Skip to content

Commit

Permalink
Merge pull request FreeRDP#3791 from akallabeth/kerberos
Browse files Browse the repository at this point in the history 
Kerberos (Rebased FreeRDP#3417)
  • Loading branch information
@akallabeth
akallabeth authored Feb 23, 2017
2 parents a443694 + b905e0c commit 7ce1dd0
Show file tree
Hide file tree
Showing 11 changed files with 302 additions and 99 deletions.
5 changes: 5 additions & 0 deletions CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -656,6 +656,10 @@ set(OPENH264_FEATURE_TYPE "OPTIONAL")
set(OPENH264_FEATURE_PURPOSE "codec")
set(OPENH264_FEATURE_DESCRIPTION "use OpenH264 library")

set(KRB5_FEATURE_TYPE "OPTIONAL")
set(KRB5_FEATURE_PURPOSE "auth")
set(KRB5_FEATURE_DESCRIPTION "add kerberos support")

set(GSM_FEATURE_TYPE "OPTIONAL")
set(GSM_FEATURE_PURPOSE "codec")
set(GSM_FEATURE_DESCRIPTION "GSM audio codec library")
Expand Down Expand Up @@ -753,6 +757,7 @@ find_feature(JPEG ${JPEG_FEATURE_TYPE} ${JPEG_FEATURE_PURPOSE} ${JPEG_FEATURE_DE
find_feature(x264 ${X264_FEATURE_TYPE} ${X264_FEATURE_PURPOSE} ${X264_FEATURE_DESCRIPTION})
find_feature(OpenH264 ${OPENH264_FEATURE_TYPE} ${OPENH264_FEATURE_PURPOSE} ${OPENH264_FEATURE_DESCRIPTION})
find_feature(GSM ${GSM_FEATURE_TYPE} ${GSM_FEATURE_PURPOSE} ${GSM_FEATURE_DESCRIPTION})
find_feature(KRB5 ${KRB5_FEATURE_TYPE} ${KRB5_FEATURE_PURPOSE} ${KRB5_FEATURE_DESCRIPTION})

if(TARGET_ARCH MATCHES "x86|x64")
if (NOT APPLE)
Expand Down
1 change: 1 addition & 0 deletions ci/cmake-preloads/config-debian-squeeze.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ message("PRELOADING cache")
set (WITH_MANPAGES OFF CACHE BOOL "man pages")
set (CMAKE_BUILD_TYPE "Debug" CACHE STRING "build type")
set (WITH_CUPS OFF CACHE BOOL "CUPS printing")
set (WITH_KRB5 ON CACHE BOOL "Kerberos support")
set (WITH_ALSA OFF CACHE BOOL "alsa audio")
set (WITH_FFMPEG OFF CACHE BOOL "ffmepg support")
set (WITH_XV OFF CACHE BOOL "xvideo support")
Expand Down
1 change: 1 addition & 0 deletions ci/cmake-preloads/config-linux-all.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ set (WITH_PULSE ON CACHE BOOL "pulse")
set (WITH_CHANNELS ON CACHE BOOL "channels")
set (BUILTIN_CHANNELS ON CACHE BOOL "static channels")
set (WITH_CUPS ON CACHE BOOL "cups")
set (WITH_KRB5 ON CACHE BOOL "Kerberos support")
set (WITH_PCSC ON CACHE BOOL "PCSC")
set (WITH_JPEG ON CACHE BOOL "jepg")
set (WITH_GSTREAMER_0_10 ON CACHE BOOL "gstreamer")
Expand Down
1 change: 1 addition & 0 deletions ci/cmake-preloads/config-ubuntu-1204.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ message("PRELOADING cache")
set (WITH_MANPAGES OFF CACHE BOOL "man pages")
set (CMAKE_BUILD_TYPE "Debug" CACHE STRING "build type")
set (WITH_CUPS OFF CACHE BOOL "CUPS printing")
set (WITH_KRB5 ON CACHE BOOL "Kerberos support")
set (WITH_ALSA OFF CACHE BOOL "alsa audio")
set (WITH_FFMPEG OFF CACHE BOOL "ffmepg support")
set (WITH_XV OFF CACHE BOOL "xvideo support")
Expand Down
28 changes: 28 additions & 0 deletions cmake/FindKRB5.cmake
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# - Try to find krb5
# Once done this will define
# KRB5_FOUND - pcsc was found
# KRB5_INCLUDE_DIRS - pcsc include directories
# KRB5_LIBRARIES - libraries needed for linking

include(FindPkgConfig)

if(PKG_CONFIG_FOUND)
pkg_check_modules(PC_KRB5 QUIET libkrb5)
endif()

find_path(KRB5_INCLUDE_DIR krb5.h
HINTS ${PC_KRB5_INCLUDEDIR} ${PC_KRB5_INCLUDE_DIRS}
PATH_SUFFIXES KRB5)

find_library(KRB5_LIBRARY NAMES krb5
HINTS ${PC_KRB5_LIBDIR} ${PC_KRB5_LIBRARY_DIRS})

include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(KRB5 DEFAULT_MSG KRB5_LIBRARY KRB5_INCLUDE_DIR)

set(KRB5_LIBRARIES ${KRB5_LIBRARY})
set(KRB5_INCLUDE_DIRS ${KRB5_INCLUDE_DIR})

mark_as_advanced(KRB5_INCLUDE_DIR KRB5_LIBRARY)


2 changes: 1 addition & 1 deletion config.h.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@
/* Plugins */
#cmakedefine BUILTIN_CHANNELS
#cmakedefine WITH_RDPDR

#cmakedefine WITH_KRB5

/* Debug */
#cmakedefine WITH_DEBUG_CERTIFICATE
Expand Down
43 changes: 30 additions & 13 deletions include/freerdp/error.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,6 +238,11 @@ FREERDP_API const char* freerdp_get_error_base_name(UINT32 code);
#define ERRCONNECT_CONNECT_CANCELLED 0x0000000B
#define ERRCONNECT_SECURITY_NEGO_CONNECT_FAILED 0x0000000C
#define ERRCONNECT_CONNECT_TRANSPORT_FAILED 0x0000000D
#define ERRCONNECT_PASSWORD_EXPIRED 0x0000000E
/* For non-domain workstation where we can't contact a kerberos server */
#define ERRCONNECT_PASSWORD_CERTAINLY_EXPIRED 0x0000000F
#define ERRCONNECT_CLIENT_REVOKED 0x00000010
#define ERRCONNECT_KDC_UNREACHABLE 0x00000011

#define ERRCONNECT_SUCCESS ERRINFO_SUCCESS
#define ERRCONNECT_NONE ERRINFO_NONE
Expand All @@ -248,43 +253,55 @@ FREERDP_API const char* freerdp_get_error_connect_name(UINT32 code);
#define FREERDP_ERROR_CONNECT_CLASS (FREERDP_ERROR_BASE + 2)

#define FREERDP_ERROR_PRE_CONNECT_FAILED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_PRE_CONNECT_FAILED)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_PRE_CONNECT_FAILED)

#define FREERDP_ERROR_CONNECT_UNDEFINED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_CONNECT_UNDEFINED)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_CONNECT_UNDEFINED)

#define FREERDP_ERROR_POST_CONNECT_FAILED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_POST_CONNECT_FAILED)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_POST_CONNECT_FAILED)

#define FREERDP_ERROR_DNS_ERROR \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_DNS_ERROR)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_DNS_ERROR)

#define FREERDP_ERROR_DNS_NAME_NOT_FOUND \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_DNS_NAME_NOT_FOUND)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_DNS_NAME_NOT_FOUND)

#define FREERDP_ERROR_CONNECT_FAILED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_CONNECT_FAILED)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_CONNECT_FAILED)

#define FREERDP_ERROR_MCS_CONNECT_INITIAL_ERROR \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_MCS_CONNECT_INITIAL_ERROR)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_MCS_CONNECT_INITIAL_ERROR)

#define FREERDP_ERROR_TLS_CONNECT_FAILED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_TLS_CONNECT_FAILED)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_TLS_CONNECT_FAILED)

#define FREERDP_ERROR_AUTHENTICATION_FAILED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_AUTHENTICATION_FAILED)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_AUTHENTICATION_FAILED)

#define FREERDP_ERROR_INSUFFICIENT_PRIVILEGES \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_INSUFFICIENT_PRIVILEGES)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_INSUFFICIENT_PRIVILEGES)

#define FREERDP_ERROR_CONNECT_CANCELLED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_CONNECT_CANCELLED)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_CONNECT_CANCELLED)

#define FREERDP_ERROR_SECURITY_NEGO_CONNECT_FAILED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_SECURITY_NEGO_CONNECT_FAILED)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_SECURITY_NEGO_CONNECT_FAILED)

#define FREERDP_ERROR_CONNECT_TRANSPORT_FAILED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_CONNECT_TRANSPORT_FAILED)
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_CONNECT_TRANSPORT_FAILED)

#define FREERDP_ERROR_CONNECT_PASSWORD_EXPIRED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_PASSWORD_EXPIRED)

#define FREERDP_ERROR_CONNECT_PASSWORD_CERTAINLY_EXPIRED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_PASSWORD_CERTAINLY_EXPIRED)

#define FREERDP_ERROR_CONNECT_CLIENT_REVOKED \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_CLIENT_REVOKED)

#define FREERDP_ERROR_CONNECT_KDC_UNREACHABLE \
MAKE_FREERDP_ERROR(CONNECT, ERRCONNECT_KDC_UNREACHABLE)

#ifdef __cplusplus
}
Expand Down
5 changes: 5 additions & 0 deletions libfreerdp/core/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ set(MODULE_PREFIX "FREERDP_CORE")
freerdp_definition_add(-DEXT_PATH="${FREERDP_EXTENSION_PATH}")

freerdp_include_directory_add(${OPENSSL_INCLUDE_DIR})
freerdp_include_directory_add(${KRB5_INCLUDE_DIRS})

set(${MODULE_PREFIX}_GATEWAY_DIR "gateway")

Expand Down Expand Up @@ -140,6 +141,10 @@ endif()

freerdp_library_add(${OPENSSL_LIBRARIES})

if (WITH_KRB5)
freerdp_library_add(${KRB5_LIBRARIES})
endif(WITH_KRB5)

if(BUILD_TESTING)
add_subdirectory(test)
endif()
78 changes: 46 additions & 32 deletions libfreerdp/core/errconnect.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,73 +35,88 @@
/* Protocol-independent codes */

#define ERRCONNECT_PRE_CONNECT_FAILED_STRING \
"A configuration error prevented a connection to be established."
"A configuration error prevented a connection to be established."

#define ERRCONNECT_CONNECT_UNDEFINED_STRING \
"A undefined connection error occurred."
"A undefined connection error occurred."

#define ERRCONNECT_POST_CONNECT_FAILED_STRING \
"The connection attempt was aborted due to post connect configuration errors."
"The connection attempt was aborted due to post connect configuration errors."

#define ERRCONNECT_DNS_ERROR_STRING \
"The DNS entry could not be resolved."
"The DNS entry could not be resolved."

#define ERRCONNECT_DNS_NAME_NOT_FOUND_STRING \
"The DNS host name was not found."
"The DNS host name was not found."

#define ERRCONNECT_CONNECT_FAILED_STRING \
"The connection failed."
"The connection failed."

#define ERRCONNECT_MCS_CONNECT_INITIAL_ERROR_STRING \
"The connection failed at initial MCS connect"
"The connection failed at initial MCS connect"

#define ERRCONNECT_TLS_CONNECT_FAILED_STRING \
"The connection failed at TLS connect."
"The connection failed at TLS connect."

#define ERRCONNECT_AUTHENTICATION_FAILED_STRING \
"An authentication failure aborted the connection."
"An authentication failure aborted the connection."

#define ERRCONNECT_INSUFFICIENT_PRIVILEGES_STRING \
"Insufficient privileges to establish a connection."
"Insufficient privileges to establish a connection."

#define ERRCONNECT_CONNECT_CANCELLED_STRING \
"The connection was cancelled."
"The connection was cancelled."

#define ERRCONNECT_SECURITY_NEGO_CONNECT_FAILED_STRING \
"The connection failed at negotiating security settings."
"The connection failed at negotiating security settings."

#define ERRCONNECT_CONNECT_TRANSPORT_FAILED_STRING \
"The connection transport layer failed."
"The connection transport layer failed."

#define ERRCONNECT_PASSWORD_EXPIRED_STRING \
"The password has expired and must be changed."

#define ERRCONNECT_PASSWORD_CERTAINLY_EXPIRED_STRING \
"The password has certainly expired and must be changed."

#define ERRCONNECT_CLIENT_REVOKED_STRING \
"The client has been revoked."

#define ERRCONNECT_KDC_UNREACHABLE_STRING \
"The KDC is unreachable."

/* Special codes */
#define ERRCONNECT_SUCCESS_STRING "Success."
#define ERRCONNECT_NONE_STRING ""

static const ERRINFO ERRCONNECT_CODES[] =
{
ERRCONNECT_DEFINE(SUCCESS),

ERRCONNECT_DEFINE(PRE_CONNECT_FAILED),
ERRCONNECT_DEFINE(CONNECT_UNDEFINED),
ERRCONNECT_DEFINE(POST_CONNECT_FAILED),
ERRCONNECT_DEFINE(DNS_ERROR),
ERRCONNECT_DEFINE(DNS_NAME_NOT_FOUND),
ERRCONNECT_DEFINE(CONNECT_FAILED),
ERRCONNECT_DEFINE(MCS_CONNECT_INITIAL_ERROR),
ERRCONNECT_DEFINE(TLS_CONNECT_FAILED),
ERRCONNECT_DEFINE(AUTHENTICATION_FAILED),
ERRCONNECT_DEFINE(INSUFFICIENT_PRIVILEGES),
ERRCONNECT_DEFINE(CONNECT_CANCELLED),
ERRCONNECT_DEFINE(SECURITY_NEGO_CONNECT_FAILED),
ERRCONNECT_DEFINE(CONNECT_TRANSPORT_FAILED),

ERRCONNECT_DEFINE(NONE)
ERRCONNECT_DEFINE(SUCCESS),

ERRCONNECT_DEFINE(PRE_CONNECT_FAILED),
ERRCONNECT_DEFINE(CONNECT_UNDEFINED),
ERRCONNECT_DEFINE(POST_CONNECT_FAILED),
ERRCONNECT_DEFINE(DNS_ERROR),
ERRCONNECT_DEFINE(DNS_NAME_NOT_FOUND),
ERRCONNECT_DEFINE(CONNECT_FAILED),
ERRCONNECT_DEFINE(MCS_CONNECT_INITIAL_ERROR),
ERRCONNECT_DEFINE(TLS_CONNECT_FAILED),
ERRCONNECT_DEFINE(AUTHENTICATION_FAILED),
ERRCONNECT_DEFINE(INSUFFICIENT_PRIVILEGES),
ERRCONNECT_DEFINE(CONNECT_CANCELLED),
ERRCONNECT_DEFINE(SECURITY_NEGO_CONNECT_FAILED),
ERRCONNECT_DEFINE(CONNECT_TRANSPORT_FAILED),
ERRCONNECT_DEFINE(PASSWORD_EXPIRED),
ERRCONNECT_DEFINE(PASSWORD_CERTAINLY_EXPIRED),
ERRCONNECT_DEFINE(CLIENT_REVOKED),
ERRCONNECT_DEFINE(KDC_UNREACHABLE),

ERRCONNECT_DEFINE(NONE)
};

const char* freerdp_get_error_connect_string(UINT32 code)
{
const ERRINFO* errInfo;

errInfo = &ERRCONNECT_CODES[0];

while (errInfo->code != ERRCONNECT_NONE)
Expand All @@ -120,7 +135,6 @@ const char* freerdp_get_error_connect_string(UINT32 code)
const char* freerdp_get_error_connect_name(UINT32 code)
{
const ERRINFO* errInfo;

errInfo = &ERRCONNECT_CODES[0];

while (errInfo->code != ERRCONNECT_NONE)
Expand Down
Loading

0 comments on commit 7ce1dd0

Please sign in to comment.