kekePower/rdesktop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make password variable global and clear it in correct place.

Browse Source 
This fix a bug where redirection using CredSSP fails to SSO
due to wrong password sent to server and asks for a correct one.
The source to this issue was that the password was zeroed before
the actual redirection is handled.



git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/rdesktop/trunk@1795 423420c4-83ab-492f-b58f-81f9feb106b5
This commit is contained in:
Henrik Andersson 2014-04-24 12:02:40 +00:00
parent 708c3861f1
commit a1f8856484
2 changed files with 14 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
rdesktop.c
View File

@ -3,7 +3,7 @@
Entrypoint and utility functions
Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
Copyright 2002-2011 Peter Astrand <astrand@cendio.se> for Cendio AB
Copyright 2010-2013 Henrik Andersson <hean01@cendio.se> for Cendio AB
Copyright 2010-2014 Henrik Andersson <hean01@cendio.se> for Cendio AB
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -61,6 +61,7 @@ uint8 g_static_rdesktop_salt_16[16] = {
char g_title[64] = "";
char *g_username;
char g_password[64] = "";
char g_hostname[16] = "";
char g_keymapname[PATH_MAX] = "";
unsigned int g_keylayout = 0x409; /* Defaults to US keyboard layout */
@ -521,7 +522,6 @@ main(int argc, char *argv[])
char server[256];
char fullhostname[64];
char domain[256];
char password[64];
char shell[256];
char directory[256];
RD_BOOL prompt_password, deactivated;
@ -556,7 +556,7 @@ main(int argc, char *argv[])
flags = RDP_LOGON_NORMAL;
prompt_password = False;
g_seamless_spawn_cmd[0] = domain[0] = password[0] = shell[0] = directory[0] = 0;
g_seamless_spawn_cmd[0] = domain[0] = g_password[0] = shell[0] = directory[0] = 0;
g_embed_wnd = 0;
g_num_devices = 0;
@ -623,7 +623,7 @@ main(int argc, char *argv[])
break;
}
STRNCPY(password, optarg, sizeof(password));
STRNCPY(g_password, optarg, sizeof(g_password));
flags |= RDP_LOGON_AUTO;
/* try to overwrite argument so it won't appear in ps */
@ -1058,7 +1058,7 @@ main(int argc, char *argv[])
xfree(locale);
if (prompt_password && read_password(password, sizeof(password)))
if (prompt_password && read_password(g_password, sizeof(g_password)))
flags |= RDP_LOGON_AUTO;
if (g_title[0] == 0)
@ -1068,7 +1068,7 @@ main(int argc, char *argv[])
}
#ifdef RDP2VNC
rdp2vnc_connect(server, flags, domain, password, shell, directory);
rdp2vnc_connect(server, flags, domain, g_password, shell, directory);
return EX_OK;
#else
@ -1131,7 +1131,7 @@ main(int argc, char *argv[])
ui_init_connection();
if (!rdp_connect
(server, flags, domain, password, shell, directory, g_reconnect_loop))
(server, flags, domain, g_password, shell, directory, g_reconnect_loop))
{
g_network_error = False;
@ -1157,9 +1157,7 @@ main(int argc, char *argv[])
if (!g_packet_encryption)
g_encryption_initial = g_encryption = False;
DEBUG(("Connection successful.\n"));
memset(password, 0, sizeof(password));
rd_create_ui();
tcp_run_ui(True);

8
rdp.c
View File

@ -3,7 +3,7 @@
Protocol services - RDP layer
Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
Copyright 2003-2011 Peter Astrand <astrand@cendio.se> for Cendio AB
Copyright 2011-2013 Henrik Andersson <hean01@cendio.se> for Cendio AB
Copyright 2011-2014 Henrik Andersson <hean01@cendio.se> for Cendio AB
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -39,6 +39,7 @@
extern uint16 g_mcs_userid;
extern char *g_username;
extern char g_password[64];
extern char g_codepage[16];
extern RD_BOOL g_bitmap_compression;
extern RD_BOOL g_orders;
@ -1711,6 +1712,11 @@ rdp_loop(RD_BOOL * deactivated, uint32 * ext_disc_reason)
return process_redirect_pdu(s, True);
break;
case RDP_PDU_DATA:
/* If we got a data PDU, we don't need to keep the password in memory
anymore and therefor we should clear it for security reasons. */
if (g_password[0] != '\0')
memset(g_password, 0, sizeof(g_password));
process_data_pdu(s, ext_disc_reason);
break;
case 0: