#include <freerdp/config.h>#include <winpr/crt.h>#include <winpr/assert.h>#include <winpr/stream.h>#include <freerdp/log.h>#include "tpkt.h"#include "nego.h"#include "aad.h"#include "transport.h"Macros | |
| #define | TAG FREERDP_TAG("core.nego") |
Functions | |
| static const char * | nego_state_string (NEGO_STATE state) |
| static const char * | protocol_security_string (UINT32 security) |
| static BOOL | nego_transport_connect (rdpNego *nego) |
| static BOOL | nego_transport_disconnect (rdpNego *nego) |
| static BOOL | nego_security_connect (rdpNego *nego) |
| static BOOL | nego_send_preconnection_pdu (rdpNego *nego) |
| static BOOL | nego_recv_response (rdpNego *nego) |
| static void | nego_send (rdpNego *nego) |
| static BOOL | nego_process_negotiation_request (rdpNego *nego, wStream *s) |
| static BOOL | nego_process_negotiation_response (rdpNego *nego, wStream *s) |
| static BOOL | nego_process_negotiation_failure (rdpNego *nego, wStream *s) |
| static UINT32 | nego_get_next_selected_protocol (rdpNego *nego) |
| BOOL | nego_connect (rdpNego *nego) |
| BOOL | nego_disconnect (rdpNego *nego) |
| static BOOL | nego_try_connect (rdpNego *nego) |
| static BOOL | nego_tcp_connect (rdpNego *nego) |
| static void | nego_attempt_rdstls (rdpNego *nego) |
| static void | nego_attempt_rdsaad (rdpNego *nego) |
| static void | nego_attempt_ext (rdpNego *nego) |
| static void | nego_attempt_nla (rdpNego *nego) |
| static void | nego_attempt_tls (rdpNego *nego) |
| static void | nego_attempt_rdp (rdpNego *nego) |
| int | nego_recv (rdpTransport *transport, wStream *s, void *extra) |
| static BOOL | nego_read_request_token_or_cookie (rdpNego *nego, wStream *s) |
| BOOL | nego_read_request (rdpNego *nego, wStream *s) |
| BOOL | nego_send_negotiation_request (rdpNego *nego) |
| static BOOL | nego_process_correlation_info (rdpNego *nego, wStream *s) |
| static const char * | nego_rdp_neg_rsp_flags_str (UINT32 flags) |
| BOOL | nego_send_negotiation_response (rdpNego *nego) |
| void | nego_init (rdpNego *nego) |
| rdpNego * | nego_new (rdpTransport *transport) |
| void | nego_free (rdpNego *nego) |
| BOOL | nego_set_target (rdpNego *nego, const char *hostname, UINT16 port) |
| void | nego_set_negotiation_enabled (rdpNego *nego, BOOL NegotiateSecurityLayer) |
| void | nego_set_restricted_admin_mode_required (rdpNego *nego, BOOL RestrictedAdminModeRequired) |
| void | nego_set_gateway_enabled (rdpNego *nego, BOOL GatewayEnabled) |
| void | nego_set_gateway_bypass_local (rdpNego *nego, BOOL GatewayBypassLocal) |
| void | nego_enable_rdp (rdpNego *nego, BOOL enable_rdp) |
| void | nego_enable_tls (rdpNego *nego, BOOL enable_tls) |
| void | nego_enable_nla (rdpNego *nego, BOOL enable_nla) |
| void | nego_enable_rdstls (rdpNego *nego, BOOL enable_rdstls) |
| void | nego_enable_ext (rdpNego *nego, BOOL enable_ext) |
| void | nego_enable_aad (rdpNego *nego, BOOL enable_aad) |
| BOOL | nego_set_routing_token (rdpNego *nego, const BYTE *RoutingToken, DWORD RoutingTokenLength) |
| BOOL | nego_set_cookie (rdpNego *nego, const char *cookie) |
| void | nego_set_cookie_max_length (rdpNego *nego, UINT32 CookieMaxLength) |
| void | nego_set_send_preconnection_pdu (rdpNego *nego, BOOL SendPreconnectionPdu) |
| void | nego_set_preconnection_id (rdpNego *nego, UINT32 PreconnectionId) |
| void | nego_set_preconnection_blob (rdpNego *nego, const char *PreconnectionBlob) |
| UINT32 | nego_get_selected_protocol (rdpNego *nego) |
| BOOL | nego_set_selected_protocol (rdpNego *nego, UINT32 SelectedProtocol) |
| UINT32 | nego_get_requested_protocols (rdpNego *nego) |
| BOOL | nego_set_requested_protocols (rdpNego *nego, UINT32 RequestedProtocols) |
| NEGO_STATE | nego_get_state (rdpNego *nego) |
| BOOL | nego_set_state (rdpNego *nego, NEGO_STATE state) |
| SEC_WINNT_AUTH_IDENTITY * | nego_get_identity (rdpNego *nego) |
| void | nego_free_nla (rdpNego *nego) |
| const BYTE * | nego_get_routing_token (rdpNego *nego, DWORD *RoutingTokenLength) |
Macro Definition Documentation
◆ TAG
| #define TAG FREERDP_TAG("core.nego") |
FreeRDP: A Remote Desktop Protocol Implementation RDP Protocol Security Negotiation
Copyright 2011 Marc-Andre Moreau marcandre.moreau@gmail.com Copyright 2014 Norbert Federa norbert.federa@thincast.com Copyright 2015 Thincast Technologies GmbH Copyright 2015 DI (FH) Martin Haimberger martin.haimberger@thincast.com
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Function Documentation
◆ nego_attempt_ext()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_attempt_nla()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_attempt_rdp()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_attempt_rdsaad()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_attempt_rdstls()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_attempt_tls()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_connect()
| BOOL nego_connect | ( | rdpNego * | nego | ) |
Negotiate protocol security and connect.
- Parameters
-
nego A pointer to the NEGO struct
- Returns
- TRUE for success, FALSE otherwise
Advertise all supported encryption methods if the client implementation did not set any security methods
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_disconnect()
| BOOL nego_disconnect | ( | rdpNego * | nego | ) |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_enable_aad()
| void nego_enable_aad | ( | rdpNego * | nego, |
| BOOL | enable_aad | ||
| ) |
Enable RDS AAD security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_ext whether to enable RDS AAD Auth protocol (TRUE for enabled, FALSE for disabled)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_enable_ext()
| void nego_enable_ext | ( | rdpNego * | nego, |
| BOOL | enable_ext | ||
| ) |
Enable NLA extended security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_ext whether to enable network level authentication extended protocol (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:
◆ nego_enable_nla()
| void nego_enable_nla | ( | rdpNego * | nego, |
| BOOL | enable_nla | ||
| ) |
Enable NLA security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_nla whether to enable network level authentication protocol (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:
◆ nego_enable_rdp()
| void nego_enable_rdp | ( | rdpNego * | nego, |
| BOOL | enable_rdp | ||
| ) |
Enable RDP security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_rdp whether to enable normal RDP protocol (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:
◆ nego_enable_rdstls()
| void nego_enable_rdstls | ( | rdpNego * | nego, |
| BOOL | enable_rdstls | ||
| ) |
Enable RDSTLS security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_rdstls whether to enable RDSTLS protocol (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:
◆ nego_enable_tls()
| void nego_enable_tls | ( | rdpNego * | nego, |
| BOOL | enable_tls | ||
| ) |
Enable TLS security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_tls whether to enable TLS + RDP protocol (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:
◆ nego_free()
| void nego_free | ( | rdpNego * | nego | ) |
Free NEGO state machine.
- Parameters
-
nego A pointer to the NEGO struct
Here is the caller graph for this function:
◆ nego_free_nla()
| void nego_free_nla | ( | rdpNego * | nego | ) |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_get_identity()
| SEC_WINNT_AUTH_IDENTITY* nego_get_identity | ( | rdpNego * | nego | ) |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_get_next_selected_protocol()
|
static |
Here is the call graph for this function:
◆ nego_get_requested_protocols()
| UINT32 nego_get_requested_protocols | ( | rdpNego * | nego | ) |
Here is the caller graph for this function:
◆ nego_get_routing_token()
| const BYTE* nego_get_routing_token | ( | rdpNego * | nego, |
| DWORD * | RoutingTokenLength | ||
| ) |
Here is the caller graph for this function:
◆ nego_get_selected_protocol()
| UINT32 nego_get_selected_protocol | ( | rdpNego * | nego | ) |
Here is the caller graph for this function:
◆ nego_get_state()
| NEGO_STATE nego_get_state | ( | rdpNego * | nego | ) |
Here is the caller graph for this function:
◆ nego_init()
| void nego_init | ( | rdpNego * | nego | ) |
Initialize NEGO state machine.
- Parameters
-
nego A pointer to the NEGO struct
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_new()
| rdpNego* nego_new | ( | rdpTransport * | transport | ) |
Create a new NEGO state machine instance.
- Parameters
-
transport The transport to use
- Returns
- A pointer to the allocated NEGO instance or NULL
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_process_correlation_info()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_process_negotiation_failure()
|
static |
Process Negotiation Failure from Connection Confirm message.
- Parameters
-
nego A pointer to the NEGO struct s The stream to read from
- Returns
- TRUE for success, FALSE otherwise
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_process_negotiation_request()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_process_negotiation_response()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_rdp_neg_rsp_flags_str()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_read_request()
| BOOL nego_read_request | ( | rdpNego * | nego, |
| wStream * | s | ||
| ) |
Read protocol security negotiation request message.
- Parameters
-
nego A pointer to the NEGO struct s A stream to read from
- Returns
- TRUE for success, FALSE for failure
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_read_request_token_or_cookie()
|
static |
Read optional routing token or cookie of X.224 Connection Request PDU. msdn{cc240470}
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_recv()
| int nego_recv | ( | rdpTransport * | transport, |
| wStream * | s, | ||
| void * | extra | ||
| ) |
Receive protocol security negotiation message. msdn{cc240501}
- Parameters
-
transport The transport to read from s A stream to read the received data from extra nego pointer
- Returns
- 0 for success, -1 for failure
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_recv_response()
|
static |
Wait to receive a negotiation response
- Parameters
-
nego A pointer to the NEGO struct
- Returns
- TRUE for success, FALSE for failure
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_security_connect()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_send()
|
static |
Send protocol security negotiation message.
- Parameters
-
nego A pointer to the NEGO struct
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_send_negotiation_request()
| BOOL nego_send_negotiation_request | ( | rdpNego * | nego | ) |
Send RDP Negotiation Request (RDP_NEG_REQ). msdn{cc240500} msdn{cc240470}
- Parameters
-
nego A pointer to the NEGO struct
- Returns
- TRUE for success, FALSE otherwise
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_send_negotiation_response()
| BOOL nego_send_negotiation_response | ( | rdpNego * | nego | ) |
Send RDP Negotiation Response (RDP_NEG_RSP).
- Parameters
-
nego A pointer to the NEGO struct
If the server implementation did not explicitely set a encryption level we default to client compatible
Note: This hack was firstly introduced in commit 95f5e115 to disable the unnecessary encryption with peers connecting to 127.0.0.1 or local unix sockets. This also affects connections via port tunnels! (e.g. ssh -L)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_send_preconnection_pdu()
|
static |
Send preconnection information if enabled.
- Parameters
-
nego A pointer to the NEGO struct
- Returns
- TRUE for success, FALSE otherwise
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_set_cookie()
| BOOL nego_set_cookie | ( | rdpNego * | nego, |
| const char * | cookie | ||
| ) |
Set cookie.
- Parameters
-
nego A pointer to the NEGO struct cookie A pointer to the cookie string
- Returns
- TRUE for success, FALSE otherwise
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_set_cookie_max_length()
| void nego_set_cookie_max_length | ( | rdpNego * | nego, |
| UINT32 | CookieMaxLength | ||
| ) |
Set cookie maximum length
- Parameters
-
nego A pointer to the NEGO struct CookieMaxLength the length to set
Here is the caller graph for this function:
◆ nego_set_gateway_bypass_local()
| void nego_set_gateway_bypass_local | ( | rdpNego * | nego, |
| BOOL | GatewayBypassLocal | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_gateway_enabled()
| void nego_set_gateway_enabled | ( | rdpNego * | nego, |
| BOOL | GatewayEnabled | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_negotiation_enabled()
| void nego_set_negotiation_enabled | ( | rdpNego * | nego, |
| BOOL | NegotiateSecurityLayer | ||
| ) |
Enable security layer negotiation.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure NegotiateSecurityLayer whether to enable security layer negotiation (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:
◆ nego_set_preconnection_blob()
| void nego_set_preconnection_blob | ( | rdpNego * | nego, |
| const char * | PreconnectionBlob | ||
| ) |
Set preconnection blob.
- Parameters
-
nego A pointer to the NEGO struct PreconnectionBlob A pointer to the blob to use
Here is the caller graph for this function:
◆ nego_set_preconnection_id()
| void nego_set_preconnection_id | ( | rdpNego * | nego, |
| UINT32 | PreconnectionId | ||
| ) |
Set preconnection id.
- Parameters
-
nego A pointer to the NEGO struct PreconnectionId the ID to set
Here is the caller graph for this function:
◆ nego_set_requested_protocols()
| BOOL nego_set_requested_protocols | ( | rdpNego * | nego, |
| UINT32 | RequestedProtocols | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_restricted_admin_mode_required()
| void nego_set_restricted_admin_mode_required | ( | rdpNego * | nego, |
| BOOL | RestrictedAdminModeRequired | ||
| ) |
Enable restricted admin mode.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure RestrictedAdminModeRequired whether to enable security layer negotiation (TRUE for enabled, FALSE for disabled)
Here is the caller graph for this function:
◆ nego_set_routing_token()
| BOOL nego_set_routing_token | ( | rdpNego * | nego, |
| const BYTE * | RoutingToken, | ||
| DWORD | RoutingTokenLength | ||
| ) |
Set routing token.
- Parameters
-
nego A pointer to the NEGO struct RoutingToken A pointer to the routing token RoutingTokenLength The lenght of the routing token
- Returns
- TRUE for success, FALSE otherwise
Here is the caller graph for this function:
◆ nego_set_selected_protocol()
| BOOL nego_set_selected_protocol | ( | rdpNego * | nego, |
| UINT32 | SelectedProtocol | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_send_preconnection_pdu()
| void nego_set_send_preconnection_pdu | ( | rdpNego * | nego, |
| BOOL | SendPreconnectionPdu | ||
| ) |
Enable / disable preconnection PDU.
- Parameters
-
nego A pointer to the NEGO struct SendPreconnectionPdu The value to set
Here is the caller graph for this function:
◆ nego_set_state()
| BOOL nego_set_state | ( | rdpNego * | nego, |
| NEGO_STATE | state | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_target()
| BOOL nego_set_target | ( | rdpNego * | nego, |
| const char * | hostname, | ||
| UINT16 | port | ||
| ) |
Set target hostname and port.
- Parameters
-
nego A pointer to the NEGO struct hostname The hostname to set port The port to set
- Returns
- TRUE for success, FALSE otherwise
Here is the caller graph for this function:
◆ nego_state_string()
|
static |
Here is the caller graph for this function:
◆ nego_tcp_connect()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_transport_connect()
|
static |
Connect TCP layer. For direct approach, connect security layer as well.
- Parameters
-
nego A pointer to the NEGO struct
- Returns
- TRUE for success, FALSE otherwise
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_transport_disconnect()
|
static |
Disconnect TCP layer.
- Parameters
-
nego A pointer to the NEGO struct
- Returns
- TRUE for success, FALSE otherwise
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_try_connect()
|
static |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ protocol_security_string()
|
static |
Here is the caller graph for this function:
