Merge pull request #5046 from akallabeth/silence_wlog
Do not compile extended debugging by default.
This commit is contained in:
commit
52d1b35a63
@ -457,7 +457,9 @@ int nla_client_begin(rdpNla* nla)
|
|||||||
nla->negoToken.pvBuffer = nla->outputBuffer.pvBuffer;
|
nla->negoToken.pvBuffer = nla->outputBuffer.pvBuffer;
|
||||||
nla->negoToken.cbBuffer = nla->outputBuffer.cbBuffer;
|
nla->negoToken.cbBuffer = nla->outputBuffer.cbBuffer;
|
||||||
WLog_DBG(TAG, "Sending Authentication Token");
|
WLog_DBG(TAG, "Sending Authentication Token");
|
||||||
|
#if defined (WITH_DEBUG_NLA)
|
||||||
winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer);
|
winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer);
|
||||||
|
#endif
|
||||||
|
|
||||||
if (!nla_send(nla))
|
if (!nla_send(nla))
|
||||||
{
|
{
|
||||||
@ -547,7 +549,9 @@ static int nla_client_recv(rdpNla* nla)
|
|||||||
nla->negoToken.pvBuffer = nla->outputBuffer.pvBuffer;
|
nla->negoToken.pvBuffer = nla->outputBuffer.pvBuffer;
|
||||||
nla->negoToken.cbBuffer = nla->outputBuffer.cbBuffer;
|
nla->negoToken.cbBuffer = nla->outputBuffer.cbBuffer;
|
||||||
WLog_DBG(TAG, "Sending Authentication Token");
|
WLog_DBG(TAG, "Sending Authentication Token");
|
||||||
|
#if defined (WITH_DEBUG_NLA)
|
||||||
winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer);
|
winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer);
|
||||||
|
#endif
|
||||||
|
|
||||||
if (!nla_send(nla))
|
if (!nla_send(nla))
|
||||||
{
|
{
|
||||||
@ -1112,7 +1116,8 @@ SECURITY_STATUS nla_encrypt_public_key_echo(rdpNla* nla)
|
|||||||
if (Message.cBuffers == 2 && Buffers[0].cbBuffer < nla->ContextSizes.cbSecurityTrailer)
|
if (Message.cBuffers == 2 && Buffers[0].cbBuffer < nla->ContextSizes.cbSecurityTrailer)
|
||||||
{
|
{
|
||||||
/* IMPORTANT: EncryptMessage may not use all the signature space, so we need to shrink the excess between the buffers */
|
/* IMPORTANT: EncryptMessage may not use all the signature space, so we need to shrink the excess between the buffers */
|
||||||
MoveMemory(((BYTE*)Buffers[0].pvBuffer) + Buffers[0].cbBuffer, Buffers[1].pvBuffer, Buffers[1].cbBuffer);
|
MoveMemory(((BYTE*)Buffers[0].pvBuffer) + Buffers[0].cbBuffer, Buffers[1].pvBuffer,
|
||||||
|
Buffers[1].cbBuffer);
|
||||||
nla->pubKeyAuth.cbBuffer = Buffers[0].cbBuffer + Buffers[1].cbBuffer;
|
nla->pubKeyAuth.cbBuffer = Buffers[0].cbBuffer + Buffers[1].cbBuffer;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1192,7 +1197,8 @@ SECURITY_STATUS nla_encrypt_public_key_hash(rdpNla* nla)
|
|||||||
if (Message.cBuffers == 2 && Buffers[0].cbBuffer < nla->ContextSizes.cbSecurityTrailer)
|
if (Message.cBuffers == 2 && Buffers[0].cbBuffer < nla->ContextSizes.cbSecurityTrailer)
|
||||||
{
|
{
|
||||||
/* IMPORTANT: EncryptMessage may not use all the signature space, so we need to shrink the excess between the buffers */
|
/* IMPORTANT: EncryptMessage may not use all the signature space, so we need to shrink the excess between the buffers */
|
||||||
MoveMemory(((BYTE*)Buffers[0].pvBuffer) + Buffers[0].cbBuffer, Buffers[1].pvBuffer, Buffers[1].cbBuffer);
|
MoveMemory(((BYTE*)Buffers[0].pvBuffer) + Buffers[0].cbBuffer, Buffers[1].pvBuffer,
|
||||||
|
Buffers[1].cbBuffer);
|
||||||
nla->pubKeyAuth.cbBuffer = Buffers[0].cbBuffer + Buffers[1].cbBuffer;
|
nla->pubKeyAuth.cbBuffer = Buffers[0].cbBuffer + Buffers[1].cbBuffer;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1290,10 +1296,12 @@ SECURITY_STATUS nla_decrypt_public_key_echo(rdpNla* nla)
|
|||||||
if (!public_key1 || !public_key2 || memcmp(public_key1, public_key2, public_key_length) != 0)
|
if (!public_key1 || !public_key2 || memcmp(public_key1, public_key2, public_key_length) != 0)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "Could not verify server's public key echo");
|
WLog_ERR(TAG, "Could not verify server's public key echo");
|
||||||
|
#if defined (WITH_DEBUG_NLA)
|
||||||
WLog_ERR(TAG, "Expected (length = %d):", public_key_length);
|
WLog_ERR(TAG, "Expected (length = %d):", public_key_length);
|
||||||
winpr_HexDump(TAG, WLOG_ERROR, public_key1, public_key_length);
|
winpr_HexDump(TAG, WLOG_ERROR, public_key1, public_key_length);
|
||||||
WLog_ERR(TAG, "Actual (length = %d):", public_key_length);
|
WLog_ERR(TAG, "Actual (length = %d):", public_key_length);
|
||||||
winpr_HexDump(TAG, WLOG_ERROR, public_key2, public_key_length);
|
winpr_HexDump(TAG, WLOG_ERROR, public_key2, public_key_length);
|
||||||
|
#endif
|
||||||
status = SEC_E_MESSAGE_ALTERED; /* DO NOT SEND CREDENTIALS! */
|
status = SEC_E_MESSAGE_ALTERED; /* DO NOT SEND CREDENTIALS! */
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
@ -1705,7 +1713,8 @@ static SECURITY_STATUS nla_encrypt_ts_credentials(rdpNla* nla)
|
|||||||
if (Message.cBuffers == 2 && Buffers[0].cbBuffer < nla->ContextSizes.cbSecurityTrailer)
|
if (Message.cBuffers == 2 && Buffers[0].cbBuffer < nla->ContextSizes.cbSecurityTrailer)
|
||||||
{
|
{
|
||||||
/* IMPORTANT: EncryptMessage may not use all the signature space, so we need to shrink the excess between the buffers */
|
/* IMPORTANT: EncryptMessage may not use all the signature space, so we need to shrink the excess between the buffers */
|
||||||
MoveMemory(((BYTE*)Buffers[0].pvBuffer) + Buffers[0].cbBuffer, Buffers[1].pvBuffer, Buffers[1].cbBuffer);
|
MoveMemory(((BYTE*)Buffers[0].pvBuffer) + Buffers[0].cbBuffer, Buffers[1].pvBuffer,
|
||||||
|
Buffers[1].cbBuffer);
|
||||||
nla->authInfo.cbBuffer = Buffers[0].cbBuffer + Buffers[1].cbBuffer;
|
nla->authInfo.cbBuffer = Buffers[0].cbBuffer + Buffers[1].cbBuffer;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2147,19 +2156,25 @@ void nla_buffer_print(rdpNla* nla)
|
|||||||
if (nla->negoToken.cbBuffer > 0)
|
if (nla->negoToken.cbBuffer > 0)
|
||||||
{
|
{
|
||||||
WLog_DBG(TAG, "NLA.negoToken (length = %"PRIu32"):", nla->negoToken.cbBuffer);
|
WLog_DBG(TAG, "NLA.negoToken (length = %"PRIu32"):", nla->negoToken.cbBuffer);
|
||||||
|
#if defined (WITH_DEBUG_NLA)
|
||||||
winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer);
|
winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
if (nla->pubKeyAuth.cbBuffer > 0)
|
if (nla->pubKeyAuth.cbBuffer > 0)
|
||||||
{
|
{
|
||||||
WLog_DBG(TAG, "NLA.pubKeyAuth (length = %"PRIu32"):", nla->pubKeyAuth.cbBuffer);
|
WLog_DBG(TAG, "NLA.pubKeyAuth (length = %"PRIu32"):", nla->pubKeyAuth.cbBuffer);
|
||||||
|
#if defined (WITH_DEBUG_NLA)
|
||||||
winpr_HexDump(TAG, WLOG_DEBUG, nla->pubKeyAuth.pvBuffer, nla->pubKeyAuth.cbBuffer);
|
winpr_HexDump(TAG, WLOG_DEBUG, nla->pubKeyAuth.pvBuffer, nla->pubKeyAuth.cbBuffer);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
if (nla->authInfo.cbBuffer > 0)
|
if (nla->authInfo.cbBuffer > 0)
|
||||||
{
|
{
|
||||||
WLog_DBG(TAG, "NLA.authInfo (length = %"PRIu32"):", nla->authInfo.cbBuffer);
|
WLog_DBG(TAG, "NLA.authInfo (length = %"PRIu32"):", nla->authInfo.cbBuffer);
|
||||||
|
#if defined (WITH_DEBUG_NLA)
|
||||||
winpr_HexDump(TAG, WLOG_DEBUG, nla->authInfo.pvBuffer, nla->authInfo.cbBuffer);
|
winpr_HexDump(TAG, WLOG_DEBUG, nla->authInfo.pvBuffer, nla->authInfo.cbBuffer);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -91,13 +91,16 @@ static BOOL rdp_redirection_read_unicode_string(wStream* s, char** str, size_t m
|
|||||||
|
|
||||||
if ((length % 2) || length < 2 || length > maxLength)
|
if ((length % 2) || length < 2 || length > maxLength)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "rdp_redirection_read_string failure: invalid unicode string length: %"PRIu32"", length);
|
WLog_ERR(TAG, "rdp_redirection_read_string failure: invalid unicode string length: %"PRIu32"",
|
||||||
|
length);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (Stream_GetRemainingLength(s) < length)
|
if (Stream_GetRemainingLength(s) < length)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "rdp_redirection_read_string failure: insufficient stream length (%"PRIu32" bytes required)", length);
|
WLog_ERR(TAG,
|
||||||
|
"rdp_redirection_read_string failure: insufficient stream length (%"PRIu32" bytes required)",
|
||||||
|
length);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -114,6 +117,7 @@ static BOOL rdp_redirection_read_unicode_string(wStream* s, char** str, size_t m
|
|||||||
WLog_ERR(TAG, "rdp_redirection_read_string failure: string conversion failed");
|
WLog_ERR(TAG, "rdp_redirection_read_string failure: string conversion failed");
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
Stream_Seek(s, length);
|
Stream_Seek(s, length);
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
@ -122,7 +126,6 @@ int rdp_redirection_apply_settings(rdpRdp* rdp)
|
|||||||
{
|
{
|
||||||
rdpSettings* settings = rdp->settings;
|
rdpSettings* settings = rdp->settings;
|
||||||
rdpRedirection* redirection = rdp->redirection;
|
rdpRedirection* redirection = rdp->redirection;
|
||||||
|
|
||||||
settings->RedirectionFlags = redirection->flags;
|
settings->RedirectionFlags = redirection->flags;
|
||||||
settings->RedirectedSessionId = redirection->sessionID;
|
settings->RedirectedSessionId = redirection->sessionID;
|
||||||
|
|
||||||
@ -136,7 +139,8 @@ int rdp_redirection_apply_settings(rdpRdp* rdp)
|
|||||||
if (!settings->LoadBalanceInfo)
|
if (!settings->LoadBalanceInfo)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
CopyMemory(settings->LoadBalanceInfo, redirection->LoadBalanceInfo, settings->LoadBalanceInfoLength);
|
CopyMemory(settings->LoadBalanceInfo, redirection->LoadBalanceInfo,
|
||||||
|
settings->LoadBalanceInfoLength);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@ -153,20 +157,25 @@ int rdp_redirection_apply_settings(rdpRdp* rdp)
|
|||||||
{
|
{
|
||||||
free(settings->RedirectionTargetFQDN);
|
free(settings->RedirectionTargetFQDN);
|
||||||
settings->RedirectionTargetFQDN = _strdup(redirection->TargetFQDN);
|
settings->RedirectionTargetFQDN = _strdup(redirection->TargetFQDN);
|
||||||
|
|
||||||
if (!settings->RedirectionTargetFQDN)
|
if (!settings->RedirectionTargetFQDN)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (settings->RedirectionFlags & LB_TARGET_NET_ADDRESS)
|
if (settings->RedirectionFlags & LB_TARGET_NET_ADDRESS)
|
||||||
{
|
{
|
||||||
free(settings->TargetNetAddress);
|
free(settings->TargetNetAddress);
|
||||||
settings->TargetNetAddress = _strdup(redirection->TargetNetAddress);
|
settings->TargetNetAddress = _strdup(redirection->TargetNetAddress);
|
||||||
|
|
||||||
if (!settings->TargetNetAddress)
|
if (!settings->TargetNetAddress)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (settings->RedirectionFlags & LB_TARGET_NETBIOS_NAME)
|
if (settings->RedirectionFlags & LB_TARGET_NETBIOS_NAME)
|
||||||
{
|
{
|
||||||
free(settings->RedirectionTargetNetBiosName);
|
free(settings->RedirectionTargetNetBiosName);
|
||||||
settings->RedirectionTargetNetBiosName = _strdup(redirection->TargetNetBiosName);
|
settings->RedirectionTargetNetBiosName = _strdup(redirection->TargetNetBiosName);
|
||||||
|
|
||||||
if (!settings->RedirectionTargetNetBiosName)
|
if (!settings->RedirectionTargetNetBiosName)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -175,6 +184,7 @@ int rdp_redirection_apply_settings(rdpRdp* rdp)
|
|||||||
{
|
{
|
||||||
free(settings->RedirectionUsername);
|
free(settings->RedirectionUsername);
|
||||||
settings->RedirectionUsername = _strdup(redirection->Username);
|
settings->RedirectionUsername = _strdup(redirection->Username);
|
||||||
|
|
||||||
if (!settings->RedirectionUsername)
|
if (!settings->RedirectionUsername)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -183,6 +193,7 @@ int rdp_redirection_apply_settings(rdpRdp* rdp)
|
|||||||
{
|
{
|
||||||
free(settings->RedirectionDomain);
|
free(settings->RedirectionDomain);
|
||||||
settings->RedirectionDomain = _strdup(redirection->Domain);
|
settings->RedirectionDomain = _strdup(redirection->Domain);
|
||||||
|
|
||||||
if (!settings->RedirectionDomain)
|
if (!settings->RedirectionDomain)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -195,10 +206,14 @@ int rdp_redirection_apply_settings(rdpRdp* rdp)
|
|||||||
/* For security reasons we'll allocate an additional zero WCHAR at the
|
/* For security reasons we'll allocate an additional zero WCHAR at the
|
||||||
* end of the buffer that is not included in RedirectionPasswordLength
|
* end of the buffer that is not included in RedirectionPasswordLength
|
||||||
*/
|
*/
|
||||||
settings->RedirectionPassword = (BYTE*) calloc(1, settings->RedirectionPasswordLength + sizeof(WCHAR));
|
settings->RedirectionPassword = (BYTE*) calloc(1,
|
||||||
|
settings->RedirectionPasswordLength + sizeof(WCHAR));
|
||||||
|
|
||||||
if (!settings->RedirectionPassword)
|
if (!settings->RedirectionPassword)
|
||||||
return -1;
|
return -1;
|
||||||
CopyMemory(settings->RedirectionPassword, redirection->Password, settings->RedirectionPasswordLength);
|
|
||||||
|
CopyMemory(settings->RedirectionPassword, redirection->Password,
|
||||||
|
settings->RedirectionPasswordLength);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (settings->RedirectionFlags & LB_CLIENT_TSV_URL)
|
if (settings->RedirectionFlags & LB_CLIENT_TSV_URL)
|
||||||
@ -207,8 +222,10 @@ int rdp_redirection_apply_settings(rdpRdp* rdp)
|
|||||||
free(settings->RedirectionTsvUrl);
|
free(settings->RedirectionTsvUrl);
|
||||||
settings->RedirectionTsvUrlLength = redirection->TsvUrlLength;
|
settings->RedirectionTsvUrlLength = redirection->TsvUrlLength;
|
||||||
settings->RedirectionTsvUrl = (BYTE*) malloc(settings->RedirectionTsvUrlLength);
|
settings->RedirectionTsvUrl = (BYTE*) malloc(settings->RedirectionTsvUrlLength);
|
||||||
|
|
||||||
if (!settings->RedirectionTsvUrl)
|
if (!settings->RedirectionTsvUrl)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
CopyMemory(settings->RedirectionTsvUrl, redirection->TsvUrl, settings->RedirectionTsvUrlLength);
|
CopyMemory(settings->RedirectionTsvUrl, redirection->TsvUrl, settings->RedirectionTsvUrlLength);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -218,6 +235,7 @@ int rdp_redirection_apply_settings(rdpRdp* rdp)
|
|||||||
freerdp_target_net_addresses_free(settings);
|
freerdp_target_net_addresses_free(settings);
|
||||||
settings->TargetNetAddressCount = redirection->TargetNetAddressesCount;
|
settings->TargetNetAddressCount = redirection->TargetNetAddressesCount;
|
||||||
settings->TargetNetAddresses = (char**) calloc(settings->TargetNetAddressCount, sizeof(char*));
|
settings->TargetNetAddresses = (char**) calloc(settings->TargetNetAddressCount, sizeof(char*));
|
||||||
|
|
||||||
if (!settings->TargetNetAddresses)
|
if (!settings->TargetNetAddresses)
|
||||||
{
|
{
|
||||||
settings->TargetNetAddressCount = 0;
|
settings->TargetNetAddressCount = 0;
|
||||||
@ -227,12 +245,14 @@ int rdp_redirection_apply_settings(rdpRdp* rdp)
|
|||||||
for (i = 0; i < settings->TargetNetAddressCount; i++)
|
for (i = 0; i < settings->TargetNetAddressCount; i++)
|
||||||
{
|
{
|
||||||
settings->TargetNetAddresses[i] = _strdup(redirection->TargetNetAddresses[i]);
|
settings->TargetNetAddresses[i] = _strdup(redirection->TargetNetAddresses[i]);
|
||||||
|
|
||||||
if (!settings->TargetNetAddresses[i])
|
if (!settings->TargetNetAddresses[i])
|
||||||
{
|
{
|
||||||
UINT32 j;
|
UINT32 j;
|
||||||
|
|
||||||
for (j=0; j < i; j++)
|
for (j = 0; j < i; j++)
|
||||||
free(settings->TargetNetAddresses[j]);
|
free(settings->TargetNetAddresses[j]);
|
||||||
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -254,10 +274,9 @@ static BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
|
|||||||
Stream_Read_UINT16(s, length); /* length (2 bytes) */
|
Stream_Read_UINT16(s, length); /* length (2 bytes) */
|
||||||
Stream_Read_UINT32(s, redirection->sessionID); /* sessionID (4 bytes) */
|
Stream_Read_UINT32(s, redirection->sessionID); /* sessionID (4 bytes) */
|
||||||
Stream_Read_UINT32(s, redirection->flags); /* redirFlags (4 bytes) */
|
Stream_Read_UINT32(s, redirection->flags); /* redirFlags (4 bytes) */
|
||||||
|
WLog_DBG(TAG,
|
||||||
WLog_DBG(TAG, "flags: 0x%04"PRIX16", redirFlags: 0x%08"PRIX32" length: %"PRIu16", sessionID: 0x%08"PRIX32"",
|
"flags: 0x%04"PRIX16", redirFlags: 0x%08"PRIX32" length: %"PRIu16", sessionID: 0x%08"PRIX32"",
|
||||||
flags, redirection->flags, length, redirection->sessionID);
|
flags, redirection->flags, length, redirection->sessionID);
|
||||||
|
|
||||||
rdp_print_redirection_flags(redirection->flags);
|
rdp_print_redirection_flags(redirection->flags);
|
||||||
|
|
||||||
/* Although MS-RDPBCGR does not mention any length constraints limits for the
|
/* Although MS-RDPBCGR does not mention any length constraints limits for the
|
||||||
@ -284,9 +303,8 @@ static BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
|
|||||||
* load balance info example data:
|
* load balance info example data:
|
||||||
* 0000 43 6f 6f 6b 69 65 3a 20 6d 73 74 73 3d 32 31 33 Cookie: msts=213
|
* 0000 43 6f 6f 6b 69 65 3a 20 6d 73 74 73 3d 32 31 33 Cookie: msts=213
|
||||||
* 0010 34 30 32 36 34 33 32 2e 31 35 36 32 39 2e 30 30 4026432.15629.00
|
* 0010 34 30 32 36 34 33 32 2e 31 35 36 32 39 2e 30 30 4026432.15629.00
|
||||||
* 0020 30 30 0d 0a 00..
|
* 0020 30 30 0d 0a 00..
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (Stream_GetRemainingLength(s) < 4)
|
if (Stream_GetRemainingLength(s) < 4)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
@ -296,10 +314,11 @@ static BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
|
|||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
redirection->LoadBalanceInfo = (BYTE*) malloc(redirection->LoadBalanceInfoLength);
|
redirection->LoadBalanceInfo = (BYTE*) malloc(redirection->LoadBalanceInfoLength);
|
||||||
|
|
||||||
if (!redirection->LoadBalanceInfo)
|
if (!redirection->LoadBalanceInfo)
|
||||||
return -1;
|
return -1;
|
||||||
Stream_Read(s, redirection->LoadBalanceInfo, redirection->LoadBalanceInfoLength);
|
|
||||||
|
|
||||||
|
Stream_Read(s, redirection->LoadBalanceInfo, redirection->LoadBalanceInfoLength);
|
||||||
WLog_DBG(TAG, "loadBalanceInfo:");
|
WLog_DBG(TAG, "loadBalanceInfo:");
|
||||||
winpr_HexDump(TAG, WLOG_DEBUG, redirection->LoadBalanceInfo, redirection->LoadBalanceInfoLength);
|
winpr_HexDump(TAG, WLOG_DEBUG, redirection->LoadBalanceInfo, redirection->LoadBalanceInfoLength);
|
||||||
}
|
}
|
||||||
@ -343,7 +362,6 @@ static BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
|
|||||||
* Notwithstanding the above, we'll allocated an additional zero WCHAR at the
|
* Notwithstanding the above, we'll allocated an additional zero WCHAR at the
|
||||||
* end of the buffer which won't get counted in PasswordLength.
|
* end of the buffer which won't get counted in PasswordLength.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (Stream_GetRemainingLength(s) < 4)
|
if (Stream_GetRemainingLength(s) < 4)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
@ -361,12 +379,15 @@ static BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
|
|||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
redirection->Password = (BYTE*) calloc(1, redirection->PasswordLength + sizeof(WCHAR));
|
redirection->Password = (BYTE*) calloc(1, redirection->PasswordLength + sizeof(WCHAR));
|
||||||
|
|
||||||
if (!redirection->Password)
|
if (!redirection->Password)
|
||||||
return -1;
|
return -1;
|
||||||
Stream_Read(s, redirection->Password, redirection->PasswordLength);
|
|
||||||
|
|
||||||
|
Stream_Read(s, redirection->Password, redirection->PasswordLength);
|
||||||
WLog_DBG(TAG, "PasswordCookie:");
|
WLog_DBG(TAG, "PasswordCookie:");
|
||||||
|
#if defined(WITH_DEBUG_REDIR)
|
||||||
winpr_HexDump(TAG, WLOG_DEBUG, redirection->Password, redirection->PasswordLength);
|
winpr_HexDump(TAG, WLOG_DEBUG, redirection->Password, redirection->PasswordLength);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
if (redirection->flags & LB_TARGET_FQDN)
|
if (redirection->flags & LB_TARGET_FQDN)
|
||||||
@ -396,10 +417,11 @@ static BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
|
|||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
redirection->TsvUrl = (BYTE*) malloc(redirection->TsvUrlLength);
|
redirection->TsvUrl = (BYTE*) malloc(redirection->TsvUrlLength);
|
||||||
|
|
||||||
if (!redirection->TsvUrl)
|
if (!redirection->TsvUrl)
|
||||||
return -1;
|
return -1;
|
||||||
Stream_Read(s, redirection->TsvUrl, redirection->TsvUrlLength);
|
|
||||||
|
|
||||||
|
Stream_Read(s, redirection->TsvUrl, redirection->TsvUrlLength);
|
||||||
WLog_DBG(TAG, "TsvUrl:");
|
WLog_DBG(TAG, "TsvUrl:");
|
||||||
winpr_HexDump(TAG, WLOG_DEBUG, redirection->TsvUrl, redirection->TsvUrlLength);
|
winpr_HexDump(TAG, WLOG_DEBUG, redirection->TsvUrl, redirection->TsvUrlLength);
|
||||||
}
|
}
|
||||||
@ -416,7 +438,6 @@ static BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
|
|||||||
Stream_Read_UINT32(s, targetNetAddressesLength);
|
Stream_Read_UINT32(s, targetNetAddressesLength);
|
||||||
Stream_Read_UINT32(s, redirection->TargetNetAddressesCount);
|
Stream_Read_UINT32(s, redirection->TargetNetAddressesCount);
|
||||||
count = redirection->TargetNetAddressesCount;
|
count = redirection->TargetNetAddressesCount;
|
||||||
|
|
||||||
redirection->TargetNetAddresses = (char**) calloc(count, sizeof(char*));
|
redirection->TargetNetAddresses = (char**) calloc(count, sizeof(char*));
|
||||||
|
|
||||||
if (!redirection->TargetNetAddresses)
|
if (!redirection->TargetNetAddresses)
|
||||||
@ -473,7 +494,6 @@ rdpRedirection* redirection_new()
|
|||||||
|
|
||||||
if (redirection)
|
if (redirection)
|
||||||
{
|
{
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return redirection;
|
return redirection;
|
||||||
|
@ -1146,10 +1146,12 @@ static SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSec
|
|||||||
{
|
{
|
||||||
/* signature verification failed! */
|
/* signature verification failed! */
|
||||||
WLog_ERR(TAG, "signature verification failed, something nasty is going on!");
|
WLog_ERR(TAG, "signature verification failed, something nasty is going on!");
|
||||||
|
#ifdef WITH_DEBUG_NTLM
|
||||||
WLog_ERR(TAG, "Expected Signature:");
|
WLog_ERR(TAG, "Expected Signature:");
|
||||||
winpr_HexDump(TAG, WLOG_ERROR, expected_signature, 16);
|
winpr_HexDump(TAG, WLOG_ERROR, expected_signature, 16);
|
||||||
WLog_ERR(TAG, "Actual Signature:");
|
WLog_ERR(TAG, "Actual Signature:");
|
||||||
winpr_HexDump(TAG, WLOG_ERROR, (BYTE*) signature_buffer->pvBuffer, 16);
|
winpr_HexDump(TAG, WLOG_ERROR, (BYTE*) signature_buffer->pvBuffer, 16);
|
||||||
|
#endif
|
||||||
return SEC_E_MESSAGE_ALTERED;
|
return SEC_E_MESSAGE_ALTERED;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -185,6 +185,7 @@ static void ntlm_free_message_fields_buffer(NTLM_MESSAGE_FIELDS* fields)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifdef WITH_DEBUG_NTLM
|
||||||
static void ntlm_print_message_fields(NTLM_MESSAGE_FIELDS* fields, const char* name)
|
static void ntlm_print_message_fields(NTLM_MESSAGE_FIELDS* fields, const char* name)
|
||||||
{
|
{
|
||||||
WLog_DBG(TAG, "%s (Len: %"PRIu16" MaxLen: %"PRIu16" BufferOffset: %"PRIu32")",
|
WLog_DBG(TAG, "%s (Len: %"PRIu16" MaxLen: %"PRIu16" BufferOffset: %"PRIu32")",
|
||||||
@ -193,6 +194,7 @@ static void ntlm_print_message_fields(NTLM_MESSAGE_FIELDS* fields, const char* n
|
|||||||
if (fields->Len > 0)
|
if (fields->Len > 0)
|
||||||
winpr_HexDump(TAG, WLOG_DEBUG, fields->Buffer, fields->Len);
|
winpr_HexDump(TAG, WLOG_DEBUG, fields->Buffer, fields->Len);
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
SECURITY_STATUS ntlm_read_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer buffer)
|
SECURITY_STATUS ntlm_read_NegotiateMessage(NTLM_CONTEXT* context, PSecBuffer buffer)
|
||||||
{
|
{
|
||||||
@ -1164,10 +1166,12 @@ SECURITY_STATUS ntlm_server_AuthenticateComplete(NTLM_CONTEXT* context)
|
|||||||
if (memcmp(messageIntegrityCheck, message->MessageIntegrityCheck, 16) != 0)
|
if (memcmp(messageIntegrityCheck, message->MessageIntegrityCheck, 16) != 0)
|
||||||
{
|
{
|
||||||
WLog_ERR(TAG, "Message Integrity Check (MIC) verification failed!");
|
WLog_ERR(TAG, "Message Integrity Check (MIC) verification failed!");
|
||||||
|
#ifdef WITH_DEBUG_NTLM
|
||||||
WLog_ERR(TAG, "Expected MIC:");
|
WLog_ERR(TAG, "Expected MIC:");
|
||||||
winpr_HexDump(TAG, WLOG_ERROR, messageIntegrityCheck, 16);
|
winpr_HexDump(TAG, WLOG_ERROR, messageIntegrityCheck, 16);
|
||||||
WLog_ERR(TAG, "Actual MIC:");
|
WLog_ERR(TAG, "Actual MIC:");
|
||||||
winpr_HexDump(TAG, WLOG_ERROR, message->MessageIntegrityCheck, 16);
|
winpr_HexDump(TAG, WLOG_ERROR, message->MessageIntegrityCheck, 16);
|
||||||
|
#endif
|
||||||
return SEC_E_MESSAGE_ALTERED;
|
return SEC_E_MESSAGE_ALTERED;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user