Commit Graph

2356 Commits

Author SHA1 Message Date
Bernhard Miklautz
1a33b3383c
Merge pull request #5070 from akallabeth/gw_fixes_redirection
Fixed buffer reset in fields_present_to_string
2018-11-29 11:10:14 +00:00
David Fort
e7a44bc437
Merge pull request #5057 from akallabeth/order_settings_init_generic
Unified initialization of OrderSupport
2018-11-28 17:46:18 +01:00
Armin Novak
263cc74580 Fixed buffer reset in fields_present_to_string 2018-11-26 14:11:29 +01:00
Bernhard Miklautz
52d1b35a63
Merge pull request #5046 from akallabeth/silence_wlog
Do not compile extended debugging by default.
2018-11-26 11:10:59 +00:00
Bernhard Miklautz
0b8010f8d6
Merge pull request #5065 from akallabeth/tcp_connect_multi_fix
Fixed a possible NULL dereference.
2018-11-26 10:57:20 +00:00
Armin Novak
5623a4761f Fixed a possible NULL dereference. 2018-11-23 10:32:52 +01:00
Armin Novak
7d89ea22d4 Unified initialization of OrderSupport
Added a library internal function freerdp_settings_set_default_order_support
which initializes the OrderSupport array of settings.
Now clients no longer need to set this up on their own, if they
do not implement their own hardware accelerated order processing.
2018-11-23 10:11:50 +01:00
Armin Novak
391528f40a Fixed a broken length check in rdg_process_packet
HTTP gateway connections aborted due to this.
Additionally add more verbose error logging in RDG.
2018-11-23 09:45:09 +01:00
akallabeth
d0d414dfa0 Fix #5059: Changed return type of peer_free to void. 2018-11-22 19:08:25 +01:00
Martin Fleisz
6c97d318ec
Merge pull request #5022 from akallabeth/gw_rdg_error_mapping
Improved error mapping and tightened checks in rdg_process_packet
2018-11-22 15:10:58 +01:00
Armin Novak
3110b5f5c5 Simplified string empty check. 2018-11-22 14:29:22 +01:00
Armin Novak
8df39fdad4 Use blocking sockets in freerdp_tcp_connect_multi
The non blocking connect in freerdp_tcp_connect_multi did not
work reliably.
Fall back to blocking connect (which might take longer until the connection
is established) instead of not being able to connect at all.
2018-11-22 11:11:31 +01:00
Armin Novak
1ed436c8fc Fixed socket cleanup in connect multi. 2018-11-22 11:11:31 +01:00
Armin Novak
4b3f4cc2fc Fixed event check in freerdp_tcp_connect_multi 2018-11-22 11:11:31 +01:00
David Fort
5e7ac925f5
Merge pull request #5045 from akallabeth/license_double_free_fix
Fixed double free in license_free_binary_blob
2018-11-21 16:03:18 +01:00
Martin Fleisz
947aa80033
Merge pull request #5016 from akallabeth/windows_server_build_fix
Windows server build fix
2018-11-21 16:02:47 +01:00
Armin Novak
17bbe7a23f Do not compile extended authentication debugging by default. 2018-11-21 15:36:31 +01:00
Armin Novak
feb993b948 Fixed double free in license_free_binary_blob 2018-11-21 15:07:36 +01:00
Armin Novak
cdf1ee61f0 Proper field to string debug functions for each response in RDG 2018-11-21 14:37:38 +01:00
Armin Novak
a97bf21109 Fixed broken DEBUG_RDP log message. 2018-11-21 09:55:38 +01:00
Armin Novak
445a5a42c5 Fixed CVE-2018-8786
Thanks to Eyal Itkin from Check Point Software Technologies.
2018-11-20 11:08:31 +01:00
Bernhard Miklautz
ef0c7e81a7
Merge pull request #4953 from akallabeth/region_signed
signed gdi regions to adjust negative coordinates
2018-11-20 10:07:30 +00:00
Armin Novak
666ef4ab34 Fix #4864: Register pointer cache after PostConnect is called
With #4950 client side pointer implementation was made optional.
This addresses an issue that each client had to call
pointer_cache_register_callbacks on its own.
2018-11-20 09:49:39 +01:00
akallabeth
b6eca4fc54 signed gdi regions to adjust negative coordinates 2018-11-19 12:52:43 +01:00
Bernhard Miklautz
b7354ce438
Merge pull request #4940 from akallabeth/check_window_order_support
Added checks for order type window support.
2018-11-19 09:15:14 +00:00
Armin Novak
7839091f8b Skip redirection resolve test if we're connecting via gateway. 2018-11-16 15:48:10 +01:00
Armin Novak
870b7025b7 Improved error mapping and tightened checks in rdg_process_packet 2018-11-16 15:41:19 +01:00
Bernhard Miklautz
fe1a79759e
Merge pull request #5018 from hardening/windowpos
cmdline: add window-position argument to set initial window position
2018-11-15 16:46:57 +00:00
Bernhard Miklautz
b8cf70b13a
Merge pull request #4964 from akallabeth/rdg_fixes
Rdg/RPC and gateway fixes
2018-11-15 13:48:22 +00:00
David Fort
e118d14f6a cmdline: add window-position argument to set initial window position
This is useful if you want the window to be at a given position. The patch also mutualizes
the parsing of <xpos>x<ypos> or <width>x<height> arguments.
2018-11-15 14:40:03 +01:00
Armin Novak
4d7bece6ea Fixed order mask 2018-11-15 09:52:54 +01:00
Armin Novak
dd80a09781 Allow window orders with AllowUnanouncedOrdersFromServer 2018-11-15 09:52:54 +01:00
Armin Novak
c0b13cf43f Added checks for order type window support. 2018-11-15 09:52:50 +01:00
Bernhard Miklautz
d915491717
Merge pull request #5012 from akallabeth/rail_app_icons
Rail app icons
2018-11-15 08:50:56 +00:00
Armin Novak
a2cd934184 Fixed windows build warnings. 2018-11-15 09:01:53 +01:00
akallabeth
268a2c0cf8
Merge pull request #4979 from hardening/CAL
license: support CAL license
2018-11-14 13:45:31 +01:00
Armin Novak
98a537d05d Better description and formatting for update_read_icon_info 2018-11-14 11:57:57 +01:00
Armin Novak
7e12955c55 Made all internal functions static. 2018-11-14 11:57:57 +01:00
ilammy
7a2b6e1301 libfreerdp-core: fix reading TS_ICON_INFO
The spec says that CbColorTable field is present when Bpp is 1, 4, 8.
Actually, bpp == 2 is not supported by TS_ICON_INFO according to the
spec (though, DIB definitely supports 16-color images).

    MS-RDPERP 2.2.1.2.3 Icon Info (TS_ICON_INFO)

    CbColorTable (2 bytes):
        This field is ONLY present if the bits per pixel (Bpp)
        value is 1, 4, or 8.

Omitting 8-bit value breaks 256-color icons which are incorrectly
read with color and alpha data mixed up.
2018-11-14 10:53:45 +01:00
Armin Novak
138eb13fea Updated RDP_VERSION definitions. 2018-11-14 10:14:48 +01:00
Armin Novak
ecac998340 Fixed rdg bio cleanup.
When attaching the RDG BIO to the TLS BIO also transfer ownership.
2018-11-13 12:22:09 +01:00
Armin Novak
3c35a098f5 Fixed direct rdg front bio access. 2018-11-13 11:24:04 +01:00
Armin Novak
e070bbea8d Fixed leaks in rdg_send_channel_create 2018-11-13 11:22:37 +01:00
Armin Novak
342ff8cf0b Fixed broken server name packet size 2018-11-13 11:22:37 +01:00
Armin Novak
15a41586a8 Don't read content length in VIRTUAL_CONNECTION_STATE_OUT_CHANNEL_WAIT 2018-11-13 11:22:37 +01:00
Armin Novak
90d2e42600 Fixed ntlm_authenticate, split return from continue flag. 2018-11-13 11:22:37 +01:00
Armin Novak
4e0b4d7096 Fixed static INT_MAX checks, replaced with assert. 2018-11-13 11:22:37 +01:00
Armin Novak
398a33af63 Fixed all warnings in rdg module
Fix all missing range checks and warnings.
2018-11-13 11:22:37 +01:00
Armin Novak
9078b0deb9 Fixed extern declaration of rpc_bind p_uuid_t variables. 2018-11-13 11:22:37 +01:00
Armin Novak
b4fc0c75ce Made rdpRdp opaque 2018-11-13 11:22:37 +01:00
David Fort
b6e6575bf6 license: support CAL license
This patch simplifies the licensing code mutualizing encryption / decryption
routines. It also adds the support for client_info packet that allows to send a
previously saved CAL file.
2018-11-13 09:42:19 +01:00
Martin Fleisz
097ac0ee13
Merge pull request #4997 from akallabeth/use_bio_free_all
Replaced BIO_free with BIO_free_all
2018-11-12 13:55:36 +01:00
Martin Fleisz
9400bdccdb
Merge pull request #4996 from bmiklautz/tls_security_level
new [crypto/tls]: add support to set tls security level
2018-11-08 15:33:40 +01:00
Armin Novak
5f4843191b Replaced BIO_free with BIO_free_all
There is no point in using BIO_free with a custom recursion
to free up stacked BIOs if there is already BIO_free_all.
Using it consistently avoids memory leaks due to stacked BIOs
not being recursively freed.
2018-11-08 12:09:49 +01:00
Bernhard Miklautz
1222e7060b new [crypto/tls]: add support to set tls security level
The newly introduced option /tls-seclevel can be used to set the tls
security level on systems with openssl >= 1.1.0 or libressl.
As default level 1 is used as higher levels might prohibit connections
to older systems.
2018-11-08 11:13:15 +01:00
Armin Novak
5eca5ebde8 Fixed #4993: Allow uninitialized bio socket in transport_bio_simple_uninit
When the TLS connection is aborted early (certificate issues, ...)
the bio simple socket might not have been initialized.
Do not access the NULL pointer on cleanup.
2018-11-07 17:02:07 +01:00
Pascal J. Bourguignon
6f2caef778 Fix Issue #4983 : Increased size of buffer to encrypt hash with kerberos. 2018-11-06 11:20:02 +01:00
Bernhard Miklautz
aecc77cd77
Merge pull request #4969 from akallabeth/covscan_fix
Covscan fixes
2018-11-05 10:44:01 +00:00
David Fort
1a50a48332 fix uninitialised variable
Otherwise we can run in troubles when sending logon_info_v2 packets
2018-11-01 11:07:36 +01:00
David Fort
548025bcc3 nego: add new flags
Reading the new spec there's some new flags
2018-10-31 10:43:59 +01:00
Martin Fleisz
7b0f4f5dc4
Merge pull request #4907 from akallabeth/transport_write_leak_fix
Transport write leak fix
2018-10-29 14:54:55 +01:00
Armin Novak
423d54d752 Fixed signedness casts. 2018-10-25 14:08:20 +02:00
Armin Novak
6339c43c80 Fixed sockfd/socketBio resource leak. 2018-10-25 13:41:47 +02:00
Armin Novak
42014e80d0 Fixed sockfd/socketBio resource leak. 2018-10-25 13:38:31 +02:00
Armin Novak
f269a0ce5b Fixed sockfd/socketBio resource leak. 2018-10-25 13:19:45 +02:00
Armin Novak
847ee233f4 Fixed resource leak in rpc_ntlm_http_request 2018-10-25 12:49:42 +02:00
Armin Novak
987ca5ec6a Fixed another bunch of warnings. 2018-10-24 14:36:12 +02:00
Armin Novak
6ccaafe2d9 Fixed default return value for fastpath_send_multiple_input_pdu 2018-10-23 12:33:13 +02:00
akallabeth
d3c1db1746
Merge pull request #4947 from akallabeth/http_gw_fix
Fixed http gateway body length read.
2018-10-23 12:03:03 +02:00
Armin Novak
900abb61f7 Fixed memory leak in update_recv_surfcmd_surface_bits 2018-10-22 14:41:59 +02:00
Armin Novak
b9933e7af4 Read byte by byte, the alignment may otherwise be broken. 2018-10-19 12:52:14 +02:00
Armin Novak
5a747b118d Read http request in 4byte chunks until '\r\n\r\n' is found
Avoid reading too much data in a single call to BIO_read as some
implementations may return a lot more data than is part of the response.
2018-10-19 12:16:04 +02:00
Emmanuel Ledoux
33c7f6590a fixed partial reads 2018-10-19 11:56:56 +02:00
Armin Novak
d05684a50a Properly parse ContentType to find length. 2018-10-19 11:47:11 +02:00
Armin Novak
7e397d0f1c Fixed http gateway body length read. 2018-10-19 09:31:55 +02:00
akallabeth
6f14018a22
Merge pull request #4945 from mmattes/fix/transferEncoding
transferEncoding can be NULL, correct if happens in line 348
2018-10-18 15:37:24 +02:00
Norbert Federa
850d2dbda9
Merge pull request #4942 from akallabeth/rail_fixes_2.0
Fix ORDER_TYPE_WINDOW reading
2018-10-18 14:11:18 +02:00
Norbert Federa
5ef243f91f
Merge pull request #4941 from nfedera/nf-remove-stale-valgrind-macro
gateway/rpc: remove stale valgrind macro
2018-10-18 14:08:23 +02:00
Markus Mattes
6d5b88cda6 transferEncoding can be NULL, verification happens in line 348 2018-10-18 13:59:49 +02:00
Armin Novak
5b70142ec4 Fixed read_altsec_order ORDER_TYPE_WINDOW 2018-10-18 12:34:10 +02:00
Armin Novak
8bdb5d771a Fixed order to string format string. 2018-10-18 12:33:06 +02:00
Norbert Federa
d201deede8 gateway/rpc: remove stale valgrind macro 2018-10-18 11:45:18 +02:00
Armin Novak
2e3832af94 Fixed TSG stream alignment (4 or 8) 2018-10-18 10:41:03 +02:00
Armin Novak
dc197d4dd1 Fixed tsg abort condition. 2018-10-18 10:15:51 +02:00
Armin Novak
88d310ff2c Fixed compiler warnings (casts, ...) 2018-10-18 09:09:30 +02:00
Martin Fleisz
e46d1d95ff
Merge pull request #4926 from akallabeth/primary_order_checks
Order data validation and correction
2018-10-17 16:02:28 +02:00
Armin Novak
991f051a63 Fixed stream release for transport_write 2018-10-17 14:55:55 +02:00
Armin Novak
aefb7728f6 Removed debug log entries, simplified order support check. 2018-10-17 14:16:16 +02:00
Armin Novak
f91590ecbf Fixed bugs detected during scanbuild run 2018-10-17 13:19:33 +02:00
akallabeth
8fe3ac5d26
Merge pull request #4902 from akallabeth/gw_refactor_3
Gateway refactoring
2018-10-17 12:23:10 +02:00
Armin Novak
7b860ce96a Add command line option /relax-order-checks 2018-10-17 12:16:58 +02:00
Armin Novak
4d124cf5d1 Fixed order requirements. 2018-10-17 10:09:27 +02:00
Armin Novak
cab2e28576 Fixed missing value check 2018-10-16 17:09:29 +02:00
Armin Novak
c51ca89d9b Fixed glyph cache 2018-10-16 16:10:17 +02:00
Armin Novak
5ea4a7d3b0 Proper order checks. 2018-10-16 15:56:17 +02:00
Armin Novak
16d553a75f Check if incoming secondary alternate orders have been activated. 2018-10-16 13:59:37 +02:00
Armin Novak
711da861e8 Check if incoming secondary orders have been activated. 2018-10-16 13:48:43 +02:00
Armin Novak
88bd262134 Send brush support level from settings. 2018-10-16 13:48:29 +02:00
Armin Novak
c99434691e For every order check if it is activated in settings before processing. 2018-10-16 13:13:01 +02:00
Armin Novak
fb87f6d0bd Added a warning that the server sent an unsupported order 2018-10-16 12:46:44 +02:00
Armin Novak
e4b24aa31e Fixed arguments to *adust 2018-10-16 12:36:08 +02:00
Armin Novak
14321a2d52 Adjust rectangles where appropriate. 2018-10-15 16:34:44 +02:00
Armin Novak
e5d60370b4 Fixed MultiOpaqueRect
Sanitize rectangle boundaries, the coordinates of old servers are often out of bound.
2018-10-15 15:27:17 +02:00
Armin Novak
479233cedc Fix bounding rectangle of OpaqueRect
This order has often negative coordinates, sanitize before passing on.
2018-10-15 15:23:04 +02:00
Armin Novak
ca3fb26230 Deactivated unimplemented orders. 2018-10-15 15:22:50 +02:00
Armin Novak
63823f54ee Removed checks for LineTo, that is handled by the drawing routines 2018-10-15 14:36:03 +02:00
Armin Novak
f88ed950d3 Fixed various issues with primary orders. 2018-10-15 14:30:58 +02:00
Armin Novak
83fba667c1 Fixed logging. 2018-10-15 13:56:19 +02:00
Armin Novak
8cfffcc027 Use dynamic logging and fix compiler warnings. 2018-10-15 13:20:47 +02:00
Armin Novak
ed02832a81 Added altsec return value checks. 2018-10-15 13:15:57 +02:00
Armin Novak
09bef3bab2 Unified logging. 2018-10-15 13:10:48 +02:00
Armin Novak
aecda5280a Added plausibility checks for order input coordinates. 2018-10-15 10:34:47 +02:00
Armin Novak
766a66a7c2 Fixed stream get position. 2018-10-09 14:24:58 +02:00
Armin Novak
166bdf018c Fixed return value of rpc_channel_tls_connect 2018-10-09 14:24:39 +02:00
Armin Novak
65bfb67f7c Fixed rpc_client_write_call resource cleanup. 2018-10-09 14:19:05 +02:00
Armin Novak
8c92f3436d Fixed argument name for ntlm_client_encrypt 2018-10-09 14:16:27 +02:00
byteboon
1d99d2d5fa Regression: added back kerberos signature fix that was lost in a recent refactor #4801 2018-10-05 09:43:00 -07:00
David Fort
2e1bf90bd9
Merge pull request #4885 from akallabeth/autoreconnect_handle_window_events
Fixed #3423: Process xevents when in reconnect mode.
2018-10-03 09:42:16 +02:00
Armin Novak
3b7f522eb7 Release stream in transport_write in all error cases. 2018-10-02 10:31:23 +02:00
Armin Novak
fc9ff6d2fc Made gateway NTLM self contained. 2018-09-28 12:29:29 +02:00
Armin Novak
99eb9f7ec9 Refactored and simplified RPC signature functions. 2018-09-28 12:08:27 +02:00
Armin Novak
9516c251c7 Made TSG struct opaque 2018-09-28 12:00:45 +02:00
Armin Novak
7ab1251a67 Refactored rpc_client and resolve gateway only once. 2018-09-27 16:42:27 +02:00
Armin Novak
f5f155b057 Refactored RpcClient functions 2018-09-27 16:26:46 +02:00
Armin Novak
47ba37fbcb Unified dns resolving of host 2018-09-27 16:08:28 +02:00
Armin Novak
8a677d6cf2 Refactored rdg channel structs. 2018-09-27 16:05:14 +02:00
Armin Novak
d748adbf14 Refactored gateway ncacn HTTP to be self contained. 2018-09-27 15:19:41 +02:00
Armin Novak
a5fdf9e006 Refactored gateway HTTP to be self contained. 2018-09-27 15:04:41 +02:00
Martin Fleisz
5339efd6e4
Merge pull request #4882 from akallabeth/no_proxy_cidr
Fixed #4878: Added cidr support for proxy exception check.
2018-09-26 09:20:54 +02:00
akallabeth
0b8a66188c
Merge pull request #4865 from mmattes/feature/floatbar
Feature/floatbar for X11
2018-09-25 16:34:20 +02:00
Armin Novak
941213f504 Fixed domain and regex match. 2018-09-24 12:24:15 +02:00
Armin Novak
3a2bfa183f Fixed #4878: Added cidr support for proxy exception check. 2018-09-24 11:51:40 +02:00
David Fort
040d14b673
Merge pull request #4869 from akallabeth/clear_fix
Fix #4868: Separate codec reset from initial setup
2018-09-24 09:46:33 +02:00
Martin Fleisz
2096c1108e
Merge pull request #4872 from akallabeth/sw_gdi_default
Fix #4851: Software GDI is now default
2018-09-21 13:02:39 +02:00
akallabeth
30601608e4
Merge pull request #4855 from r-barnett/fix-logoff-exit-code
Map a particular disconnect situation triggered by a user logging off…
2018-09-20 12:07:36 +02:00
Armin Novak
dfb1049653 Fix #4851: Software GDI is now default 2018-09-20 10:44:03 +02:00
rbarnett
5d3e76bd80 Replace cryptic names; move the disconnect ultimatum reasons enum into public API and rename; remove setter 2018-09-19 09:36:39 -05:00
Tobias
a4df4f7bbf
Do not prompt if blank password was provided 2018-09-19 15:36:24 +02:00
Armin Novak
13e59b5d6a Fix #4868: Allow empty bands data. 2018-09-19 14:18:29 +02:00
rbarnett
8458266183 Store the disconnect provider ulimatum reason in a new field in struct rdp_context and move the test for a logoff reason to xf_client.c 2018-09-18 15:31:10 -05:00
Markus Mattes
21e4804a7f implemented floatbar for x11 2018-09-18 21:25:51 +02:00
Martin Fleisz
0b7b9c0dc4
Merge pull request #4842 from akallabeth/smartcard_rdp_logon
Added /smartcard-logon option to set flag. (Stripped version of #4837…
2018-09-17 09:08:47 +02:00
rbarnett
5db0b57fcd Map a particular disconnect situation triggered by a user logging off to a user logoff code. 2018-09-14 09:54:35 -05:00
Armin Novak
cf319001f9 Fixed out of bound access. 2018-09-05 16:34:49 +02:00
Armin Novak
0de43c8b85 Added /smartcard-logon option to set flag. (Stripped version of #4837 by @informatimago) 2018-09-04 15:50:03 +02:00
Armin Novak
54f3a388da Fixed #4835: BeginPaint callback now optional. 2018-09-04 10:40:17 +02:00
Armin Novak
fad20be6e6 Fixed missing includes. 2018-08-27 14:34:42 +02:00
Armin Novak
62c1696d4c Removed use of unchecked sprintf 2018-08-27 14:34:42 +02:00
Armin Novak
114abad767 Removed use of strcpy. 2018-08-27 14:34:09 +02:00
Armin Novak
33be80cb41 Removed unused variables. 2018-08-24 13:40:36 +02:00
Armin Novak
a3819f65e8 Fixed unused variable warnings. 2018-08-24 13:40:36 +02:00
Martin Fleisz
0fb19d04be
Merge pull request #4810 from akallabeth/no_proxy_support
No proxy support
2018-08-24 11:41:58 +02:00
Martin Fleisz
f9e52c1850
Merge pull request #4815 from akallabeth/async_transport_remove
Removed +async-transport options
2018-08-24 09:48:51 +02:00
Armin Novak
b5df39756d Added option to ignore proxy env. 2018-08-23 17:02:43 +02:00
Armin Novak
4bea9934cf Added patch from #4697 2018-08-23 17:02:43 +02:00
Martin Fleisz
3381ca46e6
Merge pull request #4787 from akallabeth/redirect_fqdn_fix
Redirect fqdn fix
2018-08-23 16:07:48 +02:00
Ondrej Holy
47595a857f core/transport: Fix leak found by covscan
0 is valid return value from socket().

leaked_handle: Handle variable "sockfd" going out of scope leaks the handle.
2018-08-22 14:34:02 +02:00
Ondrej Holy
1a413b5b4e core/tcp: Prevent buffer overflow found by covscan
buffer_size_warning: Calling strncpy with a maximum size argument of 108 bytes on destination array "addr.sun_path" of size 108 bytes might leave the destination string unterminated.
2018-08-22 14:34:02 +02:00
Ondrej Holy
26bc52f79c core/tcp: Format code by astyle
Run ./scripts/format_code.sh before the following changes.
2018-08-22 14:34:02 +02:00
Ondrej Holy
7e4fa67026 core/proxy: Fix leak found by covscan
leaked_storage: Variable "s" going out of scope leaks the storage it points to.
2018-08-22 14:34:02 +02:00
Ondrej Holy
2417a6a16c core/nla: Fix leak found by covscan
leaked_storage: Variable "s" going out of scope leaks the storage it points to.
2018-08-22 14:34:02 +02:00
Ondrej Holy
6e0f05cbdb core/nego: Fix leak found by covscan
leaked_storage: Variable "wszPCB" going out of scope leaks the storage it points to.
2018-08-22 14:34:02 +02:00
Ondrej Holy
8f8d91e361 core/listener: Prevent buffer overflow found by covscan
buffer_size_warning: Calling strncpy with a maximum size argument of 108 bytes on destination array "addr.sun_path" of size 108 bytes might leave the destination string unterminated.
2018-08-22 14:34:02 +02:00
Ondrej Holy
23c3c188c9 core/info: Silence false positive warnings from covscan
Change the code a bit to silence false positive warnings from covscan.

pass_freed_arg: Passing freed pointer "wString" as an argument to "Stream_Write".
pass_freed_arg: Passing freed pointer "wString" as an argument to "Stream_Write".
2018-08-22 14:34:02 +02:00
Ondrej Holy
4a7bb18428 core/info: Fix leak found by covscan
leaked_storage: Variable "wString" going out of scope leaks the storage it points to.
2018-08-22 14:34:02 +02:00
Ondrej Holy
83e966d9e2 core/gateway/rpc: Fix leak found by covscan
0 is valid return value from socket().

leaked_storage: Variable "auth_3_pdu" going out of scope leaks the storage it points to.
leaked_storage: Variable "response" going out of scope leaks the storage it points to.
leaked_handle: Handle variable "sockfd" going out of scope leaks the handle.
2018-08-22 14:34:02 +02:00
Ondrej Holy
6de583e137 core/gateway/rpc: Format code by astyle
Run ./scripts/format_code.sh before the following changes.
2018-08-22 14:34:02 +02:00
Ondrej Holy
409e192334 core/gateway/rdg: Fix leak found by covscan
leaked_storage: Variable "request" going out of scope leaks the storage it points to.
leaked_handle: Handle variable "sockfd" going out of scope leaks the handle.
leaked_handle: Handle variable "sockfd" going out of scope leaks the handle.
2018-08-22 14:34:02 +02:00
Armin Novak
c3a26b0d6a Removed +async-transport options
The async transport option is broken by design.
If used the main loop is called from the transport thread and the
main thread of the application.
Unless the transport layer is refactored to just work on queues
(input and output) this option will never work, therefore remove it.
2018-08-22 13:56:37 +02:00
Armin Novak
13564dbb41 Allow redirect address override with a list of values. 2018-08-08 12:30:47 +02:00
Armin Novak
cc5e402cda Added command line option /redirect-prefer:<fqdn|ip|netbios>
Since redirection sometimes happens with internal DNS names that
are resolved different by outside DNS it must be possible to override
the preferred redirection hint.
2018-08-08 11:24:13 +02:00
Armin Novak
f6b6eba0ab Try redirection FQDN first, but check if it is resolvable. 2018-08-08 10:25:09 +02:00
Armin Novak
ec0a0fef2a Added const to function buffer pointers 2018-08-01 12:56:18 +02:00
Armin Novak
3a30844db8 Added default return value. 2018-07-31 10:45:04 +02:00
Armin Novak
328eba7fe9 Fix #4752: Provide message free function for channel queue. 2018-07-18 15:31:07 +02:00
Armin Novak
7a6b8a04b9 Fixed channel reconnect after redirect. 2018-07-13 13:11:38 +02:00
Armin Novak
f617d0d3c1 Moved automatic reconnect after timeout to freerdp_connect. 2018-07-10 14:09:43 +02:00
Armin Novak
77eb93b4b7 Made internal functions static to help compiler optimize. 2018-07-10 12:21:38 +02:00
Armin Novak
7a39dcd7e2 Updated reconnect to handle cases where PostConnect was not called
freerdp_reconnect might be called after a freerdp_connect failed due
to a TCP timeout waiting for user input.
In such cases we need to know if PostConect was already called and
do that if not.
2018-07-10 12:04:27 +02:00
Armin Novak
c9cebf6ed6 Remember accepted PEM cert to avoid unnecessary user input. 2018-07-10 11:27:58 +02:00
Armin Novak
0d1895e4e7 Fixed async input return value check. 2018-07-09 17:45:50 +02:00
Armin Novak
398da7340b Added no or missing credentail error. 2018-07-05 16:12:52 +02:00
Armin Novak
8f7dbe5051 Fix #4725: Need to copy data. 2018-07-05 08:44:42 +02:00
Martin Fleisz
a0fddd1747
Merge pull request #4530 from akallabeth/order_refactor
[leak fixes] Refactored order updates
2018-07-04 14:21:36 +02:00
Armin Novak
35cd438eca Added enum for client connection state. 2018-06-25 09:25:27 +02:00
Armin Novak
e44d10a3e0 Merge remote-tracking branch 'origin/pr/4701' into reconnect_fixes 2018-06-19 12:46:58 +02:00
Armin Novak
273655a850 Follow up fix for #4631
Remember the callback state to avoid calling reerdp_channels_post_connect
before the corresponding client callback has benn called.
This might happen during redirection and reconnection.
2018-06-18 10:44:35 +02:00
Pascal J. Bourguignon
15f2bafeab Cleaned up const char** -> char** for argv, since we definitely do modify the argv!
(we overwrite the password and pin arguments).
This implies changes in the argument parsing tests that now must pass a mutable argv
(copied from the statically declared test argvs).
Some other const inconsistency have been dealt with too.
2018-06-06 16:43:09 +02:00
Armin Novak
e1ea441275 Fixed #4629: Only call freerdp_channels_post_connect when it was connected.
In rdp_client_redirect or rdp_client_reconnect freerdp_channels_post_connect must
be called if the channels were connected previously.
This might not be the case, skip that call then.
2018-05-11 10:49:29 +02:00
Martin Fleisz
9c02f1bd17
Merge pull request #4627 from akallabeth/clang_warning_fixes
Clang warning fixes
2018-05-04 13:07:01 +02:00
Armin Novak
28ac0ee146 Fixed NULL dereferences. 2018-05-04 12:42:44 +02:00
Armin Novak
46a62aa1a4 Fixed missing NULL pointer checks. 2018-05-04 12:35:51 +02:00
Martin Fleisz
65e329782e
Merge pull request #4624 from akallabeth/pth_fix
Fixed /pth: Consistently treat the hash offset to password length.
2018-05-04 11:59:21 +02:00
Armin Novak
069c58a72b Fixed memory leak. 2018-05-04 11:47:05 +02:00
Armin Novak
458e51eae8 Do not set password to identity if pth is used. 2018-05-04 10:40:55 +02:00
Martin Fleisz
99346d19c6
Merge pull request #4611 from akallabeth/argument_warnings
Argument warnings
2018-05-04 10:06:42 +02:00
Armin Novak
b59b0a4425 Added error log messages. 2018-05-04 09:11:41 +02:00
Ashley Davis
ae54f5bded
First person "they" pronouns in logoff message 2018-05-03 12:11:13 -04:00
Armin Novak
5b961e9c75 Fixed /pth: Consistently treat the hash offset to password length. 2018-05-03 17:51:11 +02:00
Armin Novak
d4c98e4e71 Fixed formatting. 2018-05-03 12:30:40 +02:00
Armin Novak
5765e9a422 Fixed #4476: broken casts/variable sizes for custom BIO calls. 2018-05-03 12:30:40 +02:00
Martin Fleisz
296b19e172
Merge pull request #4596 from p-pautov/rdg_ssl_fixes
RDG related fixes for better compatibility with mstsc
2018-05-03 10:23:12 +02:00
akallabeth
2215071b23
Merge pull request #4576 from ccpp/bugfix-rdg-poll
Fix polling in RDG
2018-05-02 17:59:10 +02:00
Armin Novak
f631958a08 Fixed argument warning. 2018-05-02 13:08:17 +02:00
Martin Fleisz
31c804c349
Merge pull request #4603 from hardening/socksplus
SOCKS5 proxy support
2018-05-02 11:26:13 +02:00
David Fort
0f968b782c proxy: cleanup SOCKS support and add user/password support 2018-05-02 10:51:16 +02:00
Armin Novak
e0af47d26d Fixed rebase introduced error. 2018-05-02 09:56:49 +02:00
Jiri Sasek
1ba31551a6 socks proxy reply fix 2018-05-02 09:43:03 +02:00
Armin Novak
f19a17d3ed Fixed surface bits command cleanup. 2018-05-02 08:54:21 +02:00
Armin Novak
4e66972616 Fixed remaining global order buffers. 2018-05-02 08:54:21 +02:00
Armin Novak
e5767f07ac Refactored order updates
Unified order creation/copy/delete to avoid memory leaks.
2018-05-02 08:54:21 +02:00
David Fort
8cba201999
Merge pull request #4548 from akallabeth/autoreconnect_fix
Autoreconnect fix
2018-04-27 09:39:30 +02:00
David Fort
782039c6aa
Merge pull request #4589 from oshogbo/token
Recognize only the cookie format anything else treat as token.
2018-04-26 11:59:15 +02:00
p-pautov
fda76349b9
Fix Windows build. 2018-04-26 02:11:04 -07:00
Pavel Pautov
a0019ec79c Fallback to RDG RPC transport only if server does not support RDG HTTP and
error out in other cases - invalid RDG SSL cert, bad credentials, PAA failue, etc.
2018-04-25 18:36:43 -07:00
Christian Plattner
4a19f49878 Fail on unimplemented BIO_ctrl for /gt:rpc 2018-04-24 20:45:52 +02:00
Christian Plattner
4739189cfc Implement BIO_ctrl more correctly for RDG
See #3602

This change is discussed in https://github.com/FreeRDP/FreeRDP/pull/4576#pullrequestreview-113381733
2018-04-24 16:47:33 +02:00
Mariusz Zaborski
6515453886 Recognize only the cookie format anything else treat as token.
If in the RDP file we will set loadbalanceinfo.
Instead of getting the cookie value we will get load balance info.

For example:
0000 03 00 00 2a 25 e0 00 00 00 00 00 74 73 76 3a 2f ...*%......tsv:/
0010 2f 56 4d 52 65 73 6f 75 72 63 65 2e 31 2e 41 48 /VMResource.1.AH
0020 0d 0a 01 00 08 00 0b 00 00 00                   ..........

The MSFT-SDLBTS document don't describe this behavior.

For this reason lets treat the token as anything ended with seqance
CR and CL. To be honest we already did that because in the core/connection.c
file where we are seting the routing_token to the LoadBalanceInfo.
2018-04-24 15:00:00 +02:00
Mariusz Zaborski
b9ddf2046c Fix comments where is cookie and where is token. 2018-04-24 14:34:45 +02:00
Jiri Sasek
b1c1549ad1 SOCKS proxy support 2018-04-23 21:01:01 +02:00
Christian Plattner
a15644365e Fix BIO_get_fd for RDG, again. 2018-04-18 21:50:47 +02:00
Christian Plattner
f9d036a874 Fix #3602 by implementing BIO_get_fd correctly for RDG 2018-04-18 10:47:06 +02:00
Pavel Pautov
c866923897 Avoid buffer to struct cast. 2018-04-16 19:06:16 -07:00
Pavel Pautov
8fc0ea7199 Send correct packet size in case of PAA. Some cleanup. 2018-04-16 19:06:16 -07:00
Pavel Pautov
bbee19ced2 Content-Length and Transfer-Encoding are mutually exclusive. 2018-04-16 19:06:16 -07:00
Pavel Pautov
ec42228b2a Consolidate IN/OUT data connections establishment into common function and clean up related code. 2018-04-16 19:06:16 -07:00
Pavel Pautov
00256bba1d Move NTLM auth related code into dedicated functions. 2018-04-16 19:06:16 -07:00
Pavel Pautov
269dec6377 Consolidate rdg_tls_out_connect/rdg_tls_in_connect into single function. This also fixes connections to RDG server via proxy. 2018-04-16 19:06:13 -07:00
Pavel Pautov
e639e2caf3 Removed unused "readEvent" - no one checks if it was set.
Removed needless rdg_check_event_handles declaration.
2018-04-16 16:05:40 -07:00
Pavel Pautov
1530bcf916 Consolidate rdg_send_in_channel_request/rdg_send_out_channel_request into single function. 2018-04-16 16:05:40 -07:00
Pavel Pautov
0fbf8f8957 Explicitly skip "seed" payload on RDG OUT connection, to avoid issues when it's split over several SSL records. 2018-04-16 16:05:40 -07:00
Pavel Pautov
44cb710496 Moved some repeated "read all" code into function. 2018-04-16 16:05:40 -07:00
Armin Novak
1feca7768e Fixed redirection with session brokers.
* Only reconnect channels on redirect, if they have already been connected.
* Prefer TargetNetAddress over FQDN to connect.
2018-04-16 16:46:48 +02:00
Martin Fleisz
855af9e941
Merge pull request #4557 from akallabeth/connect_error_fix
Set connection error if TCP connect fails.
2018-04-12 12:10:56 +02:00
David Fort
14cce798e8
Merge pull request #4544 from oshogbo/nSize
Don't restrict the hostname size.
2018-04-12 11:11:57 +02:00
Armin Novak
685f5a8d20 Do not clear last error if not reconnecting. 2018-04-11 10:06:11 +02:00
Armin Novak
2fc31fcb37 Set connection error if TCP connect fails. 2018-04-11 09:09:23 +02:00
Andre Esteve
d240069b5e Gateway (RDG) use same IP for both channels 2018-04-10 20:59:33 -07:00
akallabeth
09c766cdeb
Merge pull request #4551 from oshogbo/nego_0
Fix setting of negotiated security protocol.
2018-04-09 19:00:48 +02:00
Mariusz Zaborski
480abdde91 Fix setting of negotiated security protocol.
PROTOCOL_RDP is equals 0 so if we and it with anything is still 0.
Correct way of doing it is to compare two values.
2018-04-09 17:14:37 +02:00
Bernhard Miklautz
e818dd5679
Merge pull request #4549 from oshogbo/krb
Fix checking of krb in encrypt public key echo.
2018-04-09 16:26:18 +02:00
Mariusz Zaborski
dc2c826edd Fix checking of krb in encrypt public key echo.
In commit 0e1a073384 there was a mistake -
originally code said different then kerberos. Because of that NLA authentication
of server side didn't work for me.
2018-04-09 15:09:38 +02:00
Armin Novak
7af9ba9171 Refactored reconnect and redirect API
Reconnect and redirect share the same code on disconnect.
Move that to a single function and export it as it may be required
to terminate the session properly before reconnect is called.
2018-04-09 14:04:30 +02:00
Armin Novak
0a7691de58 Fixed channel (dis)connect on redirect or reconnect. 2018-04-09 11:26:12 +02:00
Armin Novak
1698a54b04 Removed unnecessarty string duplications. 2018-04-09 11:26:05 +02:00
Mariusz Zaborski
00374382d9 There is no reason to restrict nSize to 2 the hostname can be empty on
UNIX-like machines.
2018-04-06 21:07:51 +02:00
Armin Novak
3762e06714 Fixed RDP debug message invalid function. 2018-04-06 11:34:24 +02:00
Armin Novak
26d9957608 Fix pointer type mismatch struct sockaddr_storage* and struct sockaddr* 2018-04-05 10:47:50 +02:00
MartinHaimberger
a9ecd6a6cc
Merge pull request #4535 from akallabeth/warning_fixes
Warning fixes
2018-04-05 10:20:43 +02:00
MartinHaimberger
0af63d4c6f
Merge pull request #4481 from akallabeth/fastpath_fix
Fastpath uncompressed length issue
2018-04-05 10:17:51 +02:00
Martin Fleisz
ff8b2c1b0e core: Fix IPv6 handling on Windows
On Windows the sockaddr struct is smaller than sockaddr_in6.
This causes getsockname to fail because the buffer is too small.
The new code uses sockaddr_storage which should be large enough to
hold any supported protocol address structure.

See: http://pubs.opengroup.org/onlinepubs/009696699/basedefs/sys/socket.h.html
2018-04-04 17:19:18 +02:00
Armin Novak
e47d7eb968 Simplified fastpath buffer handling. 2018-04-04 13:24:43 +02:00
Armin Novak
f840150a54 Fixed missing return value checks. 2018-04-04 13:24:32 +02:00
Armin Novak
3f1ef0efc6 Removed unnecessary range check. 2018-04-04 10:45:32 +02:00
Martin Fleisz
edce38613a
Merge pull request #4529 from akallabeth/wlog_cleanup_fix
Fix #4524: Initialize with cleanup handler
2018-04-04 09:32:46 +02:00
Armin Novak
e0d112d548 Removed all calls to WLog_Init and WLog_Uninit
Since the calls are no longer required remove their usage.
2018-04-03 13:06:41 +02:00
Martin Fleisz
5c59b5f2b8 cssp: Fix handling of nonce 2018-03-29 21:42:14 +02:00
Martin Fleisz
eb1f693fc4 cssp: Separate client/server version handling (#4502) 2018-03-23 12:12:08 +01:00
Martin Fleisz
e9ba4b58ec cssp: Fix warnings (#4503) 2018-03-21 12:57:58 +01:00
Martin Fleisz
8df96364f2 cssp: Add support for protocol version 6 2018-03-20 10:37:38 +01:00
Bernhard Miklautz
e7ae3f6bab fix nla: don't use server version
FreeRDP currently only supports CredSSP protocol version 3. However the
current implementation always sent back the version received by the
server indicating that this version was supported.
With recent windows updates applied the protocol changed and this approach
doesn't work anymore (see
https://msdn.microsoft.com/en-us/library/mt752485.aspx for protocol changes).

With this fix FreeRDP always sends version 3 as supported version.

Credit goes to @mfleisz.

Fixes #4449
2018-03-14 14:04:56 +01:00
Armin Novak
2517755d25 Fixed thread function return and parameters. 2018-03-07 14:36:55 +01:00
akallabeth
dd538ccd4b
Merge pull request #4470 from mfleisz/misc_fixes
Various fixes after running VS 2017 code analysis
2018-03-07 14:05:22 +01:00
Martin Fleisz
811406382d core: Fix possible out-of-bounds read 2018-03-06 15:52:34 +01:00
Martin Fleisz
07f05c5cb3 nla: Add NULL pointer check 2018-03-06 15:39:03 +01:00
Armin Novak
a419677e8f Fix invalid handle offset. 2018-03-06 13:58:40 +01:00
Armin Novak
1f7d33a2f2 Fixed read/write of surface bits command.
The optional field exBitmapDataHeader of TS_ BITMAP_DATA_EX was ignored.
Read and expose the data (currently unused)
2018-03-01 11:38:59 +01:00
Jacco Braat
2af67baea3 Modified RDG connection setup using PAA Cookie.
Skip NTLM auth on the IN/OUT channels. Add PAACookie to TUNNEL_CREATE.
2018-02-15 10:56:58 +01:00
Jacco Braat
b592684734 Added to rdp file parsing: gatewayaccesstoken:s:<token>
Added to commandline parsing: /gat:<token>
Added GatewayAccessToken to sings
2018-02-15 10:56:57 +01:00
Armin Novak
92c62b1dbf Fixed #4436: double free of http response.
Fixed #4436: reset of token split.
2018-02-14 14:29:08 +01:00
Armin Novak
990b8c23a9 Fixed PubSub function pointer casts. 2018-02-14 11:00:52 +01:00
David Fort
6e5d86f332 http: fix compilation with valgrind memcheck helpers 2018-02-14 10:16:38 +01:00
Bernhard Miklautz
8566021a1c
Merge pull request #4425 from akallabeth/windows_nego_fix
Fixed windows unicode authentication.
2018-02-13 15:26:44 +01:00
Martin Fleisz
b8599b08f2
Merge pull request #4364 from akallabeth/gateway_refactor
Gateway refactor
2018-02-13 13:48:45 +01:00
Armin Novak
53d2150e00 Fixed windows unicode authentication. 2018-02-13 11:29:56 +01:00
Armin Novak
2cf10cc359 bitmap free now always deallocating all resources. 2018-02-13 10:18:43 +01:00
Armin Novak
8c7fe93cc6 Added client channel queue object free function. 2018-02-09 11:04:31 +01:00
Armin Novak
78de329f1f Fixed IPv4/IPv6 to string 2018-02-08 17:26:31 +01:00
Norbert Federa
46f03d5e78 disabled expensive debug call in channel send 2018-01-31 12:44:45 +01:00
Armin Novak
e1c00b878d Fixes argument size type, function static where appropriate. 2018-01-19 09:15:26 +01:00
Armin Novak
29f2d2d9bb Fixed missing packageName setup in server NLA 2018-01-17 09:09:58 +01:00
Armin Novak
0e1a073384 Simplified package name comparisons. 2018-01-17 08:18:45 +01:00
Armin Novak
dc3d536398 Changed length arguments and return to size_t 2018-01-17 08:14:06 +01:00
Armin Novak
20b4b286f0 Fixed strtoull not supported on windows. 2018-01-16 08:15:34 +01:00
Armin Novak
a49a2299b1 Refactored http parser
* Using single buffer for all data
* Added response size limit of 64MiB
* Fixed various memory leaks
2018-01-15 16:51:33 +01:00
Armin Novak
c3f008c36c Functions static where appropriate. 2018-01-15 13:22:01 +01:00
Armin Novak
59e8b67287 Fixed broken #ifdef 2018-01-15 10:18:03 +01:00
Armin Novak
97cc55deec Fixed bitmap capability debug. 2018-01-12 09:22:08 +01:00
David Fort
e1cc601963
Merge pull request #4323 from akallabeth/scanbuild_fixes
Scanbuild and other warnings fixed
2018-01-08 11:16:21 +01:00
akallabeth
4077d55a6c
Merge pull request #4332 from hardening/xrandr_and_fixes
Xrandr and fixes
2018-01-08 09:20:56 +01:00
David Fort
191b8f950f Fix for #4330
Since ec027bf dynamic resolution is broken when used with egfx. Before that commit
we were tracking a server sent resize by setting a DesktopResize callback. This callback
is called when the desktop is resized by the server. Anyway the problem was that when this
callback is called, the activation sequence is not always completed, which were leading to
some freeze with 2012r2 servers (sending packets before the sequence is finished).
So with the faulty commit, we are tracking server resizes by subscribing to the Actived
event, that is called at the end of a reactivation sequence, so we're sure to not send packets
when not fully activated.
Anyway the issue that shows on (#4330) is that when you use egfx, no reactivation sequence happens,
the server only sends a ResetGraphics message with the new size, and so we miss the resized event.
This fix introduces a new GraphicsReset event, makes the display channel subscribe to that event,
and react accordingly.
2017-12-23 13:50:54 +01:00
Armin Novak
c60c355a9d Added ROP to primary order debug message. 2017-12-22 10:37:04 +01:00
Armin Novak
e4766c656e Fixed missing initialization warnings. 2017-12-21 11:04:32 +01:00
Armin Novak
6a21bdae3d Fixed various scanbuild warnings. 2017-12-21 09:34:35 +01:00
akallabeth
e3e65734e8
Merge pull request #4303 from krisztian-kovacs-balabit/use-redirection-password
Use redirection password
2017-12-20 17:01:58 +01:00
Martin Fleisz
80a49f46dc
Merge pull request #4320 from ondrejholy/coverity-fixes
Coverity Scan fixes
2017-12-20 14:17:20 +01:00
Martin Fleisz
ec027bf46c
Merge pull request #4318 from hardening/display_improvement
Dynamic resolution improvements
2017-12-20 13:43:22 +01:00
Martin Fleisz
bfe8359b5b
Merge pull request #4239 from akallabeth/test_memleak_fixes
Test memleak fixes
2017-12-20 12:38:38 +01:00
David Fort
2a6c9e1b87 Add an activated event and a Timer event
Added an event that is triggered when the activation sequence is finished.
We also define a timer event that is neat to have for regular operation.
2017-12-19 15:21:15 +01:00
Ondrej Holy
4791970c09 core: Remove redundant stream position changes
Stream_Seek() is used, but consequently Stream_SetPosition() is used
for position obtained by Stream_GetPosition() immediatelly before
Stream_Seek(). Let's remove this stream position changes due to its
redundancy.
2017-12-19 13:02:55 +01:00