Esempio n. 1
0
boolean rdp_server_accept_nego(rdpRdp* rdp, STREAM* s)
{
	boolean ret;

	transport_set_blocking_mode(rdp->transport, True);

	if (!nego_read_request(rdp->nego, s))
		return False;
	if (rdp->nego->requested_protocols == PROTOCOL_RDP)
	{
		printf("Standard RDP encryption is not supported.\n");
		return False;
	}

	printf("Requested protocols:");
	if ((rdp->nego->requested_protocols | PROTOCOL_TLS))
	{
		printf(" TLS");
		if (rdp->settings->tls_security)
		{
			printf("(Y)");
			rdp->nego->selected_protocol |= PROTOCOL_TLS;
		}
		else
			printf("(n)");
	}
	if ((rdp->nego->requested_protocols | PROTOCOL_NLA))
	{
		printf(" NLA");
		if (rdp->settings->nla_security)
		{
			printf("(Y)");
			rdp->nego->selected_protocol |= PROTOCOL_NLA;
		}
		else
			printf("(n)");
	}
	printf("\n");

	if (!nego_send_negotiation_response(rdp->nego))
		return False;

	ret = False;
	if (rdp->nego->selected_protocol & PROTOCOL_NLA)
		ret = transport_accept_nla(rdp->transport);
	else if (rdp->nego->selected_protocol & PROTOCOL_TLS)
		ret = transport_accept_tls(rdp->transport);
	else if (rdp->nego->selected_protocol & PROTOCOL_RDP)
		ret = transport_accept_rdp(rdp->transport);

	if (!ret)
		return False;

	transport_set_blocking_mode(rdp->transport, False);

	rdp->state = CONNECTION_STATE_NEGO;

	return True;
}
Esempio n. 2
0
BOOL rdp_server_accept_nego(rdpRdp* rdp, wStream* s)
{
	BOOL status;
	rdpSettings* settings = rdp->settings;

	transport_set_blocking_mode(rdp->transport, TRUE);

	if (!nego_read_request(rdp->nego, s))
		return FALSE;

	rdp->nego->selected_protocol = 0;

	fprintf(stderr, "Client Security: NLA:%d TLS:%d RDP:%d\n",
			(rdp->nego->requested_protocols & PROTOCOL_NLA) ? 1 : 0,
					(rdp->nego->requested_protocols & PROTOCOL_TLS)	? 1 : 0,
							(rdp->nego->requested_protocols == PROTOCOL_RDP) ? 1: 0);

	fprintf(stderr, "Server Security: NLA:%d TLS:%d RDP:%d\n",
			settings->NlaSecurity, settings->TlsSecurity, settings->RdpSecurity);

	if ((settings->NlaSecurity) && (rdp->nego->requested_protocols & PROTOCOL_NLA))
	{
		rdp->nego->selected_protocol = PROTOCOL_NLA;
	}
	else if ((settings->TlsSecurity) && (rdp->nego->requested_protocols & PROTOCOL_TLS))
	{
		rdp->nego->selected_protocol = PROTOCOL_TLS;
	}
	else if ((settings->RdpSecurity) && (rdp->nego->selected_protocol == PROTOCOL_RDP))
	{
		rdp->nego->selected_protocol = PROTOCOL_RDP;
	}
	else
	{
		fprintf(stderr, "Protocol security negotiation failure\n");
	}

	fprintf(stderr, "Negotiated Security: NLA:%d TLS:%d RDP:%d\n",
			(rdp->nego->selected_protocol & PROTOCOL_NLA) ? 1 : 0,
					(rdp->nego->selected_protocol & PROTOCOL_TLS)	? 1 : 0,
							(rdp->nego->selected_protocol == PROTOCOL_RDP) ? 1: 0);

	if (!nego_send_negotiation_response(rdp->nego))
		return FALSE;

	status = FALSE;

	if (rdp->nego->selected_protocol & PROTOCOL_NLA)
		status = transport_accept_nla(rdp->transport);
	else if (rdp->nego->selected_protocol & PROTOCOL_TLS)
		status = transport_accept_tls(rdp->transport);
	else if (rdp->nego->selected_protocol == PROTOCOL_RDP) /* 0 */
		status = transport_accept_rdp(rdp->transport);

	if (!status)
		return FALSE;

	transport_set_blocking_mode(rdp->transport, FALSE);

	rdp_server_transition_to_state(rdp, CONNECTION_STATE_NEGO);

	return TRUE;
}
Esempio n. 3
0
boolean rdp_server_accept_nego(rdpRdp* rdp, STREAM* s)
{
	boolean status;
	rdpSettings* settings = rdp->settings;

	transport_set_blocking_mode(rdp->transport, true);

	if (!nego_read_request(rdp->nego, s))
		return false;

	rdp->nego->selected_protocol = 0;

	printf("Client Security: NLA:%d TLS:%d RDP:%d\n",
			(rdp->nego->requested_protocols & PROTOCOL_NLA) ? 1 : 0,
			(rdp->nego->requested_protocols & PROTOCOL_TLS)	? 1 : 0,
			(rdp->nego->requested_protocols == PROTOCOL_RDP) ? 1: 0);

	printf("Server Security: NLA:%d TLS:%d RDP:%d\n",
			settings->nla_security, settings->tls_security, settings->rdp_security);

	if ((settings->nla_security) && (rdp->nego->requested_protocols & PROTOCOL_NLA))
	{
		rdp->nego->selected_protocol = PROTOCOL_NLA;
	}
	else if ((settings->tls_security) && (rdp->nego->requested_protocols & PROTOCOL_TLS))
	{
		rdp->nego->selected_protocol = PROTOCOL_TLS;
	}
	else if ((settings->rdp_security) && (rdp->nego->selected_protocol == PROTOCOL_RDP))
	{
		rdp->nego->selected_protocol = PROTOCOL_RDP;
	}
	else
	{
		printf("Protocol security negotiation failure\n");
	}

	printf("Negotiated Security: NLA:%d TLS:%d RDP:%d\n",
			(rdp->nego->selected_protocol & PROTOCOL_NLA) ? 1 : 0,
			(rdp->nego->selected_protocol & PROTOCOL_TLS)	? 1 : 0,
			(rdp->nego->selected_protocol == PROTOCOL_RDP) ? 1: 0);

	if (!nego_send_negotiation_response(rdp->nego))
		return false;

	status = false;
	if (rdp->nego->selected_protocol & PROTOCOL_NLA)
		status = transport_accept_nla(rdp->transport);
	else if (rdp->nego->selected_protocol & PROTOCOL_TLS)
		status = transport_accept_tls(rdp->transport);
	else if (rdp->nego->selected_protocol == PROTOCOL_RDP) /* 0 */
		status = transport_accept_rdp(rdp->transport);

	if (!status)
		return false;

	transport_set_blocking_mode(rdp->transport, false);

	rdp->state = CONNECTION_STATE_NEGO;

	return true;
}
Esempio n. 4
0
tbool rdp_server_accept_nego(rdpRdp* rdp, STREAM* s)
{
	tbool ret;

	transport_set_blocking_mode(rdp->transport, true);

	if (!nego_read_request(rdp->nego, s))
		return false;

	rdp->nego->selected_protocol = 0;

	printf("Requested protocols:");
	if ((rdp->nego->requested_protocols & PROTOCOL_TLS))
	{
		printf(" TLS");
		if (rdp->settings->tls_security)
		{
			printf("(Y)");
			rdp->nego->selected_protocol |= PROTOCOL_TLS;
		}
		else
			printf("(n)");
	}
	if ((rdp->nego->requested_protocols & PROTOCOL_NLA))
	{
		printf(" NLA");
		if (rdp->settings->nla_security)
		{
			printf("(Y)");
			rdp->nego->selected_protocol |= PROTOCOL_NLA;
		}
		else
			printf("(n)");
	}
	printf(" RDP");
	if (rdp->settings->rdp_security && rdp->nego->selected_protocol == 0)
	{
		printf("(Y)");
		rdp->nego->selected_protocol = PROTOCOL_RDP;
	}
	else
		printf("(n)");
	printf("\n");

	if (!nego_send_negotiation_response(rdp->nego))
		return false;

	ret = false;
	if (rdp->nego->selected_protocol & PROTOCOL_NLA)
		ret = transport_accept_nla(rdp->transport);
	else if (rdp->nego->selected_protocol & PROTOCOL_TLS)
		ret = transport_accept_tls(rdp->transport);
	else if (rdp->nego->selected_protocol == PROTOCOL_RDP) /* 0 */
		ret = transport_accept_rdp(rdp->transport);

	if (!ret)
		return false;

	transport_set_blocking_mode(rdp->transport, false);

	rdp->state = CONNECTION_STATE_NEGO;

	return true;
}
Esempio n. 5
0
BOOL rdp_server_accept_nego(rdpRdp* rdp, wStream* s)
{
	BOOL status;
	rdpSettings* settings = rdp->settings;
	rdpNego *nego = rdp->nego;

	transport_set_blocking_mode(rdp->transport, TRUE);

	if (!nego_read_request(nego, s))
		return FALSE;

	nego->SelectedProtocol = 0;
	WLog_INFO(TAG, "Client Security: NLA:%d TLS:%d RDP:%d",
			 (nego->RequestedProtocols & PROTOCOL_NLA) ? 1 : 0,
			 (nego->RequestedProtocols & PROTOCOL_TLS) ? 1 : 0,
			 (nego->RequestedProtocols == PROTOCOL_RDP) ? 1 : 0
			);
	WLog_INFO(TAG, "Server Security: NLA:%d TLS:%d RDP:%d",
			 settings->NlaSecurity, settings->TlsSecurity, settings->RdpSecurity);

	if ((settings->NlaSecurity) && (nego->RequestedProtocols & PROTOCOL_NLA))
	{
		nego->SelectedProtocol = PROTOCOL_NLA;
	}
	else if ((settings->TlsSecurity) && (nego->RequestedProtocols & PROTOCOL_TLS))
	{
		nego->SelectedProtocol = PROTOCOL_TLS;
	}
	else if ((settings->RdpSecurity) && (nego->RequestedProtocols == PROTOCOL_RDP))
	{
		nego->SelectedProtocol = PROTOCOL_RDP;
	}
	else
	{
		/*
		 * when here client and server aren't compatible, we select the right
		 * error message to return to the client in the nego failure packet
		 */
		nego->SelectedProtocol = PROTOCOL_FAILED_NEGO;

		if (settings->RdpSecurity)
		{
			WLog_ERR(TAG, "server supports only Standard RDP Security");
			nego->SelectedProtocol |= SSL_NOT_ALLOWED_BY_SERVER;
		}
		else
		{
			if (settings->NlaSecurity && !settings->TlsSecurity)
			{
				WLog_ERR(TAG, "server supports only NLA Security");
				nego->SelectedProtocol |= HYBRID_REQUIRED_BY_SERVER;
			}
			else
			{
				WLog_ERR(TAG, "server supports only a SSL based Security (TLS or NLA)");
				nego->SelectedProtocol |= SSL_REQUIRED_BY_SERVER;
			}
		}

		WLog_ERR(TAG, "Protocol security negotiation failure");
	}

	if (!(nego->SelectedProtocol & PROTOCOL_FAILED_NEGO))
	{
		WLog_INFO(TAG, "Negotiated Security: NLA:%d TLS:%d RDP:%d",
				 (nego->SelectedProtocol & PROTOCOL_NLA) ? 1 : 0,
				 (nego->SelectedProtocol & PROTOCOL_TLS) ? 1 : 0,
				 (nego->SelectedProtocol == PROTOCOL_RDP) ? 1: 0
				);
	}

	if (!nego_send_negotiation_response(nego))
		return FALSE;

	status = FALSE;

	if (nego->SelectedProtocol & PROTOCOL_NLA)
		status = transport_accept_nla(rdp->transport);
	else if (nego->SelectedProtocol & PROTOCOL_TLS)
		status = transport_accept_tls(rdp->transport);
	else if (nego->SelectedProtocol == PROTOCOL_RDP) /* 0 */
		status = transport_accept_rdp(rdp->transport);

	if (!status)
		return FALSE;

	transport_set_blocking_mode(rdp->transport, FALSE);

	rdp_server_transition_to_state(rdp, CONNECTION_STATE_NEGO);

	return TRUE;
}