github/FreeRDP
7
0
Fork 0
mirror of https://github.com/FreeRDP/FreeRDP.git synced 2025-06-03 00:00:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Proxy fixes (#7686)

Browse Source 
* Fixed a memory leak in server side NLA auth

* Fixed #7675: Pass channel packets directly
This commit is contained in:
akallabeth 2022-03-02 09:13:41 +01:00 committed by GitHub
parent 502f44949a
commit 64f47848c9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
libfreerdp/core/nla.c
View File

@ -1498,6 +1498,7 @@ static int nla_server_authenticate(rdpNla* nla)
while (TRUE) while (TRUE)
{ {
int rc = -1;
SecBuffer inputBuffer = { 0 }; SecBuffer inputBuffer = { 0 };
SecBuffer outputBuffer = { 0 }; SecBuffer outputBuffer = { 0 };
SecBufferDesc inputBufferDesc = { 0 }; SecBufferDesc inputBufferDesc = { 0 };
@ -1509,13 +1510,13 @@ static int nla_server_authenticate(rdpNla* nla)
inputBufferDesc.pBuffers = &inputBuffer; inputBufferDesc.pBuffers = &inputBuffer;
if (nla_server_recv(nla) < 0) if (nla_server_recv(nla) < 0)
goto fail_auth; goto fail;
WLog_DBG(TAG, "Receiving Authentication Token"); WLog_DBG(TAG, "Receiving Authentication Token");
if (!nla_sec_buffer_alloc_from_buffer(&inputBuffer, &nla->negoToken, 0)) if (!nla_sec_buffer_alloc_from_buffer(&inputBuffer, &nla->negoToken, 0))
{ {
WLog_ERR(TAG, "CredSSP: invalid negoToken!"); WLog_ERR(TAG, "CredSSP: invalid negoToken!");
goto fail_auth; goto fail;
} }
outputBufferDesc.ulVersion = SECBUFFER_VERSION; outputBufferDesc.ulVersion = SECBUFFER_VERSION;
@ -1523,7 +1524,7 @@ static int nla_server_authenticate(rdpNla* nla)
outputBufferDesc.pBuffers = &outputBuffer; outputBufferDesc.pBuffers = &outputBuffer;
if (!nla_sec_buffer_alloc(&outputBuffer, nla->cbMaxToken)) if (!nla_sec_buffer_alloc(&outputBuffer, nla->cbMaxToken))
goto fail_auth; goto fail;
nla->status = nla->table->AcceptSecurityContext( nla->status = nla->table->AcceptSecurityContext(
&nla->credentials, nla->haveContext ? &nla->context : NULL, &inputBufferDesc, &nla->credentials, nla->haveContext ? &nla->context : NULL, &inputBufferDesc,
@ -1533,7 +1534,7 @@ static int nla_server_authenticate(rdpNla* nla)
GetSecurityStatusString(nla->status), nla->status); GetSecurityStatusString(nla->status), nla->status);
if (!nla_sec_buffer_alloc_from_buffer(&nla->negoToken, &outputBuffer, 0)) if (!nla_sec_buffer_alloc_from_buffer(&nla->negoToken, &outputBuffer, 0))
goto fail_auth; goto fail;
if ((nla->status == SEC_I_COMPLETE_AND_CONTINUE) || (nla->status == SEC_I_COMPLETE_NEEDED)) if ((nla->status == SEC_I_COMPLETE_AND_CONTINUE) || (nla->status == SEC_I_COMPLETE_NEEDED))
{ {
@ -1567,13 +1568,11 @@ static int nla_server_authenticate(rdpNla* nla)
} }
if (!nla_complete_auth(nla, &outputBufferDesc)) if (!nla_complete_auth(nla, &outputBufferDesc))
goto fail_auth; goto fail;
} }
if (nla->status == SEC_E_OK) if (nla->status == SEC_E_OK)
{ {
int rc = -1;
if (outputBuffer.cbBuffer != 0) if (outputBuffer.cbBuffer != 0)
{ {
if (!nla_send(nla)) if (!nla_send(nla))
@ -1618,14 +1617,15 @@ static int nla_server_authenticate(rdpNla* nla)
goto fail; goto fail;
rc = 1; rc = 1;
fail: }
sspi_SecBufferFree(&inputBuffer);
sspi_SecBufferFree(&outputBuffer); fail:
if (rc < 0) sspi_SecBufferFree(&inputBuffer);
{ sspi_SecBufferFree(&outputBuffer);
res = rc; if (rc < 0)
goto fail_auth; {
} res = rc;
goto fail_auth;
} }
if ((nla->status != SEC_E_OK) && (nla->status != SEC_I_CONTINUE_NEEDED)) if ((nla->status != SEC_E_OK) && (nla->status != SEC_I_CONTINUE_NEEDED))

8
server/proxy/pf_client.c
View File

@ -563,6 +563,7 @@ static BOOL pf_client_send_channel_data(pClientContext* pc, const proxyChannelDa
return Queue_Enqueue(pc->cached_server_channel_data, ev); return Queue_Enqueue(pc->cached_server_channel_data, ev);
} }
static BOOL sendQueuedChannelData(pClientContext* pc) static BOOL sendQueuedChannelData(pClientContext* pc)
{ {
BOOL rc = TRUE; BOOL rc = TRUE;
@ -585,9 +586,10 @@ static BOOL sendQueuedChannelData(pClientContext* pc)
rc = TRUE; rc = TRUE;
else else
{ {
WINPR_ASSERT(pc->context.instance->SendChannelData); WINPR_ASSERT(pc->context.instance->SendChannelPacket);
rc = pc->context.instance->SendChannelData(pc->context.instance, channelId, rc = pc->context.instance->SendChannelPacket(pc->context.instance, channelId,
ev->data, ev->data_len); ev->total_size, ev->flags, ev->data,
ev->data_len);
} }
channel_data_free(ev); channel_data_free(ev);
} }