Marc-André Moreau
479e891545
check return values for SetCredentialsAttributes, throw warnings for unsupported attributes
2022-09-30 19:33:12 +02:00
Marc-André Moreau
eadbb15741
run clang-format
2022-09-30 19:33:12 +02:00
Marc-André Moreau
80a1fc6a98
add SetCredentialsAttributes SSPI function
2022-09-30 19:33:12 +02:00
Marc-André Moreau
3224a43ee3
use SecurityFunctionTable version 3 with SetCredentialsAttributes function pointer
2022-09-30 19:33:12 +02:00
Armin Novak
b3f70b047d
Fix OId compare
2022-09-13 09:16:55 +02:00
fifthdegree
7901a26a16
Kerberos User 2 User support ( #8070 )
...
* add support for 64-bit big-endian encoding
* kerberos: drop reliance on gssapi and add user 2 user support
* Fix local variable declared in the middle of the function body
* kerberos: add ccache server option
Co-authored-by: fifthdegree <fifthdegree@protonmail.com>
Co-authored-by: David Fort <contact@hardening-consulting.com>
2022-08-17 12:25:26 +02:00
fifthdegree
54bbe33123
spnego: add missing check ( #8069 )
...
Co-authored-by: fifthdegree <fifthdegree@protonmail.com>
2022-07-15 08:33:28 +02:00
fifthdegree
dfa231c0a5
spnego: correctly set output buffer size ( #8060 )
...
Co-authored-by: fifthdegree <fifthdegree@protonmail.com>
2022-07-12 10:08:44 +02:00
Armin Novak
36c7c0320b
Fixed review comments
2022-07-07 17:31:49 +02:00
fifthdegree
362ae93a64
spnego: some cleanups and fixes
2022-07-07 17:31:49 +02:00
David Fort
8b5df3fa92
spnego: cleanup the guess of the input token
2022-07-07 17:31:49 +02:00
David Fort
b128ec4fba
spnego: add various check and fixes
2022-07-07 17:31:49 +02:00
David Fort
6c834eaa15
winpr: adjust negotiate_GetMechByOID function
2022-07-07 17:31:49 +02:00
fifthdegree
2a3c92b4cc
spnego: use winpr asn.1 library
2022-07-07 17:31:49 +02:00
akallabeth
39bd78d2fb
Fixed missing includes
2022-06-29 18:10:33 +02:00
akallabeth
99cda9249f
Fixed uninitialized warnings
2022-06-29 18:10:33 +02:00
akallabeth
684ada9c0e
Fixed uninitialized warnings
2022-06-29 18:10:33 +02:00
akallabeth
25c120d25d
Fixed type mismatches and memory leaks
2022-06-27 11:21:24 +02:00
akallabeth
bc8b4ade1c
reformatted
2022-06-23 08:48:39 +02:00
fifthdegree
8ac977e671
make sure existing ccache credentials are not expired
2022-06-21 10:27:17 +02:00
David Fort
90a2b9a10c
Various fixes in negotiate.c
2022-06-21 10:27:17 +02:00
fifthdegree
c51348a33b
fixes
2022-06-21 10:27:17 +02:00
fifthdegree
6d3aa52496
set SAM file and hash callback on credential rather than context
2022-06-21 10:27:17 +02:00
fifthdegree
eeece1a027
server-side kerberos (and some fixes)
2022-06-21 10:27:17 +02:00
fifthdegree
8d9f990124
some more tweaks
2022-06-21 10:27:17 +02:00
fifthdegree
a359124339
some small fixes and changes
2022-06-21 10:27:17 +02:00
fifthdegree
1c012b09b8
implement proper SPNEGO negotiation
2022-06-21 10:27:17 +02:00
akallabeth
c2e882c509
Nla server cleanup && server auth fix ( #7743 )
...
* Reduce negotiate logging verbosity
* Remove duplicate pointers from rdpNla
* Fixed server nla auth
* Encapsulated nla_server_recv_credentials
2022-03-25 10:47:05 +01:00
Armin Novak
6ed50b4b1d
Refactored WinPR includes
2022-03-03 11:26:48 +01:00
David Fort
cb351a099d
Enable smartcard NLA logon
2022-02-24 08:52:25 +01:00
Armin Novak
8231a7e7a7
Added runtime configuration option for kerberos/NTLM fallback
2022-02-15 13:43:36 +00:00
akallabeth
2d2627deab
Fixed SSPI fallback to NTLM ( #7642 )
...
* Fixed SSPI fallback to NTLM
* Fixed wide/ansi mixup
* WITH_GSS fixes
* Move to WinPR as this is not related to FreeRDP
* Add option WITH_GSS_NO_NTLM_FALLBACK to disable NTLM fallback
* Abort NLA if status is SEC_E_NO_CREDENTIALS
* Properly invalidate sspi::SubContext
2022-02-15 09:04:17 +01:00
akallabeth
8cc6582044
Unify struct definitions ( #7633 )
...
* Unified enum/struct definitions, fixed include issues
* Fixed mac compilation issues
* Added missing include
* Fixed windows server build warnings
* Fixed VS2010 build issue
* Removed unnecessary library linking
* Fixed ThreadPool WinXP compatibility
* Fixed pr review remarks
2022-02-14 14:59:22 +01:00
David Fort
02535ea200
winpr: fix a crash when kerberos fails during negociation
2022-01-19 18:03:52 +01:00
Armin Novak
610396e197
Fixed compilation warnings
...
Try to get the number of warnings down
2021-08-02 10:28:06 +02:00
akallabeth
6726772d8d
Fixed integer warnings
2021-06-18 09:41:02 +02:00
Armin Novak
7d0e54e5f8
Added log message for not implemented NEGOTIATE functions.
2020-08-10 16:00:16 +02:00
Armin Novak
72ca88f49c
Reformatted to new style
2019-11-07 10:53:54 +01:00
Pascal J. Bourguignon
15f2bafeab
Cleaned up const char** -> char** for argv, since we definitely do modify the argv!
...
(we overwrite the password and pin arguments).
This implies changes in the argument parsing tests that now must pass a mutable argv
(copied from the statically declared test argvs).
Some other const inconsistency have been dealt with too.
2018-06-06 16:43:09 +02:00
Armin Novak
53d2150e00
Fixed windows unicode authentication.
2018-02-13 11:29:56 +01:00
Armin Novak
29f2d2d9bb
Fixed missing packageName setup in server NLA
2018-01-17 09:09:58 +01:00
Armin Novak
c62fde53a4
Fix #4306 :
...
* Do not reset context when changing package.
* All functions not exported static.
2018-01-16 10:31:08 +01:00
dodo040
e0a9999fb2
fix: GSS API init, enterprise name management, variable names and format code
2017-11-13 16:20:56 +01:00
dodo040
b81f168f0e
initial commit for kerberos support
2017-11-13 16:20:55 +01:00
Armin Novak
11fa9f6753
Free credentials on exit.
2017-07-28 08:39:49 +02:00
Norbert Federa
f71b6b46e8
fix string format specifiers
...
- fixed invalid, missing or additional arguments
- removed all type casts from arguments
- added missing (void*) typecasts for %p arguments
- use inttypes defines where appropriate
2016-12-16 13:48:43 +01:00
Marc-André Moreau
1ffbd774e9
freerdp: fix sending of TLS alert on NLA failure, add better handling of server-side NLA in shadow server
2016-07-21 17:53:20 -04:00
Armin Novak
48ccf73a36
More SSPI logging.
2015-07-08 17:41:22 +02:00
Konrad Witaszczyk
95f9e6a641
Pass valid context to CompleteAuthToken function in Negotiate Security Package.
2015-05-15 13:02:40 +02:00
Norbert Federa
1eff1a345e
free can handle NULL perfectly fine
2015-05-11 09:07:39 +02:00