mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
17,755 Commits 6 Branches 74 Tags 84 MiB
a785fd9c4a
Commit Graph

508 Commits

Author SHA1 Message Date
David Fort
8a39859612 [arm] various improvements 
This patch moves the ARM configuration before starting the connection process, so
that we can do some provisioning of the FreeRDP settings with the items retrieved
from Azure.
Most notably that allows us to connect directly using RDSTLS security.
 2023-09-04 10:24:56 +02:00
David Fort
361da15eed [crypto] extend base64 to output crLf when encoding 
Some windows APIs do put \r\n every 64 characters of the output of a
base64 encoded blob. The extended version of crypto_base64_encode allows
to do the same.
 2023-09-04 10:24:56 +02:00
Rubycat
68b1614b66 Do not fail on certificates without subject 
It is possible to implement an rdp client that accepts certificates by
fingerprint by using VerifyCertificateEx. In case the server uses a
certificate without subject (which, apparently, is not mandated by X509)
freerdp_certificate_data_load_cache fails and the certificate is refused
even before calling VerifyCertificateEx. This commit changes
freerdp_certificate_data_load_cache to consider that missing subject is
the same as an empty string.

Also downgrade the log message complaining about missing subject and
issuer to a warning.
 2023-08-21 16:03:36 +02:00
Marc-André Moreau
8c670b177b fix freerdp_key_generate for some versions of OpenSSL (null key->evp) 2023-08-15 15:00:49 +02:00
Armin Novak
0afa2e88b5 [crypto,cert] imrove logged warnings for certificates 2023-07-31 08:32:43 +02:00
Armin Novak
0bdb62e9b5 [libfreerdp] fix integere narrow warnings 2023-07-28 15:48:32 +02:00
Armin Novak
64f4fe397c [crypto,tls] fixed sign warnings 2023-07-27 21:05:43 +02:00
Armin Novak
e61880d077 [standard] replace __FUNCTION__ with __func__ 2023-07-27 20:02:43 +02:00
akallabeth
e03b6596c6 [build] fix unused but set variable warnings 2023-06-29 18:34:51 +02:00
Marc-André Moreau
4d4dcd4511 Fix usage of explicit server name when different from connection host 2023-06-13 09:20:17 -04:00
akallabeth
a64dd36073 [build] fixed const warnings 2023-06-12 16:32:23 +02:00
Armin Novak
b05eacb99e [build] fixed compilation warnings 2023-06-08 08:13:16 +02:00
Armin Novak
970f0c54e8 [stream] use const correct Stream_Pointer access 2023-06-08 08:09:33 +02:00
Armin Novak
a4c6b36a19 [build] fix memory sanitizer stack frame warnings 2023-06-07 09:14:45 +02:00
akallabeth
b8f7b59fff [warnings] fix casts and return 2023-05-24 08:24:32 +02:00
akallabeth
df76b59da7 [warnings] fix -Wshadow 2023-05-24 08:24:32 +02:00
akallabeth
066276a85a [warnings] fix -Wsometimes-uninitialized 2023-05-24 08:24:32 +02:00
akallabeth
3f6ed5ed84 [crypto,cert] fix debug print messages 2023-05-23 08:51:18 +02:00
Armin Novak
d684acb0a3 [crypto,cert] fix update_x509_from_info for OpenSSL3 
loading a RSA public key from the parameters was broken, fix with this
commit.
 2023-05-17 14:06:58 +02:00
akallabeth
cba9db727d [crypto,cert] fix missing char casts 2023-05-16 09:33:35 +02:00
akallabeth
07d1190200 [crypto,privatekey] fix const warnings 2023-05-16 09:33:35 +02:00
akallabeth
b698655176 [crypto,key] add functions for aad 
* create digest sign context
* get parameters of private key
 2023-05-10 09:59:10 +02:00
Armin Novak
7212621eae [proxy,config] PEM length must contain '\0' 2023-05-08 22:54:53 +02:00
Armin Novak
8b6d05f90f [crypto] fix key decrypt inconsistencies 2023-04-28 08:33:06 +02:00
akallabeth
6c38e20e4e [crypto,cert] add openssl3 support 2023-04-28 08:33:06 +02:00
akallabeth
9ebbeeb2f6 [crypto,pkey] add openssl3 support 2023-04-28 08:33:06 +02:00
akallabeth
516668d02b [fclose] ensure no invalid pointers are passed. 
fclose has undefined behaviour for NULL pointers, so check for these.
 2023-04-28 07:39:35 +02:00
Armin Novak
afc29ce777 [crypto,cert] fix cert_write_server_certificate_v2 2023-04-24 10:58:01 +02:00
Armin Novak
91b0f6d444 [crypto,cert] remove too strict assert 2023-04-24 10:58:01 +02:00
Armin Novak
50ce5b834d [core,server] warn if cert not RDP security compatible 2023-03-28 17:19:03 +02:00
fifthdegree
304ce6d702 Test base64url en/decoding 
Add tests for base64url and fix a bug discovered while doing that
 2023-03-10 16:38:07 +01:00
fifthdegree
8d6c92c037 Implement base64url encoding/decoding 
Tweak the base64 functions to allow for encoding and decoding base64url
as well
 2023-03-10 16:38:07 +01:00
Armin Novak
3a6566d35e [crypto,key] fix missing rdpCertInfo clone 2023-03-06 11:31:19 +01:00
Armin Novak
77943d4329 [warnings] Fixed missing-prototypes warnings 2023-03-06 10:04:59 +01:00
Armin Novak
3d8cb485f4 [warnings] Fixed strict-prototypes warnings 2023-03-06 10:04:59 +01:00
Armin Novak
e496771034 [warnings] fixed unused-variable warnings 2023-03-06 10:04:59 +01:00
Armin Novak
ae8f0106bd [core,redirect] extract and check redirection cert 
* extract the certificate from the redirection PDU
* if there is a certificate provided accept it if it matches the
  redirection target certificate without further user checks
 2023-02-28 15:49:58 +01:00
David Fort
b8814e723a fix some warning with the use of new crypto functions 2023-02-28 07:59:40 +01:00
akallabeth
392340d5fd Fix #8702: Disable sha3 and shake hashes for libressl 2023-02-22 11:47:37 +01:00
akallabeth
66245e7a00 [crypto,cert] remove rsa check 
the rsa keys to be checked are on the deprecation list for most SSL
libraries so the function might fail unexpectedly
 2023-02-16 10:06:17 +01:00
akallabeth
8b95030f5e [cryto,cert] clean up code 2023-02-16 10:06:17 +01:00
akallabeth
a2b23a83ab [crypto,cert] only extract server certificate 2023-02-16 10:06:17 +01:00
akallabeth
895ae8b137 [core] use rdpPrivateKey and rdpCertificate 2023-02-16 10:06:17 +01:00
Martin Fleisz
5f9db5a89c core: Fix pointer corruption with d2i_X509 
The `d2i_X509` function manipulates the passed pointer on success. This
resulted in a corrupted `rdpCertBlob` struct, crashing later on free.
 2023-02-14 09:44:10 +01:00
Armin Novak
a7dac52a42 [license] updated copyright headers 2023-02-12 20:17:11 +01:00
Armin Novak
b77be1ad61 [emu,scard] use RSA struct instead of rdpCertInfo 
rdpCertInfo has the RSA key in RDP specific format. Prefer direct
extraction from certificate or key
 2023-02-12 20:17:11 +01:00
Armin Novak
91370e4437 [crypto,cert] use malloc for der certificate 2023-02-12 20:17:11 +01:00
akallabeth
c306ad4c51 [crypto,cert] add RSA key check 2023-02-12 20:17:11 +01:00
akallabeth
081e187db8 [crypto] add function to determine if RSA is in use 2023-02-12 20:17:11 +01:00
akallabeth
00baf58a71 [crypto,x509] simplify retrieval of default signature digest 2023-02-12 20:17:11 +01:00