select() has the major drawback that it cannot handle file descriptor
that are bigger than 1024. This patch makes use of poll() instead of
select() when poll() support is available.
This big patch allows to have non-blocking writes. To achieve
this, it slightly changes the way transport is handled. The misc transport
layers are handled with OpenSSL BIOs. In the chain we insert a
bufferedBIO that will bufferize write calls that couldn't be honored.
For an access with Tls security the BIO chain would look like this:
FreeRdp Code ===> SSL bio ===> buffered BIO ===> socket BIO
The buffered BIO will store bytes that couldn't be send because of
blocking write calls.
This patch also rework TSG so that it would look like this in the
case of SSL security with TSG:
(TSG in)
> SSL BIO => buffered BIO ==> socket BIO
/
FreeRdp => SSL BIO => TSG BIO
\
> SSL BIO => buffered BIO ==> socket BIO
(TSG out)
So from the FreeRDP point of view sending something is only BIO_writing
on the frontBio (last BIO on the left).
This patch adds an option to compile freerdp in a valgrind compliant way.
The purpose is to ease memchecking when connecting with TLS. We mark bytes
retrieved from SSL_read() as plainly defined to prevent the undefined contamination.
With the patch and the option activated you get a single warning at connection
during the handshake, and nothing after.
This patch changes the prototype for decode_base64 so that the encode / decode
method are consistant (encode(BYTE *) => char* and decode(char*) => BYTE*).
It also does some improvements with unrolling loops so that end conditions are
tested only at the end.
The patch also adds some unitary tests.
Before the patch base64_decode() made valgrind complain about uninitialized
bits, after valgrind is happy and very quiet.
Malloc can fail so it will, this patch adds some check in some places
where malloc/strdup results were not checked.
This patch also contains a server side fix for RDP security (credit to nfedera).
The signature len was badly set in the GCC packet. And some other RDP security
oriented fixes are also there.
Triggered by Windows Server 2012 Admin-Mode with MS-recommended AD CA
Certificate setup, which would cause the CN to be absent, and a single
subjectAltName to be present.
# By Bernhard Miklautz (10) and others
# Via Marc-André Moreau (10) and Martin Fleisz (1)
* 'master' of git://github.com/awakecoding/FreeRDP: (32 commits)
libfreerdp-crypto: add robustness checks for VerifyX509Certificate
mfreerdp: fix possible crash on gdi termination
channels/cliprdr: add callback for data request response
channels/cliprdr: fix conflict with CLIPRDR_HEADER
fix a gdi leak bug.
channels/cliprdr: implement more of the callback interface
channels/cliprdr: start implementing clean callback interface
channels/rdpsnd: initial attempt at adding GSM610 support
winpr-thread: fixed bugs in _CreateProcessExA
ffmpeg-2 -- CodecID
ffmpeg-2 -- dsp_mask
ffmpeg-2 -- AVCODEC_MAX_AUDIO_FRAME_SIZE
check return value.
reformat coding styles.
fix name length to copy.
fix memory realloc size error.
libfreerdp-crypto: don't report SSL_ERROR_SYSCALL with errno value 0 as error
channels/rdpsnd: add wlog debug output
android toolchain: support for ndk r9b
android toolchain: fixed cmake syntax warning
...