diff --git a/libfreerdp/core/gateway/ntlm.c b/libfreerdp/core/gateway/ntlm.c index 54753edd6..495372aa4 100644 --- a/libfreerdp/core/gateway/ntlm.c +++ b/libfreerdp/core/gateway/ntlm.c @@ -23,10 +23,6 @@ #include "config.h" #endif -#include -#include -#include - #include #include #include @@ -49,6 +45,9 @@ BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL http, char* user, char* domain, char* ntlm->table = InitSecurityInterfaceEx(SSPI_INTERFACE_WINPR); + if (!ntlm->table) + return FALSE; + sspi_SetAuthIdentity(&(ntlm->identity), user, domain, password); status = ntlm->table->QuerySecurityPackageInfo(NTLMSP_NAME, &ntlm->pPackageInfo); @@ -279,24 +278,29 @@ void ntlm_client_uninit(rdpNtlm* ntlm) ntlm->table->FreeCredentialsHandle(&ntlm->credentials); ntlm->table->FreeContextBuffer(ntlm->pPackageInfo); ntlm->table->DeleteSecurityContext(&ntlm->context); + ntlm->table = NULL; } } rdpNtlm* ntlm_new() { - return (rdpNtlm*) calloc(1, sizeof(rdpNtlm)); + rdpNtlm* ntlm; + + ntlm = (rdpNtlm*) calloc(1, sizeof(rdpNtlm)); + + return ntlm; } void ntlm_free(rdpNtlm* ntlm) { - if (ntlm) - { - if (ntlm->outputBuffer[0].pvBuffer) - { - free(ntlm->outputBuffer[0].pvBuffer); - ntlm->outputBuffer[0].pvBuffer = NULL; - } + if (!ntlm) + return; - free(ntlm); + if (ntlm->outputBuffer[0].pvBuffer) + { + free(ntlm->outputBuffer[0].pvBuffer); + ntlm->outputBuffer[0].pvBuffer = NULL; } + + free(ntlm); } diff --git a/libfreerdp/core/gateway/rpc.c b/libfreerdp/core/gateway/rpc.c index ab6278756..c0d2dbb59 100644 --- a/libfreerdp/core/gateway/rpc.c +++ b/libfreerdp/core/gateway/rpc.c @@ -363,6 +363,7 @@ int rpc_write(rdpRpc* rpc, BYTE* data, int length, UINT16 opnum) if (!ntlm || !ntlm->table) { WLog_ERR(TAG, "invalid ntlm context"); + fprintf(stderr, "invalid ntlm context: %p %p\n", ntlm, ntlm->table); return -1; } @@ -584,7 +585,6 @@ rdpRpc* rpc_new(rdpTransport* transport) if (rpc_client_new(rpc) < 0) goto out_free_virtualConnectionCookieTable; - rpc->client->SynchronousReceive = TRUE; return rpc; out_free_virtualConnectionCookieTable: rpc_client_free(rpc); diff --git a/libfreerdp/core/gateway/rpc.h b/libfreerdp/core/gateway/rpc.h index 3504a64ab..d8b2e74a1 100644 --- a/libfreerdp/core/gateway/rpc.h +++ b/libfreerdp/core/gateway/rpc.h @@ -703,16 +703,12 @@ typedef struct rpc_virtual_connection_cookie_entry RpcVirtualConnectionCookieEnt struct rpc_client { - HANDLE Thread; - HANDLE StopEvent; - RPC_PDU* pdu; HANDLE PipeEvent; RingBuffer ReceivePipe; wStream* ReceiveFragment; CRITICAL_SECTION PipeLock; wArrayList* ClientCallList; - BOOL SynchronousReceive; }; typedef struct rpc_client RpcClient; diff --git a/libfreerdp/core/gateway/rpc_bind.c b/libfreerdp/core/gateway/rpc_bind.c index e568f9dab..732ca4a16 100644 --- a/libfreerdp/core/gateway/rpc_bind.c +++ b/libfreerdp/core/gateway/rpc_bind.c @@ -120,12 +120,7 @@ int rpc_send_bind_pdu(rdpRpc* rpc) WLog_DBG(TAG, "Sending bind PDU"); - if (rpc->ntlm) - { - ntlm_free(rpc->ntlm); - rpc->ntlm = NULL; - } - + ntlm_free(rpc->ntlm); rpc->ntlm = ntlm_new(); if (!rpc->ntlm) @@ -163,8 +158,13 @@ int rpc_send_bind_pdu(rdpRpc* rpc) } } - if (!ntlm_client_init(rpc->ntlm, FALSE, settings->GatewayUsername, settings->GatewayDomain, settings->GatewayPassword, NULL) || - !ntlm_client_make_spn(rpc->ntlm, NULL, settings->GatewayHostname) || !ntlm_authenticate(rpc->ntlm)) + if (!ntlm_client_init(rpc->ntlm, FALSE, settings->GatewayUsername, settings->GatewayDomain, settings->GatewayPassword, NULL)) + return -1; + + if (!ntlm_client_make_spn(rpc->ntlm, NULL, settings->GatewayHostname)) + return -1; + + if (!ntlm_authenticate(rpc->ntlm)) return -1; bind_pdu = (rpcconn_bind_hdr_t*) calloc(1, sizeof(rpcconn_bind_hdr_t)); diff --git a/libfreerdp/core/gateway/rpc_client.c b/libfreerdp/core/gateway/rpc_client.c index bedadec28..c89b8ee52 100644 --- a/libfreerdp/core/gateway/rpc_client.c +++ b/libfreerdp/core/gateway/rpc_client.c @@ -542,73 +542,6 @@ int rpc_send_pdu(rdpRpc* rpc, BYTE* buffer, UINT32 length) return status; } -static void* rpc_client_thread(void* arg) -{ - DWORD nCount; - HANDLE events[8]; - DWORD waitStatus; - HANDLE ReadEvent = NULL; - rdpRpc* rpc = (rdpRpc*) arg; - - BIO_get_event(rpc->TlsOut->bio, &ReadEvent); - - nCount = 0; - events[nCount++] = rpc->client->StopEvent; - events[nCount++] = ReadEvent; - - /* - * OpenSSL buffers TLS records, which can sometimes cause - * bytes to be buffered in OpenSSL without the TCP socket - * being signaled for read. Do a first read to work around - * the problem for now. - */ - - if (rpc_client_recv(rpc) < 0) - { - rpc->transport->layer = TRANSPORT_LAYER_CLOSED; - return NULL; - } - - while (rpc->transport->layer != TRANSPORT_LAYER_CLOSED) - { - waitStatus = WaitForMultipleObjects(nCount, events, FALSE, INFINITE); - - if (WaitForSingleObject(rpc->client->StopEvent, 0) == WAIT_OBJECT_0) - break; - - if (WaitForSingleObject(ReadEvent, 0) == WAIT_OBJECT_0) - { - if (rpc_client_recv(rpc) < 0) - { - rpc->transport->layer = TRANSPORT_LAYER_CLOSED; - break; - } - } - } - - return NULL; -} - -int rpc_client_start(rdpRpc* rpc) -{ - rpc->client->Thread = CreateThread(NULL, 0, - (LPTHREAD_START_ROUTINE) rpc_client_thread, rpc, 0, NULL); - - return 0; -} - -int rpc_client_stop(rdpRpc* rpc) -{ - if (rpc->client->Thread) - { - SetEvent(rpc->client->StopEvent); - WaitForSingleObject(rpc->client->Thread, INFINITE); - rpc->client->Thread = NULL; - } - - return 0; -} - int rpc_client_new(rdpRpc* rpc) { RpcClient* client; @@ -620,11 +553,6 @@ int rpc_client_new(rdpRpc* rpc) if (!client) return -1; - client->StopEvent = CreateEvent(NULL, TRUE, FALSE, NULL); - - if (!client->StopEvent) - return -1; - client->pdu = rpc_pdu_new(); if (!client->pdu) @@ -663,8 +591,6 @@ void rpc_client_free(rdpRpc* rpc) if (!client) return; - rpc_client_stop(rpc); - if (client->ReceiveFragment) Stream_Free(client->ReceiveFragment, TRUE); @@ -681,12 +607,6 @@ void rpc_client_free(rdpRpc* rpc) if (client->ClientCallList) ArrayList_Free(client->ClientCallList); - if (client->StopEvent) - CloseHandle(client->StopEvent); - - if (client->Thread) - CloseHandle(client->Thread); - free(client); rpc->client = NULL; } diff --git a/libfreerdp/core/gateway/rpc_client.h b/libfreerdp/core/gateway/rpc_client.h index fe27ce676..ddfcdce03 100644 --- a/libfreerdp/core/gateway/rpc_client.h +++ b/libfreerdp/core/gateway/rpc_client.h @@ -28,11 +28,11 @@ RpcClientCall* rpc_client_call_new(UINT32 CallId, UINT32 OpNum); void rpc_client_call_free(RpcClientCall* client_call); int rpc_send_pdu(rdpRpc* rpc, BYTE* buffer, UINT32 length); +int rpc_client_recv(rdpRpc* rpc); + int rpc_client_receive_pipe_read(rdpRpc* rpc, BYTE* buffer, size_t length); int rpc_client_new(rdpRpc* rpc); -int rpc_client_start(rdpRpc* rpc); -int rpc_client_stop(rdpRpc* rpc); void rpc_client_free(rdpRpc* rpc); #endif /* FREERDP_CORE_RPC_CLIENT_H */ diff --git a/libfreerdp/core/gateway/tsg.c b/libfreerdp/core/gateway/tsg.c index ff5954119..d1cff44f9 100644 --- a/libfreerdp/core/gateway/tsg.c +++ b/libfreerdp/core/gateway/tsg.c @@ -1336,8 +1336,18 @@ int tsg_recv_pdu(rdpTsg* tsg, RPC_PDU* pdu) return 1; } +int tsg_check(rdpTsg* tsg) +{ + int status; + + status = rpc_client_recv(tsg->rpc); + + return status; +} + BOOL tsg_connect(rdpTsg* tsg, const char* hostname, UINT16 port) { + HANDLE ReadEvent; rdpRpc* rpc = tsg->rpc; rdpSettings* settings = rpc->settings; @@ -1360,18 +1370,27 @@ BOOL tsg_connect(rdpTsg* tsg, const char* hostname, UINT16 port) return -1; } - rpc_client_start(rpc); + ReadEvent = NULL; + BIO_get_event(rpc->TlsOut->bio, &ReadEvent); while (tsg->state != TSG_STATE_PIPE_CREATED) { - USleep(100); + if (WaitForSingleObject(ReadEvent, 100) == WAIT_OBJECT_0) + { + if (rpc_client_recv(rpc) < 0) + { + rpc->transport->layer = TRANSPORT_LAYER_CLOSED; + break; + } + } } + WLog_INFO(TAG, "TS Gateway Connection Success"); + + tsg->transport->GatewayEvent = tsg->rpc->client->PipeEvent; tsg->bio = BIO_new(BIO_s_tsg()); tsg->bio->ptr = tsg; - WLog_INFO(TAG, "TS Gateway Connection Success"); - return TRUE; } @@ -1443,7 +1462,7 @@ int tsg_read(rdpTsg* tsg, BYTE* data, UINT32 length) if (status < 0) return -1; - if (!status && !rpc->client->SynchronousReceive) + if (!status && !rpc->transport->blocking) return 0; if (rpc->transport->layer == TRANSPORT_LAYER_CLOSED) @@ -1455,10 +1474,18 @@ int tsg_read(rdpTsg* tsg, BYTE* data, UINT32 length) if (status > 0) break; - if (rpc->client->SynchronousReceive) - WaitForSingleObject(rpc->client->PipeEvent, 100); + if (rpc->transport->blocking) + { + while (WaitForSingleObject(rpc->client->PipeEvent, 0) != WAIT_OBJECT_0) + { + if (tsg_check(tsg) < 0) + return -1; + + WaitForSingleObject(rpc->client->PipeEvent, 100); + } + } } - while (rpc->client->SynchronousReceive); + while (rpc->transport->blocking); return status; } @@ -1481,13 +1508,6 @@ int tsg_write(rdpTsg* tsg, BYTE* data, UINT32 length) return length; } -BOOL tsg_set_blocking_mode(rdpTsg* tsg, BOOL blocking) -{ - tsg->rpc->client->SynchronousReceive = blocking; - tsg->transport->GatewayEvent = tsg->rpc->client->PipeEvent; - return TRUE; -} - rdpTsg* tsg_new(rdpTransport* transport) { rdpTsg* tsg; diff --git a/libfreerdp/core/gateway/tsg.h b/libfreerdp/core/gateway/tsg.h index 38da142d3..e483f4cff 100644 --- a/libfreerdp/core/gateway/tsg.h +++ b/libfreerdp/core/gateway/tsg.h @@ -311,8 +311,7 @@ int tsg_write(rdpTsg* tsg, BYTE* data, UINT32 length); int tsg_read(rdpTsg* tsg, BYTE* data, UINT32 length); int tsg_recv_pdu(rdpTsg* tsg, RPC_PDU* pdu); - -BOOL tsg_set_blocking_mode(rdpTsg* tsg, BOOL blocking); +int tsg_check(rdpTsg* tsg); rdpTsg* tsg_new(rdpTransport* transport); void tsg_free(rdpTsg* tsg); diff --git a/libfreerdp/core/nego.c b/libfreerdp/core/nego.c index 17c1c25e1..2a2491a13 100644 --- a/libfreerdp/core/nego.c +++ b/libfreerdp/core/nego.c @@ -22,9 +22,6 @@ #include "config.h" #endif -#include -#include - #include #include @@ -37,7 +34,6 @@ #define TAG FREERDP_TAG("core.nego") -#ifdef WITH_DEBUG_NEGO static const char* const NEGO_STATE_STRINGS[] = { "NEGO_STATE_INITIAL", @@ -61,7 +57,6 @@ static const char PROTOCOL_SECURITY_STRINGS[9][4] = "UNK", "EXT" }; -#endif /* WITH_DEBUG_NEGO */ static BOOL nego_transport_connect(rdpNego* nego); static BOOL nego_transport_disconnect(rdpNego* nego); @@ -97,14 +92,14 @@ BOOL nego_connect(rdpNego* nego) } else { - DEBUG_NEGO("No security protocol is enabled"); + WLog_ERR(TAG, "No security protocol is enabled"); nego->state = NEGO_STATE_FAIL; return FALSE; } if (!nego->NegotiateSecurityLayer) { - DEBUG_NEGO("Security Layer Negotiation is disabled"); + WLog_DBG(TAG, "Security Layer Negotiation is disabled"); /* attempt only the highest enabled protocol (see nego_attempt_*) */ nego->enabled_protocols[PROTOCOL_NLA] = FALSE; @@ -137,7 +132,7 @@ BOOL nego_connect(rdpNego* nego) if (!nego_send_preconnection_pdu(nego)) { - DEBUG_NEGO("Failed to send preconnection pdu"); + WLog_ERR(TAG, "Failed to send preconnection pdu"); nego->state = NEGO_STATE_FINAL; return FALSE; } @@ -145,20 +140,20 @@ BOOL nego_connect(rdpNego* nego) do { - DEBUG_NEGO("state: %s", NEGO_STATE_STRINGS[nego->state]); + WLog_DBG(TAG, "state: %s", NEGO_STATE_STRINGS[nego->state]); nego_send(nego); if (nego->state == NEGO_STATE_FAIL) { - DEBUG_NEGO("Protocol Security Negotiation Failure"); + WLog_ERR(TAG, "Protocol Security Negotiation Failure"); nego->state = NEGO_STATE_FINAL; return FALSE; } } while (nego->state != NEGO_STATE_FINAL); - DEBUG_NEGO("Negotiated %s security", PROTOCOL_SECURITY_STRINGS[nego->selected_protocol]); + WLog_DBG(TAG, "Negotiated %s security", PROTOCOL_SECURITY_STRINGS[nego->selected_protocol]); /* update settings with negotiated protocol security */ settings->RequestedProtocols = nego->requested_protocols; @@ -182,7 +177,7 @@ BOOL nego_connect(rdpNego* nego) /* finally connect security layer (if not already done) */ if (!nego_security_connect(nego)) { - DEBUG_NEGO("Failed to connect with %s security", PROTOCOL_SECURITY_STRINGS[nego->selected_protocol]); + WLog_DBG(TAG, "Failed to connect with %s security", PROTOCOL_SECURITY_STRINGS[nego->selected_protocol]); return FALSE; } @@ -209,22 +204,22 @@ BOOL nego_security_connect(rdpNego* nego) { if (nego->selected_protocol == PROTOCOL_NLA) { - DEBUG_NEGO("nego_security_connect with PROTOCOL_NLA"); + WLog_DBG(TAG, "nego_security_connect with PROTOCOL_NLA"); nego->security_connected = transport_connect_nla(nego->transport); } else if (nego->selected_protocol == PROTOCOL_TLS) { - DEBUG_NEGO("nego_security_connect with PROTOCOL_TLS"); + WLog_DBG(TAG, "nego_security_connect with PROTOCOL_TLS"); nego->security_connected = transport_connect_tls(nego->transport); } else if (nego->selected_protocol == PROTOCOL_RDP) { - DEBUG_NEGO("nego_security_connect with PROTOCOL_RDP"); + WLog_DBG(TAG, "nego_security_connect with PROTOCOL_RDP"); nego->security_connected = transport_connect_rdp(nego->transport); } else { - DEBUG_NEGO("cannot connect security layer because no protocol has been selected yet."); + WLog_ERR(TAG, "cannot connect security layer because no protocol has been selected yet."); } } @@ -316,7 +311,7 @@ BOOL nego_send_preconnection_pdu(rdpNego* nego) if (!nego->send_preconnection_pdu) return TRUE; - DEBUG_NEGO("Sending preconnection PDU"); + WLog_DBG(TAG, "Sending preconnection PDU"); if (!nego_tcp_connect(nego)) return FALSE; @@ -367,7 +362,7 @@ void nego_attempt_ext(rdpNego* nego) { nego->requested_protocols = PROTOCOL_NLA | PROTOCOL_TLS | PROTOCOL_EXT; - DEBUG_NEGO("Attempting NLA extended security"); + WLog_DBG(TAG, "Attempting NLA extended security"); if (!nego_transport_connect(nego)) { @@ -387,7 +382,7 @@ void nego_attempt_ext(rdpNego* nego) return; } - DEBUG_NEGO("state: %s", NEGO_STATE_STRINGS[nego->state]); + WLog_DBG(TAG, "state: %s", NEGO_STATE_STRINGS[nego->state]); if (nego->state != NEGO_STATE_FINAL) { @@ -413,7 +408,7 @@ void nego_attempt_nla(rdpNego* nego) { nego->requested_protocols = PROTOCOL_NLA | PROTOCOL_TLS; - DEBUG_NEGO("Attempting NLA security"); + WLog_DBG(TAG, "Attempting NLA security"); if (!nego_transport_connect(nego)) { @@ -433,7 +428,7 @@ void nego_attempt_nla(rdpNego* nego) return; } - DEBUG_NEGO("state: %s", NEGO_STATE_STRINGS[nego->state]); + WLog_DBG(TAG, "state: %s", NEGO_STATE_STRINGS[nego->state]); if (nego->state != NEGO_STATE_FINAL) { @@ -457,7 +452,7 @@ void nego_attempt_tls(rdpNego* nego) { nego->requested_protocols = PROTOCOL_TLS; - DEBUG_NEGO("Attempting TLS security"); + WLog_DBG(TAG, "Attempting TLS security"); if (!nego_transport_connect(nego)) { @@ -497,7 +492,7 @@ void nego_attempt_rdp(rdpNego* nego) { nego->requested_protocols = PROTOCOL_RDP; - DEBUG_NEGO("Attempting RDP security"); + WLog_DBG(TAG, "Attempting RDP security"); if (!nego_transport_connect(nego)) { @@ -585,7 +580,7 @@ int nego_recv(rdpTransport* transport, wStream* s, void* extra) case TYPE_RDP_NEG_RSP: nego_process_negotiation_response(nego, s); - DEBUG_NEGO("selected_protocol: %d", nego->selected_protocol); + WLog_DBG(TAG, "selected_protocol: %d", nego->selected_protocol); /* enhanced security selected ? */ @@ -615,7 +610,7 @@ int nego_recv(rdpTransport* transport, wStream* s, void* extra) } else if (li == 6) { - DEBUG_NEGO("no rdpNegData"); + WLog_DBG(TAG, "no rdpNegData"); if (!nego->enabled_protocols[PROTOCOL_RDP]) nego->state = NEGO_STATE_FAIL; @@ -624,7 +619,7 @@ int nego_recv(rdpTransport* transport, wStream* s, void* extra) } else { - WLog_ERR(TAG, "invalid negotiation response"); + WLog_ERR(TAG, "invalid negotiation response"); nego->state = NEGO_STATE_FAIL; } @@ -708,7 +703,7 @@ void nego_send(rdpNego* nego) else if (nego->state == NEGO_STATE_RDP) nego_attempt_rdp(nego); else - DEBUG_NEGO("invalid negotiation state for sending"); + WLog_ERR(TAG, "invalid negotiation state for sending"); } /** @@ -738,12 +733,12 @@ BOOL nego_send_negotiation_request(rdpNego* nego) /* Ensure Routing Token is correctly terminated - may already be present in string */ if (nego->RoutingTokenLength>2 && (nego->RoutingToken[nego->RoutingTokenLength-2]==0x0D && nego->RoutingToken[nego->RoutingTokenLength-1]==0x0A)) { - DEBUG_NEGO("Routing token looks correctly terminated - use verbatim"); + WLog_DBG(TAG, "Routing token looks correctly terminated - use verbatim"); length +=nego->RoutingTokenLength; } else { - DEBUG_NEGO("Adding terminating CRLF to routing token"); + WLog_DBG(TAG, "Adding terminating CRLF to routing token"); Stream_Write_UINT8(s, 0x0D); /* CR */ Stream_Write_UINT8(s, 0x0A); /* LF */ length += nego->RoutingTokenLength + 2; @@ -763,7 +758,7 @@ BOOL nego_send_negotiation_request(rdpNego* nego) length += cookie_length + 19; } - DEBUG_NEGO("requested_protocols: %d", nego->requested_protocols); + WLog_DBG(TAG, "RequestedProtocols: %d", nego->requested_protocols); if ((nego->requested_protocols > PROTOCOL_RDP) || (nego->sendNegoData)) { @@ -809,13 +804,11 @@ void nego_process_negotiation_request(rdpNego* nego, wStream* s) BYTE flags; UINT16 length; - DEBUG_NEGO("RDP_NEG_REQ"); - Stream_Read_UINT8(s, flags); Stream_Read_UINT16(s, length); Stream_Read_UINT32(s, nego->requested_protocols); - DEBUG_NEGO("requested_protocols: %d", nego->requested_protocols); + WLog_DBG(TAG, "RDP_NEG_REQ: RequestedProtocol: 0x%04X", nego->requested_protocols); nego->state = NEGO_STATE_FINAL; } @@ -830,11 +823,11 @@ void nego_process_negotiation_response(rdpNego* nego, wStream* s) { UINT16 length; - DEBUG_NEGO("RDP_NEG_RSP"); + WLog_DBG(TAG, "RDP_NEG_RSP"); if (Stream_GetRemainingLength(s) < 7) { - DEBUG_NEGO("RDP_INVALID_NEG_RSP"); + WLog_ERR(TAG, "Invalid RDP_NEG_RSP"); nego->state = NEGO_STATE_FAIL; return; } @@ -858,7 +851,7 @@ void nego_process_negotiation_failure(rdpNego* nego, wStream* s) UINT16 length; UINT32 failureCode; - DEBUG_NEGO("RDP_NEG_FAILURE"); + WLog_DBG(TAG, "RDP_NEG_FAILURE"); Stream_Read_UINT8(s, flags); Stream_Read_UINT16(s, length); @@ -867,29 +860,29 @@ void nego_process_negotiation_failure(rdpNego* nego, wStream* s) switch (failureCode) { case SSL_REQUIRED_BY_SERVER: - DEBUG_NEGO("Error: SSL_REQUIRED_BY_SERVER"); + WLog_ERR(TAG, "Error: SSL_REQUIRED_BY_SERVER"); break; case SSL_NOT_ALLOWED_BY_SERVER: - DEBUG_NEGO("Error: SSL_NOT_ALLOWED_BY_SERVER"); + WLog_ERR(TAG, "Error: SSL_NOT_ALLOWED_BY_SERVER"); nego->sendNegoData = TRUE; break; case SSL_CERT_NOT_ON_SERVER: - DEBUG_NEGO("Error: SSL_CERT_NOT_ON_SERVER"); + WLog_ERR(TAG, "Error: SSL_CERT_NOT_ON_SERVER"); nego->sendNegoData = TRUE; break; case INCONSISTENT_FLAGS: - DEBUG_NEGO("Error: INCONSISTENT_FLAGS"); + WLog_ERR(TAG, "Error: INCONSISTENT_FLAGS"); break; case HYBRID_REQUIRED_BY_SERVER: - DEBUG_NEGO("Error: HYBRID_REQUIRED_BY_SERVER"); + WLog_ERR(TAG, "Error: HYBRID_REQUIRED_BY_SERVER"); break; default: - DEBUG_NEGO("Error: Unknown protocol security error %d", failureCode); + WLog_ERR(TAG, "Error: Unknown protocol security error %d", failureCode); break; } @@ -1099,7 +1092,7 @@ void nego_set_target(rdpNego* nego, char* hostname, int port) void nego_set_negotiation_enabled(rdpNego* nego, BOOL NegotiateSecurityLayer) { - DEBUG_NEGO("Enabling security layer negotiation: %s", NegotiateSecurityLayer ? "TRUE" : "FALSE"); + WLog_DBG(TAG, "Enabling security layer negotiation: %s", NegotiateSecurityLayer ? "TRUE" : "FALSE"); nego->NegotiateSecurityLayer = NegotiateSecurityLayer; } @@ -1111,7 +1104,7 @@ void nego_set_negotiation_enabled(rdpNego* nego, BOOL NegotiateSecurityLayer) void nego_set_restricted_admin_mode_required(rdpNego* nego, BOOL RestrictedAdminModeRequired) { - DEBUG_NEGO("Enabling restricted admin mode: %s", RestrictedAdminModeRequired ? "TRUE" : "FALSE"); + WLog_DBG(TAG, "Enabling restricted admin mode: %s", RestrictedAdminModeRequired ? "TRUE" : "FALSE"); nego->RestrictedAdminModeRequired = RestrictedAdminModeRequired; } @@ -1133,7 +1126,7 @@ void nego_set_gateway_bypass_local(rdpNego* nego, BOOL GatewayBypassLocal) void nego_enable_rdp(rdpNego* nego, BOOL enable_rdp) { - DEBUG_NEGO("Enabling RDP security: %s", enable_rdp ? "TRUE" : "FALSE"); + WLog_DBG(TAG, "Enabling RDP security: %s", enable_rdp ? "TRUE" : "FALSE"); nego->enabled_protocols[PROTOCOL_RDP] = enable_rdp; } @@ -1145,7 +1138,7 @@ void nego_enable_rdp(rdpNego* nego, BOOL enable_rdp) void nego_enable_tls(rdpNego* nego, BOOL enable_tls) { - DEBUG_NEGO("Enabling TLS security: %s", enable_tls ? "TRUE" : "FALSE"); + WLog_DBG(TAG, "Enabling TLS security: %s", enable_tls ? "TRUE" : "FALSE"); nego->enabled_protocols[PROTOCOL_TLS] = enable_tls; } @@ -1157,7 +1150,7 @@ void nego_enable_tls(rdpNego* nego, BOOL enable_tls) void nego_enable_nla(rdpNego* nego, BOOL enable_nla) { - DEBUG_NEGO("Enabling NLA security: %s", enable_nla ? "TRUE" : "FALSE"); + WLog_DBG(TAG, "Enabling NLA security: %s", enable_nla ? "TRUE" : "FALSE"); nego->enabled_protocols[PROTOCOL_NLA] = enable_nla; } @@ -1169,7 +1162,7 @@ void nego_enable_nla(rdpNego* nego, BOOL enable_nla) void nego_enable_ext(rdpNego* nego, BOOL enable_ext) { - DEBUG_NEGO("Enabling NLA extended security: %s", enable_ext ? "TRUE" : "FALSE"); + WLog_DBG(TAG, "Enabling NLA extended security: %s", enable_ext ? "TRUE" : "FALSE"); nego->enabled_protocols[PROTOCOL_EXT] = enable_ext; } diff --git a/libfreerdp/core/nego.h b/libfreerdp/core/nego.h index 3475920ed..d41334406 100644 --- a/libfreerdp/core/nego.h +++ b/libfreerdp/core/nego.h @@ -138,7 +138,7 @@ void nego_process_negotiation_response(rdpNego* nego, wStream* s); void nego_process_negotiation_failure(rdpNego* nego, wStream* s); BOOL nego_send_negotiation_response(rdpNego* nego); -rdpNego* nego_new(struct rdp_transport* transport); +rdpNego* nego_new(rdpTransport* transport); void nego_free(rdpNego* nego); void nego_init(rdpNego* nego); @@ -158,11 +158,4 @@ void nego_set_send_preconnection_pdu(rdpNego* nego, BOOL send_pcpdu); void nego_set_preconnection_id(rdpNego* nego, UINT32 id); void nego_set_preconnection_blob(rdpNego* nego, char* blob); -#define NEGO_TAG FREERDP_TAG("core.nego") -#ifdef WITH_DEBUG_NEGO -#define DEBUG_NEGO(fmt, ...) WLog_DBG(NEGO_TAG, fmt, ## __VA_ARGS__) -#else -#define DEBUG_NEGO(fmt, ...) do { } while (0) -#endif - #endif /* __NEGO_H */ diff --git a/libfreerdp/core/rdp.c b/libfreerdp/core/rdp.c index f59b902f7..caff45e48 100644 --- a/libfreerdp/core/rdp.c +++ b/libfreerdp/core/rdp.c @@ -1268,8 +1268,22 @@ void rdp_set_blocking_mode(rdpRdp* rdp, BOOL blocking) int rdp_check_fds(rdpRdp* rdp) { int status; + rdpTransport* transport = rdp->transport; - status = transport_check_fds(rdp->transport); + if (transport->tsg) + { + rdpTsg* tsg = transport->tsg; + + status = tsg_check(tsg); + + if (status < 0) + return -1; + + if (tsg->state != TSG_STATE_PIPE_CREATED) + return status; + } + + status = transport_check_fds(transport); if (status == 1) { diff --git a/libfreerdp/core/transport.c b/libfreerdp/core/transport.c index 963855294..07971033a 100644 --- a/libfreerdp/core/transport.c +++ b/libfreerdp/core/transport.c @@ -253,7 +253,7 @@ BOOL transport_connect_nla(rdpTransport* transport) freerdp_set_last_error(instance->context, FREERDP_ERROR_AUTHENTICATION_FAILED); } - WLog_ERR(TAG, "Authentication failure, check credentials." + WLog_ERR(TAG, "Authentication failure, check credentials." "If credentials are valid, the NTLMSSP implementation may be to blame."); transport_set_nla_mode(transport, FALSE); credssp_free(credSsp); @@ -458,7 +458,7 @@ BOOL transport_accept_nla(rdpTransport* transport) if (credssp_authenticate(transport->credssp) < 0) { - WLog_ERR(TAG, "client authentication failure"); + WLog_ERR(TAG, "client authentication failure"); transport_set_nla_mode(transport, FALSE); credssp_free(transport->credssp); transport->credssp = NULL; @@ -652,7 +652,7 @@ int transport_read_pdu(rdpTransport* transport, wStream* s) } else { - WLog_ERR(TAG, "Error reading TSRequest!"); + WLog_ERR(TAG, "Error reading TSRequest!"); return -1; } } @@ -992,8 +992,8 @@ int transport_check_fds(rdpTransport* transport) BOOL transport_set_blocking_mode(rdpTransport* transport, BOOL blocking) { - BOOL status; - status = TRUE; + BOOL status = TRUE; + transport->blocking = blocking; if (transport->SplitInputOutput) @@ -1006,11 +1006,6 @@ BOOL transport_set_blocking_mode(rdpTransport* transport, BOOL blocking) status &= freerdp_tcp_set_blocking_mode(transport->TcpIn, blocking); } - if (transport->layer == TRANSPORT_LAYER_TSG || transport->layer == TRANSPORT_LAYER_TSG_TLS) - { - tsg_set_blocking_mode(transport->tsg, blocking); - } - return status; }