mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f96a46acd5
FreeRDP/libfreerdp/crypto
History
Brent Collins d98b88642b Add new command-line option to force xfreerdp into a fips compliant mode. 
This option will ensure that NLA is disabled(since NTLM uses weak crypto algorithms), FIPS
encryption is enabled, and ensure fips mode is enabled for openssl.

Selectively override specific uses of MD5/RC4 with new API calls specifically tailored to override FIPS.

Add comments on why overriding the use of these algorithms under FIPS is acceptable for the locations where overrides happen.

Remove check of server proprietary certificate which was already being ignore to avoid use of MD5.

Initialize winpr openssl earlier to ensure fips mode is set before starting using any crypto algorithms.
2017-11-17 12:43:06 +01:00
..
test First shot on fixing over linking 2016-03-29 18:14:34 +02:00
base64.c Ensure output of crypto_base64_decode is NULL terminated. 2015-08-27 09:34:33 +02:00
ber.c core: Add support for CredSSP version 3 2016-03-18 13:32:13 +01:00
certificate.c Fixed certificate check return. 2017-07-28 08:35:41 +02:00
CMakeLists.txt Support for OpenSSL 1.1.0 2016-11-24 17:50:09 +01:00
crypto.c Fix build with LibreSSL 2017-07-26 17:12:14 +03:00
der.c freerdp: purge deprecated stream utils 2013-05-08 16:09:16 -04:00
er.c Fixed issues found with clang-analyzer 2013-09-05 12:14:33 +02:00
opensslcompat.c Support LibreSSL 2017-03-19 13:58:24 -07:00
opensslcompat.h Fixed use of reserved keywords for include guards. 2017-07-20 09:35:41 +02:00
per.c Modified per_read_integer to handle a length of 0 (which is seen when older RDP clients connect to the FreeRDP server) 2014-09-16 23:15:34 -04:00
tls.c Add new command-line option to force xfreerdp into a fips compliant mode. 2017-11-17 12:43:06 +01:00