--- sourceforge.net/trunk/rdesktop/licence.c 2003/02/10 13:05:40 320 +++ sourceforge.net/trunk/rdesktop/licence.c 2004/05/16 11:18:20 699 @@ -18,11 +18,6 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ -#include -#include -#include -#include -#include #include "rdesktop.h" #ifdef WITH_OPENSSL @@ -31,188 +26,30 @@ #include "crypto/rc4.h" #endif -extern char username[16]; +extern char g_username[16]; extern char hostname[16]; -static uint8 licence_key[16]; -static uint8 licence_sign_key[16]; +static uint8 g_licence_key[16]; +static uint8 g_licence_sign_key[16]; -BOOL licence_issued = False; - - -static int -load_licence(unsigned char **data) -{ - char *path; - char *home; - struct stat st; - int fd; - - home = getenv("HOME"); - if (home == NULL) - return -1; - - path = xmalloc(strlen(home) + strlen(hostname) + 20); - sprintf(path, "%s/.rdesktop/licence.%s", home, hostname); - - fd = open(path, O_RDONLY); - if (fd == -1) - return -1; - - if (fstat(fd, &st)) - return -1; - - *data = xmalloc(st.st_size); - return read(fd, *data, st.st_size); -} - -static void -save_licence(unsigned char *data, int length) -{ - char *fpath; /* file path for licence */ - char *fname, *fnamewrk; /* file name for licence .inkl path. */ - char *home; - uint32 y; - struct flock fnfl; - int fnfd, fnwrkfd, i, wlen; - struct stream s, *s_ptr; - uint32 len; - - /* Construct a stream, so that we can use macros to extract the - * licence. - */ - s_ptr = &s; - s_ptr->p = data; - /* Skip first two bytes */ - in_uint16(s_ptr, len); - - /* Skip three strings */ - for (i = 0; i < 3; i++) - { - in_uint32(s_ptr, len); - s_ptr->p += len; - /* Make sure that we won't be past the end of data after - * reading the next length value - */ - if ((s_ptr->p) + 4 > data + length) - { - printf("Error in parsing licence key.\n"); - printf("Strings %d end value %x > supplied length (%x)\n", i, - (unsigned int) s_ptr->p, (unsigned int) data + length); - return; - } - } - in_uint32(s_ptr, len); - if (s_ptr->p + len > data + length) - { - printf("Error in parsing licence key.\n"); - printf("End of licence %x > supplied length (%x)\n", - (unsigned int) s_ptr->p + len, (unsigned int) data + length); - return; - } - - home = getenv("HOME"); - if (home == NULL) - return; - - /* set and create the directory -- if it doesn't exist. */ - fpath = xmalloc(strlen(home) + 11); - STRNCPY(fpath, home, strlen(home) + 1); - - sprintf(fpath, "%s/.rdesktop", fpath); - if (mkdir(fpath, 0700) == -1 && errno != EEXIST) - { - perror("mkdir"); - exit(1); - } - - /* set the real licence filename, and put a write lock on it. */ - fname = xmalloc(strlen(fpath) + strlen(hostname) + 10); - sprintf(fname, "%s/licence.%s", fpath, hostname); - fnfd = open(fname, O_RDONLY); - if (fnfd != -1) - { - fnfl.l_type = F_WRLCK; - fnfl.l_whence = SEEK_SET; - fnfl.l_start = 0; - fnfl.l_len = 1; - fcntl(fnfd, F_SETLK, &fnfl); - } - - /* create a temporary licence file */ - fnamewrk = xmalloc(strlen(fname) + 12); - for (y = 0;; y++) - { - sprintf(fnamewrk, "%s.%lu", fname, (long unsigned int) y); - fnwrkfd = open(fnamewrk, O_WRONLY | O_CREAT | O_EXCL, 0600); - if (fnwrkfd == -1) - { - if (errno == EINTR || errno == EEXIST) - continue; - perror("create"); - exit(1); - } - break; - } - /* write to the licence file */ - for (y = 0; y < len;) - { - do - { - wlen = write(fnwrkfd, s_ptr->p + y, len - y); - } - while (wlen == -1 && errno == EINTR); - if (wlen < 1) - { - perror("write"); - unlink(fnamewrk); - exit(1); - } - y += wlen; - } - - /* close the file and rename it to fname */ - if (close(fnwrkfd) == -1) - { - perror("close"); - unlink(fnamewrk); - exit(1); - } - if (rename(fnamewrk, fname) == -1) - { - perror("rename"); - unlink(fnamewrk); - exit(1); - } - /* close the file lock on fname */ - if (fnfd != -1) - { - fnfl.l_type = F_UNLCK; - fnfl.l_whence = SEEK_SET; - fnfl.l_start = 0; - fnfl.l_len = 1; - fcntl(fnfd, F_SETLK, &fnfl); - close(fnfd); - } - -} +BOOL g_licence_issued = False; /* Generate a session key and RC4 keys, given client and server randoms */ static void -licence_generate_keys(uint8 * client_key, uint8 * server_key, uint8 * client_rsa) +licence_generate_keys(uint8 * client_random, uint8 * server_random, uint8 * pre_master_secret) { - uint8 session_key[48]; - uint8 temp_hash[48]; + uint8 master_secret[48]; + uint8 key_block[48]; - /* Generate session key - two rounds of sec_hash_48 */ - sec_hash_48(temp_hash, client_rsa, client_key, server_key, 65); - sec_hash_48(session_key, temp_hash, server_key, client_key, 65); + /* Generate master secret and then key material */ + sec_hash_48(master_secret, pre_master_secret, client_random, server_random, 'A'); + sec_hash_48(key_block, master_secret, server_random, client_random, 'A'); - /* Store first 16 bytes of session key, for generating signatures */ - memcpy(licence_sign_key, session_key, 16); + /* Store first 16 bytes of session key as MAC secret */ + memcpy(g_licence_sign_key, key_block, 16); - /* Generate RC4 key */ - sec_hash_16(licence_key, &session_key[16], client_key, server_key); + /* Generate RC4 key from next 16 bytes */ + sec_hash_16(g_licence_key, &key_block[16], client_random, server_random); } static void @@ -235,7 +72,8 @@ s = sec_init(sec_flags, length + 4); - out_uint16_le(s, LICENCE_TAG_PRESENT); + out_uint8(s, LICENCE_TAG_PRESENT); + out_uint8(s, 2); /* version */ out_uint16_le(s, length); out_uint32_le(s, 1); @@ -274,7 +112,8 @@ s = sec_init(sec_flags, length + 2); - out_uint16_le(s, LICENCE_TAG_REQUEST); + out_uint8(s, LICENCE_TAG_REQUEST); + out_uint8(s, 2); /* version */ out_uint16_le(s, length); out_uint32_le(s, 1); @@ -287,12 +126,12 @@ out_uint8p(s, rsa_data, SEC_MODULUS_SIZE); out_uint8s(s, SEC_PADDING_SIZE); - out_uint16(s, LICENCE_TAG_USER); - out_uint16(s, userlen); + out_uint16_le(s, LICENCE_TAG_USER); + out_uint16_le(s, userlen); out_uint8p(s, user, userlen); - out_uint16(s, LICENCE_TAG_HOST); - out_uint16(s, hostlen); + out_uint16_le(s, LICENCE_TAG_HOST); + out_uint16_le(s, hostlen); out_uint8p(s, host, hostlen); s_mark_end(s); @@ -320,14 +159,14 @@ licence_generate_keys(null_data, server_random, null_data); licence_size = load_licence(&licence_data); - if (licence_size != -1) + if (licence_size > 0) { /* Generate a signature for the HWID buffer */ licence_generate_hwid(hwid); - sec_sign(signature, 16, licence_sign_key, 16, hwid, sizeof(hwid)); + sec_sign(signature, 16, g_licence_sign_key, 16, hwid, sizeof(hwid)); /* Now encrypt the HWID */ - RC4_set_key(&crypt_key, 16, licence_key); + RC4_set_key(&crypt_key, 16, g_licence_key); RC4(&crypt_key, sizeof(hwid), hwid, hwid); licence_present(null_data, null_data, licence_data, licence_size, hwid, signature); @@ -335,7 +174,7 @@ return; } - licence_send_request(null_data, null_data, username, hostname); + licence_send_request(null_data, null_data, g_username, hostname); } /* Send an authentication response packet */ @@ -348,7 +187,8 @@ s = sec_init(sec_flags, length + 2); - out_uint16_le(s, LICENCE_TAG_AUTHRESP); + out_uint8(s, LICENCE_TAG_AUTHRESP); + out_uint8(s, 2); /* version */ out_uint16_le(s, length); out_uint16_le(s, 1); @@ -402,17 +242,17 @@ memcpy(out_token, in_token, LICENCE_TOKEN_SIZE); /* Decrypt the token. It should read TEST in Unicode. */ - RC4_set_key(&crypt_key, 16, licence_key); + RC4_set_key(&crypt_key, 16, g_licence_key); RC4(&crypt_key, LICENCE_TOKEN_SIZE, in_token, decrypt_token); /* Generate a signature for a buffer of token and HWID */ licence_generate_hwid(hwid); memcpy(sealed_buffer, decrypt_token, LICENCE_TOKEN_SIZE); memcpy(sealed_buffer + LICENCE_TOKEN_SIZE, hwid, LICENCE_HWID_SIZE); - sec_sign(out_sig, 16, licence_sign_key, 16, sealed_buffer, sizeof(sealed_buffer)); + sec_sign(out_sig, 16, g_licence_sign_key, 16, sealed_buffer, sizeof(sealed_buffer)); /* Now encrypt the HWID */ - RC4_set_key(&crypt_key, 16, licence_key); + RC4_set_key(&crypt_key, 16, g_licence_key); RC4(&crypt_key, LICENCE_HWID_SIZE, hwid, crypt_hwid); licence_send_authresp(out_token, crypt_hwid, out_sig); @@ -425,31 +265,46 @@ RC4_KEY crypt_key; uint32 length; uint16 check; + int i; in_uint8s(s, 2); /* 3d 45 - unknown */ in_uint16_le(s, length); if (!s_check_rem(s, length)) return; - RC4_set_key(&crypt_key, 16, licence_key); + RC4_set_key(&crypt_key, 16, g_licence_key); RC4(&crypt_key, length, s->p, s->p); in_uint16(s, check); if (check != 0) return; - licence_issued = True; - save_licence(s->p, length - 2); + g_licence_issued = True; + + in_uint8s(s, 2); /* pad */ + + /* advance to fourth string */ + length = 0; + for (i = 0; i < 4; i++) + { + in_uint8s(s, length); + in_uint32_le(s, length); + if (!s_check_rem(s, length)) + return; + } + + g_licence_issued = True; + save_licence(s->p, length); } /* Process a licence packet */ void licence_process(STREAM s) { - uint16 tag; + uint8 tag; - in_uint16_le(s, tag); - in_uint8s(s, 2); /* length */ + in_uint8(s, tag); + in_uint8s(s, 3); /* version, length */ switch (tag) { @@ -466,8 +321,6 @@ break; case LICENCE_TAG_REISSUE: - break; - case LICENCE_TAG_RESULT: break;