21#include <freerdp/config.h>
25#include <winpr/assert.h>
27#include <freerdp/freerdp.h>
28#include <freerdp/channels/cliprdr.h>
29#include <freerdp/channels/rdpdr.h>
31#include <freerdp/log.h>
32#define TAG FREERDP_TAG("core.gateway.utils")
36#include "../core/rdp.h"
38BOOL utils_str_copy(
const char* value,
char** dst)
47 (*dst) = _strdup(value);
48 return (*dst) != NULL;
51static BOOL utils_copy_smartcard_settings(
const rdpSettings* settings, rdpSettings* origSettings)
54 origSettings->SmartcardLogon = settings->SmartcardLogon;
55 origSettings->PasswordIsSmartcardPin = settings->PasswordIsSmartcardPin;
56 if (!utils_str_copy(settings->ReaderName, &origSettings->ReaderName))
58 if (!utils_str_copy(settings->CspName, &origSettings->CspName))
60 if (!utils_str_copy(settings->ContainerName, &origSettings->ContainerName))
66auth_status utils_authenticate_gateway(freerdp* instance, rdp_auth_reason reason)
68 rdpSettings* settings = NULL;
69 rdpSettings* origSettings = NULL;
73 WINPR_ASSERT(instance);
74 WINPR_ASSERT(instance->context);
75 WINPR_ASSERT(instance->context->settings);
76 WINPR_ASSERT(instance->context->rdp);
77 WINPR_ASSERT(instance->context->rdp->originalSettings);
79 settings = instance->context->settings;
80 origSettings = instance->context->rdp->originalSettings;
82 if (freerdp_shall_disconnect_context(instance->context))
93 if (!instance->GatewayAuthenticate && !instance->AuthenticateEx)
94 return AUTH_NO_CREDENTIALS;
96 if (!instance->GatewayAuthenticate)
99 instance->AuthenticateEx(instance, &settings->GatewayUsername,
100 &settings->GatewayPassword, &settings->GatewayDomain, reason);
102 return AUTH_CANCELLED;
107 instance->GatewayAuthenticate(instance, &settings->GatewayUsername,
108 &settings->GatewayPassword, &settings->GatewayDomain);
110 return AUTH_CANCELLED;
113 if (utils_str_is_empty(settings->GatewayUsername) ||
114 utils_str_is_empty(settings->GatewayPassword))
115 return AUTH_NO_CREDENTIALS;
117 if (!utils_sync_credentials(settings, FALSE))
121 if (!utils_str_copy(settings->GatewayUsername, &origSettings->GatewayUsername))
123 if (!utils_str_copy(settings->GatewayDomain, &origSettings->GatewayDomain))
125 if (!utils_str_copy(settings->GatewayPassword, &origSettings->GatewayPassword))
127 if (!utils_sync_credentials(origSettings, FALSE))
130 if (!utils_copy_smartcard_settings(settings, origSettings))
136auth_status utils_authenticate(freerdp* instance, rdp_auth_reason reason, BOOL
override)
138 rdpSettings* settings = NULL;
139 rdpSettings* origSettings = NULL;
140 BOOL prompt = !
override;
143 WINPR_ASSERT(instance);
144 WINPR_ASSERT(instance->context);
145 WINPR_ASSERT(instance->context->settings);
146 WINPR_ASSERT(instance->context->rdp);
147 WINPR_ASSERT(instance->context->rdp->originalSettings);
149 settings = instance->context->settings;
150 origSettings = instance->context->rdp->originalSettings;
152 if (freerdp_shall_disconnect_context(instance->context))
155 if (settings->ConnectChildSession)
156 return AUTH_NO_CREDENTIALS;
160 (settings->Password == NULL && settings->RedirectionPassword == NULL))
170 if (settings->SmartcardLogon)
172 if (!utils_str_is_empty(settings->Password))
174 WLog_INFO(TAG,
"Authentication via smartcard");
177 reason = AUTH_SMARTCARD_PIN;
181 if (settings->SmartcardLogon)
182 reason = AUTH_SMARTCARD_PIN;
190 if (!instance->Authenticate && !instance->AuthenticateEx)
191 return AUTH_NO_CREDENTIALS;
193 if (!instance->Authenticate)
195 proceed = instance->AuthenticateEx(instance, &settings->Username, &settings->Password,
196 &settings->Domain, reason);
198 return AUTH_CANCELLED;
202 proceed = instance->Authenticate(instance, &settings->Username, &settings->Password,
205 return AUTH_NO_CREDENTIALS;
208 if (utils_str_is_empty(settings->Username) || utils_str_is_empty(settings->Password))
209 return AUTH_NO_CREDENTIALS;
211 if (!utils_sync_credentials(settings, TRUE))
215 if (!utils_str_copy(settings->Username, &origSettings->Username))
217 if (!utils_str_copy(settings->Domain, &origSettings->Domain))
219 if (!utils_str_copy(settings->Password, &origSettings->Password))
221 if (!utils_sync_credentials(origSettings, TRUE))
224 if (!utils_copy_smartcard_settings(settings, origSettings))
230BOOL utils_sync_credentials(rdpSettings* settings, BOOL toGateway)
232 WINPR_ASSERT(settings);
233 if (!settings->GatewayUseSameCredentials)
238 if (!utils_str_copy(settings->Username, &settings->GatewayUsername))
240 if (!utils_str_copy(settings->Domain, &settings->GatewayDomain))
242 if (!utils_str_copy(settings->Password, &settings->GatewayPassword))
247 if (!utils_str_copy(settings->GatewayUsername, &settings->Username))
249 if (!utils_str_copy(settings->GatewayDomain, &settings->Domain))
251 if (!utils_str_copy(settings->GatewayPassword, &settings->Password))
257BOOL utils_persist_credentials(rdpSettings* settings,
const rdpSettings* current)
259 if (!settings || !current)
262 const SSIZE_T keys[] = { FreeRDP_GatewayUsername, FreeRDP_GatewayDomain,
263 FreeRDP_GatewayPassword, FreeRDP_Username,
264 FreeRDP_Domain, FreeRDP_Password };
266 for (
size_t x = 0; x < ARRAYSIZE(keys); x++)
268 const SSIZE_T key = keys[x];
271 WLog_ERR(TAG,
"Failed to copy %s from current to backup settings",
280BOOL utils_str_is_empty(
const char* str)
289BOOL utils_abort_connect(rdpRdp* rdp)
294 return SetEvent(rdp->abortEvent);
297BOOL utils_reset_abort(rdpRdp* rdp)
301 return ResetEvent(rdp->abortEvent);
304HANDLE utils_get_abort_event(rdpRdp* rdp)
307 return rdp->abortEvent;
310BOOL utils_abort_event_is_set(
const rdpRdp* rdp)
314 status = WaitForSingleObject(rdp->abortEvent, 0);
315 return status == WAIT_OBJECT_0;
318const char* utils_is_vsock(
const char* hostname)
323 const char vsock[8] =
"vsock://";
324 if (strncmp(hostname, vsock,
sizeof(vsock)) == 0)
325 return &hostname[
sizeof(vsock)];
329static BOOL remove_rdpdr_type(rdpSettings* settings, UINT32 type)
334 printer = freerdp_device_collection_find_type(settings, type);
336 freerdp_device_free(printer);
341static BOOL disable_clipboard(rdpSettings* settings)
345 freerdp_static_channel_collection_del(settings, CLIPRDR_SVC_CHANNEL_NAME);
349static BOOL disable_drive(rdpSettings* settings)
356 return remove_rdpdr_type(settings, RDPDR_DTYP_FILESYSTEM);
359static BOOL disable_printers(rdpSettings* settings)
364 return remove_rdpdr_type(settings, RDPDR_DTYP_PRINT);
367static BOOL disable_port(rdpSettings* settings)
373 if (!remove_rdpdr_type(settings, RDPDR_DTYP_SERIAL))
375 return remove_rdpdr_type(settings, RDPDR_DTYP_PARALLEL);
378static BOOL disable_pnp(WINPR_ATTR_UNUSED rdpSettings* settings)
384static BOOL apply_gw_policy(rdpContext* context)
386 WINPR_ASSERT(context);
387 return utils_reload_channels(context);
390BOOL utils_apply_gateway_policy(wLog* log, rdpContext* context, UINT32 flags,
const char* module)
393 WINPR_ASSERT(context);
395 rdpSettings* settings = context->settings;
396 WINPR_ASSERT(settings);
398 if (flags & HTTP_TUNNEL_REDIR_ENABLE_ALL)
400 WLog_Print(log, WLOG_DEBUG,
"[%s] policy allows all redirections", module);
404 char buffer[128] = { 0 };
405 WLog_Print(log, WLOG_INFO,
"[%s] policy ignored on user request %s", module,
406 utils_redir_flags_to_string(flags, buffer,
sizeof(buffer)));
408 else if (flags & HTTP_TUNNEL_REDIR_DISABLE_ALL)
410 WLog_Print(log, WLOG_INFO,
"[%s] policy denies all redirections", module);
411 if (!disable_drive(settings))
413 if (!disable_printers(settings))
415 if (!disable_clipboard(settings))
417 if (!disable_port(settings))
419 if (!disable_pnp(settings))
421 if (!apply_gw_policy(context))
426 if (flags & HTTP_TUNNEL_REDIR_DISABLE_DRIVE)
428 WLog_Print(log, WLOG_INFO,
"[%s] policy denies drive redirections", module);
429 if (!disable_drive(settings))
432 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PRINTER)
434 WLog_Print(log, WLOG_INFO,
"[%s] policy denies printer redirections", module);
435 if (!disable_printers(settings))
438 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PORT)
440 WLog_Print(log, WLOG_INFO,
"[%s] policy denies port redirections", module);
441 if (!disable_port(settings))
444 if (flags & HTTP_TUNNEL_REDIR_DISABLE_CLIPBOARD)
446 WLog_Print(log, WLOG_INFO,
"[%s] policy denies clipboard redirections", module);
447 if (!disable_clipboard(settings))
450 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PNP)
452 WLog_Print(log, WLOG_INFO,
"[%s] policy denies PNP redirections", module);
453 if (!disable_pnp(settings))
458 if (!apply_gw_policy(context))
465char* utils_redir_flags_to_string(UINT32 flags,
char* buffer,
size_t size)
467 winpr_str_append(
"{", buffer, size,
"");
468 if (flags & HTTP_TUNNEL_REDIR_ENABLE_ALL)
469 winpr_str_append(
"ENABLE_ALL", buffer, size,
"|");
470 if (flags & HTTP_TUNNEL_REDIR_DISABLE_ALL)
471 winpr_str_append(
"DISABLE_ALL", buffer, size,
"|");
472 if (flags & HTTP_TUNNEL_REDIR_DISABLE_DRIVE)
473 winpr_str_append(
"DISABLE_DRIVE", buffer, size,
"|");
474 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PRINTER)
475 winpr_str_append(
"DISABLE_PRINTER", buffer, size,
"|");
476 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PORT)
477 winpr_str_append(
"DISABLE_PORT", buffer, size,
"|");
478 if (flags & HTTP_TUNNEL_REDIR_DISABLE_CLIPBOARD)
479 winpr_str_append(
"DISABLE_CLIPBOARD", buffer, size,
"|");
480 if (flags & HTTP_TUNNEL_REDIR_DISABLE_PNP)
481 winpr_str_append(
"DISABLE_PNP", buffer, size,
"|");
483 char fbuffer[16] = { 0 };
484 (void)_snprintf(fbuffer,
sizeof(fbuffer),
"[0x%08" PRIx32
"]", flags);
486 winpr_str_append(fbuffer, buffer, size,
" ");
487 winpr_str_append(
"{", buffer, size,
"}");
491BOOL utils_reload_channels(rdpContext* context)
493 WINPR_ASSERT(context);
495 freerdp_channels_disconnect(context->channels, context->instance);
496 freerdp_channels_close(context->channels, context->instance);
497 freerdp_channels_free(context->channels);
498 context->channels = freerdp_channels_new(context->instance);
499 WINPR_ASSERT(context->channels);
500 freerdp_channels_register_instance(context->channels, context->instance);
503 IFCALLRET(context->instance->LoadChannels, rc, context->instance);
505 return freerdp_channels_pre_connect(context->channels, context->instance) == CHANNEL_RC_OK;
FREERDP_API BOOL freerdp_settings_get_bool(const rdpSettings *settings, FreeRDP_Settings_Keys_Bool id)
Returns a boolean settings value.
FREERDP_API BOOL freerdp_settings_copy_item(rdpSettings *dst, const rdpSettings *src, SSIZE_T id)
copies one setting identified by id from src to dst
FREERDP_API BOOL freerdp_device_collection_del(rdpSettings *settings, const RDPDR_DEVICE *device)
Removed a device from the settings, returns ownership of the allocated device to caller.
FREERDP_API const char * freerdp_settings_get_name_for_key(SSIZE_T key)
Returns the type name for a key.
FREERDP_API const char * freerdp_settings_get_string(const rdpSettings *settings, FreeRDP_Settings_Keys_String id)
Returns a immutable string settings value.
FREERDP_API BOOL freerdp_settings_set_bool(rdpSettings *settings, FreeRDP_Settings_Keys_Bool id, BOOL param)
Sets a BOOL settings value.