FreeRDP
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Modules Pages
nego.h
1
20#ifndef FREERDP_LIB_CORE_NEGO_H
21#define FREERDP_LIB_CORE_NEGO_H
22
23#include "transport.h"
24
25#include <freerdp/types.h>
26#include <freerdp/settings.h>
27#include <freerdp/log.h>
28#include <freerdp/api.h>
29
30#include <winpr/stream.h>
31
32/* Protocol Security Negotiation Protocols
33 * [MS-RDPBCGR] 2.2.1.1.1 RDP Negotiation Request (RDP_NEG_REQ)
34 */
35#define PROTOCOL_RDP 0x00000000
36#define PROTOCOL_SSL 0x00000001
37#define PROTOCOL_HYBRID 0x00000002
38#define PROTOCOL_RDSTLS 0x00000004
39#define PROTOCOL_HYBRID_EX 0x00000008
40#define PROTOCOL_RDSAAD 0x00000010
41
42#define PROTOCOL_FAILED_NEGO 0x80000000 /* only used internally, not on the wire */
43
44/* Protocol Security Negotiation Failure Codes */
45enum RDP_NEG_FAILURE_FAILURECODES
46{
47 SSL_REQUIRED_BY_SERVER = 0x00000001,
48 SSL_NOT_ALLOWED_BY_SERVER = 0x00000002,
49 SSL_CERT_NOT_ON_SERVER = 0x00000003,
50 INCONSISTENT_FLAGS = 0x00000004,
51 HYBRID_REQUIRED_BY_SERVER = 0x00000005,
52 SSL_WITH_USER_AUTH_REQUIRED_BY_SERVER = 0x00000006
53};
54
55typedef enum
56{
57 NEGO_STATE_INITIAL,
58 NEGO_STATE_RDSTLS, /* RDSTLS (TLS implicit) */
59 NEGO_STATE_AAD, /* Azure AD Authentication (TLS implicit) */
60 NEGO_STATE_EXT, /* Extended NLA (NLA + TLS implicit) */
61 NEGO_STATE_NLA, /* Network Level Authentication (TLS implicit) */
62 NEGO_STATE_TLS, /* TLS Encryption without NLA */
63 NEGO_STATE_RDP, /* Standard Legacy RDP Encryption */
64 NEGO_STATE_FAIL, /* Negotiation failure */
65 NEGO_STATE_FINAL
66} NEGO_STATE;
67
68/* RDP Negotiation Messages */
69enum RDP_NEG_MSG
70{
71 /* X224_TPDU_CONNECTION_REQUEST */
72 TYPE_RDP_NEG_REQ = 0x1,
73 /* X224_TPDU_CONNECTION_CONFIRM */
74 TYPE_RDP_NEG_RSP = 0x2,
75 TYPE_RDP_NEG_FAILURE = 0x3,
76 TYPE_RDP_CORRELATION_INFO = 0x6
77};
78
79typedef enum
80{
81 EXTENDED_CLIENT_DATA_SUPPORTED = 0x01,
82 DYNVC_GFX_PROTOCOL_SUPPORTED = 0x02,
83 RDP_NEGRSP_RESERVED = 0x04,
84 RESTRICTED_ADMIN_MODE_SUPPORTED = 0x08,
85 REDIRECTED_AUTHENTICATION_MODE_SUPPORTED = 0x10
86} RdpNegRespFlags;
87
88#define PRECONNECTION_PDU_V1_SIZE 16
89#define PRECONNECTION_PDU_V2_MIN_SIZE (PRECONNECTION_PDU_V1_SIZE + 2)
90
91#define PRECONNECTION_PDU_V1 1
92#define PRECONNECTION_PDU_V2 2
93
94#define RESTRICTED_ADMIN_MODE_REQUIRED 0x01
95#define REDIRECTED_AUTHENTICATION_MODE_REQUIRED 0x02
96#define CORRELATION_INFO_PRESENT 0x08
97
98typedef struct rdp_nego rdpNego;
99
100FREERDP_LOCAL BOOL nego_connect(rdpNego* nego);
101FREERDP_LOCAL BOOL nego_disconnect(rdpNego* nego);
102
103FREERDP_LOCAL int nego_recv(rdpTransport* transport, wStream* s, void* extra);
104FREERDP_LOCAL BOOL nego_read_request(rdpNego* nego, wStream* s);
105
106FREERDP_LOCAL BOOL nego_send_negotiation_request(rdpNego* nego);
107FREERDP_LOCAL BOOL nego_send_negotiation_response(rdpNego* nego);
108
109FREERDP_LOCAL void nego_free(rdpNego* nego);
110
111WINPR_ATTR_MALLOC(nego_free, 1)
112FREERDP_LOCAL rdpNego* nego_new(rdpTransport* transport);
113
114FREERDP_LOCAL void nego_init(rdpNego* nego);
115FREERDP_LOCAL BOOL nego_set_target(rdpNego* nego, const char* hostname, UINT16 port);
116FREERDP_LOCAL void nego_set_negotiation_enabled(rdpNego* nego, BOOL NegotiateSecurityLayer);
117FREERDP_LOCAL void nego_set_restricted_admin_mode_required(rdpNego* nego,
118 BOOL RestrictedAdminModeRequired);
119FREERDP_LOCAL void nego_set_RCG_required(rdpNego* nego, BOOL enabled);
120FREERDP_LOCAL void nego_set_RCG_supported(rdpNego* nego, BOOL enabled);
121FREERDP_LOCAL BOOL nego_get_remoteCredentialGuard(rdpNego* nego);
122FREERDP_LOCAL void nego_set_childsession_enabled(rdpNego* nego, BOOL ChildSessionEnabled);
123FREERDP_LOCAL void nego_set_gateway_enabled(rdpNego* nego, BOOL GatewayEnabled);
124FREERDP_LOCAL void nego_set_gateway_bypass_local(rdpNego* nego, BOOL GatewayBypassLocal);
125FREERDP_LOCAL void nego_enable_rdp(rdpNego* nego, BOOL enable_rdp);
126FREERDP_LOCAL void nego_enable_tls(rdpNego* nego, BOOL enable_tls);
127FREERDP_LOCAL void nego_enable_nla(rdpNego* nego, BOOL enable_nla);
128FREERDP_LOCAL void nego_enable_rdstls(rdpNego* nego, BOOL enable_rdstls);
129FREERDP_LOCAL void nego_enable_aad(rdpNego* nego, BOOL enable_aad);
130FREERDP_LOCAL void nego_enable_ext(rdpNego* nego, BOOL enable_ext);
131FREERDP_LOCAL const BYTE* nego_get_routing_token(rdpNego* nego, DWORD* RoutingTokenLength);
132FREERDP_LOCAL BOOL nego_set_routing_token(rdpNego* nego, const void* RoutingToken,
133 DWORD RoutingTokenLength);
134FREERDP_LOCAL BOOL nego_set_cookie(rdpNego* nego, const char* cookie);
135FREERDP_LOCAL void nego_set_cookie_max_length(rdpNego* nego, UINT32 CookieMaxLength);
136FREERDP_LOCAL void nego_set_send_preconnection_pdu(rdpNego* nego, BOOL SendPreconnectionPdu);
137FREERDP_LOCAL void nego_set_preconnection_id(rdpNego* nego, UINT32 PreconnectionId);
138FREERDP_LOCAL void nego_set_preconnection_blob(rdpNego* nego, const char* PreconnectionBlob);
139
140FREERDP_LOCAL UINT32 nego_get_selected_protocol(rdpNego* nego);
141FREERDP_LOCAL BOOL nego_set_selected_protocol(rdpNego* nego, UINT32 SelectedProtocol);
142
143FREERDP_LOCAL UINT32 nego_get_requested_protocols(rdpNego* nego);
144FREERDP_LOCAL BOOL nego_set_requested_protocols(rdpNego* nego, UINT32 RequestedProtocols);
145
146FREERDP_LOCAL BOOL nego_update_settings_from_state(rdpNego* nego, rdpSettings* settings);
147
148FREERDP_LOCAL BOOL nego_set_state(rdpNego* nego, NEGO_STATE state);
149FREERDP_LOCAL NEGO_STATE nego_get_state(rdpNego* nego);
150
151FREERDP_LOCAL SEC_WINNT_AUTH_IDENTITY* nego_get_identity(rdpNego* nego);
152
153FREERDP_LOCAL void nego_free_nla(rdpNego* nego);
154
155FREERDP_LOCAL const char* nego_protocol_to_str(UINT32 protocol, char* buffer, size_t size);
156
157#endif /* FREERDP_LIB_CORE_NEGO_H */