if (!nego)
return NULL;
- return nego->transport->nla->identity;
+ return nla_get_identity(nego->transport->nla);
}
void nego_free_nla(rdpNego* nego)
#define TERMSRV_SPN_PREFIX "TERMSRV/"
+
+struct rdp_nla
+{
+ BOOL server;
+ NLA_STATE state;
+ int sendSeqNum;
+ int recvSeqNum;
+ freerdp* instance;
+ CtxtHandle context;
+ LPTSTR SspiModule;
+ char* SamFile;
+ rdpSettings* settings;
+ rdpTransport* transport;
+ UINT32 cbMaxToken;
+#if defined(UNICODE)
+ SEC_WCHAR* packageName;
+#else
+ SEC_CHAR* packageName;
+#endif
+ UINT32 version;
+ UINT32 peerVersion;
+ UINT32 errorCode;
+ ULONG fContextReq;
+ ULONG pfContextAttr;
+ BOOL haveContext;
+ BOOL haveInputBuffer;
+ BOOL havePubKeyAuth;
+ SECURITY_STATUS status;
+ CredHandle credentials;
+ TimeStamp expiration;
+ PSecPkgInfo pPackageInfo;
+ SecBuffer inputBuffer;
+ SecBuffer outputBuffer;
+ SecBufferDesc inputBufferDesc;
+ SecBufferDesc outputBufferDesc;
+ SecBuffer negoToken;
+ SecBuffer pubKeyAuth;
+ SecBuffer authInfo;
+ SecBuffer ClientNonce;
+ SecBuffer PublicKey;
+ SecBuffer tsCredentials;
+ LPTSTR ServicePrincipalName;
+ SEC_WINNT_AUTH_IDENTITY* identity;
+ PSecurityFunctionTable table;
+ SecPkgContext_Sizes ContextSizes;
+};
+
static BOOL nla_send(rdpNla* nla);
static int nla_recv(rdpNla* nla);
static void nla_buffer_print(rdpNla* nla);
nla_identity_free(nla->identity);
free(nla);
}
+
+SEC_WINNT_AUTH_IDENTITY* nla_get_identity(rdpNla* nla)
+{
+ if (!nla)
+ return NULL;
+
+ return nla->identity;
+}
+
+NLA_STATE nla_get_state(rdpNla* nla)
+{
+ if (!nla)
+ return NLA_STATE_FINAL;
+
+ return nla->state;
+}
+
+BOOL nla_set_state(rdpNla* nla, NLA_STATE state)
+{
+ if (!nla)
+ return FALSE;
+
+ nla->state = state;
+ return TRUE;
+}
+
+BOOL nla_set_service_principal(rdpNla* nla, LPSTR principal)
+{
+ if (!nla || !principal)
+ return FALSE;
+
+ nla->ServicePrincipalName = principal;
+ return TRUE;
+}
};
typedef enum _NLA_STATE NLA_STATE;
-struct rdp_nla
-{
- BOOL server;
- NLA_STATE state;
- int sendSeqNum;
- int recvSeqNum;
- freerdp* instance;
- CtxtHandle context;
- LPTSTR SspiModule;
- char* SamFile;
- rdpSettings* settings;
- rdpTransport* transport;
- UINT32 cbMaxToken;
-#if defined(UNICODE)
- SEC_WCHAR* packageName;
-#else
- SEC_CHAR* packageName;
-#endif
- UINT32 version;
- UINT32 peerVersion;
- UINT32 errorCode;
- ULONG fContextReq;
- ULONG pfContextAttr;
- BOOL haveContext;
- BOOL haveInputBuffer;
- BOOL havePubKeyAuth;
- SECURITY_STATUS status;
- CredHandle credentials;
- TimeStamp expiration;
- PSecPkgInfo pPackageInfo;
- SecBuffer inputBuffer;
- SecBuffer outputBuffer;
- SecBufferDesc inputBufferDesc;
- SecBufferDesc outputBufferDesc;
- SecBuffer negoToken;
- SecBuffer pubKeyAuth;
- SecBuffer authInfo;
- SecBuffer ClientNonce;
- SecBuffer PublicKey;
- SecBuffer tsCredentials;
- LPTSTR ServicePrincipalName;
- SEC_WINNT_AUTH_IDENTITY* identity;
- PSecurityFunctionTable table;
- SecPkgContext_Sizes ContextSizes;
-};
-
FREERDP_LOCAL int nla_authenticate(rdpNla* nla);
FREERDP_LOCAL LPTSTR nla_make_spn(const char* ServiceClass,
const char* hostname);
FREERDP_LOCAL int nla_client_begin(rdpNla* nla);
FREERDP_LOCAL int nla_recv_pdu(rdpNla* nla, wStream* s);
+FREERDP_LOCAL SEC_WINNT_AUTH_IDENTITY* nla_get_identity(rdpNla* nla);
+
+FREERDP_LOCAL NLA_STATE nla_get_state(rdpNla* nla);
+FREERDP_LOCAL BOOL nla_set_state(rdpNla* nla, NLA_STATE state);
+
+FREERDP_LOCAL BOOL nla_set_service_principal(rdpNla* nla, LPSTR principal);
+
FREERDP_LOCAL rdpNla* nla_new(freerdp* instance, rdpTransport* transport,
rdpSettings* settings);
FREERDP_LOCAL void nla_free(rdpNla* nla);
switch (rdp->state)
{
case CONNECTION_STATE_NLA:
- if (rdp->nla->state < NLA_STATE_AUTH_INFO)
+ if (nla_get_state(rdp->nla) < NLA_STATE_AUTH_INFO)
{
if (nla_recv_pdu(rdp->nla, s) < 1)
{
return -1;
}
}
- else if (rdp->nla->state == NLA_STATE_POST_NEGO)
+ else if (nla_get_state(rdp->nla) == NLA_STATE_POST_NEGO)
{
nego_recv(rdp->transport, s, (void*) rdp->nego);
return -1;
}
- rdp->nla->state = NLA_STATE_FINAL;
+ if (!nla_set_state(rdp->nla, NLA_STATE_FINAL))
+ return -1;
}
- if (rdp->nla->state == NLA_STATE_AUTH_INFO)
+ if (nla_get_state(rdp->nla) == NLA_STATE_AUTH_INFO)
{
transport_set_nla_mode(rdp->transport, FALSE);
return -1;
nego_send_negotiation_request(rdp->nego);
- rdp->nla->state = NLA_STATE_POST_NEGO;
+
+ if (!nla_set_state(rdp->nla, NLA_STATE_POST_NEGO))
+ return -1;
}
else
{
- rdp->nla->state = NLA_STATE_FINAL;
+ if (!nla_set_state(rdp->nla, NLA_STATE_FINAL))
+ return -1;
}
}
- if (rdp->nla->state == NLA_STATE_FINAL)
+ if (nla_get_state(rdp->nla) == NLA_STATE_FINAL)
{
nla_free(rdp->nla);
rdp->nla = NULL;
if (settings->AuthenticationServiceClass)
{
- rdp->nla->ServicePrincipalName =
- nla_make_spn(settings->AuthenticationServiceClass, settings->ServerHostname);
-
- if (!rdp->nla->ServicePrincipalName)
+ if (!nla_set_service_principal(rdp->nla, nla_make_spn(settings->AuthenticationServiceClass,
+ settings->ServerHostname)))
return FALSE;
}