Marc-André Moreau
723e9a171b
libwinpr-sspi: fix server-side NLA
2014-06-10 14:38:17 -04:00
Marc-André Moreau
03cf7933d9
libwinpr-sspi: start implementing and using negotiate sspi module
2014-06-07 16:26:57 -04:00
Marc-André Moreau
a07f616895
libwinpr-sspi: improve link interface
2014-06-07 10:50:51 -04:00
Marc-André Moreau
220f885774
libwinpr-sspi: code hardening
2014-06-06 17:20:34 -04:00
Marc-André Moreau
940e6fbc15
libwinpr-sspi: make native sspi option dynamic
2014-06-06 15:34:12 -04:00
Vic Lee
63a1af4b35
transport: fix incorrect retval that caused unexpected redirect.
2014-06-04 15:57:27 +08:00
Martin Fleisz
d8061d23d6
Merge pull request #1882 from hardening/nla_fix
...
Nla fix
2014-06-04 09:30:34 +02:00
Martin Fleisz
6f1f4be0ae
Merge pull request #1873 from hardening/WTSVirtualChannelWriteCallers
...
Don't use NULL for pWrittenBytes when calling WTSVirtualChannelWrite()
2014-06-03 16:40:05 +02:00
Hardening
183155dbd1
Fix metrics leak
2014-06-03 14:54:56 +02:00
Marc-André Moreau
04968b18c4
libfreerdp-core: replace all OpenSSL built-in BIOs by new full duplex BIOs
2014-06-01 21:37:20 -04:00
Marc-André Moreau
a8be174e03
libfreerdp-core: remove ineffective full duplex locks
2014-06-01 11:20:13 -04:00
Marc-André Moreau
1ac2350ec5
libfreerdp-core: fail more gracefully when transport thread dies
2014-06-01 10:46:43 -04:00
Marc-André Moreau
c5e4c74bb6
libfreerdp-core: fix build on Windows
2014-05-30 15:29:06 -04:00
Marc-André Moreau
98077cfc24
Merge branch 'master' of github.com:FreeRDP/FreeRDP
...
Conflicts:
libfreerdp/core/transport.c
2014-05-30 15:06:07 -04:00
Marc-André Moreau
b1416af362
libfreerdp-core: add locks to disable full duplex BIOs (currently unsafe)
2014-05-30 14:53:10 -04:00
Marc-André Moreau
d2ad5f698b
libfreerdp-core: fix VerifyX509Certificate to make distinction between gateway and direct connection
2014-05-30 14:36:18 -04:00
Marc-André Moreau
709df9aecc
libfreerdp-core: add connection timeout, fix gateway bypass local
2014-05-30 14:03:20 -04:00
Vic Lee
e4e1315131
transport: add another null pointer check.
2014-05-31 01:08:00 +08:00
Marc-André Moreau
629858b676
libfreerdp-core: add gateway-usage-method command line option, avoid resetting BIO flags we shouldn't reset
2014-05-30 12:31:26 -04:00
Vic Lee
a3461cef06
transport: add a null pointer check.
2014-05-30 23:34:04 +08:00
Hardening
07e0eba7db
Check that bpp has reasonable value
...
As bpp is often used for malloc computations, let's check that it has
a reasonable value.
2014-05-29 10:12:02 +02:00
Hardening
61a58532db
Check for bpp > 0
...
Bpp == 0 just makes no sense
2014-05-29 09:24:59 +02:00
Hardening
640b901396
Set checks to be strict and also check xorBpp field
...
This patch:
* renames bpp to xorBpp ;
* changes checks to strict ;
* adds checks on the xorBpp field
2014-05-29 00:12:48 +02:00
Hardening
532c42052a
Fixes for CVE-2014-0250
...
This patch introduce misc checks when receiving pointer updates. We check
that the cursor are in the bounds defined by the spec. We also check that
the announced mask sizes are what they should be.
2014-05-28 23:07:00 +02:00
Hardening
c076ffb020
Don't use NULL for pWrittenBytes when calling WTSVirtualChannelWrite()
...
Nothing in the MSDN API says that setting NULL is safe. And if the
implementation uses WriteFile directly, it crashes.
2014-05-28 17:04:24 +02:00
Marc-André Moreau
18cac3d4dd
libfreerdp-codec: cleanup context state flushing
2014-05-26 12:43:30 -04:00
Marc-André Moreau
830659fc5c
libfreerdp-core: add new protocol metrics module
2014-05-26 12:30:58 -04:00
Marc-André Moreau
8d8e0c24fe
libfreerdp-codec: improve xcrush compressor error checking
2014-05-23 17:38:10 -04:00
Marc-André Moreau
67743b6832
libfreerdp-core: enable RDP6.1 XCrush compression/decompression by default
2014-05-23 14:11:53 -04:00
Marc-André Moreau
e8d3164f99
libfreerdp-core: fix windows build warning
2014-05-22 16:08:10 -04:00
Marc-André Moreau
b24c95ce59
libfreerdp-core: fix tcp_new on Windows
2014-05-22 15:13:00 -04:00
Marc-André Moreau
af4a413287
Merge branch 'non_blocking_writes' of github.com:hardening/FreeRDP into non_blocking_writes
2014-05-22 14:01:44 -04:00
Hardening
3200baca4b
Correctly export ringbuffer function and fix a warning
2014-05-21 22:20:38 +02:00
Hardening
5c9a6408cf
Fixed invalid declaration and missing argument
2014-05-21 19:13:40 +02:00
Hardening
dd6d829550
Allow transport_write calls to be non-blocking
...
This big patch allows to have non-blocking writes. To achieve
this, it slightly changes the way transport is handled. The misc transport
layers are handled with OpenSSL BIOs. In the chain we insert a
bufferedBIO that will bufferize write calls that couldn't be honored.
For an access with Tls security the BIO chain would look like this:
FreeRdp Code ===> SSL bio ===> buffered BIO ===> socket BIO
The buffered BIO will store bytes that couldn't be send because of
blocking write calls.
This patch also rework TSG so that it would look like this in the
case of SSL security with TSG:
(TSG in)
> SSL BIO => buffered BIO ==> socket BIO
/
FreeRdp => SSL BIO => TSG BIO
\
> SSL BIO => buffered BIO ==> socket BIO
(TSG out)
So from the FreeRDP point of view sending something is only BIO_writing
on the frontBio (last BIO on the left).
2014-05-21 17:42:31 +02:00
Hardening
0376dcd065
Fix OOM situation
2014-05-21 17:27:36 +02:00
Hardening
9c18ae5bee
Print function name when emiting an error
2014-05-21 17:27:36 +02:00
Marc-André Moreau
4bac8374de
Merge branch 'master' of github.com:FreeRDP/FreeRDP
2014-05-21 11:17:58 -04:00
Marc-André Moreau
7113cf2858
Merge pull request #1852 from orosam/auth3fix
...
Fix misplaced sec_trailer in rpc_auth_3 PDU
2014-05-21 11:01:12 -04:00
Marc-André Moreau
6f8fda247b
Merge pull request #1844 from caramorsimon/tokenrouting
...
Test for CRLF (0x0D0A) termination on the routing token
2014-05-21 10:56:56 -04:00
Marc-André Moreau
472c231876
Merge pull request #1826 from Hobby-Student/master
...
fix FreeBSD compile errors
2014-05-21 10:53:47 -04:00
Sandor Oroszi
d447f122c3
libfreerdp-core: fix misplaced sec_trailer in rpc_auth_3 PDU
2014-05-20 17:15:26 +02:00
caramorsimon
8e77192ed8
Test for RoutingTokenLength before checking against termination chars
2014-05-18 21:32:26 +01:00
caramorsimon
a561e246e8
Test for CRLF (0x0D0A) termination on the routing token before trying to add it again
2014-05-16 16:19:22 +01:00
Hardening
9f1d0201ec
Changes for base64
...
This patch changes the prototype for decode_base64 so that the encode / decode
method are consistant (encode(BYTE *) => char* and decode(char*) => BYTE*).
It also does some improvements with unrolling loops so that end conditions are
tested only at the end.
The patch also adds some unitary tests.
Before the patch base64_decode() made valgrind complain about uninitialized
bits, after valgrind is happy and very quiet.
2014-05-11 22:49:10 +02:00
Marc-André Moreau
5e97757939
freerdp: fix improper .rdp file parsing
2014-05-10 17:28:34 -04:00
Marc-André Moreau
b8d60d5715
Merge branch 'master' of github.com:FreeRDP/FreeRDP
2014-05-10 10:59:56 -04:00
Marc-André Moreau
ee282a931b
freerdp: fix build warnings on Windows
2014-05-10 09:50:36 -04:00
Hardening
e79c6b7d68
Treat OOM in GCC certificates
...
This patch treats OOM cases and do a trivial cleanup
2014-05-09 22:37:47 +02:00
Marc-André Moreau
2b27fd51ad
Merge branch 'master' of github.com:mrthebunny/FreeRDP
2014-05-08 21:15:02 -04:00