From 765b25933eee74eefca7b90eb19f08c348ab1391 Mon Sep 17 00:00:00 2001 From: Norbert Federa Date: Mon, 12 Jan 2015 11:31:18 +0100 Subject: [PATCH] license: fix for corrupted licensing packets Since commit a228952 FreeRDP generates corrupt licensing packets if the rdp security layer is used and the peer did not indicate that it is capable of processing encrypted licensing packets: That commit changed rdp->sec_flags after the rdp stream was already initialized with encryption enabled which placed the PDU payload at an incorrect offset. Instead of directly modifying the rdp->sec_flags this patch temporarily disables rdp->do_crypt during rdp stream initialization if the client has not advertised support for encrypted licensing packets. --- libfreerdp/core/license.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/libfreerdp/core/license.c b/libfreerdp/core/license.c index 7dae05743..82b5f0eae 100644 --- a/libfreerdp/core/license.c +++ b/libfreerdp/core/license.c @@ -160,17 +160,28 @@ void license_write_preamble(wStream* s, BYTE bMsgType, BYTE flags, UINT16 wMsgSi wStream* license_send_stream_init(rdpLicense* license) { wStream* s; + BOOL do_crypt = license->rdp->do_crypt; + license->rdp->sec_flags = SEC_LICENSE_PKT; - if (license->rdp->do_crypt) + /** + * Encryption of licensing packets is optional even if the rdp security + * layer is used. If the peer has not indicated that it is capable of + * processing encrypted licensing packets (rdp->do_crypt_license) we turn + * off encryption (via rdp->do_crypt) before initializing the rdp stream + * and reenable it afterwards. + */ + + if (do_crypt) + { license->rdp->sec_flags |= SEC_LICENSE_ENCRYPT_CS; + license->rdp->do_crypt = license->rdp->do_crypt_license; + } s = transport_send_stream_init(license->rdp->transport, 4096); rdp_init_stream(license->rdp, s); - if (!license->rdp->do_crypt_license) - license->rdp->sec_flags &= ~SEC_ENCRYPT; - + license->rdp->do_crypt = do_crypt; license->PacketHeaderLength = Stream_GetPosition(s); Stream_Seek(s, LICENSE_PREAMBLE_LENGTH); return s;