mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,743 Commits 6 Branches 74 Tags 84 MiB
752ac3b479
Commit Graph

180 Commits

Author SHA1 Message Date
Armin Novak
8479c824fd Fixed handling of optional TSPasswordCreds field. 2015-07-01 15:30:38 +02:00
Armin Novak
6c0e1af4af NLA decrypt credentials fixed. 2015-07-01 14:31:55 +02:00
Norbert Federa
20878e50fe Merge pull request #2724 from bmiklautz/leak_fix 
Fix leaks in certificate and identity handling
 2015-06-26 15:30:00 +02:00
Bernhard Miklautz
77ef5a80de nla: clear identity memory before releasing 2015-06-26 15:12:33 +02:00
Armin Novak
e8bfa29bd2 Replaced registry keys with cmake defines. 2015-06-24 14:02:48 +02:00
Bernhard Miklautz
2e87d0ee52 Fix leaks in certificate and identity handling 2015-06-23 15:40:37 +02:00
Armin Novak
212db120e0 Fixed NULL pointer dereference. 2015-06-23 12:07:38 +02:00
Bernhard Miklautz
09445c2b0e nla and cmdline: integrated feedback 
* fix possible problems with 0 size lengths
* add return value checks
 2015-06-23 10:14:11 +02:00
Bernhard Miklautz
06502e6a91 misc: integrate pull request feedback 2015-06-22 19:24:30 +02:00
David FORT
7c3f8f33ab Fixes for malloc / calloc + other fixes 
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
 2015-06-22 19:21:47 +02:00
Bernhard Miklautz
bf73f4e4f1 Fix unchecked strdups 
* add missing checks
* adapt function return values where necessary
* add initial test for settings
 2015-06-22 19:09:59 +02:00
Marc-André Moreau
3b3ffce042 Merge pull request #2705 from akallabeth/sspi_fix_v2 
Sspi fix v2 - Fixes static build
 2015-06-22 10:19:22 -04:00
Marc-André Moreau
1e39d7728c Merge pull request #2702 from akallabeth/nla_null_identity_support 
NLA Use current users credentials if none provided.
 2015-06-22 08:53:05 -04:00
Armin Novak
3c329aa207 Using InitSecurityInterfaceEx(0) now. 2015-06-17 13:23:44 +02:00
Armin Novak
34253f2664 Let SSPI module choose which implementation to use. 2015-06-15 15:21:21 +02:00
Armin Novak
219ca1c02b NLA identity now a pointer, allowing NULL. 
When NLA identity is NULL, the current user context
is used on windows.
 2015-06-15 15:03:13 +02:00
Martin Haimberger
951a2d2210 stream: check stream_new in winpr and libfreerdp 
also fixed a few things
 2015-05-29 04:46:50 -07:00
Norbert Federa
1eff1a345e free can handle NULL perfectly fine 2015-05-11 09:07:39 +02:00
Bernhard Miklautz
850de59b55 winpr: add checks for *alloc 
Add missing checks if memory allocation was successful. Also adapt
caller(s) when possible.
 2015-04-08 11:34:37 +02:00
Martin Fleisz
8d783bd2f0 Fix server side NLA 2015-03-23 08:33:14 +01:00
Marc-André Moreau
0e57706de5 libfreerdp-core: cleanup connect error codes, fix Win32 NLA 2015-02-17 21:01:27 -05:00
Marc-André Moreau
9c7b7ab561 libfreerdp-core: make NLA event-driven 2015-02-15 16:04:59 -05:00
Marc-André Moreau
eddfee56a3 libfreerdp-core: prepare client-side NLA for event-driven structure 2015-02-15 14:54:10 -05:00
Marc-André Moreau
ab5fdcc3f1 libfreerdp-core: NLA cleanup 2015-02-15 11:10:14 -05:00
Marc-André Moreau
889ccefe0d libfreerdp-core: remove TlsIn/TlsOut from rdpTransport 2015-02-12 16:22:25 -05:00
Marc-André Moreau
70fab69347 libfreerdp-core: gateway connection refactoring 2015-02-11 14:27:29 -05:00
Marc-André Moreau
aa8b843250 libfreerdp-core: move stuff down from transport to tsg layer 2015-02-11 11:57:02 -05:00
Marc-André Moreau
e0b0c77ecb libfreerdp-core: improve http parsing 2015-02-02 17:16:32 -05:00
Armin Novak
2f519d7f16 Replaced logging in libfreerdp with wlog defines. 2014-09-15 08:48:46 +02:00
Armin Novak
6762d73ae1 Fixed winpr_HexDump calls. 2014-09-09 16:33:05 +02:00
Armin Novak
b22b897389 Reformatted changed files. 2014-09-09 16:32:22 +02:00
Armin Novak
f8eae11bf3 Fixed calling of dump functions, updated API 2014-09-09 16:31:46 +02:00
Armin Novak
bcb5f90ee6 Replaced perror with DEBUG_WARN 2014-08-11 09:19:23 +02:00
Armin Novak
b897c6a433 Replaced fprintf(stderr with DEBUG_WARN 2014-08-07 22:20:35 +02:00
Armin Novak
f4c133eaf8 Replaced custom logging mechanism with WLog wrapper. 2014-08-07 16:51:24 +02:00
Bernhard Miklautz
bdad9524dc refactor transport_read_pdu and check_fds 
transport_check_fds and transport_read_pdu had almost the same
functionality: reading and validating one pdu at a time.

Now transport_read_pdu reads one pdu from the transport layer and verifies
that the pdu data is valid - as before.
transport_read_pdu also ensures that the stream is sealed and
rewound when the pdu is received completely.
transport_check_fds just uses transport_read_pdu and does *not* do
the verification a second time based on the stream.

Besides the clean up this fixes the following problems:

* transport_read always read 4 bytes. Fast-path input synchronize pdus
  are only 3 bytes long. In this case on byte got lost in the stream
	buffer which lead to "de-synchronization" of server and
	client.

* Size check in tpdu_read_connection_confirm - already read bytes
  weren't taken into account.
 2014-07-24 16:34:59 +02:00
Bernhard Miklautz
47dd22ba87 transport refactor 
rename transport_read to transport_read_pdu. This name is more
descriptive what the function actually does.
 2014-07-24 16:34:59 +02:00
Marc-André Moreau
723e9a171b libwinpr-sspi: fix server-side NLA 2014-06-10 14:38:17 -04:00
Marc-André Moreau
03cf7933d9 libwinpr-sspi: start implementing and using negotiate sspi module 2014-06-07 16:26:57 -04:00
Marc-André Moreau
a07f616895 libwinpr-sspi: improve link interface 2014-06-07 10:50:51 -04:00
Marc-André Moreau
220f885774 libwinpr-sspi: code hardening 2014-06-06 17:20:34 -04:00
Marc-André Moreau
940e6fbc15 libwinpr-sspi: make native sspi option dynamic 2014-06-06 15:34:12 -04:00
Hardening
2edd8bee12 Misc fixes to check OOM 2014-04-10 21:10:19 +02:00
Benoît LeBlanc
3e1dfc6311 updated context error messages. utility macros for getting error code CLASS/TYPE 2014-03-21 13:45:43 -04:00
Benoît LeBlanc
d1b9565f51 Added context-specific error management. 
Added error codes to replace connectErrorCode.
 2014-03-20 18:19:54 -04:00
Marc-André Moreau
87be2e0f80 freerdp: add option to disable credentials delegation 2014-02-14 00:43:31 -05:00
Marc-André Moreau
8a44b2baa6 libfreerdp-core: add spn-class option 2014-02-12 00:43:02 -05:00
Marc-André Moreau
cdcd290c44 wfreerdp: fix most build warnings 2014-02-10 22:12:13 -05:00
Marc-André Moreau
5e4f77b05f Merge branch 'master' of github.com:mrthebunny/FreeRDP 2013-12-18 21:52:41 -05:00
Marc-André Moreau
51ad85e0ee libfreerdp-core: send Access Denied TLS alert when server-side NLA fails 2013-12-18 19:44:18 -05:00
Benoît LeBlanc
3adff0ec60 - added CANCELEDBYUSER error code. 
- AUTHENTICATIONERROR error code correclty set on gateway authentication (http error 401)
- Better error handling on connection errors and user cancelation
 2013-12-13 10:11:36 -05:00
Marc-André Moreau
b8a1f7d6c0 freerdp: implement restricted admin mode pass-the-hash option 2013-11-06 10:02:58 -05:00
Marc-André Moreau
a3d0e271b5 freerdp: add restricted admin option 2013-11-06 01:51:55 -05:00
Marc-André Moreau
938d423ec9 freerdp: fix build on Windows 2013-10-30 17:56:44 -04:00
Marc-André Moreau
8c4b1361d1 libfreerdp-core: merge with TSG TLS update 2013-10-28 20:20:18 -04:00
Dan Bungert
66ecabb647 Final cleanups - merge ready. 2013-10-28 16:59:02 -06:00
Dan Bungert
f02daaa2d5 More cleanups - remove LWD and all references. 2013-10-28 15:46:28 -06:00
Dan Bungert
c025042d07 NLA over TLS support 
Improve credssp transport layer handling, so that it works
with the correct TLS object.
 2013-10-28 14:39:10 -06:00
Benoît LeBlanc
801c1fe1d6 - Fixed crash in tls_read (unchecked null pointer) 
- also check for empty string on username and password to launch authentication callback
 2013-10-18 16:23:29 -04:00
Armin Novak
022439aa4c Fixed coverity issue 1047611 2013-09-05 12:14:32 +02:00
Bernhard Miklautz
0773bb9303 nla: invalidate sec handle after creation 
If sec pointer isn't invalidated after creation it is not possible
to check if the upper and lower pointers are valid.

This fixes a segfault in the server part if the client disconnects before
the authentication was finished.
 2013-07-01 19:24:19 +02:00
Marc-André Moreau
2bd6808432 freerdp: merge with master 2013-06-05 10:31:01 -04:00
Marc-André Moreau
6e0cbdddb1 Merge pull request #1261 from simon-engledew/master 
Ber Encoding Issue
 2013-06-03 16:41:29 -07:00
Vic Lee
fb9606ea77 core/nla: fix non-standard C gramma. 2013-05-23 13:34:34 -07:00
Simon Engledew
bceec08367 Finished merging missing changes from pull request #1257 (https://github.com/FreeRDP/FreeRDP/pull/1257 - commit 0dc22d5). Correctly report the length of ts_password_creds. 2013-05-22 14:29:33 +01:00
Simon Engledew
0dc22d5a30 Fixed a range of BER boundary encoding bugs which would occur when any NLA packet hit the 127 character mark. Removed ber#get_content_length as it was not behaving deterministically. 2013-05-21 16:06:00 +01:00
Marc-André Moreau
367ebf32a3 freerdp: make use of stream macros to access members 2013-05-15 12:14:26 -04:00
Marc-André Moreau
fdf3ddcf9e freerdp: purge deprecated stream utils 2013-05-08 17:48:30 -04:00
Marc-André Moreau
5b92413843 freerdp: purge deprecated stream utils 2013-05-08 16:09:16 -04:00
Marc-André Moreau
51715636a5 freerdp: remove some deprecated stream utils 2013-04-29 22:35:15 -04:00
Hardening
7701c9d934 Replace printf(...) by fprintf(stderr, ...) 2013-03-28 23:06:34 +01:00
Marc-André Moreau
a8201b0d1b libwinpr-utils: combine old and new stream utils 2013-03-21 15:19:33 -04:00
Marc-André Moreau
62eec0c2b5 libfreerdp-utils: rename internal members of STREAM to match new wStream 2013-03-21 15:01:46 -04:00
Alexander Gottwald
026e9996d3 Issue #847: protocol deadlock in NLA 
fix ber_get_content_length and der_get_content_length to work for values
around 0x80 and 0x100
Fix nego_token, auth_info and pub_key_auth content length calculation in
credssp_send to fix a lockup in NLA protocol.
 2013-02-26 21:32:36 +01:00
rdp.effort
2a6c62520f checks BER decoding result and stream size when processing NLA packets 2013-01-11 01:27:19 +01:00
Marc-André Moreau
a02090c09b libfreerdp-utils: fix unicode conversion 2012-12-16 23:00:40 -05:00
Marc-André Moreau
6450ecd67f libfreerdp-core: fix windows build 2012-12-12 23:18:20 -05:00
Marc-André Moreau
83473d11d1 channels: patch memory leaks, load addins from list 2012-11-19 13:26:56 -05:00
Marc-André Moreau
b70bfc1579 libfreerdp-core: make NLA use transport abstraction layer 2012-11-14 21:30:21 -05:00
Marc-André Moreau
f19f3a6024 libfreerdp-crypto: move nla.c to libfreerdp-core 2012-11-14 21:19:17 -05:00