Commit Graph

512 Commits

Author SHA1 Message Date
Armin Novak
855dc9abaf Clear message queue on free. 2018-02-09 10:29:18 +01:00
Armin Novak
50a0968c6a Removed unused variables. 2017-12-21 11:29:24 +01:00
Martin Fleisz
bfe8359b5b
Merge pull request #4239 from akallabeth/test_memleak_fixes
Test memleak fixes
2017-12-20 12:38:38 +01:00
Martin Fleisz
5cec90c781
Merge pull request #4305 from hardening/xrandr_fix
Fix XRandr for old systems and MacOSX
2017-12-13 17:24:41 +01:00
Martin Fleisz
f6b8a6eaa2
Merge pull request #4276 from akallabeth/big_endian_more
Big endian fixes
2017-12-13 09:58:14 +01:00
Armin Novak
7305828122 Fix #4239: Various memory leaks
* Fixed all tests, now can be run with -DWITH_ADDRESS_SANITIZER=ON compiled.
* Enabled address sanitizer for nightly builds.
2017-12-12 11:40:48 +01:00
Armin Novak
0a9ef97a57 Fixed uninitialized variable. 2017-12-12 10:35:02 +01:00
David Fort
41823080f9 Fix users of Stream_GetPosition() that returns size_t 2017-12-11 22:38:58 +01:00
Martin Fleisz
876a7697be
Merge pull request #4297 from akallabeth/cmd_parser_hardening
Fix #4296: Hardened command line post filter.
2017-12-05 14:40:03 +01:00
Greg V
bfe3af4c72 Fix LibreSSL build
LibreSSL does not support FIPS mode.
2017-12-01 18:34:48 +03:00
Armin Novak
78a0c4c618 Fix #4296: Hardened command line post filter. 2017-12-01 13:13:21 +01:00
Mike Gabriel
d4af7eaa59 fix/build: GNU/kFreeBSD is not FreeBSD 2017-11-27 17:04:52 +01:00
Armin Novak
c91900dfb3 Fixed big endian issues with bitmap read. 2017-11-24 12:03:46 +01:00
Ondrej Holy
6973b14eed Enable FIPS mode automatically
FreeRDP aborts if OpenSSL operates in FIPS mode and +fipsmode is not
manually specified. Let's prevent the abortion and enable the necessary
options in that case automatically.
2017-11-23 10:09:17 +01:00
akallabeth
b156b937fe
Merge pull request #3904 from bjcollins/master
FIPS Mode support for xfreerdp
2017-11-17 13:31:43 +01:00
Martin Fleisz
4ff1251488
Merge pull request #4236 from akallabeth/scan_fix_remastered
Scanbuild warning fixes
2017-11-17 13:02:46 +01:00
Armin Novak
1bb4f121b4 Fixed formatting. 2017-11-17 12:45:28 +01:00
Brent Collins
922a0fa495 Fix checks for openssl version numbers around fips changes, they were using an incorrect version matching 1.1.0 and not 1.0.1
Simplify the logic to enable openssl fips mode
2017-11-17 12:43:07 +01:00
Brent Collins
5284100bb0 FIPS_mode() and FIPS_mode_set() does not exist in OpenSSL versions before 1.0.1 2017-11-17 12:43:06 +01:00
Brent Collins
d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode.
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
2017-11-17 12:43:06 +01:00
David Fort
0d92c725c6
Merge pull request #4000 from akallabeth/ign_keyword_fix
Command line ignore empty if flag set
2017-11-16 13:26:01 +01:00
Armin Novak
f24158fe07 Fixed missing function return check. 2017-11-15 15:56:24 +01:00
Armin Novak
0aa5a83536 Fixed multiple warnings in parser 2017-11-15 15:56:21 +01:00
Armin Novak
26d079e53b Fixed compile warnings. 2017-11-15 15:54:38 +01:00
Armin Novak
4eb5b8e349 Replaced atoi 2017-11-15 15:52:16 +01:00
Armin Novak
8c2bd951ae Allow printing of custom arguments in help. 2017-11-15 15:25:34 +01:00
Armin Novak
bcfa434da2 Fixed resizing of PubSub 2017-09-25 13:33:04 +02:00
Bernhard Miklautz
52fbfb7b12 fix clang warnings, directly include wtypes.h (#4097)
* build: clang use -Wno-unused-command-line-argument

With clang 5.0 builds are quite noisy otherwise.

* Directly include wtypes.h

Directly include winpr/wtypes.h where _fseeki64 or _ftelli64 is used.

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning: parentheses-equality

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning: tautological-compare

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning:
incompatible pointer types passing 'size_t *' (aka 'unsigned
long *') to parameter of type 'UINT32 *' (aka 'unsigned int *')
[-Wincompatible-pointer-types]
2017-08-29 09:09:38 +02:00
Armin Novak
c3d4b7d262 fseeko and ftello for 64bit file support. 2017-08-14 08:42:49 +02:00
Valery Kartel
9bf9ff9e8a Fix build with LibreSSL 2017-07-26 17:12:14 +03:00
Armin Novak
0490aeb018 Fixed clang malloc integer overflow warnings. 2017-07-20 09:29:48 +02:00
Armin Novak
33a153c07d Command line ignore empty if flag set
When CommandLineParseArgumentsA is called with flag
COMMAND_LINE_IGN_UNKNOWN_KEYWORD return success if the
command line is empty.
2017-06-12 12:23:10 +02:00
Armin Novak
4be62f7047 Fixed OpenSSL 1.1 no legacy compile issues. 2017-04-06 11:25:25 +02:00
Armin Novak
09d43a66f4 Fixed tests and dead store warnings. 2017-03-28 16:49:56 +02:00
Aric Belsito
70ab61c8e6
Support LibreSSL
Broken by the addition of OpenSSL 1.1.0 support.
2017-03-19 13:58:24 -07:00
Armin Novak
3b56cd652f Fix format string is not a string literal 2017-03-14 10:56:00 +01:00
Alexander Zakharov
3f139108ff Fix Stack_Peek 2017-03-13 15:45:27 +03:00
Armin Novak
b574e196d9 Fixed WLog_PrintMessagePrefixVA
WLog_PrintMessagePrefixVA is called with format being a stack variable.
Always copy the data to message->PrefixString otherwise the information
will be lost whenever the stack is destroyed.
2017-03-03 14:11:28 +01:00
Armin Novak
99c45405cb Fixed GetEnvironmentVariable. 2017-03-03 12:43:00 +01:00
Armin Novak
b2c29158be Scanbuild warning, argument checks and leak fixes.
* Added Stream_GetRemainingCapacity to check remaining stream size
  before writes.
* Fixed shadow server memory leak.
* Fixed lots of scanbuild warnings
* Added missing argument checks in many functions
* Added missing static function declarations
2017-03-02 18:13:43 +01:00
Armin Novak
e9b5d78673 Fixed scanbuild warnings. 2017-02-20 14:28:33 +01:00
Armin Novak
c249705085 Fixed scanbuild warnings. 2017-02-20 13:45:19 +01:00
Armin Novak
198bc6d9e1 Fixed compiler warnings. 2017-02-16 13:17:49 +01:00
pony
a57adc3fde libwinpr-utils: fix 3 logic errors 2017-02-15 10:08:53 +01:00
Ilya Shipitsin
102913e808 make cppcheck a bit happier:
[channels/printer/client/printer_cups.c:103]: (error) Resource leak: fp
[server/Mac/mf_event.c:195]: (error) Memory leak: event_queue
[server/shadow/shadow_capture.c:233]: (error) Memory leak: capture
[winpr/libwinpr/sspi/test/TestSchannel.c:440]: (error) Memory leak: lpTokenIn
[winpr/libwinpr/thread/argv.c:198]: (error) Memory leak: lpEscapedChars
[winpr/libwinpr/utils/sam.c:312]: (error) Memory leak: entry
2017-01-25 17:09:25 +05:00
Norbert Federa
71ce3378da Merge pull request #3665 from realjiangms/fix_ssl_add_all_digests
Winpr/openssl: Fix digests initialization in multi-thread
2017-01-13 09:46:14 +01:00
Martin Fleisz
ac090520c3 Fix compilation with OpenSSL 1.1.0 using MSVC 2017-01-09 16:43:28 +01:00
zihao.jiang
a505a6cd27 Winpr/openssl: Fix digests initialization in multi-thread
SSL functions like OpenSSL_add_all_digests should be invoked at very beginning as they are not MT safe.
If not we might meet double free exception as following:

 #0  0x00007f23ddd71c37 in raise () from /lib/x86_64-linux-gnu/libc.so.6
 #1  0x00007f23ddd75028 in abort () from /lib/x86_64-linux-gnu/libc.so.6
 #2  0x00007f23dddae2a4 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
 #3  0x00007f23dddba55e in ?? () from /lib/x86_64-linux-gnu/libc.so.6
 #4  0x00007f23dc6ecfcd in CRYPTO_free () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 #5  0x00007f23dc6ef8d1 in OBJ_NAME_add () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 #6  0x00007f23dc77dcd8 in EVP_add_digest () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 #7  0x00007f23dc782321 in OpenSSL_add_all_digests () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 #8  0x00007f23c781da28 in winpr_openssl_get_evp_md (md=4) at /home/zihao/workspace/zihao_FreeRDP/winpr/libwinpr/crypto/hash.c:52
 #9  0x00007f23c781dccb in winpr_Digest_Init (ctx=0x7f22d064d470, md=<optimized out>) at /home/zihao/workspace/zihao_FreeRDP/winpr/libwinpr/crypto/hash.c:344
 #10 0x00007f23d486139b in security_salted_mac_signature (rdp=0x7f23859f5a20, data=0x7f238542d4fb "\004\204\022\004", length=4743, encryption=<optimized out>, output=0x7
     at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/security.c:378
 #11 0x00007f23d488d73f in fastpath_send_update_pdu (fastpath=<optimized out>, updateCode=4 '\004', s=0x7f23859f5f40, skipCompression=true)
     at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/fastpath.c:1076
 #12 0x00007f23d4891c4f in update_send_surface_frame_bits (context=0x7f23859f5540, cmd=0x7f22b2ffcc80, first=true, last=true, frameId=6)
     at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/update.c:1041

Related reports: https://rt.openssl.org/Ticket/Display.html?id=2216&user=guest&pass=guest
2016-12-28 03:48:40 +08:00
Norbert Federa
f71b6b46e8 fix string format specifiers
- fixed invalid, missing or additional arguments
- removed all type casts from arguments
- added missing (void*) typecasts for %p arguments
- use inttypes defines where appropriate
2016-12-16 13:48:43 +01:00
Armin Novak
8a80a10bc3 Fixed format specifier mismatch. 2016-12-02 12:04:53 +01:00