FreeRDP
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Modules Pages
transport.c
1
20#include <freerdp/config.h>
21
22#include "settings.h"
23
24#include <winpr/assert.h>
25
26#include <winpr/crt.h>
27#include <winpr/synch.h>
28#include <winpr/print.h>
29#include <winpr/stream.h>
30#include <winpr/winsock.h>
31#include <winpr/crypto.h>
32
33#include <freerdp/log.h>
34#include <freerdp/error.h>
35#include <freerdp/utils/ringbuffer.h>
36
37#include <openssl/bio.h>
38#include <time.h>
39#include <errno.h>
40#include <fcntl.h>
41
42#ifndef _WIN32
43#include <netdb.h>
44#include <sys/socket.h>
45#endif /* _WIN32 */
46
47#ifdef FREERDP_HAVE_VALGRIND_MEMCHECK_H
48#include <valgrind/memcheck.h>
49#endif
50
51#include "tpkt.h"
52#include "fastpath.h"
53#include "transport.h"
54#include "rdp.h"
55#include "proxy.h"
56#include "utils.h"
57#include "state.h"
58#include "childsession.h"
59
60#include "gateway/rdg.h"
61#include "gateway/wst.h"
62#include "gateway/arm.h"
63
64#define TAG FREERDP_TAG("core.transport")
65
66#define BUFFER_SIZE 16384
67
68struct rdp_transport
69{
70 TRANSPORT_LAYER layer;
71 BIO* frontBio;
72 rdpRdg* rdg;
73 rdpTsg* tsg;
74 rdpWst* wst;
75 rdpTls* tls;
76 rdpContext* context;
77 rdpNla* nla;
78 void* ReceiveExtra;
79 wStream* ReceiveBuffer;
80 TransportRecv ReceiveCallback;
81 wStreamPool* ReceivePool;
82 HANDLE connectedEvent;
83 BOOL NlaMode;
84 BOOL RdstlsMode;
85 BOOL AadMode;
86 BOOL blocking;
87 BOOL GatewayEnabled;
88 CRITICAL_SECTION ReadLock;
89 CRITICAL_SECTION WriteLock;
90 UINT64 written;
91 HANDLE rereadEvent;
92 BOOL haveMoreBytesToRead;
93 wLog* log;
94 rdpTransportIo io;
95 HANDLE ioEvent;
96 BOOL useIoEvent;
97 BOOL earlyUserAuth;
98};
99
100typedef struct
101{
102 rdpTransportLayer pub;
103 void* userContextShadowPtr;
104} rdpTransportLayerInt;
105
106static void transport_ssl_cb(const SSL* ssl, int where, int ret)
107{
108 if (where & SSL_CB_ALERT)
109 {
110 rdpTransport* transport = (rdpTransport*)SSL_get_app_data(ssl);
111 WINPR_ASSERT(transport);
112
113 switch (ret)
114 {
115 case (SSL3_AL_FATAL << 8) | SSL_AD_ACCESS_DENIED:
116 {
117 if (!freerdp_get_last_error(transport_get_context(transport)))
118 {
119 WLog_Print(transport->log, WLOG_ERROR, "ACCESS DENIED");
120 freerdp_set_last_error_log(transport_get_context(transport),
121 FREERDP_ERROR_AUTHENTICATION_FAILED);
122 }
123 }
124 break;
125
126 case (SSL3_AL_FATAL << 8) | SSL_AD_INTERNAL_ERROR:
127 {
128 if (transport->NlaMode)
129 {
130 if (!freerdp_get_last_error(transport_get_context(transport)))
131 {
132 UINT32 kret = 0;
133 if (transport->nla)
134 kret = nla_get_error(transport->nla);
135 if (kret == 0)
136 kret = FREERDP_ERROR_CONNECT_PASSWORD_CERTAINLY_EXPIRED;
137 freerdp_set_last_error_log(transport_get_context(transport), kret);
138 }
139 }
140
141 break;
142
143 case (SSL3_AL_WARNING << 8) | SSL3_AD_CLOSE_NOTIFY:
144 break;
145
146 default:
147 WLog_Print(transport->log, WLOG_WARN,
148 "Unhandled SSL error (where=%d, ret=%d [%s, %s])", where, ret,
149 SSL_alert_type_string_long(ret), SSL_alert_desc_string_long(ret));
150 break;
151 }
152 }
153 }
154}
155
156wStream* transport_send_stream_init(WINPR_ATTR_UNUSED rdpTransport* transport, size_t size)
157{
158 WINPR_ASSERT(transport);
159
160 return Stream_New(NULL, size);
161}
162
163BOOL transport_attach(rdpTransport* transport, int sockfd)
164{
165 if (!transport)
166 return FALSE;
167 return IFCALLRESULT(FALSE, transport->io.TransportAttach, transport, sockfd);
168}
169
170static BOOL transport_default_attach(rdpTransport* transport, int sockfd)
171{
172 BIO* socketBio = NULL;
173 BIO* bufferedBio = NULL;
174 const rdpSettings* settings = NULL;
175 rdpContext* context = transport_get_context(transport);
176
177 if (sockfd < 0)
178 {
179 WLog_WARN(TAG, "Running peer without socket (sockfd=%d)", sockfd);
180 return TRUE;
181 }
182
183 settings = context->settings;
184 WINPR_ASSERT(settings);
185
186 if (sockfd >= 0)
187 {
188 if (!freerdp_tcp_set_keep_alive_mode(settings, sockfd))
189 goto fail;
190
191 socketBio = BIO_new(BIO_s_simple_socket());
192
193 if (!socketBio)
194 goto fail;
195 }
196
197 bufferedBio = BIO_new(BIO_s_buffered_socket());
198 if (!bufferedBio)
199 goto fail;
200
201 if (socketBio)
202 {
203 bufferedBio = BIO_push(bufferedBio, socketBio);
204 if (!bufferedBio)
205 goto fail;
206
207 /* Attach the socket only when this function can no longer fail.
208 * This ensures solid ownership:
209 * - if this function fails, the caller is responsible to clean up
210 * - if this function is successful, the caller MUST NOT close the socket any more.
211 */
212 BIO_set_fd(socketBio, sockfd, BIO_CLOSE);
213 }
214 EnterCriticalSection(&(transport->ReadLock));
215 EnterCriticalSection(&(transport->WriteLock));
216 transport->frontBio = bufferedBio;
217 LeaveCriticalSection(&(transport->WriteLock));
218 LeaveCriticalSection(&(transport->ReadLock));
219
220 return TRUE;
221fail:
222
223 if (socketBio)
224 BIO_free_all(socketBio);
225 else
226 closesocket((SOCKET)sockfd);
227
228 return FALSE;
229}
230
231BOOL transport_connect_rdp(rdpTransport* transport)
232{
233 if (!transport)
234 return FALSE;
235
236 switch (utils_authenticate(transport_get_context(transport)->instance, AUTH_RDP, FALSE))
237 {
238 case AUTH_SKIP:
239 case AUTH_SUCCESS:
240 case AUTH_NO_CREDENTIALS:
241 return TRUE;
242 case AUTH_CANCELLED:
243 freerdp_set_last_error_if_not(transport_get_context(transport),
244 FREERDP_ERROR_CONNECT_CANCELLED);
245 return FALSE;
246 default:
247 return FALSE;
248 }
249}
250
251BOOL transport_connect_tls(rdpTransport* transport)
252{
253 const rdpSettings* settings = NULL;
254 rdpContext* context = transport_get_context(transport);
255
256 settings = context->settings;
257 WINPR_ASSERT(settings);
258
259 /* Only prompt for password if we use TLS (NLA also calls this function) */
260 if (settings->SelectedProtocol == PROTOCOL_SSL)
261 {
262 switch (utils_authenticate(context->instance, AUTH_TLS, FALSE))
263 {
264 case AUTH_SKIP:
265 case AUTH_SUCCESS:
266 case AUTH_NO_CREDENTIALS:
267 break;
268 case AUTH_CANCELLED:
269 freerdp_set_last_error_if_not(context, FREERDP_ERROR_CONNECT_CANCELLED);
270 return FALSE;
271 default:
272 return FALSE;
273 }
274 }
275
276 return IFCALLRESULT(FALSE, transport->io.TLSConnect, transport);
277}
278
279static BOOL transport_default_connect_tls(rdpTransport* transport)
280{
281 int tlsStatus = 0;
282 rdpTls* tls = NULL;
283 rdpContext* context = NULL;
284 rdpSettings* settings = NULL;
285
286 WINPR_ASSERT(transport);
287
288 context = transport_get_context(transport);
289 WINPR_ASSERT(context);
290
291 settings = context->settings;
292 WINPR_ASSERT(settings);
293
294 if (!(tls = freerdp_tls_new(context)))
295 return FALSE;
296
297 transport->tls = tls;
298
299 if (transport->GatewayEnabled)
300 transport->layer = TRANSPORT_LAYER_TSG_TLS;
301 else
302 transport->layer = TRANSPORT_LAYER_TLS;
303
304 tls->hostname = settings->ServerHostname;
305 tls->serverName = settings->UserSpecifiedServerName;
306 tls->port = WINPR_ASSERTING_INT_CAST(int32_t, MIN(UINT16_MAX, settings->ServerPort));
307
308 if (tls->port == 0)
309 tls->port = 3389;
310
311 tls->isGatewayTransport = FALSE;
312 tlsStatus = freerdp_tls_connect(tls, transport->frontBio);
313
314 if (tlsStatus < 1)
315 {
316 if (tlsStatus < 0)
317 {
318 freerdp_set_last_error_if_not(context, FREERDP_ERROR_TLS_CONNECT_FAILED);
319 }
320 else
321 {
322 freerdp_set_last_error_if_not(context, FREERDP_ERROR_CONNECT_CANCELLED);
323 }
324
325 return FALSE;
326 }
327
328 transport->frontBio = tls->bio;
329
330 /* See libfreerdp/crypto/tls.c transport_default_connect_tls
331 *
332 * we are wrapping a SSL object in the BIO and actually want to set
333 *
334 * SSL_set_info_callback there. So ensure our callback is of appropriate
335 * type for that instead of what the function prototype suggests.
336 */
337 typedef void (*ssl_cb_t)(const SSL* ssl, int type, int val);
338 ssl_cb_t fkt = transport_ssl_cb;
339
340 BIO_info_cb* bfkt = WINPR_FUNC_PTR_CAST(fkt, BIO_info_cb*);
341 BIO_callback_ctrl(tls->bio, BIO_CTRL_SET_CALLBACK, bfkt);
342 SSL_set_app_data(tls->ssl, transport);
343
344 if (!transport->frontBio)
345 {
346 WLog_Print(transport->log, WLOG_ERROR, "unable to prepend a filtering TLS bio");
347 return FALSE;
348 }
349
350 return TRUE;
351}
352
353BOOL transport_connect_nla(rdpTransport* transport, BOOL earlyUserAuth)
354{
355 rdpContext* context = NULL;
356 rdpSettings* settings = NULL;
357 rdpRdp* rdp = NULL;
358 if (!transport)
359 return FALSE;
360
361 context = transport_get_context(transport);
362 WINPR_ASSERT(context);
363
364 settings = context->settings;
365 WINPR_ASSERT(settings);
366
367 rdp = context->rdp;
368 WINPR_ASSERT(rdp);
369
370 if (!transport_connect_tls(transport))
371 return FALSE;
372
373 if (!settings->Authentication)
374 return TRUE;
375
376 nla_free(rdp->nla);
377 rdp->nla = nla_new(context, transport);
378
379 if (!rdp->nla)
380 return FALSE;
381
382 nla_set_early_user_auth(rdp->nla, earlyUserAuth);
383
384 transport_set_nla_mode(transport, TRUE);
385
386 if (settings->AuthenticationServiceClass)
387 {
388 if (!nla_set_service_principal(rdp->nla, settings->AuthenticationServiceClass,
389 freerdp_settings_get_server_name(settings)))
390 return FALSE;
391 }
392
393 if (nla_client_begin(rdp->nla) < 0)
394 {
395 WLog_Print(transport->log, WLOG_ERROR, "NLA begin failed");
396
397 freerdp_set_last_error_if_not(context, FREERDP_ERROR_AUTHENTICATION_FAILED);
398
399 transport_set_nla_mode(transport, FALSE);
400 return FALSE;
401 }
402
403 return rdp_client_transition_to_state(rdp, CONNECTION_STATE_NLA);
404}
405
406BOOL transport_connect_rdstls(rdpTransport* transport)
407{
408 BOOL rc = FALSE;
409 rdpRdstls* rdstls = NULL;
410 rdpContext* context = NULL;
411
412 WINPR_ASSERT(transport);
413
414 context = transport_get_context(transport);
415 WINPR_ASSERT(context);
416
417 if (!transport_connect_tls(transport))
418 goto fail;
419
420 rdstls = rdstls_new(context, transport);
421 if (!rdstls)
422 goto fail;
423
424 transport_set_rdstls_mode(transport, TRUE);
425
426 if (rdstls_authenticate(rdstls) < 0)
427 {
428 WLog_Print(transport->log, WLOG_ERROR, "RDSTLS authentication failed");
429 freerdp_set_last_error_if_not(context, FREERDP_ERROR_AUTHENTICATION_FAILED);
430 goto fail;
431 }
432
433 transport_set_rdstls_mode(transport, FALSE);
434 rc = TRUE;
435fail:
436 rdstls_free(rdstls);
437 return rc;
438}
439
440BOOL transport_connect_aad(rdpTransport* transport)
441{
442 rdpContext* context = NULL;
443 rdpSettings* settings = NULL;
444 rdpRdp* rdp = NULL;
445 if (!transport)
446 return FALSE;
447
448 context = transport_get_context(transport);
449 WINPR_ASSERT(context);
450
451 settings = context->settings;
452 WINPR_ASSERT(settings);
453
454 rdp = context->rdp;
455 WINPR_ASSERT(rdp);
456
457 if (!transport_connect_tls(transport))
458 return FALSE;
459
460 if (!settings->Authentication)
461 return TRUE;
462
463 if (!rdp->aad)
464 return FALSE;
465
466 transport_set_aad_mode(transport, TRUE);
467
468 if (aad_client_begin(rdp->aad) < 0)
469 {
470 WLog_Print(transport->log, WLOG_ERROR, "AAD begin failed");
471
472 freerdp_set_last_error_if_not(context, FREERDP_ERROR_AUTHENTICATION_FAILED);
473
474 transport_set_aad_mode(transport, FALSE);
475 return FALSE;
476 }
477
478 return rdp_client_transition_to_state(rdp, CONNECTION_STATE_AAD);
479}
480
481BOOL transport_connect(rdpTransport* transport, const char* hostname, UINT16 port, DWORD timeout)
482{
483 BOOL status = FALSE;
484 rdpSettings* settings = NULL;
485 rdpContext* context = transport_get_context(transport);
486 BOOL rpcFallback = 0;
487
488 WINPR_ASSERT(context);
489 WINPR_ASSERT(hostname);
490
491 settings = context->settings;
492 WINPR_ASSERT(settings);
493
494 rpcFallback = !settings->GatewayHttpTransport;
495
496 if (transport->GatewayEnabled)
497 {
498 if (settings->GatewayUrl)
499 {
500 WINPR_ASSERT(!transport->wst);
501 transport->wst = wst_new(context);
502
503 if (!transport->wst)
504 return FALSE;
505
506 status = wst_connect(transport->wst, timeout);
507
508 if (status)
509 {
510 transport->frontBio = wst_get_front_bio_and_take_ownership(transport->wst);
511 WINPR_ASSERT(transport->frontBio);
512 BIO_set_nonblock(transport->frontBio, 0);
513 transport->layer = TRANSPORT_LAYER_TSG;
514 status = TRUE;
515 }
516 else
517 {
518 wst_free(transport->wst);
519 transport->wst = NULL;
520 }
521 }
522 if (!status && settings->GatewayHttpTransport)
523 {
524 WINPR_ASSERT(!transport->rdg);
525 transport->rdg = rdg_new(context);
526
527 if (!transport->rdg)
528 return FALSE;
529
530 status = rdg_connect(transport->rdg, timeout, &rpcFallback);
531
532 if (status)
533 {
534 transport->frontBio = rdg_get_front_bio_and_take_ownership(transport->rdg);
535 WINPR_ASSERT(transport->frontBio);
536 BIO_set_nonblock(transport->frontBio, 0);
537 transport->layer = TRANSPORT_LAYER_TSG;
538 status = TRUE;
539 }
540 else
541 {
542 rdg_free(transport->rdg);
543 transport->rdg = NULL;
544 }
545 }
546
547 if (!status && settings->GatewayRpcTransport && rpcFallback)
548 {
549 WINPR_ASSERT(!transport->tsg);
550 transport->tsg = tsg_new(transport);
551
552 if (!transport->tsg)
553 return FALSE;
554
555 /* Reset error condition from RDG */
556 freerdp_set_last_error_log(context, FREERDP_ERROR_SUCCESS);
557 status = tsg_connect(transport->tsg, hostname, port, timeout);
558
559 if (status)
560 {
561 transport->frontBio = tsg_get_bio(transport->tsg);
562 transport->layer = TRANSPORT_LAYER_TSG;
563 status = TRUE;
564 }
565 else
566 {
567 tsg_free(transport->tsg);
568 transport->tsg = NULL;
569 }
570 }
571 }
572 else
573 {
574 UINT16 peerPort = 0;
575 const char* proxyHostname = NULL;
576 const char* proxyUsername = NULL;
577 const char* proxyPassword = NULL;
578 BOOL isProxyConnection =
579 proxy_prepare(settings, &proxyHostname, &peerPort, &proxyUsername, &proxyPassword);
580
581 rdpTransportLayer* layer = NULL;
582 if (isProxyConnection)
583 layer = transport_connect_layer(transport, proxyHostname, peerPort, timeout);
584 else
585 layer = transport_connect_layer(transport, hostname, port, timeout);
586
587 if (!layer)
588 return FALSE;
589
590 if (!transport_attach_layer(transport, layer))
591 {
592 transport_layer_free(layer);
593 return FALSE;
594 }
595
596 if (isProxyConnection)
597 {
598 if (!proxy_connect(context, transport->frontBio, proxyUsername, proxyPassword, hostname,
599 port))
600 return FALSE;
601 }
602
603 status = TRUE;
604 }
605
606 return status;
607}
608
609BOOL transport_connect_childsession(rdpTransport* transport)
610{
611 WINPR_ASSERT(transport);
612
613 transport->frontBio = createChildSessionBio();
614 if (!transport->frontBio)
615 return FALSE;
616
617 transport->layer = TRANSPORT_LAYER_TSG;
618 return TRUE;
619}
620
621BOOL transport_accept_rdp(rdpTransport* transport)
622{
623 if (!transport)
624 return FALSE;
625 /* RDP encryption */
626 return TRUE;
627}
628
629BOOL transport_accept_tls(rdpTransport* transport)
630{
631 if (!transport)
632 return FALSE;
633 return IFCALLRESULT(FALSE, transport->io.TLSAccept, transport);
634}
635
636static BOOL transport_default_accept_tls(rdpTransport* transport)
637{
638 rdpContext* context = transport_get_context(transport);
639 rdpSettings* settings = NULL;
640
641 WINPR_ASSERT(context);
642
643 settings = context->settings;
644 WINPR_ASSERT(settings);
645
646 if (!transport->tls)
647 transport->tls = freerdp_tls_new(context);
648
649 transport->layer = TRANSPORT_LAYER_TLS;
650
651 if (!freerdp_tls_accept(transport->tls, transport->frontBio, settings))
652 return FALSE;
653
654 transport->frontBio = transport->tls->bio;
655 return TRUE;
656}
657
658BOOL transport_accept_nla(rdpTransport* transport)
659{
660 rdpContext* context = transport_get_context(transport);
661 rdpSettings* settings = NULL;
662
663 WINPR_ASSERT(context);
664
665 settings = context->settings;
666 WINPR_ASSERT(settings);
667
668 if (!IFCALLRESULT(FALSE, transport->io.TLSAccept, transport))
669 return FALSE;
670
671 /* Network Level Authentication */
672
673 if (!settings->Authentication)
674 return TRUE;
675
676 if (!transport->nla)
677 {
678 transport->nla = nla_new(context, transport);
679 transport_set_nla_mode(transport, TRUE);
680 }
681
682 if (nla_authenticate(transport->nla) < 0)
683 {
684 WLog_Print(transport->log, WLOG_ERROR, "client authentication failure");
685 transport_set_nla_mode(transport, FALSE);
686 nla_free(transport->nla);
687 transport->nla = NULL;
688 freerdp_tls_set_alert_code(transport->tls, TLS_ALERT_LEVEL_FATAL,
689 TLS_ALERT_DESCRIPTION_ACCESS_DENIED);
690 freerdp_tls_send_alert(transport->tls);
691 return FALSE;
692 }
693
694 /* don't free nla module yet, we need to copy the credentials from it first */
695 transport_set_nla_mode(transport, FALSE);
696 return TRUE;
697}
698
699BOOL transport_accept_rdstls(rdpTransport* transport)
700{
701 BOOL rc = FALSE;
702 rdpRdstls* rdstls = NULL;
703 rdpContext* context = NULL;
704
705 WINPR_ASSERT(transport);
706
707 context = transport_get_context(transport);
708 WINPR_ASSERT(context);
709
710 if (!IFCALLRESULT(FALSE, transport->io.TLSAccept, transport))
711 goto fail;
712
713 rdstls = rdstls_new(context, transport);
714 if (!rdstls)
715 goto fail;
716
717 transport_set_rdstls_mode(transport, TRUE);
718
719 if (rdstls_authenticate(rdstls) < 0)
720 {
721 WLog_Print(transport->log, WLOG_ERROR, "client authentication failure");
722 freerdp_tls_set_alert_code(transport->tls, TLS_ALERT_LEVEL_FATAL,
723 TLS_ALERT_DESCRIPTION_ACCESS_DENIED);
724 freerdp_tls_send_alert(transport->tls);
725 goto fail;
726 }
727
728 transport_set_rdstls_mode(transport, FALSE);
729 rc = TRUE;
730fail:
731 rdstls_free(rdstls);
732 return rc;
733}
734
735#define WLog_ERR_BIO(transport, biofunc, bio) \
736 transport_bio_error_log(transport, biofunc, bio, __FILE__, __func__, __LINE__)
737
738static void transport_bio_error_log(rdpTransport* transport, LPCSTR biofunc,
739 WINPR_ATTR_UNUSED BIO* bio, LPCSTR file, LPCSTR func,
740 DWORD line)
741{
742 unsigned long sslerr = 0;
743 int saveerrno = 0;
744 DWORD level = 0;
745
746 WINPR_ASSERT(transport);
747
748 saveerrno = errno;
749 level = WLOG_ERROR;
750
751 if (level < WLog_GetLogLevel(transport->log))
752 return;
753
754 if (ERR_peek_error() == 0)
755 {
756 char ebuffer[256] = { 0 };
757 const char* fmt = "%s returned a system error %d: %s";
758 if (saveerrno == 0)
759 fmt = "%s retries exceeded";
760 WLog_PrintMessage(transport->log, WLOG_MESSAGE_TEXT, level, line, file, func, fmt, biofunc,
761 saveerrno, winpr_strerror(saveerrno, ebuffer, sizeof(ebuffer)));
762 return;
763 }
764
765 while ((sslerr = ERR_get_error()))
766 {
767 char buf[120] = { 0 };
768 const char* fmt = "%s returned an error: %s";
769
770 ERR_error_string_n(sslerr, buf, 120);
771 WLog_PrintMessage(transport->log, WLOG_MESSAGE_TEXT, level, line, file, func, fmt, biofunc,
772 buf);
773 }
774}
775
776static SSIZE_T transport_read_layer(rdpTransport* transport, BYTE* data, size_t bytes)
777{
778 SSIZE_T read = 0;
779 rdpRdp* rdp = NULL;
780 rdpContext* context = NULL;
781
782 WINPR_ASSERT(transport);
783
784 context = transport_get_context(transport);
785 WINPR_ASSERT(context);
786
787 rdp = context->rdp;
788 WINPR_ASSERT(rdp);
789
790 if (!transport->frontBio || (bytes > SSIZE_MAX))
791 {
792 transport->layer = TRANSPORT_LAYER_CLOSED;
793 freerdp_set_last_error_if_not(context, FREERDP_ERROR_CONNECT_TRANSPORT_FAILED);
794 return -1;
795 }
796
797 while (read < (SSIZE_T)bytes)
798 {
799 const SSIZE_T tr = (SSIZE_T)bytes - read;
800 int r = (int)((tr > INT_MAX) ? INT_MAX : tr);
801 ERR_clear_error();
802 int status = BIO_read(transport->frontBio, data + read, r);
803
804 if (freerdp_shall_disconnect_context(context))
805 return -1;
806
807 if (status <= 0)
808 {
809 if (!transport->frontBio || !BIO_should_retry(transport->frontBio))
810 {
811 /* something unexpected happened, let's close */
812 if (!transport->frontBio)
813 {
814 WLog_Print(transport->log, WLOG_ERROR, "BIO_read: transport->frontBio null");
815 return -1;
816 }
817
818 WLog_ERR_BIO(transport, "BIO_read", transport->frontBio);
819 transport->layer = TRANSPORT_LAYER_CLOSED;
820 freerdp_set_last_error_if_not(context, FREERDP_ERROR_CONNECT_TRANSPORT_FAILED);
821 return -1;
822 }
823
824 /* non blocking will survive a partial read */
825 if (!transport->blocking)
826 return read;
827
828 /* blocking means that we can't continue until we have read the number of requested
829 * bytes */
830 if (BIO_wait_read(transport->frontBio, 100) < 0)
831 {
832 WLog_ERR_BIO(transport, "BIO_wait_read", transport->frontBio);
833 return -1;
834 }
835
836 continue;
837 }
838
839#ifdef FREERDP_HAVE_VALGRIND_MEMCHECK_H
840 VALGRIND_MAKE_MEM_DEFINED(data + read, bytes - read);
841#endif
842 read += status;
843 rdp->inBytes += WINPR_ASSERTING_INT_CAST(uint64_t, status);
844 }
845
846 return read;
847}
848
863static SSIZE_T transport_read_layer_bytes(rdpTransport* transport, wStream* s, size_t toRead)
864{
865 SSIZE_T status = 0;
866 if (!transport)
867 return -1;
868
869 if (toRead > SSIZE_MAX)
870 return 0;
871
872 status = IFCALLRESULT(-1, transport->io.ReadBytes, transport, Stream_Pointer(s), toRead);
873
874 if (status <= 0)
875 return status;
876
877 Stream_Seek(s, (size_t)status);
878 return status == (SSIZE_T)toRead ? 1 : 0;
879}
880
893int transport_read_pdu(rdpTransport* transport, wStream* s)
894{
895 if (!transport)
896 return -1;
897 return IFCALLRESULT(-1, transport->io.ReadPdu, transport, s);
898}
899
900static SSIZE_T parse_nla_mode_pdu(rdpTransport* transport, wStream* stream)
901{
902 SSIZE_T pduLength = 0;
903 wStream sbuffer = { 0 };
904 wStream* s = Stream_StaticConstInit(&sbuffer, Stream_Buffer(stream), Stream_Length(stream));
905 /*
906 * In case NlaMode is set TSRequest package(s) are expected
907 * 0x30 = DER encoded data with these bits set:
908 * bit 6 P/C constructed
909 * bit 5 tag number - sequence
910 */
911 UINT8 typeEncoding = 0;
912 if (Stream_GetRemainingLength(s) < 1)
913 return 0;
914 Stream_Read_UINT8(s, typeEncoding);
915 if (typeEncoding == 0x30)
916 {
917 /* TSRequest (NLA) */
918 UINT8 lengthEncoding = 0;
919 if (Stream_GetRemainingLength(s) < 1)
920 return 0;
921 Stream_Read_UINT8(s, lengthEncoding);
922 if (lengthEncoding & 0x80)
923 {
924 if ((lengthEncoding & ~(0x80)) == 1)
925 {
926 UINT8 length = 0;
927 if (Stream_GetRemainingLength(s) < 1)
928 return 0;
929 Stream_Read_UINT8(s, length);
930 pduLength = length;
931 pduLength += 3;
932 }
933 else if ((lengthEncoding & ~(0x80)) == 2)
934 {
935 /* check for header bytes already read in previous calls */
936 UINT16 length = 0;
937 if (Stream_GetRemainingLength(s) < 2)
938 return 0;
939 Stream_Read_UINT16_BE(s, length);
940 pduLength = length;
941 pduLength += 4;
942 }
943 else
944 {
945 WLog_Print(transport->log, WLOG_ERROR, "Error reading TSRequest!");
946 return -1;
947 }
948 }
949 else
950 {
951 pduLength = lengthEncoding;
952 pduLength += 2;
953 }
954 }
955
956 return pduLength;
957}
958
959static SSIZE_T parse_default_mode_pdu(rdpTransport* transport, wStream* stream)
960{
961 SSIZE_T pduLength = 0;
962 wStream sbuffer = { 0 };
963 wStream* s = Stream_StaticConstInit(&sbuffer, Stream_Buffer(stream), Stream_Length(stream));
964
965 UINT8 version = 0;
966 if (Stream_GetRemainingLength(s) < 1)
967 return 0;
968 Stream_Read_UINT8(s, version);
969 if (version == 0x03)
970 {
971 /* TPKT header */
972 UINT16 length = 0;
973 if (Stream_GetRemainingLength(s) < 3)
974 return 0;
975 Stream_Seek(s, 1);
976 Stream_Read_UINT16_BE(s, length);
977 pduLength = length;
978
979 /* min and max values according to ITU-T Rec. T.123 (01/2007) section 8 */
980 if ((pduLength < 7) || (pduLength > 0xFFFF))
981 {
982 WLog_Print(transport->log, WLOG_ERROR, "tpkt - invalid pduLength: %" PRIdz, pduLength);
983 return -1;
984 }
985 }
986 else
987 {
988 /* Fast-Path Header */
989 UINT8 length1 = 0;
990 if (Stream_GetRemainingLength(s) < 1)
991 return 0;
992 Stream_Read_UINT8(s, length1);
993 if (length1 & 0x80)
994 {
995 UINT8 length2 = 0;
996 if (Stream_GetRemainingLength(s) < 1)
997 return 0;
998 Stream_Read_UINT8(s, length2);
999 pduLength = ((length1 & 0x7F) << 8) | length2;
1000 }
1001 else
1002 pduLength = length1;
1003
1004 /*
1005 * fast-path has 7 bits for length so the maximum size, including headers is 0x8000
1006 * The theoretical minimum fast-path PDU consists only of two header bytes plus one
1007 * byte for data (e.g. fast-path input synchronize pdu)
1008 */
1009 if (pduLength < 3 || pduLength > 0x8000)
1010 {
1011 WLog_Print(transport->log, WLOG_ERROR, "fast path - invalid pduLength: %" PRIdz,
1012 pduLength);
1013 return -1;
1014 }
1015 }
1016
1017 return pduLength;
1018}
1019
1020SSIZE_T transport_parse_pdu(rdpTransport* transport, wStream* s, BOOL* incomplete)
1021{
1022 SSIZE_T pduLength = 0;
1023
1024 if (!transport)
1025 return -1;
1026
1027 if (!s)
1028 return -1;
1029
1030 if (incomplete)
1031 *incomplete = TRUE;
1032
1033 Stream_SealLength(s);
1034 if (transport->NlaMode)
1035 pduLength = parse_nla_mode_pdu(transport, s);
1036 else if (transport->RdstlsMode)
1037 pduLength = rdstls_parse_pdu(transport->log, s);
1038 else
1039 pduLength = parse_default_mode_pdu(transport, s);
1040
1041 if (pduLength <= 0)
1042 return pduLength;
1043
1044 const size_t len = Stream_Length(s);
1045 if (len > WINPR_ASSERTING_INT_CAST(size_t, pduLength))
1046 return -1;
1047
1048 if (incomplete)
1049 *incomplete = len < WINPR_ASSERTING_INT_CAST(size_t, pduLength);
1050
1051 return pduLength;
1052}
1053
1054static int transport_default_read_pdu(rdpTransport* transport, wStream* s)
1055{
1056 BOOL incomplete = 0;
1057 SSIZE_T status = 0;
1058 size_t pduLength = 0;
1059 size_t position = 0;
1060
1061 WINPR_ASSERT(transport);
1062 WINPR_ASSERT(s);
1063
1064 /* RDS AAD Auth PDUs have no length indicator. We need to determine the end of the PDU by
1065 * reading in one byte at a time until we encounter the terminating null byte */
1066 if (transport->AadMode)
1067 {
1068 BYTE c = '\0';
1069 do
1070 {
1071 const SSIZE_T rc = transport_read_layer(transport, &c, 1);
1072 if (rc != 1)
1073 return (rc == 0) ? 0 : -1;
1074 if (!Stream_EnsureRemainingCapacity(s, 1))
1075 return -1;
1076 Stream_Write_UINT8(s, c);
1077 } while (c != '\0');
1078 }
1079 else if (transport->earlyUserAuth)
1080 {
1081 if (!Stream_EnsureCapacity(s, 4))
1082 return -1;
1083 const SSIZE_T rc = transport_read_layer_bytes(transport, s, 4);
1084 if (rc != 1)
1085 return (rc == 0) ? 0 : -1;
1086 }
1087 else
1088 {
1089 /* Read in pdu length */
1090 status = transport_parse_pdu(transport, s, &incomplete);
1091 while ((status == 0) && incomplete)
1092 {
1093 if (!Stream_EnsureRemainingCapacity(s, 1))
1094 return -1;
1095 SSIZE_T rc = transport_read_layer_bytes(transport, s, 1);
1096 if (rc > INT32_MAX)
1097 return INT32_MAX;
1098 if (rc != 1)
1099 return (int)rc;
1100 status = transport_parse_pdu(transport, s, &incomplete);
1101 }
1102
1103 if (status < 0)
1104 return -1;
1105
1106 pduLength = (size_t)status;
1107
1108 /* Read in rest of the PDU */
1109 if (!Stream_EnsureCapacity(s, pduLength))
1110 return -1;
1111
1112 position = Stream_GetPosition(s);
1113 if (position > pduLength)
1114 return -1;
1115 else if (position < pduLength)
1116 {
1117 status = transport_read_layer_bytes(transport, s, pduLength - position);
1118 if (status != 1)
1119 {
1120 if ((status < INT32_MIN) || (status > INT32_MAX))
1121 return -1;
1122 return (int)status;
1123 }
1124 }
1125
1126 if (Stream_GetPosition(s) >= pduLength)
1127 WLog_Packet(transport->log, WLOG_TRACE, Stream_Buffer(s), pduLength,
1128 WLOG_PACKET_INBOUND);
1129 }
1130
1131 Stream_SealLength(s);
1132 Stream_SetPosition(s, 0);
1133 const size_t len = Stream_Length(s);
1134 if (len > INT32_MAX)
1135 return -1;
1136 return (int)len;
1137}
1138
1139int transport_write(rdpTransport* transport, wStream* s)
1140{
1141 if (!transport)
1142 return -1;
1143
1144 return IFCALLRESULT(-1, transport->io.WritePdu, transport, s);
1145}
1146
1147static int transport_default_write(rdpTransport* transport, wStream* s)
1148{
1149 int status = -1;
1150 rdpContext* context = transport_get_context(transport);
1151
1152 WINPR_ASSERT(transport);
1153 WINPR_ASSERT(context);
1154
1155 if (!s)
1156 return -1;
1157
1158 Stream_AddRef(s);
1159
1160 rdpRdp* rdp = context->rdp;
1161 if (!rdp)
1162 goto fail;
1163
1164 EnterCriticalSection(&(transport->WriteLock));
1165 if (!transport->frontBio)
1166 goto out_cleanup;
1167
1168 size_t length = Stream_GetPosition(s);
1169 size_t writtenlength = length;
1170 Stream_SetPosition(s, 0);
1171
1172 if (length > 0)
1173 {
1174 rdp->outBytes += length;
1175 WLog_Packet(transport->log, WLOG_TRACE, Stream_Buffer(s), length, WLOG_PACKET_OUTBOUND);
1176 }
1177
1178 while (length > 0)
1179 {
1180 ERR_clear_error();
1181 const int towrite = (length > INT32_MAX) ? INT32_MAX : (int)length;
1182 status = BIO_write(transport->frontBio, Stream_ConstPointer(s), towrite);
1183
1184 if (status <= 0)
1185 {
1186 /* the buffered BIO that is at the end of the chain always says OK for writing,
1187 * so a retry means that for any reason we need to read. The most probable
1188 * is a SSL or TSG BIO in the chain.
1189 */
1190 if (!BIO_should_retry(transport->frontBio))
1191 {
1192 WLog_ERR_BIO(transport, "BIO_should_retry", transport->frontBio);
1193 goto out_cleanup;
1194 }
1195
1196 /* non-blocking can live with blocked IOs */
1197 if (!transport->blocking)
1198 {
1199 WLog_ERR_BIO(transport, "BIO_write", transport->frontBio);
1200 goto out_cleanup;
1201 }
1202
1203 if (BIO_wait_write(transport->frontBio, 100) < 0)
1204 {
1205 WLog_ERR_BIO(transport, "BIO_wait_write", transport->frontBio);
1206 status = -1;
1207 goto out_cleanup;
1208 }
1209
1210 continue;
1211 }
1212
1213 WINPR_ASSERT(context->settings);
1214 if (transport->blocking || context->settings->WaitForOutputBufferFlush)
1215 {
1216 while (BIO_write_blocked(transport->frontBio))
1217 {
1218 if (BIO_wait_write(transport->frontBio, 100) < 0)
1219 {
1220 WLog_Print(transport->log, WLOG_ERROR, "error when selecting for write");
1221 status = -1;
1222 goto out_cleanup;
1223 }
1224
1225 if (BIO_flush(transport->frontBio) < 1)
1226 {
1227 WLog_Print(transport->log, WLOG_ERROR, "error when flushing outputBuffer");
1228 status = -1;
1229 goto out_cleanup;
1230 }
1231 }
1232 }
1233
1234 const size_t ustatus = (size_t)status;
1235 if (ustatus > length)
1236 {
1237 status = -1;
1238 goto out_cleanup;
1239 }
1240
1241 length -= ustatus;
1242 Stream_Seek(s, ustatus);
1243 }
1244
1245 transport->written += writtenlength;
1246out_cleanup:
1247
1248 if (status < 0)
1249 {
1250 /* A write error indicates that the peer has dropped the connection */
1251 transport->layer = TRANSPORT_LAYER_CLOSED;
1252 freerdp_set_last_error_if_not(context, FREERDP_ERROR_CONNECT_TRANSPORT_FAILED);
1253 }
1254
1255 LeaveCriticalSection(&(transport->WriteLock));
1256fail:
1257 Stream_Release(s);
1258 return status;
1259}
1260
1261BOOL transport_get_public_key(rdpTransport* transport, const BYTE** data, DWORD* length)
1262{
1263 return IFCALLRESULT(FALSE, transport->io.GetPublicKey, transport, data, length);
1264}
1265
1266static BOOL transport_default_get_public_key(rdpTransport* transport, const BYTE** data,
1267 DWORD* length)
1268{
1269 rdpTls* tls = transport_get_tls(transport);
1270 if (!tls)
1271 return FALSE;
1272
1273 *data = tls->PublicKey;
1274 *length = tls->PublicKeyLength;
1275
1276 return TRUE;
1277}
1278
1279DWORD transport_get_event_handles(rdpTransport* transport, HANDLE* events, DWORD count)
1280{
1281 DWORD nCount = 0; /* always the reread Event */
1282
1283 WINPR_ASSERT(transport);
1284 WINPR_ASSERT(events);
1285 WINPR_ASSERT(count > 0);
1286
1287 if (events)
1288 {
1289 if (count < 1)
1290 {
1291 WLog_Print(transport->log, WLOG_ERROR, "provided handles array is too small");
1292 return 0;
1293 }
1294
1295 events[nCount++] = transport->rereadEvent;
1296
1297 if (transport->useIoEvent)
1298 {
1299 if (count < 2)
1300 return 0;
1301 events[nCount++] = transport->ioEvent;
1302 }
1303 }
1304
1305 if (!transport->GatewayEnabled)
1306 {
1307 if (events)
1308 {
1309 if (nCount >= count)
1310 {
1311 WLog_Print(transport->log, WLOG_ERROR,
1312 "provided handles array is too small (count=%" PRIu32 " nCount=%" PRIu32
1313 ")",
1314 count, nCount);
1315 return 0;
1316 }
1317
1318 if (transport->frontBio)
1319 {
1320 if (BIO_get_event(transport->frontBio, &events[nCount]) != 1)
1321 {
1322 WLog_Print(transport->log, WLOG_ERROR, "error getting the frontBio handle");
1323 return 0;
1324 }
1325 nCount++;
1326 }
1327 }
1328 }
1329 else
1330 {
1331 if (transport->rdg)
1332 {
1333 const DWORD tmp =
1334 rdg_get_event_handles(transport->rdg, &events[nCount], count - nCount);
1335
1336 if (tmp == 0)
1337 return 0;
1338
1339 nCount += tmp;
1340 }
1341 else if (transport->tsg)
1342 {
1343 const DWORD tmp =
1344 tsg_get_event_handles(transport->tsg, &events[nCount], count - nCount);
1345
1346 if (tmp == 0)
1347 return 0;
1348
1349 nCount += tmp;
1350 }
1351 else if (transport->wst)
1352 {
1353 const DWORD tmp =
1354 wst_get_event_handles(transport->wst, &events[nCount], count - nCount);
1355
1356 if (tmp == 0)
1357 return 0;
1358
1359 nCount += tmp;
1360 }
1361 }
1362
1363 return nCount;
1364}
1365
1366#if defined(WITH_FREERDP_DEPRECATED)
1367void transport_get_fds(rdpTransport* transport, void** rfds, int* rcount)
1368{
1369 DWORD nCount = 0;
1370 HANDLE events[MAXIMUM_WAIT_OBJECTS] = { 0 };
1371
1372 WINPR_ASSERT(transport);
1373 WINPR_ASSERT(rfds);
1374 WINPR_ASSERT(rcount);
1375
1376 nCount = transport_get_event_handles(transport, events, ARRAYSIZE(events));
1377 *rcount = nCount + 1;
1378
1379 for (DWORD index = 0; index < nCount; index++)
1380 {
1381 rfds[index] = GetEventWaitObject(events[index]);
1382 }
1383
1384 rfds[nCount] = GetEventWaitObject(transport->rereadEvent);
1385}
1386#endif
1387
1388BOOL transport_is_write_blocked(rdpTransport* transport)
1389{
1390 WINPR_ASSERT(transport);
1391 WINPR_ASSERT(transport->frontBio);
1392 return BIO_write_blocked(transport->frontBio) != 0;
1393}
1394
1395int transport_drain_output_buffer(rdpTransport* transport)
1396{
1397 BOOL status = FALSE;
1398
1399 WINPR_ASSERT(transport);
1400 WINPR_ASSERT(transport->frontBio);
1401 if (BIO_write_blocked(transport->frontBio))
1402 {
1403 if (BIO_flush(transport->frontBio) < 1)
1404 return -1;
1405
1406 const long rc = BIO_write_blocked(transport->frontBio);
1407 status = (rc != 0);
1408 }
1409
1410 return status;
1411}
1412
1413int transport_check_fds(rdpTransport* transport)
1414{
1415 int status = 0;
1416 state_run_t recv_status = STATE_RUN_FAILED;
1417 wStream* received = NULL;
1418 rdpContext* context = transport_get_context(transport);
1419
1420 WINPR_ASSERT(context);
1421
1422 if (transport->layer == TRANSPORT_LAYER_CLOSED)
1423 {
1424 WLog_Print(transport->log, WLOG_DEBUG, "transport_check_fds: transport layer closed");
1425 freerdp_set_last_error_if_not(context, FREERDP_ERROR_CONNECT_TRANSPORT_FAILED);
1426 return -1;
1427 }
1428
1438 if ((status = transport_read_pdu(transport, transport->ReceiveBuffer)) <= 0)
1439 {
1440 if (status < 0)
1441 WLog_Print(transport->log, WLOG_DEBUG, "transport_check_fds: transport_read_pdu() - %i",
1442 status);
1443 if (transport->haveMoreBytesToRead)
1444 {
1445 transport->haveMoreBytesToRead = FALSE;
1446 (void)ResetEvent(transport->rereadEvent);
1447 }
1448 return status;
1449 }
1450
1451 received = transport->ReceiveBuffer;
1452 transport->ReceiveBuffer = StreamPool_Take(transport->ReceivePool, 0);
1453 if (!transport->ReceiveBuffer)
1454 {
1455 Stream_Release(received);
1456 return -1;
1457 }
1458
1465 WINPR_ASSERT(transport->ReceiveCallback);
1466 recv_status = transport->ReceiveCallback(transport, received, transport->ReceiveExtra);
1467 Stream_Release(received);
1468
1469 if (state_run_failed(recv_status))
1470 {
1471 char buffer[64] = { 0 };
1472 WLog_Print(transport->log, WLOG_ERROR,
1473 "transport_check_fds: transport->ReceiveCallback() - %s",
1474 state_run_result_string(recv_status, buffer, ARRAYSIZE(buffer)));
1475 return -1;
1476 }
1477
1478 /* Run this again to be sure we consumed all input data.
1479 * This will be repeated until a (not fully) received packet is in buffer
1480 */
1481 if (!transport->haveMoreBytesToRead)
1482 {
1483 transport->haveMoreBytesToRead = TRUE;
1484 (void)SetEvent(transport->rereadEvent);
1485 }
1486 return recv_status;
1487}
1488
1489BOOL transport_set_blocking_mode(rdpTransport* transport, BOOL blocking)
1490{
1491 WINPR_ASSERT(transport);
1492
1493 return IFCALLRESULT(FALSE, transport->io.SetBlockingMode, transport, blocking);
1494}
1495
1496static BOOL transport_default_set_blocking_mode(rdpTransport* transport, BOOL blocking)
1497{
1498 WINPR_ASSERT(transport);
1499
1500 transport->blocking = blocking;
1501
1502 if (transport->frontBio)
1503 {
1504 if (!BIO_set_nonblock(transport->frontBio, blocking ? FALSE : TRUE))
1505 return FALSE;
1506 }
1507
1508 return TRUE;
1509}
1510
1511rdpTransportLayer* transport_connect_layer(rdpTransport* transport, const char* hostname, int port,
1512 DWORD timeout)
1513{
1514 WINPR_ASSERT(transport);
1515
1516 return IFCALLRESULT(NULL, transport->io.ConnectLayer, transport, hostname, port, timeout);
1517}
1518
1519static rdpTransportLayer* transport_default_connect_layer(rdpTransport* transport,
1520 const char* hostname, int port,
1521 DWORD timeout)
1522{
1523 rdpContext* context = transport_get_context(transport);
1524 WINPR_ASSERT(context);
1525
1526 return freerdp_tcp_connect_layer(context, hostname, port, timeout);
1527}
1528
1529BOOL transport_attach_layer(rdpTransport* transport, rdpTransportLayer* layer)
1530{
1531 WINPR_ASSERT(transport);
1532 WINPR_ASSERT(layer);
1533
1534 return IFCALLRESULT(FALSE, transport->io.AttachLayer, transport, layer);
1535}
1536
1537static BOOL transport_default_attach_layer(rdpTransport* transport, rdpTransportLayer* layer)
1538{
1539 BIO* layerBio = BIO_new(BIO_s_transport_layer());
1540 if (!layerBio)
1541 goto fail;
1542
1543 BIO* bufferedBio = BIO_new(BIO_s_buffered_socket());
1544 if (!bufferedBio)
1545 goto fail;
1546
1547 bufferedBio = BIO_push(bufferedBio, layerBio);
1548 if (!bufferedBio)
1549 goto fail;
1550
1551 /* BIO takes over the layer reference at this point. */
1552 BIO_set_data(layerBio, layer);
1553
1554 transport->frontBio = bufferedBio;
1555
1556 return TRUE;
1557
1558fail:
1559 if (layerBio)
1560 BIO_free_all(layerBio);
1561
1562 return FALSE;
1563}
1564
1565void transport_set_gateway_enabled(rdpTransport* transport, BOOL GatewayEnabled)
1566{
1567 WINPR_ASSERT(transport);
1568 transport->GatewayEnabled = GatewayEnabled;
1569}
1570
1571void transport_set_nla_mode(rdpTransport* transport, BOOL NlaMode)
1572{
1573 WINPR_ASSERT(transport);
1574 transport->NlaMode = NlaMode;
1575}
1576
1577void transport_set_rdstls_mode(rdpTransport* transport, BOOL RdstlsMode)
1578{
1579 WINPR_ASSERT(transport);
1580 transport->RdstlsMode = RdstlsMode;
1581}
1582
1583void transport_set_aad_mode(rdpTransport* transport, BOOL AadMode)
1584{
1585 WINPR_ASSERT(transport);
1586 transport->AadMode = AadMode;
1587}
1588
1589BOOL transport_disconnect(rdpTransport* transport)
1590{
1591 if (!transport)
1592 return FALSE;
1593 return IFCALLRESULT(FALSE, transport->io.TransportDisconnect, transport);
1594}
1595
1596static BOOL transport_default_disconnect(rdpTransport* transport)
1597{
1598 BOOL status = TRUE;
1599
1600 if (!transport)
1601 return FALSE;
1602
1603 EnterCriticalSection(&(transport->ReadLock));
1604 EnterCriticalSection(&(transport->WriteLock));
1605 if (transport->tls)
1606 {
1607 freerdp_tls_free(transport->tls);
1608 transport->tls = NULL;
1609 }
1610 else
1611 {
1612 if (transport->frontBio)
1613 BIO_free_all(transport->frontBio);
1614 }
1615
1616 if (transport->tsg)
1617 {
1618 tsg_free(transport->tsg);
1619 transport->tsg = NULL;
1620 }
1621
1622 if (transport->rdg)
1623 {
1624 rdg_free(transport->rdg);
1625 transport->rdg = NULL;
1626 }
1627
1628 if (transport->wst)
1629 {
1630 wst_free(transport->wst);
1631 transport->wst = NULL;
1632 }
1633
1634 transport->frontBio = NULL;
1635 transport->layer = TRANSPORT_LAYER_TCP;
1636 transport->earlyUserAuth = FALSE;
1637 LeaveCriticalSection(&(transport->WriteLock));
1638 LeaveCriticalSection(&(transport->ReadLock));
1639 return status;
1640}
1641
1642rdpTransport* transport_new(rdpContext* context)
1643{
1644 rdpTransport* transport = (rdpTransport*)calloc(1, sizeof(rdpTransport));
1645
1646 WINPR_ASSERT(context);
1647 if (!transport)
1648 return NULL;
1649
1650 transport->log = WLog_Get(TAG);
1651
1652 if (!transport->log)
1653 goto fail;
1654
1655 transport->context = context;
1656 transport->ReceivePool = StreamPool_New(TRUE, BUFFER_SIZE);
1657
1658 if (!transport->ReceivePool)
1659 goto fail;
1660
1661 /* receive buffer for non-blocking read. */
1662 transport->ReceiveBuffer = StreamPool_Take(transport->ReceivePool, 0);
1663
1664 if (!transport->ReceiveBuffer)
1665 goto fail;
1666
1667 transport->connectedEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
1668
1669 if (!transport->connectedEvent || transport->connectedEvent == INVALID_HANDLE_VALUE)
1670 goto fail;
1671
1672 transport->rereadEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
1673
1674 if (!transport->rereadEvent || transport->rereadEvent == INVALID_HANDLE_VALUE)
1675 goto fail;
1676
1677 transport->ioEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
1678
1679 if (!transport->ioEvent || transport->ioEvent == INVALID_HANDLE_VALUE)
1680 goto fail;
1681
1682 transport->haveMoreBytesToRead = FALSE;
1683 transport->blocking = TRUE;
1684 transport->GatewayEnabled = FALSE;
1685 transport->layer = TRANSPORT_LAYER_TCP;
1686
1687 if (!InitializeCriticalSectionAndSpinCount(&(transport->ReadLock), 4000))
1688 goto fail;
1689
1690 if (!InitializeCriticalSectionAndSpinCount(&(transport->WriteLock), 4000))
1691 goto fail;
1692
1693 // transport->io.DataHandler = transport_data_handler;
1694 transport->io.TCPConnect = freerdp_tcp_default_connect;
1695 transport->io.TLSConnect = transport_default_connect_tls;
1696 transport->io.TLSAccept = transport_default_accept_tls;
1697 transport->io.TransportAttach = transport_default_attach;
1698 transport->io.TransportDisconnect = transport_default_disconnect;
1699 transport->io.ReadPdu = transport_default_read_pdu;
1700 transport->io.WritePdu = transport_default_write;
1701 transport->io.ReadBytes = transport_read_layer;
1702 transport->io.GetPublicKey = transport_default_get_public_key;
1703 transport->io.SetBlockingMode = transport_default_set_blocking_mode;
1704 transport->io.ConnectLayer = transport_default_connect_layer;
1705 transport->io.AttachLayer = transport_default_attach_layer;
1706
1707 return transport;
1708fail:
1709 WINPR_PRAGMA_DIAG_PUSH
1710 WINPR_PRAGMA_DIAG_IGNORED_MISMATCHED_DEALLOC
1711 transport_free(transport);
1712 WINPR_PRAGMA_DIAG_POP
1713 return NULL;
1714}
1715
1716void transport_free(rdpTransport* transport)
1717{
1718 if (!transport)
1719 return;
1720
1721 transport_disconnect(transport);
1722
1723 EnterCriticalSection(&(transport->ReadLock));
1724 if (transport->ReceiveBuffer)
1725 Stream_Release(transport->ReceiveBuffer);
1726 LeaveCriticalSection(&(transport->ReadLock));
1727
1728 (void)StreamPool_WaitForReturn(transport->ReceivePool, INFINITE);
1729
1730 EnterCriticalSection(&(transport->ReadLock));
1731 EnterCriticalSection(&(transport->WriteLock));
1732
1733 nla_free(transport->nla);
1734 StreamPool_Free(transport->ReceivePool);
1735 (void)CloseHandle(transport->connectedEvent);
1736 (void)CloseHandle(transport->rereadEvent);
1737 (void)CloseHandle(transport->ioEvent);
1738
1739 LeaveCriticalSection(&(transport->ReadLock));
1740 DeleteCriticalSection(&(transport->ReadLock));
1741
1742 LeaveCriticalSection(&(transport->WriteLock));
1743 DeleteCriticalSection(&(transport->WriteLock));
1744 free(transport);
1745}
1746
1747BOOL transport_set_io_callbacks(rdpTransport* transport, const rdpTransportIo* io_callbacks)
1748{
1749 if (!transport || !io_callbacks)
1750 return FALSE;
1751
1752 transport->io = *io_callbacks;
1753 return TRUE;
1754}
1755
1756const rdpTransportIo* transport_get_io_callbacks(rdpTransport* transport)
1757{
1758 if (!transport)
1759 return NULL;
1760 return &transport->io;
1761}
1762
1763rdpContext* transport_get_context(rdpTransport* transport)
1764{
1765 WINPR_ASSERT(transport);
1766 return transport->context;
1767}
1768
1769rdpTransport* freerdp_get_transport(rdpContext* context)
1770{
1771 WINPR_ASSERT(context);
1772 WINPR_ASSERT(context->rdp);
1773 return context->rdp->transport;
1774}
1775
1776BOOL transport_set_nla(rdpTransport* transport, rdpNla* nla)
1777{
1778 WINPR_ASSERT(transport);
1779 nla_free(transport->nla);
1780 transport->nla = nla;
1781 return TRUE;
1782}
1783
1784rdpNla* transport_get_nla(rdpTransport* transport)
1785{
1786 WINPR_ASSERT(transport);
1787 return transport->nla;
1788}
1789
1790BOOL transport_set_tls(rdpTransport* transport, rdpTls* tls)
1791{
1792 WINPR_ASSERT(transport);
1793 freerdp_tls_free(transport->tls);
1794 transport->tls = tls;
1795 return TRUE;
1796}
1797
1798rdpTls* transport_get_tls(rdpTransport* transport)
1799{
1800 WINPR_ASSERT(transport);
1801 return transport->tls;
1802}
1803
1804BOOL transport_set_tsg(rdpTransport* transport, rdpTsg* tsg)
1805{
1806 WINPR_ASSERT(transport);
1807 tsg_free(transport->tsg);
1808 transport->tsg = tsg;
1809 return TRUE;
1810}
1811
1812rdpTsg* transport_get_tsg(rdpTransport* transport)
1813{
1814 WINPR_ASSERT(transport);
1815 return transport->tsg;
1816}
1817
1818wStream* transport_take_from_pool(rdpTransport* transport, size_t size)
1819{
1820 WINPR_ASSERT(transport);
1821 if (!transport->frontBio)
1822 return NULL;
1823 return StreamPool_Take(transport->ReceivePool, size);
1824}
1825
1826UINT64 transport_get_bytes_sent(rdpTransport* transport, BOOL resetCount)
1827{
1828 UINT64 rc = 0;
1829 WINPR_ASSERT(transport);
1830 rc = transport->written;
1831 if (resetCount)
1832 transport->written = 0;
1833 return rc;
1834}
1835
1836TRANSPORT_LAYER transport_get_layer(rdpTransport* transport)
1837{
1838 WINPR_ASSERT(transport);
1839 return transport->layer;
1840}
1841
1842BOOL transport_set_layer(rdpTransport* transport, TRANSPORT_LAYER layer)
1843{
1844 WINPR_ASSERT(transport);
1845 transport->layer = layer;
1846 return TRUE;
1847}
1848
1849BOOL transport_set_connected_event(rdpTransport* transport)
1850{
1851 WINPR_ASSERT(transport);
1852 return SetEvent(transport->connectedEvent);
1853}
1854
1855BOOL transport_set_recv_callbacks(rdpTransport* transport, TransportRecv recv, void* extra)
1856{
1857 WINPR_ASSERT(transport);
1858 transport->ReceiveCallback = recv;
1859 transport->ReceiveExtra = extra;
1860 return TRUE;
1861}
1862
1863BOOL transport_get_blocking(rdpTransport* transport)
1864{
1865 WINPR_ASSERT(transport);
1866 return transport->blocking;
1867}
1868
1869BOOL transport_set_blocking(rdpTransport* transport, BOOL blocking)
1870{
1871 WINPR_ASSERT(transport);
1872 transport->blocking = blocking;
1873 return TRUE;
1874}
1875
1876BOOL transport_have_more_bytes_to_read(rdpTransport* transport)
1877{
1878 WINPR_ASSERT(transport);
1879 return transport->haveMoreBytesToRead;
1880}
1881
1882int transport_tcp_connect(rdpTransport* transport, const char* hostname, int port, DWORD timeout)
1883{
1884 rdpContext* context = transport_get_context(transport);
1885 WINPR_ASSERT(context);
1886 WINPR_ASSERT(context->settings);
1887 return IFCALLRESULT(-1, transport->io.TCPConnect, context, context->settings, hostname, port,
1888 timeout);
1889}
1890
1891HANDLE transport_get_front_bio(rdpTransport* transport)
1892{
1893 HANDLE hEvent = NULL;
1894 WINPR_ASSERT(transport);
1895 WINPR_ASSERT(transport->frontBio);
1896
1897 BIO_get_event(transport->frontBio, &hEvent);
1898 return hEvent;
1899}
1900
1901BOOL transport_io_callback_set_event(rdpTransport* transport, BOOL set)
1902{
1903 WINPR_ASSERT(transport);
1904 transport->useIoEvent = TRUE;
1905 if (!set)
1906 return ResetEvent(transport->ioEvent);
1907 return SetEvent(transport->ioEvent);
1908}
1909
1910void transport_set_early_user_auth_mode(rdpTransport* transport, BOOL EUAMode)
1911{
1912 WINPR_ASSERT(transport);
1913 transport->earlyUserAuth = EUAMode;
1914 WLog_Print(transport->log, WLOG_DEBUG, "Early User Auth Mode: %s", EUAMode ? "on" : "off");
1915}
1916
1917rdpTransportLayer* transport_layer_new(WINPR_ATTR_UNUSED rdpTransport* transport,
1918 size_t contextSize)
1919{
1920 rdpTransportLayerInt* layer = (rdpTransportLayerInt*)calloc(1, sizeof(rdpTransportLayerInt));
1921 if (!layer)
1922 return NULL;
1923
1924 if (contextSize)
1925 {
1926 layer->userContextShadowPtr = calloc(1, contextSize);
1927 if (!layer->userContextShadowPtr)
1928 {
1929 free(layer);
1930 return NULL;
1931 }
1932 }
1933 layer->pub.userContext = layer->userContextShadowPtr;
1934
1935 return &layer->pub;
1936}
1937
1938void transport_layer_free(rdpTransportLayer* layer)
1939{
1940 rdpTransportLayerInt* intern = (rdpTransportLayerInt*)layer;
1941 if (!layer)
1942 return;
1943
1944 IFCALL(intern->pub.Close, intern->pub.userContext);
1945 free(intern->userContextShadowPtr);
1946 free(intern);
1947}
1948
1949static int transport_layer_bio_write(BIO* bio, const char* buf, int size)
1950{
1951 if (!buf || !size)
1952 return 0;
1953 if (size < 0)
1954 return -1;
1955
1956 WINPR_ASSERT(bio);
1957
1958 rdpTransportLayer* layer = (rdpTransportLayer*)BIO_get_data(bio);
1959 if (!layer)
1960 return -1;
1961
1962 BIO_clear_flags(bio, BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY);
1963
1964 int status = IFCALLRESULT(-1, layer->Write, layer->userContext, buf, size);
1965
1966 if (status >= 0 && status < size)
1967 BIO_set_flags(bio, (BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY));
1968
1969 return status;
1970}
1971
1972static int transport_layer_bio_read(BIO* bio, char* buf, int size)
1973{
1974 if (!buf || !size)
1975 return 0;
1976 if (size < 0)
1977 return -1;
1978
1979 WINPR_ASSERT(bio);
1980
1981 rdpTransportLayer* layer = (rdpTransportLayer*)BIO_get_data(bio);
1982 if (!layer)
1983 return -1;
1984
1985 BIO_clear_flags(bio, BIO_FLAGS_READ | BIO_FLAGS_SHOULD_RETRY);
1986
1987 int status = IFCALLRESULT(-1, layer->Read, layer->userContext, buf, size);
1988
1989 if (status == 0)
1990 BIO_set_flags(bio, (BIO_FLAGS_READ | BIO_FLAGS_SHOULD_RETRY));
1991
1992 return status;
1993}
1994
1995static int transport_layer_bio_puts(WINPR_ATTR_UNUSED BIO* bio, WINPR_ATTR_UNUSED const char* str)
1996{
1997 return 1;
1998}
1999
2000static int transport_layer_bio_gets(WINPR_ATTR_UNUSED BIO* bio, WINPR_ATTR_UNUSED char* str,
2001 WINPR_ATTR_UNUSED int size)
2002{
2003 return 1;
2004}
2005
2006static long transport_layer_bio_ctrl(BIO* bio, int cmd, long arg1, void* arg2)
2007{
2008 WINPR_ASSERT(bio);
2009
2010 rdpTransportLayer* layer = (rdpTransportLayer*)BIO_get_data(bio);
2011 if (!layer)
2012 return -1;
2013
2014 int status = -1;
2015 switch (cmd)
2016 {
2017 case BIO_C_GET_EVENT:
2018 *((HANDLE*)arg2) = IFCALLRESULT(NULL, layer->GetEvent, layer->userContext);
2019 status = 1;
2020 break;
2021
2022 case BIO_C_SET_NONBLOCK:
2023 status = 1;
2024 break;
2025
2026 case BIO_C_WAIT_READ:
2027 {
2028 int timeout = (int)arg1;
2029 BOOL r = IFCALLRESULT(FALSE, layer->Wait, layer->userContext, FALSE,
2030 WINPR_ASSERTING_INT_CAST(uint32_t, timeout));
2031 /* Convert timeout to error return */
2032 if (!r)
2033 {
2034 errno = ETIMEDOUT;
2035 status = 0;
2036 }
2037 else
2038 status = 1;
2039 break;
2040 }
2041
2042 case BIO_C_WAIT_WRITE:
2043 {
2044 int timeout = (int)arg1;
2045 BOOL r = IFCALLRESULT(FALSE, layer->Wait, layer->userContext, TRUE,
2046 WINPR_ASSERTING_INT_CAST(uint32_t, timeout));
2047 /* Convert timeout to error return */
2048 if (!r)
2049 {
2050 errno = ETIMEDOUT;
2051 status = 0;
2052 }
2053 else
2054 status = 1;
2055 break;
2056 }
2057
2058 case BIO_CTRL_GET_CLOSE:
2059 status = BIO_get_shutdown(bio);
2060 break;
2061
2062 case BIO_CTRL_SET_CLOSE:
2063 BIO_set_shutdown(bio, (int)arg1);
2064 status = 1;
2065 break;
2066
2067 case BIO_CTRL_FLUSH:
2068 case BIO_CTRL_DUP:
2069 status = 1;
2070 break;
2071
2072 default:
2073 status = 0;
2074 break;
2075 }
2076
2077 return status;
2078}
2079
2080static int transport_layer_bio_new(BIO* bio)
2081{
2082 WINPR_ASSERT(bio);
2083
2084 BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY);
2085 BIO_set_init(bio, 1);
2086 return 1;
2087}
2088
2089static int transport_layer_bio_free(BIO* bio)
2090{
2091 if (!bio)
2092 return 0;
2093
2094 rdpTransportLayer* layer = (rdpTransportLayer*)BIO_get_data(bio);
2095 if (layer)
2096 transport_layer_free(layer);
2097
2098 BIO_set_data(bio, NULL);
2099 BIO_set_init(bio, 0);
2100 BIO_set_flags(bio, 0);
2101
2102 return 1;
2103}
2104
2105BIO_METHOD* BIO_s_transport_layer(void)
2106{
2107 static BIO_METHOD* bio_methods = NULL;
2108
2109 if (bio_methods == NULL)
2110 {
2111 if (!(bio_methods = BIO_meth_new(BIO_TYPE_SIMPLE, "TransportLayer")))
2112 return NULL;
2113
2114 BIO_meth_set_write(bio_methods, transport_layer_bio_write);
2115 BIO_meth_set_read(bio_methods, transport_layer_bio_read);
2116 BIO_meth_set_puts(bio_methods, transport_layer_bio_puts);
2117 BIO_meth_set_gets(bio_methods, transport_layer_bio_gets);
2118 BIO_meth_set_ctrl(bio_methods, transport_layer_bio_ctrl);
2119 BIO_meth_set_create(bio_methods, transport_layer_bio_new);
2120 BIO_meth_set_destroy(bio_methods, transport_layer_bio_free);
2121 }
2122
2123 return bio_methods;
2124}
freerdp_settings_get_server_name
FREERDP_API const char * freerdp_settings_get_server_name(const rdpSettings *settings)
A helper function to return the correct server name.
Definition common/settings.c:1999
RTL_CRITICAL_SECTION
Definition include/winpr/synch.h:158