FreeRDP
nego.c File Reference
#include <winpr/crt.h>
#include <freerdp/log.h>
#include "tpkt.h"
#include "nego.h"
#include "transport.h"

Macros

#define TAG   FREERDP_TAG("core.nego")
 

Functions

static const char * nego_state_string (NEGO_STATE state)
 
static const char * protocol_security_string (UINT32 security)
 
static BOOL nego_transport_connect (rdpNego *nego)
 
static BOOL nego_transport_disconnect (rdpNego *nego)
 
static BOOL nego_security_connect (rdpNego *nego)
 
static BOOL nego_send_preconnection_pdu (rdpNego *nego)
 
static BOOL nego_recv_response (rdpNego *nego)
 
static void nego_send (rdpNego *nego)
 
static BOOL nego_process_negotiation_request (rdpNego *nego, wStream *s)
 
static BOOL nego_process_negotiation_response (rdpNego *nego, wStream *s)
 
static BOOL nego_process_negotiation_failure (rdpNego *nego, wStream *s)
 
BOOL nego_connect (rdpNego *nego)
 
BOOL nego_disconnect (rdpNego *nego)
 
static BOOL nego_tcp_connect (rdpNego *nego)
 
static void nego_attempt_ext (rdpNego *nego)
 
static void nego_attempt_nla (rdpNego *nego)
 
static void nego_attempt_tls (rdpNego *nego)
 
static void nego_attempt_rdp (rdpNego *nego)
 
int nego_recv (rdpTransport *transport, wStream *s, void *extra)
 
static BOOL nego_read_request_token_or_cookie (rdpNego *nego, wStream *s)
 
BOOL nego_read_request (rdpNego *nego, wStream *s)
 
BOOL nego_send_negotiation_request (rdpNego *nego)
 
BOOL nego_send_negotiation_response (rdpNego *nego)
 
void nego_init (rdpNego *nego)
 
rdpNego * nego_new (rdpTransport *transport)
 
void nego_free (rdpNego *nego)
 
BOOL nego_set_target (rdpNego *nego, const char *hostname, UINT16 port)
 
void nego_set_negotiation_enabled (rdpNego *nego, BOOL NegotiateSecurityLayer)
 
void nego_set_restricted_admin_mode_required (rdpNego *nego, BOOL RestrictedAdminModeRequired)
 
void nego_set_gateway_enabled (rdpNego *nego, BOOL GatewayEnabled)
 
void nego_set_gateway_bypass_local (rdpNego *nego, BOOL GatewayBypassLocal)
 
void nego_enable_rdp (rdpNego *nego, BOOL enable_rdp)
 
void nego_enable_tls (rdpNego *nego, BOOL enable_tls)
 
void nego_enable_nla (rdpNego *nego, BOOL enable_nla)
 
void nego_enable_ext (rdpNego *nego, BOOL enable_ext)
 
BOOL nego_set_routing_token (rdpNego *nego, BYTE *RoutingToken, DWORD RoutingTokenLength)
 
BOOL nego_set_cookie (rdpNego *nego, char *cookie)
 
void nego_set_cookie_max_length (rdpNego *nego, UINT32 CookieMaxLength)
 
void nego_set_send_preconnection_pdu (rdpNego *nego, BOOL SendPreconnectionPdu)
 
void nego_set_preconnection_id (rdpNego *nego, UINT32 PreconnectionId)
 
void nego_set_preconnection_blob (rdpNego *nego, char *PreconnectionBlob)
 
UINT32 nego_get_selected_protocol (rdpNego *nego)
 
BOOL nego_set_selected_protocol (rdpNego *nego, UINT32 SelectedProtocol)
 
UINT32 nego_get_requested_protocols (rdpNego *nego)
 
BOOL nego_set_requested_protocols (rdpNego *nego, UINT32 RequestedProtocols)
 
NEGO_STATE nego_get_state (rdpNego *nego)
 
BOOL nego_set_state (rdpNego *nego, NEGO_STATE state)
 
SEC_WINNT_AUTH_IDENTITY * nego_get_identity (rdpNego *nego)
 
void nego_free_nla (rdpNego *nego)
 
const BYTEnego_get_routing_token (rdpNego *nego, DWORD *RoutingTokenLength)
 

Macro Definition Documentation

◆ TAG

#define TAG   FREERDP_TAG("core.nego")

FreeRDP: A Remote Desktop Protocol Implementation RDP Protocol Security Negotiation

Copyright 2011 Marc-Andre Moreau marca.nosp@m.ndre.nosp@m..more.nosp@m.au@g.nosp@m.mail..nosp@m.com Copyright 2014 Norbert Federa norbe.nosp@m.rt.f.nosp@m.edera.nosp@m.@thi.nosp@m.ncast.nosp@m..com Copyright 2015 Thincast Technologies GmbH Copyright 2015 DI (FH) Martin Haimberger marti.nosp@m.n.ha.nosp@m.imber.nosp@m.ger@.nosp@m.thinc.nosp@m.ast..nosp@m.com

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Function Documentation

◆ nego_attempt_ext()

static void nego_attempt_ext ( rdpNego *  nego)
static

Attempt negotiating NLA + TLS extended security.

Parameters
nego
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_attempt_nla()

static void nego_attempt_nla ( rdpNego *  nego)
static

Attempt negotiating NLA + TLS security.

Parameters
nego
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_attempt_rdp()

static void nego_attempt_rdp ( rdpNego *  nego)
static

Attempt negotiating standard RDP security.

Parameters
nego
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_attempt_tls()

static void nego_attempt_tls ( rdpNego *  nego)
static

Attempt negotiating TLS security.

Parameters
nego
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_connect()

BOOL nego_connect ( rdpNego *  nego)

Negotiate protocol security and connect.

Parameters
nego
Returns

Advertise all supported encryption methods if the client implementation did not set any security methods

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_disconnect()

BOOL nego_disconnect ( rdpNego *  nego)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_enable_ext()

void nego_enable_ext ( rdpNego *  nego,
BOOL  enable_ext 
)

Enable NLA extended security protocol.

Parameters
negopointer to the negotiation structure
enable_extwhether to enable network level authentication extended protocol (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:

◆ nego_enable_nla()

void nego_enable_nla ( rdpNego *  nego,
BOOL  enable_nla 
)

Enable NLA security protocol.

Parameters
negopointer to the negotiation structure
enable_nlawhether to enable network level authentication protocol (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:

◆ nego_enable_rdp()

void nego_enable_rdp ( rdpNego *  nego,
BOOL  enable_rdp 
)

Enable RDP security protocol.

Parameters
negopointer to the negotiation structure
enable_rdpwhether to enable normal RDP protocol (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:

◆ nego_enable_tls()

void nego_enable_tls ( rdpNego *  nego,
BOOL  enable_tls 
)

Enable TLS security protocol.

Parameters
negopointer to the negotiation structure
enable_tlswhether to enable TLS + RDP protocol (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:

◆ nego_free()

void nego_free ( rdpNego *  nego)

Free NEGO state machine.

Parameters
nego
Here is the caller graph for this function:

◆ nego_free_nla()

void nego_free_nla ( rdpNego *  nego)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_get_identity()

SEC_WINNT_AUTH_IDENTITY* nego_get_identity ( rdpNego *  nego)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_get_requested_protocols()

UINT32 nego_get_requested_protocols ( rdpNego *  nego)
Here is the caller graph for this function:

◆ nego_get_routing_token()

const BYTE* nego_get_routing_token ( rdpNego *  nego,
DWORD *  RoutingTokenLength 
)
Here is the caller graph for this function:

◆ nego_get_selected_protocol()

UINT32 nego_get_selected_protocol ( rdpNego *  nego)
Here is the caller graph for this function:

◆ nego_get_state()

NEGO_STATE nego_get_state ( rdpNego *  nego)
Here is the caller graph for this function:

◆ nego_init()

void nego_init ( rdpNego *  nego)

Initialize NEGO state machine.

Parameters
nego
Here is the caller graph for this function:

◆ nego_new()

rdpNego* nego_new ( rdpTransport *  transport)

Create a new NEGO state machine instance.

Parameters
transport
Returns
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_process_negotiation_failure()

BOOL nego_process_negotiation_failure ( rdpNego *  nego,
wStream *  s 
)
static

Process Negotiation Failure from Connection Confirm message.

Parameters
nego
s
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_process_negotiation_request()

BOOL nego_process_negotiation_request ( rdpNego *  nego,
wStream *  s 
)
static

Process Negotiation Request from Connection Request message.

Parameters
nego
s
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_process_negotiation_response()

BOOL nego_process_negotiation_response ( rdpNego *  nego,
wStream *  s 
)
static

Process Negotiation Response from Connection Confirm message.

Parameters
nego
s
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_read_request()

BOOL nego_read_request ( rdpNego *  nego,
wStream *  s 
)

Read protocol security negotiation request message.

Parameters
nego
sstream
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_read_request_token_or_cookie()

static BOOL nego_read_request_token_or_cookie ( rdpNego *  nego,
wStream *  s 
)
static

Read optional routing token or cookie of X.224 Connection Request PDU. http://msdn.microsoft.com/en-us/library/cc240470/

Parameters
nego
sstream
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_recv()

int nego_recv ( rdpTransport *  transport,
wStream *  s,
void *  extra 
)

Receive protocol security negotiation message.
http://msdn.microsoft.com/en-us/library/cc240501/

Parameters
transporttransport
sstream
extranego pointer
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_recv_response()

BOOL nego_recv_response ( rdpNego *  nego)
static

Wait to receive a negotiation response

Parameters
nego
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_security_connect()

BOOL nego_security_connect ( rdpNego *  nego)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_send()

void nego_send ( rdpNego *  nego)
static

Send protocol security negotiation message.

Parameters
nego
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_send_negotiation_request()

BOOL nego_send_negotiation_request ( rdpNego *  nego)

Send RDP Negotiation Request (RDP_NEG_REQ).
http://msdn.microsoft.com/en-us/library/cc240500/
http://msdn.microsoft.com/en-us/library/cc240470/

Parameters
nego
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_send_negotiation_response()

BOOL nego_send_negotiation_response ( rdpNego *  nego)

Send RDP Negotiation Response (RDP_NEG_RSP).

Parameters
nego

If the server implementation did not explicitely set a encryption level we default to client compatible

Note: This hack was firstly introduced in commit 95f5e115 to disable the unnecessary encryption with peers connecting to 127.0.0.1 or local unix sockets. This also affects connections via port tunnels! (e.g. ssh -L)

Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_send_preconnection_pdu()

BOOL nego_send_preconnection_pdu ( rdpNego *  nego)
static

Send preconnection information if enabled.

Parameters
nego
Returns
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_set_cookie()

BOOL nego_set_cookie ( rdpNego *  nego,
char *  cookie 
)

Set cookie.

Parameters
nego
cookie
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_set_cookie_max_length()

void nego_set_cookie_max_length ( rdpNego *  nego,
UINT32  CookieMaxLength 
)

Set cookie maximum length

Parameters
nego
CookieMaxLength
Here is the caller graph for this function:

◆ nego_set_gateway_bypass_local()

void nego_set_gateway_bypass_local ( rdpNego *  nego,
BOOL  GatewayBypassLocal 
)
Here is the caller graph for this function:

◆ nego_set_gateway_enabled()

void nego_set_gateway_enabled ( rdpNego *  nego,
BOOL  GatewayEnabled 
)
Here is the caller graph for this function:

◆ nego_set_negotiation_enabled()

void nego_set_negotiation_enabled ( rdpNego *  nego,
BOOL  NegotiateSecurityLayer 
)

Enable security layer negotiation.

Parameters
negopointer to the negotiation structure
enable_rdpwhether to enable security layer negotiation (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:

◆ nego_set_preconnection_blob()

void nego_set_preconnection_blob ( rdpNego *  nego,
char *  PreconnectionBlob 
)

Set preconnection blob.

Parameters
nego
blob
Here is the caller graph for this function:

◆ nego_set_preconnection_id()

void nego_set_preconnection_id ( rdpNego *  nego,
UINT32  PreconnectionId 
)

Set preconnection id.

Parameters
nego
id
Here is the caller graph for this function:

◆ nego_set_requested_protocols()

BOOL nego_set_requested_protocols ( rdpNego *  nego,
UINT32  RequestedProtocols 
)
Here is the caller graph for this function:

◆ nego_set_restricted_admin_mode_required()

void nego_set_restricted_admin_mode_required ( rdpNego *  nego,
BOOL  RestrictedAdminModeRequired 
)

Enable restricted admin mode.

Parameters
negopointer to the negotiation structure
enable_restrictedwhether to enable security layer negotiation (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:

◆ nego_set_routing_token()

BOOL nego_set_routing_token ( rdpNego *  nego,
BYTE RoutingToken,
DWORD  RoutingTokenLength 
)

Set routing token.

Parameters
nego
RoutingToken
RoutingTokenLength
Here is the caller graph for this function:

◆ nego_set_selected_protocol()

BOOL nego_set_selected_protocol ( rdpNego *  nego,
UINT32  SelectedProtocol 
)
Here is the caller graph for this function:

◆ nego_set_send_preconnection_pdu()

void nego_set_send_preconnection_pdu ( rdpNego *  nego,
BOOL  SendPreconnectionPdu 
)

Enable / disable preconnection PDU.

Parameters
nego
send_pcpdu
Here is the caller graph for this function:

◆ nego_set_state()

BOOL nego_set_state ( rdpNego *  nego,
NEGO_STATE  state 
)
Here is the caller graph for this function:

◆ nego_set_target()

BOOL nego_set_target ( rdpNego *  nego,
const char *  hostname,
UINT16  port 
)

Set target hostname and port.

Parameters
nego
hostname
port
Here is the caller graph for this function:

◆ nego_state_string()

static const char* nego_state_string ( NEGO_STATE  state)
static
Here is the caller graph for this function:

◆ nego_tcp_connect()

static BOOL nego_tcp_connect ( rdpNego *  nego)
static

Connect TCP layer.

Parameters
nego
Returns
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_transport_connect()

BOOL nego_transport_connect ( rdpNego *  nego)
static

Connect TCP layer. For direct approach, connect security layer as well.

Parameters
nego
Returns
Here is the call graph for this function:
Here is the caller graph for this function:

◆ nego_transport_disconnect()

BOOL nego_transport_disconnect ( rdpNego *  nego)
static

Disconnect TCP layer.

Parameters
nego
Returns
Here is the call graph for this function:
Here is the caller graph for this function:

◆ protocol_security_string()

static const char* protocol_security_string ( UINT32  security)
static
Here is the caller graph for this function: