Make password variable global and clear it in correct place.
This fix a bug where redirection using CredSSP fails to SSO due to wrong password sent to server and asks for a correct one. The source to this issue was that the password was zeroed before the actual redirection is handled. git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1795 423420c4-83ab-492f-b58f-81f9feb106b5
This commit is contained in:
parent
708c3861f1
commit
a1f8856484
16
rdesktop.c
16
rdesktop.c
@ -3,7 +3,7 @@
|
||||
Entrypoint and utility functions
|
||||
Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
|
||||
Copyright 2002-2011 Peter Astrand <astrand@cendio.se> for Cendio AB
|
||||
Copyright 2010-2013 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
||||
Copyright 2010-2014 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
@ -61,6 +61,7 @@ uint8 g_static_rdesktop_salt_16[16] = {
|
||||
|
||||
char g_title[64] = "";
|
||||
char *g_username;
|
||||
char g_password[64] = "";
|
||||
char g_hostname[16] = "";
|
||||
char g_keymapname[PATH_MAX] = "";
|
||||
unsigned int g_keylayout = 0x409; /* Defaults to US keyboard layout */
|
||||
@ -521,7 +522,6 @@ main(int argc, char *argv[])
|
||||
char server[256];
|
||||
char fullhostname[64];
|
||||
char domain[256];
|
||||
char password[64];
|
||||
char shell[256];
|
||||
char directory[256];
|
||||
RD_BOOL prompt_password, deactivated;
|
||||
@ -556,7 +556,7 @@ main(int argc, char *argv[])
|
||||
|
||||
flags = RDP_LOGON_NORMAL;
|
||||
prompt_password = False;
|
||||
g_seamless_spawn_cmd[0] = domain[0] = password[0] = shell[0] = directory[0] = 0;
|
||||
g_seamless_spawn_cmd[0] = domain[0] = g_password[0] = shell[0] = directory[0] = 0;
|
||||
g_embed_wnd = 0;
|
||||
|
||||
g_num_devices = 0;
|
||||
@ -623,7 +623,7 @@ main(int argc, char *argv[])
|
||||
break;
|
||||
}
|
||||
|
||||
STRNCPY(password, optarg, sizeof(password));
|
||||
STRNCPY(g_password, optarg, sizeof(g_password));
|
||||
flags |= RDP_LOGON_AUTO;
|
||||
|
||||
/* try to overwrite argument so it won't appear in ps */
|
||||
@ -1058,7 +1058,7 @@ main(int argc, char *argv[])
|
||||
xfree(locale);
|
||||
|
||||
|
||||
if (prompt_password && read_password(password, sizeof(password)))
|
||||
if (prompt_password && read_password(g_password, sizeof(g_password)))
|
||||
flags |= RDP_LOGON_AUTO;
|
||||
|
||||
if (g_title[0] == 0)
|
||||
@ -1068,7 +1068,7 @@ main(int argc, char *argv[])
|
||||
}
|
||||
|
||||
#ifdef RDP2VNC
|
||||
rdp2vnc_connect(server, flags, domain, password, shell, directory);
|
||||
rdp2vnc_connect(server, flags, domain, g_password, shell, directory);
|
||||
return EX_OK;
|
||||
#else
|
||||
|
||||
@ -1131,7 +1131,7 @@ main(int argc, char *argv[])
|
||||
|
||||
ui_init_connection();
|
||||
if (!rdp_connect
|
||||
(server, flags, domain, password, shell, directory, g_reconnect_loop))
|
||||
(server, flags, domain, g_password, shell, directory, g_reconnect_loop))
|
||||
{
|
||||
|
||||
g_network_error = False;
|
||||
@ -1157,9 +1157,7 @@ main(int argc, char *argv[])
|
||||
if (!g_packet_encryption)
|
||||
g_encryption_initial = g_encryption = False;
|
||||
|
||||
|
||||
DEBUG(("Connection successful.\n"));
|
||||
memset(password, 0, sizeof(password));
|
||||
|
||||
rd_create_ui();
|
||||
tcp_run_ui(True);
|
||||
|
8
rdp.c
8
rdp.c
@ -3,7 +3,7 @@
|
||||
Protocol services - RDP layer
|
||||
Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
|
||||
Copyright 2003-2011 Peter Astrand <astrand@cendio.se> for Cendio AB
|
||||
Copyright 2011-2013 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
||||
Copyright 2011-2014 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
@ -39,6 +39,7 @@
|
||||
|
||||
extern uint16 g_mcs_userid;
|
||||
extern char *g_username;
|
||||
extern char g_password[64];
|
||||
extern char g_codepage[16];
|
||||
extern RD_BOOL g_bitmap_compression;
|
||||
extern RD_BOOL g_orders;
|
||||
@ -1711,6 +1712,11 @@ rdp_loop(RD_BOOL * deactivated, uint32 * ext_disc_reason)
|
||||
return process_redirect_pdu(s, True);
|
||||
break;
|
||||
case RDP_PDU_DATA:
|
||||
/* If we got a data PDU, we don't need to keep the password in memory
|
||||
anymore and therefor we should clear it for security reasons. */
|
||||
if (g_password[0] != '\0')
|
||||
memset(g_password, 0, sizeof(g_password));
|
||||
|
||||
process_data_pdu(s, ext_disc_reason);
|
||||
break;
|
||||
case 0:
|
||||
|
Loading…
Reference in New Issue
Block a user