mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add --secure-checksum option that will enable usage of salted checksums

Browse Source 
with Standard RDP encryption.
This commit is contained in:
Pawel Jakub Dawidek 2012-01-25 16:06:31 +01:00
parent cea62dd9f6
commit 68b9f65e87
6 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
include/freerdp/settings.h
View File

@ -296,7 +296,8 @@ struct rdp_settings
boolean nla_security; /* 146 */
boolean rdp_security; /* 147 */
uint32 ntlm_version; /* 148 */
uint32 paddingF[160 - 149]; /* 149 */
boolean secure_checksum; /* 149 */
uint32 paddingF[160 - 150]; /* 150 */
/* Session */
boolean console_audio; /* 160 */

2
libfreerdp-core/connection.c
View File

@ -225,6 +225,8 @@ static boolean rdp_client_establish_keys(rdpRdp* rdp)
}
rdp->do_crypt = true;
if (rdp->settings->secure_checksum)
rdp->do_secure_checksum = true;
if (rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS)
{

2
libfreerdp-core/rdp.c
View File

@ -165,6 +165,8 @@ static int rdp_security_stream_init(rdpRdp* rdp, STREAM* s)
if (rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS)
stream_seek(s, 4);
rdp->sec_flags |= SEC_ENCRYPT;
if (rdp->do_secure_checksum)
rdp->sec_flags |= SEC_SECURE_CHECKSUM;
}
else if (rdp->sec_flags != 0)
{

1
libfreerdp-core/rdp.h
View File

@ -143,6 +143,7 @@ struct rdp_rdp
struct crypto_hmac_struct* fips_hmac;
uint32 sec_flags;
boolean do_crypt;
boolean do_secure_checksum;
uint8 sign_key[16];
uint8 decrypt_key[16];
uint8 encrypt_key[16];

1
libfreerdp-core/settings.c
View File

@ -56,6 +56,7 @@ rdpSettings* settings_new(void* instance)
settings->kbd_fn_keys = 0;
settings->kbd_layout = 0;
settings->encryption = false;
settings->secure_checksum = false;
settings->port = 3389;
settings->desktop_resize = true;

5
libfreerdp-utils/args.c
View File

@ -101,6 +101,7 @@ int freerdp_parse_args(rdpSettings* settings, int argc, char** argv,
" --ntlm: force NTLM authentication protocol version (1 or 2)\n"
" --ignore-certificate: ignore verification of logon certificate\n"
" --sec: force protocol security (rdp, tls or nla)\n"
" --secure-checksum: use salted checksums with Standard RDP encryption\n"
" --version: print version information\n"
"\n", argv[0]);
return FREERDP_ARGS_PARSE_HELP; //TODO: What is the correct return
@ -600,6 +601,10 @@ int freerdp_parse_args(rdpSettings* settings, int argc, char** argv,
}
num_extensions++;
}
else if (strcmp("--secure-checksum", argv[index]) == 0)
{
settings->secure_checksum = true;
}
else if (strcmp("--version", argv[index]) == 0)
{
printf("This is FreeRDP version %s\n", FREERDP_VERSION_FULL);