The conversion from OpenSSL to GnuTLS (or GMP in this case) got
the endianness mixed up in the initial security handshake. It got
it wrong in two places though, which cancelled each other out when
X.509 certificates are used. But servers using the older system,
like Windows XP, would fail the handshake as different endianness
was then used when reading the RSA key and when using it.
Certificates initialized with gnutls_x509_crt_init() must be freed with
gnutls_x509_crt_deinit().
Memory allocated with malloc() should be freed with free() not
gnutls_free().
Reafctored public key check from libtasn_read_cert_pk_parameters()
into its own function libtasn_cert_pk_oid(). The make use of it
instead of gnutls_x509_crt_get_pk_oid().
Since v.1.1.0 the key caching has been added to OpenSSL.
After X.509 had been parsed there is no point in changing of key
algorithm as the key had already been decoded and cached result will
be returned anyway. (check crypto/x509/x_pubkey.c: X509_PUBKEY_get0())
This commit will add a logging system to solve the problem that
one actually need to recompile rdesktop from source to enable
different debug logging.
- Same logging api for all kind of logging and messages to
end user.
- Adding -v for verbose output when running rdesktop.
- All messages are logged into a subject and with a type, eg:
logger(Keyboard, Notice, "Autos-electing %s based on locale.", locale);
- Debug logging is enabled trough a environment variable RDEKSTOP_DEBUG,
which specifies subjects of interest, comma separated. There is a special
subject named All which includes all subject for debug loggin. There is also
a simple logic opeartor '!' = NOT which can be used in combination like:
RDESKTOP_DEBUG=All,!Graphics,!Sound
Which would give debug log output for All subject except Graphics and Sound.
This crash was introduced by merging OpenSSL 1.1 PR done on
commit 50b39d11. Where algor was overwritten with return value
of X509_PUBKEY_get0_param(). I also added additional error
handling for X509_get_X509_PUBKEY.
Thanks to TingPing that found this error in PR.
rdssl_ to prevent nameclashing with openssl library now
when we link against ssl library.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1665 423420c4-83ab-492f-b58f-81f9feb106b5
key and do not like direct access to epk->pkey.ptr
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1601 423420c4-83ab-492f-b58f-81f9feb106b5
client can re-connect using a cookie, instead of going through the
normal authentication. This patch saves those cookies, and uses them
during logon.
Note that this feature is currently unused. It remains to add support
for, say, detecting when the TCP connection has gone done and restart
a new one.
git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1539 423420c4-83ab-492f-b58f-81f9feb106b5