Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

libfreerdp-core: cleanup of rdp.c, tcp.c, secure.c, network.c

  • Loading branch information...
commit 4bd25818ea7aea270e047504b4cefe3b259b49d7 1 parent bb5f40c
@awakecoding awakecoding authored
View
5 include/freerdp/types/base.h
@@ -23,6 +23,11 @@
#ifndef __TYPES_BASE_H
#define __TYPES_BASE_H
+#ifndef True
+#define True (1)
+#define False (0)
+#endif
+
typedef unsigned char uint8;
typedef signed char sint8;
typedef unsigned short uint16;
View
5 include/freerdp/types/ui.h
@@ -31,11 +31,6 @@ typedef void *RD_HGLYPH;
typedef void *RD_HPALETTE;
typedef void *RD_HCURSOR;
-#ifndef True
-#define True (1)
-#define False (0)
-#endif
-
typedef struct _RD_POINT
{
sint16 x, y;
View
1  libfreerdp-core/crypto/openssl.c
@@ -19,6 +19,7 @@
#include "frdp.h"
#include "crypto.h"
+#include <freerdp/types/base.h>
#include <freerdp/utils/memory.h>
#include <freerdp/constants/constants.h>
#include <time.h>
View
4 libfreerdp-core/freerdp.c
@@ -452,7 +452,7 @@ l_rdp_get_fds(rdpInst * inst, void ** read_fds, int * read_count,
#ifdef _WIN32
read_fds[*read_count] = (void *) (rdp->net->tcp->wsa_event);
#else
- read_fds[*read_count] = (void *)(long) (rdp->net->tcp->sock);
+ read_fds[*read_count] = (void *)(long) (rdp->net->tcp->sockfd);
#endif
(*read_count)++;
return 0;
@@ -471,7 +471,7 @@ l_rdp_check_fds(rdpInst * inst)
WSAResetEvent(rdp->net->tcp->wsa_event);
#endif
rv = 0;
- if (tcp_can_recv(rdp->net->tcp->sock, 0))
+ if (tcp_can_recv(rdp->net->tcp->sockfd, 0))
{
if (!rdp_loop(rdp, &deactivated))
{
View
1  libfreerdp-core/license.c
@@ -397,6 +397,7 @@ license_process(rdpLicense * license, STREAM s)
default:
ui_unimpl(license->net->rdp->inst, "Unknown license tag 0x%x", tag);
+ break;
}
s->p = license_start + wMsgSize; /* FIXME: Shouldn't be necessary if parsed properly */
ASSERT(s->p <= s->end);
View
151 libfreerdp-core/network.c
@@ -17,6 +17,7 @@
limitations under the License.
*/
+#include <freerdp/types/base.h>
#include <freerdp/utils/memory.h>
#include "network.h"
@@ -58,17 +59,6 @@ network_verify_tls(rdpNetwork * net)
CryptoCert cert;
RD_BOOL verified = False;
-#ifdef _WIN32
- /*
- * TODO: FIX ME! This is really bad, I know...
- * There appears to be a buffer overflow only
- * on Windows that affects this part of the code.
- * Skipping it is a workaround, but it's obviously
- * not a permanent "solution".
- */
- return True;
-#endif
-
cert = tls_get_certificate(net->tls);
if (!cert)
@@ -103,6 +93,78 @@ network_verify_tls(rdpNetwork * net)
#endif
RD_BOOL
+network_connect_rdp(rdpNetwork * net)
+{
+ RD_BOOL status = False;
+
+ printf("Standard RDP encryption negotiated\n");
+
+ status = mcs_connect(net->mcs);
+
+ if (status && net->rdp->settings->encryption)
+ sec_establish_key(net->sec);
+
+ return status;
+}
+
+RD_BOOL
+network_connect_tls(rdpNetwork * net)
+{
+ RD_BOOL status = False;
+ net->tls = tls_new();
+
+ if (!tls_connect(net->tls, net->tcp->sockfd))
+ return False;
+
+ if (!network_verify_tls(net))
+ return False;
+
+ net->tls_connected = 1;
+ net->rdp->settings->encryption = 0;
+
+ status = mcs_connect(net->mcs);
+
+ return status;
+}
+
+RD_BOOL
+network_connect_nla(rdpNetwork * net)
+{
+ /* TLS with NLA was successfully negotiated */
+
+ RD_BOOL status = 1;
+ net->tls = tls_new();
+
+ if (!tls_connect(net->tls, net->tcp->sockfd))
+ return False;
+
+ if (!network_verify_tls(net))
+ return False;
+
+ net->tls_connected = 1;
+ net->rdp->settings->encryption = 0;
+
+ if (!net->rdp->settings->autologin)
+ if (!ui_authenticate(net->rdp->inst))
+ return False;
+
+ net->credssp = credssp_new(net);
+
+ if (credssp_authenticate(net->credssp) < 0)
+ {
+ printf("Authentication failure, check credentials.\n"
+ "If credentials are valid, the NTLMSSP implementation may be to blame.\n");
+ credssp_free(net->credssp);
+ return 0;
+ }
+
+ credssp_free(net->credssp);
+ status = mcs_connect(net->mcs);
+
+ return status;
+}
+
+RD_BOOL
network_connect(rdpNetwork * net, char* server, char* username, int port)
{
NEGO *nego = net->iso->nego;
@@ -126,75 +188,22 @@ network_connect(rdpNetwork * net, char* server, char* username, int port)
if(nego->selected_protocol & PROTOCOL_NLA)
{
/* TLS with NLA was successfully negotiated */
-
- RD_BOOL status = 1;
printf("TLS encryption with NLA negotiated\n");
- net->tls = tls_new();
-
- if (!tls_connect(net->tls, net->tcp->sock))
- return False;
-
- if (!network_verify_tls(net))
- return False;
-
- net->sec->tls_connected = 1;
- net->rdp->settings->encryption = 0;
-
- if (!net->rdp->settings->autologin)
- if (!ui_authenticate(net->rdp->inst))
- return False;
-
- net->credssp = credssp_new(net);
-
- if (credssp_authenticate(net->credssp) < 0)
- {
- printf("Authentication failure, check credentials.\n"
- "If credentials are valid, the NTLMSSP implementation may be to blame.\n");
- credssp_free(net->credssp);
- return 0;
- }
-
- credssp_free(net->credssp);
-
- status = mcs_connect(net->mcs);
- return status;
+ return network_connect_nla(net);
}
else if(nego->selected_protocol & PROTOCOL_TLS)
{
/* TLS without NLA was successfully negotiated */
- RD_BOOL success;
printf("TLS encryption negotiated\n");
- net->tls = tls_new();
-
- if (!tls_connect(net->tls, net->tcp->sock))
- return False;
-
- if (!network_verify_tls(net))
- return False;
-
- net->sec->tls_connected = 1;
- net->rdp->settings->encryption = 0;
-
- success = mcs_connect(net->mcs);
-
- return success;
+ return network_connect_tls(net);
}
else
#endif
{
- RD_BOOL success;
-
- printf("Standard RDP encryption negotiated\n");
-
- success = mcs_connect(net->mcs);
-
- if (success && net->rdp->settings->encryption)
- sec_establish_key(net->sec);
-
- return success;
+ return network_connect_rdp(net);
}
- return 0;
+ return False;
}
void
@@ -211,14 +220,14 @@ void
network_send(rdpNetwork * net, STREAM s)
{
#ifndef DISABLE_TLS
- if (net->sec->tls_connected)
+ if (net->tls_connected)
{
tls_write(net->tls, (char*) s->data, s->end - s->data);
}
else
#endif
{
- tcp_write(net->tcp, s);
+ tcp_write(net->tcp, (char*) s->data, s->end - s->data);
}
}
@@ -260,7 +269,7 @@ network_recv(rdpNetwork * net, STREAM s, uint32 length)
while (length > 0)
{
#ifndef DISABLE_TLS
- if (net->sec->tls_connected)
+ if (net->tls_connected)
{
rcvd = tls_read(net->tls, (char*) s->end, length);
View
1  libfreerdp-core/network.h
@@ -40,6 +40,7 @@ struct rdp_network
char* username;
struct stream in;
struct stream out;
+ int tls_connected;
struct _NEGO * nego;
struct rdp_rdp * rdp;
struct rdp_tcp * tcp;
View
11 libfreerdp-core/rdp.c
@@ -154,7 +154,7 @@ rdp_init_data(rdpRdp * rdp, int maxlen)
uint32 sec_flags;
- if (rdp->sec->tls_connected)
+ if (rdp->net->tls_connected)
sec_flags = 0;
else
sec_flags = rdp->settings->encryption ? SEC_ENCRYPT : 0;
@@ -765,7 +765,7 @@ rdp_send_confirm_active(rdpRdp * rdp)
s_mark_end(caps);
caplen = (int) (caps->end - caps->data);
- if (rdp->sec->tls_connected)
+ if (rdp->net->tls_connected)
sec_flags = 0;
else
sec_flags = rdp->settings->encryption ? SEC_ENCRYPT : 0;
@@ -1043,6 +1043,7 @@ process_system_pointer_pdu(rdpRdp * rdp, STREAM s)
default:
ui_unimpl(rdp->inst, "Unknown System Pointer message 0x%x\n", system_pointer_type);
+ break;
}
}
@@ -1092,6 +1093,7 @@ process_pointer_pdu(rdpRdp * rdp, STREAM s)
default:
ui_unimpl(rdp->inst, "Unknown Pointer message 0x%x\n", message_type);
+ break;
}
}
@@ -1264,6 +1266,7 @@ process_update_pdu(rdpRdp * rdp, STREAM s)
default:
ui_unimpl(rdp->inst, "Unknown update pdu type 0x%x\n", update_type);
+ break;
}
ui_end_update(rdp->inst);
}
@@ -1361,6 +1364,7 @@ process_data_pdu(rdpRdp * rdp, STREAM s)
default:
ui_unimpl(rdp->inst, "Unknown data PDU type 0x%x\n", pduType2);
+ break;
}
return False;
}
@@ -1643,6 +1647,7 @@ rdp_loop(rdpRdp * rdp, RD_BOOL * deactivated)
break;
default:
ui_unimpl(rdp->inst, "Unknown PDU type 0x%x", type);
+ break;
}
if (disc)
return False;
@@ -1681,7 +1686,7 @@ rdp_connect(rdpRdp * rdp)
xfree(password_encoded);
/* by setting encryption to False here, we have an encrypted login packet but unencrypted transfer of other packets */
- if (rdp->sec->tls_connected)
+ if (rdp->net->tls_connected)
rdp->settings->encryption = 0;
return True;
View
4 libfreerdp-core/secure.c
@@ -258,7 +258,7 @@ static void
sec_decrypt(rdpSec * sec, uint8 * data, int length)
{
#ifndef DISABLE_TLS
- if (sec->tls_connected)
+ if (sec->net->tls_connected)
return;
#endif
@@ -462,7 +462,7 @@ sec_out_client_security_data(rdpSec * sec, rdpSet * settings, STREAM s)
out_uint16_le(s, UDH_CS_SECURITY); /* User Data Header type */
out_uint16_le(s, 12); /* total length */
- if (settings->encryption || sec->tls_connected)
+ if (settings->encryption || sec->net->tls_connected)
encryptionMethods = ENCRYPTION_40BIT_FLAG | ENCRYPTION_128BIT_FLAG;
out_uint32_le(s, encryptionMethods); /* encryptionMethods */
View
7 libfreerdp-core/secure.h
@@ -37,8 +37,9 @@ sec_global_finish(void);
struct rdp_sec
{
- struct rdp_rdp * rdp;
int rc4_key_len;
+ struct rdp_rdp * rdp;
+ struct rdp_network * net;
CryptoRc4 rc4_decrypt_key;
CryptoRc4 rc4_encrypt_key;
uint32 server_public_key_len;
@@ -51,8 +52,6 @@ struct rdp_sec
/* These values must be available to reset state - Session Directory */
int sec_encrypt_use_count;
int sec_decrypt_use_count;
- int tls_connected;
- struct rdp_network * net;
};
enum sec_recv_type
@@ -92,8 +91,6 @@ void
sec_out_gcc_conference_create_request(rdpSec * sec, STREAM s);
void
sec_establish_key(rdpSec * sec);
-RD_BOOL
-sec_verify_tls(rdpSec * sec, const char * server);
void
sec_disconnect(rdpSec * sec);
rdpSec *
View
55 libfreerdp-core/tcp.c
@@ -131,22 +131,21 @@ tcp_can_recv(int sck, int millis)
}
void
-tcp_write(rdpTcp * tcp, STREAM s)
+tcp_write(rdpTcp * tcp, char* b, int length)
{
int sent = 0;
int total = 0;
- int length = s->end - s->data;
while (total < length)
{
while (total < length)
{
- sent = send(tcp->sock, s->data + total, length - total, MSG_NOSIGNAL);
+ sent = send(tcp->sockfd, b + total, length - total, MSG_NOSIGNAL);
if (sent <= 0)
{
if (sent == -1 && TCP_BLOCKS)
{
- tcp_can_send(tcp->sock, 100);
+ tcp_can_send(tcp->sockfd, 100);
sent = 0;
}
else
@@ -165,16 +164,16 @@ tcp_read(rdpTcp * tcp, char* b, int length)
{
int rcvd = 0;
- if (!ui_select(tcp->net->sec->rdp->inst, tcp->sock))
+ if (!ui_select(tcp->net->sec->rdp->inst, tcp->sockfd))
return -1; /* user quit */
- rcvd = recv(tcp->sock, b, length, 0);
+ rcvd = recv(tcp->sockfd, b, length, 0);
if (rcvd < 0)
{
if (rcvd == -1 && TCP_BLOCKS)
{
- tcp_can_recv(tcp->sock, 1);
+ tcp_can_recv(tcp->sockfd, 1);
rcvd = 0;
}
else
@@ -196,7 +195,7 @@ tcp_read(rdpTcp * tcp, char* b, int length)
RD_BOOL
tcp_connect(rdpTcp * tcp, char * server, int port)
{
- int sock;
+ int sockfd;
uint32 option_value;
socklen_t option_len;
@@ -221,22 +220,22 @@ tcp_connect(rdpTcp * tcp, char * server, int port)
}
ressave = res;
- sock = -1;
+ sockfd = -1;
while (res)
{
- sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
- if (!(sock < 0))
+ sockfd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
+ if (!(sockfd < 0))
{
- if (connect(sock, res->ai_addr, res->ai_addrlen) == 0)
+ if (connect(sockfd, res->ai_addr, res->ai_addrlen) == 0)
break;
- TCP_CLOSE(sock);
- sock = -1;
+ TCP_CLOSE(sockfd);
+ sockfd = -1;
}
res = res->ai_next;
}
freeaddrinfo(ressave);
- if (sock == -1)
+ if (sockfd == -1)
{
ui_error(tcp->net->rdp->inst, "%s: unable to connect\n", server);
return False;
@@ -277,33 +276,33 @@ tcp_connect(rdpTcp * tcp, char * server, int port)
#endif /* IPv6 */
- tcp->sock = sock;
+ tcp->sockfd = sockfd;
/* set socket as non blocking */
#ifdef _WIN32
{
u_long arg = 1;
- ioctlsocket(tcp->sock, FIONBIO, &arg);
+ ioctlsocket(tcp->sockfd, FIONBIO, &arg);
tcp->wsa_event = WSACreateEvent();
- WSAEventSelect(tcp->sock, tcp->wsa_event, FD_READ);
+ WSAEventSelect(tcp->sockfd, tcp->wsa_event, FD_READ);
}
#else
- option_value = fcntl(tcp->sock, F_GETFL);
+ option_value = fcntl(tcp->sockfd, F_GETFL);
option_value = option_value | O_NONBLOCK;
- fcntl(tcp->sock, F_SETFL, option_value);
+ fcntl(tcp->sockfd, F_SETFL, option_value);
#endif
option_value = 1;
option_len = sizeof(option_value);
- setsockopt(tcp->sock, IPPROTO_TCP, TCP_NODELAY, (void *) &option_value, option_len);
+ setsockopt(tcp->sockfd, IPPROTO_TCP, TCP_NODELAY, (void *) &option_value, option_len);
/* receive buffer must be a least 16 K */
- if (getsockopt(tcp->sock, SOL_SOCKET, SO_RCVBUF, (void *) &option_value, &option_len) == 0)
+ if (getsockopt(tcp->sockfd, SOL_SOCKET, SO_RCVBUF, (void *) &option_value, &option_len) == 0)
{
if (option_value < (1024 * 16))
{
option_value = 1024 * 16;
option_len = sizeof(option_value);
- setsockopt(tcp->sock, SOL_SOCKET, SO_RCVBUF, (void *) &option_value,
+ setsockopt(tcp->sockfd, SOL_SOCKET, SO_RCVBUF, (void *) &option_value,
option_len);
}
}
@@ -315,10 +314,10 @@ tcp_connect(rdpTcp * tcp, char * server, int port)
void
tcp_disconnect(rdpTcp * tcp)
{
- if (tcp->sock != -1)
+ if (tcp->sockfd != -1)
{
- TCP_CLOSE(tcp->sock);
- tcp->sock = -1;
+ TCP_CLOSE(tcp->sockfd);
+ tcp->sockfd = -1;
}
#ifdef _WIN32
if (tcp->wsa_event)
@@ -335,7 +334,7 @@ tcp_get_address(rdpTcp * tcp)
{
struct sockaddr_in sockaddr;
socklen_t len = sizeof(sockaddr);
- if (getsockname(tcp->sock, (struct sockaddr *) &sockaddr, &len) == 0)
+ if (getsockname(tcp->sockfd, (struct sockaddr *) &sockaddr, &len) == 0)
{
uint8 *ip = (uint8 *) & sockaddr.sin_addr;
snprintf(tcp->ipaddr, sizeof(tcp->ipaddr), "%d.%d.%d.%d", ip[0], ip[1], ip[2],
@@ -358,7 +357,7 @@ tcp_new(struct rdp_network * net)
{
memset(self, 0, sizeof(rdpTcp));
self->net = net;
- self->sock = -1;
+ self->sockfd = -1;
}
return self;
View
4 libfreerdp-core/tcp.h
@@ -26,7 +26,7 @@
struct rdp_tcp
{
- int sock;
+ int sockfd;
char ipaddr[32];
int tcp_port_rdp;
struct rdp_network * net;
@@ -37,7 +37,7 @@ struct rdp_tcp
typedef struct rdp_tcp rdpTcp;
void
-tcp_write(rdpTcp * tcp, STREAM s);
+tcp_write(rdpTcp * tcp, char* b, int length);
int
tcp_read(rdpTcp * tcp, char* b, int length);
Please sign in to comment.
Something went wrong with that request. Please try again.