/* process a licence error alert packet */
void
licence_process_error_alert(STREAM s)
{
uint32 error_code;
uint32 state_transition;
in_uint32(s, error_code);
in_uint32(s, state_transition);
in_uint8s(s, 4); /* Skip error_info */
/* There is a special case in the error alert handling, when licensing is all good
and the server is not sending a license to client, a "Server License Error PDU -
Valid Client" packet is sent which means, every thing is ok.
Therefor we should flag that everything is ok with license here.
*/
if (error_code == 0x07)
{
g_licence_issued = True;
return;
}
/* handle error codes, for now, just report them */
switch (error_code)
{
case 0x6: // ERR_NO_LICENSE_SERVER
logger(Core, Notice, "License error alert from server: No license server");
break;
case 0x8: // ERR_INVALID_CLIENT
logger(Core, Notice, "License error alert from server: Invalid client");
break;
case 0x4: // ERR_INVALID_SCOPE
case 0xb: // ERR_INVALID_PRODUCTID
case 0xc: // ERR_INVALID_MESSAGE_LENGTH
default:
logger(Core, Notice,
"License error alert from server: code %u, state transition %u",
error_code, state_transition);
break;
}
g_licence_error_result = True;
}
static void
rdpdr_process(RDPCLIENT * This, STREAM s)
{
uint32 handle;
uint8 *magic;
#if WITH_DEBUG_RDP5
printf("--- rdpdr_process ---\n");
hexdump(s->p, s->end - s->p);
#endif
in_uint8p(s, magic, 4);
if ((magic[0] == 'r') && (magic[1] == 'D'))
{
if ((magic[2] == 'R') && (magic[3] == 'I'))
{
rdpdr_process_irp(This, s);
return;
}
if ((magic[2] == 'n') && (magic[3] == 'I'))
{
rdpdr_send_connect(This);
rdpdr_send_name(This);
return;
}
if ((magic[2] == 'C') && (magic[3] == 'C'))
{
/* connect from server */
rdpdr_send_clientcapabilty(This);
rdpdr_send_available(This);
return;
}
if ((magic[2] == 'r') && (magic[3] == 'd'))
{
/* connect to a specific resource */
in_uint32(s, handle);
#if WITH_DEBUG_RDP5
DEBUG(("RDPDR: Server connected to resource %d\n", handle));
#endif
return;
}
if ((magic[2] == 'P') && (magic[3] == 'S'))
{
/* server capability */
return;
}
}
if ((magic[0] == 'R') && (magic[1] == 'P'))
{
if ((magic[2] == 'C') && (magic[3] == 'P'))
{
printercache_process(This, s);
return;
}
}
unimpl("RDPDR packet type %c%c%c%c\n", magic[0], magic[1], magic[2], magic[3]);
}
void
save_licence(unsigned char *data, int length)
{
char *fpath; /* file path for licence */
char *fname, *fnamewrk; /* file name for licence .inkl path. */
char *home;
uint32 y;
struct flock fnfl;
int fnfd, fnwrkfd, i, wlen;
struct stream s, *s_ptr;
uint32 len;
/* Construct a stream, so that we can use macros to extract the
* licence.
*/
s_ptr = &s;
s_ptr->p = data;
/* Skip first two bytes */
in_uint16(s_ptr, len);
/* Skip three strings */
for (i = 0; i < 3; i++)
{
in_uint32(s_ptr, len);
s_ptr->p += len;
/* Make sure that we won't be past the end of data after
* reading the next length value
*/
if ((s_ptr->p) + 4 > data + length)
{
printf("Error in parsing licence key.\n");
printf("Strings %d end value %x > supplied length (%x)\n", i,
(unsigned int) s_ptr->p, (unsigned int) data + length);
return;
}
}
in_uint32(s_ptr, len);
if (s_ptr->p + len > data + length)
{
printf("Error in parsing licence key.\n");
printf("End of licence %x > supplied length (%x)\n",
(unsigned int) s_ptr->p + len, (unsigned int) data + length);
return;
}
home = getenv("HOME");
if (home == NULL)
return;
/* set and create the directory -- if it doesn't exist. */
fpath = xmalloc(strlen(home) + 11);
STRNCPY(fpath, home, strlen(home) + 1);
sprintf(fpath, "%s/.rdesktop", fpath);
if (mkdir(fpath, 0700) == -1 && errno != EEXIST)
{
perror("mkdir");
exit(1);
}
/* set the real licence filename, and put a write lock on it. */
fname = xmalloc(strlen(fpath) + strlen(hostname) + 10);
sprintf(fname, "%s/licence.%s", fpath, hostname);
fnfd = open(fname, O_RDONLY);
if (fnfd != -1)
{
fnfl.l_type = F_WRLCK;
fnfl.l_whence = SEEK_SET;
fnfl.l_start = 0;
fnfl.l_len = 1;
fcntl(fnfd, F_SETLK, &fnfl);
}
/* create a temporary licence file */
fnamewrk = xmalloc(strlen(fname) + 12);
for (y = 0;; y++)
{
sprintf(fnamewrk, "%s.%lu", fname, (long unsigned int) y);
fnwrkfd = open(fnamewrk, O_WRONLY | O_CREAT | O_EXCL, 0600);
if (fnwrkfd == -1)
{
if (errno == EINTR || errno == EEXIST)
continue;
perror("create");
exit(1);
}
break;
}
/* write to the licence file */
for (y = 0; y < len;)
{
do
{
wlen = write(fnwrkfd, s_ptr->p + y, len - y);
}
while (wlen == -1 && errno == EINTR);
if (wlen < 1)
{
perror("write");
unlink(fnamewrk);
exit(1);
}
y += wlen;
}
/* close the file and rename it to fname */
if (close(fnwrkfd) == -1)
{
perror("close");
unlink(fnamewrk);
exit(1);
}
if (rename(fnamewrk, fname) == -1)
{
perror("rename");
unlink(fnamewrk);
exit(1);
}
/* close the file lock on fname */
if (fnfd != -1)
{
fnfl.l_type = F_UNLCK;
fnfl.l_whence = SEEK_SET;
fnfl.l_start = 0;
fnfl.l_len = 1;
fcntl(fnfd, F_SETLK, &fnfl);
close(fnfd);
}
}
/* Establish a connection up to the ISO layer */
RD_BOOL
iso_connect(char *server, char *username, RD_BOOL reconnect, uint32 * selected_protocol)
{
STREAM s;
uint8 code;
g_negotiate_rdp_protocol = True;
retry:
*selected_protocol = PROTOCOL_RDP;
code = 0;
if (!tcp_connect(server))
return False;
if (reconnect)
{
iso_send_msg(ISO_PDU_CR);
}
else
{
iso_send_connection_request(username);
}
s = iso_recv_msg(&code, NULL);
if (s == NULL)
return False;
if (code != ISO_PDU_CC)
{
error("expected CC, got 0x%x\n", code);
tcp_disconnect();
return False;
}
if (g_rdp_version >= RDP_V5 && s_check_rem(s, 8))
{
/* handle RDP_NEG_REQ response */
const char *reason = NULL;
uint8 type = 0, flags = 0;
uint16 length = 0;
uint32 data = 0;
in_uint8(s, type);
in_uint8(s, flags);
in_uint16(s, length);
in_uint32(s, data);
if (type == RDP_NEG_FAILURE)
{
switch (data)
{
case SSL_REQUIRED_BY_SERVER:
reason = "SSL required by server";
break;
case SSL_WITH_USER_AUTH_REQUIRED_BY_SERVER:
reason = "SSL with user authentication required by server";
break;
case SSL_NOT_ALLOWED_BY_SERVER:
reason = "SSL not allowed by server";
break;
case SSL_CERT_NOT_ON_SERVER:
reason = "SSL certificated not on server";
break;
case INCONSISTENT_FLAGS:
reason = "inconsistent flags";
break;
case HYBRID_REQUIRED_BY_SERVER:
reason = "hybrid authentication (CredSSP) required by server";
break;
default:
reason = "unknown reason";
}
tcp_disconnect();
warning("RDP protocol negotiation failed with reason: %s (error 0x%x),\n",
reason, data);
warning("retrying without negotiation using plain RDP protocol.\n");
g_negotiate_rdp_protocol = False;
goto retry;
}
if (type != RDP_NEG_RSP)
{
tcp_disconnect();
error("expected RDP_NEG_RSP, got type = 0x%x\n", type);
warning("retrying without negotiation using plain RDP protocol.\n");
g_negotiate_rdp_protocol = False;
goto retry;
}
/* handle negotiation response */
if (data == PROTOCOL_SSL)
{
DEBUGMSG(1,(L"iso_connect: negotiation: PROTOCOL_SSL\n"));
if (!tcp_tls_connect())
{
tcp_disconnect();
DEBUGMSG(1,(L"iso_connect: negotiation: PROTOCOL_SSL FAILED\n"));
return False;
}
/* do not use encryption when using TLS */
g_encryption = False;
}
else if (data != PROTOCOL_RDP)
{
tcp_disconnect();
error("unexpected protocol in neqotiation response, got data = 0x%x.\n",
data);
return False;
}
*selected_protocol = data;
}
return True;
}
static void
rdpusb_process(STREAM s)
{
int rc;
uint32 len;
uint8 code;
uint32 devid;
PUSBPROXYDEV proxy = NULL;
#ifdef RDPUSB_DEBUG
Log(("RDPUSB recv:\n"));
hexdump(s->p, s->end - s->p);
#endif
in_uint32_le (s, len);
if (len > s->end - s->p)
{
error("RDPUSB: not enough data len = %d, bytes left %d\n", len, s->end - s->p);
return;
}
in_uint8(s, code);
Log(("RDPUSB recv: len = %d, code = %d\n", len, code));
switch (code)
{
case RDPUSB_REQ_OPEN:
{
PUSBDEVICE pDevice;
in_uint32_le(s, devid);
proxy = (PUSBPROXYDEV )xmalloc (sizeof (USBPROXYDEV));
if (!proxy)
{
error("RDPUSB: Out of memory allocating proxy backend data\n");
return;
}
memset (proxy, 0, sizeof (USBPROXYDEV));
proxy->pvInstanceDataR3 = xmalloc(g_USBProxyDeviceHost.cbBackend);
if (!proxy->pvInstanceDataR3)
{
xfree (proxy);
error("RDPUSB: Out of memory allocating proxy backend data\n");
return;
}
proxy->Dev.pszName = "Remote device";
proxy->devid = devid;
for (pDevice = g_pUsbDevices; pDevice; pDevice = pDevice->pNext)
if ((pDevice->bPort << 8) + pDevice->bBus == devid)
break;
rc = pDevice ? op_usbproxy_back_open(proxy, pDevice->pszAddress)
: VERR_NOT_FOUND;
if (rc != VINF_SUCCESS)
{
rdpusb_send_access_denied (code, devid);
xfree (proxy);
proxy = NULL;
}
else
{
if (g_proxies)
{
g_proxies->pPrev = proxy;
}
proxy->pNext = g_proxies;
g_proxies = proxy;
}
} break;
case RDPUSB_REQ_CLOSE:
{
in_uint32_le(s, devid);
proxy = devid2proxy (devid);
if (proxy)
{
op_usbproxy_back_close(proxy);
if (proxy->pPrev)
{
proxy->pPrev->pNext = proxy->pNext;
}
else
{
g_proxies = proxy->pNext;
}
if (proxy->pNext)
{
proxy->pNext->pPrev = proxy->pPrev;
}
xfree (proxy->pvInstanceDataR3);
xfree (proxy);
proxy = NULL;
}
/* No reply. */
} break;
case RDPUSB_REQ_RESET:
{
in_uint32_le(s, devid);
proxy = devid2proxy (devid);
if (!proxy)
{
rdpusb_send_access_denied (code, devid);
break;
}
rc = op_usbproxy_back_reset(proxy);
if (rc != VINF_SUCCESS)
{
rdpusb_send_reply (code, vrdp_usb_status (!rc, &proxy->Dev), devid);
}
} break;
case RDPUSB_REQ_SET_CONFIG:
{
uint8 cfg;
in_uint32_le(s, devid);
proxy = devid2proxy (devid);
if (!proxy)
{
rdpusb_send_access_denied (code, devid);
break;
}
in_uint8(s, cfg);
rc = op_usbproxy_back_set_config(proxy, cfg);
if (RT_FAILURE(rc))
{
rdpusb_send_reply (code, vrdp_usb_status (rc, &proxy->Dev), devid);
}
} break;
case RDPUSB_REQ_CLAIM_INTERFACE:
{
uint8 ifnum;
in_uint32_le(s, devid);
proxy = devid2proxy (devid);
if (!proxy)
{
rdpusb_send_access_denied (code, devid);
break;
}
in_uint8(s, ifnum);
in_uint8(s, ifnum);
rc = op_usbproxy_back_claim_interface(proxy, ifnum);
if (RT_FAILURE(rc))
{
rdpusb_send_reply (code, vrdp_usb_status (rc, &proxy->Dev), devid);
}
} break;
case RDPUSB_REQ_RELEASE_INTERFACE:
{
uint8 ifnum;
in_uint32_le(s, devid);
proxy = devid2proxy (devid);
if (!proxy)
{
rdpusb_send_access_denied (code, devid);
break;
}
in_uint8(s, ifnum);
rc = op_usbproxy_back_release_interface(proxy, ifnum);
if (RT_FAILURE(rc))
{
rdpusb_send_reply (code, vrdp_usb_status (rc, &proxy->Dev), devid);
}
} break;
case RDPUSB_REQ_INTERFACE_SETTING:
{
uint8 ifnum;
uint8 setting;
in_uint32_le(s, devid);
proxy = devid2proxy (devid);
if (!proxy)
{
rdpusb_send_access_denied (code, devid);
break;
}
in_uint8(s, ifnum);
in_uint8(s, setting);
rc = op_usbproxy_back_interface_setting(proxy, ifnum, setting);
if (RT_FAILURE(rc))
{
rdpusb_send_reply (code, vrdp_usb_status (rc, &proxy->Dev), devid);
}
} break;
case RDPUSB_REQ_QUEUE_URB:
{
uint32 handle;
uint8 type;
uint8 ep;
uint8 dir;
uint32 urblen;
uint32 datalen;
PVUSBURB pUrb; // struct vusb_urb *urb;
in_uint32_le(s, devid);
proxy = devid2proxy (devid);
if (!proxy)
{
/* No reply. */
break;
}
in_uint32(s, handle);
in_uint8(s, type);
in_uint8(s, ep);
in_uint8(s, dir);
in_uint32(s, urblen);
in_uint32(s, datalen);
/* Allocate a single block for URB description and data buffer */
pUrb = (PVUSBURB)xmalloc (sizeof (VUSBURB) +
(urblen <= sizeof (pUrb->abData)? 0: urblen - sizeof (pUrb->abData))
);
memset (pUrb, 0, sizeof (VUSBURB));
pUrb->pDev = &proxy->Dev;
pUrb->handle = handle;
pUrb->enmType = type;
pUrb->enmStatus = 0;
pUrb->EndPt = ep;
pUrb->enmDir = dir;
pUrb->cbData = urblen;
Log(("RDPUSB: queued URB handle = %d\n", handle));
if (datalen)
{
in_uint8a (s, pUrb->abData, datalen);
}
rc = op_usbproxy_back_queue_urb(proxy, pUrb);
/* No reply required. */
if (RT_SUCCESS(rc))
{
if (proxy->pUrbs)
{
proxy->pUrbs->pPrev = pUrb;
}
pUrb->pNext = proxy->pUrbs;
proxy->pUrbs = pUrb;
}
else
{
xfree (pUrb);
}
} break;
case RDPUSB_REQ_REAP_URB:
{
rdpusb_reap_urbs ();
} break;
case RDPUSB_REQ_CLEAR_HALTED_EP:
{
uint8 ep;
in_uint32_le(s, devid);
proxy = devid2proxy (devid);
if (!proxy)
{
rdpusb_send_access_denied (code, devid);
break;
}
in_uint8(s, ep);
rc = op_usbproxy_back_clear_halted_ep(proxy, ep);
if (RT_FAILURE(rc))
{
rdpusb_send_reply (code, vrdp_usb_status (rc, &proxy->Dev), devid);
}
} break;
case RDPUSB_REQ_CANCEL_URB:
{
uint32 handle;
PVUSBURB pUrb = NULL;
in_uint32_le(s, devid);
proxy = devid2proxy (devid);
if (!proxy)
{
rdpusb_send_access_denied (code, devid);
break;
}
in_uint32_le(s, handle);
pUrb = proxy->pUrbs;
while (pUrb && pUrb->handle != handle)
{
pUrb = pUrb->pNext;
}
if (pUrb)
{
op_usbproxy_back_cancel_urb(proxy, pUrb);
/* No reply required. */
/* Remove URB from list. */
if (pUrb->pPrev)
{
pUrb->pPrev->pNext = pUrb->pNext;
}
else
{
proxy->pUrbs = pUrb->pNext;
}
if (pUrb->pNext)
{
pUrb->pNext->pPrev = pUrb->pPrev;
}
pUrb->pNext = pUrb->pPrev = NULL;
Log(("Cancelled URB %p\n", pUrb));
// xfree (pUrb);
}
} break;
case RDPUSB_REQ_DEVICE_LIST:
{
void *buf = NULL;
int len = 0;
buf = build_device_list (&len);
s = rdpusb_init_packet(len? len: 2, code);
if (len)
{
out_uint8p (s, buf, len);
}
else
{
out_uint16_le(s, 0);
}
s_mark_end(s);
rdpusb_send(s);
if (buf)
{
free (buf);
}
} break;
case RDPUSB_REQ_NEGOTIATE:
{
s = rdpusb_init_packet(1, code);
out_uint8(s, VRDP_USB_CAPS_FLAG_ASYNC);
s_mark_end(s);
rdpusb_send(s);
} break;
default:
unimpl("RDPUSB code %d\n", code);
break;
}
}
/* Establish a connection up to the ISO layer */
RD_BOOL
iso_connect(char *server, char *username, char *domain, char *password,
RD_BOOL reconnect, uint32 * selected_protocol)
{
STREAM s;
uint8 code;
uint32 neg_proto;
g_negotiate_rdp_protocol = True;
neg_proto = PROTOCOL_SSL;
#ifdef WITH_CREDSSP
if (!g_use_password_as_pin)
neg_proto |= PROTOCOL_HYBRID;
else if (g_sc_csp_name || g_sc_reader_name || g_sc_card_name || g_sc_container_name)
neg_proto |= PROTOCOL_HYBRID;
else
warning("Disables CredSSP due to missing smartcard information for SSO.\n");
#endif
retry:
*selected_protocol = PROTOCOL_RDP;
code = 0;
if (!tcp_connect(server))
return False;
iso_send_connection_request(username, neg_proto);
s = iso_recv_msg(&code, NULL);
if (s == NULL)
return False;
if (code != ISO_PDU_CC)
{
error("expected CC, got 0x%x\n", code);
tcp_disconnect();
return False;
}
if (g_rdp_version >= RDP_V5 && s_check_rem(s, 8))
{
/* handle RDP_NEG_REQ response */
const char *reason = NULL;
uint8 type = 0, flags = 0;
uint16 length = 0;
uint32 data = 0;
in_uint8(s, type);
in_uint8(s, flags);
in_uint16(s, length);
in_uint32(s, data);
if (type == RDP_NEG_FAILURE)
{
RD_BOOL retry_without_neg = False;
switch (data)
{
case SSL_WITH_USER_AUTH_REQUIRED_BY_SERVER:
reason = "SSL with user authentication required by server";
break;
case SSL_NOT_ALLOWED_BY_SERVER:
reason = "SSL not allowed by server";
retry_without_neg = True;
break;
case SSL_CERT_NOT_ON_SERVER:
reason = "no valid authentication certificate on server";
retry_without_neg = True;
break;
case INCONSISTENT_FLAGS:
reason = "inconsistent negotiation flags";
break;
case SSL_REQUIRED_BY_SERVER:
reason = "SSL required by server";
break;
case HYBRID_REQUIRED_BY_SERVER:
reason = "CredSSP required by server";
break;
default:
reason = "unknown reason";
}
tcp_disconnect();
if (retry_without_neg)
{
fprintf(stderr,
"Failed to negotiate protocol, retrying with plain RDP.\n");
g_negotiate_rdp_protocol = False;
goto retry;
}
fprintf(stderr, "Failed to connect, %s.\n", reason);
return False;
}
if (type != RDP_NEG_RSP)
{
tcp_disconnect();
error("Expected RDP_NEG_RSP, got type = 0x%x\n", type);
return False;
}
/* handle negotiation response */
if (data == PROTOCOL_SSL)
{
if (!tcp_tls_connect())
{
/* failed to connect using cssp, let retry with plain TLS */
tcp_disconnect();
neg_proto = PROTOCOL_RDP;
goto retry;
}
/* do not use encryption when using TLS */
g_encryption = False;
fprintf(stderr, "Connection established using SSL.\n");
}
#ifdef WITH_CREDSSP
else if (data == PROTOCOL_HYBRID)
{
if (!cssp_connect(server, username, domain, password, s))
{
/* failed to connect using cssp, let retry with plain TLS */
tcp_disconnect();
neg_proto = PROTOCOL_SSL;
goto retry;
}
/* do not use encryption when using TLS */
fprintf(stderr, "Connection established using CredSSP.\n");
g_encryption = False;
}
#endif
else if (data == PROTOCOL_RDP)
{
fprintf(stderr, "Connection established using plain RDP.\n");
}
else if (data != PROTOCOL_RDP)
{
tcp_disconnect();
error("Unexpected protocol in negotiation response, got data = 0x%x.\n",
data);
return False;
}
*selected_protocol = data;
}
return True;
}
void
rdpsnd_process(STREAM s)
{
uint8 type;
uint16 datalen;
uint32 volume;
static uint16 tick, format;
static uint8 packet_index;
static BOOL awaiting_data_packet;
#ifdef RDPSND_DEBUG
printf("RDPSND recv:\n");
hexdump(s->p, s->end - s->p);
#endif
if (awaiting_data_packet)
{
if (format >= MAX_FORMATS)
{
error("RDPSND: Invalid format index\n");
return;
}
if (!device_open || (format != current_format))
{
if (!device_open && !wave_out_open())
{
rdpsnd_send_completion(tick, packet_index);
return;
}
if (!wave_out_set_format(&formats[format]))
{
rdpsnd_send_completion(tick, packet_index);
wave_out_close();
device_open = False;
return;
}
device_open = True;
current_format = format;
}
wave_out_write(s, tick, packet_index);
awaiting_data_packet = False;
return;
}
in_uint8(s, type);
in_uint8s(s, 1); /* unknown? */
in_uint16_le(s, datalen);
switch (type)
{
case RDPSND_WRITE:
in_uint16_le(s, tick);
in_uint16_le(s, format);
in_uint8(s, packet_index);
awaiting_data_packet = True;
break;
case RDPSND_CLOSE:
wave_out_close();
device_open = False;
break;
case RDPSND_NEGOTIATE:
rdpsnd_process_negotiate(s);
break;
case RDPSND_UNKNOWN6:
rdpsnd_process_unknown6(s);
break;
case RDPSND_SET_VOLUME:
in_uint32(s, volume);
if (device_open)
{
wave_out_volume((volume & 0xffff), (volume & 0xffff0000) >> 16);
}
break;
default:
unimpl("RDPSND packet type %d\n", type);
break;
}
}
