto,cert] fix missing char casts
2023-05-16 09:33:35 +02:00
akallabeth
07d1190200
[crypto,privatekey] fix const warnings
2023-05-16 09:33:35 +02:00
akallabeth
b698655176
[crypto,key] add functions for aad
...
* create digest sign context
* get parameters of private key
2023-05-10 09:59:10 +02:00
Armin Novak
7212621eae
[proxy,config] PEM length must contain '\0'
2023-05-08 22:54:53 +02:00
Armin Novak
8b6d05f90f
[crypto] fix key decrypt inconsistencies
2023-04-28 08:33:06 +02:00
akallabeth
6c38e20e4e
[crypto,cert] add openssl3 support
2023-04-28 08:33:06 +02:00
akallabeth
9ebbeeb2f6
[crypto,pkey] add openssl3 support
2023-04-28 08:33:06 +02:00
akallabeth
516668d02b
[fclose] ensure no invalid pointers are passed.
...
fclose has undefined behaviour for NULL pointers, so check for these.
2023-04-28 07:39:35 +02:00
Armin Novak
afc29ce777
[crypto,cert] fix cert_write_server_certificate_v2
2023-04-24 10:58:01 +02:00
Armin Novak
91b0f6d444
[crypto,cert] remove too strict assert
2023-04-24 10:58:01 +02:00
Armin Novak
50ce5b834d
[core,server] warn if cert not RDP security compatible
2023-03-28 17:19:03 +02:00
fifthdegree
304ce6d702
Test base64url en/decoding
...
Add tests for base64url and fix a bug discovered while doing that
2023-03-10 16:38:07 +01:00
fifthdegree
8d6c92c037
Implement base64url encoding/decoding
...
Tweak the base64 functions to allow for encoding and decoding base64url
as well
2023-03-10 16:38:07 +01:00
Armin Novak
3a6566d35e
[crypto,key] fix missing rdpCertInfo clone
2023-03-06 11:31:19 +01:00
Armin Novak
77943d4329
[warnings] Fixed missing-prototypes warnings
2023-03-06 10:04:59 +01:00
Armin Novak
3d8cb485f4
[warnings] Fixed strict-prototypes warnings
2023-03-06 10:04:59 +01:00
Armin Novak
e496771034
[warnings] fixed unused-variable warnings
2023-03-06 10:04:59 +01:00
Armin Novak
ae8f0106bd
[core,redirect] extract and check redirection cert
...
* extract the certificate from the redirection PDU
* if there is a certificate provided accept it if it matches the
redirection target certificate without further user checks
2023-02-28 15:49:58 +01:00
David Fort
b8814e723a
fix some warning with the use of new crypto functions
2023-02-28 07:59:40 +01:00
akallabeth
392340d5fd
Fix #8702 : Disable sha3 and shake hashes for libressl
2023-02-22 11:47:37 +01:00
akallabeth
66245e7a00
[crypto,cert] remove rsa check
...
the rsa keys to be checked are on the deprecation list for most SSL
libraries so the function might fail unexpectedly
2023-02-16 10:06:17 +01:00