mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
18,682 Commits 6 Branches 74 Tags 84 MiB
d5f8b337c4
Commit Graph

539 Commits

Author SHA1 Message Date
David Fort
b283daafd7 tls: cleanup and add some methods to do handshakes asynchronously 
This patch does a few cleanups to allow creating TLS and DTLS contexts.
It also introduces tls_accept_ex and tls_connect_ex that can start the SSL handshake,
and it can be finished by calling tls_handshake
 2022-12-19 10:46:06 +01:00
Bernhard Miklautz
e530999156 new [tls/server]: disable client side renegotiation 2022-12-15 11:06:19 +01:00
akallabeth
37ab25e19d Fixed all Wdocumentation warnings 2022-12-12 14:24:55 +01:00
akallabeth
5799fb2018 Replace ConvertFromUnicode and ConvertToUnicode 
* Use new ConvertUtf8ToWChar, ConvertUtf8NToWChar,
  ConvertUtf8ToWCharAlloc and ConvertUtf8NToWCharAlloc
* Use new ConvertWCharToUtf8, ConvertWCharNToUtf8,
  ConvertWCharToUtf8Alloc and ConvertWCharNToUtf8Alloc
* Use new Stream UTF16 to/from UTF8 read/write functions
* Use new settings UTF16 to/from UTF8 read/write functions
 2022-11-28 10:42:36 +01:00
Armin Novak
7b95014157 [winpr,crypto] Split crypto header renamed 
* Renamed custom winpr crypto function header
* Added compatiblity header
 2022-11-23 09:39:56 +01:00
akallabeth
13a58bd346 [crypto] Added sha3 define guards 
sha3 is only supported with OpenSSL 1.1.1a or later
 2022-11-22 12:09:39 +01:00
akarl10
3a10bcd36a [ntlm]: use rfc5929 binding hash algorithm 
rfc5929 mandates some specific hashes for the binding algorithm
 2022-11-21 13:27:08 +01:00
fifthdegree
cbd310df52 Check smartcard certificates for correct EKU 
To be used for login, smartcard certificates must have the Microsoft
Smart Card Logon EKU
 2022-10-24 22:22:00 +02:00
akallabeth
1849632c43
Fixed format strings to match arguments (#8254) 
* Fixed format strings to match arguments

Reviewed and replaced all %d specifiers to match proper type

* Added proxy dynamic channel command type to log messages.
 2022-09-29 14:55:27 +02:00
Armin Novak
21ccb75812 Replaced magic numbers with definitions 2022-09-20 15:52:14 +02:00
DVeron-RC
de16558344
Fix memory leak in tls.c (#8135) 
There was an issue in the reference count managment of the private
key and the X509 certificate.
 2022-08-18 15:51:30 +02:00
Martin Fleisz
693985b733 crypto: Fix compilation with OpenSSL versions older than 1.1.1 2022-08-17 14:20:14 +02:00
David Fort
942273e9cb
tls: add an option to dump tls secrets for wireshark decoding (#8120) 
This new option /tls-secret-file:<file> allows to dump TLS secrets in a file with
the SSLKEYLOGFILE format. So this way you can setup the TLS dissector of wireshark
(Pre-Master-Secret log filename) and see the traffic in clear in wireshark.
It also add some more PFS ciphers to remove for netmon captures.
 2022-08-16 10:40:32 +02:00
David Véron
a3712521a8 TLS version control 
* added settings for minimal and maximal TLS versions supported
* refactorisation of the force TLSv1.2 setting
 2022-07-07 07:13:11 +00:00
akallabeth
51f4c374c4 Clear OpenSSL error queue before BIO_read/BIO_write 2022-07-02 16:32:50 +02:00
fifthdegree
85f7cb8916 clear openssl error queue after nla_client_begin 2022-07-02 16:32:50 +02:00
Adrian Perez de Castro
81e8e28062 Fix building with LibreSSL 2.7.0 or newer 
With LibreSSL 2.7.0 (or newer versions) some more structs have made
opaque, which requires a few changes:

- BIO_meth_new() and related functions are now defined by LibreSSL, the
  versions from opensslcompat.{h,c} does not need to be used anymore.
- HMAC_CTX is now opaque, HMAC_CTX_new(), EVP_MD_CTX_new, and related
  functions should be used instead in winpr's hash.c.
 2022-06-27 12:42:06 +02:00
akallabeth
0563dae8b3 Cleanup tls_prepare 2022-06-23 09:18:37 +02:00
Siva Gudivada
7ce4d8b196 add a new flag to enforce tls1.2 2022-06-23 09:18:37 +02:00
akallabeth
3d9c972d5c
Replace direct rdpSettings access with getter/setter (#7867) 
* Replace direct rdpSettings access with getter/setter

* Fixed xf_gdi_update_screen const warning
 2022-05-02 10:55:44 +02:00
akallabeth
962c5c3ef0 Fixed dead store warnings 2022-04-28 12:37:19 +02:00
akallabeth
1dcc5a180a Fixed warnings 2022-04-28 11:24:51 +02:00
akallabeth
cc3e28f2f1 Fixed -Wdocumentation errors 2022-04-28 11:24:51 +02:00
akallabeth
73cdcdfe09
Logging and parser fixes (#7796) 
* Fixed remdesk settings pointer

* Fixed sign warnings in display_write_monitor_layout_pdu

* Use freerdp_abort_connect_context and freerdp_shall_disconnect_context

* Added and updates settings

* info assert/dynamic timezone

* mcs assert/log/flags

* Fixed and added assertions for wStream

* Unified stream length checks

* Added new function to check for lenght and log
* Replace all usages with this new function

* Cleaned up PER, added parser logging

* Cleaned up BER, added parser logging

* log messages

* Modified Stream_CheckAndLogRequiredLengthEx

* Allow custom format and options
* Add Stream_CheckAndLogRequiredLengthExVa for prepared va_list

* Improved Stream_CheckAndLogRequiredLength

* Now have log level adjustable
* Added function equivalents for existing logger
* Added a backtrace in case of a failure is detected

* Fixed public API input checks
 2022-04-19 14:29:17 +02:00
akallabeth
d3ae821477 Improved logging, compiler warning fixes 
* Improved logging in TPKT, TPDU, MCS, PER
* Proper use of rdpSettings functions
* Fixed missing return values
* Refactored rdp_server_transition_to_state
 2022-03-28 15:52:32 +02:00
akallabeth
14568872a9
Instance cleanup (#7738) 
* Cleaned up freerdp::autodetect

* Deprecate freerdp::input

* Deprecated freerdp::update

* Deprecated freerdp::settings

* Deprecated freerdp::autodetect

* Removed rdpTransport::settings

* Deprecated freerdp_per::update|settings|autodetect

* Fixed mac client and server compilation

* Fixed windows compilation

* Added deprecation warnings

* Fixed initialization of structs.

* Fixed android build

* Fixed freerdp_client_context_new const correctness

* Fixed checks for android implementation

Replaced checks with assertions where appropriate

* Fixed checks for windows client

Replaced checks with assertions where appropriate

* Fixed proxy client pointer dereference
 2022-03-23 13:18:35 +01:00
akallabeth
fa3cf9417f
Fixed #7696: Abort freerdp_connect if manually canceled (#7700) 
If freerdp_abort_connect is called, set FREERDP_ERROR_CONNECT_CANCELLED
This way freerdp_reconnect can distinguish between network issues and
user interaction and abort a retry attempt.
 2022-03-07 13:47:43 +01:00
akallabeth
3d38d2636c Decreased logging verbosity for INFO level 2022-03-04 09:34:02 +01:00
Armin Novak
4d03d7c0bf Freerdp remove #ifdef HAVE_CONFIG_H 2022-03-03 11:26:48 +01:00
Armin Novak
b2ad47a809 Reorganized FreeRDP headers 2022-03-03 11:26:48 +01:00
David Fort
0435b5a65d Implement smartcard logon 2022-02-24 08:52:25 +01:00
David Fort
cb351a099d Enable smartcard NLA logon 2022-02-24 08:52:25 +01:00
David Fort
d545ab66e1 tscredential: generate automatically the file from a parser 2022-02-24 08:52:25 +01:00
akallabeth
8cc6582044
Unify struct definitions (#7633) 
* Unified enum/struct definitions, fixed include issues

* Fixed mac compilation issues

* Added missing include

* Fixed windows server build warnings

* Fixed VS2010 build issue

* Removed unnecessary library linking

* Fixed ThreadPool WinXP compatibility

* Fixed pr review remarks
 2022-02-14 14:59:22 +01:00
Armin Novak
10e40147fb Fixed various const warnings 2022-02-01 10:25:37 +00:00
akallabeth
a71235be74
Cert update fix (#7382) 
* Fixed certificate thumbprint default format

* Fixed VerifyChangedCertificateEx call arguments
 2021-10-21 09:07:52 +02:00
Armin Novak
103ff6a758 Fixed certificate store double free. 2021-10-06 09:49:07 +02:00
akallabeth
1c84690c2f
Fixes from tests (#7308) 
* Fixed memory leak in tls_verify_certificate

* Fixed missing NULL checks

* Fixed missing checks for FreeRDP_DeactivateClientDecoding

* Added WINPR_ASSERT for client common new/free

* Added /disable-output switch to deactivate client decoding

Allows low resource remote connections that do not require visual
feedback. (e.g. load testing/...)
 2021-09-21 09:56:56 +02:00
akallabeth
75e6f443b5 Fixed possible leak in tls_prepare 
If the function fails, the 'underlying' BIO was leaking as
tls_free did not clean it up if 'tls->bio' was not successfully
allocated.
 2021-09-20 10:59:59 +02:00
Armin Novak
976c3c2ab9 Refactored proxy and proxy-modules: 
* Split out proxy headers and moved to public API to allow external
  modules to be built.
* Split proxy into proxy library and proxy binary. The library
  can be used by other applications and provides a simple API
* Improved channel passthrough, now all channels including dynamic
  channels work.
* Extended module API to hook more events, improved module samples
* Cleaned up proxy code, removed global static variables used,
  added WINPR_ASSERT
 2021-09-09 08:53:20 +02:00
Armin Novak
68f24477f6 Fixed compilation warnings on mac 2021-08-26 15:08:28 +02:00
Armin Novak
13f54fc0dd Improved fingerprint hash comparison 
* Allow new hash format 11bbccdd along already supported 11:22:aa:BB
 2021-08-26 09:38:12 +02:00
Armin Novak
5afa592244 Fixed cast-qual warnings 2021-08-24 11:10:51 +02:00
Armin Novak
f515bd4560 Fixed shadowing and type errors 2021-08-24 10:45:57 +02:00
Armin Novak
610396e197 Fixed compilation warnings 
Try to get the number of warnings down
 2021-08-02 10:28:06 +02:00
Armin Novak
4b7aa61abd Fixed tls_write_all, abort if blocked 
If data to be read is blocking the socket abort.
 2021-07-29 15:09:53 +02:00
akallabeth
534d30beb3
No deprecated (#7107) 
* Removed cmake options disabling compiler warnings

* Added deprecation compile options

* Fixed android client use of deprecated symbols

* Removed obsolete callback
 2021-06-22 14:39:10 +02:00
Armin Novak
09111c9270 libfreerdp: Fixed warnings, added assertions 2021-06-18 11:32:16 +02:00
Armin Novak
5fb59a23a9 Fixed lots of compilation warnings and type mismatches 2021-06-16 15:21:56 +02:00
Armin Novak
d36d94766e Replaced assert with WINPR_ASSERT 2021-06-14 09:37:07 +02:00
akallabeth
6b36c6d417
Replace fopen and path functions with wrappers (#7043) 
Functions like fopen, PathFileExists, PathMakePath need to call
the wide character versions on windows for utf-8 support.
 2021-05-31 11:42:03 +02:00
akallabeth
8e43f90590 Fixed #7045: allow NULL isser and subjects in certificates 2021-05-28 09:25:33 +02:00
Theo Buehler
9914dbc770 Fix build for upcoming LibreSSL version 
SSL will become opaque in LibreSSL 3.4.x, hence the code reaching inside
it will result in build breakage. This was done at the time for lack of
BIO_up_ref() support, which has been available since LibreSSL 2.7.0, so
adjust the relevant #ifdefs accordingly.
 2021-05-25 10:06:32 +02:00
Armin Novak
2b19576fc7 Fixed compiler warnings, function arguments and const parameter 2021-05-18 13:37:34 +02:00
akallabeth
d4ebf8546f Cleaned up crypto API 2021-05-11 08:00:18 +02:00
akallabeth
b494a193db Refactored certificate API: 
* Proper encapsulation
* known_hosts2 backend extended (storing PEM)
* New backend storing each host certificate in a file
 2021-05-11 08:00:18 +02:00
akallabeth
c3171b90cb Removed unit tests for legacy known_hosts file 2021-05-11 08:00:18 +02:00
akallabeth
384f997aa7 Removed support for obsolete known_hosts file. 2021-05-11 08:00:18 +02:00
akallabeth
9e466abe6f Fixed #6989: Use X509_STORE_set_default_paths 2021-05-03 13:37:26 +02:00
akallabeth
187946e965 Removed duplicated escape 2021-04-27 11:48:39 +02:00
akallabeth
e2fd9db0b5 Added const to function arguments 2021-02-17 11:29:56 +01:00
akallabeth
70881d3957 Fixed #6442: Use cmake to provide source directory for test pem 2020-08-25 09:48:29 +02:00
Armin Novak
57b405ca26 Fixed compilation warnings. 2020-08-10 12:14:11 +02:00
Armin Novak
76d10561bb Set BIO data NULL on cleanup 
Recursive BIO free could double free, if the BIO data is not set
NULL when removed.
 2020-07-23 10:48:39 +02:00
akallabeth
02c5ec66e5 Fixed possible integer overflow in crypto_rsa_common 
Thanks @anticomputer for pointing this out
 2020-06-22 12:09:36 +02:00
akallabeth
d936402878 Fixed GHSL-2020-102 heap overflow 2020-05-20 15:10:07 +02:00
akallabeth
6a2785e359 Abort on first possible certificate validation error 
Only retry certificate validation if the purpose was wrong.
 2020-05-20 14:48:15 +02:00
akallabeth
7890833af8 Replaced strtok with strtok_s 2020-05-18 11:39:22 +02:00
akallabeth
5cfc3e8593 Fixed #6148: multiple ceritificate purposes 
OpenSSL certificate verification can only check a single purpose.
Run the checks with all allowed purposes and accept any.
 2020-05-12 15:36:48 +02:00
akallabeth
095d24934c Fixed #6122: Allow SSL server and client purpose 2020-04-25 08:06:00 +02:00
akallabeth
b094d52d0b Fixed #6099: Add a flag for legacy hash entries 
If a legacy entry is found in certificate hash store print
additional information to the user informing about the change
with FreeRDP 2.0
 2020-04-22 18:14:39 +02:00
Linus Heckemann
89e4e24c31 tls: support non-RSA keys 2020-04-10 17:57:34 +02:00
Armin Novak
5b9b7f331b Fixed memory leak in tls_get_channel_bindings 2020-03-06 11:37:35 +01:00
Armin Novak
9c999b7135 Added raw function wrapping X509_digest 2020-03-06 11:37:35 +01:00
Armin Novak
2be6e4117f Let ssl backend handle hash checks. 2020-03-06 11:37:35 +01:00
Armin Novak
00fa84b514 Check cert against CertificateAcceptedFingerprints 
CertificateAcceptedFingerprints may contain a list of certificate
hashes and the corresponding fingerprint.
If one of the hashes matches consider the certificate accepted.
 2020-03-06 11:37:35 +01:00
Armin Novak
ac4bb3c103 End connection before user callbacks if aborted. 
If somewhere in freerdp_connect freerdp_abort_connect was called
the user callbacks Authenticate, GatewayAuthenticate and
Verify[Changed|X509]Certificate[Ex] must not be called.
 2020-02-19 16:44:42 +01:00
Armin Novak
7c243da6e1 Remove symbols exported by accident. 2019-12-02 10:57:31 +01:00
Armin Novak
72ca88f49c Reformatted to new style 2019-11-07 10:53:54 +01:00
Armin Novak
d7877186d6 Fixed strnlen issues. 2019-11-05 14:55:33 +01:00
Armin Novak
993b79f1bd Removed strcpy use. 2019-10-29 11:58:43 +01:00
Armin Novak
f01e042211 Code cleanups (strlen, casts, size_t, ...) 2019-10-29 11:58:43 +01:00
asapelkin
82eadad4a4 Fix some static analizer warnings 2019-10-22 15:39:54 +02:00
Armin Novak
2f2ca9d93b Fixed leak in verify_cb. 2019-10-04 16:19:23 +02:00
Armin Novak
2778cbce8c Fixed type of sk_* macro. 2019-08-22 10:40:25 +02:00
Armin Novak
36c820a9d9 Extract whole certificate chain to PEM format. 2019-07-17 14:42:32 +02:00
Armin Novak
0c17c3871b Pass on cert validation failure, set freerdp error in all use cases. 2019-07-15 15:51:46 +02:00
Armin Novak
ca4a1d19a5 Silenced some unused parameter warnings. 2019-05-08 12:21:31 +02:00
Armin Novak
29c920c568 Fixed review remarks. 2019-04-05 09:14:35 +02:00
Armin Novak
1da57d0b7e Fixed sign-compare warnings 2019-04-05 09:13:24 +02:00
cerg2010cerg2010
7abc86ffae Close file handle correctly. (#5310) 2019-03-18 14:57:00 +01:00
Armin Novak
4ad0770a7e Silenced function pointer cast warnings for BIO_callback_ctrl 2019-02-21 13:53:51 +01:00
David Fort
05d9d89796
Merge pull request #5149 from akallabeth/cert_deny 
New option to disable user certificate dialog
 2019-01-25 16:59:33 +01:00
Armin Novak
0c83efa753 Fix #5170: Disable custom TLS alert for libressl > 2.8.3 2019-01-07 14:20:16 +01:00
Simon Legner
ff375d238b
fix(crypto/tls): typo 2019-01-02 08:18:07 +01:00
Armin Novak
b60045af27 New option to disable user certificate dialog 
The new option +cert-deny aborts a connection automatically if
the certificate can not be validated by OpenSSL or via known hosts.
 2018-12-14 10:17:52 +01:00
Armin Novak
6906efa354 Fixed return value for already accepted certificate. 2018-12-14 09:52:25 +01:00
Armin Novak
d2ac7acdd9 Fixed certificate accept 
certificate_data_replace can only replace an existing entry,
use certificate_data_print for new ones.
 2018-12-10 12:03:55 +01:00
Armin Novak
d05217454f Fix #5115: Cast PEM data from BYTE* to char* to silence warnings. 2018-12-07 12:36:18 +01:00
Armin Novak
0aaf14bed7 Fixe accidental removal of certificate_data_replace 2018-12-06 09:39:50 +01:00
Armin Novak
b27470405c Duplicate PEM when accepted. 2018-12-04 09:35:24 +01:00
Armin Novak
e04c319d21 Added new default certificate callbacks with extended information. 
The extended information provided by VerifyCertificateEx and
VerifyChangedCertificateEx is now exploited by the new functions
client_cli_verify_certificate_ex and client_cli_verify_changed_certificate_ex.

The old callbacks now print out deprecation warnings to inform the
user and developer about this deprecation.
 2018-12-04 09:35:24 +01:00
Armin Novak
a8823fdf95 Cleaned up certificate verification code. 2018-12-04 09:35:24 +01:00
Armin Novak
7ab07ab980 Added certificate callbacks with source indications. 2018-12-04 09:35:24 +01:00
Armin Novak
dd3276d664 Prefer VerifyX509Certificate and fixed const arguments 
If VerifyX509Certificate is set use it also when doing internal
certificate management. Added flags to ensure it is possible to
find out which type of connection is being made.
 2018-12-04 09:35:24 +01:00
Armin Novak
d27cd1b19e Fixed unit tests, use uniqe file names 2018-12-04 08:45:41 +01:00
Armin Novak
f3e1ffb121 Fix #4764: Second try, use X509_STORE_CTX_set_purpose 2018-11-28 12:08:42 +01:00
Armin Novak
77744200a8 Fix #4768: Set SSL verify purpose to ANY 
Should actually be SSL server but since we allowed broken
purpose up until now keep that for the 2.0 series.
 2018-11-26 11:58:29 +01:00
akallabeth
effa8b8562 Fix #5049: Libressl declares OPENSSL_VERSION_NUMBER too high 
Need to check specifically for LIBRESSL_VERSION_NUMBER as they
set the version higher than OpenSSL 1.1 but without API support.
 2018-11-22 19:10:05 +01:00
Armin Novak
649f49fa61 Fix #5049: LibreSSL does not have SSL_CTX_set_security_level 2018-11-22 09:23:46 +01:00
Martin Fleisz
947aa80033
Merge pull request #5016 from akallabeth/windows_server_build_fix 
Windows server build fix
 2018-11-21 16:02:47 +01:00
Christian Gall
fffe4f077a * remove obsolete SSLv23_client_method in tls_connect() 
* set min TLS Version
 2018-11-18 14:09:37 +00:00
Armin Novak
a2cd934184 Fixed windows build warnings. 2018-11-15 09:01:53 +01:00
Martin Fleisz
097ac0ee13
Merge pull request #4997 from akallabeth/use_bio_free_all 
Replaced BIO_free with BIO_free_all
 2018-11-12 13:55:36 +01:00
Armin Novak
5f4843191b Replaced BIO_free with BIO_free_all 
There is no point in using BIO_free with a custom recursion
to free up stacked BIOs if there is already BIO_free_all.
Using it consistently avoids memory leaks due to stacked BIOs
not being recursively freed.
 2018-11-08 12:09:49 +01:00
Bernhard Miklautz
1222e7060b new [crypto/tls]: add support to set tls security level 
The newly introduced option /tls-seclevel can be used to set the tls
security level on systems with openssl >= 1.1.0 or libressl.
As default level 1 is used as higher levels might prohibit connections
to older systems.
 2018-11-08 11:13:15 +01:00
Bernhard Miklautz
649404dd29 fix [libfreerdp/crypto]: memory leak in Test_x509_cert_info 2018-11-05 13:46:05 +01:00
Armin Novak
bdff1c96fd Fixed use after free and leak. 2018-09-20 11:08:12 +02:00
Armin Novak
817f8e0d47 Fixed an issue introduced with #4822 
The string prepared is not NULL terminated and the sources are of fixed sizes.
Use memcpy instead of print fucntions in this specific case.
 2018-09-03 08:48:33 +02:00
Armin Novak
5bc3993e3f Fixed buffer size and function name 2018-08-27 14:34:42 +02:00
Armin Novak
62c1696d4c Removed use of unchecked sprintf 2018-08-27 14:34:42 +02:00
Armin Novak
114abad767 Removed use of strcpy. 2018-08-27 14:34:09 +02:00
akallabeth
9e3b48e0fb
Merge pull request #4829 from informatimago/smartcard-logon-rdp--x509-certificate-info-extraction 
Smartcard Logon: restructured x509 certificate info extraction; added extracting the UPN.
 2018-08-27 14:33:09 +02:00
Pascal J. Bourguignon
63d00f6f81 Corrected the compatibility function names: crypto_cert_subject_alt_name and crypto_cert_subject_alt_name_free. 2018-08-27 13:51:30 +02:00
Pascal J. Bourguignon
53692ffc57 Compute certificate_path from __FILE__ to adapt to changing compilation and test environments. 2018-08-24 16:04:29 +02:00
Pascal J. Bourguignon
79d2294a23 Put back deprecated function names crypto_cert_get_alt_names and crypto_cert_alt_names_free for FREERDP_API compatibility. 2018-08-24 15:20:03 +02:00
Pascal J. Bourguignon
98b8602663 Use C comment syntax instead of C++; added static declaration for local functions. 2018-08-24 15:05:50 +02:00
Pascal J. Bourguignon
469f9bf488 Smartcard Logon: restructured x509 certificate info extraction; added extracting the UPN. 2018-08-24 14:03:04 +02:00
Armin Novak
dab842cfb5 Fixed missing type casts. 2018-08-24 13:40:36 +02:00
Ondrej Holy
0b7d0c2002 crypto/tls: Prevent usage of freed pointer found by coverity 
pass_freed_arg: Passing freed pointer "pemCert" as an argument to "WLog_PrintMessage".
 2018-08-22 14:34:02 +02:00
Armin Novak
026ff00e7d Fixed #4806 broken bounds check. 2018-08-21 09:08:33 +02:00
Armin Novak
3d6c41746d Expose redirection flag for certificate. 2018-07-18 16:06:20 +02:00
Armin Novak
7ebc899516 Fixed PEM certificate reading. 2018-07-10 15:21:53 +02:00
Armin Novak
c9cebf6ed6 Remember accepted PEM cert to avoid unnecessary user input. 2018-07-10 11:27:58 +02:00
Armin Novak
9de99f15d4 Added comment support for known_hosts format. 2018-05-14 12:08:35 +02:00
Armin Novak
5765e9a422 Fixed #4476: broken casts/variable sizes for custom BIO calls. 2018-05-03 12:30:40 +02:00
Martin Fleisz
296b19e172
Merge pull request #4596 from p-pautov/rdg_ssl_fixes 
RDG related fixes for better compatibility with mstsc
 2018-05-03 10:23:12 +02:00
akallabeth
2215071b23
Merge pull request #4576 from ccpp/bugfix-rdg-poll 
Fix polling in RDG
 2018-05-02 17:59:10 +02:00
Kyle Evans
f8c391876f Pull in the LibreSSL compatibility patches from FreeBSD 2018-05-01 08:43:36 -05:00
Pavel Pautov
c60388954b Remove some unused functions. 2018-04-25 18:36:16 -07:00
Pavel Pautov
32505fda13 Apply "authentication level" RDP property only to non-RDG connections (as mstsc does). 2018-04-25 18:12:23 -07:00
Pavel Pautov
3a8d721bb9 Don't use CertificateName setting for RDG connections. 2018-04-25 18:12:23 -07:00
Christian Plattner
8956898364 Revert useless part of the bugfix 
This reverts commit 589d2ec62a.

https://github.com/FreeRDP/FreeRDP/pull/4576#pullrequestreview-113378805
 2018-04-24 16:20:42 +02:00
Christian Plattner
589d2ec62a Fix timeout for polling (partly fixes #3602) 2018-04-18 10:38:42 +02:00
Martin Fleisz
b8599b08f2
Merge pull request #4364 from akallabeth/gateway_refactor 
Gateway refactor
 2018-02-13 13:48:45 +01:00
Armin Novak
0fc19e5590 Functions static where appropriate. 2018-01-19 10:59:10 +01:00
Armin Novak
dc3d536398 Changed length arguments and return to size_t 2018-01-17 08:14:06 +01:00
Martin Fleisz
80a49f46dc
Merge pull request #4320 from ondrejholy/coverity-fixes 
Coverity Scan fixes
 2017-12-20 14:17:20 +01:00
Ondrej Holy
9f5d0d4c4d crypto: Improve PER OID calculations 
"(oid[0] << 4) & (oid[1] & 0x0F)" statement is always 0. It is not
problem currently because the only OID which is written by this
function should have 0 there. The function to read/write are pretty
limited anyway and can't work properly with all kind of OIDs. Maybe
it would be better to hardcode the OID there without decoding
and encoding. But those functions are already there so let's improve
them a bit according the spec and warn about limited set of
supported OIDs.

See:
https://msdn.microsoft.com/en-us/library/windows/desktop/bb540809
 2017-12-19 14:42:06 +01:00
Armin Novak
7305828122 Fix #4239: Various memory leaks 
* Fixed all tests, now can be run with -DWITH_ADDRESS_SANITIZER=ON compiled.
* Enabled address sanitizer for nightly builds.
 2017-12-12 11:40:48 +01:00