/* connect to selected security layer */ BOOL nego_security_connect(rdpNego* nego) { if (!nego->tcp_connected) { nego->security_connected = FALSE; } else if (!nego->security_connected) { if (nego->selected_protocol == PROTOCOL_NLA) { DEBUG_NEGO("nego_security_connect with PROTOCOL_NLA"); nego->security_connected = transport_connect_nla(nego->transport); } else if (nego->selected_protocol == PROTOCOL_TLS) { DEBUG_NEGO("nego_security_connect with PROTOCOL_TLS"); nego->security_connected = transport_connect_tls(nego->transport); } else if (nego->selected_protocol == PROTOCOL_RDP) { DEBUG_NEGO("nego_security_connect with PROTOCOL_RDP"); nego->security_connected = transport_connect_rdp(nego->transport); } else { DEBUG_NEGO("cannot connect security layer because no protocol has been selected yet."); } } return nego->security_connected; }
/* connect to selected security layer */ BOOL nego_security_connect(rdpNego* nego) { if (!nego->TcpConnected) { nego->SecurityConnected = FALSE; } else if (!nego->SecurityConnected) { if (nego->SelectedProtocol == PROTOCOL_NLA) { WLog_DBG(TAG, "nego_security_connect with PROTOCOL_NLA"); nego->SecurityConnected = transport_connect_nla(nego->transport); } else if (nego->SelectedProtocol == PROTOCOL_TLS) { WLog_DBG(TAG, "nego_security_connect with PROTOCOL_TLS"); nego->SecurityConnected = transport_connect_tls(nego->transport); } else if (nego->SelectedProtocol == PROTOCOL_RDP) { WLog_DBG(TAG, "nego_security_connect with PROTOCOL_RDP"); nego->SecurityConnected = transport_connect_rdp(nego->transport); } else { WLog_ERR(TAG, "cannot connect security layer because no protocol has been selected yet."); } } return nego->SecurityConnected; }
BOOL transport_connect_nla(rdpTransport* transport) { freerdp* instance; rdpSettings* settings; rdpCredssp* credSsp; settings = transport->settings; instance = (freerdp*) settings->instance; if (!transport_connect_tls(transport)) return FALSE; /* Network Level Authentication */ if (!settings->Authentication) return TRUE; if (!transport->credssp) { transport->credssp = credssp_new(instance, transport, settings); if (!transport->credssp) return FALSE; transport_set_nla_mode(transport, TRUE); if (settings->AuthenticationServiceClass) { transport->credssp->ServicePrincipalName = credssp_make_spn(settings->AuthenticationServiceClass, settings->ServerHostname); if (!transport->credssp->ServicePrincipalName) return FALSE; } } credSsp = transport->credssp; if (credssp_authenticate(credSsp) < 0) { if (!connectErrorCode) connectErrorCode = AUTHENTICATIONERROR; if (!freerdp_get_last_error(instance->context)) { freerdp_set_last_error(instance->context, FREERDP_ERROR_AUTHENTICATION_FAILED); } WLog_ERR(TAG, "Authentication failure, check credentials." "If credentials are valid, the NTLMSSP implementation may be to blame."); transport_set_nla_mode(transport, FALSE); credssp_free(credSsp); transport->credssp = NULL; return FALSE; } transport_set_nla_mode(transport, FALSE); credssp_free(credSsp); transport->credssp = NULL; return TRUE; }
boolean rdp_client_connect(rdpRdp* rdp) { boolean status; uint32 selectedProtocol; rdpSettings* settings = rdp->settings; nego_init(rdp->nego); nego_set_target(rdp->nego, settings->hostname, settings->port); nego_set_cookie(rdp->nego, settings->username); nego_enable_rdp(rdp->nego, settings->rdp_security); if(!rdp->settings->tsg) { nego_enable_nla(rdp->nego, settings->nla_security); nego_enable_tls(rdp->nego, settings->tls_security); } if (nego_connect(rdp->nego) != true) { printf("Error: protocol security negotiation failure\n"); return false; } selectedProtocol = rdp->nego->selected_protocol; if ((selectedProtocol & PROTOCOL_TLS) || (selectedProtocol == PROTOCOL_RDP)) { if ((settings->username != NULL) && ((settings->password != NULL) || (settings->password_cookie != NULL && settings->password_cookie->length > 0))) settings->autologon = true; } status = false; if (selectedProtocol & PROTOCOL_NLA) status = transport_connect_nla(rdp->transport); else if (selectedProtocol & PROTOCOL_TLS) status = transport_connect_tls(rdp->transport); else if (selectedProtocol == PROTOCOL_RDP) /* 0 */ status = transport_connect_rdp(rdp->transport); if (status != true) return false; rdp_set_blocking_mode(rdp, false); rdp->state = CONNECTION_STATE_NEGO; rdp->finalize_sc_pdus = 0; if (mcs_send_connect_initial(rdp->mcs) != true) { printf("Error: unable to send MCS Connect Initial\n"); return false; } while (rdp->state != CONNECTION_STATE_ACTIVE) { if (rdp_check_fds(rdp) < 0) return false; } return true; }
boolean rdp_client_connect(rdpRdp* rdp) { boolean status; rdp->settings->autologon = 1; nego_init(rdp->nego); nego_set_target(rdp->nego, rdp->settings->hostname, rdp->settings->port); nego_set_cookie(rdp->nego, rdp->settings->username); nego_enable_rdp(rdp->nego, rdp->settings->rdp_security); nego_enable_nla(rdp->nego, rdp->settings->nla_security); nego_enable_tls(rdp->nego, rdp->settings->tls_security); if (nego_connect(rdp->nego) != True) { printf("Error: protocol security negotiation failure\n"); return False; } status = False; if (rdp->nego->selected_protocol & PROTOCOL_NLA) status = transport_connect_nla(rdp->transport); else if (rdp->nego->selected_protocol & PROTOCOL_TLS) status = transport_connect_tls(rdp->transport); else if (rdp->nego->selected_protocol == PROTOCOL_RDP) /* 0 */ status = transport_connect_rdp(rdp->transport); if (status != True) return False; rdp_set_blocking_mode(rdp, False); rdp->state = CONNECTION_STATE_NEGO; if (mcs_send_connect_initial(rdp->mcs) != True) { printf("Error: unable to send MCS Connect Initial\n"); return False; } while (rdp->state != CONNECTION_STATE_ACTIVE) { if (rdp_check_fds(rdp) < 0) return False; } return True; }
/* connect to selected security layer */ boolean nego_security_connect(rdpNego* nego) { if(!nego->tcp_connected) { nego->security_connected = false; } else if (!nego->security_connected) { if (nego->enabled_protocols[PROTOCOL_NLA] > 0) nego->security_connected = transport_connect_nla(nego->transport); else if (nego->enabled_protocols[PROTOCOL_TLS] > 0) nego->security_connected = transport_connect_tls(nego->transport); else if (nego->enabled_protocols[PROTOCOL_RDP] > 0) nego->security_connected = transport_connect_rdp(nego->transport); } return nego->security_connected; }
BOOL transport_connect_nla(rdpTransport* transport) { freerdp* instance; rdpSettings* settings; settings = transport->settings; instance = (freerdp*) settings->instance; if (!transport_connect_tls(transport)) return FALSE; /* Network Level Authentication */ if (!settings->Authentication) return TRUE; if (!transport->credssp) { transport->credssp = credssp_new(instance, transport, settings); if (settings->AuthenticationServiceClass) { transport->credssp->ServicePrincipalName = credssp_make_spn(settings->AuthenticationServiceClass, settings->ServerHostname); } } if (credssp_authenticate(transport->credssp) < 0) { if (!connectErrorCode) connectErrorCode = AUTHENTICATIONERROR; fprintf(stderr, "Authentication failure, check credentials.\n" "If credentials are valid, the NTLMSSP implementation may be to blame.\n"); credssp_free(transport->credssp); transport->credssp = NULL; return FALSE; } credssp_free(transport->credssp); transport->credssp = NULL; return TRUE; }
boolean rdp_client_connect(rdpRdp* rdp) { rdp->settings->autologon = 1; nego_init(rdp->nego); nego_set_target(rdp->nego, rdp->settings->hostname, 3389); nego_set_cookie(rdp->nego, rdp->settings->username); nego_enable_rdp(rdp->nego, rdp->settings->rdp_security); nego_enable_nla(rdp->nego, rdp->settings->nla_security); nego_enable_tls(rdp->nego, rdp->settings->tls_security); if (nego_connect(rdp->nego) != True) { printf("Error: protocol security negotiation failure\n"); return False; } if (rdp->nego->selected_protocol & PROTOCOL_NLA) transport_connect_nla(rdp->transport); else if (rdp->nego->selected_protocol & PROTOCOL_TLS) transport_connect_tls(rdp->transport); else if (rdp->nego->selected_protocol & PROTOCOL_RDP) transport_connect_rdp(rdp->transport); if (mcs_connect(rdp->mcs) != True) { printf("Error: Multipoint Connection Service (MCS) connection failure\n"); return False; } rdp_send_client_info(rdp); if (license_connect(rdp->license) != True) { printf("Error: license connection sequence failure\n"); return False; } rdp->licensed = True; rdp_client_activate(rdp); rdp_set_blocking_mode(rdp, False); return True; }
BOOL transport_connect_nla(rdpTransport* transport) { rdpContext* context = transport->context; rdpSettings* settings = context->settings; freerdp* instance = context->instance; rdpRdp* rdp = context->rdp; if (!transport_connect_tls(transport)) return FALSE; if (!settings->Authentication) return TRUE; rdp->nla = nla_new(instance, transport, settings); if (!rdp->nla) return FALSE; transport_set_nla_mode(transport, TRUE); if (settings->AuthenticationServiceClass) { rdp->nla->ServicePrincipalName = nla_make_spn(settings->AuthenticationServiceClass, settings->ServerHostname); if (!rdp->nla->ServicePrincipalName) return FALSE; } if (nla_client_begin(rdp->nla) < 0) { if (!freerdp_get_last_error(context)) freerdp_set_last_error(context, FREERDP_ERROR_AUTHENTICATION_FAILED); transport_set_nla_mode(transport, FALSE); return FALSE; } rdp_client_transition_to_state(rdp, CONNECTION_STATE_NLA); return TRUE; }
BOOL transport_connect_nla(rdpTransport* transport) { freerdp* instance; rdpSettings* settings; if (transport->layer == TRANSPORT_LAYER_TSG) return TRUE; if (!transport_connect_tls(transport)) return FALSE; /* Network Level Authentication */ if (transport->settings->Authentication != TRUE) return TRUE; settings = transport->settings; instance = (freerdp*) settings->instance; if (transport->credssp == NULL) transport->credssp = credssp_new(instance, transport, settings); if (credssp_authenticate(transport->credssp) < 0) { if (!connectErrorCode) connectErrorCode = AUTHENTICATIONERROR; fprintf(stderr, "Authentication failure, check credentials.\n" "If credentials are valid, the NTLMSSP implementation may be to blame.\n"); credssp_free(transport->credssp); transport->credssp = NULL; return FALSE; } credssp_free(transport->credssp); return TRUE; }
tbool rdp_client_connect(rdpRdp* rdp) { tbool status; uint32 selectedProtocol; rdpSettings* settings = rdp->settings; nego_init(rdp->nego); nego_set_target(rdp->nego, settings->hostname, settings->port); nego_set_cookie(rdp->nego, settings->username); nego_enable_rdp(rdp->nego, settings->rdp_security); nego_enable_nla(rdp->nego, settings->nla_security); nego_enable_tls(rdp->nego, settings->tls_security); if (nego_connect(rdp->nego) == false) { printf("Error: protocol security negotiation failure\n"); return false; } selectedProtocol = rdp->nego->selected_protocol; if ((selectedProtocol & PROTOCOL_TLS) || (selectedProtocol == PROTOCOL_RDP)) { if ((settings->username != NULL) && ((settings->password != NULL) || (settings->password_cookie != NULL && settings->password_cookie->length > 0))) settings->autologon = true; } status = false; if (selectedProtocol & PROTOCOL_NLA) { status = transport_connect_nla(rdp->transport); } else if (selectedProtocol & PROTOCOL_TLS) { status = transport_connect_tls(rdp->transport); } else if (selectedProtocol == PROTOCOL_RDP) /* 0 */ { status = transport_connect_rdp(rdp->transport); } if (status == false) { return false; } rdp_set_blocking_mode(rdp, false); rdp->state = CONNECTION_STATE_NEGO; rdp->finalize_sc_pdus = 0; LLOGLN(10, ("rdp_client_connect: calling mcs_send_connect_initial")); //freerdp_usleep(1000 * 1000 * 10); if (mcs_send_connect_initial(rdp->mcs) == false) { printf("Error: unable to send MCS Connect Initial\n"); return false; } //freerdp_usleep(1000 * 1000 * 10); while (rdp->state != CONNECTION_STATE_ACTIVE) { /* TODO: don't use sleep here */ freerdp_usleep(1000 * 100); if (rdp_check_fds(rdp) < 0) { LLOGLN(0, ("rdp_client_connect: error rdp_check_fds failed")); return false; } } return true; }