18 |
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
19 |
*/ |
*/ |
20 |
|
|
21 |
|
#include <time.h> |
22 |
#include "rdesktop.h" |
#include "rdesktop.h" |
23 |
|
|
24 |
extern uint16 g_mcs_userid; |
extern uint16 g_mcs_userid; |
25 |
extern char username[16]; |
extern char g_username[16]; |
26 |
extern BOOL bitmap_compression; |
extern BOOL g_bitmap_compression; |
27 |
extern BOOL orders; |
extern BOOL g_orders; |
28 |
extern BOOL encryption; |
extern BOOL g_encryption; |
29 |
extern BOOL desktop_save; |
extern BOOL g_desktop_save; |
30 |
extern BOOL use_rdp5; |
extern BOOL g_use_rdp5; |
31 |
extern uint16 server_rdp_version; |
extern uint16 g_server_rdp_version; |
32 |
extern int server_bpp; |
extern int g_server_bpp; |
33 |
|
|
34 |
uint8 *next_packet; |
uint8 *g_next_packet; |
35 |
uint32 rdp_shareid; |
uint32 g_rdp_shareid; |
36 |
|
|
37 |
#if WITH_DEBUG |
#if WITH_DEBUG |
38 |
static uint32 packetno; |
static uint32 g_packetno; |
39 |
#endif |
#endif |
40 |
|
|
41 |
/* Receive an RDP packet */ |
/* Receive an RDP packet */ |
45 |
static STREAM rdp_s; |
static STREAM rdp_s; |
46 |
uint16 length, pdu_type; |
uint16 length, pdu_type; |
47 |
|
|
48 |
if ((rdp_s == NULL) || (next_packet >= rdp_s->end)) |
if ((rdp_s == NULL) || (g_next_packet >= rdp_s->end)) |
49 |
{ |
{ |
50 |
rdp_s = sec_recv(); |
rdp_s = sec_recv(); |
51 |
if (rdp_s == NULL) |
if (rdp_s == NULL) |
52 |
return NULL; |
return NULL; |
53 |
|
|
54 |
next_packet = rdp_s->p; |
g_next_packet = rdp_s->p; |
55 |
} |
} |
56 |
else |
else |
57 |
{ |
{ |
58 |
rdp_s->p = next_packet; |
rdp_s->p = g_next_packet; |
59 |
} |
} |
60 |
|
|
61 |
in_uint16_le(rdp_s, length); |
in_uint16_le(rdp_s, length); |
62 |
/* 32k packets are really 8, keepalive fix */ |
/* 32k packets are really 8, keepalive fix */ |
63 |
if (length == 0x8000) |
if (length == 0x8000) |
64 |
{ |
{ |
65 |
next_packet += 8; |
g_next_packet += 8; |
66 |
*type = 0; |
*type = 0; |
67 |
return rdp_s; |
return rdp_s; |
68 |
} |
} |
71 |
*type = pdu_type & 0xf; |
*type = pdu_type & 0xf; |
72 |
|
|
73 |
#if WITH_DEBUG |
#if WITH_DEBUG |
74 |
DEBUG(("RDP packet #%d, (type %x)\n", ++packetno, *type)); |
DEBUG(("RDP packet #%d, (type %x)\n", ++g_packetno, *type)); |
75 |
// hexdump(next_packet, length); |
hexdump(g_next_packet, length); |
76 |
#endif /* */ |
#endif /* */ |
77 |
|
|
78 |
next_packet += length; |
g_next_packet += length; |
79 |
return rdp_s; |
return rdp_s; |
80 |
} |
} |
81 |
|
|
85 |
{ |
{ |
86 |
STREAM s; |
STREAM s; |
87 |
|
|
88 |
s = sec_init(encryption ? SEC_ENCRYPT : 0, maxlen + 18); |
s = sec_init(g_encryption ? SEC_ENCRYPT : 0, maxlen + 18); |
89 |
s_push_layer(s, rdp_hdr, 18); |
s_push_layer(s, rdp_hdr, 18); |
90 |
|
|
91 |
return s; |
return s; |
104 |
out_uint16_le(s, (RDP_PDU_DATA | 0x10)); |
out_uint16_le(s, (RDP_PDU_DATA | 0x10)); |
105 |
out_uint16_le(s, (g_mcs_userid + 1001)); |
out_uint16_le(s, (g_mcs_userid + 1001)); |
106 |
|
|
107 |
out_uint32_le(s, rdp_shareid); |
out_uint32_le(s, g_rdp_shareid); |
108 |
out_uint8(s, 0); /* pad */ |
out_uint8(s, 0); /* pad */ |
109 |
out_uint8(s, 1); /* streamid */ |
out_uint8(s, 1); /* streamid */ |
110 |
out_uint16_le(s, (length - 14)); |
out_uint16_le(s, (length - 14)); |
112 |
out_uint8(s, 0); /* compress_type */ |
out_uint8(s, 0); /* compress_type */ |
113 |
out_uint16(s, 0); /* compress_len */ |
out_uint16(s, 0); /* compress_len */ |
114 |
|
|
115 |
sec_send(s, encryption ? SEC_ENCRYPT : 0); |
sec_send(s, g_encryption ? SEC_ENCRYPT : 0); |
116 |
} |
} |
117 |
|
|
118 |
/* Output a string in Unicode */ |
/* Output a string in Unicode */ |
132 |
s->p += len; |
s->p += len; |
133 |
} |
} |
134 |
|
|
135 |
|
/* Input a string in Unicode |
136 |
|
* |
137 |
|
* Returns str_len of string |
138 |
|
*/ |
139 |
|
int |
140 |
|
rdp_in_unistr(STREAM s, char *string, int uni_len) |
141 |
|
{ |
142 |
|
int i = 0; |
143 |
|
|
144 |
|
while (i < uni_len / 2) |
145 |
|
{ |
146 |
|
in_uint8a(s, &string[i++], 1); |
147 |
|
in_uint8s(s, 1); |
148 |
|
} |
149 |
|
|
150 |
|
return i - 1; |
151 |
|
} |
152 |
|
|
153 |
|
|
154 |
/* Parse a logon info packet */ |
/* Parse a logon info packet */ |
155 |
static void |
static void |
156 |
rdp_send_logon_info(uint32 flags, char *domain, char *user, |
rdp_send_logon_info(uint32 flags, char *domain, char *user, |
164 |
int len_ip = 2 * strlen("127.0.0.1"); |
int len_ip = 2 * strlen("127.0.0.1"); |
165 |
int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll"); |
int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll"); |
166 |
int packetlen = 0; |
int packetlen = 0; |
167 |
uint32 sec_flags = encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; |
uint32 sec_flags = g_encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; |
168 |
STREAM s; |
STREAM s; |
169 |
|
time_t t = time(NULL); |
170 |
|
time_t tzone; |
171 |
|
|
172 |
if (!use_rdp5 || 1 == server_rdp_version) |
if (!g_use_rdp5 || 1 == g_server_rdp_version) |
173 |
{ |
{ |
174 |
DEBUG_RDP5(("Sending RDP4-style Logon packet\n")); |
DEBUG_RDP5(("Sending RDP4-style Logon packet\n")); |
175 |
|
|
193 |
{ |
{ |
194 |
flags |= RDP_LOGON_BLOB; |
flags |= RDP_LOGON_BLOB; |
195 |
DEBUG_RDP5(("Sending RDP5-style Logon packet\n")); |
DEBUG_RDP5(("Sending RDP5-style Logon packet\n")); |
196 |
packetlen = 4 + // Unknown uint32 |
packetlen = 4 + /* Unknown uint32 */ |
197 |
4 + // flags |
4 + /* flags */ |
198 |
2 + // len_domain |
2 + /* len_domain */ |
199 |
2 + // len_user |
2 + /* len_user */ |
200 |
(flags & RDP_LOGON_AUTO ? 2 : 0) + // len_password |
(flags & RDP_LOGON_AUTO ? 2 : 0) + /* len_password */ |
201 |
(flags & RDP_LOGON_BLOB ? 2 : 0) + // Length of BLOB |
(flags & RDP_LOGON_BLOB ? 2 : 0) + /* Length of BLOB */ |
202 |
2 + // len_program |
2 + /* len_program */ |
203 |
2 + // len_directory |
2 + /* len_directory */ |
204 |
(0 < len_domain ? len_domain : 2) + // domain |
(0 < len_domain ? len_domain : 2) + /* domain */ |
205 |
len_user + (flags & RDP_LOGON_AUTO ? len_password : 0) + 0 + // We have no 512 byte BLOB. Perhaps we must? |
len_user + (flags & RDP_LOGON_AUTO ? len_password : 0) + 0 + /* We have no 512 byte BLOB. Perhaps we must? */ |
206 |
(flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO) ? 2 : 0) + // After the BLOB is a unknown int16. If there is a BLOB, that is. |
(flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO) ? 2 : 0) + /* After the BLOB is a unknown int16. If there is a BLOB, that is. */ |
207 |
(0 < len_program ? len_program : 2) + (0 < len_directory ? len_directory : 2) + 2 + // Unknown (2) |
(0 < len_program ? len_program : 2) + (0 < len_directory ? len_directory : 2) + 2 + /* Unknown (2) */ |
208 |
2 + // Client ip length |
2 + /* Client ip length */ |
209 |
len_ip + // Client ip |
len_ip + /* Client ip */ |
210 |
2 + // DLL string length |
2 + /* DLL string length */ |
211 |
len_dll + // DLL string |
len_dll + /* DLL string */ |
212 |
2 + // Unknown |
2 + /* Unknown */ |
213 |
2 + // Unknown |
2 + /* Unknown */ |
214 |
64 + // Time zone #0 |
64 + /* Time zone #0 */ |
215 |
2 + // Unknown |
2 + /* Unknown */ |
216 |
64 + // Time zone #1 |
64 + /* Time zone #1 */ |
217 |
32; // Unknown |
32; /* Unknown */ |
218 |
|
|
219 |
s = sec_init(sec_flags, packetlen); |
s = sec_init(sec_flags, packetlen); |
220 |
DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen)); |
DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen)); |
221 |
|
|
222 |
out_uint32(s, 0); // Unknown |
out_uint32(s, 0); /* Unknown */ |
223 |
out_uint32_le(s, flags); |
out_uint32_le(s, flags); |
224 |
out_uint16_le(s, len_domain); |
out_uint16_le(s, len_domain); |
225 |
out_uint16_le(s, len_user); |
out_uint16_le(s, len_user); |
265 |
out_uint16_le(s, 0); |
out_uint16_le(s, 0); |
266 |
} |
} |
267 |
out_uint16_le(s, 2); |
out_uint16_le(s, 2); |
268 |
out_uint16_le(s, len_ip + 2); // Length of client ip |
out_uint16_le(s, len_ip + 2); /* Length of client ip */ |
269 |
rdp_out_unistr(s, "127.0.0.1", len_ip); |
rdp_out_unistr(s, "127.0.0.1", len_ip); |
270 |
out_uint16_le(s, len_dll + 2); |
out_uint16_le(s, len_dll + 2); |
271 |
rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll); |
rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll); |
272 |
out_uint16_le(s, 0xffc4); |
|
273 |
out_uint16_le(s, 0xffff); |
tzone = (mktime(gmtime(&t)) - mktime(localtime(&t))) / 60; |
274 |
|
out_uint32_le(s, tzone); |
275 |
|
|
276 |
rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid")); |
rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid")); |
277 |
out_uint8s(s, 62 - 2 * strlen("GTB, normaltid")); |
out_uint8s(s, 62 - 2 * strlen("GTB, normaltid")); |
278 |
|
|
382 |
out_uint16_le(s, 0x200); /* Protocol version */ |
out_uint16_le(s, 0x200); /* Protocol version */ |
383 |
out_uint16(s, 0); /* Pad */ |
out_uint16(s, 0); /* Pad */ |
384 |
out_uint16(s, 0); /* Compression types */ |
out_uint16(s, 0); /* Compression types */ |
385 |
out_uint16_le(s, use_rdp5 ? 0x40d : 0); |
out_uint16_le(s, g_use_rdp5 ? 0x40d : 0); |
386 |
/* Pad, according to T.128. 0x40d seems to |
/* Pad, according to T.128. 0x40d seems to |
387 |
trigger |
trigger |
388 |
the server to start sending RDP5 packets. |
the server to start sending RDP5 packets. |
411 |
out_uint16_le(s, 600); /* Desktop height */ |
out_uint16_le(s, 600); /* Desktop height */ |
412 |
out_uint16(s, 0); /* Pad */ |
out_uint16(s, 0); /* Pad */ |
413 |
out_uint16(s, 0); /* Allow resize */ |
out_uint16(s, 0); /* Allow resize */ |
414 |
out_uint16_le(s, bitmap_compression ? 1 : 0); /* Support compression */ |
out_uint16_le(s, g_bitmap_compression ? 1 : 0); /* Support compression */ |
415 |
out_uint16(s, 0); /* Unknown */ |
out_uint16(s, 0); /* Unknown */ |
416 |
out_uint16_le(s, 1); /* Unknown */ |
out_uint16_le(s, 1); /* Unknown */ |
417 |
out_uint16(s, 0); /* Pad */ |
out_uint16(s, 0); /* Pad */ |
432 |
order_caps[8] = 1; /* line */ |
order_caps[8] = 1; /* line */ |
433 |
order_caps[9] = 1; /* line */ |
order_caps[9] = 1; /* line */ |
434 |
order_caps[10] = 1; /* rect */ |
order_caps[10] = 1; /* rect */ |
435 |
order_caps[11] = (desktop_save == False ? 0 : 1); /* desksave */ |
order_caps[11] = (g_desktop_save == False ? 0 : 1); /* desksave */ |
436 |
order_caps[13] = 1; /* memblt */ |
order_caps[13] = 1; /* memblt */ |
437 |
order_caps[14] = 1; /* triblt */ |
order_caps[14] = 1; /* triblt */ |
438 |
order_caps[22] = 1; /* polyline */ |
order_caps[22] = 1; /* polyline */ |
450 |
out_uint8p(s, order_caps, 32); /* Orders supported */ |
out_uint8p(s, order_caps, 32); /* Orders supported */ |
451 |
out_uint16_le(s, 0x6a1); /* Text capability flags */ |
out_uint16_le(s, 0x6a1); /* Text capability flags */ |
452 |
out_uint8s(s, 6); /* Pad */ |
out_uint8s(s, 6); /* Pad */ |
453 |
out_uint32_le(s, desktop_save == False ? 0 : 0x38400); /* Desktop cache size */ |
out_uint32_le(s, g_desktop_save == False ? 0 : 0x38400); /* Desktop cache size */ |
454 |
out_uint32(s, 0); /* Unknown */ |
out_uint32(s, 0); /* Unknown */ |
455 |
out_uint32_le(s, 0x4e4); /* Unknown */ |
out_uint32_le(s, 0x4e4); /* Unknown */ |
456 |
} |
} |
463 |
out_uint16_le(s, RDP_CAPSET_BMPCACHE); |
out_uint16_le(s, RDP_CAPSET_BMPCACHE); |
464 |
out_uint16_le(s, RDP_CAPLEN_BMPCACHE); |
out_uint16_le(s, RDP_CAPLEN_BMPCACHE); |
465 |
|
|
466 |
Bpp = (server_bpp + 7) / 8; |
Bpp = (g_server_bpp + 7) / 8; |
467 |
out_uint8s(s, 24); /* unused */ |
out_uint8s(s, 24); /* unused */ |
468 |
out_uint16_le(s, 0x258); /* entries */ |
out_uint16_le(s, 0x258); /* entries */ |
469 |
out_uint16_le(s, 0x100 * Bpp); /* max cell size */ |
out_uint16_le(s, 0x100 * Bpp); /* max cell size */ |
570 |
rdp_send_confirm_active(void) |
rdp_send_confirm_active(void) |
571 |
{ |
{ |
572 |
STREAM s; |
STREAM s; |
573 |
uint32 sec_flags = encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG; |
uint32 sec_flags = g_encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG; |
574 |
uint16 caplen = |
uint16 caplen = |
575 |
RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER + |
RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER + |
576 |
RDP_CAPLEN_BMPCACHE + RDP_CAPLEN_COLCACHE + |
RDP_CAPLEN_BMPCACHE + RDP_CAPLEN_COLCACHE + |
583 |
out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10)); /* Version 1 */ |
out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10)); /* Version 1 */ |
584 |
out_uint16_le(s, (g_mcs_userid + 1001)); |
out_uint16_le(s, (g_mcs_userid + 1001)); |
585 |
|
|
586 |
out_uint32_le(s, rdp_shareid); |
out_uint32_le(s, g_rdp_shareid); |
587 |
out_uint16_le(s, 0x3ea); /* userid */ |
out_uint16_le(s, 0x3ea); /* userid */ |
588 |
out_uint16_le(s, sizeof(RDP_SOURCE)); |
out_uint16_le(s, sizeof(RDP_SOURCE)); |
589 |
out_uint16_le(s, caplen); |
out_uint16_le(s, caplen); |
613 |
{ |
{ |
614 |
uint8 type; |
uint8 type; |
615 |
|
|
616 |
in_uint32_le(s, rdp_shareid); |
in_uint32_le(s, g_rdp_shareid); |
617 |
|
|
618 |
DEBUG(("DEMAND_ACTIVE(id=0x%x)\n", rdp_shareid)); |
DEBUG(("DEMAND_ACTIVE(id=0x%x)\n", g_rdp_shareid)); |
619 |
|
|
620 |
rdp_send_confirm_active(); |
rdp_send_confirm_active(); |
621 |
rdp_send_synchronise(); |
rdp_send_synchronise(); |
624 |
rdp_recv(&type); /* RDP_PDU_SYNCHRONIZE */ |
rdp_recv(&type); /* RDP_PDU_SYNCHRONIZE */ |
625 |
rdp_recv(&type); /* RDP_CTL_COOPERATE */ |
rdp_recv(&type); /* RDP_CTL_COOPERATE */ |
626 |
rdp_recv(&type); /* RDP_CTL_GRANT_CONTROL */ |
rdp_recv(&type); /* RDP_CTL_GRANT_CONTROL */ |
627 |
rdp_send_input(0, RDP_INPUT_SYNCHRONIZE, 0, 0, 0); |
rdp_send_input(0, RDP_INPUT_SYNCHRONIZE, 0, ui_get_numlock_state(read_keyboard_state()), 0); |
628 |
rdp_send_fonts(1); |
rdp_send_fonts(1); |
629 |
rdp_send_fonts(2); |
rdp_send_fonts(2); |
630 |
rdp_recv(&type); /* RDP_PDU_UNKNOWN 0x28 */ |
rdp_recv(&type); /* RDP_PDU_UNKNOWN 0x28 */ |
631 |
reset_order_state(); |
reset_order_state(); |
632 |
} |
} |
633 |
|
|
|
/* Process a null system pointer PDU */ |
|
|
void |
|
|
process_null_system_pointer_pdu(STREAM s) |
|
|
{ |
|
|
// FIXME: We should probably set another cursor here, |
|
|
// like the X window system base cursor or something. |
|
|
ui_set_cursor(cache_get_cursor(0)); |
|
|
} |
|
|
|
|
634 |
/* Process a colour pointer PDU */ |
/* Process a colour pointer PDU */ |
635 |
void |
void |
636 |
process_colour_pointer_pdu(STREAM s) |
process_colour_pointer_pdu(STREAM s) |
663 |
ui_set_cursor(cache_get_cursor(cache_idx)); |
ui_set_cursor(cache_get_cursor(cache_idx)); |
664 |
} |
} |
665 |
|
|
666 |
|
/* Process a system pointer PDU */ |
667 |
|
void |
668 |
|
process_system_pointer_pdu(STREAM s) |
669 |
|
{ |
670 |
|
uint16 system_pointer_type; |
671 |
|
|
672 |
|
in_uint16(s, system_pointer_type); |
673 |
|
switch (system_pointer_type) |
674 |
|
{ |
675 |
|
case RDP_NULL_POINTER: |
676 |
|
ui_set_null_cursor(); |
677 |
|
break; |
678 |
|
|
679 |
|
default: |
680 |
|
unimpl("System pointer message 0x%x\n", system_pointer_type); |
681 |
|
} |
682 |
|
} |
683 |
|
|
684 |
/* Process a pointer PDU */ |
/* Process a pointer PDU */ |
685 |
static void |
static void |
708 |
process_cached_pointer_pdu(s); |
process_cached_pointer_pdu(s); |
709 |
break; |
break; |
710 |
|
|
711 |
|
case RDP_POINTER_SYSTEM: |
712 |
|
process_system_pointer_pdu(s); |
713 |
|
break; |
714 |
|
|
715 |
default: |
default: |
716 |
DEBUG(("Pointer message 0x%x\n", message_type)); |
unimpl("Pointer message 0x%x\n", message_type); |
717 |
} |
} |
718 |
} |
} |
719 |
|
|
748 |
DEBUG(("BITMAP_UPDATE(l=%d,t=%d,r=%d,b=%d,w=%d,h=%d,Bpp=%d,cmp=%d)\n", |
DEBUG(("BITMAP_UPDATE(l=%d,t=%d,r=%d,b=%d,w=%d,h=%d,Bpp=%d,cmp=%d)\n", |
749 |
left, top, right, bottom, width, height, Bpp, compress)); |
left, top, right, bottom, width, height, Bpp, compress)); |
750 |
|
|
751 |
|
/* Server may limit bpp - this is how we find out */ |
752 |
|
if (g_server_bpp != bpp) |
753 |
|
{ |
754 |
|
warning("Server limited colour depth to %d bits\n", bpp); |
755 |
|
g_server_bpp = bpp; |
756 |
|
} |
757 |
|
|
758 |
if (!compress) |
if (!compress) |
759 |
{ |
{ |
760 |
int y; |
int y; |
889 |
/* User logged on */ |
/* User logged on */ |
890 |
break; |
break; |
891 |
|
|
892 |
|
case RDP_DATA_PDU_DISCONNECT: |
893 |
|
/* Normally received when user logs out or disconnects from a |
894 |
|
console session on Windows XP and 2003 Server */ |
895 |
|
DEBUG(("Received disconnect PDU\n")); |
896 |
|
break; |
897 |
|
|
898 |
default: |
default: |
899 |
unimpl("data PDU %d\n", data_pdu_type); |
unimpl("data PDU %d\n", data_pdu_type); |
900 |
} |
} |
947 |
rdp_connect(char *server, uint32 flags, char *domain, char *password, |
rdp_connect(char *server, uint32 flags, char *domain, char *password, |
948 |
char *command, char *directory) |
char *command, char *directory) |
949 |
{ |
{ |
950 |
if (!sec_connect(server, username)) |
if (!sec_connect(server, g_username)) |
951 |
return False; |
return False; |
952 |
|
|
953 |
rdp_send_logon_info(flags, domain, username, password, command, directory); |
rdp_send_logon_info(flags, domain, g_username, password, command, directory); |
954 |
return True; |
return True; |
955 |
} |
} |
956 |
|
|