mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #2919 from realjiangms/fix_allow_empty_password

Browse Source 
Sec/NLA: Support passwordless (blank password) login with NLA.
This commit is contained in:
Marc-André Moreau 2015-10-13 10:40:28 -04:00
commit 863939fd58
3 changed files with 28 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
libfreerdp/core/nla.c
View File

@ -33,6 +33,7 @@
#include <freerdp/crypto/tls.h> #include <freerdp/crypto/tls.h>
#include <winpr/crt.h> #include <winpr/crt.h>
#include <winpr/sam.h>
#include <winpr/sspi.h> #include <winpr/sspi.h>
#include <winpr/print.h> #include <winpr/print.h>
#include <winpr/tchar.h> #include <winpr/tchar.h>
@ -144,6 +145,8 @@ int nla_client_init(rdpNla* nla)
BOOL PromptPassword = FALSE; BOOL PromptPassword = FALSE;
freerdp* instance = nla->instance; freerdp* instance = nla->instance;
rdpSettings* settings = nla->settings; rdpSettings* settings = nla->settings;
WINPR_SAM* sam;
WINPR_SAM_ENTRY* entry;
nla->state = NLA_STATE_INITIAL; nla->state = NLA_STATE_INITIAL;
@ -151,11 +154,33 @@ int nla_client_init(rdpNla* nla)
settings->DisableCredentialsDelegation = TRUE; settings->DisableCredentialsDelegation = TRUE;
if ((!settings->Password) || (!settings->Username) if ((!settings->Password) || (!settings->Username)
|| (!strlen(settings->Password)) || (!strlen(settings->Username))) || (!strlen(settings->Username)))
{ {
PromptPassword = TRUE; PromptPassword = TRUE;
} }
if (PromptPassword && settings->Username && strlen(settings->Username))
{
sam = SamOpen(TRUE);
if (sam)
{
entry = SamLookupUserA(sam, settings->Username, strlen(settings->Username), NULL, 0);
if (entry)
{
/**
* The user could be found in SAM database.
* Use entry in SAM database later instead of prompt
*/
PromptPassword = FALSE;
SamFreeEntry(sam, entry);
}
SamClose(sam);
}
}
#ifndef _WIN32 #ifndef _WIN32
if (PromptPassword) if (PromptPassword)
{ {

2
winpr/libwinpr/sspi/NTLM/ntlm_compute.c
View File

@ -298,7 +298,7 @@ int ntlm_compute_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2, (LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
(BYTE*) hash); (BYTE*) hash);
} }
else if (credentials->identity.PasswordLength > 0) else if (credentials->identity.Password)
{ {
NTOWFv2W((LPWSTR) credentials->identity.Password, credentials->identity.PasswordLength * 2, NTOWFv2W((LPWSTR) credentials->identity.Password, credentials->identity.PasswordLength * 2,
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2, (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,

2
winpr/libwinpr/sspi/sspi_winpr.c
View File

@ -442,7 +442,7 @@ int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDEN
if (identity->PasswordLength > 256) if (identity->PasswordLength > 256)
identity->PasswordLength /= SSPI_CREDENTIALS_HASH_LENGTH_FACTOR; identity->PasswordLength /= SSPI_CREDENTIALS_HASH_LENGTH_FACTOR;
if (identity->PasswordLength > 0) if (srcIdentity->Password)
{ {
identity->Password = (UINT16*) malloc((identity->PasswordLength + 1) * sizeof(WCHAR)); identity->Password = (UINT16*) malloc((identity->PasswordLength + 1) * sizeof(WCHAR));