libfreerdp-core: improve reconnection
This commit is contained in:
Marc-André Moreau
parent
82d58086db
commit
fa06c4d401
@ -132,8 +132,7 @@ COMMAND_LINE_ARGUMENT_A args[] =
|
||||
{ "sec-tls", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL, "tls protocol security" },
|
||||
{ "sec-nla", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL, "nla protocol security" },
|
||||
{ "sec-ext", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueFalse, NULL, -1, NULL, "nla extended protocol security" },
|
||||
{ "tls-ciphers", COMMAND_LINE_VALUE_REQUIRED, NULL, NULL, NULL, -1, NULL, "List of permitted openssl ciphers - see ciphers(1)" },
|
||||
{ "tls-ciphers-netmon", COMMAND_LINE_VALUE_FLAG, NULL, NULL, NULL, -1, NULL, "Use tls ciphers that netmon can parse" },
|
||||
{ "tls-ciphers", COMMAND_LINE_VALUE_REQUIRED, "<netmon|ma|ciphers>", NULL, NULL, -1, NULL, "Allowed TLS ciphers" },
|
||||
{ "cert-name", COMMAND_LINE_VALUE_REQUIRED, "<name>", NULL, NULL, -1, NULL, "certificate name" },
|
||||
{ "cert-ignore", COMMAND_LINE_VALUE_FLAG, NULL, NULL, NULL, -1, NULL, "ignore certificate" },
|
||||
{ "pcb", COMMAND_LINE_VALUE_REQUIRED, "<blob>", NULL, NULL, -1, NULL, "Preconnection Blob" },
|
||||
@ -1810,11 +1809,18 @@ int freerdp_client_settings_parse_command_line_arguments(rdpSettings* settings,
|
||||
}
|
||||
CommandLineSwitchCase(arg, "tls-ciphers")
|
||||
{
|
||||
settings->PermittedTLSCiphers = _strdup(arg->Value);
|
||||
}
|
||||
CommandLineSwitchCase(arg, "tls-ciphers-netmon")
|
||||
if (strcmp(arg->Value, "netmon") == 0)
|
||||
{
|
||||
settings->PermittedTLSCiphers = arg->Value ? _strdup("ALL:!ECDH") : NULL;
|
||||
settings->AllowedTlsCiphers = _strdup("ALL:!ECDH");
|
||||
}
|
||||
else if (strcmp(arg->Value, "ma") == 0)
|
||||
{
|
||||
settings->AllowedTlsCiphers = _strdup("AES128-SHA");
|
||||
}
|
||||
else
|
||||
{
|
||||
settings->AllowedTlsCiphers = _strdup(arg->Value);
|
||||
}
|
||||
}
|
||||
CommandLineSwitchCase(arg, "cert-name")
|
||||
{
|
||||
|
||||
@ -615,6 +615,7 @@ typedef struct _RDPDR_PARALLEL RDPDR_PARALLEL;
|
||||
#define FreeRDP_AuthenticationServiceClass 1098
|
||||
#define FreeRDP_DisableCredentialsDelegation 1099
|
||||
#define FreeRDP_AuthenticationLevel 1100
|
||||
#define FreeRDP_AllowedTlsCiphers 1101
|
||||
#define FreeRDP_MstscCookieMode 1152
|
||||
#define FreeRDP_CookieMaxLength 1153
|
||||
#define FreeRDP_PreconnectionId 1154
|
||||
@ -998,7 +999,7 @@ struct rdp_settings
|
||||
ALIGN64 char* AuthenticationServiceClass; /* 1098 */
|
||||
ALIGN64 BOOL DisableCredentialsDelegation; /* 1099 */
|
||||
ALIGN64 BOOL AuthenticationLevel; /* 1100 */
|
||||
ALIGN64 char* PermittedTLSCiphers; /* 1101 */
|
||||
ALIGN64 char* AllowedTlsCiphers; /* 1101 */
|
||||
UINT64 padding1152[1152 - 1102]; /* 1102 */
|
||||
|
||||
/* Connection Cookie */
|
||||
|
||||
@ -773,6 +773,49 @@ void key_free(rdpRsaKey* key)
|
||||
free(key);
|
||||
}
|
||||
|
||||
rdpCertificate* certificate_clone(rdpCertificate* certificate)
|
||||
{
|
||||
int index;
|
||||
rdpCertificate* _certificate = (rdpCertificate*) calloc(1, sizeof(rdpCertificate));
|
||||
|
||||
if (!_certificate)
|
||||
return NULL;
|
||||
|
||||
CopyMemory(_certificate, certificate, sizeof(rdpCertificate));
|
||||
|
||||
if (certificate->cert_info.ModulusLength)
|
||||
{
|
||||
_certificate->cert_info.Modulus = (BYTE*) malloc(certificate->cert_info.ModulusLength);
|
||||
CopyMemory(_certificate->cert_info.Modulus, certificate->cert_info.Modulus, certificate->cert_info.ModulusLength);
|
||||
_certificate->cert_info.ModulusLength = certificate->cert_info.ModulusLength;
|
||||
}
|
||||
|
||||
if (certificate->x509_cert_chain)
|
||||
{
|
||||
_certificate->x509_cert_chain = (rdpX509CertChain*) malloc(sizeof(rdpX509CertChain));
|
||||
CopyMemory(_certificate->x509_cert_chain, certificate->x509_cert_chain, sizeof(rdpX509CertChain));
|
||||
|
||||
if (certificate->x509_cert_chain->count)
|
||||
{
|
||||
_certificate->x509_cert_chain->array = (rdpCertBlob*) calloc(certificate->x509_cert_chain->count, sizeof(rdpCertBlob));
|
||||
|
||||
for (index = 0; index < certificate->x509_cert_chain->count; index++)
|
||||
{
|
||||
_certificate->x509_cert_chain->array[index].length = certificate->x509_cert_chain->array[index].length;
|
||||
|
||||
if (certificate->x509_cert_chain->array[index].length)
|
||||
{
|
||||
_certificate->x509_cert_chain->array[index].data = (BYTE*) malloc(certificate->x509_cert_chain->array[index].length);
|
||||
CopyMemory(_certificate->x509_cert_chain->array[index].data, certificate->x509_cert_chain->array[index].data,
|
||||
_certificate->x509_cert_chain->array[index].length);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return _certificate;
|
||||
}
|
||||
|
||||
/**
|
||||
* Instantiate new certificate module.\n
|
||||
* @param rdp RDP module
|
||||
|
||||
@ -53,6 +53,8 @@ BOOL certificate_read_server_proprietary_certificate(rdpCertificate* certificate
|
||||
BOOL certificate_read_server_x509_certificate_chain(rdpCertificate* certificate, wStream* s);
|
||||
BOOL certificate_read_server_certificate(rdpCertificate* certificate, BYTE* server_cert, int length);
|
||||
|
||||
rdpCertificate* certificate_clone(rdpCertificate* certificate);
|
||||
|
||||
rdpCertificate* certificate_new(void);
|
||||
void certificate_free(rdpCertificate* certificate);
|
||||
|
||||
|
||||
@ -172,7 +172,7 @@
|
||||
|
||||
BOOL rdp_client_connect(rdpRdp* rdp)
|
||||
{
|
||||
BOOL ret;
|
||||
BOOL status;
|
||||
rdpSettings* settings = rdp->settings;
|
||||
|
||||
if (rdp->settingsCopy)
|
||||
@ -213,6 +213,7 @@ BOOL rdp_client_connect(rdpRdp* rdp)
|
||||
|
||||
cookie_length = domain_length + 1 + user_length;
|
||||
cookie = (char*) malloc(cookie_length + 1);
|
||||
|
||||
if (!cookie)
|
||||
return FALSE;
|
||||
|
||||
@ -225,15 +226,15 @@ BOOL rdp_client_connect(rdpRdp* rdp)
|
||||
|
||||
cookie[cookie_length] = '\0';
|
||||
|
||||
ret = nego_set_cookie(rdp->nego, cookie);
|
||||
status = nego_set_cookie(rdp->nego, cookie);
|
||||
free(cookie);
|
||||
}
|
||||
else
|
||||
{
|
||||
ret = nego_set_cookie(rdp->nego, settings->Username);
|
||||
status = nego_set_cookie(rdp->nego, settings->Username);
|
||||
}
|
||||
|
||||
if (!ret)
|
||||
if (!status)
|
||||
return FALSE;
|
||||
|
||||
nego_set_send_preconnection_pdu(rdp->nego, settings->SendPreconnectionPdu);
|
||||
@ -319,7 +320,7 @@ BOOL rdp_client_connect(rdpRdp* rdp)
|
||||
|
||||
BOOL rdp_client_disconnect(rdpRdp* rdp)
|
||||
{
|
||||
BOOL rc;
|
||||
BOOL status;
|
||||
|
||||
if (rdp->settingsCopy)
|
||||
{
|
||||
@ -327,10 +328,13 @@ BOOL rdp_client_disconnect(rdpRdp* rdp)
|
||||
rdp->settingsCopy = NULL;
|
||||
}
|
||||
|
||||
rc = nego_disconnect(rdp->nego);
|
||||
status = nego_disconnect(rdp->nego);
|
||||
|
||||
rdp_reset(rdp);
|
||||
|
||||
rdp_client_transition_to_state(rdp, CONNECTION_STATE_INITIAL);
|
||||
return rc;
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
BOOL rdp_client_redirect(rdpRdp* rdp)
|
||||
@ -381,6 +385,17 @@ BOOL rdp_client_redirect(rdpRdp* rdp)
|
||||
return status;
|
||||
}
|
||||
|
||||
BOOL rdp_client_reconnect(rdpRdp* rdp)
|
||||
{
|
||||
BOOL status;
|
||||
|
||||
rdp_client_disconnect(rdp);
|
||||
|
||||
status = rdp_client_connect(rdp);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
static BYTE fips_ivec[8] = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF };
|
||||
|
||||
static BOOL rdp_client_establish_keys(rdpRdp* rdp)
|
||||
|
||||
@ -49,6 +49,7 @@ enum CONNECTION_STATE
|
||||
|
||||
BOOL rdp_client_connect(rdpRdp* rdp);
|
||||
BOOL rdp_client_disconnect(rdpRdp* rdp);
|
||||
BOOL rdp_client_reconnect(rdpRdp* rdp);
|
||||
BOOL rdp_client_redirect(rdpRdp* rdp);
|
||||
BOOL rdp_client_connect_mcs_connect_response(rdpRdp* rdp, wStream* s);
|
||||
BOOL rdp_client_connect_mcs_attach_user_confirm(rdpRdp* rdp, wStream* s);
|
||||
|
||||
@ -73,10 +73,7 @@ BOOL freerdp_connect(freerdp* instance)
|
||||
rdp = instance->context->rdp;
|
||||
settings = instance->settings;
|
||||
|
||||
if (!rdp->reconnect)
|
||||
{
|
||||
IFCALLRET(instance->PreConnect, status, instance);
|
||||
}
|
||||
|
||||
if (settings->KeyboardLayout == KBD_JAPANESE_INPUT_SYSTEM_MS_IME2002)
|
||||
{
|
||||
@ -119,10 +116,7 @@ BOOL freerdp_connect(freerdp* instance)
|
||||
instance->update->dump_rfx = TRUE;
|
||||
}
|
||||
|
||||
if (!rdp->reconnect)
|
||||
{
|
||||
IFCALLRET(instance->PostConnect, status, instance);
|
||||
}
|
||||
|
||||
update_post_connect(instance->update);
|
||||
|
||||
@ -356,10 +350,7 @@ BOOL freerdp_disconnect(freerdp* instance)
|
||||
rdp_client_disconnect(rdp);
|
||||
update_post_disconnect(instance->update);
|
||||
|
||||
if (!rdp->reconnect)
|
||||
{
|
||||
IFCALL(instance->PostDisconnect, instance);
|
||||
}
|
||||
|
||||
if (instance->update->pcap_rfx)
|
||||
{
|
||||
@ -373,17 +364,10 @@ BOOL freerdp_disconnect(freerdp* instance)
|
||||
|
||||
BOOL freerdp_reconnect(freerdp* instance)
|
||||
{
|
||||
BOOL status = TRUE;
|
||||
BOOL status;
|
||||
rdpRdp* rdp = instance->context->rdp;
|
||||
|
||||
rdp->reconnect = TRUE;
|
||||
|
||||
status = freerdp_disconnect(instance);
|
||||
|
||||
if (status)
|
||||
status = freerdp_connect(instance);
|
||||
|
||||
rdp->reconnect = FALSE;
|
||||
status = rdp_client_reconnect(rdp);
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
@ -57,22 +57,25 @@ static const char* const INFO_TYPE_LOGON_STRINGS[] =
|
||||
BOOL rdp_read_server_auto_reconnect_cookie(wStream* s, rdpSettings* settings)
|
||||
{
|
||||
ARC_SC_PRIVATE_PACKET* autoReconnectCookie;
|
||||
|
||||
autoReconnectCookie = settings->ServerAutoReconnectCookie;
|
||||
|
||||
if (Stream_GetRemainingLength(s) < 4+4+4+16)
|
||||
if (Stream_GetRemainingLength(s) < 28)
|
||||
return FALSE;
|
||||
|
||||
Stream_Read_UINT32(s, autoReconnectCookie->cbLen); /* cbLen (4 bytes) */
|
||||
Stream_Read_UINT32(s, autoReconnectCookie->version); /* version (4 bytes) */
|
||||
Stream_Read_UINT32(s, autoReconnectCookie->logonId); /* LogonId (4 bytes) */
|
||||
Stream_Read(s, autoReconnectCookie->arcRandomBits, 16); /* arcRandomBits (16 bytes) */
|
||||
|
||||
if ((settings->PrintReconnectCookie) && (autoReconnectCookie->cbLen > 0))
|
||||
{
|
||||
char* base64;
|
||||
base64 = crypto_base64_encode((BYTE *) autoReconnectCookie,
|
||||
sizeof(ARC_SC_PRIVATE_PACKET));
|
||||
base64 = crypto_base64_encode((BYTE*) autoReconnectCookie, sizeof(ARC_SC_PRIVATE_PACKET));
|
||||
WLog_INFO(TAG, "Reconnect-cookie: %s", base64);
|
||||
free(base64);
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
@ -117,6 +120,7 @@ void rdp_write_client_auto_reconnect_cookie(wStream* s, rdpSettings* settings)
|
||||
/* SecurityVerifier = HMAC(AutoReconnectRandom, ClientRandom) */
|
||||
|
||||
hmac = crypto_hmac_new();
|
||||
|
||||
ZeroMemory(nullRandom, sizeof(nullRandom));
|
||||
|
||||
crypto_hmac_md5_init(hmac, autoReconnectCookie->securityVerifier, 16);
|
||||
@ -231,35 +235,37 @@ void rdp_write_extended_info_packet(wStream* s, rdpSettings* settings)
|
||||
|
||||
cbAutoReconnectLen = (int) settings->ServerAutoReconnectCookie->cbLen;
|
||||
|
||||
Stream_Write_UINT16(s, clientAddressFamily); /* clientAddressFamily */
|
||||
Stream_Write_UINT16(s, clientAddressFamily); /* clientAddressFamily (2 bytes) */
|
||||
|
||||
Stream_Write_UINT16(s, cbClientAddress + 2); /* cbClientAddress */
|
||||
Stream_Write_UINT16(s, cbClientAddress + 2); /* cbClientAddress (2 bytes) */
|
||||
|
||||
if (cbClientAddress > 0)
|
||||
Stream_Write(s, clientAddress, cbClientAddress); /* clientAddress */
|
||||
Stream_Write_UINT16(s, 0);
|
||||
|
||||
Stream_Write_UINT16(s, cbClientDir + 2); /* cbClientDir */
|
||||
Stream_Write_UINT16(s, cbClientDir + 2); /* cbClientDir (2 bytes) */
|
||||
|
||||
if (cbClientDir > 0)
|
||||
Stream_Write(s, clientDir, cbClientDir); /* clientDir */
|
||||
Stream_Write_UINT16(s, 0);
|
||||
|
||||
rdp_write_client_time_zone(s, settings); /* clientTimeZone */
|
||||
rdp_write_client_time_zone(s, settings); /* clientTimeZone (172 bytes) */
|
||||
|
||||
Stream_Write_UINT32(s, 0); /* clientSessionId, should be set to 0 */
|
||||
Stream_Write_UINT32(s, 0); /* clientSessionId (4 bytes), should be set to 0 */
|
||||
|
||||
freerdp_performance_flags_make(settings);
|
||||
Stream_Write_UINT32(s, settings->PerformanceFlags); /* performanceFlags */
|
||||
Stream_Write_UINT32(s, settings->PerformanceFlags); /* performanceFlags (4 bytes) */
|
||||
|
||||
Stream_Write_UINT16(s, cbAutoReconnectLen); /* cbAutoReconnectLen */
|
||||
Stream_Write_UINT16(s, cbAutoReconnectLen); /* cbAutoReconnectCookie (2 bytes) */
|
||||
|
||||
if (cbAutoReconnectLen > 0)
|
||||
{
|
||||
CryptoHmac hmac;
|
||||
ARC_SC_PRIVATE_PACKET* serverCookie;
|
||||
ARC_CS_PRIVATE_PACKET* clientCookie;
|
||||
WLog_DBG(TAG, "Sending auto reconnect");
|
||||
|
||||
WLog_DBG(TAG, "Sending auto reconnect cookie");
|
||||
|
||||
serverCookie = settings->ServerAutoReconnectCookie;
|
||||
clientCookie = settings->ClientAutoReconnectCookie;
|
||||
|
||||
@ -268,6 +274,7 @@ void rdp_write_extended_info_packet(wStream* s, rdpSettings* settings)
|
||||
clientCookie->logonId = serverCookie->logonId;
|
||||
|
||||
hmac = crypto_hmac_new();
|
||||
|
||||
if (!hmac)
|
||||
{
|
||||
WLog_ERR(TAG, "unable to allocate hmac");
|
||||
@ -278,7 +285,7 @@ void rdp_write_extended_info_packet(wStream* s, rdpSettings* settings)
|
||||
|
||||
if (settings->SelectedProtocol == PROTOCOL_RDP)
|
||||
{
|
||||
crypto_hmac_update(hmac, (BYTE*) (settings->ClientRandom), 32);
|
||||
crypto_hmac_update(hmac, (BYTE*) settings->ClientRandom, 32);
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -290,16 +297,20 @@ void rdp_write_extended_info_packet(wStream* s, rdpSettings* settings)
|
||||
0,0,0,0, 0,0,0,0, 0,0,0,0, 0,0,0,0 };
|
||||
crypto_hmac_update(hmac, zeros, 32);
|
||||
}
|
||||
|
||||
crypto_hmac_final(hmac, clientCookie->securityVerifier, 16);
|
||||
|
||||
rdp_write_client_auto_reconnect_cookie(s, settings); /* autoReconnectCookie */
|
||||
|
||||
crypto_hmac_free(hmac);
|
||||
|
||||
/* mark as used */
|
||||
settings->ServerAutoReconnectCookie->cbLen = 0;
|
||||
crypto_hmac_free(hmac);
|
||||
|
||||
Stream_Write_UINT16(s, 0); /* reserved1 (2 bytes) */
|
||||
Stream_Write_UINT16(s, 0); /* reserved2 (2 bytes) */
|
||||
}
|
||||
|
||||
/* reserved1 (2 bytes) */
|
||||
/* reserved2 (2 bytes) */
|
||||
out_free:
|
||||
free(clientAddress);
|
||||
free(clientDir);
|
||||
@ -527,14 +538,14 @@ void rdp_write_info_packet(wStream* s, rdpSettings* settings)
|
||||
cbWorkingDir = ConvertToUnicode(CP_UTF8, 0, settings->RemoteAssistanceSessionId, -1, &workingDirW, 0) * 2;
|
||||
}
|
||||
|
||||
Stream_Write_UINT32(s, 0); /* CodePage */
|
||||
Stream_Write_UINT32(s, flags); /* flags */
|
||||
Stream_Write_UINT32(s, 0); /* CodePage (4 bytes) */
|
||||
Stream_Write_UINT32(s, flags); /* flags (4 bytes) */
|
||||
|
||||
Stream_Write_UINT16(s, cbDomain); /* cbDomain */
|
||||
Stream_Write_UINT16(s, cbUserName); /* cbUserName */
|
||||
Stream_Write_UINT16(s, cbPassword); /* cbPassword */
|
||||
Stream_Write_UINT16(s, cbAlternateShell); /* cbAlternateShell */
|
||||
Stream_Write_UINT16(s, cbWorkingDir); /* cbWorkingDir */
|
||||
Stream_Write_UINT16(s, cbDomain); /* cbDomain (2 bytes) */
|
||||
Stream_Write_UINT16(s, cbUserName); /* cbUserName (2 bytes) */
|
||||
Stream_Write_UINT16(s, cbPassword); /* cbPassword (2 bytes) */
|
||||
Stream_Write_UINT16(s, cbAlternateShell); /* cbAlternateShell (2 bytes) */
|
||||
Stream_Write_UINT16(s, cbWorkingDir); /* cbWorkingDir (2 bytes) */
|
||||
|
||||
if (cbDomain > 0)
|
||||
Stream_Write(s, domainW, cbDomain);
|
||||
|
||||
@ -654,6 +654,9 @@ BOOL rdp_recv_server_auto_reconnect_status_pdu(rdpRdp* rdp, wStream* s)
|
||||
return FALSE;
|
||||
|
||||
Stream_Read_UINT32(s, arcStatus); /* arcStatus (4 bytes) */
|
||||
|
||||
WLog_WARN(TAG, "AutoReconnectStatus: 0x%04X", arcStatus);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
@ -1424,29 +1427,60 @@ void rdp_reset(rdpRdp* rdp)
|
||||
|
||||
bulk_reset(rdp->bulk);
|
||||
|
||||
if (rdp->rc4_decrypt_key)
|
||||
{
|
||||
crypto_rc4_free(rdp->rc4_decrypt_key);
|
||||
rdp->rc4_decrypt_key = NULL;
|
||||
}
|
||||
|
||||
if (rdp->rc4_encrypt_key)
|
||||
{
|
||||
crypto_rc4_free(rdp->rc4_encrypt_key);
|
||||
rdp->rc4_encrypt_key = NULL;
|
||||
}
|
||||
|
||||
if (rdp->fips_encrypt)
|
||||
{
|
||||
crypto_des3_free(rdp->fips_encrypt);
|
||||
rdp->fips_encrypt = NULL;
|
||||
}
|
||||
|
||||
if (rdp->fips_decrypt)
|
||||
{
|
||||
crypto_des3_free(rdp->fips_decrypt);
|
||||
rdp->fips_decrypt = NULL;
|
||||
}
|
||||
|
||||
if (rdp->fips_hmac)
|
||||
{
|
||||
crypto_hmac_free(rdp->fips_hmac);
|
||||
rdp->fips_hmac = NULL;
|
||||
}
|
||||
|
||||
if (settings->ServerRandom)
|
||||
{
|
||||
free(settings->ServerRandom);
|
||||
settings->ServerRandom = NULL;
|
||||
settings->ServerRandomLength = 0;
|
||||
}
|
||||
|
||||
if (settings->ServerCertificate)
|
||||
{
|
||||
free(settings->ServerCertificate);
|
||||
settings->ServerCertificate = NULL;
|
||||
}
|
||||
|
||||
if (settings->ClientAddress)
|
||||
{
|
||||
free(settings->ClientAddress);
|
||||
settings->ClientAddress = NULL;
|
||||
}
|
||||
|
||||
mcs_free(rdp->mcs);
|
||||
nego_free(rdp->nego);
|
||||
license_free(rdp->license);
|
||||
transport_free(rdp->transport);
|
||||
|
||||
free(settings->ServerRandom);
|
||||
settings->ServerRandom = NULL;
|
||||
free(settings->ServerCertificate);
|
||||
settings->ServerCertificate = NULL;
|
||||
free(settings->ClientAddress);
|
||||
settings->ClientAddress = NULL;
|
||||
|
||||
rdp->transport = transport_new(context);
|
||||
rdp->transport->rdp = rdp;
|
||||
rdp->license = license_new(rdp);
|
||||
|
||||
@ -169,7 +169,6 @@ struct rdp_rdp
|
||||
BYTE fips_decrypt_key[24];
|
||||
UINT32 errorInfo;
|
||||
UINT32 finalize_sc_pdus;
|
||||
BOOL reconnect;
|
||||
BOOL disconnect;
|
||||
BOOL resendFocus;
|
||||
BOOL deactivation_reactivation;
|
||||
|
||||
@ -483,6 +483,7 @@ rdpSettings* freerdp_settings_clone(rdpSettings* settings)
|
||||
_settings->RemoteAssistancePassword = _strdup(settings->RemoteAssistancePassword); /* 1027 */
|
||||
_settings->RemoteAssistanceRCTicket = _strdup(settings->RemoteAssistanceRCTicket); /* 1028 */
|
||||
_settings->AuthenticationServiceClass = _strdup(settings->AuthenticationServiceClass); /* 1098 */
|
||||
_settings->AllowedTlsCiphers = _strdup(settings->AllowedTlsCiphers); /* 1101 */
|
||||
_settings->PreconnectionBlob = _strdup(settings->PreconnectionBlob); /* 1155 */
|
||||
_settings->KerberosKdc = _strdup(settings->KerberosKdc); /* 1344 */
|
||||
_settings->KerberosRealm = _strdup(settings->KerberosRealm); /* 1345 */
|
||||
@ -542,12 +543,19 @@ rdpSettings* freerdp_settings_clone(rdpSettings* settings)
|
||||
{
|
||||
_settings->ServerRandom = (BYTE*) malloc(_settings->ServerRandomLength);
|
||||
CopyMemory(_settings->ServerRandom, settings->ServerRandom, _settings->ServerRandomLength);
|
||||
_settings->ServerRandomLength = settings->ServerRandomLength;
|
||||
}
|
||||
|
||||
if (_settings->ClientRandomLength)
|
||||
{
|
||||
_settings->ClientRandom = (BYTE*) malloc(_settings->ClientRandomLength);
|
||||
CopyMemory(_settings->ClientRandom, settings->ClientRandom, _settings->ClientRandomLength);
|
||||
_settings->ClientRandomLength = settings->ClientRandomLength;
|
||||
}
|
||||
|
||||
if (settings->RdpServerCertificate)
|
||||
{
|
||||
_settings->RdpServerCertificate = certificate_clone(settings->RdpServerCertificate);
|
||||
}
|
||||
|
||||
_settings->ChannelCount = settings->ChannelCount;
|
||||
@ -608,9 +616,7 @@ rdpSettings* freerdp_settings_clone(rdpSettings* settings)
|
||||
|
||||
_settings->StaticChannelCount = settings->StaticChannelCount;
|
||||
_settings->StaticChannelArraySize = settings->StaticChannelArraySize;
|
||||
_settings->StaticChannelArray = (ADDIN_ARGV**)
|
||||
malloc(sizeof(ADDIN_ARGV*) * _settings->StaticChannelArraySize);
|
||||
ZeroMemory(_settings->StaticChannelArray, sizeof(ADDIN_ARGV*) * _settings->StaticChannelArraySize);
|
||||
_settings->StaticChannelArray = (ADDIN_ARGV**) calloc(_settings->StaticChannelArraySize, sizeof(ADDIN_ARGV*));
|
||||
|
||||
for (index = 0; index < _settings->StaticChannelCount; index++)
|
||||
{
|
||||
@ -619,9 +625,7 @@ rdpSettings* freerdp_settings_clone(rdpSettings* settings)
|
||||
|
||||
_settings->DynamicChannelCount = settings->DynamicChannelCount;
|
||||
_settings->DynamicChannelArraySize = settings->DynamicChannelArraySize;
|
||||
_settings->DynamicChannelArray = (ADDIN_ARGV**)
|
||||
malloc(sizeof(ADDIN_ARGV*) * _settings->DynamicChannelArraySize);
|
||||
ZeroMemory(_settings->DynamicChannelArray, sizeof(ADDIN_ARGV*) * _settings->DynamicChannelArraySize);
|
||||
_settings->DynamicChannelArray = (ADDIN_ARGV**) calloc(_settings->DynamicChannelArraySize, sizeof(ADDIN_ARGV*));
|
||||
|
||||
for (index = 0; index < _settings->DynamicChannelCount; index++)
|
||||
{
|
||||
@ -651,7 +655,7 @@ void freerdp_settings_free(rdpSettings* settings)
|
||||
free(settings->MonitorDefArray);
|
||||
free(settings->ClientAddress);
|
||||
free(settings->ClientDir);
|
||||
free(settings->PermittedTLSCiphers);
|
||||
free(settings->AllowedTlsCiphers);
|
||||
free(settings->CertificateFile);
|
||||
free(settings->PrivateKeyFile);
|
||||
free(settings->ConnectionFile);
|
||||
|
||||
@ -581,6 +581,8 @@ BOOL tls_prepare(rdpTls* tls, BIO *underlying, SSL_METHOD *method, int options,
|
||||
BOOL tls_prepare(rdpTls* tls, BIO *underlying, const SSL_METHOD *method, int options, BOOL clientMode)
|
||||
#endif
|
||||
{
|
||||
rdpSettings* settings = tls->settings;
|
||||
|
||||
tls->ctx = SSL_CTX_new(method);
|
||||
|
||||
if (!tls->ctx)
|
||||
@ -594,11 +596,11 @@ BOOL tls_prepare(rdpTls* tls, BIO *underlying, const SSL_METHOD *method, int opt
|
||||
SSL_CTX_set_options(tls->ctx, options);
|
||||
SSL_CTX_set_read_ahead(tls->ctx, 1);
|
||||
|
||||
if (tls->settings->PermittedTLSCiphers)
|
||||
if (settings->AllowedTlsCiphers)
|
||||
{
|
||||
if (!SSL_CTX_set_cipher_list(tls->ctx, tls->settings->PermittedTLSCiphers))
|
||||
if (!SSL_CTX_set_cipher_list(tls->ctx, settings->AllowedTlsCiphers))
|
||||
{
|
||||
WLog_ERR(TAG, "SSL_CTX_set_cipher_list %s failed", tls->settings->PermittedTLSCiphers);
|
||||
WLog_ERR(TAG, "SSL_CTX_set_cipher_list %s failed", settings->AllowedTlsCiphers);
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user