Merge pull request #2919 from realjiangms/fix_allow_empty_password

Sec/NLA: Support passwordless (blank password) login with NLA.
2015-10-13 10:40:28 -04:00 · 2015-10-13 10:40:28 -04:00 · 863939fd58
commit 863939fd58
parent 91663df6c2 a7f4685c09
3 changed files with 28 additions and 3 deletions
--- a/libfreerdp/core/nla.c
+++ b/libfreerdp/core/nla.c
@ -33,6 +33,7 @@
 #include <freerdp/crypto/tls.h>

 #include <winpr/crt.h>
+#include <winpr/sam.h>
 #include <winpr/sspi.h>
 #include <winpr/print.h>
 #include <winpr/tchar.h>
@ -144,6 +145,8 @@ int nla_client_init(rdpNla* nla)
 	BOOL PromptPassword = FALSE;
 	freerdp* instance = nla->instance;
 	rdpSettings* settings = nla->settings;
+	WINPR_SAM* sam;
+	WINPR_SAM_ENTRY* entry;

 	nla->state = NLA_STATE_INITIAL;

@ -151,11 +154,33 @@ int nla_client_init(rdpNla* nla)
 		settings->DisableCredentialsDelegation = TRUE;

 	if ((!settings->Password) || (!settings->Username)
-			|| (!strlen(settings->Password)) || (!strlen(settings->Username)))
+			|| (!strlen(settings->Username)))
 	{
 		PromptPassword = TRUE;
 	}

+	if (PromptPassword && settings->Username && strlen(settings->Username))
+	{
+		sam = SamOpen(TRUE);
+
+		if (sam)
+		{
+			entry = SamLookupUserA(sam, settings->Username, strlen(settings->Username), NULL, 0);
+
+			if (entry)
+			{
+				/**
+				 * The user could be found in SAM database.
+				 * Use entry in SAM database later instead of prompt
+				 */
+				PromptPassword = FALSE;
+				SamFreeEntry(sam, entry);
+			}
+
+			SamClose(sam);
+		}
+	}
+
 #ifndef _WIN32
 	if (PromptPassword)
 	{
--- a/winpr/libwinpr/sspi/NTLM/ntlm_compute.c
+++ b/winpr/libwinpr/sspi/NTLM/ntlm_compute.c
@ -298,7 +298,7 @@ int ntlm_compute_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
 				(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
 				(BYTE*) hash);
 	}
-	else if (credentials->identity.PasswordLength > 0)
+	else if (credentials->identity.Password)
 	{
 		NTOWFv2W((LPWSTR) credentials->identity.Password, credentials->identity.PasswordLength * 2,
 				(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
--- a/winpr/libwinpr/sspi/sspi_winpr.c
+++ b/winpr/libwinpr/sspi/sspi_winpr.c
@ -442,7 +442,7 @@ int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDEN
 	if (identity->PasswordLength > 256)
 		identity->PasswordLength /= SSPI_CREDENTIALS_HASH_LENGTH_FACTOR;

-	if (identity->PasswordLength > 0)
+	if (srcIdentity->Password)
 	{
 		identity->Password = (UINT16*) malloc((identity->PasswordLength + 1) * sizeof(WCHAR));