Marc-André Moreau
87780a850d
Merge branch 'master' of github.com:FreeRDP/FreeRDP into mbedtls
2015-10-09 15:58:50 -04:00
Marc-André Moreau
4f769866d7
winpr: make clean non-OpenSSL build possible (without schannel, makecert)
2015-10-09 15:57:41 -04:00
zihao.jiang
a7f4685c09
Sec/NLA: Support passwordless (blank password) login with NLA.
...
It was supported in freerdp 1.0.2 but not supported in lastest master.
We should take empty password if it is explicitly specified with /v option.
If a password is not specified, we could first try SAM file. If the user entry does not exist, prompt for password.
2015-10-10 01:48:41 +08:00
Marc-André Moreau
87c42127c7
libwinpr-sspi: remove OpenSSL dependency in NTLM SSPI module
2015-10-08 16:48:58 -04:00
Marc-André Moreau
7521ecd759
libwinpr-crypto: add basic hashing and HMAC support with OpenSSL/mbedTLS
2015-10-08 13:58:55 -04:00
Marc-André Moreau
ac62d43e0f
winpr: isolate OpenSSL
2015-10-06 10:56:24 -04:00
Marc-André Moreau
8a5c55788b
libwinpr-sspi: don't warn about non-error security statuses
2015-09-17 11:16:20 -04:00
Armin Novak
48ccf73a36
More SSPI logging.
2015-07-08 17:41:22 +02:00
Armin Novak
7360cb638a
Erasing memory on credentials or SecBuffer free.
2015-07-08 17:41:21 +02:00
Bernhard Miklautz
1cee185e3c
hardening: check fread and fwrite return values
2015-06-26 20:38:30 +02:00
Armin Novak
e8bfa29bd2
Replaced registry keys with cmake defines.
2015-06-24 14:02:48 +02:00
Armin Novak
fbbc1affd0
ifdef variables used with specific build options.
2015-06-23 16:20:59 +02:00
Bernhard Miklautz
af81a91ea7
windows: fix compilation and warnings
2015-06-22 19:31:25 +02:00
Bernhard Miklautz
06502e6a91
misc: integrate pull request feedback
2015-06-22 19:24:30 +02:00
Bernhard Miklautz
fc6a3cf3c1
sspi/ntlm: integrate pull request comments
2015-06-22 19:23:58 +02:00
David FORT
7c3f8f33ab
Fixes for malloc / calloc + other fixes
...
This patch contains:
* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
2015-06-22 19:21:47 +02:00
David FORT
16d36e3083
A malloc() pass on WinPR
...
This patch treats remaining non-checked mallocs. And changes to calloc in places
where it makes sense
2015-06-22 19:10:00 +02:00
Bernhard Miklautz
bf73f4e4f1
Fix unchecked strdups
...
* add missing checks
* adapt function return values where necessary
* add initial test for settings
2015-06-22 19:09:59 +02:00
Armin Novak
5dff9c4f9e
Removed duplicate function tables, respecting WITH_NATIVE_SSPI
2015-06-17 13:24:11 +02:00
Hardening
1b366816a2
Merge pull request #2608 from oshogbo/master
...
Add check to protect memcpy(3) from using NULL pointer.
2015-05-29 10:49:42 +02:00
Mariusz Zaborski
80958751e4
Add check to protect memcpy(3) from using NULL pointer.
...
The ntlm_construct_challenge_target_info function can potentially pass NULL as
argument to the ntlm_av_pair_add function (for example DnsDomainName.Buffer).
This NULL finally lands in the CopyMemory (which is macro to the memcpy(3)
function) which can't handle NULL.
2015-05-25 08:32:48 +02:00
Konrad Witaszczyk
29d3b0bebb
QueryContextAttributes shouldn't return an error when a user or a domain
...
is empty.
2015-05-18 09:42:17 +02:00
Konrad Witaszczyk
95f9e6a641
Pass valid context to CompleteAuthToken function in Negotiate Security Package.
2015-05-15 13:02:40 +02:00
Norbert Federa
1eff1a345e
free can handle NULL perfectly fine
2015-05-11 09:07:39 +02:00
Norbert Federa
25fc866a58
Fix unchecked CreateThread calls and misc fixes
2015-05-05 13:55:48 +02:00
Bernhard Miklautz
850de59b55
winpr: add checks for *alloc
...
Add missing checks if memory allocation was successful. Also adapt
caller(s) when possible.
2015-04-08 11:34:37 +02:00
Armin Novak
831b74d519
Fixed memory leak.
2014-11-16 17:07:48 +01:00
Armin Novak
9339411c9b
Fixed memory leak.
2014-11-16 15:53:39 +01:00
Armin Novak
7756cfb7a4
Fixed memory leaks.
2014-11-16 14:56:08 +01:00
Armin Novak
3d28c9dbf1
Fixed sspi_CopyAuthIdentity, now checking source struct, if it is ANSI encoded.
2014-10-17 11:43:41 +02:00
Marc-André Moreau
c4588fb14f
libfreerdp-core: remove dependency on OPENSSL_Applink on Windows
2014-09-19 17:11:56 -04:00
Marc-André Moreau
2a5192b027
Merge branch 'master' of github.com:awakecoding/FreeRDP into egfx
...
Conflicts:
client/Windows/wf_cliprdr.h
client/Windows/wf_event.h
client/X11/xf_client.c
client/X11/xf_gdi.c
libfreerdp/gdi/gdi.c
server/Mac/mf_input.c
2014-09-17 19:09:56 -04:00
Marc-André Moreau
f0bff7e890
libwinpr-sspi: fix NTLM strict error check
2014-09-17 18:44:59 -04:00
Armin Novak
81a4081279
Decreased logging verbosity.
2014-09-16 09:37:45 +02:00
Armin Novak
6a26e33695
Fixed winpr_HexDump calls in debug mode.
2014-09-09 16:32:22 +02:00
Armin Novak
b22b897389
Reformatted changed files.
2014-09-09 16:32:22 +02:00
Armin Novak
7e3a1b3073
Now using macro to generate module specific log tag.
2014-09-09 16:32:04 +02:00
Armin Novak
28ece6bb46
Replaced stdio logging with WLog
2014-09-09 16:31:46 +02:00
Norbert Federa
cdcdec99bc
OpenSSL thread safety
...
freerdp/winpr had the following issues:
* The non reentrant SSL_library_init() was called concurrently (crash)
* Missing code/api to set the eventually required OpenSSL static and dynamic locking callbacks
* Missing code/api to free the application-global or thread-local OpenSSL data and tables
This commit creates two new winpr functions:
BOOL winpr_InitializeSSL(DWORD flags):
Use the flag WINPR_SSL_INIT_ALREADY_INITIALIZED if you want to tell winpr that
your application has already initialized OpenSSL.
If required use the flag WINPR_SSL_INIT_ENABLE_LOCKING to tell winpr that it
should set the OpenSSL static and dynamic locking callbacks.
Otherwise just call it with the flag WINPR_SSL_INIT_DEFAULT.
The recommended way is that your application calls this function once before
any threads are created. However, in order to support lazy OpenSSL library
initialization winpr_InitializeSSL() can also safely be called multiple times
and concurrently because it uses the new InitOnceExecuteOnce() function to
guarantee that the initialization is only performed successfully once during
the life time of the calling process.
BOOL winpr_CleanupSSL(DWORD flags):
If you create a thread that uses SSL you should call this function before the
thread returns using the flag WINPR_SSL_CLEANUP_THREAD in order to clean up
the thread-local OpenSSL data and tables.
Call the function with the flag WINPR_SSL_CLEANUP_GLOBAL before terminating
your application.
Note: This commit only replaced the current occurences of the
SSL_load_error_strings(); SSL_library_init(); pairs in the freerdp source
with winpr_InitializeSSL(). None of the server or client applications has been
changed according to the recommended usage described above (TBDL).
2014-07-28 21:55:57 +02:00
Armin Novak
ad3255354d
Added WITH_LIBRARY_VERSIONING, allowing to build shared libraries without
...
SOVERSION information. (required by Android)
2014-07-11 11:53:58 +02:00
Bernhard Miklautz
6a49bcfe40
winpr: always build "monolitic"
...
winpr is now always build as single library.
The build option MONOLITHIC_BUILD doesn't influence this behavior anymore.
The only exception is winpr-makecert-tool which is still build as extra
library.
This obsoletes complex_libraries for winpr.
2014-07-10 11:10:58 +02:00
Marc-André Moreau
948d137426
libwinpr-sspi: add support for passing NTLMv2 hash
2014-06-18 16:02:13 -04:00
Marc-André Moreau
e272bc923e
libwinpr-sspi: fix server-side NTLM authentication against NTLMv2 without key exchange
2014-06-18 14:42:35 -04:00
Marc-André Moreau
adbfcf53ea
libwinpr-sspi: fix failing test
2014-06-10 18:09:51 -04:00
Marc-André Moreau
1b93dca6c0
libwinpr-sspi: add support for querying user+domain and setting NTLM hash
2014-06-10 16:38:16 -04:00
Marc-André Moreau
723e9a171b
libwinpr-sspi: fix server-side NLA
2014-06-10 14:38:17 -04:00
Marc-André Moreau
8a343c3e6d
libwinpr-sspi: fix memory leaks
2014-06-10 14:16:02 -04:00
Marc-André Moreau
a27c7d85ed
libwinpr-sspi: patch some memory leaks
2014-06-10 08:40:04 -04:00
Marc-André Moreau
0ebc7e2ab4
libwinpr-sspi: add custom API for passing NTLM hashes and credentials dynamically
2014-06-09 15:25:00 -04:00
Marc-André Moreau
ac9b527991
libwinpr-sspi: fix NTLM SPN context helper
2014-06-08 09:14:49 -04:00
Marc-André Moreau
1c0ba4ca9a
libwinpr-sspi: add tests for NTLM
2014-06-07 18:28:02 -04:00
Marc-André Moreau
66d2b3ed93
libwinpr-sspi: fix server-side negotiate module
2014-06-07 17:08:07 -04:00
Marc-André Moreau
a37c6bb653
libwinpr-sspi: fix build on Linux
2014-06-07 16:46:32 -04:00
Marc-André Moreau
03cf7933d9
libwinpr-sspi: start implementing and using negotiate sspi module
2014-06-07 16:26:57 -04:00
Marc-André Moreau
576e0c4d1a
libwinpr-sspi: fix exporting of SSPI API
2014-06-07 14:43:02 -04:00
Marc-André Moreau
a07f616895
libwinpr-sspi: improve link interface
2014-06-07 10:50:51 -04:00
Marc-André Moreau
1b5a2340d2
libwinpr-sspi: even more code hardening
2014-06-07 00:17:11 -04:00
Marc-André Moreau
220f885774
libwinpr-sspi: code hardening
2014-06-06 17:20:34 -04:00
Marc-André Moreau
940e6fbc15
libwinpr-sspi: make native sspi option dynamic
2014-06-06 15:34:12 -04:00
Marc-André Moreau
907a29d0ba
libwinpr-sspi: isolate winpr implementation
2014-06-05 22:54:31 -04:00
Marc-André Moreau
c5a1a8ac27
libwinpr-sspi: fix native sspi build
2014-06-05 22:10:08 -04:00
Marc-André Moreau
a202fe4057
freerdp: fix several type related warnings
2014-05-08 18:02:02 -04:00
Bernhard Miklautz
b817e92e5e
cmake: mark required libraries for export
2014-04-23 10:16:02 +02:00
Marc-André Moreau
d64f86d52c
wfreerdp: fix 64-bit build
2014-02-10 00:34:17 -05:00
Marc-André Moreau
b5bef07e50
wfreerdp: fix building against OpenSSL with MONOLITHIC_BUILD and shared libraries
2014-02-01 19:53:45 -05:00
Marc-André Moreau
9bdfbcd556
wfreerdp: fix test build issues
2014-02-01 12:50:28 -05:00
Marc-André Moreau
21a259927a
libwinpr-sspi: fix encoding of server-side NTLM challenge message
2014-01-24 13:02:45 -05:00
Marc-André Moreau
652dbfd50d
libwinpr-sspi: fix NTLM TargetName bug
2013-12-17 11:51:13 -05:00
Bernhard Miklautz
a56e3f259b
winpr: disabled schannel test
...
not practicable for now since it requires local key setup
2013-11-15 16:19:49 +01:00
Marc-André Moreau
b8a1f7d6c0
freerdp: implement restricted admin mode pass-the-hash option
2013-11-06 10:02:58 -05:00
Marc-André Moreau
55565e056c
freerdp: export targets
2013-10-28 23:06:39 -04:00
Marc-André Moreau
b70ecbbf62
libfreerdp-core: decouple initialization of rdpSettings from freerdp* instance
2013-10-12 18:20:25 -04:00
Marc-André Moreau
7dd95b9587
libwinpr-crypto: improve Schannel unit test
2013-10-11 04:01:07 -04:00
Armin Novak
62356e667c
Fixed erroneous patch.
2013-09-05 12:14:34 +02:00
Armin Novak
e5c138a5b9
Fixed various memory leaks, allocation size issues and API misuse
...
warnings shown by clang as well as some compiler warnings.
2013-09-05 12:14:34 +02:00
Armin Novak
a3b531c036
Fixed issues found with clang-analyzer
2013-09-05 12:14:33 +02:00
Armin Novak
62330ca669
Fixed variable mixup.
2013-09-05 12:14:33 +02:00
Armin Novak
f231f3fcc5
Fixed coverity issue 1047597
2013-09-05 12:14:32 +02:00
Armin Novak
1673e526f5
Fixed coverity issue 1047598
2013-09-05 12:14:32 +02:00
Armin Novak
e2cd11332b
Fixed coverity issue 1047599
2013-09-05 12:14:32 +02:00
Armin Novak
4bd1c567bd
Fixed coverity issue 1047600
2013-09-05 12:14:32 +02:00
Bernhard Miklautz
0773bb9303
nla: invalidate sec handle after creation
...
If sec pointer isn't invalidated after creation it is not possible
to check if the upper and lower pointers are valid.
This fixes a segfault in the server part if the client disconnects before
the authentication was finished.
2013-07-01 19:24:19 +02:00
Marc-André Moreau
367ebf32a3
freerdp: make use of stream macros to access members
2013-05-15 12:14:26 -04:00
Marc-André Moreau
51715636a5
freerdp: remove some deprecated stream utils
2013-04-29 22:35:15 -04:00
Hardening
7701c9d934
Replace printf(...) by fprintf(stderr, ...)
2013-03-28 23:06:34 +01:00
Bernhard Miklautz
6b1a414b36
winpr/sspi: disable test TestSchannel
2013-03-15 23:11:17 +01:00
Bernhard Miklautz
1519152709
winpr/sspi: fixed test TestInitializeSecurityContext
2013-03-15 21:47:24 +01:00
Bernhard Miklautz
e8eb0d0b44
Fixed formating build warnings (-Wformat)
2013-03-15 20:03:48 +01:00
Marc-André Moreau
35033497d8
libwinpr-sspi: implement partial Schannel EncryptMessage/DecryptMessage support
2013-02-18 21:50:33 -05:00
Marc-André Moreau
4e565e26b5
Merge branch 'master' of github.com:awakecoding/FreeRDP
2013-02-18 20:07:41 -05:00
Marc-André Moreau
01e8eb8204
libwinpr-sspi: complete Schannel handshake
2013-02-18 20:07:29 -05:00
Marc-André Moreau
801708297a
libwinpr-rpc: fix windows build
2013-02-18 19:29:50 -05:00
hardening
865ff2a5f8
Fixed compilation with -Wstrict-prototypes
2013-02-14 22:20:43 +01:00
Marc-André Moreau
ff586504e7
libwinpr-sspi: cleanup NTLM messages
2013-01-30 20:39:57 -05:00
Marc-André Moreau
4a5bd8584a
libwinpr-sspi: cleanup NTLM authenticate message construction
2013-01-30 19:47:27 -05:00
Marc-André Moreau
49ee48e8d0
libfreerdp-primitives: code style cleanup
2013-01-19 15:16:28 -05:00
Marc-André Moreau
3d77d5a497
freerdp: merging with master
2013-01-14 13:50:16 -05:00
rdp.effort
4d90284657
Renamed CODEC_ID_NONE to RDP_CODEC_ID_NONE as it is already defined in
...
avcodecs.h
Fixed a warning in schannel_openssl.c
Added checks for: input, mcs, tpdu, certificate, license
2013-01-12 14:49:01 +01:00
Marc-André Moreau
136bbc8bf7
libwinpr-sspi: start implementing Schannel EncryptMessage
2013-01-11 14:23:54 -05:00
Marc-André Moreau
b868af322e
libwinpr-sspi: fix Schannel TLS handshake
2013-01-10 17:12:27 -05:00
Marc-André Moreau
03ef822d0c
libwinpr-sspi: add Schannel EncryptMessage/DecryptMessage tests
2013-01-10 16:28:56 -05:00
rdp.effort
e53e8e524d
Initialize lpWideCharStr parameter when using ConvertToUnicode
...
This patch ensure that lpWideCharStr is initialized by callers of
ConvertToUnicode
2013-01-10 21:30:32 +01:00
Marc-André Moreau
59084a09ba
libwinpr-sspi: fix Schannel TLS handshake
2013-01-10 12:19:07 -05:00
Marc-André Moreau
0fbf846671
libwinpr-sspi: NTLM extended protection cleanup
2013-01-10 11:19:57 -05:00
Marc-André Moreau
f0c94562cc
libfreerdp-core: TS Gateway cleanup and NTLM SingleHostData implementation
2013-01-09 12:05:34 -05:00
Marc-André Moreau
1d893ed268
libwinpr-sspi: add support for NTLMv2 Channel Binding Token (CBT)
2013-01-09 00:20:08 -05:00
Marc-André Moreau
d8949f5d8f
libfreerdp-core: fix computing of test channel binding token
2013-01-08 21:56:28 -05:00
Marc-André Moreau
218773a04c
Merge branch 'master' of github.com:awakecoding/FreeRDP
2013-01-06 16:42:59 -05:00
Marc-André Moreau
4cf0dc1004
libwinpr-sspi: improve attempted channel binding token computation
2013-01-06 16:05:20 -05:00
Marc-André Moreau
3b71138442
wfreerdp-server: fix build on Windows 7
2013-01-05 14:58:47 -05:00
Marc-André Moreau
609459f8a6
libwinpr-sspi: fix build on Linux
2013-01-05 12:35:24 -05:00
Marc-André Moreau
05ef57bb01
libwinpr-sspi: complete Schannel TLS handshake test
2013-01-04 13:43:44 -05:00
Marc-André Moreau
f8b364d696
libwinpr-sspi: add more Schannel tests
2013-01-04 12:16:55 -05:00
Marc-André Moreau
985721d035
libwinpr-sspi: start implementing ISC and ASC for Schannel
2013-01-03 13:36:19 -05:00
Marc-André Moreau
80daf6fb5c
libwinpr-sspi: fix build on Linux
2013-01-03 11:35:08 -05:00
Marc-André Moreau
27084c4642
libwinpr-sspi: improve SSPI Schannel test
2013-01-03 11:13:13 -05:00
Marc-André Moreau
436a7dfc9f
libwinpr-sspi: enable extended protection by default to restore TSG connectivity with most servers
2012-12-28 11:53:17 -05:00
Marc-André Moreau
45ad6e9ac9
libwinpr-sspi: started OpenSSL-based Schannel implementation
2012-12-23 20:20:41 -05:00
Marc-André Moreau
5240823124
libwinpr-sspi: fix build on Linux
2012-12-23 18:59:59 -05:00
Marc-André Moreau
a5aa8fc2cc
libwinpr-sspi: improved Schannel test with fake client-server communication
2012-12-23 18:41:02 -05:00
Marc-André Moreau
85690a3ec7
libwinpr-sspi: improve Schannel QueryCredentialsAttributes stubs
2012-12-23 14:38:58 -05:00
Marc-André Moreau
d4e580834f
libwinpr-sspi: fix build on Windows
2012-12-23 13:21:57 -05:00
Marc-André Moreau
1c89b62f55
libwinpr-sspi: added Schannel test
2012-12-22 20:23:44 -05:00
Marc-André Moreau
af05962a8e
libwinpr-sspi: added more Schannel definitions
2012-12-22 12:18:13 -05:00
Marc-André Moreau
093a0edd9c
libwinpr-sspi: add schannel definitions
2012-12-22 03:58:09 -05:00
Marc-André Moreau
f9ad678a51
libfreerdp-client: fix /pcb and /pcid
2012-12-22 02:39:39 -05:00
Marc-André Moreau
81c2782be3
libwinpr-sspi: start implementing Channel Bindings
2012-12-21 12:17:07 -05:00
Marc-André Moreau
038754cbed
libwinpr-sspi: fix SSPI NTLM SuppressExtendedProtection
2012-12-20 16:35:07 -05:00
Marc-André Moreau
0047511055
libwinpr-sspi: fix unicode conversion
2012-12-17 13:35:12 -05:00
Marc-André Moreau
85b023bb08
libwinpr-sspi: remove debug output
2012-12-13 16:30:34 -05:00
Marc-André Moreau
72110807b1
libfreerdp-core: fix NLA
2012-12-13 16:29:16 -05:00
Marc-André Moreau
102abcbef2
libfreerdp-core: improve TSG memory cleanup
2012-12-12 20:02:56 -05:00
Marc-André Moreau
424ac18eba
libwinpr-utils: simplify winpr stream utils even more
2012-12-10 14:43:48 -05:00
Marc-André Moreau
6e07570dda
libwinpr-utils: simplify stream utils
2012-12-10 14:23:27 -05:00
Marc-André Moreau
c4e06eb0a7
libwinpr-utils: refactor winpr stream utils
2012-12-10 14:08:06 -05:00
Marc-André Moreau
2db4c27be7
libfreerdp-core: fix SPN for TS Gateway
2012-11-27 16:37:56 -05:00
Marc-André Moreau
83473d11d1
channels: patch memory leaks, load addins from list
2012-11-19 13:26:56 -05:00
Marc-André Moreau
a6d1ec0ecf
libwinpr-dsparse: fix on linux
2012-10-28 22:16:21 -04:00
Marc-André Moreau
95766036f4
Merge branch 'channels' of github.com:FreeRDP/FreeRDP into channels
2012-10-26 12:00:39 -04:00
Marc-André Moreau
9eece31e19
libwinpr-sspi: fix SuppressExtendedProtection
2012-10-26 12:00:30 -04:00
Marc-André Moreau
b7a289f843
libwinpr: fix test build on Mac OS X
2012-10-25 15:34:57 -04:00
Marc-André Moreau
d5b635c9e8
libwinpr-library: improve library tests
2012-10-18 16:58:27 -04:00
Marc-André Moreau
dd23dd1aee
ctest: change default output test path
2012-10-18 15:37:00 -04:00
Marc-André Moreau
304b4c2d86
cmake: fix windows build
2012-10-14 01:17:25 -04:00
Marc-André Moreau
229438dbf3
cmake: fix monolithic test build
2012-10-13 17:38:02 -04:00
Marc-André Moreau
06fa85f31c
cmake: refactoring of MONOLITHIC_BUILD
2012-10-13 17:30:59 -04:00
Marc-André Moreau
2ee9f23a8e
cmake: revert back to standard CTest BUILD_TESTING option
2012-10-13 09:50:02 -04:00
Marc-André Moreau
c26a623ed1
cmake: rename BUILD_TESTING to TEST_BUILD
2012-10-12 16:04:46 -04:00
Marc-André Moreau
40eea7c76b
cmake: rename WITH_MONOLITHIC_BUILD to MONOLITHIC_BUILD
2012-10-08 22:55:06 -04:00
Marc-André Moreau
7891e0a765
winpr: stubbed pipe module, added some test stubs
2012-10-07 16:13:30 -04:00