/**
* Function description
*
* @return 0 on success, otherwise a Win32 error code
*/
static UINT rdpgfx_send_caps_advertise_pdu(RDPGFX_CHANNEL_CALLBACK* callback)
{
UINT error;
wStream* s;
UINT16 index;
RDPGFX_PLUGIN* gfx;
RDPGFX_HEADER header;
RDPGFX_CAPSET* capsSet;
RDPGFX_CAPSET capsSets[RDPGFX_NUMBER_CAPSETS];
RDPGFX_CAPS_ADVERTISE_PDU pdu;
gfx = (RDPGFX_PLUGIN*) callback->plugin;
header.flags = 0;
header.cmdId = RDPGFX_CMDID_CAPSADVERTISE;
pdu.capsSetCount = 0;
pdu.capsSets = (RDPGFX_CAPSET*) capsSets;
capsSet = &capsSets[pdu.capsSetCount++];
capsSet->version = RDPGFX_CAPVERSION_8;
capsSet->flags = 0;
if (gfx->ThinClient)
capsSet->flags |= RDPGFX_CAPS_FLAG_THINCLIENT;
/* in CAPVERSION_8 the spec says that we should not have both
* thinclient and smallcache (and thinclient implies a small cache)
*/
if (gfx->SmallCache && !gfx->ThinClient)
capsSet->flags |= RDPGFX_CAPS_FLAG_SMALL_CACHE;
capsSet = &capsSets[pdu.capsSetCount++];
capsSet->version = RDPGFX_CAPVERSION_81;
capsSet->flags = 0;
if (gfx->ThinClient)
capsSet->flags |= RDPGFX_CAPS_FLAG_THINCLIENT;
if (gfx->SmallCache)
capsSet->flags |= RDPGFX_CAPS_FLAG_SMALL_CACHE;
#ifdef WITH_GFX_H264
if (gfx->H264)
capsSet->flags |= RDPGFX_CAPS_FLAG_AVC420_ENABLED;
#endif
if (!gfx->H264 || gfx->AVC444)
{
capsSet = &capsSets[pdu.capsSetCount++];
capsSet->version = RDPGFX_CAPVERSION_10;
capsSet->flags = 0;
if (gfx->SmallCache)
capsSet->flags |= RDPGFX_CAPS_FLAG_SMALL_CACHE;
#ifdef WITH_GFX_H264
if (!gfx->AVC444)
capsSet->flags |= RDPGFX_CAPS_FLAG_AVC_DISABLED;
#else
capsSet->flags |= RDPGFX_CAPS_FLAG_AVC_DISABLED;
#endif
capsSets[pdu.capsSetCount] = *capsSet;
capsSets[pdu.capsSetCount++].version = RDPGFX_CAPVERSION_102;
capsSets[pdu.capsSetCount] = *capsSet;
capsSets[pdu.capsSetCount++].version = RDPGFX_CAPVERSION_103;
}
header.pduLength = RDPGFX_HEADER_SIZE + 2 + (pdu.capsSetCount * RDPGFX_CAPSET_SIZE);
WLog_Print(gfx->log, WLOG_DEBUG, "SendCapsAdvertisePdu %"PRIu16"", pdu.capsSetCount);
s = Stream_New(NULL, header.pduLength);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return CHANNEL_RC_NO_MEMORY;
}
if ((error = rdpgfx_write_header(s, &header)))
goto fail;
/* RDPGFX_CAPS_ADVERTISE_PDU */
Stream_Write_UINT16(s, pdu.capsSetCount); /* capsSetCount (2 bytes) */
for (index = 0; index < pdu.capsSetCount; index++)
{
capsSet = &(pdu.capsSets[index]);
Stream_Write_UINT32(s, capsSet->version); /* version (4 bytes) */
Stream_Write_UINT32(s, 4); /* capsDataLength (4 bytes) */
Stream_Write_UINT32(s, capsSet->flags); /* capsData (4 bytes) */
}
Stream_SealLength(s);
error = callback->channel->Write(callback->channel, (UINT32) Stream_Length(s),
Stream_Buffer(s), NULL);
fail:
Stream_Free(s, TRUE);
return error;
}
void credssp_send(rdpCredssp* credssp)
{
wStream* s;
int length;
int ts_request_length;
int nego_tokens_length;
int pub_key_auth_length;
int auth_info_length;
nego_tokens_length = (credssp->negoToken.cbBuffer > 0) ? credssp_sizeof_nego_tokens(credssp->negoToken.cbBuffer) : 0;
pub_key_auth_length = (credssp->pubKeyAuth.cbBuffer > 0) ? credssp_sizeof_pub_key_auth(credssp->pubKeyAuth.cbBuffer) : 0;
auth_info_length = (credssp->authInfo.cbBuffer > 0) ? credssp_sizeof_auth_info(credssp->authInfo.cbBuffer) : 0;
length = nego_tokens_length + pub_key_auth_length + auth_info_length;
ts_request_length = credssp_sizeof_ts_request(length);
s = Stream_New(NULL, ber_sizeof_sequence(ts_request_length));
/* TSRequest */
ber_write_sequence_tag(s, ts_request_length); /* SEQUENCE */
/* [0] version */
ber_write_contextual_tag(s, 0, 3, TRUE);
ber_write_integer(s, 2); /* INTEGER */
/* [1] negoTokens (NegoData) */
if (nego_tokens_length > 0)
{
length = nego_tokens_length;
length -= ber_write_contextual_tag(s, 1, ber_sizeof_sequence(ber_sizeof_sequence(ber_sizeof_sequence_octet_string(credssp->negoToken.cbBuffer))), TRUE); /* NegoData */
length -= ber_write_sequence_tag(s, ber_sizeof_sequence(ber_sizeof_sequence_octet_string(credssp->negoToken.cbBuffer))); /* SEQUENCE OF NegoDataItem */
length -= ber_write_sequence_tag(s, ber_sizeof_sequence_octet_string(credssp->negoToken.cbBuffer)); /* NegoDataItem */
length -= ber_write_sequence_octet_string(s, 0, (BYTE*) credssp->negoToken.pvBuffer, credssp->negoToken.cbBuffer); /* OCTET STRING */
// assert length == 0
}
/* [2] authInfo (OCTET STRING) */
if (auth_info_length > 0)
{
length = auth_info_length;
length -= ber_write_sequence_octet_string(s, 2, credssp->authInfo.pvBuffer, credssp->authInfo.cbBuffer);
// assert length == 0
}
/* [3] pubKeyAuth (OCTET STRING) */
if (pub_key_auth_length > 0)
{
length = pub_key_auth_length;
length -= ber_write_sequence_octet_string(s, 3, credssp->pubKeyAuth.pvBuffer, credssp->pubKeyAuth.cbBuffer);
// assert length == 0
}
Stream_SealLength(s);
transport_write(credssp->transport, s);
Stream_Free(s, TRUE);
}
int transport_check_fds(rdpTransport** ptransport)
{
int pos;
int status;
UINT16 length;
int recv_status;
wStream* received;
rdpTransport* transport = *ptransport;
#ifdef _WIN32
WSAResetEvent(transport->TcpIn->wsa_event);
#endif
ResetEvent(transport->ReceiveEvent);
status = transport_read_nonblocking(transport);
if (status < 0)
return status;
while ((pos = Stream_GetPosition(transport->ReceiveBuffer)) > 0)
{
Stream_SetPosition(transport->ReceiveBuffer, 0);
if (tpkt_verify_header(transport->ReceiveBuffer)) /* TPKT */
{
/* Ensure the TPKT header is available. */
if (pos <= 4)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0;
}
length = tpkt_read_header(transport->ReceiveBuffer);
}
else if (nla_verify_header(transport->ReceiveBuffer))
{
/* TSRequest */
/* Ensure the TSRequest header is available. */
if (pos <= 4)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0;
}
/* TSRequest header can be 2, 3 or 4 bytes long */
length = nla_header_length(transport->ReceiveBuffer);
if (pos < length)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0;
}
length = nla_read_header(transport->ReceiveBuffer);
}
else /* Fast Path */
{
/* Ensure the Fast Path header is available. */
if (pos <= 2)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0;
}
/* Fastpath header can be two or three bytes long. */
length = fastpath_header_length(transport->ReceiveBuffer);
if (pos < length)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0;
}
length = fastpath_read_header(NULL, transport->ReceiveBuffer);
}
if (length == 0)
{
fprintf(stderr, "transport_check_fds: protocol error, not a TPKT or Fast Path header.\n");
winpr_HexDump(Stream_Buffer(transport->ReceiveBuffer), pos);
return -1;
}
if (pos < length)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0; /* Packet is not yet completely received. */
}
received = transport->ReceiveBuffer;
transport->ReceiveBuffer = StreamPool_Take(transport->ReceivePool, 0);
Stream_SetPosition(received, length);
Stream_SealLength(received);
Stream_SetPosition(received, 0);
recv_status = transport->ReceiveCallback(transport, received, transport->ReceiveExtra);
if (transport == *ptransport)
/* transport might now have been freed by rdp_client_redirect and a new rdp->transport created */
/* so only release if still valid */
Stream_Release(received);
if (recv_status < 0)
status = -1;
if (status < 0)
return status;
/* transport might now have been freed by rdp_client_redirect and a new rdp->transport created */
transport = *ptransport;
}
return 0;
}
/**
* @brief Try to read a complete PDU (NLA, fast-path or tpkt) from the underlying transport.
*
* If possible a complete PDU is read, in case of non blocking transport this might not succeed.
* Except in case of an error the passed stream will point to the last byte read (correct
* position). When the pdu read is completed the stream is sealed and the pointer set to 0
*
* @param[in] transport rdpTransport
* @param[in] s wStream
* @return < 0 on error; 0 if not enough data is available (non blocking mode); > 0 number of
* bytes of the *complete* pdu read
*/
int transport_read_pdu(rdpTransport* transport, wStream* s)
{
int status;
int position;
int pduLength;
BYTE* header;
position = 0;
pduLength = 0;
if (!transport)
return -1;
if (!s)
return -1;
position = Stream_GetPosition(s);
/* Make sure there is enough space for the longest header within the stream */
Stream_EnsureCapacity(s, 4);
/* Make sure at least two bytes are read for futher processing */
if (position < 2 && (status = transport_read_layer_bytes(transport, s, 2 - position)) != 1)
{
/* No data available at the moment */
return status;
}
header = Stream_Buffer(s);
if (transport->NlaMode)
{
/*
* In case NlaMode is set TSRequest package(s) are expected
* 0x30 = DER encoded data with these bits set:
* bit 6 P/C constructed
* bit 5 tag number - sequence
*/
if (header[0] == 0x30)
{
/* TSRequest (NLA) */
if (header[1] & 0x80)
{
if ((header[1] & ~(0x80)) == 1)
{
if ((status = transport_read_layer_bytes(transport, s, 1)) != 1)
return status;
pduLength = header[2];
pduLength += 3;
}
else if ((header[1] & ~(0x80)) == 2)
{
if ((status = transport_read_layer_bytes(transport, s, 2)) != 1)
return status;
pduLength = (header[2] << 8) | header[3];
pduLength += 4;
}
else
{
WLog_ERR(TAG, "Error reading TSRequest!");
return -1;
}
}
else
{
pduLength = header[1];
pduLength += 2;
}
}
}
else
{
if (header[0] == 0x03)
{
/* TPKT header */
if ((status = transport_read_layer_bytes(transport, s, 2)) != 1)
return status;
pduLength = (header[2] << 8) | header[3];
/* min and max values according to ITU-T Rec. T.123 (01/2007) section 8 */
if (pduLength < 7 || pduLength > 0xFFFF)
{
WLog_ERR(TAG, "tpkt - invalid pduLength: %d", pduLength);
return -1;
}
}
else
{
/* Fast-Path Header */
if (header[1] & 0x80)
{
if ((status = transport_read_layer_bytes(transport, s, 1)) != 1)
return status;
pduLength = ((header[1] & 0x7F) << 8) | header[2];
}
else
pduLength = header[1];
/*
* fast-path has 7 bits for length so the maximum size, including headers is 0x8000
* The theoretical minimum fast-path PDU consists only of two header bytes plus one
* byte for data (e.g. fast-path input synchronize pdu)
*/
if (pduLength < 3 || pduLength > 0x8000)
{
WLog_ERR(TAG, "fast path - invalid pduLength: %d", pduLength);
return -1;
}
}
}
Stream_EnsureCapacity(s, Stream_GetPosition(s) + pduLength);
status = transport_read_layer_bytes(transport, s, pduLength - Stream_GetPosition(s));
if (status != 1)
return status;
#ifdef WITH_DEBUG_TRANSPORT
/* dump when whole PDU is read */
if (Stream_GetPosition(s) >= pduLength)
{
WLog_DBG(TAG, "Local < Remote");
winpr_HexDump(TAG, WLOG_DEBUG, Stream_Buffer(s), pduLength);
}
#endif
if (Stream_GetPosition(s) >= pduLength)
WLog_Packet(transport->log, WLOG_TRACE, Stream_Buffer(s), pduLength, WLOG_PACKET_INBOUND);
Stream_SealLength(s);
Stream_SetPosition(s, 0);
return Stream_Length(s);
}
UINT32 smartcard_irp_device_control_call(SMARTCARD_DEVICE* smartcard, SMARTCARD_OPERATION* operation)
{
IRP* irp;
UINT32 result;
UINT32 offset;
ULONG_PTR* call;
UINT32 ioControlCode;
UINT32 outputBufferLength;
UINT32 objectBufferLength;
irp = operation->irp;
call = operation->call;
ioControlCode = operation->ioControlCode;
/**
* [MS-RDPESC] 3.2.5.1: Sending Outgoing Messages:
* the output buffer length SHOULD be set to 2048
*
* Since it's a SHOULD and not a MUST, we don't care
* about it, but we still reserve at least 2048 bytes.
*/
Stream_EnsureRemainingCapacity(irp->output, 2048);
/* Device Control Response */
Stream_Seek_UINT32(irp->output); /* OutputBufferLength (4 bytes) */
Stream_Seek(irp->output, SMARTCARD_COMMON_TYPE_HEADER_LENGTH); /* CommonTypeHeader (8 bytes) */
Stream_Seek(irp->output, SMARTCARD_PRIVATE_TYPE_HEADER_LENGTH); /* PrivateTypeHeader (8 bytes) */
Stream_Seek_UINT32(irp->output); /* Result (4 bytes) */
/* Call */
switch (ioControlCode)
{
case SCARD_IOCTL_ESTABLISHCONTEXT:
result = smartcard_EstablishContext_Call(smartcard, operation, (EstablishContext_Call*) call);
break;
case SCARD_IOCTL_RELEASECONTEXT:
result = smartcard_ReleaseContext_Call(smartcard, operation, (Context_Call*) call);
break;
case SCARD_IOCTL_ISVALIDCONTEXT:
result = smartcard_IsValidContext_Call(smartcard, operation, (Context_Call*) call);
break;
case SCARD_IOCTL_LISTREADERGROUPSA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_LISTREADERGROUPSW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_LISTREADERSA:
result = smartcard_ListReadersA_Call(smartcard, operation, (ListReaders_Call*) call);
break;
case SCARD_IOCTL_LISTREADERSW:
result = smartcard_ListReadersW_Call(smartcard, operation, (ListReaders_Call*) call);
break;
case SCARD_IOCTL_INTRODUCEREADERGROUPA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_INTRODUCEREADERGROUPW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_FORGETREADERGROUPA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_FORGETREADERGROUPW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_INTRODUCEREADERA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_INTRODUCEREADERW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_FORGETREADERA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_FORGETREADERW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_ADDREADERTOGROUPA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_ADDREADERTOGROUPW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_REMOVEREADERFROMGROUPA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_REMOVEREADERFROMGROUPW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_LOCATECARDSA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_LOCATECARDSW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_GETSTATUSCHANGEA:
result = smartcard_GetStatusChangeA_Call(smartcard, operation, (GetStatusChangeA_Call*) call);
break;
case SCARD_IOCTL_GETSTATUSCHANGEW:
result = smartcard_GetStatusChangeW_Call(smartcard, operation, (GetStatusChangeW_Call*) call);
break;
case SCARD_IOCTL_CANCEL:
result = smartcard_Cancel_Call(smartcard, operation, (Context_Call*) call);
break;
case SCARD_IOCTL_CONNECTA:
result = smartcard_ConnectA_Call(smartcard, operation, (ConnectA_Call*) call);
break;
case SCARD_IOCTL_CONNECTW:
result = smartcard_ConnectW_Call(smartcard, operation, (ConnectW_Call*) call);
break;
case SCARD_IOCTL_RECONNECT:
result = smartcard_Reconnect_Call(smartcard, operation, (Reconnect_Call*) call);
break;
case SCARD_IOCTL_DISCONNECT:
result = smartcard_Disconnect_Call(smartcard, operation, (HCardAndDisposition_Call*) call);
break;
case SCARD_IOCTL_BEGINTRANSACTION:
result = smartcard_BeginTransaction_Call(smartcard, operation, (HCardAndDisposition_Call*) call);
break;
case SCARD_IOCTL_ENDTRANSACTION:
result = smartcard_EndTransaction_Call(smartcard, operation, (HCardAndDisposition_Call*) call);
break;
case SCARD_IOCTL_STATE:
result = smartcard_State_Call(smartcard, operation, (State_Call*) call);
break;
case SCARD_IOCTL_STATUSA:
result = smartcard_StatusA_Call(smartcard, operation, (Status_Call*) call);
break;
case SCARD_IOCTL_STATUSW:
result = smartcard_StatusW_Call(smartcard, operation, (Status_Call*) call);
break;
case SCARD_IOCTL_TRANSMIT:
result = smartcard_Transmit_Call(smartcard, operation, (Transmit_Call*) call);
break;
case SCARD_IOCTL_CONTROL:
result = smartcard_Control_Call(smartcard, operation, (Control_Call*) call);
break;
case SCARD_IOCTL_GETATTRIB:
result = smartcard_GetAttrib_Call(smartcard, operation, (GetAttrib_Call*) call);
break;
case SCARD_IOCTL_SETATTRIB:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_ACCESSSTARTEDEVENT:
result = smartcard_AccessStartedEvent_Call(smartcard, operation, (Long_Call*) call);
break;
case SCARD_IOCTL_LOCATECARDSBYATRA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_LOCATECARDSBYATRW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_READCACHEA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_READCACHEW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_WRITECACHEA:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_WRITECACHEW:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_GETTRANSMITCOUNT:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_RELEASESTARTEDEVENT:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_GETREADERICON:
result = SCARD_F_INTERNAL_ERROR;
break;
case SCARD_IOCTL_GETDEVICETYPEID:
result = SCARD_F_INTERNAL_ERROR;
break;
default:
result = STATUS_UNSUCCESSFUL;
break;
}
free(call);
/**
* [MS-RPCE] 2.2.6.3 Primitive Type Serialization
* The type MUST be aligned on an 8-byte boundary. If the size of the
* primitive type is not a multiple of 8 bytes, the data MUST be padded.
*/
if ((ioControlCode != SCARD_IOCTL_ACCESSSTARTEDEVENT) &&
(ioControlCode != SCARD_IOCTL_RELEASESTARTEDEVENT))
{
offset = (RDPDR_DEVICE_IO_RESPONSE_LENGTH + RDPDR_DEVICE_IO_CONTROL_RSP_HDR_LENGTH);
smartcard_pack_write_size_align(smartcard, irp->output,
Stream_GetPosition(irp->output) - offset, 8);
}
if ((result != SCARD_S_SUCCESS) && (result != SCARD_E_TIMEOUT) &&
(result != SCARD_E_NO_READERS_AVAILABLE) && (result != SCARD_E_NO_SERVICE))
{
WLog_Print(smartcard->log, WLOG_WARN,
"IRP failure: %s (0x%08X), status: %s (0x%08X)",
smartcard_get_ioctl_string(ioControlCode, TRUE), ioControlCode,
SCardGetErrorString(result), result);
}
irp->IoStatus = 0;
if ((result & 0xC0000000) == 0xC0000000)
{
/* NTSTATUS error */
irp->IoStatus = result;
Stream_SetPosition(irp->output, RDPDR_DEVICE_IO_RESPONSE_LENGTH);
WLog_Print(smartcard->log, WLOG_WARN,
"IRP failure: %s (0x%08X), ntstatus: 0x%08X",
smartcard_get_ioctl_string(ioControlCode, TRUE), ioControlCode, result);
}
Stream_SealLength(irp->output);
outputBufferLength = Stream_Length(irp->output) - RDPDR_DEVICE_IO_RESPONSE_LENGTH - 4;
objectBufferLength = outputBufferLength - RDPDR_DEVICE_IO_RESPONSE_LENGTH;
Stream_SetPosition(irp->output, RDPDR_DEVICE_IO_RESPONSE_LENGTH);
/* Device Control Response */
Stream_Write_UINT32(irp->output, outputBufferLength); /* OutputBufferLength (4 bytes) */
smartcard_pack_common_type_header(smartcard, irp->output); /* CommonTypeHeader (8 bytes) */
smartcard_pack_private_type_header(smartcard, irp->output, objectBufferLength); /* PrivateTypeHeader (8 bytes) */
Stream_Write_UINT32(irp->output, result); /* Result (4 bytes) */
Stream_SetPosition(irp->output, Stream_Length(irp->output));
return SCARD_S_SUCCESS;
}
int disp_send_display_control_monitor_layout_pdu(DISP_CHANNEL_CALLBACK* callback, UINT32 NumMonitors, DISPLAY_CONTROL_MONITOR_LAYOUT* Monitors)
{
int status;
wStream* s;
UINT32 type;
UINT32 index;
UINT32 length;
DISP_PLUGIN* disp;
UINT32 MonitorLayoutSize;
disp = (DISP_PLUGIN*) callback->plugin;
MonitorLayoutSize = 40;
length = 8 + 8 + (NumMonitors * MonitorLayoutSize);
type = DISPLAY_CONTROL_PDU_TYPE_MONITOR_LAYOUT;
s = Stream_New(NULL, length);
Stream_Write_UINT32(s, type); /* Type (4 bytes) */
Stream_Write_UINT32(s, length); /* Length (4 bytes) */
if (NumMonitors > disp->MaxNumMonitors)
NumMonitors = disp->MaxNumMonitors;
Stream_Write_UINT32(s, MonitorLayoutSize); /* MonitorLayoutSize (4 bytes) */
Stream_Write_UINT32(s, NumMonitors); /* NumMonitors (4 bytes) */
//WLog_ERR(TAG, "NumMonitors: %d\n", NumMonitors);
for (index = 0; index < NumMonitors; index++)
{
Monitors[index].Width -= (Monitors[index].Width % 2);
if (Monitors[index].Width < 200)
Monitors[index].Width = 200;
if (Monitors[index].Width > 8192)
Monitors[index].Width = 8192;
if (Monitors[index].Width % 2)
Monitors[index].Width++;
if (Monitors[index].Height < 200)
Monitors[index].Height = 200;
if (Monitors[index].Height > 8192)
Monitors[index].Height = 8192;
Stream_Write_UINT32(s, Monitors[index].Flags); /* Flags (4 bytes) */
Stream_Write_UINT32(s, Monitors[index].Left); /* Left (4 bytes) */
Stream_Write_UINT32(s, Monitors[index].Top); /* Top (4 bytes) */
Stream_Write_UINT32(s, Monitors[index].Width); /* Width (4 bytes) */
Stream_Write_UINT32(s, Monitors[index].Height); /* Height (4 bytes) */
Stream_Write_UINT32(s, Monitors[index].PhysicalWidth); /* PhysicalWidth (4 bytes) */
Stream_Write_UINT32(s, Monitors[index].PhysicalHeight); /* PhysicalHeight (4 bytes) */
Stream_Write_UINT32(s, Monitors[index].Orientation); /* Orientation (4 bytes) */
Stream_Write_UINT32(s, Monitors[index].DesktopScaleFactor); /* DesktopScaleFactor (4 bytes) */
Stream_Write_UINT32(s, Monitors[index].DeviceScaleFactor); /* DeviceScaleFactor (4 bytes) */
#if 0
WLog_DBG(TAG, "\t: Flags: 0x%04X\n", Monitors[index].Flags);
WLog_DBG(TAG, "\t: Left: %d\n", Monitors[index].Left);
WLog_DBG(TAG, "\t: Top: %d\n", Monitors[index].Top);
WLog_DBG(TAG, "\t: Width: %d\n", Monitors[index].Width);
WLog_DBG(TAG, "\t: Height: %d\n", Monitors[index].Height);
WLog_DBG(TAG, "\t: PhysicalWidth: %d\n", Monitors[index].PhysicalWidth);
WLog_DBG(TAG, "\t: PhysicalHeight: %d\n", Monitors[index].PhysicalHeight);
WLog_DBG(TAG, "\t: Orientation: %d\n", Monitors[index].Orientation);
#endif
}
Stream_SealLength(s);
status = callback->channel->Write(callback->channel, (UINT32) Stream_Length(s), Stream_Buffer(s), NULL);
Stream_Free(s, TRUE);
return status;
}int disp_recv_display_control_caps_pdu(DISP_CHANNEL_CALLBACK* callback, wStream* s)
BOOL nego_send_negotiation_request(rdpNego* nego)
{
wStream* s;
int length;
int bm, em;
BYTE flags = 0;
int cookie_length;
s = Stream_New(NULL, 512);
length = TPDU_CONNECTION_REQUEST_LENGTH;
bm = Stream_GetPosition(s);
Stream_Seek(s, length);
if (nego->RoutingToken)
{
Stream_Write(s, nego->RoutingToken, nego->RoutingTokenLength);
/* Ensure Routing Token is correctly terminated - may already be present in string */
if ((nego->RoutingTokenLength > 2) &&
(nego->RoutingToken[nego->RoutingTokenLength - 2] == 0x0D) &&
(nego->RoutingToken[nego->RoutingTokenLength - 1] == 0x0A))
{
WLog_DBG(TAG, "Routing token looks correctly terminated - use verbatim");
length +=nego->RoutingTokenLength;
}
else
{
WLog_DBG(TAG, "Adding terminating CRLF to routing token");
Stream_Write_UINT8(s, 0x0D); /* CR */
Stream_Write_UINT8(s, 0x0A); /* LF */
length += nego->RoutingTokenLength + 2;
}
}
else if (nego->cookie)
{
cookie_length = strlen(nego->cookie);
if (cookie_length > (int) nego->CookieMaxLength)
cookie_length = nego->CookieMaxLength;
Stream_Write(s, "Cookie: mstshash=", 17);
Stream_Write(s, (BYTE*) nego->cookie, cookie_length);
Stream_Write_UINT8(s, 0x0D); /* CR */
Stream_Write_UINT8(s, 0x0A); /* LF */
length += cookie_length + 19;
}
WLog_DBG(TAG, "RequestedProtocols: %d", nego->RequestedProtocols);
if ((nego->RequestedProtocols > PROTOCOL_RDP) || (nego->sendNegoData))
{
/* RDP_NEG_DATA must be present for TLS and NLA */
if (nego->RestrictedAdminModeRequired)
flags |= RESTRICTED_ADMIN_MODE_REQUIRED;
Stream_Write_UINT8(s, TYPE_RDP_NEG_REQ);
Stream_Write_UINT8(s, flags);
Stream_Write_UINT16(s, 8); /* RDP_NEG_DATA length (8) */
Stream_Write_UINT32(s, nego->RequestedProtocols); /* requestedProtocols */
length += 8;
}
em = Stream_GetPosition(s);
Stream_SetPosition(s, bm);
tpkt_write_header(s, length);
tpdu_write_connection_request(s, length - 5);
Stream_SetPosition(s, em);
Stream_SealLength(s);
if (transport_write(nego->transport, s) < 0)
{
Stream_Free(s, TRUE);
return FALSE;
}
Stream_Free(s, TRUE);
return TRUE;
}
BOOL nla_send(rdpNla* nla)
{
wStream* s;
int length;
int ts_request_length;
int nego_tokens_length = 0;
int pub_key_auth_length = 0;
int auth_info_length = 0;
int error_code_context_length = 0;
int error_code_length = 0;
if (nla->version < 3 || nla->errorCode == 0)
{
nego_tokens_length = (nla->negoToken.cbBuffer > 0) ? nla_sizeof_nego_tokens(nla->negoToken.cbBuffer) : 0;
pub_key_auth_length = (nla->pubKeyAuth.cbBuffer > 0) ? nla_sizeof_pub_key_auth(nla->pubKeyAuth.cbBuffer) : 0;
auth_info_length = (nla->authInfo.cbBuffer > 0) ? nla_sizeof_auth_info(nla->authInfo.cbBuffer) : 0;
}
else
{
error_code_length = ber_sizeof_integer(nla->errorCode);
error_code_context_length = ber_sizeof_contextual_tag(error_code_length);
}
length = nego_tokens_length + pub_key_auth_length + auth_info_length + error_code_context_length + error_code_length;
ts_request_length = nla_sizeof_ts_request(length);
s = Stream_New(NULL, ber_sizeof_sequence(ts_request_length));
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return FALSE;
}
/* TSRequest */
ber_write_sequence_tag(s, ts_request_length); /* SEQUENCE */
/* [0] version */
ber_write_contextual_tag(s, 0, 3, TRUE);
ber_write_integer(s, nla->version); /* INTEGER */
/* [1] negoTokens (NegoData) */
if (nego_tokens_length > 0)
{
length = nego_tokens_length;
length -= ber_write_contextual_tag(s, 1, ber_sizeof_sequence(ber_sizeof_sequence(ber_sizeof_sequence_octet_string(nla->negoToken.cbBuffer))), TRUE); /* NegoData */
length -= ber_write_sequence_tag(s, ber_sizeof_sequence(ber_sizeof_sequence_octet_string(nla->negoToken.cbBuffer))); /* SEQUENCE OF NegoDataItem */
length -= ber_write_sequence_tag(s, ber_sizeof_sequence_octet_string(nla->negoToken.cbBuffer)); /* NegoDataItem */
length -= ber_write_sequence_octet_string(s, 0, (BYTE*) nla->negoToken.pvBuffer, nla->negoToken.cbBuffer); /* OCTET STRING */
}
/* [2] authInfo (OCTET STRING) */
if (auth_info_length > 0)
{
length = auth_info_length;
length -= ber_write_sequence_octet_string(s, 2, nla->authInfo.pvBuffer, nla->authInfo.cbBuffer);
}
/* [3] pubKeyAuth (OCTET STRING) */
if (pub_key_auth_length > 0)
{
length = pub_key_auth_length;
length -= ber_write_sequence_octet_string(s, 3, nla->pubKeyAuth.pvBuffer, nla->pubKeyAuth.cbBuffer);
}
/* [4] errorCode (INTEGER) */
if (error_code_length > 0)
{
ber_write_contextual_tag(s, 4, error_code_length, TRUE);
ber_write_integer(s, nla->errorCode);
}
Stream_SealLength(s);
transport_write(nla->transport, s);
Stream_Free(s, TRUE);
return TRUE;
}
int transport_check_fds(rdpTransport* transport)
{
int pos;
int status;
int length;
int recv_status;
wStream* received;
if (!transport)
return -1;
#ifdef _WIN32
WSAResetEvent(transport->TcpIn->wsa_event);
#endif
ResetEvent(transport->ReceiveEvent);
/**
* Loop through and read all available PDUs. Since multiple
* PDUs can exist, it's important to deliver them all before
* returning. Otherwise we run the risk of having a thread
* wait for a socket to get signalled that data is available
* (which may never happen).
*/
for (;;)
{
status = transport_read_nonblocking(transport);
if (status <= 0)
return status;
while ((pos = Stream_GetPosition(transport->ReceiveBuffer)) > 0)
{
Stream_SetPosition(transport->ReceiveBuffer, 0);
if (tpkt_verify_header(transport->ReceiveBuffer)) /* TPKT */
{
/* Ensure the TPKT header is available. */
if (pos <= 4)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0;
}
length = tpkt_read_header(transport->ReceiveBuffer);
}
else if (nla_verify_header(transport->ReceiveBuffer))
{
/* TSRequest */
/* Ensure the TSRequest header is available. */
if (pos <= 4)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0;
}
/* TSRequest header can be 2, 3 or 4 bytes long */
length = nla_header_length(transport->ReceiveBuffer);
if (pos < length)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0;
}
length = nla_read_header(transport->ReceiveBuffer);
}
else /* Fast Path */
{
/* Ensure the Fast Path header is available. */
if (pos <= 2)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0;
}
/* Fastpath header can be two or three bytes long. */
length = fastpath_header_length(transport->ReceiveBuffer);
if (pos < length)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0;
}
length = fastpath_read_header(NULL, transport->ReceiveBuffer);
}
if (length == 0)
{
fprintf(stderr, "transport_check_fds: protocol error, not a TPKT or Fast Path header.\n");
winpr_HexDump(Stream_Buffer(transport->ReceiveBuffer), pos);
return -1;
}
if (pos < length)
{
Stream_SetPosition(transport->ReceiveBuffer, pos);
return 0; /* Packet is not yet completely received. */
}
received = transport->ReceiveBuffer;
transport->ReceiveBuffer = StreamPool_Take(transport->ReceivePool, 0);
Stream_SetPosition(received, length);
Stream_SealLength(received);
Stream_SetPosition(received, 0);
/**
* status:
* -1: error
* 0: success
* 1: redirection
*/
recv_status = transport->ReceiveCallback(transport, received, transport->ReceiveExtra);
if (recv_status == 1)
{
/**
* Last call to ReceiveCallback resulted in a session redirection,
* which means the current rdpTransport* transport pointer has been freed.
* Return 0 for success, the rest of this function is meant for non-redirected cases.
*/
return 0;
}
Stream_Release(received);
if (recv_status < 0)
status = -1;
if (status < 0)
return status;
}
}
return 0;
}
BOOL nego_send_negotiation_response(rdpNego* nego)
{
int length;
int bm, em;
BOOL status;
wStream* s;
rdpSettings* settings;
status = TRUE;
settings = nego->transport->settings;
s = Stream_New(NULL, 512);
length = TPDU_CONNECTION_CONFIRM_LENGTH;
bm = Stream_GetPosition(s);
Stream_Seek(s, length);
if (nego->selected_protocol > PROTOCOL_RDP)
{
/* RDP_NEG_DATA must be present for TLS and NLA */
Stream_Write_UINT8(s, TYPE_RDP_NEG_RSP);
Stream_Write_UINT8(s, EXTENDED_CLIENT_DATA_SUPPORTED); /* flags */
Stream_Write_UINT16(s, 8); /* RDP_NEG_DATA length (8) */
Stream_Write_UINT32(s, nego->selected_protocol); /* selectedProtocol */
length += 8;
}
else if (!settings->RdpSecurity)
{
Stream_Write_UINT8(s, TYPE_RDP_NEG_FAILURE);
Stream_Write_UINT8(s, 0); /* flags */
Stream_Write_UINT16(s, 8); /* RDP_NEG_DATA length (8) */
/*
* TODO: Check for other possibilities,
* like SSL_NOT_ALLOWED_BY_SERVER.
*/
fprintf(stderr, "nego_send_negotiation_response: client supports only Standard RDP Security\n");
Stream_Write_UINT32(s, SSL_REQUIRED_BY_SERVER);
length += 8;
status = FALSE;
}
em = Stream_GetPosition(s);
Stream_SetPosition(s, bm);
tpkt_write_header(s, length);
tpdu_write_connection_confirm(s, length - 5);
Stream_SetPosition(s, em);
Stream_SealLength(s);
if (transport_write(nego->transport, s) < 0)
{
Stream_Free(s, TRUE);
return FALSE;
}
Stream_Free(s, TRUE);
if (status)
{
/* update settings with negotiated protocol security */
settings->RequestedProtocols = nego->requested_protocols;
settings->SelectedProtocol = nego->selected_protocol;
if (settings->SelectedProtocol == PROTOCOL_RDP)
{
settings->TlsSecurity = FALSE;
settings->NlaSecurity = FALSE;
settings->RdpSecurity = TRUE;
if (!settings->LocalConnection)
{
settings->DisableEncryption = TRUE;
settings->EncryptionMethods = ENCRYPTION_METHOD_40BIT | ENCRYPTION_METHOD_128BIT | ENCRYPTION_METHOD_FIPS;
settings->EncryptionLevel = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE;
}
if (settings->DisableEncryption && settings->RdpServerRsaKey == NULL && settings->RdpKeyFile == NULL)
return FALSE;
}
else if (settings->SelectedProtocol == PROTOCOL_TLS)
{
settings->TlsSecurity = TRUE;
settings->NlaSecurity = FALSE;
settings->RdpSecurity = FALSE;
settings->DisableEncryption = FALSE;
settings->EncryptionMethods = ENCRYPTION_METHOD_NONE;
settings->EncryptionLevel = ENCRYPTION_LEVEL_NONE;
}
else if (settings->SelectedProtocol == PROTOCOL_NLA)
{
settings->TlsSecurity = TRUE;
settings->NlaSecurity = TRUE;
settings->RdpSecurity = FALSE;
settings->DisableEncryption = FALSE;
settings->EncryptionMethods = ENCRYPTION_METHOD_NONE;
settings->EncryptionLevel = ENCRYPTION_LEVEL_NONE;
}
}
return status;
}
/*
* Handle rpdsnd messages - server side
*
* @param Server side context
*
* @return -1 if no data could be read,
* 0 on error (like connection close),
* 1 on succsess (also if further bytes need to be read)
*/
int rdpsnd_server_handle_messages(RdpsndServerContext *context)
{
DWORD bytesReturned;
BOOL ret;
RdpsndServerPrivate *priv = context->priv;
wStream *s = priv->input_stream;
if (!WTSVirtualChannelRead(priv->ChannelHandle, 0, (PCHAR)Stream_Pointer(s), priv->expectedBytes, &bytesReturned))
{
if (GetLastError() == ERROR_NO_DATA)
return -1;
WLog_ERR(TAG, "%s: channel connection closed\n", __FUNCTION__);
return 0;
}
priv->expectedBytes -= bytesReturned;
Stream_Seek(s, bytesReturned);
if (priv->expectedBytes)
return 1;
Stream_SealLength(s);
Stream_SetPosition(s, 0);
if (priv->waitingHeader)
{
/* header case */
Stream_Read_UINT8(s, priv->msgType);
Stream_Seek_UINT8(s); /* bPad */
Stream_Read_UINT16(s, priv->expectedBytes);
priv->waitingHeader = FALSE;
Stream_SetPosition(s, 0);
if (priv->expectedBytes)
{
Stream_EnsureCapacity(s, priv->expectedBytes);
return 1;
}
}
/* when here we have the header + the body */
#ifdef WITH_DEBUG_SND
WLog_DBG(TAG, "message type %d", priv->msgType);
#endif
priv->expectedBytes = 4;
priv->waitingHeader = TRUE;
switch (priv->msgType)
{
case SNDC_WAVECONFIRM:
ret = rdpsnd_server_recv_waveconfirm(context, s);
break;
case SNDC_FORMATS:
ret = rdpsnd_server_recv_formats(context, s);
if (ret && context->clientVersion < 6)
IFCALL(context->Activated, context);
break;
case SNDC_QUALITYMODE:
ret = rdpsnd_server_recv_quality_mode(context, s);
Stream_SetPosition(s, 0); /* in case the Activated callback tries to treat some messages */
if (ret && context->clientVersion >= 6)
IFCALL(context->Activated, context);
break;
default:
WLog_ERR(TAG, "%s: UNKOWN MESSAGE TYPE!! (%#0X)\n\n", __FUNCTION__, priv->msgType);
ret = FALSE;
break;
}
Stream_SetPosition(s, 0);
if (ret)
return 1;
else
return 0;
}
BOOL nego_send_negotiation_request(rdpNego* nego)
{
wStream* s;
int length;
int bm, em;
int cookie_length;
s = Stream_New(NULL, 512);
length = TPDU_CONNECTION_REQUEST_LENGTH;
bm = Stream_GetPosition(s);
Stream_Seek(s, length);
if (nego->RoutingToken)
{
Stream_Write(s, nego->RoutingToken, nego->RoutingTokenLength);
Stream_Write_UINT8(s, 0x0D); /* CR */
Stream_Write_UINT8(s, 0x0A); /* LF */
length += nego->RoutingTokenLength + 2;
}
else if (nego->cookie)
{
cookie_length = strlen(nego->cookie);
if (cookie_length > (int) nego->cookie_max_length)
cookie_length = nego->cookie_max_length;
Stream_Write(s, "Cookie: mstshash=", 17);
Stream_Write(s, (BYTE*) nego->cookie, cookie_length);
Stream_Write_UINT8(s, 0x0D); /* CR */
Stream_Write_UINT8(s, 0x0A); /* LF */
length += cookie_length + 19;
}
DEBUG_NEGO("requested_protocols: %d", nego->requested_protocols);
if ((nego->requested_protocols > PROTOCOL_RDP) || (nego->sendNegoData))
{
/* RDP_NEG_DATA must be present for TLS and NLA */
Stream_Write_UINT8(s, TYPE_RDP_NEG_REQ);
Stream_Write_UINT8(s, 0); /* flags, must be set to zero */
Stream_Write_UINT16(s, 8); /* RDP_NEG_DATA length (8) */
Stream_Write_UINT32(s, nego->requested_protocols); /* requestedProtocols */
length += 8;
}
em = Stream_GetPosition(s);
Stream_SetPosition(s, bm);
tpkt_write_header(s, length);
tpdu_write_connection_request(s, length - 5);
Stream_SetPosition(s, em);
Stream_SealLength(s);
if (transport_write(nego->transport, s) < 0)
{
Stream_Free(s, TRUE);
return FALSE;
}
Stream_Free(s, TRUE);
return TRUE;
}
int rdp_recv_data_pdu(rdpRdp* rdp, wStream* s)
{
BYTE type;
wStream* cs;
UINT16 length;
UINT32 shareId;
BYTE compressedType;
UINT16 compressedLength;
if (!rdp_read_share_data_header(s, &length, &type, &shareId, &compressedType, &compressedLength))
return -1;
cs = s;
if (compressedType & PACKET_COMPRESSED)
{
UINT32 DstSize = 0;
BYTE* pDstData = NULL;
UINT32 SrcSize = compressedLength - 18;
if (Stream_GetRemainingLength(s) < (size_t) SrcSize)
{
fprintf(stderr, "bulk_decompress: not enough bytes for compressedLength %d\n", compressedLength);
return -1;
}
if (bulk_decompress(rdp->bulk, Stream_Pointer(s), SrcSize, &pDstData, &DstSize, compressedType))
{
cs = StreamPool_Take(rdp->transport->ReceivePool, DstSize);
Stream_SetPosition(cs, 0);
Stream_Write(cs, pDstData, DstSize);
Stream_SealLength(cs);
Stream_SetPosition(cs, 0);
}
else
{
fprintf(stderr, "bulk_decompress() failed\n");
return -1;
}
Stream_Seek(s, SrcSize);
}
#ifdef WITH_DEBUG_RDP
printf("recv %s Data PDU (0x%02X), length: %d\n",
type < ARRAYSIZE(DATA_PDU_TYPE_STRINGS) ? DATA_PDU_TYPE_STRINGS[type] : "???", type, length);
#endif
switch (type)
{
case DATA_PDU_TYPE_UPDATE:
if (!update_recv(rdp->update, cs))
return -1;
break;
case DATA_PDU_TYPE_CONTROL:
if (!rdp_recv_server_control_pdu(rdp, cs))
return -1;
break;
case DATA_PDU_TYPE_POINTER:
if (!update_recv_pointer(rdp->update, cs))
return -1;
break;
case DATA_PDU_TYPE_SYNCHRONIZE:
if (!rdp_recv_synchronize_pdu(rdp, cs))
return -1;
break;
case DATA_PDU_TYPE_PLAY_SOUND:
if (!update_recv_play_sound(rdp->update, cs))
return -1;
break;
case DATA_PDU_TYPE_SHUTDOWN_DENIED:
if (!rdp_recv_server_shutdown_denied_pdu(rdp, cs))
return -1;
break;
case DATA_PDU_TYPE_SAVE_SESSION_INFO:
if (!rdp_recv_save_session_info(rdp, cs))
return -1;
break;
case DATA_PDU_TYPE_FONT_MAP:
if (!rdp_recv_font_map_pdu(rdp, cs))
return -1;
break;
case DATA_PDU_TYPE_SET_KEYBOARD_INDICATORS:
if (!rdp_recv_server_set_keyboard_indicators_pdu(rdp, cs))
return -1;
break;
case DATA_PDU_TYPE_SET_KEYBOARD_IME_STATUS:
if (!rdp_recv_server_set_keyboard_ime_status_pdu(rdp, cs))
return -1;
break;
case DATA_PDU_TYPE_SET_ERROR_INFO:
if (!rdp_recv_set_error_info_data_pdu(rdp, cs))
return -1;
break;
case DATA_PDU_TYPE_ARC_STATUS:
if (!rdp_recv_server_auto_reconnect_status_pdu(rdp, cs))
return -1;
break;
case DATA_PDU_TYPE_STATUS_INFO:
if (!rdp_recv_server_status_info_pdu(rdp, cs))
return -1;
break;
case DATA_PDU_TYPE_MONITOR_LAYOUT:
if (!rdp_recv_monitor_layout_pdu(rdp, cs))
return -1;
break;
default:
break;
}
if (cs != s)
Stream_Release(cs);
return 0;
}
static UINT video_VideoData(VideoClientContext* context, TSMM_VIDEO_DATA *data)
{
VideoClientContextPriv *priv = context->priv;
PresentationContext *presentation;
int status;
presentation = priv->currentPresentation;
if (!presentation)
{
WLog_ERR(TAG, "no current presentation");
return CHANNEL_RC_OK;
}
if (presentation->PresentationId != data->PresentationId)
{
WLog_ERR(TAG, "current presentation id=%d doesn't match data id=%d", presentation->PresentationId,
data->PresentationId);
return CHANNEL_RC_OK;
}
if (!Stream_EnsureRemainingCapacity(presentation->currentSample, data->cbSample))
{
WLog_ERR(TAG, "unable to expand the current packet");
return CHANNEL_RC_NO_MEMORY;
}
Stream_Write(presentation->currentSample, data->pSample, data->cbSample);
if (data->CurrentPacketIndex == data->PacketsInSample)
{
H264_CONTEXT *h264 = presentation->h264;
UINT64 startTime = GetTickCount64(), timeAfterH264;
MAPPED_GEOMETRY *geom = presentation->geometry;
Stream_SealLength(presentation->currentSample);
Stream_SetPosition(presentation->currentSample, 0);
status = h264->subsystem->Decompress(h264, Stream_Pointer(presentation->currentSample),
Stream_Length(presentation->currentSample));
if (status == 0)
return CHANNEL_RC_OK;
if (status < 0)
return CHANNEL_RC_OK;
timeAfterH264 = GetTickCount64();
if (data->SampleNumber == 1)
{
presentation->lastPublishTime = startTime;
}
presentation->lastPublishTime += (data->hnsDuration / 10000);
if (presentation->lastPublishTime <= timeAfterH264 + 10)
{
int dropped = 0;
/* if the frame is to be published in less than 10 ms, let's consider it's now */
yuv_to_rgb(presentation, presentation->surfaceData);
context->showSurface(context, presentation->surface);
priv->publishedFrames++;
/* cleanup previously scheduled frames */
EnterCriticalSection(&priv->framesLock);
while (Queue_Count(priv->frames) > 0)
{
VideoFrame *frame = Queue_Dequeue(priv->frames);
if (frame)
{
priv->droppedFrames++;
VideoFrame_free(&frame);
dropped++;
}
}
LeaveCriticalSection(&priv->framesLock);
if (dropped)
WLog_DBG(TAG, "showing frame (%d dropped)", dropped);
}
else
{
BOOL enqueueResult;
VideoFrame *frame = calloc(1, sizeof(*frame));
if (!frame)
{
WLog_ERR(TAG, "unable to create frame");
return CHANNEL_RC_NO_MEMORY;
}
mappedGeometryRef(geom);
frame->presentation = presentation;
frame->publishTime = presentation->lastPublishTime;
frame->geometry = geom;
frame->w = presentation->SourceWidth;
frame->h = presentation->SourceHeight;
frame->surfaceData = BufferPool_Take(priv->surfacePool, frame->w * frame->h * 4);
if (!frame->surfaceData)
{
WLog_ERR(TAG, "unable to allocate frame data");
mappedGeometryUnref(geom);
free(frame);
return CHANNEL_RC_NO_MEMORY;
}
if (!yuv_to_rgb(presentation, frame->surfaceData))
{
WLog_ERR(TAG, "error during YUV->RGB conversion");
BufferPool_Return(priv->surfacePool, frame->surfaceData);
mappedGeometryUnref(geom);
free(frame);
return CHANNEL_RC_NO_MEMORY;
}
InterlockedIncrement(&presentation->refCounter);
EnterCriticalSection(&priv->framesLock);
enqueueResult = Queue_Enqueue(priv->frames, frame);
LeaveCriticalSection(&priv->framesLock);
if (!enqueueResult)
{
WLog_ERR(TAG, "unable to enqueue frame");
VideoFrame_free(&frame);
return CHANNEL_RC_NO_MEMORY;
}
WLog_DBG(TAG, "scheduling frame in %"PRIu32" ms", (frame->publishTime-startTime));
}
}
return CHANNEL_RC_OK;
}
/**
* Function description
*
* @return 0 on success, otherwise a Win32 error code
*/
UINT cliprdr_server_read(CliprdrServerContext* context)
{
wStream* s;
int position;
DWORD BytesToRead;
DWORD BytesReturned;
CLIPRDR_HEADER header;
CliprdrServerPrivate* cliprdr = (CliprdrServerPrivate*) context->handle;
UINT error;
DWORD status;
s = cliprdr->s;
if (Stream_GetPosition(s) < CLIPRDR_HEADER_LENGTH)
{
BytesReturned = 0;
BytesToRead = CLIPRDR_HEADER_LENGTH - Stream_GetPosition(s);
status = WaitForSingleObject(cliprdr->ChannelEvent, 0);
if (status == WAIT_FAILED)
{
error = GetLastError();
WLog_ERR(TAG, "WaitForSingleObject failed with error %lu", error);
return error;
}
if (status == WAIT_TIMEOUT)
return CHANNEL_RC_OK;
if (!WTSVirtualChannelRead(cliprdr->ChannelHandle, 0,
(PCHAR) Stream_Pointer(s), BytesToRead, &BytesReturned))
{
WLog_ERR(TAG, "WTSVirtualChannelRead failed!");
return ERROR_INTERNAL_ERROR;
}
Stream_Seek(s, BytesReturned);
}
if (Stream_GetPosition(s) >= CLIPRDR_HEADER_LENGTH)
{
position = Stream_GetPosition(s);
Stream_SetPosition(s, 0);
Stream_Read_UINT16(s, header.msgType); /* msgType (2 bytes) */
Stream_Read_UINT16(s, header.msgFlags); /* msgFlags (2 bytes) */
Stream_Read_UINT32(s, header.dataLen); /* dataLen (4 bytes) */
if (!Stream_EnsureCapacity(s, (header.dataLen + CLIPRDR_HEADER_LENGTH)))
{
WLog_ERR(TAG, "Stream_EnsureCapacity failed!");
return CHANNEL_RC_NO_MEMORY;
}
Stream_SetPosition(s, position);
if (Stream_GetPosition(s) < (header.dataLen + CLIPRDR_HEADER_LENGTH))
{
BytesReturned = 0;
BytesToRead = (header.dataLen + CLIPRDR_HEADER_LENGTH) - Stream_GetPosition(s);
status = WaitForSingleObject(cliprdr->ChannelEvent, 0);
if (status == WAIT_FAILED)
{
error = GetLastError();
WLog_ERR(TAG, "WaitForSingleObject failed with error %lu", error);
return error;
}
if (status == WAIT_TIMEOUT)
return CHANNEL_RC_OK;
if (!WTSVirtualChannelRead(cliprdr->ChannelHandle, 0,
(PCHAR) Stream_Pointer(s), BytesToRead, &BytesReturned))
{
WLog_ERR(TAG, "WTSVirtualChannelRead failed!");
return ERROR_INTERNAL_ERROR;
}
Stream_Seek(s, BytesReturned);
}
if (Stream_GetPosition(s) >= (header.dataLen + CLIPRDR_HEADER_LENGTH))
{
Stream_SetPosition(s, (header.dataLen + CLIPRDR_HEADER_LENGTH));
Stream_SealLength(s);
Stream_SetPosition(s, CLIPRDR_HEADER_LENGTH);
if ((error = cliprdr_server_receive_pdu(context, s, &header)))
{
WLog_ERR(TAG, "cliprdr_server_receive_pdu failed with error code %lu!", error);
return error;
}
Stream_SetPosition(s, 0);
/* check for trailing zero bytes */
status = WaitForSingleObject(cliprdr->ChannelEvent, 0);
if (status == WAIT_FAILED)
{
error = GetLastError();
WLog_ERR(TAG, "WaitForSingleObject failed with error %lu", error);
return error;
}
if (status == WAIT_TIMEOUT)
return CHANNEL_RC_OK;
BytesReturned = 0;
BytesToRead = 4;
if (!WTSVirtualChannelRead(cliprdr->ChannelHandle, 0,
(PCHAR) Stream_Pointer(s), BytesToRead, &BytesReturned))
{
WLog_ERR(TAG, "WTSVirtualChannelRead failed!");
return ERROR_INTERNAL_ERROR;
}
if (BytesReturned == 4)
{
Stream_Read_UINT16(s, header.msgType); /* msgType (2 bytes) */
Stream_Read_UINT16(s, header.msgFlags); /* msgFlags (2 bytes) */
if (!header.msgType)
{
/* ignore trailing bytes */
Stream_SetPosition(s, 0);
}
}
else
{
Stream_Seek(s, BytesReturned);
}
}
}
return CHANNEL_RC_OK;
}
static void* remdesk_server_thread(void* arg)
{
wStream* s;
DWORD status;
DWORD nCount;
void* buffer;
UINT32* pHeader;
UINT32 PduLength;
HANDLE events[8];
HANDLE ChannelEvent;
DWORD BytesReturned;
RemdeskServerContext* context;
UINT error;
context = (RemdeskServerContext*) arg;
buffer = NULL;
BytesReturned = 0;
ChannelEvent = NULL;
s = Stream_New(NULL, 4096);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
error = CHANNEL_RC_NO_MEMORY;
goto out;
}
if (WTSVirtualChannelQuery(context->priv->ChannelHandle, WTSVirtualEventHandle,
&buffer, &BytesReturned) == TRUE)
{
if (BytesReturned == sizeof(HANDLE))
CopyMemory(&ChannelEvent, buffer, sizeof(HANDLE));
WTSFreeMemory(buffer);
}
else
{
WLog_ERR(TAG, "WTSVirtualChannelQuery failed!");
error = ERROR_INTERNAL_ERROR;
goto out;
}
nCount = 0;
events[nCount++] = ChannelEvent;
events[nCount++] = context->priv->StopEvent;
if ((error = remdesk_send_ctl_version_info_pdu(context)))
{
WLog_ERR(TAG, "remdesk_send_ctl_version_info_pdu failed with error %"PRIu32"!",
error);
goto out;
}
while (1)
{
status = WaitForMultipleObjects(nCount, events, FALSE, INFINITE);
if (status == WAIT_FAILED)
{
error = GetLastError();
WLog_ERR(TAG, "WaitForMultipleObjects failed with error %"PRIu32"", error);
break;
}
status = WaitForSingleObject(context->priv->StopEvent, 0);
if (status == WAIT_FAILED)
{
error = GetLastError();
WLog_ERR(TAG, "WaitForSingleObject failed with error %"PRIu32"", error);
break;
}
if (status == WAIT_OBJECT_0)
{
break;
}
if (WTSVirtualChannelRead(context->priv->ChannelHandle, 0,
(PCHAR) Stream_Buffer(s), Stream_Capacity(s), &BytesReturned))
{
if (BytesReturned)
Stream_Seek(s, BytesReturned);
}
else
{
if (!Stream_EnsureRemainingCapacity(s, BytesReturned))
{
WLog_ERR(TAG, "Stream_EnsureRemainingCapacity failed!");
error = CHANNEL_RC_NO_MEMORY;
break;
}
}
if (Stream_GetPosition(s) >= 8)
{
pHeader = (UINT32*) Stream_Buffer(s);
PduLength = pHeader[0] + pHeader[1] + 8;
if (PduLength >= Stream_GetPosition(s))
{
Stream_SealLength(s);
Stream_SetPosition(s, 0);
if ((error = remdesk_server_receive_pdu(context, s)))
{
WLog_ERR(TAG, "remdesk_server_receive_pdu failed with error %"PRIu32"!", error);
break;
}
Stream_SetPosition(s, 0);
}
}
}
Stream_Free(s, TRUE);
out:
if (error && context->rdpcontext)
setChannelError(context->rdpcontext, error,
"remdesk_server_thread reported an error");
ExitThread((DWORD)error);
return NULL;
}
/**
* Function description
*
* @return 0 on success, otherwise a Win32 error code
*/
static UINT remdesk_send_ctl_authenticate_pdu(remdeskPlugin* remdesk)
{
int status;
UINT error;
wStream* s = NULL;
int cbExpertBlobW = 0;
WCHAR* expertBlobW = NULL;
int cbRaConnectionStringW = 0;
WCHAR* raConnectionStringW = NULL;
REMDESK_CTL_AUTHENTICATE_PDU pdu;
if ((error = remdesk_generate_expert_blob(remdesk)))
{
WLog_ERR(TAG, "remdesk_generate_expert_blob failed with error %lu", error);
return error;
}
pdu.expertBlob = remdesk->ExpertBlob;
pdu.raConnectionString = remdesk->settings->RemoteAssistanceRCTicket;
status = ConvertToUnicode(CP_UTF8, 0, pdu.raConnectionString, -1,
&raConnectionStringW, 0);
if (status <= 0)
{
WLog_ERR(TAG, "ConvertToUnicode failed!");
return ERROR_INTERNAL_ERROR;
}
cbRaConnectionStringW = status * 2;
status = ConvertToUnicode(CP_UTF8, 0, pdu.expertBlob, -1, &expertBlobW, 0);
if (status <= 0)
{
WLog_ERR(TAG, "ConvertToUnicode failed!");
error = ERROR_INTERNAL_ERROR;
goto out;
}
cbExpertBlobW = status * 2;
remdesk_prepare_ctl_header(&(pdu.ctlHeader), REMDESK_CTL_AUTHENTICATE,
cbRaConnectionStringW + cbExpertBlobW);
s = Stream_New(NULL, REMDESK_CHANNEL_CTL_SIZE + pdu.ctlHeader.DataLength);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
error = CHANNEL_RC_NO_MEMORY;
goto out;
}
remdesk_write_ctl_header(s, &(pdu.ctlHeader));
Stream_Write(s, (BYTE*) raConnectionStringW, cbRaConnectionStringW);
Stream_Write(s, (BYTE*) expertBlobW, cbExpertBlobW);
Stream_SealLength(s);
if ((error = remdesk_virtual_channel_write(remdesk, s)))
WLog_ERR(TAG, "remdesk_virtual_channel_write failed with error %lu!", error);
out:
free(raConnectionStringW);
free(expertBlobW);
if (error != CHANNEL_RC_OK)
Stream_Free(s, TRUE);
return error;
}
static BOOL rdp_client_establish_keys(rdpRdp* rdp)
{
BYTE* mod;
BYTE* exp;
wStream* s;
UINT32 length;
UINT32 key_len;
int status = 0;
BOOL ret = FALSE;
rdpSettings* settings;
BYTE* crypt_client_random = NULL;
settings = rdp->settings;
if (!settings->UseRdpSecurityLayer)
{
/* no RDP encryption */
return TRUE;
}
/* encrypt client random */
if (settings->ClientRandom)
free(settings->ClientRandom);
settings->ClientRandomLength = CLIENT_RANDOM_LENGTH;
settings->ClientRandom = malloc(settings->ClientRandomLength);
if (!settings->ClientRandom)
return FALSE;
crypto_nonce(settings->ClientRandom, settings->ClientRandomLength);
key_len = settings->RdpServerCertificate->cert_info.ModulusLength;
mod = settings->RdpServerCertificate->cert_info.Modulus;
exp = settings->RdpServerCertificate->cert_info.exponent;
/*
* client random must be (bitlen / 8) + 8 - see [MS-RDPBCGR] 5.3.4.1
* for details
*/
crypt_client_random = calloc(1, key_len + 8);
if (!crypt_client_random)
return FALSE;
crypto_rsa_public_encrypt(settings->ClientRandom, settings->ClientRandomLength, key_len, mod, exp, crypt_client_random);
/* send crypt client random to server */
length = RDP_PACKET_HEADER_MAX_LENGTH + RDP_SECURITY_HEADER_LENGTH + 4 + key_len + 8;
s = Stream_New(NULL, length);
rdp_write_header(rdp, s, length, MCS_GLOBAL_CHANNEL_ID);
rdp_write_security_header(s, SEC_EXCHANGE_PKT | SEC_LICENSE_ENCRYPT_SC);
length = key_len + 8;
Stream_Write_UINT32(s, length);
Stream_Write(s, crypt_client_random, length);
Stream_SealLength(s);
status = transport_write(rdp->mcs->transport, s);
Stream_Free(s, TRUE);
if (status < 0)
goto end;
rdp->do_crypt_license = TRUE;
/* now calculate encrypt / decrypt and update keys */
if (!security_establish_keys(settings->ClientRandom, rdp))
goto end;
rdp->do_crypt = TRUE;
if (settings->SaltedChecksum)
rdp->do_secure_checksum = TRUE;
if (settings->EncryptionMethods == ENCRYPTION_METHOD_FIPS)
{
rdp->fips_encrypt = crypto_des3_encrypt_init(rdp->fips_encrypt_key, fips_ivec);
if (!rdp->fips_encrypt)
{
WLog_ERR(TAG, "unable to allocate des3 encrypt key");
goto end;
}
rdp->fips_decrypt = crypto_des3_decrypt_init(rdp->fips_decrypt_key, fips_ivec);
if (!rdp->fips_decrypt)
{
WLog_ERR(TAG, "unable to allocate des3 decrypt key");
goto end;
}
rdp->fips_hmac = crypto_hmac_new();
if (!rdp->fips_hmac)
{
WLog_ERR(TAG, "unable to allocate fips hmac");
goto end;
}
ret = TRUE;
goto end;
}
rdp->rc4_decrypt_key = crypto_rc4_init(rdp->decrypt_key, rdp->rc4_key_len);
if (!rdp->rc4_decrypt_key)
{
WLog_ERR(TAG, "unable to allocate rc4 decrypt key");
goto end;
}
rdp->rc4_encrypt_key = crypto_rc4_init(rdp->encrypt_key, rdp->rc4_key_len);
if (!rdp->rc4_encrypt_key)
{
WLog_ERR(TAG, "unable to allocate rc4 encrypt key");
goto end;
}
ret = TRUE;
end:
if (crypt_client_random)
free(crypt_client_random);
return ret;
}
int rdpgfx_send_caps_advertise_pdu(RDPGFX_CHANNEL_CALLBACK* callback)
{
int status;
wStream* s;
UINT16 index;
RDPGFX_PLUGIN* gfx;
RDPGFX_HEADER header;
RDPGFX_CAPSET* capsSet;
RDPGFX_CAPSET capsSets[2];
RDPGFX_CAPS_ADVERTISE_PDU pdu;
gfx = (RDPGFX_PLUGIN*) callback->plugin;
header.flags = 0;
header.cmdId = RDPGFX_CMDID_CAPSADVERTISE;
pdu.capsSetCount = 0;
pdu.capsSets = (RDPGFX_CAPSET*) capsSets;
capsSet = &capsSets[pdu.capsSetCount++];
capsSet->version = RDPGFX_CAPVERSION_8;
capsSet->flags = 0;
if (gfx->ThinClient)
capsSet->flags |= RDPGFX_CAPS_FLAG_THINCLIENT;
if (gfx->SmallCache)
capsSet->flags |= RDPGFX_CAPS_FLAG_SMALL_CACHE;
capsSet = &capsSets[pdu.capsSetCount++];
capsSet->version = RDPGFX_CAPVERSION_81;
capsSet->flags = 0;
if (gfx->ThinClient)
capsSet->flags |= RDPGFX_CAPS_FLAG_THINCLIENT;
if (gfx->SmallCache)
capsSet->flags |= RDPGFX_CAPS_FLAG_SMALL_CACHE;
if (gfx->H264)
capsSet->flags |= RDPGFX_CAPS_FLAG_H264ENABLED;
header.pduLength = RDPGFX_HEADER_SIZE + 2 + (pdu.capsSetCount * RDPGFX_CAPSET_SIZE);
WLog_Print(gfx->log, WLOG_DEBUG, "SendCapsAdvertisePdu");
s = Stream_New(NULL, header.pduLength);
rdpgfx_write_header(s, &header);
/* RDPGFX_CAPS_ADVERTISE_PDU */
Stream_Write_UINT16(s, pdu.capsSetCount); /* capsSetCount (2 bytes) */
for (index = 0; index < pdu.capsSetCount; index++)
{
capsSet = &(pdu.capsSets[index]);
Stream_Write_UINT32(s, capsSet->version); /* version (4 bytes) */
Stream_Write_UINT32(s, 4); /* capsDataLength (4 bytes) */
Stream_Write_UINT32(s, capsSet->flags); /* capsData (4 bytes) */
}
Stream_SealLength(s);
status = callback->channel->Write(callback->channel, (UINT32) Stream_Length(s), Stream_Buffer(s), NULL);
Stream_Free(s, TRUE);
return status;
}
/**
* Function description
*
* @return 0 on success, otherwise a Win32 error code
*/
UINT rdpei_server_handle_messages(RdpeiServerContext *context) {
DWORD bytesReturned;
RdpeiServerPrivate *priv = context->priv;
wStream *s = priv->inputStream;
UINT error = CHANNEL_RC_OK;
if (!WTSVirtualChannelRead(priv->channelHandle, 0, (PCHAR)Stream_Pointer(s), priv->expectedBytes, &bytesReturned))
{
if (GetLastError() == ERROR_NO_DATA)
return ERROR_READ_FAULT;
WLog_DBG(TAG, "channel connection closed");
return CHANNEL_RC_OK;
}
priv->expectedBytes -= bytesReturned;
Stream_Seek(s, bytesReturned);
if (priv->expectedBytes)
return CHANNEL_RC_OK;
Stream_SealLength(s);
Stream_SetPosition(s, 0);
if (priv->waitingHeaders)
{
UINT32 pduLen;
/* header case */
Stream_Read_UINT16(s, priv->currentMsgType);
Stream_Read_UINT16(s, pduLen);
if (pduLen < RDPINPUT_HEADER_LENGTH)
{
WLog_ERR(TAG, "invalid pduLength %d", pduLen);
return ERROR_INVALID_DATA;
}
priv->expectedBytes = pduLen - RDPINPUT_HEADER_LENGTH;
priv->waitingHeaders = FALSE;
Stream_SetPosition(s, 0);
if (priv->expectedBytes)
{
if (!Stream_EnsureCapacity(s, priv->expectedBytes))
{
WLog_ERR(TAG, "Stream_EnsureCapacity failed!");
return CHANNEL_RC_NO_MEMORY;
}
return CHANNEL_RC_OK;
}
}
/* when here we have the header + the body */
switch (priv->currentMsgType)
{
case EVENTID_CS_READY:
if (priv->automataState != STATE_WAITING_CLIENT_READY)
{
WLog_ERR(TAG, "not expecting a CS_READY packet in this state(%d)", (int)priv->automataState);
return ERROR_INVALID_STATE;
}
if ((error = read_cs_ready_message(context, s)))
{
WLog_ERR(TAG, "read_cs_ready_message failed with error %lu", error);
return error;
}
break;
case EVENTID_TOUCH:
if ((error = read_touch_event(context, s)))
{
WLog_ERR(TAG, "read_touch_event failed with error %lu", error);
return error;
}
break;
case EVENTID_DISMISS_HOVERING_CONTACT:
if ((error = read_dismiss_hovering_contact(context, s)))
{
WLog_ERR(TAG, "read_dismiss_hovering_contact failed with error %lu", error);
return error;
}
break;
default:
WLog_ERR(TAG, "unexpected message type 0x%x", priv->currentMsgType);
}
Stream_SetPosition(s, 0);
priv->waitingHeaders = TRUE;
priv->expectedBytes = RDPINPUT_HEADER_LENGTH;
return error;
}
BOOL nego_send_negotiation_response(rdpNego* nego)
{
int length;
int bm, em;
BOOL status;
wStream* s;
BYTE flags;
rdpSettings* settings;
status = TRUE;
settings = nego->transport->settings;
s = Stream_New(NULL, 512);
if (!s)
return FALSE;
length = TPDU_CONNECTION_CONFIRM_LENGTH;
bm = Stream_GetPosition(s);
Stream_Seek(s, length);
if (nego->SelectedProtocol & PROTOCOL_FAILED_NEGO)
{
UINT32 errorCode = (nego->SelectedProtocol & ~PROTOCOL_FAILED_NEGO);
flags = 0;
Stream_Write_UINT8(s, TYPE_RDP_NEG_FAILURE);
Stream_Write_UINT8(s, flags); /* flags */
Stream_Write_UINT16(s, 8); /* RDP_NEG_DATA length (8) */
Stream_Write_UINT32(s, errorCode);
length += 8;
status = FALSE;
}
else
{
flags = EXTENDED_CLIENT_DATA_SUPPORTED;
if (settings->SupportGraphicsPipeline)
flags |= DYNVC_GFX_PROTOCOL_SUPPORTED;
/* RDP_NEG_DATA must be present for TLS, NLA, and RDP */
Stream_Write_UINT8(s, TYPE_RDP_NEG_RSP);
Stream_Write_UINT8(s, flags); /* flags */
Stream_Write_UINT16(s, 8); /* RDP_NEG_DATA length (8) */
Stream_Write_UINT32(s, nego->SelectedProtocol); /* selectedProtocol */
length += 8;
}
em = Stream_GetPosition(s);
Stream_SetPosition(s, bm);
tpkt_write_header(s, length);
tpdu_write_connection_confirm(s, length - 5);
Stream_SetPosition(s, em);
Stream_SealLength(s);
if (transport_write(nego->transport, s) < 0)
{
Stream_Free(s, TRUE);
return FALSE;
}
Stream_Free(s, TRUE);
if (status)
{
/* update settings with negotiated protocol security */
settings->RequestedProtocols = nego->RequestedProtocols;
settings->SelectedProtocol = nego->SelectedProtocol;
if (settings->SelectedProtocol == PROTOCOL_RDP)
{
settings->TlsSecurity = FALSE;
settings->NlaSecurity = FALSE;
settings->RdpSecurity = TRUE;
settings->UseRdpSecurityLayer = TRUE;
if (settings->EncryptionLevel == ENCRYPTION_LEVEL_NONE)
{
/**
* If the server implementation did not explicitely set a
* encryption level we default to client compatible
*/
settings->EncryptionLevel = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE;
}
if (settings->LocalConnection)
{
/**
* Note: This hack was firstly introduced in commit 95f5e115 to
* disable the unnecessary encryption with peers connecting to
* 127.0.0.1 or local unix sockets.
* This also affects connections via port tunnels! (e.g. ssh -L)
*/
WLog_INFO(TAG, "Turning off encryption for local peer with standard rdp security");
settings->UseRdpSecurityLayer = FALSE;
settings->EncryptionLevel = ENCRYPTION_LEVEL_NONE;
}
if (!settings->RdpServerRsaKey && !settings->RdpKeyFile)
{
WLog_ERR(TAG, "Missing server certificate");
return FALSE;
}
}
else if (settings->SelectedProtocol == PROTOCOL_TLS)
{
settings->TlsSecurity = TRUE;
settings->NlaSecurity = FALSE;
settings->RdpSecurity = FALSE;
settings->UseRdpSecurityLayer = FALSE;
settings->EncryptionLevel = ENCRYPTION_LEVEL_NONE;
}
else if (settings->SelectedProtocol == PROTOCOL_NLA)
{
settings->TlsSecurity = TRUE;
settings->NlaSecurity = TRUE;
settings->RdpSecurity = FALSE;
settings->UseRdpSecurityLayer = FALSE;
settings->EncryptionLevel = ENCRYPTION_LEVEL_NONE;
}
}
return status;
}
/**
* Function description
*
* @return 0 on success, otherwise a Win32 error code
*/
static UINT rdpgfx_send_caps_advertise_pdu(RDPGFX_CHANNEL_CALLBACK* callback)
{
UINT error;
wStream* s;
UINT16 index;
RDPGFX_PLUGIN* gfx;
RDPGFX_HEADER header;
RDPGFX_CAPSET* capsSet;
RDPGFX_CAPSET capsSets[RDPGFX_NUMBER_CAPSETS];
RDPGFX_CAPS_ADVERTISE_PDU pdu;
gfx = (RDPGFX_PLUGIN*) callback->plugin;
header.flags = 0;
header.cmdId = RDPGFX_CMDID_CAPSADVERTISE;
pdu.capsSetCount = 0;
pdu.capsSets = (RDPGFX_CAPSET*) capsSets;
capsSet = &capsSets[pdu.capsSetCount++];
capsSet->version = RDPGFX_CAPVERSION_8;
capsSet->flags = 0;
if (gfx->ThinClient)
capsSet->flags |= RDPGFX_CAPS_FLAG_THINCLIENT;
if (gfx->SmallCache)
capsSet->flags |= RDPGFX_CAPS_FLAG_SMALL_CACHE;
capsSet = &capsSets[pdu.capsSetCount++];
capsSet->version = RDPGFX_CAPVERSION_81;
capsSet->flags = 0;
if (gfx->ThinClient)
capsSet->flags |= RDPGFX_CAPS_FLAG_THINCLIENT;
if (gfx->SmallCache)
capsSet->flags |= RDPGFX_CAPS_FLAG_SMALL_CACHE;
if (gfx->H264)
capsSet->flags |= RDPGFX_CAPS_FLAG_AVC420_ENABLED;
if (gfx->AVC444)
{
capsSet = &capsSets[pdu.capsSetCount++];
capsSet->version = RDPGFX_CAPVERSION_10;
capsSet->flags = 0;
if (gfx->SmallCache)
capsSet->flags |= RDPGFX_CAPS_FLAG_SMALL_CACHE;
if (!gfx->H264)
capsSet->flags |= RDPGFX_CAPS_FLAG_AVC_DISABLED;
capsSets[pdu.capsSetCount] = *capsSet;
capsSets[pdu.capsSetCount++].version = RDPGFX_CAPVERSION_102;
}
header.pduLength = RDPGFX_HEADER_SIZE + 2 + (pdu.capsSetCount *
RDPGFX_CAPSET_SIZE);
WLog_DBG(TAG, "SendCapsAdvertisePdu %d", pdu.capsSetCount);
s = Stream_New(NULL, header.pduLength);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
return CHANNEL_RC_NO_MEMORY;
}
if ((error = rdpgfx_write_header(s, &header)))
{
WLog_ERR(TAG, "rdpgfx_write_header failed with error %u!", error);
return error;
}
/* RDPGFX_CAPS_ADVERTISE_PDU */
Stream_Write_UINT16(s, pdu.capsSetCount); /* capsSetCount (2 bytes) */
for (index = 0; index < pdu.capsSetCount; index++)
{
capsSet = &(pdu.capsSets[index]);
Stream_Write_UINT32(s, capsSet->version); /* version (4 bytes) */
Stream_Write_UINT32(s, 4); /* capsDataLength (4 bytes) */
Stream_Write_UINT32(s, capsSet->flags); /* capsData (4 bytes) */
}
Stream_SealLength(s);
error = callback->channel->Write(callback->channel, (UINT32) Stream_Length(s),
Stream_Buffer(s), NULL);
Stream_Free(s, TRUE);
return error;
}
static BOOL TestStream_Create(int count, BOOL selfAlloc)
{
int i, len, cap, pos;
wStream *s = NULL;
void* buffer = NULL;
for (i = 0; i < count; i++)
{
len = cap = i+1;
pos = 0;
if (selfAlloc)
{
if (!(buffer = malloc(cap)))
{
printf("%s: failed to allocate buffer of size %d\n", __FUNCTION__, cap);
goto fail;
}
}
if (!(s = Stream_New(selfAlloc ? buffer : NULL, len)))
{
printf("%s: Stream_New failed for stream #%d\n", __FUNCTION__, i);
goto fail;
}
if (!TestStream_Verify(s, cap, len, pos))
{
goto fail;
}
for (pos = 0; pos < len; pos++)
{
Stream_SetPosition(s, pos);
Stream_SealLength(s);
if (!TestStream_Verify(s, cap, pos, pos))
{
goto fail;
}
}
if (selfAlloc)
{
memset(buffer, i%256, cap);
if (memcmp(buffer, Stream_Buffer(s), cap))
{
printf("%s: buffer memory corruption\n", __FUNCTION__);
goto fail;
}
}
Stream_Free(s, buffer ? FALSE : TRUE);
free(buffer);
}
return TRUE;
fail:
free(buffer);
if (s)
{
Stream_Free(s, buffer ? FALSE : TRUE);
}
return FALSE;
}
wStream* http_request_write(HttpContext* context, HttpRequest* request)
{
wStream* s;
if (!context || !request)
return NULL;
s = Stream_New(NULL, 1024);
if (!s)
return NULL;
if (!http_encode_header_line(s, request->Method, request->URI) ||
!http_encode_body_line(s, "Cache-Control", context->CacheControl) ||
!http_encode_body_line(s, "Connection", context->Connection) ||
!http_encode_body_line(s, "Pragma", context->Pragma) ||
!http_encode_body_line(s, "Accept", context->Accept) ||
!http_encode_body_line(s, "User-Agent", context->UserAgent) ||
!http_encode_body_line(s, "Host", context->Host))
goto fail;
if (context->RdgConnectionId)
{
if (!http_encode_body_line(s, "RDG-Connection-Id", context->RdgConnectionId))
goto fail;
}
if (context->RdgAuthScheme)
{
if (!http_encode_body_line(s, "RDG-Auth-Scheme", context->RdgAuthScheme))
goto fail;
}
if (request->TransferEncoding)
{
if (!http_encode_body_line(s, "Transfer-Encoding", request->TransferEncoding))
goto fail;
}
else
{
if (!http_encode_content_length_line(s, request->ContentLength))
goto fail;
}
if (request->Authorization)
{
if (!http_encode_body_line(s, "Authorization", request->Authorization))
goto fail;
}
else if (request->AuthScheme && request->AuthParam)
{
if (!http_encode_authorization_line(s, request->AuthScheme, request->AuthParam))
goto fail;
}
Stream_Write(s, "\r\n", 2);
Stream_SealLength(s);
return s;
fail:
Stream_Free(s, TRUE);
return NULL;
}
static void* encomsp_server_thread(void* arg)
{
wStream* s;
DWORD nCount;
void* buffer;
HANDLE events[8];
HANDLE ChannelEvent;
DWORD BytesReturned;
ENCOMSP_ORDER_HEADER* header;
EncomspServerContext* context;
UINT error = CHANNEL_RC_OK;
DWORD status;
context = (EncomspServerContext*) arg;
freerdp_channel_init_thread_context(context->rdpcontext);
buffer = NULL;
BytesReturned = 0;
ChannelEvent = NULL;
s = Stream_New(NULL, 4096);
if (!s)
{
WLog_ERR(TAG, "Stream_New failed!");
error = CHANNEL_RC_NO_MEMORY;
goto out;
}
if (WTSVirtualChannelQuery(context->priv->ChannelHandle, WTSVirtualEventHandle,
&buffer, &BytesReturned) == TRUE)
{
if (BytesReturned == sizeof(HANDLE))
CopyMemory(&ChannelEvent, buffer, sizeof(HANDLE));
WTSFreeMemory(buffer);
}
nCount = 0;
events[nCount++] = ChannelEvent;
events[nCount++] = context->priv->StopEvent;
while (1)
{
status = WaitForMultipleObjects(nCount, events, FALSE, INFINITE);
if (status == WAIT_FAILED)
{
error = GetLastError();
WLog_ERR(TAG, "WaitForMultipleObjects failed with error %lu", error);
break;
}
status = WaitForSingleObject(context->priv->StopEvent, 0);
if (status == WAIT_FAILED)
{
error = GetLastError();
WLog_ERR(TAG, "WaitForSingleObject failed with error %lu", error);
break;
}
if (status == WAIT_OBJECT_0)
{
break;
}
WTSVirtualChannelRead(context->priv->ChannelHandle, 0, NULL, 0, &BytesReturned);
if (BytesReturned < 1)
continue;
if (!Stream_EnsureRemainingCapacity(s, BytesReturned))
{
WLog_ERR(TAG, "Stream_EnsureRemainingCapacity failed!");
error = CHANNEL_RC_NO_MEMORY;
break;
}
if (!WTSVirtualChannelRead(context->priv->ChannelHandle, 0,
(PCHAR) Stream_Buffer(s), Stream_Capacity(s), &BytesReturned))
{
WLog_ERR(TAG, "WTSVirtualChannelRead failed!");
error = ERROR_INTERNAL_ERROR;
break;
}
if (Stream_GetPosition(s) >= ENCOMSP_ORDER_HEADER_SIZE)
{
header = (ENCOMSP_ORDER_HEADER*) Stream_Buffer(s);
if (header->Length >= Stream_GetPosition(s))
{
Stream_SealLength(s);
Stream_SetPosition(s, 0);
if ((error = encomsp_server_receive_pdu(context, s)))
{
WLog_ERR(TAG, "encomsp_server_receive_pdu failed with error %lu!", error);
break;
}
Stream_SetPosition(s, 0);
}
}
}
Stream_Free(s, TRUE);
out:
if (error && context->rdpcontext)
setChannelError(context->rdpcontext, error,
"encomsp_server_thread reported an error");
ExitThread((DWORD)error);
return NULL;
}
int rdpei_server_handle_messages(RdpeiServerContext *context) {
DWORD bytesReturned;
RdpeiServerPrivate *priv = context->priv;
wStream *s = priv->inputStream;
if (!WTSVirtualChannelRead(priv->channelHandle, 0, (PCHAR)Stream_Pointer(s), priv->expectedBytes, &bytesReturned))
{
if (GetLastError() == ERROR_NO_DATA)
return -1;
fprintf(stderr, "%s: channel connection closed\n", __FUNCTION__);
return 0;
}
priv->expectedBytes -= bytesReturned;
Stream_Seek(s, bytesReturned);
if (priv->expectedBytes)
return 1;
Stream_SealLength(s);
Stream_SetPosition(s, 0);
if (priv->waitingHeaders)
{
UINT32 pduLen;
/* header case */
Stream_Read_UINT16(s, priv->currentMsgType);
Stream_Read_UINT16(s, pduLen);
if (pduLen < RDPINPUT_HEADER_LENGTH)
{
fprintf(stderr, "%s: invalid pduLength %d\n", __FUNCTION__, pduLen);
return -1;
}
priv->expectedBytes = pduLen - RDPINPUT_HEADER_LENGTH;
priv->waitingHeaders = FALSE;
Stream_SetPosition(s, 0);
if (priv->expectedBytes)
{
Stream_EnsureCapacity(s, priv->expectedBytes);
return 1;
}
}
/* when here we have the header + the body */
switch (priv->currentMsgType)
{
case EVENTID_CS_READY:
if (priv->automataState != STATE_WAITING_CLIENT_READY)
{
fprintf(stderr, "%s: not expecting a CS_READY packet in this state(%d)\n", __FUNCTION__, (int)priv->automataState);
return 0;
}
if (read_cs_ready_message(context, s) < 0)
return 0;
break;
case EVENTID_TOUCH:
if (read_touch_event(context, s) < 0)
{
fprintf(stderr, "%s: error in touch event packet\n", __FUNCTION__);
return 0;
}
break;
case EVENTID_DISMISS_HOVERING_CONTACT:
if (read_dismiss_hovering_contact(context, s) < 0)
{
fprintf(stderr, "%s: error reading read_dismiss_hovering_contact\n", __FUNCTION__);
return 0;
}
break;
default:
fprintf(stderr, "%s: unexpected message type 0x%x\n", __FUNCTION__, priv->currentMsgType);
}
Stream_SetPosition(s, 0);
priv->waitingHeaders = TRUE;
priv->expectedBytes = RDPINPUT_HEADER_LENGTH;
return 1;
}
