mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,439 Commits 6 Branches 74 Tags 84 MiB
aa47c8ebe8
Commit Graph

11439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bernhard Miklautz
aa47c8ebe8
Merge pull request #4268 from akallabeth/big_endian_fixes 
Fix ZGfx decoder on big endian
 2017-11-24 15:44:15 +01:00
David Fort
27807bea2b
Merge pull request #4271 from akallabeth/surface_c 
Fixed return value check for callbacks.
 2017-11-24 11:14:17 +01:00
akallabeth
3ba862d549
Merge pull request #4274 from hardening/clipboard_checks 
clipboard: add some checks for the message
 2017-11-24 10:43:53 +01:00
David Fort
a5af2cc865 clipboard: add some checks for the message 2017-11-23 17:37:55 +01:00
David Fort
d982cf0e90
Merge pull request #4255 from akallabeth/rfx_fix 
Fix #4253: Rfx decode tile width.
 2017-11-23 15:35:52 +01:00
Armin Novak
f68bc07a22 Fixed return value check for callbacks. 2017-11-23 15:10:42 +01:00
akallabeth
71e38a4ce7
Merge pull request #4267 from ondrejholy/autofips 
Enable FIPS mode automatically
 2017-11-23 10:49:15 +01:00
Ondrej Holy
74bbbdb5c3 Remove unused variable 
Unused variable was added together with FIPS mode support, let's remove it.
 2017-11-23 10:09:17 +01:00
Ondrej Holy
6973b14eed Enable FIPS mode automatically 
FreeRDP aborts if OpenSSL operates in FIPS mode and +fipsmode is not
manually specified. Let's prevent the abortion and enable the necessary
options in that case automatically.
 2017-11-23 10:09:17 +01:00
Armin Novak
dbdc4f4933 Fixed endianess issues of zgfx decoder. 2017-11-23 09:32:29 +01:00
David Fort
a834ef8243
Merge pull request #4251 from akallabeth/openssl_warn_fixes 
Fix #4247: warnings introduced with #3904
 2017-11-23 09:22:02 +01:00
Martin Fleisz
2f281c06ba
Merge pull request #4244 from akallabeth/drivestoredirect 
Fix parsing of drivestoredirect (#3267)
 2017-11-22 12:23:04 +01:00
Martin Fleisz
a8208530ed
Merge pull request #4258 from akallabeth/kbd_parse_fix 
Fix #4257: Proper error checks for /kbd argument
 2017-11-22 12:06:55 +01:00
Armin Novak
7183189328 Fix #4257: Proper error checks for /kbd argument 2017-11-22 11:03:43 +01:00
Martin Fleisz
e6e5daea08
Merge pull request #4263 from akallabeth/rdp_parser_mem_corruption_fix 
Fixed #4249: Corruption due to recursive parser
 2017-11-22 09:24:16 +01:00
akallabeth
77a921240b Testing argument to end with file extension. 2017-11-21 19:10:28 +01:00
Martin Fleisz
59d1f61e4b
Merge pull request #4264 from cedrozor/upstream-master 
Fixed NLA for Negotiate and NTLM authentication
 2017-11-21 17:25:25 +01:00
cedrozor
49f4b2a42e Fixed NLA for Negotiate and NTLM authentication (regression due to the recent addition of kerberos support) 2017-11-21 16:36:47 +01:00
Armin Novak
65482ee9bf Fixed #4249: Corruption due to recursive parser 2017-11-21 13:47:28 +01:00
Armin Novak
a376656b3c Disabled ceritficate signature check. 2017-11-21 11:37:42 +01:00
Armin Novak
d81e2ec351 Fixed X11 stride on screen update. 2017-11-21 11:09:16 +01:00
Armin Novak
b1d2053ad1 Fix #4101: Rfx decode tile width. 2017-11-21 11:08:16 +01:00
Martin Fleisz
785c42f463
Merge pull request #4252 from akallabeth/mac_kbd_sync 
Mac kbd sync
 2017-11-21 11:02:25 +01:00
Martin Fleisz
ca4d204c78
Merge pull request #4256 from akallabeth/15bpp_fix 
Fix #4111: 15bpp color handling for brush.
 2017-11-21 10:55:18 +01:00
Armin Novak
6504b81b9e Fix parsing of drivestoredirect (#3267) 2017-11-21 10:46:50 +01:00
Bernhard Miklautz
cbb8650b3d
Merge pull request #4254 from akallabeth/doc_update 
Fix #3509: Added Ctrl+Alt+Enter description
 2017-11-20 16:30:54 +01:00
Armin Novak
24233b299c Fix #4111: 15bpp color handling for brush. 2017-11-20 15:00:09 +01:00
Bernhard Miklautz
c3acaad464
Merge pull request #4253 from akallabeth/win_return 
Win return code
 2017-11-20 14:11:15 +01:00
Armin Novak
a3fb3270dc Fix #3509: Added Ctrl+Alt+Enter description 2017-11-20 13:22:53 +01:00
Armin Novak
59df2688f9 Fix #3211: Return freerdp error from main. 2017-11-20 13:17:58 +01:00
Armin Novak
3ce9d6d923 Fixed keyboard state sync. 2017-11-20 11:47:00 +01:00
Armin Novak
feda4e07df Removed linux specific include. 2017-11-20 11:46:09 +01:00
Armin Novak
4fe12b0ea3 Fix #4247: warnings introduced with #3904 2017-11-20 10:18:15 +01:00
David Fort
b5d257864e
Merge pull request #4243 from akallabeth/man_fix 
Better description for drive redirection (Fix #3513)
 2017-11-17 15:23:24 +01:00
Armin Novak
d593b3ef58 Better description for drive redirection (Fix #3513) 2017-11-17 13:44:56 +01:00
akallabeth
b156b937fe
Merge pull request #3904 from bjcollins/master 
FIPS Mode support for xfreerdp
 2017-11-17 13:31:43 +01:00
Martin Fleisz
4ff1251488
Merge pull request #4236 from akallabeth/scan_fix_remastered 
Scanbuild warning fixes
 2017-11-17 13:02:46 +01:00
Armin Novak
1bb4f121b4 Fixed formatting. 2017-11-17 12:45:28 +01:00
Brent Collins
9ca9df1ead Make the new winpr_Digest*MD5_Allow_FIPS functions more generic to no longer be MD5 specific in design. This way the FIPS override 
could easily be extended to more digests in the future. For now, an attempt to use these functions with anything other than MD5 will
not work.
 2017-11-17 12:43:07 +01:00
Brent Collins
e21f9e359b Initialize SSL directly in the sample server, instead of relying on the SSL initialize logic 
in the tls code as it was removed in a previous patch due to its redundancy.
 2017-11-17 12:43:07 +01:00
Brent Collins
922a0fa495 Fix checks for openssl version numbers around fips changes, they were using an incorrect version matching 1.1.0 and not 1.0.1 
Simplify the logic to enable openssl fips mode
 2017-11-17 12:43:07 +01:00
Brent Collins
e47123f05a Do not initialize SSL in freerdp_context_new, it is too early to detect the fips enabled flag 
and is redundant since it is initialized later before actually using SSL.
 2017-11-17 12:43:07 +01:00
Brent Collins
a0526317ea Fix the return values of the winpr_Digest_Init functions which were accidentally removed 
during rework in previous checkin.
 2017-11-17 12:43:07 +01:00
Brent Collins
1129634617 Move the disabling nla and setting the fips encryption mode based on fips 
mode to happen after argument parsing to ensure it always enforced.
 2017-11-17 12:43:07 +01:00
Brent Collins
68ab485e63 Fix logic error in reworked MD5 call for establishing keys, and fix some minor whitespace issues. 2017-11-17 12:43:07 +01:00
Brent Collins
7aa9e7a97f Fix variable definition placement to adhere to older C standard. 2017-11-17 12:43:06 +01:00
Brent Collins
5284100bb0 FIPS_mode() and FIPS_mode_set() does not exist in OpenSSL versions before 1.0.1 2017-11-17 12:43:06 +01:00
Brent Collins
2dddae738f Change initialization of EVP_CIPHER_CTX to use API function instead of trying to calloc(). 
Fix some warnings noted from build output.
 2017-11-17 12:43:06 +01:00
Brent Collins
497ba442be Workaround for missing EVP_CIPH_FLAG_FIPS_NON_ALLOW flag in openssl 1.0.0. 2017-11-17 12:43:06 +01:00
Brent Collins
d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode. 
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
 2017-11-17 12:43:06 +01:00