a4bd5ba886
This patch implements the client-side part of the remote credential guard feature as described in MS-RDPEAR. The 2 main changes are: shipping the TSRemoteGuardaCreds in NLA, and implement the rdpear channel that allows LSASS to remote all the calls to our client. For now it's UNIX only as the windows implementation would be implemented in a completely different way. To test, you may establish you ccache and then connect with (RCG enabled on the server): xfreerdp /remoteGuard /u:<user> /d:<domain> /v<server> That should log you in, and in the session you should not be asked for credentials when doing mstsc /remoteGuard /v:<other server>. |
||
|---|---|---|
| .. | ||
| kerberos.c | ||
| kerberos.h | ||
| krb5glue_heimdal.c | ||
| krb5glue_mit.c | ||
| krb5glue.h | ||