Commit Graph

51 Commits

Author SHA1 Message Date
Armin Novak
12a9b9a0b4 Fix #3890: Point to OpenSSL doc for private CA 2017-11-21 11:47:33 +01:00
Valery Kartel
9bf9ff9e8a Fix build with LibreSSL 2017-07-26 17:12:14 +03:00
Armin Novak
0490aeb018 Fixed clang malloc integer overflow warnings. 2017-07-20 09:29:48 +02:00
Armin Novak
4be62f7047 Fixed OpenSSL 1.1 no legacy compile issues. 2017-04-06 11:25:25 +02:00
Norbert Federa
f71b6b46e8 fix string format specifiers
- fixed invalid, missing or additional arguments
- removed all type casts from arguments
- added missing (void*) typecasts for %p arguments
- use inttypes defines where appropriate
2016-12-16 13:48:43 +01:00
Norbert Federa
7befab856c Support for OpenSSL 1.1.0 2016-11-24 17:50:09 +01:00
Bernhard Miklautz
014f31db35 Merge pull request #3171 from akallabeth/crypto_simplification
Crypto simplification
2016-02-29 17:10:53 +01:00
Armin Novak
238ff3b315 Unified encryption functions. 2016-02-27 23:28:49 +01:00
Armin Novak
5805ba8e52 Removed crypto_nonce. 2016-02-27 22:40:43 +01:00
Armin Novak
1036f1e296 Fixed default visibility.
When nothing is declared, only export symbols defined
with WINPR_API or FREERDP_API defined.
Override this setting if BUILD_TESTING to allow tests
access to internal functions usually not exposed.
2016-02-26 19:44:14 +01:00
Armin Novak
f997421098 Unified hmac functions. 2016-02-24 21:50:08 +01:00
Armin Novak
4ca6b9bf10 Unified random functions and remaining MD5. 2016-02-24 20:41:01 +01:00
Armin Novak
ada2b16c50 Unified RC4 functions. 2016-02-24 17:04:03 +01:00
Armin Novak
06da644007 Unified md5 functions. 2016-02-24 16:46:25 +01:00
Armin Novak
0e4ea3943a Unified sha1 functions. 2016-02-24 16:36:15 +01:00
Armin Novak
0e2208e942 Fixed warning. 2016-02-05 02:04:57 +01:00
Armin Novak
16699000c4 Fixed allocation issue with common_name. 2016-02-05 02:04:00 +01:00
Armin Novak
6698e24228 Fixed leaks, NULL dereferences and broken init. 2015-06-23 21:29:21 +02:00
David FORT
7c3f8f33ab Fixes for malloc / calloc + other fixes
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
2015-06-22 19:21:47 +02:00
Armin Novak
7fc1c65165 Added subject and issuer to saved data.
When a certificate has changed, display not only the
fingerprint but also subject and issuer of old certificate.
2015-06-11 11:21:23 +02:00
Armin Novak
6da4a5aaf0 Using '<host> <port> <fp>' format for known hosts. 2015-06-09 15:33:13 +02:00
Norbert Federa
1eff1a345e free can handle NULL perfectly fine 2015-05-11 09:07:39 +02:00
David FORT
c03bf75896 Take in account @nfedera's comments 2015-04-07 21:06:53 +02:00
David FORT
8685a8e0a2 Fixed missing return value 2015-04-01 14:24:37 +02:00
David FORT
9bb4d64608 Correctly handle HMAC_Init_ex() for older versions of OpenSSL 2015-04-01 14:12:08 +02:00
David FORT
0eb399a717 Treat return values for security.c
This patch make functions in security.c return values when they should instead of
beeing void. And it also fix the callers of these functions.
2015-04-01 11:11:37 +02:00
Jason Plum
6ce5991e74 libfreerdp: crypto: add certificate chain validation! 2015-03-13 13:50:54 -04:00
Bernhard Miklautz
6072165fd7 crypto: use PEM as certificate store file format
Currently the certificate format expected in FreeRDPs certificate store
is DER (ASN1). On most linux/unix systems the system certificate store
default format is PEM. Which is also the more common format used by CAs
to distribute their certificates.

Changing the default format to PEM allows the usage of system
certificates or published CA certificates without the need to convert them.

This fixes a part of issue #2446.
2015-03-11 12:06:52 +01:00
Armin Novak
2f519d7f16 Replaced logging in libfreerdp with wlog defines. 2014-09-15 08:48:46 +02:00
Bernhard Miklautz
e5e1a75c35 crypto: fix fingerprint
Latest logging changes introduced a problem with fingerprint generation.
The last byte wasn't added.
2014-08-12 15:40:53 +02:00
Armin Novak
f4c133eaf8 Replaced custom logging mechanism with WLog wrapper. 2014-08-07 16:51:24 +02:00
Hardening
ac7507ab8d Adds some check to treat OOM problems + RDP security fix
Malloc can fail so it will, this patch adds some check in some places
where malloc/strdup results were not checked.

This patch also contains a server side fix for RDP security (credit to nfedera).
The signature len was badly set in the GCC packet. And some other RDP security
oriented fixes are also there.
2014-03-25 23:13:08 +01:00
Daryl Poe
076b8a84c2 commandline session reconnect 2013-10-22 09:14:29 -06:00
Armin Novak
ddab90ece4 Fixed alt_names free, now using cleanup function to wrap details. 2013-09-05 12:14:35 +02:00
Armin Novak
e5c138a5b9 Fixed various memory leaks, allocation size issues and API misuse
warnings shown by clang as well as some compiler warnings.
2013-09-05 12:14:34 +02:00
Daryl Poe
f71f179c28 fix per-device CAL licensing
(cherry picked from commit d6d0d81d08)
2013-08-26 09:37:48 +02:00
Hardening
f37cd53769 Fixed a memory leak with alternative names 2013-06-01 22:37:49 +02:00
Hardening
7701c9d934 Replace printf(...) by fprintf(stderr, ...) 2013-03-28 23:06:34 +01:00
Marc-André Moreau
593a9030d3 libfreerdp-core: cleanup licensing RSA public key code 2013-02-05 10:02:06 -05:00
Marc-André Moreau
44bb1059ea libfreerdp-crypto: replace Base64 implementation 2013-01-31 18:07:04 -05:00
Marc-André Moreau
51293f48e9 libfreerdp-crypto: fix build on windows 2013-01-31 16:36:56 -05:00
Marc-André Moreau
9c85f97137 libfreerdp-crypto: fix base64 encoding, fix TS Gateway HTTPS authentication 2013-01-31 16:11:37 -05:00
Marc-André Moreau
b2c3ca8cc4 libfreerdp-utils: replace all calls to deprecated function xzalloc 2012-11-21 19:22:41 -05:00
Marc-André Moreau
9d064171a7 freerdp: get rid of old types 2012-10-09 03:26:39 -04:00
Marc-André Moreau
1bf8a45519 freerdp: change uint8, sint8, uint16, sint16 to BYTE, INT8, UINT16, INT16 2012-10-09 03:01:37 -04:00
Marc-André Moreau
1ed644786c freerdp: change boolean type to BOOL type 2012-10-09 02:38:39 -04:00
Marc-André Moreau
5612bc43f8 freerdp: change true/false to TRUE/FALSE 2012-10-09 02:31:28 -04:00
Marc-André Moreau
9909a12af5 libfreerdp-utils: get rid of xmalloc, xrealloc and xfree 2012-10-08 23:21:26 -04:00
Marc-André Moreau
6dcc8e73ee libfreerdp-utils: get rid of rdpBlob 2012-09-24 04:40:32 -04:00
Marc-André Moreau
d5d1eb7762 libfreerdp: add proper config.h inclusions 2012-08-14 17:09:01 -04:00