21#include <freerdp/config.h>
25#include <winpr/assert.h>
27#include <freerdp/freerdp.h>
28#include <freerdp/channels/cliprdr.h>
29#include <freerdp/channels/rdpdr.h>
31#include <freerdp/log.h>
32#define TAG FREERDP_TAG("core.gateway.utils")
36#include "../core/rdp.h"
38BOOL utils_str_copy(
const char* value,
char** dst)
47 (*dst) = _strdup(value);
48 return (*dst) !=
nullptr;
51static BOOL utils_copy_smartcard_settings(
const rdpSettings* settings, rdpSettings* origSettings)
54 origSettings->SmartcardLogon = settings->SmartcardLogon;
55 origSettings->PasswordIsSmartcardPin = settings->PasswordIsSmartcardPin;
56 if (!utils_str_copy(settings->ReaderName, &origSettings->ReaderName))
58 if (!utils_str_copy(settings->CspName, &origSettings->CspName))
60 if (!utils_str_copy(settings->ContainerName, &origSettings->ContainerName))
66static BOOL utils_auth_skip(freerdp* instance, rdp_auth_reason reason, BOOL gateway)
68 WINPR_ASSERT(instance);
69 WINPR_ASSERT(instance->context);
72 instance->context->settings, gateway ? FreeRDP_GatewayPassword : FreeRDP_Password);
74 instance->context->settings, gateway ? FreeRDP_GatewayUsername : FreeRDP_Username);
80 case AUTH_SMARTCARD_PIN:
82 if (username && password)
92auth_status utils_authenticate_gateway(freerdp* instance, rdp_auth_reason reason)
94 rdpSettings* settings =
nullptr;
95 rdpSettings* origSettings =
nullptr;
99 WINPR_ASSERT(instance);
100 WINPR_ASSERT(instance->context);
101 WINPR_ASSERT(instance->context->settings);
102 WINPR_ASSERT(instance->context->rdp);
103 WINPR_ASSERT(instance->context->rdp->originalSettings);
105 settings = instance->context->settings;
106 origSettings = instance->context->rdp->originalSettings;
108 if (freerdp_shall_disconnect_context(instance->context))
118 if (!utils_sync_credentials(settings, FALSE))
122 const BOOL skip = utils_auth_skip(instance, reason, TRUE);
126#if !defined(WITHOUT_FREERDP_3x_DEPRECATED)
127 WINPR_PRAGMA_DIAG_PUSH
128 WINPR_PRAGMA_DIAG_IGNORED_DEPRECATED_DECL
131#if defined(WITHOUT_FREERDP_3x_DEPRECATED)
132 if (!instance->AuthenticateEx)
133 return AUTH_NO_CREDENTIALS;
135 if (!instance->GatewayAuthenticate && !instance->AuthenticateEx)
136 return AUTH_NO_CREDENTIALS;
138 if (!instance->GatewayAuthenticate)
142 instance->AuthenticateEx(instance, &settings->GatewayUsername,
143 &settings->GatewayPassword, &settings->GatewayDomain, reason);
145 return AUTH_CANCELLED;
147#if !defined(WITHOUT_FREERDP_3x_DEPRECATED)
151 instance->GatewayAuthenticate(instance, &settings->GatewayUsername,
152 &settings->GatewayPassword, &settings->GatewayDomain);
154 return AUTH_CANCELLED;
158#if !defined(WITHOUT_FREERDP_3x_DEPRECATED)
159 WINPR_PRAGMA_DIAG_POP
162 if (utils_str_is_empty(settings->GatewayUsername) ||
163 utils_str_is_empty(settings->GatewayPassword))
164 return AUTH_NO_CREDENTIALS;
166 if (!utils_sync_credentials(settings, FALSE))
170 if (!utils_str_copy(settings->GatewayUsername, &origSettings->GatewayUsername))
172 if (!utils_str_copy(settings->GatewayDomain, &origSettings->GatewayDomain))
174 if (!utils_str_copy(settings->GatewayPassword, &origSettings->GatewayPassword))
176 if (!utils_sync_credentials(origSettings, FALSE))
179 if (!utils_copy_smartcard_settings(settings, origSettings))
185auth_status utils_authenticate(freerdp* instance, rdp_auth_reason reason, BOOL
override)
187 rdpSettings* settings =
nullptr;
188 rdpSettings* origSettings =
nullptr;
189 BOOL prompt = !
override;
192 WINPR_ASSERT(instance);
193 WINPR_ASSERT(instance->context);
194 WINPR_ASSERT(instance->context->settings);
195 WINPR_ASSERT(instance->context->rdp);
196 WINPR_ASSERT(instance->context->rdp->originalSettings);
198 settings = instance->context->settings;
199 origSettings = instance->context->rdp->originalSettings;
201 if (freerdp_shall_disconnect_context(instance->context))
204 if (settings->ConnectChildSession)
205 return AUTH_NO_CREDENTIALS;
209 (settings->Password ==
nullptr && settings->RedirectionPassword ==
nullptr))
212 const BOOL skip = utils_auth_skip(instance, reason, FALSE);
220 if (settings->SmartcardLogon)
222 if (!utils_str_is_empty(settings->Password))
224 WLog_INFO(TAG,
"Authentication via smartcard");
227 reason = AUTH_SMARTCARD_PIN;
231 if (settings->SmartcardLogon)
232 reason = AUTH_SMARTCARD_PIN;
239#if !defined(WITHOUT_FREERDP_3x_DEPRECATED)
240 WINPR_PRAGMA_DIAG_PUSH
241 WINPR_PRAGMA_DIAG_IGNORED_DEPRECATED_DECL
245#if defined(WITHOUT_FREERDP_3x_DEPRECATED)
246 if (!instance->AuthenticateEx)
247 return AUTH_NO_CREDENTIALS;
249 if (!instance->Authenticate && !instance->AuthenticateEx)
250 return AUTH_NO_CREDENTIALS;
251 if (!instance->Authenticate)
254 proceed = instance->AuthenticateEx(instance, &settings->Username, &settings->Password,
255 &settings->Domain, reason);
257 return AUTH_CANCELLED;
259#if !defined(WITHOUT_FREERDP_3x_DEPRECATED)
262 proceed = instance->Authenticate(instance, &settings->Username, &settings->Password,
265 return AUTH_NO_CREDENTIALS;
269#if !defined(WITHOUT_FREERDP_3x_DEPRECATED)
270 WINPR_PRAGMA_DIAG_POP
273 if (utils_str_is_empty(settings->Username) || utils_str_is_empty(settings->Password))
274 return AUTH_NO_CREDENTIALS;
276 if (!utils_sync_credentials(settings, TRUE))
280 if (!utils_str_copy(settings->Username, &origSettings->Username))
282 if (!utils_str_copy(settings->Domain, &origSettings->Domain))
284 if (!utils_str_copy(settings->Password, &origSettings->Password))
286 if (!utils_sync_credentials(origSettings, TRUE))
289 if (!utils_copy_smartcard_settings(settings, origSettings))
295BOOL utils_sync_credentials(rdpSettings* settings, BOOL toGateway)
297 WINPR_ASSERT(settings);
298 if (!settings->GatewayUseSameCredentials)
303 if (!utils_str_copy(settings->Username, &settings->GatewayUsername))
305 if (!utils_str_copy(settings->Domain, &settings->GatewayDomain))
307 if (!utils_str_copy(settings->Password, &settings->GatewayPassword))
312 if (!utils_str_copy(settings->GatewayUsername, &settings->Username))
314 if (!utils_str_copy(settings->GatewayDomain, &settings->Domain))
316 if (!utils_str_copy(settings->GatewayPassword, &settings->Password))
322BOOL utils_persist_credentials(rdpSettings* settings,
const rdpSettings* current)
324 if (!settings || !current)
327 const SSIZE_T keys[] = { FreeRDP_GatewayUsername, FreeRDP_GatewayDomain,
328 FreeRDP_GatewayPassword, FreeRDP_Username,
329 FreeRDP_Domain, FreeRDP_Password };
331 for (
size_t x = 0; x < ARRAYSIZE(keys); x++)
333 const SSIZE_T key = keys[x];
336 WLog_ERR(TAG,
"Failed to copy %s from current to backup settings",
345BOOL utils_str_is_empty(
const char* str)
354BOOL utils_abort_connect(rdpRdp* rdp)
359 return SetEvent(rdp->abortEvent);
362BOOL utils_reset_abort(rdpRdp* rdp)
366 return ResetEvent(rdp->abortEvent);
369HANDLE utils_get_abort_event(rdpRdp* rdp)
372 return rdp->abortEvent;
375BOOL utils_abort_event_is_set(
const rdpRdp* rdp)
379 status = WaitForSingleObject(rdp->abortEvent, 0);
380 return status == WAIT_OBJECT_0;
383const char* utils_is_vsock(
const char* hostname)
388 const char vsock[8] = {
'v',
's',
'o',
'c',
'k',
':',
'/',
'/' };
389 if (strncmp(hostname, vsock,
sizeof(vsock)) == 0)
390 return &hostname[
sizeof(vsock)];
394static BOOL remove_rdpdr_type(rdpSettings* settings, UINT32 type)
400 printer = freerdp_device_collection_find_type(settings, type);
406 freerdp_device_free(printer);
411static BOOL disable_clipboard(rdpSettings* settings)
415 freerdp_static_channel_collection_del(settings, CLIPRDR_SVC_CHANNEL_NAME);
419static BOOL disable_drive(rdpSettings* settings)
426 return remove_rdpdr_type(settings, RDPDR_DTYP_FILESYSTEM);
429static BOOL disable_printers(rdpSettings* settings)
434 return remove_rdpdr_type(settings, RDPDR_DTYP_PRINT);
437static BOOL disable_port(rdpSettings* settings)
443 if (!remove_rdpdr_type(settings, RDPDR_DTYP_SERIAL))
445 return remove_rdpdr_type(settings, RDPDR_DTYP_PARALLEL);
448static BOOL disable_pnp(WINPR_ATTR_UNUSED rdpSettings* settings)
454static BOOL apply_gw_policy(rdpContext* context)
456 WINPR_ASSERT(context);
457 return utils_reload_channels(context);
460BOOL utils_apply_gateway_policy(wLog* log, rdpContext* context, UINT32 flags,
const char* module)
463 WINPR_ASSERT(context);
465 rdpSettings* settings = context->settings;
466 WINPR_ASSERT(settings);
468 if (flags & HTTP_TUNNEL_REDIR_ENABLE_ALL)
470 WLog_Print(log, WLOG_DEBUG,
"[%s] policy allows all redirections", module);
474 char buffer[128] = WINPR_C_ARRAY_INIT;
475 WLog_Print(log, WLOG_INFO,
"[%s] policy ignored on user request %s", module,
476 utils_redir_flags_to_string(flags, buffer,
sizeof(buffer)));
478 else if (flags & HTTP_TUNNEL_REDIR_DISABLE_ALL)
480 WLog_Print(log, WLOG_INFO,
"[%s] policy denies all redirections", module);
481 if (!disable_drive(settings))
483 if (!disable_printers(settings))
485 if (!disable_clipboard(settings))
487 if (!disable_port(settings))
489 if (!disable_pnp(settings))
491 if (!apply_gw_policy(context))
496 if (flags & HTTP_TUNNEL_REDIR_DISABLE_DRIVE)
498 WLog_Print(log, WLOG_INFO,
"[%s] policy denies drive redirections", module);
499 if (!disable_drive(settings))
502 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PRINTER)
504 WLog_Print(log, WLOG_INFO,
"[%s] policy denies printer redirections", module);
505 if (!disable_printers(settings))
508 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PORT)
510 WLog_Print(log, WLOG_INFO,
"[%s] policy denies port redirections", module);
511 if (!disable_port(settings))
514 if (flags & HTTP_TUNNEL_REDIR_DISABLE_CLIPBOARD)
516 WLog_Print(log, WLOG_INFO,
"[%s] policy denies clipboard redirections", module);
517 if (!disable_clipboard(settings))
520 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PNP)
522 WLog_Print(log, WLOG_INFO,
"[%s] policy denies PNP redirections", module);
523 if (!disable_pnp(settings))
528 if (!apply_gw_policy(context))
535char* utils_redir_flags_to_string(UINT32 flags,
char* buffer,
size_t size)
537 winpr_str_append(
"{", buffer, size,
"");
538 if (flags & HTTP_TUNNEL_REDIR_ENABLE_ALL)
539 winpr_str_append(
"ENABLE_ALL", buffer, size,
"|");
540 if (flags & HTTP_TUNNEL_REDIR_DISABLE_ALL)
541 winpr_str_append(
"DISABLE_ALL", buffer, size,
"|");
542 if (flags & HTTP_TUNNEL_REDIR_DISABLE_DRIVE)
543 winpr_str_append(
"DISABLE_DRIVE", buffer, size,
"|");
544 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PRINTER)
545 winpr_str_append(
"DISABLE_PRINTER", buffer, size,
"|");
546 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PORT)
547 winpr_str_append(
"DISABLE_PORT", buffer, size,
"|");
548 if (flags & HTTP_TUNNEL_REDIR_DISABLE_CLIPBOARD)
549 winpr_str_append(
"DISABLE_CLIPBOARD", buffer, size,
"|");
550 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PNP)
551 winpr_str_append(
"DISABLE_PNP", buffer, size,
"|");
553 char fbuffer[16] = WINPR_C_ARRAY_INIT;
554 (void)_snprintf(fbuffer,
sizeof(fbuffer),
"[0x%08" PRIx32
"]", flags);
556 winpr_str_append(fbuffer, buffer, size,
" ");
557 winpr_str_append(
"{", buffer, size,
"}");
561BOOL utils_reload_channels(rdpContext* context)
563 WINPR_ASSERT(context);
565 if (context->channels)
567 freerdp_channels_disconnect(context->channels, context->instance);
568 freerdp_channels_close(context->channels, context->instance);
569 freerdp_channels_free(context->channels);
572 context->channels = freerdp_channels_new(context->instance);
573 if (!context->channels)
576 freerdp_channels_register_instance(context->channels, context->instance);
579 IFCALLRET(context->instance->LoadChannels, rc, context->instance);
581 return freerdp_channels_pre_connect(context->channels, context->instance) == CHANNEL_RC_OK;
585const char* guid2str(
const GUID* guid,
char* buffer,
size_t len)
589 RPC_CSTR strguid =
nullptr;
591 RPC_STATUS rpcStatus = UuidToStringA(guid, &strguid);
593 if (rpcStatus != RPC_S_OK)
596 (void)sprintf_s(buffer, len,
"%s", strguid);
597 RpcStringFreeA(&strguid);
WINPR_ATTR_NODISCARD FREERDP_API const char * freerdp_settings_get_string(const rdpSettings *settings, FreeRDP_Settings_Keys_String id)
Returns a immutable string settings value.
WINPR_ATTR_NODISCARD FREERDP_API BOOL freerdp_settings_set_bool(rdpSettings *settings, FreeRDP_Settings_Keys_Bool id, BOOL val)
Sets a BOOL settings value.
WINPR_ATTR_NODISCARD FREERDP_API BOOL freerdp_settings_copy_item(rdpSettings *dst, const rdpSettings *src, SSIZE_T id)
copies one setting identified by id from src to dst
WINPR_ATTR_NODISCARD FREERDP_API BOOL freerdp_device_collection_del(rdpSettings *settings, const RDPDR_DEVICE *device)
Removed a device from the settings, returns ownership of the allocated device to caller.
WINPR_ATTR_NODISCARD FREERDP_API BOOL freerdp_settings_get_bool(const rdpSettings *settings, FreeRDP_Settings_Keys_Bool id)
Returns a boolean settings value.
WINPR_ATTR_NODISCARD FREERDP_API const char * freerdp_settings_get_name_for_key(SSIZE_T key)
Returns the type name for a key.