2 |
rdesktop: A Remote Desktop Protocol client. |
rdesktop: A Remote Desktop Protocol client. |
3 |
Protocol services - RDP layer |
Protocol services - RDP layer |
4 |
Copyright (C) Matthew Chapman 1999-2002 |
Copyright (C) Matthew Chapman 1999-2002 |
5 |
|
|
6 |
This program is free software; you can redistribute it and/or modify |
This program is free software; you can redistribute it and/or modify |
7 |
it under the terms of the GNU General Public License as published by |
it under the terms of the GNU General Public License as published by |
8 |
the Free Software Foundation; either version 2 of the License, or |
the Free Software Foundation; either version 2 of the License, or |
9 |
(at your option) any later version. |
(at your option) any later version. |
10 |
|
|
11 |
This program is distributed in the hope that it will be useful, |
This program is distributed in the hope that it will be useful, |
12 |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 |
GNU General Public License for more details. |
GNU General Public License for more details. |
15 |
|
|
16 |
You should have received a copy of the GNU General Public License |
You should have received a copy of the GNU General Public License |
17 |
along with this program; if not, write to the Free Software |
along with this program; if not, write to the Free Software |
18 |
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
20 |
|
|
21 |
#include "rdesktop.h" |
#include "rdesktop.h" |
22 |
|
|
23 |
extern uint16 mcs_userid; |
extern uint16 g_mcs_userid; |
24 |
extern char username[16]; |
extern char username[16]; |
25 |
extern BOOL bitmap_compression; |
extern BOOL bitmap_compression; |
26 |
extern BOOL orders; |
extern BOOL orders; |
28 |
extern BOOL desktop_save; |
extern BOOL desktop_save; |
29 |
extern BOOL use_rdp5; |
extern BOOL use_rdp5; |
30 |
extern uint16 server_rdp_version; |
extern uint16 server_rdp_version; |
31 |
|
extern int server_bpp; |
32 |
|
|
33 |
uint8 *next_packet; |
uint8 *next_packet; |
34 |
uint32 rdp_shareid; |
uint32 rdp_shareid; |
101 |
|
|
102 |
out_uint16_le(s, length); |
out_uint16_le(s, length); |
103 |
out_uint16_le(s, (RDP_PDU_DATA | 0x10)); |
out_uint16_le(s, (RDP_PDU_DATA | 0x10)); |
104 |
out_uint16_le(s, (mcs_userid + 1001)); |
out_uint16_le(s, (g_mcs_userid + 1001)); |
105 |
|
|
106 |
out_uint32_le(s, rdp_shareid); |
out_uint32_le(s, rdp_shareid); |
107 |
out_uint8(s, 0); /* pad */ |
out_uint8(s, 0); /* pad */ |
141 |
int len_password = 2 * strlen(password); |
int len_password = 2 * strlen(password); |
142 |
int len_program = 2 * strlen(program); |
int len_program = 2 * strlen(program); |
143 |
int len_directory = 2 * strlen(directory); |
int len_directory = 2 * strlen(directory); |
144 |
|
int len_ip = 2 * strlen("127.0.0.1"); |
145 |
|
int len_dll = 2 * strlen("C:\\WINNT\\System32\\mstscax.dll"); |
146 |
|
int packetlen = 0; |
147 |
uint32 sec_flags = encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; |
uint32 sec_flags = encryption ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO; |
148 |
STREAM s; |
STREAM s; |
149 |
|
|
169 |
} |
} |
170 |
else |
else |
171 |
{ |
{ |
172 |
|
flags |= RDP_LOGON_BLOB; |
173 |
DEBUG_RDP5(("Sending RDP5-style Logon packet\n")); |
DEBUG_RDP5(("Sending RDP5-style Logon packet\n")); |
174 |
s = sec_init(sec_flags, 12 + (flags & RDP_LOGON_AUTO ? 2 : 0) + 6 + (flags & RDP_LOGON_AUTO ? len_password : 0) + len_domain + len_user + 4 + len_program + len_directory + 30 + 2 + 60 + 32 + 20 + 32 + 20); /* Phew! */ |
packetlen = 4 + // Unknown uint32 |
175 |
|
4 + // flags |
176 |
|
2 + // len_domain |
177 |
|
2 + // len_user |
178 |
|
(flags & RDP_LOGON_AUTO ? 2 : 0) + // len_password |
179 |
|
(flags & RDP_LOGON_BLOB ? 2 : 0) + // Length of BLOB |
180 |
|
2 + // len_program |
181 |
|
2 + // len_directory |
182 |
|
(0 < len_domain ? len_domain : 2) + // domain |
183 |
|
len_user + (flags & RDP_LOGON_AUTO ? len_password : 0) + 0 + // We have no 512 byte BLOB. Perhaps we must? |
184 |
|
(flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO) ? 2 : 0) + // After the BLOB is a unknown int16. If there is a BLOB, that is. |
185 |
|
(0 < len_program ? len_program : 2) + (0 < len_directory ? len_directory : 2) + 2 + // Unknown (2) |
186 |
|
2 + // Client ip length |
187 |
|
len_ip + // Client ip |
188 |
|
2 + // DLL string length |
189 |
|
len_dll + // DLL string |
190 |
|
2 + // Unknown |
191 |
|
2 + // Unknown |
192 |
|
64 + // Time zone #0 |
193 |
|
2 + // Unknown |
194 |
|
64 + // Time zone #1 |
195 |
|
32; // Unknown |
196 |
|
|
197 |
out_uint32(s, 0); |
s = sec_init(sec_flags, packetlen); |
198 |
|
DEBUG_RDP5(("Called sec_init with packetlen %d\n", packetlen)); |
199 |
|
|
200 |
|
out_uint32(s, 0); // Unknown |
201 |
out_uint32_le(s, flags); |
out_uint32_le(s, flags); |
202 |
out_uint16_le(s, len_domain); |
out_uint16_le(s, len_domain); |
203 |
out_uint16_le(s, len_user); |
out_uint16_le(s, len_user); |
204 |
if (flags & RDP_LOGON_AUTO) |
if (flags & RDP_LOGON_AUTO) |
205 |
{ |
{ |
206 |
out_uint16_le(s, len_password); |
out_uint16_le(s, len_password); |
207 |
|
|
208 |
|
} |
209 |
|
if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) |
210 |
|
{ |
211 |
|
out_uint16_le(s, 0); |
212 |
} |
} |
|
out_uint16(s, 0); /* Seems to be length of a 512 byte blob with |
|
|
completely unknown data, but hopefully we'll do |
|
|
with a 0 length block as well */ |
|
213 |
out_uint16_le(s, len_program); |
out_uint16_le(s, len_program); |
214 |
out_uint16_le(s, len_directory); |
out_uint16_le(s, len_directory); |
215 |
rdp_out_unistr(s, domain, len_domain); |
if (0 < len_domain) |
216 |
|
rdp_out_unistr(s, domain, len_domain); |
217 |
|
else |
218 |
|
out_uint16_le(s, 0); |
219 |
|
rdp_out_unistr(s, user, len_user); |
220 |
if (flags & RDP_LOGON_AUTO) |
if (flags & RDP_LOGON_AUTO) |
221 |
{ |
{ |
222 |
rdp_out_unistr(s, password, len_password); |
rdp_out_unistr(s, password, len_password); |
223 |
} |
} |
224 |
rdp_out_unistr(s, user, len_user); |
if (flags & RDP_LOGON_BLOB && !(flags & RDP_LOGON_AUTO)) |
225 |
out_uint16(s, 0); |
{ |
226 |
out_uint16(s, 0); |
out_uint16_le(s, 0); |
227 |
|
} |
228 |
if (0 < len_program) |
if (0 < len_program) |
229 |
|
{ |
230 |
rdp_out_unistr(s, program, len_program); |
rdp_out_unistr(s, program, len_program); |
231 |
|
|
232 |
|
} |
233 |
|
else |
234 |
|
{ |
235 |
|
out_uint16_le(s, 0); |
236 |
|
} |
237 |
if (0 < len_directory) |
if (0 < len_directory) |
238 |
|
{ |
239 |
rdp_out_unistr(s, directory, len_directory); |
rdp_out_unistr(s, directory, len_directory); |
240 |
out_uint8s(s, 30); /* Some kind of client data - let's see if the server |
} |
241 |
handles zeros well.. */ |
else |
242 |
out_uint16_le(s, 60); |
{ |
243 |
rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", 58); |
out_uint16_le(s, 0); |
244 |
out_uint32_be(s, 0x88ffffff); |
} |
245 |
rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid") - 2); |
out_uint16_le(s, 2); |
246 |
out_uint8s(s, 30 - 2 * strlen("GTP, normaltid")); |
out_uint16_le(s, len_ip + 2); // Length of client ip |
247 |
|
rdp_out_unistr(s, "127.0.0.1", len_ip); |
248 |
|
out_uint16_le(s, len_dll + 2); |
249 |
|
rdp_out_unistr(s, "C:\\WINNT\\System32\\mstscax.dll", len_dll); |
250 |
|
out_uint16_le(s, 0xffc4); |
251 |
|
out_uint16_le(s, 0xffff); |
252 |
|
rdp_out_unistr(s, "GTB, normaltid", 2 * strlen("GTB, normaltid")); |
253 |
|
out_uint8s(s, 62 - 2 * strlen("GTB, normaltid")); |
254 |
|
|
255 |
|
|
256 |
out_uint32_le(s, 0x0a0000); |
out_uint32_le(s, 0x0a0000); |
257 |
out_uint32_le(s, 0x050000); |
out_uint32_le(s, 0x050000); |
258 |
out_uint32_le(s, 2); |
out_uint32_le(s, 3); |
259 |
out_uint32(s, 0); |
out_uint32_le(s, 0); |
260 |
out_uint32_le(s, 0xffffffc4); |
out_uint32_le(s, 0); |
|
out_uint32_le(s, 0xfffffffe); |
|
|
out_uint32_le(s, 0x0f); |
|
|
out_uint32(s, 0); |
|
261 |
|
|
262 |
rdp_out_unistr(s, "GTB, sommartid", 2 * strlen("GTB, sommartid") - 1); |
rdp_out_unistr(s, "GTB, sommartid", 2 * strlen("GTB, sommartid")); |
263 |
out_uint8s(s, 30 - 2 * strlen("GTP, sommartid")); |
out_uint8s(s, 62 - 2 * strlen("GTB, sommartid")); |
264 |
|
|
265 |
out_uint32_le(s, 0x030000); |
out_uint32_le(s, 0x30000); |
266 |
out_uint32_le(s, 0x050000); |
out_uint32_le(s, 0x050000); |
267 |
out_uint32_le(s, 2); |
out_uint32_le(s, 2); |
268 |
out_uint32(s, 0); |
out_uint32(s, 0); |
271 |
out_uint32_le(s, 0x0f); |
out_uint32_le(s, 0x0f); |
272 |
out_uint32(s, 0); |
out_uint32(s, 0); |
273 |
|
|
274 |
|
|
275 |
} |
} |
276 |
s_mark_end(s); |
s_mark_end(s); |
277 |
sec_send(s, sec_flags); |
sec_send(s, sec_flags); |
435 |
static void |
static void |
436 |
rdp_out_bmpcache_caps(STREAM s) |
rdp_out_bmpcache_caps(STREAM s) |
437 |
{ |
{ |
438 |
|
int Bpp; |
439 |
out_uint16_le(s, RDP_CAPSET_BMPCACHE); |
out_uint16_le(s, RDP_CAPSET_BMPCACHE); |
440 |
out_uint16_le(s, RDP_CAPLEN_BMPCACHE); |
out_uint16_le(s, RDP_CAPLEN_BMPCACHE); |
441 |
|
|
442 |
|
Bpp = (server_bpp + 7) / 8; |
443 |
out_uint8s(s, 24); /* unused */ |
out_uint8s(s, 24); /* unused */ |
444 |
out_uint16_le(s, 0x258); /* entries */ |
out_uint16_le(s, 0x258); /* entries */ |
445 |
out_uint16_le(s, 0x100); /* max cell size */ |
out_uint16_le(s, 0x100 * Bpp); /* max cell size */ |
446 |
out_uint16_le(s, 0x12c); /* entries */ |
out_uint16_le(s, 0x12c); /* entries */ |
447 |
out_uint16_le(s, 0x400); /* max cell size */ |
out_uint16_le(s, 0x400 * Bpp); /* max cell size */ |
448 |
out_uint16_le(s, 0x106); /* entries */ |
out_uint16_le(s, 0x106); /* entries */ |
449 |
out_uint16_le(s, 0x1000); /* max cell size */ |
out_uint16_le(s, 0x1000 * Bpp); /* max cell size */ |
450 |
} |
} |
451 |
|
|
452 |
/* Output control capability set */ |
/* Output control capability set */ |
557 |
|
|
558 |
out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE)); |
out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE)); |
559 |
out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10)); /* Version 1 */ |
out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10)); /* Version 1 */ |
560 |
out_uint16_le(s, (mcs_userid + 1001)); |
out_uint16_le(s, (g_mcs_userid + 1001)); |
561 |
|
|
562 |
out_uint32_le(s, rdp_shareid); |
out_uint32_le(s, rdp_shareid); |
563 |
out_uint16_le(s, 0x3ea); /* userid */ |
out_uint16_le(s, 0x3ea); /* userid */ |
715 |
if (!compress) |
if (!compress) |
716 |
{ |
{ |
717 |
int y; |
int y; |
718 |
bmpdata = xmalloc(width * height * Bpp); |
bmpdata = (uint8 *) xmalloc(width * height * Bpp); |
719 |
for (y = 0; y < height; y++) |
for (y = 0; y < height; y++) |
720 |
{ |
{ |
721 |
in_uint8a(s, &bmpdata[(height - y - 1) * (width * Bpp)], |
in_uint8a(s, &bmpdata[(height - y - 1) * (width * Bpp)], |
738 |
in_uint8s(s, 4); /* line_size, final_size */ |
in_uint8s(s, 4); /* line_size, final_size */ |
739 |
} |
} |
740 |
in_uint8p(s, data, size); |
in_uint8p(s, data, size); |
741 |
bmpdata = xmalloc(width * height * Bpp); |
bmpdata = (uint8 *) xmalloc(width * height * Bpp); |
742 |
if (bitmap_decompress(bmpdata, width, height, data, size, Bpp)) |
if (bitmap_decompress(bmpdata, width, height, data, size, Bpp)) |
743 |
{ |
{ |
744 |
ui_paint_bitmap(left, top, cx, cy, width, height, bmpdata); |
ui_paint_bitmap(left, top, cx, cy, width, height, bmpdata); |
765 |
in_uint16_le(s, map.ncolours); |
in_uint16_le(s, map.ncolours); |
766 |
in_uint8s(s, 2); /* pad */ |
in_uint8s(s, 2); /* pad */ |
767 |
|
|
768 |
map.colours = xmalloc(3 * map.ncolours); |
map.colours = (COLOURENTRY *) xmalloc(3 * map.ncolours); |
769 |
|
|
770 |
DEBUG(("PALETTE(c=%d)\n", map.ncolours)); |
DEBUG(("PALETTE(c=%d)\n", map.ncolours)); |
771 |
|
|
852 |
} |
} |
853 |
|
|
854 |
/* Process incoming packets */ |
/* Process incoming packets */ |
855 |
void |
BOOL |
856 |
rdp_main_loop(void) |
rdp_main_loop(void) |
857 |
{ |
{ |
858 |
uint8 type; |
uint8 type; |
867 |
break; |
break; |
868 |
|
|
869 |
case RDP_PDU_DEACTIVATE: |
case RDP_PDU_DEACTIVATE: |
870 |
|
DEBUG(("RDP_PDU_DEACTIVATE\n")); |
871 |
|
/* We thought we could detect a clean |
872 |
|
shutdown of the session by this |
873 |
|
packet, but it seems Windows 2003 |
874 |
|
is sending us one of these when we |
875 |
|
reconnect to a disconnected session |
876 |
|
return True; */ |
877 |
break; |
break; |
878 |
|
|
879 |
case RDP_PDU_DATA: |
case RDP_PDU_DATA: |
887 |
unimpl("PDU %d\n", type); |
unimpl("PDU %d\n", type); |
888 |
} |
} |
889 |
} |
} |
890 |
|
return True; |
891 |
|
/* We want to detect if we got a clean shutdown, but we |
892 |
|
can't. Se above. |
893 |
|
return False; */ |
894 |
} |
} |
895 |
|
|
896 |
/* Establish a connection up to the RDP layer */ |
/* Establish a connection up to the RDP layer */ |