Commit Graph

9 Commits

Author SHA1 Message Date
akallabeth
2973ff7004
[channels,rdpear] default to OFF
Since the channel was introduced late in the 3.x series require users to
explicitly enable it to not break existing build setups.
2024-09-30 09:42:45 +02:00
akallabeth
687f946999
[channels,rdpear] fix length checks for 32bit size_t 2024-09-15 09:07:53 +02:00
akallabeth
2bcf2c50eb
[channels,rdpear] fix krb5 inclusion
* do not expose the krb5 include path in interface library, it is
  private to the object library
* fix include krb5.h instead of krb5/krb5.h
2024-09-14 21:29:18 +02:00
akallabeth
0b9d35235b
[channels,rdpear] fix leak in rdpear_prepare_response 2024-09-14 08:31:29 +02:00
akallabeth
d5b41bb8a0
[warnings] fix casts
* Add macro WINPR_REINTERPRET_CAST to cast (checked) from type A to B
* Fix cast warnings
2024-09-14 08:24:51 +02:00
akallabeth
f0a73e3e9c
[channels,rdpear] fix inconsistencies in ndr.c/h 2024-09-14 08:24:38 +02:00
akallabeth
1c161b0270
[channels,rdpear] elimiate warnings 2024-09-14 08:24:35 +02:00
akallabeth
71080e61b0
[warnings] fix a bunch of them
* fix uninitialized variable warnings
 * modivy ndr_context_* functions to utilize WINPR_ATTR_MALLOC
 * build_krbtgt use winpr_asprintf
 * add proper Stream_Write_UINT64_BE
2024-09-14 08:24:28 +02:00
David Fort
a4bd5ba886 core, channels: client-side remote credential guard
This patch implements the client-side part of the remote credential guard feature
as described in MS-RDPEAR. The 2 main changes are: shipping the TSRemoteGuardaCreds in
NLA, and implement the rdpear channel that allows LSASS to remote all the calls to
our client. For now it's UNIX only as the windows implementation would be implemented
in a completely different way.
To test, you may establish you ccache and then connect with (RCG enabled on the server):
	xfreerdp /remoteGuard /u:<user> /d:<domain> /v<server>

That should log you in, and in the session you should not be asked for credentials when
doing mstsc /remoteGuard /v:<other server>.
2024-09-11 17:15:11 +02:00