--- sourceforge.net/trunk/rdesktop/rdp.c 2003/05/19 21:36:33 376 +++ sourceforge.net/trunk/rdesktop/rdp.c 2005/03/06 21:11:18 828 @@ -1,39 +1,48 @@ /* -*- c-basic-offset: 8 -*- rdesktop: A Remote Desktop Protocol client. Protocol services - RDP layer - Copyright (C) Matthew Chapman 1999-2002 - + Copyright (C) Matthew Chapman 1999-2005 + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +#include #include "rdesktop.h" -extern uint16 mcs_userid; -extern char username[16]; -extern BOOL bitmap_compression; -extern BOOL orders; -extern BOOL encryption; -extern BOOL desktop_save; -extern BOOL use_rdp5; -extern uint16 server_rdp_version; +extern uint16 g_mcs_userid; +extern char g_username[16]; +extern BOOL g_bitmap_compression; +extern BOOL g_orders; +extern BOOL g_encryption; +extern BOOL g_desktop_save; +extern BOOL g_use_rdp5; +extern uint16 g_server_rdp_version; +extern uint32 g_rdp5_performanceflags; +extern int g_server_bpp; +extern int g_width; +extern int g_height; +extern BOOL g_bitmap_cache; +extern BOOL g_bitmap_cache_persist_enable; -uint8 *next_packet; -uint32 rdp_shareid; +uint8 *g_next_packet; +uint32 g_rdp_shareid; + +extern RDPCOMP g_mppc_dict; #if WITH_DEBUG -static uint32 packetno; +static uint32 g_packetno; #endif /* Receive an RDP packet */ @@ -42,25 +51,39 @@ { static STREAM rdp_s; uint16 length, pdu_type; + uint8 rdpver; - if ((rdp_s == NULL) || (next_packet >= rdp_s->end)) + if ((rdp_s == NULL) || (g_next_packet >= rdp_s->end)) { - rdp_s = sec_recv(); + rdp_s = sec_recv(&rdpver); if (rdp_s == NULL) return NULL; + if (rdpver == 0xff) + { + g_next_packet = rdp_s->end; + *type = 0; + return rdp_s; + } + else if (rdpver != 3) + { + /* rdp5_process should move g_next_packet ok */ + rdp5_process(rdp_s); + *type = 0; + return rdp_s; + } - next_packet = rdp_s->p; + g_next_packet = rdp_s->p; } else { - rdp_s->p = next_packet; + rdp_s->p = g_next_packet; } in_uint16_le(rdp_s, length); /* 32k packets are really 8, keepalive fix */ if (length == 0x8000) { - next_packet += 8; + g_next_packet += 8; *type = 0; return rdp_s; } @@ -69,11 +92,11 @@ *type = pdu_type & 0xf; #if WITH_DEBUG - DEBUG(("RDP packet #%d, (type %x)\n", ++packetno, *type)); - // hexdump(next_packet, length); + DEBUG(("RDP packet #%d, (type %x)\n", ++g_packetno, *type)); + hexdump(g_next_packet, length); #endif /* */ - next_packet += length; + g_next_packet += length; return rdp_s; } @@ -83,7 +106,7 @@ { STREAM s; - s = sec_init(encryption ? SEC_ENCRYPT : 0, maxlen + 18); + s = sec_init(g_encryption ? SEC_ENCRYPT : 0, maxlen + 18); s_push_layer(s, rdp_hdr, 18); return s; @@ -100,9 +123,9 @@ out_uint16_le(s, length); out_uint16_le(s, (RDP_PDU_DATA | 0x10)); - out_uint16_le(s, (mcs_userid + 1001)); + out_uint16_le(s, (g_mcs_userid + 1001)); - out_uint32_le(s, rdp_shareid); + out_uint32_le(s, g_rdp_shareid); out_uint8(s, 0); /* pad */ out_uint8(s, 1); /* streamid */ out_uint16_le(s, (length - 14)); @@ -110,7 +133,7 @@ out_uint8(s, 0); /* compress_type */ out_uint16(s, 0); /* compress_len */ - sec_send(s, encryption ? SEC_ENCRYPT : 0); + sec_send(s, g_encryption ? SEC_ENCRYPT : 0); } /* Output a string in Unicode */ @@ -130,23 +153,51 @@ s->p += len; } +/* Input a string in Unicode + * + * Returns str_len of string + */ +int +rdp_in_unistr(STREAM s, char *string, int uni_len) +{ + int i = 0; + + while (i < uni_len / 2) + { + in_uint8a(s, &string[i++], 1); + in_uint8s(s, 1); + } + + return i - 1; +} + + /* Parse a logon info packet */ static void rdp_send_logon_info(uint32 flags, char *domain, char *user, char *password, char *program, char *directory) { + char *ipaddr = tcp_get_address(); int len_domain = 2 * strlen(domain); int len_user = 2 * strlen(user); int len_password = 2 * strlen(password); int len_program = 2 * strlen(program); int len_directory = 2 * strlen(directory); - int len_ip = 2 * strlen("127.0.0.1"); + int len_ip = 2 * strlen(ipaddr); int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll"); int packetlen = 0; - uint32 sec_flags = encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; + uint32 sec_flags = g_encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; STREAM s; + time_t t = time(NULL); + time_t tzone; - if (!use_rdp5 || 1 == server_rdp_version) +#if 0 + /* enable rdp compression */ + /* some problems still exist with rdp5 */ + flags |= RDP_COMPRESSION; +#endif + + if (!g_use_rdp5 || 1 == g_server_rdp_version) { DEBUG_RDP5(("Sending RDP4-style Logon packet\n")); @@ -168,39 +219,36 @@ } else { + flags |= RDP_LOGON_BLOB; DEBUG_RDP5(("Sending RDP5-style Logon packet\n")); - packetlen = 4 + // Unknown uint32 - 4 + // flags - 2 + // len_domain - 2 + // len_user - (flags & RDP_LOGON_AUTO ? 2 : 0) + // len_password - (flags & RDP_LOGON_BLOB ? 2 : 0) + // Length of BLOB - 2 + // len_program - 2 + // len_directory - (0 < len_domain ? len_domain : 2) + // domain - len_user + - (flags & RDP_LOGON_AUTO ? len_password : 0) + - 0 + // We have no 512 byte BLOB. Perhaps we must? - (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO) ? 2 : 0) + // After the BLOB is a unknown int16. If there is a BLOB, that is. - (0 < len_program ? len_program : 2) + - (0 < len_directory ? len_directory : 2) + - 2 + // Unknown (2) - 2 + // Client ip length - len_ip + // Client ip - 2 + // DLL string length - len_dll + // DLL string - 2 + // Unknown - 2 + // Unknown - 64 + // Time zone #0 - 2 + // Unknown - 64 + // Time zone #1 - 32; // Unknown - - s = sec_init(sec_flags, packetlen); + packetlen = 4 + /* Unknown uint32 */ + 4 + /* flags */ + 2 + /* len_domain */ + 2 + /* len_user */ + (flags & RDP_LOGON_AUTO ? 2 : 0) + /* len_password */ + (flags & RDP_LOGON_BLOB ? 2 : 0) + /* Length of BLOB */ + 2 + /* len_program */ + 2 + /* len_directory */ + (0 < len_domain ? len_domain : 2) + /* domain */ + len_user + (flags & RDP_LOGON_AUTO ? len_password : 0) + 0 + /* We have no 512 byte BLOB. Perhaps we must? */ + (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO) ? 2 : 0) + /* After the BLOB is a unknown int16. If there is a BLOB, that is. */ + (0 < len_program ? len_program : 2) + (0 < len_directory ? len_directory : 2) + 2 + /* Unknown (2) */ + 2 + /* Client ip length */ + len_ip + /* Client ip */ + 2 + /* DLL string length */ + len_dll + /* DLL string */ + 2 + /* Unknown */ + 2 + /* Unknown */ + 64 + /* Time zone #0 */ + 2 + /* Unknown */ + 64 + /* Time zone #1 */ + 32; /* Unknown */ + + s = sec_init(sec_flags, packetlen); DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen)); - out_uint32(s, 0); // Unknown + out_uint32(s, 0); /* Unknown */ out_uint32_le(s, flags); out_uint16_le(s, len_domain); out_uint16_le(s, len_user); @@ -209,55 +257,62 @@ out_uint16_le(s, len_password); } - if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) { + if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) + { out_uint16_le(s, 0); } out_uint16_le(s, len_program); out_uint16_le(s, len_directory); if (0 < len_domain) rdp_out_unistr(s, domain, len_domain); - else + else out_uint16_le(s, 0); rdp_out_unistr(s, user, len_user); if (flags & RDP_LOGON_AUTO) { rdp_out_unistr(s, password, len_password); } - if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) { + if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) + { out_uint16_le(s, 0); } - if (0 < len_program) { + if (0 < len_program) + { rdp_out_unistr(s, program, len_program); - - } else { + + } + else + { out_uint16_le(s, 0); } - if (0 < len_directory) { + if (0 < len_directory) + { rdp_out_unistr(s, directory, len_directory); - } else { + } + else + { out_uint16_le(s, 0); } out_uint16_le(s, 2); - out_uint16_le(s, len_ip+2); // Length of client ip - rdp_out_unistr(s, "127.0.0.1", len_ip); - out_uint16_le(s, len_dll+2); + out_uint16_le(s, len_ip + 2); /* Length of client ip */ + rdp_out_unistr(s, ipaddr, len_ip); + out_uint16_le(s, len_dll + 2); rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll); - out_uint16_le(s, 0xffc4); - out_uint16_le(s, 0xffff); - rdp_out_unistr(s, "GTB, normaltid", - 2*strlen("GTB, normaltid")); - out_uint8s(s, 62-2*strlen("GTB, normaltid")); - + + tzone = (mktime(gmtime(&t)) - mktime(localtime(&t))) / 60; + out_uint32_le(s, tzone); + + rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid")); + out_uint8s(s, 62 - 2 * strlen("GTB, normaltid")); out_uint32_le(s, 0x0a0000); out_uint32_le(s, 0x050000); out_uint32_le(s, 3); out_uint32_le(s, 0); out_uint32_le(s, 0); - - rdp_out_unistr(s, "GTB, sommartid", - 2*strlen("GTB, sommartid")); - out_uint8s(s, 62-2*strlen("GTB, sommartid")); + + rdp_out_unistr(s, "GTB, sommartid", 2 * strlen("GTB, sommartid")); + out_uint8s(s, 62 - 2 * strlen("GTB, sommartid")); out_uint32_le(s, 0x30000); out_uint32_le(s, 0x050000); @@ -265,7 +320,7 @@ out_uint32(s, 0); out_uint32_le(s, 0xffffffc4); out_uint32_le(s, 0xfffffffe); - out_uint32_le(s, 0x0f); + out_uint32_le(s, g_rdp5_performanceflags); out_uint32(s, 0); @@ -326,6 +381,50 @@ rdp_send_data(s, RDP_DATA_PDU_INPUT); } +/* Inform the server on the contents of the persistent bitmap cache */ +static void +rdp_enum_bmpcache2(void) +{ + STREAM s; + uint8 idlist[BMPCACHE2_NUM_PSTCELLS * sizeof(BITMAP_ID)]; + uint32 nids, offset, count, flags; + + offset = 0; + nids = pstcache_enumerate(2, idlist); + + while (offset < nids) + { + count = MIN(nids - offset, 169); + + s = rdp_init_data(24 + count * sizeof(BITMAP_ID)); + + flags = 0; + if (offset == 0) + flags |= PDU_FLAG_FIRST; + if (nids - offset <= 169) + flags |= PDU_FLAG_LAST; + + /* header */ + out_uint32_le(s, 0); + out_uint16_le(s, count); + out_uint16_le(s, 0); + out_uint16_le(s, 0); + out_uint16_le(s, 0); + out_uint16_le(s, 0); + out_uint16_le(s, nids); + out_uint32_le(s, 0); + out_uint32_le(s, flags); + + /* list */ + out_uint8a(s, idlist + offset * sizeof(BITMAP_ID), count * sizeof(BITMAP_ID)); + + s_mark_end(s); + rdp_send_data(s, 0x2b); + + offset += 169; + } +} + /* Send an (empty) font information PDU */ static void rdp_send_fonts(uint16 seq) @@ -335,7 +434,7 @@ s = rdp_init_data(8); out_uint16(s, 0); /* number of fonts */ - out_uint16_le(s, 0x3e); /* unknown */ + out_uint16_le(s, 0); /* pad? */ out_uint16_le(s, seq); /* unknown */ out_uint16_le(s, 0x32); /* entry size */ @@ -355,7 +454,7 @@ out_uint16_le(s, 0x200); /* Protocol version */ out_uint16(s, 0); /* Pad */ out_uint16(s, 0); /* Compression types */ - out_uint16_le(s, use_rdp5 ? 0x40d : 0); + out_uint16_le(s, g_use_rdp5 ? 0x40d : 0); /* Pad, according to T.128. 0x40d seems to trigger the server to start sending RDP5 packets. @@ -376,15 +475,15 @@ out_uint16_le(s, RDP_CAPSET_BITMAP); out_uint16_le(s, RDP_CAPLEN_BITMAP); - out_uint16_le(s, 8); /* Preferred BPP */ + out_uint16_le(s, g_server_bpp); /* Preferred BPP */ out_uint16_le(s, 1); /* Receive 1 BPP */ out_uint16_le(s, 1); /* Receive 4 BPP */ out_uint16_le(s, 1); /* Receive 8 BPP */ out_uint16_le(s, 800); /* Desktop width */ out_uint16_le(s, 600); /* Desktop height */ out_uint16(s, 0); /* Pad */ - out_uint16(s, 0); /* Allow resize */ - out_uint16_le(s, bitmap_compression ? 1 : 0); /* Support compression */ + out_uint16(s, 1); /* Allow resize */ + out_uint16_le(s, g_bitmap_compression ? 1 : 0); /* Support compression */ out_uint16(s, 0); /* Unknown */ out_uint16_le(s, 1); /* Unknown */ out_uint16(s, 0); /* Pad */ @@ -401,11 +500,11 @@ order_caps[0] = 1; /* dest blt */ order_caps[1] = 1; /* pat blt */ order_caps[2] = 1; /* screen blt */ - order_caps[3] = 1; /* required for memblt? */ + order_caps[3] = (g_bitmap_cache ? 1 : 0); /* memblt */ order_caps[8] = 1; /* line */ order_caps[9] = 1; /* line */ order_caps[10] = 1; /* rect */ - order_caps[11] = (desktop_save == False ? 0 : 1); /* desksave */ + order_caps[11] = (g_desktop_save == False ? 0 : 1); /* desksave */ order_caps[13] = 1; /* memblt */ order_caps[14] = 1; /* triblt */ order_caps[22] = 1; /* polyline */ @@ -423,7 +522,7 @@ out_uint8p(s, order_caps, 32); /* Orders supported */ out_uint16_le(s, 0x6a1); /* Text capability flags */ out_uint8s(s, 6); /* Pad */ - out_uint32_le(s, desktop_save == False ? 0 : 0x38400); /* Desktop cache size */ + out_uint32_le(s, g_desktop_save == False ? 0 : 0x38400); /* Desktop cache size */ out_uint32(s, 0); /* Unknown */ out_uint32_le(s, 0x4e4); /* Unknown */ } @@ -432,16 +531,42 @@ static void rdp_out_bmpcache_caps(STREAM s) { + int Bpp; out_uint16_le(s, RDP_CAPSET_BMPCACHE); out_uint16_le(s, RDP_CAPLEN_BMPCACHE); + Bpp = (g_server_bpp + 7) / 8; out_uint8s(s, 24); /* unused */ out_uint16_le(s, 0x258); /* entries */ - out_uint16_le(s, 0x100); /* max cell size */ + out_uint16_le(s, 0x100 * Bpp); /* max cell size */ out_uint16_le(s, 0x12c); /* entries */ - out_uint16_le(s, 0x400); /* max cell size */ + out_uint16_le(s, 0x400 * Bpp); /* max cell size */ out_uint16_le(s, 0x106); /* entries */ - out_uint16_le(s, 0x1000); /* max cell size */ + out_uint16_le(s, 0x1000 * Bpp); /* max cell size */ +} + +/* Output bitmap cache v2 capability set */ +static void +rdp_out_bmpcache2_caps(STREAM s) +{ + out_uint16_le(s, RDP_CAPSET_BMPCACHE2); + out_uint16_le(s, RDP_CAPLEN_BMPCACHE2); + + out_uint16_le(s, g_bitmap_cache_persist_enable ? 2 : 0); /* version */ + + out_uint16_le(s, 0x0300); /* flags? number of caches? */ + + out_uint32_le(s, BMPCACHE2_C0_CELLS); + out_uint32_le(s, BMPCACHE2_C1_CELLS); + if (pstcache_init(2)) + { + out_uint32_le(s, BMPCACHE2_NUM_PSTCELLS | BMPCACHE2_FLAG_PERSIST); + } + else + { + out_uint32_le(s, BMPCACHE2_C2_CELLS); + } + out_uint8s(s, 20); /* other bitmap caches not used */ } /* Output control capability set */ @@ -503,36 +628,41 @@ out_uint16(s, 0); /* pad */ } -static uint8 canned_caps[] = { - 0x01, 0x00, 0x00, 0x00, 0x09, 0x04, 0x00, 0x00, 0x04, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0C, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x0C, 0x00, 0x08, 0x00, 0x01, - 0x00, 0x00, 0x00, 0x0E, 0x00, 0x08, 0x00, 0x01, 0x00, 0x00, 0x00, - 0x10, 0x00, 0x34, 0x00, 0xFE, - 0x00, 0x04, 0x00, 0xFE, 0x00, 0x04, 0x00, 0xFE, 0x00, 0x08, 0x00, - 0xFE, 0x00, 0x08, 0x00, 0xFE, - 0x00, 0x10, 0x00, 0xFE, 0x00, 0x20, 0x00, 0xFE, 0x00, 0x40, 0x00, - 0xFE, 0x00, 0x80, 0x00, 0xFE, - 0x00, 0x00, 0x01, 0x40, 0x00, 0x00, 0x08, 0x00, 0x01, 0x00, 0x01, - 0x02, 0x00, 0x00, 0x00 +static uint8 caps_0x0d[] = { + 0x01, 0x00, 0x00, 0x00, 0x09, 0x04, 0x00, 0x00, + 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x0C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 +}; + +static uint8 caps_0x0c[] = { 0x01, 0x00, 0x00, 0x00 }; + +static uint8 caps_0x0e[] = { 0x01, 0x00, 0x00, 0x00 }; + +static uint8 caps_0x10[] = { + 0xFE, 0x00, 0x04, 0x00, 0xFE, 0x00, 0x04, 0x00, + 0xFE, 0x00, 0x08, 0x00, 0xFE, 0x00, 0x08, 0x00, + 0xFE, 0x00, 0x10, 0x00, 0xFE, 0x00, 0x20, 0x00, + 0xFE, 0x00, 0x40, 0x00, 0xFE, 0x00, 0x80, 0x00, + 0xFE, 0x00, 0x00, 0x01, 0x40, 0x00, 0x00, 0x08, + 0x00, 0x01, 0x00, 0x01, 0x02, 0x00, 0x00, 0x00 }; -/* Output unknown capability sets (number 13, 12, 14 and 16) */ +/* Output unknown capability sets */ static void -rdp_out_unknown_caps(STREAM s) +rdp_out_unknown_caps(STREAM s, uint16 id, uint16 length, uint8 * caps) { - out_uint16_le(s, RDP_CAPSET_UNKNOWN); - out_uint16_le(s, 0x58); + out_uint16_le(s, id); + out_uint16_le(s, length); - out_uint8p(s, canned_caps, RDP_CAPLEN_UNKNOWN - 4); + out_uint8p(s, caps, length - 4); } #define RDP5_FLAG 0x0030 @@ -541,20 +671,22 @@ rdp_send_confirm_active(void) { STREAM s; - uint32 sec_flags = encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG; + uint32 sec_flags = g_encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG; uint16 caplen = RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER + RDP_CAPLEN_BMPCACHE + RDP_CAPLEN_COLCACHE + RDP_CAPLEN_ACTIVATE + RDP_CAPLEN_CONTROL + - RDP_CAPLEN_POINTER + RDP_CAPLEN_SHARE + RDP_CAPLEN_UNKNOWN + 4 /* w2k fix, why? */ ; + RDP_CAPLEN_POINTER + RDP_CAPLEN_SHARE + + 0x58 + 0x08 + 0x08 + 0x34 /* unknown caps */ + + 4 /* w2k fix, why? */ ; s = sec_init(sec_flags, 6 + 14 + caplen + sizeof(RDP_SOURCE)); out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE)); out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10)); /* Version 1 */ - out_uint16_le(s, (mcs_userid + 1001)); + out_uint16_le(s, (g_mcs_userid + 1001)); - out_uint32_le(s, rdp_shareid); + out_uint32_le(s, g_rdp_shareid); out_uint16_le(s, 0x3ea); /* userid */ out_uint16_le(s, sizeof(RDP_SOURCE)); out_uint16_le(s, caplen); @@ -566,27 +698,120 @@ rdp_out_general_caps(s); rdp_out_bitmap_caps(s); rdp_out_order_caps(s); - rdp_out_bmpcache_caps(s); + g_use_rdp5 ? rdp_out_bmpcache2_caps(s) : rdp_out_bmpcache_caps(s); rdp_out_colcache_caps(s); rdp_out_activate_caps(s); rdp_out_control_caps(s); rdp_out_pointer_caps(s); rdp_out_share_caps(s); - rdp_out_unknown_caps(s); + + rdp_out_unknown_caps(s, 0x0d, 0x58, caps_0x0d); /* international? */ + rdp_out_unknown_caps(s, 0x0c, 0x08, caps_0x0c); + rdp_out_unknown_caps(s, 0x0e, 0x08, caps_0x0e); + rdp_out_unknown_caps(s, 0x10, 0x34, caps_0x10); /* glyph cache? */ s_mark_end(s); sec_send(s, sec_flags); } +/* Process a general capability set */ +static void +rdp_process_general_caps(STREAM s) +{ + uint16 pad2octetsB; /* rdp5 flags? */ + + in_uint8s(s, 10); + in_uint16_le(s, pad2octetsB); + + if (!pad2octetsB) + g_use_rdp5 = False; +} + +/* Process a bitmap capability set */ +static void +rdp_process_bitmap_caps(STREAM s) +{ + uint16 width, height, bpp; + + in_uint16_le(s, bpp); + in_uint8s(s, 6); + + in_uint16_le(s, width); + in_uint16_le(s, height); + + DEBUG(("setting desktop size and bpp to: %dx%dx%d\n", width, height, bpp)); + + /* + * The server may limit bpp and change the size of the desktop (for + * example when shadowing another session). + */ + if (g_server_bpp != bpp) + { + warning("colour depth changed from %d to %d\n", g_server_bpp, bpp); + g_server_bpp = bpp; + } + if (g_width != width || g_height != height) + { + warning("screen size changed from %dx%d to %dx%d\n", g_width, g_height, + width, height); + g_width = width; + g_height = height; + ui_resize_window(); + } +} + +/* Process server capabilities */ +void +rdp_process_server_caps(STREAM s, uint16 length) +{ + int n; + uint8 *next, *start; + uint16 ncapsets, capset_type, capset_length; + + start = s->p; + + in_uint16_le(s, ncapsets); + in_uint8s(s, 2); /* pad */ + + for (n = 0; n < ncapsets; n++) + { + if (s->p > start + length) + return; + + in_uint16_le(s, capset_type); + in_uint16_le(s, capset_length); + + next = s->p + capset_length - 4; + + switch (capset_type) + { + case RDP_CAPSET_GENERAL: + rdp_process_general_caps(s); + break; + + case RDP_CAPSET_BITMAP: + rdp_process_bitmap_caps(s); + break; + } + + s->p = next; + } +} + /* Respond to a demand active PDU */ static void process_demand_active(STREAM s) { uint8 type; + uint16 len_src_descriptor, len_combined_caps; - in_uint32_le(s, rdp_shareid); + in_uint32_le(s, g_rdp_shareid); + in_uint16_le(s, len_src_descriptor); + in_uint16_le(s, len_combined_caps); + in_uint8s(s, len_src_descriptor); - DEBUG(("DEMAND_ACTIVE(id=0x%x)\n", rdp_shareid)); + DEBUG(("DEMAND_ACTIVE(id=0x%x)\n", g_rdp_shareid)); + rdp_process_server_caps(s, len_combined_caps); rdp_send_confirm_active(); rdp_send_synchronise(); @@ -595,20 +820,21 @@ rdp_recv(&type); /* RDP_PDU_SYNCHRONIZE */ rdp_recv(&type); /* RDP_CTL_COOPERATE */ rdp_recv(&type); /* RDP_CTL_GRANT_CONTROL */ - rdp_send_input(0, RDP_INPUT_SYNCHRONIZE, 0, 0, 0); - rdp_send_fonts(1); - rdp_send_fonts(2); - rdp_recv(&type); /* RDP_PDU_UNKNOWN 0x28 */ - reset_order_state(); -} + rdp_send_input(0, RDP_INPUT_SYNCHRONIZE, 0, ui_get_numlock_state(read_keyboard_state()), 0); -/* Process a null system pointer PDU */ -void -process_null_system_pointer_pdu(STREAM s) -{ - // FIXME: We should probably set another cursor here, - // like the X window system base cursor or something. - ui_set_cursor(cache_get_cursor(0)); + if (g_use_rdp5) + { + rdp_enum_bmpcache2(); + rdp_send_fonts(3); + } + else + { + rdp_send_fonts(1); + rdp_send_fonts(2); + } + + rdp_recv(&type); /* RDP_PDU_UNKNOWN 0x28 (Fonts?) */ + reset_order_state(); } /* Process a colour pointer PDU */ @@ -643,6 +869,23 @@ ui_set_cursor(cache_get_cursor(cache_idx)); } +/* Process a system pointer PDU */ +void +process_system_pointer_pdu(STREAM s) +{ + uint16 system_pointer_type; + + in_uint16(s, system_pointer_type); + switch (system_pointer_type) + { + case RDP_NULL_POINTER: + ui_set_null_cursor(); + break; + + default: + unimpl("System pointer message 0x%x\n", system_pointer_type); + } +} /* Process a pointer PDU */ static void @@ -671,8 +914,12 @@ process_cached_pointer_pdu(s); break; + case RDP_POINTER_SYSTEM: + process_system_pointer_pdu(s); + break; + default: - DEBUG(("Pointer message 0x%x\n", message_type)); + unimpl("Pointer message 0x%x\n", message_type); } } @@ -710,7 +957,7 @@ if (!compress) { int y; - bmpdata = (uint8*)xmalloc(width * height * Bpp); + bmpdata = (uint8 *) xmalloc(width * height * Bpp); for (y = 0; y < height; y++) { in_uint8a(s, &bmpdata[(height - y - 1) * (width * Bpp)], @@ -733,7 +980,7 @@ in_uint8s(s, 4); /* line_size, final_size */ } in_uint8p(s, data, size); - bmpdata = (uint8*)xmalloc(width * height * Bpp); + bmpdata = (uint8 *) xmalloc(width * height * Bpp); if (bitmap_decompress(bmpdata, width, height, data, size, Bpp)) { ui_paint_bitmap(left, top, cx, cy, width, height, bmpdata); @@ -760,7 +1007,7 @@ in_uint16_le(s, map.ncolours); in_uint8s(s, 2); /* pad */ - map.colours = (COLOURENTRY*)xmalloc(3 * map.ncolours); + map.colours = (COLOURENTRY *) xmalloc(sizeof(COLOURENTRY) * map.ncolours); DEBUG(("PALETTE(c=%d)\n", map.ncolours)); @@ -786,6 +1033,7 @@ in_uint16_le(s, update_type); + ui_begin_update(); switch (update_type) { case RDP_UPDATE_ORDERS: @@ -809,18 +1057,59 @@ default: unimpl("update %d\n", update_type); } + ui_end_update(); +} + +/* Process a disconnect PDU */ +void +process_disconnect_pdu(STREAM s, uint32 * ext_disc_reason) +{ + in_uint32_le(s, *ext_disc_reason); + DEBUG(("Received disconnect PDU\n")); } /* Process data PDU */ -static void -process_data_pdu(STREAM s) +static BOOL +process_data_pdu(STREAM s, uint32 * ext_disc_reason) { uint8 data_pdu_type; + uint8 ctype; + uint16 clen; + uint32 len; + + uint32 roff, rlen; + + struct stream *ns = &(g_mppc_dict.ns); - in_uint8s(s, 8); /* shareid, pad, streamid, length */ + in_uint8s(s, 6); /* shareid, pad, streamid */ + in_uint16(s, len); in_uint8(s, data_pdu_type); - in_uint8s(s, 3); /* compress_type, compress_len */ + in_uint8(s, ctype); + in_uint16(s, clen); + clen -= 18; + + if (ctype & RDP_MPPC_COMPRESSED) + { + if (len > RDP_MPPC_DICT_SIZE) + error("error decompressed packet size exceeds max\n"); + if (mppc_expand(s->p, clen, ctype, &roff, &rlen) == -1) + error("error while decompressing packet\n"); + + //len -= 18; + + /* allocate memory and copy the uncompressed data into the temporary stream */ + ns->data = (uint8 *) xrealloc(ns->data, rlen); + + memcpy((ns->data), (unsigned char *) (g_mppc_dict.hist + roff), rlen); + + ns->size = rlen; + ns->end = (ns->data + ns->size); + ns->p = ns->data; + ns->rdp_hdr = ns->p; + + s = ns; + } switch (data_pdu_type) { @@ -828,6 +1117,14 @@ process_update_pdu(s); break; + case RDP_DATA_PDU_CONTROL: + DEBUG(("Received Control PDU\n")); + break; + + case RDP_DATA_PDU_SYNCHRONISE: + DEBUG(("Received Sync PDU\n")); + break; + case RDP_DATA_PDU_POINTER: process_pointer_pdu(s); break; @@ -841,40 +1138,62 @@ /* User logged on */ break; + case RDP_DATA_PDU_DISCONNECT: + process_disconnect_pdu(s, ext_disc_reason); + return True; + default: unimpl("data PDU %d\n", data_pdu_type); } + return False; } /* Process incoming packets */ +/* nevers gets out of here till app is done */ void -rdp_main_loop(void) +rdp_main_loop(BOOL * deactivated, uint32 * ext_disc_reason) +{ + while (rdp_loop(deactivated, ext_disc_reason)) + ; +} + +/* used in uiports and rdp_main_loop, processes the rdp packets waiting */ +BOOL +rdp_loop(BOOL * deactivated, uint32 * ext_disc_reason) { uint8 type; + BOOL disc = False; /* True when a disconnect PDU was received */ + BOOL cont = True; STREAM s; - while ((s = rdp_recv(&type)) != NULL) + while (cont) { + s = rdp_recv(&type); + if (s == NULL) + return False; switch (type) { case RDP_PDU_DEMAND_ACTIVE: process_demand_active(s); + *deactivated = False; break; - case RDP_PDU_DEACTIVATE: + DEBUG(("RDP_PDU_DEACTIVATE\n")); + *deactivated = True; break; - case RDP_PDU_DATA: - process_data_pdu(s); + disc = process_data_pdu(s, ext_disc_reason); break; - case 0: break; - default: unimpl("PDU %d\n", type); } + if (disc) + return False; + cont = g_next_packet < s->end; } + return True; } /* Establish a connection up to the RDP layer */ @@ -882,10 +1201,10 @@ rdp_connect(char *server, uint32 flags, char *domain, char *password, char *command, char *directory) { - if (!sec_connect(server, username)) + if (!sec_connect(server, g_username)) return False; - rdp_send_logon_info(flags, domain, username, password, command, directory); + rdp_send_logon_info(flags, domain, g_username, password, command, directory); return True; }