GUACAMOLE-1332: Add support for certificate fingerprints and auto-accept.

2023-07-20 18:51:33 -04:00 · 2023-07-20 18:51:33 -04:00 · fa4209c821
commit fa4209c821
parent 694b3fc579
2 changed files with 44 additions and 1 deletions
--- a/src/protocols/rdp/settings.c
+++ b/src/protocols/rdp/settings.c
@ -76,6 +76,8 @@ const char* GUAC_RDP_CLIENT_ARGS[] = {
    "server-layout",
    "security",
    "ignore-cert",
+    "cert-tofu",
+    "cert-fingerprints",
    "disable-auth",
    "remote-app",
    "remote-app-dir",
@ -289,6 +291,21 @@ enum RDP_ARGS_IDX {
     */
    IDX_IGNORE_CERT,

+    /**
+     * "true" if a server certificate should be trusted the first time that
+     * a connection is established, and then subsequently checked for validity,
+     * or "false" if that behavior should not be forced. Whether or not the
+     * connection succeeds will be dependent upon other certificate settings,
+     * like ignore and/or provided fingerprints.
+     */
+    IDX_CERTIFICATE_TOFU,
+
+    /**
+     * A comma-separate list of fingerprints of certificates that should be
+     * trusted when establishing this RDP connection.
+     */
+    IDX_CERTIFICATE_FINGERPRINTS,
+
    /**
     * "true" if authentication should be disabled, "false" or blank otherwise.
     * This is different from the authentication that takes place when a user
@ -708,6 +725,16 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
        guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
                IDX_IGNORE_CERT, 0);

+    /* Add new certificates to trust list */
+    settings->certificate_tofu =
+        guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
+                IDX_CERTIFICATE_TOFU, 0);
+
+    /* Fingerprints of certificates that should be trusted */
+    settings->certificate_fingerprints =
+        guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv,
+                IDX_CERTIFICATE_FINGERPRINTS, NULL);
+
    /* Disable authentication */
    settings->disable_authentication =
        guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
@ -1296,6 +1323,7 @@ void guac_rdp_settings_free(guac_rdp_settings* settings) {
    free(settings->drive_name);
    free(settings->drive_path);
    free(settings->hostname);
+    free(settings->certificate_fingerprints);
    free(settings->initial_program);
    free(settings->password);
    free(settings->preconnection_blob);
@ -1575,9 +1603,12 @@ void guac_rdp_push_settings(guac_client* client,

    }

-    /* Authentication */
+    /* Security */
    rdp_settings->Authentication = !guac_settings->disable_authentication;
    rdp_settings->IgnoreCertificate = guac_settings->ignore_certificate;
+    rdp_settings->AutoAcceptCertificate = guac_settings->certificate_tofu;
+    if (guac_settings->certificate_fingerprints != NULL)
+        rdp_settings->CertificateAcceptedFingerprints = guac_strdup(guac_settings->certificate_fingerprints);

    /* RemoteApp */
    if (guac_settings->remote_app != NULL) {
--- a/src/protocols/rdp/settings.h
+++ b/src/protocols/rdp/settings.h
@ -286,6 +286,18 @@ typedef struct guac_rdp_settings {
     */
    int ignore_certificate;

+    /**
+     * Whether or not a certificate should be added to the local trust
+     * store on first use.
+     */
+    int certificate_tofu;
+
+    /**
+     * The fingerprints of host certificates that should be trusted for
+     * this connection.
+     */
+    char* certificate_fingerprints;
+
    /**
     * Whether authentication should be disabled. This is different from the
     * authentication that takes place when a user provides their username