Commit Graph

112 Commits

Author SHA1 Message Date
akallabeth
5f3be98c61
[crypto,cert] fix builds with LibRESSL 2024-10-17 12:02:39 +02:00
akallabeth
343900d227
[crypto,cert] make a deep copy of the certificate chain
The parameters of freerdp_certificate_new_from_x509 are const, so only
work with a copy of the input.
2024-10-14 10:31:35 +02:00
akallabeth
e14b7a1f29
[crypto,cert] cleanup cert chain duplication/cleanup 2024-10-03 20:35:39 +02:00
akallabeth
46c1ae145c
[crypto,certificate] fix integer narrowing 2024-10-03 18:59:16 +02:00
akallabeth
a54a602dcc
[crypto,certificate] fix stackof handling 2024-10-03 18:59:14 +02:00
akallabeth
239440e28d
[warnings] remove or comment unused macros 2024-09-20 18:49:38 +02:00
akallabeth
1d33095500
[warnings] fix cert-err33-c
Fix unused return values, cast to void if on purpose
2024-08-29 10:19:27 +02:00
Armin Novak
17d44e847f
[coverity] fix various warnings 2024-08-21 09:47:34 +02:00
akallabeth
c2d30a07e9
[crypto,cert] add getter for notBefore and notAfter
Add getters for ceritificate dates notBefore and notAfter. Returns the
date as RFC822 string.
2024-08-20 12:42:46 +02:00
akallabeth
22fb6aad31
[crypto,tls] fix AcceptedKey checks
* Add freerdp_certificate_get_pem_ex to extract PEM for cert only
* Compare only certificate without certificate chain
* Store only certificate PEM without chain for later comparison
2024-08-13 07:40:07 +02:00
Martin Fleisz
7368c65240 crypto: Fix handling of cert chain in get PEM function 2024-06-17 14:48:15 +02:00
Ilya Shipitsin
25edec803b libfreerdp/crypto/certificate.c: handle malloc error 2024-04-06 07:11:14 +02:00
akallabeth
6a7c375831 [crypto,cert] add better logging of certificate read
add missing log entries for possible failures due to invalid data
received. This allows better debugging if a server sends garbage or the
crypto routines have direct RSA routine access disabled.
2024-03-07 14:59:32 +01:00
akallabeth
d7ebec5a65 [tidy] move loop variable declaration to loop 2024-02-22 12:31:50 +01:00
akallabeth
0ba995655d [clang-tidy] cppcoreguidelines-init-variables 2024-02-15 11:49:16 +01:00
akallabeth
207def5c56 [clang-tidy] readability-isolate-declaration 2024-02-15 11:49:16 +01:00
akallabeth
d5eecda8a3 [crypto,cert] log if empty certificate is read 2024-01-15 13:13:42 +01:00
Vic Lee
97ef5d09e9 [core,crypto] fix missing OpenSSL includes. 2023-12-11 08:51:59 +01:00
Armin Novak
53b65ff7bd [documentation] fix Wdocumentation warnings 2023-10-16 15:10:13 +02:00
David Fort
8a39859612 [arm] various improvements
This patch moves the ARM configuration before starting the connection process, so
that we can do some provisioning of the FreeRDP settings with the items retrieved
from Azure.
Most notably that allows us to connect directly using RDSTLS security.
2023-09-04 10:24:56 +02:00
Armin Novak
0bdb62e9b5 [libfreerdp] fix integere narrow warnings 2023-07-28 15:48:32 +02:00
akallabeth
e03b6596c6 [build] fix unused but set variable warnings 2023-06-29 18:34:51 +02:00
Armin Novak
b05eacb99e [build] fixed compilation warnings 2023-06-08 08:13:16 +02:00
Armin Novak
970f0c54e8 [stream] use const correct Stream_Pointer access 2023-06-08 08:09:33 +02:00
Armin Novak
a4c6b36a19 [build] fix memory sanitizer stack frame warnings 2023-06-07 09:14:45 +02:00
akallabeth
3f6ed5ed84 [crypto,cert] fix debug print messages 2023-05-23 08:51:18 +02:00
Armin Novak
d684acb0a3 [crypto,cert] fix update_x509_from_info for OpenSSL3
loading a RSA public key from the parameters was broken, fix with this
commit.
2023-05-17 14:06:58 +02:00
akallabeth
cba9db727d [crypto,cert] fix missing char casts 2023-05-16 09:33:35 +02:00
akallabeth
6c38e20e4e [crypto,cert] add openssl3 support 2023-04-28 08:33:06 +02:00
Armin Novak
afc29ce777 [crypto,cert] fix cert_write_server_certificate_v2 2023-04-24 10:58:01 +02:00
Armin Novak
91b0f6d444 [crypto,cert] remove too strict assert 2023-04-24 10:58:01 +02:00
Armin Novak
50ce5b834d [core,server] warn if cert not RDP security compatible 2023-03-28 17:19:03 +02:00
Armin Novak
3d8cb485f4 [warnings] Fixed strict-prototypes warnings 2023-03-06 10:04:59 +01:00
Armin Novak
e496771034 [warnings] fixed unused-variable warnings 2023-03-06 10:04:59 +01:00
akallabeth
66245e7a00 [crypto,cert] remove rsa check
the rsa keys to be checked are on the deprecation list for most SSL
libraries so the function might fail unexpectedly
2023-02-16 10:06:17 +01:00
akallabeth
8b95030f5e [cryto,cert] clean up code 2023-02-16 10:06:17 +01:00
akallabeth
a2b23a83ab [crypto,cert] only extract server certificate 2023-02-16 10:06:17 +01:00
Martin Fleisz
5f9db5a89c core: Fix pointer corruption with d2i_X509
The `d2i_X509` function manipulates the passed pointer on success. This
resulted in a corrupted `rdpCertBlob` struct, crashing later on free.
2023-02-14 09:44:10 +01:00
Armin Novak
a7dac52a42 [license] updated copyright headers 2023-02-12 20:17:11 +01:00
Armin Novak
b77be1ad61 [emu,scard] use RSA struct instead of rdpCertInfo
rdpCertInfo has the RSA key in RDP specific format. Prefer direct
extraction from certificate or key
2023-02-12 20:17:11 +01:00
Armin Novak
91370e4437 [crypto,cert] use malloc for der certificate 2023-02-12 20:17:11 +01:00
akallabeth
c306ad4c51 [crypto,cert] add RSA key check 2023-02-12 20:17:11 +01:00
akallabeth
081e187db8 [crypto] add function to determine if RSA is in use 2023-02-12 20:17:11 +01:00
akallabeth
9b51df8b10 [core,crypto] refactor certificate management
* Properly split certificate_store, certificate_data, certificate and
  private key functions to files
* Prefix all functions with freerdp_ to have a unique name
* Update certificate store to use one file per host instead of
  known_hosts2
* Merge CryptoCert and rdpCertificate
2023-02-12 20:17:11 +01:00
akallabeth
5799fb2018 Replace ConvertFromUnicode and ConvertToUnicode
* Use new ConvertUtf8ToWChar, ConvertUtf8NToWChar,
  ConvertUtf8ToWCharAlloc and ConvertUtf8NToWCharAlloc
* Use new ConvertWCharToUtf8, ConvertWCharNToUtf8,
  ConvertWCharToUtf8Alloc and ConvertWCharNToUtf8Alloc
* Use new Stream UTF16 to/from UTF8 read/write functions
* Use new settings UTF16 to/from UTF8 read/write functions
2022-11-28 10:42:36 +01:00
akallabeth
3d9c972d5c
Replace direct rdpSettings access with getter/setter (#7867)
* Replace direct rdpSettings access with getter/setter

* Fixed xf_gdi_update_screen const warning
2022-05-02 10:55:44 +02:00
akallabeth
3d38d2636c Decreased logging verbosity for INFO level 2022-03-04 09:34:02 +01:00
Armin Novak
4d03d7c0bf Freerdp remove #ifdef HAVE_CONFIG_H 2022-03-03 11:26:48 +01:00
Armin Novak
b2ad47a809 Reorganized FreeRDP headers 2022-03-03 11:26:48 +01:00
Armin Novak
103ff6a758 Fixed certificate store double free. 2021-10-06 09:49:07 +02:00