Ejemplo n.º 1
0
/* Send a Licensing packet with Platform Challenge Response */
static void
licence_send_authresp(rdpLicence * licence, uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
    uint32 sec_flags = SEC_LICENSE_PKT;
    uint16 length = 58;
    STREAM s;

    s = sec_init(licence->sec, sec_flags, length + 2);

    /* Licensing Preamble (LICENSE_PREAMBLE) */
    out_uint8(s, PLATFORM_CHALLENGE_RESPONSE);	/* PLATFORM_CHALLENGE_RESPONSE */
    out_uint8(s, 2);	/* PREAMBLE_VERSION_2_0 */
    out_uint16_le(s, length);

    /* Licensing Binary BLOB with EncryptedPlatformChallengeResponse: */
    out_uint16_le(s, 1);	/* wBlobType should be 0x0009 (BB_ENCRYPTED_DATA_BLOB) */
    out_uint16_le(s, LICENCE_TOKEN_SIZE);	/* wBlobLen */
    out_uint8p(s, token, LICENCE_TOKEN_SIZE);	/* RC4-encrypted challenge data */

    /* Licensing Binary BLOB with EncryptedHWID: */
    out_uint16_le(s, 1);	/* wBlobType should be 0x0009 (BB_ENCRYPTED_DATA_BLOB) */
    out_uint16_le(s, LICENCE_HWID_SIZE);	/* wBlobLen */
    out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);	/* RC4-encrypted Client Hardware Identification */

    out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);	/* MACData */

    s_mark_end(s);
    sec_send(licence->sec, s, sec_flags);
}
Ejemplo n.º 2
0
/* Send a platform challenge response packet */
static void
licence_send_platform_challenge_response(uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
	uint32 sec_flags = SEC_LICENSE_PKT;
	uint16 length = 58;
	STREAM s;

	s = sec_init(sec_flags, length + 2);

	out_uint8(s, LICENCE_TAG_PLATFORM_CHALLENGE_RESPONSE);
	out_uint8(s, ((g_rdp_version >= RDP_V5) ? 3 : 2));	/* version */
	out_uint16_le(s, length);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_TOKEN_SIZE);
	out_uint8p(s, token, LICENCE_TOKEN_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	sec_send(s, sec_flags);
}
Ejemplo n.º 3
0
/* 004 */
enum SCP_CLIENT_STATES_E
scp_v1c_resend_credentials(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
{
    tui8 sz;
    tui32 size;

    init_stream(c->out_s, c->out_s->size);
    init_stream(c->in_s, c->in_s->size);

    size = 12 + 2 + g_strlen(s->username) + g_strlen(s->password);

    /* sending request */
    /* header */
    out_uint32_be(c->out_s, 1); /* version */
    out_uint32_be(c->out_s, size);
    out_uint16_be(c->out_s, SCP_COMMAND_SET_DEFAULT);
    out_uint16_be(c->out_s, 4);

    /* body */
    sz = g_strlen(s->username);
    out_uint8(c->out_s, sz);
    out_uint8p(c->out_s, s->username, sz);
    sz = g_strlen(s->password);
    out_uint8(c->out_s, sz);
    out_uint8p(c->out_s, s->password, sz);

    if (0 != scp_tcp_force_send(c->in_sck, c->out_s->data, size))
    {
        return SCP_CLIENT_STATE_NETWORK_ERR;
    }

    /* wait for response */
    return _scp_v1c_check_response(c, s);
}
Ejemplo n.º 4
0
/* Send an authentication response packet */
static BOOL
licence_send_authresp(RDPCLIENT * This, uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
	uint32 sec_flags = SEC_LICENCE_NEG;
	uint16 length = 58;
	STREAM s;

	s = sec_init(This, sec_flags, length + 2);

	if(s == NULL)
		return False;

	out_uint8(s, LICENCE_TAG_AUTHRESP);
	out_uint8(s, 2);	/* version */
	out_uint16_le(s, length);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_TOKEN_SIZE);
	out_uint8p(s, token, LICENCE_TOKEN_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	return sec_send(This, s, sec_flags);
}
Ejemplo n.º 5
0
/* Send an authentication response packet */
static void
licence_send_authresp(uint8 *token, uint8 *crypt_hwid, uint8 *signature)
{
	uint32 sec_flags = SEC_LICENCE_NEG;
	uint16 length = 58;
	STREAM s;

	s = sec_init(sec_flags, length + 2);

	out_uint16_le(s, LICENCE_TAG_AUTHRESP);
	out_uint16_le(s, length);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_TOKEN_SIZE);
	out_uint8p(s, token, LICENCE_TOKEN_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	sec_send(s, sec_flags);
}
Ejemplo n.º 6
0
/* Send an authentication response packet */
static void
licence_send_authresp(RDConnectionRef conn, uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
	uint32 sec_flags = SEC_LICENCE_NEG;
	uint16 length = 58;
	RDStreamRef s;

	s = sec_init(conn, sec_flags, length + 2);

	out_uint8(s, LICENCE_TAG_AUTHRESP);
	out_uint8(s, 2);	/* version */
	out_uint16_le(s, length);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_TOKEN_SIZE);
	out_uint8p(s, token, LICENCE_TOKEN_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	sec_send(conn, s, sec_flags);
}
Ejemplo n.º 7
0
Archivo: iso.c Proyecto: RPG-7/reactos
static void
iso_send_connection_request(char *username)
{
	STREAM s;
	int length = 30 + strlen(username);

	s = tcp_init(length);

	out_uint8(s, 3);	/* version */
	out_uint8(s, 0);	/* reserved */
	out_uint16_be(s, length);	/* length */

	out_uint8(s, length - 5);	/* hdrlen */
	out_uint8(s, ISO_PDU_CR);
	out_uint16(s, 0);	/* dst_ref */
	out_uint16(s, 0);	/* src_ref */
	out_uint8(s, 0);	/* class */

	out_uint8p(s, "Cookie: mstshash=", strlen("Cookie: mstshash="));
	out_uint8p(s, username, strlen(username));

	out_uint8(s, 0x0d);	/* Unknown */
	out_uint8(s, 0x0a);	/* Unknown */

	s_mark_end(s);
	tcp_send(s);
}
Ejemplo n.º 8
0
static void
rdpdr_send_available(RDPCLIENT * This)
{

	uint8 magic[4] = "rDAD";
	uint32 driverlen, printerlen, bloblen;
	int i;
	STREAM s;
	PRINTER *printerinfo;

	s = channel_init(This, This->rdpdr.channel, announcedata_size(This));
	out_uint8a(s, magic, 4);
	out_uint32_le(s, This->num_devices);

	for (i = 0; i < This->num_devices; i++)
	{
		out_uint32_le(s, This->rdpdr_device[i].device_type);
		out_uint32_le(s, i);	/* RDP Device ID */
		/* Is it possible to use share names longer than 8 chars?
		   /astrand */
		out_uint8p(s, This->rdpdr_device[i].name, 8);

		switch (This->rdpdr_device[i].device_type)
		{
			case DEVICE_TYPE_PRINTER:
				printerinfo = (PRINTER *) This->rdpdr_device[i].pdevice_data;

				driverlen = 2 * strlen(printerinfo->driver) + 2;
				printerlen = 2 * strlen(printerinfo->printer) + 2;
				bloblen = printerinfo->bloblen;

				out_uint32_le(s, 24 + driverlen + printerlen + bloblen);	/* length of extra info */
				out_uint32_le(s, printerinfo->default_printer ? 2 : 0);
				out_uint8s(s, 8);	/* unknown */
				out_uint32_le(s, driverlen);
				out_uint32_le(s, printerlen);
				out_uint32_le(s, bloblen);
				rdp_out_unistr(This, s, printerinfo->driver, driverlen - 2);
				rdp_out_unistr(This, s, printerinfo->printer, printerlen - 2);
				out_uint8a(s, printerinfo->blob, bloblen);

				if (printerinfo->blob)
					xfree(printerinfo->blob);	/* Blob is sent twice if reconnecting */
				break;
			default:
				out_uint32(s, 0);
		}
	}
#if 0
	out_uint32_le(s, 0x20);	/* Device type 0x20 - smart card */
	out_uint32_le(s, 0);
	out_uint8p(s, "SCARD", 5);
	out_uint8s(s, 3);
	out_uint32(s, 0);
#endif

	s_mark_end(s);
	channel_send(This, s, This->rdpdr.channel);
}
Ejemplo n.º 9
0
Archivo: cssp.c Proyecto: jeppeter/vbox
static STREAM
cssp_encode_tspasswordcreds(char *username, char *password, char *domain)
{
	STREAM out, h1, h2;
	struct stream tmp = { 0 };
	struct stream message = { 0 };

	memset(&tmp, 0, sizeof(tmp));
	memset(&message, 0, sizeof(message));

	// domainName [0]
	s_realloc(&tmp, 4 + strlen(domain) * sizeof(uint16));
	s_reset(&tmp);
	rdp_out_unistr(&tmp, domain, strlen(domain) * sizeof(uint16));
	s_mark_end(&tmp);
	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 0, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// userName [1]
	s_realloc(&tmp, 4 + strlen(username) * sizeof(uint16));
	s_reset(&tmp);
	rdp_out_unistr(&tmp, username, strlen(username) * sizeof(uint16));
	s_mark_end(&tmp);

	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 1, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// password [2]
	s_realloc(&tmp, 4 + strlen(password) * sizeof(uint16));
	s_reset(&tmp);
	rdp_out_unistr(&tmp, password, strlen(password) * sizeof(uint16));
	s_mark_end(&tmp);
	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 2, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// build message
	out = ber_wrap_hdr_data(BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED, &message);

	// cleanup
	xfree(tmp.data);
	xfree(message.data);
	return out;
}
Ejemplo n.º 10
0
/* Output and send X.224 Connection Request TPDU with routing for username */
void
x224_send_connection_request(rdpIso * iso)
{
	STREAM s;
	int length = 11;
	int cookie_length;

	cookie_length = strlen(iso->cookie);

	if (iso->mcs->sec->rdp->redirect_routingtoken)
		/* routingToken */
		length += iso->mcs->sec->rdp->redirect_routingtoken_len;
	else
		/* cookie */
		length += 19 + cookie_length;

	if (iso->nego->requested_protocols > PROTOCOL_RDP)
		length += 8;

	/* FIXME: Use x224_send_dst_src_class */
	s = tcp_init(iso->tcp, length);

	tpkt_output_header(s, length);

	/* X.224 Connection Request (CR) TPDU */
	out_uint8(s, length - 5);	/* length indicator */
	out_uint8(s, X224_TPDU_CONNECTION_REQUEST);
	out_uint16_le(s, 0);	/* dst_ref */
	out_uint16_le(s, 0);	/* src_ref */
	out_uint8(s, 0);	/* class */

	if (iso->mcs->sec->rdp->redirect_routingtoken)
	{
		/* routingToken */
		out_uint8p(s, iso->mcs->sec->rdp->redirect_routingtoken, iso->mcs->sec->rdp->redirect_routingtoken_len);
	}
	else
	{
		/* cookie */
		out_uint8p(s, "Cookie: mstshash=", strlen("Cookie: mstshash="));
		out_uint8p(s, iso->cookie, cookie_length);
		out_uint8(s, 0x0D);	/* CR */
		out_uint8(s, 0x0A);	/* LF */
	}

	if (iso->nego->requested_protocols > PROTOCOL_RDP)
	{
		out_uint8(s, TYPE_RDP_NEG_REQ); /* When using TLS, NLA, or both, RDP_NEG_DATA should be present */
		out_uint8(s, 0x00);	/* flags, must be set to zero */
		out_uint16_le(s, 8);	/* RDP_NEG_DATA length (8) */
		out_uint32_le(s, iso->nego->requested_protocols); /* requestedProtocols */
	}

	s_mark_end(s);
	tcp_send(iso->tcp, s);
}
Ejemplo n.º 11
0
/* Output unknown capability sets */
static void rdp_out_unknown_caps(STREAM s, uint16 id, uint16 length,
		uint8 * caps) {
	out_uint16_le(s, id);
	out_uint16_le(s, length);

	out_uint8p(s, caps, length - 4);
}
Ejemplo n.º 12
0
enum SCP_SERVER_STATES_E
scp_v1s_deny_connection(struct SCP_CONNECTION* c, char* reason)
{
  int rlen;

  init_stream(c->out_s,c->out_s->size);

  /* forcing message not to exceed 64k */
  rlen = g_strlen(reason);
  if (rlen > 65535)
  {
    rlen = 65535;
  }

  out_uint32_be(c->out_s, 1);
  /* packet size: 4 + 4 + 2 + 2 + 2 + strlen(reason)*/
  /* version + size + cmdset + cmd + msglen + msg */
  out_uint32_be(c->out_s, rlen+14);
  out_uint16_be(c->out_s, SCP_COMMAND_SET_DEFAULT);
  out_uint16_be(c->out_s, 2);
  out_uint16_be(c->out_s, rlen);
  out_uint8p(c->out_s, reason, rlen);

  if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, rlen+14))
  {
    log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__);
    return SCP_SERVER_STATE_NETWORK_ERR;
  }

  return SCP_SERVER_STATE_END;
}
Ejemplo n.º 13
0
static BOOL
iso_send_connection_request(RDPCLIENT * This, char *cookie)
{
	STREAM s;
	int cookielen = (int)strlen(cookie);
	int length = 11 + cookielen;

	s = tcp_init(This, length);

	if(s == NULL)
		return False;

	out_uint8(s, 3);	/* version */
	out_uint8(s, 0);	/* reserved */
	out_uint16_be(s, length);	/* length */

	out_uint8(s, length - 5);	/* hdrlen */
	out_uint8(s, ISO_PDU_CR);
	out_uint16(s, 0);	/* dst_ref */
	out_uint16(s, 0);	/* src_ref */
	out_uint8(s, 0);	/* class */

	out_uint8p(s, cookie, cookielen);

	s_mark_end(s);
	return tcp_send(This, s);
}
Ejemplo n.º 14
0
/* 003 */
enum SCP_SERVER_STATES_E
scp_v1s_mng_deny_connection(struct SCP_CONNECTION *c, char *reason)
{
    int rlen;

    init_stream(c->out_s, c->out_s->size);

    /* forcing message not to exceed 64k */
    rlen = g_strlen(reason);

    if (rlen > 65535)
    {
        rlen = 65535;
    }

    out_uint32_be(c->out_s, 1);
    /* packet size: 4 + 4 + 2 + 2 + 2 + strlen(reason)*/
    /* version + size + cmdset + cmd + msglen + msg */
    out_uint32_be(c->out_s, rlen + 14);
    out_uint16_be(c->out_s, SCP_COMMAND_SET_MANAGE);
    out_uint16_be(c->out_s, SCP_CMD_MNG_LOGIN_DENY);
    out_uint16_be(c->out_s, rlen);
    out_uint8p(c->out_s, reason, rlen);

    if (0 != scp_tcp_force_send(c->in_sck, c->out_s->data, rlen + 14))
    {
        return SCP_SERVER_STATE_NETWORK_ERR;
    }

    return SCP_SERVER_STATE_END;
}
Ejemplo n.º 15
0
Archivo: cssp.c Proyecto: jeppeter/vbox
static RD_BOOL
cssp_gss_unwrap(gss_ctx_id_t * ctx, STREAM in, STREAM out)
{
	OM_uint32 major_status;
	OM_uint32 minor_status;
	gss_qop_t qop_state;
	gss_buffer_desc inbuf, outbuf;
	int conf_state;

	inbuf.value = in->data;
	inbuf.length = s_length(in);

	major_status = gss_unwrap(&minor_status, ctx, &inbuf, &outbuf, &conf_state, &qop_state);

	if (major_status != GSS_S_COMPLETE)
	{
		cssp_gss_report_error(GSS_C_GSS_CODE, "Failed to decrypt message",
				      major_status, minor_status);
		return False;
	}

	out->data = out->p = xmalloc(outbuf.length);
	out->size = outbuf.length;
	out_uint8p(out, outbuf.value, outbuf.length);
	s_mark_end(out);

	gss_release_buffer(&minor_status, &outbuf);

	return True;
}
Ejemplo n.º 16
0
void
rdpdr_send_completion(uint32 device, uint32 id, uint32 status, uint32 result, uint8 * buffer,
		      uint32 length)
{
	uint8 magic[4] = "rDCI";
	STREAM s;

#ifdef WITH_SCARD
	scard_lock(SCARD_LOCK_RDPDR);
#endif
	s = channel_init(rdpdr_channel, 20 + length);
	out_uint8a(s, magic, 4);
	out_uint32_le(s, device);
	out_uint32_le(s, id);
	out_uint32_le(s, status);
	out_uint32_le(s, result);
	out_uint8p(s, buffer, length);
	s_mark_end(s);
	/* JIF */
#ifdef WITH_DEBUG_RDP5
	printf("--> rdpdr_send_completion\n");
	/* hexdump(s->channel_hdr + 8, s->end - s->channel_hdr - 8); */
#endif
	channel_send(s, rdpdr_channel);
#ifdef WITH_SCARD
	scard_unlock(SCARD_LOCK_RDPDR);
#endif
}
Ejemplo n.º 17
0
/* Send a confirm active PDU */
static void rdp_send_confirm_active(void) {
	STREAM s;
	uint32 sec_flags = g_encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG;
	uint16 caplen = RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER
			+ RDP_CAPLEN_COLCACHE + RDP_CAPLEN_ACTIVATE + RDP_CAPLEN_CONTROL
			+ RDP_CAPLEN_SHARE + RDP_CAPLEN_BRUSHCACHE + 0x58 + 0x08 + 0x08
			+ 0x34 /* unknown caps */+ 4 /* w2k fix, sessionid */;

	if (g_use_rdp5) {
		caplen += RDP_CAPLEN_BMPCACHE2;
		caplen += RDP_CAPLEN_NEWPOINTER;
	} else {
		caplen += RDP_CAPLEN_BMPCACHE;
		caplen += RDP_CAPLEN_POINTER;
	}

	s = sec_init(sec_flags, 6 + 14 + caplen + sizeof(RDP_SOURCE));

	out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE));
	out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10));
	/* Version 1 */
	out_uint16_le(s, (g_mcs_userid + 1001));

	out_uint32_le(s, g_rdp_shareid);
	out_uint16_le(s, 0x3ea);
	/* userid */
	out_uint16_le(s, sizeof(RDP_SOURCE));
	out_uint16_le(s, caplen);

	out_uint8p(s, RDP_SOURCE, sizeof(RDP_SOURCE));
	out_uint16_le(s, 0xe);
	/* num_caps */
	out_uint8s(s, 2);
	/* pad */

	rdp_out_general_caps(s);
	rdp_out_bitmap_caps(s);
	rdp_out_order_caps(s);
	if (g_use_rdp5) {
		rdp_out_bmpcache2_caps(s);
		rdp_out_newpointer_caps(s);
	} else {
		rdp_out_bmpcache_caps(s);
		rdp_out_pointer_caps(s);
	}
	rdp_out_colcache_caps(s);
	rdp_out_activate_caps(s);
	rdp_out_control_caps(s);
	rdp_out_share_caps(s);
	rdp_out_brushcache_caps(s);

	rdp_out_unknown_caps(s, 0x0d, 0x58, caps_0x0d); /* CAPSTYPE_INPUT */
	rdp_out_unknown_caps(s, 0x0c, 0x08, caps_0x0c); /* CAPSTYPE_SOUND */
	rdp_out_unknown_caps(s, 0x0e, 0x08, caps_0x0e); /* CAPSTYPE_FONT */
	rdp_out_unknown_caps(s, 0x10, 0x34, caps_0x10); /* CAPSTYPE_GLYPHCACHE */

	s_mark_end(s);
	sec_send(s, sec_flags);
}
Ejemplo n.º 18
0
/* Output unknown capability sets (number 13, 12, 14 and 16) */
static void
rdp_out_unknown_caps(STREAM s)
{
	out_uint16_le(s, RDP_CAPSET_UNKNOWN);
	out_uint16_le(s, 0x58);

	out_uint8p(s, canned_caps, RDP_CAPLEN_UNKNOWN - 4);
}
Ejemplo n.º 19
0
void
channel_send(STREAM s, VCHANNEL * channel)
{
	uint32 length, flags;
	uint32 thislength, remaining;
	uint8 *data;

#ifdef WITH_SCARD
	scard_lock(SCARD_LOCK_CHANNEL);
#endif

	/* first fragment sent in-place */
	s_pop_layer(s, channel_hdr);
	length = s->end - s->p - 8;

	DEBUG_CHANNEL(("channel_send, length = %d\n", length));

	thislength = MIN(length, CHANNEL_CHUNK_LENGTH);
/* Note: In the original clipboard implementation, this number was
   1592, not 1600. However, I don't remember the reason and 1600 seems
   to work so.. This applies only to *this* length, not the length of
   continuation or ending packets. */
	remaining = length - thislength;
	flags = (remaining == 0) ? CHANNEL_FLAG_FIRST | CHANNEL_FLAG_LAST : CHANNEL_FLAG_FIRST;
	if (channel->flags & CHANNEL_OPTION_SHOW_PROTOCOL)
		flags |= CHANNEL_FLAG_SHOW_PROTOCOL;

	out_uint32_le(s, length);
	out_uint32_le(s, flags);
	data = s->end = s->p + thislength;
	DEBUG_CHANNEL(("Sending %d bytes with FLAG_FIRST\n", thislength));
	sec_send_to_channel(s, g_encryption ? SEC_ENCRYPT : 0, channel->mcs_id);

	/* subsequent segments copied (otherwise would have to generate headers backwards) */
	while (remaining > 0)
	{
		thislength = MIN(remaining, CHANNEL_CHUNK_LENGTH);
		remaining -= thislength;
		flags = (remaining == 0) ? CHANNEL_FLAG_LAST : 0;
		if (channel->flags & CHANNEL_OPTION_SHOW_PROTOCOL)
			flags |= CHANNEL_FLAG_SHOW_PROTOCOL;

		DEBUG_CHANNEL(("Sending %d bytes with flags %d\n", thislength, flags));

		s = sec_init(g_encryption ? SEC_ENCRYPT : 0, thislength + 8);
		out_uint32_le(s, length);
		out_uint32_le(s, flags);
		out_uint8p(s, data, thislength);
		s_mark_end(s);
		sec_send_to_channel(s, g_encryption ? SEC_ENCRYPT : 0, channel->mcs_id);

		data += thislength;
	}

#ifdef WITH_SCARD
	scard_unlock(SCARD_LOCK_CHANNEL);
#endif
}
Ejemplo n.º 20
0
/* Send a Licensing packet with Client License Information */
static void
licence_present(rdpLicence * licence, uint8 * client_random, uint8 * rsa_data,
                uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
    uint32 sec_flags = SEC_LICENSE_PKT;
    uint16 length =
        16 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
        licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
    STREAM s;

    s = sec_init(licence->sec, sec_flags, length + 4);

    /* Licensing Preamble (LICENSE_PREAMBLE) */
    out_uint8(s, LICENSE_INFO);	/* bMsgType LICENSE_INFO */
    out_uint8(s, 2);	/* bVersion PREAMBLE_VERSION_2_0 */
    out_uint16_le(s, length);

    /* Client License Information: */
    out_uint32_le(s, 1);	/* PreferredKeyExchangeAlg KEY_EXCHANGE_ALG_RSA */
    out_uint16_le(s, 0);	/* PlatformId, unknown platform and ISV */
    out_uint16_le(s, 0x0201);	/* PlatformId, build/version */

    out_uint8p(s, client_random, SEC_RANDOM_SIZE);	/* ClientRandom */

    /* Licensing Binary Blob with EncryptedPreMasterSecret: */
    out_uint16_le(s, 0);	/* wBlobType should be 0x0002 (BB_RANDOM_BLOB) */
    out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));	/* wBlobLen */
    out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);	/* 48 bit random number encrypted for server */
    out_uint8s(s, SEC_PADDING_SIZE);

    /* Licensing Binary Blob with LicenseInfo: */
    out_uint16_le(s, 1);	/* wBlobType BB_DATA_BLOB */
    out_uint16_le(s, licence_size);	/* wBlobLen */
    out_uint8p(s, licence_data, licence_size);	/* CAL issued by servers license server */

    /* Licensing Binary Blob with EncryptedHWID */
    out_uint16_le(s, 1);	/* wBlobType BB_DATA_BLOB */
    out_uint16_le(s, LICENCE_HWID_SIZE);	/* wBlobLen */
    out_uint8p(s, hwid, LICENCE_HWID_SIZE);	/* RC4-encrypted Client Hardware Identification */

    out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);	/* MACData */

    s_mark_end(s);
    sec_send(licence->sec, s, sec_flags);
}
Ejemplo n.º 21
0
void rdp_out_order_capset(rdpRdp * rdp, STREAM s)
{
	uint8 orderSupport[32];
	capsetHeaderRef header;

	header = rdp_skip_capset_header(s);

	memset(orderSupport, 0, 32);
	orderSupport[NEG_DSTBLT_INDEX] = 1;
	orderSupport[NEG_PATBLT_INDEX] = 1;
	orderSupport[NEG_SCRBLT_INDEX] = 1;
	orderSupport[NEG_MEMBLT_INDEX] = (rdp->settings->bitmap_cache ? 1 : 0);
	orderSupport[NEG_MEM3BLT_INDEX] = (rdp->settings->triblt ? 1 : 0);
	// orderSupport[NEG_DRAWNINEGRID_INDEX] = 1;
	orderSupport[NEG_LINETO_INDEX] = 1;
	orderSupport[NEG_MULTI_DRAWNINEGRID_INDEX] = 1;
	orderSupport[NEG_SAVEBITMAP_INDEX] = (rdp->settings->desktop_save ? 1 : 0);
	// orderSupport[NEG_MULTIDSTBLT_INDEX] = 1;
	orderSupport[NEG_MULTIPATBLT_INDEX] = 1;
	// orderSupport[NEG_MULTISCRBLT_INDEX] = 1;
	orderSupport[NEG_MULTIOPAQUERECT_INDEX] = 1;
	orderSupport[NEG_FAST_INDEX_INDEX] = 1;
	orderSupport[NEG_POLYGON_SC_INDEX] = (rdp->settings->polygon_ellipse_orders ? 1 : 0);
	orderSupport[NEG_POLYGON_CB_INDEX] = (rdp->settings->polygon_ellipse_orders ? 1 : 0);
	orderSupport[NEG_POLYLINE_INDEX] = 1;
	orderSupport[NEG_FAST_GLYPH_INDEX] = 1;
/*	orderSupport[NEG_ELLIPSE_SC_INDEX] = (rdp->settings->polygon_ellipse_orders ? 1 : 0);*/
/*	orderSupport[NEG_ELLIPSE_CB_INDEX] = (rdp->settings->polygon_ellipse_orders ? 1 : 0);*/
	orderSupport[NEG_INDEX_INDEX] = 1;

	out_uint8s(s, 16); /* terminalDescriptor, ignored and should be set to zero */
	out_uint32_le(s, 0); /* pad */
	out_uint16_le(s, 1); /* desktopSaveXGranularity */
	out_uint16_le(s, 20); /* desktopSaveYGranularity */
	out_uint16_le(s, 0); /* pad */
	out_uint16_le(s, 1); /* maximumOrderLevel */
	out_uint16_le(s, 0); /* numberFonts, ignored and should be set to zero */

	out_uint16_le(s,
		NEGOTIATEORDERSUPPORT |
		ZEROBOUNDSDELTASSUPPORT |
		COLORINDEXSUPPORT ); /* orderFlags */

	out_uint8p(s, orderSupport, 32); /* orderSupport */
	out_uint16_le(s, 0); /* textFlags, must be ignored */
	out_uint16_le(s, 0); /* orderSupportExFlags */
	out_uint32_le(s, 0); /* pad */
	out_uint32_le(s, rdp->settings->desktop_save == False ? 0 : 0x38400); /* desktopSaveSize */
	out_uint16_le(s, 0); /* pad */
	out_uint16_le(s, 0); /* pad */

	/* See [MSDN-CP]: http://msdn.microsoft.com/en-us/library/dd317756/ */
	out_uint16_le(s, 0x04E4); /* textANSICodePage, 0x04E4 is "ANSI Latin 1 Western European (Windows)" */
	out_uint16_le(s, 0); /* pad */

	rdp_out_capset_header(s, header, CAPSET_TYPE_ORDER);
}
Ejemplo n.º 22
0
int DEFAULT_CC
xml_send_error(int client, const char* message)
{
	xmlChar* xmlbuff;
	xmlDocPtr doc;
	xmlNodePtr node;
	struct stream* s;
	int buff_size, size;
	xmlChar* version;
	xmlChar* error;
	xmlChar* msg;


	version = xmlCharStrdup("1.0");
	doc = xmlNewDoc(version);
	if (doc == NULL)
	{
		log_message(&(g_cfg->log), LOG_LEVEL_WARNING, "sesman[xml_send_error]: "
				"Unable to create the document");
		xmlFree(version);
		return 0;
	}
	error = xmlCharStrdup("error");
	msg = xmlCharStrdup(message);
	doc->encoding = xmlCharStrdup("UTF-8");
	node = xmlNewNode(NULL, error);
	xmlNodeSetContent(node, msg);
	xmlDocSetRootElement(doc, node);

	xmlDocDumpFormatMemory(doc, &xmlbuff, &buff_size, 1);
	log_message(&(g_cfg->log), LOG_LEVEL_WARNING, "sesman[xml_send_error]: "
			"data send : %s",xmlbuff);

	make_stream(s);
	init_stream(s, buff_size + 6);
	out_uint32_be(s,buff_size);
	out_uint8p(s, xmlbuff, buff_size)
	size = s->p - s->data;
	if (g_tcp_can_send(client, 10))
	{
		buff_size = g_tcp_send(client, s->data, size, 0);
	}
	else
	{
		log_message(&(g_cfg->log), LOG_LEVEL_DEBUG_PLUS, "sesman[xml_send_error]: "
				"Unable to send xml response: %s, cause: %s", xmlbuff, strerror(g_get_errno()));
	}
	free_stream(s);
	xmlFreeDoc(doc);
	xmlFree(xmlbuff);
	xmlFree(version);
	xmlFree(error);
	xmlFree(msg);
	return buff_size;
}
Ejemplo n.º 23
0
/* Present an existing licence to the server */
static BOOL
licence_present(RDPCLIENT * This, uint8 * client_random, uint8 * rsa_data,
		uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
	uint32 sec_flags = SEC_LICENCE_NEG;
	uint16 length =
		16 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
		licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
	STREAM s;

	s = sec_init(This, sec_flags, length + 4);

	if(s == NULL)
		return False;

	out_uint8(s, LICENCE_TAG_PRESENT);
	out_uint8(s, 2);	/* version */
	out_uint16_le(s, length);

	out_uint32_le(s, 1);
	out_uint16(s, 0);
	out_uint16_le(s, 0x0201);

	out_uint8p(s, client_random, SEC_RANDOM_SIZE);
	out_uint16(s, 0);
	out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
	out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
	out_uint8s(s, SEC_PADDING_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, licence_size);
	out_uint8p(s, licence_data, licence_size);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	return sec_send(This, s, sec_flags);
}
Ejemplo n.º 24
0
/* Send a Licensing packet with Client New License Request */
static void
licence_send_request(rdpLicence * licence, uint8 * client_random, uint8 * rsa_data, char *user,
                     char *host)
{
    uint32 sec_flags = SEC_LICENSE_PKT;
    uint16 userlen = strlen(user) + 1;
    uint16 hostlen = strlen(host) + 1;
    uint16 length = 128 + userlen + hostlen;
    STREAM s;

    s = sec_init(licence->sec, sec_flags, length + 2);

    /* Licensing Preamble (LICENSE_PREAMBLE) */
    out_uint8(s, NEW_LICENSE_REQUEST);	/* NEW_LICENSE_REQUEST */
    out_uint8(s, 2);	/* PREAMBLE_VERSION_2_0 */
    out_uint16_le(s, length);

    out_uint32_le(s, 1);	/* PreferredKeyExchangeAlg KEY_EXCHANGE_ALG_RSA */
    out_uint16_le(s, 0);	/* PlatformId, unknown platform and ISV */
    out_uint16_le(s, 0xff01);	/* PlatformId, build/version */

    out_uint8p(s, client_random, SEC_RANDOM_SIZE);	/* ClientRandom */

    /* Licensing Binary Blob with EncryptedPreMasterSecret: */
    out_uint16_le(s, 0);	/* wBlobType should be 0x0002 (BB_RANDOM_BLOB) */
    out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));	/* wBlobLen */
    out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);	/* 48 bit random number encrypted for server */
    out_uint8s(s, SEC_PADDING_SIZE);

    /* Licensing Binary Blob with ClientUserName: */
    out_uint16_le(s, LICENCE_TAG_USER);	/* wBlobType BB_CLIENT_USER_NAME_BLOB */
    out_uint16_le(s, userlen);	/* wBlobLen */
    out_uint8p(s, user, userlen);

    /* Licensing Binary Blob with ClientMachineName: */
    out_uint16_le(s, LICENCE_TAG_HOST);	/* wBlobType BB_CLIENT_MACHINE_NAME_BLOB */
    out_uint16_le(s, hostlen);	/* wBlobLen */
    out_uint8p(s, host, hostlen);

    s_mark_end(s);
    sec_send(licence->sec, s, sec_flags);
}
Ejemplo n.º 25
0
static void
iso_send_connection_request(char *username)
{
	STREAM s;
	int length = 30 + strlen(username);

	if (g_rdp_version >= RDP_V5 && g_negotiate_rdp_protocol)
		length += 8;

	s = tcp_init(length);

	out_uint8(s, 3);	/* version */
	out_uint8(s, 0);	/* reserved */
	out_uint16_be(s, length);	/* length */

	out_uint8(s, length - 5);	/* hdrlen */
	out_uint8(s, ISO_PDU_CR);
	out_uint16(s, 0);	/* dst_ref */
	out_uint16(s, 0);	/* src_ref */
	out_uint8(s, 0);	/* class */

	out_uint8p(s, "Cookie: mstshash=", strlen("Cookie: mstshash="));
	out_uint8p(s, username, strlen(username));

	out_uint8(s, 0x0d);	/* cookie termination string: CR+LF */
	out_uint8(s, 0x0a);

	if (g_rdp_version >= RDP_V5 && g_negotiate_rdp_protocol)
	{
		/* optional rdp protocol negotiation request for RDPv5 */
		out_uint8(s, RDP_NEG_REQ);
		out_uint8(s, 0);
		out_uint16(s, 8);
		out_uint32(s, PROTOCOL_SSL);
	}

	s_mark_end(s);
	tcp_send(s);
}
Ejemplo n.º 26
0
/* Present an existing licence to the server */
static void
licence_present(RDConnectionRef conn, uint8 * client_random, uint8 * rsa_data,
		uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
	uint32 sec_flags = SEC_LICENCE_NEG;
	uint16 length =
		16 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
		licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
	RDStreamRef s;

	s = sec_init(conn, sec_flags, length + 4);

	out_uint8(s, LICENCE_TAG_PRESENT);
	out_uint8(s, 2);	/* version */
	out_uint16_le(s, length);

	out_uint32_le(s, 1);
	out_uint16(s, 0);
	out_uint16_le(s, 0x0201);

	out_uint8p(s, client_random, SEC_RANDOM_SIZE);
	out_uint16(s, 0);
	out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
	out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
	out_uint8s(s, SEC_PADDING_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, licence_size);
	out_uint8p(s, licence_data, licence_size);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	sec_send(conn, s, sec_flags);
}
Ejemplo n.º 27
0
/* Send a licence request packet */
static BOOL
licence_send_request(RDPCLIENT * This, uint8 * client_random, uint8 * rsa_data, char *user, char *host)
{
	uint32 sec_flags = SEC_LICENCE_NEG;
	uint16 userlen = (uint16)strlen(user) + 1;
	uint16 hostlen = (uint16)strlen(host) + 1;
	uint16 length = 128 + userlen + hostlen;
	STREAM s;

	s = sec_init(This, sec_flags, length + 2);

	if(s == NULL)
		return False;

	out_uint8(s, LICENCE_TAG_REQUEST);
	out_uint8(s, 2);	/* version */
	out_uint16_le(s, length);

	out_uint32_le(s, 1);
	out_uint16(s, 0);
	out_uint16_le(s, 0xff01);

	out_uint8p(s, client_random, SEC_RANDOM_SIZE);
	out_uint16(s, 0);
	out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
	out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
	out_uint8s(s, SEC_PADDING_SIZE);

	out_uint16_le(s, LICENCE_TAG_USER);
	out_uint16_le(s, userlen);
	out_uint8p(s, user, userlen);

	out_uint16_le(s, LICENCE_TAG_HOST);
	out_uint16_le(s, hostlen);
	out_uint8p(s, host, hostlen);

	s_mark_end(s);
	return sec_send(This, s, sec_flags);
}
Ejemplo n.º 28
0
/* Send a new licence request packet */
static void
licence_send_new_licence_request(uint8 * client_random, uint8 * rsa_data, char *user, char *host)
{
	uint32 sec_flags = SEC_LICENSE_PKT;
	uint16 userlen = strlen(user) + 1;
	uint16 hostlen = strlen(host) + 1;
	uint16 length =
		24 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE + userlen + hostlen;
	STREAM s;

	s = sec_init(sec_flags, length + 2);

	out_uint8(s, LICENCE_TAG_NEW_LICENCE_REQUEST);
	out_uint8(s, ((g_rdp_version >= RDP_V5) ? 3 : 2));	/* version */
	out_uint16_le(s, length);

	out_uint32_le(s, 1);	// KEY_EXCHANGE_ALG_RSA
	out_uint16(s, 0);
	out_uint16_le(s, 0xff01);

	out_uint8p(s, client_random, SEC_RANDOM_SIZE);
	out_uint16_le(s, 2);
	out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
	out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
	out_uint8s(s, SEC_PADDING_SIZE);

	/* Username LICENSE_BINARY_BLOB */
	out_uint16_le(s, BB_CLIENT_USER_NAME_BLOB);
	out_uint16_le(s, userlen);
	out_uint8p(s, user, userlen);

	/* Machinename LICENSE_BINARY_BLOB */
	out_uint16_le(s, BB_CLIENT_MACHINE_NAME_BLOB);
	out_uint16_le(s, hostlen);
	out_uint8p(s, host, hostlen);

	s_mark_end(s);
	sec_send(s, sec_flags);
}
Ejemplo n.º 29
0
/* Send a licence info packet to server */
static void
licence_info(uint8 * client_random, uint8 * rsa_data,
	     uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
	uint32 sec_flags = SEC_LICENSE_PKT;
	uint16 length =
		24 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
		licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
	STREAM s;

	s = sec_init(sec_flags, length + 2);

	out_uint8(s, LICENCE_TAG_LICENCE_INFO);
	out_uint8(s, ((g_rdp_version >= RDP_V5) ? 3 : 2));	/* version */
	out_uint16_le(s, length);

	out_uint32_le(s, 1);
	out_uint16(s, 0);
	out_uint16_le(s, 0x0201);

	out_uint8p(s, client_random, SEC_RANDOM_SIZE);
	out_uint16_le(s, 2);
	out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
	out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
	out_uint8s(s, SEC_PADDING_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, licence_size);
	out_uint8p(s, licence_data, licence_size);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	sec_send(s, sec_flags);
}
Ejemplo n.º 30
0
/* Output order capability set */
static void rdp_out_order_caps(STREAM s) {
	uint8 order_caps[32];

	memset(order_caps, 0, 32);
	order_caps[0] = 1; /* dest blt */
	order_caps[1] = 1; /* pat blt */
	order_caps[2] = 1; /* screen blt */
	order_caps[3] = (g_bitmap_cache ? 1 : 0); /* memblt */
	order_caps[4] = 0; /* triblt */
	order_caps[8] = 1; /* line */
	order_caps[9] = 1; /* line */
	order_caps[10] = 1; /* rect */
	order_caps[11] = (g_desktop_save ? 1 : 0); /* desksave */
	order_caps[13] = 1; /* memblt */
	order_caps[14] = 1; /* triblt */
	order_caps[20] = (g_polygon_ellipse_orders ? 1 : 0); /* polygon */
	order_caps[21] = (g_polygon_ellipse_orders ? 1 : 0); /* polygon2 */
	order_caps[22] = 1; /* polyline */
	order_caps[25] = (g_polygon_ellipse_orders ? 1 : 0); /* ellipse */
	order_caps[26] = (g_polygon_ellipse_orders ? 1 : 0); /* ellipse2 */
	order_caps[27] = 1; /* text2 */
	out_uint16_le(s, RDP_CAPSET_ORDER);
	out_uint16_le(s, RDP_CAPLEN_ORDER);

	out_uint8s(s, 20);
	/* Terminal desc, pad */
	out_uint16_le(s, 1);
	/* Cache X granularity */
	out_uint16_le(s, 20);
	/* Cache Y granularity */
	out_uint16(s, 0);
	/* Pad */
	out_uint16_le(s, 1);
	/* Max order level */
	out_uint16_le(s, 0x147);
	/* Number of fonts */
	out_uint16_le(s, 0x2a);
	/* Capability flags */
	out_uint8p(s, order_caps, 32);
	/* Orders supported */
	out_uint16_le(s, 0x6a1);
	/* Text capability flags */
	out_uint8s(s, 6);
	/* Pad */
	out_uint32_le(s, g_desktop_save == False ? 0 : 0x38400);
	/* Desktop cache size */
	out_uint32(s, 0);
	/* Unknown */
	out_uint32_le(s, 0x4e4);
	/* Unknown */
}