From fbbcd9b8efe56df09a70072733b1af27a60c460d Mon Sep 17 00:00:00 2001 From: Martin Fleisz Date: Thu, 3 Nov 2022 13:47:21 +0100 Subject: [PATCH] nla: Fix unicode issues with gateway code Gateway code was passing a char string as the package name to `credssp_auth_init`. When using Unicode builds this fails since `QuerySecurityPackageInfo` expects a wchar string. Additionally with unicode builds, `credssp_auth_pkg_name` causes string type mismatches in the gateway code where a char string is expected. --- libfreerdp/core/credssp_auth.c | 14 +++++++++++++- libfreerdp/core/credssp_auth.h | 2 +- libfreerdp/core/gateway/ncacn_http.c | 2 +- libfreerdp/core/gateway/rdg.c | 4 ++-- libfreerdp/core/gateway/rpc_bind.c | 2 +- 5 files changed, 18 insertions(+), 6 deletions(-) diff --git a/libfreerdp/core/credssp_auth.c b/libfreerdp/core/credssp_auth.c index 741d0616f..dc51f2df3 100644 --- a/libfreerdp/core/credssp_auth.c +++ b/libfreerdp/core/credssp_auth.c @@ -66,6 +66,9 @@ struct rdp_credssp_auth ULONG flags; SecPkgContext_Sizes sizes; enum AUTH_STATE state; +#ifdef UNICODE + char* pkgNameA; +#endif }; static BOOL parseKerberosDeltat(const char* value, INT32* dest, const char* message); @@ -588,10 +591,16 @@ size_t credssp_auth_trailer_size(rdpCredsspAuth* auth) return auth->sizes.cbSecurityTrailer; } -const TCHAR* credssp_auth_pkg_name(rdpCredsspAuth* auth) +const char* credssp_auth_pkg_name(rdpCredsspAuth* auth) { WINPR_ASSERT(auth && auth->info); +#ifdef UNICODE + if (!auth->pkgNameA) + ConvertFromUnicode(CP_UTF8, 0, auth->info->Name, -1, &auth->pkgNameA, 0, NULL, NULL); + return auth->pkgNameA; +#else return auth->info->Name; +#endif } void credssp_auth_free(rdpCredsspAuth* auth) @@ -639,6 +648,9 @@ void credssp_auth_free(rdpCredsspAuth* auth) free(auth->spn); sspi_SecBufferFree(&auth->input_buffer); sspi_SecBufferFree(&auth->output_buffer); +#ifdef UNICODE + free(auth->pkgNameA); +#endif free(auth); } diff --git a/libfreerdp/core/credssp_auth.h b/libfreerdp/core/credssp_auth.h index d065cc0ca..81493e464 100644 --- a/libfreerdp/core/credssp_auth.h +++ b/libfreerdp/core/credssp_auth.h @@ -54,7 +54,7 @@ FREERDP_LOCAL void credssp_auth_take_input_buffer(rdpCredsspAuth* auth, SecBuffe FREERDP_LOCAL const SecBuffer* credssp_auth_get_output_buffer(rdpCredsspAuth* auth); FREERDP_LOCAL BOOL credssp_auth_have_output_token(rdpCredsspAuth* auth); FREERDP_LOCAL BOOL credssp_auth_is_complete(rdpCredsspAuth* auth); -FREERDP_LOCAL const TCHAR* credssp_auth_pkg_name(rdpCredsspAuth* auth); +FREERDP_LOCAL const char* credssp_auth_pkg_name(rdpCredsspAuth* auth); FREERDP_LOCAL size_t credssp_auth_trailer_size(rdpCredsspAuth* auth); FREERDP_LOCAL void credssp_auth_free(rdpCredsspAuth* auth); diff --git a/libfreerdp/core/gateway/ncacn_http.c b/libfreerdp/core/gateway/ncacn_http.c index 01e9e66e4..354b28d90 100644 --- a/libfreerdp/core/gateway/ncacn_http.c +++ b/libfreerdp/core/gateway/ncacn_http.c @@ -30,7 +30,7 @@ #define TAG FREERDP_TAG("core.gateway.ntlm") -#define AUTH_PKG CREDSSP_AUTH_PKG_NTLM +#define AUTH_PKG NTLM_SSP_NAME static wStream* rpc_auth_http_request(HttpContext* http, const char* method, int contentLength, const SecBuffer* authToken, const char* auth_scheme) diff --git a/libfreerdp/core/gateway/rdg.c b/libfreerdp/core/gateway/rdg.c index b77ea5eac..b2a216c9b 100644 --- a/libfreerdp/core/gateway/rdg.c +++ b/libfreerdp/core/gateway/rdg.c @@ -44,9 +44,9 @@ #define TAG FREERDP_TAG("core.gateway.rdg") #if defined(_WIN32) || defined(WITH_SPNEGO) -#define AUTH_PKG CREDSSP_AUTH_PKG_SPNEGO +#define AUTH_PKG NEGO_SSP_NAME #else -#define AUTH_PKG CREDSSP_AUTH_PKG_NTLM +#define AUTH_PKG NTLM_SSP_NAME #endif /* HTTP channel response fields present flags. */ diff --git a/libfreerdp/core/gateway/rpc_bind.c b/libfreerdp/core/gateway/rpc_bind.c index 838ef54b5..ae6dbceab 100644 --- a/libfreerdp/core/gateway/rpc_bind.c +++ b/libfreerdp/core/gateway/rpc_bind.c @@ -33,7 +33,7 @@ #define TAG FREERDP_TAG("core.gateway.rpc") -#define AUTH_PKG CREDSSP_AUTH_PKG_NTLM +#define AUTH_PKG NTLM_SSP_NAME /** * Connection-Oriented RPC Protocol Client Details: