447 |
out_uint16_le(s, 0xca04); |
out_uint16_le(s, 0xca04); |
448 |
break; |
break; |
449 |
} |
} |
450 |
out_uint16(s, 1); |
out_uint16_le(s, 1); |
451 |
|
|
452 |
out_uint32(s, 0); |
out_uint32(s, 0); |
453 |
out_uint32_le(s, 0x070008); |
out_uint8(s, server_bpp); |
454 |
|
out_uint16_le(s, 0x0700); |
455 |
|
out_uint8(s, 0); |
456 |
out_uint32_le(s, 1); |
out_uint32_le(s, 1); |
457 |
out_uint8s(s, 64); /* End of client info */ |
out_uint8s(s, 64); /* End of client info */ |
458 |
|
|
459 |
out_uint16_le(s, SEC_TAG_CLI_4); |
out_uint16_le(s, SEC_TAG_CLI_4); |
460 |
out_uint16_le(s, 12); |
out_uint16_le(s, 12); |
461 |
out_uint32_le(s, 9); |
out_uint32_le(s, 9); |
462 |
out_uint32_le(s, 0); |
out_uint32(s, 0); |
463 |
|
|
464 |
/* Client encryption settings */ |
/* Client encryption settings */ |
465 |
out_uint16_le(s, SEC_TAG_CLI_CRYPT); |
out_uint16_le(s, SEC_TAG_CLI_CRYPT); |
466 |
out_uint16_le(s, 12); /* length */ |
out_uint16_le(s, 12); /* length */ |
467 |
out_uint32_le(s, encryption ? 0x3 : 0); /* encryption supported, 128-bit supported */ |
out_uint32_le(s, encryption ? 0x3 : 0); /* encryption supported, 128-bit supported */ |
468 |
out_uint32_le(s, 0); /* Unknown */ |
out_uint32(s, 0); /* Unknown */ |
469 |
|
|
470 |
out_uint16_le(s, SEC_TAG_CLI_CHANNELS); |
out_uint16_le(s, SEC_TAG_CLI_CHANNELS); |
471 |
out_uint16_le(s, 20); /* length */ |
out_uint16_le(s, 20); /* length */ |
538 |
uint8 ** server_random, uint8 ** modulus, uint8 ** exponent) |
uint8 ** server_random, uint8 ** modulus, uint8 ** exponent) |
539 |
{ |
{ |
540 |
uint32 crypt_level, random_len, rsa_info_len; |
uint32 crypt_level, random_len, rsa_info_len; |
541 |
uint32 cacert_len, cert_len; |
uint32 cacert_len, cert_len, flags; |
542 |
X509 *cacert, *server_cert; |
X509 *cacert, *server_cert; |
543 |
uint16 tag, length; |
uint16 tag, length; |
544 |
uint8 *next_tag, *end; |
uint8 *next_tag, *end; |
563 |
if (end > s->end) |
if (end > s->end) |
564 |
return False; |
return False; |
565 |
|
|
566 |
if (!use_rdp5 || 1 == server_rdp_version) |
in_uint32_le(s, flags); /* 1 = RDP4-style, 0x80000002 = X.509 */ |
567 |
|
if (flags & 1) |
568 |
{ |
{ |
569 |
DEBUG_RDP5(("We're going for the RDP4-style encryption\n")); |
DEBUG_RDP5(("We're going for the RDP4-style encryption\n")); |
570 |
in_uint8s(s, 12); /* unknown */ |
in_uint8s(s, 8); /* unknown */ |
571 |
|
|
572 |
while (s->p < end) |
while (s->p < end) |
573 |
{ |
{ |
599 |
s->p = next_tag; |
s->p = next_tag; |
600 |
} |
} |
601 |
} |
} |
602 |
else if (4 == server_rdp_version) |
else |
603 |
{ |
{ |
604 |
DEBUG_RDP5(("We're going for the RDP5-style encryption\n")); |
DEBUG_RDP5(("We're going for the RDP5-style encryption\n")); |
605 |
in_uint8s(s, 8); /* Unknown */ |
in_uint8s(s, 4); /* Number of certificates */ |
606 |
|
|
607 |
/* Do da funky X.509 stuffy |
/* Do da funky X.509 stuffy |
608 |
|
|
654 |
} |
} |
655 |
return True; /* There's some garbage here we don't care about */ |
return True; /* There's some garbage here we don't care about */ |
656 |
} |
} |
|
else |
|
|
{ |
|
|
error("Unknown Server RDP version %d", server_rdp_version); |
|
|
return False; |
|
|
} |
|
657 |
return s_check_end(s); |
return s_check_end(s); |
658 |
} |
} |
659 |
|
|
770 |
|
|
771 |
if (sec_flags & SEC_LICENCE_NEG) |
if (sec_flags & SEC_LICENCE_NEG) |
772 |
{ |
{ |
773 |
|
if (sec_flags & SEC_ENCRYPT) { |
774 |
|
DEBUG_RDP5(("Encrypted license detected\n")); |
775 |
|
} |
776 |
licence_process(s); |
licence_process(s); |
777 |
continue; |
continue; |
778 |
} |
} |
804 |
|
|
805 |
/* We exchange some RDP data during the MCS-Connect */ |
/* We exchange some RDP data during the MCS-Connect */ |
806 |
mcs_data.size = 512; |
mcs_data.size = 512; |
807 |
mcs_data.p = mcs_data.data = xmalloc(mcs_data.size); |
mcs_data.p = mcs_data.data = (uint8*)xmalloc(mcs_data.size); |
808 |
sec_out_mcs_data(&mcs_data); |
sec_out_mcs_data(&mcs_data); |
809 |
|
|
810 |
if (!mcs_connect(server, &mcs_data, username)) |
if (!mcs_connect(server, &mcs_data, username)) |