mirrors
/
FreeRDP
mirror of https://github.com/FreeRDP/FreeRDP
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,351 Commits 6 Branches 74 Tags 83 MiB
Commit Graph

243 Commits

Author SHA1 Message Date
Armin Novak 75ae38dff2 Silenced VerifyX509Certificate logging. 
Now only writing log entries if something was an actual
error, otherwise stay silent.
 2015-10-16 11:04:42 +02:00
Marc-André Moreau 87780a850d Merge branch 'master' of github.com:FreeRDP/FreeRDP into mbedtls 2015-10-09 15:58:50 -04:00
Marc-André Moreau 9c35b73fb6 libfreerdp-core: fix gateway connectivity on Windows 2015-09-17 14:32:40 -04:00
Marc-André Moreau 8e3baed882 cmake: add mbed TLS detection 2015-09-15 20:52:46 -04:00
Marc-André Moreau c0a887da17 libfreerdp-crypto: add locking of operations dealing with SSL* 2015-09-15 19:59:41 -04:00
Marc-André Moreau 3f2915eb78 libfreerdp-core: alternative RDG BIO fix 2015-09-15 13:03:11 -04:00
Marc-André Moreau 12ce635b34 libfreerdp-core: fix code style 2015-09-15 10:37:57 -04:00
Denis Vincent 6d55635ed0 libfreerdp-core: Gateway RDP8 BIO correction. Fixes connection losses. 2015-09-15 09:03:39 -04:00
Armin Novak dfa7ac6434 Ensure output of crypto_base64_decode is NULL terminated. 2015-08-27 09:34:33 +02:00
Armin Novak fc929fbc7f Using lowercase hostname for comparison now. 
fixed argument mixup.
 2015-07-13 15:52:06 +02:00
Armin Novak ca7c34ff35 Fixed comparison bug, cleanup and error handling. 2015-07-13 14:16:04 +02:00
Bernhard Miklautz 798df32fd9 Integrate pull request feedback 
* unify fwrite usage - set nmemb to 1 and the size to the size to write.
 2015-07-01 12:22:32 +02:00
Bernhard Miklautz 1cee185e3c hardening: check fread and fwrite return values 2015-06-26 20:38:30 +02:00
Norbert Federa 20878e50fe Merge pull request #2724 from bmiklautz/leak_fix 
Fix leaks in certificate and identity handling
 2015-06-26 15:30:00 +02:00
Armin Novak 6698e24228 Fixed leaks, NULL dereferences and broken init. 2015-06-23 21:29:21 +02:00
Bernhard Miklautz 2e87d0ee52 Fix leaks in certificate and identity handling 2015-06-23 15:40:37 +02:00
David FORT 7c3f8f33ab Fixes for malloc / calloc + other fixes 
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
 2015-06-22 19:21:47 +02:00
Vic Lee 2e11eac79a Merge pull request #2675 from akallabeth/path_make_path 
Added PathMakePath function.
 2015-06-18 02:43:47 +00:00
Armin Novak b43c9f9060 Renamed file to known_hosts2. 2015-06-12 09:30:01 +02:00
Armin Novak 9dd9c35cee Updated tests. 2015-06-11 11:34:36 +02:00
Armin Novak 3dda4eb0cf Added NULL pointer checks, fixed warnings. 2015-06-11 11:34:22 +02:00
Armin Novak 7fc1c65165 Added subject and issuer to saved data. 
When a certificate has changed, display not only the
fingerprint but also subject and issuer of old certificate.
 2015-06-11 11:21:23 +02:00
Armin Novak 7786cf1376 Fixed fingerprint comparison, return value was inverted. 2015-06-11 09:59:04 +02:00
Armin Novak 90d836193c Fixed formatting. 2015-06-11 09:58:58 +02:00
Armin Novak 3d27055539 Added test for fingerprint read. 2015-06-11 09:24:55 +02:00
Armin Novak b983d8e595 Fixed data replace. 2015-06-11 09:24:53 +02:00
Armin Novak acc96388a5 Added certificate_get_fingerprint function to read out old one. 2015-06-11 09:14:15 +02:00
Armin Novak 2204df97f8 Added port to certificate warnings. 2015-06-10 10:59:40 +02:00
Armin Novak ef0b9abf15 Using binary mode for fopen. 2015-06-10 10:47:59 +02:00
Armin Novak ebad760aff Opening correct file. 2015-06-10 10:40:01 +02:00
Armin Novak f4843e8ab3 Opening file on use now. 2015-06-10 10:34:02 +02:00
Armin Novak 05755b73ad Working unit test for known_hosts functions. 2015-06-10 09:15:38 +02:00
Armin Novak 98fc5b6e93 Fixed bugs found due to test. 2015-06-10 09:15:28 +02:00
Armin Novak 991fc39a62 Added unit test. 2015-06-09 18:03:32 +02:00
Armin Novak 6192230737 Added legacy known_hosts support. 
If no entry for the <host> <port> combination
was found in the v2 file and there is a legacy file
check if a matching <host> entry can be found.
In case there is a matching entry and the <fingerprint>
also matches, create a new entry in the v2 file using the
current port.
 2015-06-09 16:12:41 +02:00
Armin Novak 6da4a5aaf0 Using '<host> <port> <fp>' format for known hosts. 2015-06-09 15:33:13 +02:00
Armin Novak 7403cdc60c Added PathMakePath function. 2015-06-09 13:16:28 +02:00
Norbert Federa 1eff1a345e free can handle NULL perfectly fine 2015-05-11 09:07:39 +02:00
Norbert Federa f9f59cd29b Fix unchecked CreateDirectory calls 2015-05-07 13:28:13 +02:00
David FORT c03bf75896 Take in account @nfedera's comments 2015-04-07 21:06:53 +02:00
David FORT 8685a8e0a2 Fixed missing return value 2015-04-01 14:24:37 +02:00
David FORT 9bb4d64608 Correctly handle HMAC_Init_ex() for older versions of OpenSSL 2015-04-01 14:12:08 +02:00
David FORT 0eb399a717 Treat return values for security.c 
This patch make functions in security.c return values when they should instead of
beeing void. And it also fix the callers of these functions.
 2015-04-01 11:11:37 +02:00
Marc-André Moreau ad6723835b Merge pull request #2505 from bmiklautz/tls_shutdown 
rename and update tls_disconnect
 2015-03-31 09:26:30 -04:00
Norbert Federa 1ba681fecc crypto: support MSFT iOS clients with faulty SNI 
Microsoft iOS Remote Desktop Clients eventually send NULL-terminated
hostnames in SNI which is not allowed in the OpenSSL implementation.

Since we're not using SNI this commit adds an OpenSSL TLS extension
debug callback which modifies the SSL context in a way preventing it
from parsing this extension
 2015-03-30 13:48:51 +02:00
Bernhard Miklautz 90968e07e1 rename and update tls_disconnect 
tls_disconnect shut down the ssl stream but didn't inform
the BIO(s) about this therefore could happen that a second shut down
was initiated (e.g. in bio_rdp_tls_free) causing rather long delays.

After removing the shut down from tls_disconnect the only thing the
function does is to prepare/send an alert therefore it was renamed to
tls_send_alert.
 2015-03-30 11:56:09 +02:00
Vic Lee 5f375d0a6f tls: revert checking SSL_ERROR_SYSCALL which may cause deadlock. 2015-03-25 16:07:39 +08:00
Martin Fleisz 5fa777b11c Merge pull request #2482 from llyzs/llyzs 
tls: fix error handling of no error code.
 2015-03-23 16:06:12 +01:00
Vic Lee 2137ccc3db tls: retry for all SSL_ERROR_SYSCALL errors. 2015-03-20 10:03:30 +08:00
Marc-André Moreau dc913d9f2c libfreerdp-core: fix some RDG valgrind issues 2015-03-17 16:09:17 -04:00