From 86910c8401247ffb007338f512fc1409d1c07e33 Mon Sep 17 00:00:00 2001
From: Pawel Jakub Dawidek <pawel@dawidek.net>
Date: Wed, 25 Jan 2012 16:30:54 +0100
Subject: [PATCH] Add missing decryption.

---
 libfreerdp-core/capabilities.c | 15 +++++++++++++++
 libfreerdp-core/info.c         | 23 ++++++++++++++++++++---
 libfreerdp-core/peer.c         | 19 ++++++++++++++++++-
 3 files changed, 53 insertions(+), 4 deletions(-)

diff --git a/libfreerdp-core/capabilities.c b/libfreerdp-core/capabilities.c
index 0e23e9af1..7c3891ce3 100644
--- a/libfreerdp-core/capabilities.c
+++ b/libfreerdp-core/capabilities.c
@@ -1922,9 +1922,24 @@ boolean rdp_recv_confirm_active(rdpRdp* rdp, STREAM* s)
 	uint16 lengthSourceDescriptor;
 	uint16 lengthCombinedCapabilities;
 	uint16 numberCapabilities;
+	uint16 securityFlags;
 
 	if (!rdp_read_header(rdp, s, &length, &channelId))
 		return false;
+
+	if (rdp->settings->encryption)
+	{
+		rdp_read_security_header(s, &securityFlags);
+		if (securityFlags & SEC_ENCRYPT)
+		{
+			if (!rdp_decrypt(rdp, s, length - 4, securityFlags))
+			{
+				printf("rdp_decrypt failed\n");
+				return false;
+			}
+		}
+	}
+
 	if (channelId != MCS_GLOBAL_CHANNEL_ID)
 		return false;
 
diff --git a/libfreerdp-core/info.c b/libfreerdp-core/info.c
index bd4afad78..1336d25b7 100644
--- a/libfreerdp-core/info.c
+++ b/libfreerdp-core/info.c
@@ -564,15 +564,32 @@ boolean rdp_recv_client_info(rdpRdp* rdp, STREAM* s)
 {
 	uint16 length;
 	uint16 channelId;
-	uint16 sec_flags;
+	uint16 securityFlags;
 
 	if (!rdp_read_header(rdp, s, &length, &channelId))
 		return false;
 
-	rdp_read_security_header(s, &sec_flags);
-	if ((sec_flags & SEC_INFO_PKT) == 0)
+	rdp_read_security_header(s, &securityFlags);
+	if ((securityFlags & SEC_INFO_PKT) == 0)
 		return false;
 
+	if (rdp->settings->encryption)
+	{
+		if (securityFlags & SEC_REDIRECTION_PKT)
+		{
+			printf("Error: SEC_REDIRECTION_PKT unsupported\n");
+			return false;
+		}
+		if (securityFlags & SEC_ENCRYPT)
+		{
+			if (!rdp_decrypt(rdp, s, length - 4, securityFlags))
+			{
+				printf("rdp_decrypt failed\n");
+				return false;
+			}
+		}
+	}
+
 	return rdp_read_info_packet(s, rdp->settings);
 }
 
diff --git a/libfreerdp-core/peer.c b/libfreerdp-core/peer.c
index ef44d301f..3136d173b 100644
--- a/libfreerdp-core/peer.c
+++ b/libfreerdp-core/peer.c
@@ -112,18 +112,35 @@ static boolean peer_recv_data_pdu(freerdp_peer* client, STREAM* s)
 
 static boolean peer_recv_tpkt_pdu(freerdp_peer* client, STREAM* s)
 {
+	rdpRdp *rdp;
 	uint16 length;
 	uint16 pduType;
 	uint16 pduLength;
 	uint16 pduSource;
 	uint16 channelId;
+	uint16 securityFlags;
 
-	if (!rdp_read_header(client->context->rdp, s, &length, &channelId))
+	rdp = client->context->rdp;
+
+	if (!rdp_read_header(rdp, s, &length, &channelId))
 	{
 		printf("Incorrect RDP header.\n");
 		return false;
 	}
 
+	if (rdp->settings->encryption)
+	{
+		rdp_read_security_header(s, &securityFlags);
+		if (securityFlags & SEC_ENCRYPT)
+		{
+			if (!rdp_decrypt(rdp, s, length - 4, securityFlags))
+			{
+				printf("rdp_decrypt failed\n");
+				return false;
+			}
+		}
+	}
+
 	if (channelId != MCS_GLOBAL_CHANNEL_ID)
 	{
 		freerdp_channel_peer_process(client, s, channelId);