mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10,054 Commits 6 Branches 74 Tags 84 MiB
9fc8dc6b5d
Commit Graph

96 Commits

Author SHA1 Message Date
Marc-André Moreau
14cb6d33c6 freerdp: make modifications to NLA server-side fixes according to PR comments 2016-07-22 09:06:07 -04:00
Marc-André Moreau
801dc0f826 freerdp: add configurable NTLM SAM file option for server-side NLA 2016-07-21 18:58:24 -04:00
byteboon
158be3a9f0 fixed kerberos authentication 
Details: cbSecurityTrailer was assumed to be a fixed length for all signatures, however for Kerberos authentication the signature may generate smaller than this value
 2016-05-16 09:53:38 -07:00
Armin Novak
eacf2b542e Fixed memory leaks. 2016-05-12 10:01:30 +02:00
Martin Fleisz
5d956ebbb1 core: correctly set last error on credssp errors 2016-03-21 16:58:09 +01:00
Martin Fleisz
34a7c1860d core: Propagate credssp error code by setting last error 2016-03-21 10:23:18 +01:00
Martin Fleisz
1c2d315354 core: Add support for CredSSP version 3 2016-03-18 13:32:13 +01:00
Bernhard Miklautz
d73c4898c1 Add build-config.h 
build-config.h should contain configure/compile time settings that are
relevant for projects that use FreeRDP.

For example the compiled in plugin search paths.
 2015-11-09 15:54:22 +01:00
zihao.jiang
a7f4685c09 Sec/NLA: Support passwordless (blank password) login with NLA. 
It was supported in freerdp 1.0.2 but not supported in lastest master.
We should take empty password if it is explicitly specified with /v option.
If a password is not specified, we could first try SAM file. If the user entry does not exist, prompt for password.
 2015-10-10 01:48:41 +08:00
Armin Novak
18cea1c9ba Replaced cbMaxSignature with cbSecurityTrailer 
The token buffer size during authentication was constructed
from the wrong buffer size. These sizes are equal in case of
local account logins but differ with domain accounts.
 2015-07-09 10:09:18 +02:00
Armin Novak
ecf6ffdcce Fixed CompleteAuthToken return check. 2015-07-09 09:57:45 +02:00
Armin Novak
2fe5ecfc1b Fixed wrong output in log messages. 2015-07-08 17:41:23 +02:00
Martin Fleisz
9a2d33af12 Fixed missing encrypt / decrypt success check. 
The return of EncryptMessage and DecryptMessage was unchecked.
This lead to PLAINTEXT to be sent over the wire, a major security
issue.
 2015-07-08 17:41:23 +02:00
Armin Novak
5b0ee9b7ab Error checks and readable log messages. 2015-07-08 17:41:22 +02:00
Martin Fleisz
3b87cc0c07 Fixed server and client NLA state machine. 
When using NULL credentials (current context)
the server state machine did not send back the
required authentication token.
On client side erroneous checks prevented sending
the appropriate public key.
 2015-07-08 17:41:21 +02:00
Armin Novak
3a9db563fd NLA: Fixed length check. 2015-07-01 16:05:11 +02:00
Armin Novak
8479c824fd Fixed handling of optional TSPasswordCreds field. 2015-07-01 15:30:38 +02:00
Armin Novak
6c0e1af4af NLA decrypt credentials fixed. 2015-07-01 14:31:55 +02:00
Norbert Federa
20878e50fe Merge pull request #2724 from bmiklautz/leak_fix 
Fix leaks in certificate and identity handling
 2015-06-26 15:30:00 +02:00
Bernhard Miklautz
77ef5a80de nla: clear identity memory before releasing 2015-06-26 15:12:33 +02:00
Armin Novak
e8bfa29bd2 Replaced registry keys with cmake defines. 2015-06-24 14:02:48 +02:00
Bernhard Miklautz
2e87d0ee52 Fix leaks in certificate and identity handling 2015-06-23 15:40:37 +02:00
Armin Novak
212db120e0 Fixed NULL pointer dereference. 2015-06-23 12:07:38 +02:00
Bernhard Miklautz
09445c2b0e nla and cmdline: integrated feedback 
* fix possible problems with 0 size lengths
* add return value checks
 2015-06-23 10:14:11 +02:00
Bernhard Miklautz
06502e6a91 misc: integrate pull request feedback 2015-06-22 19:24:30 +02:00
David FORT
7c3f8f33ab Fixes for malloc / calloc + other fixes 
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
 2015-06-22 19:21:47 +02:00
Bernhard Miklautz
bf73f4e4f1 Fix unchecked strdups 
* add missing checks
* adapt function return values where necessary
* add initial test for settings
 2015-06-22 19:09:59 +02:00
Marc-André Moreau
3b3ffce042 Merge pull request #2705 from akallabeth/sspi_fix_v2 
Sspi fix v2 - Fixes static build
 2015-06-22 10:19:22 -04:00
Marc-André Moreau
1e39d7728c Merge pull request #2702 from akallabeth/nla_null_identity_support 
NLA Use current users credentials if none provided.
 2015-06-22 08:53:05 -04:00
Armin Novak
3c329aa207 Using InitSecurityInterfaceEx(0) now. 2015-06-17 13:23:44 +02:00
Armin Novak
34253f2664 Let SSPI module choose which implementation to use. 2015-06-15 15:21:21 +02:00
Armin Novak
219ca1c02b NLA identity now a pointer, allowing NULL. 
When NLA identity is NULL, the current user context
is used on windows.
 2015-06-15 15:03:13 +02:00
Martin Haimberger
951a2d2210 stream: check stream_new in winpr and libfreerdp 
also fixed a few things
 2015-05-29 04:46:50 -07:00
Norbert Federa
1eff1a345e free can handle NULL perfectly fine 2015-05-11 09:07:39 +02:00
Bernhard Miklautz
850de59b55 winpr: add checks for *alloc 
Add missing checks if memory allocation was successful. Also adapt
caller(s) when possible.
 2015-04-08 11:34:37 +02:00
Martin Fleisz
8d783bd2f0 Fix server side NLA 2015-03-23 08:33:14 +01:00
Marc-André Moreau
0e57706de5 libfreerdp-core: cleanup connect error codes, fix Win32 NLA 2015-02-17 21:01:27 -05:00
Marc-André Moreau
9c7b7ab561 libfreerdp-core: make NLA event-driven 2015-02-15 16:04:59 -05:00
Marc-André Moreau
eddfee56a3 libfreerdp-core: prepare client-side NLA for event-driven structure 2015-02-15 14:54:10 -05:00
Marc-André Moreau
ab5fdcc3f1 libfreerdp-core: NLA cleanup 2015-02-15 11:10:14 -05:00
Marc-André Moreau
889ccefe0d libfreerdp-core: remove TlsIn/TlsOut from rdpTransport 2015-02-12 16:22:25 -05:00
Marc-André Moreau
70fab69347 libfreerdp-core: gateway connection refactoring 2015-02-11 14:27:29 -05:00
Marc-André Moreau
aa8b843250 libfreerdp-core: move stuff down from transport to tsg layer 2015-02-11 11:57:02 -05:00
Marc-André Moreau
e0b0c77ecb libfreerdp-core: improve http parsing 2015-02-02 17:16:32 -05:00
Armin Novak
2f519d7f16 Replaced logging in libfreerdp with wlog defines. 2014-09-15 08:48:46 +02:00
Armin Novak
6762d73ae1 Fixed winpr_HexDump calls. 2014-09-09 16:33:05 +02:00
Armin Novak
b22b897389 Reformatted changed files. 2014-09-09 16:32:22 +02:00
Armin Novak
f8eae11bf3 Fixed calling of dump functions, updated API 2014-09-09 16:31:46 +02:00
Armin Novak
bcb5f90ee6 Replaced perror with DEBUG_WARN 2014-08-11 09:19:23 +02:00
Armin Novak
b897c6a433 Replaced fprintf(stderr with DEBUG_WARN 2014-08-07 22:20:35 +02:00