mirrors
/
FreeRDP
mirror of https://github.com/FreeRDP/FreeRDP
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,456 Commits 6 Branches 73 Tags 85 MiB
Commit Graph

11456 Commits

Author SHA1 Message Date
akallabeth b156b937fe
Merge pull request #3904 from bjcollins/master 
FIPS Mode support for xfreerdp
 2017-11-17 13:31:43 +01:00
Martin Fleisz 4ff1251488
Merge pull request #4236 from akallabeth/scan_fix_remastered 
Scanbuild warning fixes
 2017-11-17 13:02:46 +01:00
Armin Novak 1bb4f121b4 Fixed formatting. 2017-11-17 12:45:28 +01:00
Brent Collins 9ca9df1ead Make the new winpr_Digest*MD5_Allow_FIPS functions more generic to no longer be MD5 specific in design. This way the FIPS override 
could easily be extended to more digests in the future. For now, an attempt to use these functions with anything other than MD5 will
not work.
 2017-11-17 12:43:07 +01:00
Brent Collins e21f9e359b Initialize SSL directly in the sample server, instead of relying on the SSL initialize logic 
in the tls code as it was removed in a previous patch due to its redundancy.
 2017-11-17 12:43:07 +01:00
Brent Collins 922a0fa495 Fix checks for openssl version numbers around fips changes, they were using an incorrect version matching 1.1.0 and not 1.0.1 
Simplify the logic to enable openssl fips mode
 2017-11-17 12:43:07 +01:00
Brent Collins e47123f05a Do not initialize SSL in freerdp_context_new, it is too early to detect the fips enabled flag 
and is redundant since it is initialized later before actually using SSL.
 2017-11-17 12:43:07 +01:00
Brent Collins a0526317ea Fix the return values of the winpr_Digest_Init functions which were accidentally removed 
during rework in previous checkin.
 2017-11-17 12:43:07 +01:00
Brent Collins 1129634617 Move the disabling nla and setting the fips encryption mode based on fips 
mode to happen after argument parsing to ensure it always enforced.
 2017-11-17 12:43:07 +01:00
Brent Collins 68ab485e63 Fix logic error in reworked MD5 call for establishing keys, and fix some minor whitespace issues. 2017-11-17 12:43:07 +01:00
Brent Collins 7aa9e7a97f Fix variable definition placement to adhere to older C standard. 2017-11-17 12:43:06 +01:00
Brent Collins 5284100bb0 FIPS_mode() and FIPS_mode_set() does not exist in OpenSSL versions before 1.0.1 2017-11-17 12:43:06 +01:00
Brent Collins 2dddae738f Change initialization of EVP_CIPHER_CTX to use API function instead of trying to calloc(). 
Fix some warnings noted from build output.
 2017-11-17 12:43:06 +01:00
Brent Collins 497ba442be Workaround for missing EVP_CIPH_FLAG_FIPS_NON_ALLOW flag in openssl 1.0.0. 2017-11-17 12:43:06 +01:00
Brent Collins d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode. 
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
 2017-11-17 12:43:06 +01:00
David Fort 80cb1dd23c
Merge pull request #4242 from ccpp/afreerdp_versioncode_11 
Increase APK versionCode for aFreeRDP 2.0-rc1
 2017-11-17 09:36:50 +01:00
Christian Plattner a5f67d1203 Increase versionCode for aFreeRDP 2.0-rc1 2017-11-17 08:58:07 +01:00
David Fort 6666564493
Merge pull request #4186 from RangeeGmbH/multimonitor_primary_fix 
FreeRDP multimonitor: Use first command line element, then primary, …
 2017-11-16 15:26:03 +01:00
David Fort 0d92c725c6
Merge pull request #4000 from akallabeth/ign_keyword_fix 
Command line ignore empty if flag set
 2017-11-16 13:26:01 +01:00
akallabeth 668e347814
Merge pull request #4034 from blino/wayland-keymap 
Reuse evdev/X11 keymap for wayland
 2017-11-16 12:07:07 +01:00
Armin Novak ac0a912a20 Option to force password prompt before connection 
The idea is based on #3257.
If a non NLA connection is requested the password callbacks are not executed
and there is currently no way to read from stdin.
This extension of /from-stdin allows reading the passwords
before the connection is established.
 2017-11-16 09:55:45 +01:00
Martin Fleisz af0ac6daf1
Merge pull request #4237 from akallabeth/remove_atoi 
Replaced atoi
 2017-11-16 09:39:04 +01:00
Armin Novak 4ab26a334a Fixed resource cleanup. 2017-11-15 15:56:25 +01:00
Armin Novak 77134d9def Fixed formatting. 2017-11-15 15:56:25 +01:00
Armin Novak f39346ebe5 Fixed leaks and formatting. 2017-11-15 15:56:25 +01:00
Armin Novak ceda3d3f4a Fixed color for drawing rectangles. 2017-11-15 15:56:25 +01:00
Armin Novak 536ffbc31f Fixed missing function return check. 2017-11-15 15:56:25 +01:00
Armin Novak dbe418062f Fixed missing parameter checks. 2017-11-15 15:56:25 +01:00
Armin Novak bd7e4cd35a Fixed uninitialized variables. 2017-11-15 15:56:25 +01:00
Armin Novak 032c0164d1 Fixed missing error check. 2017-11-15 15:56:25 +01:00
Armin Novak 99f6c27488 Fixed uninitialized arguments. 2017-11-15 15:56:25 +01:00
Armin Novak 7b58495e7b Fixed warnings and formatting. 2017-11-15 15:56:24 +01:00
Armin Novak 1fd6308ef5 Functions static, warnings fixed. 2017-11-15 15:56:24 +01:00
Armin Novak 90e1d39fec Fixed formatting and warnings. 2017-11-15 15:56:24 +01:00
Armin Novak 44dfaf7841 Fixed dead store warning. 2017-11-15 15:56:24 +01:00
Armin Novak 3baba6f9c0 Removed unused argument. 2017-11-15 15:56:24 +01:00
Armin Novak f24158fe07 Fixed missing function return check. 2017-11-15 15:56:24 +01:00
Armin Novak 0aa5a83536 Fixed multiple warnings in parser 2017-11-15 15:56:21 +01:00
Armin Novak 26d079e53b Fixed compile warnings. 2017-11-15 15:54:38 +01:00
Armin Novak 7fd5b6f4a2 Fixed warnings and test return values. 2017-11-15 15:54:38 +01:00
Armin Novak 5ffde16883 Fixed NULL arguments and compile warnings. 2017-11-15 15:54:38 +01:00
Armin Novak 9859cfb736 Fixed dead store. 2017-11-15 15:54:38 +01:00
Armin Novak 4eb5b8e349 Replaced atoi 2017-11-15 15:52:16 +01:00
David Fort 7fe8648ab1
Merge pull request #3940 from akallabeth/custom_help_arguments 
Added a new function to allow printing help with additional arguments.
 2017-11-15 15:47:35 +01:00
David Fort 88ce5aa5fe
Merge pull request #4235 from akallabeth/avcodec_encode_video_fix 
Added encoder path for libavcodec versions <1.0
 2017-11-15 15:37:27 +01:00
Armin Novak 8c2bd951ae Allow printing of custom arguments in help. 2017-11-15 15:25:34 +01:00
Armin Novak e4873fe2c4 Added encoder path for libavcodec versions <1.0 2017-11-14 09:15:43 +01:00
David Fort f4f23454c9
Merge pull request #4233 from akallabeth/kerberos_rebased 
Kerberos rebased
 2017-11-13 17:39:27 +01:00
David Fort 6f2b849f20
Merge pull request #4232 from akallabeth/ffmpeg_compat 
Added compat define for missing format.
 2017-11-13 17:09:48 +01:00
David Fort 7bbc3cb8b7 Fix logic in nla_read_ts_credentials 2017-11-13 16:20:57 +01:00