mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed ntlm_authenticate, split return from continue flag.

Browse Source
This commit is contained in:
Armin Novak 2018-11-12 16:29:28 +01:00
parent 4e0b4d7096
commit 90d2e42600
5 changed files with 41 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
libfreerdp/core/gateway/ncacn_http.c
View File

@ -76,7 +76,7 @@ BOOL rpc_ncacn_http_send_in_channel_request(RpcChannel* inChannel)
wStream* s;
int status;
int contentLength;
BOOL continueNeeded;
BOOL continueNeeded = FALSE;
rdpNtlm* ntlm;
HttpContext* http;
const SecBuffer* buffer;
@ -86,7 +86,10 @@ BOOL rpc_ncacn_http_send_in_channel_request(RpcChannel* inChannel)
ntlm = inChannel->ntlm;
http = inChannel->http;
continueNeeded = ntlm_authenticate(ntlm);
if (!ntlm_authenticate(ntlm, &continueNeeded))
return FALSE;
contentLength = (continueNeeded) ? 0 : 0x40000000;
buffer = ntlm_client_get_output_buffer(ntlm);
s = rpc_ntlm_http_request(http, "RPC_IN_DATA", contentLength, buffer);
@ -212,7 +215,7 @@ BOOL rpc_ncacn_http_send_out_channel_request(RpcChannel* outChannel,
BOOL rc = TRUE;
wStream* s;
int contentLength;
BOOL continueNeeded;
BOOL continueNeeded = FALSE;
rdpNtlm* ntlm;
HttpContext* http;
const SecBuffer* buffer;
@ -222,7 +225,9 @@ BOOL rpc_ncacn_http_send_out_channel_request(RpcChannel* outChannel,
ntlm = outChannel->ntlm;
http = outChannel->http;
continueNeeded = ntlm_authenticate(ntlm);
if (!ntlm_authenticate(ntlm, &continueNeeded))
return FALSE;
if (!replacement)
contentLength = (continueNeeded) ? 0 : 76;

8
libfreerdp/core/gateway/ntlm.c
View File

@ -216,7 +216,7 @@ error:
* --------------
*/
BOOL ntlm_authenticate(rdpNtlm* ntlm)
BOOL ntlm_authenticate(rdpNtlm* ntlm, BOOL* pbContinueNeeded)
{
SECURITY_STATUS status;
@ -308,7 +308,11 @@ BOOL ntlm_authenticate(rdpNtlm* ntlm)
ntlm->haveInputBuffer = TRUE;
ntlm->haveContext = TRUE;
return (status == SEC_I_CONTINUE_NEEDED) ? TRUE : FALSE;
if (pbContinueNeeded)
*pbContinueNeeded = (status == SEC_I_CONTINUE_NEEDED) ? TRUE : FALSE;
return TRUE;
}
static void ntlm_client_uninit(rdpNtlm* ntlm)

2
libfreerdp/core/gateway/ntlm.h
View File

@ -31,7 +31,7 @@ typedef struct rdp_ntlm rdpNtlm;
FREERDP_LOCAL rdpNtlm* ntlm_new(void);
FREERDP_LOCAL void ntlm_free(rdpNtlm* ntlm);
FREERDP_LOCAL BOOL ntlm_authenticate(rdpNtlm* ntlm);
FREERDP_LOCAL BOOL ntlm_authenticate(rdpNtlm* ntlm, BOOL* pbContinueNeeded);
FREERDP_LOCAL BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL confidentiality,
LPCTSTR user, LPCTSTR domain,

21
libfreerdp/core/gateway/rdg.c
View File

@ -206,9 +206,7 @@ static wStream* rdg_receive_packet(rdpRdg* rdg)
wStream* s;
const size_t header = sizeof(RdgPacketHeader);
size_t packetLength;
assert (header <= INT_MAX);
assert(header <= INT_MAX);
s = Stream_New(NULL, 1024);
if (!s)
@ -477,6 +475,7 @@ out:
static BOOL rdg_handle_ntlm_challenge(rdpNtlm* ntlm, HttpResponse* response)
{
BOOL continueNeeded = FALSE;
size_t len;
const char* token64 = NULL;
int ntlmTokenLength = 0;
@ -519,7 +518,10 @@ static BOOL rdg_handle_ntlm_challenge(rdpNtlm* ntlm, HttpResponse* response)
return FALSE;
}
return ntlm_authenticate(ntlm);
if (!ntlm_authenticate(ntlm, &continueNeeded))
return FALSE;
return continueNeeded;
}
static BOOL rdg_skip_seed_payload(rdpTls* tls, SSIZE_T lastResponseLength)
@ -759,6 +761,7 @@ static BOOL rdg_get_gateway_credentials(rdpContext* context)
static BOOL rdg_ntlm_init(rdpRdg* rdg, rdpTls* tls)
{
BOOL continueNeeded = FALSE;
rdpContext* context = rdg->context;
rdpSettings* settings = context->settings;
rdg->ntlm = ntlm_new();
@ -776,10 +779,10 @@ static BOOL rdg_ntlm_init(rdpRdg* rdg, rdpTls* tls)
if (!ntlm_client_make_spn(rdg->ntlm, _T("HTTP"), settings->GatewayHostname))
return FALSE;
if (!ntlm_authenticate(rdg->ntlm))
if (!ntlm_authenticate(rdg->ntlm, &continueNeeded))
return FALSE;
return TRUE;
return continueNeeded;
}
static BOOL rdg_send_http_request(rdpRdg* rdg, rdpTls* tls, const char* method,
@ -840,8 +843,7 @@ static BOOL rdg_tls_connect(rdpRdg* rdg, rdpTls* tls, const char* peerAddress, i
if (!bufferedBio)
{
closesocket((SOCKET)sockfd);
BIO_free(socketBio);
BIO_free_all(socketBio);
return FALSE;
}
@ -852,7 +854,10 @@ static BOOL rdg_tls_connect(rdpRdg* rdg, rdpTls* tls, const char* peerAddress, i
{
if (!proxy_connect(settings, bufferedBio, proxyUsername, proxyPassword, settings->GatewayHostname,
(UINT16)settings->GatewayPort))
{
BIO_free_all(bufferedBio);
return FALSE;
}
}
if (!status)

14
libfreerdp/core/gateway/rpc_bind.c
View File

@ -107,6 +107,7 @@ const p_uuid_t BTFN_UUID =
int rpc_send_bind_pdu(rdpRpc* rpc)
{
BOOL continueNeeded = FALSE;
int status = -1;
BYTE* buffer = NULL;
UINT32 offset;
@ -165,7 +166,10 @@ int rpc_send_bind_pdu(rdpRpc* rpc)
if (!ntlm_client_make_spn(rpc->ntlm, NULL, settings->GatewayHostname))
goto fail;
if (!ntlm_authenticate(rpc->ntlm))
if (!ntlm_authenticate(rpc->ntlm, &continueNeeded))
goto fail;
if (!continueNeeded)
goto fail;
bind_pdu = (rpcconn_bind_hdr_t*) calloc(1, sizeof(rpcconn_bind_hdr_t));
@ -302,6 +306,7 @@ fail:
int rpc_recv_bind_ack_pdu(rdpRpc* rpc, BYTE* buffer, UINT32 length)
{
BOOL continueNeeded = FALSE;
BYTE* auth_data;
rpcconn_hdr_t* header;
header = (rpcconn_hdr_t*) buffer;
@ -317,7 +322,12 @@ int rpc_recv_bind_ack_pdu(rdpRpc* rpc, BYTE* buffer, UINT32 length)
if (!ntlm_client_set_input_buffer(rpc->ntlm, TRUE, auth_data, header->common.auth_length))
return -1;
ntlm_authenticate(rpc->ntlm);
if (!ntlm_authenticate(rpc->ntlm, &continueNeeded))
return -1;
if (continueNeeded)
return -1;
return (int) length;
}