From f0b6c6b1d178419ae82ad1c8ea2d74c97cc2f27b Mon Sep 17 00:00:00 2001 From: Idan Freiberg Date: Tue, 15 Jul 2014 18:29:40 +0300 Subject: libxrdp: started adding TLS support --- common/trans.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'common/trans.c') diff --git a/common/trans.c b/common/trans.c index 6fd5a9d8..421d5679 100644 --- a/common/trans.c +++ b/common/trans.c @@ -38,6 +38,8 @@ trans_create(int mode, int in_size, int out_size) make_stream(self->out_s); init_stream(self->out_s, out_size); self->mode = mode; + self->do_tls = 0; /* default simple tcp layer */ + self->tls = 0; } return self; @@ -248,7 +250,7 @@ trans_check_wait_objs(struct trans *self) if (to_read > 0) { - read_bytes = g_tcp_recv(self->sck, self->in_s->end, to_read, 0); + read_bytes = g_tcp_recv(self->sck, self->in_s->end, to_read, 0); if (read_bytes == -1) { @@ -318,7 +320,9 @@ trans_force_read_s(struct trans *self, struct stream *in_s, int size) { return 1; } + rcvd = g_tcp_recv(self->sck, in_s->end, size, 0); + if (rcvd == -1) { if (g_tcp_last_error_would_block(self->sck)) @@ -391,7 +395,7 @@ trans_force_write_s(struct trans *self, struct stream *out_s) while (total < size) { - sent = g_tcp_send(self->sck, out_s->data + total, size - total, 0); + sent = g_tcp_send(self->sck, out_s->data + total, size - total, 0); if (sent == -1) { -- cgit v1.2.1 From afdf638c7b56e7420e32853df6299d9217e0f8d4 Mon Sep 17 00:00:00 2001 From: Idan Freiberg Date: Wed, 23 Jul 2014 15:31:45 +0300 Subject: libxrdp, common: work on TLS mode --- common/trans.c | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 63 insertions(+), 2 deletions(-) (limited to 'common/trans.c') diff --git a/common/trans.c b/common/trans.c index 421d5679..d58bdd91 100644 --- a/common/trans.c +++ b/common/trans.c @@ -38,8 +38,10 @@ trans_create(int mode, int in_size, int out_size) make_stream(self->out_s); init_stream(self->out_s, out_size); self->mode = mode; - self->do_tls = 0; /* default simple tcp layer */ self->tls = 0; + /* assign tcp functions */ + self->trans_read_call = trans_tcp_force_read_s; + self->trans_write_call = trans_tcp_force_write_s; } return self; @@ -70,6 +72,11 @@ trans_delete(struct trans *self) g_free(self->listen_filename); } + if (self->tls != 0) + { + xrdp_tls_delete(self->tls); + } + g_free(self); } @@ -301,10 +308,15 @@ trans_check_wait_objs(struct trans *self) return rv; } - /*****************************************************************************/ int APP_CC trans_force_read_s(struct trans *self, struct stream *in_s, int size) +{ + return self->trans_read_call(self, in_s, size); +} +/*****************************************************************************/ +int APP_CC +trans_tcp_force_read_s(struct trans *self, struct stream *in_s, int size) { int rcvd; @@ -368,12 +380,22 @@ trans_force_read_s(struct trans *self, struct stream *in_s, int size) int APP_CC trans_force_read(struct trans *self, int size) { + if (self->tls != 0) + { + return xrdp_tls_force_read_s(self, self->in_s, size); + } return trans_force_read_s(self, self->in_s, size); } /*****************************************************************************/ int APP_CC trans_force_write_s(struct trans *self, struct stream *out_s) +{ + return self->trans_write_call(self, out_s); +} +/*****************************************************************************/ +int APP_CC +trans_tcp_force_write_s(struct trans *self, struct stream *out_s) { int size; int total; @@ -632,3 +654,42 @@ trans_get_out_s(struct trans *self, int size) return rv; } +/*****************************************************************************/ +/* returns error */ +int APP_CC +trans_set_tls_mode(struct trans *self, const char *key, const char *cert) +{ + self->tls = xrdp_tls_create(self, key, cert); + if (self->tls == NULL) + { + g_writeln("trans_set_tls_mode: xrdp_tls_create malloc error"); + return 1; + } + + if (xrdp_tls_accept(self->tls) != 0) + { + g_writeln("trans_set_tls_mode: xrdp_tls_accept failed"); + return 1; + } + + /* assign tls functions */ + self->trans_read_call = xrdp_tls_force_read_s; + self->trans_write_call = xrdp_tls_force_write_s; + + return 0; +} +/*****************************************************************************/ +/* returns error */ +int APP_CC +trans_shutdown_tls_mode(struct trans *self) +{ + if (self->tls != NULL) + { + return xrdp_tls_disconnect(self->tls); + } + + /* set callback to tls */ + self->trans_read_call = trans_tcp_force_read_s; + self->trans_write_call = trans_tcp_force_write_s; + return 0; +} -- cgit v1.2.1 From df870334895876cc9c5bec2bf720e4e2a8625daa Mon Sep 17 00:00:00 2001 From: Idan Freiberg Date: Wed, 23 Jul 2014 15:37:47 +0300 Subject: trans: work on TLS --- common/trans.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'common/trans.c') diff --git a/common/trans.c b/common/trans.c index d58bdd91..e13cd420 100644 --- a/common/trans.c +++ b/common/trans.c @@ -380,10 +380,6 @@ trans_tcp_force_read_s(struct trans *self, struct stream *in_s, int size) int APP_CC trans_force_read(struct trans *self, int size) { - if (self->tls != 0) - { - return xrdp_tls_force_read_s(self, self->in_s, size); - } return trans_force_read_s(self, self->in_s, size); } @@ -688,7 +684,7 @@ trans_shutdown_tls_mode(struct trans *self) return xrdp_tls_disconnect(self->tls); } - /* set callback to tls */ + /* set callback back to tcp */ self->trans_read_call = trans_tcp_force_read_s; self->trans_write_call = trans_tcp_force_write_s; return 0; -- cgit v1.2.1