mirror of
https://github.com/morgan9e/FreeRDP
synced 2026-04-15 00:44:19 +09:00
smartcard_emu: enable to specify the smartcard pin
This commit is contained in:
David Fort
@@ -231,6 +231,47 @@ static BOOL freerdp_client_settings_post_process(rdpSettings* settings)
|
||||
settings->Fullscreen = TRUE;
|
||||
}
|
||||
|
||||
/* deal with the smartcard / smartcard logon stuff */
|
||||
if (settings->SmartcardEmulation)
|
||||
{
|
||||
/* if no pin is defined on the smartcard emulation use the user password */
|
||||
if (!settings->SmartcardPin)
|
||||
{
|
||||
if (!settings->Password)
|
||||
{
|
||||
WLog_ERR(TAG, "No pin or password defined for smartcard emu");
|
||||
goto out_error;
|
||||
}
|
||||
|
||||
if (!freerdp_settings_set_string(settings, FreeRDP_SmartcardPin, settings->Password))
|
||||
{
|
||||
WLog_ERR(TAG, "error when setting smartcard pin to user password");
|
||||
goto out_error;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (settings->SmartcardLogon)
|
||||
{
|
||||
settings->NlaSecurity = FALSE; /* for now */
|
||||
settings->TlsSecurity = TRUE;
|
||||
settings->RedirectSmartCards = TRUE;
|
||||
settings->DeviceRedirection = TRUE;
|
||||
freerdp_settings_set_bool(settings, FreeRDP_PasswordIsSmartcardPin, TRUE);
|
||||
|
||||
if (!settings->Password && settings->SmartcardEmulation)
|
||||
{
|
||||
/* when no user password is provided, in the case of smartcard emulation for smartcard
|
||||
* logon take the smartcard pin as user password to match PasswordIsSmartcardPin
|
||||
*/
|
||||
if (!freerdp_settings_set_string(settings, FreeRDP_Password, settings->SmartcardPin))
|
||||
{
|
||||
WLog_ERR(TAG, "error when setting smartcard pin to user password");
|
||||
goto out_error;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
out_error:
|
||||
free(settings->GatewayUsername);
|
||||
|
||||
@@ -1386,17 +1386,6 @@ static BOOL ends_with(const char* str, const char* ext)
|
||||
return _strnicmp(&str[strLen - extLen], ext, extLen) == 0;
|
||||
}
|
||||
|
||||
static void activate_smartcard_logon_rdp(rdpSettings* settings)
|
||||
{
|
||||
settings->SmartcardLogon = TRUE;
|
||||
|
||||
settings->NlaSecurity = FALSE;
|
||||
settings->TlsSecurity = TRUE;
|
||||
settings->RedirectSmartCards = TRUE;
|
||||
settings->DeviceRedirection = TRUE;
|
||||
freerdp_settings_set_bool(settings, FreeRDP_PasswordIsSmartcardPin, TRUE);
|
||||
}
|
||||
|
||||
/**
|
||||
* parses a string value with the format <v1>x<v2>
|
||||
* @param input: input string
|
||||
@@ -3273,13 +3262,12 @@ int freerdp_client_settings_parse_command_line_arguments(rdpSettings* settings,
|
||||
const char** pc;
|
||||
} ptr;
|
||||
|
||||
if (!settings->SmartcardLogon)
|
||||
activate_smartcard_logon_rdp(settings);
|
||||
|
||||
settings->SmartcardLogon = TRUE;
|
||||
ptr.p = CommandLineParseCommaSeparatedValuesEx("smartcard-logon", arg->Value, &count);
|
||||
if (ptr.pc)
|
||||
{
|
||||
size_t x;
|
||||
settings->SmartcardEmulation = TRUE;
|
||||
for (x = 1; x < count; x++)
|
||||
{
|
||||
const char* cur = ptr.pc[x];
|
||||
@@ -3301,6 +3289,15 @@ int freerdp_client_settings_parse_command_line_arguments(rdpSettings* settings,
|
||||
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
|
||||
}
|
||||
}
|
||||
else if (strncmp("pin:", cur, 4) == 0)
|
||||
{
|
||||
settings->SmartcardPin = strdup(&cur[4]);
|
||||
if (!settings->SmartcardPin)
|
||||
{
|
||||
free(ptr.p);
|
||||
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
free(ptr.p);
|
||||
|
||||
@@ -338,8 +338,8 @@ static const COMMAND_LINE_ARGUMENT_A global_cmd_args[] = {
|
||||
"Scale remote desktop to window size" },
|
||||
{ "smartcard", COMMAND_LINE_VALUE_OPTIONAL, "<str>[,<str>...]", NULL, NULL, -1, NULL,
|
||||
"Redirect the smartcard devices containing any of the <str> in their names." },
|
||||
{ "smartcard-logon", COMMAND_LINE_VALUE_OPTIONAL, "[cert:<path>,key:<key>]", NULL, NULL, -1,
|
||||
NULL,
|
||||
{ "smartcard-logon", COMMAND_LINE_VALUE_OPTIONAL, "[cert:<path>,key:<key>,pin:<pin>]", NULL,
|
||||
NULL, -1, NULL,
|
||||
"Activates Smartcard (optional certificate) Logon authentication. (EXPERIMENTAL: NLA not "
|
||||
"supported)" },
|
||||
{ "sound", COMMAND_LINE_VALUE_OPTIONAL,
|
||||
|
||||
@@ -661,6 +661,8 @@ typedef struct
|
||||
#define FreeRDP_PromptForCredentials (1283)
|
||||
#define FreeRDP_SmartcardCertificate (1285)
|
||||
#define FreeRDP_SmartcardPrivateKey (1286)
|
||||
#define FreeRDP_SmartcardPin (1287)
|
||||
#define FreeRDP_SmartcardEmulation (1288)
|
||||
#define FreeRDP_KerberosKdc (1344)
|
||||
#define FreeRDP_KerberosRealm (1345)
|
||||
#define FreeRDP_IgnoreCertificate (1408)
|
||||
@@ -1146,7 +1148,9 @@ struct rdp_settings
|
||||
UINT64 padding1284[1285 - 1284]; /* 1284 */
|
||||
ALIGN64 char* SmartcardCertificate; /* 1285 */
|
||||
ALIGN64 char* SmartcardPrivateKey; /* 1286 */
|
||||
UINT64 padding1344[1344 - 1287]; /* 1287 */
|
||||
ALIGN64 char* SmartcardPin; /* 1287 */
|
||||
ALIGN64 BOOL SmartcardEmulation; /* 1288 */
|
||||
UINT64 padding1344[1344 - 1289]; /* 1289 */
|
||||
|
||||
/* Kerberos Authentication */
|
||||
ALIGN64 char* KerberosKdc; /* 1344 */
|
||||
|
||||
@@ -444,6 +444,9 @@ BOOL freerdp_settings_get_bool(const rdpSettings* settings, size_t id)
|
||||
case FreeRDP_SmartSizing:
|
||||
return settings->SmartSizing;
|
||||
|
||||
case FreeRDP_SmartcardEmulation:
|
||||
return settings->SmartcardEmulation;
|
||||
|
||||
case FreeRDP_SmartcardLogon:
|
||||
return settings->SmartcardLogon;
|
||||
|
||||
@@ -1121,6 +1124,10 @@ BOOL freerdp_settings_set_bool(rdpSettings* settings, size_t id, BOOL val)
|
||||
settings->SmartSizing = cnv.c;
|
||||
break;
|
||||
|
||||
case FreeRDP_SmartcardEmulation:
|
||||
settings->SmartcardEmulation = cnv.c;
|
||||
break;
|
||||
|
||||
case FreeRDP_SmartcardLogon:
|
||||
settings->SmartcardLogon = cnv.c;
|
||||
break;
|
||||
@@ -2510,6 +2517,9 @@ const char* freerdp_settings_get_string(const rdpSettings* settings, size_t id)
|
||||
case FreeRDP_SmartcardCertificate:
|
||||
return settings->SmartcardCertificate;
|
||||
|
||||
case FreeRDP_SmartcardPin:
|
||||
return settings->SmartcardPin;
|
||||
|
||||
case FreeRDP_SmartcardPrivateKey:
|
||||
return settings->SmartcardPrivateKey;
|
||||
|
||||
@@ -2970,6 +2980,9 @@ BOOL freerdp_settings_set_string_(rdpSettings* settings, size_t id, const char*
|
||||
case FreeRDP_SmartcardCertificate:
|
||||
return update_string(&settings->SmartcardCertificate, cnv.cc, len, cleanup);
|
||||
|
||||
case FreeRDP_SmartcardPin:
|
||||
return update_string(&settings->SmartcardPin, cnv.cc, len, cleanup);
|
||||
|
||||
case FreeRDP_SmartcardPrivateKey:
|
||||
return update_string(&settings->SmartcardPrivateKey, cnv.cc, len, cleanup);
|
||||
|
||||
|
||||
@@ -151,6 +151,7 @@ static const struct settings_str_entry settings_map[] = {
|
||||
{ FreeRDP_SendPreconnectionPdu, 0, "FreeRDP_SendPreconnectionPdu" },
|
||||
{ FreeRDP_ServerMode, 0, "FreeRDP_ServerMode" },
|
||||
{ FreeRDP_SmartSizing, 0, "FreeRDP_SmartSizing" },
|
||||
{ FreeRDP_SmartcardEmulation, 0, "FreeRDP_SmartcardEmulation" },
|
||||
{ FreeRDP_SmartcardLogon, 0, "FreeRDP_SmartcardLogon" },
|
||||
{ FreeRDP_SoftwareGdi, 0, "FreeRDP_SoftwareGdi" },
|
||||
{ FreeRDP_SoundBeepsEnabled, 0, "FreeRDP_SoundBeepsEnabled" },
|
||||
@@ -371,6 +372,7 @@ static const struct settings_str_entry settings_map[] = {
|
||||
{ FreeRDP_ServerHostname, 7, "FreeRDP_ServerHostname" },
|
||||
{ FreeRDP_ShellWorkingDirectory, 7, "FreeRDP_ShellWorkingDirectory" },
|
||||
{ FreeRDP_SmartcardCertificate, 7, "FreeRDP_SmartcardCertificate" },
|
||||
{ FreeRDP_SmartcardPin, 7, "FreeRDP_SmartcardPin" },
|
||||
{ FreeRDP_SmartcardPrivateKey, 7, "FreeRDP_SmartcardPrivateKey" },
|
||||
{ FreeRDP_TargetNetAddress, 7, "FreeRDP_TargetNetAddress" },
|
||||
{ FreeRDP_TransportDumpFile, 7, "FreeRDP_TransportDumpFile" },
|
||||
|
||||
@@ -140,6 +140,7 @@ static const size_t bool_list_indices[] = {
|
||||
FreeRDP_SendPreconnectionPdu,
|
||||
FreeRDP_ServerMode,
|
||||
FreeRDP_SmartSizing,
|
||||
FreeRDP_SmartcardEmulation,
|
||||
FreeRDP_SmartcardLogon,
|
||||
FreeRDP_SoftwareGdi,
|
||||
FreeRDP_SoundBeepsEnabled,
|
||||
@@ -380,6 +381,7 @@ static const size_t string_list_indices[] = {
|
||||
FreeRDP_ServerHostname,
|
||||
FreeRDP_ShellWorkingDirectory,
|
||||
FreeRDP_SmartcardCertificate,
|
||||
FreeRDP_SmartcardPin,
|
||||
FreeRDP_SmartcardPrivateKey,
|
||||
FreeRDP_TargetNetAddress,
|
||||
FreeRDP_TransportDumpFile,
|
||||
|
||||
@@ -305,10 +305,8 @@ static SCardHandle* scard_handle_new(SmartcardEmulationContext* smartcard, SCARD
|
||||
freerdp_settings_get_string(smartcard->settings, FreeRDP_SmartcardCertificate);
|
||||
const char* key =
|
||||
freerdp_settings_get_string(smartcard->settings, FreeRDP_SmartcardPrivateKey);
|
||||
const char* pin = NULL;
|
||||
|
||||
if (freerdp_settings_get_bool(smartcard->settings, FreeRDP_PasswordIsSmartcardPin))
|
||||
pin = freerdp_settings_get_string(smartcard->settings, FreeRDP_Password);
|
||||
const char* pin = freerdp_settings_get_string(smartcard->settings, FreeRDP_SmartcardPin);
|
||||
|
||||
if (!vgids_init(hdl->vgids, pem, key, pin))
|
||||
goto fail;
|
||||
@@ -2694,9 +2692,7 @@ BOOL Emulate_IsConfigured(SmartcardEmulationContext* context)
|
||||
|
||||
pem = freerdp_settings_get_string(context->settings, FreeRDP_SmartcardCertificate);
|
||||
key = freerdp_settings_get_string(context->settings, FreeRDP_SmartcardPrivateKey);
|
||||
|
||||
if (freerdp_settings_get_bool(context->settings, FreeRDP_PasswordIsSmartcardPin))
|
||||
pin = freerdp_settings_get_string(context->settings, FreeRDP_Password);
|
||||
pin = freerdp_settings_get_string(context->settings, FreeRDP_SmartcardPin);
|
||||
|
||||
/* Cache result only, if no initialization arguments changed. */
|
||||
if ((context->pem == pem) && (context->key == key) && (context->pin == pin))
|
||||
|
||||
Reference in New Issue
Block a user