/* process a licence error alert packet */ void licence_process_error_alert(STREAM s) { uint32 error_code; uint32 state_transition; in_uint32(s, error_code); in_uint32(s, state_transition); in_uint8s(s, 4); /* Skip error_info */ /* There is a special case in the error alert handling, when licensing is all good and the server is not sending a license to client, a "Server License Error PDU - Valid Client" packet is sent which means, every thing is ok. Therefor we should flag that everything is ok with license here. */ if (error_code == 0x07) { g_licence_issued = True; return; } /* handle error codes, for now, just report them */ switch (error_code) { case 0x6: // ERR_NO_LICENSE_SERVER logger(Core, Notice, "License error alert from server: No license server"); break; case 0x8: // ERR_INVALID_CLIENT logger(Core, Notice, "License error alert from server: Invalid client"); break; case 0x4: // ERR_INVALID_SCOPE case 0xb: // ERR_INVALID_PRODUCTID case 0xc: // ERR_INVALID_MESSAGE_LENGTH default: logger(Core, Notice, "License error alert from server: code %u, state transition %u", error_code, state_transition); break; } g_licence_error_result = True; }
static void rdpdr_process(RDPCLIENT * This, STREAM s) { uint32 handle; uint8 *magic; #if WITH_DEBUG_RDP5 printf("--- rdpdr_process ---\n"); hexdump(s->p, s->end - s->p); #endif in_uint8p(s, magic, 4); if ((magic[0] == 'r') && (magic[1] == 'D')) { if ((magic[2] == 'R') && (magic[3] == 'I')) { rdpdr_process_irp(This, s); return; } if ((magic[2] == 'n') && (magic[3] == 'I')) { rdpdr_send_connect(This); rdpdr_send_name(This); return; } if ((magic[2] == 'C') && (magic[3] == 'C')) { /* connect from server */ rdpdr_send_clientcapabilty(This); rdpdr_send_available(This); return; } if ((magic[2] == 'r') && (magic[3] == 'd')) { /* connect to a specific resource */ in_uint32(s, handle); #if WITH_DEBUG_RDP5 DEBUG(("RDPDR: Server connected to resource %d\n", handle)); #endif return; } if ((magic[2] == 'P') && (magic[3] == 'S')) { /* server capability */ return; } } if ((magic[0] == 'R') && (magic[1] == 'P')) { if ((magic[2] == 'C') && (magic[3] == 'P')) { printercache_process(This, s); return; } } unimpl("RDPDR packet type %c%c%c%c\n", magic[0], magic[1], magic[2], magic[3]); }
void save_licence(unsigned char *data, int length) { char *fpath; /* file path for licence */ char *fname, *fnamewrk; /* file name for licence .inkl path. */ char *home; uint32 y; struct flock fnfl; int fnfd, fnwrkfd, i, wlen; struct stream s, *s_ptr; uint32 len; /* Construct a stream, so that we can use macros to extract the * licence. */ s_ptr = &s; s_ptr->p = data; /* Skip first two bytes */ in_uint16(s_ptr, len); /* Skip three strings */ for (i = 0; i < 3; i++) { in_uint32(s_ptr, len); s_ptr->p += len; /* Make sure that we won't be past the end of data after * reading the next length value */ if ((s_ptr->p) + 4 > data + length) { printf("Error in parsing licence key.\n"); printf("Strings %d end value %x > supplied length (%x)\n", i, (unsigned int) s_ptr->p, (unsigned int) data + length); return; } } in_uint32(s_ptr, len); if (s_ptr->p + len > data + length) { printf("Error in parsing licence key.\n"); printf("End of licence %x > supplied length (%x)\n", (unsigned int) s_ptr->p + len, (unsigned int) data + length); return; } home = getenv("HOME"); if (home == NULL) return; /* set and create the directory -- if it doesn't exist. */ fpath = xmalloc(strlen(home) + 11); STRNCPY(fpath, home, strlen(home) + 1); sprintf(fpath, "%s/.rdesktop", fpath); if (mkdir(fpath, 0700) == -1 && errno != EEXIST) { perror("mkdir"); exit(1); } /* set the real licence filename, and put a write lock on it. */ fname = xmalloc(strlen(fpath) + strlen(hostname) + 10); sprintf(fname, "%s/licence.%s", fpath, hostname); fnfd = open(fname, O_RDONLY); if (fnfd != -1) { fnfl.l_type = F_WRLCK; fnfl.l_whence = SEEK_SET; fnfl.l_start = 0; fnfl.l_len = 1; fcntl(fnfd, F_SETLK, &fnfl); } /* create a temporary licence file */ fnamewrk = xmalloc(strlen(fname) + 12); for (y = 0;; y++) { sprintf(fnamewrk, "%s.%lu", fname, (long unsigned int) y); fnwrkfd = open(fnamewrk, O_WRONLY | O_CREAT | O_EXCL, 0600); if (fnwrkfd == -1) { if (errno == EINTR || errno == EEXIST) continue; perror("create"); exit(1); } break; } /* write to the licence file */ for (y = 0; y < len;) { do { wlen = write(fnwrkfd, s_ptr->p + y, len - y); } while (wlen == -1 && errno == EINTR); if (wlen < 1) { perror("write"); unlink(fnamewrk); exit(1); } y += wlen; } /* close the file and rename it to fname */ if (close(fnwrkfd) == -1) { perror("close"); unlink(fnamewrk); exit(1); } if (rename(fnamewrk, fname) == -1) { perror("rename"); unlink(fnamewrk); exit(1); } /* close the file lock on fname */ if (fnfd != -1) { fnfl.l_type = F_UNLCK; fnfl.l_whence = SEEK_SET; fnfl.l_start = 0; fnfl.l_len = 1; fcntl(fnfd, F_SETLK, &fnfl); close(fnfd); } }
/* Establish a connection up to the ISO layer */ RD_BOOL iso_connect(char *server, char *username, RD_BOOL reconnect, uint32 * selected_protocol) { STREAM s; uint8 code; g_negotiate_rdp_protocol = True; retry: *selected_protocol = PROTOCOL_RDP; code = 0; if (!tcp_connect(server)) return False; if (reconnect) { iso_send_msg(ISO_PDU_CR); } else { iso_send_connection_request(username); } s = iso_recv_msg(&code, NULL); if (s == NULL) return False; if (code != ISO_PDU_CC) { error("expected CC, got 0x%x\n", code); tcp_disconnect(); return False; } if (g_rdp_version >= RDP_V5 && s_check_rem(s, 8)) { /* handle RDP_NEG_REQ response */ const char *reason = NULL; uint8 type = 0, flags = 0; uint16 length = 0; uint32 data = 0; in_uint8(s, type); in_uint8(s, flags); in_uint16(s, length); in_uint32(s, data); if (type == RDP_NEG_FAILURE) { switch (data) { case SSL_REQUIRED_BY_SERVER: reason = "SSL required by server"; break; case SSL_WITH_USER_AUTH_REQUIRED_BY_SERVER: reason = "SSL with user authentication required by server"; break; case SSL_NOT_ALLOWED_BY_SERVER: reason = "SSL not allowed by server"; break; case SSL_CERT_NOT_ON_SERVER: reason = "SSL certificated not on server"; break; case INCONSISTENT_FLAGS: reason = "inconsistent flags"; break; case HYBRID_REQUIRED_BY_SERVER: reason = "hybrid authentication (CredSSP) required by server"; break; default: reason = "unknown reason"; } tcp_disconnect(); warning("RDP protocol negotiation failed with reason: %s (error 0x%x),\n", reason, data); warning("retrying without negotiation using plain RDP protocol.\n"); g_negotiate_rdp_protocol = False; goto retry; } if (type != RDP_NEG_RSP) { tcp_disconnect(); error("expected RDP_NEG_RSP, got type = 0x%x\n", type); warning("retrying without negotiation using plain RDP protocol.\n"); g_negotiate_rdp_protocol = False; goto retry; } /* handle negotiation response */ if (data == PROTOCOL_SSL) { DEBUGMSG(1,(L"iso_connect: negotiation: PROTOCOL_SSL\n")); if (!tcp_tls_connect()) { tcp_disconnect(); DEBUGMSG(1,(L"iso_connect: negotiation: PROTOCOL_SSL FAILED\n")); return False; } /* do not use encryption when using TLS */ g_encryption = False; } else if (data != PROTOCOL_RDP) { tcp_disconnect(); error("unexpected protocol in neqotiation response, got data = 0x%x.\n", data); return False; } *selected_protocol = data; } return True; }
static void rdpusb_process(STREAM s) { int rc; uint32 len; uint8 code; uint32 devid; PUSBPROXYDEV proxy = NULL; #ifdef RDPUSB_DEBUG Log(("RDPUSB recv:\n")); hexdump(s->p, s->end - s->p); #endif in_uint32_le (s, len); if (len > s->end - s->p) { error("RDPUSB: not enough data len = %d, bytes left %d\n", len, s->end - s->p); return; } in_uint8(s, code); Log(("RDPUSB recv: len = %d, code = %d\n", len, code)); switch (code) { case RDPUSB_REQ_OPEN: { PUSBDEVICE pDevice; in_uint32_le(s, devid); proxy = (PUSBPROXYDEV )xmalloc (sizeof (USBPROXYDEV)); if (!proxy) { error("RDPUSB: Out of memory allocating proxy backend data\n"); return; } memset (proxy, 0, sizeof (USBPROXYDEV)); proxy->pvInstanceDataR3 = xmalloc(g_USBProxyDeviceHost.cbBackend); if (!proxy->pvInstanceDataR3) { xfree (proxy); error("RDPUSB: Out of memory allocating proxy backend data\n"); return; } proxy->Dev.pszName = "Remote device"; proxy->devid = devid; for (pDevice = g_pUsbDevices; pDevice; pDevice = pDevice->pNext) if ((pDevice->bPort << 8) + pDevice->bBus == devid) break; rc = pDevice ? op_usbproxy_back_open(proxy, pDevice->pszAddress) : VERR_NOT_FOUND; if (rc != VINF_SUCCESS) { rdpusb_send_access_denied (code, devid); xfree (proxy); proxy = NULL; } else { if (g_proxies) { g_proxies->pPrev = proxy; } proxy->pNext = g_proxies; g_proxies = proxy; } } break; case RDPUSB_REQ_CLOSE: { in_uint32_le(s, devid); proxy = devid2proxy (devid); if (proxy) { op_usbproxy_back_close(proxy); if (proxy->pPrev) { proxy->pPrev->pNext = proxy->pNext; } else { g_proxies = proxy->pNext; } if (proxy->pNext) { proxy->pNext->pPrev = proxy->pPrev; } xfree (proxy->pvInstanceDataR3); xfree (proxy); proxy = NULL; } /* No reply. */ } break; case RDPUSB_REQ_RESET: { in_uint32_le(s, devid); proxy = devid2proxy (devid); if (!proxy) { rdpusb_send_access_denied (code, devid); break; } rc = op_usbproxy_back_reset(proxy); if (rc != VINF_SUCCESS) { rdpusb_send_reply (code, vrdp_usb_status (!rc, &proxy->Dev), devid); } } break; case RDPUSB_REQ_SET_CONFIG: { uint8 cfg; in_uint32_le(s, devid); proxy = devid2proxy (devid); if (!proxy) { rdpusb_send_access_denied (code, devid); break; } in_uint8(s, cfg); rc = op_usbproxy_back_set_config(proxy, cfg); if (RT_FAILURE(rc)) { rdpusb_send_reply (code, vrdp_usb_status (rc, &proxy->Dev), devid); } } break; case RDPUSB_REQ_CLAIM_INTERFACE: { uint8 ifnum; in_uint32_le(s, devid); proxy = devid2proxy (devid); if (!proxy) { rdpusb_send_access_denied (code, devid); break; } in_uint8(s, ifnum); in_uint8(s, ifnum); rc = op_usbproxy_back_claim_interface(proxy, ifnum); if (RT_FAILURE(rc)) { rdpusb_send_reply (code, vrdp_usb_status (rc, &proxy->Dev), devid); } } break; case RDPUSB_REQ_RELEASE_INTERFACE: { uint8 ifnum; in_uint32_le(s, devid); proxy = devid2proxy (devid); if (!proxy) { rdpusb_send_access_denied (code, devid); break; } in_uint8(s, ifnum); rc = op_usbproxy_back_release_interface(proxy, ifnum); if (RT_FAILURE(rc)) { rdpusb_send_reply (code, vrdp_usb_status (rc, &proxy->Dev), devid); } } break; case RDPUSB_REQ_INTERFACE_SETTING: { uint8 ifnum; uint8 setting; in_uint32_le(s, devid); proxy = devid2proxy (devid); if (!proxy) { rdpusb_send_access_denied (code, devid); break; } in_uint8(s, ifnum); in_uint8(s, setting); rc = op_usbproxy_back_interface_setting(proxy, ifnum, setting); if (RT_FAILURE(rc)) { rdpusb_send_reply (code, vrdp_usb_status (rc, &proxy->Dev), devid); } } break; case RDPUSB_REQ_QUEUE_URB: { uint32 handle; uint8 type; uint8 ep; uint8 dir; uint32 urblen; uint32 datalen; PVUSBURB pUrb; // struct vusb_urb *urb; in_uint32_le(s, devid); proxy = devid2proxy (devid); if (!proxy) { /* No reply. */ break; } in_uint32(s, handle); in_uint8(s, type); in_uint8(s, ep); in_uint8(s, dir); in_uint32(s, urblen); in_uint32(s, datalen); /* Allocate a single block for URB description and data buffer */ pUrb = (PVUSBURB)xmalloc (sizeof (VUSBURB) + (urblen <= sizeof (pUrb->abData)? 0: urblen - sizeof (pUrb->abData)) ); memset (pUrb, 0, sizeof (VUSBURB)); pUrb->pDev = &proxy->Dev; pUrb->handle = handle; pUrb->enmType = type; pUrb->enmStatus = 0; pUrb->EndPt = ep; pUrb->enmDir = dir; pUrb->cbData = urblen; Log(("RDPUSB: queued URB handle = %d\n", handle)); if (datalen) { in_uint8a (s, pUrb->abData, datalen); } rc = op_usbproxy_back_queue_urb(proxy, pUrb); /* No reply required. */ if (RT_SUCCESS(rc)) { if (proxy->pUrbs) { proxy->pUrbs->pPrev = pUrb; } pUrb->pNext = proxy->pUrbs; proxy->pUrbs = pUrb; } else { xfree (pUrb); } } break; case RDPUSB_REQ_REAP_URB: { rdpusb_reap_urbs (); } break; case RDPUSB_REQ_CLEAR_HALTED_EP: { uint8 ep; in_uint32_le(s, devid); proxy = devid2proxy (devid); if (!proxy) { rdpusb_send_access_denied (code, devid); break; } in_uint8(s, ep); rc = op_usbproxy_back_clear_halted_ep(proxy, ep); if (RT_FAILURE(rc)) { rdpusb_send_reply (code, vrdp_usb_status (rc, &proxy->Dev), devid); } } break; case RDPUSB_REQ_CANCEL_URB: { uint32 handle; PVUSBURB pUrb = NULL; in_uint32_le(s, devid); proxy = devid2proxy (devid); if (!proxy) { rdpusb_send_access_denied (code, devid); break; } in_uint32_le(s, handle); pUrb = proxy->pUrbs; while (pUrb && pUrb->handle != handle) { pUrb = pUrb->pNext; } if (pUrb) { op_usbproxy_back_cancel_urb(proxy, pUrb); /* No reply required. */ /* Remove URB from list. */ if (pUrb->pPrev) { pUrb->pPrev->pNext = pUrb->pNext; } else { proxy->pUrbs = pUrb->pNext; } if (pUrb->pNext) { pUrb->pNext->pPrev = pUrb->pPrev; } pUrb->pNext = pUrb->pPrev = NULL; Log(("Cancelled URB %p\n", pUrb)); // xfree (pUrb); } } break; case RDPUSB_REQ_DEVICE_LIST: { void *buf = NULL; int len = 0; buf = build_device_list (&len); s = rdpusb_init_packet(len? len: 2, code); if (len) { out_uint8p (s, buf, len); } else { out_uint16_le(s, 0); } s_mark_end(s); rdpusb_send(s); if (buf) { free (buf); } } break; case RDPUSB_REQ_NEGOTIATE: { s = rdpusb_init_packet(1, code); out_uint8(s, VRDP_USB_CAPS_FLAG_ASYNC); s_mark_end(s); rdpusb_send(s); } break; default: unimpl("RDPUSB code %d\n", code); break; } }
/* Establish a connection up to the ISO layer */ RD_BOOL iso_connect(char *server, char *username, char *domain, char *password, RD_BOOL reconnect, uint32 * selected_protocol) { STREAM s; uint8 code; uint32 neg_proto; g_negotiate_rdp_protocol = True; neg_proto = PROTOCOL_SSL; #ifdef WITH_CREDSSP if (!g_use_password_as_pin) neg_proto |= PROTOCOL_HYBRID; else if (g_sc_csp_name || g_sc_reader_name || g_sc_card_name || g_sc_container_name) neg_proto |= PROTOCOL_HYBRID; else warning("Disables CredSSP due to missing smartcard information for SSO.\n"); #endif retry: *selected_protocol = PROTOCOL_RDP; code = 0; if (!tcp_connect(server)) return False; iso_send_connection_request(username, neg_proto); s = iso_recv_msg(&code, NULL); if (s == NULL) return False; if (code != ISO_PDU_CC) { error("expected CC, got 0x%x\n", code); tcp_disconnect(); return False; } if (g_rdp_version >= RDP_V5 && s_check_rem(s, 8)) { /* handle RDP_NEG_REQ response */ const char *reason = NULL; uint8 type = 0, flags = 0; uint16 length = 0; uint32 data = 0; in_uint8(s, type); in_uint8(s, flags); in_uint16(s, length); in_uint32(s, data); if (type == RDP_NEG_FAILURE) { RD_BOOL retry_without_neg = False; switch (data) { case SSL_WITH_USER_AUTH_REQUIRED_BY_SERVER: reason = "SSL with user authentication required by server"; break; case SSL_NOT_ALLOWED_BY_SERVER: reason = "SSL not allowed by server"; retry_without_neg = True; break; case SSL_CERT_NOT_ON_SERVER: reason = "no valid authentication certificate on server"; retry_without_neg = True; break; case INCONSISTENT_FLAGS: reason = "inconsistent negotiation flags"; break; case SSL_REQUIRED_BY_SERVER: reason = "SSL required by server"; break; case HYBRID_REQUIRED_BY_SERVER: reason = "CredSSP required by server"; break; default: reason = "unknown reason"; } tcp_disconnect(); if (retry_without_neg) { fprintf(stderr, "Failed to negotiate protocol, retrying with plain RDP.\n"); g_negotiate_rdp_protocol = False; goto retry; } fprintf(stderr, "Failed to connect, %s.\n", reason); return False; } if (type != RDP_NEG_RSP) { tcp_disconnect(); error("Expected RDP_NEG_RSP, got type = 0x%x\n", type); return False; } /* handle negotiation response */ if (data == PROTOCOL_SSL) { if (!tcp_tls_connect()) { /* failed to connect using cssp, let retry with plain TLS */ tcp_disconnect(); neg_proto = PROTOCOL_RDP; goto retry; } /* do not use encryption when using TLS */ g_encryption = False; fprintf(stderr, "Connection established using SSL.\n"); } #ifdef WITH_CREDSSP else if (data == PROTOCOL_HYBRID) { if (!cssp_connect(server, username, domain, password, s)) { /* failed to connect using cssp, let retry with plain TLS */ tcp_disconnect(); neg_proto = PROTOCOL_SSL; goto retry; } /* do not use encryption when using TLS */ fprintf(stderr, "Connection established using CredSSP.\n"); g_encryption = False; } #endif else if (data == PROTOCOL_RDP) { fprintf(stderr, "Connection established using plain RDP.\n"); } else if (data != PROTOCOL_RDP) { tcp_disconnect(); error("Unexpected protocol in negotiation response, got data = 0x%x.\n", data); return False; } *selected_protocol = data; } return True; }
void rdpsnd_process(STREAM s) { uint8 type; uint16 datalen; uint32 volume; static uint16 tick, format; static uint8 packet_index; static BOOL awaiting_data_packet; #ifdef RDPSND_DEBUG printf("RDPSND recv:\n"); hexdump(s->p, s->end - s->p); #endif if (awaiting_data_packet) { if (format >= MAX_FORMATS) { error("RDPSND: Invalid format index\n"); return; } if (!device_open || (format != current_format)) { if (!device_open && !wave_out_open()) { rdpsnd_send_completion(tick, packet_index); return; } if (!wave_out_set_format(&formats[format])) { rdpsnd_send_completion(tick, packet_index); wave_out_close(); device_open = False; return; } device_open = True; current_format = format; } wave_out_write(s, tick, packet_index); awaiting_data_packet = False; return; } in_uint8(s, type); in_uint8s(s, 1); /* unknown? */ in_uint16_le(s, datalen); switch (type) { case RDPSND_WRITE: in_uint16_le(s, tick); in_uint16_le(s, format); in_uint8(s, packet_index); awaiting_data_packet = True; break; case RDPSND_CLOSE: wave_out_close(); device_open = False; break; case RDPSND_NEGOTIATE: rdpsnd_process_negotiate(s); break; case RDPSND_UNKNOWN6: rdpsnd_process_unknown6(s); break; case RDPSND_SET_VOLUME: in_uint32(s, volume); if (device_open) { wave_out_volume((volume & 0xffff), (volume & 0xffff0000) >> 16); } break; default: unimpl("RDPSND packet type %d\n", type); break; } }