Commit Graph

3483 Commits

Author SHA1 Message Date
Martin Fleisz
ff8b2c1b0e core: Fix IPv6 handling on Windows
On Windows the sockaddr struct is smaller than sockaddr_in6.
This causes getsockname to fail because the buffer is too small.
The new code uses sockaddr_storage which should be large enough to
hold any supported protocol address structure.

See: http://pubs.opengroup.org/onlinepubs/009696699/basedefs/sys/socket.h.html
2018-04-04 17:19:18 +02:00
Armin Novak
e47d7eb968 Simplified fastpath buffer handling. 2018-04-04 13:24:43 +02:00
Armin Novak
f840150a54 Fixed missing return value checks. 2018-04-04 13:24:32 +02:00
Armin Novak
3f1ef0efc6 Removed unnecessary range check. 2018-04-04 10:45:32 +02:00
Armin Novak
2bda3a30b0 Fixed integer to float type cast. 2018-04-04 10:45:07 +02:00
Armin Novak
b0fe199060 Fixed intrinsic integer overflow.
Adding 128 in 8bit is not possible due to range [-128,127].
Instead subtract -128, that should eliminate the overflow.
2018-04-04 10:43:31 +02:00
Martin Fleisz
edce38613a
Merge pull request #4529 from akallabeth/wlog_cleanup_fix
Fix #4524: Initialize with cleanup handler
2018-04-04 09:32:46 +02:00
Armin Novak
e0d112d548 Removed all calls to WLog_Init and WLog_Uninit
Since the calls are no longer required remove their usage.
2018-04-03 13:06:41 +02:00
Martin Fleisz
5c59b5f2b8 cssp: Fix handling of nonce 2018-03-29 21:42:14 +02:00
Martin Fleisz
eb1f693fc4 cssp: Separate client/server version handling (#4502) 2018-03-23 12:12:08 +01:00
Martin Fleisz
e9ba4b58ec cssp: Fix warnings (#4503) 2018-03-21 12:57:58 +01:00
Martin Fleisz
8df96364f2 cssp: Add support for protocol version 6 2018-03-20 10:37:38 +01:00
Bernhard Miklautz
e7ae3f6bab fix nla: don't use server version
FreeRDP currently only supports CredSSP protocol version 3. However the
current implementation always sent back the version received by the
server indicating that this version was supported.
With recent windows updates applied the protocol changed and this approach
doesn't work anymore (see
https://msdn.microsoft.com/en-us/library/mt752485.aspx for protocol changes).

With this fix FreeRDP always sends version 3 as supported version.

Credit goes to @mfleisz.

Fixes #4449
2018-03-14 14:04:56 +01:00
Armin Novak
44eebbb6e0 Fixed compiler warnings. 2018-03-07 14:47:06 +01:00
Armin Novak
66cc038c93 Fixed threadpool work function return and arguments. 2018-03-07 14:36:55 +01:00
Armin Novak
2517755d25 Fixed thread function return and parameters. 2018-03-07 14:36:55 +01:00
akallabeth
dd538ccd4b
Merge pull request #4470 from mfleisz/misc_fixes
Various fixes after running VS 2017 code analysis
2018-03-07 14:05:22 +01:00
akallabeth
ce61ec1d39
Merge pull request #4464 from perkerk/misc-windows-client
Misc changes for Windows client
2018-03-07 13:47:23 +01:00
Eric Brown
2e0253ae3a Clean up mf_uninit 2018-03-07 04:30:15 -06:00
Martin Fleisz
0599a3cdbf codec: Another realloc fix 2018-03-06 16:02:28 +01:00
Martin Fleisz
811406382d core: Fix possible out-of-bounds read 2018-03-06 15:52:34 +01:00
Martin Fleisz
07f05c5cb3 nla: Add NULL pointer check 2018-03-06 15:39:03 +01:00
Martin Fleisz
ba5ad2e2f4 codec: Prevent invalid mem access on realloc failure 2018-03-06 15:34:55 +01:00
Martin Fleisz
21eeea2cee codec: Fix broken reallocs 2018-03-06 15:32:04 +01:00
Armin Novak
a419677e8f Fix invalid handle offset. 2018-03-06 13:58:40 +01:00
Eric Brown
0c24ade668 Misc fixes for Windows clients 2018-03-02 12:42:04 -06:00
Eric Brown
3c52e3dd7c Fix H.264 codec init access violation on Windows N/KN systems 2018-03-02 12:39:28 -06:00
Armin Novak
1f7d33a2f2 Fixed read/write of surface bits command.
The optional field exBitmapDataHeader of TS_ BITMAP_DATA_EX was ignored.
Read and expose the data (currently unused)
2018-03-01 11:38:59 +01:00
Martin Fleisz
8e5d5fa8ea
Merge pull request #4450 from akallabeth/assist_fix
Assistance and RDP file parser fix
2018-02-21 16:56:55 +01:00
Martin Fleisz
3cfa837b0c
Merge pull request #4441 from akallabeth/paa
[cleanup] Support for gatewayaccesstoken / PAA
2018-02-19 17:28:32 +01:00
Armin Novak
212a448a38 Added assistance file name NULL check. 2018-02-19 10:00:23 +01:00
Armin Novak
1a902c249c Fix PROFILER_* macros
Add the semicolon to the macro to allow clean
undefinition if the profiler is not used.
This used to break VisualC compilers.
2018-02-15 11:30:38 +01:00
Jacco Braat
2af67baea3 Modified RDG connection setup using PAA Cookie.
Skip NTLM auth on the IN/OUT channels. Add PAACookie to TUNNEL_CREATE.
2018-02-15 10:56:58 +01:00
Jacco Braat
b592684734 Added to rdp file parsing: gatewayaccesstoken:s:<token>
Added to commandline parsing: /gat:<token>
Added GatewayAccessToken to sings
2018-02-15 10:56:57 +01:00
Armin Novak
92c62b1dbf Fixed #4436: double free of http response.
Fixed #4436: reset of token split.
2018-02-14 14:29:08 +01:00
Armin Novak
77a9e2edfc Do not export internal variables. 2018-02-14 13:51:38 +01:00
Armin Novak
990b8c23a9 Fixed PubSub function pointer casts. 2018-02-14 11:00:52 +01:00
David Fort
6e5d86f332 http: fix compilation with valgrind memcheck helpers 2018-02-14 10:16:38 +01:00
David Fort
441975a4aa video, geometry: fix prototypes for timer callbacks 2018-02-14 10:16:38 +01:00
David Fort
484abe0567 video: fix invalid geometry and invalid argument passing to time pubsub 2018-02-14 00:08:52 +01:00
Bernhard Miklautz
8566021a1c
Merge pull request #4425 from akallabeth/windows_nego_fix
Fixed windows unicode authentication.
2018-02-13 15:26:44 +01:00
Martin Fleisz
b8599b08f2
Merge pull request #4364 from akallabeth/gateway_refactor
Gateway refactor
2018-02-13 13:48:45 +01:00
Armin Novak
53d2150e00 Fixed windows unicode authentication. 2018-02-13 11:29:56 +01:00
Armin Novak
d9277b7fb8 Fixed copy offset issue. 2018-02-13 10:52:53 +01:00
Armin Novak
c7d701bdf8 Added software decoding fallback for RDPVOR 2018-02-13 10:52:53 +01:00
David Fort
a07efb73ec video: an implementation of MS-RDPEVOR for X11
Implements the decoding of video streams using common H264 decoders. We also implement
a trivial feedback algorithm.

Sponsored by: Rangee GmbH (http://www.rangee.de)
2018-02-13 10:51:07 +01:00
Armin Novak
2cf10cc359 bitmap free now always deallocating all resources. 2018-02-13 10:18:43 +01:00
Armin Novak
50c7777bbb Prevent malloc of size 0 2018-02-09 11:41:53 +01:00
Armin Novak
8c7fe93cc6 Added client channel queue object free function. 2018-02-09 11:04:31 +01:00
Martin Fleisz
eb2da0844c
Merge pull request #4411 from akallabeth/resolve_ipv6_fix
Fixed IPv4/IPv6 to string
2018-02-09 09:40:00 +01:00
Armin Novak
78de329f1f Fixed IPv4/IPv6 to string 2018-02-08 17:26:31 +01:00
Armin Novak
c0ec81c3c7 Do not update client if output suppressed. 2018-02-08 11:59:00 +01:00
Armin Novak
253beda330 Fixed formatting. 2018-02-08 11:55:57 +01:00
Armin Novak
fde818c6f6 Fixed FFMPEG log messages. 2018-02-07 13:32:29 +01:00
Armin Novak
fac61bf48b Use dynamic logger in MediaFoundation backend 2018-02-07 13:26:39 +01:00
Armin Novak
aff9a22367 Fixed obsolete TAG definitions and use. 2018-02-07 13:26:39 +01:00
Armin Novak
77d0c77ed9 Fix OpenH264 trace logging, set up context first 2018-02-07 13:26:39 +01:00
Armin Novak
7adc384d9a Using dynamic logger for GFX-H264 backend. 2018-02-07 13:26:39 +01:00
Norbert Federa
1a377ba978
Merge pull request #4392 from akallabeth/yuv_asm
Fixed AVC444v1 luma UV averaging
2018-02-07 13:00:00 +01:00
Bernhard Miklautz
db8519fd8a
Merge pull request #4397 from SriRamanujam/vaapi
Use libavcodec's VA-API to accelerate H.264 decoding.
2018-02-07 12:56:31 +01:00
Armin Novak
1d99696db2 Fixed AVC444 YUV conversion matrix 2018-02-07 11:23:33 +01:00
Armin Novak
53cdd95de0 Refactored RGB to AVC444v2 2018-02-07 10:48:43 +01:00
Armin Novak
eb8e9cb410 Added SSSE3 UV average to AVC444v1 2018-02-07 10:48:43 +01:00
Armin Novak
46159c4cab Added UV average to AVC444v1 2018-02-07 10:48:43 +01:00
Sri Ramanujam
26eee4aecf TO BE SQUASHED: use hw_frames_ctx to set up vaapi on older versions of libavcodec 2018-02-02 15:49:59 -05:00
Sri Ramanujam
edf9c52c6b TO BE SQUASHED: initial changes from code review 2018-02-02 14:30:31 -05:00
Armin Novak
bc33fa8b1b Tuned FFMPEG encoder settings.
Using preset medium with zerolatency.
2018-02-02 13:59:08 +01:00
Armin Novak
9f57e07a23 Align YUV buffer strides and height. 2018-02-02 10:39:33 +01:00
Armin Novak
3b70d1178b Added AVC444 chroma support to shadow server. 2018-02-02 10:39:33 +01:00
Sri Ramanujam
bedc1ac4c6 Use libavcodec's VA-API decoding.
Leverages libavcodec's hw decode support to provide VA-API based
hardware decoding. Depends on the local build of ffmpeg having hardware
VA-API support compiled in and the appropriate libva drivers and
libraries installed.
2018-02-02 02:31:23 -05:00
Norbert Federa
46f03d5e78 disabled expensive debug call in channel send 2018-01-31 12:44:45 +01:00
Armin Novak
c82610c304 Deactiveate optimized primitives if no implementation compiled. 2018-01-30 14:53:53 +01:00
Armin Novak
8f7bc7990f Added SSE optimized RGB to AVC444 frame split and test. 2018-01-30 11:17:16 +01:00
Armin Novak
ce10e22b86 Added optimized C function for specific color format. 2018-01-30 11:17:15 +01:00
Armin Novak
f27ee2e3ab Split optimized YUV implementations to separate files. 2018-01-30 11:17:15 +01:00
David Fort
5e48664695 primitives: use INIT_ONCE instead of static booleans
This may prevent some race conditions
2018-01-29 00:25:20 +01:00
Armin Novak
0fc19e5590 Functions static where appropriate. 2018-01-19 10:59:10 +01:00
Armin Novak
e1c00b878d Fixes argument size type, function static where appropriate. 2018-01-19 09:15:26 +01:00
Armin Novak
29f2d2d9bb Fixed missing packageName setup in server NLA 2018-01-17 09:09:58 +01:00
Armin Novak
0e1a073384 Simplified package name comparisons. 2018-01-17 08:18:45 +01:00
Armin Novak
dc3d536398 Changed length arguments and return to size_t 2018-01-17 08:14:06 +01:00
Armin Novak
20b4b286f0 Fixed strtoull not supported on windows. 2018-01-16 08:15:34 +01:00
Armin Novak
a49a2299b1 Refactored http parser
* Using single buffer for all data
* Added response size limit of 64MiB
* Fixed various memory leaks
2018-01-15 16:51:33 +01:00
Armin Novak
c3f008c36c Functions static where appropriate. 2018-01-15 13:22:01 +01:00
Armin Novak
59e8b67287 Fixed broken #ifdef 2018-01-15 10:18:03 +01:00
akallabeth
3b719ae7d4
Merge pull request #4359 from MartinHaimberger/yuvfix
YUV conversation: fixed luma frame creation
2018-01-15 10:13:26 +01:00
Armin Novak
97cc55deec Fixed bitmap capability debug. 2018-01-12 09:22:08 +01:00
Martin Haimberger
94a58bd18d YUV conversation: fixed luma frame creation
in the conversation function general_RGBToAVC444YUVv2_ANY
2018-01-12 00:16:45 -08:00
MartinHaimberger
b6a1af0ba1
Merge pull request #4349 from akallabeth/primitives_update
Added new and optimized YUV primitives.
2018-01-10 15:33:13 +01:00
Armin Novak
23e1afb44a Added new and optimized YUV primitives.
* RGBToAVC444YUVv2: Split a RGB frame in luma and/or chroma v2 YUV420 frames
* RGBX specific versions of RGBToAVC444YUV and RGBToYUV420_8u_P3AC4R
2018-01-10 14:46:18 +01:00
David Fort
ab94f6a5fd
Merge pull request #4339 from akallabeth/gdi_sw_crash_fix
Fixed #4336: Initialize rectangle.
2018-01-10 09:57:54 +01:00
Armin Novak
5140ee09b3 Reduced log priority in gdi_CRgnToRect 2018-01-08 13:03:06 +01:00
David Fort
e1cc601963
Merge pull request #4323 from akallabeth/scanbuild_fixes
Scanbuild and other warnings fixed
2018-01-08 11:16:21 +01:00
akallabeth
900ec855de
Merge pull request #4334 from h3xx/fix-ffmpeg-support
Fix building against current ffmpeg
2018-01-08 09:21:53 +01:00
akallabeth
4077d55a6c
Merge pull request #4332 from hardening/xrandr_and_fixes
Xrandr and fixes
2018-01-08 09:20:56 +01:00
Armin Novak
bcf3babcaa Fixed #4336: Initialize rectangle. 2018-01-08 09:01:22 +01:00
Mike Gilbert
51cdd8df19 codec/nsc_sse2: add runtime CPU feature check 2017-12-29 14:06:49 -05:00
Mike Gilbert
082aac83a0 cmake: do not add -msse2/-msse3 globally 2017-12-29 14:06:49 -05:00
Mike Gilbert
9bfe2fcfb9 cmake: rework logic to apply -msse2, -msse3, -mssse3 to specific files
If we apply -mssse3 to files that don't need it, gcc may automagically
generate instructions that will not run on certain CPUs. This breaks the
runtime feature detection code (IsProcessorFeaturePresent).

Fixes: https://github.com/FreeRDP/FreeRDP/issues/4308
2017-12-29 14:06:49 -05:00
Dan Church
ed571e74a5
Provide support for older versions of libavcodec
My method was to find the LIBAVUTIL_VERSION_* at the commit where the
updated AV_ prefixed constants became available, add one "micro" version
to it, then if it's not at least that version, provide the unprefixed
constant. It just so happens that the same commit introduced all
the AV_* constants.
2017-12-29 11:13:03 -06:00
Dan Church
78df32c77f
Fix future ffmpeg support
The AV_ prefixed constants have been available since
ffmpeg@def97856de6021965db86c25a732d78689bd6bb0 (2015-07-07), or version
2.8.

The non-prefixed constants are set to be removed in the next ffmpeg
release, and were removed in
ffmpeg@302554835e39b79b977ed60c9afe81b44590dfef (2016-12-05).
2017-12-28 09:41:45 -06:00
David Fort
191b8f950f Fix for #4330
Since ec027bf dynamic resolution is broken when used with egfx. Before that commit
we were tracking a server sent resize by setting a DesktopResize callback. This callback
is called when the desktop is resized by the server. Anyway the problem was that when this
callback is called, the activation sequence is not always completed, which were leading to
some freeze with 2012r2 servers (sending packets before the sequence is finished).
So with the faulty commit, we are tracking server resizes by subscribing to the Actived
event, that is called at the end of a reactivation sequence, so we're sure to not send packets
when not fully activated.
Anyway the issue that shows on (#4330) is that when you use egfx, no reactivation sequence happens,
the server only sends a ResetGraphics message with the new size, and so we miss the resized event.
This fix introduces a new GraphicsReset event, makes the display channel subscribe to that event,
and react accordingly.
2017-12-23 13:50:54 +01:00
David Fort
5e2d6ea029 zgfx: add a check 2017-12-22 17:55:48 +01:00
Armin Novak
cf899eb5ba Fix #4299: gdi_CRgnToRect
The coordinates from RDP ROP commands do not (always) have
0,0 as the origin of the drawing operation.
Adjust the coordinates to our local coordinate system.
2017-12-22 13:43:37 +01:00
Armin Novak
c60c355a9d Added ROP to primary order debug message. 2017-12-22 10:37:04 +01:00
Armin Novak
b293b17ac9 Added ROP to string functions for log messages. 2017-12-22 10:25:05 +01:00
Armin Novak
1d01582a87 Fixed dead store warnings. 2017-12-21 11:47:16 +01:00
Armin Novak
50a0968c6a Removed unused variables. 2017-12-21 11:29:24 +01:00
Armin Novak
9c93c6cbf3 Fixed unused variable warnings. 2017-12-21 11:04:50 +01:00
Armin Novak
e4766c656e Fixed missing initialization warnings. 2017-12-21 11:04:32 +01:00
Armin Novak
6a21bdae3d Fixed various scanbuild warnings. 2017-12-21 09:34:35 +01:00
akallabeth
e3e65734e8
Merge pull request #4303 from krisztian-kovacs-balabit/use-redirection-password
Use redirection password
2017-12-20 17:01:58 +01:00
Martin Fleisz
80a49f46dc
Merge pull request #4320 from ondrejholy/coverity-fixes
Coverity Scan fixes
2017-12-20 14:17:20 +01:00
Martin Fleisz
ec027bf46c
Merge pull request #4318 from hardening/display_improvement
Dynamic resolution improvements
2017-12-20 13:43:22 +01:00
Martin Fleisz
bfe8359b5b
Merge pull request #4239 from akallabeth/test_memleak_fixes
Test memleak fixes
2017-12-20 12:38:38 +01:00
David Fort
2a6c9e1b87 Add an activated event and a Timer event
Added an event that is triggered when the activation sequence is finished.
We also define a timer event that is neat to have for regular operation.
2017-12-19 15:21:15 +01:00
Ondrej Holy
9f5d0d4c4d crypto: Improve PER OID calculations
"(oid[0] << 4) & (oid[1] & 0x0F)" statement is always 0. It is not
problem currently because the only OID which is written by this
function should have 0 there. The function to read/write are pretty
limited anyway and can't work properly with all kind of OIDs. Maybe
it would be better to hardcode the OID there without decoding
and encoding. But those functions are already there so let's improve
them a bit according the spec and warn about limited set of
supported OIDs.

See:
https://msdn.microsoft.com/en-us/library/windows/desktop/bb540809
2017-12-19 14:42:06 +01:00
Ondrej Holy
4791970c09 core: Remove redundant stream position changes
Stream_Seek() is used, but consequently Stream_SetPosition() is used
for position obtained by Stream_GetPosition() immediatelly before
Stream_Seek(). Let's remove this stream position changes due to its
redundancy.
2017-12-19 13:02:55 +01:00
Ondrej Holy
0389cb129e core: Fix array overrunning during FIPS keys generation
p is 20 and r is 1 in the last iteration of fips_expand_key_bits,
which means that buf[21] is read (of BYTE buf[21];). However,
the value is not needed, because it is consequently discarded by
"c & 0xfe" statement. Let's do not read buf[p + 1] when r is 1
to avoid this.
2017-12-19 10:29:16 +01:00
akallabeth
097f8edd97
Merge pull request #4312 from bmiklautz/smartcard-cleanup
Smartcard fixes and cleanup
2017-12-14 16:56:29 +01:00
Martin Fleisz
5cec90c781
Merge pull request #4305 from hardening/xrandr_fix
Fix XRandr for old systems and MacOSX
2017-12-13 17:24:41 +01:00
Bernhard Miklautz
bc8bdc3e54 fix channel/smartcard: compiler warnings
* remove unused variables
* remove unused jump label
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
1e6fea7fa7 fix channel/smartcard: simplify channel variables
Path was not really used and name was duplicated. Use the device->Name
directly.
2017-12-13 17:04:06 +01:00
Martin Fleisz
f6b8a6eaa2
Merge pull request #4276 from akallabeth/big_endian_more
Big endian fixes
2017-12-13 09:58:14 +01:00
Armin Novak
2f35c4b158 Fixed remaining color renaming issues. 2017-12-12 11:41:43 +01:00
Armin Novak
ae2a96293b Cleanup and initialization checks. 2017-12-12 11:40:48 +01:00
Armin Novak
7305828122 Fix #4239: Various memory leaks
* Fixed all tests, now can be run with -DWITH_ADDRESS_SANITIZER=ON compiled.
* Enabled address sanitizer for nightly builds.
2017-12-12 11:40:48 +01:00
David Fort
3b670703fb
Merge pull request #4277 from akallabeth/mac_server
Mac fixes
2017-12-12 10:40:14 +01:00
David Fort
41823080f9 Fix users of Stream_GetPosition() that returns size_t 2017-12-11 22:38:58 +01:00
David Fort
11ee81be60 Fix XRandr for old systems and MacOSX
We need a recent enough version of XRandr to correctly detect monitor.
Also this patch adds some typo or style fixes.
2017-12-08 10:59:38 +01:00
KOVACS Krisztian
7f5f40d392 core/nla: use RedirectionPassword if set in settings
Previously, the code prompted for the password even if a RedirectionPassword
was provided.

With this change the prompt is only shown if both settins->Password and
settings->RedirectionPassword is absent.
2017-12-06 16:32:56 +01:00
KOVACS Krisztian
6518e36c70 Revert "core/connection: use redirection password when reconnecting"
This reverts commit 70c65e70d1.
2017-12-06 14:58:34 +01:00
daixj
d10448fde2 Fix #4291: xfreerdp segfault when connecting freerdp-shadow-cli 2017-11-29 05:12:40 -05:00
David Fort
cf33966f2e
Merge pull request #4282 from akallabeth/force_ipv6
Fix #4281: Added option to prefer IPv6 over IPv4
2017-11-28 10:48:53 +01:00
Armin Novak
3e4c274cc9 Fixed channel count exceed checks
The check aborted on CHANNEL_MAX_COUNT - 1 instead
of correctly at CHANNEL_MAX_COUNT
2017-11-28 09:40:04 +01:00
David Fort
2f4a2f8595
Merge pull request #4272 from akallabeth/static_channel_checks
Fix #3378: 31 static channels are supported.
2017-11-27 22:46:23 +01:00
Bernhard Miklautz
baf52f529f
Merge pull request #4261 from akallabeth/doc_ssl_store
Fix #3890: Point to OpenSSL doc for private CA
2017-11-27 11:46:54 +01:00
Armin Novak
2cc64298f2 Fix #4281: Added option to prefer IPv6 over IPv4 2017-11-27 11:43:54 +01:00
Bernhard Miklautz
aa47c8ebe8
Merge pull request #4268 from akallabeth/big_endian_fixes
Fix ZGfx decoder on big endian
2017-11-24 15:44:15 +01:00
Armin Novak
57958cb178 Fixed #3810: Renamed color functions 2017-11-24 13:21:43 +01:00
Armin Novak
13e0d56574 Fixed endianess issues with ncrush. 2017-11-24 12:03:46 +01:00
David Fort
27807bea2b
Merge pull request #4271 from akallabeth/surface_c
Fixed return value check for callbacks.
2017-11-24 11:14:17 +01:00
Armin Novak
377bfeb227 Fix #3378: 31 static channels are supported. 2017-11-23 16:18:44 +01:00
David Fort
d982cf0e90
Merge pull request #4255 from akallabeth/rfx_fix
Fix #4253: Rfx decode tile width.
2017-11-23 15:35:52 +01:00
Armin Novak
f68bc07a22 Fixed return value check for callbacks. 2017-11-23 15:10:42 +01:00
akallabeth
71e38a4ce7
Merge pull request #4267 from ondrejholy/autofips
Enable FIPS mode automatically
2017-11-23 10:49:15 +01:00
Ondrej Holy
74bbbdb5c3 Remove unused variable
Unused variable was added together with FIPS mode support, let's remove it.
2017-11-23 10:09:17 +01:00
Ondrej Holy
6973b14eed Enable FIPS mode automatically
FreeRDP aborts if OpenSSL operates in FIPS mode and +fipsmode is not
manually specified. Let's prevent the abortion and enable the necessary
options in that case automatically.
2017-11-23 10:09:17 +01:00
Armin Novak
dbdc4f4933 Fixed endianess issues of zgfx decoder. 2017-11-23 09:32:29 +01:00
David Fort
a834ef8243
Merge pull request #4251 from akallabeth/openssl_warn_fixes
Fix #4247: warnings introduced with #3904
2017-11-23 09:22:02 +01:00
cedrozor
49f4b2a42e Fixed NLA for Negotiate and NTLM authentication (regression due to the recent addition of kerberos support) 2017-11-21 16:36:47 +01:00
Armin Novak
12a9b9a0b4 Fix #3890: Point to OpenSSL doc for private CA 2017-11-21 11:47:33 +01:00
Armin Novak
a376656b3c Disabled ceritficate signature check. 2017-11-21 11:37:42 +01:00
Armin Novak
b1d2053ad1 Fix #4101: Rfx decode tile width. 2017-11-21 11:08:16 +01:00
Armin Novak
24233b299c Fix #4111: 15bpp color handling for brush. 2017-11-20 15:00:09 +01:00
Armin Novak
4fe12b0ea3 Fix #4247: warnings introduced with #3904 2017-11-20 10:18:15 +01:00
akallabeth
b156b937fe
Merge pull request #3904 from bjcollins/master
FIPS Mode support for xfreerdp
2017-11-17 13:31:43 +01:00
Martin Fleisz
4ff1251488
Merge pull request #4236 from akallabeth/scan_fix_remastered
Scanbuild warning fixes
2017-11-17 13:02:46 +01:00
Brent Collins
9ca9df1ead Make the new winpr_Digest*MD5_Allow_FIPS functions more generic to no longer be MD5 specific in design. This way the FIPS override
could easily be extended to more digests in the future. For now, an attempt to use these functions with anything other than MD5 will
not work.
2017-11-17 12:43:07 +01:00
Brent Collins
e47123f05a Do not initialize SSL in freerdp_context_new, it is too early to detect the fips enabled flag
and is redundant since it is initialized later before actually using SSL.
2017-11-17 12:43:07 +01:00
Brent Collins
68ab485e63 Fix logic error in reworked MD5 call for establishing keys, and fix some minor whitespace issues. 2017-11-17 12:43:07 +01:00
Brent Collins
d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode.
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
2017-11-17 12:43:06 +01:00
akallabeth
668e347814
Merge pull request #4034 from blino/wayland-keymap
Reuse evdev/X11 keymap for wayland
2017-11-16 12:07:07 +01:00
Armin Novak
ceda3d3f4a Fixed color for drawing rectangles. 2017-11-15 15:56:25 +01:00
Armin Novak
536ffbc31f Fixed missing function return check. 2017-11-15 15:56:25 +01:00
Armin Novak
dbe418062f Fixed missing parameter checks. 2017-11-15 15:56:25 +01:00
Armin Novak
bd7e4cd35a Fixed uninitialized variables. 2017-11-15 15:56:25 +01:00
Armin Novak
032c0164d1 Fixed missing error check. 2017-11-15 15:56:25 +01:00
Armin Novak
99f6c27488 Fixed uninitialized arguments. 2017-11-15 15:56:25 +01:00
Armin Novak
7fd5b6f4a2 Fixed warnings and test return values. 2017-11-15 15:54:38 +01:00
Armin Novak
4eb5b8e349 Replaced atoi 2017-11-15 15:52:16 +01:00
Armin Novak
e4873fe2c4 Added encoder path for libavcodec versions <1.0 2017-11-14 09:15:43 +01:00
David Fort
f4f23454c9
Merge pull request #4233 from akallabeth/kerberos_rebased
Kerberos rebased
2017-11-13 17:39:27 +01:00
David Fort
7bbc3cb8b7 Fix logic in nla_read_ts_credentials 2017-11-13 16:20:57 +01:00
dodo040
e0a9999fb2 fix: GSS API init, enterprise name management, variable names and format code 2017-11-13 16:20:56 +01:00
dodo040
0a3c61d305 fix undefined symbol references at linking stage 2017-11-13 16:20:56 +01:00
dodo040
b81f168f0e initial commit for kerberos support 2017-11-13 16:20:55 +01:00
Armin Novak
5cd89a3bc5 Added compat define for missing format. 2017-11-13 11:28:43 +01:00
David Fort
b85287fb62
Merge pull request #4212 from SriRamanujam/ffmpeg_encoder_fixes
Fix libavcodec encoding errors and set tunables.
2017-11-13 09:30:28 +01:00
Sri Ramanujam
fef3865ff2 Fallback #ifdefs for older versions of libavcodec 2017-11-12 17:31:22 -05:00
akallabeth
fcc9419922
Merge pull request #4225 from krisztian-kovacs-balabit/use-redirection-pdu-password-on-reconnect
core/connection: use redirection password when reconnecting
2017-11-10 09:32:39 +01:00
David Fort
dcafd4dacd
Merge pull request #4226 from krisztian-kovacs-balabit/open-x509-keyfile-readonly
libfreerdp/core/certificate: open key file for reading only
2017-11-09 18:11:12 +01:00
Sri Ramanujam
66c925c9e4 Fix libavcodec encoding errors and set tunables. 2017-11-09 11:39:54 -05:00
KOVACS Krisztian
c13c9035eb libfreerdp/core/certificate: open key file for reading only
There's no point in writing the key file for read-write, and it makes it
impossible to run the shadow server with the key file being read only.
2017-11-09 16:54:22 +01:00
KOVACS Krisztian
70c65e70d1 core/connection: use redirection password when reconnecting
According to MS-RDPBCGR the server might send a password in the Redirection PDU
that then must be sent by the client to the server as password.

Since the field either contains a password string (unicode) or a binary cookie,
we try to convert the password from unicode and use it only if conversion
succeeds.
2017-11-09 14:46:38 +01:00
KOVACS Krisztian
d396258866 codec/nsc: fix memory corruption in case of chroma subsampling
For odd number of rows, the memory copy operation was broken: after exiting
the loop, yplane points to the end of the last row data, and thus (yplane +
rw) points *after* the end of the last row.
2017-11-09 14:38:46 +01:00
Martin Fleisz
d5344c3396
Merge pull request #4219 from akallabeth/various_fixes
Various fixes
2017-11-09 09:37:18 +01:00
Martin Fleisz
ed1934cafe
Merge pull request #4211 from akallabeth/silence_duplicate_warnings
Silence WLog_ERR messages if last error is set.
2017-11-08 13:34:26 +01:00
Armin Novak
5dc8763b2c Fixed compilation errors with old FFMPEG versions. 2017-11-08 12:55:11 +01:00
Armin Novak
b86c0ba548 Fixed NLA default error to FREERDP_ERROR_AUTHENTICATION_FAILED 2017-11-08 11:32:34 +01:00
David Fort
b216e91cdd
Merge pull request #4210 from akallabeth/nla_errors_extended
Added additional NLA error mappings.
2017-11-06 14:23:50 +01:00
Armin Novak
ce00f4dd8f Silence WLog_ERR messages if last error is set. 2017-11-06 14:02:22 +01:00
David Fort
504b771686
Merge pull request #4053 from akallabeth/ffmpeg_encoder
Implemented FFMPEG based encoder.
2017-11-06 11:25:48 +01:00
akallabeth
e7b8833e9e
Merge pull request #4187 from hardening/multimon_fix
Multimonitor fix
2017-11-06 10:02:07 +01:00
Armin Novak
7a73a0eb1b Added additional NLA error mappings. 2017-11-06 09:49:03 +01:00
Youness Alaoui
02e4f1f256 Do not delete the listener socket right after creating it.
The listener server socket file needs to be deleted before we bind it
otherwise it's an "address already in use" error. But it was getting
deleted after the bind, causing the file to disappear, and preventing
anyone from connecting to the listener socket since the socket stops
existing.

This is caused by commit 884e87fde4
2017-10-27 15:01:29 -04:00
Armin Novak
367bddd7ad Added better error mapping for NEGO results. 2017-10-25 09:58:13 +02:00
Norbert Federa
eea2f306d3 primitives/yuv: fix endianess issue 2017-10-19 11:55:13 +02:00
Armin Novak
5d96fc9b14 Removed unused function pointer
The function was breaking windows 7 compatibility.
2017-10-18 09:52:41 +02:00
Norbert Federa
456ce96618 codec/h264: fix potential segfault and mf_init 2017-10-17 19:28:54 +02:00
David Fort
f90fe19fc7 multimon: correctly set the primary monitor
According to the spec the primary monitor is supposed to be in (0,0) and other monitors
to be given relative to this one.
2017-10-17 14:07:23 +02:00
David Fort
5d5376faa7 egfx: fix disconnection caused by invalid cache entries due to wrong announced cache size
Added some checks so that when setting a cache entry fails, we close connection (or
we fail later when trying to use that empty entry).
The small cache egfx capability has also been fixed.
2017-10-10 17:12:16 +02:00
David Fort
a132922376 Add checks for DR channel 2017-10-04 10:30:47 +02:00
akallabeth
e6d66d9d81 Merge pull request #4154 from hardening/misc_fixes
Fix raw surfaces displaying + misc other changes
2017-09-27 14:56:21 +02:00
Bernhard Miklautz
15c7cb8cb2 Enable clipboard channel per default 2017-09-27 09:45:07 +02:00
David Fort
ddca8f3a3b Check return value of malloc 2017-09-26 13:56:08 +02:00
Armin Novak
9f26f73709 Added delay for connect abort
The connection abort must be called after freerdp_connect.
Ensure that this function is already running by waiting
a second.
2017-09-26 12:05:24 +02:00
Armin Novak
ef9444bd35 TestConnect: Extend timeout, only listen locally 2017-09-26 10:59:34 +02:00
Armin Novak
ac454628ae Fixed TestConnect with dynamic channels. 2017-09-25 13:34:00 +02:00
Armin Novak
884e87fde4 Unlink file after binding to it.
When unlinking the file before binding, a new entry is created
in the file system after binding. This is not desireable, so
unlink it after binding to remove the temporary file after the process
closes.
2017-09-25 10:35:24 +02:00
Bernhard Miklautz
4592deee72 extend /size to allow width or height percentages (#4146)
If the size parameter is used with a percentages like /size:50% now
an additional 'w' or 'h' can be appended (like /size:50%w) to specify
where the percentage should be applied. If both or none are set the
behavior is like it was before and the percentage is applied to width
and height.
2017-09-25 09:35:49 +02:00
Jukka-Pekka Virtanen
ad1425e145 Using PasswordIsSmartcardPin option when sending TS_INFO_PACKET 2017-09-23 14:28:17 +02:00
David Fort
b587daa416 Merge pull request #4136 from tditsch/master
Fixed endless loop when RDP Server sends SERVER_DENIED_CONNECTION
2017-09-22 09:52:27 +02:00
Armin Novak
bdae339268 Check and invalidate handles on free. 2017-09-19 12:36:13 +02:00
tditsch
a16d9a2ade refactored Bugfix 2017-09-19 10:18:41 +02:00
tditsch
feca6d9750 Fixed endless loop when RDP Server sends SERVER_DENIED_CONNECTION 2017-09-18 17:29:16 +02:00
Ondrej Holy
e9ffff56bc cache: Use Bitmap_Free instead of free
Bitmap_Alloc is used to allocate memory of bitmap, Bitmap_Free should
be used to release that memory. Let's change free to Bitmap_Free.

https://github.com/FreeRDP/FreeRDP/issues/4117
2017-09-07 09:38:44 +02:00
Ondrej Holy
9cccd4888d orders: Fix OFFSCREEN_DELETE_LIST allocation size
The size of OFFSCREEN_DELETE_LIST list allocation was incorrectly changed
by commit 99b1481 and consequently fixed incorrectly by commit 8a0fe086.
Let's count the allocation size based on new size and not based on current
size in order to prevent some memory issues.

https://github.com/FreeRDP/FreeRDP/issues/4117
2017-09-07 09:38:44 +02:00
Ondrej Holy
048e7f264b orders: Fix ORDER_TYPE_GDIPLUS_END check
Commit 6fd03ab introduced security checks for orders, but
ORDER_TYPE_GDIPLUS_END check fails in case of success and vice versa.
Let's add the missing question mark.

https://github.com/FreeRDP/FreeRDP/issues/4117
2017-09-07 09:38:44 +02:00
Ondrej Holy
5d6e2078c7 cache: Check return value from offscreen_cache_get
Currently, SetSurface is called regardless of return value from
offscreen_cache_get. It may happen that bitmap is not found in a
cache from some reason, which may lead to segfaults. Let's check
the returned value before use.

https://github.com/FreeRDP/FreeRDP/issues/4117
2017-09-07 09:38:44 +02:00
Armin Novak
d3df6ed40f Removed unused variable. 2017-08-31 09:57:49 +02:00
David Fort
5115ecd948 Merge pull request #4063 from akallabeth/auth_fixes
Fixed leaks, certificate comparison and channel context cleanup
2017-08-30 10:19:12 +02:00
Bernhard Miklautz
52fbfb7b12 fix clang warnings, directly include wtypes.h (#4097)
* build: clang use -Wno-unused-command-line-argument

With clang 5.0 builds are quite noisy otherwise.

* Directly include wtypes.h

Directly include winpr/wtypes.h where _fseeki64 or _ftelli64 is used.

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning: parentheses-equality

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning: tautological-compare

* fix build warnings with clang 5

clang version: 5.0.0-svn310678-1~exp1 (branches/release_50)
Warning:
incompatible pointer types passing 'size_t *' (aka 'unsigned
long *') to parameter of type 'UINT32 *' (aka 'unsigned int *')
[-Wincompatible-pointer-types]
2017-08-29 09:09:38 +02:00
Armin Novak
c3d4b7d262 fseeko and ftello for 64bit file support. 2017-08-14 08:42:49 +02:00
David Fort
b29658a859 Merge pull request #4066 from akallabeth/input_event_fixes
Fixed capability checks for mouse and unicode input.
2017-08-02 11:25:08 +02:00
David Fort
c84065f40c Merge pull request #4069 from yurashek/master
Build on Solaris
2017-08-02 09:53:38 +02:00
Armin Novak
a63b2c5a4a Use encoder context for old libavcodec. 2017-08-02 08:53:03 +02:00
Armin Novak
d2d621106d Fixed capability checks for mouse and unicode input. 2017-07-31 12:30:35 +02:00
Armin Novak
523a881663 Channels with a context must free it themselves. 2017-07-28 08:39:51 +02:00
Armin Novak
11fa9f6753 Free credentials on exit. 2017-07-28 08:39:49 +02:00
Armin Novak
b0411d4faa Unexported internal NLA functions. 2017-07-28 08:38:07 +02:00
Armin Novak
c301f2d56a Fixed certificate check return. 2017-07-28 08:35:41 +02:00
Armin Novak
ceda244165 Fixed uninitialized values and leaks. 2017-07-28 08:35:31 +02:00
Valery Kartel
9bf9ff9e8a Fix build with LibreSSL 2017-07-26 17:12:14 +03:00
Armin Novak
dd4b5ea126 Disable JPEG codec support if not compiled in. 2017-07-24 15:23:36 +02:00
Armin Novak
3501f82e95 Implemented FFMPEG based encoder. 2017-07-20 13:27:09 +02:00
Armin Novak
b51a103b70 Fixed uninitialized values. 2017-07-20 09:35:41 +02:00
Armin Novak
e8b9e4f512 Fixed double free. 2017-07-20 09:35:41 +02:00
Armin Novak
8b9e3fa51e Fixed use of reserved keywords for include guards. 2017-07-20 09:35:41 +02:00
Armin Novak
0490aeb018 Fixed clang malloc integer overflow warnings. 2017-07-20 09:29:48 +02:00
Armin Novak
8292b4558f Fix TALOS issues
Fix the following issues identified by the CISCO TALOS project:
 * TALOS-2017-0336 CVE-2017-2834
 * TALOS-2017-0337 CVE-2017-2834
 * TALOS-2017-0338 CVE-2017-2836
 * TALOS-2017-0339 CVE-2017-2837
 * TALOS-2017-0340 CVE-2017-2838
 * TALOS-2017-0341 CVE-2017-2839
2017-07-20 09:28:47 +02:00
Armin Novak
88fa131248 Fixed variable assignment. 2017-07-19 11:36:28 +02:00
Armin Novak
42fdb0b8d3 Reordered backends with regard to feature completeness. 2017-07-18 07:46:51 +02:00
Armin Novak
96d53933d2 Deactivated all H264 related code paths. 2017-07-17 10:39:08 +02:00
Armin Novak
2614251e83 Removed H264 dummy, did not work (crash on use) 2017-07-17 09:28:08 +02:00
Armin Novak
5764d5a78a Disable GFX H264 if no backend compiled in. 2017-07-17 09:25:21 +02:00
Norbert Federa
36b8f54c5e Fixed a few compiler warnings 2017-07-10 17:52:05 +02:00
Olivier Blin
3e5f8c6bdb Reuse evdev/X11 keymap for wayland 2017-07-05 18:48:24 +02:00
David Fort
3afacb0445 Merge pull request #4024 from bmiklautz/fix_4022
Fix a regression introduced with PR #4013
2017-06-29 11:55:55 +02:00
Bernhard Miklautz
e7cd3250c3 Fix a regression introduced with PR #4013
If numWindowRects/numVisibilityRects is zero a realloc might either
return NULL or a free able memory. In the first case the introduced
regression caused a double free.
As 0 is a possible value that can be received in both cases rail was
broken.

Fixes #4022
2017-06-29 11:28:03 +02:00