Commit Graph

9329 Commits

Author SHA1 Message Date
Martin Haimberger
d9e2834a70 channel smartcard hardend 2015-07-09 03:00:19 -07:00
Armin Novak
18cea1c9ba Replaced cbMaxSignature with cbSecurityTrailer
The token buffer size during authentication was constructed
from the wrong buffer size. These sizes are equal in case of
local account logins but differ with domain accounts.
2015-07-09 10:09:18 +02:00
Armin Novak
ecf6ffdcce Fixed CompleteAuthToken return check. 2015-07-09 09:57:45 +02:00
Armin Novak
cb01e540ba Fixed CompleteAuthToken return check. 2015-07-09 09:49:12 +02:00
Marc-André Moreau
aae86d61ce channels/rdpgfx: fix TotalDecodedFrames counter 2015-07-08 14:16:29 -04:00
Armin Novak
2fe5ecfc1b Fixed wrong output in log messages. 2015-07-08 17:41:23 +02:00
Martin Fleisz
9a2d33af12 Fixed missing encrypt / decrypt success check.
The return of EncryptMessage and DecryptMessage was unchecked.
This lead to PLAINTEXT to be sent over the wire, a major security
issue.
2015-07-08 17:41:23 +02:00
Armin Novak
48ccf73a36 More SSPI logging. 2015-07-08 17:41:22 +02:00
Armin Novak
5b0ee9b7ab Error checks and readable log messages. 2015-07-08 17:41:22 +02:00
Armin Novak
7360cb638a Erasing memory on credentials or SecBuffer free. 2015-07-08 17:41:21 +02:00
Martin Fleisz
3b87cc0c07 Fixed server and client NLA state machine.
When using NULL credentials (current context)
the server state machine did not send back the
required authentication token.
On client side erroneous checks prevented sending
the appropriate public key.
2015-07-08 17:41:21 +02:00
Marc-André Moreau
23f9b3bbc0 channels/rdpgfx: reset state on channel close 2015-07-08 11:17:56 -04:00
Marc-André Moreau
11f785290f channels/drdynvc: use same status code as mstsc for DVC opening failure 2015-07-07 13:36:36 -04:00
Armin Novak
0120ee75ca Resetting frontBio after read now. 2015-07-07 14:48:27 +02:00
Marc-André Moreau
3781e803ed channels/rdpgfx: improve frame ack handling 2015-07-06 16:28:52 -04:00
MartinHaimberger
ba34ff6096 Merge pull request #1 from hardening/mhchannel
Mhchannel
2015-07-06 16:52:19 +02:00
David FORT
b83ab92776 Hardened urbdrc channel 2015-07-06 16:46:21 +02:00
David FORT
1b7140d84e Fixed some more checks in rdpsnd channel 2015-07-04 00:17:37 +02:00
Armin Novak
cf9f975341 Replaced snprintf with sprintf_s 2015-07-03 13:26:15 +02:00
MartinHaimberger
358289fb51 Merge pull request #2764 from akallabeth/pull_fixes
Pull fixes
2015-07-03 13:04:37 +02:00
Armin Novak
40a7f2c995 Added missing include breaking windows build. 2015-07-03 12:46:28 +02:00
Armin Novak
776f15e135 Fixed inverted bAttached setting.
If bAttached is TRUE, the resources of the event are not
cleaned up on CloseHandle.
2015-07-03 12:42:04 +02:00
MartinHaimberger
282f15795d Merge pull request #2762 from akallabeth/handle_write_event
Add write event support to HANDLE
2015-07-03 11:36:00 +02:00
Armin Novak
4e7c03fabf Added error checks and resource cleanup. 2015-07-03 11:26:22 +02:00
Armin Novak
c21de0dae6 Fixed pr comments. 2015-07-03 11:13:48 +02:00
MartinHaimberger
83641a3a97 Merge pull request #2761 from akallabeth/sample_server_port_arg
Updated sample server.
2015-07-03 10:44:35 +02:00
Armin Novak
82da97e606 Updated sample server.
* Added new command line argument --port to allow starting the
  sample server on a port different than default 3389.
* Using GetKnownSubPath now to determine location of temporary
  directory for server socket.
* Using distinct server socket files for each port.
2015-07-03 10:04:24 +02:00
Armin Novak
d18b0fbeb4 Handle API updated. 2015-07-03 09:52:52 +02:00
Armin Novak
77204aa6b6 WSAEventSelect: Handle lNetworkEvents == 0
WSAEventSelect did ignore the lNetworkEvents argument.
In case this argument is 0, the non blocking socket must
be set to blocking again to mimic windows behavior.
2015-07-03 09:29:36 +02:00
Armin Novak
6243a9374b Added write event support to handle functions.
Allows the WinPR HANDLE functions WaitForSingleObject and
WaitForMultipleObjects to signal in case of write events.
This is used by CreateFileDescriptor and SetEventFileDescriptor,
which got an API change accomodating for this new feature.
2015-07-03 09:29:18 +02:00
Armin Novak
7dc96c412f Added convenience function winpr_log_backtrace. 2015-07-03 09:22:02 +02:00
Bernhard Miklautz
f24240630d Merge pull request #2759 from bmiklautz/fix/cliprdp
x11/cliprdr: handle empty format names
2015-07-02 16:28:55 +02:00
Bernhard Miklautz
b6a799e5d0 x11/cliprdr: handle empty format names
The recently added strdup checks ignored the fact that format names
can be NULL.
2015-07-02 15:39:35 +02:00
Hardening
c8a71a2695 Merge pull request #2747 from ilammy/egfx-missing-events
Do not discard events when updating EGFX surface mapping
2015-07-02 15:08:31 +02:00
David FORT
ea679b2d8b Hardened TSMF channel
This patch adds some checks for the TSMF channel:

* checks malloc / calloc / strdup / _strdup return value
* checks for available bytew before reading in a stream
2015-07-02 14:32:05 +02:00
Hardening
87c5377f42 Merge pull request #2758 from bmiklautz/fix/CreateProcess
CreateProcess misc fixes
2015-07-02 13:11:06 +02:00
Bernhard Miklautz
c7adb569ff CreateProcess: fix setting of default handler
If SA_SIGINFO isn't set in the flags sa_handler is used
instead of sa_sigaction.

This fixes also the compiler warning:

FreeRDP/winpr/libwinpr/thread/process.c: In function ‘_CreateProcessExA’:
FreeRDP/winpr/libwinpr/thread/process.c:282:20: warning: assignment from
       incompatible pointer type [enabled by default]
2015-07-02 12:25:48 +02:00
Bernhard Miklautz
be53e9e029 CreateProcess: two fixes
* change to lpCurrentDirectory if set even if no token was supplied
* fix wrong check - add missing !

This was part of akallabeth's PR #2714.
2015-07-02 12:05:46 +02:00
Bernhard Miklautz
fedd59816b Merge pull request #2757 from nfedera/nf-fix-createprocess-signals
winpr: fix CreateProcess signal handler issues
2015-07-02 12:02:51 +02:00
Norbert Federa
c84e90bf06 winpr: fix CreateProcess signal handler issues
The calling thread of CreateProcess can be in any library and
can have arbitrary signal masks and handlers.

We now save the caller's mask and  block all signals before forking.
After fork:
- child resets the handlers and unblocks all signals.
- parent restores the caller's original signal mask.
2015-07-02 11:28:06 +02:00
Hardening
873a25621d Merge pull request #2754 from akallabeth/mixed_code
Fixed mixed declarations and code.
2015-07-02 09:27:27 +02:00
Hardening
ac93b26ba8 Merge pull request #2750 from realjiangms/fix_win32_wsaevent
Fix event created for WSAEventSelect
2015-07-02 09:26:13 +02:00
zihao.jiang
491978b0e3 server/shadow: Enhancement regarding the screen and resolution - add resize support and fix subRect feature
Detail fixes:
1. Add resize support in shadow framework layer
2. Enhance X11 implementation to detect desktop resolution change
3. Fix the subRect feature.
It seems not completely finished and it looks incompatible in different source code.
Fix it to be consistent in all source code as following:
a. The subRect is only awared in framework layer, subsystem implementation should not be aware of it. It only take effect at shadow_client and corresponding shadow_input.
b. The screen and surface should only represent a monitor screen. They don't need to consider subRect feature.
4. A lobby should be alternative image shown to client when the client is not 'mayView'.
We don't need to have seperate lobby for each client, move it into server structure as 'another surface'
5. Fix display handle leak in enum monitor of X11
6. Suppress BadMatch Error while capturing the image
2015-07-01 23:57:20 +08:00
zihao.jiang
f7a1b467cc server/shadow: Remove comments in define. 2015-07-01 22:28:51 +08:00
Bernhard Miklautz
b89ea3d902 Merge pull request #2753 from akallabeth/nla_null_auth_fix
nla: Fixed handling of optional TSPasswordCreds field.
2015-07-01 16:23:00 +02:00
Armin Novak
78eeb861d5 Fixed mixed declarations and code. 2015-07-01 16:20:56 +02:00
Armin Novak
3a9db563fd NLA: Fixed length check. 2015-07-01 16:05:11 +02:00
Armin Novak
8479c824fd Fixed handling of optional TSPasswordCreds field. 2015-07-01 15:30:38 +02:00
Martin Fleisz
59e2801848 Merge pull request #2752 from akallabeth/nla_user_length_fix
NLA decrypt credentials fixed.
2015-07-01 14:49:00 +02:00
Armin Novak
6c0e1af4af NLA decrypt credentials fixed. 2015-07-01 14:31:55 +02:00