Commit Graph

566 Commits

Author SHA1 Message Date
akallabeth
5aff241096
Merge pull request #10554 from akallabeth/tidy-silence
Tidy silence
2024-09-04 10:35:22 +02:00
akallabeth
3e933203e2 [crypto,tls] fix bad-function-cast
do silence the compiler warning and add a comment why we do that.
2024-09-04 09:41:53 +02:00
akallabeth
c5f346488f
[crypto,tls] revert const argument
with some build options this needs to be writeable.
2024-09-04 09:03:21 +02:00
akallabeth
190929c018
[warnings] fix function pointer casts 2024-08-30 15:40:01 +02:00
akallabeth
36c3184a0f
[warnings] fix clang-tidy issues in libfreerdp 2024-08-29 15:34:22 +02:00
akallabeth
9c9d74e920
[warnings] fix redundant casts 2024-08-29 12:03:09 +02:00
akallabeth
1d33095500
[warnings] fix cert-err33-c
Fix unused return values, cast to void if on purpose
2024-08-29 10:19:27 +02:00
akallabeth
380c5808a0
Merge pull request #10518 from akallabeth/clang-tidy-cleanup
Clang tidy cleanup
2024-08-28 16:36:16 +02:00
Armin Novak
03449da9e9
[warnings] fix uninitialized variables 2024-08-28 10:46:40 +02:00
Armin Novak
d71af44bb1
[warnings] disable warnings for generated code
* Disable clang-tidy in test build directories
* Disable compiler warnings for test binary directories.

These contain generated code we can not change, so the warnings are just noise
2024-08-28 09:18:30 +02:00
akallabeth
56d660f258
[cmake] mark dependency includes SYSTEM
Mark all dependency include paths SYSTEM so warnings from system headers
are excluded from ci warning statistics
2024-08-26 11:10:49 +02:00
akallabeth
ba7fd06ec4
[coverity] fix some warnings
* mostly dead store and identical code branches.
* some possible integer overflows
2024-08-23 12:38:41 +02:00
Armin Novak
17d44e847f
[coverity] fix various warnings 2024-08-21 09:47:34 +02:00
akallabeth
c2d30a07e9
[crypto,cert] add getter for notBefore and notAfter
Add getters for ceritificate dates notBefore and notAfter. Returns the
date as RFC822 string.
2024-08-20 12:42:46 +02:00
akallabeth
dac0ae4976
[crypto,cert] extend certificate store API
Use the certificate PEM without trustchain in the local trust store, but
keep the full PEM with chain for the user facing callbacks.
2024-08-13 15:56:08 +02:00
akallabeth
22fb6aad31
[crypto,tls] fix AcceptedKey checks
* Add freerdp_certificate_get_pem_ex to extract PEM for cert only
* Compare only certificate without certificate chain
* Store only certificate PEM without chain for later comparison
2024-08-13 07:40:07 +02:00
akallabeth
7d2afe4f5a
[crypto,base64] fix sign warnings 2024-07-22 15:08:51 +02:00
akallabeth
45a7e5fd37
[crypto,base64] fix compiler warning 2024-07-22 15:08:43 +02:00
akallabeth
1de8f5a7aa
[core,gateway] pass rdpContext
* pass rdpContext to freerdp_tls_new
* check freerdp_shall_disconnect_context in http_response_recv
2024-06-27 08:42:08 +02:00
akallabeth
0633623b6d
Merge pull request #10281 from mfleisz/fix/cert-chain-pem
crypto: Fix handling of cert chain in get PEM function
2024-06-17 18:24:16 +02:00
akallabeth
d9473be307
[crypto,base64] force signed char
for lookup force signed char to avoid (unsigned)-1 casts
2024-06-17 17:02:41 +02:00
Martin Fleisz
7368c65240 crypto: Fix handling of cert chain in get PEM function 2024-06-17 14:48:15 +02:00
akallabeth
87ee8f5b77
[crypto,base64] use lookup tables 2024-06-08 08:34:02 +02:00
akallabeth
a93658cd06
[crypto,base64] apply INLINE and WINPR_RESTRICT 2024-06-07 12:32:16 +02:00
Armin Novak
8d783d5189
[covertity] fix various warnings 2024-06-05 09:19:59 +02:00
akallabeth
53d8e0f203
[crypto,tls] fix missing return 2024-05-25 09:17:06 +02:00
akallabeth
ef86df9a26
[crypto,tls] log BIO_do_handshake errors
add proper logging to make details of failures auditable
2024-05-23 14:48:39 +02:00
akallabeth
71e78bedd7 [warnings] fixed sign and const
* fix various char/BYTE sign warnings
* fix various const warnings
* fix format string size_t
* remove unused CMake variables
2024-04-18 11:05:58 +02:00
Ilya Shipitsin
25edec803b libfreerdp/crypto/certificate.c: handle malloc error 2024-04-06 07:11:14 +02:00
akallabeth
31a131b9e4 [crypto,cert] follow up to #10002
Ensure we always compare the lowercase hostname when looking for a
stored certificate or calculating a hash.
2024-03-21 15:07:58 +01:00
akallabeth
f98d0dd60a [crypto,cert] allow NULL certificate
If a certificate can not be read and is NULL return NULL for all queries
on that NULL certificate. Fixes #10002
2024-03-21 14:26:37 +01:00
akallabeth
6a7c375831 [crypto,cert] add better logging of certificate read
add missing log entries for possible failures due to invalid data
received. This allows better debugging if a server sends garbage or the
crypto routines have direct RSA routine access disabled.
2024-03-07 14:59:32 +01:00
David Fort
aebe9742e0 [client,win32] Child session fixes
It seems like WaitFor[Single|Multiple]Object calls aren't reliable on pipes, especially
on the pipe opened for childSession access. The object can be marked as signaled even if
no data is available, making the connection laggy and unresponsive (nearly unusable in some
cases).
This patch works around that by using ReadFileEx() with overlapped instead of simple
ReadFile() and use asynchronous reads.
2024-03-01 09:46:53 +01:00
amazingfate
e21afefb86 fix build with openssl < 1.1.1 2024-02-23 12:45:36 +01:00
akallabeth
d7ebec5a65 [tidy] move loop variable declaration to loop 2024-02-22 12:31:50 +01:00
akallabeth
0ba995655d [clang-tidy] cppcoreguidelines-init-variables 2024-02-15 11:49:16 +01:00
akallabeth
207def5c56 [clang-tidy] readability-isolate-declaration 2024-02-15 11:49:16 +01:00
David Benjamin
72bc3578a0 clang-format 2024-02-07 07:53:37 +01:00
David Benjamin
7548be62c3 Support RSA-PSS certificates in x509_utils_get_signature_alg
RSA-PSS in X.509 is truly horrible, and OpenSSL does not expose very good APIs
to extract this, even though the library does handle it internally. Instead, we
must tediously unwrap RFC 4055's unnecessarily complicated encoding of
RFC 8017's unnecessarily flexible RSA-PSS definition.
2024-02-07 07:53:37 +01:00
David Benjamin
f987e304ee Add some tests for x509_utils_get_signature_alg
Temporarily disable the RSA-PSS tests for now, but this is enough for a
regression test for the previous issue.
2024-02-07 07:53:37 +01:00
David Benjamin
bee7f94e93 [crypto,x509] fix tls-server-end-point signature algorithm selection
This reverts commit 00baf58a71. That
change appears to have been incorrect. It's described as simplying
retrieving the "default signature digest", but it actually changed the
function's behavior entirely. The function wasn't retrieving defaults
previously.

A certificate contains, among other things, a public key and a
signature. The public key is the public key of the subject. However, the
signature was generated by the issuer. That is, if I get a certificate
from a CA, the public key will be my public key and the signature will
be my CA's signature over the certificate contents.

Now, the original code returned the digest used in the certificate's
signature. That is, it tells you which signature algorithm did my *CA*
use to sign my certificate.

The new code extracts the certificate's public key (my public key, not
the CA's). This doesn't necessarily tell you the signature algorithm, so
it then asks OpenSSL what the "default" signature algorithm would it use
with the key. This notion of "default" is ad-hoc and has changed over
time with OpenSSL releases. It doesn't correspond to any particular
protocol semantics. It's not necessarily the signature algorithm of the
certificate.

Now, looking at where this function is used, it's called by
freerdp_certificate_get_signature_alg, which is called by
tls_get_channel_binding to compute the tls-server-end-point channel
binding. That code cites RFC 5929, which discusses picking the hash
algorithm based on the certificate's signatureAlgorithm:

https://www.rfc-editor.org/rfc/rfc5929#section-4.1

That is, the old version of the code was correct and the
"simplification" broke it. Revert this and restore the original version.

I suspect this went unnoticed because, almost all the time, both the old
and new code picked SHA-256 and it was fine. But if the certificate was,
say, signed with SHA-384, the new code would compute the wrong channel
binding.
2024-02-07 07:53:37 +01:00
akallabeth
2fffcd64b9 [winpr] use winpr_strerror instead of strerror
use the wrapper from WinPR to use the best implementation available.
2024-02-06 15:45:47 +01:00
akallabeth
ba8cf8cf21 [build] fix Wmismatched-deallocator warnings
With custom malloc function attributes the fail path in the _New
functions produces warnings due to allocator mismatches. Silence them.
2024-02-05 08:16:55 +01:00
akallabeth
bb42d425ed [gcc,clang] add support for attribute(malloc)
Mark all malloc like functions and add their appropriate free function
to let the compiler complain on mismatches
2024-02-02 15:10:40 +01:00
akallabeth
d5eecda8a3 [crypto,cert] log if empty certificate is read 2024-01-15 13:13:42 +01:00
Armin Novak
198774c035 [compat,libressl] fix compilation issues 2023-12-19 20:44:39 +01:00
Vic Lee
97ef5d09e9 [core,crypto] fix missing OpenSSL includes. 2023-12-11 08:51:59 +01:00
akallabeth
1b31852d32 [git] remove .gitignore
we do no longer allow in source builds, so remove all the .gitignore
files just hiding generated files
2023-11-28 12:14:55 +01:00
Armin Novak
6e6559c41a [settings] fix type mismatch warnings 2023-11-24 14:54:56 +01:00
akallabeth
cd4d77af86 [settings] add deprecation warnings
direct struct access to rdpSettings now produces warnings if not
explicitly deactiaved by defining FREERDP_SETTINGS_INTERNAL_USE
2023-11-24 14:54:56 +01:00