Skip to content

Commit

Permalink
Merge pull request FreeRDP#2919 from realjiangms/fix_allow_empty_pass…
Browse files Browse the repository at this point in the history 
…word

Sec/NLA: Support passwordless (blank password) login with NLA.
  • Loading branch information
@awakecoding
awakecoding committed Oct 13, 2015
2 parents 91663df + a7f4685 commit 863939f
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 3 deletions.
27 changes: 26 additions & 1 deletion libfreerdp/core/nla.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
#include <freerdp/crypto/tls.h>

#include <winpr/crt.h>
#include <winpr/sam.h>
#include <winpr/sspi.h>
#include <winpr/print.h>
#include <winpr/tchar.h>
Expand Down Expand Up @@ -144,18 +145,42 @@ int nla_client_init(rdpNla* nla)
BOOL PromptPassword = FALSE;
freerdp* instance = nla->instance;
rdpSettings* settings = nla->settings;
WINPR_SAM* sam;
WINPR_SAM_ENTRY* entry;

nla->state = NLA_STATE_INITIAL;

if (settings->RestrictedAdminModeRequired)
settings->DisableCredentialsDelegation = TRUE;

if ((!settings->Password) || (!settings->Username)
|| (!strlen(settings->Password)) || (!strlen(settings->Username)))
|| (!strlen(settings->Username)))
{
PromptPassword = TRUE;
}

if (PromptPassword && settings->Username && strlen(settings->Username))
{
sam = SamOpen(TRUE);

if (sam)
{
entry = SamLookupUserA(sam, settings->Username, strlen(settings->Username), NULL, 0);

if (entry)
{
/**
* The user could be found in SAM database.
* Use entry in SAM database later instead of prompt
*/
PromptPassword = FALSE;
SamFreeEntry(sam, entry);
}

SamClose(sam);
}
}

#ifndef _WIN32
if (PromptPassword)
{
Expand Down
2 changes: 1 addition & 1 deletion winpr/libwinpr/sspi/NTLM/ntlm_compute.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -298,7 +298,7 @@ int ntlm_compute_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
(BYTE*) hash);
}
else if (credentials->identity.PasswordLength > 0)
else if (credentials->identity.Password)
{
NTOWFv2W((LPWSTR) credentials->identity.Password, credentials->identity.PasswordLength * 2,
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
Expand Down
2 changes: 1 addition & 1 deletion winpr/libwinpr/sspi/sspi_winpr.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -442,7 +442,7 @@ int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDEN
if (identity->PasswordLength > 256)
identity->PasswordLength /= SSPI_CREDENTIALS_HASH_LENGTH_FACTOR;

if (identity->PasswordLength > 0)
if (srcIdentity->Password)
{
identity->Password = (UINT16*) malloc((identity->PasswordLength + 1) * sizeof(WCHAR));

Expand Down

0 comments on commit 863939f

Please sign in to comment.