mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,328 Commits 6 Branches 74 Tags 84 MiB
74c15a6309
Commit Graph

243 Commits

Author SHA1 Message Date
Armin Novak
75ae38dff2 Silenced VerifyX509Certificate logging. 
Now only writing log entries if something was an actual
error, otherwise stay silent.
 2015-10-16 11:04:42 +02:00
Marc-André Moreau
87780a850d Merge branch 'master' of github.com:FreeRDP/FreeRDP into mbedtls 2015-10-09 15:58:50 -04:00
Marc-André Moreau
9c35b73fb6 libfreerdp-core: fix gateway connectivity on Windows 2015-09-17 14:32:40 -04:00
Marc-André Moreau
8e3baed882 cmake: add mbed TLS detection 2015-09-15 20:52:46 -04:00
Marc-André Moreau
c0a887da17 libfreerdp-crypto: add locking of operations dealing with SSL* 2015-09-15 19:59:41 -04:00
Marc-André Moreau
3f2915eb78 libfreerdp-core: alternative RDG BIO fix 2015-09-15 13:03:11 -04:00
Marc-André Moreau
12ce635b34 libfreerdp-core: fix code style 2015-09-15 10:37:57 -04:00
Denis Vincent
6d55635ed0 libfreerdp-core: Gateway RDP8 BIO correction. Fixes connection losses. 2015-09-15 09:03:39 -04:00
Armin Novak
dfa7ac6434 Ensure output of crypto_base64_decode is NULL terminated. 2015-08-27 09:34:33 +02:00
Armin Novak
fc929fbc7f Using lowercase hostname for comparison now. 
fixed argument mixup.
 2015-07-13 15:52:06 +02:00
Armin Novak
ca7c34ff35 Fixed comparison bug, cleanup and error handling. 2015-07-13 14:16:04 +02:00
Bernhard Miklautz
798df32fd9 Integrate pull request feedback 
* unify fwrite usage - set nmemb to 1 and the size to the size to write.
 2015-07-01 12:22:32 +02:00
Bernhard Miklautz
1cee185e3c hardening: check fread and fwrite return values 2015-06-26 20:38:30 +02:00
Norbert Federa
20878e50fe Merge pull request #2724 from bmiklautz/leak_fix 
Fix leaks in certificate and identity handling
 2015-06-26 15:30:00 +02:00
Armin Novak
6698e24228 Fixed leaks, NULL dereferences and broken init. 2015-06-23 21:29:21 +02:00
Bernhard Miklautz
2e87d0ee52 Fix leaks in certificate and identity handling 2015-06-23 15:40:37 +02:00
David FORT
7c3f8f33ab Fixes for malloc / calloc + other fixes 
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
 2015-06-22 19:21:47 +02:00
Vic Lee
2e11eac79a Merge pull request #2675 from akallabeth/path_make_path 
Added PathMakePath function.
 2015-06-18 02:43:47 +00:00
Armin Novak
b43c9f9060 Renamed file to known_hosts2. 2015-06-12 09:30:01 +02:00
Armin Novak
9dd9c35cee Updated tests. 2015-06-11 11:34:36 +02:00
Armin Novak
3dda4eb0cf Added NULL pointer checks, fixed warnings. 2015-06-11 11:34:22 +02:00
Armin Novak
7fc1c65165 Added subject and issuer to saved data. 
When a certificate has changed, display not only the
fingerprint but also subject and issuer of old certificate.
 2015-06-11 11:21:23 +02:00
Armin Novak
7786cf1376 Fixed fingerprint comparison, return value was inverted. 2015-06-11 09:59:04 +02:00
Armin Novak
90d836193c Fixed formatting. 2015-06-11 09:58:58 +02:00
Armin Novak
3d27055539 Added test for fingerprint read. 2015-06-11 09:24:55 +02:00
Armin Novak
b983d8e595 Fixed data replace. 2015-06-11 09:24:53 +02:00
Armin Novak
acc96388a5 Added certificate_get_fingerprint function to read out old one. 2015-06-11 09:14:15 +02:00
Armin Novak
2204df97f8 Added port to certificate warnings. 2015-06-10 10:59:40 +02:00
Armin Novak
ef0b9abf15 Using binary mode for fopen. 2015-06-10 10:47:59 +02:00
Armin Novak
ebad760aff Opening correct file. 2015-06-10 10:40:01 +02:00
Armin Novak
f4843e8ab3 Opening file on use now. 2015-06-10 10:34:02 +02:00
Armin Novak
05755b73ad Working unit test for known_hosts functions. 2015-06-10 09:15:38 +02:00
Armin Novak
98fc5b6e93 Fixed bugs found due to test. 2015-06-10 09:15:28 +02:00
Armin Novak
991fc39a62 Added unit test. 2015-06-09 18:03:32 +02:00
Armin Novak
6192230737 Added legacy known_hosts support. 
If no entry for the <host> <port> combination
was found in the v2 file and there is a legacy file
check if a matching <host> entry can be found.
In case there is a matching entry and the <fingerprint>
also matches, create a new entry in the v2 file using the
current port.
 2015-06-09 16:12:41 +02:00
Armin Novak
6da4a5aaf0 Using '<host> <port> <fp>' format for known hosts. 2015-06-09 15:33:13 +02:00
Armin Novak
7403cdc60c Added PathMakePath function. 2015-06-09 13:16:28 +02:00
Norbert Federa
1eff1a345e free can handle NULL perfectly fine 2015-05-11 09:07:39 +02:00
Norbert Federa
f9f59cd29b Fix unchecked CreateDirectory calls 2015-05-07 13:28:13 +02:00
David FORT
c03bf75896 Take in account @nfedera's comments 2015-04-07 21:06:53 +02:00
David FORT
8685a8e0a2 Fixed missing return value 2015-04-01 14:24:37 +02:00
David FORT
9bb4d64608 Correctly handle HMAC_Init_ex() for older versions of OpenSSL 2015-04-01 14:12:08 +02:00
David FORT
0eb399a717 Treat return values for security.c 
This patch make functions in security.c return values when they should instead of
beeing void. And it also fix the callers of these functions.
 2015-04-01 11:11:37 +02:00
Marc-André Moreau
ad6723835b Merge pull request #2505 from bmiklautz/tls_shutdown 
rename and update tls_disconnect
 2015-03-31 09:26:30 -04:00
Norbert Federa
1ba681fecc crypto: support MSFT iOS clients with faulty SNI 
Microsoft iOS Remote Desktop Clients eventually send NULL-terminated
hostnames in SNI which is not allowed in the OpenSSL implementation.

Since we're not using SNI this commit adds an OpenSSL TLS extension
debug callback which modifies the SSL context in a way preventing it
from parsing this extension
 2015-03-30 13:48:51 +02:00
Bernhard Miklautz
90968e07e1 rename and update tls_disconnect 
tls_disconnect shut down the ssl stream but didn't inform
the BIO(s) about this therefore could happen that a second shut down
was initiated (e.g. in bio_rdp_tls_free) causing rather long delays.

After removing the shut down from tls_disconnect the only thing the
function does is to prepare/send an alert therefore it was renamed to
tls_send_alert.
 2015-03-30 11:56:09 +02:00
Vic Lee
5f375d0a6f tls: revert checking SSL_ERROR_SYSCALL which may cause deadlock. 2015-03-25 16:07:39 +08:00
Martin Fleisz
5fa777b11c Merge pull request #2482 from llyzs/llyzs 
tls: fix error handling of no error code.
 2015-03-23 16:06:12 +01:00
Vic Lee
2137ccc3db tls: retry for all SSL_ERROR_SYSCALL errors. 2015-03-20 10:03:30 +08:00
Marc-André Moreau
dc913d9f2c libfreerdp-core: fix some RDG valgrind issues 2015-03-17 16:09:17 -04:00