summaryrefslogtreecommitdiffstats
path: root/libxrdp
diff options
context:
space:
mode:
Diffstat (limited to 'libxrdp')
-rw-r--r--libxrdp/libxrdp.h14
-rw-r--r--libxrdp/xrdp_bitmap32_compress.c416
-rw-r--r--libxrdp/xrdp_mcs.c2
-rw-r--r--libxrdp/xrdp_orders.c38
-rw-r--r--libxrdp/xrdp_rdp.c92
-rw-r--r--libxrdp/xrdp_sec.c164
6 files changed, 513 insertions, 213 deletions
diff --git a/libxrdp/libxrdp.h b/libxrdp/libxrdp.h
index 2ea8b61d..e56f70dd 100644
--- a/libxrdp/libxrdp.h
+++ b/libxrdp/libxrdp.h
@@ -100,8 +100,8 @@ struct xrdp_sec
struct xrdp_fastpath *fastpath_layer;
struct xrdp_channel *chan_layer;
char server_random[32];
- char client_random[64];
- char client_crypt_random[72];
+ char client_random[256];
+ char client_crypt_random[256 + 8]; /* 64 + 8, 256 + 8 */
struct stream client_mcs_data;
struct stream server_mcs_data;
int decrypt_use_count;
@@ -117,9 +117,10 @@ struct xrdp_sec
void *decrypt_rc4_info;
void *encrypt_rc4_info;
char pub_exp[4];
- char pub_mod[64];
+ char pub_mod[256];
char pub_sig[64];
- char pri_exp[64];
+ char pri_exp[256];
+ int rsa_key_bytes; /* 64 or 256 */
int channel_code;
int multimon;
char fips_encrypt_key[24];
@@ -264,6 +265,9 @@ struct xrdp_orders
struct xrdp_orders_state orders_state;
void *jpeg_han;
int rfx_min_pixel;
+ /* shared */
+ struct stream *s;
+ struct stream *temp_s;
};
#define PROTO_RDP_40 1
@@ -509,7 +513,7 @@ int APP_CC
xrdp_bitmap32_compress(char *in_data, int width, int height,
struct stream *s, int bpp, int byte_limit,
int start_line, struct stream *temp_s,
- int e);
+ int e, int flags);
int APP_CC
xrdp_jpeg_compress(void *handle, char *in_data, int width, int height,
struct stream *s, int bpp, int byte_limit,
diff --git a/libxrdp/xrdp_bitmap32_compress.c b/libxrdp/xrdp_bitmap32_compress.c
index 1bcf5db9..083c4409 100644
--- a/libxrdp/xrdp_bitmap32_compress.c
+++ b/libxrdp/xrdp_bitmap32_compress.c
@@ -36,84 +36,212 @@ http://msdn.microsoft.com/en-us/library/cc241877.aspx
do { if (_level < LLOG_LEVEL) { g_hexdump _args ; } } while (0)
/*****************************************************************************/
+/* split RGB */
static int APP_CC
-fsplit(char *in_data, int start_line, int width, int e,
- char *alpha_data, char *red_data, char *green_data, char *blue_data)
+fsplit3(char *in_data, int start_line, int width, int e,
+ char *r_data, char *g_data, char *b_data)
{
+#if defined(L_ENDIAN)
+ int rp;
+ int gp;
+ int bp;
+#endif
int index;
+ int out_index;
int pixel;
int cy;
- int alpha_bytes;
- int red_bytes;
- int green_bytes;
- int blue_bytes;
int *ptr32;
cy = 0;
- alpha_bytes = 0;
- red_bytes = 0;
- green_bytes = 0;
- blue_bytes = 0;
+ out_index = 0;
while (start_line >= 0)
{
ptr32 = (int *) (in_data + start_line * width * 4);
- for (index = 0; index < width; index++)
+ index = 0;
+#if defined(L_ENDIAN)
+ while (index + 4 <= width)
{
pixel = *ptr32;
ptr32++;
- alpha_data[alpha_bytes] = pixel >> 24;
- alpha_bytes++;
- red_data[red_bytes] = pixel >> 16;
- red_bytes++;
- green_data[green_bytes] = pixel >> 8;
- green_bytes++;
- blue_data[blue_bytes] = pixel >> 0;
- blue_bytes++;
+ rp = (pixel >> 16) & 0x000000ff;
+ gp = (pixel >> 8) & 0x000000ff;
+ bp = (pixel >> 0) & 0x000000ff;
+ pixel = *ptr32;
+ ptr32++;
+ rp |= (pixel >> 8) & 0x0000ff00;
+ gp |= (pixel << 0) & 0x0000ff00;
+ bp |= (pixel << 8) & 0x0000ff00;
+ pixel = *ptr32;
+ ptr32++;
+ rp |= (pixel >> 0) & 0x00ff0000;
+ gp |= (pixel << 8) & 0x00ff0000;
+ bp |= (pixel << 16) & 0x00ff0000;
+ pixel = *ptr32;
+ ptr32++;
+ rp |= (pixel << 8) & 0xff000000;
+ gp |= (pixel << 16) & 0xff000000;
+ bp |= (pixel << 24) & 0xff000000;
+ *((int*)(r_data + out_index)) = rp;
+ *((int*)(g_data + out_index)) = gp;
+ *((int*)(b_data + out_index)) = bp;
+ out_index += 4;
+ index += 4;
+ }
+#endif
+ while (index < width)
+ {
+ pixel = *ptr32;
+ ptr32++;
+ r_data[out_index] = pixel >> 16;
+ g_data[out_index] = pixel >> 8;
+ b_data[out_index] = pixel >> 0;
+ out_index++;
+ index++;
}
for (index = 0; index < e; index++)
{
- alpha_data[alpha_bytes] = 0;
- alpha_bytes++;
- red_data[red_bytes] = 0;
- red_bytes++;
- green_data[green_bytes] = 0;
- green_bytes++;
- blue_data[blue_bytes] = 0;
- blue_bytes++;
+ r_data[out_index] = r_data[out_index - 1];
+ g_data[out_index] = g_data[out_index - 1];
+ b_data[out_index] = b_data[out_index - 1];
+ out_index++;
}
start_line--;
cy++;
+ if (out_index > 64 * 64)
+ {
+ break;
+ }
}
return cy;
}
/*****************************************************************************/
+/* split ARGB */
static int APP_CC
-fdelta(char *plane, int cx, int cy)
+fsplit4(char *in_data, int start_line, int width, int e,
+ char *a_data, char *r_data, char *g_data, char *b_data)
{
- char delta;
- char *ptr8;
+#if defined(L_ENDIAN)
+ int ap;
+ int rp;
+ int gp;
+ int bp;
+#endif
int index;
- int jndex;
+ int out_index;
+ int pixel;
+ int cy;
+ int *ptr32;
- for (jndex = cy - 2; jndex >= 0; jndex--)
+ cy = 0;
+ out_index = 0;
+ while (start_line >= 0)
{
- ptr8 = plane + jndex * cx;
- for (index = 0; index < cx; index++)
+ ptr32 = (int *) (in_data + start_line * width * 4);
+ index = 0;
+#if defined(L_ENDIAN)
+ while (index + 4 <= width)
{
- delta = ptr8[cx] - ptr8[0];
- if (delta & 0x80)
- {
- delta = (((~delta) + 1) << 1) - 1;
- }
- else
- {
- delta = delta << 1;
- }
- ptr8[cx] = delta;
- ptr8++;
+ pixel = *ptr32;
+ ptr32++;
+ ap = (pixel >> 24) & 0x000000ff;
+ rp = (pixel >> 16) & 0x000000ff;
+ gp = (pixel >> 8) & 0x000000ff;
+ bp = (pixel >> 0) & 0x000000ff;
+ pixel = *ptr32;
+ ptr32++;
+ ap |= (pixel >> 16) & 0x0000ff00;
+ rp |= (pixel >> 8) & 0x0000ff00;
+ gp |= (pixel << 0) & 0x0000ff00;
+ bp |= (pixel << 8) & 0x0000ff00;
+ pixel = *ptr32;
+ ptr32++;
+ ap |= (pixel >> 8) & 0x00ff0000;
+ rp |= (pixel >> 0) & 0x00ff0000;
+ gp |= (pixel << 8) & 0x00ff0000;
+ bp |= (pixel << 16) & 0x00ff0000;
+ pixel = *ptr32;
+ ptr32++;
+ ap |= (pixel << 0) & 0xff000000;
+ rp |= (pixel << 8) & 0xff000000;
+ gp |= (pixel << 16) & 0xff000000;
+ bp |= (pixel << 24) & 0xff000000;
+ *((int*)(a_data + out_index)) = ap;
+ *((int*)(r_data + out_index)) = rp;
+ *((int*)(g_data + out_index)) = gp;
+ *((int*)(b_data + out_index)) = bp;
+ out_index += 4;
+ index += 4;
+ }
+#endif
+ while (index < width)
+ {
+ pixel = *ptr32;
+ ptr32++;
+ a_data[out_index] = pixel >> 24;
+ r_data[out_index] = pixel >> 16;
+ g_data[out_index] = pixel >> 8;
+ b_data[out_index] = pixel >> 0;
+ out_index++;
+ index++;
+ }
+ for (index = 0; index < e; index++)
+ {
+ a_data[out_index] = a_data[out_index - 1];
+ r_data[out_index] = r_data[out_index - 1];
+ g_data[out_index] = g_data[out_index - 1];
+ b_data[out_index] = b_data[out_index - 1];
+ out_index++;
+ }
+ start_line--;
+ cy++;
+ if (out_index > 64 * 64)
+ {
+ break;
}
}
+ return cy;
+}
+
+/*****************************************************************************/
+#define DELTA_ONE \
+do { \
+ delta = src8[cx] - src8[0]; \
+ is_neg = (delta >> 7) & 1; \
+ dst8[cx] = (((delta ^ -is_neg) + is_neg) << 1) - is_neg; \
+ src8++; \
+ dst8++; \
+} while (0)
+
+/*****************************************************************************/
+static int APP_CC
+fdelta(char *in_plane, char *out_plane, int cx, int cy)
+{
+ char delta;
+ char is_neg;
+ char *src8;
+ char *dst8;
+ char *src8_end;
+
+ g_memcpy(out_plane, in_plane, cx);
+ src8 = in_plane;
+ dst8 = out_plane;
+ src8_end = src8 + (cx * cy - cx);
+ while (src8 + 8 <= src8_end)
+ {
+ DELTA_ONE;
+ DELTA_ONE;
+ DELTA_ONE;
+ DELTA_ONE;
+ DELTA_ONE;
+ DELTA_ONE;
+ DELTA_ONE;
+ DELTA_ONE;
+ }
+ while (src8 < src8_end)
+ {
+ DELTA_ONE;
+ }
return 0;
}
@@ -156,6 +284,8 @@ fout(int collen, int replen, char *colptr, struct stream *s)
LLOGLN(10, ("fout: big run lreplen %d", lreplen));
replen -= lreplen;
code = ((lreplen & 0xF) << 4) | ((lreplen & 0xF0) >> 4);
+ out_uint8(s, code);
+ colptr += lreplen;
}
else
{
@@ -170,11 +300,11 @@ fout(int collen, int replen, char *colptr, struct stream *s)
lreplen = 0;
}
code = (collen << 4) | lreplen;
+ out_uint8(s, code);
+ out_uint8a(s, colptr, collen);
+ colptr += collen + lreplen;
+ collen = 0;
}
- out_uint8(s, code);
- out_uint8a(s, colptr, collen);
- colptr += collen + lreplen;
- collen = 0;
cont = replen > 0;
}
return 0;
@@ -248,97 +378,159 @@ fpack(char *plane, int cx, int cy, struct stream *s)
}
/*****************************************************************************/
+static int APP_CC
+foutraw3(struct stream *s, int bytes, int header,
+ char *r_data, char *g_data, char *b_data)
+{
+ out_uint8(s, header);
+ out_uint8a(s, r_data, bytes);
+ out_uint8a(s, g_data, bytes);
+ out_uint8a(s, b_data, bytes);
+ /* pad if no RLE */
+ out_uint8(s, 0x00);
+ return 0;
+}
+
+/*****************************************************************************/
+static int APP_CC
+foutraw4(struct stream *s, int bytes, int header,
+ char *a_data, char *r_data, char *g_data, char *b_data)
+{
+ out_uint8(s, header);
+ out_uint8a(s, a_data, bytes);
+ out_uint8a(s, r_data, bytes);
+ out_uint8a(s, g_data, bytes);
+ out_uint8a(s, b_data, bytes);
+ /* pad if no RLE */
+ out_uint8(s, 0x00);
+ return 0;
+}
+
+/*****************************************************************************/
/* returns the number of lines compressed */
int APP_CC
xrdp_bitmap32_compress(char *in_data, int width, int height,
struct stream *s, int bpp, int byte_limit,
int start_line, struct stream *temp_s,
- int e)
+ int e, int flags)
{
- char *alpha_data;
- char *red_data;
- char *green_data;
- char *blue_data;
- int alpha_bytes;
- int red_bytes;
- int green_bytes;
- int blue_bytes;
+ char *a_data;
+ char *r_data;
+ char *g_data;
+ char *b_data;
+ char *sa_data;
+ char *sr_data;
+ char *sg_data;
+ char *sb_data;
+ int a_bytes;
+ int r_bytes;
+ int g_bytes;
+ int b_bytes;
int cx;
int cy;
- int header;
int max_bytes;
+ int total_bytes;
+ int header;
LLOGLN(10, ("xrdp_bitmap32_compress:"));
-
- //header = FLAGS_NOALPHA | FLAGS_RLE;
- //header = FLAGS_NOALPHA;
- header = FLAGS_RLE;
-
+ max_bytes = 4 * 1024;
+ /* need max 8, 4K planes for work */
+ if (max_bytes * 8 > temp_s->size)
+ {
+ return 0;
+ }
+ header = flags & 0xFF;
cx = width + e;
- alpha_data = temp_s->data;
- red_data = alpha_data + cx * height;
- green_data = red_data + cx * height;
- blue_data = green_data + cx * height;
+ sa_data = temp_s->data;
+ sr_data = sa_data + max_bytes;
+ sg_data = sr_data + max_bytes;
+ sb_data = sg_data + max_bytes;
+ a_data = sb_data + max_bytes;
+ r_data = a_data + max_bytes;
+ g_data = r_data + max_bytes;
+ b_data = g_data + max_bytes;
- /* split planes */
- cy = fsplit(in_data, start_line, width, e,
- alpha_data, red_data, green_data, blue_data);
-
- if (header & FLAGS_RLE)
+ if (header & FLAGS_NOALPHA)
{
- out_uint8(s, header);
- if (header & FLAGS_NOALPHA)
+ cy = fsplit3(in_data, start_line, width, e,
+ sr_data, sg_data, sb_data);
+ if (header & FLAGS_RLE)
{
- fdelta(red_data, cx, cy);
- fdelta(green_data, cx, cy);
- fdelta(blue_data, cx, cy);
- red_bytes = fpack(red_data, cx, cy, s);
- green_bytes = fpack(green_data, cx, cy, s);
- blue_bytes = fpack(blue_data, cx, cy, s);
+ fdelta(sr_data, r_data, cx, cy);
+ fdelta(sg_data, g_data, cx, cy);
+ fdelta(sb_data, b_data, cx, cy);
+ out_uint8(s, header);
+ r_bytes = fpack(r_data, cx, cy, s);
+ g_bytes = fpack(g_data, cx, cy, s);
+ b_bytes = fpack(b_data, cx, cy, s);
+ total_bytes = r_bytes + g_bytes + b_bytes;
+ if (1 + total_bytes > byte_limit)
+ {
+ /* failed */
+ LLOGLN(0, ("xrdp_bitmap32_compress: too big, rgb "
+ "bytes %d %d %d total_bytes %d cx %d cy %d "
+ "byte_limit %d", r_bytes, g_bytes, b_bytes,
+ total_bytes, cx, cy, byte_limit));
+ return 0;
+ }
max_bytes = cx * cy * 3;
+ if (total_bytes > max_bytes)
+ {
+ /* raw is better */
+ LLOGLN(10, ("xrdp_bitmap32_compress: too big, rgb "
+ "bytes %d %d %d total_bytes %d cx %d cy %d "
+ "max_bytes %d", r_bytes, g_bytes, b_bytes,
+ total_bytes, cx, cy, max_bytes));
+ init_stream(s, 0);
+ foutraw3(s, cx * cy, FLAGS_NOALPHA, sr_data, sg_data, sb_data);
+ }
}
else
{
- fdelta(alpha_data, cx, cy);
- fdelta(red_data, cx, cy);
- fdelta(green_data, cx, cy);
- fdelta(blue_data, cx, cy);
- alpha_bytes = fpack(alpha_data, cx, cy, s);
- red_bytes = fpack(red_data, cx, cy, s);
- green_bytes = fpack(green_data, cx, cy, s);
- blue_bytes = fpack(blue_data, cx, cy, s);
- max_bytes = cx * cy * 4;
- }
- if (alpha_bytes + red_bytes + green_bytes + blue_bytes > max_bytes)
- {
- LLOGLN(10, ("xrdp_bitmap32_compress: too big, argb "
- "bytes %d %d %d %d cx %d cy %d", alpha_bytes, red_bytes,
- green_bytes, blue_bytes, cx, cy));
+ foutraw3(s, cx * cy, FLAGS_NOALPHA, sr_data, sg_data, sb_data);
}
}
else
{
- out_uint8(s, header);
- red_bytes = cx * cy;
- green_bytes = cx * cy;
- blue_bytes = cx * cy;
- if (header & FLAGS_NOALPHA)
+ cy = fsplit4(in_data, start_line, width, e,
+ sa_data, sr_data, sg_data, sb_data);
+ if (header & FLAGS_RLE)
{
- out_uint8a(s, red_data, red_bytes);
- out_uint8a(s, green_data, green_bytes);
- out_uint8a(s, blue_data, blue_bytes);
+ fdelta(sa_data, a_data, cx, cy);
+ fdelta(sr_data, r_data, cx, cy);
+ fdelta(sg_data, g_data, cx, cy);
+ fdelta(sb_data, b_data, cx, cy);
+ out_uint8(s, header);
+ a_bytes = fpack(a_data, cx, cy, s);
+ r_bytes = fpack(r_data, cx, cy, s);
+ g_bytes = fpack(g_data, cx, cy, s);
+ b_bytes = fpack(b_data, cx, cy, s);
+ max_bytes = cx * cy * 4;
+ total_bytes = a_bytes + r_bytes + g_bytes + b_bytes;
+ if (1 + total_bytes > byte_limit)
+ {
+ /* failed */
+ LLOGLN(0, ("xrdp_bitmap32_compress: too big, argb "
+ "bytes %d %d %d %d total_bytes %d cx %d cy %d "
+ "byte_limit %d", a_bytes, r_bytes, g_bytes, b_bytes,
+ total_bytes, cx, cy, byte_limit));
+ return 0;
+ }
+ if (total_bytes > max_bytes)
+ {
+ /* raw is better */
+ LLOGLN(10, ("xrdp_bitmap32_compress: too big, argb "
+ "bytes %d %d %d %d total_bytes %d cx %d cy %d "
+ "max_bytes %d", a_bytes, r_bytes, g_bytes, b_bytes,
+ total_bytes, cx, cy, max_bytes));
+ init_stream(s, 0);
+ foutraw4(s, cx * cy, 0, sa_data, sr_data, sg_data, sb_data);
+ }
}
else
{
- alpha_bytes = cx * cy;
- out_uint8a(s, alpha_data, alpha_bytes);
- out_uint8a(s, red_data, red_bytes);
- out_uint8a(s, green_data, green_bytes);
- out_uint8a(s, blue_data, blue_bytes);
+ foutraw4(s, cx * cy, 0, sa_data, sr_data, sg_data, sb_data);
}
- /* pad if no RLE */
- out_uint8(s, 0x00);
}
-
return cy;
}
diff --git a/libxrdp/xrdp_mcs.c b/libxrdp/xrdp_mcs.c
index ba5ea73e..c1b0b908 100644
--- a/libxrdp/xrdp_mcs.c
+++ b/libxrdp/xrdp_mcs.c
@@ -718,7 +718,7 @@ xrdp_mcs_send_connect_response(struct xrdp_mcs *self)
DEBUG((" in xrdp_mcs_send_connect_response"));
make_stream(s);
init_stream(s, 8192);
- data_len = self->server_mcs_data->end - self->server_mcs_data->data;
+ data_len = (int) (self->server_mcs_data->end - self->server_mcs_data->data);
xrdp_iso_init(self->iso_layer, s);
xrdp_mcs_ber_out_header(self, s, MCS_CONNECT_RESPONSE, data_len + 38);
xrdp_mcs_ber_out_header(self, s, BER_TAG_RESULT, 1);
diff --git a/libxrdp/xrdp_orders.c b/libxrdp/xrdp_orders.c
index 1412386e..51eac9ca 100644
--- a/libxrdp/xrdp_orders.c
+++ b/libxrdp/xrdp_orders.c
@@ -55,6 +55,8 @@ xrdp_orders_create(struct xrdp_session *session, struct xrdp_rdp *rdp_layer)
{
self->rfx_min_pixel = 64 * 32;
}
+ make_stream(self->s);
+ make_stream(self->temp_s);
return self;
}
@@ -68,6 +70,8 @@ xrdp_orders_delete(struct xrdp_orders *self)
}
xrdp_jpeg_deinit(self->jpeg_han);
free_stream(self->out_s);
+ free_stream(self->s);
+ free_stream(self->temp_s);
g_free(self->orders_state.text_data);
g_free(self);
}
@@ -2321,16 +2325,17 @@ xrdp_orders_send_bitmap(struct xrdp_orders *self,
e = 4 - e;
}
- make_stream(s);
- init_stream(s, 16384);
- make_stream(temp_s);
- init_stream(temp_s, 16384);
+ s = self->s;
+ init_stream(s, 16384 * 2);
+ temp_s = self->temp_s;
+ init_stream(temp_s, 16384 * 2);
p = s->p;
i = height;
if (bpp > 24)
{
- lines_sending = xrdp_bitmap32_compress(data, width, height, s, bpp, 16384,
- i - 1, temp_s, e);
+ lines_sending = xrdp_bitmap32_compress(data, width, height, s,
+ bpp, 16384,
+ i - 1, temp_s, e, 0x30);
}
else
{
@@ -2340,8 +2345,6 @@ xrdp_orders_send_bitmap(struct xrdp_orders *self,
if (lines_sending != height)
{
- free_stream(s);
- free_stream(temp_s);
g_writeln("error in xrdp_orders_send_bitmap, lines_sending(%d) != \
height(%d)", lines_sending, height);
return 1;
@@ -2389,8 +2392,6 @@ height(%d)", lines_sending, height);
}
out_uint8a(self->out_s, s->data, bufsize);
- free_stream(s);
- free_stream(temp_s);
return 0;
}
@@ -2589,16 +2590,17 @@ xrdp_orders_send_bitmap2(struct xrdp_orders *self,
e = 4 - e;
}
- make_stream(s);
- init_stream(s, 16384);
- make_stream(temp_s);
- init_stream(temp_s, 16384);
+ s = self->s;
+ init_stream(s, 16384 * 2);
+ temp_s = self->temp_s;
+ init_stream(temp_s, 16384 * 2);
p = s->p;
i = height;
if (bpp > 24)
{
- lines_sending = xrdp_bitmap32_compress(data, width, height, s, bpp, 16384,
- i - 1, temp_s, e);
+ lines_sending = xrdp_bitmap32_compress(data, width, height, s,
+ bpp, 16384,
+ i - 1, temp_s, e, 0x30);
}
else
{
@@ -2608,8 +2610,6 @@ xrdp_orders_send_bitmap2(struct xrdp_orders *self,
if (lines_sending != height)
{
- free_stream(s);
- free_stream(temp_s);
g_writeln("error in xrdp_orders_send_bitmap2, lines_sending(%d) != \
height(%d)", lines_sending, height);
return 1;
@@ -2638,8 +2638,6 @@ height(%d)", lines_sending, height);
i = cache_idx & 0xff;
out_uint8(self->out_s, i);
out_uint8a(self->out_s, s->data, bufsize);
- free_stream(s);
- free_stream(temp_s);
return 0;
}
diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c
index e6a2f622..5ece71d4 100644
--- a/libxrdp/xrdp_rdp.c
+++ b/libxrdp/xrdp_rdp.c
@@ -551,14 +551,22 @@ xrdp_rdp_send_fastpath(struct xrdp_rdp *self, struct stream *s,
int updateCode;
int fragmentation;
int compression;
- int ctype;
- int len;
+ int comp_type;
+ int comp_len;
+ int no_comp_len;
+ int send_len;
int cont;
int header_bytes;
int sec_bytes;
- struct stream ls;
+ int to_comp_len;
+ int sec_offset;
+ int rdp_offset;
+ struct stream frag_s;
+ struct stream comp_s;
+ struct stream *send_s;
char *holdp;
char *holdend;
+ struct xrdp_mppc_enc *mppc_enc;
LLOGLN(10, ("xrdp_rdp_send_fastpath:"));
s_pop_layer(s, rdp_hdr);
@@ -575,14 +583,18 @@ xrdp_rdp_send_fastpath(struct xrdp_rdp *self, struct stream *s,
}
sec_bytes = xrdp_sec_get_fastpath_bytes(self->sec_layer);
fragmentation = 0;
- ls = *s;
+ frag_s = *s;
+ sec_offset = (int)(frag_s.sec_hdr - frag_s.data);
+ rdp_offset = (int)(frag_s.rdp_hdr - frag_s.data);
cont = 1;
while (cont)
{
- len = (int)(ls.end - ls.p);
- if (len > FASTPATH_FRAG_SIZE)
+ comp_type = 0;
+ send_s = &frag_s;
+ no_comp_len = (int)(frag_s.end - frag_s.p);
+ if (no_comp_len > FASTPATH_FRAG_SIZE)
{
- len = FASTPATH_FRAG_SIZE;
+ no_comp_len = FASTPATH_FRAG_SIZE;
if (fragmentation == 0)
{
fragmentation = 2; /* FASTPATH_FRAGMENT_FIRST */
@@ -599,34 +611,64 @@ xrdp_rdp_send_fastpath(struct xrdp_rdp *self, struct stream *s,
fragmentation = 1; /* FASTPATH_FRAGMENT_LAST */
}
}
- LLOGLN(10, ("xrdp_rdp_send_fastpath: len %d fragmentation %d",
- len, fragmentation));
+ send_len = no_comp_len;
+ LLOGLN(10, ("xrdp_rdp_send_fastpath: no_comp_len %d fragmentation %d",
+ no_comp_len, fragmentation));
+ if (compression != 0)
+ {
+ to_comp_len = no_comp_len - header_bytes;
+ mppc_enc = self->mppc_enc;
+ if (compress_rdp(mppc_enc, (tui8 *)(frag_s.p + header_bytes),
+ to_comp_len))
+ {
+ comp_len = mppc_enc->bytes_in_opb + header_bytes;
+ LLOGLN(10, ("xrdp_rdp_send_fastpath: no_comp_len %d "
+ "comp_len %d", no_comp_len, comp_len));
+ send_len = comp_len;
+ comp_type = mppc_enc->flags;
+ /* outputBuffer has 64 bytes preceding it */
+ g_memset(&comp_s, 0, sizeof(comp_s));
+ comp_s.data = mppc_enc->outputBuffer -
+ (rdp_offset + header_bytes);
+ comp_s.p = comp_s.data + rdp_offset;
+ comp_s.end = comp_s.p + send_len;
+ comp_s.size = send_len;
+ comp_s.sec_hdr = comp_s.data + sec_offset;
+ comp_s.rdp_hdr = comp_s.data + rdp_offset;
+ send_s = &comp_s;
+ }
+ else
+ {
+ LLOGLN(0, ("xrdp_rdp_send_fastpath: mppc_encode not ok "
+ "type %d flags %d", mppc_enc->protocol_type,
+ mppc_enc->flags));
+ return 1;
+ }
+ }
+ holdp = frag_s.p;
+ holdend = frag_s.end;
updateHeader = (updateCode & 15) |
((fragmentation & 3) << 4) |
((compression & 3) << 6);
- out_uint8(&ls, updateHeader);
+ out_uint8(send_s, updateHeader);
if (compression != 0)
{
- /* TODO: */
- ctype = 0;
- out_uint8(&ls, ctype);
+ out_uint8(send_s, comp_type);
}
- len -= header_bytes;
- out_uint16_le(&ls, len);
- holdp = ls.p;
- holdend = ls.end;
- ls.end = ls.p + len;
- if (xrdp_sec_send_fastpath(self->sec_layer, &ls) != 0)
+ send_len -= header_bytes;
+ out_uint16_le(send_s, send_len);
+ send_s->end = send_s->p + send_len;
+ if (xrdp_sec_send_fastpath(self->sec_layer, send_s) != 0)
{
LLOGLN(0, ("xrdp_rdp_send_fastpath: xrdp_fastpath_send failed"));
return 1;
}
- ls.p = holdp + len;
- ls.end = holdend;
- cont = ls.p < ls.end;
- ls.p -= header_bytes;
- ls.sec_hdr = ls.p - sec_bytes;
- ls.data = ls.sec_hdr;
+ frag_s.p = holdp + no_comp_len;
+ frag_s.end = holdend;
+ cont = frag_s.p < frag_s.end;
+ frag_s.p -= header_bytes;
+ frag_s.sec_hdr = frag_s.p - sec_bytes;
+ frag_s.data = frag_s.sec_hdr;
}
return 0;
}
diff --git a/libxrdp/xrdp_sec.c b/libxrdp/xrdp_sec.c
index 8f46ba3d..d726f3e8 100644
--- a/libxrdp/xrdp_sec.c
+++ b/libxrdp/xrdp_sec.c
@@ -26,6 +26,8 @@
do { if (_level < LOG_LEVEL) { g_write _args ; } } while (0)
#define LLOGLN(_level, _args) \
do { if (_level < LOG_LEVEL) { g_writeln _args ; } } while (0)
+#define LHEXDUMP(_level, _args) \
+ do { if (_level < LOG_LEVEL) { g_hexdump _args ; } } while (0)
/* some compilers need unsigned char to avoid warnings */
static tui8 g_pad_54[40] =
@@ -269,8 +271,9 @@ xrdp_sec_create(struct xrdp_rdp *owner, struct trans *trans, int crypt_level,
}
self->encrypt_rc4_info = ssl_rc4_info_create();
- self->mcs_layer = xrdp_mcs_create(self, trans, &self->client_mcs_data,
- &self->server_mcs_data);
+ self->mcs_layer = xrdp_mcs_create(self, trans,
+ &(self->client_mcs_data),
+ &(self->server_mcs_data));
self->fastpath_layer = xrdp_fastpath_create(self, trans);
self->chan_layer = xrdp_channel_create(self, self->mcs_layer);
DEBUG((" out xrdp_sec_create"));
@@ -768,9 +771,12 @@ xrdp_sec_send_media_lic_response(struct xrdp_sec *self)
/*****************************************************************************/
static void APP_CC
-xrdp_sec_rsa_op(char *out, char *in, char *mod, char *exp)
+xrdp_sec_rsa_op(struct xrdp_sec *self, char *out, char *in, int in_bytes,
+ char *mod, char *exp)
{
- ssl_mod_exp(out, 64, in, 64, mod, 64, exp, 64);
+ ssl_mod_exp(out, self->rsa_key_bytes, in, in_bytes,
+ mod, self->rsa_key_bytes,
+ exp, self->rsa_key_bytes);
}
/*****************************************************************************/
@@ -1073,14 +1079,26 @@ xrdp_sec_recv(struct xrdp_sec *self, struct stream *s, int *chan)
if (flags & SEC_CLIENT_RANDOM) /* 0x01 */
{
- if (!s_check_rem(s, 4 + 64))
+ if (!s_check_rem(s, 4))
{
return 1;
}
in_uint32_le(s, len);
- in_uint8a(s, self->client_crypt_random, 64);
- xrdp_sec_rsa_op(self->client_random, self->client_crypt_random,
- self->pub_mod, self->pri_exp);
+ /* 512, 2048 bit */
+ if ((len != 64 + 8) && (len != 256 + 8))
+ {
+ return 1;
+ }
+ if (!s_check_rem(s, len - 8))
+ {
+ return 1;
+ }
+ in_uint8a(s, self->client_crypt_random, len - 8);
+ xrdp_sec_rsa_op(self, self->client_random, self->client_crypt_random,
+ len - 8, self->pub_mod, self->pri_exp);
+ LLOGLN(10, ("xrdp_sec_recv: client random - len %d", len));
+ LHEXDUMP(10, (self->client_random, 256));
+ LHEXDUMP(10, (self->client_crypt_random, len - 8));
if (self->crypt_level == CRYPT_LEVEL_FIPS)
{
xrdp_sec_fips_establish_keys(self);
@@ -1805,11 +1823,14 @@ xrdp_sec_out_mcs_data(struct xrdp_sec *self)
int num_channels;
int index;
int channel;
+ int gcc_size;
+ char* gcc_size_ptr;
+ char* ud_ptr;
num_channels = self->mcs_layer->channel_list->count;
num_channels_even = num_channels + (num_channels & 1);
- s = &self->server_mcs_data;
- init_stream(s, 512);
+ s = &(self->server_mcs_data);
+ init_stream(s, 8192);
out_uint16_be(s, 5);
out_uint16_be(s, 0x14);
out_uint8(s, 0x7c);
@@ -1827,14 +1848,11 @@ xrdp_sec_out_mcs_data(struct xrdp_sec *self)
out_uint8(s, 0x63); /* c */
out_uint8(s, 0x44); /* D */
out_uint8(s, 0x6e); /* n */
- if (self->mcs_layer->iso_layer->selectedProtocol != -1)
- { // Check for RDPNEGDATA availability
- out_uint16_be(s, 0x80fc + (num_channels_even * 2) + 4);
- }
- else
- {
- out_uint16_be(s, 0x80fc + (num_channels_even * 2));
- }
+ /* GCC Response Total Length - 2 bytes , set later */
+ gcc_size_ptr = s->p; /* RDPGCCUserDataResponseLength */
+ out_uint8s(s, 2);
+ ud_ptr = s->p; /* User Data */
+
out_uint16_le(s, SEC_TAG_SRV_INFO);
if (self->mcs_layer->iso_layer->selectedProtocol != -1)
{
@@ -1848,9 +1866,9 @@ xrdp_sec_out_mcs_data(struct xrdp_sec *self)
out_uint8(s, 0);
out_uint8(s, 8);
out_uint8(s, 0);
- if (self->mcs_layer->iso_layer->selectedProtocol != -1)
+ if (self->mcs_layer->iso_layer->selectedProtocol != -1)
{
- /* clientReqeustedProtocol */
+ /* ReqeustedProtocol */
out_uint32_le(s, self->mcs_layer->iso_layer->selectedProtocol);
}
out_uint16_le(s, SEC_TAG_SRV_CHANNELS);
@@ -1871,34 +1889,77 @@ xrdp_sec_out_mcs_data(struct xrdp_sec *self)
}
}
- out_uint16_le(s, SEC_TAG_SRV_CRYPT);
- out_uint16_le(s, 0x00ec); /* len is 236 */
- out_uint32_le(s, self->crypt_method);
- out_uint32_le(s, self->crypt_level);
- out_uint32_le(s, 32); /* 32 bytes random len */
- out_uint32_le(s, 0xb8); /* 184 bytes rsa info(certificate) len */
- out_uint8a(s, self->server_random, 32);
- /* here to end is certificate */
- /* HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ */
- /* TermService\Parameters\Certificate */
- out_uint32_le(s, 1);
- out_uint32_le(s, 1);
- out_uint32_le(s, 1);
- out_uint16_le(s, SEC_TAG_PUBKEY);
- out_uint16_le(s, 0x005c); /* 92 bytes length of SEC_TAG_PUBKEY */
- out_uint32_le(s, SEC_RSA_MAGIC);
- out_uint32_le(s, 0x48); /* 72 bytes modulus len */
- out_uint32_be(s, 0x00020000);
- out_uint32_be(s, 0x3f000000);
- out_uint8a(s, self->pub_exp, 4); /* pub exp */
- out_uint8a(s, self->pub_mod, 64); /* pub mod */
- out_uint8s(s, 8); /* pad */
- out_uint16_le(s, SEC_TAG_KEYSIG);
- out_uint16_le(s, 72); /* len */
- out_uint8a(s, self->pub_sig, 64); /* pub sig */
- out_uint8s(s, 8); /* pad */
+ if (self->rsa_key_bytes == 64)
+ {
+ g_writeln("xrdp_sec_out_mcs_data: using 512 bit RSA key");
+ out_uint16_le(s, SEC_TAG_SRV_CRYPT);
+ out_uint16_le(s, 0x00ec); /* len is 236 */
+ out_uint32_le(s, self->crypt_method);
+ out_uint32_le(s, self->crypt_level);
+ out_uint32_le(s, 32); /* 32 bytes random len */
+ out_uint32_le(s, 0xb8); /* 184 bytes rsa info(certificate) len */
+ out_uint8a(s, self->server_random, 32);
+ /* here to end is certificate */
+ /* HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ */
+ /* TermService\Parameters\Certificate */
+ out_uint32_le(s, 1);
+ out_uint32_le(s, 1);
+ out_uint32_le(s, 1);
+ out_uint16_le(s, SEC_TAG_PUBKEY); /* 0x0006 */
+ out_uint16_le(s, 0x005c); /* 92 bytes length of SEC_TAG_PUBKEY */
+ out_uint32_le(s, SEC_RSA_MAGIC); /* 0x31415352 'RSA1' */
+ out_uint32_le(s, 0x0048); /* 72 bytes modulus len */
+ out_uint32_be(s, 0x00020000); /* bit len */
+ out_uint32_be(s, 0x3f000000); /* data len */
+ out_uint8a(s, self->pub_exp, 4); /* pub exp */
+ out_uint8a(s, self->pub_mod, 64); /* pub mod */
+ out_uint8s(s, 8); /* pad */
+ out_uint16_le(s, SEC_TAG_KEYSIG); /* 0x0008 */
+ out_uint16_le(s, 72); /* len */
+ out_uint8a(s, self->pub_sig, 64); /* pub sig */
+ out_uint8s(s, 8); /* pad */
+ }
+ else if (self->rsa_key_bytes == 256)
+ {
+ g_writeln("xrdp_sec_out_mcs_data: using 2048 bit RSA key");
+ out_uint16_le(s, SEC_TAG_SRV_CRYPT);
+ out_uint16_le(s, 0x01ac); /* len is 428 */
+ out_uint32_le(s, self->crypt_method);
+ out_uint32_le(s, self->crypt_level);
+ out_uint32_le(s, 32); /* 32 bytes random len */
+ out_uint32_le(s, 0x178); /* 376 bytes rsa info(certificate) len */
+ out_uint8a(s, self->server_random, 32);
+ /* here to end is certificate */
+ /* HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ */
+ /* TermService\Parameters\Certificate */
+ out_uint32_le(s, 1);
+ out_uint32_le(s, 1);
+ out_uint32_le(s, 1);
+ out_uint16_le(s, SEC_TAG_PUBKEY); /* 0x0006 */
+ out_uint16_le(s, 0x011c); /* 284 bytes length of SEC_TAG_PUBKEY */
+ out_uint32_le(s, SEC_RSA_MAGIC); /* 0x31415352 'RSA1' */
+ out_uint32_le(s, 0x0108); /* 264 bytes modulus len */
+ out_uint32_be(s, 0x00080000); /* bit len */
+ out_uint32_be(s, 0xff000000); /* data len */
+ out_uint8a(s, self->pub_exp, 4); /* pub exp */
+ out_uint8a(s, self->pub_mod, 256); /* pub mod */
+ out_uint8s(s, 8); /* pad */
+ out_uint16_le(s, SEC_TAG_KEYSIG); /* 0x0008 */
+ out_uint16_le(s, 72); /* len */
+ out_uint8a(s, self->pub_sig, 64); /* pub sig */
+ out_uint8s(s, 8); /* pad */
+ }
+ else
+ {
+ LLOGLN(0, ("xrdp_sec_out_mcs_data: error"));
+ }
/* end certificate */
s_mark_end(s);
+
+ gcc_size = (int)(s->end - ud_ptr) | 0x8000;
+ gcc_size_ptr[0] = gcc_size >> 8;
+ gcc_size_ptr[1] = gcc_size;
+
return 0;
}
@@ -1976,7 +2037,6 @@ xrdp_sec_incoming(struct xrdp_sec *self)
char *value = NULL;
char key_file[256];
- LLOGLN(10, ("xrdp_sec_incoming:"));
g_memset(key_file, 0, sizeof(char) * 256);
DEBUG((" in xrdp_sec_incoming"));
g_random(self->server_random, 32);
@@ -2000,14 +2060,16 @@ xrdp_sec_incoming(struct xrdp_sec *self)
{
item = (char *)list_get_item(items, index);
value = (char *)list_get_item(values, index);
-
+
if (g_strcasecmp(item, "pub_exp") == 0)
{
hex_str_to_bin(value, self->pub_exp, 4);
}
else if (g_strcasecmp(item, "pub_mod") == 0)
{
- hex_str_to_bin(value, self->pub_mod, 64);
+ self->rsa_key_bytes = (g_strlen(value) + 1) / 5;
+ g_writeln("pub_mod bytes %d", self->rsa_key_bytes);
+ hex_str_to_bin(value, self->pub_mod, self->rsa_key_bytes);
}
else if (g_strcasecmp(item, "pub_sig") == 0)
{
@@ -2015,7 +2077,9 @@ xrdp_sec_incoming(struct xrdp_sec *self)
}
else if (g_strcasecmp(item, "pri_exp") == 0)
{
- hex_str_to_bin(value, self->pri_exp, 64);
+ self->rsa_key_bytes = (g_strlen(value) + 1) / 5;
+ g_writeln("pri_exp %d", self->rsa_key_bytes);
+ hex_str_to_bin(value, self->pri_exp, self->rsa_key_bytes);
}
}
generated by cgit v1.2.1 (git 2.18.0) at 2025-01-19 00:09:57 +0000