From 6dcc8e73eed6a5353e1bccbe6c5ff18416b40ffc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Moreau?= Date: Mon, 24 Sep 2012 04:40:32 -0400 Subject: [PATCH] libfreerdp-utils: get rid of rdpBlob --- include/freerdp/codec/bitmap.h | 1 + include/freerdp/codec/mppc_dec.h | 21 ++++----- include/freerdp/codec/mppc_enc.h | 1 + include/freerdp/crypto/certificate.h | 1 - include/freerdp/crypto/crypto.h | 3 +- include/freerdp/crypto/tls.h | 3 +- include/freerdp/settings.h | 57 +++++++++++++----------- include/freerdp/utils/blob.h | 37 ---------------- libfreerdp/codec/mppc_dec.c | 2 + libfreerdp/codec/mppc_enc.c | 6 ++- libfreerdp/core/certificate.c | 64 +++++++++++++++++---------- libfreerdp/core/certificate.h | 1 - libfreerdp/core/connection.c | 32 +++++++++----- libfreerdp/core/gcc.c | 34 +++++++------- libfreerdp/core/info.c | 6 +-- libfreerdp/core/nego.c | 14 +++--- libfreerdp/core/nego.h | 7 +-- libfreerdp/core/redirection.c | 25 ++++++----- libfreerdp/core/redirection.h | 7 +-- libfreerdp/core/security.c | 9 ++-- libfreerdp/core/settings.c | 4 -- libfreerdp/crypto/crypto.c | 14 +++--- libfreerdp/crypto/nla.c | 8 ++-- libfreerdp/crypto/tls.c | 9 ++-- libfreerdp/locale/keyboard_xkbfile.c | 2 + libfreerdp/locale/timezone.c | 1 + libfreerdp/locale/virtual_key_codes.c | 4 ++ libfreerdp/locale/xkb_layout_ids.c | 2 + libfreerdp/utils/CMakeLists.txt | 1 - libfreerdp/utils/blob.c | 57 ------------------------ libfreerdp/utils/time.c | 3 ++ 31 files changed, 201 insertions(+), 235 deletions(-) delete mode 100644 include/freerdp/utils/blob.h delete mode 100644 libfreerdp/utils/blob.c diff --git a/include/freerdp/codec/bitmap.h b/include/freerdp/codec/bitmap.h index b440eaf60..d09c495bc 100644 --- a/include/freerdp/codec/bitmap.h +++ b/include/freerdp/codec/bitmap.h @@ -20,6 +20,7 @@ #ifndef __BITMAP_H #define __BITMAP_H +#include #include FREERDP_API boolean bitmap_decompress(uint8* srcData, uint8* dstData, int width, int height, int size, int srcBpp, int dstBpp); diff --git a/include/freerdp/codec/mppc_dec.h b/include/freerdp/codec/mppc_dec.h index 55b7d6a74..14fae4be6 100644 --- a/include/freerdp/codec/mppc_dec.h +++ b/include/freerdp/codec/mppc_dec.h @@ -21,20 +21,21 @@ #ifndef __MPPC_H #define __MPPC_H +#include #include /* Compression Types */ -#define PACKET_COMPRESSED 0x20 -#define PACKET_AT_FRONT 0x40 -#define PACKET_FLUSHED 0x80 -#define PACKET_COMPR_TYPE_8K 0x00 -#define PACKET_COMPR_TYPE_64K 0x01 -#define PACKET_COMPR_TYPE_RDP6 0x02 -#define PACKET_COMPR_TYPE_RDP61 0x03 -#define CompressionTypeMask 0x0F +#define PACKET_COMPRESSED 0x20 +#define PACKET_AT_FRONT 0x40 +#define PACKET_FLUSHED 0x80 +#define PACKET_COMPR_TYPE_8K 0x00 +#define PACKET_COMPR_TYPE_64K 0x01 +#define PACKET_COMPR_TYPE_RDP6 0x02 +#define PACKET_COMPR_TYPE_RDP61 0x03 +#define CompressionTypeMask 0x0F -#define RDP6_HISTORY_BUF_SIZE 65536 -#define RDP6_OFFSET_CACHE_SIZE 8 +#define RDP6_HISTORY_BUF_SIZE 65536 +#define RDP6_OFFSET_CACHE_SIZE 8 struct rdp_mppc_dec { diff --git a/include/freerdp/codec/mppc_enc.h b/include/freerdp/codec/mppc_enc.h index 1160b3dbd..e0014c010 100644 --- a/include/freerdp/codec/mppc_enc.h +++ b/include/freerdp/codec/mppc_enc.h @@ -21,6 +21,7 @@ #ifndef __MPPC_ENC_H #define __MPPC_ENC_H +#include #include #define PROTO_RDP_40 1 diff --git a/include/freerdp/crypto/certificate.h b/include/freerdp/crypto/certificate.h index 9038ac87d..117179359 100644 --- a/include/freerdp/crypto/certificate.h +++ b/include/freerdp/crypto/certificate.h @@ -28,7 +28,6 @@ typedef struct rdp_certificate_store rdpCertificateStore; #include #include -#include #include #include diff --git a/include/freerdp/crypto/crypto.h b/include/freerdp/crypto/crypto.h index e3baa6079..e57431f77 100644 --- a/include/freerdp/crypto/crypto.h +++ b/include/freerdp/crypto/crypto.h @@ -44,7 +44,6 @@ #include #include -#include #include struct crypto_sha1_struct @@ -128,7 +127,7 @@ FREERDP_API void crypto_cert_free(CryptoCert cert); FREERDP_API boolean x509_verify_certificate(CryptoCert cert, char* certificate_store_path); FREERDP_API rdpCertificateData* crypto_get_certificate_data(X509* xcert, char* hostname); -FREERDP_API boolean crypto_cert_get_public_key(CryptoCert cert, rdpBlob* public_key); +FREERDP_API boolean crypto_cert_get_public_key(CryptoCert cert, BYTE** PublicKey, DWORD* PublicKeyLength); #define TSSK_KEY_LENGTH 64 extern const uint8 tssk_modulus[]; diff --git a/include/freerdp/crypto/tls.h b/include/freerdp/crypto/tls.h index f0b2e8905..c271202e2 100644 --- a/include/freerdp/crypto/tls.h +++ b/include/freerdp/crypto/tls.h @@ -37,7 +37,8 @@ struct rdp_tls SSL* ssl; int sockfd; SSL_CTX* ctx; - rdpBlob public_key; + BYTE* PublicKey; + DWORD PublicKeyLength; rdpSettings* settings; rdpCertificateStore* certificate_store; }; diff --git a/include/freerdp/settings.h b/include/freerdp/settings.h index f4afb7bcb..2baffa7b8 100644 --- a/include/freerdp/settings.h +++ b/include/freerdp/settings.h @@ -21,7 +21,6 @@ #define __RDP_SETTINGS_H #include -#include /* Performance Flags */ #define PERF_FLAG_NONE 0x00000000 @@ -159,7 +158,8 @@ typedef struct rdp_X509CertChain rdpX509CertChain; struct rdp_CertInfo { - rdpBlob modulus; + BYTE* Modulus; + DWORD ModulusLength; uint8 exponent[4]; }; typedef struct rdp_CertInfo rdpCertInfo; @@ -173,8 +173,10 @@ typedef struct rdp_certificate rdpCertificate; struct rdp_key { - rdpBlob modulus; - rdpBlob private_exponent; + BYTE* Modulus; + DWORD ModulusLength; + BYTE* PrivateExponent; + DWORD PrivateExponentLength; uint8 exponent[4]; }; typedef struct rdp_key rdpKey; @@ -285,20 +287,21 @@ struct rdp_settings ALIGN64 boolean autologon; /* 58 */ ALIGN64 boolean compression; /* 59 */ ALIGN64 uint32 performance_flags; /* 60 */ - ALIGN64 rdpBlob* password_cookie; /* 61 */ - ALIGN64 char* kerberos_kdc; /* 62 */ - ALIGN64 char* kerberos_realm; /* 63 */ - ALIGN64 boolean ts_gateway; /* 64 */ - ALIGN64 char* tsg_hostname; /* 65 */ - ALIGN64 char* tsg_username; /* 66 */ - ALIGN64 char* tsg_password; /* 67 */ - ALIGN64 boolean local; /* 68 */ - ALIGN64 boolean authentication_only; /* 69 */ - ALIGN64 boolean from_stdin; /* 70 */ - ALIGN64 boolean send_preconnection_pdu; /* 71 */ - ALIGN64 uint32 preconnection_id; /* 72 */ - ALIGN64 char* preconnection_blob; /* 73 */ - uint64 paddingC[80 - 74]; /* 74 */ + ALIGN64 BYTE* password_cookie; /* 61 */ + ALIGN64 DWORD password_cookie_length; /* 62 */ + ALIGN64 char* kerberos_kdc; /* 63 */ + ALIGN64 char* kerberos_realm; /* 64 */ + ALIGN64 boolean ts_gateway; /* 65 */ + ALIGN64 char* tsg_hostname; /* 66 */ + ALIGN64 char* tsg_username; /* 67 */ + ALIGN64 char* tsg_password; /* 68 */ + ALIGN64 boolean local; /* 69 */ + ALIGN64 boolean authentication_only; /* 70 */ + ALIGN64 boolean from_stdin; /* 71 */ + ALIGN64 boolean send_preconnection_pdu; /* 72 */ + ALIGN64 uint32 preconnection_id; /* 73 */ + ALIGN64 char* preconnection_blob; /* 74 */ + uint64 paddingC[80 - 75]; /* 75 */ /* User Interface Parameters */ ALIGN64 boolean sw_gdi; /* 80 */ @@ -382,14 +385,16 @@ struct rdp_settings ALIGN64 char* privatekey_file; /* 249 */ ALIGN64 char* client_hostname; /* 250 */ ALIGN64 char* client_product_id; /* 251 */ - ALIGN64 rdpBlob* server_random; /* 252 */ - ALIGN64 rdpBlob* server_certificate; /* 253 */ - ALIGN64 boolean ignore_certificate; /* 254 */ - ALIGN64 rdpCertificate* server_cert; /* 255 */ - ALIGN64 char* rdp_key_file; /* 256 */ - ALIGN64 rdpKey* server_key; /* 257 */ - ALIGN64 char* certificate_name; /* 258 */ - uint64 paddingL[280 - 259]; /* 259 */ + ALIGN64 BYTE* server_random; /* 252 */ + ALIGN64 DWORD server_random_length; /* 253 */ + ALIGN64 BYTE* server_certificate; /* 254 */ + ALIGN64 DWORD server_certificate_length; /* 255 */ + ALIGN64 boolean ignore_certificate; /* 256 */ + ALIGN64 rdpCertificate* server_cert; /* 257 */ + ALIGN64 char* rdp_key_file; /* 258 */ + ALIGN64 rdpKey* server_key; /* 259 */ + ALIGN64 char* certificate_name; /* 260 */ + uint64 paddingL[280 - 261]; /* 261 */ /* Codecs */ ALIGN64 boolean rfx_codec; /* 280 */ diff --git a/include/freerdp/utils/blob.h b/include/freerdp/utils/blob.h deleted file mode 100644 index 6c5f46acb..000000000 --- a/include/freerdp/utils/blob.h +++ /dev/null @@ -1,37 +0,0 @@ -/** - * FreeRDP: A Remote Desktop Protocol Client - * BLOB Utils - * - * Copyright 2011 Marc-Andre Moreau - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef __BLOB_UTILS_H -#define __BLOB_UTILS_H - -#include -#include - -struct rdp_blob -{ - void* data; - int length; -}; -typedef struct rdp_blob rdpBlob; - -FREERDP_API void freerdp_blob_alloc(rdpBlob* blob, int length); -FREERDP_API void freerdp_blob_free(rdpBlob* blob); -FREERDP_API void freerdp_blob_copy(rdpBlob* dstblob, rdpBlob* srcblob); - -#endif /* __BLOB_UTILS_H */ diff --git a/libfreerdp/codec/mppc_dec.c b/libfreerdp/codec/mppc_dec.c index 7a4d8d8a4..b1d378b77 100644 --- a/libfreerdp/codec/mppc_dec.c +++ b/libfreerdp/codec/mppc_dec.c @@ -23,6 +23,8 @@ #endif #include +#include +#include #include diff --git a/libfreerdp/codec/mppc_enc.c b/libfreerdp/codec/mppc_enc.c index 3efe88abe..b8264fb83 100644 --- a/libfreerdp/codec/mppc_enc.c +++ b/libfreerdp/codec/mppc_enc.c @@ -22,9 +22,13 @@ #include "config.h" #endif +#include +#include +#include + +#include #include #include -#include #define MPPC_ENC_DEBUG 0 diff --git a/libfreerdp/core/certificate.c b/libfreerdp/core/certificate.c index 75cf1088a..1f28616ff 100644 --- a/libfreerdp/core/certificate.c +++ b/libfreerdp/core/certificate.c @@ -195,12 +195,13 @@ void certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info) } while (padding == 0); - freerdp_blob_alloc(&info->modulus, modulus_length); - stream_read(s, info->modulus.data, modulus_length); + info->ModulusLength = modulus_length; + info->Modulus = (BYTE*) malloc(info->ModulusLength); + stream_read(s, info->Modulus, info->ModulusLength); ber_read_integer_length(s, &exponent_length); /* publicExponent (INTEGER) */ stream_read(s, &info->exponent[4 - exponent_length], exponent_length); - crypto_reverse(info->modulus.data, modulus_length); + crypto_reverse(info->Modulus, info->ModulusLength); crypto_reverse(info->exponent, 4); stream_detach(s); @@ -256,6 +257,7 @@ static boolean certificate_process_server_public_key(rdpCertificate* certificate uint32 modlen; stream_read(s, magic, 4); + if (memcmp(magic, "RSA1", 4) != 0) { printf("gcc_process_server_public_key: magic error\n"); @@ -267,8 +269,10 @@ static boolean certificate_process_server_public_key(rdpCertificate* certificate stream_read_uint32(s, datalen); stream_read(s, certificate->cert_info.exponent, 4); modlen = keylen - 8; - freerdp_blob_alloc(&(certificate->cert_info.modulus), modlen); - stream_read(s, certificate->cert_info.modulus.data, modlen); + + certificate->cert_info.ModulusLength = modlen; + certificate->cert_info.Modulus = malloc(certificate->cert_info.ModulusLength); + stream_read(s, certificate->cert_info.Modulus, certificate->cert_info.ModulusLength); /* 8 bytes of zero padding */ stream_seek(s, 8); @@ -277,11 +281,11 @@ static boolean certificate_process_server_public_key(rdpCertificate* certificate static boolean certificate_process_server_public_signature(rdpCertificate* certificate, uint8* sigdata, int sigdatalen, STREAM* s, uint32 siglen) { - uint8 md5hash[CRYPTO_MD5_DIGEST_LENGTH]; - uint8 encsig[TSSK_KEY_LENGTH + 8]; - uint8 sig[TSSK_KEY_LENGTH]; - CryptoMd5 md5ctx; int i, sum; + CryptoMd5 md5ctx; + uint8 sig[TSSK_KEY_LENGTH]; + uint8 encsig[TSSK_KEY_LENGTH + 8]; + uint8 md5hash[CRYPTO_MD5_DIGEST_LENGTH]; md5ctx = crypto_md5_init(); crypto_md5_update(md5ctx, sigdata, sigdatalen); @@ -351,36 +355,46 @@ boolean certificate_read_server_proprietary_certificate(rdpCertificate* certific sigdata = stream_get_tail(s) - 4; stream_read_uint32(s, dwSigAlgId); stream_read_uint32(s, dwKeyAlgId); + if (!(dwSigAlgId == SIGNATURE_ALG_RSA && dwKeyAlgId == KEY_EXCHANGE_ALG_RSA)) { printf("certificate_read_server_proprietary_certificate: parse error 1\n"); return false; } + stream_read_uint16(s, wPublicKeyBlobType); + if (wPublicKeyBlobType != BB_RSA_KEY_BLOB) { printf("certificate_read_server_proprietary_certificate: parse error 2\n"); return false; } + stream_read_uint16(s, wPublicKeyBlobLen); + if (!certificate_process_server_public_key(certificate, s, wPublicKeyBlobLen)) { printf("certificate_read_server_proprietary_certificate: parse error 3\n"); return false; } + sigdatalen = stream_get_tail(s) - sigdata; stream_read_uint16(s, wSignatureBlobType); + if (wSignatureBlobType != BB_RSA_SIGNATURE_BLOB) { printf("certificate_read_server_proprietary_certificate: parse error 4\n"); return false; } + stream_read_uint16(s, wSignatureBlobLen); + if (wSignatureBlobLen != 72) { printf("certificate_process_server_public_signature: invalid signature length (got %d, expected %d)\n", wSignatureBlobLen, 64); return false; } + if (!certificate_process_server_public_signature(certificate, sigdata, sigdatalen, s, wSignatureBlobLen)) { printf("certificate_read_server_proprietary_certificate: parse error 5\n"); @@ -423,8 +437,8 @@ boolean certificate_read_server_x509_certificate_chain(rdpCertificate* certifica rdpCertInfo cert_info; DEBUG_CERTIFICATE("License Server Certificate"); certificate_read_x509_certificate(&certificate->x509_cert_chain->array[i], &cert_info); - DEBUG_LICENSE("modulus length:%d", cert_info.modulus.length); - freerdp_blob_free(&cert_info.modulus); + DEBUG_LICENSE("modulus length:%d", cert_info.ModulusLength); + free(cert_info.Modulus); } else if (numCertBlobs - i == 1) { @@ -481,9 +495,9 @@ boolean certificate_read_server_certificate(rdpCertificate* certificate, uint8* rdpKey* key_new(const char* keyfile) { + FILE* fp; + RSA* rsa; rdpKey* key; - RSA *rsa; - FILE *fp; key = (rdpKey*) xzalloc(sizeof(rdpKey)); @@ -538,12 +552,16 @@ rdpKey* key_new(const char* keyfile) return NULL; } - freerdp_blob_alloc(&key->modulus, BN_num_bytes(rsa->n)); - BN_bn2bin(rsa->n, key->modulus.data); - crypto_reverse(key->modulus.data, key->modulus.length); - freerdp_blob_alloc(&key->private_exponent, BN_num_bytes(rsa->d)); - BN_bn2bin(rsa->d, key->private_exponent.data); - crypto_reverse(key->private_exponent.data, key->private_exponent.length); + key->ModulusLength = BN_num_bytes(rsa->n); + key->Modulus = (BYTE*) malloc(key->ModulusLength); + BN_bn2bin(rsa->n, key->Modulus); + crypto_reverse(key->Modulus, key->ModulusLength); + + key->PrivateExponentLength = BN_num_bytes(rsa->d); + key->PrivateExponent = (BYTE*) malloc(key->PrivateExponentLength); + BN_bn2bin(rsa->d, key->PrivateExponent); + crypto_reverse(key->PrivateExponent, key->PrivateExponentLength); + memset(key->exponent, 0, sizeof(key->exponent)); BN_bn2bin(rsa->e, key->exponent + sizeof(key->exponent) - BN_num_bytes(rsa->e)); crypto_reverse(key->exponent, sizeof(key->exponent)); @@ -557,8 +575,8 @@ void key_free(rdpKey* key) { if (key != NULL) { - freerdp_blob_free(&key->modulus); - freerdp_blob_free(&key->private_exponent); + free(key->Modulus); + free(key->PrivateExponent); xfree(key); } } @@ -594,8 +612,8 @@ void certificate_free(rdpCertificate* certificate) { certificate_free_x509_certificate_chain(certificate->x509_cert_chain); - if (certificate->cert_info.modulus.data != NULL) - freerdp_blob_free(&(certificate->cert_info.modulus)); + if (certificate->cert_info.Modulus != NULL) + free(certificate->cert_info.Modulus); xfree(certificate); } diff --git a/libfreerdp/core/certificate.h b/libfreerdp/core/certificate.h index fee06d972..8ebaa6eaf 100644 --- a/libfreerdp/core/certificate.h +++ b/libfreerdp/core/certificate.h @@ -26,7 +26,6 @@ #include #include -#include #include #include diff --git a/libfreerdp/core/connection.c b/libfreerdp/core/connection.c index 9db8db005..be17767a4 100644 --- a/libfreerdp/core/connection.c +++ b/libfreerdp/core/connection.c @@ -91,7 +91,8 @@ boolean rdp_client_connect(rdpRdp* rdp) if ((rdp->nego->selected_protocol & PROTOCOL_TLS) || (rdp->nego->selected_protocol == PROTOCOL_RDP)) { - if ((settings->username != NULL) && ((settings->password != NULL) || (settings->password_cookie != NULL && settings->password_cookie->length > 0))) + if ((settings->username != NULL) && ((settings->password != NULL) || + (settings->password_cookie != NULL && settings->password_cookie_length > 0))) settings->autologon = true; } @@ -143,9 +144,8 @@ boolean rdp_client_redirect(rdpRdp* rdp) license_free(rdp->license); transport_free(rdp->transport); - /* FIXME: this is a subset of settings_free */ - freerdp_blob_free(settings->server_random); - freerdp_blob_free(settings->server_certificate); + free(settings->server_random); + free(settings->server_certificate); xfree(settings->ip_address); rdp->transport = transport_new(settings); @@ -158,7 +158,7 @@ boolean rdp_client_redirect(rdpRdp* rdp) if (redirection->flags & LB_LOAD_BALANCE_INFO) { - nego_set_routing_token(rdp->nego, &redirection->loadBalanceInfo); + nego_set_routing_token(rdp->nego, redirection->LoadBalanceInfo, redirection->LoadBalanceInfoLength); } else { @@ -193,7 +193,8 @@ boolean rdp_client_redirect(rdpRdp* rdp) if (redirection->flags & LB_PASSWORD) { - settings->password_cookie = &redirection->password_cookie; + settings->password_cookie = redirection->PasswordCookie; + settings->password_cookie_length = redirection->PasswordCookieLength; } return rdp_client_connect(rdp); @@ -218,8 +219,8 @@ static boolean rdp_client_establish_keys(rdpRdp* rdp) /* encrypt client random */ memset(crypt_client_random, 0, sizeof(crypt_client_random)); crypto_nonce(client_random, sizeof(client_random)); - key_len = rdp->settings->server_cert->cert_info.modulus.length; - mod = rdp->settings->server_cert->cert_info.modulus.data; + key_len = rdp->settings->server_cert->cert_info.ModulusLength; + mod = rdp->settings->server_cert->cert_info.Modulus; exp = rdp->settings->server_cert->cert_info.exponent; crypto_rsa_public_encrypt(client_random, sizeof(client_random), key_len, mod, exp, crypt_client_random); @@ -264,7 +265,7 @@ static boolean rdp_client_establish_keys(rdpRdp* rdp) static boolean rdp_server_establish_keys(rdpRdp* rdp, STREAM* s) { - uint8 client_random[64]; /* Should be only 32 after successfull decryption, but on failure might take up to 64 bytes. */ + uint8 client_random[64]; /* Should be only 32 after successful decryption, but on failure might take up to 64 bytes. */ uint8 crypt_client_random[256 + 8]; uint32 rand_len, key_len; uint16 channel_id, length, sec_flags; @@ -282,25 +283,30 @@ static boolean rdp_server_establish_keys(rdpRdp* rdp, STREAM* s) printf("rdp_server_establish_keys: invalid RDP header\n"); return false; } + rdp_read_security_header(s, &sec_flags); + if ((sec_flags & SEC_EXCHANGE_PKT) == 0) { printf("rdp_server_establish_keys: missing SEC_EXCHANGE_PKT in security header\n"); return false; } + stream_read_uint32(s, rand_len); - key_len = rdp->settings->server_key->modulus.length; + key_len = rdp->settings->server_key->ModulusLength; + if (rand_len != key_len + 8) { printf("rdp_server_establish_keys: invalid encrypted client random length\n"); return false; } + memset(crypt_client_random, 0, sizeof(crypt_client_random)); stream_read(s, crypt_client_random, rand_len); /* 8 zero bytes of padding */ stream_seek(s, 8); - mod = rdp->settings->server_key->modulus.data; - priv_exp = rdp->settings->server_key->private_exponent.data; + mod = rdp->settings->server_key->Modulus; + priv_exp = rdp->settings->server_key->PrivateExponent; crypto_rsa_private_decrypt(crypt_client_random, rand_len - 8, key_len, mod, priv_exp, client_random); /* now calculate encrypt / decrypt and update keys */ @@ -336,8 +342,10 @@ boolean rdp_client_connect_mcs_connect_response(rdpRdp* rdp, STREAM* s) printf("rdp_client_connect_mcs_connect_response: mcs_recv_connect_response failed\n"); return false; } + if (!mcs_send_erect_domain_request(rdp->mcs)) return false; + if (!mcs_send_attach_user_request(rdp->mcs)) return false; diff --git a/libfreerdp/core/gcc.c b/libfreerdp/core/gcc.c index 8e38d3b1a..3318e53f6 100644 --- a/libfreerdp/core/gcc.c +++ b/libfreerdp/core/gcc.c @@ -799,8 +799,6 @@ boolean gcc_read_server_security_data(STREAM* s, rdpSettings* settings) { uint8* data; uint32 length; - uint32 serverRandomLen; - uint32 serverCertLen; stream_read_uint32(s, settings->encryption_method); /* encryptionMethod */ stream_read_uint32(s, settings->encryption_level); /* encryptionLevel */ @@ -814,29 +812,30 @@ boolean gcc_read_server_security_data(STREAM* s, rdpSettings* settings) return true; } - stream_read_uint32(s, serverRandomLen); /* serverRandomLen */ - stream_read_uint32(s, serverCertLen); /* serverCertLen */ + stream_read_uint32(s, settings->server_random_length); /* serverRandomLen */ + stream_read_uint32(s, settings->server_certificate_length); /* serverCertLen */ - if (serverRandomLen > 0) + if (settings->server_random_length > 0) { /* serverRandom */ - freerdp_blob_alloc(settings->server_random, serverRandomLen); - stream_read(s, settings->server_random->data, serverRandomLen); + settings->server_random = (BYTE*) malloc(settings->server_random_length); + stream_read(s, settings->server_random, settings->server_random_length); } else { return false; } - if (serverCertLen > 0) + if (settings->server_certificate_length > 0) { /* serverCertificate */ - freerdp_blob_alloc(settings->server_certificate, serverCertLen); - stream_read(s, settings->server_certificate->data, serverCertLen); + settings->server_certificate = (BYTE*) malloc(settings->server_certificate_length); + stream_read(s, settings->server_certificate, settings->server_certificate_length); + certificate_free(settings->server_cert); settings->server_cert = certificate_new(); - data = settings->server_certificate->data; - length = settings->server_certificate->length; + data = settings->server_certificate; + length = settings->server_certificate_length; if (!certificate_read_server_certificate(settings->server_cert, data, length)) return false; @@ -936,7 +935,7 @@ void gcc_write_server_security_data(STREAM* s, rdpSettings* settings) { serverRandomLen = 32; - keyLen = settings->server_key->modulus.length; + keyLen = settings->server_key->ModulusLength; expLen = sizeof(settings->server_key->exponent); wPublicKeyBlobLen = 4; /* magic (RSA1) */ wPublicKeyBlobLen += 4; /* keylen */ @@ -977,9 +976,10 @@ void gcc_write_server_security_data(STREAM* s, rdpSettings* settings) stream_write_uint32(s, serverRandomLen); /* serverRandomLen */ stream_write_uint32(s, serverCertLen); /* serverCertLen */ - freerdp_blob_alloc(settings->server_random, serverRandomLen); - crypto_nonce(settings->server_random->data, serverRandomLen); - stream_write(s, settings->server_random->data, serverRandomLen); + settings->server_random_length = serverRandomLen; + settings->server_random = (BYTE*) malloc(serverRandomLen); + crypto_nonce(settings->server_random, serverRandomLen); + stream_write(s, settings->server_random, serverRandomLen); sigData = stream_get_tail(s); @@ -995,7 +995,7 @@ void gcc_write_server_security_data(STREAM* s, rdpSettings* settings) stream_write_uint32(s, keyLen - 1); /* datalen */ stream_write(s, settings->server_key->exponent, expLen); - stream_write(s, settings->server_key->modulus.data, keyLen); + stream_write(s, settings->server_key->Modulus, keyLen); stream_write_zero(s, 8); sigDataLen = stream_get_tail(s) - sigData; diff --git a/libfreerdp/core/info.c b/libfreerdp/core/info.c index 15e5decee..8e50a1c34 100644 --- a/libfreerdp/core/info.c +++ b/libfreerdp/core/info.c @@ -355,11 +355,11 @@ void rdp_write_info_packet(STREAM* s, rdpSettings* settings) cbUserName = freerdp_AsciiToUnicodeAlloc(settings->username, &userName, 0) * 2; - if (settings->password_cookie && settings->password_cookie->length > 0) + if (settings->password_cookie && settings->password_cookie_length > 0) { usedPasswordCookie = true; - password = (WCHAR*) settings->password_cookie->data; - cbPassword = settings->password_cookie->length - 2; /* Strip double zero termination */ + password = (WCHAR*) settings->password_cookie; + cbPassword = settings->password_cookie_length - 2; /* Strip double zero termination */ } else { diff --git a/libfreerdp/core/nego.c b/libfreerdp/core/nego.c index 0f3201355..6af15ad97 100644 --- a/libfreerdp/core/nego.c +++ b/libfreerdp/core/nego.c @@ -568,10 +568,10 @@ boolean nego_send_negotiation_request(rdpNego* nego) stream_get_mark(s, bm); stream_seek(s, length); - if (nego->routing_token != NULL) + if (nego->RoutingToken != NULL) { - stream_write(s, nego->routing_token->data, nego->routing_token->length); - length += nego->routing_token->length; + stream_write(s, nego->RoutingToken, nego->RoutingTokenLength); + length += nego->RoutingTokenLength; } else if (nego->cookie != NULL) { @@ -898,12 +898,14 @@ void nego_enable_nla(rdpNego* nego, boolean enable_nla) /** * Set routing token. * @param nego - * @param routing_token + * @param RoutingToken + * @param RoutingTokenLength */ -void nego_set_routing_token(rdpNego* nego, rdpBlob* routing_token) +void nego_set_routing_token(rdpNego* nego, BYTE* RoutingToken, DWORD RoutingTokenLength) { - nego->routing_token = routing_token; + nego->RoutingToken = RoutingToken; + nego->RoutingTokenLength = RoutingTokenLength; } /** diff --git a/libfreerdp/core/nego.h b/libfreerdp/core/nego.h index cf30c94e9..8e4b665c0 100644 --- a/libfreerdp/core/nego.h +++ b/libfreerdp/core/nego.h @@ -23,7 +23,6 @@ #include "transport.h" #include #include -#include #include #include @@ -80,7 +79,8 @@ struct rdp_nego uint32 flags; char* hostname; char* cookie; - rdpBlob* routing_token; + BYTE* RoutingToken; + DWORD RoutingTokenLength; boolean send_preconnection_pdu; uint32 preconnection_id; char* preconnection_blob; @@ -119,13 +119,14 @@ boolean nego_send_negotiation_response(rdpNego* nego); rdpNego* nego_new(struct rdp_transport * transport); void nego_free(rdpNego* nego); + void nego_init(rdpNego* nego); void nego_set_target(rdpNego* nego, char* hostname, int port); void nego_set_negotiation_enabled(rdpNego* nego, boolean security_layer_negotiation_enabled); void nego_enable_rdp(rdpNego* nego, boolean enable_rdp); void nego_enable_nla(rdpNego* nego, boolean enable_nla); void nego_enable_tls(rdpNego* nego, boolean enable_tls); -void nego_set_routing_token(rdpNego* nego, rdpBlob* routing_token); +void nego_set_routing_token(rdpNego* nego, BYTE* RoutingToken, DWORD RoutingTokenLength); void nego_set_cookie(rdpNego* nego, char* cookie); void nego_set_send_preconnection_pdu(rdpNego* nego, boolean send_pcpdu); void nego_set_preconnection_id(rdpNego* nego, uint32 id); diff --git a/libfreerdp/core/redirection.c b/libfreerdp/core/redirection.c index 4b0561f15..78ff55230 100644 --- a/libfreerdp/core/redirection.c +++ b/libfreerdp/core/redirection.c @@ -84,10 +84,9 @@ boolean rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s) if (redirection->flags & LB_LOAD_BALANCE_INFO) { - uint32 loadBalanceInfoLength; - stream_read_uint32(s, loadBalanceInfoLength); - freerdp_blob_alloc(&redirection->loadBalanceInfo, loadBalanceInfoLength); - stream_read(s, redirection->loadBalanceInfo.data, loadBalanceInfoLength); + stream_read_uint32(s, redirection->LoadBalanceInfoLength); + redirection->LoadBalanceInfo = (BYTE*) malloc(redirection->LoadBalanceInfoLength); + stream_read(s, redirection->LoadBalanceInfo, redirection->LoadBalanceInfoLength); #ifdef WITH_DEBUG_REDIR DEBUG_REDIR("loadBalanceInfo:"); freerdp_hexdump(redirection->loadBalanceInfo.data, redirection->loadBalanceInfo.length); @@ -108,14 +107,14 @@ boolean rdp_recv_server_redirection_pdu(rdpRdp* rdp, STREAM* s) if (redirection->flags & LB_PASSWORD) { - uint32 passwordLength; - stream_read_uint32(s, passwordLength); /* Note: length (hopefully) includes double zero termination */ - freerdp_blob_alloc(&redirection->password_cookie, passwordLength); - stream_read(s, redirection->password_cookie.data, passwordLength); + /* Note: length (hopefully) includes double zero termination */ + stream_read_uint32(s, redirection->PasswordCookieLength); + redirection->PasswordCookie = (BYTE*) malloc(redirection->PasswordCookieLength); + stream_read(s, redirection->PasswordCookie, redirection->PasswordCookieLength); #ifdef WITH_DEBUG_REDIR DEBUG_REDIR("password_cookie:"); - freerdp_hexdump(redirection->password_cookie.data, redirection->password_cookie.length); + freerdp_hexdump(redirection->PasswordCookie, redirection->PasswordCookieLength); #endif } @@ -200,11 +199,15 @@ void redirection_free(rdpRedirection* redirection) freerdp_string_free(&redirection->tsvUrl); freerdp_string_free(&redirection->username); freerdp_string_free(&redirection->domain); - freerdp_blob_free(&redirection->password_cookie); freerdp_string_free(&redirection->targetFQDN); freerdp_string_free(&redirection->targetNetBiosName); freerdp_string_free(&redirection->targetNetAddress); - freerdp_blob_free(&redirection->loadBalanceInfo); + + if (redirection->LoadBalanceInfo) + free(redirection->LoadBalanceInfo); + + if (redirection->PasswordCookie) + free(redirection->PasswordCookie); if (redirection->targetNetAddresses != NULL) { diff --git a/libfreerdp/core/redirection.h b/libfreerdp/core/redirection.h index efbb13d20..fe084fd76 100644 --- a/libfreerdp/core/redirection.h +++ b/libfreerdp/core/redirection.h @@ -23,7 +23,6 @@ #include "rdp.h" #include -#include #include #include #include @@ -50,9 +49,11 @@ struct rdp_redirection rdpString tsvUrl; rdpString username; rdpString domain; - rdpBlob password_cookie; + BYTE* PasswordCookie; + DWORD PasswordCookieLength; rdpString targetFQDN; - rdpBlob loadBalanceInfo; + BYTE* LoadBalanceInfo; + DWORD LoadBalanceInfoLength; rdpString targetNetBiosName; rdpString targetNetAddress; uint32 targetNetAddressesCount; diff --git a/libfreerdp/core/security.c b/libfreerdp/core/security.c index 0ce305e9f..b15a551d6 100644 --- a/libfreerdp/core/security.c +++ b/libfreerdp/core/security.c @@ -355,7 +355,7 @@ boolean security_establish_keys(uint8* client_random, rdpRdp* rdp) rdpSettings* settings; settings = rdp->settings; - server_random = settings->server_random->data; + server_random = settings->server_random; if (settings->encryption_method == ENCRYPTION_METHOD_FIPS) { @@ -398,12 +398,15 @@ boolean security_establish_keys(uint8* client_random, rdpRdp* rdp) memcpy(rdp->sign_key, session_key_blob, 16); - if (rdp->settings->server_mode) { + if (rdp->settings->server_mode) + { security_md5_16_32_32(&session_key_blob[16], client_random, server_random, rdp->encrypt_key); security_md5_16_32_32(&session_key_blob[32], client_random, server_random, rdp->decrypt_key); - } else { + } + else + { security_md5_16_32_32(&session_key_blob[16], client_random, server_random, rdp->decrypt_key); security_md5_16_32_32(&session_key_blob[32], client_random, diff --git a/libfreerdp/core/settings.c b/libfreerdp/core/settings.c index 20534403d..9af876501 100644 --- a/libfreerdp/core/settings.c +++ b/libfreerdp/core/settings.c @@ -280,8 +280,6 @@ rdpSettings* settings_new(void* instance) settings->server_auto_reconnect_cookie = xnew(ARC_SC_PRIVATE_PACKET); settings->client_time_zone = xnew(TIME_ZONE_INFO); - settings->server_random = xnew(rdpBlob); - settings->server_certificate = xnew(rdpBlob); freerdp_detect_paths(settings); @@ -309,8 +307,6 @@ void settings_free(rdpSettings* settings) xfree(settings->order_support); xfree(settings->client_hostname); xfree(settings->client_product_id); - freerdp_blob_free(settings->server_random); - freerdp_blob_free(settings->server_certificate); xfree(settings->server_random); xfree(settings->server_certificate); xfree(settings->rdp_key_file); diff --git a/libfreerdp/crypto/crypto.c b/libfreerdp/crypto/crypto.c index d5b0a7d54..a520e52e4 100644 --- a/libfreerdp/crypto/crypto.c +++ b/libfreerdp/crypto/crypto.c @@ -160,13 +160,15 @@ void crypto_cert_free(CryptoCert cert) { if (cert == NULL) return; + X509_free(cert->px509); + xfree(cert); } -boolean crypto_cert_get_public_key(CryptoCert cert, rdpBlob* public_key) +boolean crypto_cert_get_public_key(CryptoCert cert, BYTE** PublicKey, DWORD* PublicKeyLength) { - uint8* p; + BYTE* ptr; int length; boolean status = true; EVP_PKEY* pkey = NULL; @@ -189,9 +191,11 @@ boolean crypto_cert_get_public_key(CryptoCert cert, rdpBlob* public_key) goto exit; } - freerdp_blob_alloc(public_key, length); - p = (uint8*) public_key->data; - i2d_PublicKey(pkey, &p); + *PublicKeyLength = (DWORD) length; + *PublicKey = (BYTE*) malloc(length); + ptr = (BYTE*) (*PublicKey); + + i2d_PublicKey(pkey, &ptr); exit: if (pkey) diff --git a/libfreerdp/crypto/nla.c b/libfreerdp/crypto/nla.c index 89035cf06..dc20954fa 100644 --- a/libfreerdp/crypto/nla.c +++ b/libfreerdp/crypto/nla.c @@ -133,8 +133,8 @@ int credssp_ntlm_client_init(rdpCredssp* credssp) (char*) credssp->identity.User, (char*) credssp->identity.Domain, (char*) credssp->identity.Password); #endif - sspi_SecBufferAlloc(&credssp->PublicKey, credssp->tls->public_key.length); - CopyMemory(credssp->PublicKey.pvBuffer, credssp->tls->public_key.data, credssp->tls->public_key.length); + sspi_SecBufferAlloc(&credssp->PublicKey, credssp->tls->PublicKeyLength); + CopyMemory(credssp->PublicKey.pvBuffer, credssp->tls->PublicKey, credssp->tls->PublicKeyLength); length = sizeof(TERMSRV_SPN_PREFIX) + strlen(settings->hostname); @@ -164,8 +164,8 @@ int credssp_ntlm_server_init(rdpCredssp* credssp) rdpSettings* settings = credssp->settings; instance = (freerdp*) settings->instance; - sspi_SecBufferAlloc(&credssp->PublicKey, credssp->tls->public_key.length); - CopyMemory(credssp->PublicKey.pvBuffer, credssp->tls->public_key.data, credssp->tls->public_key.length); + sspi_SecBufferAlloc(&credssp->PublicKey, credssp->tls->PublicKeyLength); + CopyMemory(credssp->PublicKey.pvBuffer, credssp->tls->PublicKey, credssp->tls->PublicKeyLength); return 1; } diff --git a/libfreerdp/crypto/tls.c b/libfreerdp/crypto/tls.c index 896653eeb..8c8fd6f10 100644 --- a/libfreerdp/crypto/tls.c +++ b/libfreerdp/crypto/tls.c @@ -133,10 +133,10 @@ boolean tls_connect(rdpTls* tls) return false; } - if (!crypto_cert_get_public_key(cert, &tls->public_key)) + if (!crypto_cert_get_public_key(cert, &tls->PublicKey, &tls->PublicKeyLength)) { printf("tls_connect: crypto_cert_get_public_key failed to return the server public key.\n"); - tls_free_certificate(cert) ; + tls_free_certificate(cert); return false; } @@ -234,7 +234,7 @@ boolean tls_accept(rdpTls* tls, const char* cert_file, const char* privatekey_fi return false; } - if (!crypto_cert_get_public_key(cert, &tls->public_key)) + if (!crypto_cert_get_public_key(cert, &tls->PublicKey, &tls->PublicKeyLength)) { printf("tls_connect: crypto_cert_get_public_key failed to return the server public key.\n"); tls_free_certificate(cert); @@ -639,7 +639,8 @@ void tls_free(rdpTls* tls) if (tls->ctx) SSL_CTX_free(tls->ctx); - freerdp_blob_free(&tls->public_key); + if (tls->PublicKey) + free(tls->PublicKey); certificate_store_free(tls->certificate_store); diff --git a/libfreerdp/locale/keyboard_xkbfile.c b/libfreerdp/locale/keyboard_xkbfile.c index 34c76981e..7e1c000b8 100644 --- a/libfreerdp/locale/keyboard_xkbfile.c +++ b/libfreerdp/locale/keyboard_xkbfile.c @@ -23,6 +23,8 @@ #include "keyboard_xkbfile.h" +#include + #include #include diff --git a/libfreerdp/locale/timezone.c b/libfreerdp/locale/timezone.c index 7abe3911a..895374f7a 100644 --- a/libfreerdp/locale/timezone.c +++ b/libfreerdp/locale/timezone.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "liblocale.h" diff --git a/libfreerdp/locale/virtual_key_codes.c b/libfreerdp/locale/virtual_key_codes.c index 24da1e533..bd2d9cc81 100644 --- a/libfreerdp/locale/virtual_key_codes.c +++ b/libfreerdp/locale/virtual_key_codes.c @@ -21,6 +21,10 @@ #include "config.h" #endif +#include +#include +#include + #include #include diff --git a/libfreerdp/locale/xkb_layout_ids.c b/libfreerdp/locale/xkb_layout_ids.c index d2b18b8eb..1037351fa 100644 --- a/libfreerdp/locale/xkb_layout_ids.c +++ b/libfreerdp/locale/xkb_layout_ids.c @@ -23,6 +23,8 @@ #include "xkb_layout_ids.h" +#include + #include #include diff --git a/libfreerdp/utils/CMakeLists.txt b/libfreerdp/utils/CMakeLists.txt index d2cedf32d..84d471360 100644 --- a/libfreerdp/utils/CMakeLists.txt +++ b/libfreerdp/utils/CMakeLists.txt @@ -22,7 +22,6 @@ find_required_package(Threads) set(FREERDP_UTILS_SRCS args.c - blob.c dsp.c event.c bitmap.c diff --git a/libfreerdp/utils/blob.c b/libfreerdp/utils/blob.c deleted file mode 100644 index 045da60b1..000000000 --- a/libfreerdp/utils/blob.c +++ /dev/null @@ -1,57 +0,0 @@ -/** - * FreeRDP: A Remote Desktop Protocol Client - * BLOB Utils - * - * Copyright 2011 Marc-Andre Moreau - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include - -#include - -/** - * Allocate memory for data blob. - * @param blob blob structure - * @param length memory length - */ - -void freerdp_blob_alloc(rdpBlob* blob, int length) -{ - blob->data = xmalloc(length); - blob->length = length; -} - -/** - * Free memory allocated for data blob. - * @param blob - */ - -void freerdp_blob_free(rdpBlob* blob) -{ - if (blob->data) - xfree(blob->data); - - blob->length = 0; -} - -void freerdp_blob_copy(rdpBlob* dstblob, rdpBlob* srcblob) -{ - freerdp_blob_alloc(dstblob, srcblob->length); - memcpy(dstblob->data, srcblob->data, dstblob->length); -} diff --git a/libfreerdp/utils/time.c b/libfreerdp/utils/time.c index 9e22d0e79..0183b58c3 100644 --- a/libfreerdp/utils/time.c +++ b/libfreerdp/utils/time.c @@ -22,6 +22,9 @@ #endif #include +#include +#include + #include #include