It might happen that the username/domain/password strings are set to an
empty string. This means that the null pointer check will pass but the
application will assert in the copy helper function.
This fix simple checks the length of the identity strings and only calls
copy in case the length is greater than 0.
In native windows SSPI, AcceptSecurityContext and InitializeSecurityContext return
SEC_E_INVALID_HANDLE if the provided context is an empty context. Add the checks so
that our SSPI implementation behave the same way.
* Ensure negoToken is cleaned up in nla_free
* Renamed function credssp_auth_take_input_buffer now invalidates
input buffer an takes ownership of that buffer
* Kerberos: correctly set principal when no service part is provided
* Kerberos: don't expect a krb_ap_rep when mutual auth was not requested
* Kerberos: include gss header in max signature length
* Negotiate: tolerate optimistic token being the final one
* Kerberos: support channel bindings
* Negotiate: pass channel bindings to sub-mechanism
* NTLM: tolerate receiving an input buffer desc on first call
When no CSP is provided, we were listing smartcard materials by querying the
MS_SCARD_PROV_A CSP, unfortunately on some windows hosts, the smartcards aren't
listed in that CSP. So this patch does the key listing by browsing all CSPs
instead of just a default one. You can still force a CSP and you'll get keys only
from this one.
This patch also address cases where the certificate on the smartcard doesn't
have a UPN attribute, if that happen we try to get a UPN from the email address.
* Fix length checks in parallel driver
The length requested was not checked against the length read from
the port.
* Fixed missing length check in video channel
Data received in video redirection channel was not checked for
proper length.
* Fixed video presentation reference counter
Video channel presentation reference counter was not updated with
Video_Frame_new. A failing H264 decoding step could trigger a reference
decrement and the presentation was freed by accident.
Also clean up the increment and decrement of presentation
* Fixed tsmf ffmpeg context extra data size checks
tsmf_ffmpeg_init_stream did not abort if the video format ExtraDataSize
was not sufficiently large to satisfy expectations.
* Fixed missing input data length check
tsmf_ifman_exchange_capability_request did not check if the input
data stream actually contained the amount of bytes requested to
copy.
* Fixed TSMF tsmf_ffmpeg_set_format length checks
ExtraDataSize of format was not checked for expected minimum length
* Fixed TSMF tsmf_read_format_type length checks
ExtraDataSize of format was not checked for expected minimum
length
* Fixed TSMF tsmf_gstreamer_set_format length checks
ExtraDataSize of format was not checked for expected minimum
length
The cmd parameter (type int) has been logged using the %s format
specifier causing an access violation.
Fixed by using get_packet_type to convert cmd to a string.
* Fixed format strings to match arguments
Reviewed and replaced all %d specifiers to match proper type
* Added proxy dynamic channel command type to log messages.
During tests I sometimes received DATA_FIRST_PDUs that were not part of
a fragmented message but contained a complete PDU.
The documentation is not quite clear about if this is a possible
scenario or a protocol violation. However in the description of the Data
field it says:
If the sum of the DVC header size and the value specified by the Length
field is less than 1600 bytes, then the actual data length equals the
value specified by the Length field.
This hints that DATA_FIRST_PDU might also contain complete Data and does
not necessarily mean to be the first part of a fragmented PDU.
* added wf_defaults.c (also in CMakeLists.txt) which provides the capability to read credential manager entries and set username and password in the rdpSettings accordingly
* the same will be done if a gateway host is specified without credentials
* the behavior will be similar to mstsc.exe on windows
* Fix build with mingw
4a71cab2e7 broke wf_events.c.
The drive channel was not building because of missing definitions.
* winpr: make functions return False when not implemented
