libfreerdp-auth: move authentication code out of libfreerdp-core
This commit is contained in:
parent
b8882a8ad2
commit
8cab067498
@ -163,6 +163,7 @@ add_subdirectory(libfreerdp-rail)
|
||||
add_subdirectory(libfreerdp-cache)
|
||||
add_subdirectory(libfreerdp-codec)
|
||||
add_subdirectory(libfreerdp-crypto)
|
||||
add_subdirectory(libfreerdp-auth)
|
||||
add_subdirectory(libfreerdp-channels)
|
||||
add_subdirectory(libfreerdp-core)
|
||||
|
||||
@ -189,3 +190,4 @@ string(TOLOWER ${CMAKE_PROJECT_NAME} CMAKE_PROJECT_NAME_lower)
|
||||
set(CPACK_SOURCE_PACKAGE_FILE_NAME "${CMAKE_PROJECT_NAME_lower}-${FREERDP_VERSION_FULL}")
|
||||
|
||||
include(CPack)
|
||||
|
||||
|
@ -26,8 +26,7 @@ typedef struct rdp_credssp rdpCredssp;
|
||||
#include <freerdp/crypto/ber.h>
|
||||
#include <freerdp/crypto/crypto.h>
|
||||
|
||||
#include "transport.h"
|
||||
#include <freerdp/settings.h>
|
||||
#include <freerdp/freerdp.h>
|
||||
#include <freerdp/utils/blob.h>
|
||||
#include <freerdp/utils/memory.h>
|
||||
#include <freerdp/utils/stream.h>
|
||||
@ -37,16 +36,17 @@ typedef struct rdp_credssp rdpCredssp;
|
||||
|
||||
struct rdp_credssp
|
||||
{
|
||||
rdpTls* tls;
|
||||
freerdp* instance;
|
||||
boolean server;
|
||||
rdpBlob negoToken;
|
||||
rdpBlob pubKeyAuth;
|
||||
rdpBlob authInfo;
|
||||
int send_seq_num;
|
||||
rdpBlob ts_credentials;
|
||||
rdpSettings* settings;
|
||||
CryptoRc4 rc4_seal_state;
|
||||
struct _NTLMSSP *ntlmssp;
|
||||
struct rdp_transport* transport;
|
||||
rdpSettings* settings;
|
||||
};
|
||||
|
||||
int credssp_authenticate(rdpCredssp* credssp);
|
||||
@ -62,7 +62,7 @@ void credssp_encode_ts_credentials(rdpCredssp* credssp);
|
||||
void credssp_current_time(uint8* timestamp);
|
||||
void credssp_rc4k(uint8* key, int length, uint8* plaintext, uint8* ciphertext);
|
||||
|
||||
rdpCredssp* credssp_new(rdpTransport* transport);
|
||||
rdpCredssp* credssp_new(freerdp* instance, rdpTls* tls, rdpSettings* settings);
|
||||
void credssp_free(rdpCredssp* credssp);
|
||||
|
||||
#endif /* __CREDSSP_H */
|
@ -35,6 +35,7 @@ typedef struct rdp_freerdp_peer freerdp_peer;
|
||||
#include <freerdp/types.h>
|
||||
#include <freerdp/settings.h>
|
||||
#include <freerdp/extension.h>
|
||||
#include <freerdp/utils/stream.h>
|
||||
|
||||
#include <freerdp/input.h>
|
||||
#include <freerdp/update.h>
|
||||
@ -109,6 +110,12 @@ FREERDP_API boolean freerdp_disconnect(freerdp* instance);
|
||||
FREERDP_API boolean freerdp_get_fds(freerdp* instance, void** rfds, int* rcount, void** wfds, int* wcount);
|
||||
FREERDP_API boolean freerdp_check_fds(freerdp* instance);
|
||||
|
||||
FREERDP_API int freerdp_transport_read(freerdp* instance, STREAM* s);
|
||||
FREERDP_API int freerdp_transport_write(freerdp* instance, STREAM* s);
|
||||
|
||||
FREERDP_API STREAM* freerdp_transport_recv_stream_init(freerdp* instance, int size);
|
||||
FREERDP_API STREAM* freerdp_transport_send_stream_init(freerdp* instance, int size);
|
||||
|
||||
FREERDP_API void freerdp_send_keep_alive(freerdp* instance);
|
||||
FREERDP_API uint32 freerdp_error_info(freerdp* instance);
|
||||
|
||||
|
32
libfreerdp-auth/CMakeLists.txt
Normal file
32
libfreerdp-auth/CMakeLists.txt
Normal file
@ -0,0 +1,32 @@
|
||||
# FreeRDP: A Remote Desktop Protocol Client
|
||||
# libfreerdp-auth cmake build script
|
||||
#
|
||||
# Copyright 2011 O.S. Systems Software Ltda.
|
||||
# Copyright 2011 Otavio Salvador <otavio@ossystems.com.br>
|
||||
# Copyright 2011 Marc-Andre Moreau <marcandre.moreau@gmail.com>
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
set(FREERDP_AUTH_SRCS
|
||||
credssp.c
|
||||
ntlmssp.c)
|
||||
|
||||
add_library(freerdp-auth ${FREERDP_AUTH_SRCS})
|
||||
|
||||
set_target_properties(freerdp-auth PROPERTIES VERSION ${FREERDP_VERSION_FULL} SOVERSION ${FREERDP_VERSION} PREFIX "lib")
|
||||
|
||||
target_link_libraries(freerdp-auth freerdp-utils)
|
||||
target_link_libraries(freerdp-auth freerdp-crypto)
|
||||
|
||||
install(TARGETS freerdp-auth DESTINATION ${CMAKE_INSTALL_LIBDIR})
|
||||
|
@ -22,9 +22,10 @@
|
||||
#endif
|
||||
|
||||
#include <time.h>
|
||||
#include "ntlmssp.h"
|
||||
#include <freerdp/auth/ntlmssp.h>
|
||||
|
||||
#include <freerdp/auth/credssp.h>
|
||||
|
||||
#include "credssp.h"
|
||||
/**
|
||||
* TSRequest ::= SEQUENCE {
|
||||
* version [0] INTEGER,
|
||||
@ -76,7 +77,7 @@ int credssp_ntlmssp_client_init(rdpCredssp* credssp)
|
||||
{
|
||||
freerdp* instance;
|
||||
NTLMSSP* ntlmssp = credssp->ntlmssp;
|
||||
rdpSettings* settings = credssp->transport->settings;
|
||||
rdpSettings* settings = credssp->settings;
|
||||
instance = (freerdp*) settings->instance;
|
||||
|
||||
if ((settings->password == NULL) || (settings->username == NULL))
|
||||
@ -266,7 +267,7 @@ void credssp_encrypt_public_key(rdpCredssp* credssp, rdpBlob* d)
|
||||
uint8 signature[16];
|
||||
rdpBlob encrypted_public_key;
|
||||
NTLMSSP *ntlmssp = credssp->ntlmssp;
|
||||
tls = credssp->transport->tls;
|
||||
tls = credssp->tls;
|
||||
|
||||
freerdp_blob_alloc(d, tls->public_key.length + 16);
|
||||
ntlmssp_encrypt_message(ntlmssp, &tls->public_key, &encrypted_public_key, signature);
|
||||
@ -305,7 +306,7 @@ int credssp_verify_public_key(rdpCredssp* credssp, rdpBlob* d)
|
||||
uint8* signature;
|
||||
rdpBlob public_key;
|
||||
rdpBlob encrypted_public_key;
|
||||
rdpTls* tls = credssp->transport->tls;
|
||||
rdpTls* tls = credssp->tls;
|
||||
|
||||
signature = d->data;
|
||||
encrypted_public_key.data = (void*) (signature + 16);
|
||||
@ -572,7 +573,7 @@ void credssp_send(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rd
|
||||
ber_write_octet_string(s, pubKeyAuth->data, length);
|
||||
}
|
||||
|
||||
transport_write(credssp->transport, s);
|
||||
freerdp_transport_write(credssp->instance, s);
|
||||
stream_free(s);
|
||||
}
|
||||
|
||||
@ -592,8 +593,8 @@ int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdp
|
||||
int status;
|
||||
uint32 version;
|
||||
|
||||
s = transport_recv_stream_init(credssp->transport, 2048);
|
||||
status = transport_read(credssp->transport, s);
|
||||
s = freerdp_transport_recv_stream_init(credssp->instance, 2048);
|
||||
status = freerdp_transport_read(credssp->instance, s);
|
||||
|
||||
if (status < 0)
|
||||
return -1;
|
||||
@ -677,7 +678,7 @@ void credssp_current_time(uint8* timestamp)
|
||||
* @return new CredSSP state machine.
|
||||
*/
|
||||
|
||||
rdpCredssp* credssp_new(rdpTransport* transport)
|
||||
rdpCredssp* credssp_new(freerdp* instance, rdpTls* tls, rdpSettings* settings)
|
||||
{
|
||||
rdpCredssp* credssp;
|
||||
|
||||
@ -685,11 +686,12 @@ rdpCredssp* credssp_new(rdpTransport* transport)
|
||||
|
||||
if (credssp != NULL)
|
||||
{
|
||||
credssp->transport = transport;
|
||||
credssp->send_seq_num = 0;
|
||||
credssp->settings = transport->settings;
|
||||
credssp->instance = instance;
|
||||
credssp->settings = settings;
|
||||
credssp->server = settings->server_mode;
|
||||
credssp->tls = tls;
|
||||
|
||||
credssp->server = credssp->settings->server_mode;
|
||||
credssp->send_seq_num = 0;
|
||||
|
||||
if (credssp->server)
|
||||
credssp->ntlmssp = ntlmssp_server_new();
|
@ -25,9 +25,9 @@
|
||||
#include <openssl/engine.h>
|
||||
#include <freerdp/utils/memory.h>
|
||||
|
||||
#include "credssp.h"
|
||||
#include <freerdp/auth/credssp.h>
|
||||
|
||||
#include "ntlmssp.h"
|
||||
#include <freerdp/auth/ntlmssp.h>
|
||||
|
||||
#define NTLMSSP_NEGOTIATE_56 0x80000000 /* W (0) */
|
||||
#define NTLMSSP_NEGOTIATE_KEY_EXCH 0x40000000 /* V (1) */
|
@ -36,10 +36,6 @@ set(LIBFREERDP_CORE_SRCS
|
||||
info.h
|
||||
input.c
|
||||
input.h
|
||||
credssp.c
|
||||
credssp.h
|
||||
ntlmssp.c
|
||||
ntlmssp.h
|
||||
license.c
|
||||
license.h
|
||||
errinfo.c
|
||||
@ -101,6 +97,7 @@ endif()
|
||||
target_link_libraries(freerdp-core freerdp-utils)
|
||||
target_link_libraries(freerdp-core freerdp-codec)
|
||||
target_link_libraries(freerdp-core freerdp-crypto)
|
||||
target_link_libraries(freerdp-core freerdp-auth)
|
||||
|
||||
install(TARGETS freerdp-core DESTINATION ${CMAKE_INSTALL_LIBDIR})
|
||||
|
||||
|
@ -127,6 +127,26 @@ boolean freerdp_check_fds(freerdp* instance)
|
||||
return true;
|
||||
}
|
||||
|
||||
int freerdp_transport_read(freerdp* instance, STREAM* s)
|
||||
{
|
||||
return transport_read(instance->context->rdp->transport, s);
|
||||
}
|
||||
|
||||
int freerdp_transport_write(freerdp* instance, STREAM* s)
|
||||
{
|
||||
return transport_write(instance->context->rdp->transport, s);
|
||||
}
|
||||
|
||||
STREAM* freerdp_transport_recv_stream_init(freerdp* instance, int size)
|
||||
{
|
||||
return transport_recv_stream_init(instance->context->rdp->transport, size);
|
||||
}
|
||||
|
||||
STREAM* freerdp_transport_send_stream_init(freerdp* instance, int size)
|
||||
{
|
||||
return transport_send_stream_init(instance->context->rdp->transport, size);
|
||||
}
|
||||
|
||||
void freerdp_send_keep_alive(freerdp* instance)
|
||||
{
|
||||
input_send_synchronize_event(instance->context->rdp->input, 0);
|
||||
|
@ -26,6 +26,8 @@
|
||||
#include <freerdp/utils/memory.h>
|
||||
#include <freerdp/utils/hexdump.h>
|
||||
|
||||
#include <freerdp/auth/credssp.h>
|
||||
|
||||
#include <time.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
@ -37,7 +39,6 @@
|
||||
|
||||
#include "tpkt.h"
|
||||
#include "fastpath.h"
|
||||
#include "credssp.h"
|
||||
#include "transport.h"
|
||||
|
||||
#define BUFFER_SIZE 16384
|
||||
@ -99,6 +100,9 @@ boolean transport_connect_tls(rdpTransport* transport)
|
||||
|
||||
boolean transport_connect_nla(rdpTransport* transport)
|
||||
{
|
||||
freerdp* instance;
|
||||
rdpSettings* settings;
|
||||
|
||||
if (transport->tls == NULL)
|
||||
transport->tls = tls_new(transport->settings);
|
||||
|
||||
@ -113,8 +117,11 @@ boolean transport_connect_nla(rdpTransport* transport)
|
||||
if (transport->settings->authentication != true)
|
||||
return true;
|
||||
|
||||
settings = transport->settings;
|
||||
instance = (freerdp*) settings->instance;
|
||||
|
||||
if (transport->credssp == NULL)
|
||||
transport->credssp = credssp_new(transport);
|
||||
transport->credssp = credssp_new(instance, transport->tls, settings);
|
||||
|
||||
if (credssp_authenticate(transport->credssp) < 0)
|
||||
{
|
||||
@ -153,6 +160,9 @@ boolean transport_accept_tls(rdpTransport* transport)
|
||||
|
||||
boolean transport_accept_nla(rdpTransport* transport)
|
||||
{
|
||||
freerdp* instance;
|
||||
rdpSettings* settings;
|
||||
|
||||
if (transport->tls == NULL)
|
||||
transport->tls = tls_new(transport->settings);
|
||||
|
||||
@ -167,8 +177,11 @@ boolean transport_accept_nla(rdpTransport* transport)
|
||||
if (transport->settings->authentication != true)
|
||||
return true;
|
||||
|
||||
settings = transport->settings;
|
||||
instance = (freerdp*) settings->instance;
|
||||
|
||||
if (transport->credssp == NULL)
|
||||
transport->credssp = credssp_new(transport);
|
||||
transport->credssp = credssp_new(instance, transport->tls, settings);
|
||||
|
||||
if (credssp_authenticate(transport->credssp) < 0)
|
||||
{
|
||||
|
@ -31,8 +31,7 @@ typedef struct rdp_transport rdpTransport;
|
||||
|
||||
#include "tcp.h"
|
||||
#include <freerdp/crypto/tls.h>
|
||||
|
||||
#include "credssp.h"
|
||||
#include <freerdp/auth/credssp.h>
|
||||
|
||||
#include <time.h>
|
||||
#include <freerdp/types.h>
|
||||
|
@ -28,6 +28,7 @@ add_library(freerdp-crypto ${FREERDP_CRYPTO_SRCS})
|
||||
|
||||
set_target_properties(freerdp-crypto PROPERTIES VERSION ${FREERDP_VERSION_FULL} SOVERSION ${FREERDP_VERSION} PREFIX "lib")
|
||||
|
||||
target_link_libraries(freerdp-crypto freerdp-utils)
|
||||
target_link_libraries(freerdp-crypto ${OPENSSL_LIBRARIES})
|
||||
|
||||
install(TARGETS freerdp-crypto DESTINATION ${CMAKE_INSTALL_LIBDIR})
|
||||
|
Loading…
Reference in New Issue
Block a user