void rdp_send_client_execute_pdu(rdpRdp * rdp) { STREAM s; size_t application_name_len, working_directory_len, arguments_len; char * application_name, * working_directory, * arguments; /* Still lacking proper packet initialization */ s = NULL; rdp_out_rail_pdu_header(s, RDP_RAIL_ORDER_EXEC, 12); application_name = xstrdup_out_unistr(rdp, rdp->app->application_name, &application_name_len); working_directory = xstrdup_out_unistr(rdp, rdp->app->working_directory, &working_directory_len); arguments = xstrdup_out_unistr(rdp, rdp->app->arguments, &arguments_len); out_uint16_le(s, RAIL_EXEC_FLAG_EXPAND_WORKINGDIRECTORY | RAIL_EXEC_FLAG_EXPAND_ARGUMENTS); // flags out_uint16_le(s, application_name_len); // ExeOrFileLength out_uint16_le(s, working_directory_len); // WorkingDirLength out_uint16_le(s, arguments_len); // ArgumentsLength out_uint8a(s, application_name, application_name_len + 2); // ExeOrFile out_uint8a(s, working_directory, working_directory_len + 2); // WorkingDir out_uint8a(s, arguments, arguments_len + 2); // Arguments xfree(application_name); xfree(working_directory); xfree(arguments); s_mark_end(s); sec_send(rdp->sec, s, rdp->settings->encryption ? SEC_ENCRYPT : 0); }
static void rdpdr_send_available(RDPCLIENT * This) { uint8 magic[4] = "rDAD"; uint32 driverlen, printerlen, bloblen; int i; STREAM s; PRINTER *printerinfo; s = channel_init(This, This->rdpdr.channel, announcedata_size(This)); out_uint8a(s, magic, 4); out_uint32_le(s, This->num_devices); for (i = 0; i < This->num_devices; i++) { out_uint32_le(s, This->rdpdr_device[i].device_type); out_uint32_le(s, i); /* RDP Device ID */ /* Is it possible to use share names longer than 8 chars? /astrand */ out_uint8p(s, This->rdpdr_device[i].name, 8); switch (This->rdpdr_device[i].device_type) { case DEVICE_TYPE_PRINTER: printerinfo = (PRINTER *) This->rdpdr_device[i].pdevice_data; driverlen = 2 * strlen(printerinfo->driver) + 2; printerlen = 2 * strlen(printerinfo->printer) + 2; bloblen = printerinfo->bloblen; out_uint32_le(s, 24 + driverlen + printerlen + bloblen); /* length of extra info */ out_uint32_le(s, printerinfo->default_printer ? 2 : 0); out_uint8s(s, 8); /* unknown */ out_uint32_le(s, driverlen); out_uint32_le(s, printerlen); out_uint32_le(s, bloblen); rdp_out_unistr(This, s, printerinfo->driver, driverlen - 2); rdp_out_unistr(This, s, printerinfo->printer, printerlen - 2); out_uint8a(s, printerinfo->blob, bloblen); if (printerinfo->blob) xfree(printerinfo->blob); /* Blob is sent twice if reconnecting */ break; default: out_uint32(s, 0); } } #if 0 out_uint32_le(s, 0x20); /* Device type 0x20 - smart card */ out_uint32_le(s, 0); out_uint8p(s, "SCARD", 5); out_uint8s(s, 3); out_uint32(s, 0); #endif s_mark_end(s); channel_send(This, s, This->rdpdr.channel); }
static int sound_send_wave_data(char *data, int data_bytes) { struct stream *s; int bytes; int time; char *size_ptr; print_got_here(); if ((data_bytes < 4) || (data_bytes > 128 * 1024)) { LOG(0, ("sound_send_wave_data: bad data_bytes %d", data_bytes)); } /* part one of 2 PDU wave info */ LOG(10, ("sound_send_wave_data: sending %d bytes", data_bytes)); make_stream(s); init_stream(s, data_bytes); out_uint16_le(s, SNDC_WAVE); size_ptr = s->p; out_uint16_le(s, 0); /* size, set later */ time = g_time2(); out_uint16_le(s, time); out_uint16_le(s, 0); /* wFormatNo */ g_cBlockNo++; out_uint8(s, g_cBlockNo); LOG(10, ("sound_send_wave_data: sending time %d, g_cBlockNo %d", time & 0xffff, g_cBlockNo & 0xff)); out_uint8s(s, 3); out_uint8a(s, data, 4); s_mark_end(s); bytes = (int)((s->end - s->data) - 4); bytes += data_bytes; bytes -= 4; size_ptr[0] = bytes; size_ptr[1] = bytes >> 8; bytes = (int)(s->end - s->data); send_channel_data(g_rdpsnd_chan_id, s->data, bytes); /* part two of 2 PDU wave info */ init_stream(s, data_bytes); out_uint32_le(s, 0); out_uint8a(s, data + 4, data_bytes - 4); s_mark_end(s); bytes = (int)(s->end - s->data); send_channel_data(g_rdpsnd_chan_id, s->data, bytes); free_stream(s); return 0; }
void rdpdr_send_completion(uint32 device, uint32 id, uint32 status, uint32 result, uint8 * buffer, uint32 length) { uint8 magic[4] = "rDCI"; STREAM s; #ifdef WITH_SCARD scard_lock(SCARD_LOCK_RDPDR); #endif s = channel_init(rdpdr_channel, 20 + length); out_uint8a(s, magic, 4); out_uint32_le(s, device); out_uint32_le(s, id); out_uint32_le(s, status); out_uint32_le(s, result); out_uint8p(s, buffer, length); s_mark_end(s); /* JIF */ #ifdef WITH_DEBUG_RDP5 printf("--> rdpdr_send_completion\n"); /* hexdump(s->channel_hdr + 8, s->end - s->channel_hdr - 8); */ #endif channel_send(s, rdpdr_channel); #ifdef WITH_SCARD scard_unlock(SCARD_LOCK_RDPDR); #endif }
void rdp_out_bitmap_codecs_capset(rdpRdp * rdp, STREAM s) { capsetHeaderRef header; uint8 * count_ptr; int index; int out_count; int out_bytes; STREAM ls; //printf("rdp_out_bitmap_codecs_capset:\n"); out_count = 0; header = rdp_skip_capset_header(s); count_ptr = s->p; out_uint8s(s, 1); for (index = 0; index < MAX_BITMAP_CODECS; index++) { ls = rdp->out_codec_caps[index]; if (ls != NULL) { out_bytes = (int) (ls->end - ls->data); out_uint8a(s, ls->data, out_bytes); stream_delete(ls); rdp->out_codec_caps[index] = NULL; out_count++; } } *count_ptr = out_count; rdp_out_capset_header(s, header, CAPSET_TYPE_BITMAP_CODECS); //hexdump(count_ptr, s->p - count_ptr); }
/* returns error */ int APP_CC send_channel_data(int chan_id, char* data, int size) { struct stream* s; int chan_flags; int total_size; int sent; int rv; s = trans_get_out_s(g_con_trans, 8192); if (s == 0) { log_message(&log_conf, LOG_LEVEL_DEBUG, "chansrv[send_channel_data]: " "No client RDP client"); return 1; } rv = 0; sent = 0; total_size = size; while (sent < total_size) { size = MIN(1600, total_size - sent); chan_flags = 0; if (sent == 0) { chan_flags |= 1; /* first */ } if (size + sent == total_size) { chan_flags |= 2; /* last */ } out_uint32_le(s, 0); /* version */ out_uint32_le(s, 8 + 8 + 2 + 2 + 2 + 4 + size); /* size */ out_uint32_le(s, 8); /* msg id */ out_uint32_le(s, 8 + 2 + 2 + 2 + 4 + size); /* size */ out_uint16_le(s, chan_id); out_uint16_le(s, chan_flags); out_uint16_le(s, size); out_uint32_le(s, total_size); out_uint8a(s, data + sent, size); s_mark_end(s); rv = trans_force_write(g_con_trans); if (rv != 0) { break; } sent += size; s = trans_get_out_s(g_con_trans, 8192); } return rv; }
STREAM surface_codec_cap(rdpRdp * rdp, uint8 * codec_guid, int codec_id, uint8 * codec_property, int codec_properties_size) { STREAM s; s = 0; if (memcmp(codec_guid, g_rfx_guid, 16) == 0) { //printf("got remotefx guid\n"); if (rdp->settings->rfx_flags) { s = stream_new(1024); out_uint8a(s, g_rfx_guid, 16); out_uint8(s, codec_id); out_uint16_le(s, 29 + 12); out_uint32_le(s, 29 + 12); /* total size */ out_uint32_le(s, 0x00000000); /* Capture Flags */ out_uint32_le(s, 29); /* size after this */ /* struct CbyCaps */ out_uint16_le(s, 0xcbc0); /* CBY_CAPS */ out_uint32_le(s, 8); /* size of this struct */ out_uint16_le(s, 1); /* numCapsets */ /* struct ClyCapset */ out_uint16_le(s, 0xcbc1); /* CBY_CAPSET */ out_uint32_le(s, 21); /* size of this struct */ out_uint8(s, 1); /* codec id */ out_uint16_le(s, 0xcfc0); /* CLY_CAPSET */ out_uint16_le(s, 1); /* numIcaps */ out_uint16_le(s, 8); /* icapLen */ /* 64x64 tiles */ out_uint16_le(s, 0x100); /* version */ out_uint16_le(s, 64); /* tile size */ out_uint8(s, 0); /* flags */ out_uint8(s, 1); /* colConvBits */ out_uint8(s, 1); /* transformBits */ out_uint8(s, 1); /* entropyBits */ s_mark_end(s); } } else if (memcmp(codec_guid, g_nsc_guid, 16) == 0) { //printf("got nscodec guid\n"); } else { //printf("unknown guid\n"); hexdump(codec_guid, 16); } return s; }
static void rdpdr_send_connect(RDPCLIENT * This) { uint8 magic[4] = "rDCC"; STREAM s; s = channel_init(This, This->rdpdr.channel, 12); out_uint8a(s, magic, 4); out_uint16_le(s, 1); /* unknown */ out_uint16_le(s, 5); out_uint32_be(s, 0x815ed39d); /* IP address (use 127.0.0.1) 0x815ed39d */ s_mark_end(s); channel_send(This, s, This->rdpdr.channel); }
/* Send persistent bitmap cache enumeration PDU's */ static BOOL rdp_enum_bmpcache2(RDPCLIENT * This) // THIS { STREAM s; HASH_KEY keylist[BMPCACHE2_NUM_PSTCELLS]; uint32 num_keys, offset, count, flags; offset = 0; num_keys = pstcache_enumerate(This, 2, keylist); while (offset < num_keys) { count = MIN(num_keys - offset, 169); s = rdp_init_data(This, 24 + count * sizeof(HASH_KEY)); if(s == NULL) return False; flags = 0; if (offset == 0) flags |= PDU_FLAG_FIRST; if (num_keys - offset <= 169) flags |= PDU_FLAG_LAST; /* header */ out_uint32_le(s, 0); out_uint16_le(s, count); out_uint16_le(s, 0); out_uint16_le(s, 0); out_uint16_le(s, 0); out_uint16_le(s, 0); out_uint16_le(s, num_keys); out_uint32_le(s, 0); out_uint32_le(s, flags); /* list */ out_uint8a(s, keylist[offset], count * sizeof(HASH_KEY)); s_mark_end(s); if(!rdp_send_data(This, s, 0x2b)) return False; offset += 169; } return True; }
/* returns error data coming from client that need to go to channel handler */ int APP_CC xrdp_mm_process_channel_data(struct xrdp_mm* self, tbus param1, tbus param2, tbus param3, tbus param4) { struct stream* s = (struct stream *)NULL; int rv = 0; int length = 0; int total_length = 0; int flags = 0; int id = 0; char * data = (char *)NULL; rv = 0; if ((self->chan_trans != 0) && self->chan_trans_up) { s = trans_get_out_s(self->chan_trans, 8192); if (s != 0) { id = LOWORD(param1); flags = HIWORD(param1); length = param2; data = (char*)param3; total_length = param4; if (total_length < length) { g_writeln("WARNING in xrdp_mm_process_channel_data(): total_len < length"); total_length = length; } out_uint32_le(s, 0); /* version */ out_uint32_le(s, 8 + 8 + 2 + 2 + 2 + 4 + length); out_uint32_le(s, 5); /* msg id */ out_uint32_le(s, 8 + 2 + 2 + 2 + 4 + length); out_uint16_le(s, id); out_uint16_le(s, flags); out_uint16_le(s, length); out_uint32_le(s, total_length); out_uint8a(s, data, length); s_mark_end(s); rv = trans_force_write(self->chan_trans); } } return rv; }
/* returns error send a list of channels to the channel handler */ static int APP_CC xrdp_mm_trans_send_channel_setup(struct xrdp_mm* self, struct trans* trans) { int index = 0; int chan_id = 0; int chan_flags = 0; int size = 0; struct stream* s = (struct stream *)NULL; char chan_name[256]; g_memset(chan_name,0,sizeof(char) * 256); s = trans_get_out_s(trans, 8192); if (s == 0) { return 1; } s_push_layer(s, iso_hdr, 8); s_push_layer(s, mcs_hdr, 8); s_push_layer(s, sec_hdr, 2); index = 0; while (libxrdp_query_channel(self->wm->session, index, chan_name, &chan_flags) == 0) { chan_id = libxrdp_get_channel_id(self->wm->session, chan_name); out_uint8a(s, chan_name, 8); out_uint16_le(s, chan_id); out_uint16_le(s, chan_flags); index++; } s_mark_end(s); s_pop_layer(s, sec_hdr); out_uint16_le(s, index); s_pop_layer(s, mcs_hdr); size = (int)(s->end - s->p); out_uint32_le(s, 3); /* msg id */ out_uint32_le(s, size); /* msg size */ s_pop_layer(s, iso_hdr); size = (int)(s->end - s->p); out_uint32_le(s, 0); /* version */ out_uint32_le(s, size); /* block size */ return trans_force_write(trans); }
/* Send persistent bitmap cache enumeration PDU's */ static void rdp_enum_bmpcache2(void) { STREAM s; HASH_KEY keylist[BMPCACHE2_NUM_PSTCELLS]; uint32 num_keys, offset, count, flags; offset = 0; num_keys = pstcache_enumerate(2, keylist); while (offset < num_keys) { count = MIN(num_keys - offset, 169); s = rdp_init_data(24 + count * sizeof(HASH_KEY)); flags = 0; if (offset == 0) flags |= PDU_FLAG_FIRST; if (num_keys - offset <= 169) flags |= PDU_FLAG_LAST; /* header */ out_uint32_le(s, 0); out_uint16_le(s, count); out_uint16_le(s, 0); out_uint16_le(s, 0); out_uint16_le(s, 0); out_uint16_le(s, 0); out_uint16_le(s, num_keys); out_uint32_le(s, 0); out_uint32_le(s, flags); /* list */ out_uint8a(s, keylist[offset], count * sizeof(HASH_KEY)); s_mark_end(s); rdp_send_data(s, 0x2b); offset += 169; } }
/* returns error */ int APP_CC send_rail_drawing_orders(char* data, int size) { LOGM((LOG_LEVEL_DEBUG, "chansrv::send_rail_drawing_orders: size %d", size)); struct stream* s; int error; s = trans_get_out_s(g_con_trans, 8192); out_uint32_le(s, 0); /* version */ out_uint32_le(s, 8 + 8 + size); /* size */ out_uint32_le(s, 10); /* msg id */ out_uint32_le(s, 8 + size); /* size */ out_uint8a(s, data, size); s_mark_end(s); error = trans_force_write(g_con_trans); if (error != 0) { return 1; } return 0; }
static void rdpdr_send_completion(RDPCLIENT * This, uint32 device, uint32 id, uint32 status, uint32 result, uint8 * buffer, uint32 length) { uint8 magic[4] = "rDCI"; STREAM s; s = channel_init(This, This->rdpdr.channel, 20 + length); out_uint8a(s, magic, 4); out_uint32_le(s, device); out_uint32_le(s, id); out_uint32_le(s, status); out_uint32_le(s, result); out_uint8p(s, buffer, length); s_mark_end(s); /* JIF */ #ifdef WITH_DEBUG_RDP5 printf("--> rdpdr_send_completion\n"); /* hexdump(s->channel_hdr + 8, s->end - s->channel_hdr - 8); */ #endif channel_send(This, s, This->rdpdr.channel); }
static void rdpdr_send_clientcapabilty(RDPCLIENT * This) { uint8 magic[4] = "rDPC"; STREAM s; s = channel_init(This, This->rdpdr.channel, 0x50); out_uint8a(s, magic, 4); out_uint32_le(s, 5); /* count */ out_uint16_le(s, 1); /* first */ out_uint16_le(s, 0x28); /* length */ out_uint32_le(s, 1); out_uint32_le(s, 2); out_uint16_le(s, 2); out_uint16_le(s, 5); out_uint16_le(s, 1); out_uint16_le(s, 5); out_uint16_le(s, 0xFFFF); out_uint16_le(s, 0); out_uint32_le(s, 0); out_uint32_le(s, 3); out_uint32_le(s, 0); out_uint32_le(s, 0); out_uint16_le(s, 2); /* second */ out_uint16_le(s, 8); /* length */ out_uint32_le(s, 1); out_uint16_le(s, 3); /* third */ out_uint16_le(s, 8); /* length */ out_uint32_le(s, 1); out_uint16_le(s, 4); /* fourth */ out_uint16_le(s, 8); /* length */ out_uint32_le(s, 1); out_uint16_le(s, 5); /* fifth */ out_uint16_le(s, 8); /* length */ out_uint32_le(s, 1); s_mark_end(s); channel_send(This, s, This->rdpdr.channel); }
static void rdpdr_send_name(RDPCLIENT * This) { uint8 magic[4] = "rDNC"; STREAM s; uint32 hostlen; if (NULL == This->rdpdr_clientname) { This->rdpdr_clientname = This->hostname; } hostlen = (strlen(This->rdpdr_clientname) + 1) * 2; s = channel_init(This, This->rdpdr.channel, 16 + hostlen); out_uint8a(s, magic, 4); out_uint16_le(s, 0x63); /* unknown */ out_uint16_le(s, 0x72); out_uint32(s, 0); out_uint32_le(s, hostlen); rdp_out_unistr(This, s, This->rdpdr_clientname, hostlen - 2); s_mark_end(s); channel_send(This, s, This->rdpdr.channel); }
static void rdpdr_send_name(void) { uint8 magic[4] = "rDNC"; STREAM s; uint32 hostlen; if (NULL == g_rdpdr_clientname) { g_rdpdr_clientname = g_hostname; } hostlen = (strlen(g_rdpdr_clientname) + 1) * 2; s = channel_init(rdpdr_channel, 16 + hostlen); out_uint8a(s, magic, 4); out_uint16_le(s, 0x63); /* unknown */ out_uint16_le(s, 0x72); out_uint32(s, 0); out_uint32_le(s, hostlen); rdp_out_unistr(s, g_rdpdr_clientname, hostlen - 2); s_mark_end(s); channel_send(s, rdpdr_channel); }
enum SCP_CLIENT_STATES_E scp_v0c_connect(struct SCP_CONNECTION *c, struct SCP_SESSION *s) { tui32 version; tui32 size; tui16 sz; init_stream(c->in_s, c->in_s->size); init_stream(c->out_s, c->in_s->size); LOG_DBG("[v0:%d] starting connection", __LINE__); g_tcp_set_non_blocking(c->in_sck); g_tcp_set_no_delay(c->in_sck); s_push_layer(c->out_s, channel_hdr, 8); /* code */ if (s->type == SCP_SESSION_TYPE_XVNC) { out_uint16_be(c->out_s, 0); } else if (s->type == SCP_SESSION_TYPE_XRDP) { out_uint16_be(c->out_s, 10); } else if (s->type == SCP_SESSION_TYPE_XORG) { out_uint16_be(c->out_s, 20); } else { log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_CLIENT_STATE_INTERNAL_ERR; } sz = g_strlen(s->username); out_uint16_be(c->out_s, sz); out_uint8a(c->out_s, s->username, sz); sz = g_strlen(s->password); out_uint16_be(c->out_s, sz); out_uint8a(c->out_s, s->password, sz); out_uint16_be(c->out_s, s->width); out_uint16_be(c->out_s, s->height); out_uint16_be(c->out_s, s->bpp); s_mark_end(c->out_s); s_pop_layer(c->out_s, channel_hdr); /* version */ out_uint32_be(c->out_s, 0); /* size */ out_uint32_be(c->out_s, c->out_s->end - c->out_s->data); if (0 != scp_tcp_force_send(c->in_sck, c->out_s->data, c->out_s->end - c->out_s->data)) { log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_CLIENT_STATE_NETWORK_ERR; } if (0 != scp_tcp_force_recv(c->in_sck, c->in_s->data, 8)) { log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_CLIENT_STATE_NETWORK_ERR; } in_uint32_be(c->in_s, version); if (0 != version) { log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: version error", __LINE__); return SCP_CLIENT_STATE_VERSION_ERR; } in_uint32_be(c->in_s, size); if (size < 14) { log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: packet size error", __LINE__); return SCP_CLIENT_STATE_SIZE_ERR; } /* getting payload */ init_stream(c->in_s, c->in_s->size); if (0 != scp_tcp_force_recv(c->in_sck, c->in_s->data, size - 8)) { log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: network error", __LINE__); return SCP_CLIENT_STATE_NETWORK_ERR; } /* check code */ in_uint16_be(c->in_s, sz); if (3 != sz) { log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: sequence error", __LINE__); return SCP_CLIENT_STATE_SEQUENCE_ERR; } /* message payload */ in_uint16_be(c->in_s, sz); if (1 != sz) { log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: connection denied", __LINE__); return SCP_CLIENT_STATE_CONNECTION_DENIED; } in_uint16_be(c->in_s, sz); s->display = sz; LOG_DBG("[v0:%d] connection terminated", __LINE__); return SCP_CLIENT_STATE_END; }
/* Parse a logon info packet */ static void rdp_send_logon_info(uint32 flags, char *domain, char *user, char *password, char *program, char *directory) { char *ipaddr = tcp_get_address(); /* length of string in TS_INFO_PACKET excludes null terminator */ int len_domain = 2 * strlen(domain); int len_user = 2 * strlen(user); int len_password = 2 * strlen(password); int len_program = 2 * strlen(program); int len_directory = 2 * strlen(directory); /* length of strings in TS_EXTENDED_PACKET includes null terminator */ int len_ip = 2 * strlen(ipaddr) + 2; int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll") + 2; int packetlen = 0; uint32 sec_flags = g_encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; STREAM s; time_t t = time(NULL); time_t tzone; uint8 security_verifier[16]; if (g_rdp_version == RDP_V4 || 1 == g_server_rdp_version) { DEBUG_RDP5(("Sending RDP4-style Logon packet\n")); s = sec_init(sec_flags, 18 + len_domain + len_user + len_password + len_program + len_directory + 10); out_uint32(s, 0); out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); out_uint16_le(s, len_password); out_uint16_le(s, len_program); out_uint16_le(s, len_directory); rdp_out_unistr(s, domain, len_domain); rdp_out_unistr(s, user, len_user); rdp_out_unistr(s, password, len_password); rdp_out_unistr(s, program, len_program); rdp_out_unistr(s, directory, len_directory); } else { DEBUG_RDP5(("Sending RDP5-style Logon packet\n")); if (g_redirect == True && g_redirect_cookie_len > 0) { len_password = g_redirect_cookie_len; len_password -= 2; /* substract 2 bytes which is added below */ } packetlen = /* size of TS_INFO_PACKET */ 4 + /* CodePage */ 4 + /* flags */ 2 + /* cbDomain */ 2 + /* cbUserName */ 2 + /* cbPassword */ 2 + /* cbAlternateShell */ 2 + /* cbWorkingDir */ 2 + len_domain + /* Domain */ 2 + len_user + /* UserName */ 2 + len_password + /* Password */ 2 + len_program + /* AlternateShell */ 2 + len_directory + /* WorkingDir */ /* size of TS_EXTENDED_INFO_PACKET */ 2 + /* clientAdressFamily */ 2 + /* cbClientAdress */ len_ip + /* clientAddress */ 2 + /* cbClientDir */ len_dll + /* clientDir */ /* size of TS_TIME_ZONE_INFORMATION */ 4 + /* Bias, (UTC = local time + bias */ 64 + /* StandardName, 32 unicode char array, Descriptive standard time on client */ 16 + /* StandardDate */ 4 + /* StandardBias */ 64 + /* DaylightName, 32 unicode char array */ 16 + /* DaylightDate */ 4 + /* DaylightBias */ 4 + /* clientSessionId */ 4 + /* performanceFlags */ 2 + /* cbAutoReconnectCookie, either 0 or 0x001c */ /* size of ARC_CS_PRIVATE_PACKET */ 28; /* autoReconnectCookie */ s = sec_init(sec_flags, packetlen); DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen)); /* TS_INFO_PACKET */ out_uint32(s, 0); /* Code Page */ out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); out_uint16_le(s, len_password); out_uint16_le(s, len_program); out_uint16_le(s, len_directory); if (0 < len_domain) rdp_out_unistr(s, domain, len_domain); else out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */ if (0 < len_user) rdp_out_unistr(s, user, len_user); else out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */ if (0 < len_password) { if (g_redirect == True && 0 < g_redirect_cookie_len) { out_uint8p(s, g_redirect_cookie, g_redirect_cookie_len); } else { rdp_out_unistr(s, password, len_password); } } else out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */ if (0 < len_program) rdp_out_unistr(s, program, len_program); else out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */ if (0 < len_directory) rdp_out_unistr(s, directory, len_directory); else out_uint16_le(s, 0); /* mandatory 2 bytes null terminator */ /* TS_EXTENDED_INFO_PACKET */ out_uint16_le(s, 2); /* clientAddressFamily = AF_INET */ out_uint16_le(s, len_ip); /* cbClientAddress, Length of client ip */ rdp_out_unistr(s, ipaddr, len_ip - 2); /* clientAddress */ out_uint16_le(s, len_dll); /* cbClientDir */ rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll - 2); /* clientDir */ /* TS_TIME_ZONE_INFORMATION */ tzone = (mktime(gmtime(&t)) - mktime(localtime(&t))) / 60; out_uint32_le(s, tzone); rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid")); out_uint8s(s, 62 - 2 * strlen("GTB, normaltid")); out_uint32_le(s, 0x0a0000); out_uint32_le(s, 0x050000); out_uint32_le(s, 3); out_uint32_le(s, 0); out_uint32_le(s, 0); rdp_out_unistr(s, "GTB, sommartid", 2 * strlen("GTB, sommartid")); out_uint8s(s, 62 - 2 * strlen("GTB, sommartid")); out_uint32_le(s, 0x30000); out_uint32_le(s, 0x050000); out_uint32_le(s, 2); out_uint32(s, 0); out_uint32_le(s, 0xffffffc4); /* DaylightBias */ /* Rest of TS_EXTENDED_INFO_PACKET */ out_uint32_le(s, 0); /* clientSessionId (Ignored by server MUST be 0) */ out_uint32_le(s, g_rdp5_performanceflags); /* Client Auto-Reconnect */ if (g_has_reconnect_random) { out_uint16_le(s, 28); /* cbAutoReconnectLen */ /* ARC_CS_PRIVATE_PACKET */ out_uint32_le(s, 28); /* cbLen */ out_uint32_le(s, 1); /* Version */ out_uint32_le(s, g_reconnect_logonid); /* LogonId */ rdssl_hmac_md5(g_reconnect_random, sizeof(g_reconnect_random), g_client_random, SEC_RANDOM_SIZE, security_verifier); out_uint8a(s, security_verifier, sizeof(security_verifier)); } else { out_uint16_le(s, 0); /* cbAutoReconnectLen */ } } s_mark_end(s); /* clear the redirect flag */ g_redirect = False; sec_send(s, sec_flags); }
int DEFAULT_CC main(int argc, char** argv) { int sck; int code; int i; int size; int version; int width; int height; int bpp; int keylayout; int display; struct stream* in_s; struct stream* out_s; char* username; char* password; char* exec; long data; if (0 != config_read(&g_cfg)) { g_printf("sesrun: error reading config. quitting.\n"); return 1; } g_pid = g_getpid(); if (argc == 1) { g_printf("xrdp session starter v0.2\n"); g_printf("\nusage:\n"); g_printf("sesrun <server> <username> <password> <exec> <width> <height> <bpp> <keylayout>\n"); } else if (argc == 9) { username = argv[2]; password = argv[3]; exec = argv[4]; width = g_atoi(argv[5]); height = g_atoi(argv[6]); bpp = g_atoi(argv[7]); keylayout = g_atoi(argv[8]); make_stream(in_s); init_stream(in_s, 8192); make_stream(out_s); init_stream(out_s, 8192); sck = g_tcp_socket(); if (g_tcp_connect(sck, argv[1], "3350") == 0) { s_push_layer(out_s, channel_hdr, 8); out_uint16_be(out_s, 20); /* code */ i = g_strlen(username); out_uint16_be(out_s, i); out_uint8a(out_s, username, i); i = g_strlen(password); out_uint16_be(out_s, i); out_uint8a(out_s, password, i); i = g_strlen(exec); out_uint16_be(out_s, i); out_uint8a(out_s, exec, i); out_uint16_be(out_s, width); out_uint16_be(out_s, height); out_uint16_be(out_s, bpp); out_uint16_be(out_s, keylayout); s_mark_end(out_s); s_pop_layer(out_s, channel_hdr); out_uint32_be(out_s, 0); /* version */ out_uint32_be(out_s, out_s->end - out_s->data); /* size */ tcp_force_send(sck, out_s->data, out_s->end - out_s->data); if (tcp_force_recv(sck, in_s->data, 8) == 0) { in_uint32_be(in_s, version); in_uint32_be(in_s, size); init_stream(in_s, 8192); if (tcp_force_recv(sck, in_s->data, size - 8) == 0) { if (version == 0) { in_uint16_be(in_s, code); if (code == 3) { in_uint16_be(in_s, data); in_uint16_be(in_s, display); g_printf("ok %d display %d\n", data, display); } } } } } else { g_printf("connect error\n"); } g_tcp_close(sck); free_stream(in_s); free_stream(out_s); } return 0; }
/* returns error */ static int APP_CC send_data_from_chan_item(struct chan_item *chan_item) { struct stream *s; struct chan_out_data *cod; int bytes_left; int size; int chan_flags; int error; if (chan_item->head == 0) { return 0; } cod = chan_item->head; bytes_left = (int)(cod->s->end - cod->s->p); size = MIN(1600, bytes_left); chan_flags = 0; if (cod->s->p == cod->s->data) { chan_flags |= 1; /* first */ } if (cod->s->p + size >= cod->s->end) { chan_flags |= 2; /* last */ } s = trans_get_out_s(g_con_trans, 8192); out_uint32_le(s, 0); /* version */ out_uint32_le(s, 8 + 8 + 2 + 2 + 2 + 4 + size); /* size */ out_uint32_le(s, 8); /* msg id */ out_uint32_le(s, 8 + 2 + 2 + 2 + 4 + size); /* size */ out_uint16_le(s, chan_item->id); out_uint16_le(s, chan_flags); out_uint16_le(s, size); out_uint32_le(s, cod->s->size); out_uint8a(s, cod->s->p, size); s_mark_end(s); LOGM((LOG_LEVEL_DEBUG, "chansrv::send_channel_data: -- " "size %d chan_flags 0x%8.8x", size, chan_flags)); error = trans_force_write(g_con_trans); if (error != 0) { return 1; } cod->s->p += size; if (cod->s->p >= cod->s->end) { free_stream(cod->s); chan_item->head = chan_item->head->next; if (chan_item->head == 0) { chan_item->tail = 0; } g_free(cod); } return 0; }
static int APP_CC xrdp_mm_send_login(struct xrdp_mm* self) { struct stream * s = (struct stream *)NULL; int rv = 0; int index = 0; int count = 0; char * username = (char *)NULL; char * password = (char *)NULL; char * name = (char *)NULL; char * value = (char *)NULL; xrdp_wm_log_msg(self->wm, "sending login info to session manager, " "please wait..."); username = 0; password = 0; self->code = 0; count = self->login_names->count; for (index = 0; index < count; index++) { name = (char*)list_get_item(self->login_names, index); value = (char*)list_get_item(self->login_values, index); if (g_strcasecmp(name, "username") == 0) { username = value; } else if (g_strcasecmp(name, "password") == 0) { password = value; } else if (g_strcasecmp(name, "lib") == 0) { if ((g_strcasecmp(value, "libxup.so") == 0) || (g_strcasecmp(value, "xup.dll") == 0)) { self->code = 10; } } } if ((username == 0) || (password == 0)) { xrdp_wm_log_msg(self->wm, "Error finding username and password"); return 1; } s = trans_get_out_s(self->sesman_trans, 8192); s_push_layer(s, channel_hdr, 8); /* this code is either 0 for Xvnc or 10 for X11rdp */ out_uint16_be(s, self->code); index = g_strlen(username); out_uint16_be(s, index); out_uint8a(s, username, index); index = g_strlen(password); out_uint16_be(s, index); out_uint8a(s, password, index); out_uint16_be(s, self->wm->screen->width); out_uint16_be(s, self->wm->screen->height); out_uint16_be(s, self->wm->screen->bpp); /* send domain */ index = g_strlen(self->wm->client_info->domain); out_uint16_be(s, index); out_uint8a(s, self->wm->client_info->domain, index); /* send program / shell */ index = g_strlen(self->wm->client_info->program); out_uint16_be(s, index); out_uint8a(s, self->wm->client_info->program, index); /* send directory */ index = g_strlen(self->wm->client_info->directory); out_uint16_be(s, index); out_uint8a(s, self->wm->client_info->directory, index); /* send client ip */ index = g_strlen(self->wm->client_info->client_ip); out_uint16_be(s, index); out_uint8a(s, self->wm->client_info->client_ip, index); s_mark_end(s); s_pop_layer(s, channel_hdr); out_uint32_be(s, 0); /* version */ index = (int)(s->end - s->data); out_uint32_be(s, index); /* size */ rv = trans_force_write(self->sesman_trans); if (rv != 0) { xrdp_wm_log_msg(self->wm, "xrdp_mm_send_login: xrdp_mm_send_login failed"); } return rv; }
int APP_CC xrdp_caps_send_demand_active(struct xrdp_rdp *self) { struct stream *s; int caps_count; int caps_size; int codec_caps_count; int codec_caps_size; int flags; char *caps_count_ptr; char *caps_size_ptr; char *caps_ptr; char *codec_caps_count_ptr; char *codec_caps_size_ptr; make_stream(s); init_stream(s, 8192); DEBUG(("in xrdp_caps_send_demand_active")); if (xrdp_rdp_init(self, s) != 0) { free_stream(s); return 1; } caps_count = 0; out_uint32_le(s, self->share_id); out_uint16_le(s, 4); /* 4 chars for RDP\0 */ /* 2 bytes size after num caps, set later */ caps_size_ptr = s->p; out_uint8s(s, 2); out_uint8a(s, "RDP", 4); /* 4 byte num caps, set later */ caps_count_ptr = s->p; out_uint8s(s, 4); caps_ptr = s->p; /* Output share capability set */ caps_count++; out_uint16_le(s, RDP_CAPSET_SHARE); out_uint16_le(s, RDP_CAPLEN_SHARE); out_uint16_le(s, self->mcs_channel); out_uint16_be(s, 0xb5e2); /* 0x73e1 */ /* Output general capability set */ caps_count++; out_uint16_le(s, RDP_CAPSET_GENERAL); /* 1 */ out_uint16_le(s, RDP_CAPLEN_GENERAL); /* 24(0x18) */ out_uint16_le(s, 1); /* OS major type */ out_uint16_le(s, 3); /* OS minor type */ out_uint16_le(s, 0x200); /* Protocol version */ out_uint16_le(s, 0); /* pad */ out_uint16_le(s, 0); /* Compression types */ /* NO_BITMAP_COMPRESSION_HDR 0x0400 FASTPATH_OUTPUT_SUPPORTED 0x0001 */ if (self->client_info.use_fast_path & 1) { out_uint16_le(s, 0x401); } else { out_uint16_le(s, 0x400); } out_uint16_le(s, 0); /* Update capability */ out_uint16_le(s, 0); /* Remote unshare capability */ out_uint16_le(s, 0); /* Compression level */ out_uint16_le(s, 0); /* Pad */ /* Output bitmap capability set */ caps_count++; out_uint16_le(s, RDP_CAPSET_BITMAP); /* 2 */ out_uint16_le(s, RDP_CAPLEN_BITMAP); /* 28(0x1c) */ out_uint16_le(s, self->client_info.bpp); /* Preferred BPP */ out_uint16_le(s, 1); /* Receive 1 BPP */ out_uint16_le(s, 1); /* Receive 4 BPP */ out_uint16_le(s, 1); /* Receive 8 BPP */ out_uint16_le(s, self->client_info.width); /* width */ out_uint16_le(s, self->client_info.height); /* height */ out_uint16_le(s, 0); /* Pad */ out_uint16_le(s, 1); /* Allow resize */ out_uint16_le(s, 1); /* bitmap compression */ out_uint16_le(s, 0); /* unknown */ out_uint16_le(s, 0); /* unknown */ out_uint16_le(s, 0); /* pad */ /* Output font capability set */ caps_count++; out_uint16_le(s, RDP_CAPSET_FONT); /* 14 */ out_uint16_le(s, RDP_CAPLEN_FONT); /* 4 */ /* Output order capability set */ caps_count++; out_uint16_le(s, RDP_CAPSET_ORDER); /* 3 */ out_uint16_le(s, RDP_CAPLEN_ORDER); /* 88(0x58) */ out_uint8s(s, 16); out_uint32_be(s, 0x40420f00); out_uint16_le(s, 1); /* Cache X granularity */ out_uint16_le(s, 20); /* Cache Y granularity */ out_uint16_le(s, 0); /* Pad */ out_uint16_le(s, 1); /* Max order level */ out_uint16_le(s, 0x2f); /* Number of fonts */ out_uint16_le(s, 0x22); /* Capability flags */ /* caps */ out_uint8(s, 1); /* NEG_DSTBLT_INDEX 0x00 0 */ out_uint8(s, 1); /* NEG_PATBLT_INDEX 0x01 1 */ out_uint8(s, 1); /* NEG_SCRBLT_INDEX 0x02 2 */ out_uint8(s, 1); /* NEG_MEMBLT_INDEX 0x03 3 */ out_uint8(s, 0); /* NEG_MEM3BLT_INDEX 0x04 4 */ out_uint8(s, 0); /* NEG_ATEXTOUT_INDEX 0x05 5 */ out_uint8(s, 0); /* NEG_AEXTTEXTOUT_INDEX 0x06 6 */ out_uint8(s, 0); /* NEG_DRAWNINEGRID_INDEX 0x07 7 */ out_uint8(s, 1); /* NEG_LINETO_INDEX 0x08 8 */ out_uint8(s, 0); /* NEG_MULTI_DRAWNINEGRID_INDEX 0x09 9 */ out_uint8(s, 1); /* NEG_OPAQUE_RECT_INDEX 0x0A 10 */ out_uint8(s, 0); /* NEG_SAVEBITMAP_INDEX 0x0B 11 */ out_uint8(s, 0); /* NEG_WTEXTOUT_INDEX 0x0C 12 */ out_uint8(s, 0); /* NEG_MEMBLT_V2_INDEX 0x0D 13 */ out_uint8(s, 0); /* NEG_MEM3BLT_V2_INDEX 0x0E 14 */ out_uint8(s, 0); /* NEG_MULTIDSTBLT_INDEX 0x0F 15 */ out_uint8(s, 0); /* NEG_MULTIPATBLT_INDEX 0x10 16 */ out_uint8(s, 0); /* NEG_MULTISCRBLT_INDEX 0x11 17 */ out_uint8(s, 1); /* NEG_MULTIOPAQUERECT_INDEX 0x12 18 */ out_uint8(s, 0); /* NEG_FAST_INDEX_INDEX 0x13 19 */ out_uint8(s, 0); /* NEG_POLYGON_SC_INDEX 0x14 20 */ out_uint8(s, 0); /* NEG_POLYGON_CB_INDEX 0x15 21 */ out_uint8(s, 0); /* NEG_POLYLINE_INDEX 0x16 22 */ out_uint8(s, 0); /* unused 0x17 23 */ out_uint8(s, 0); /* NEG_FAST_GLYPH_INDEX 0x18 24 */ out_uint8(s, 0); /* NEG_ELLIPSE_SC_INDEX 0x19 25 */ out_uint8(s, 0); /* NEG_ELLIPSE_CB_INDEX 0x1A 26 */ out_uint8(s, 1); /* NEG_GLYPH_INDEX_INDEX 0x1B 27 */ out_uint8(s, 0); /* NEG_GLYPH_WEXTTEXTOUT_INDEX 0x1C 28 */ out_uint8(s, 0); /* NEG_GLYPH_WLONGTEXTOUT_INDEX 0x1D 29 */ out_uint8(s, 0); /* NEG_GLYPH_WLONGEXTTEXTOUT_INDEX 0x1E 30 */ out_uint8(s, 0); /* unused 0x1F 31 */ out_uint16_le(s, 0x6a1); /* declare support of bitmap cache rev3 */ out_uint16_le(s, XR_ORDERFLAGS_EX_CACHE_BITMAP_REV3_SUPPORT); out_uint32_le(s, 0x0f4240); /* desk save */ out_uint32_le(s, 0x0f4240); /* desk save */ out_uint32_le(s, 1); /* ? */ out_uint32_le(s, 0); /* ? */ /* Output bmpcodecs capability set */ caps_count++; out_uint16_le(s, RDP_CAPSET_BMPCODECS); codec_caps_size_ptr = s->p; out_uint8s(s, 2); /* cap len set later */ codec_caps_count = 0; codec_caps_count_ptr = s->p; out_uint8s(s, 1); /* bitmapCodecCount set later */ /* nscodec */ codec_caps_count++; out_uint8a(s, XR_CODEC_GUID_NSCODEC, 16); out_uint8(s, 1); /* codec id, must be 1 */ out_uint16_le(s, 3); /* codecPropertiesLength */ out_uint8(s, 0x01); /* fAllowDynamicFidelity */ out_uint8(s, 0x01); /* fAllowSubsampling */ out_uint8(s, 0x03); /* colorLossLevel */ #if defined(XRDP_RFXCODEC) || defined(XRDP_NEUTRINORDP) /* remotefx */ codec_caps_count++; out_uint8a(s, XR_CODEC_GUID_REMOTEFX, 16); out_uint8(s, 0); /* codec id, client sets */ out_uint16_le(s, 4); /* codecPropertiesLength */ out_uint32_le(s, 0); /* reserved */ /* image remotefx */ codec_caps_count++; out_uint8a(s, XR_CODEC_GUID_IMAGE_REMOTEFX, 16); out_uint8(s, 0); /* codec id, client sets */ out_uint16_le(s, 4); /* codecPropertiesLength */ out_uint32_le(s, 0); /* reserved */ #endif /* jpeg */ codec_caps_count++; out_uint8a(s, XR_CODEC_GUID_JPEG, 16); out_uint8(s, 0); /* codec id, client sets */ out_uint16_le(s, 1); /* codecPropertiesLength */ out_uint8(s, 75); /* jpeg compression ratio */ /* calculate and set size and count */ codec_caps_size = (int)(s->p - codec_caps_size_ptr); codec_caps_size += 2; /* 2 bytes for RDP_CAPSET_BMPCODECS above */ codec_caps_size_ptr[0] = codec_caps_size; codec_caps_size_ptr[1] = codec_caps_size >> 8; codec_caps_count_ptr[0] = codec_caps_count; /* Output color cache capability set */ caps_count++; out_uint16_le(s, RDP_CAPSET_COLCACHE); out_uint16_le(s, RDP_CAPLEN_COLCACHE); out_uint16_le(s, 6); /* cache size */ out_uint16_le(s, 0); /* pad */ /* Output pointer capability set */ caps_count++; out_uint16_le(s, RDP_CAPSET_POINTER); out_uint16_le(s, RDP_CAPLEN_POINTER); out_uint16_le(s, 1); /* Colour pointer */ out_uint16_le(s, 0x19); /* Cache size */ out_uint16_le(s, 0x19); /* Cache size */ /* Output input capability set */ caps_count++; out_uint16_le(s, RDP_CAPSET_INPUT); /* 13(0xd) */ out_uint16_le(s, RDP_CAPLEN_INPUT); /* 88(0x58) */ flags = INPUT_FLAG_SCANCODES | INPUT_FLAG_MOUSEX | INPUT_FLAG_UNICODE; if (self->client_info.use_fast_path & 2) { flags |= INPUT_FLAG_FASTPATH_INPUT | INPUT_FLAG_FASTPATH_INPUT2; } out_uint16_le(s, flags); out_uint8s(s, 82); /* Remote Programs Capability Set */ caps_count++; out_uint16_le(s, 0x0017); /* CAPSETTYPE_RAIL */ out_uint16_le(s, 8); out_uint32_le(s, 3); /* TS_RAIL_LEVEL_SUPPORTED TS_RAIL_LEVEL_DOCKED_LANGBAR_SUPPORTED */ /* Window List Capability Set */ caps_count++; out_uint16_le(s, 0x0018); /* CAPSETTYPE_WINDOW */ out_uint16_le(s, 11); out_uint32_le(s, 2); /* TS_WINDOW_LEVEL_SUPPORTED_EX */ out_uint8(s, 3); /* NumIconCaches */ out_uint16_le(s, 12); /* NumIconCacheEntries */ /* 6 - bitmap cache v3 codecid */ caps_count++; out_uint16_le(s, 0x0006); out_uint16_le(s, 5); out_uint8(s, 0); /* client sets */ if (self->client_info.use_fast_path & FASTPATH_OUTPUT_SUPPORTED) /* fastpath output on */ { /* multifragment update */ caps_count++; out_uint16_le(s, RDP_CAPSET_MULTIFRAGMENT); /* 26 CAPSETTYPE_MULTIFRAGMENTUPDATE */ out_uint16_le(s, RDP_CAPLEN_MULTIFRAGMENT); out_uint32_le(s, 3 * 1024 * 1024); /* 3MB */ /* frame acks */ caps_count++; out_uint16_le(s, RDP_CAPSET_FRAME_ACKNOWLEDGE); /* CAPSETTYPE_FRAME_ACKNOWLEDGE */ out_uint16_le(s, RDP_CAPLEN_FRAME_ACKNOWLEDGE); out_uint32_le(s, 2); /* 2 frames in flight */ /* surface commands */ caps_count++; out_uint16_le(s, RDP_CAPSET_SURFCMDS); /* CAPSETTYPE_SURFACE_COMMANDS */ out_uint16_le(s, RDP_CAPLEN_SURFCMDS); /* lengthCapability */ out_uint32_le(s, (SURFCMDS_SETSURFACEBITS | SURFCMDS_FRAMEMARKER | SURFCMDS_STREAMSUFRACEBITS)); /* cmdFlags */ out_uint32_le(s, 0); /* reserved */ } out_uint8s(s, 4); /* pad */ s_mark_end(s); caps_size = (int)(s->end - caps_ptr); caps_size_ptr[0] = caps_size; caps_size_ptr[1] = caps_size >> 8; caps_count_ptr[0] = caps_count; caps_count_ptr[1] = caps_count >> 8; caps_count_ptr[2] = caps_count >> 16; caps_count_ptr[3] = caps_count >> 24; if (xrdp_rdp_send(self, s, RDP_PDU_DEMAND_ACTIVE) != 0) { free_stream(s); return 1; } DEBUG(("out (1) xrdp_caps_send_demand_active")); /* send Monitor Layout PDU for dual monitor */ if (self->client_info.monitorCount > 0 && self->client_info.multimon == 1) { DEBUG(("xrdp_caps_send_demand_active: sending monitor layout pdu")); if (xrdp_caps_send_monitorlayout(self) != 0) { g_writeln("xrdp_caps_send_demand_active: error sending monitor layout pdu"); } } free_stream(s); return 0; }
/* returns error */ static int APP_CC process_message_channel_data(struct stream *s) { int chan_id = 0; int chan_flags = 0; int rv = 0; int length = 0; int total_length = 0; struct stream *ls; in_uint16_le(s, chan_id); in_uint16_le(s, chan_flags); in_uint16_le(s, length); in_uint32_le(s, total_length); LOGM((LOG_LEVEL_DEBUG, "process_message_channel_data: chan_id %d " "chan_flags %d", chan_id, chan_flags)); LOG(10, ("process_message_channel_data")); rv = send_channel_data_response_message(); if (rv == 0) { if (chan_id == g_cliprdr_chan_id) { rv = clipboard_data_in(s, chan_id, chan_flags, length, total_length); } else if (chan_id == g_rdpsnd_chan_id) { rv = sound_data_in(s, chan_id, chan_flags, length, total_length); } else if (chan_id == g_rdpdr_chan_id) { rv = dev_redir_data_in(s, chan_id, chan_flags, length, total_length); } else if (chan_id == g_rail_chan_id) { rv = rail_data_in(s, chan_id, chan_flags, length, total_length); } else if (chan_id == g_drdynvc_chan_id) { rv = drdynvc_data_in(s, chan_id, chan_flags, length, total_length); } else if (chan_id == ((struct xrdp_api_data *) (g_api_con_trans->callback_data))->chan_id) { LOG(10, ("process_message_channel_data length %d total_length %d " "chan_flags 0x%8.8x", length, total_length, chan_flags)); ls = g_api_con_trans->out_s; if (chan_flags & 1) /* first */ { init_stream(ls, total_length); } out_uint8a(ls, s->p, length); if (chan_flags & 2) /* last */ { s_mark_end(ls); trans_force_write(g_api_con_trans); } } } return rv; }
static void rdpusb_reap_urbs (void) { STREAM s; PVUSBURB pUrb = NULL; PUSBPROXYDEV proxy = g_proxies; while (proxy) { pUrb = op_usbproxy_back_reap_urb(proxy, 0); if (pUrb) { int datalen = 0; Log(("RDPUSB: rdpusb_reap_urbs: cbData = %d, enmStatus = %d\n", pUrb->cbData, pUrb->enmStatus)); if (pUrb->enmDir == VUSB_DIRECTION_IN) { datalen = pUrb->cbData; } s = rdpusb_init_packet(14 + datalen, RDPUSB_REQ_REAP_URB); out_uint32_le(s, proxy->devid); out_uint8(s, VRDP_USB_REAP_FLAG_LAST); out_uint8(s, pUrb->enmStatus); out_uint32_le(s, pUrb->handle); out_uint32_le(s, pUrb->cbData); if (datalen) { out_uint8a (s, pUrb->abData, datalen); } s_mark_end(s); rdpusb_send(s); if (pUrb->pPrev || pUrb->pNext || pUrb == proxy->pUrbs) { /* Remove the URB from list. */ if (pUrb->pPrev) { pUrb->pPrev->pNext = pUrb->pNext; } else { proxy->pUrbs = pUrb->pNext; } if (pUrb->pNext) { pUrb->pNext->pPrev = pUrb->pPrev; } } #ifdef RDPUSB_DEBUG Log(("Going to free %p\n", pUrb)); #endif xfree (pUrb); #ifdef RDPUSB_DEBUG Log(("freed %p\n", pUrb)); #endif } proxy = proxy->pNext; } return; }
int APP_CC trans_write_copy_s(struct trans *self, struct stream *out_s) { int size; int sent; struct stream *wait_s; struct stream *temp_s; char *out_data; if (self->status != TRANS_STATUS_UP) { return 1; } /* try to send any left over */ if (trans_send_waiting(self, 0) != 0) { /* error */ self->status = TRANS_STATUS_DOWN; return 1; } out_data = out_s->data; sent = 0; size = (int) (out_s->end - out_s->data); if (self->wait_s == 0) { /* if no left over, try to send this new data */ if (g_tcp_can_send(self->sck, 0)) { sent = self->trans_send(self, out_s->data, size); if (sent > 0) { out_data += sent; size -= sent; } else if (sent == 0) { return 1; } else { if (!g_tcp_last_error_would_block(self->sck)) { return 1; } } } } if (size < 1) { return 0; } /* did not send right away, have to copy */ make_stream(wait_s); init_stream(wait_s, size); if (self->si != 0) { if ((self->si->cur_source != 0) && (self->si->cur_source != self->my_source)) { self->si->source[self->si->cur_source] += size; wait_s->source = self->si->source + self->si->cur_source; } } out_uint8a(wait_s, out_data, size); s_mark_end(wait_s); wait_s->p = wait_s->data; if (self->wait_s == 0) { self->wait_s = wait_s; } else { temp_s = self->wait_s; while (temp_s->next != 0) { temp_s = temp_s->next; } temp_s->next = wait_s; } return 0; }
/* Parse a logon info packet */ static void rdp_send_logon_info(uint32 flags, char *domain, char *user, char *password, char *program, char *directory) { char *ipaddr = tcp_get_address(); int len_domain = 2 * strlen(domain); int len_user = 2 * strlen(user); int len_password = 2 * strlen(password); int len_program = 2 * strlen(program); int len_directory = 2 * strlen(directory); int len_ip = 2 * strlen(ipaddr); int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll"); int packetlen = 0; uint32 sec_flags = g_encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; STREAM s; time_t t = time(NULL); time_t tzone; uint8 security_verifier[16]; if (g_rdp_version == RDP_V4 || 1 == g_server_rdp_version) { DEBUG_RDP5(("Sending RDP4-style Logon packet\n")); s = sec_init(sec_flags, 18 + len_domain + len_user + len_password + len_program + len_directory + 10); out_uint32(s, 0); out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); out_uint16_le(s, len_password); out_uint16_le(s, len_program); out_uint16_le(s, len_directory); rdp_out_unistr(s, domain, len_domain); rdp_out_unistr(s, user, len_user); rdp_out_unistr(s, password, len_password); rdp_out_unistr(s, program, len_program); rdp_out_unistr(s, directory, len_directory); } else { flags |= RDP_LOGON_BLOB; DEBUG_RDP5(("Sending RDP5-style Logon packet\n")); packetlen = 4 + /* Unknown uint32 */ 4 + /* flags */ 2 + /* len_domain */ 2 + /* len_user */ (flags & RDP_LOGON_AUTO ? 2 : 0) + /* len_password */ (flags & RDP_LOGON_BLOB ? 2 : 0) + /* Length of BLOB */ 2 + /* len_program */ 2 + /* len_directory */ (0 < len_domain ? len_domain : 2) + /* domain */ len_user + (flags & RDP_LOGON_AUTO ? len_password : 0) + 0 + /* We have no 512 byte BLOB. Perhaps we must? */ (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO) ? 2 : 0) + /* After the BLOB is a unknown int16. If there is a BLOB, that is. */ (0 < len_program ? len_program : 2) + (0 < len_directory ? len_directory : 2) + 2 + /* Unknown (2) */ 2 + /* Client ip length */ len_ip + /* Client ip */ 2 + /* DLL string length */ len_dll + /* DLL string */ 2 + /* Unknown */ 2 + /* Unknown */ 64 + /* Time zone #0 */ 2 + /* Unknown */ 64 + /* Time zone #1 */ 32; /* Unknown */ s = sec_init(sec_flags, packetlen); DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen)); out_uint32(s, 0); /* Unknown */ out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); if (flags & RDP_LOGON_AUTO) { out_uint16_le(s, len_password); } if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) { out_uint16_le(s, 0); } out_uint16_le(s, len_program); out_uint16_le(s, len_directory); if (0 < len_domain) rdp_out_unistr(s, domain, len_domain); else out_uint16_le(s, 0); rdp_out_unistr(s, user, len_user); if (flags & RDP_LOGON_AUTO) { rdp_out_unistr(s, password, len_password); } if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) { out_uint16_le(s, 0); } if (0 < len_program) { rdp_out_unistr(s, program, len_program); } else { out_uint16_le(s, 0); } if (0 < len_directory) { rdp_out_unistr(s, directory, len_directory); } else { out_uint16_le(s, 0); } /* TS_EXTENDED_INFO_PACKET */ out_uint16_le(s, 2); /* clientAddressFamily = AF_INET */ out_uint16_le(s, len_ip + 2); /* cbClientAddress, Length of client ip */ rdp_out_unistr(s, ipaddr, len_ip); /* clientAddress */ out_uint16_le(s, len_dll + 2); /* cbClientDir */ rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll); /* clientDir */ /* TS_TIME_ZONE_INFORMATION */ tzone = (mktime(gmtime(&t)) - mktime(localtime(&t))) / 60; out_uint32_le(s, tzone); rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid")); out_uint8s(s, 62 - 2 * strlen("GTB, normaltid")); out_uint32_le(s, 0x0a0000); out_uint32_le(s, 0x050000); out_uint32_le(s, 3); out_uint32_le(s, 0); out_uint32_le(s, 0); rdp_out_unistr(s, "GTB, sommartid", 2 * strlen("GTB, sommartid")); out_uint8s(s, 62 - 2 * strlen("GTB, sommartid")); out_uint32_le(s, 0x30000); out_uint32_le(s, 0x050000); out_uint32_le(s, 2); out_uint32(s, 0); out_uint32_le(s, 0xffffffc4); /* DaylightBias */ /* Rest of TS_EXTENDED_INFO_PACKET */ out_uint32_le(s, 0xfffffffe); /* clientSessionId, consider changing to 0 */ out_uint32_le(s, g_rdp5_performanceflags); /* Client Auto-Reconnect */ if (g_has_reconnect_random) { out_uint16_le(s, 28); /* cbAutoReconnectLen */ /* ARC_CS_PRIVATE_PACKET */ out_uint32_le(s, 28); /* cbLen */ out_uint32_le(s, 1); /* Version */ out_uint32_le(s, g_reconnect_logonid); /* LogonId */ rdssl_hmac_md5(g_reconnect_random, sizeof(g_reconnect_random), g_client_random, SEC_RANDOM_SIZE, security_verifier); out_uint8a(s, security_verifier, sizeof(security_verifier)); } else { out_uint16_le(s, 0); /* cbAutoReconnectLen */ } } s_mark_end(s); sec_send(s, sec_flags); }