RDP/client-1.8.3/iso.c

	iso.c revision 6e9aa255e3376b2da5824c09c4c62bc233463bfe
a180a41bba1d50822df23fff0099e90b86638b89vboxsync/* -*- c-basic-offset: 8 -*-
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   rdesktop: A Remote Desktop Protocol client.
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   Protocol services - ISO layer
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   Copyright 2005-2011 Peter Astrand <astrand@cendio.se> for Cendio AB
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   Copyright 2012 Henrik Andersson <hean01@cendio.se> for Cendio AB
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   This program is free software: you can redistribute it and/or modify
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   it under the terms of the GNU General Public License as published by
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   the Free Software Foundation, either version 3 of the License, or
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   (at your option) any later version.
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   This program is distributed in the hope that it will be useful,
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   but WITHOUT ANY WARRANTY; without even the implied warranty of
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   GNU General Public License for more details.
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   You should have received a copy of the GNU General Public License
a180a41bba1d50822df23fff0099e90b86638b89vboxsync   along with this program.  If not, see <http://www.gnu.org/licenses/>.
a180a41bba1d50822df23fff0099e90b86638b89vboxsync*/
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
6e9aa255e3376b2da5824c09c4c62bc233463bfevboxsync/*
6e9aa255e3376b2da5824c09c4c62bc233463bfevboxsync * Oracle GPL Disclaimer: For the avoidance of doubt, except that if any license choice
6e9aa255e3376b2da5824c09c4c62bc233463bfevboxsync * other than GPL or LGPL is available it will apply instead, Oracle elects to use only
6e9aa255e3376b2da5824c09c4c62bc233463bfevboxsync * the General Public License version 2 (GPLv2) at this time for any software where
6e9aa255e3376b2da5824c09c4c62bc233463bfevboxsync * a choice of GPL license versions is made available with the language indicating
6e9aa255e3376b2da5824c09c4c62bc233463bfevboxsync * that GPLv2 or any later version may be used, or where a choice of which version
6e9aa255e3376b2da5824c09c4c62bc233463bfevboxsync * of the GPL is applied is otherwise unspecified.
6e9aa255e3376b2da5824c09c4c62bc233463bfevboxsync */
6e9aa255e3376b2da5824c09c4c62bc233463bfevboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync#include "rdesktop.h"
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncextern RD_BOOL g_encryption;
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncextern RD_BOOL g_encryption_initial;
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncextern RDP_VERSION g_rdp_version;
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncextern RD_BOOL g_use_password_as_pin;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncstatic RD_BOOL g_negotiate_rdp_protocol = True;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncextern char *g_sc_csp_name;
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncextern char *g_sc_reader_name;
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncextern char *g_sc_card_name;
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncextern char *g_sc_container_name;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync/* Send a self-contained ISO PDU */
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncstatic void
a180a41bba1d50822df23fff0099e90b86638b89vboxsynciso_send_msg(uint8 code)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync{
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    STREAM s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s = tcp_init(11);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 3);    /* version */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 0);    /* reserved */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint16_be(s, 11);   /* length */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 6);    /* hdrlen */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, code);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint16(s, 0);   /* dst_ref */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint16(s, 0);   /* src_ref */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 0);    /* class */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s_mark_end(s);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    tcp_send(s);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync}
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncstatic void
a180a41bba1d50822df23fff0099e90b86638b89vboxsynciso_send_connection_request(char *username, uint32 neg_proto)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync{
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    STREAM s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    int length = 30 + strlen(username);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (g_rdp_version >= RDP_V5 && g_negotiate_rdp_protocol)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        length += 8;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s = tcp_init(length);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 3);    /* version */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 0);    /* reserved */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint16_be(s, length);   /* length */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, length - 5);   /* hdrlen */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, ISO_PDU_CR);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint16(s, 0);   /* dst_ref */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint16(s, 0);   /* src_ref */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 0);    /* class */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8p(s, "Cookie: mstshash=", strlen("Cookie: mstshash="));
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8p(s, username, strlen(username));
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 0x0d); /* cookie termination string: CR+LF */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 0x0a);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (g_rdp_version >= RDP_V5 && g_negotiate_rdp_protocol)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        /* optional rdp protocol negotiation request for RDPv5 */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        out_uint8(s, RDP_NEG_REQ);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        out_uint8(s, 0);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        out_uint16(s, 8);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        out_uint32(s, neg_proto);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s_mark_end(s);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    tcp_send(s);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync}
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync/* Receive a message on the ISO layer, return code */
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncstatic STREAM
a180a41bba1d50822df23fff0099e90b86638b89vboxsynciso_recv_msg(uint8 * code, uint8 * rdpver)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync{
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    STREAM s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    uint16 length;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    uint8 version;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s = tcp_recv(NULL, 4);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (s == NULL)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        return NULL;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    in_uint8(s, version);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (rdpver != NULL)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        *rdpver = version;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (version == 3)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        in_uint8s(s, 1);    /* pad */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        in_uint16_be(s, length);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    else
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        in_uint8(s, length);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        if (length & 0x80)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            length &= ~0x80;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            next_be(s, length);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (length < 4)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        error("Bad packet header\n");
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        return NULL;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s = tcp_recv(s, length - 4);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (s == NULL)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        return NULL;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (version != 3)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        return s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    in_uint8s(s, 1);    /* hdrlen */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    in_uint8(s, *code);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (*code == ISO_PDU_DT)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        in_uint8s(s, 1);    /* eot */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        return s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    in_uint8s(s, 5);    /* dst_ref, src_ref, class */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    return s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync}
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync/* Initialise ISO transport data packet */
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncSTREAM
a180a41bba1d50822df23fff0099e90b86638b89vboxsynciso_init(int length)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync{
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    STREAM s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s = tcp_init(length + 7);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s_push_layer(s, iso_hdr, 7);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    return s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync}
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync/* Send an ISO data PDU */
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncvoid
a180a41bba1d50822df23fff0099e90b86638b89vboxsynciso_send(STREAM s)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync{
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    uint16 length;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s_pop_layer(s, iso_hdr);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    length = s->end - s->p;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 3);    /* version */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 0);    /* reserved */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint16_be(s, length);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 2);    /* hdrlen */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, ISO_PDU_DT);   /* code */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    out_uint8(s, 0x80); /* eot */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    tcp_send(s);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync}
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync/* Receive ISO transport data packet */
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncSTREAM
a180a41bba1d50822df23fff0099e90b86638b89vboxsynciso_recv(uint8 * rdpver)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync{
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    STREAM s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    uint8 code = 0;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s = iso_recv_msg(&code, rdpver);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (s == NULL)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        return NULL;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (rdpver != NULL)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        if (*rdpver != 3)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            return s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (code != ISO_PDU_DT)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        error("expected DT, got 0x%x\n", code);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        return NULL;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    return s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync}
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync/* Establish a connection up to the ISO layer */
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncRD_BOOL
a180a41bba1d50822df23fff0099e90b86638b89vboxsynciso_connect(char *server, char *username, char *domain, char *password,
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        RD_BOOL reconnect, uint32 * selected_protocol)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync{
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    STREAM s;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    uint8 code;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    uint32 neg_proto;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    g_negotiate_rdp_protocol = True;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    neg_proto = PROTOCOL_SSL;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync#ifdef WITH_CREDSSP
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (!g_use_password_as_pin)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        neg_proto |= PROTOCOL_HYBRID;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    else if (g_sc_csp_name || g_sc_reader_name || g_sc_card_name || g_sc_container_name)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        neg_proto |= PROTOCOL_HYBRID;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    else
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        warning("Disables CredSSP due to missing smartcard information for SSO.\n");
a180a41bba1d50822df23fff0099e90b86638b89vboxsync#endif
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync      retry:
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    *selected_protocol = PROTOCOL_RDP;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    code = 0;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (!tcp_connect(server))
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        return False;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    iso_send_connection_request(username, neg_proto);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    s = iso_recv_msg(&code, NULL);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (s == NULL)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        return False;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (code != ISO_PDU_CC)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        error("expected CC, got 0x%x\n", code);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        tcp_disconnect();
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        return False;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    if (g_rdp_version >= RDP_V5 && s_check_rem(s, 8))
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        /* handle RDP_NEG_REQ response */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        const char *reason = NULL;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        uint8 type = 0, flags = 0;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        uint16 length = 0;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        uint32 data = 0;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        in_uint8(s, type);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        in_uint8(s, flags);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        in_uint16(s, length);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        in_uint32(s, data);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        if (type == RDP_NEG_FAILURE)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            RD_BOOL retry_without_neg = False;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            switch (data)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                case SSL_WITH_USER_AUTH_REQUIRED_BY_SERVER:
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    reason = "SSL with user authentication required by server";
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    break;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                case SSL_NOT_ALLOWED_BY_SERVER:
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    reason = "SSL not allowed by server";
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    retry_without_neg = True;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    break;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                case SSL_CERT_NOT_ON_SERVER:
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    reason = "no valid authentication certificate on server";
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    retry_without_neg = True;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    break;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                case INCONSISTENT_FLAGS:
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    reason = "inconsistent negotiation flags";
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    break;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                case SSL_REQUIRED_BY_SERVER:
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    reason = "SSL required by server";
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    break;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                case HYBRID_REQUIRED_BY_SERVER:
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    reason = "CredSSP required by server";
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    break;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                default:
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    reason = "unknown reason";
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            tcp_disconnect();
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            if (retry_without_neg)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                fprintf(stderr,
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                    "Failed to negotiate protocol, retrying with plain RDP.\n");
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                g_negotiate_rdp_protocol = False;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                goto retry;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            fprintf(stderr, "Failed to connect, %s.\n", reason);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            return False;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        if (type != RDP_NEG_RSP)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            tcp_disconnect();
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            error("Expected RDP_NEG_RSP, got type = 0x%x\n", type);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            return False;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        /* handle negotiation response */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        if (data == PROTOCOL_SSL)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            if (!tcp_tls_connect())
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                /* failed to connect using cssp, let retry with plain TLS */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                tcp_disconnect();
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                neg_proto = PROTOCOL_RDP;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                goto retry;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            /* do not use encryption when using TLS */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            g_encryption = False;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            fprintf(stderr, "Connection established using SSL.\n");
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync#ifdef WITH_CREDSSP
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        else if (data == PROTOCOL_HYBRID)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            if (!cssp_connect(server, username, domain, password, s))
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                /* failed to connect using cssp, let retry with plain TLS */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                tcp_disconnect();
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                neg_proto = PROTOCOL_SSL;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                goto retry;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            /* do not use encryption when using TLS */
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            fprintf(stderr, "Connection established using CredSSP.\n");
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            g_encryption = False;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync#endif
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        else if (data == PROTOCOL_RDP)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            fprintf(stderr, "Connection established using plain RDP.\n");
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        else if (data != PROTOCOL_RDP)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        {
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            tcp_disconnect();
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            error("Unexpected protocol in negotiation response, got data = 0x%x.\n",
a180a41bba1d50822df23fff0099e90b86638b89vboxsync                  data);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync            return False;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync        *selected_protocol = data;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    }
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    return True;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync}
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync/* Disconnect from the ISO layer */
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncvoid
a180a41bba1d50822df23fff0099e90b86638b89vboxsynciso_disconnect(void)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync{
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    iso_send_msg(ISO_PDU_DR);
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    tcp_disconnect();
a180a41bba1d50822df23fff0099e90b86638b89vboxsync}
a180a41bba1d50822df23fff0099e90b86638b89vboxsync
a180a41bba1d50822df23fff0099e90b86638b89vboxsync/* reset the state to support reconnecting */
a180a41bba1d50822df23fff0099e90b86638b89vboxsyncvoid
a180a41bba1d50822df23fff0099e90b86638b89vboxsynciso_reset_state(void)
a180a41bba1d50822df23fff0099e90b86638b89vboxsync{
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    g_encryption = g_encryption_initial;
a180a41bba1d50822df23fff0099e90b86638b89vboxsync    tcp_reset_state();
a180a41bba1d50822df23fff0099e90b86638b89vboxsync}