boolean rdp_server_accept_nego(rdpRdp* rdp, STREAM* s) { boolean ret; transport_set_blocking_mode(rdp->transport, True); if (!nego_read_request(rdp->nego, s)) return False; if (rdp->nego->requested_protocols == PROTOCOL_RDP) { printf("Standard RDP encryption is not supported.\n"); return False; } printf("Requested protocols:"); if ((rdp->nego->requested_protocols | PROTOCOL_TLS)) { printf(" TLS"); if (rdp->settings->tls_security) { printf("(Y)"); rdp->nego->selected_protocol |= PROTOCOL_TLS; } else printf("(n)"); } if ((rdp->nego->requested_protocols | PROTOCOL_NLA)) { printf(" NLA"); if (rdp->settings->nla_security) { printf("(Y)"); rdp->nego->selected_protocol |= PROTOCOL_NLA; } else printf("(n)"); } printf("\n"); if (!nego_send_negotiation_response(rdp->nego)) return False; ret = False; if (rdp->nego->selected_protocol & PROTOCOL_NLA) ret = transport_accept_nla(rdp->transport); else if (rdp->nego->selected_protocol & PROTOCOL_TLS) ret = transport_accept_tls(rdp->transport); else if (rdp->nego->selected_protocol & PROTOCOL_RDP) ret = transport_accept_rdp(rdp->transport); if (!ret) return False; transport_set_blocking_mode(rdp->transport, False); rdp->state = CONNECTION_STATE_NEGO; return True; }
BOOL rdp_server_accept_nego(rdpRdp* rdp, wStream* s) { BOOL status; rdpSettings* settings = rdp->settings; transport_set_blocking_mode(rdp->transport, TRUE); if (!nego_read_request(rdp->nego, s)) return FALSE; rdp->nego->selected_protocol = 0; fprintf(stderr, "Client Security: NLA:%d TLS:%d RDP:%d\n", (rdp->nego->requested_protocols & PROTOCOL_NLA) ? 1 : 0, (rdp->nego->requested_protocols & PROTOCOL_TLS) ? 1 : 0, (rdp->nego->requested_protocols == PROTOCOL_RDP) ? 1: 0); fprintf(stderr, "Server Security: NLA:%d TLS:%d RDP:%d\n", settings->NlaSecurity, settings->TlsSecurity, settings->RdpSecurity); if ((settings->NlaSecurity) && (rdp->nego->requested_protocols & PROTOCOL_NLA)) { rdp->nego->selected_protocol = PROTOCOL_NLA; } else if ((settings->TlsSecurity) && (rdp->nego->requested_protocols & PROTOCOL_TLS)) { rdp->nego->selected_protocol = PROTOCOL_TLS; } else if ((settings->RdpSecurity) && (rdp->nego->selected_protocol == PROTOCOL_RDP)) { rdp->nego->selected_protocol = PROTOCOL_RDP; } else { fprintf(stderr, "Protocol security negotiation failure\n"); } fprintf(stderr, "Negotiated Security: NLA:%d TLS:%d RDP:%d\n", (rdp->nego->selected_protocol & PROTOCOL_NLA) ? 1 : 0, (rdp->nego->selected_protocol & PROTOCOL_TLS) ? 1 : 0, (rdp->nego->selected_protocol == PROTOCOL_RDP) ? 1: 0); if (!nego_send_negotiation_response(rdp->nego)) return FALSE; status = FALSE; if (rdp->nego->selected_protocol & PROTOCOL_NLA) status = transport_accept_nla(rdp->transport); else if (rdp->nego->selected_protocol & PROTOCOL_TLS) status = transport_accept_tls(rdp->transport); else if (rdp->nego->selected_protocol == PROTOCOL_RDP) /* 0 */ status = transport_accept_rdp(rdp->transport); if (!status) return FALSE; transport_set_blocking_mode(rdp->transport, FALSE); rdp_server_transition_to_state(rdp, CONNECTION_STATE_NEGO); return TRUE; }
boolean rdp_server_accept_nego(rdpRdp* rdp, STREAM* s) { boolean status; rdpSettings* settings = rdp->settings; transport_set_blocking_mode(rdp->transport, true); if (!nego_read_request(rdp->nego, s)) return false; rdp->nego->selected_protocol = 0; printf("Client Security: NLA:%d TLS:%d RDP:%d\n", (rdp->nego->requested_protocols & PROTOCOL_NLA) ? 1 : 0, (rdp->nego->requested_protocols & PROTOCOL_TLS) ? 1 : 0, (rdp->nego->requested_protocols == PROTOCOL_RDP) ? 1: 0); printf("Server Security: NLA:%d TLS:%d RDP:%d\n", settings->nla_security, settings->tls_security, settings->rdp_security); if ((settings->nla_security) && (rdp->nego->requested_protocols & PROTOCOL_NLA)) { rdp->nego->selected_protocol = PROTOCOL_NLA; } else if ((settings->tls_security) && (rdp->nego->requested_protocols & PROTOCOL_TLS)) { rdp->nego->selected_protocol = PROTOCOL_TLS; } else if ((settings->rdp_security) && (rdp->nego->selected_protocol == PROTOCOL_RDP)) { rdp->nego->selected_protocol = PROTOCOL_RDP; } else { printf("Protocol security negotiation failure\n"); } printf("Negotiated Security: NLA:%d TLS:%d RDP:%d\n", (rdp->nego->selected_protocol & PROTOCOL_NLA) ? 1 : 0, (rdp->nego->selected_protocol & PROTOCOL_TLS) ? 1 : 0, (rdp->nego->selected_protocol == PROTOCOL_RDP) ? 1: 0); if (!nego_send_negotiation_response(rdp->nego)) return false; status = false; if (rdp->nego->selected_protocol & PROTOCOL_NLA) status = transport_accept_nla(rdp->transport); else if (rdp->nego->selected_protocol & PROTOCOL_TLS) status = transport_accept_tls(rdp->transport); else if (rdp->nego->selected_protocol == PROTOCOL_RDP) /* 0 */ status = transport_accept_rdp(rdp->transport); if (!status) return false; transport_set_blocking_mode(rdp->transport, false); rdp->state = CONNECTION_STATE_NEGO; return true; }
tbool rdp_server_accept_nego(rdpRdp* rdp, STREAM* s) { tbool ret; transport_set_blocking_mode(rdp->transport, true); if (!nego_read_request(rdp->nego, s)) return false; rdp->nego->selected_protocol = 0; printf("Requested protocols:"); if ((rdp->nego->requested_protocols & PROTOCOL_TLS)) { printf(" TLS"); if (rdp->settings->tls_security) { printf("(Y)"); rdp->nego->selected_protocol |= PROTOCOL_TLS; } else printf("(n)"); } if ((rdp->nego->requested_protocols & PROTOCOL_NLA)) { printf(" NLA"); if (rdp->settings->nla_security) { printf("(Y)"); rdp->nego->selected_protocol |= PROTOCOL_NLA; } else printf("(n)"); } printf(" RDP"); if (rdp->settings->rdp_security && rdp->nego->selected_protocol == 0) { printf("(Y)"); rdp->nego->selected_protocol = PROTOCOL_RDP; } else printf("(n)"); printf("\n"); if (!nego_send_negotiation_response(rdp->nego)) return false; ret = false; if (rdp->nego->selected_protocol & PROTOCOL_NLA) ret = transport_accept_nla(rdp->transport); else if (rdp->nego->selected_protocol & PROTOCOL_TLS) ret = transport_accept_tls(rdp->transport); else if (rdp->nego->selected_protocol == PROTOCOL_RDP) /* 0 */ ret = transport_accept_rdp(rdp->transport); if (!ret) return false; transport_set_blocking_mode(rdp->transport, false); rdp->state = CONNECTION_STATE_NEGO; return true; }
BOOL rdp_server_accept_nego(rdpRdp* rdp, wStream* s) { BOOL status; rdpSettings* settings = rdp->settings; rdpNego *nego = rdp->nego; transport_set_blocking_mode(rdp->transport, TRUE); if (!nego_read_request(nego, s)) return FALSE; nego->SelectedProtocol = 0; WLog_INFO(TAG, "Client Security: NLA:%d TLS:%d RDP:%d", (nego->RequestedProtocols & PROTOCOL_NLA) ? 1 : 0, (nego->RequestedProtocols & PROTOCOL_TLS) ? 1 : 0, (nego->RequestedProtocols == PROTOCOL_RDP) ? 1 : 0 ); WLog_INFO(TAG, "Server Security: NLA:%d TLS:%d RDP:%d", settings->NlaSecurity, settings->TlsSecurity, settings->RdpSecurity); if ((settings->NlaSecurity) && (nego->RequestedProtocols & PROTOCOL_NLA)) { nego->SelectedProtocol = PROTOCOL_NLA; } else if ((settings->TlsSecurity) && (nego->RequestedProtocols & PROTOCOL_TLS)) { nego->SelectedProtocol = PROTOCOL_TLS; } else if ((settings->RdpSecurity) && (nego->RequestedProtocols == PROTOCOL_RDP)) { nego->SelectedProtocol = PROTOCOL_RDP; } else { /* * when here client and server aren't compatible, we select the right * error message to return to the client in the nego failure packet */ nego->SelectedProtocol = PROTOCOL_FAILED_NEGO; if (settings->RdpSecurity) { WLog_ERR(TAG, "server supports only Standard RDP Security"); nego->SelectedProtocol |= SSL_NOT_ALLOWED_BY_SERVER; } else { if (settings->NlaSecurity && !settings->TlsSecurity) { WLog_ERR(TAG, "server supports only NLA Security"); nego->SelectedProtocol |= HYBRID_REQUIRED_BY_SERVER; } else { WLog_ERR(TAG, "server supports only a SSL based Security (TLS or NLA)"); nego->SelectedProtocol |= SSL_REQUIRED_BY_SERVER; } } WLog_ERR(TAG, "Protocol security negotiation failure"); } if (!(nego->SelectedProtocol & PROTOCOL_FAILED_NEGO)) { WLog_INFO(TAG, "Negotiated Security: NLA:%d TLS:%d RDP:%d", (nego->SelectedProtocol & PROTOCOL_NLA) ? 1 : 0, (nego->SelectedProtocol & PROTOCOL_TLS) ? 1 : 0, (nego->SelectedProtocol == PROTOCOL_RDP) ? 1: 0 ); } if (!nego_send_negotiation_response(nego)) return FALSE; status = FALSE; if (nego->SelectedProtocol & PROTOCOL_NLA) status = transport_accept_nla(rdp->transport); else if (nego->SelectedProtocol & PROTOCOL_TLS) status = transport_accept_tls(rdp->transport); else if (nego->SelectedProtocol == PROTOCOL_RDP) /* 0 */ status = transport_accept_rdp(rdp->transport); if (!status) return FALSE; transport_set_blocking_mode(rdp->transport, FALSE); rdp_server_transition_to_state(rdp, CONNECTION_STATE_NEGO); return TRUE; }