From fa4209c821805b8611346a1df2fe0bda2a8b696e Mon Sep 17 00:00:00 2001 From: Virtually Nick Date: Thu, 20 Jul 2023 18:51:33 -0400 Subject: [PATCH] GUACAMOLE-1332: Add support for certificate fingerprints and auto-accept. --- src/protocols/rdp/settings.c | 33 ++++++++++++++++++++++++++++++++- src/protocols/rdp/settings.h | 12 ++++++++++++ 2 files changed, 44 insertions(+), 1 deletion(-) diff --git a/src/protocols/rdp/settings.c b/src/protocols/rdp/settings.c index f2dbeabd4..47ca0aeee 100644 --- a/src/protocols/rdp/settings.c +++ b/src/protocols/rdp/settings.c @@ -76,6 +76,8 @@ const char* GUAC_RDP_CLIENT_ARGS[] = { "server-layout", "security", "ignore-cert", + "cert-tofu", + "cert-fingerprints", "disable-auth", "remote-app", "remote-app-dir", @@ -289,6 +291,21 @@ enum RDP_ARGS_IDX { */ IDX_IGNORE_CERT, + /** + * "true" if a server certificate should be trusted the first time that + * a connection is established, and then subsequently checked for validity, + * or "false" if that behavior should not be forced. Whether or not the + * connection succeeds will be dependent upon other certificate settings, + * like ignore and/or provided fingerprints. + */ + IDX_CERTIFICATE_TOFU, + + /** + * A comma-separate list of fingerprints of certificates that should be + * trusted when establishing this RDP connection. + */ + IDX_CERTIFICATE_FINGERPRINTS, + /** * "true" if authentication should be disabled, "false" or blank otherwise. * This is different from the authentication that takes place when a user @@ -708,6 +725,16 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user, guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv, IDX_IGNORE_CERT, 0); + /* Add new certificates to trust list */ + settings->certificate_tofu = + guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv, + IDX_CERTIFICATE_TOFU, 0); + + /* Fingerprints of certificates that should be trusted */ + settings->certificate_fingerprints = + guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv, + IDX_CERTIFICATE_FINGERPRINTS, NULL); + /* Disable authentication */ settings->disable_authentication = guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv, @@ -1296,6 +1323,7 @@ void guac_rdp_settings_free(guac_rdp_settings* settings) { free(settings->drive_name); free(settings->drive_path); free(settings->hostname); + free(settings->certificate_fingerprints); free(settings->initial_program); free(settings->password); free(settings->preconnection_blob); @@ -1575,9 +1603,12 @@ void guac_rdp_push_settings(guac_client* client, } - /* Authentication */ + /* Security */ rdp_settings->Authentication = !guac_settings->disable_authentication; rdp_settings->IgnoreCertificate = guac_settings->ignore_certificate; + rdp_settings->AutoAcceptCertificate = guac_settings->certificate_tofu; + if (guac_settings->certificate_fingerprints != NULL) + rdp_settings->CertificateAcceptedFingerprints = guac_strdup(guac_settings->certificate_fingerprints); /* RemoteApp */ if (guac_settings->remote_app != NULL) { diff --git a/src/protocols/rdp/settings.h b/src/protocols/rdp/settings.h index 3fe9d0027..11dbf59bc 100644 --- a/src/protocols/rdp/settings.h +++ b/src/protocols/rdp/settings.h @@ -286,6 +286,18 @@ typedef struct guac_rdp_settings { */ int ignore_certificate; + /** + * Whether or not a certificate should be added to the local trust + * store on first use. + */ + int certificate_tofu; + + /** + * The fingerprints of host certificates that should be trusted for + * this connection. + */ + char* certificate_fingerprints; + /** * Whether authentication should be disabled. This is different from the * authentication that takes place when a user provides their username