Commit Graph

11536 Commits

Author SHA1 Message Date
akallabeth
e3e65734e8
Merge pull request from krisztian-kovacs-balabit/use-redirection-password
Use redirection password
2017-12-20 17:01:58 +01:00
Martin Fleisz
80a49f46dc
Merge pull request from ondrejholy/coverity-fixes
Coverity Scan fixes
2017-12-20 14:17:20 +01:00
Martin Fleisz
ec027bf46c
Merge pull request from hardening/display_improvement
Dynamic resolution improvements
2017-12-20 13:43:22 +01:00
Martin Fleisz
bfe8359b5b
Merge pull request from akallabeth/test_memleak_fixes
Test memleak fixes
2017-12-20 12:38:38 +01:00
David Fort
ce89a9096e disp: improve window resizing
To workaround a bug with 2012r2 servers, don't send any resize during renegociation
and don't resize at a too high rate (every 200ms is good enough).
2017-12-19 20:59:10 +01:00
David Fort
2a6c9e1b87 Add an activated event and a Timer event
Added an event that is triggered when the activation sequence is finished.
We also define a timer event that is neat to have for regular operation.
2017-12-19 15:21:15 +01:00
Ondrej Holy
9f5d0d4c4d crypto: Improve PER OID calculations
"(oid[0] << 4) & (oid[1] & 0x0F)" statement is always 0. It is not
problem currently because the only OID which is written by this
function should have 0 there. The function to read/write are pretty
limited anyway and can't work properly with all kind of OIDs. Maybe
it would be better to hardcode the OID there without decoding
and encoding. But those functions are already there so let's improve
them a bit according the spec and warn about limited set of
supported OIDs.

See:
https://msdn.microsoft.com/en-us/library/windows/desktop/bb540809
2017-12-19 14:42:06 +01:00
akallabeth
71fd6f3116
Merge pull request from hardening/dyn_res_update
disp: implement dynamic resolution for X11
2017-12-19 13:49:02 +01:00
Ondrej Holy
4791970c09 core: Remove redundant stream position changes
Stream_Seek() is used, but consequently Stream_SetPosition() is used
for position obtained by Stream_GetPosition() immediatelly before
Stream_Seek(). Let's remove this stream position changes due to its
redundancy.
2017-12-19 13:02:55 +01:00
Ondrej Holy
e2f9a08107 tsmf: Prevent string overflow and unterminated strings
Device variable can overflow, or be unterminated. Replace strcpy
by strncpy and be sure that the string is terminated (sizeof() - 1).
2017-12-19 12:21:34 +01:00
Ondrej Holy
0389cb129e core: Fix array overrunning during FIPS keys generation
p is 20 and r is 1 in the last iteration of fips_expand_key_bits,
which means that buf[21] is read (of BYTE buf[21];). However,
the value is not needed, because it is consequently discarded by
"c & 0xfe" statement. Let's do not read buf[p + 1] when r is 1
to avoid this.
2017-12-19 10:29:16 +01:00
akallabeth
2b320ea0fc
Merge pull request from MrCsabaToth/patch-1
Docu copy-paste error fix when referring to the Android 64 bit config
2017-12-18 09:42:28 +01:00
Csaba Toth
04a626510e
Documentation copy-paste error fix when referring to the Android 64 bit config 2017-12-16 11:37:32 -08:00
akallabeth
097f8edd97
Merge pull request from bmiklautz/smartcard-cleanup
Smartcard fixes and cleanup
2017-12-14 16:56:29 +01:00
Bernhard Miklautz
36c6478627 fix client/smartcard: indentation and return value
Integrate feedback from pull request review.
2017-12-14 16:21:19 +01:00
Bernhard Miklautz
5a1c0081c5 fix smartcard: SCardStatus unicode handling
* fix StatusW_Call to rely and use SCardStatusW
* fix trace call in  StatusW_Call - needs to be called after the sizes
  are set
* unify SCardStatus functions for pcsc - let the internal function handle unicode directly

This fixes an issue with size calculations of SCardStatusW.
2017-12-14 15:46:14 +01:00
David Fort
80dab90f1a disp: implement dynamic resolution for X11
If the display channel is available we use it to allow the user to resize the
xfreerdp window. When the window is resized we announce a new monitor layout and
the server reacts by doing a reactivation sequence to the new size.
The minimum window size is limited to 300x300 as 2012 servers crash horribly
if we send them a smaller layout.
2017-12-14 15:13:11 +01:00
Martin Fleisz
5cec90c781
Merge pull request from hardening/xrandr_fix
Fix XRandr for old systems and MacOSX
2017-12-13 17:24:41 +01:00
Bernhard Miklautz
94b35cb4f7 fix channel/smartcard: leak in Connect[AW]
smartcard_Connect[AW] leaked the reader buffer in error case.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
bff9b98e67 feat winpr/smartcard: add test for SCardStatus
Add an extensive test for SCardStatus. It's not enabled per default
as it requires a reader with card to be present.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
9fc754170b fix channel/smartcard: SCardStatus
Add support for fmszReaderNamesIsNULL. Formating of the touched files
was also updated.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
bc8bdc3e54 fix channel/smartcard: compiler warnings
* remove unused variables
* remove unused jump label
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
6b691948cf refactor winpr/smartcard/pcsc: reader/group naming
The PCSC SCard implementation in winpr tried to rename reader and group
names received from PCSC to something similar to what the windows smart
card service would return.

Because of the following reasons this mapping was removed:

* reader names are not standardized
* no mapping of reader name should be required at all
* the mapping added extra complexity
* the mapping didn't produce the same names as if the reader was
  directly connected on windows (or redirected from a windows host)

In case there are situations where this is nevertheless required this
feature can simple be (re-)implemented a part of the smart card channel.

Also the formatting was fixed.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
389b7f218b feat winpr: add WINPR_UNUSED macro
WINPR_UNUSED can be used to mark intentionally unused function parameters.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
e3d45c4580 fix channel/smartcard: remove SCardAddReaderName
SCardAddReaderName isn't part of the SCard API.

Note: removing this also removes the possibility to redirect single
smartcard readers with /smartcard:READERNAME. However this features
wasn't implemented in a general way and will be re-added as part of
the smart card channel directly.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
1e6fea7fa7 fix channel/smartcard: simplify channel variables
Path was not really used and name was duplicated. Use the device->Name
directly.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
6e63c6afd9 fix channel/smartcard: remove status mappings
The state tracking/modifications (presumably thought as optimization?!) in
PCSC_SCardGetStatusChange_Internal cause a lot of applications to behave
incorrectly and/or hang. Ideally no modifications of the states should
be necessary as PCSC implements the same API as passed over the channel.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
f8a3e7acd4 fix channel/smartcard: GetStatusChange return code
In case SCardGetStatusChange returned an error the call didn't return
any data but STATUS_NO_MEMORY as the calloc failed. This caused problems
with multiple applications server side (hangs and incorrect behavior).

Now the case when no readers are returned is handed correctly and the
data is also filled and send if the call fails.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
46a7538322 fix channel/smartcard: async request handling
The smart card channel tried to mimic mstsc's behavior on if an IRP was
processed synchronously or asynchronously. As the channel uses one thread per
context it could happen, especially with PCSC, that the main
channel thread was blocked waiting for an smart card operation to
complete. To prevent that behavior only call known safe functions in the
main thread (like CreateContext) and call the rest asynchronously.

For example the channel would block if a ListReaders is invoked on
the same context where a GetStatusChange (infinite timeout)
was already pending. Only when a status change happened the channel
would continue.

Note: Due to the one context per thread design it's important that
cancel isn't queued an alway run synchronously. Otherwise a specific
context might lock.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
3dc4e283db fix channel/smartcard: return value handling
Device control calls always returned SCARD_S_SUCCESS even if an error
occurred. This caused server side software (including the card manager)
to behave incorrectly.
2017-12-13 17:04:06 +01:00
Bernhard Miklautz
99c69cde27 fix channel/smartcard: error handling
According to MS-RDPESC the smart card channel must set the IoStatus to
an NTSTATUS in case a encoding or decoding error happens. The smart card
channel did this correctly but the output stream was modified
incorrectly causing the smart card remote manager to stop in error
cases.
2017-12-13 17:04:06 +01:00
Martin Fleisz
f6b8a6eaa2
Merge pull request from akallabeth/big_endian_more
Big endian fixes
2017-12-13 09:58:14 +01:00
Martin Fleisz
6aa914363a
Merge pull request from hardening/geometry
geometry: a skeleton for the MS-RDPEGT channel
2017-12-13 09:09:33 +01:00
Armin Novak
2f35c4b158 Fixed remaining color renaming issues. 2017-12-12 11:41:43 +01:00
Armin Novak
ae2a96293b Cleanup and initialization checks. 2017-12-12 11:40:48 +01:00
Armin Novak
7305828122 Fix : Various memory leaks
* Fixed all tests, now can be run with -DWITH_ADDRESS_SANITIZER=ON compiled.
* Enabled address sanitizer for nightly builds.
2017-12-12 11:40:48 +01:00
David Fort
3b670703fb
Merge pull request from akallabeth/mac_server
Mac fixes
2017-12-12 10:40:14 +01:00
Armin Novak
0a9ef97a57 Fixed uninitialized variable. 2017-12-12 10:35:02 +01:00
David Fort
41823080f9 Fix users of Stream_GetPosition() that returns size_t 2017-12-11 22:38:58 +01:00
David Fort
a6cfd3c49a geometry: a skeleton for the MS-RDPEGT channel
The base for implementing the MS-RDPEGT client channel that allows to track window
geometry.
2017-12-08 11:26:29 +01:00
David Fort
11ee81be60 Fix XRandr for old systems and MacOSX
We need a recent enough version of XRandr to correctly detect monitor.
Also this patch adds some typo or style fixes.
2017-12-08 10:59:38 +01:00
KOVACS Krisztian
7f5f40d392 core/nla: use RedirectionPassword if set in settings
Previously, the code prompted for the password even if a RedirectionPassword
was provided.

With this change the prompt is only shown if both settins->Password and
settings->RedirectionPassword is absent.
2017-12-06 16:32:56 +01:00
KOVACS Krisztian
3c56300afa winpr/sspi: add possibility to set auth identity with Unicode password
To be able to avoid password conversion if the password is already unicode
this change adds the sspi_SetAuthIdentityWithUnicodePassword() function
that is identical to sspi_SetAuthIdentity() except that the password is
used without further conversions in the Unicode identity.
2017-12-06 16:30:57 +01:00
KOVACS Krisztian
6518e36c70 Revert "core/connection: use redirection password when reconnecting"
This reverts commit 70c65e70d1.
2017-12-06 14:58:34 +01:00
Martin Fleisz
876a7697be
Merge pull request from akallabeth/cmd_parser_hardening
Fix : Hardened command line post filter.
2017-12-05 14:40:03 +01:00
Martin Fleisz
5931fd4fe4
Merge pull request from akallabeth/shadow_fix
Shadow server crash fixes
2017-12-05 11:19:59 +01:00
Martin Fleisz
ed9a4b7d45
Merge pull request from hardening/disp_channel
Disp channel changes and improvements
2017-12-05 10:56:14 +01:00
Bernhard Miklautz
22c71c0034
Merge pull request from myfreeweb/libressl-fix-fips
Fix LibreSSL build
2017-12-02 16:09:43 +01:00
Greg V
bfe3af4c72 Fix LibreSSL build
LibreSSL does not support FIPS mode.
2017-12-01 18:34:48 +03:00
David Fort
1e48405d19 drdynvc: fix invalid check
There were a copy'n paste error in the check of a malloc.
2017-12-01 14:20:24 +01:00