a4bd5ba886
This patch implements the client-side part of the remote credential guard feature as described in MS-RDPEAR. The 2 main changes are: shipping the TSRemoteGuardaCreds in NLA, and implement the rdpear channel that allows LSASS to remote all the calls to our client. For now it's UNIX only as the windows implementation would be implemented in a completely different way. To test, you may establish you ccache and then connect with (RCG enabled on the server): xfreerdp /remoteGuard /u:<user> /d:<domain> /v<server> That should log you in, and in the session you should not be asked for credentials when doing mstsc /remoteGuard /v:<other server>.
14 lines
378 B
CMake
14 lines
378 B
CMake
|
|
set(OPTION_DEFAULT OFF)
|
|
set(OPTION_CLIENT_DEFAULT ON)
|
|
set(OPTION_SERVER_DEFAULT ON)
|
|
|
|
define_channel_options(NAME "rdpear" TYPE "dynamic"
|
|
DESCRIPTION "Authentication redirection Virtual Channel Extension"
|
|
SPECIFICATIONS "[MS-RDPEAR]"
|
|
DEFAULT ${OPTION_DEFAULT})
|
|
|
|
define_channel_client_options(${OPTION_CLIENT_DEFAULT})
|
|
define_channel_server_options(${OPTION_SERVER_DEFAULT})
|
|
|