FreeRDP
credssp_auth.c File Reference
#include <ctype.h>
#include <freerdp/config.h>
#include <freerdp/build-config.h>
#include <freerdp/settings.h>
#include <freerdp/peer.h>
#include <winpr/crt.h>
#include <winpr/assert.h>
#include <winpr/library.h>
#include <winpr/registry.h>
#include <freerdp/log.h>
#include "credssp_auth.h"

Macros

#define TAG   FREERDP_TAG("core.auth")
 
#define SERVER_KEY   "Software\\" FREERDP_VENDOR_STRING "\\" FREERDP_PRODUCT_STRING "\\Server"
 

Enumerations

enum  AUTH_STATE { AUTH_STATE_INITIAL , AUTH_STATE_CREDS , AUTH_STATE_IN_PROGRESS , AUTH_STATE_FINAL }
 

Functions

static const char * credssp_auth_state_string (const rdpCredsspAuth *auth)
 
static BOOL parseKerberosDeltat (const char *value, INT32 *dest, const char *message)
 
static BOOL credssp_auth_setup_identity (rdpCredsspAuth *auth)
 
static SecurityFunctionTableauth_resolve_sspi_table (const rdpSettings *settings)
 
rdpCredsspAuth * credssp_auth_new (const rdpContext *rdp_ctx)
 
BOOL credssp_auth_init (rdpCredsspAuth *auth, TCHAR *pkg_name, SecPkgContext_Bindings *bindings)
 
static BOOL credssp_auth_setup_auth_data (rdpCredsspAuth *auth, const SEC_WINNT_AUTH_IDENTITY *identity, SEC_WINNT_AUTH_IDENTITY_WINPR *pAuthData)
 
static BOOL credssp_auth_client_init_cred_attributes (rdpCredsspAuth *auth)
 
BOOL credssp_auth_setup_client (rdpCredsspAuth *auth, const char *target_service, const char *target_hostname, const SEC_WINNT_AUTH_IDENTITY *identity, const char *pkinit)
 
BOOL credssp_auth_setup_server (rdpCredsspAuth *auth)
 
void credssp_auth_set_flags (rdpCredsspAuth *auth, ULONG flags)
 
int credssp_auth_authenticate (rdpCredsspAuth *auth)
 
BOOL credssp_auth_encrypt (rdpCredsspAuth *auth, const SecBuffer *plaintext, SecBuffer *ciphertext, size_t *signature_length, ULONG sequence)
 
BOOL credssp_auth_decrypt (rdpCredsspAuth *auth, const SecBuffer *ciphertext, SecBuffer *plaintext, ULONG sequence)
 
BOOL credssp_auth_impersonate (rdpCredsspAuth *auth)
 
BOOL credssp_auth_revert_to_self (rdpCredsspAuth *auth)
 
void credssp_auth_take_input_buffer (rdpCredsspAuth *auth, SecBuffer *buffer)
 
const SecBuffercredssp_auth_get_output_buffer (rdpCredsspAuth *auth)
 
BOOL credssp_auth_have_output_token (rdpCredsspAuth *auth)
 
BOOL credssp_auth_is_complete (rdpCredsspAuth *auth)
 
size_t credssp_auth_trailer_size (rdpCredsspAuth *auth)
 
const char * credssp_auth_pkg_name (rdpCredsspAuth *auth)
 
void credssp_auth_free (rdpCredsspAuth *auth)
 
static void auth_get_sspi_module_from_reg (char **sspi_module)
 
BOOL credssp_auth_set_spn (rdpCredsspAuth *auth, const char *service, const char *hostname)
 
static const char * parseInt (const char *v, INT32 *r)
 

Macro Definition Documentation

◆ SERVER_KEY

#define SERVER_KEY   "Software\\" FREERDP_VENDOR_STRING "\\" FREERDP_PRODUCT_STRING "\\Server"

◆ TAG

#define TAG   FREERDP_TAG("core.auth")

FreeRDP: A Remote Desktop Protocol Implementation

Copyright 2012 Marc-Andre Moreau marca.nosp@m.ndre.nosp@m..more.nosp@m.au@g.nosp@m.mail..nosp@m.com Copyright 2022 David Fort conta.nosp@m.ct@h.nosp@m.arden.nosp@m.ing-.nosp@m.consu.nosp@m.ltin.nosp@m.g.com Copyright 2022 Isaac Klein fifth.nosp@m.degr.nosp@m.ee@pr.nosp@m.oton.nosp@m.mail..nosp@m.com

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Enumeration Type Documentation

◆ AUTH_STATE

enum AUTH_STATE
Enumerator
AUTH_STATE_INITIAL 
AUTH_STATE_CREDS 
AUTH_STATE_IN_PROGRESS 
AUTH_STATE_FINAL 

Function Documentation

◆ auth_get_sspi_module_from_reg()

static void auth_get_sspi_module_from_reg ( char **  sspi_module)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ auth_resolve_sspi_table()

static SecurityFunctionTable * auth_resolve_sspi_table ( const rdpSettings *  settings)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_authenticate()

int credssp_auth_authenticate ( rdpCredsspAuth *  auth)
                                SSPI Client Ceremony

                                   --------------
                                  ( Client Begin )
                                   --------------
                                         |
                                         |
                                        \|/
                              -----------+--------------
                             | AcquireCredentialsHandle |
                              --------------------------
                                         |
                                         |
                                        \|/
                            -------------+--------------
         +---------------> / InitializeSecurityContext /
         |                 ----------------------------
         |                               |
         |                               |
         |                              \|/

------------------------— ------—+----------— -------------------— / Receive blob from server / < Received security blob? > –Yes-> / Send blob to server / ----------—+----------— --------------------— -------------------— /|\ | | | No | Yes |/ | | ---------—+--------— |

+-------------— < Received Continue Needed > <--------------—+

| No |/ ---—+----—

( Client End )

Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_client_init_cred_attributes()

static BOOL credssp_auth_client_init_cred_attributes ( rdpCredsspAuth *  auth)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_decrypt()

BOOL credssp_auth_decrypt ( rdpCredsspAuth *  auth,
const SecBuffer ciphertext,
SecBuffer plaintext,
ULONG  sequence 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_encrypt()

BOOL credssp_auth_encrypt ( rdpCredsspAuth *  auth,
const SecBuffer plaintext,
SecBuffer ciphertext,
size_t *  signature_length,
ULONG  sequence 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_free()

void credssp_auth_free ( rdpCredsspAuth *  auth)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_get_output_buffer()

const SecBuffer* credssp_auth_get_output_buffer ( rdpCredsspAuth *  auth)
Here is the caller graph for this function:

◆ credssp_auth_have_output_token()

BOOL credssp_auth_have_output_token ( rdpCredsspAuth *  auth)
Here is the caller graph for this function:

◆ credssp_auth_impersonate()

BOOL credssp_auth_impersonate ( rdpCredsspAuth *  auth)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_init()

BOOL credssp_auth_init ( rdpCredsspAuth *  auth,
TCHAR pkg_name,
SecPkgContext_Bindings bindings 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_is_complete()

BOOL credssp_auth_is_complete ( rdpCredsspAuth *  auth)
Here is the caller graph for this function:

◆ credssp_auth_new()

rdpCredsspAuth* credssp_auth_new ( const rdpContext *  rdp_ctx)
Here is the caller graph for this function:

◆ credssp_auth_pkg_name()

const char* credssp_auth_pkg_name ( rdpCredsspAuth *  auth)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_revert_to_self()

BOOL credssp_auth_revert_to_self ( rdpCredsspAuth *  auth)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_set_flags()

void credssp_auth_set_flags ( rdpCredsspAuth *  auth,
ULONG  flags 
)
Here is the caller graph for this function:

◆ credssp_auth_set_spn()

BOOL credssp_auth_set_spn ( rdpCredsspAuth *  auth,
const char *  service,
const char *  hostname 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_setup_auth_data()

static BOOL credssp_auth_setup_auth_data ( rdpCredsspAuth *  auth,
const SEC_WINNT_AUTH_IDENTITY identity,
SEC_WINNT_AUTH_IDENTITY_WINPR pAuthData 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_setup_client()

BOOL credssp_auth_setup_client ( rdpCredsspAuth *  auth,
const char *  target_service,
const char *  target_hostname,
const SEC_WINNT_AUTH_IDENTITY identity,
const char *  pkinit 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_setup_identity()

static BOOL credssp_auth_setup_identity ( rdpCredsspAuth *  auth)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_setup_server()

BOOL credssp_auth_setup_server ( rdpCredsspAuth *  auth)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_state_string()

static const char* credssp_auth_state_string ( const rdpCredsspAuth *  auth)
static
Here is the caller graph for this function:

◆ credssp_auth_take_input_buffer()

void credssp_auth_take_input_buffer ( rdpCredsspAuth *  auth,
SecBuffer buffer 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ credssp_auth_trailer_size()

size_t credssp_auth_trailer_size ( rdpCredsspAuth *  auth)
Here is the caller graph for this function:

◆ parseInt()

static const char* parseInt ( const char *  v,
INT32 *  r 
)
static
Here is the caller graph for this function:

◆ parseKerberosDeltat()

static BOOL parseKerberosDeltat ( const char *  value,
INT32 *  dest,
const char *  message 
)
static
Here is the call graph for this function:
Here is the caller graph for this function: