/* Evict the least-recently used bitmap from the cache */ void cache_evict_bitmap(RDPCLIENT * This, uint8 id) { uint16 idx; int n_idx; if (!IS_PERSISTENT(id)) return; idx = This->cache.bmpcache_lru[id]; n_idx = This->cache.bmpcache[id][idx].next; DEBUG_RDP5(("evict bitmap: id=%d idx=%d n_idx=%d bmp=0x%x\n", id, idx, n_idx, This->cache.bmpcache[id][idx].bitmap)); ui_destroy_bitmap(This, This->cache.bmpcache[id][idx].bitmap); --This->cache.bmpcache_count[id]; This->cache.bmpcache[id][idx].bitmap = 0; This->cache.bmpcache_lru[id] = n_idx; This->cache.bmpcache[id][n_idx].previous = NOT_SET; pstcache_touch_bitmap(This, id, idx, 0); }
/* Evict the least-recently used bitmap from the cache */ void cache_evict_bitmap(uint8 id) { uint16 idx; int n_idx; if (!IS_PERSISTENT(id)) return; idx = g_bmpcache_lru[id]; n_idx = g_bmpcache[id][idx].next; DEBUG_RDP5(("evict bitmap: id=%d idx=%d n_idx=%d bmp=0x%x\n", id, idx, n_idx, g_bmpcache[id][idx].bitmap)); ui_destroy_bitmap(g_bmpcache[id][idx].bitmap); --g_bmpcache_count[id]; g_bmpcache[id][idx].bitmap = 0; g_bmpcache_lru[id] = n_idx; g_bmpcache[id][n_idx].previous = NOT_SET; pstcache_touch_bitmap(id, idx, 0); }
/* Parse a logon info packet */ static void rdp_send_logon_info(uint32 flags, char *domain, char *user, char *password, char *program, char *directory) { char *ipaddr = tcp_get_address(); /* length of string in TS_INFO_PACKET excludes null terminator */ int len_domain = 2 * strlen(domain); int len_user = 2 * strlen(user); int len_password = 2 * strlen(password); int len_program = 2 * strlen(program); int len_directory = 2 * strlen(directory); /* length of strings in TS_EXTENDED_PACKET includes null terminator */ int len_ip = 2 * strlen(ipaddr) + 2; int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll") + 2; int packetlen = 0; uint32 sec_flags = g_encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; STREAM s; time_t t = time(NULL); time_t tzone; uint8 security_verifier[16]; if (g_rdp_version == RDP_V4 || 1 == g_server_rdp_version) { DEBUG_RDP5(("Sending RDP4-style Logon packet\n")); s = sec_init(sec_flags, 18 + len_domain + len_user + len_password + len_program + len_directory + 10); out_uint32(s, 0); out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); out_uint16_le(s, len_password); out_uint16_le(s, len_program); out_uint16_le(s, len_directory); rdp_out_unistr(s, domain, len_domain); rdp_out_unistr(s, user, len_user); rdp_out_unistr(s, password, len_password); rdp_out_unistr(s, program, len_program); rdp_out_unistr(s, directory, len_directory); } else { DEBUG_RDP5(("Sending RDP5-style Logon packet\n")); if (g_redirect == True && g_redirect_cookie_len > 0) { len_password = g_redirect_cookie_len; len_password -= 2; /* substract 2 bytes which is added below */ } packetlen = /* size of TS_INFO_PACKET */ 4 + /* CodePage */ 4 + /* flags */ 2 + /* cbDomain */ 2 + /* cbUserName */ 2 + /* cbPassword */ 2 + /* cbAlternateShell */ 2 + /* cbWorkingDir */ 2 + len_domain + /* Domain */ 2 + len_user + /* UserName */ 2 + len_password + /* Password */ 2 + len_program + /* AlternateShell */ 2 + len_directory + /* WorkingDir */ /* size of TS_EXTENDED_INFO_PACKET */ 2 + /* clientAdressFamily */ 2 + /* cbClientAdress */ len_ip + /* clientAddress */ 2 + /* cbClientDir */ len_dll + /* clientDir */ /* size of TS_TIME_ZONE_INFORMATION */ 4 + /* Bias, (UTC = local time + bias */ 64 + /* StandardName, 32 unicode char array, Descriptive standard time on client */ 16 + /* StandardDate */ 4 + /* StandardBias */ 64 + /* DaylightName, 32 unicode char array */ 16 + /* DaylightDate */ 4 + /* DaylightBias */ 4 + /* clientSessionId */ 4 + /* performanceFlags */ 2 + /* cbAutoReconnectCookie, either 0 or 0x001c */ /* size of ARC_CS_PRIVATE_PACKET */ 28; /* autoReconnectCookie */ s = sec_init(sec_flags, packetlen); DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen)); /* TS_INFO_PACKET */ out_uint32(s, 0); /* Code Page */ out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); out_uint16_le(s, len_password); out_uint16_le(s, len_program); out_uint16_le(s, len_directory); if (0 < len_domain) rdp_out_unistr(s, domain, len_domain); else out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */ if (0 < len_user) rdp_out_unistr(s, user, len_user); else out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */ if (0 < len_password) { if (g_redirect == True && 0 < g_redirect_cookie_len) { out_uint8p(s, g_redirect_cookie, g_redirect_cookie_len); } else { rdp_out_unistr(s, password, len_password); } } else out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */ if (0 < len_program) rdp_out_unistr(s, program, len_program); else out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */ if (0 < len_directory) rdp_out_unistr(s, directory, len_directory); else out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */ /* TS_EXTENDED_INFO_PACKET */ out_uint16_le(s, 2); /* clientAddressFamily = AF_INET */ out_uint16_le(s, len_ip); /* cbClientAddress, Length of client ip */ rdp_out_unistr(s, ipaddr, len_ip - 2); /* clientAddress */ out_uint16_le(s, len_dll); /* cbClientDir */ rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll - 2); /* clientDir */ /* TS_TIME_ZONE_INFORMATION */ tzone = (mktime(gmtime(&t)) - mktime(localtime(&t))) / 60; out_uint32_le(s, tzone); rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid")); out_uint8s(s, 62 - 2 * strlen("GTB, normaltid")); out_uint32_le(s, 0x0a0000); out_uint32_le(s, 0x050000); out_uint32_le(s, 3); out_uint32_le(s, 0); out_uint32_le(s, 0); rdp_out_unistr(s, "GTB, sommartid", 2 * strlen("GTB, sommartid")); out_uint8s(s, 62 - 2 * strlen("GTB, sommartid")); out_uint32_le(s, 0x30000); out_uint32_le(s, 0x050000); out_uint32_le(s, 2); out_uint32(s, 0); out_uint32_le(s, 0xffffffc4); /* DaylightBias */ /* Rest of TS_EXTENDED_INFO_PACKET */ out_uint32_le(s, 0); /* clientSessionId (Ignored by server MUST be 0) */ out_uint32_le(s, g_rdp5_performanceflags); /* Client Auto-Reconnect */ if (g_has_reconnect_random) { out_uint16_le(s, 28); /* cbAutoReconnectLen */ /* ARC_CS_PRIVATE_PACKET */ out_uint32_le(s, 28); /* cbLen */ out_uint32_le(s, 1); /* Version */ out_uint32_le(s, g_reconnect_logonid); /* LogonId */ rdssl_hmac_md5(g_reconnect_random, sizeof(g_reconnect_random), g_client_random, SEC_RANDOM_SIZE, security_verifier); out_uint8a(s, security_verifier, sizeof(security_verifier)); } else { out_uint16_le(s, 0); /* cbAutoReconnectLen */ } } s_mark_end(s); /* clear the redirect flag */ g_redirect = False; sec_send(s, sec_flags); }
/* Process bitmap updates */ void process_bitmap_updates(STREAM s) { uint16 num_updates; uint16 left, top, right, bottom, width, height; uint16 cx, cy, bpp, Bpp, compress, bufsize, size; uint8 *data, *bmpdata; int i; in_uint16_le(s, num_updates); for (i = 0; i < num_updates; i++) { in_uint16_le(s, left); in_uint16_le(s, top); in_uint16_le(s, right); in_uint16_le(s, bottom); in_uint16_le(s, width); in_uint16_le(s, height); in_uint16_le(s, bpp); Bpp = (bpp + 7) / 8; in_uint16_le(s, compress); in_uint16_le(s, bufsize); cx = right - left + 1; cy = bottom - top + 1; DEBUG(("BITMAP_UPDATE(l=%d,t=%d,r=%d,b=%d,w=%d,h=%d,Bpp=%d,cmp=%d)\n", left, top, right, bottom, width, height, Bpp, compress)); if (!compress) { int y; bmpdata = (uint8 *) xmalloc(width * height * Bpp); for (y = 0; y < height; y++) { in_uint8a(s, &bmpdata[(height - y - 1) * (width * Bpp)], width * Bpp); } ui_paint_bitmap(left, top, cx, cy, width, height, bmpdata); xfree(bmpdata); continue; } if (compress & 0x400) { size = bufsize; } else { in_uint8s(s, 2); /* pad */ in_uint16_le(s, size); in_uint8s(s, 4); /* line_size, final_size */ } in_uint8p(s, data, size); bmpdata = (uint8 *) xmalloc(width * height * Bpp); if (bitmap_decompress(bmpdata, width, height, data, size, Bpp)) { ui_paint_bitmap(left, top, cx, cy, width, height, bmpdata); } else { DEBUG_RDP5(("Failed to decompress data\n")); } xfree(bmpdata); } }
/* Parse a logon info packet */ static void rdp_send_logon_info(uint32 flags, char *domain, char *user, char *password, char *program, char *directory) { //char *ipaddr = tcp_get_address(); int len_domain = 2 * strlen(domain); int len_user = 2 * strlen(user); int len_password = 2 * strlen(password); int len_program = 2 * strlen(program); int len_directory = 2 * strlen(directory); //int len_ip = 2 * strlen(ipaddr); //int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll"); //int packetlen = 0; uint32 sec_flags = g_encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; STREAM s = NULL; //time_t t = time(NULL); //time_t tzone; if (!g_use_rdp5 || 1 == g_server_rdp_version) { DEBUG_RDP5(("Sending RDP4-style Logon packet\n")); s = sec_init(sec_flags, 18 + len_domain + len_user + len_password + len_program + len_directory + 10); out_uint32(s, 0); out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); out_uint16_le(s, len_password); out_uint16_le(s, len_program); out_uint16_le(s, len_directory); rdp_out_unistr(s, domain, len_domain); rdp_out_unistr(s, user, len_user); rdp_out_unistr(s, password, len_password); rdp_out_unistr(s, program, len_program); rdp_out_unistr(s, directory, len_directory); } else { #if 0 flags |= RDP_LOGON_BLOB; DEBUG_RDP5(("Sending RDP5-style Logon packet\n")); packetlen = 4 + /* Unknown uint32 */ 4 + /* flags */ 2 + /* len_domain */ 2 + /* len_user */ (flags & RDP_LOGON_AUTO ? 2 : 0) + /* len_password */ (flags & RDP_LOGON_BLOB ? 2 : 0) + /* Length of BLOB */ 2 + /* len_program */ 2 + /* len_directory */ (0 < len_domain ? len_domain : 2) + /* domain */ len_user + (flags & RDP_LOGON_AUTO ? len_password : 0) + 0 + /* We have no 512 byte BLOB. Perhaps we must? */ (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO) ? 2 : 0) + /* After the BLOB is a unknown int16. If there is a BLOB, that is. */ (0 < len_program ? len_program : 2) + (0 < len_directory ? len_directory : 2) + 2 + /* Unknown (2) */ 2 + /* Client ip length */ len_ip + /* Client ip */ 2 + /* DLL string length */ len_dll + /* DLL string */ 2 + /* Unknown */ 2 + /* Unknown */ 64 + /* Time zone #0 */ 2 + /* Unknown */ 64 + /* Time zone #1 */ 32; /* Unknown */ s = sec_init(sec_flags, packetlen); DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen)); out_uint32(s, 0); /* Unknown */ out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); if (flags & RDP_LOGON_AUTO) { out_uint16_le(s, len_password); } if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) { out_uint16_le(s, 0); } out_uint16_le(s, len_program); out_uint16_le(s, len_directory); if (0 < len_domain) rdp_out_unistr(s, domain, len_domain); else out_uint16_le(s, 0); rdp_out_unistr(s, user, len_user); if (flags & RDP_LOGON_AUTO) { rdp_out_unistr(s, password, len_password); } if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) { out_uint16_le(s, 0); } if (0 < len_program) { rdp_out_unistr(s, program, len_program); } else { out_uint16_le(s, 0); } if (0 < len_directory) { rdp_out_unistr(s, directory, len_directory); } else { out_uint16_le(s, 0); } out_uint16_le(s, 2); out_uint16_le(s, len_ip + 2); /* Length of client ip */ rdp_out_unistr(s, ipaddr, len_ip); out_uint16_le(s, len_dll + 2); rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll); tzone = (mktime(gmtime(&t)) - mktime(localtime(&t))) / 60; out_uint32_le(s, tzone); rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid")); out_uint8s(s, 62 - 2 * strlen("GTB, normaltid")); out_uint32_le(s, 0x0a0000); out_uint32_le(s, 0x050000); out_uint32_le(s, 3); out_uint32_le(s, 0); out_uint32_le(s, 0); rdp_out_unistr(s, "GTB, sommartid", 2 * strlen("GTB, sommartid")); out_uint8s(s, 62 - 2 * strlen("GTB, sommartid")); out_uint32_le(s, 0x30000); out_uint32_le(s, 0x050000); out_uint32_le(s, 2); out_uint32(s, 0); out_uint32_le(s, 0xffffffc4); out_uint32_le(s, 0xfffffffe); out_uint32_le(s, g_rdp5_performanceflags); out_uint32(s, 0); #endif } s_mark_end(s); sec_send(s, sec_flags); }
/* Move a bitmap to a new position in the linked list. */ void cache_bump_bitmap(uint8 id, uint16 idx, int bump) { int p_idx, n_idx, n; if (!IS_PERSISTENT(id)) return; if (g_bmpcache_mru[id] == idx) return; DEBUG_RDP5(("bump bitmap: id=%d, idx=%d, bump=%d\n", id, idx, bump)); n_idx = g_bmpcache[id][idx].next; p_idx = g_bmpcache[id][idx].previous; if (IS_SET(n_idx)) { /* remove */ --g_bmpcache_count[id]; if (IS_SET(p_idx)) g_bmpcache[id][p_idx].next = n_idx; else g_bmpcache_lru[id] = n_idx; if (IS_SET(n_idx)) g_bmpcache[id][n_idx].previous = p_idx; else g_bmpcache_mru[id] = p_idx; } else { p_idx = NOT_SET; n_idx = g_bmpcache_lru[id]; } if (bump >= 0) { for (n = 0; n < bump && IS_SET(n_idx); n++) { p_idx = n_idx; n_idx = g_bmpcache[id][p_idx].next; } } else { p_idx = g_bmpcache_mru[id]; n_idx = NOT_SET; } /* insert */ ++g_bmpcache_count[id]; g_bmpcache[id][idx].previous = p_idx; g_bmpcache[id][idx].next = n_idx; if (p_idx >= 0) g_bmpcache[id][p_idx].next = idx; else g_bmpcache_lru[id] = idx; if (n_idx >= 0) g_bmpcache[id][n_idx].previous = idx; else g_bmpcache_mru[id] = idx; }
/* Move a bitmap to a new position in the linked list. */ static void cache_bump_bitmap(rdcConnection conn, uint8 id, uint16 idx, int bump) { int p_idx, n_idx, n; if (!IS_PERSISTENT(id)) return; if (conn->bmpcacheMru[id] == idx) return; DEBUG_RDP5(("bump bitmap: id=%d, idx=%d, bump=%d\n", id, idx, bump)); n_idx = conn->bmpcache[id][idx].next; p_idx = conn->bmpcache[id][idx].previous; if (CACHE_IS_SET(n_idx)) { /* remove */ --conn->bmpcacheCount[id]; if (CACHE_IS_SET(p_idx)) conn->bmpcache[id][p_idx].next = n_idx; else conn->bmpcacheLru[id] = n_idx; if (CACHE_IS_SET(n_idx)) conn->bmpcache[id][n_idx].previous = p_idx; else conn->bmpcacheMru[id] = p_idx; } else { p_idx = NOT_SET; n_idx = conn->bmpcacheLru[id]; } if (bump >= 0) { for (n = 0; n < bump && CACHE_IS_SET(n_idx); n++) { p_idx = n_idx; n_idx = conn->bmpcache[id][p_idx].next; } } else { p_idx = conn->bmpcacheMru[id]; n_idx = NOT_SET; } /* insert */ ++conn->bmpcacheCount[id]; conn->bmpcache[id][idx].previous = p_idx; conn->bmpcache[id][idx].next = n_idx; if (p_idx >= 0) conn->bmpcache[id][p_idx].next = idx; else conn->bmpcacheLru[id] = idx; if (n_idx >= 0) conn->bmpcache[id][n_idx].previous = idx; else conn->bmpcacheMru[id] = idx; }
/* Parse a logon info packet */ static void rdp_send_logon_info(uint32 flags, char *domain, char *user, char *password, char *program, char *directory) { char *ipaddr = tcp_get_address(); int len_domain = 2 * strlen(domain); int len_user = 2 * strlen(user); int len_password = 2 * strlen(password); int len_program = 2 * strlen(program); int len_directory = 2 * strlen(directory); int len_ip = 2 * strlen(ipaddr); int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll"); int packetlen = 0; uint32 sec_flags = g_encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; STREAM s; time_t t = time(NULL); time_t tzone; uint8 security_verifier[16]; if (g_rdp_version == RDP_V4 || 1 == g_server_rdp_version) { DEBUG_RDP5(("Sending RDP4-style Logon packet\n")); s = sec_init(sec_flags, 18 + len_domain + len_user + len_password + len_program + len_directory + 10); out_uint32(s, 0); out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); out_uint16_le(s, len_password); out_uint16_le(s, len_program); out_uint16_le(s, len_directory); rdp_out_unistr(s, domain, len_domain); rdp_out_unistr(s, user, len_user); rdp_out_unistr(s, password, len_password); rdp_out_unistr(s, program, len_program); rdp_out_unistr(s, directory, len_directory); } else { flags |= RDP_LOGON_BLOB; DEBUG_RDP5(("Sending RDP5-style Logon packet\n")); packetlen = 4 + /* Unknown uint32 */ 4 + /* flags */ 2 + /* len_domain */ 2 + /* len_user */ (flags & RDP_LOGON_AUTO ? 2 : 0) + /* len_password */ (flags & RDP_LOGON_BLOB ? 2 : 0) + /* Length of BLOB */ 2 + /* len_program */ 2 + /* len_directory */ (0 < len_domain ? len_domain : 2) + /* domain */ len_user + (flags & RDP_LOGON_AUTO ? len_password : 0) + 0 + /* We have no 512 byte BLOB. Perhaps we must? */ (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO) ? 2 : 0) + /* After the BLOB is a unknown int16. If there is a BLOB, that is. */ (0 < len_program ? len_program : 2) + (0 < len_directory ? len_directory : 2) + 2 + /* Unknown (2) */ 2 + /* Client ip length */ len_ip + /* Client ip */ 2 + /* DLL string length */ len_dll + /* DLL string */ 2 + /* Unknown */ 2 + /* Unknown */ 64 + /* Time zone #0 */ 2 + /* Unknown */ 64 + /* Time zone #1 */ 32; /* Unknown */ s = sec_init(sec_flags, packetlen); DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen)); out_uint32(s, 0); /* Unknown */ out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); if (flags & RDP_LOGON_AUTO) { out_uint16_le(s, len_password); } if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) { out_uint16_le(s, 0); } out_uint16_le(s, len_program); out_uint16_le(s, len_directory); if (0 < len_domain) rdp_out_unistr(s, domain, len_domain); else out_uint16_le(s, 0); rdp_out_unistr(s, user, len_user); if (flags & RDP_LOGON_AUTO) { rdp_out_unistr(s, password, len_password); } if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) { out_uint16_le(s, 0); } if (0 < len_program) { rdp_out_unistr(s, program, len_program); } else { out_uint16_le(s, 0); } if (0 < len_directory) { rdp_out_unistr(s, directory, len_directory); } else { out_uint16_le(s, 0); } /* TS_EXTENDED_INFO_PACKET */ out_uint16_le(s, 2); /* clientAddressFamily = AF_INET */ out_uint16_le(s, len_ip + 2); /* cbClientAddress, Length of client ip */ rdp_out_unistr(s, ipaddr, len_ip); /* clientAddress */ out_uint16_le(s, len_dll + 2); /* cbClientDir */ rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll); /* clientDir */ /* TS_TIME_ZONE_INFORMATION */ tzone = (mktime(gmtime(&t)) - mktime(localtime(&t))) / 60; out_uint32_le(s, tzone); rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid")); out_uint8s(s, 62 - 2 * strlen("GTB, normaltid")); out_uint32_le(s, 0x0a0000); out_uint32_le(s, 0x050000); out_uint32_le(s, 3); out_uint32_le(s, 0); out_uint32_le(s, 0); rdp_out_unistr(s, "GTB, sommartid", 2 * strlen("GTB, sommartid")); out_uint8s(s, 62 - 2 * strlen("GTB, sommartid")); out_uint32_le(s, 0x30000); out_uint32_le(s, 0x050000); out_uint32_le(s, 2); out_uint32(s, 0); out_uint32_le(s, 0xffffffc4); /* DaylightBias */ /* Rest of TS_EXTENDED_INFO_PACKET */ out_uint32_le(s, 0xfffffffe); /* clientSessionId, consider changing to 0 */ out_uint32_le(s, g_rdp5_performanceflags); /* Client Auto-Reconnect */ if (g_has_reconnect_random) { out_uint16_le(s, 28); /* cbAutoReconnectLen */ /* ARC_CS_PRIVATE_PACKET */ out_uint32_le(s, 28); /* cbLen */ out_uint32_le(s, 1); /* Version */ out_uint32_le(s, g_reconnect_logonid); /* LogonId */ rdssl_hmac_md5(g_reconnect_random, sizeof(g_reconnect_random), g_client_random, SEC_RANDOM_SIZE, security_verifier); out_uint8a(s, security_verifier, sizeof(security_verifier)); } else { out_uint16_le(s, 0); /* cbAutoReconnectLen */ } } s_mark_end(s); sec_send(s, sec_flags); }
/* returns newly allocated RDSSL_RKEY or NULL */ RDSSL_RKEY * rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len) { EVP_PKEY *epk = NULL; RDSSL_RKEY *lkey; int nid; #if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER) int ret; /* By some reason, Microsoft sets the OID of the Public RSA key to the oid for "MD5 with RSA Encryption" instead of "RSA Encryption" Kudos to Richard Levitte for the following (. intiutive .) lines of code that resets the OID and let's us extract the key. */ X509_PUBKEY *key = NULL; X509_ALGOR *algor = NULL; key = X509_get_X509_PUBKEY(cert); if (key == NULL) { error("Failed to get public key from certificate.\n"); return NULL; } ret = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key); if (ret != 1) { error("Faild to get algorithm used for public key.\n"); return NULL; } nid = OBJ_obj2nid(algor->algorithm); if ((nid == NID_md5WithRSAEncryption) || (nid == NID_shaWithRSAEncryption)) { DEBUG_RDP5(("Re-setting algorithm type to RSA in server certificate\n")); X509_PUBKEY_set0_param(key, OBJ_nid2obj(NID_rsaEncryption), 0, NULL, NULL, 0); } #else /* OPENSSL_VERSION_NUMBER < 0x10100000 || defined(LIBRESSL_VERSION_NUMBER) */ nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm); if ((nid == NID_md5WithRSAEncryption) || (nid == NID_shaWithRSAEncryption)) { DEBUG_RDP5(("Re-setting algorithm type to RSA in server certificate\n")); ASN1_OBJECT_free(cert->cert_info->key->algor->algorithm); cert->cert_info->key->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption); } #endif /* OPENSSL_VERSION_NUMBER < 0x10100000 || && defined(LIBRESSL_VERSION_NUMBER) */ epk = X509_get_pubkey(cert); if (NULL == epk) { error("Failed to extract public key from certificate\n"); return NULL; } lkey = RSAPublicKey_dup(EVP_PKEY_get1_RSA(epk)); EVP_PKEY_free(epk); *key_len = RSA_size(lkey); return lkey; }