mirror of
https://gitlab.freedesktop.org/wayland/weston.git
synced 2026-02-03 17:10:29 +01:00
add NLA support an the nla-ntlm-db option
Signed-off-by: Rainova <rainer.bayr@outlook.com>
This commit is contained in:
Rainer Bayr
Rainer Bayr
parent
0201d5762e
commit
6fcbf7f84c
5 changed files with 94 additions and 11 deletions
|
|
@ -4502,6 +4502,7 @@ weston_rdp_backend_config_init(struct weston_rdp_backend_config *config)
|
|||
config->force_no_compression = 0;
|
||||
config->remotefx_codec = true;
|
||||
config->refresh_rate = RDP_DEFAULT_FREQ;
|
||||
config->nla_ntlm_db = NULL;
|
||||
}
|
||||
|
||||
static int
|
||||
|
|
@ -4611,6 +4612,8 @@ load_rdp_backend(struct weston_compositor *c,
|
|||
config.server_cert);
|
||||
weston_config_section_get_string(section, "tls-key",
|
||||
&config.server_key, config.server_key);
|
||||
weston_config_section_get_string(section, "nla-ntlm-db",
|
||||
&config.nla_ntlm_db, config.nla_ntlm_db);
|
||||
|
||||
wb = wet_compositor_load_backend(c, WESTON_BACKEND_RDP, &config.base,
|
||||
simple_heads_changed,
|
||||
|
|
|
|||
|
|
@ -93,6 +93,7 @@ struct weston_rdp_backend_config {
|
|||
rdp_audio_in_teardown audio_in_teardown;
|
||||
rdp_audio_out_setup audio_out_setup;
|
||||
rdp_audio_out_teardown audio_out_teardown;
|
||||
char *nla_ntlm_db;
|
||||
};
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
|||
|
|
@ -1802,20 +1802,80 @@ rdp_peer_init(freerdp_peer *client, struct rdp_backend *b)
|
|||
goto error_initialize;
|
||||
if (!freerdp_settings_set_pointer_len(settings, FreeRDP_RdpServerRsaKey, key, 1))
|
||||
goto error_initialize;
|
||||
} else {
|
||||
freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, FALSE);
|
||||
}
|
||||
|
||||
if(b->nla_enabled){
|
||||
if(!freerdp_settings_set_string(settings, FreeRDP_NtlmSamFile, b->nla_ntlm_db)){
|
||||
rdp_debug(b, "Error setting FreeRDP_NtlmSamFile to '%s'.\n", b->nla_ntlm_db);
|
||||
goto error_initialize;
|
||||
}
|
||||
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, FALSE))
|
||||
rdp_debug(b, "Error setting FreeRDP_TlsSecurity to 'FALSE'.\n");
|
||||
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, TRUE))
|
||||
rdp_debug(b, "Error setting FreeRDP_NlaSecurity to 'TRUE'.\n");
|
||||
|
||||
}else{
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, TRUE))
|
||||
rdp_debug(b, "Error setting FreeRDP_TlsSecurity to 'TRUE'.\n");
|
||||
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE))
|
||||
rdp_debug(b, "Error setting FreeRDP_NlaSecurity to 'FALSE'.\n");
|
||||
}
|
||||
} else {
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, FALSE))
|
||||
rdp_debug(b, "Error setting FreeRDP_TlsSecurity to 'FALsE'.\n");
|
||||
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE))
|
||||
rdp_debug(b, "Error setting FreeRDP_NlaSecurity to 'FALsE'.\n");
|
||||
}
|
||||
|
||||
#else
|
||||
if (b->rdp_key)
|
||||
settings->RdpKeyFile = strdup(b->rdp_key);
|
||||
if (b->tls_enabled) {
|
||||
settings->CertificateFile = strdup(b->server_cert);
|
||||
settings->PrivateKeyFile = strdup(b->server_key);
|
||||
} else {
|
||||
settings->TlsSecurity = FALSE;
|
||||
if (b->rdp_key){
|
||||
if(!freerdp_settings_set_string(settings, FreeRDP_RdpKeyFile,b->rdp_key)){
|
||||
rdp_debug(b, "Error setting FreeRDP_RdpKeyFile to '%s'.\n", b->rdp_key);
|
||||
goto error_initialize;
|
||||
}
|
||||
}
|
||||
if (b->tls_enabled) {
|
||||
if(!freerdp_settings_set_string(settings, FreeRDP_CertificateFile,b->server_cert)){
|
||||
rdp_debug(b, "Error setting FreeRDP_CertificateFile to '%s'.\n", b->server_cert);
|
||||
goto error_initialize;
|
||||
}
|
||||
|
||||
if(!freerdp_settings_set_string(settings, FreeRDP_PrivateKeyFile, b->server_key)){
|
||||
rdp_debug(b, "Error setting FreeRDP_PrivateKeyFile to '%s'.\n", b->server_key);
|
||||
goto error_initialize;
|
||||
}
|
||||
|
||||
|
||||
if(b->nla_enabled){
|
||||
if(!freerdp_settings_set_string(settings, FreeRDP_NtlmSamFile, b->nla_ntlm_db)){
|
||||
rdp_debug(b, "Error setting FreeRDP_NtlmSamFile to '%s'.\n", b->nla_ntlm_db);
|
||||
goto error_initialize;
|
||||
}
|
||||
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, FALSE))
|
||||
rdp_debug(b, "Error setting FreeRDP_TlsSecurity to 'FALSE'.\n");
|
||||
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, TRUE))
|
||||
rdp_debug(b, "Error setting FreeRDP_NlaSecurity to 'TRUE'.\n");
|
||||
|
||||
}else{
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, TRUE))
|
||||
rdp_debug(b, "Error setting FreeRDP_TlsSecurity to 'TRUE'.\n");
|
||||
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE))
|
||||
rdp_debug(b, "Error setting FreeRDP_NlaSecurity to 'FALSE'.\n");
|
||||
}
|
||||
} else {
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, FALSE))
|
||||
rdp_debug(b, "Error setting FreeRDP_TlsSecurity to 'FALsE'.\n");
|
||||
|
||||
if(!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE))
|
||||
rdp_debug(b, "Error setting FreeRDP_NlaSecurity to 'FALsE'.\n");
|
||||
}
|
||||
#endif
|
||||
freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE);
|
||||
|
||||
if (!client->Initialize(client)) {
|
||||
weston_log("peer initialization failed\n");
|
||||
|
|
@ -1951,6 +2011,7 @@ rdp_backend_create(struct weston_compositor *compositor,
|
|||
b->audio_in_teardown = config->audio_in_teardown;
|
||||
b->audio_out_setup = config->audio_out_setup;
|
||||
b->audio_out_teardown = config->audio_out_teardown;
|
||||
b->nla_ntlm_db = config->nla_ntlm_db;
|
||||
|
||||
b->debug = weston_compositor_add_log_scope(compositor,
|
||||
"rdp-backend",
|
||||
|
|
@ -1998,6 +2059,15 @@ rdp_backend_create(struct weston_compositor *compositor,
|
|||
b->tls_enabled = 1;
|
||||
rdp_debug(b, "TLS support activated\n");
|
||||
}
|
||||
if(b->tls_enabled && b->nla_ntlm_db){
|
||||
if (access(b->nla_ntlm_db, F_OK) == 0) {
|
||||
b->nla_enabled = 1;
|
||||
rdp_debug(b, "NLA support activated\n");
|
||||
} else {
|
||||
b->nla_enabled = 0;
|
||||
rdp_debug(b, "NLA credential file ('%s') not found, fall back to TLS Security.\n", b->nla_ntlm_db);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
wl_list_init(&b->peers);
|
||||
|
|
@ -2138,6 +2208,7 @@ config_init_to_defaults(struct weston_rdp_backend_config *config)
|
|||
config->audio_in_teardown = NULL;
|
||||
config->audio_out_setup = NULL;
|
||||
config->audio_out_teardown = NULL;
|
||||
config->nla_ntlm_db = NULL;
|
||||
}
|
||||
|
||||
WL_EXPORT int
|
||||
|
|
|
|||
|
|
@ -100,6 +100,8 @@ struct rdp_backend {
|
|||
char *server_key;
|
||||
char *rdp_key;
|
||||
int tls_enabled;
|
||||
char *nla_ntlm_db;
|
||||
int nla_enabled;
|
||||
int resizeable;
|
||||
int force_no_compression;
|
||||
bool remotefx_codec;
|
||||
|
|
|
|||
|
|
@ -43,6 +43,12 @@ to ship a file containing a certificate.
|
|||
\fBtls\-cert\fR=\fIfile\fR
|
||||
The file containing the certificate for doing TLS security. To have TLS security you also need
|
||||
to ship a key file.
|
||||
.TP
|
||||
\fBnla\-ntlm\-db\fR=\fIfile\fR
|
||||
The file containing the NTLM credentials used by the NLA (Network Layer Authentication). The entries
|
||||
for this file can be generated using the 'winpr-hash' tool, which is part of FreeRDP. It contains
|
||||
one credential per line.
|
||||
Example for the credential generation: 'winpr-hash -u <user> -d <domain> -p <password> -f sam'.
|
||||
|
||||
|
||||
.\" ***************************************************************
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue