/[rdesktop]/sourceforge.net/trunk/rdesktop/secure.c
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Diff of /sourceforge.net/trunk/rdesktop/secure.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 376 by jsorg71, Mon May 19 21:36:33 2003 UTC revision 412 by forsberg, Fri Jun 6 11:07:46 2003 UTC
# Line 38  extern int width; Line 38  extern int width;
38  extern int height;  extern int height;
39  extern int keylayout;  extern int keylayout;
40  extern BOOL encryption;  extern BOOL encryption;
41  extern BOOL licence_issued;  extern BOOL g_licence_issued;
42  extern BOOL use_rdp5;  extern BOOL use_rdp5;
43  extern int server_bpp;  extern int server_bpp;
44    extern uint16 mcs_userid;
45    
46  static int rc4_key_len;  static int rc4_key_len;
47  static RC4_KEY rc4_decrypt_key;  static RC4_KEY rc4_decrypt_key;
# Line 330  sec_init(uint32 flags, int maxlen) Line 331  sec_init(uint32 flags, int maxlen)
331          int hdrlen;          int hdrlen;
332          STREAM s;          STREAM s;
333    
334          if (!licence_issued)          if (!g_licence_issued)
335                  hdrlen = (flags & SEC_ENCRYPT) ? 12 : 4;                  hdrlen = (flags & SEC_ENCRYPT) ? 12 : 4;
336          else          else
337                  hdrlen = (flags & SEC_ENCRYPT) ? 12 : 0;                  hdrlen = (flags & SEC_ENCRYPT) ? 12 : 0;
# Line 340  sec_init(uint32 flags, int maxlen) Line 341  sec_init(uint32 flags, int maxlen)
341          return s;          return s;
342  }  }
343    
344  /* Transmit secure transport packet */  /* Transmit secure transport packet over specified channel */
345  void  void
346  sec_send(STREAM s, uint32 flags)  sec_send_to_channel(STREAM s, uint32 flags, uint16 channel)
347  {  {
348          int datalen;          int datalen;
349    
350          s_pop_layer(s, sec_hdr);          s_pop_layer(s, sec_hdr);
351          if (!licence_issued || (flags & SEC_ENCRYPT))          if (!g_licence_issued || (flags & SEC_ENCRYPT))
352                  out_uint32_le(s, flags);                  out_uint32_le(s, flags);
353    
354          if (flags & SEC_ENCRYPT)          if (flags & SEC_ENCRYPT)
# Line 364  sec_send(STREAM s, uint32 flags) Line 365  sec_send(STREAM s, uint32 flags)
365                  sec_encrypt(s->p + 8, datalen);                  sec_encrypt(s->p + 8, datalen);
366          }          }
367    
368          mcs_send(s);          mcs_send_to_channel(s, channel);
369    }
370    
371    /* Transmit secure transport packet */
372    
373    void
374    sec_send(STREAM s, uint32 flags)
375    {
376            sec_send_to_channel(s, flags, MCS_GLOBAL_CHANNEL);
377  }  }
378    
379    
380  /* Transfer the client random to the server */  /* Transfer the client random to the server */
381  static void  static void
382  sec_establish_key(void)  sec_establish_key(void)
# Line 389  sec_establish_key(void) Line 399  sec_establish_key(void)
399  static void  static void
400  sec_out_mcs_data(STREAM s)  sec_out_mcs_data(STREAM s)
401  {  {
402            uint16 num_channels = get_num_channels();
403          int hostlen = 2 * strlen(hostname);          int hostlen = 2 * strlen(hostname);
404          int length = 158 + 76 + 12 + 4 + 20;          int length = 158 + 76 + 12 + 4 + (CHANNEL_TAGDATA_SIZE * num_channels);
405            uint16 i;
406            rdp5_channel *channel;
407    
408            if (0 < num_channels)
409            {
410                    length += +4 + 4;
411            }
412    
413          if (hostlen > 30)          if (hostlen > 30)
414                  hostlen = 30;                  hostlen = 30;
# Line 467  sec_out_mcs_data(STREAM s) Line 485  sec_out_mcs_data(STREAM s)
485          out_uint32_le(s, encryption ? 0x3 : 0); /* encryption supported, 128-bit supported */          out_uint32_le(s, encryption ? 0x3 : 0); /* encryption supported, 128-bit supported */
486          out_uint32(s, 0);       /* Unknown */          out_uint32(s, 0);       /* Unknown */
487    
488          out_uint16_le(s, SEC_TAG_CLI_CHANNELS);          DEBUG_RDP5(("num_channels is %d\n", num_channels));
489          out_uint16_le(s, 20);   /* length */          if (0 < num_channels)
490          out_uint32_le(s, 1);    /* number of virtual channels */          {
491          out_uint8p(s, "cliprdr", 8);    /* name padded to 8(?) */                  out_uint16_le(s, SEC_TAG_CLI_CHANNELS);
492          out_uint16(s, 0);                  out_uint16_le(s, num_channels * CHANNEL_TAGDATA_SIZE + 4 + 4);  /* length */
493          out_uint16_le(s, 0xc0a0);       /* Flags. Rumours tell this is documented in MSDN. */                  out_uint32_le(s, num_channels); /* number of virtual channels */
494                    for (i = 0; i < num_channels; i++)
495                    {
496                            channel = find_channel_by_num(i);
497                            DEBUG_RDP5(("Requesting channel %s\n", channel->name));
498                            out_uint8p(s, channel->name, 8);
499                            out_uint32_be(s, channel->channelflags);
500                    }
501            }
502    
503          s_mark_end(s);          s_mark_end(s);
504  }  }
# Line 563  sec_parse_crypt_info(STREAM s, uint32 * Line 589  sec_parse_crypt_info(STREAM s, uint32 *
589          if (end > s->end)          if (end > s->end)
590                  return False;                  return False;
591    
592          in_uint32_le(s, flags); /* 1 = RDP4-style, 0x80000002 = X.509 */          in_uint32_le(s, flags); /* 1 = RDP4-style, 0x80000002 = X.509 */
593          if (flags & 1)          if (flags & 1)
594          {          {
595                  DEBUG_RDP5(("We're going for the RDP4-style encryption\n"));                  DEBUG_RDP5(("We're going for the RDP4-style encryption\n"));
# Line 674  sec_process_crypt_info(STREAM s) Line 700  sec_process_crypt_info(STREAM s)
700    
701          DEBUG(("Generating client random\n"));          DEBUG(("Generating client random\n"));
702          /* Generate a client random, and hence determine encryption keys */          /* Generate a client random, and hence determine encryption keys */
         generate_random(inr);  
703          // This is what the MS client do:          // This is what the MS client do:
704          //      memset(inr, 0, SEC_RANDOM_SIZE);          memset(inr, 0, SEC_RANDOM_SIZE);
705          // *ARIGL!*          /*  *ARIGL!* Plaintext attack, anyone?
706               I tried doing:
707               generate_random(inr);
708               ..but that generates connection errors now and then (yes,
709               "now and then". Something like 0 to 3 attempts needed before a
710               successful connection. Nice. Not!
711             */
712    
713          generate_random(client_random);          generate_random(client_random);
714          if (NULL != server_public_key)          if (NULL != server_public_key)
715          {                       /* Which means we should use          {                       /* Which means we should use
# Line 764  sec_recv(void) Line 796  sec_recv(void)
796    
797          while ((s = mcs_recv(&channel)) != NULL)          while ((s = mcs_recv(&channel)) != NULL)
798          {          {
799                  if (encryption || !licence_issued)                  if (encryption || !g_licence_issued)
800                  {                  {
801                          in_uint32_le(s, sec_flags);                          in_uint32_le(s, sec_flags);
802    
803                          if (sec_flags & SEC_LICENCE_NEG)                          if (sec_flags & SEC_LICENCE_NEG)
804                          {                          {
805                                  if (sec_flags & SEC_ENCRYPT) {                                  if (sec_flags & SEC_ENCRYPT)
806                                    {
807                                          DEBUG_RDP5(("Encrypted license detected\n"));                                          DEBUG_RDP5(("Encrypted license detected\n"));
808                                  }                                  }
809                                  licence_process(s);                                  licence_process(s);
810                                  continue;                                  continue;
811                          }                          }
# Line 804  sec_connect(char *server, char *username Line 837  sec_connect(char *server, char *username
837    
838          /* We exchange some RDP data during the MCS-Connect */          /* We exchange some RDP data during the MCS-Connect */
839          mcs_data.size = 512;          mcs_data.size = 512;
840          mcs_data.p = mcs_data.data = (uint8*)xmalloc(mcs_data.size);          mcs_data.p = mcs_data.data = (uint8 *) xmalloc(mcs_data.size);
841          sec_out_mcs_data(&mcs_data);          sec_out_mcs_data(&mcs_data);
842    
843          if (!mcs_connect(server, &mcs_data, username))          if (!mcs_connect(server, &mcs_data, username))
Legend:
Removed from v.376  
changed lines
  Added in v.412
  ViewVC Help
Powered by ViewVC 1.1.26