FreeRDP
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Modules Pages
info.c
1
22#include <freerdp/config.h>
23
24#include "settings.h"
25
26#include <winpr/crt.h>
27#include <winpr/assert.h>
28
29#include <freerdp/crypto/crypto.h>
30#include <freerdp/log.h>
31#include <freerdp/session.h>
32#include <stdio.h>
33
34#include "timezone.h"
35
36#include "info.h"
37
38#define TAG FREERDP_TAG("core.info")
39
40#define logonInfoV2Size (2 + 4 + 4 + 4 + 4)
41#define logonInfoV2ReservedSize 558
42#define logonInfoV2TotalSize (logonInfoV2Size + logonInfoV2ReservedSize)
43
44static const char* INFO_TYPE_LOGON_STRINGS[4] = { "Logon Info V1", "Logon Info V2",
45 "Logon Plain Notify", "Logon Extended Info" };
46
47/* This define limits the length of the strings in the label field. */
48#define MAX_LABEL_LENGTH 40
49struct info_flags_t
50{
51 UINT32 flag;
52 const char* label;
53};
54
55static const struct info_flags_t info_flags[] = {
56 { INFO_MOUSE, "INFO_MOUSE" },
57 { INFO_DISABLECTRLALTDEL, "INFO_DISABLECTRLALTDEL" },
58 { INFO_AUTOLOGON, "INFO_AUTOLOGON" },
59 { INFO_UNICODE, "INFO_UNICODE" },
60 { INFO_MAXIMIZESHELL, "INFO_MAXIMIZESHELL" },
61 { INFO_LOGONNOTIFY, "INFO_LOGONNOTIFY" },
62 { INFO_COMPRESSION, "INFO_COMPRESSION" },
63 { INFO_ENABLEWINDOWSKEY, "INFO_ENABLEWINDOWSKEY" },
64 { INFO_REMOTECONSOLEAUDIO, "INFO_REMOTECONSOLEAUDIO" },
65 { INFO_FORCE_ENCRYPTED_CS_PDU, "INFO_FORCE_ENCRYPTED_CS_PDU" },
66 { INFO_RAIL, "INFO_RAIL" },
67 { INFO_LOGONERRORS, "INFO_LOGONERRORS" },
68 { INFO_MOUSE_HAS_WHEEL, "INFO_MOUSE_HAS_WHEEL" },
69 { INFO_PASSWORD_IS_SC_PIN, "INFO_PASSWORD_IS_SC_PIN" },
70 { INFO_NOAUDIOPLAYBACK, "INFO_NOAUDIOPLAYBACK" },
71 { INFO_USING_SAVED_CREDS, "INFO_USING_SAVED_CREDS" },
72 { INFO_AUDIOCAPTURE, "INFO_AUDIOCAPTURE" },
73 { INFO_VIDEO_DISABLE, "INFO_VIDEO_DISABLE" },
74 { INFO_HIDEF_RAIL_SUPPORTED, "INFO_HIDEF_RAIL_SUPPORTED" },
75};
76
77static BOOL rdp_read_info_null_string(rdpSettings* settings, FreeRDP_Settings_Keys_String id,
78 const char* what, UINT32 flags, wStream* s, size_t cbLen,
79 size_t max)
80{
81 const BOOL unicode = (flags & INFO_UNICODE) ? TRUE : FALSE;
82
83 if (!freerdp_settings_set_string(settings, id, NULL))
84 return FALSE;
85
86 if (!Stream_CheckAndLogRequiredLength(TAG, s, (size_t)(cbLen)))
87 return FALSE;
88
89 if (cbLen > 0)
90 {
91 if ((cbLen > max) || (unicode && ((cbLen % 2) != 0)))
92 {
93 WLog_ERR(TAG, "protocol error: %s has invalid value: %" PRIuz "", what, cbLen);
94 return FALSE;
95 }
96
97 if (unicode)
98 {
99 const WCHAR* domain = Stream_PointerAs(s, WCHAR);
100 if (!freerdp_settings_set_string_from_utf16N(settings, id, domain,
101 cbLen / sizeof(WCHAR)))
102 {
103 WLog_ERR(TAG, "protocol error: no data to read for %s [expected %" PRIuz "]", what,
104 cbLen);
105 return FALSE;
106 }
107 }
108 else
109 {
110 const char* domain = Stream_ConstPointer(s);
111 if (!freerdp_settings_set_string_len(settings, id, domain, cbLen))
112 return FALSE;
113 }
114 }
115 Stream_Seek(s, cbLen);
116
117 return TRUE;
118}
119
120static char* rdp_info_package_flags_description(UINT32 flags)
121{
122 char* result = NULL;
123 size_t maximum_size = 1 + MAX_LABEL_LENGTH * ARRAYSIZE(info_flags);
124
125 result = calloc(maximum_size, sizeof(char));
126
127 if (!result)
128 return 0;
129
130 for (size_t i = 0; i < ARRAYSIZE(info_flags); i++)
131 {
132 const struct info_flags_t* cur = &info_flags[i];
133 if (cur->flag & flags)
134 {
135 winpr_str_append(cur->label, result, maximum_size, "|");
136 }
137 }
138
139 return result;
140}
141
142static BOOL rdp_compute_client_auto_reconnect_cookie(rdpRdp* rdp)
143{
144 BYTE ClientRandom[CLIENT_RANDOM_LENGTH] = { 0 };
145 BYTE AutoReconnectRandom[32] = { 0 };
146 ARC_SC_PRIVATE_PACKET* serverCookie = NULL;
147 ARC_CS_PRIVATE_PACKET* clientCookie = NULL;
148
149 WINPR_ASSERT(rdp);
150 rdpSettings* settings = rdp->settings;
151 WINPR_ASSERT(settings);
152
153 serverCookie = settings->ServerAutoReconnectCookie;
154 clientCookie = settings->ClientAutoReconnectCookie;
155 clientCookie->cbLen = 28;
156 clientCookie->version = serverCookie->version;
157 clientCookie->logonId = serverCookie->logonId;
158 ZeroMemory(clientCookie->securityVerifier, sizeof(clientCookie->securityVerifier));
159 CopyMemory(AutoReconnectRandom, serverCookie->arcRandomBits,
160 sizeof(serverCookie->arcRandomBits));
161
162 if (settings->SelectedProtocol == PROTOCOL_RDP)
163 CopyMemory(ClientRandom, settings->ClientRandom, settings->ClientRandomLength);
164
165 /* SecurityVerifier = HMAC_MD5(AutoReconnectRandom, ClientRandom) */
166
167 if (!winpr_HMAC(WINPR_MD_MD5, AutoReconnectRandom, 16, ClientRandom, sizeof(ClientRandom),
168 clientCookie->securityVerifier, sizeof(clientCookie->securityVerifier)))
169 return FALSE;
170
171 return TRUE;
172}
173
179static BOOL rdp_read_server_auto_reconnect_cookie(rdpRdp* rdp, wStream* s, logon_info_ex* info)
180{
181 BYTE* p = NULL;
182 ARC_SC_PRIVATE_PACKET* autoReconnectCookie = NULL;
183 rdpSettings* settings = rdp->settings;
184 autoReconnectCookie = settings->ServerAutoReconnectCookie;
185
186 if (!Stream_CheckAndLogRequiredLength(TAG, s, 28))
187 return FALSE;
188
189 Stream_Read_UINT32(s, autoReconnectCookie->cbLen); /* cbLen (4 bytes) */
190
191 if (autoReconnectCookie->cbLen != 28)
192 {
193 WLog_ERR(TAG, "ServerAutoReconnectCookie.cbLen != 28");
194 return FALSE;
195 }
196
197 Stream_Read_UINT32(s, autoReconnectCookie->version); /* Version (4 bytes) */
198 Stream_Read_UINT32(s, autoReconnectCookie->logonId); /* LogonId (4 bytes) */
199 Stream_Read(s, autoReconnectCookie->arcRandomBits, 16); /* ArcRandomBits (16 bytes) */
200 p = autoReconnectCookie->arcRandomBits;
201 WLog_DBG(TAG,
202 "ServerAutoReconnectCookie: Version: %" PRIu32 " LogonId: %" PRIu32
203 " SecurityVerifier: "
204 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8
205 "%02" PRIX8 ""
206 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8
207 "%02" PRIX8 "",
208 autoReconnectCookie->version, autoReconnectCookie->logonId, p[0], p[1], p[2], p[3],
209 p[4], p[5], p[6], p[7], p[8], p[9], p[10], p[11], p[12], p[13], p[14], p[15]);
210 info->LogonId = autoReconnectCookie->logonId;
211 CopyMemory(info->ArcRandomBits, p, 16);
212
213 if ((settings->PrintReconnectCookie))
214 {
215 char* base64 = NULL;
216 base64 = crypto_base64_encode((BYTE*)autoReconnectCookie, sizeof(ARC_SC_PRIVATE_PACKET));
217 WLog_INFO(TAG, "Reconnect-cookie: %s", base64);
218 free(base64);
219 }
220
221 return TRUE;
222}
223
229static BOOL rdp_read_client_auto_reconnect_cookie(rdpRdp* rdp, wStream* s)
230{
231 ARC_CS_PRIVATE_PACKET* autoReconnectCookie = NULL;
232 rdpSettings* settings = rdp->settings;
233 autoReconnectCookie = settings->ClientAutoReconnectCookie;
234
235 if (!Stream_CheckAndLogRequiredLength(TAG, s, 28))
236 return FALSE;
237
238 Stream_Read_UINT32(s, autoReconnectCookie->cbLen); /* cbLen (4 bytes) */
239 Stream_Read_UINT32(s, autoReconnectCookie->version); /* version (4 bytes) */
240 Stream_Read_UINT32(s, autoReconnectCookie->logonId); /* LogonId (4 bytes) */
241 Stream_Read(s, autoReconnectCookie->securityVerifier, 16); /* SecurityVerifier */
242 return TRUE;
243}
244
250static BOOL rdp_write_client_auto_reconnect_cookie(rdpRdp* rdp, wStream* s)
251{
252 BYTE* p = NULL;
253 ARC_CS_PRIVATE_PACKET* autoReconnectCookie = NULL;
254 rdpSettings* settings = NULL;
255
256 WINPR_ASSERT(rdp);
257
258 settings = rdp->settings;
259 WINPR_ASSERT(settings);
260
261 autoReconnectCookie = settings->ClientAutoReconnectCookie;
262 WINPR_ASSERT(autoReconnectCookie);
263
264 p = autoReconnectCookie->securityVerifier;
265 WINPR_ASSERT(p);
266
267 WLog_DBG(TAG,
268 "ClientAutoReconnectCookie: Version: %" PRIu32 " LogonId: %" PRIu32 " ArcRandomBits: "
269 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8
270 "%02" PRIX8 ""
271 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8 "%02" PRIX8
272 "%02" PRIX8 "",
273 autoReconnectCookie->version, autoReconnectCookie->logonId, p[0], p[1], p[2], p[3],
274 p[4], p[5], p[6], p[7], p[8], p[9], p[10], p[11], p[12], p[13], p[14], p[15]);
275 if (!Stream_EnsureRemainingCapacity(s, 12ull + 16ull))
276 return FALSE;
277 Stream_Write_UINT32(s, autoReconnectCookie->cbLen); /* cbLen (4 bytes) */
278 Stream_Write_UINT32(s, autoReconnectCookie->version); /* version (4 bytes) */
279 Stream_Write_UINT32(s, autoReconnectCookie->logonId); /* LogonId (4 bytes) */
280 Stream_Write(s, autoReconnectCookie->securityVerifier, 16); /* SecurityVerifier (16 bytes) */
281 return TRUE;
282}
283
284/*
285 * Get the cbClientAddress size limit
286 * see [MS-RDPBCGR] 2.2.1.11.1.1.1 Extended Info Packet (TS_EXTENDED_INFO_PACKET)
287 */
288
289static size_t rdp_get_client_address_max_size(const rdpRdp* rdp)
290{
291 UINT32 version = 0;
292 rdpSettings* settings = NULL;
293
294 WINPR_ASSERT(rdp);
295
296 settings = rdp->settings;
297 WINPR_ASSERT(settings);
298
299 version = freerdp_settings_get_uint32(settings, FreeRDP_RdpVersion);
300 if (version < RDP_VERSION_10_0)
301 return 64;
302 return 80;
303}
304
310static BOOL rdp_read_extended_info_packet(rdpRdp* rdp, wStream* s)
311{
312 UINT16 clientAddressFamily = 0;
313 UINT16 cbClientAddress = 0;
314 UINT16 cbClientDir = 0;
315 UINT16 cbAutoReconnectLen = 0;
316
317 WINPR_ASSERT(rdp);
318
319 rdpSettings* settings = rdp->settings;
320 WINPR_ASSERT(settings);
321
322 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
323 return FALSE;
324
325 Stream_Read_UINT16(s, clientAddressFamily); /* clientAddressFamily (2 bytes) */
326 Stream_Read_UINT16(s, cbClientAddress); /* cbClientAddress (2 bytes) */
327
328 settings->IPv6Enabled = (clientAddressFamily == ADDRESS_FAMILY_INET6 ? TRUE : FALSE);
329
330 if (!rdp_read_info_null_string(settings, FreeRDP_ClientAddress, "cbClientAddress", INFO_UNICODE,
331 s, cbClientAddress, rdp_get_client_address_max_size(rdp)))
332 return FALSE;
333
334 if (!Stream_CheckAndLogRequiredLength(TAG, s, 2))
335 return FALSE;
336
337 Stream_Read_UINT16(s, cbClientDir); /* cbClientDir (2 bytes) */
338
339 /* cbClientDir is the size in bytes of the character data in the clientDir field.
340 * This size includes the length of the mandatory null terminator.
341 * The maximum allowed value is 512 bytes.
342 * Note: Although according to [MS-RDPBCGR 2.2.1.11.1.1.1] the null terminator
343 * is mandatory the Microsoft Android client (starting with version 8.1.31.44)
344 * sets cbClientDir to 0.
345 */
346
347 if (!rdp_read_info_null_string(settings, FreeRDP_ClientDir, "cbClientDir", INFO_UNICODE, s,
348 cbClientDir, 512))
349 return FALSE;
350
356 /* optional: clientTimeZone (172 bytes) */
357 if (Stream_GetRemainingLength(s) == 0)
358 goto end;
359
360 if (!rdp_read_client_time_zone(s, settings))
361 return FALSE;
362
363 /* optional: clientSessionId (4 bytes), should be set to 0 */
364 if (Stream_GetRemainingLength(s) == 0)
365 goto end;
366 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
367 return FALSE;
368
369 Stream_Read_UINT32(s, settings->ClientSessionId);
370
371 /* optional: performanceFlags (4 bytes) */
372 if (Stream_GetRemainingLength(s) == 0)
373 goto end;
374
375 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
376 return FALSE;
377
378 Stream_Read_UINT32(s, settings->PerformanceFlags);
379 freerdp_performance_flags_split(settings);
380
381 /* optional: cbAutoReconnectLen (2 bytes) */
382 if (Stream_GetRemainingLength(s) == 0)
383 goto end;
384
385 if (!Stream_CheckAndLogRequiredLength(TAG, s, 2))
386 return FALSE;
387
388 Stream_Read_UINT16(s, cbAutoReconnectLen);
389
390 /* optional: autoReconnectCookie (28 bytes) */
391 /* must be present if cbAutoReconnectLen is > 0 */
392 if (cbAutoReconnectLen > 0)
393 {
394 if (!rdp_read_client_auto_reconnect_cookie(rdp, s))
395 return FALSE;
396 }
397
398 /* skip reserved1 and reserved2 fields */
399 if (Stream_GetRemainingLength(s) == 0)
400 goto end;
401
402 if (!Stream_SafeSeek(s, 2))
403 return FALSE;
404
405 if (Stream_GetRemainingLength(s) == 0)
406 goto end;
407
408 if (!Stream_SafeSeek(s, 2))
409 return FALSE;
410
411 if (Stream_GetRemainingLength(s) == 0)
412 goto end;
413
414 if (!Stream_CheckAndLogRequiredLength(TAG, s, 2))
415 return FALSE;
416
417 if (freerdp_settings_get_bool(settings, FreeRDP_SupportDynamicTimeZone))
418 {
419 UINT16 cbDynamicDSTTimeZoneKeyName = 0;
420
421 Stream_Read_UINT16(s, cbDynamicDSTTimeZoneKeyName);
422
423 if (!rdp_read_info_null_string(settings, FreeRDP_DynamicDSTTimeZoneKeyName,
424 "cbDynamicDSTTimeZoneKeyName", INFO_UNICODE, s,
425 cbDynamicDSTTimeZoneKeyName, 254))
426 return FALSE;
427
428 if (Stream_GetRemainingLength(s) == 0)
429 goto end;
430
431 if (!Stream_CheckAndLogRequiredLength(TAG, s, 2))
432 return FALSE;
433 UINT16 DynamicDaylightTimeDisabled = 0;
434 Stream_Read_UINT16(s, DynamicDaylightTimeDisabled);
435 if (DynamicDaylightTimeDisabled > 1)
436 {
437 WLog_WARN(TAG,
438 "[MS-RDPBCGR] 2.2.1.11.1.1.1 Extended Info Packet "
439 "(TS_EXTENDED_INFO_PACKET)::dynamicDaylightTimeDisabled value %" PRIu16
440 " not allowed in [0,1]",
441 settings->DynamicDaylightTimeDisabled);
442 return FALSE;
443 }
444 if (!freerdp_settings_set_bool(settings, FreeRDP_DynamicDaylightTimeDisabled,
445 DynamicDaylightTimeDisabled != 0))
446 return FALSE;
447 DEBUG_TIMEZONE("DynamicTimeZone=%s [%s]",
448 freerdp_settings_get_string(settings, FreeRDP_DynamicDSTTimeZoneKeyName),
449 freerdp_settings_get_bool(settings, FreeRDP_DynamicDaylightTimeDisabled)
450 ? "no-DST"
451 : "DST");
452 }
453
454end:
455 return TRUE;
456}
457
463static BOOL rdp_write_extended_info_packet(rdpRdp* rdp, wStream* s)
464{
465 BOOL ret = FALSE;
466 size_t cbClientAddress = 0;
467 const size_t cbClientAddressMax = rdp_get_client_address_max_size(rdp);
468 WCHAR* clientDir = NULL;
469 size_t cbClientDir = 0;
470 const size_t cbClientDirMax = 512;
471 UINT16 cbAutoReconnectCookie = 0;
472
473 WINPR_ASSERT(rdp);
474
475 rdpSettings* settings = rdp->settings;
476 WINPR_ASSERT(settings);
477
478 UINT16 clientAddressFamily = ADDRESS_FAMILY_INET;
479 if (settings->ConnectChildSession)
480 clientAddressFamily = 0x0000;
481 else if (settings->IPv6Enabled)
482 clientAddressFamily = ADDRESS_FAMILY_INET6;
483
484 WCHAR* clientAddress = ConvertUtf8ToWCharAlloc(settings->ClientAddress, &cbClientAddress);
485
486 if (cbClientAddress > (UINT16_MAX / sizeof(WCHAR)))
487 {
488 WLog_ERR(TAG, "cbClientAddress > UINT16_MAX");
489 goto fail;
490 }
491
492 if (cbClientAddress > 0)
493 {
494 cbClientAddress = (UINT16)(cbClientAddress + 1) * sizeof(WCHAR);
495 if (cbClientAddress > cbClientAddressMax)
496 {
497 WLog_WARN(TAG,
498 "the client address %s [%" PRIuz "] exceeds the limit of %" PRIuz
499 ", truncating.",
500 settings->ClientAddress, cbClientAddress, cbClientAddressMax);
501
502 clientAddress[(cbClientAddressMax / sizeof(WCHAR)) - 1] = '\0';
503 cbClientAddress = cbClientAddressMax;
504 }
505 }
506
507 clientDir = ConvertUtf8ToWCharAlloc(settings->ClientDir, &cbClientDir);
508 if (cbClientDir > (UINT16_MAX / sizeof(WCHAR)))
509 {
510 WLog_ERR(TAG, "cbClientDir > UINT16_MAX");
511 goto fail;
512 }
513
514 if (cbClientDir > 0)
515 {
516 cbClientDir = (UINT16)(cbClientDir + 1) * sizeof(WCHAR);
517 if (cbClientDir > cbClientDirMax)
518 {
519 WLog_WARN(TAG,
520 "the client dir %s [%" PRIuz "] exceeds the limit of %" PRIuz ", truncating.",
521 settings->ClientDir, cbClientDir, cbClientDirMax);
522
523 clientDir[(cbClientDirMax / sizeof(WCHAR)) - 1] = '\0';
524 cbClientDir = cbClientDirMax;
525 }
526 }
527
528 if (settings->ServerAutoReconnectCookie->cbLen > UINT16_MAX)
529 {
530 WLog_ERR(TAG, "ServerAutoreconnectCookie::cbLen > UINT16_MAX");
531 goto fail;
532 }
533
534 cbAutoReconnectCookie = (UINT16)settings->ServerAutoReconnectCookie->cbLen;
535
536 if (!Stream_EnsureRemainingCapacity(s, 4ull + cbClientAddress + 2ull + cbClientDir))
537 goto fail;
538
539 Stream_Write_UINT16(s, clientAddressFamily); /* clientAddressFamily (2 bytes) */
540 Stream_Write_UINT16(s, (UINT16)cbClientAddress); /* cbClientAddress (2 bytes) */
541
542 Stream_Write(s, clientAddress, cbClientAddress); /* clientAddress */
543
544 Stream_Write_UINT16(s, (UINT16)cbClientDir); /* cbClientDir (2 bytes) */
545
546 Stream_Write(s, clientDir, cbClientDir); /* clientDir */
547
548 if (!rdp_write_client_time_zone(s, settings)) /* clientTimeZone (172 bytes) */
549 goto fail;
550
551 if (!Stream_EnsureRemainingCapacity(s, 10ull))
552 goto fail;
553
554 /* clientSessionId (4 bytes), should be set to 0 */
555 Stream_Write_UINT32(s, settings->ClientSessionId);
556 freerdp_performance_flags_make(settings);
557 Stream_Write_UINT32(s, settings->PerformanceFlags); /* performanceFlags (4 bytes) */
558 Stream_Write_UINT16(s, cbAutoReconnectCookie); /* cbAutoReconnectCookie (2 bytes) */
559
560 if (cbAutoReconnectCookie > 0)
561 {
562 if (!rdp_compute_client_auto_reconnect_cookie(rdp))
563 goto fail;
564 if (!rdp_write_client_auto_reconnect_cookie(rdp, s)) /* autoReconnectCookie */
565 goto fail;
566 }
567
568 if (freerdp_settings_get_bool(settings, FreeRDP_SupportDynamicTimeZone))
569 {
570 if (!Stream_EnsureRemainingCapacity(s, 8 + 254 * sizeof(WCHAR)))
571 goto fail;
572
573 Stream_Write_UINT16(s, 0); /* reserved1 (2 bytes) */
574 Stream_Write_UINT16(s, 0); /* reserved2 (2 bytes) */
575
576 size_t rlen = 0;
577 const char* tz = freerdp_settings_get_string(settings, FreeRDP_DynamicDSTTimeZoneKeyName);
578 if (tz)
579 rlen = strnlen(tz, 254);
580 Stream_Write_UINT16(s, (UINT16)rlen * sizeof(WCHAR));
581 if (Stream_Write_UTF16_String_From_UTF8(s, rlen, tz, rlen, FALSE) < 0)
582 goto fail;
583 Stream_Write_UINT16(s, settings->DynamicDaylightTimeDisabled ? 0x01 : 0x00);
584 }
585
586 ret = TRUE;
587fail:
588 free(clientAddress);
589 free(clientDir);
590 return ret;
591}
592
593static BOOL rdp_read_info_string(rdpSettings* settings, FreeRDP_Settings_Keys_String id,
594 UINT32 flags, wStream* s, size_t cbLenNonNull, size_t max)
595{
596 union
597 {
598 char c;
599 WCHAR w;
600 BYTE b[2];
601 } terminator;
602
603 const BOOL unicode = (flags & INFO_UNICODE) ? TRUE : FALSE;
604 const size_t nullSize = unicode ? sizeof(WCHAR) : sizeof(CHAR);
605
606 if (!freerdp_settings_set_string(settings, id, NULL))
607 return FALSE;
608
609 if (!Stream_CheckAndLogRequiredLength(TAG, s, (size_t)(cbLenNonNull + nullSize)))
610 return FALSE;
611
612 if (cbLenNonNull > 0)
613 {
614 /* cbDomain is the size in bytes of the character data in the Domain field.
615 * This size excludes (!) the length of the mandatory null terminator.
616 * Maximum value including the mandatory null terminator: 512
617 */
618 if ((cbLenNonNull % 2) || (cbLenNonNull > (max - nullSize)))
619 {
620 WLog_ERR(TAG, "protocol error: invalid value: %" PRIuz "", cbLenNonNull);
621 return FALSE;
622 }
623
624 if (unicode)
625 {
626 const WCHAR* domain = Stream_PointerAs(s, WCHAR);
627 if (!freerdp_settings_set_string_from_utf16N(settings, id, domain,
628 cbLenNonNull / sizeof(WCHAR)))
629 return FALSE;
630 }
631 else
632 {
633 const char* domain = Stream_PointerAs(s, char);
634 if (!freerdp_settings_set_string_len(settings, id, domain, cbLenNonNull))
635 return FALSE;
636 }
637 }
638
639 Stream_Seek(s, cbLenNonNull);
640
641 terminator.w = L'\0';
642 Stream_Read(s, terminator.b, nullSize);
643
644 if (terminator.w != L'\0')
645 {
646 WLog_ERR(TAG, "protocol error: Domain must be null terminated");
647 (void)freerdp_settings_set_string(settings, id, NULL);
648 return FALSE;
649 }
650
651 return TRUE;
652}
653
659static BOOL rdp_read_info_packet(rdpRdp* rdp, wStream* s, UINT16 tpktlength)
660{
661 BOOL smallsize = FALSE;
662 UINT32 flags = 0;
663 UINT16 cbDomain = 0;
664 UINT16 cbUserName = 0;
665 UINT16 cbPassword = 0;
666 UINT16 cbAlternateShell = 0;
667 UINT16 cbWorkingDir = 0;
668 UINT32 CompressionLevel = 0;
669 rdpSettings* settings = rdp->settings;
670
671 if (!Stream_CheckAndLogRequiredLengthWLog(rdp->log, s, 18))
672 return FALSE;
673
674 Stream_Read_UINT32(s, settings->KeyboardCodePage); /* CodePage (4 bytes ) */
675 Stream_Read_UINT32(s, flags); /* flags (4 bytes) */
676 settings->AudioCapture = ((flags & INFO_AUDIOCAPTURE) ? TRUE : FALSE);
677 settings->AudioPlayback = ((flags & INFO_NOAUDIOPLAYBACK) ? FALSE : TRUE);
678 settings->AutoLogonEnabled = ((flags & INFO_AUTOLOGON) ? TRUE : FALSE);
679 settings->RemoteApplicationMode = ((flags & INFO_RAIL) ? TRUE : FALSE);
680 settings->HiDefRemoteApp = ((flags & INFO_HIDEF_RAIL_SUPPORTED) ? TRUE : FALSE);
681 settings->RemoteConsoleAudio = ((flags & INFO_REMOTECONSOLEAUDIO) ? TRUE : FALSE);
682 settings->CompressionEnabled = ((flags & INFO_COMPRESSION) ? TRUE : FALSE);
683 settings->LogonNotify = ((flags & INFO_LOGONNOTIFY) ? TRUE : FALSE);
684 settings->MouseHasWheel = ((flags & INFO_MOUSE_HAS_WHEEL) ? TRUE : FALSE);
685 settings->DisableCtrlAltDel = ((flags & INFO_DISABLECTRLALTDEL) ? TRUE : FALSE);
686 settings->ForceEncryptedCsPdu = ((flags & INFO_FORCE_ENCRYPTED_CS_PDU) ? TRUE : FALSE);
687 settings->PasswordIsSmartcardPin = ((flags & INFO_PASSWORD_IS_SC_PIN) ? TRUE : FALSE);
688
689 if (flags & INFO_COMPRESSION)
690 {
691 CompressionLevel = ((flags & 0x00001E00) >> 9);
692 settings->CompressionLevel = CompressionLevel;
693 }
694 else
695 {
696 settings->CompressionLevel = 0;
697 }
698
699 /* RDP 4 and 5 have smaller credential limits */
700 if (settings->RdpVersion < RDP_VERSION_5_PLUS)
701 smallsize = TRUE;
702
703 Stream_Read_UINT16(s, cbDomain); /* cbDomain (2 bytes) */
704 Stream_Read_UINT16(s, cbUserName); /* cbUserName (2 bytes) */
705 Stream_Read_UINT16(s, cbPassword); /* cbPassword (2 bytes) */
706 Stream_Read_UINT16(s, cbAlternateShell); /* cbAlternateShell (2 bytes) */
707 Stream_Read_UINT16(s, cbWorkingDir); /* cbWorkingDir (2 bytes) */
708
709 if (!rdp_read_info_string(settings, FreeRDP_Domain, flags, s, cbDomain, smallsize ? 52 : 512))
710 return FALSE;
711
712 if (!rdp_read_info_string(settings, FreeRDP_Username, flags, s, cbUserName,
713 smallsize ? 44 : 512))
714 return FALSE;
715
716 if (!rdp_read_info_string(settings, FreeRDP_Password, flags, s, cbPassword,
717 smallsize ? 32 : 512))
718 return FALSE;
719
720 if (!rdp_read_info_string(settings, FreeRDP_AlternateShell, flags, s, cbAlternateShell, 512))
721 return FALSE;
722
723 if (!rdp_read_info_string(settings, FreeRDP_ShellWorkingDirectory, flags, s, cbWorkingDir, 512))
724 return FALSE;
725
726 if (settings->RdpVersion >= RDP_VERSION_5_PLUS)
727 {
728 if (!rdp_read_extended_info_packet(rdp, s)) /* extraInfo */
729 return FALSE;
730 }
731
732 const size_t xrem = Stream_GetRemainingLength(s);
733 if (!tpkt_ensure_stream_consumed(rdp->log, s, tpktlength))
734 Stream_Seek(s, xrem);
735 return TRUE;
736}
737
743static BOOL rdp_write_info_packet(rdpRdp* rdp, wStream* s)
744{
745 BOOL ret = FALSE;
746 UINT32 flags = 0;
747 WCHAR* domainW = NULL;
748 size_t cbDomain = 0;
749 WCHAR* userNameW = NULL;
750 size_t cbUserName = 0;
751 WCHAR* passwordW = NULL;
752 size_t cbPassword = 0;
753 WCHAR* alternateShellW = NULL;
754 size_t cbAlternateShell = 0;
755 WCHAR* workingDirW = NULL;
756 size_t cbWorkingDir = 0;
757 BOOL usedPasswordCookie = FALSE;
758 rdpSettings* settings = NULL;
759
760 WINPR_ASSERT(rdp);
761 settings = rdp->settings;
762 WINPR_ASSERT(settings);
763
764 flags = INFO_MOUSE | INFO_UNICODE | INFO_LOGONERRORS | INFO_MAXIMIZESHELL |
765 INFO_ENABLEWINDOWSKEY | INFO_DISABLECTRLALTDEL | INFO_MOUSE_HAS_WHEEL |
766 INFO_FORCE_ENCRYPTED_CS_PDU;
767
768 if (settings->SmartcardLogon)
769 {
770 flags |= INFO_AUTOLOGON;
771 flags |= INFO_PASSWORD_IS_SC_PIN;
772 }
773
774 if (settings->AudioCapture)
775 flags |= INFO_AUDIOCAPTURE;
776
777 if (!settings->AudioPlayback)
778 flags |= INFO_NOAUDIOPLAYBACK;
779
780 if (settings->VideoDisable)
781 flags |= INFO_VIDEO_DISABLE;
782
783 if (settings->AutoLogonEnabled)
784 flags |= INFO_AUTOLOGON;
785
786 if (settings->RemoteApplicationMode)
787 {
788 if (settings->HiDefRemoteApp)
789 {
790 if (settings->RdpVersion >= RDP_VERSION_10_0)
791 flags |= INFO_HIDEF_RAIL_SUPPORTED;
792 }
793
794 flags |= INFO_RAIL;
795 }
796
797 if (settings->RemoteConsoleAudio)
798 flags |= INFO_REMOTECONSOLEAUDIO;
799
800 if (settings->CompressionEnabled)
801 {
802 flags |= INFO_COMPRESSION;
803 flags |= ((settings->CompressionLevel << 9) & 0x00001E00);
804 }
805
806 if (settings->LogonNotify)
807 flags |= INFO_LOGONNOTIFY;
808
809 if (settings->PasswordIsSmartcardPin)
810 flags |= INFO_PASSWORD_IS_SC_PIN;
811
812 {
813 char* flags_description = rdp_info_package_flags_description(flags);
814
815 if (flags_description)
816 {
817 WLog_DBG(TAG, "Client Info Packet Flags = %s", flags_description);
818 free(flags_description);
819 }
820 }
821
822 domainW = freerdp_settings_get_string_as_utf16(settings, FreeRDP_Domain, &cbDomain);
823 if (cbDomain > UINT16_MAX / sizeof(WCHAR))
824 {
825 WLog_ERR(TAG, "cbDomain > UINT16_MAX");
826 goto fail;
827 }
828 cbDomain *= sizeof(WCHAR);
829
830 /* user name provided by the expert for connecting to the novice computer */
831 userNameW = freerdp_settings_get_string_as_utf16(settings, FreeRDP_Username, &cbUserName);
832 if (cbUserName > UINT16_MAX / sizeof(WCHAR))
833 {
834 WLog_ERR(TAG, "cbUserName > UINT16_MAX");
835 goto fail;
836 }
837 cbUserName *= sizeof(WCHAR);
838
839 const char* pin = "*";
840 if (!settings->RemoteAssistanceMode)
841 {
842 /* Ignore redirection password if we´re using smartcard and have the pin as password */
843 if (((flags & INFO_PASSWORD_IS_SC_PIN) == 0) && settings->RedirectionPassword &&
844 (settings->RedirectionPasswordLength > 0))
845 {
846 union
847 {
848 BYTE* bp;
849 WCHAR* wp;
850 } ptrconv;
851
852 if (settings->RedirectionPasswordLength > UINT16_MAX)
853 {
854 WLog_ERR(TAG, "RedirectionPasswordLength > UINT16_MAX");
855 goto fail;
856 }
857 usedPasswordCookie = TRUE;
858
859 ptrconv.bp = settings->RedirectionPassword;
860 passwordW = ptrconv.wp;
861 cbPassword = (UINT16)settings->RedirectionPasswordLength;
862 }
863 else
864 pin = freerdp_settings_get_string(settings, FreeRDP_Password);
865 }
866
867 if (!usedPasswordCookie && pin)
868 {
869 passwordW = ConvertUtf8ToWCharAlloc(pin, &cbPassword);
870 if (cbPassword > UINT16_MAX / sizeof(WCHAR))
871 {
872 WLog_ERR(TAG, "cbPassword > UINT16_MAX");
873 goto fail;
874 }
875 cbPassword = (UINT16)cbPassword * sizeof(WCHAR);
876 }
877
878 const char* altShell = NULL;
879 if (!settings->RemoteAssistanceMode)
880 altShell = freerdp_settings_get_string(settings, FreeRDP_AlternateShell);
881 else if (settings->RemoteAssistancePassStub)
882 altShell = "*"; /* This field MUST be filled with "*" */
883 else
884 altShell = freerdp_settings_get_string(settings, FreeRDP_RemoteAssistancePassword);
885
886 if (altShell && strlen(altShell) > 0)
887 {
888 alternateShellW = ConvertUtf8ToWCharAlloc(altShell, &cbAlternateShell);
889 if (!alternateShellW)
890 {
891 WLog_ERR(TAG, "alternateShellW == NULL");
892 goto fail;
893 }
894 if (cbAlternateShell > (UINT16_MAX / sizeof(WCHAR)))
895 {
896 WLog_ERR(TAG, "cbAlternateShell > UINT16_MAX");
897 goto fail;
898 }
899 cbAlternateShell = (UINT16)cbAlternateShell * sizeof(WCHAR);
900 }
901
902 FreeRDP_Settings_Keys_String inputId = FreeRDP_RemoteAssistanceSessionId;
903 if (!freerdp_settings_get_bool(settings, FreeRDP_RemoteAssistanceMode))
904 inputId = FreeRDP_ShellWorkingDirectory;
905
906 workingDirW = freerdp_settings_get_string_as_utf16(settings, inputId, &cbWorkingDir);
907 if (cbWorkingDir > (UINT16_MAX / sizeof(WCHAR)))
908 {
909 WLog_ERR(TAG, "cbWorkingDir > UINT16_MAX");
910 goto fail;
911 }
912 cbWorkingDir = (UINT16)cbWorkingDir * sizeof(WCHAR);
913
914 if (!Stream_EnsureRemainingCapacity(s, 18ull + cbDomain + cbUserName + cbPassword +
915 cbAlternateShell + cbWorkingDir + 5 * sizeof(WCHAR)))
916 goto fail;
917
918 Stream_Write_UINT32(s, settings->KeyboardCodePage); /* CodePage (4 bytes) */
919 Stream_Write_UINT32(s, flags); /* flags (4 bytes) */
920 Stream_Write_UINT16(s, (UINT16)cbDomain); /* cbDomain (2 bytes) */
921 Stream_Write_UINT16(s, (UINT16)cbUserName); /* cbUserName (2 bytes) */
922 Stream_Write_UINT16(s, (UINT16)cbPassword); /* cbPassword (2 bytes) */
923 Stream_Write_UINT16(s, (UINT16)cbAlternateShell); /* cbAlternateShell (2 bytes) */
924 Stream_Write_UINT16(s, (UINT16)cbWorkingDir); /* cbWorkingDir (2 bytes) */
925
926 Stream_Write(s, domainW, cbDomain);
927
928 /* the mandatory null terminator */
929 Stream_Write_UINT16(s, 0);
930
931 Stream_Write(s, userNameW, cbUserName);
932
933 /* the mandatory null terminator */
934 Stream_Write_UINT16(s, 0);
935
936 Stream_Write(s, passwordW, cbPassword);
937
938 /* the mandatory null terminator */
939 Stream_Write_UINT16(s, 0);
940
941 Stream_Write(s, alternateShellW, cbAlternateShell);
942
943 /* the mandatory null terminator */
944 Stream_Write_UINT16(s, 0);
945
946 Stream_Write(s, workingDirW, cbWorkingDir);
947
948 /* the mandatory null terminator */
949 Stream_Write_UINT16(s, 0);
950 ret = TRUE;
951fail:
952 free(domainW);
953 free(userNameW);
954 free(alternateShellW);
955 free(workingDirW);
956
957 if (!usedPasswordCookie)
958 free(passwordW);
959
960 if (!ret)
961 return FALSE;
962
963 if (settings->RdpVersion >= RDP_VERSION_5_PLUS)
964 ret = rdp_write_extended_info_packet(rdp, s); /* extraInfo */
965
966 return ret;
967}
968
976BOOL rdp_recv_client_info(rdpRdp* rdp, wStream* s)
977{
978 UINT16 length = 0;
979 UINT16 channelId = 0;
980 UINT16 securityFlags = 0;
981
982 WINPR_ASSERT(rdp_get_state(rdp) == CONNECTION_STATE_SECURE_SETTINGS_EXCHANGE);
983
984 if (!rdp_read_header(rdp, s, &length, &channelId))
985 return FALSE;
986
987 if (!rdp_read_security_header(rdp, s, &securityFlags, &length))
988 return FALSE;
989
990 if ((securityFlags & SEC_INFO_PKT) == 0)
991 return FALSE;
992
993 if (rdp->settings->UseRdpSecurityLayer)
994 {
995 if (securityFlags & SEC_REDIRECTION_PKT)
996 {
997 WLog_ERR(TAG, "Error: SEC_REDIRECTION_PKT unsupported");
998 return FALSE;
999 }
1000
1001 if (securityFlags & SEC_ENCRYPT)
1002 {
1003 if (!rdp_decrypt(rdp, s, &length, securityFlags))
1004 return FALSE;
1005 }
1006 }
1007
1008 return rdp_read_info_packet(rdp, s, length);
1009}
1010
1017BOOL rdp_send_client_info(rdpRdp* rdp)
1018{
1019 UINT16 sec_flags = SEC_INFO_PKT;
1020 wStream* s = NULL;
1021 WINPR_ASSERT(rdp);
1022 s = rdp_send_stream_init(rdp, &sec_flags);
1023
1024 if (!s)
1025 {
1026 WLog_ERR(TAG, "Stream_New failed!");
1027 return FALSE;
1028 }
1029
1030 if (!rdp_write_info_packet(rdp, s))
1031 {
1032 Stream_Release(s);
1033 return FALSE;
1034 }
1035 return rdp_send(rdp, s, MCS_GLOBAL_CHANNEL_ID, sec_flags);
1036}
1037
1038static void rdp_free_logon_info(logon_info* info)
1039{
1040 if (!info)
1041 return;
1042 free(info->domain);
1043 free(info->username);
1044
1045 const logon_info empty = { 0 };
1046 *info = empty;
1047}
1048
1049static BOOL rdp_info_read_string(const char* what, wStream* s, size_t size, size_t max,
1050 BOOL skipMax, char** dst)
1051{
1052 WINPR_ASSERT(dst);
1053 *dst = NULL;
1054
1055 if (size == 0)
1056 {
1057 if (skipMax)
1058 return Stream_SafeSeek(s, max);
1059 return TRUE;
1060 }
1061
1062 if (((size % sizeof(WCHAR)) != 0) || (size > max))
1063 {
1064 WLog_ERR(TAG, "protocol error: invalid %s value: %" PRIu32 "", what, size);
1065 return FALSE;
1066 }
1067
1068 const WCHAR* str = Stream_ConstPointer(s);
1069 if (!Stream_SafeSeek(s, skipMax ? max : size))
1070 return FALSE;
1071
1072 if (str[size / sizeof(WCHAR) - 1])
1073 {
1074 WLog_ERR(TAG, "protocol error: %s must be null terminated", what);
1075 return FALSE;
1076 }
1077
1078 size_t len = 0;
1079 char* rc = ConvertWCharNToUtf8Alloc(str, size / sizeof(WCHAR), &len);
1080 if (!rc)
1081 {
1082 WLog_ERR(TAG, "failed to convert the %s string", what);
1083 free(rc);
1084 return FALSE;
1085 }
1086
1087 *dst = rc;
1088 return TRUE;
1089}
1090
1091static BOOL rdp_recv_logon_info_v1(rdpRdp* rdp, wStream* s, logon_info* info)
1092{
1093 UINT32 cbDomain = 0;
1094 UINT32 cbUserName = 0;
1095
1096 WINPR_UNUSED(rdp);
1097 WINPR_ASSERT(info);
1098
1099 if (!Stream_CheckAndLogRequiredLength(TAG, s, 576))
1100 return FALSE;
1101
1102 Stream_Read_UINT32(s, cbDomain); /* cbDomain (4 bytes) */
1103
1104 /* cbDomain is the size of the Unicode character data (including the mandatory
1105 * null terminator) in bytes present in the fixed-length (52 bytes) Domain field
1106 */
1107 if (!rdp_info_read_string("Domain", s, cbDomain, 52, TRUE, &info->domain))
1108 goto fail;
1109
1110 Stream_Read_UINT32(s, cbUserName); /* cbUserName (4 bytes) */
1111
1112 /* cbUserName is the size of the Unicode character data (including the mandatory
1113 * null terminator) in bytes present in the fixed-length (512 bytes) UserName field.
1114 */
1115 if (!rdp_info_read_string("UserName", s, cbUserName, 512, TRUE, &info->username))
1116 goto fail;
1117
1118 Stream_Read_UINT32(s, info->sessionId); /* SessionId (4 bytes) */
1119 WLog_DBG(TAG, "LogonInfoV1: SessionId: 0x%08" PRIX32 " UserName: [%s] Domain: [%s]",
1120 info->sessionId, info->username, info->domain);
1121 return TRUE;
1122fail:
1123 return FALSE;
1124}
1125
1126static BOOL rdp_recv_logon_info_v2(rdpRdp* rdp, wStream* s, logon_info* info)
1127{
1128 UINT16 Version = 0;
1129 UINT32 Size = 0;
1130 UINT32 cbDomain = 0;
1131 UINT32 cbUserName = 0;
1132
1133 WINPR_ASSERT(rdp);
1134 WINPR_ASSERT(s);
1135 WINPR_ASSERT(info);
1136
1137 WINPR_UNUSED(rdp);
1138
1139 if (!Stream_CheckAndLogRequiredLength(TAG, s, logonInfoV2TotalSize))
1140 return FALSE;
1141
1142 Stream_Read_UINT16(s, Version); /* Version (2 bytes) */
1143 if (Version != SAVE_SESSION_PDU_VERSION_ONE)
1144 {
1145 WLog_WARN(TAG, "LogonInfoV2::Version expected %" PRIu16 " bytes, got %" PRIu16,
1146 SAVE_SESSION_PDU_VERSION_ONE, Version);
1147 return FALSE;
1148 }
1149
1150 Stream_Read_UINT32(s, Size); /* Size (4 bytes) */
1151
1152 /* [MS-RDPBCGR] 2.2.10.1.1.2 Logon Info Version 2 (TS_LOGON_INFO_VERSION_2)
1153 * should be logonInfoV2TotalSize
1154 * but even MS server 2019 sends logonInfoV2Size
1155 */
1156 if (Size != logonInfoV2TotalSize)
1157 {
1158 if (Size != logonInfoV2Size)
1159 {
1160 WLog_WARN(TAG, "LogonInfoV2::Size expected %" PRIu32 " bytes, got %" PRIu32,
1161 logonInfoV2TotalSize, Size);
1162 return FALSE;
1163 }
1164 }
1165
1166 Stream_Read_UINT32(s, info->sessionId); /* SessionId (4 bytes) */
1167 Stream_Read_UINT32(s, cbDomain); /* cbDomain (4 bytes) */
1168 Stream_Read_UINT32(s, cbUserName); /* cbUserName (4 bytes) */
1169 Stream_Seek(s, logonInfoV2ReservedSize); /* pad (558 bytes) */
1170
1171 /* cbDomain is the size in bytes of the Unicode character data in the Domain field.
1172 * The size of the mandatory null terminator is include in this value.
1173 * Note: Since MS-RDPBCGR 2.2.10.1.1.2 does not mention any size limits we assume
1174 * that the maximum value is 52 bytes, according to the fixed size of the
1175 * Domain field in the Logon Info Version 1 (TS_LOGON_INFO) structure.
1176 */
1177 if (!rdp_info_read_string("Domain", s, cbDomain, 52, FALSE, &info->domain))
1178 goto fail;
1179
1180 /* cbUserName is the size in bytes of the Unicode character data in the UserName field.
1181 * The size of the mandatory null terminator is include in this value.
1182 * Note: Since MS-RDPBCGR 2.2.10.1.1.2 does not mention any size limits we assume
1183 * that the maximum value is 512 bytes, according to the fixed size of the
1184 * Username field in the Logon Info Version 1 (TS_LOGON_INFO) structure.
1185 */
1186 if (!rdp_info_read_string("UserName", s, cbUserName, 512, FALSE, &info->username))
1187 goto fail;
1188
1189 /* We´ve seen undocumented padding with windows 11 here.
1190 * unless it has actual data in it ignore it.
1191 * if there is unexpected data, print a warning and dump the contents
1192 */
1193 const size_t rem = Stream_GetRemainingLength(s);
1194 if (rem > 0)
1195 {
1196 BOOL warn = FALSE;
1197 const char* str = Stream_ConstPointer(s);
1198 for (size_t x = 0; x < rem; x++)
1199 {
1200 if (str[x] != '\0')
1201 warn = TRUE;
1202 }
1203 if (warn)
1204 {
1205 WLog_WARN(TAG, "unexpected padding of %" PRIuz " bytes, data not '\0'", rem);
1206 winpr_HexDump(TAG, WLOG_TRACE, str, rem);
1207 }
1208
1209 if (!Stream_SafeSeek(s, rem))
1210 goto fail;
1211 }
1212
1213 WLog_DBG(TAG, "LogonInfoV2: SessionId: 0x%08" PRIX32 " UserName: [%s] Domain: [%s]",
1214 info->sessionId, info->username, info->domain);
1215 return TRUE;
1216fail:
1217 return FALSE;
1218}
1219
1220static BOOL rdp_recv_logon_plain_notify(rdpRdp* rdp, wStream* s)
1221{
1222 WINPR_UNUSED(rdp);
1223 if (!Stream_CheckAndLogRequiredLength(TAG, s, 576))
1224 return FALSE;
1225
1226 Stream_Seek(s, 576); /* pad (576 bytes) */
1227 WLog_DBG(TAG, "LogonPlainNotify");
1228 return TRUE;
1229}
1230
1231static BOOL rdp_recv_logon_error_info(rdpRdp* rdp, wStream* s, logon_info_ex* info)
1232{
1233 freerdp* instance = NULL;
1234 UINT32 errorNotificationType = 0;
1235 UINT32 errorNotificationData = 0;
1236
1237 WINPR_ASSERT(rdp);
1238 WINPR_ASSERT(rdp->context);
1239 WINPR_ASSERT(s);
1240 WINPR_ASSERT(info);
1241
1242 instance = rdp->context->instance;
1243 WINPR_ASSERT(instance);
1244
1245 if (!Stream_CheckAndLogRequiredLength(TAG, s, 8))
1246 return FALSE;
1247
1248 Stream_Read_UINT32(s, errorNotificationType); /* errorNotificationType (4 bytes) */
1249 Stream_Read_UINT32(s, errorNotificationData); /* errorNotificationData (4 bytes) */
1250 WLog_DBG(TAG, "LogonErrorInfo: Data: 0x%08" PRIX32 " Type: 0x%08" PRIX32 "",
1251 errorNotificationData, errorNotificationType);
1252 IFCALL(instance->LogonErrorInfo, instance, errorNotificationData, errorNotificationType);
1253 info->ErrorNotificationType = errorNotificationType;
1254 info->ErrorNotificationData = errorNotificationData;
1255 return TRUE;
1256}
1257
1258static BOOL rdp_recv_logon_info_extended(rdpRdp* rdp, wStream* s, logon_info_ex* info)
1259{
1260 UINT32 cbFieldData = 0;
1261 UINT32 fieldsPresent = 0;
1262 UINT16 Length = 0;
1263
1264 WINPR_ASSERT(rdp);
1265 WINPR_ASSERT(s);
1266 WINPR_ASSERT(info);
1267
1268 if (!Stream_CheckAndLogRequiredLength(TAG, s, 6))
1269 {
1270 WLog_WARN(TAG, "received short logon info extended, need 6 bytes, got %" PRIuz,
1271 Stream_GetRemainingLength(s));
1272 return FALSE;
1273 }
1274
1275 Stream_Read_UINT16(s, Length); /* Length (2 bytes) */
1276 Stream_Read_UINT32(s, fieldsPresent); /* fieldsPresent (4 bytes) */
1277
1278 if ((Length < 6) || (!Stream_CheckAndLogRequiredLength(TAG, s, (Length - 6U))))
1279 {
1280 WLog_WARN(TAG,
1281 "received short logon info extended, need %" PRIu16 " - 6 bytes, got %" PRIuz,
1282 Length, Stream_GetRemainingLength(s));
1283 return FALSE;
1284 }
1285
1286 WLog_DBG(TAG, "LogonInfoExtended: fieldsPresent: 0x%08" PRIX32 "", fieldsPresent);
1287
1288 /* logonFields */
1289
1290 if (fieldsPresent & LOGON_EX_AUTORECONNECTCOOKIE)
1291 {
1292 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
1293 return FALSE;
1294
1295 info->haveCookie = TRUE;
1296 Stream_Read_UINT32(s, cbFieldData); /* cbFieldData (4 bytes) */
1297
1298 if (!Stream_CheckAndLogRequiredLength(TAG, s, cbFieldData))
1299 return FALSE;
1300
1301 if (!rdp_read_server_auto_reconnect_cookie(rdp, s, info))
1302 return FALSE;
1303 }
1304
1305 if (fieldsPresent & LOGON_EX_LOGONERRORS)
1306 {
1307 info->haveErrorInfo = TRUE;
1308
1309 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
1310 return FALSE;
1311
1312 Stream_Read_UINT32(s, cbFieldData); /* cbFieldData (4 bytes) */
1313
1314 if (!Stream_CheckAndLogRequiredLength(TAG, s, cbFieldData))
1315 return FALSE;
1316
1317 if (!rdp_recv_logon_error_info(rdp, s, info))
1318 return FALSE;
1319 }
1320
1321 if (!Stream_CheckAndLogRequiredLength(TAG, s, 570))
1322 return FALSE;
1323
1324 Stream_Seek(s, 570); /* pad (570 bytes) */
1325 return TRUE;
1326}
1327
1328BOOL rdp_recv_save_session_info(rdpRdp* rdp, wStream* s)
1329{
1330 UINT32 infoType = 0;
1331 BOOL status = 0;
1332 logon_info logonInfo = { 0 };
1333 logon_info_ex logonInfoEx = { 0 };
1334 rdpContext* context = rdp->context;
1335 rdpUpdate* update = rdp->context->update;
1336
1337 if (!Stream_CheckAndLogRequiredLength(TAG, s, 4))
1338 return FALSE;
1339
1340 Stream_Read_UINT32(s, infoType); /* infoType (4 bytes) */
1341
1342 switch (infoType)
1343 {
1344 case INFO_TYPE_LOGON:
1345 status = rdp_recv_logon_info_v1(rdp, s, &logonInfo);
1346
1347 if (status && update->SaveSessionInfo)
1348 status = update->SaveSessionInfo(context, infoType, &logonInfo);
1349
1350 rdp_free_logon_info(&logonInfo);
1351 break;
1352
1353 case INFO_TYPE_LOGON_LONG:
1354 status = rdp_recv_logon_info_v2(rdp, s, &logonInfo);
1355
1356 if (status && update->SaveSessionInfo)
1357 status = update->SaveSessionInfo(context, infoType, &logonInfo);
1358
1359 rdp_free_logon_info(&logonInfo);
1360 break;
1361
1362 case INFO_TYPE_LOGON_PLAIN_NOTIFY:
1363 status = rdp_recv_logon_plain_notify(rdp, s);
1364
1365 if (status && update->SaveSessionInfo)
1366 status = update->SaveSessionInfo(context, infoType, NULL);
1367
1368 break;
1369
1370 case INFO_TYPE_LOGON_EXTENDED_INF:
1371 status = rdp_recv_logon_info_extended(rdp, s, &logonInfoEx);
1372
1373 if (status && update->SaveSessionInfo)
1374 status = update->SaveSessionInfo(context, infoType, &logonInfoEx);
1375
1376 break;
1377
1378 default:
1379 WLog_ERR(TAG, "Unhandled saveSessionInfo type 0x%" PRIx32 "", infoType);
1380 status = TRUE;
1381 break;
1382 }
1383
1384 if (!status)
1385 {
1386 WLog_DBG(TAG, "SaveSessionInfo error: infoType: %s (%" PRIu32 ")",
1387 infoType < 4 ? INFO_TYPE_LOGON_STRINGS[infoType % 4] : "Unknown", infoType);
1388 }
1389
1390 return status;
1391}
1392
1393static BOOL rdp_write_logon_info_v1(wStream* s, logon_info* info)
1394{
1395 const size_t charLen = 52 / sizeof(WCHAR);
1396 const size_t userCharLen = 512 / sizeof(WCHAR);
1397
1398 size_t sz = 4 + 52 + 4 + 512 + 4;
1399
1400 if (!Stream_EnsureRemainingCapacity(s, sz))
1401 return FALSE;
1402
1403 /* domain */
1404 {
1405 WINPR_ASSERT(info);
1406 if (!info->domain || !info->username)
1407 return FALSE;
1408 const size_t len = strnlen(info->domain, charLen + 1);
1409 if (len > charLen)
1410 return FALSE;
1411
1412 const size_t wlen = len * sizeof(WCHAR);
1413 if (wlen > UINT32_MAX)
1414 return FALSE;
1415
1416 Stream_Write_UINT32(s, (UINT32)wlen);
1417 if (Stream_Write_UTF16_String_From_UTF8(s, charLen, info->domain, len, TRUE) < 0)
1418 return FALSE;
1419 }
1420
1421 /* username */
1422 {
1423 const size_t len = strnlen(info->username, userCharLen + 1);
1424 if (len > userCharLen)
1425 return FALSE;
1426
1427 const size_t wlen = len * sizeof(WCHAR);
1428 if (wlen > UINT32_MAX)
1429 return FALSE;
1430
1431 Stream_Write_UINT32(s, (UINT32)wlen);
1432
1433 if (Stream_Write_UTF16_String_From_UTF8(s, userCharLen, info->username, len, TRUE) < 0)
1434 return FALSE;
1435 }
1436
1437 /* sessionId */
1438 Stream_Write_UINT32(s, info->sessionId);
1439 return TRUE;
1440}
1441
1442static BOOL rdp_write_logon_info_v2(wStream* s, logon_info* info)
1443{
1444 size_t domainLen = 0;
1445 size_t usernameLen = 0;
1446
1447 if (!Stream_EnsureRemainingCapacity(s, logonInfoV2TotalSize))
1448 return FALSE;
1449
1450 Stream_Write_UINT16(s, SAVE_SESSION_PDU_VERSION_ONE);
1451 /* [MS-RDPBCGR] 2.2.10.1.1.2 Logon Info Version 2 (TS_LOGON_INFO_VERSION_2)
1452 * should be logonInfoV2TotalSize
1453 * but even MS server 2019 sends logonInfoV2Size
1454 */
1455 Stream_Write_UINT32(s, logonInfoV2Size);
1456 Stream_Write_UINT32(s, info->sessionId);
1457 domainLen = strnlen(info->domain, 256); /* lmcons.h UNLEN */
1458 if (domainLen >= UINT32_MAX / sizeof(WCHAR))
1459 return FALSE;
1460 Stream_Write_UINT32(s, (UINT32)(domainLen + 1) * sizeof(WCHAR));
1461 usernameLen = strnlen(info->username, 256); /* lmcons.h UNLEN */
1462 if (usernameLen >= UINT32_MAX / sizeof(WCHAR))
1463 return FALSE;
1464 Stream_Write_UINT32(s, (UINT32)(usernameLen + 1) * sizeof(WCHAR));
1465 Stream_Seek(s, logonInfoV2ReservedSize);
1466 if (Stream_Write_UTF16_String_From_UTF8(s, domainLen + 1, info->domain, domainLen, TRUE) < 0)
1467 return FALSE;
1468 if (Stream_Write_UTF16_String_From_UTF8(s, usernameLen + 1, info->username, usernameLen, TRUE) <
1469 0)
1470 return FALSE;
1471 return TRUE;
1472}
1473
1474static BOOL rdp_write_logon_info_plain(wStream* s)
1475{
1476 if (!Stream_EnsureRemainingCapacity(s, 576))
1477 return FALSE;
1478
1479 Stream_Seek(s, 576);
1480 return TRUE;
1481}
1482
1483static BOOL rdp_write_logon_info_ex(wStream* s, logon_info_ex* info)
1484{
1485 UINT32 FieldsPresent = 0;
1486 UINT16 Size = 2 + 4 + 570;
1487
1488 if (info->haveCookie)
1489 {
1490 FieldsPresent |= LOGON_EX_AUTORECONNECTCOOKIE;
1491 Size += 28;
1492 }
1493
1494 if (info->haveErrorInfo)
1495 {
1496 FieldsPresent |= LOGON_EX_LOGONERRORS;
1497 Size += 8;
1498 }
1499
1500 if (!Stream_EnsureRemainingCapacity(s, Size))
1501 return FALSE;
1502
1503 Stream_Write_UINT16(s, Size);
1504 Stream_Write_UINT32(s, FieldsPresent);
1505
1506 if (info->haveCookie)
1507 {
1508 Stream_Write_UINT32(s, 28); /* cbFieldData (4 bytes) */
1509 Stream_Write_UINT32(s, 28); /* cbLen (4 bytes) */
1510 Stream_Write_UINT32(s, AUTO_RECONNECT_VERSION_1); /* Version (4 bytes) */
1511 Stream_Write_UINT32(s, info->LogonId); /* LogonId (4 bytes) */
1512 Stream_Write(s, info->ArcRandomBits, 16); /* ArcRandomBits (16 bytes) */
1513 }
1514
1515 if (info->haveErrorInfo)
1516 {
1517 Stream_Write_UINT32(s, 8); /* cbFieldData (4 bytes) */
1518 Stream_Write_UINT32(s, info->ErrorNotificationType); /* ErrorNotificationType (4 bytes) */
1519 Stream_Write_UINT32(s, info->ErrorNotificationData); /* ErrorNotificationData (4 bytes) */
1520 }
1521
1522 Stream_Seek(s, 570);
1523 return TRUE;
1524}
1525
1526BOOL rdp_send_save_session_info(rdpContext* context, UINT32 type, void* data)
1527{
1528 UINT16 sec_flags = 0;
1529 wStream* s = NULL;
1530 BOOL status = 0;
1531 rdpRdp* rdp = context->rdp;
1532 s = rdp_data_pdu_init(rdp, &sec_flags);
1533
1534 if (!s)
1535 return FALSE;
1536
1537 Stream_Write_UINT32(s, type);
1538
1539 switch (type)
1540 {
1541 case INFO_TYPE_LOGON:
1542 status = rdp_write_logon_info_v1(s, (logon_info*)data);
1543 break;
1544
1545 case INFO_TYPE_LOGON_LONG:
1546 status = rdp_write_logon_info_v2(s, (logon_info*)data);
1547 break;
1548
1549 case INFO_TYPE_LOGON_PLAIN_NOTIFY:
1550 status = rdp_write_logon_info_plain(s);
1551 break;
1552
1553 case INFO_TYPE_LOGON_EXTENDED_INF:
1554 status = rdp_write_logon_info_ex(s, (logon_info_ex*)data);
1555 break;
1556
1557 default:
1558 WLog_ERR(TAG, "saveSessionInfo type 0x%" PRIx32 " not handled", type);
1559 status = FALSE;
1560 break;
1561 }
1562
1563 if (status)
1564 status =
1565 rdp_send_data_pdu(rdp, s, DATA_PDU_TYPE_SAVE_SESSION_INFO, rdp->mcs->userId, sec_flags);
1566 else
1567 Stream_Release(s);
1568
1569 return status;
1570}
1571
1572BOOL rdp_send_server_status_info(rdpContext* context, UINT32 status)
1573{
1574 UINT16 sec_flags = 0;
1575 wStream* s = NULL;
1576 rdpRdp* rdp = context->rdp;
1577 s = rdp_data_pdu_init(rdp, &sec_flags);
1578
1579 if (!s)
1580 return FALSE;
1581
1582 Stream_Write_UINT32(s, status);
1583 return rdp_send_data_pdu(rdp, s, DATA_PDU_TYPE_STATUS_INFO, rdp->mcs->userId, sec_flags);
1584}
freerdp_settings_get_uint32
FREERDP_API UINT32 freerdp_settings_get_uint32(const rdpSettings *settings, FreeRDP_Settings_Keys_UInt32 id)
Returns a UINT32 settings value.
freerdp_settings_set_string
FREERDP_API BOOL freerdp_settings_set_string(rdpSettings *settings, FreeRDP_Settings_Keys_String id, const char *param)
Sets a string settings value. The param is copied.
Definition settings_getters.c:3685
freerdp_settings_get_bool
FREERDP_API BOOL freerdp_settings_get_bool(const rdpSettings *settings, FreeRDP_Settings_Keys_Bool id)
Returns a boolean settings value.
freerdp_settings_set_string_from_utf16N
FREERDP_API BOOL freerdp_settings_set_string_from_utf16N(rdpSettings *settings, FreeRDP_Settings_Keys_String id, const WCHAR *param, size_t length)
Sets a string settings value. The param is converted to UTF-8 and the copy stored.
Definition common/settings.c:2116
freerdp_settings_get_string_as_utf16
FREERDP_API WCHAR * freerdp_settings_get_string_as_utf16(const rdpSettings *settings, FreeRDP_Settings_Keys_String id, size_t *pCharLen)
Return an allocated UTF16 string.
Definition common/settings.c:2139
freerdp_settings_set_string_len
FREERDP_API BOOL freerdp_settings_set_string_len(rdpSettings *settings, FreeRDP_Settings_Keys_String id, const char *param, size_t len)
Sets a string settings value. The param is copied.
Definition settings_getters.c:3679
freerdp_settings_get_string
FREERDP_API const char * freerdp_settings_get_string(const rdpSettings *settings, FreeRDP_Settings_Keys_String id)
Returns a immutable string settings value.
freerdp_settings_set_bool
FREERDP_API BOOL freerdp_settings_set_bool(rdpSettings *settings, FreeRDP_Settings_Keys_Bool id, BOOL param)
Sets a BOOL settings value.
ARC_CS_PRIVATE_PACKET
Definition settings_types.h:348
ARC_SC_PRIVATE_PACKET
Definition settings_types.h:357