akallabeth
2d248d1c96
[winpr,sspi] verbosly check NTLM context
2023-05-17 14:51:58 +02:00
akallabeth
93c5058aa5
[winpr,crypto] rc4 allocation check
...
* check success of winpr_RC4_New
* WINPR_ASSERT context when used
2023-05-17 14:51:58 +02:00
Armin Novak
641022b795
[logging] remove __FUNCTION__ from actual message
...
prefer the log formatter to provide that information.
2023-01-25 16:26:39 +01:00
Armin Novak
51e49b4329
[winpr,asn] Fixed a compiler warning
...
WinPrAsn1DecReadEnumerated expects an argument of type
WinPrAsn1_ENUMERATED* so ensure the variable referenced is of said type.
2022-12-15 14:57:29 +01:00
Armin Novak
f2016c77c5
[winpr] renamed WITH_GSS_NO_NTLM_FALLBACK
2022-12-09 12:36:12 +01:00
fifthdegree
ad87144ce5
Rename WITH_GSSAPI to WITH_KRB5
...
Change cmake variables to not be gssapi specific
2022-12-09 12:36:12 +01:00
Armin Novak
074f28073a
[winpr,sspi] enable negotiate by default
2022-12-08 11:07:00 +01:00
akallabeth
5799fb2018
Replace ConvertFromUnicode and ConvertToUnicode
...
* Use new ConvertUtf8ToWChar, ConvertUtf8NToWChar,
ConvertUtf8ToWCharAlloc and ConvertUtf8NToWCharAlloc
* Use new ConvertWCharToUtf8, ConvertWCharNToUtf8,
ConvertWCharToUtf8Alloc and ConvertWCharNToUtf8Alloc
* Use new Stream UTF16 to/from UTF8 read/write functions
* Use new settings UTF16 to/from UTF8 read/write functions
2022-11-28 10:42:36 +01:00
fifthdegree
ffe8e45aff
Pass bindings through Negotiate on first call
2022-10-19 18:55:38 +02:00
Marc-André Moreau
27a865af74
Add Negotiate SSPI authentication module filtering
2022-10-12 22:07:45 +02:00
akallabeth
2f84a4856c
Fixed missing-field-initializers warnings
2022-10-11 13:28:30 +02:00
akallabeth
9d197b263c
Fixed conditional-uninitialized warnings
2022-10-11 13:28:30 +02:00
David Fort
58a3919435
winpr: add some checks in InitializeSecurityContext and AcceptSecurityContext
...
In native windows SSPI, AcceptSecurityContext and InitializeSecurityContext return
SEC_E_INVALID_HANDLE if the provided context is an empty context. Add the checks so
that our SSPI implementation behave the same way.
2022-10-10 09:01:04 +02:00
fifthdegree
d6c614b583
Fix bugs and add features in sspi packages
...
* Kerberos: correctly set principal when no service part is provided
* Kerberos: don't expect a krb_ap_rep when mutual auth was not requested
* Kerberos: include gss header in max signature length
* Negotiate: tolerate optimistic token being the final one
* Kerberos: support channel bindings
* Negotiate: pass channel bindings to sub-mechanism
* NTLM: tolerate receiving an input buffer desc on first call
2022-10-06 21:33:01 +02:00
Marc-André Moreau
479e891545
check return values for SetCredentialsAttributes, throw warnings for unsupported attributes
2022-09-30 19:33:12 +02:00
Marc-André Moreau
eadbb15741
run clang-format
2022-09-30 19:33:12 +02:00
Marc-André Moreau
80a1fc6a98
add SetCredentialsAttributes SSPI function
2022-09-30 19:33:12 +02:00
Marc-André Moreau
3224a43ee3
use SecurityFunctionTable version 3 with SetCredentialsAttributes function pointer
2022-09-30 19:33:12 +02:00
Armin Novak
b3f70b047d
Fix OId compare
2022-09-13 09:16:55 +02:00
fifthdegree
7901a26a16
Kerberos User 2 User support ( #8070 )
...
* add support for 64-bit big-endian encoding
* kerberos: drop reliance on gssapi and add user 2 user support
* Fix local variable declared in the middle of the function body
* kerberos: add ccache server option
Co-authored-by: fifthdegree <fifthdegree@protonmail.com>
Co-authored-by: David Fort <contact@hardening-consulting.com>
2022-08-17 12:25:26 +02:00
fifthdegree
54bbe33123
spnego: add missing check ( #8069 )
...
Co-authored-by: fifthdegree <fifthdegree@protonmail.com>
2022-07-15 08:33:28 +02:00
fifthdegree
dfa231c0a5
spnego: correctly set output buffer size ( #8060 )
...
Co-authored-by: fifthdegree <fifthdegree@protonmail.com>
2022-07-12 10:08:44 +02:00
Armin Novak
36c7c0320b
Fixed review comments
2022-07-07 17:31:49 +02:00
fifthdegree
362ae93a64
spnego: some cleanups and fixes
2022-07-07 17:31:49 +02:00
David Fort
8b5df3fa92
spnego: cleanup the guess of the input token
2022-07-07 17:31:49 +02:00
David Fort
b128ec4fba
spnego: add various check and fixes
2022-07-07 17:31:49 +02:00
David Fort
6c834eaa15
winpr: adjust negotiate_GetMechByOID function
2022-07-07 17:31:49 +02:00
fifthdegree
2a3c92b4cc
spnego: use winpr asn.1 library
2022-07-07 17:31:49 +02:00
akallabeth
39bd78d2fb
Fixed missing includes
2022-06-29 18:10:33 +02:00
akallabeth
99cda9249f
Fixed uninitialized warnings
2022-06-29 18:10:33 +02:00
akallabeth
684ada9c0e
Fixed uninitialized warnings
2022-06-29 18:10:33 +02:00
akallabeth
25c120d25d
Fixed type mismatches and memory leaks
2022-06-27 11:21:24 +02:00
akallabeth
bc8b4ade1c
reformatted
2022-06-23 08:48:39 +02:00
fifthdegree
8ac977e671
make sure existing ccache credentials are not expired
2022-06-21 10:27:17 +02:00
David Fort
90a2b9a10c
Various fixes in negotiate.c
2022-06-21 10:27:17 +02:00
fifthdegree
c51348a33b
fixes
2022-06-21 10:27:17 +02:00
fifthdegree
6d3aa52496
set SAM file and hash callback on credential rather than context
2022-06-21 10:27:17 +02:00
fifthdegree
eeece1a027
server-side kerberos (and some fixes)
2022-06-21 10:27:17 +02:00
fifthdegree
8d9f990124
some more tweaks
2022-06-21 10:27:17 +02:00
fifthdegree
a359124339
some small fixes and changes
2022-06-21 10:27:17 +02:00
fifthdegree
1c012b09b8
implement proper SPNEGO negotiation
2022-06-21 10:27:17 +02:00
akallabeth
c2e882c509
Nla server cleanup && server auth fix ( #7743 )
...
* Reduce negotiate logging verbosity
* Remove duplicate pointers from rdpNla
* Fixed server nla auth
* Encapsulated nla_server_recv_credentials
2022-03-25 10:47:05 +01:00
Armin Novak
6ed50b4b1d
Refactored WinPR includes
2022-03-03 11:26:48 +01:00
David Fort
cb351a099d
Enable smartcard NLA logon
2022-02-24 08:52:25 +01:00
Armin Novak
8231a7e7a7
Added runtime configuration option for kerberos/NTLM fallback
2022-02-15 13:43:36 +00:00
akallabeth
2d2627deab
Fixed SSPI fallback to NTLM ( #7642 )
...
* Fixed SSPI fallback to NTLM
* Fixed wide/ansi mixup
* WITH_GSS fixes
* Move to WinPR as this is not related to FreeRDP
* Add option WITH_GSS_NO_NTLM_FALLBACK to disable NTLM fallback
* Abort NLA if status is SEC_E_NO_CREDENTIALS
* Properly invalidate sspi::SubContext
2022-02-15 09:04:17 +01:00
akallabeth
8cc6582044
Unify struct definitions ( #7633 )
...
* Unified enum/struct definitions, fixed include issues
* Fixed mac compilation issues
* Added missing include
* Fixed windows server build warnings
* Fixed VS2010 build issue
* Removed unnecessary library linking
* Fixed ThreadPool WinXP compatibility
* Fixed pr review remarks
2022-02-14 14:59:22 +01:00
David Fort
02535ea200
winpr: fix a crash when kerberos fails during negociation
2022-01-19 18:03:52 +01:00
Armin Novak
610396e197
Fixed compilation warnings
...
Try to get the number of warnings down
2021-08-02 10:28:06 +02:00
akallabeth
6726772d8d
Fixed integer warnings
2021-06-18 09:41:02 +02:00