void rdp_out_bitmapcache_rev2_capset(rdpRdp * rdp, STREAM s)
{
capsetHeaderRef header;
uint16 flag;
header = rdp_skip_capset_header(s);
flag = ALLOW_CACHE_WAITING_LIST_FLAG;
if (rdp->settings->bitmap_cache_persist_enable)
flag |= PERSISTENT_KEYS_EXPECTED_FLAG;
out_uint16_le(s, flag); /* CacheFlags */
out_uint8s(s, 1); /* pad */
out_uint8(s, 3); /* numCellCaches */
/* max cell size for cache 0 is 16x16, 1 = 32x32, 2 = 64x64, etc */
out_uint32_le(s, BMPCACHE2_C0_CELLS);
out_uint32_le(s, BMPCACHE2_C1_CELLS);
if (pstcache_init(rdp->pcache, 2))
{
out_uint32_le(s, BMPCACHE2_NUM_PSTCELLS | BMPCACHE2_FLAG_PERSIST);
}
else
{
out_uint32_le(s, BMPCACHE2_C2_CELLS);
}
out_uint8s(s, 20); /* other bitmap caches not used */
rdp_out_capset_header(s, header, CAPSET_TYPE_BITMAPCACHE_REV2);
}
static void
rdpdr_send_available(RDPCLIENT * This)
{
uint8 magic[4] = "rDAD";
uint32 driverlen, printerlen, bloblen;
int i;
STREAM s;
PRINTER *printerinfo;
s = channel_init(This, This->rdpdr.channel, announcedata_size(This));
out_uint8a(s, magic, 4);
out_uint32_le(s, This->num_devices);
for (i = 0; i < This->num_devices; i++)
{
out_uint32_le(s, This->rdpdr_device[i].device_type);
out_uint32_le(s, i); /* RDP Device ID */
/* Is it possible to use share names longer than 8 chars?
/astrand */
out_uint8p(s, This->rdpdr_device[i].name, 8);
switch (This->rdpdr_device[i].device_type)
{
case DEVICE_TYPE_PRINTER:
printerinfo = (PRINTER *) This->rdpdr_device[i].pdevice_data;
driverlen = 2 * strlen(printerinfo->driver) + 2;
printerlen = 2 * strlen(printerinfo->printer) + 2;
bloblen = printerinfo->bloblen;
out_uint32_le(s, 24 + driverlen + printerlen + bloblen); /* length of extra info */
out_uint32_le(s, printerinfo->default_printer ? 2 : 0);
out_uint8s(s, 8); /* unknown */
out_uint32_le(s, driverlen);
out_uint32_le(s, printerlen);
out_uint32_le(s, bloblen);
rdp_out_unistr(This, s, printerinfo->driver, driverlen - 2);
rdp_out_unistr(This, s, printerinfo->printer, printerlen - 2);
out_uint8a(s, printerinfo->blob, bloblen);
if (printerinfo->blob)
xfree(printerinfo->blob); /* Blob is sent twice if reconnecting */
break;
default:
out_uint32(s, 0);
}
}
#if 0
out_uint32_le(s, 0x20); /* Device type 0x20 - smart card */
out_uint32_le(s, 0);
out_uint8p(s, "SCARD", 5);
out_uint8s(s, 3);
out_uint32(s, 0);
#endif
s_mark_end(s);
channel_send(This, s, This->rdpdr.channel);
}
/* Output order capability set */
static void rdp_out_order_caps(STREAM s) {
uint8 order_caps[32];
memset(order_caps, 0, 32);
order_caps[0] = 1; /* dest blt */
order_caps[1] = 1; /* pat blt */
order_caps[2] = 1; /* screen blt */
order_caps[3] = (g_bitmap_cache ? 1 : 0); /* memblt */
order_caps[4] = 0; /* triblt */
order_caps[8] = 1; /* line */
order_caps[9] = 1; /* line */
order_caps[10] = 1; /* rect */
order_caps[11] = (g_desktop_save ? 1 : 0); /* desksave */
order_caps[13] = 1; /* memblt */
order_caps[14] = 1; /* triblt */
order_caps[20] = (g_polygon_ellipse_orders ? 1 : 0); /* polygon */
order_caps[21] = (g_polygon_ellipse_orders ? 1 : 0); /* polygon2 */
order_caps[22] = 1; /* polyline */
order_caps[25] = (g_polygon_ellipse_orders ? 1 : 0); /* ellipse */
order_caps[26] = (g_polygon_ellipse_orders ? 1 : 0); /* ellipse2 */
order_caps[27] = 1; /* text2 */
out_uint16_le(s, RDP_CAPSET_ORDER);
out_uint16_le(s, RDP_CAPLEN_ORDER);
out_uint8s(s, 20);
/* Terminal desc, pad */
out_uint16_le(s, 1);
/* Cache X granularity */
out_uint16_le(s, 20);
/* Cache Y granularity */
out_uint16(s, 0);
/* Pad */
out_uint16_le(s, 1);
/* Max order level */
out_uint16_le(s, 0x147);
/* Number of fonts */
out_uint16_le(s, 0x2a);
/* Capability flags */
out_uint8p(s, order_caps, 32);
/* Orders supported */
out_uint16_le(s, 0x6a1);
/* Text capability flags */
out_uint8s(s, 6);
/* Pad */
out_uint32_le(s, g_desktop_save == False ? 0 : 0x38400);
/* Desktop cache size */
out_uint32(s, 0);
/* Unknown */
out_uint32_le(s, 0x4e4);
/* Unknown */
}
int APP_CC
dev_redir_process_close_io_request(int completion_id)
{
struct stream* s;
log_message(&log_conf, LOG_LEVEL_DEBUG, "chansrv[dev_redir_process_close_io_request]:"
"close file : %s",actions[completion_id].path);
make_stream(s);
init_stream(s,1100);
actions[completion_id].last_req = IRP_MJ_CLOSE;
out_uint16_le(s, RDPDR_CTYP_CORE);
out_uint16_le(s, PAKID_CORE_DEVICE_IOREQUEST);
out_uint32_le(s, actions[completion_id].device);
out_uint32_le(s, actions[completion_id].file_id);
out_uint32_le(s, completion_id);
out_uint32_le(s, IRP_MJ_CLOSE); /* major version */
out_uint32_le(s, 0); /* minor version */
out_uint8s(s,32);
s_mark_end(s);
dev_redir_send(s);
actions[completion_id].message_id++;
free_stream(s);
return 0;
free_stream(s);
}
void rdp_out_bitmap_codecs_capset(rdpRdp * rdp, STREAM s)
{
capsetHeaderRef header;
uint8 * count_ptr;
int index;
int out_count;
int out_bytes;
STREAM ls;
//printf("rdp_out_bitmap_codecs_capset:\n");
out_count = 0;
header = rdp_skip_capset_header(s);
count_ptr = s->p;
out_uint8s(s, 1);
for (index = 0; index < MAX_BITMAP_CODECS; index++)
{
ls = rdp->out_codec_caps[index];
if (ls != NULL)
{
out_bytes = (int) (ls->end - ls->data);
out_uint8a(s, ls->data, out_bytes);
stream_delete(ls);
rdp->out_codec_caps[index] = NULL;
out_count++;
}
}
*count_ptr = out_count;
rdp_out_capset_header(s, header, CAPSET_TYPE_BITMAP_CODECS);
//hexdump(count_ptr, s->p - count_ptr);
}
static int
sound_send_training(void)
{
struct stream *s;
int bytes;
int time;
char *size_ptr;
print_got_here();
make_stream(s);
init_stream(s, 8182);
out_uint16_le(s, SNDC_TRAINING);
size_ptr = s->p;
out_uint16_le(s, 0); /* size, set later */
time = g_time2();
g_training_sent_time = time;
out_uint16_le(s, time);
out_uint16_le(s, 1024);
out_uint8s(s, (1024 - 4));
s_mark_end(s);
bytes = (int)((s->end - s->data) - 4);
size_ptr[0] = bytes;
size_ptr[1] = bytes >> 8;
bytes = (int)(s->end - s->data);
send_channel_data(g_rdpsnd_chan_id, s->data, bytes);
free_stream(s);
return 0;
}
void cliprdr_send_capability()
{
/* this message is ignored by rdp applet */
struct stream* s;
make_stream(s);
init_stream(s,1024);
log_message(l_config, LOG_LEVEL_DEBUG, "vchannel_cliprdr[cliprdr_send_capability]:");
/* clip header */
out_uint16_le(s, CB_CLIP_CAPS); /* msg type */
out_uint16_le(s, 0x00); /* msg flag */
out_uint32_le(s, 0); /* msg size */
/* we only support one capability for now */
out_uint16_le(s, 1); /* cCapabilitiesSets */
out_uint8s(s, 16); /* pad */
/* CLIPRDR_CAPS_SET */
out_uint16_le(s, CB_CAPSTYPE_GENERAL); /* capabilitySetType */
out_uint16_le(s, 92); /* lengthCapability */
out_uint32_le(s, CB_CAPS_VERSION_1); /* version */
out_uint32_le(s, 0); /* general flags */
s_mark_end(s);
cliprdr_send(s);
free_stream(s);
}
/* Send a confirm active PDU */
static void rdp_send_confirm_active(void) {
STREAM s;
uint32 sec_flags = g_encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG;
uint16 caplen = RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER
+ RDP_CAPLEN_COLCACHE + RDP_CAPLEN_ACTIVATE + RDP_CAPLEN_CONTROL
+ RDP_CAPLEN_SHARE + RDP_CAPLEN_BRUSHCACHE + 0x58 + 0x08 + 0x08
+ 0x34 /* unknown caps */+ 4 /* w2k fix, sessionid */;
if (g_use_rdp5) {
caplen += RDP_CAPLEN_BMPCACHE2;
caplen += RDP_CAPLEN_NEWPOINTER;
} else {
caplen += RDP_CAPLEN_BMPCACHE;
caplen += RDP_CAPLEN_POINTER;
}
s = sec_init(sec_flags, 6 + 14 + caplen + sizeof(RDP_SOURCE));
out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE));
out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10));
/* Version 1 */
out_uint16_le(s, (g_mcs_userid + 1001));
out_uint32_le(s, g_rdp_shareid);
out_uint16_le(s, 0x3ea);
/* userid */
out_uint16_le(s, sizeof(RDP_SOURCE));
out_uint16_le(s, caplen);
out_uint8p(s, RDP_SOURCE, sizeof(RDP_SOURCE));
out_uint16_le(s, 0xe);
/* num_caps */
out_uint8s(s, 2);
/* pad */
rdp_out_general_caps(s);
rdp_out_bitmap_caps(s);
rdp_out_order_caps(s);
if (g_use_rdp5) {
rdp_out_bmpcache2_caps(s);
rdp_out_newpointer_caps(s);
} else {
rdp_out_bmpcache_caps(s);
rdp_out_pointer_caps(s);
}
rdp_out_colcache_caps(s);
rdp_out_activate_caps(s);
rdp_out_control_caps(s);
rdp_out_share_caps(s);
rdp_out_brushcache_caps(s);
rdp_out_unknown_caps(s, 0x0d, 0x58, caps_0x0d); /* CAPSTYPE_INPUT */
rdp_out_unknown_caps(s, 0x0c, 0x08, caps_0x0c); /* CAPSTYPE_SOUND */
rdp_out_unknown_caps(s, 0x0e, 0x08, caps_0x0e); /* CAPSTYPE_FONT */
rdp_out_unknown_caps(s, 0x10, 0x34, caps_0x10); /* CAPSTYPE_GLYPHCACHE */
s_mark_end(s);
sec_send(s, sec_flags);
}
void rdp_out_order_capset(rdpRdp * rdp, STREAM s)
{
uint8 orderSupport[32];
capsetHeaderRef header;
header = rdp_skip_capset_header(s);
memset(orderSupport, 0, 32);
orderSupport[NEG_DSTBLT_INDEX] = 1;
orderSupport[NEG_PATBLT_INDEX] = 1;
orderSupport[NEG_SCRBLT_INDEX] = 1;
orderSupport[NEG_MEMBLT_INDEX] = (rdp->settings->bitmap_cache ? 1 : 0);
orderSupport[NEG_MEM3BLT_INDEX] = (rdp->settings->triblt ? 1 : 0);
// orderSupport[NEG_DRAWNINEGRID_INDEX] = 1;
orderSupport[NEG_LINETO_INDEX] = 1;
orderSupport[NEG_MULTI_DRAWNINEGRID_INDEX] = 1;
orderSupport[NEG_SAVEBITMAP_INDEX] = (rdp->settings->desktop_save ? 1 : 0);
// orderSupport[NEG_MULTIDSTBLT_INDEX] = 1;
orderSupport[NEG_MULTIPATBLT_INDEX] = 1;
// orderSupport[NEG_MULTISCRBLT_INDEX] = 1;
orderSupport[NEG_MULTIOPAQUERECT_INDEX] = 1;
orderSupport[NEG_FAST_INDEX_INDEX] = 1;
orderSupport[NEG_POLYGON_SC_INDEX] = (rdp->settings->polygon_ellipse_orders ? 1 : 0);
orderSupport[NEG_POLYGON_CB_INDEX] = (rdp->settings->polygon_ellipse_orders ? 1 : 0);
orderSupport[NEG_POLYLINE_INDEX] = 1;
orderSupport[NEG_FAST_GLYPH_INDEX] = 1;
/* orderSupport[NEG_ELLIPSE_SC_INDEX] = (rdp->settings->polygon_ellipse_orders ? 1 : 0);*/
/* orderSupport[NEG_ELLIPSE_CB_INDEX] = (rdp->settings->polygon_ellipse_orders ? 1 : 0);*/
orderSupport[NEG_INDEX_INDEX] = 1;
out_uint8s(s, 16); /* terminalDescriptor, ignored and should be set to zero */
out_uint32_le(s, 0); /* pad */
out_uint16_le(s, 1); /* desktopSaveXGranularity */
out_uint16_le(s, 20); /* desktopSaveYGranularity */
out_uint16_le(s, 0); /* pad */
out_uint16_le(s, 1); /* maximumOrderLevel */
out_uint16_le(s, 0); /* numberFonts, ignored and should be set to zero */
out_uint16_le(s,
NEGOTIATEORDERSUPPORT |
ZEROBOUNDSDELTASSUPPORT |
COLORINDEXSUPPORT ); /* orderFlags */
out_uint8p(s, orderSupport, 32); /* orderSupport */
out_uint16_le(s, 0); /* textFlags, must be ignored */
out_uint16_le(s, 0); /* orderSupportExFlags */
out_uint32_le(s, 0); /* pad */
out_uint32_le(s, rdp->settings->desktop_save == False ? 0 : 0x38400); /* desktopSaveSize */
out_uint16_le(s, 0); /* pad */
out_uint16_le(s, 0); /* pad */
/* See [MSDN-CP]: http://msdn.microsoft.com/en-us/library/dd317756/ */
out_uint16_le(s, 0x04E4); /* textANSICodePage, 0x04E4 is "ANSI Latin 1 Western European (Windows)" */
out_uint16_le(s, 0); /* pad */
rdp_out_capset_header(s, header, CAPSET_TYPE_ORDER);
}
static int
sound_send_wave_data(char *data, int data_bytes)
{
struct stream *s;
int bytes;
int time;
char *size_ptr;
print_got_here();
if ((data_bytes < 4) || (data_bytes > 128 * 1024))
{
LOG(0, ("sound_send_wave_data: bad data_bytes %d", data_bytes));
}
/* part one of 2 PDU wave info */
LOG(10, ("sound_send_wave_data: sending %d bytes", data_bytes));
make_stream(s);
init_stream(s, data_bytes);
out_uint16_le(s, SNDC_WAVE);
size_ptr = s->p;
out_uint16_le(s, 0); /* size, set later */
time = g_time2();
out_uint16_le(s, time);
out_uint16_le(s, 0); /* wFormatNo */
g_cBlockNo++;
out_uint8(s, g_cBlockNo);
LOG(10, ("sound_send_wave_data: sending time %d, g_cBlockNo %d",
time & 0xffff, g_cBlockNo & 0xff));
out_uint8s(s, 3);
out_uint8a(s, data, 4);
s_mark_end(s);
bytes = (int)((s->end - s->data) - 4);
bytes += data_bytes;
bytes -= 4;
size_ptr[0] = bytes;
size_ptr[1] = bytes >> 8;
bytes = (int)(s->end - s->data);
send_channel_data(g_rdpsnd_chan_id, s->data, bytes);
/* part two of 2 PDU wave info */
init_stream(s, data_bytes);
out_uint32_le(s, 0);
out_uint8a(s, data + 4, data_bytes - 4);
s_mark_end(s);
bytes = (int)(s->end - s->data);
send_channel_data(g_rdpsnd_chan_id, s->data, bytes);
free_stream(s);
return 0;
}
void cliprdr_send_format_list()
{
struct stream* s;
make_stream(s);
init_stream(s,1024);
log_message(l_config, LOG_LEVEL_DEBUG, "vchannel_cliprdr[cliprdr_send_format_list_response]:");
/* clip header */
out_uint16_le(s, CB_FORMAT_LIST); /* msg type */
out_uint16_le(s, 0); /* msg flag */
out_uint32_le(s, 72); /* msg size */
/* we only send one format */
out_uint32_le(s, CF_TEXT); /* Format Id */
out_uint8s(s, 32);
out_uint32_le(s, CF_UNICODETEXT); /* Format Id */
out_uint8s(s, 32);
s_mark_end(s);
cliprdr_send(s);
free_stream(s);
}
/* Send a confirm active PDU */
static BOOL
rdp_send_confirm_active(RDPCLIENT * This)
{
STREAM s;
uint32 sec_flags = This->encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG;
uint16 caplen =
RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER +
RDP_CAPLEN_BMPCACHE + RDP_CAPLEN_COLCACHE +
RDP_CAPLEN_ACTIVATE + RDP_CAPLEN_CONTROL +
RDP_CAPLEN_POINTER + RDP_CAPLEN_SHARE +
0x58 + 0x08 + 0x08 + 0x34 /* unknown caps */ +
4 /* w2k fix, why? */ ;
s = sec_init(This, sec_flags, 6 + 14 + caplen + sizeof(RDP_SOURCE));
if(s == NULL)
return False;
out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE));
out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10)); /* Version 1 */
out_uint16_le(s, (This->mcs_userid + 1001));
out_uint32_le(s, This->rdp_shareid);
out_uint16_le(s, 0x3ea); /* userid */
out_uint16_le(s, sizeof(RDP_SOURCE));
out_uint16_le(s, caplen);
out_uint8p(s, RDP_SOURCE, sizeof(RDP_SOURCE));
out_uint16_le(s, 0xd); /* num_caps */
out_uint8s(s, 2); /* pad */
rdp_out_general_caps(This, s);
rdp_out_bitmap_caps(This, s);
rdp_out_order_caps(This, s);
This->use_rdp5 ? rdp_out_bmpcache2_caps(This, s) : rdp_out_bmpcache_caps(This, s);
rdp_out_colcache_caps(s);
rdp_out_activate_caps(s);
rdp_out_control_caps(s);
rdp_out_pointer_caps(s);
rdp_out_share_caps(s);
rdp_out_unknown_caps(s, 0x0d, 0x58, caps_0x0d); /* international? */
rdp_out_unknown_caps(s, 0x0c, 0x08, caps_0x0c);
rdp_out_unknown_caps(s, 0x0e, 0x08, caps_0x0e);
rdp_out_unknown_caps(s, 0x10, 0x34, caps_0x10); /* glyph cache? */
s_mark_end(s);
return sec_send(This, s, sec_flags);
}
/* Output bitmap cache capability set */
static void
rdp_out_bmpcache_caps(STREAM s)
{
int Bpp;
out_uint16_le(s, RDP_CAPSET_BMPCACHE);
out_uint16_le(s, RDP_CAPLEN_BMPCACHE);
Bpp = (g_server_depth + 7) / 8; /* bytes per pixel */
out_uint8s(s, 24); /* unused */
out_uint16_le(s, 0x258); /* entries */
out_uint16_le(s, 0x100 * Bpp); /* max cell size */
out_uint16_le(s, 0x12c); /* entries */
out_uint16_le(s, 0x400 * Bpp); /* max cell size */
out_uint16_le(s, 0x106); /* entries */
out_uint16_le(s, 0x1000 * Bpp); /* max cell size */
}
/* Send a Licensing packet with Client License Information */
static void
licence_present(rdpLicence * licence, uint8 * client_random, uint8 * rsa_data,
uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
uint32 sec_flags = SEC_LICENSE_PKT;
uint16 length =
16 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
STREAM s;
s = sec_init(licence->sec, sec_flags, length + 4);
/* Licensing Preamble (LICENSE_PREAMBLE) */
out_uint8(s, LICENSE_INFO); /* bMsgType LICENSE_INFO */
out_uint8(s, 2); /* bVersion PREAMBLE_VERSION_2_0 */
out_uint16_le(s, length);
/* Client License Information: */
out_uint32_le(s, 1); /* PreferredKeyExchangeAlg KEY_EXCHANGE_ALG_RSA */
out_uint16_le(s, 0); /* PlatformId, unknown platform and ISV */
out_uint16_le(s, 0x0201); /* PlatformId, build/version */
out_uint8p(s, client_random, SEC_RANDOM_SIZE); /* ClientRandom */
/* Licensing Binary Blob with EncryptedPreMasterSecret: */
out_uint16_le(s, 0); /* wBlobType should be 0x0002 (BB_RANDOM_BLOB) */
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE)); /* wBlobLen */
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE); /* 48 bit random number encrypted for server */
out_uint8s(s, SEC_PADDING_SIZE);
/* Licensing Binary Blob with LicenseInfo: */
out_uint16_le(s, 1); /* wBlobType BB_DATA_BLOB */
out_uint16_le(s, licence_size); /* wBlobLen */
out_uint8p(s, licence_data, licence_size); /* CAL issued by servers license server */
/* Licensing Binary Blob with EncryptedHWID */
out_uint16_le(s, 1); /* wBlobType BB_DATA_BLOB */
out_uint16_le(s, LICENCE_HWID_SIZE); /* wBlobLen */
out_uint8p(s, hwid, LICENCE_HWID_SIZE); /* RC4-encrypted Client Hardware Identification */
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE); /* MACData */
s_mark_end(s);
sec_send(licence->sec, s, sec_flags);
}
/* Send a Licensing packet with Client New License Request */
static void
licence_send_request(rdpLicence * licence, uint8 * client_random, uint8 * rsa_data, char *user,
char *host)
{
uint32 sec_flags = SEC_LICENSE_PKT;
uint16 userlen = strlen(user) + 1;
uint16 hostlen = strlen(host) + 1;
uint16 length = 128 + userlen + hostlen;
STREAM s;
s = sec_init(licence->sec, sec_flags, length + 2);
/* Licensing Preamble (LICENSE_PREAMBLE) */
out_uint8(s, NEW_LICENSE_REQUEST); /* NEW_LICENSE_REQUEST */
out_uint8(s, 2); /* PREAMBLE_VERSION_2_0 */
out_uint16_le(s, length);
out_uint32_le(s, 1); /* PreferredKeyExchangeAlg KEY_EXCHANGE_ALG_RSA */
out_uint16_le(s, 0); /* PlatformId, unknown platform and ISV */
out_uint16_le(s, 0xff01); /* PlatformId, build/version */
out_uint8p(s, client_random, SEC_RANDOM_SIZE); /* ClientRandom */
/* Licensing Binary Blob with EncryptedPreMasterSecret: */
out_uint16_le(s, 0); /* wBlobType should be 0x0002 (BB_RANDOM_BLOB) */
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE)); /* wBlobLen */
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE); /* 48 bit random number encrypted for server */
out_uint8s(s, SEC_PADDING_SIZE);
/* Licensing Binary Blob with ClientUserName: */
out_uint16_le(s, LICENCE_TAG_USER); /* wBlobType BB_CLIENT_USER_NAME_BLOB */
out_uint16_le(s, userlen); /* wBlobLen */
out_uint8p(s, user, userlen);
/* Licensing Binary Blob with ClientMachineName: */
out_uint16_le(s, LICENCE_TAG_HOST); /* wBlobType BB_CLIENT_MACHINE_NAME_BLOB */
out_uint16_le(s, hostlen); /* wBlobLen */
out_uint8p(s, host, hostlen);
s_mark_end(s);
sec_send(licence->sec, s, sec_flags);
}
/* Present an existing licence to the server */
static BOOL
licence_present(RDPCLIENT * This, uint8 * client_random, uint8 * rsa_data,
uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
uint32 sec_flags = SEC_LICENCE_NEG;
uint16 length =
16 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
STREAM s;
s = sec_init(This, sec_flags, length + 4);
if(s == NULL)
return False;
out_uint8(s, LICENCE_TAG_PRESENT);
out_uint8(s, 2); /* version */
out_uint16_le(s, length);
out_uint32_le(s, 1);
out_uint16(s, 0);
out_uint16_le(s, 0x0201);
out_uint8p(s, client_random, SEC_RANDOM_SIZE);
out_uint16(s, 0);
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
out_uint8s(s, SEC_PADDING_SIZE);
out_uint16_le(s, 1);
out_uint16_le(s, licence_size);
out_uint8p(s, licence_data, licence_size);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_HWID_SIZE);
out_uint8p(s, hwid, LICENCE_HWID_SIZE);
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);
s_mark_end(s);
return sec_send(This, s, sec_flags);
}
void rdp_out_bitmapcache_capset(rdpRdp * rdp, STREAM s)
{
int Bpp;
int size;
capsetHeaderRef header;
header = rdp_skip_capset_header(s);
Bpp = (rdp->settings->server_depth + 7) / 8; /* bytes per pixel */
out_uint8s(s, 24); /* pad */
out_uint16_le(s, 0x258); /* Cache1Entries */
size = 0x100 * Bpp;
out_uint16_le(s, size); /* Cache1MaximumCellSize */
out_uint16_le(s, 0x12c); /* Cache2Entries */
size = 0x400 * Bpp;
out_uint16_le(s, size); /* Cache2MaximumCellSize */
out_uint16_le(s, 0x106); /* Cache3Entries */
size = 0x1000 * Bpp;
out_uint16_le(s, size); /* Cache3MaximumCellSize */
rdp_out_capset_header(s, header, CAPSET_TYPE_BITMAPCACHE);
}
/* Output bitmap cache v2 capability set */
static void rdp_out_bmpcache2_caps(STREAM s) {
out_uint16_le(s, RDP_CAPSET_BMPCACHE2);
out_uint16_le(s, RDP_CAPLEN_BMPCACHE2);
out_uint16_le(s, g_bitmap_cache_persist_enable ? 2 : 0);
/* version */
out_uint16_be(s, 3);
/* number of caches in this set */
/* max cell size for cache 0 is 16x16, 1 = 32x32, 2 = 64x64, etc */
out_uint32_le(s, BMPCACHE2_C0_CELLS);
out_uint32_le(s, BMPCACHE2_C1_CELLS);
if (pstcache_init(2)) {
out_uint32_le(s, BMPCACHE2_NUM_PSTCELLS | BMPCACHE2_FLAG_PERSIST);
} else {
out_uint32_le(s, BMPCACHE2_C2_CELLS);
}out_uint8s(s, 20);
/* other bitmap caches not used */
}
/* Send a confirm active PDU */
static void
rdp_send_confirm_active(void)
{
STREAM s;
uint32 sec_flags = g_encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG;
uint16 caplen =
RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER +
RDP_CAPLEN_BMPCACHE + RDP_CAPLEN_COLCACHE +
RDP_CAPLEN_ACTIVATE + RDP_CAPLEN_CONTROL +
RDP_CAPLEN_POINTER + RDP_CAPLEN_SHARE + RDP_CAPLEN_UNKNOWN + 4 /* w2k fix, why? */ ;
s = sec_init(sec_flags, 6 + 14 + caplen + sizeof(RDP_SOURCE));
out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE));
out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10)); /* Version 1 */
out_uint16_le(s, (g_mcs_userid + 1001));
out_uint32_le(s, g_rdp_shareid);
out_uint16_le(s, 0x3ea); /* userid */
out_uint16_le(s, sizeof(RDP_SOURCE));
out_uint16_le(s, caplen);
out_uint8p(s, RDP_SOURCE, sizeof(RDP_SOURCE));
out_uint16_le(s, 0xd); /* num_caps */
out_uint8s(s, 2); /* pad */
rdp_out_general_caps(s);
rdp_out_bitmap_caps(s);
rdp_out_order_caps(s);
rdp_out_bmpcache_caps(s);
rdp_out_colcache_caps(s);
rdp_out_activate_caps(s);
rdp_out_control_caps(s);
rdp_out_pointer_caps(s);
rdp_out_share_caps(s);
rdp_out_unknown_caps(s);
s_mark_end(s);
sec_send(s, sec_flags);
}
/* Present an existing licence to the server */
static void
licence_present(RDConnectionRef conn, uint8 * client_random, uint8 * rsa_data,
uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
uint32 sec_flags = SEC_LICENCE_NEG;
uint16 length =
16 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
RDStreamRef s;
s = sec_init(conn, sec_flags, length + 4);
out_uint8(s, LICENCE_TAG_PRESENT);
out_uint8(s, 2); /* version */
out_uint16_le(s, length);
out_uint32_le(s, 1);
out_uint16(s, 0);
out_uint16_le(s, 0x0201);
out_uint8p(s, client_random, SEC_RANDOM_SIZE);
out_uint16(s, 0);
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
out_uint8s(s, SEC_PADDING_SIZE);
out_uint16_le(s, 1);
out_uint16_le(s, licence_size);
out_uint8p(s, licence_data, licence_size);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_HWID_SIZE);
out_uint8p(s, hwid, LICENCE_HWID_SIZE);
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);
s_mark_end(s);
sec_send(conn, s, sec_flags);
}
/* Send a licence request packet */
static BOOL
licence_send_request(RDPCLIENT * This, uint8 * client_random, uint8 * rsa_data, char *user, char *host)
{
uint32 sec_flags = SEC_LICENCE_NEG;
uint16 userlen = (uint16)strlen(user) + 1;
uint16 hostlen = (uint16)strlen(host) + 1;
uint16 length = 128 + userlen + hostlen;
STREAM s;
s = sec_init(This, sec_flags, length + 2);
if(s == NULL)
return False;
out_uint8(s, LICENCE_TAG_REQUEST);
out_uint8(s, 2); /* version */
out_uint16_le(s, length);
out_uint32_le(s, 1);
out_uint16(s, 0);
out_uint16_le(s, 0xff01);
out_uint8p(s, client_random, SEC_RANDOM_SIZE);
out_uint16(s, 0);
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
out_uint8s(s, SEC_PADDING_SIZE);
out_uint16_le(s, LICENCE_TAG_USER);
out_uint16_le(s, userlen);
out_uint8p(s, user, userlen);
out_uint16_le(s, LICENCE_TAG_HOST);
out_uint16_le(s, hostlen);
out_uint8p(s, host, hostlen);
s_mark_end(s);
return sec_send(This, s, sec_flags);
}
int APP_CC
dev_redir_process_write_io_request(int completion_id, int offset)
{
struct stream* s;
int fd;
char buffer[1024];
int size;
make_stream(s);
init_stream(s,1100);
actions[completion_id].last_req = IRP_MJ_WRITE;
log_message(&log_conf, LOG_LEVEL_DEBUG, "chansrv[dev_redir_process_write_io_request]:"
"process next io request[%s]",actions[completion_id].path);
out_uint16_le(s, RDPDR_CTYP_CORE);
out_uint16_le(s, PAKID_CORE_DEVICE_IOREQUEST);
out_uint32_le(s, actions[completion_id].device);
out_uint32_le(s, actions[completion_id].file_id);
out_uint32_le(s, completion_id);
out_uint32_le(s, IRP_MJ_WRITE); /* major version */
out_uint32_le(s, 0); /* minor version */
if(g_file_exist(actions[completion_id].path)){
fd = g_file_open(actions[completion_id].path);
g_file_seek(fd, offset);
size = g_file_read(fd, buffer, 1024);
out_uint32_le(s,size);
out_uint64_le(s,offset);
out_uint8s(s,20);
out_uint8p(s,buffer,size);
s_mark_end(s);
dev_redir_send(s);
actions[completion_id].message_id++;
free_stream(s);
return 0;
}
log_message(&log_conf, LOG_LEVEL_DEBUG, "chansrv[dev_redir_process_write_io_request]:"
"the file %s did not exists",actions[completion_id].path);
free_stream(s);
return 1;
}
/* Send a new licence request packet */
static void
licence_send_new_licence_request(uint8 * client_random, uint8 * rsa_data, char *user, char *host)
{
uint32 sec_flags = SEC_LICENSE_PKT;
uint16 userlen = strlen(user) + 1;
uint16 hostlen = strlen(host) + 1;
uint16 length =
24 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE + userlen + hostlen;
STREAM s;
s = sec_init(sec_flags, length + 2);
out_uint8(s, LICENCE_TAG_NEW_LICENCE_REQUEST);
out_uint8(s, ((g_rdp_version >= RDP_V5) ? 3 : 2)); /* version */
out_uint16_le(s, length);
out_uint32_le(s, 1); // KEY_EXCHANGE_ALG_RSA
out_uint16(s, 0);
out_uint16_le(s, 0xff01);
out_uint8p(s, client_random, SEC_RANDOM_SIZE);
out_uint16_le(s, 2);
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
out_uint8s(s, SEC_PADDING_SIZE);
/* Username LICENSE_BINARY_BLOB */
out_uint16_le(s, BB_CLIENT_USER_NAME_BLOB);
out_uint16_le(s, userlen);
out_uint8p(s, user, userlen);
/* Machinename LICENSE_BINARY_BLOB */
out_uint16_le(s, BB_CLIENT_MACHINE_NAME_BLOB);
out_uint16_le(s, hostlen);
out_uint8p(s, host, hostlen);
s_mark_end(s);
sec_send(s, sec_flags);
}
/* Send a licence info packet to server */
static void
licence_info(uint8 * client_random, uint8 * rsa_data,
uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
uint32 sec_flags = SEC_LICENSE_PKT;
uint16 length =
24 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
STREAM s;
s = sec_init(sec_flags, length + 2);
out_uint8(s, LICENCE_TAG_LICENCE_INFO);
out_uint8(s, ((g_rdp_version >= RDP_V5) ? 3 : 2)); /* version */
out_uint16_le(s, length);
out_uint32_le(s, 1);
out_uint16(s, 0);
out_uint16_le(s, 0x0201);
out_uint8p(s, client_random, SEC_RANDOM_SIZE);
out_uint16_le(s, 2);
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
out_uint8s(s, SEC_PADDING_SIZE);
out_uint16_le(s, 1);
out_uint16_le(s, licence_size);
out_uint8p(s, licence_data, licence_size);
out_uint16_le(s, 1);
out_uint16_le(s, LICENCE_HWID_SIZE);
out_uint8p(s, hwid, LICENCE_HWID_SIZE);
out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);
s_mark_end(s);
sec_send(s, sec_flags);
}
void rdp_out_input_capset(rdpRdp * rdp, STREAM s)
{
capsetHeaderRef header;
uint32 flags;
header = rdp_skip_capset_header(s);
flags = INPUT_FLAG_SCANCODES | INPUT_FLAG_MOUSEX | INPUT_FLAG_UNICODE;
if (rdp->use_input_fast_path)
{
flags |= rdp->input_flags & (INPUT_FLAG_FASTPATH_INPUT | INPUT_FLAG_FASTPATH_INPUT2);
}
out_uint16_le(s, flags); /* inputFlags */
out_uint16_le(s, 0); /* pad */
out_uint32_le(s, rdp->settings->keyboard_layout); /* keyboardLayout */
out_uint32_le(s, rdp->settings->keyboard_type); /* keyboardType */
out_uint32_le(s, rdp->settings->keyboard_subtype); /* keyboardSubType */
out_uint32_le(s, rdp->settings->keyboard_functionkeys); /* keyboardFunctionKeys */
//rdp_out_unistr(rdp, s, rdp->settings->keyboard_ime, 2 * strlen(rdp->settings->keyboard_ime));
//out_uint8s(s, 62 - 2 * strlen(rdp->settings->keyboard_ime)); /* imeFileName (64 bytes)
out_uint8s(s, 64);
rdp_out_capset_header(s, header, CAPSET_TYPE_INPUT);
}
/* Send a licence request packet */
static void
licence_send_request(uint8 *client_random, uint8 *rsa_data,
char *user, char *host)
{
uint32 sec_flags = SEC_LICENCE_NEG;
uint16 userlen = strlen(user) + 1;
uint16 hostlen = strlen(host) + 1;
uint16 length = 120 + userlen + hostlen;
STREAM s;
s = sec_init(sec_flags, length + 2);
out_uint16_le(s, LICENCE_TAG_REQUEST);
out_uint16_le(s, length);
out_uint32_le(s, 1);
out_uint16(s, 0);
out_uint16_le(s, 0xff01);
out_uint8p(s, client_random, SEC_RANDOM_SIZE);
out_uint16(s, 0);
out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));
out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);
out_uint8s(s, SEC_PADDING_SIZE);
out_uint16(s, LICENCE_TAG_USER);
out_uint16(s, userlen);
out_uint8p(s, user, userlen);
out_uint16(s, LICENCE_TAG_HOST);
out_uint16(s, hostlen);
out_uint8p(s, host, hostlen);
s_mark_end(s);
sec_send(s, sec_flags);
}
/* Parse a logon info packet */
static void
rdp_send_logon_info(uint32 flags, char *domain, char *user,
char *password, char *program, char *directory)
{
char *ipaddr = tcp_get_address();
/* length of string in TS_INFO_PACKET excludes null terminator */
int len_domain = 2 * strlen(domain);
int len_user = 2 * strlen(user);
int len_password = 2 * strlen(password);
int len_program = 2 * strlen(program);
int len_directory = 2 * strlen(directory);
/* length of strings in TS_EXTENDED_PACKET includes null terminator */
int len_ip = 2 * strlen(ipaddr) + 2;
int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll") + 2;
int packetlen = 0;
uint32 sec_flags = g_encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO;
STREAM s;
time_t t = time(NULL);
time_t tzone;
uint8 security_verifier[16];
if (g_rdp_version == RDP_V4 || 1 == g_server_rdp_version)
{
DEBUG_RDP5(("Sending RDP4-style Logon packet\n"));
s = sec_init(sec_flags, 18 + len_domain + len_user + len_password
+ len_program + len_directory + 10);
out_uint32(s, 0);
out_uint32_le(s, flags);
out_uint16_le(s, len_domain);
out_uint16_le(s, len_user);
out_uint16_le(s, len_password);
out_uint16_le(s, len_program);
out_uint16_le(s, len_directory);
rdp_out_unistr(s, domain, len_domain);
rdp_out_unistr(s, user, len_user);
rdp_out_unistr(s, password, len_password);
rdp_out_unistr(s, program, len_program);
rdp_out_unistr(s, directory, len_directory);
}
else
{
DEBUG_RDP5(("Sending RDP5-style Logon packet\n"));
if (g_redirect == True && g_redirect_cookie_len > 0)
{
len_password = g_redirect_cookie_len;
len_password -= 2; /* substract 2 bytes which is added below */
}
packetlen =
/* size of TS_INFO_PACKET */
4 + /* CodePage */
4 + /* flags */
2 + /* cbDomain */
2 + /* cbUserName */
2 + /* cbPassword */
2 + /* cbAlternateShell */
2 + /* cbWorkingDir */
2 + len_domain + /* Domain */
2 + len_user + /* UserName */
2 + len_password + /* Password */
2 + len_program + /* AlternateShell */
2 + len_directory + /* WorkingDir */
/* size of TS_EXTENDED_INFO_PACKET */
2 + /* clientAdressFamily */
2 + /* cbClientAdress */
len_ip + /* clientAddress */
2 + /* cbClientDir */
len_dll + /* clientDir */
/* size of TS_TIME_ZONE_INFORMATION */
4 + /* Bias, (UTC = local time + bias */
64 + /* StandardName, 32 unicode char array, Descriptive standard time on client */
16 + /* StandardDate */
4 + /* StandardBias */
64 + /* DaylightName, 32 unicode char array */
16 + /* DaylightDate */
4 + /* DaylightBias */
4 + /* clientSessionId */
4 + /* performanceFlags */
2 + /* cbAutoReconnectCookie, either 0 or 0x001c */
/* size of ARC_CS_PRIVATE_PACKET */
28; /* autoReconnectCookie */
s = sec_init(sec_flags, packetlen);
DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen));
/* TS_INFO_PACKET */
out_uint32(s, 0); /* Code Page */
out_uint32_le(s, flags);
out_uint16_le(s, len_domain);
out_uint16_le(s, len_user);
out_uint16_le(s, len_password);
out_uint16_le(s, len_program);
out_uint16_le(s, len_directory);
if (0 < len_domain)
rdp_out_unistr(s, domain, len_domain);
else
out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */
if (0 < len_user)
rdp_out_unistr(s, user, len_user);
else
out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */
if (0 < len_password)
{
if (g_redirect == True && 0 < g_redirect_cookie_len)
{
out_uint8p(s, g_redirect_cookie, g_redirect_cookie_len);
}
else
{
rdp_out_unistr(s, password, len_password);
}
}
else
out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */
if (0 < len_program)
rdp_out_unistr(s, program, len_program);
else
out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */
if (0 < len_directory)
rdp_out_unistr(s, directory, len_directory);
else
out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */
/* TS_EXTENDED_INFO_PACKET */
out_uint16_le(s, 2); /* clientAddressFamily = AF_INET */
out_uint16_le(s, len_ip); /* cbClientAddress, Length of client ip */
rdp_out_unistr(s, ipaddr, len_ip - 2); /* clientAddress */
out_uint16_le(s, len_dll); /* cbClientDir */
rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll - 2); /* clientDir */
/* TS_TIME_ZONE_INFORMATION */
tzone = (mktime(gmtime(&t)) - mktime(localtime(&t))) / 60;
out_uint32_le(s, tzone);
rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid"));
out_uint8s(s, 62 - 2 * strlen("GTB, normaltid"));
out_uint32_le(s, 0x0a0000);
out_uint32_le(s, 0x050000);
out_uint32_le(s, 3);
out_uint32_le(s, 0);
out_uint32_le(s, 0);
rdp_out_unistr(s, "GTB, sommartid", 2 * strlen("GTB, sommartid"));
out_uint8s(s, 62 - 2 * strlen("GTB, sommartid"));
out_uint32_le(s, 0x30000);
out_uint32_le(s, 0x050000);
out_uint32_le(s, 2);
out_uint32(s, 0);
out_uint32_le(s, 0xffffffc4); /* DaylightBias */
/* Rest of TS_EXTENDED_INFO_PACKET */
out_uint32_le(s, 0); /* clientSessionId (Ignored by server MUST be 0) */
out_uint32_le(s, g_rdp5_performanceflags);
/* Client Auto-Reconnect */
if (g_has_reconnect_random)
{
out_uint16_le(s, 28); /* cbAutoReconnectLen */
/* ARC_CS_PRIVATE_PACKET */
out_uint32_le(s, 28); /* cbLen */
out_uint32_le(s, 1); /* Version */
out_uint32_le(s, g_reconnect_logonid); /* LogonId */
rdssl_hmac_md5(g_reconnect_random, sizeof(g_reconnect_random),
g_client_random, SEC_RANDOM_SIZE, security_verifier);
out_uint8a(s, security_verifier, sizeof(security_verifier));
}
else
{
out_uint16_le(s, 0); /* cbAutoReconnectLen */
}
}
s_mark_end(s);
/* clear the redirect flag */
g_redirect = False;
sec_send(s, sec_flags);
}
int EXPORT_CC
libxrdp_send_bitmap(struct xrdp_session *session, int width, int height,
int bpp, char *data, int x, int y, int cx, int cy)
{
int line_size = 0;
int i = 0;
int j = 0;
int total_lines = 0;
int lines_sending = 0;
int Bpp = 0;
int e = 0;
int bufsize = 0;
int total_bufsize = 0;
int num_updates = 0;
char *p_num_updates = (char *)NULL;
char *p = (char *)NULL;
char *q = (char *)NULL;
struct stream *s = (struct stream *)NULL;
struct stream *temp_s = (struct stream *)NULL;
DEBUG(("libxrdp_send_bitmap sending bitmap"));
Bpp = (bpp + 7) / 8;
e = width % 4;
if (e != 0)
{
e = 4 - e;
}
line_size = width * Bpp;
make_stream(s);
init_stream(s, 8192);
if (session->client_info->use_bitmap_comp)
{
make_stream(temp_s);
init_stream(temp_s, 65536);
i = 0;
if (cy <= height)
{
i = cy;
}
while (i > 0)
{
total_bufsize = 0;
num_updates = 0;
xrdp_rdp_init_data((struct xrdp_rdp *)session->rdp, s);
out_uint16_le(s, RDP_UPDATE_BITMAP);
p_num_updates = s->p;
out_uint8s(s, 2); /* num_updates set later */
do
{
if (session->client_info->op1)
{
s_push_layer(s, channel_hdr, 18);
}
else
{
s_push_layer(s, channel_hdr, 26);
}
p = s->p;
lines_sending = xrdp_bitmap_compress(data, width, height,
s, bpp,
4096 - total_bufsize,
i - 1, temp_s, e);
if (lines_sending == 0)
{
break;
}
num_updates++;
bufsize = s->p - p;
total_bufsize += bufsize;
i = i - lines_sending;
s_mark_end(s);
s_pop_layer(s, channel_hdr);
out_uint16_le(s, x); /* left */
out_uint16_le(s, y + i); /* top */
out_uint16_le(s, (x + cx) - 1); /* right */
out_uint16_le(s, (y + i + lines_sending) - 1); /* bottom */
out_uint16_le(s, width + e); /* width */
out_uint16_le(s, lines_sending); /* height */
out_uint16_le(s, bpp); /* bpp */
if (session->client_info->op1)
{
out_uint16_le(s, 0x401); /* compress */
out_uint16_le(s, bufsize); /* compressed size */
j = (width + e) * Bpp;
j = j * lines_sending;
}
else
{
out_uint16_le(s, 0x1); /* compress */
out_uint16_le(s, bufsize + 8);
out_uint8s(s, 2); /* pad */
out_uint16_le(s, bufsize); /* compressed size */
j = (width + e) * Bpp;
out_uint16_le(s, j); /* line size */
j = j * lines_sending;
out_uint16_le(s, j); /* final size */
}
if (j > 32768)
{
g_writeln("error, decompressed size too big, its %d", j);
}
if (bufsize > 8192)
{
g_writeln("error, compressed size too big, its %d", bufsize);
}
s->p = s->end;
}
while (total_bufsize < 4096 && i > 0);
p_num_updates[0] = num_updates;
p_num_updates[1] = num_updates >> 8;
xrdp_rdp_send_data((struct xrdp_rdp *)session->rdp, s,
RDP_DATA_PDU_UPDATE);
if (total_bufsize > 8192)
{
g_writeln("error, total compressed size too big, its %d",
total_bufsize);
}
}
free_stream(temp_s);
}
/* Parse a logon info packet */
static void
rdp_send_logon_info(uint32 flags, char *domain, char *user,
char *password, char *program, char *directory)
{
//char *ipaddr = tcp_get_address();
int len_domain = 2 * strlen(domain);
int len_user = 2 * strlen(user);
int len_password = 2 * strlen(password);
int len_program = 2 * strlen(program);
int len_directory = 2 * strlen(directory);
//int len_ip = 2 * strlen(ipaddr);
//int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll");
//int packetlen = 0;
uint32 sec_flags = g_encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO;
STREAM s = NULL;
//time_t t = time(NULL);
//time_t tzone;
if (!g_use_rdp5 || 1 == g_server_rdp_version)
{
DEBUG_RDP5(("Sending RDP4-style Logon packet\n"));
s = sec_init(sec_flags, 18 + len_domain + len_user + len_password
+ len_program + len_directory + 10);
out_uint32(s, 0);
out_uint32_le(s, flags);
out_uint16_le(s, len_domain);
out_uint16_le(s, len_user);
out_uint16_le(s, len_password);
out_uint16_le(s, len_program);
out_uint16_le(s, len_directory);
rdp_out_unistr(s, domain, len_domain);
rdp_out_unistr(s, user, len_user);
rdp_out_unistr(s, password, len_password);
rdp_out_unistr(s, program, len_program);
rdp_out_unistr(s, directory, len_directory);
}
else
{
#if 0
flags |= RDP_LOGON_BLOB;
DEBUG_RDP5(("Sending RDP5-style Logon packet\n"));
packetlen = 4 + /* Unknown uint32 */
4 + /* flags */
2 + /* len_domain */
2 + /* len_user */
(flags & RDP_LOGON_AUTO ? 2 : 0) + /* len_password */
(flags & RDP_LOGON_BLOB ? 2 : 0) + /* Length of BLOB */
2 + /* len_program */
2 + /* len_directory */
(0 < len_domain ? len_domain : 2) + /* domain */
len_user + (flags & RDP_LOGON_AUTO ? len_password : 0) + 0 + /* We have no 512 byte BLOB. Perhaps we must? */
(flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO) ? 2 : 0) + /* After the BLOB is a unknown int16. If there is a BLOB, that is. */
(0 < len_program ? len_program : 2) + (0 < len_directory ? len_directory : 2) + 2 + /* Unknown (2) */
2 + /* Client ip length */
len_ip + /* Client ip */
2 + /* DLL string length */
len_dll + /* DLL string */
2 + /* Unknown */
2 + /* Unknown */
64 + /* Time zone #0 */
2 + /* Unknown */
64 + /* Time zone #1 */
32; /* Unknown */
s = sec_init(sec_flags, packetlen);
DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen));
out_uint32(s, 0); /* Unknown */
out_uint32_le(s, flags);
out_uint16_le(s, len_domain);
out_uint16_le(s, len_user);
if (flags & RDP_LOGON_AUTO)
{
out_uint16_le(s, len_password);
}
if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO))
{
out_uint16_le(s, 0);
}
out_uint16_le(s, len_program);
out_uint16_le(s, len_directory);
if (0 < len_domain)
rdp_out_unistr(s, domain, len_domain);
else
out_uint16_le(s, 0);
rdp_out_unistr(s, user, len_user);
if (flags & RDP_LOGON_AUTO)
{
rdp_out_unistr(s, password, len_password);
}
if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO))
{
out_uint16_le(s, 0);
}
if (0 < len_program)
{
rdp_out_unistr(s, program, len_program);
}
else
{
out_uint16_le(s, 0);
}
if (0 < len_directory)
{
rdp_out_unistr(s, directory, len_directory);
}
else
{
out_uint16_le(s, 0);
}
out_uint16_le(s, 2);
out_uint16_le(s, len_ip + 2); /* Length of client ip */
rdp_out_unistr(s, ipaddr, len_ip);
out_uint16_le(s, len_dll + 2);
rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll);
tzone = (mktime(gmtime(&t)) - mktime(localtime(&t))) / 60;
out_uint32_le(s, tzone);
rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid"));
out_uint8s(s, 62 - 2 * strlen("GTB, normaltid"));
out_uint32_le(s, 0x0a0000);
out_uint32_le(s, 0x050000);
out_uint32_le(s, 3);
out_uint32_le(s, 0);
out_uint32_le(s, 0);
rdp_out_unistr(s, "GTB, sommartid", 2 * strlen("GTB, sommartid"));
out_uint8s(s, 62 - 2 * strlen("GTB, sommartid"));
out_uint32_le(s, 0x30000);
out_uint32_le(s, 0x050000);
out_uint32_le(s, 2);
out_uint32(s, 0);
out_uint32_le(s, 0xffffffc4);
out_uint32_le(s, 0xfffffffe);
out_uint32_le(s, g_rdp5_performanceflags);
out_uint32(s, 0);
#endif
}
s_mark_end(s);
sec_send(s, sec_flags);
}
int APP_CC
xrdp_caps_send_demand_active(struct xrdp_rdp *self)
{
struct stream *s;
int caps_count;
int caps_size;
int codec_caps_count;
int codec_caps_size;
int flags;
char *caps_count_ptr;
char *caps_size_ptr;
char *caps_ptr;
char *codec_caps_count_ptr;
char *codec_caps_size_ptr;
make_stream(s);
init_stream(s, 8192);
DEBUG(("in xrdp_caps_send_demand_active"));
if (xrdp_rdp_init(self, s) != 0)
{
free_stream(s);
return 1;
}
caps_count = 0;
out_uint32_le(s, self->share_id);
out_uint16_le(s, 4); /* 4 chars for RDP\0 */
/* 2 bytes size after num caps, set later */
caps_size_ptr = s->p;
out_uint8s(s, 2);
out_uint8a(s, "RDP", 4);
/* 4 byte num caps, set later */
caps_count_ptr = s->p;
out_uint8s(s, 4);
caps_ptr = s->p;
/* Output share capability set */
caps_count++;
out_uint16_le(s, RDP_CAPSET_SHARE);
out_uint16_le(s, RDP_CAPLEN_SHARE);
out_uint16_le(s, self->mcs_channel);
out_uint16_be(s, 0xb5e2); /* 0x73e1 */
/* Output general capability set */
caps_count++;
out_uint16_le(s, RDP_CAPSET_GENERAL); /* 1 */
out_uint16_le(s, RDP_CAPLEN_GENERAL); /* 24(0x18) */
out_uint16_le(s, 1); /* OS major type */
out_uint16_le(s, 3); /* OS minor type */
out_uint16_le(s, 0x200); /* Protocol version */
out_uint16_le(s, 0); /* pad */
out_uint16_le(s, 0); /* Compression types */
/* NO_BITMAP_COMPRESSION_HDR 0x0400
FASTPATH_OUTPUT_SUPPORTED 0x0001 */
if (self->client_info.use_fast_path & 1)
{
out_uint16_le(s, 0x401);
}
else
{
out_uint16_le(s, 0x400);
}
out_uint16_le(s, 0); /* Update capability */
out_uint16_le(s, 0); /* Remote unshare capability */
out_uint16_le(s, 0); /* Compression level */
out_uint16_le(s, 0); /* Pad */
/* Output bitmap capability set */
caps_count++;
out_uint16_le(s, RDP_CAPSET_BITMAP); /* 2 */
out_uint16_le(s, RDP_CAPLEN_BITMAP); /* 28(0x1c) */
out_uint16_le(s, self->client_info.bpp); /* Preferred BPP */
out_uint16_le(s, 1); /* Receive 1 BPP */
out_uint16_le(s, 1); /* Receive 4 BPP */
out_uint16_le(s, 1); /* Receive 8 BPP */
out_uint16_le(s, self->client_info.width); /* width */
out_uint16_le(s, self->client_info.height); /* height */
out_uint16_le(s, 0); /* Pad */
out_uint16_le(s, 1); /* Allow resize */
out_uint16_le(s, 1); /* bitmap compression */
out_uint16_le(s, 0); /* unknown */
out_uint16_le(s, 0); /* unknown */
out_uint16_le(s, 0); /* pad */
/* Output font capability set */
caps_count++;
out_uint16_le(s, RDP_CAPSET_FONT); /* 14 */
out_uint16_le(s, RDP_CAPLEN_FONT); /* 4 */
/* Output order capability set */
caps_count++;
out_uint16_le(s, RDP_CAPSET_ORDER); /* 3 */
out_uint16_le(s, RDP_CAPLEN_ORDER); /* 88(0x58) */
out_uint8s(s, 16);
out_uint32_be(s, 0x40420f00);
out_uint16_le(s, 1); /* Cache X granularity */
out_uint16_le(s, 20); /* Cache Y granularity */
out_uint16_le(s, 0); /* Pad */
out_uint16_le(s, 1); /* Max order level */
out_uint16_le(s, 0x2f); /* Number of fonts */
out_uint16_le(s, 0x22); /* Capability flags */
/* caps */
out_uint8(s, 1); /* NEG_DSTBLT_INDEX 0x00 0 */
out_uint8(s, 1); /* NEG_PATBLT_INDEX 0x01 1 */
out_uint8(s, 1); /* NEG_SCRBLT_INDEX 0x02 2 */
out_uint8(s, 1); /* NEG_MEMBLT_INDEX 0x03 3 */
out_uint8(s, 0); /* NEG_MEM3BLT_INDEX 0x04 4 */
out_uint8(s, 0); /* NEG_ATEXTOUT_INDEX 0x05 5 */
out_uint8(s, 0); /* NEG_AEXTTEXTOUT_INDEX 0x06 6 */
out_uint8(s, 0); /* NEG_DRAWNINEGRID_INDEX 0x07 7 */
out_uint8(s, 1); /* NEG_LINETO_INDEX 0x08 8 */
out_uint8(s, 0); /* NEG_MULTI_DRAWNINEGRID_INDEX 0x09 9 */
out_uint8(s, 1); /* NEG_OPAQUE_RECT_INDEX 0x0A 10 */
out_uint8(s, 0); /* NEG_SAVEBITMAP_INDEX 0x0B 11 */
out_uint8(s, 0); /* NEG_WTEXTOUT_INDEX 0x0C 12 */
out_uint8(s, 0); /* NEG_MEMBLT_V2_INDEX 0x0D 13 */
out_uint8(s, 0); /* NEG_MEM3BLT_V2_INDEX 0x0E 14 */
out_uint8(s, 0); /* NEG_MULTIDSTBLT_INDEX 0x0F 15 */
out_uint8(s, 0); /* NEG_MULTIPATBLT_INDEX 0x10 16 */
out_uint8(s, 0); /* NEG_MULTISCRBLT_INDEX 0x11 17 */
out_uint8(s, 1); /* NEG_MULTIOPAQUERECT_INDEX 0x12 18 */
out_uint8(s, 0); /* NEG_FAST_INDEX_INDEX 0x13 19 */
out_uint8(s, 0); /* NEG_POLYGON_SC_INDEX 0x14 20 */
out_uint8(s, 0); /* NEG_POLYGON_CB_INDEX 0x15 21 */
out_uint8(s, 0); /* NEG_POLYLINE_INDEX 0x16 22 */
out_uint8(s, 0); /* unused 0x17 23 */
out_uint8(s, 0); /* NEG_FAST_GLYPH_INDEX 0x18 24 */
out_uint8(s, 0); /* NEG_ELLIPSE_SC_INDEX 0x19 25 */
out_uint8(s, 0); /* NEG_ELLIPSE_CB_INDEX 0x1A 26 */
out_uint8(s, 1); /* NEG_GLYPH_INDEX_INDEX 0x1B 27 */
out_uint8(s, 0); /* NEG_GLYPH_WEXTTEXTOUT_INDEX 0x1C 28 */
out_uint8(s, 0); /* NEG_GLYPH_WLONGTEXTOUT_INDEX 0x1D 29 */
out_uint8(s, 0); /* NEG_GLYPH_WLONGEXTTEXTOUT_INDEX 0x1E 30 */
out_uint8(s, 0); /* unused 0x1F 31 */
out_uint16_le(s, 0x6a1);
/* declare support of bitmap cache rev3 */
out_uint16_le(s, XR_ORDERFLAGS_EX_CACHE_BITMAP_REV3_SUPPORT);
out_uint32_le(s, 0x0f4240); /* desk save */
out_uint32_le(s, 0x0f4240); /* desk save */
out_uint32_le(s, 1); /* ? */
out_uint32_le(s, 0); /* ? */
/* Output bmpcodecs capability set */
caps_count++;
out_uint16_le(s, RDP_CAPSET_BMPCODECS);
codec_caps_size_ptr = s->p;
out_uint8s(s, 2); /* cap len set later */
codec_caps_count = 0;
codec_caps_count_ptr = s->p;
out_uint8s(s, 1); /* bitmapCodecCount set later */
/* nscodec */
codec_caps_count++;
out_uint8a(s, XR_CODEC_GUID_NSCODEC, 16);
out_uint8(s, 1); /* codec id, must be 1 */
out_uint16_le(s, 3); /* codecPropertiesLength */
out_uint8(s, 0x01); /* fAllowDynamicFidelity */
out_uint8(s, 0x01); /* fAllowSubsampling */
out_uint8(s, 0x03); /* colorLossLevel */
#if defined(XRDP_RFXCODEC) || defined(XRDP_NEUTRINORDP)
/* remotefx */
codec_caps_count++;
out_uint8a(s, XR_CODEC_GUID_REMOTEFX, 16);
out_uint8(s, 0); /* codec id, client sets */
out_uint16_le(s, 4); /* codecPropertiesLength */
out_uint32_le(s, 0); /* reserved */
/* image remotefx */
codec_caps_count++;
out_uint8a(s, XR_CODEC_GUID_IMAGE_REMOTEFX, 16);
out_uint8(s, 0); /* codec id, client sets */
out_uint16_le(s, 4); /* codecPropertiesLength */
out_uint32_le(s, 0); /* reserved */
#endif
/* jpeg */
codec_caps_count++;
out_uint8a(s, XR_CODEC_GUID_JPEG, 16);
out_uint8(s, 0); /* codec id, client sets */
out_uint16_le(s, 1); /* codecPropertiesLength */
out_uint8(s, 75); /* jpeg compression ratio */
/* calculate and set size and count */
codec_caps_size = (int)(s->p - codec_caps_size_ptr);
codec_caps_size += 2; /* 2 bytes for RDP_CAPSET_BMPCODECS above */
codec_caps_size_ptr[0] = codec_caps_size;
codec_caps_size_ptr[1] = codec_caps_size >> 8;
codec_caps_count_ptr[0] = codec_caps_count;
/* Output color cache capability set */
caps_count++;
out_uint16_le(s, RDP_CAPSET_COLCACHE);
out_uint16_le(s, RDP_CAPLEN_COLCACHE);
out_uint16_le(s, 6); /* cache size */
out_uint16_le(s, 0); /* pad */
/* Output pointer capability set */
caps_count++;
out_uint16_le(s, RDP_CAPSET_POINTER);
out_uint16_le(s, RDP_CAPLEN_POINTER);
out_uint16_le(s, 1); /* Colour pointer */
out_uint16_le(s, 0x19); /* Cache size */
out_uint16_le(s, 0x19); /* Cache size */
/* Output input capability set */
caps_count++;
out_uint16_le(s, RDP_CAPSET_INPUT); /* 13(0xd) */
out_uint16_le(s, RDP_CAPLEN_INPUT); /* 88(0x58) */
flags = INPUT_FLAG_SCANCODES | INPUT_FLAG_MOUSEX | INPUT_FLAG_UNICODE;
if (self->client_info.use_fast_path & 2)
{
flags |= INPUT_FLAG_FASTPATH_INPUT | INPUT_FLAG_FASTPATH_INPUT2;
}
out_uint16_le(s, flags);
out_uint8s(s, 82);
/* Remote Programs Capability Set */
caps_count++;
out_uint16_le(s, 0x0017); /* CAPSETTYPE_RAIL */
out_uint16_le(s, 8);
out_uint32_le(s, 3); /* TS_RAIL_LEVEL_SUPPORTED
TS_RAIL_LEVEL_DOCKED_LANGBAR_SUPPORTED */
/* Window List Capability Set */
caps_count++;
out_uint16_le(s, 0x0018); /* CAPSETTYPE_WINDOW */
out_uint16_le(s, 11);
out_uint32_le(s, 2); /* TS_WINDOW_LEVEL_SUPPORTED_EX */
out_uint8(s, 3); /* NumIconCaches */
out_uint16_le(s, 12); /* NumIconCacheEntries */
/* 6 - bitmap cache v3 codecid */
caps_count++;
out_uint16_le(s, 0x0006);
out_uint16_le(s, 5);
out_uint8(s, 0); /* client sets */
if (self->client_info.use_fast_path & FASTPATH_OUTPUT_SUPPORTED) /* fastpath output on */
{
/* multifragment update */
caps_count++;
out_uint16_le(s, RDP_CAPSET_MULTIFRAGMENT); /* 26 CAPSETTYPE_MULTIFRAGMENTUPDATE */
out_uint16_le(s, RDP_CAPLEN_MULTIFRAGMENT);
out_uint32_le(s, 3 * 1024 * 1024); /* 3MB */
/* frame acks */
caps_count++;
out_uint16_le(s, RDP_CAPSET_FRAME_ACKNOWLEDGE); /* CAPSETTYPE_FRAME_ACKNOWLEDGE */
out_uint16_le(s, RDP_CAPLEN_FRAME_ACKNOWLEDGE);
out_uint32_le(s, 2); /* 2 frames in flight */
/* surface commands */
caps_count++;
out_uint16_le(s, RDP_CAPSET_SURFCMDS); /* CAPSETTYPE_SURFACE_COMMANDS */
out_uint16_le(s, RDP_CAPLEN_SURFCMDS); /* lengthCapability */
out_uint32_le(s, (SURFCMDS_SETSURFACEBITS |
SURFCMDS_FRAMEMARKER |
SURFCMDS_STREAMSUFRACEBITS)); /* cmdFlags */
out_uint32_le(s, 0); /* reserved */
}
out_uint8s(s, 4); /* pad */
s_mark_end(s);
caps_size = (int)(s->end - caps_ptr);
caps_size_ptr[0] = caps_size;
caps_size_ptr[1] = caps_size >> 8;
caps_count_ptr[0] = caps_count;
caps_count_ptr[1] = caps_count >> 8;
caps_count_ptr[2] = caps_count >> 16;
caps_count_ptr[3] = caps_count >> 24;
if (xrdp_rdp_send(self, s, RDP_PDU_DEMAND_ACTIVE) != 0)
{
free_stream(s);
return 1;
}
DEBUG(("out (1) xrdp_caps_send_demand_active"));
/* send Monitor Layout PDU for dual monitor */
if (self->client_info.monitorCount > 0 &&
self->client_info.multimon == 1)
{
DEBUG(("xrdp_caps_send_demand_active: sending monitor layout pdu"));
if (xrdp_caps_send_monitorlayout(self) != 0)
{
g_writeln("xrdp_caps_send_demand_active: error sending monitor layout pdu");
}
}
free_stream(s);
return 0;
}