code cleanup

This commit is contained in:
Jay Sorg 2011-09-26 22:30:58 -07:00
parent dc224b14fd
commit 769508bd7d
8 changed files with 38 additions and 63 deletions

View File

@ -192,7 +192,7 @@ static boolean rdp_establish_keys(rdpRdp* rdp)
return False;
}
/* now calculate encrypt / decrypt and upate keys */
/* now calculate encrypt / decrypt and update keys */
if (!security_establish_keys(client_random, rdp))
{
return False;

View File

@ -72,7 +72,7 @@ void crypto_rc4_free(CryptoRc4 rc4)
xfree(rc4);
}
CryptoDes3 crypto_des3_encrypt_init(uint8 key[24], uint8 ivec[8])
CryptoDes3 crypto_des3_encrypt_init(uint8* key, uint8* ivec)
{
CryptoDes3 des3 = xmalloc(sizeof(*des3));
EVP_CIPHER_CTX_init(&des3->des3_ctx);
@ -81,7 +81,7 @@ CryptoDes3 crypto_des3_encrypt_init(uint8 key[24], uint8 ivec[8])
return des3;
}
CryptoDes3 crypto_des3_decrypt_init(uint8 key[24], uint8 ivec[8])
CryptoDes3 crypto_des3_decrypt_init(uint8* key, uint8* ivec)
{
CryptoDes3 des3 = xmalloc(sizeof(*des3));
EVP_CIPHER_CTX_init(&des3->des3_ctx);
@ -142,7 +142,7 @@ CryptoCert crypto_cert_read(uint8* data, uint32 length)
{
CryptoCert cert = xmalloc(sizeof(*cert));
/* this will move the data pointer but we don't care, we don't use it again */
cert->px509 = d2i_X509(NULL, (D2I_X509_CONST unsigned char **) &data, length);
cert->px509 = d2i_X509(NULL, (D2I_X509_CONST uint8 **) &data, length);
return cert;
}
@ -183,7 +183,7 @@ boolean crypto_cert_get_public_key(CryptoCert cert, rdpBlob* public_key)
}
freerdp_blob_alloc(public_key, length);
p = (unsigned char*) public_key->data;
p = (uint8*) public_key->data;
i2d_PublicKey(pkey, &p);
exit:
@ -258,21 +258,21 @@ void crypto_nonce(uint8* nonce, int size)
char* crypto_cert_fingerprint(X509* xcert)
{
char* p;
int i = 0;
char* p;
char* fp_buffer;
unsigned int fp_len;
unsigned char fp[EVP_MAX_MD_SIZE];
uint32 fp_len;
uint8 fp[EVP_MAX_MD_SIZE];
X509_digest(xcert, EVP_sha1(), fp, &fp_len);
fp_buffer = xzalloc(3 * fp_len);
fp_buffer = (char*) xzalloc(3 * fp_len);
p = fp_buffer;
for (i = 0; i < fp_len - 1; i++)
{
sprintf(p, "%02x:", fp[i]);
p = (char*) &fp_buffer[i * 3];
p = &fp_buffer[i * 3];
}
sprintf(p, "%02x", fp[i]);

View File

@ -94,8 +94,8 @@ void crypto_rc4(CryptoRc4 rc4, uint32 length, uint8* in_data, uint8* out_data);
void crypto_rc4_free(CryptoRc4 rc4);
typedef struct crypto_des3_struct* CryptoDes3;
CryptoDes3 crypto_des3_encrypt_init(uint8 key[24], uint8 ivec[8]);
CryptoDes3 crypto_des3_decrypt_init(uint8 key[24], uint8 ivec[8]);
CryptoDes3 crypto_des3_encrypt_init(uint8* key, uint8* ivec);
CryptoDes3 crypto_des3_decrypt_init(uint8* key, uint8* ivec);
void crypto_des3_encrypt(CryptoDes3 des3, uint32 length, uint8 *in_data, uint8 *out_data);
void crypto_des3_decrypt(CryptoDes3 des3, uint32 length, uint8 *in_data, uint8* out_data);
void crypto_des3_free(CryptoDes3 des3);

View File

@ -125,18 +125,6 @@ uint16 fastpath_read_header_rdp(rdpFastPath* fastpath, STREAM* s)
return length - hs;
}
boolean fastpath_read_security_header(rdpFastPath* fastpath, STREAM* s)
{
/* TODO: fipsInformation */
if ((fastpath->encryptionFlags & FASTPATH_OUTPUT_ENCRYPTED))
{
stream_seek(s, 8); /* dataSignature */
}
return True;
}
static void fastpath_recv_orders(rdpFastPath* fastpath, STREAM* s)
{
rdpUpdate* update = fastpath->rdp->update;
@ -144,8 +132,6 @@ static void fastpath_recv_orders(rdpFastPath* fastpath, STREAM* s)
stream_read_uint16(s, numberOrders); /* numberOrders (2 bytes) */
//printf("numberOrders(FastPath):%d\n", numberOrders);
while (numberOrders > 0)
{
update_recv_order(update, s);

View File

@ -92,7 +92,6 @@ struct rdp_fastpath
uint16 fastpath_read_header(rdpFastPath* fastpath, STREAM* s);
uint16 fastpath_read_header_rdp(rdpFastPath* fastpath, STREAM* s);
boolean fastpath_read_security_header(rdpFastPath* fastpath, STREAM* s);
boolean fastpath_recv_updates(rdpFastPath* fastpath, STREAM* s);
boolean fastpath_recv_inputs(rdpFastPath* fastpath, STREAM* s);

View File

@ -156,23 +156,25 @@ static boolean peer_recv_tpkt_pdu(rdpPeer* peer, STREAM* s)
static boolean peer_recv_fastpath_pdu(rdpPeer* peer, STREAM* s)
{
uint16 length;
rdpRdp* rdp;
rdpFastPath* fastpath;
rdp = peer->rdp;
fastpath = rdp->fastpath;
length = fastpath_read_header_rdp(fastpath, s);
length = fastpath_read_header_rdp(peer->rdp->fastpath, s);
if (length == 0 || length > stream_get_left(s))
{
printf("incorrect FastPath PDU header length %d\n", length);
return False;
}
if (peer->rdp->fastpath->encryptionFlags & FASTPATH_OUTPUT_ENCRYPTED)
if (fastpath->encryptionFlags & FASTPATH_OUTPUT_ENCRYPTED)
{
rdp_decrypt(peer->rdp, s, length);
rdp_decrypt(rdp, s, length);
}
//if (!fastpath_read_security_header(peer->rdp->fastpath, s))
// return False;
return fastpath_recv_inputs(peer->rdp->fastpath, s);
return fastpath_recv_inputs(fastpath, s);
}
static boolean peer_recv_pdu(rdpPeer* peer, STREAM* s)

View File

@ -252,14 +252,14 @@ void rdp_write_header(rdpRdp* rdp, STREAM* s, uint16 length, uint16 channel_id)
MCSPDU = (rdp->settings->server_mode) ? DomainMCSPDU_SendDataIndication : DomainMCSPDU_SendDataRequest;
if (rdp->sec_flags & SEC_ENCRYPT && rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS) {
if (rdp->sec_flags & SEC_ENCRYPT && rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS)
{
int pad;
body_length = length - RDP_PACKET_HEADER_LENGTH - 16;
pad = 8 - (body_length % 8);
if (pad != 8)
length += pad;
//printf("rdp_write_header: %d %d (%d)\n", length, body_length, pad);
}
mcs_write_domain_mcspdu_header(s, MCSPDU, length, 0);
@ -300,8 +300,6 @@ static uint32 rdp_security_stream_out(rdpRdp* rdp, STREAM* s, int length)
memset(data+length, 0, pad);
stream_write_uint8(s, pad);
// printf("FIPS padding %d, length %d\n", pad, length);
security_hmac_signature(data, length, s->p, rdp);
stream_seek(s, 8);
security_fips_encrypt(data, length + pad, rdp);
@ -417,8 +415,6 @@ boolean rdp_send_data_pdu(rdpRdp* rdp, STREAM* s, uint8 type, uint16 channel_id)
rdp_write_share_control_header(s, length, PDU_TYPE_DATA, channel_id);
rdp_write_share_data_header(s, length, type, rdp->settings->share_id);
//printf("send %s Data PDU (0x%02X), length:%d\n", DATA_PDU_TYPE_STRINGS[type], type, length);
s->p = sec_hold;
length += rdp_security_stream_out(rdp, s, length);
@ -547,8 +543,6 @@ boolean rdp_recv_out_of_sequence_pdu(rdpRdp* rdp, STREAM* s)
uint16 length;
uint16 channelId;
//freerdp_hexdump(s->p, stream_get_left(s));
rdp_read_share_control_header(s, &length, &type, &channelId);
if (type == PDU_TYPE_DATA)
@ -584,8 +578,8 @@ boolean rdp_decrypt(rdpRdp* rdp, STREAM* s, int length)
uint8 version, pad;
uint8 *sig;
stream_read_uint16(s, len); // 0x10
stream_read_uint8(s, version); // 0x1
stream_read_uint16(s, len); /* 0x10 */
stream_read_uint8(s, version); /* 0x1 */
stream_read_uint8(s, pad);
sig = s->p;
@ -596,16 +590,16 @@ boolean rdp_decrypt(rdpRdp* rdp, STREAM* s, int length)
if (!security_fips_decrypt(s->p, cryptlen, rdp))
{
printf("FATAL: cannot decrypt\n");
return False; // TODO
return False; /* TODO */
}
if (!security_fips_check_signature(s->p, cryptlen-pad, sig, rdp))
{
printf("FATAL: invalid packet signature\n");
return False; // TODO
return False; /* TODO */
}
// is this what needs adjusting?
/* is this what needs adjusting? */
s->size -= pad;
return True;
}
@ -689,8 +683,10 @@ static boolean rdp_recv_tpkt_pdu(rdpRdp* rdp, STREAM* s)
static boolean rdp_recv_fastpath_pdu(rdpRdp* rdp, STREAM* s)
{
uint16 length;
rdpFastPath* fastpath;
length = fastpath_read_header_rdp(rdp->fastpath, s);
fastpath = rdp->fastpath;
length = fastpath_read_header_rdp(fastpath, s);
if (length == 0 || length > stream_get_left(s))
{
@ -698,7 +694,7 @@ static boolean rdp_recv_fastpath_pdu(rdpRdp* rdp, STREAM* s)
return False;
}
if (rdp->fastpath->encryptionFlags & FASTPATH_OUTPUT_ENCRYPTED)
if (fastpath->encryptionFlags & FASTPATH_OUTPUT_ENCRYPTED)
{
rdp_decrypt(rdp, s, length);
}

View File

@ -167,11 +167,6 @@ int tcp_read(rdpTcp* tcp, uint8* data, int length)
perror("recv");
return -1;
}
else
{
//printf("tcp_read: length %d\n", status);
//freerdp_hexdump(data, status);
}
return status;
}
@ -182,9 +177,6 @@ int tcp_write(rdpTcp* tcp, uint8* data, int length)
status = send(tcp->sockfd, data, length, MSG_NOSIGNAL);
//printf("tcp_write: length %d\n", status);
//freerdp_hexdump(data, status);
if (status < 0)
{
if (errno == EAGAIN || errno == EWOULDBLOCK)