--- sourceforge.net/trunk/rdesktop/secure.c	2002/08/04 03:05:19	89
+++ sourceforge.net/trunk/rdesktop/secure.c	2003/02/09 01:38:07	315
@@ -1,7 +1,7 @@
 /*
    rdesktop: A Remote Desktop Protocol client.
    Protocol services - RDP encryption and licensing
-   Copyright (C) Matthew Chapman 1999-2001
+   Copyright (C) Matthew Chapman 1999-2002
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -38,6 +38,7 @@
 extern int keylayout;
 extern BOOL encryption;
 extern BOOL licence_issued;
+extern int server_bpp;
 
 static int rc4_key_len;
 static RC4_KEY rc4_decrypt_key;
@@ -285,7 +286,7 @@
 static void
 sec_rsa_encrypt(uint8 * out, uint8 * in, int len, uint8 * modulus, uint8 * exponent)
 {
-	BN_CTX ctx;
+	BN_CTX *ctx;
 	BIGNUM mod, exp, x, y;
 	uint8 inr[SEC_MODULUS_SIZE];
 	int outlen;
@@ -295,7 +296,7 @@
 	memcpy(inr, in, len);
 	reverse(inr, len);
 
-	BN_CTX_init(&ctx);
+	ctx = BN_CTX_new();
 	BN_init(&mod);
 	BN_init(&exp);
 	BN_init(&x);
@@ -304,7 +305,7 @@
 	BN_bin2bn(modulus, SEC_MODULUS_SIZE, &mod);
 	BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp);
 	BN_bin2bn(inr, len, &x);
-	BN_mod_exp(&y, &x, &exp, &mod, &ctx);
+	BN_mod_exp(&y, &x, &exp, &mod, ctx);
 	outlen = BN_bn2bin(&y, out);
 	reverse(out, outlen);
 	if (outlen < SEC_MODULUS_SIZE)
@@ -314,7 +315,7 @@
 	BN_clear_free(&x);
 	BN_free(&exp);
 	BN_free(&mod);
-	BN_CTX_free(&ctx);
+	BN_CTX_free(ctx);
 }
 
 /* Initialise secure transport packet */
@@ -363,7 +364,7 @@
 
 /* Transfer the client random to the server */
 static void
-sec_establish_key()
+sec_establish_key(void)
 {
 	uint32 length = SEC_MODULUS_SIZE + SEC_PADDING_SIZE;
 	uint32 flags = SEC_CLIENT_RANDOM;
@@ -384,7 +385,7 @@
 sec_out_mcs_data(STREAM s)
 {
 	int hostlen = 2 * strlen(hostname);
-	
+
 	if (hostlen > 30)
 		hostlen = 30;
 
@@ -425,12 +426,26 @@
 	out_uint32_le(s, 12);
 	out_uint8s(s, 64);	/* reserved? 4 + 12 doublewords */
 
-	out_uint16(s, 0xca01);
+	switch (server_bpp)
+	{
+		case 8:
+			out_uint16_le(s, 0xca01);
+			break;
+		case 15:
+			out_uint16_le(s, 0xca02);
+			break;
+		case 16:
+			out_uint16_le(s, 0xca03);
+			break;
+		case 24:
+			out_uint16_le(s, 0xca04);
+			break;
+	}
 	out_uint16(s, 0);
 
 	/* Client encryption settings */
 	out_uint16_le(s, SEC_TAG_CLI_CRYPT);
-	out_uint16(s, 8);	/* length */
+	out_uint16_le(s, 8);	/* length */
 	out_uint32_le(s, encryption ? 0x3 : 0);	/* encryption supported, 128-bit supported */
 	s_mark_end(s);
 }
@@ -547,8 +562,12 @@
 {
 	uint16 tag, length;
 	uint8 *next_tag;
+	uint8 len;
 
-	in_uint8s(s, 23);	/* header */
+	in_uint8s(s, 21);	/* header */
+	in_uint8(s, len);
+	if (len & 0x80)
+		in_uint8(s, len);
 
 	while (s->p < s->end)
 	{
@@ -580,7 +599,7 @@
 
 /* Receive secure transport packet */
 STREAM
-sec_recv()
+sec_recv(void)
 {
 	uint32 sec_flags;
 	STREAM s;
@@ -627,12 +646,13 @@
 	sec_process_mcs_data(&mcs_data);
 	if (encryption)
 		sec_establish_key();
+	xfree(mcs_data.data);
 	return True;
 }
 
 /* Disconnect a connection */
 void
-sec_disconnect()
+sec_disconnect(void)
 {
 	mcs_disconnect();
 }