FreeRDP
nego.c File Reference
#include <winpr/crt.h>
#include <freerdp/log.h>
#include "tpkt.h"
#include "nego.h"
#include "transport.h"

Macros

#define TAG   FREERDP_TAG("core.nego")
 

Functions

static BOOL nego_transport_connect (rdpNego *nego)
 
static BOOL nego_transport_disconnect (rdpNego *nego)
 
static BOOL nego_security_connect (rdpNego *nego)
 
static BOOL nego_send_preconnection_pdu (rdpNego *nego)
 
static BOOL nego_recv_response (rdpNego *nego)
 
static void nego_send (rdpNego *nego)
 
static void nego_process_negotiation_request (rdpNego *nego, wStream *s)
 
static void nego_process_negotiation_response (rdpNego *nego, wStream *s)
 
static void nego_process_negotiation_failure (rdpNego *nego, wStream *s)
 
BOOL nego_connect (rdpNego *nego)
 
BOOL nego_disconnect (rdpNego *nego)
 
static BOOL nego_tcp_connect (rdpNego *nego)
 
static void nego_attempt_ext (rdpNego *nego)
 
static void nego_attempt_nla (rdpNego *nego)
 
static void nego_attempt_tls (rdpNego *nego)
 
static void nego_attempt_rdp (rdpNego *nego)
 
int nego_recv (rdpTransport *transport, wStream *s, void *extra)
 
static BOOL nego_read_request_token_or_cookie (rdpNego *nego, wStream *s)
 
BOOL nego_read_request (rdpNego *nego, wStream *s)
 
BOOL nego_send_negotiation_request (rdpNego *nego)
 
BOOL nego_send_negotiation_response (rdpNego *nego)
 
void nego_init (rdpNego *nego)
 
rdpNego * nego_new (rdpTransport *transport)
 
void nego_free (rdpNego *nego)
 
BOOL nego_set_target (rdpNego *nego, const char *hostname, UINT16 port)
 
void nego_set_negotiation_enabled (rdpNego *nego, BOOL NegotiateSecurityLayer)
 
void nego_set_restricted_admin_mode_required (rdpNego *nego, BOOL RestrictedAdminModeRequired)
 
void nego_set_gateway_enabled (rdpNego *nego, BOOL GatewayEnabled)
 
void nego_set_gateway_bypass_local (rdpNego *nego, BOOL GatewayBypassLocal)
 
void nego_enable_rdp (rdpNego *nego, BOOL enable_rdp)
 
void nego_enable_tls (rdpNego *nego, BOOL enable_tls)
 
void nego_enable_nla (rdpNego *nego, BOOL enable_nla)
 
void nego_enable_ext (rdpNego *nego, BOOL enable_ext)
 
BOOL nego_set_routing_token (rdpNego *nego, BYTE *RoutingToken, DWORD RoutingTokenLength)
 
BOOL nego_set_cookie (rdpNego *nego, char *cookie)
 
void nego_set_cookie_max_length (rdpNego *nego, UINT32 CookieMaxLength)
 
void nego_set_send_preconnection_pdu (rdpNego *nego, BOOL SendPreconnectionPdu)
 
void nego_set_preconnection_id (rdpNego *nego, UINT32 PreconnectionId)
 
void nego_set_preconnection_blob (rdpNego *nego, char *PreconnectionBlob)
 
UINT32 nego_get_selected_protocol (rdpNego *nego)
 
BOOL nego_set_selected_protocol (rdpNego *nego, UINT32 SelectedProtocol)
 
UINT32 nego_get_requested_protocols (rdpNego *nego)
 
BOOL nego_set_requested_protocols (rdpNego *nego, UINT32 RequestedProtocols)
 
NEGO_STATE nego_get_state (rdpNego *nego)
 
BOOL nego_set_state (rdpNego *nego, NEGO_STATE state)
 
SEC_WINNT_AUTH_IDENTITY * nego_get_identity (rdpNego *nego)
 
void nego_free_nla (rdpNego *nego)
 

Variables

static const char *const NEGO_STATE_STRINGS []
 
static const char PROTOCOL_SECURITY_STRINGS [9][4]
 

Macro Definition Documentation

#define TAG   FREERDP_TAG("core.nego")

FreeRDP: A Remote Desktop Protocol Implementation RDP Protocol Security Negotiation

Copyright 2011 Marc-Andre Moreau marca.nosp@m.ndre.nosp@m..more.nosp@m.au@g.nosp@m.mail..nosp@m.com Copyright 2014 Norbert Federa norbe.nosp@m.rt.f.nosp@m.edera.nosp@m.@thi.nosp@m.ncast.nosp@m..com Copyright 2015 Thincast Technologies GmbH Copyright 2015 DI (FH) Martin Haimberger marti.nosp@m.n.ha.nosp@m.imber.nosp@m.ger@.nosp@m.thinc.nosp@m.ast..nosp@m.com

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Function Documentation

static void nego_attempt_ext ( rdpNego *  nego)
static

Attempt negotiating NLA + TLS extended security.

Parameters
nego

Here is the call graph for this function:

Here is the caller graph for this function:

static void nego_attempt_nla ( rdpNego *  nego)
static

Attempt negotiating NLA + TLS security.

Parameters
nego

Here is the call graph for this function:

Here is the caller graph for this function:

static void nego_attempt_rdp ( rdpNego *  nego)
static

Attempt negotiating standard RDP security.

Parameters
nego

Here is the call graph for this function:

Here is the caller graph for this function:

static void nego_attempt_tls ( rdpNego *  nego)
static

Attempt negotiating TLS security.

Parameters
nego

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_connect ( rdpNego *  nego)

Negotiate protocol security and connect.

Parameters
nego
Returns

Advertise all supported encryption methods if the client implementation did not set any security methods

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_disconnect ( rdpNego *  nego)

Here is the call graph for this function:

Here is the caller graph for this function:

void nego_enable_ext ( rdpNego *  nego,
BOOL  enable_ext 
)

Enable NLA extended security protocol.

Parameters
negopointer to the negotiation structure
enable_extwhether to enable network level authentication extended protocol (TRUE for enabled, FALSE for disabled)

Here is the caller graph for this function:

void nego_enable_nla ( rdpNego *  nego,
BOOL  enable_nla 
)

Enable NLA security protocol.

Parameters
negopointer to the negotiation structure
enable_nlawhether to enable network level authentication protocol (TRUE for enabled, FALSE for disabled)

Here is the caller graph for this function:

void nego_enable_rdp ( rdpNego *  nego,
BOOL  enable_rdp 
)

Enable RDP security protocol.

Parameters
negopointer to the negotiation structure
enable_rdpwhether to enable normal RDP protocol (TRUE for enabled, FALSE for disabled)

Here is the caller graph for this function:

void nego_enable_tls ( rdpNego *  nego,
BOOL  enable_tls 
)

Enable TLS security protocol.

Parameters
negopointer to the negotiation structure
enable_tlswhether to enable TLS + RDP protocol (TRUE for enabled, FALSE for disabled)

Here is the caller graph for this function:

void nego_free ( rdpNego *  nego)

Free NEGO state machine.

Parameters
nego

Here is the caller graph for this function:

void nego_free_nla ( rdpNego *  nego)

Here is the call graph for this function:

Here is the caller graph for this function:

SEC_WINNT_AUTH_IDENTITY* nego_get_identity ( rdpNego *  nego)

Here is the call graph for this function:

Here is the caller graph for this function:

UINT32 nego_get_requested_protocols ( rdpNego *  nego)

Here is the caller graph for this function:

UINT32 nego_get_selected_protocol ( rdpNego *  nego)

Here is the caller graph for this function:

NEGO_STATE nego_get_state ( rdpNego *  nego)

Here is the caller graph for this function:

void nego_init ( rdpNego *  nego)

Initialize NEGO state machine.

Parameters
nego

Here is the caller graph for this function:

rdpNego* nego_new ( rdpTransport *  transport)

Create a new NEGO state machine instance.

Parameters
transport
Returns

Here is the call graph for this function:

Here is the caller graph for this function:

void nego_process_negotiation_failure ( rdpNego *  nego,
wStream *  s 
)
static

Process Negotiation Failure from Connection Confirm message.

Parameters
nego
s

Here is the caller graph for this function:

void nego_process_negotiation_request ( rdpNego *  nego,
wStream *  s 
)
static

Process Negotiation Request from Connection Request message.

Parameters
nego
s

Here is the caller graph for this function:

void nego_process_negotiation_response ( rdpNego *  nego,
wStream *  s 
)
static

Process Negotiation Response from Connection Confirm message.

Parameters
nego
s

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_read_request ( rdpNego *  nego,
wStream *  s 
)

Read protocol security negotiation request message.

Parameters
nego
sstream

Here is the call graph for this function:

Here is the caller graph for this function:

static BOOL nego_read_request_token_or_cookie ( rdpNego *  nego,
wStream *  s 
)
static

Read optional routing token or cookie of X.224 Connection Request PDU. http://msdn.microsoft.com/en-us/library/cc240470/

Parameters
nego
sstream

Here is the call graph for this function:

Here is the caller graph for this function:

int nego_recv ( rdpTransport *  transport,
wStream *  s,
void extra 
)

Receive protocol security negotiation message.
http://msdn.microsoft.com/en-us/library/cc240501/

Parameters
transporttransport
sstream
extranego pointer

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_recv_response ( rdpNego *  nego)
static

Wait to receive a negotiation response

Parameters
nego

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_security_connect ( rdpNego *  nego)
static

Here is the call graph for this function:

Here is the caller graph for this function:

void nego_send ( rdpNego *  nego)
static

Send protocol security negotiation message.

Parameters
nego

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_send_negotiation_request ( rdpNego *  nego)

Send RDP Negotiation Request (RDP_NEG_REQ).
http://msdn.microsoft.com/en-us/library/cc240500/
http://msdn.microsoft.com/en-us/library/cc240470/

Parameters
nego

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_send_negotiation_response ( rdpNego *  nego)

Send RDP Negotiation Response (RDP_NEG_RSP).

Parameters
nego

If the server implementation did not explicitely set a encryption level we default to client compatible

Note: This hack was firstly introduced in commit 95f5e115 to disable the unnecessary encryption with peers connecting to 127.0.0.1 or local unix sockets. This also affects connections via port tunnels! (e.g. ssh -L)

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_send_preconnection_pdu ( rdpNego *  nego)
static

Send preconnection information if enabled.

Parameters
nego
Returns

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_set_cookie ( rdpNego *  nego,
char *  cookie 
)

Set cookie.

Parameters
nego
cookie

Here is the call graph for this function:

Here is the caller graph for this function:

void nego_set_cookie_max_length ( rdpNego *  nego,
UINT32  CookieMaxLength 
)

Set cookie maximum length

Parameters
nego
CookieMaxLength

Here is the caller graph for this function:

void nego_set_gateway_bypass_local ( rdpNego *  nego,
BOOL  GatewayBypassLocal 
)

Here is the caller graph for this function:

void nego_set_gateway_enabled ( rdpNego *  nego,
BOOL  GatewayEnabled 
)

Here is the caller graph for this function:

void nego_set_negotiation_enabled ( rdpNego *  nego,
BOOL  NegotiateSecurityLayer 
)

Enable security layer negotiation.

Parameters
negopointer to the negotiation structure
enable_rdpwhether to enable security layer negotiation (TRUE for enabled, FALSE for disabled)

Here is the caller graph for this function:

void nego_set_preconnection_blob ( rdpNego *  nego,
char *  PreconnectionBlob 
)

Set preconnection blob.

Parameters
nego
blob

Here is the caller graph for this function:

void nego_set_preconnection_id ( rdpNego *  nego,
UINT32  PreconnectionId 
)

Set preconnection id.

Parameters
nego
id

Here is the caller graph for this function:

BOOL nego_set_requested_protocols ( rdpNego *  nego,
UINT32  RequestedProtocols 
)

Here is the caller graph for this function:

void nego_set_restricted_admin_mode_required ( rdpNego *  nego,
BOOL  RestrictedAdminModeRequired 
)

Enable restricted admin mode.

Parameters
negopointer to the negotiation structure
enable_restrictedwhether to enable security layer negotiation (TRUE for enabled, FALSE for disabled)

Here is the caller graph for this function:

BOOL nego_set_routing_token ( rdpNego *  nego,
BYTE RoutingToken,
DWORD  RoutingTokenLength 
)

Set routing token.

Parameters
nego
RoutingToken
RoutingTokenLength

Here is the caller graph for this function:

BOOL nego_set_selected_protocol ( rdpNego *  nego,
UINT32  SelectedProtocol 
)

Here is the caller graph for this function:

void nego_set_send_preconnection_pdu ( rdpNego *  nego,
BOOL  SendPreconnectionPdu 
)

Enable / disable preconnection PDU.

Parameters
nego
send_pcpdu

Here is the caller graph for this function:

BOOL nego_set_state ( rdpNego *  nego,
NEGO_STATE  state 
)

Here is the caller graph for this function:

BOOL nego_set_target ( rdpNego *  nego,
const char *  hostname,
UINT16  port 
)

Set target hostname and port.

Parameters
nego
hostname
port

Here is the caller graph for this function:

static BOOL nego_tcp_connect ( rdpNego *  nego)
static

Connect TCP layer.

Parameters
nego
Returns

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_transport_connect ( rdpNego *  nego)
static

Connect TCP layer. For direct approach, connect security layer as well.

Parameters
nego
Returns

Here is the call graph for this function:

Here is the caller graph for this function:

BOOL nego_transport_disconnect ( rdpNego *  nego)
static

Disconnect TCP layer.

Parameters
nego
Returns

Here is the call graph for this function:

Here is the caller graph for this function:

Variable Documentation

const char* const NEGO_STATE_STRINGS[]
static
Initial value:
=
{
"NEGO_STATE_INITIAL",
"NEGO_STATE_EXT",
"NEGO_STATE_NLA",
"NEGO_STATE_TLS",
"NEGO_STATE_RDP",
"NEGO_STATE_FAIL",
"NEGO_STATE_FINAL"
}
const char PROTOCOL_SECURITY_STRINGS[9][4]
static
Initial value:
=
{
"RDP",
"TLS",
"NLA",
"UNK",
"UNK",
"UNK",
"UNK",
"UNK",
"EXT"
}