morgan/FreeRDP
1
0
Fork 0
mirror of https://github.com/morgan9e/FreeRDP synced 2026-04-14 08:24:16 +09:00
Code Issues Packages Projects Releases Wiki Activity

[core,settings] unify identity from settings

Browse Source
This commit is contained in:
Armin Novak
2023-04-04 17:04:30 +02:00
committed by akallabeth
parent 9b498efa79
commit f8e8764ea8
6 changed files with 112 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
libfreerdp/core/gateway/ncacn_http.c
View File

@@ -27,6 +27,7 @@
#include <winpr/dsparse.h>
#include "../utils.h"
#include "../settings.h"
#define TAG FREERDP_TAG("core.gateway.ntlm")
@@ -176,8 +177,8 @@ BOOL rpc_ncacn_http_auth_init(rdpContext* context, RpcChannel* channel)
if (!credssp_auth_init(auth, AUTH_PKG, tls->Bindings))
return FALSE;
if (sspi_SetAuthIdentityA(&identity, settings->GatewayUsername, settings->GatewayDomain,
settings->GatewayPassword) < 0)
if (!identity_set_from_settings(&identity, settings, FreeRDP_GatewayUsername,
FreeRDP_GatewayDomain, FreeRDP_GatewayPassword))
return FALSE;
const BOOL res =

26
libfreerdp/core/gateway/rdg.c
View File

@@ -40,6 +40,7 @@
#include "../../crypto/opensslcompat.h"
#include "rpc_fault.h"
#include "../utils.h"
#include "../settings.h"
#define TAG FREERDP_TAG("core.gateway.rdg")
@@ -1708,31 +1709,18 @@ static BOOL rdg_auth_init(rdpRdg* rdg, rdpTls* tls, TCHAR* authPkg)
return FALSE;
}
#ifdef _WIN32
if (doSCLogon)
{
CERT_CREDENTIAL_INFO certInfo = { sizeof(CERT_CREDENTIAL_INFO), { 0 } };
LPSTR marshalledCredentials;
memcpy(certInfo.rgbHashOfCert, rdg->smartcard->sha1Hash, sizeof(certInfo.rgbHashOfCert));
if (!CredMarshalCredentialA(CertCredential, &certInfo, &marshalledCredentials))
{
WLog_ERR(TAG, "error marshaling cert credentials");
if (!identity_set_from_smartcard_hash(&identity, settings, FreeRDP_GatewayUsername,
FreeRDP_GatewayDomain, FreeRDP_GatewayPassword,
rdg->smartcard->sha1Hash,
sizeof(rdg->smartcard->sha1Hash)))
return FALSE;
}
if (sspi_SetAuthIdentityA(&identity, marshalledCredentials, NULL,
settings->GatewayPassword) < 0)
return FALSE;
CredFree(marshalledCredentials);
}
else
#endif
{
if (sspi_SetAuthIdentityA(&identity, settings->GatewayUsername, settings->GatewayDomain,
settings->GatewayPassword) < 0)
if (!identity_set_from_settings(&identity, settings, FreeRDP_GatewayUsername,
FreeRDP_GatewayDomain, FreeRDP_GatewayPassword))
return FALSE;
}

5
libfreerdp/core/gateway/rpc_bind.c
View File

@@ -30,6 +30,7 @@
#include "rpc_bind.h"
#include "../utils.h"
#include "../settings.h"
#define TAG FREERDP_TAG("core.gateway.rpc")
@@ -150,8 +151,8 @@ static int rpc_bind_setup(rdpRpc* rpc)
if (!credssp_auth_init(rpc->auth, AUTH_PKG, NULL))
return -1;
if (sspi_SetAuthIdentityA(&identity, settings->GatewayUsername, settings->GatewayDomain,
settings->GatewayPassword) < 0)
if (!identity_set_from_settings(&identity, settings, FreeRDP_GatewayUsername,
FreeRDP_GatewayDomain, FreeRDP_GatewayPassword))
return -1;
if (!credssp_auth_setup_client(rpc->auth, NULL, settings->GatewayHostname, &identity, NULL))

88
libfreerdp/core/nla.c
View File

@@ -46,6 +46,7 @@
#include "utils.h"
#include "credssp_auth.h"
#include <freerdp/utils/smartcardlogon.h>
#include "settings.h"
#define TAG FREERDP_TAG("core.nla")
@@ -270,52 +271,6 @@ out:
return ret;
}
static void zfree(WCHAR* str, size_t len)
{
if (str)
memset(str, 0, len * sizeof(WCHAR));
free(str);
}
static BOOL nla_set_identity_from_settings_with_pwd(rdpNla* nla, const rdpSettings* settings,
size_t UserId, size_t DomainId,
const WCHAR* Password, size_t pwdLen)
{
WINPR_ASSERT(nla);
WINPR_ASSERT(settings);
size_t UserLen = 0;
size_t DomainLen = 0;
WCHAR* Username = freerdp_settings_get_string_as_utf16(settings, UserId, &UserLen);
WCHAR* Domain = freerdp_settings_get_string_as_utf16(settings, DomainId, &DomainLen);
sspi_FreeAuthIdentity(nla->identity);
const int rc = sspi_SetAuthIdentityWithLengthW(nla->identity, Username, UserLen, Domain,
DomainLen, Password, pwdLen);
zfree(Username, UserLen);
zfree(Domain, DomainLen);
if (rc < 0)
return FALSE;
return TRUE;
}
static BOOL nla_set_identity_from_settings(rdpNla* nla, const rdpSettings* settings, size_t UserId,
size_t DomainId, size_t PwdId)
{
WINPR_ASSERT(nla);
WINPR_ASSERT(settings);
size_t PwdLen = 0;
WCHAR* Password = freerdp_settings_get_string_as_utf16(settings, PwdId, &PwdLen);
const BOOL rc =
nla_set_identity_from_settings_with_pwd(nla, settings, UserId, DomainId, Password, PwdLen);
zfree(Password, PwdLen);
return rc;
}
static BOOL nla_client_setup_identity(rdpNla* nla)
{
BOOL PromptPassword = FALSE;
@@ -402,33 +357,10 @@ static BOOL nla_client_setup_identity(rdpNla* nla)
return FALSE;
}
#ifdef _WIN32
CERT_CREDENTIAL_INFO certInfo = { sizeof(CERT_CREDENTIAL_INFO), { 0 } };
LPWSTR marshalledCredentials = NULL;
memcpy(certInfo.rgbHashOfCert, nla->certSha1, sizeof(certInfo.rgbHashOfCert));
if (!CredMarshalCredentialW(CertCredential, &certInfo, &marshalledCredentials))
{
WLog_ERR(TAG, "error marshalling cert credentials");
if (!identity_set_from_smartcard_hash(nla->identity, settings, FreeRDP_Username,
FreeRDP_Domain, FreeRDP_Password, nla->certSha1,
sizeof(nla->certSha1)))
return FALSE;
}
size_t pwdLen = 0;
WCHAR* Password = freerdp_settings_get_string_as_utf16(settings, FreeRDP_Password, &pwdLen);
const int rc = sspi_SetAuthIdentityWithLengthW(nla->identity, marshalledCredentials,
_wcslen(marshalledCredentials), NULL, 0,
Password, pwdLen);
zfree(Password, pwdLen);
CredFree(marshalledCredentials);
if (rc < 0)
return FALSE;
#else
if (!nla_set_identity_from_settings(nla, settings, FreeRDP_Username, FreeRDP_Domain,
FreeRDP_Password))
return FALSE;
#endif /* _WIN32 */
}
else
{
@@ -436,8 +368,8 @@ static BOOL nla_client_setup_identity(rdpNla* nla)
if (settings->RedirectionPassword && (settings->RedirectionPasswordLength > 0))
{
if (!nla_set_identity_from_settings_with_pwd(
nla, settings, FreeRDP_Username, FreeRDP_Domain,
if (!identity_set_from_settings_with_pwd(
nla->identity, settings, FreeRDP_Username, FreeRDP_Domain,
(const WCHAR*)settings->RedirectionPassword,
settings->RedirectionPasswordLength / sizeof(WCHAR)))
return FALSE;
@@ -449,8 +381,8 @@ static BOOL nla_client_setup_identity(rdpNla* nla)
{
if (settings->PasswordHash && strlen(settings->PasswordHash) == 32)
{
if (!nla_set_identity_from_settings(nla, settings, FreeRDP_Username, FreeRDP_Domain,
FreeRDP_PasswordHash))
if (!identity_set_from_settings(nla->identity, settings, FreeRDP_Username,
FreeRDP_Domain, FreeRDP_PasswordHash))
return FALSE;
/**
@@ -465,8 +397,8 @@ static BOOL nla_client_setup_identity(rdpNla* nla)
if (usePassword)
{
if (!nla_set_identity_from_settings(nla, settings, FreeRDP_Username, FreeRDP_Domain,
FreeRDP_Password))
if (!identity_set_from_settings(nla->identity, settings, FreeRDP_Username,
FreeRDP_Domain, FreeRDP_Password))
return FALSE;
}
}

76
libfreerdp/core/settings.c
View File

@@ -1140,3 +1140,79 @@ out_fail:
#ifdef _MSC_VER
#pragma warning(pop)
#endif
static void zfree(WCHAR* str, size_t len)
{
if (str)
memset(str, 0, len * sizeof(WCHAR));
free(str);
}
BOOL identity_set_from_settings_with_pwd(SEC_WINNT_AUTH_IDENTITY* identity,
const rdpSettings* settings, size_t UserId,
size_t DomainId, const WCHAR* Password, size_t pwdLen)
{
WINPR_ASSERT(identity);
WINPR_ASSERT(settings);
size_t UserLen = 0;
size_t DomainLen = 0;
WCHAR* Username = freerdp_settings_get_string_as_utf16(settings, UserId, &UserLen);
WCHAR* Domain = freerdp_settings_get_string_as_utf16(settings, DomainId, &DomainLen);
const int rc = sspi_SetAuthIdentityWithLengthW(identity, Username, UserLen, Domain, DomainLen,
Password, pwdLen);
zfree(Username, UserLen);
zfree(Domain, DomainLen);
if (rc < 0)
return FALSE;
return TRUE;
}
BOOL identity_set_from_settings(SEC_WINNT_AUTH_IDENTITY_W* identity, const rdpSettings* settings,
size_t UserId, size_t DomainId, size_t PwdId)
{
WINPR_ASSERT(identity);
WINPR_ASSERT(settings);
size_t PwdLen = 0;
WCHAR* Password = freerdp_settings_get_string_as_utf16(settings, PwdId, &PwdLen);
const BOOL rc =
identity_set_from_settings_with_pwd(identity, settings, UserId, DomainId, Password, PwdLen);
zfree(Password, PwdLen);
return rc;
}
BOOL identity_set_from_smartcard_hash(SEC_WINNT_AUTH_IDENTITY_W* identity,
const rdpSettings* settings, size_t userId, size_t domainId,
size_t pwdId, const BYTE* certSha1, size_t sha1len)
{
#ifdef _WIN32
CERT_CREDENTIAL_INFO certInfo = { sizeof(CERT_CREDENTIAL_INFO), { 0 } };
LPWSTR marshalledCredentials = NULL;
memcpy(certInfo.rgbHashOfCert, certSha1, MIN(sha1len, sizeof(certInfo.rgbHashOfCert)));
if (!CredMarshalCredentialW(CertCredential, &certInfo, &marshalledCredentials))
{
WLog_ERR(TAG, "error marshalling cert credentials");
return FALSE;
}
size_t pwdLen = 0;
WCHAR* Password = freerdp_settings_get_string_as_utf16(settings, pwdId, &pwdLen);
const int rc = sspi_SetAuthIdentityWithLengthW(
identity, marshalledCredentials, _wcslen(marshalledCredentials), NULL, 0, Password, pwdLen);
zfree(Password, pwdLen);
CredFree(marshalledCredentials);
if (rc < 0)
return FALSE;
#else
if (!identity_set_from_settings(identity, settings, userId, domainId, pwdId))
return FALSE;
#endif /* _WIN32 */
}

13
libfreerdp/core/settings.h
View File

@@ -22,6 +22,7 @@
#define FREERDP_LIB_CORE_SETTINGS_H
#include <winpr/string.h>
#include <winpr/sspi.h>
#include <freerdp/config.h>
@@ -40,4 +41,16 @@ FREERDP_LOCAL BOOL freerdp_settings_set_string_copy_(rdpSettings* settings, size
const char* val, size_t len, BOOL cleanup);
FREERDP_LOCAL BOOL freerdp_capability_buffer_allocate(rdpSettings* settings, UINT32 count);
FREERDP_LOCAL BOOL identity_set_from_settings_with_pwd(SEC_WINNT_AUTH_IDENTITY_W* identity,
const rdpSettings* settings, size_t UserId,
size_t DomainId, const WCHAR* Password,
size_t pwdLen);
FREERDP_LOCAL BOOL identity_set_from_settings(SEC_WINNT_AUTH_IDENTITY_W* identity,
const rdpSettings* settings, size_t UserId,
size_t DomainId, size_t PwdId);
FREERDP_LOCAL BOOL identity_set_from_smartcard_hash(SEC_WINNT_AUTH_IDENTITY_W* identity,
const rdpSettings* settings, size_t userId,
size_t domainId, size_t pwdId,
const BYTE* certSha1, size_t sha1len);
#endif /* FREERDP_LIB_CORE_SETTINGS_H */