Commit Graph

88 Commits

Author SHA1 Message Date
fifthdegree
6d3aa52496 set SAM file and hash callback on credential rather than context 2022-06-21 10:27:17 +02:00
fifthdegree
1c012b09b8 implement proper SPNEGO negotiation 2022-06-21 10:27:17 +02:00
akallabeth
f25261e271 Unifiy string append functions 2022-06-17 08:41:46 +02:00
akallabeth
962c5c3ef0 Fixed dead store warnings 2022-04-28 12:37:19 +02:00
akallabeth
1dcc5a180a Fixed warnings 2022-04-28 11:24:51 +02:00
Armin Novak
29b8298ff8 Fixed windows build (_snpnrintf) 2022-03-28 15:52:59 +02:00
Armin Novak
42ddb0898e Fixed NTLM flag handling
* NTLMSSP_NEGOTIATE_WORKSTATION_SUPPLIED and NTLMSSP_NEGOTIATE_DOMAIN_SUPPLIED
* Problem with clients not supporting NTLMSSP_NEGOTIATE_LM_KEY
* Improve logging
2022-03-28 15:52:59 +02:00
Armin Novak
8d4332235e Refactored WinPR::NTLM
* added assertions
* added log messages
* removed code duplication
2022-03-22 10:59:58 +01:00
Armin Novak
6ed50b4b1d Refactored WinPR includes 2022-03-03 11:26:48 +01:00
Armin Novak
46c78cf0f0 Fixed missing return check 2021-12-14 13:46:34 +01:00
akallabeth
b453d5e40e Fixed rdtk, uwac and winpr standalone builds 2021-06-22 08:54:18 +02:00
akallabeth
6726772d8d Fixed integer warnings 2021-06-18 09:41:02 +02:00
Armin Novak
58f471c7d9 Added log message for not implemented NTLM functions. 2020-08-10 14:41:20 +02:00
Armin Novak
8e45a2dd50 Respect SECBUFFER_READONLY flag in NTLM EncryptMessage 2020-06-19 11:31:13 +02:00
Armin Novak
106ab8cfbd Removed unused function 2020-03-10 14:04:53 +01:00
Armin Novak
72ca88f49c Reformatted to new style 2019-11-07 10:53:54 +01:00
Armin Novak
17bbe7a23f Do not compile extended authentication debugging by default. 2018-11-21 15:36:31 +01:00
Pascal J. Bourguignon
15f2bafeab Cleaned up const char** -> char** for argv, since we definitely do modify the argv!
(we overwrite the password and pin arguments).
This implies changes in the argument parsing tests that now must pass a mutable argv
(copied from the statically declared test argvs).
Some other const inconsistency have been dealt with too.
2018-06-06 16:43:09 +02:00
Mariusz Zaborski
00374382d9 There is no reason to restrict nSize to 2 the hostname can be empty on
UNIX-like machines.
2018-04-06 21:07:51 +02:00
Armin Novak
dc48c42926 Refactored NTLM, functions static where approprate 2018-01-16 11:34:07 +01:00
dodo040
e0a9999fb2 fix: GSS API init, enterprise name management, variable names and format code 2017-11-13 16:20:56 +01:00
dodo040
b81f168f0e initial commit for kerberos support 2017-11-13 16:20:55 +01:00
Armin Novak
ceda244165 Fixed uninitialized values and leaks. 2017-07-28 08:35:31 +02:00
davewheel
4bfb4dddbf Add a callback to provide NTLM hashes on server-side
Adds a callback that allows servers to compute NTLM hashes by themselves. The typical
use of this callback is to provide a function that gives precomputed hash values.

Sponsored by: Wheel Systems (http://www.wheelsystems.com)
2017-05-18 14:24:24 +02:00
Armin Novak
b11de26f98 Fixed GetComputerNameExA return checks. 2017-02-27 11:49:53 +01:00
akallabeth
8a22052b61 Fixed memory leaks. 2017-02-25 08:35:37 +01:00
akallabeth
705c0c1e12 Fixed GetComputerNameExA calls. #3815 2017-02-24 21:58:08 +01:00
Norbert Federa
f71b6b46e8 fix string format specifiers
- fixed invalid, missing or additional arguments
- removed all type casts from arguments
- added missing (void*) typecasts for %p arguments
- use inttypes defines where appropriate
2016-12-16 13:48:43 +01:00
Norbert Federa
53bd98883e winpr/crypt api changes and memory leak fixes
- winpr_HMAC_New() now just returnes the opaque WINPR_HMAC_CTX* pointer
  which has to be passed to winpr_HMAC_Init() for (re)initialization
  and since winpr_HMAC_Final() no more frees the context you always have to
  use the new function winpr_HMAC_Free() once winpr_HMAC_New() has succeded

- winpr_Digest_New() now just returns the opaque WINPR_DIGEST_CTX* pointer
  which has to be passed to winpr_Digest_Init() for (re)initialization
  and since winpr_Digest_Final() no more frees the context you always have to
  use the new function winpr_Digest_Free() once winpr_Digest_New() has succeded
2016-11-24 18:27:29 +01:00
Norbert Federa
7befab856c Support for OpenSSL 1.1.0 2016-11-24 17:50:09 +01:00
Martin Fleisz
71765b72e3 Merge pull request #3284 from ondrejholy/endianness
Endianness fixes
2016-08-25 08:17:52 +02:00
Marc-André Moreau
14cb6d33c6 freerdp: make modifications to NLA server-side fixes according to PR comments 2016-07-22 09:06:07 -04:00
Marc-André Moreau
801dc0f826 freerdp: add configurable NTLM SAM file option for server-side NLA 2016-07-21 18:58:24 -04:00
Norbert Federa
333a1110f5 winpr/sspi/ntlm: fix computer name len calculation
The lpnSize parameter for GetComputerNameEx specifies the total
size of the buffer (in characters).
However, the current code calculated the amount of bytes.
Since only GetComputerNameExA was used and because sizeof(CHAR) == 1
the result was correct but the math was wrong.
Credit goes to @byteboon
2016-06-30 17:15:40 +02:00
Norbert Federa
26ed09a14f winpr/sspi/ntlm: fix GetComputerNameExA parameters
On input, the lpnSize [in, out] parameter for GetComputerNameEx()
specifies the total size of the buffer (in characters).
Several functions in ntlm.c were off by one which caused ntlm to fail
if the netbios hostname's strlen was exactly MAX_COMPUTERNAME_LENGTH.
2016-06-14 12:37:37 +02:00
Ondrej Holy
0e353cce2e winpr/ntlm: Fix endianness in NTLM authentication
This patch fixes NTLM authentication to work properly on a big endian
machines. Freerdp exited with the following error without recent commits:
[09:50:20:914] [13821:13822] [ERROR][com.freerdp.core.transport] - BIO_read returned an error: error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
[09:50:20:914] [13821:13822] [ERROR][com.freerdp.core] - freerdp_set_last_error ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x2000D]
[09:50:20:914] [13821:13822] [ERROR][com.freerdp.client.x11] - Freerdp connect error exit status 1

https://github.com/FreeRDP/FreeRDP/issues/2520
2016-05-30 13:37:15 +02:00
Marc-André Moreau
4d629a7999 freerdp: UWP porting 2016-03-29 16:03:15 -04:00
Armin Novak
92c15783dc Updated RC4 API, fixed crashing bug. 2016-02-28 11:19:29 +01:00
Armin Novak
f997421098 Unified hmac functions. 2016-02-24 21:50:08 +01:00
davewheel
a971f9e4bc Handle more NTLM attributes
This patch adds the management of more NTLM attributes.

Sponsored by: Wheel Systems (http://www.wheelsystems.com)
2016-01-20 22:21:05 +01:00
Bernhard Miklautz
d73c4898c1 Add build-config.h
build-config.h should contain configure/compile time settings that are
relevant for projects that use FreeRDP.

For example the compiled in plugin search paths.
2015-11-09 15:54:22 +01:00
Marc-André Moreau
87c42127c7 libwinpr-sspi: remove OpenSSL dependency in NTLM SSPI module 2015-10-08 16:48:58 -04:00
Marc-André Moreau
ac62d43e0f winpr: isolate OpenSSL 2015-10-06 10:56:24 -04:00
Armin Novak
e8bfa29bd2 Replaced registry keys with cmake defines. 2015-06-24 14:02:48 +02:00
Bernhard Miklautz
af81a91ea7 windows: fix compilation and warnings 2015-06-22 19:31:25 +02:00
Bernhard Miklautz
06502e6a91 misc: integrate pull request feedback 2015-06-22 19:24:30 +02:00
Bernhard Miklautz
fc6a3cf3c1 sspi/ntlm: integrate pull request comments 2015-06-22 19:23:58 +02:00
David FORT
7c3f8f33ab Fixes for malloc / calloc + other fixes
This patch contains:

* checks for malloc return value + treat callers;
* modified malloc() + ZeroMemory() to calloc();
* misc fixes of micro errors seen during the code audit:
** some invalid checks in gcc.c, also there were some possible
integer overflow. This is interesting because at the end the data are parsed
and freed directly, so it's a vulnerability in some kind of dead code (at least
useless);
** fixed usage of GetComputerNameExA with just one call, when 2 were used
in misc places. According to MSDN GetComputerNameA() is supposed to return
an error when called with NULL;
** there were a bug in the command line parsing of shadow;
** in freerdp_dynamic_channel_collection_add() the size of array was multiplied
by 4 instead of 2 on resize
2015-06-22 19:21:47 +02:00
Konrad Witaszczyk
29d3b0bebb QueryContextAttributes shouldn't return an error when a user or a domain
is empty.
2015-05-18 09:42:17 +02:00
Norbert Federa
1eff1a345e free can handle NULL perfectly fine 2015-05-11 09:07:39 +02:00