Armin Novak
b43c9f9060
Renamed file to known_hosts2.
2015-06-12 09:30:01 +02:00
Armin Novak
9dd9c35cee
Updated tests.
2015-06-11 11:34:36 +02:00
Armin Novak
3dda4eb0cf
Added NULL pointer checks, fixed warnings.
2015-06-11 11:34:22 +02:00
Armin Novak
7fc1c65165
Added subject and issuer to saved data.
...
When a certificate has changed, display not only the
fingerprint but also subject and issuer of old certificate.
2015-06-11 11:21:23 +02:00
Armin Novak
7786cf1376
Fixed fingerprint comparison, return value was inverted.
2015-06-11 09:59:04 +02:00
Armin Novak
90d836193c
Fixed formatting.
2015-06-11 09:58:58 +02:00
Armin Novak
3d27055539
Added test for fingerprint read.
2015-06-11 09:24:55 +02:00
Armin Novak
b983d8e595
Fixed data replace.
2015-06-11 09:24:53 +02:00
Armin Novak
acc96388a5
Added certificate_get_fingerprint function to read out old one.
2015-06-11 09:14:15 +02:00
Armin Novak
2204df97f8
Added port to certificate warnings.
2015-06-10 10:59:40 +02:00
Armin Novak
ef0b9abf15
Using binary mode for fopen.
2015-06-10 10:47:59 +02:00
Armin Novak
ebad760aff
Opening correct file.
2015-06-10 10:40:01 +02:00
Armin Novak
f4843e8ab3
Opening file on use now.
2015-06-10 10:34:02 +02:00
Armin Novak
05755b73ad
Working unit test for known_hosts functions.
2015-06-10 09:15:38 +02:00
Armin Novak
98fc5b6e93
Fixed bugs found due to test.
2015-06-10 09:15:28 +02:00
Armin Novak
991fc39a62
Added unit test.
2015-06-09 18:03:32 +02:00
Armin Novak
6192230737
Added legacy known_hosts support.
...
If no entry for the <host> <port> combination
was found in the v2 file and there is a legacy file
check if a matching <host> entry can be found.
In case there is a matching entry and the <fingerprint>
also matches, create a new entry in the v2 file using the
current port.
2015-06-09 16:12:41 +02:00
Armin Novak
6da4a5aaf0
Using '<host> <port> <fp>' format for known hosts.
2015-06-09 15:33:13 +02:00
Norbert Federa
1eff1a345e
free can handle NULL perfectly fine
2015-05-11 09:07:39 +02:00
Norbert Federa
f9f59cd29b
Fix unchecked CreateDirectory calls
2015-05-07 13:28:13 +02:00
David FORT
c03bf75896
Take in account @nfedera's comments
2015-04-07 21:06:53 +02:00
David FORT
8685a8e0a2
Fixed missing return value
2015-04-01 14:24:37 +02:00
David FORT
9bb4d64608
Correctly handle HMAC_Init_ex() for older versions of OpenSSL
2015-04-01 14:12:08 +02:00
David FORT
0eb399a717
Treat return values for security.c
...
This patch make functions in security.c return values when they should instead of
beeing void. And it also fix the callers of these functions.
2015-04-01 11:11:37 +02:00
Marc-André Moreau
ad6723835b
Merge pull request #2505 from bmiklautz/tls_shutdown
...
rename and update tls_disconnect
2015-03-31 09:26:30 -04:00
Norbert Federa
1ba681fecc
crypto: support MSFT iOS clients with faulty SNI
...
Microsoft iOS Remote Desktop Clients eventually send NULL-terminated
hostnames in SNI which is not allowed in the OpenSSL implementation.
Since we're not using SNI this commit adds an OpenSSL TLS extension
debug callback which modifies the SSL context in a way preventing it
from parsing this extension
2015-03-30 13:48:51 +02:00
Bernhard Miklautz
90968e07e1
rename and update tls_disconnect
...
tls_disconnect shut down the ssl stream but didn't inform
the BIO(s) about this therefore could happen that a second shut down
was initiated (e.g. in bio_rdp_tls_free) causing rather long delays.
After removing the shut down from tls_disconnect the only thing the
function does is to prepare/send an alert therefore it was renamed to
tls_send_alert.
2015-03-30 11:56:09 +02:00
Vic Lee
5f375d0a6f
tls: revert checking SSL_ERROR_SYSCALL which may cause deadlock.
2015-03-25 16:07:39 +08:00
Martin Fleisz
5fa777b11c
Merge pull request #2482 from llyzs/llyzs
...
tls: fix error handling of no error code.
2015-03-23 16:06:12 +01:00
Vic Lee
2137ccc3db
tls: retry for all SSL_ERROR_SYSCALL errors.
2015-03-20 10:03:30 +08:00
Marc-André Moreau
dc913d9f2c
libfreerdp-core: fix some RDG valgrind issues
2015-03-17 16:09:17 -04:00
Jason Plum
6ce5991e74
libfreerdp: crypto: add certificate chain validation!
2015-03-13 13:50:54 -04:00
Marc-André Moreau
5ab34dfa3e
Merge pull request #2456 from zhangzl2013/fix-realloc
...
Fix incorrect usage of realloc
2015-03-12 07:33:27 -04:00
Bernhard Miklautz
6072165fd7
crypto: use PEM as certificate store file format
...
Currently the certificate format expected in FreeRDPs certificate store
is DER (ASN1). On most linux/unix systems the system certificate store
default format is PEM. Which is also the more common format used by CAs
to distribute their certificates.
Changing the default format to PEM allows the usage of system
certificates or published CA certificates without the need to convert them.
This fixes a part of issue #2446 .
2015-03-11 12:06:52 +01:00
Zhang Zhaolong
4205dac57f
crypto: fix incorrect usage of realloc.
...
Signed-off-by: Zhang Zhaolong <zhangzl2013@126.com>
2015-03-11 12:37:35 +08:00
Jason Plum
30f28d4ac9
Fix case sensitive hostname comparison in tls
...
To do this I've swapped _strnicmp with memcmp. Seemless, but does lock it to the restrictions of that function.
Signed-off-by: Jason Plum <jplum@archlinuxarm.org>
2015-03-10 16:48:35 -04:00
Marc-André Moreau
44d06888bb
libfreerdp-core: fix BIO leaks
2015-02-18 15:36:57 -05:00
Marc-André Moreau
e241330daf
libfreerdp-core: rewrite tls_write_all to use front BIO only
2015-02-13 16:02:37 -05:00
Marc-André Moreau
b7a619ff8a
libfreerdp-core: move some rdpTcp operations under BIO layer
2015-02-13 14:26:02 -05:00
Marc-André Moreau
fa06c4d401
libfreerdp-core: improve reconnection
2015-02-06 14:21:26 -05:00
Marc-André Moreau
82d58086db
xfreerdp: partial reconnect fixes
2015-02-05 17:01:56 -05:00
Marc-André Moreau
81e190eccb
libfreerdp-crypto: fix tls_write_all ringbuffer usage
2015-01-14 13:25:54 -05:00
Marc-André Moreau
98cd697cad
libfreerdp-utils: add ringbuffer debug output
2015-01-14 13:15:57 -05:00
Bernhard Miklautz
f338e1f6c3
crypto: revert pull request #2130
...
The fix in #2130 eliminates the problem when connecting over a gateway
but introduces other problems server side and client side (client/server
can't detect anymore when a TCP connection was closed).
2014-11-26 19:46:32 +01:00
Marc-André Moreau
ddedc574f3
freerdp: remove tcp, uds utils
2014-11-12 14:06:34 -05:00
Marc-André Moreau
2de73e0243
Merge pull request #2130 from eosrei/2056/ts-gateway-connect-fail
...
Removing TS Gateway breaking BIO_clear_flags() call
2014-10-25 11:52:29 -04:00
Marc-André Moreau
ce7302a999
wfreerdp: cleanup clipboard
2014-10-22 22:32:55 -04:00
Brad
0746d8c14c
Do not BIO_clear_flags() when the SSL error is not valid to fix #2056
2014-10-08 00:00:36 -07:00
Marc-André Moreau
d102e746c8
Merge branch 'awakecoding' of github.com:vworkspace/FreeRDP
...
Conflicts:
libfreerdp/core/license.c
libfreerdp/core/nego.c
winpr/libwinpr/synch/wait.c
2014-09-19 14:38:25 -04:00
Mike McDonald
50cf0ee915
Modified per_read_integer to handle a length of 0 (which is seen when older RDP clients connect to the FreeRDP server)
2014-09-16 23:15:34 -04:00