fixes for NLA under win32
This commit is contained in:
parent
7dde39de9d
commit
f486fb1e92
@ -121,6 +121,7 @@ BOOL credssp_auth_setup_client(rdpCredsspAuth* auth, const char* target_service,
|
||||
const char* pkinit)
|
||||
{
|
||||
SECURITY_STATUS status;
|
||||
void* identityPtr = NULL;
|
||||
|
||||
WINPR_ASSERT(auth);
|
||||
WINPR_ASSERT(auth->table);
|
||||
@ -130,13 +131,7 @@ BOOL credssp_auth_setup_client(rdpCredsspAuth* auth, const char* target_service,
|
||||
if (!credssp_auth_set_spn(auth, target_service, target_hostname))
|
||||
return FALSE;
|
||||
|
||||
if (!identity)
|
||||
{
|
||||
status = auth->table->AcquireCredentialsHandleA(NULL, auth->info->Name,
|
||||
SECPKG_CRED_OUTBOUND, NULL, NULL, NULL,
|
||||
NULL, &auth->credentials, NULL);
|
||||
}
|
||||
else
|
||||
if (identity)
|
||||
{
|
||||
if (sspi_CopyAuthIdentity(&auth->identity.identity, identity) < 0)
|
||||
return FALSE;
|
||||
@ -152,11 +147,13 @@ BOOL credssp_auth_setup_client(rdpCredsspAuth* auth, const char* target_service,
|
||||
}
|
||||
}
|
||||
|
||||
status = auth->table->AcquireCredentialsHandleA(NULL, auth->info->Name,
|
||||
SECPKG_CRED_OUTBOUND, NULL, &auth->identity,
|
||||
NULL, NULL, &auth->credentials, NULL);
|
||||
identityPtr = &auth->identity;
|
||||
}
|
||||
|
||||
status =
|
||||
auth->table->AcquireCredentialsHandleA(NULL, auth->info->Name, SECPKG_CRED_OUTBOUND, NULL,
|
||||
identityPtr, NULL, NULL, &auth->credentials, NULL);
|
||||
|
||||
if (status != SEC_E_OK)
|
||||
{
|
||||
WLog_ERR(TAG, "AcquireCredentialsHandleA failed with %s [0x%08X]",
|
||||
@ -263,7 +260,7 @@ int credssp_auth_authenticate(rdpCredsspAuth* auth)
|
||||
{
|
||||
SECURITY_STATUS status;
|
||||
SecBuffer input_buffers[2] = { 0 };
|
||||
SecBufferDesc input_buffer_desc = { SECBUFFER_VERSION, 2, input_buffers };
|
||||
SecBufferDesc input_buffer_desc = { SECBUFFER_VERSION, 1, input_buffers };
|
||||
CtxtHandle* context = NULL;
|
||||
|
||||
WINPR_ASSERT(auth);
|
||||
@ -288,6 +285,8 @@ int credssp_auth_authenticate(rdpCredsspAuth* auth)
|
||||
|
||||
if (auth->bindings)
|
||||
{
|
||||
input_buffer_desc.cBuffers = 2;
|
||||
|
||||
input_buffers[1].BufferType = SECBUFFER_CHANNEL_BINDINGS;
|
||||
input_buffers[1].cbBuffer = auth->bindings->BindingsLength;
|
||||
input_buffers[1].pvBuffer = auth->bindings->Bindings;
|
||||
|
@ -51,6 +51,8 @@
|
||||
|
||||
#define SERVER_KEY "Software\\" FREERDP_VENDOR_STRING "\\" FREERDP_PRODUCT_STRING "\\Server"
|
||||
|
||||
#define NLA_AUTH_PKG "Negotiate"
|
||||
|
||||
/**
|
||||
* TSRequest ::= SEQUENCE {
|
||||
* version [0] INTEGER,
|
||||
@ -198,15 +200,6 @@ static BOOL nla_adjust_settings_from_smartcard(rdpNla* nla)
|
||||
if (!settings->SmartcardLogon)
|
||||
return TRUE;
|
||||
|
||||
if (!settings->CspName)
|
||||
{
|
||||
if (!freerdp_settings_set_string(settings, FreeRDP_CspName, MS_SCARD_PROV_A))
|
||||
{
|
||||
WLog_ERR(TAG, "unable to set CSP name");
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
if (!smartcard_enumerateCerts(settings, &certs, &count))
|
||||
{
|
||||
WLog_ERR(TAG, "unable to list smartcard certificates");
|
||||
@ -229,6 +222,22 @@ static BOOL nla_adjust_settings_from_smartcard(rdpNla* nla)
|
||||
/*
|
||||
* just one result let's try to fill missing parameters
|
||||
*/
|
||||
|
||||
if (!settings->CspName)
|
||||
{
|
||||
if (info->csp &&
|
||||
ConvertFromUnicode(CP_UTF8, 0, info->csp, -1, &settings->CspName, 0, NULL, FALSE) <= 0)
|
||||
{
|
||||
WLog_ERR(TAG, "unable to set CSP name");
|
||||
goto out;
|
||||
}
|
||||
else if (!(settings->CspName = _strdup(MS_SCARD_PROV_A)))
|
||||
{
|
||||
WLog_ERR(TAG, "unable to set CSP name");
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
||||
if (!settings->Username && info->userHint)
|
||||
{
|
||||
if (!freerdp_settings_set_string(settings, FreeRDP_Username, info->userHint))
|
||||
@ -454,7 +463,7 @@ static int nla_client_init(rdpNla* nla)
|
||||
if (!nla_adjust_settings_from_smartcard(nla))
|
||||
return -1;
|
||||
|
||||
if (!credssp_auth_init(nla->auth, NEGO_SSP_NAME, NULL))
|
||||
if (!credssp_auth_init(nla->auth, NLA_AUTH_PKG, NULL))
|
||||
return -1;
|
||||
|
||||
if (!nla_client_setup_identity(nla))
|
||||
@ -672,7 +681,7 @@ static int nla_server_init(rdpNla* nla)
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (!credssp_auth_init(nla->auth, NEGO_SSP_NAME, NULL))
|
||||
if (!credssp_auth_init(nla->auth, NLA_AUTH_PKG, NULL))
|
||||
return -1;
|
||||
|
||||
if (!credssp_auth_setup_server(nla->auth))
|
||||
|
Loading…
Reference in New Issue
Block a user