FreeRDP
|
#include <freerdp/config.h>
#include <winpr/crt.h>
#include <winpr/assert.h>
#include <winpr/stream.h>
#include <freerdp/log.h>
#include "tpkt.h"
#include "nego.h"
#include "transport.h"
Macros | |
#define | TAG FREERDP_TAG("core.nego") |
Functions | |
static const char * | nego_state_string (NEGO_STATE state) |
static const char * | protocol_security_string (UINT32 security) |
static BOOL | nego_transport_connect (rdpNego *nego) |
static BOOL | nego_transport_disconnect (rdpNego *nego) |
static BOOL | nego_security_connect (rdpNego *nego) |
static BOOL | nego_send_preconnection_pdu (rdpNego *nego) |
static BOOL | nego_recv_response (rdpNego *nego) |
static void | nego_send (rdpNego *nego) |
static BOOL | nego_process_negotiation_request (rdpNego *nego, wStream *s) |
static BOOL | nego_process_negotiation_response (rdpNego *nego, wStream *s) |
static BOOL | nego_process_negotiation_failure (rdpNego *nego, wStream *s) |
BOOL | nego_connect (rdpNego *nego) |
BOOL | nego_disconnect (rdpNego *nego) |
static BOOL | nego_tcp_connect (rdpNego *nego) |
static void | nego_attempt_ext (rdpNego *nego) |
static void | nego_attempt_nla (rdpNego *nego) |
static void | nego_attempt_tls (rdpNego *nego) |
static void | nego_attempt_rdp (rdpNego *nego) |
int | nego_recv (rdpTransport *transport, wStream *s, void *extra) |
static BOOL | nego_read_request_token_or_cookie (rdpNego *nego, wStream *s) |
BOOL | nego_read_request (rdpNego *nego, wStream *s) |
BOOL | nego_send_negotiation_request (rdpNego *nego) |
static BOOL | nego_process_correlation_info (rdpNego *nego, wStream *s) |
static const char * | nego_rdp_neg_rsp_flags_str (UINT32 flags) |
BOOL | nego_send_negotiation_response (rdpNego *nego) |
void | nego_init (rdpNego *nego) |
rdpNego * | nego_new (rdpTransport *transport) |
void | nego_free (rdpNego *nego) |
BOOL | nego_set_target (rdpNego *nego, const char *hostname, UINT16 port) |
void | nego_set_negotiation_enabled (rdpNego *nego, BOOL NegotiateSecurityLayer) |
void | nego_set_restricted_admin_mode_required (rdpNego *nego, BOOL RestrictedAdminModeRequired) |
void | nego_set_gateway_enabled (rdpNego *nego, BOOL GatewayEnabled) |
void | nego_set_gateway_bypass_local (rdpNego *nego, BOOL GatewayBypassLocal) |
void | nego_enable_rdp (rdpNego *nego, BOOL enable_rdp) |
void | nego_enable_tls (rdpNego *nego, BOOL enable_tls) |
void | nego_enable_nla (rdpNego *nego, BOOL enable_nla) |
void | nego_enable_ext (rdpNego *nego, BOOL enable_ext) |
BOOL | nego_set_routing_token (rdpNego *nego, const BYTE *RoutingToken, DWORD RoutingTokenLength) |
BOOL | nego_set_cookie (rdpNego *nego, const char *cookie) |
void | nego_set_cookie_max_length (rdpNego *nego, UINT32 CookieMaxLength) |
void | nego_set_send_preconnection_pdu (rdpNego *nego, BOOL SendPreconnectionPdu) |
void | nego_set_preconnection_id (rdpNego *nego, UINT32 PreconnectionId) |
void | nego_set_preconnection_blob (rdpNego *nego, const char *PreconnectionBlob) |
UINT32 | nego_get_selected_protocol (rdpNego *nego) |
BOOL | nego_set_selected_protocol (rdpNego *nego, UINT32 SelectedProtocol) |
UINT32 | nego_get_requested_protocols (rdpNego *nego) |
BOOL | nego_set_requested_protocols (rdpNego *nego, UINT32 RequestedProtocols) |
NEGO_STATE | nego_get_state (rdpNego *nego) |
BOOL | nego_set_state (rdpNego *nego, NEGO_STATE state) |
SEC_WINNT_AUTH_IDENTITY * | nego_get_identity (rdpNego *nego) |
void | nego_free_nla (rdpNego *nego) |
const BYTE * | nego_get_routing_token (rdpNego *nego, DWORD *RoutingTokenLength) |
#define TAG FREERDP_TAG("core.nego") |
FreeRDP: A Remote Desktop Protocol Implementation RDP Protocol Security Negotiation
Copyright 2011 Marc-Andre Moreau marca Copyright 2014 Norbert Federa ndre .more au@g mail. comnorbe Copyright 2015 Thincast Technologies GmbH Copyright 2015 DI (FH) Martin Haimberger rt.f edera @thi ncast .commarti n.ha imber ger@ thinc ast. com
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
|
static |
Attempt negotiating NLA + TLS extended security.
nego |
|
static |
Attempt negotiating NLA + TLS security.
nego |
|
static |
Attempt negotiating standard RDP security.
nego |
|
static |
Attempt negotiating TLS security.
nego |
BOOL nego_connect | ( | rdpNego * | nego | ) |
Negotiate protocol security and connect.
nego |
Advertise all supported encryption methods if the client implementation did not set any security methods
BOOL nego_disconnect | ( | rdpNego * | nego | ) |
void nego_enable_ext | ( | rdpNego * | nego, |
BOOL | enable_ext | ||
) |
Enable NLA extended security protocol.
nego | pointer to the negotiation structure |
enable_ext | whether to enable network level authentication extended protocol (TRUE for enabled, FALSE for disabled) |
void nego_enable_nla | ( | rdpNego * | nego, |
BOOL | enable_nla | ||
) |
Enable NLA security protocol.
nego | pointer to the negotiation structure |
enable_nla | whether to enable network level authentication protocol (TRUE for enabled, FALSE for disabled) |
void nego_enable_rdp | ( | rdpNego * | nego, |
BOOL | enable_rdp | ||
) |
Enable RDP security protocol.
nego | pointer to the negotiation structure |
enable_rdp | whether to enable normal RDP protocol (TRUE for enabled, FALSE for disabled) |
void nego_enable_tls | ( | rdpNego * | nego, |
BOOL | enable_tls | ||
) |
Enable TLS security protocol.
nego | pointer to the negotiation structure |
enable_tls | whether to enable TLS + RDP protocol (TRUE for enabled, FALSE for disabled) |
void nego_free | ( | rdpNego * | nego | ) |
Free NEGO state machine.
nego |
void nego_free_nla | ( | rdpNego * | nego | ) |
SEC_WINNT_AUTH_IDENTITY* nego_get_identity | ( | rdpNego * | nego | ) |
UINT32 nego_get_requested_protocols | ( | rdpNego * | nego | ) |
const BYTE* nego_get_routing_token | ( | rdpNego * | nego, |
DWORD * | RoutingTokenLength | ||
) |
UINT32 nego_get_selected_protocol | ( | rdpNego * | nego | ) |
NEGO_STATE nego_get_state | ( | rdpNego * | nego | ) |
void nego_init | ( | rdpNego * | nego | ) |
Initialize NEGO state machine.
nego |
rdpNego* nego_new | ( | rdpTransport * | transport | ) |
Create a new NEGO state machine instance.
transport |
|
static |
Process Negotiation Request from Connection Request message.
nego | |
s |
|
static |
Process Negotiation Failure from Connection Confirm message.
nego | |
s |
|
static |
|
static |
|
static |
Process Negotiation Response from Connection Confirm message.
nego | |
s |
BOOL nego_read_request | ( | rdpNego * | nego, |
wStream * | s | ||
) |
Read protocol security negotiation request message.
nego | |
s | stream |
|
static |
Read optional routing token or cookie of X.224 Connection Request PDU. http://msdn.microsoft.com/en-us/library/cc240470/
nego | |
s | stream |
int nego_recv | ( | rdpTransport * | transport, |
wStream * | s, | ||
void * | extra | ||
) |
Receive protocol security negotiation message.
http://msdn.microsoft.com/en-us/library/cc240501/
transport | transport |
s | stream |
extra | nego pointer |
|
static |
Wait to receive a negotiation response
nego |
|
static |
|
static |
Send protocol security negotiation message.
nego |
BOOL nego_send_negotiation_request | ( | rdpNego * | nego | ) |
Send RDP Negotiation Request (RDP_NEG_REQ).
http://msdn.microsoft.com/en-us/library/cc240500/
http://msdn.microsoft.com/en-us/library/cc240470/
nego |
BOOL nego_send_negotiation_response | ( | rdpNego * | nego | ) |
Send RDP Negotiation Response (RDP_NEG_RSP).
nego |
If the server implementation did not explicitely set a encryption level we default to client compatible
Note: This hack was firstly introduced in commit 95f5e115 to disable the unnecessary encryption with peers connecting to 127.0.0.1 or local unix sockets. This also affects connections via port tunnels! (e.g. ssh -L)
|
static |
Send preconnection information if enabled.
nego |
BOOL nego_set_cookie | ( | rdpNego * | nego, |
const char * | cookie | ||
) |
Set cookie.
nego | |
cookie |
void nego_set_cookie_max_length | ( | rdpNego * | nego, |
UINT32 | CookieMaxLength | ||
) |
Set cookie maximum length
nego | |
CookieMaxLength |
void nego_set_gateway_bypass_local | ( | rdpNego * | nego, |
BOOL | GatewayBypassLocal | ||
) |
void nego_set_gateway_enabled | ( | rdpNego * | nego, |
BOOL | GatewayEnabled | ||
) |
void nego_set_negotiation_enabled | ( | rdpNego * | nego, |
BOOL | NegotiateSecurityLayer | ||
) |
Enable security layer negotiation.
nego | pointer to the negotiation structure |
enable_rdp | whether to enable security layer negotiation (TRUE for enabled, FALSE for disabled) |
void nego_set_preconnection_blob | ( | rdpNego * | nego, |
const char * | PreconnectionBlob | ||
) |
Set preconnection blob.
nego | |
blob |
void nego_set_preconnection_id | ( | rdpNego * | nego, |
UINT32 | PreconnectionId | ||
) |
Set preconnection id.
nego | |
id |
BOOL nego_set_requested_protocols | ( | rdpNego * | nego, |
UINT32 | RequestedProtocols | ||
) |
void nego_set_restricted_admin_mode_required | ( | rdpNego * | nego, |
BOOL | RestrictedAdminModeRequired | ||
) |
Enable restricted admin mode.
nego | pointer to the negotiation structure |
enable_restricted | whether to enable security layer negotiation (TRUE for enabled, FALSE for disabled) |
BOOL nego_set_routing_token | ( | rdpNego * | nego, |
const BYTE * | RoutingToken, | ||
DWORD | RoutingTokenLength | ||
) |
Set routing token.
nego | |
RoutingToken | |
RoutingTokenLength |
BOOL nego_set_selected_protocol | ( | rdpNego * | nego, |
UINT32 | SelectedProtocol | ||
) |
void nego_set_send_preconnection_pdu | ( | rdpNego * | nego, |
BOOL | SendPreconnectionPdu | ||
) |
Enable / disable preconnection PDU.
nego | |
send_pcpdu |
BOOL nego_set_state | ( | rdpNego * | nego, |
NEGO_STATE | state | ||
) |
BOOL nego_set_target | ( | rdpNego * | nego, |
const char * | hostname, | ||
UINT16 | port | ||
) |
Set target hostname and port.
nego | |
hostname | |
port |
|
static |
|
static |
Connect TCP layer.
nego |
|
static |
Connect TCP layer. For direct approach, connect security layer as well.
nego |
|
static |
Disconnect TCP layer.
nego |
|
static |