mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9,605 Commits 6 Branches 74 Tags 84 MiB
a79072a87c
Commit Graph

255 Commits

Author SHA1 Message Date
Hardening
2a3e9996b3 Merge pull request #2710 from akallabeth/cert_temp_accept_v2 
Extended certificate callbacks.
 2016-02-15 13:52:47 +01:00
Armin Novak
f4568295e9 Fixed API for old openssl versions < 1.0.0 2016-02-05 11:52:07 +01:00
Armin Novak
0e2208e942 Fixed warning. 2016-02-05 02:04:57 +01:00
Armin Novak
cbf2892ccc Implemented temporary certificate accept. 
Certificates can now be accepted temporarily.
The callbacks for certificate validation have been
modified to extend the information presented to the user.
 2016-02-05 02:04:57 +01:00
Armin Novak
16699000c4 Fixed allocation issue with common_name. 2016-02-05 02:04:00 +01:00
Armin Novak
3b0f5b5b48 Removed obsolete APPLE preprocessor switch. 2016-02-04 12:55:11 +01:00
Christian Plattner
c0226d686c Enable support for SNI on client side 2016-02-04 08:34:51 +01:00
davewheel
d5b8585a39 Allow to specify the raw content of crypto materials 
Sometime it's possible that your server application doesn't have access to files
(when running in a very restricted environment for example). This patch allows
to ship the private key and certificate as a string.

Sponsored by: Wheel Systems (http://www.wheelsystems.com)
 2016-01-21 11:27:06 +01:00
Bernhard Miklautz
aa80f63b4a tls: enable tls 1+ 
Currently TLS version 1.0 is used implicitly by using the TLSv1_method.
To be able to also use TLS 1.1 and later use SSLv23_client_method
instead. To make sure SSLv2 or SSLv3 isn't used disable them.
 2016-01-12 17:43:14 +01:00
Bernhard Miklautz
d03b38765a Merge pull request #2816 from akallabeth/known_hosts_locking 
Known hosts locking
 2015-12-16 19:03:15 +01:00
Armin Novak
65062633c2 Fixed memory leak. 2015-12-10 13:57:05 +01:00
Armin Novak
df528cefc5 Using locking winpr file functions for known hosts. 2015-12-09 18:29:41 +01:00
Armin Novak
75ae38dff2 Silenced VerifyX509Certificate logging. 
Now only writing log entries if something was an actual
error, otherwise stay silent.
 2015-10-16 11:04:42 +02:00
Marc-André Moreau
87780a850d Merge branch 'master' of github.com:FreeRDP/FreeRDP into mbedtls 2015-10-09 15:58:50 -04:00
Marc-André Moreau
9c35b73fb6 libfreerdp-core: fix gateway connectivity on Windows 2015-09-17 14:32:40 -04:00
Marc-André Moreau
8e3baed882 cmake: add mbed TLS detection 2015-09-15 20:52:46 -04:00
Marc-André Moreau
c0a887da17 libfreerdp-crypto: add locking of operations dealing with SSL* 2015-09-15 19:59:41 -04:00
Marc-André Moreau
3f2915eb78 libfreerdp-core: alternative RDG BIO fix 2015-09-15 13:03:11 -04:00
Marc-André Moreau
12ce635b34 libfreerdp-core: fix code style 2015-09-15 10:37:57 -04:00
Denis Vincent
6d55635ed0 libfreerdp-core: Gateway RDP8 BIO correction. Fixes connection losses. 2015-09-15 09:03:39 -04:00
Armin Novak
dfa7ac6434 Ensure output of crypto_base64_decode is NULL terminated. 2015-08-27 09:34:33 +02:00
Armin Novak
fc929fbc7f Using lowercase hostname for comparison now. 
fixed argument mixup.
 2015-07-13 15:52:06 +02:00
Armin Novak
ca7c34ff35 Fixed comparison bug, cleanup and error handling. 2015-07-13 14:16:04 +02:00
Bernhard Miklautz
798df32fd9 Integrate pull request feedback 
* unify fwrite usage - set nmemb to 1 and the size to the size to write.
 2015-07-01 12:22:32 +02:00
Bernhard Miklautz
1cee185e3c hardening: check fread and fwrite return values 2015-06-26 20:38:30 +02:00
Norbert Federa
20878e50fe Merge pull request #2724 from bmiklautz/leak_fix 
Fix leaks in certificate and identity handling
 2015-06-26 15:30:00 +02:00
Armin Novak
6698e24228 Fixed leaks, NULL dereferences and broken init. 2015-06-23 21:29:21 +02:00
Bernhard Miklautz
2e87d0ee52 Fix leaks in certificate and identity handling 2015-06-23 15:40:37 +02:00
David FORT
7c3f8f33ab Fixes for malloc / calloc + other fixes 
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
 2015-06-22 19:21:47 +02:00
Vic Lee
2e11eac79a Merge pull request #2675 from akallabeth/path_make_path 
Added PathMakePath function.
 2015-06-18 02:43:47 +00:00
Armin Novak
b43c9f9060 Renamed file to known_hosts2. 2015-06-12 09:30:01 +02:00
Armin Novak
9dd9c35cee Updated tests. 2015-06-11 11:34:36 +02:00
Armin Novak
3dda4eb0cf Added NULL pointer checks, fixed warnings. 2015-06-11 11:34:22 +02:00
Armin Novak
7fc1c65165 Added subject and issuer to saved data. 
When a certificate has changed, display not only the
fingerprint but also subject and issuer of old certificate.
 2015-06-11 11:21:23 +02:00
Armin Novak
7786cf1376 Fixed fingerprint comparison, return value was inverted. 2015-06-11 09:59:04 +02:00
Armin Novak
90d836193c Fixed formatting. 2015-06-11 09:58:58 +02:00
Armin Novak
3d27055539 Added test for fingerprint read. 2015-06-11 09:24:55 +02:00
Armin Novak
b983d8e595 Fixed data replace. 2015-06-11 09:24:53 +02:00
Armin Novak
acc96388a5 Added certificate_get_fingerprint function to read out old one. 2015-06-11 09:14:15 +02:00
Armin Novak
2204df97f8 Added port to certificate warnings. 2015-06-10 10:59:40 +02:00
Armin Novak
ef0b9abf15 Using binary mode for fopen. 2015-06-10 10:47:59 +02:00
Armin Novak
ebad760aff Opening correct file. 2015-06-10 10:40:01 +02:00
Armin Novak
f4843e8ab3 Opening file on use now. 2015-06-10 10:34:02 +02:00
Armin Novak
05755b73ad Working unit test for known_hosts functions. 2015-06-10 09:15:38 +02:00
Armin Novak
98fc5b6e93 Fixed bugs found due to test. 2015-06-10 09:15:28 +02:00
Armin Novak
991fc39a62 Added unit test. 2015-06-09 18:03:32 +02:00
Armin Novak
6192230737 Added legacy known_hosts support. 
If no entry for the <host> <port> combination
was found in the v2 file and there is a legacy file
check if a matching <host> entry can be found.
In case there is a matching entry and the <fingerprint>
also matches, create a new entry in the v2 file using the
current port.
 2015-06-09 16:12:41 +02:00
Armin Novak
6da4a5aaf0 Using '<host> <port> <fp>' format for known hosts. 2015-06-09 15:33:13 +02:00
Armin Novak
7403cdc60c Added PathMakePath function. 2015-06-09 13:16:28 +02:00
Norbert Federa
1eff1a345e free can handle NULL perfectly fine 2015-05-11 09:07:39 +02:00