Use a consistent style of returning a new STREAM object from functions
that output data, rather than requiring an existing structure to be
passed in. This generally makes the memory management more straight
forward and allows us to do more proper bounds checking of everything.
This also adds some new STREAM macros to make it easier to manage
them without poking around in the internal structure.
Make sure the buffer handling is a bit more sane so we can verify
offsets and boundaries. Also adds some more helper macros to shuffle
data between two different STREAM instead of trying to poke around
in the internals.
We don't know when the caller might be done with a stream, so we
can end up with code overwriting things in a stream that is in use
elsewhere.
Solve the issue by returning a new stream each time and leave it
up to the callers to free it.
Make them more match in_uint8a and in_uint8p in that one copies and
the other just gives you a pointer and it is up to the caller how
to fill it in. This can be useful when other APIs are used to
generate the data as it avoids a temporary buffer.
Avoids mistakes by making sure everyone allocates these the same
way.
The smart card code still has manual allocation because it has it's
own magical memory management.
This macro checks if a pointer is valid _after_ we've already used
that pointer. So it will only trigger if we're already performed some
for of buffer overflow. As such, it provides little to no value and
can only server to encourage broken behaviour.
Let's remove it and replace it with proper bounds checking before
access instead.
It upsets the compiler warnings when you do strncpy() with the
source buffer size as the limit. It is also unnecessary to use
strncpy() here as we just allocated a buffer guaranteed to be
large enough.
Certificates initialized with gnutls_x509_crt_init() must be freed with
gnutls_x509_crt_deinit().
Memory allocated with malloc() should be freed with free() not
gnutls_free().
The entire device redirection framework is documented to use 64-bit
offsets rather than 32-bit offsets. This should fix any problems
transfering large files with rdesktop.
Co-Authored-By: gpatel-fr <44170243+gpatel-fr@users.noreply.github.com>
- Break out code from tcp.c into utils.c for handling
of adding certificate exceptions
- Add clarifications why a certificate is untrusted
- Add simplified certificate view with fingerprints for
review.
We accidentally just changed the pointer rather than copying the
cookie in to our freshly allocated buffer. This caused problems
after 74b2129e as we started freeing the stream buffers on
disconnect.
Reafctored public key check from libtasn_read_cert_pk_parameters()
into its own function libtasn_cert_pk_oid(). The make use of it
instead of gnutls_x509_crt_get_pk_oid().
Verify the certificate from the peer against the system’s default
trusted CAs. If certificate fails the verification a fallback to
use the certificate cache is used.
The certificate cache is used to give the user the option to add
exceptions for invalid certificates. For example; self-signed
certificates etc.