David Fort
a4bd5ba886
core, channels: client-side remote credential guard
...
This patch implements the client-side part of the remote credential guard feature
as described in MS-RDPEAR. The 2 main changes are: shipping the TSRemoteGuardaCreds in
NLA, and implement the rdpear channel that allows LSASS to remote all the calls to
our client. For now it's UNIX only as the windows implementation would be implemented
in a completely different way.
To test, you may establish you ccache and then connect with (RCG enabled on the server):
xfreerdp /remoteGuard /u:<user> /d:<domain> /v<server>
That should log you in, and in the session you should not be asked for credentials when
doing mstsc /remoteGuard /v:<other server>.
2024-09-11 17:15:11 +02:00
akallabeth
bb42d425ed
[gcc,clang] add support for attribute(malloc)
...
Mark all malloc like functions and add their appropriate free function
to let the compiler complain on mismatches
2024-02-02 15:10:40 +01:00
Hugues LEFEBVRE
b67afecf0f
CredSSP with early user auth (nla_ext) support
2023-06-26 11:53:46 +02:00
Marc-André Moreau
3a8dce07ea
expose last NLA/CredSSP SSPI error code (freerdp_get_nla_sspi_error)
2023-02-24 13:19:19 -05:00
Armin Novak
dd0d130f48
[crypto] make tls.h a private header
...
no need to uselessly export symbols that are not usable outside the
project
2023-01-14 08:50:26 +01:00
fifthdegree
2de7a4c249
Support spnego authentication for gateway
...
* Consolidate authentication support functions into auth.c
* Change authentication flow in gateway to be non-ntlm specific
2022-10-06 21:33:01 +02:00
Marc-André Moreau
1d5c0be5ec
Add settings to load a custom SSPI shared library module
2022-06-01 15:16:12 +02:00
akallabeth
c2e882c509
Nla server cleanup && server auth fix ( #7743 )
...
* Reduce negotiate logging verbosity
* Remove duplicate pointers from rdpNla
* Fixed server nla auth
* Encapsulated nla_server_recv_credentials
2022-03-25 10:47:05 +01:00
akallabeth
8cc6582044
Unify struct definitions ( #7633 )
...
* Unified enum/struct definitions, fixed include issues
* Fixed mac compilation issues
* Added missing include
* Fixed windows server build warnings
* Fixed VS2010 build issue
* Removed unnecessary library linking
* Fixed ThreadPool WinXP compatibility
* Fixed pr review remarks
2022-02-14 14:59:22 +01:00
akallabeth
460fef545d
Refactored NLA
...
* Simplified client/server state machine
* Encapsulated steps in functions
* Added proper debug logging so that state changes are easy to
follow
2021-06-09 11:03:37 +02:00
Biswapriyo Nath
173ab04b59
Use same data types as calling function prototypes.
2021-05-31 13:38:19 +02:00
Armin Novak
72ca88f49c
Reformatted to new style
2019-11-07 10:53:54 +01:00
Armin Novak
67be5258ad
Exposing NLA functions to impersonate and revert context.
2019-03-08 10:10:43 +01:00
Armin Novak
82863a8518
Refactored NLA to be self contained.
2018-12-05 10:55:06 +01:00
Martin Fleisz
eb1f693fc4
cssp: Separate client/server version handling ( #4502 )
2018-03-23 12:12:08 +01:00
Martin Fleisz
8df96364f2
cssp: Add support for protocol version 6
2018-03-20 10:37:38 +01:00
Armin Novak
53d2150e00
Fixed windows unicode authentication.
2018-02-13 11:29:56 +01:00
dodo040
e0a9999fb2
fix: GSS API init, enterprise name management, variable names and format code
2017-11-13 16:20:56 +01:00
dodo040
b81f168f0e
initial commit for kerberos support
2017-11-13 16:20:55 +01:00
Armin Novak
8b9e3fa51e
Fixed use of reserved keywords for include guards.
2017-07-20 09:35:41 +02:00
Norbert Federa
7befab856c
Support for OpenSSL 1.1.0
2016-11-24 17:50:09 +01:00
Armin Novak
c7448c03fb
Added FREERDP_LOCAL
...
CMake 2.8 does not support default visibility on windows.
To allow building tests add the FREERDP_LOCAL define for each
function that is internal to FreeRDP.
When build with testing these functions are exported and available
for use by tests.
2016-10-06 13:43:09 +02:00
Marc-André Moreau
801dc0f826
freerdp: add configurable NTLM SAM file option for server-side NLA
2016-07-21 18:58:24 -04:00
Marc-André Moreau
e4714f3422
freerdp: fix Hyper-V connectivity, fix issues #2421 and #3325
2016-05-11 15:52:36 -04:00
Martin Fleisz
1c2d315354
core: Add support for CredSSP version 3
2016-03-18 13:32:13 +01:00
Armin Novak
ada2b16c50
Unified RC4 functions.
2016-02-24 17:04:03 +01:00
Armin Novak
219ca1c02b
NLA identity now a pointer, allowing NULL.
...
When NLA identity is NULL, the current user context
is used on windows.
2015-06-15 15:03:13 +02:00
Marc-André Moreau
9c7b7ab561
libfreerdp-core: make NLA event-driven
2015-02-15 16:04:59 -05:00
Marc-André Moreau
eddfee56a3
libfreerdp-core: prepare client-side NLA for event-driven structure
2015-02-15 14:54:10 -05:00
Marc-André Moreau
ab5fdcc3f1
libfreerdp-core: NLA cleanup
2015-02-15 11:10:14 -05:00
Marc-André Moreau
8a44b2baa6
libfreerdp-core: add spn-class option
2014-02-12 00:43:02 -05:00
Marc-André Moreau
8c8a82c31f
libfreerdp-utils: purge old STREAM utils
2013-03-21 16:45:25 -04:00
Marc-André Moreau
b70bfc1579
libfreerdp-core: make NLA use transport abstraction layer
2012-11-14 21:30:21 -05:00
Marc-André Moreau
f19f3a6024
libfreerdp-crypto: move nla.c to libfreerdp-core
2012-11-14 21:19:17 -05:00