It might happen that the username/domain/password strings are set to an
empty string. This means that the null pointer check will pass but the
application will assert in the copy helper function.
This fix simple checks the length of the identity strings and only calls
copy in case the length is greater than 0.
In native windows SSPI, AcceptSecurityContext and InitializeSecurityContext return
SEC_E_INVALID_HANDLE if the provided context is an empty context. Add the checks so
that our SSPI implementation behave the same way.
* Kerberos: correctly set principal when no service part is provided
* Kerberos: don't expect a krb_ap_rep when mutual auth was not requested
* Kerberos: include gss header in max signature length
* Negotiate: tolerate optimistic token being the final one
* Kerberos: support channel bindings
* Negotiate: pass channel bindings to sub-mechanism
* NTLM: tolerate receiving an input buffer desc on first call
* Fixed format strings to match arguments
Reviewed and replaced all %d specifiers to match proper type
* Added proxy dynamic channel command type to log messages.
* Fix build with mingw
4a71cab2e7 broke wf_events.c.
The drive channel was not building because of missing definitions.
* winpr: make functions return False when not implemented
This patch improves waiting on process handles:
* under linux we take advantage of pidfd if available, when it can be used it
allows to have one or more process in the objects that are WaitForMultipleObject-ed.
* the patch also make the code honor the timeout parameter during a WaitForSingleObject and
possibly run completion when WaitForSingleObjectEx is executed with alertable set to true
* Fixed TestUri unit test
* Make proper unit test out of the test function
* Add proper test cases
* Replace FindFirstFileA with FindFirstFileW for addins
This allows addin paths to contain unicode symbols.
* Fixed parse_uri_to_local_file definition
* Move to common clipboard.c file
* Move to header file so it can be included in test case
* Added WINPR_LOCAL for test builds
This macro exports internal functions in case of a unit test build
This way unit tests can access these without other workarounds.
* Fixed typo in function name is_dos_driver
* Cleaned up FindFirstFileW call
Use a wrapper function to convert to unicode and call the function
* Cleaned up BUILD_TESTING and EXPORT_ALL_SYMBOLS
* EXPORT_ALL_SYMBOLS now does as the name implies and exports all
non static functions/variables from the library.
* BUILD_TESTING now only sets the defines for test code and
activates EXPORT_ALL_SYMBOLS to allow tests to access internal
code
* Fixed windows client warnings
* disable CMAKE_WINDOWS_EXPORT_ALL_SYMBOLS
This patch adds some checks for the type of object in Event and Thread functions,
this may help to find bugs where a handle with the wrong type is used as argument
of these functions.
URI is specified by RFC 8089: https://datatracker.ietf.org/doc/html/rfc8089
Local files:
o A traditional file URI for a local file with an empty authority.
For example:
* "file:///path/to/file"
o The minimal representation of a local file with no authority field
and an absolute path that begins with a slash "/". For example:
* "file:/path/to/file"
o The minimal representation of a local file in a DOS- or Windows-
based environment with no authority field and an absolute path
that begins with a drive letter. For example:
* "file:c:/path/to/file"
o Regular DOS or Windows file URIs with vertical line characters in
the drive letter construct. For example:
* "file:///c|/path/to/file"
* "file:/c|/path/to/file"
* "file:c|/path/to/file"
* xfreerdp: fix typo in logs
* winpr: file appender, small code cleanup
* shadow-server: add an option for TLS secrets
This allows to dissect connections to the shadow server.
* add support for 64-bit big-endian encoding
* kerberos: drop reliance on gssapi and add user 2 user support
* Fix local variable declared in the middle of the function body
* kerberos: add ccache server option
Co-authored-by: fifthdegree <fifthdegree@protonmail.com>
Co-authored-by: David Fort <contact@hardening-consulting.com>
* winpr: add lock operation on HashTables
* drdynvc: change the listeners array for a hashtable and other micro cleanups
* logonInfo: drop warning that is shown at every connection
Let's avoid this log, we can't do anything if at Microsoft they don't respect
their own specs.
* rdpei: fix terminate of rdpei
* drdynvc: implement the channel list with a hashtable by channelId
When using the wClipboard API, the connected peer might not be on the
Windows platform, where further filename restriction exists.
As a result, it is currently not possible to use the wClipboard API,
when intending to allow filenames, containing characters like ':'.
So, add a callback to the wClipboardDelegate, which is set to the
ValidFileNameComponent call by default.
This callback can be overridden by the API user, when it is known, that
there is no need to impose very strict filename restrictions.
This patches adds support for octet string containers that are used by SPNego
(a subfield is contained in an octet string record).
It also adds a performance test to test reallocations in asn1 encoder.
It fixes reallocation problems for both chunks and containers.
With LibreSSL 2.7.0 (or newer versions) some more structs have made
opaque, which requires a few changes:
- BIO_meth_new() and related functions are now defined by LibreSSL, the
versions from opensslcompat.{h,c} does not need to be used anymore.
- HMAC_CTX is now opaque, HMAC_CTX_new(), EVP_MD_CTX_new, and related
functions should be used instead in winpr's hash.c.
_align_XXX functions aren't widely available depending on the C runtime. That causes
problems with mingw where we can easily have some runtime mixes (which lead to mysterious
segfaults most of the time). This patch introduce winpr_aligned_XXX functions that will
either use the function available, or use an emulation layer.
* Added tests for freerdp_[static|dynamic]_collection_* functions
* Added settings unit test for clone functions
* Fix argument for winpr_RAND and winpr_RAND_pseudo
Using void* eliminates all assumptions of which type the buffer is.
This eliminates unnecessary warnings.