Commit Graph

1568 Commits

Author SHA1 Message Date
Philippe Auphelle
7267eafe0f Merge remote-tracking branch 'upstream/master' 2012-01-26 10:57:18 +01:00
Marc-André Moreau
29c7c69521 Merge pull request #368 from pjd/crypto
Server-side Standard RDP Security support.
2012-01-25 08:30:16 -08:00
Pawel Jakub Dawidek
31529071fd Add glue that enables server-side support for Standard RDP Security. 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
7207e945c3 - Ignore received encryption_method and encryption_level if we don't support encryption.
- Print a warning if we receive unregognized type.
2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
daf565dbd3 Add complete implementation of gcc_write_server_security_data() function
that implements server-side Standard RDP Security.
2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
0a97242b3c Add rdp_server_establish_keys() function that is responsible for
establishing encryption keys for server-side Standard RDP Security.
2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
76f36461ff Add a note why we are skipping 8 bytes. 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
f49ea9853e Add fields to store RSA key for server-side Standard RDP Security. 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
ee9739f490 Add API to load RSA key for Standard RDP Security in server mode. 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
f5033b1a7c - Don't fill client_random with 0x5e, we are going to fill it up with
random data in the next line.
- Use less magic numbers.
2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
86910c8401 Add missing decryption. 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
d37cff01ed White-space fixes. 2012-01-25 17:15:44 +01:00
Pawel Jakub Dawidek
ac87b066fb Correct style. 2012-01-25 17:15:35 +01:00
Pawel Jakub Dawidek
31b6968263 Add a comment explaining why we always encode length in two bytes, eventhough we could use one byte sometimes. 2012-01-25 17:15:25 +01:00
Pawel Jakub Dawidek
61aa1dfb79 Add Standard RDP encryption suport for fastpath. Both input and output. 2012-01-25 17:15:17 +01:00
Pawel Jakub Dawidek
9c8a6bd8e9 Add some FASTPATH_INPUT_* enums. 2012-01-25 17:15:09 +01:00
Pawel Jakub Dawidek
68b9f65e87 Add --secure-checksum option that will enable usage of salted checksums
with Standard RDP encryption.
2012-01-25 17:14:58 +01:00
Pawel Jakub Dawidek
cea62dd9f6 Simplify code by using per_read_length() instead of reimplementing it. 2012-01-25 17:14:51 +01:00
Pawel Jakub Dawidek
af87360135 MCS data header might be 7 or 8 bytes long, depending on the length.
To reduce confusion a bit rename MCS_SEND_DATA_HEADER_LENGTH to
MCS_SEND_DATA_HEADER_MAX_LENGTH and also rename other defines that use
MCS_SEND_DATA_HEADER_MAX_LENGTH.
2012-01-25 17:14:44 +01:00
Pawel Jakub Dawidek
e2be360ec4 Add support for SEC_SECURE_CHECKSUM and FASTPATH_OUTPUT_SECURE_CHECKSUM flags. 2012-01-25 17:14:31 +01:00
Pawel Jakub Dawidek
4df52d7a42 Use rdp_read_security_header() to read security header. 2012-01-25 17:14:19 +01:00
Pawel Jakub Dawidek
b3a4be0298 We calculate checksum on plain text, so we must have already decrypt it, which means decrypt_use_count is off by one. Account for this. 2012-01-25 17:14:11 +01:00
Pawel Jakub Dawidek
207cb9b818 Fix typo: use & instead of | to check for flags. This fixes detection of requested protocols. 2012-01-25 17:13:53 +01:00
Marc-André Moreau
d5728b5ead Merge pull request #367 from jiten19/nscodec
nscodec final color bug fix
2012-01-25 08:02:06 -08:00
Philippe Auphelle
37eb0717fa Merge remote-tracking branch 'upstream/master' 2012-01-25 13:55:55 +01:00
cool
d344a7e456 nscodec final color bug fix 2012-01-24 21:06:48 -11:00
Marc-André Moreau
38f38a371e Merge pull request #365 from pjd/transport
Handle short writes properly in transport_write().
2012-01-24 11:23:02 -08:00
Marc-André Moreau
e0cda2610f Merge pull request #364 from bmiklautz/enablerfxneon
build: Added option WITH_NEON
2012-01-24 11:22:41 -08:00
Philippe Auphelle
9bf13012a6 Merge remote-tracking branch 'upstream/master' 2012-01-24 14:54:42 +01:00
Pawel Jakub Dawidek
609d177412 Handle short writes properly in transport_write().
Before this change if short write (send) occured, we were trying to
resend without updating length variable, so we were trying to send
too much and the following undefined data were causing the other
side to terminate connection.
2012-01-24 11:46:35 +01:00
Bernhard Miklautz
e9f1de751b build: Added option WITH_NEON
Enables neon optimized rfx decoder
2012-01-24 09:04:02 +01:00
Marc-André Moreau
89253f027c Merge pull request #363 from pjd/crypto
rdp_client_establish_keys() simplifications.
2012-01-23 10:18:47 -08:00
Marc-André Moreau
d5211588e1 Merge pull request #362 from bmiklautz/buildsystemfixes
Build system fixes
2012-01-23 10:18:20 -08:00
Pawel Jakub Dawidek
8e91faf139 - Rename rdp_establish_keys() to rdp_client_establish_keys() as it is only
responsible for establishing keys on the client side.
- Simplify rdp_client_establish_keys() by using rdp_write_header() and
  rdp_write_security_header() function instead of reimplementing them
  and by using existing defines instead of magic values.
2012-01-23 18:23:52 +01:00
Bernhard Miklautz
668c8c8cef build: use WITH_XXX instead of XXX_FOUND
To check if something should be en- or disabled WITH_XXX
should be used and not XXX_FOUND.

If XXX_FOUND is used and something gets disabled afterwards (by setting
WITH_XXX to OFF) it will be compiled in as long as XXX_FOUND is found in
cmake's cache file. So disabling a feature, or option, without
clearing the CMakeCache.txt might result in builds with unwanted
configuration.
2012-01-23 14:40:05 +01:00
Bernhard Miklautz
81004b44c5 build: Honor REQUIRE if set in find_package
FIND_PACKAGE_HANDLE_STANDARD_ARGS handles REQUIRE only correct if
called with the same package name as find_package was called with.

The returned xxxx_FOUND is still uppercase.
2012-01-23 14:40:05 +01:00
Bernhard Miklautz
cc24a7ad6a Changed cmake find prefix for pulseaudio.
Now option (WITH_PULSEAUDIO) and package prefix (PULSEAUDIO_FOUND) match.
2012-01-23 14:40:05 +01:00
Bernhard Miklautz
ac5dcbf565 Fixed optimization flags for release builds.
cmake uses CMAKE_C_FLAGS_RELEASE in addition to CMAKE_C_FLAGS for
make based build systems. Without the fix the optimization level
argument is set twice (-O2 -O3) and -O3 was used instead of -O2.
2012-01-23 14:40:05 +01:00
Philippe Auphelle
0a454fe91d Merge remote-tracking branch 'upstream/master' 2012-01-23 11:06:52 +01:00
Marc-André Moreau
94d44c2aba Merge pull request #361 from floppym/client-server-options
cmake: Add options to enable/disable client/server targets.
2012-01-22 09:27:29 -08:00
Mike Gilbert
ff10a65c8e Change ENABLE_{CLIENT,SERVER} to WITH_{CLIENT,SERVER}. 2012-01-22 12:26:30 -05:00
Mike Gilbert
3c61b381c6 cmake: Add options to enable/disable client/server targets. 2012-01-22 12:14:06 -05:00
Marc-André Moreau
5a024802ca Merge pull request #358 from pjd/crypto
Crypto
2012-01-18 20:40:43 -08:00
Pawel Jakub Dawidek
164c8a0a67 Whitespace fixes. 2012-01-19 05:36:52 +01:00
Pawel Jakub Dawidek
8238f2369d - Simplify security_mac_signature() API.
- Introduce implementation of security_salted_mac_signature() that would be
  used to handle packets with SEC_SECURE_CHECKSUM flag.
2012-01-19 05:10:06 +01:00
Pawel Jakub Dawidek
ab4beb787f Implement signature verification in Server Security Data packet.
Because this signature doesn't protect against anything, only warn
the user if it is invalid.
2012-01-19 04:49:03 +01:00
Pawel Jakub Dawidek
44663ab332 Introduce more complete RSA API that implements:
- crypto_rsa_public_encrypt()
- crypto_rsa_public_decrypt()
- crypto_rsa_private_encrypt()
- crypto_rsa_private_decrypt()
2012-01-19 04:48:52 +01:00
Pawel Jakub Dawidek
a118afa879 Add Terminal Services Signing Keys. 2012-01-19 04:48:43 +01:00
Pawel Jakub Dawidek
3bbd2f28c7 Use CRYPTO_*_DIGEST_LENGTH defines instead of magic values. 2012-01-19 04:48:32 +01:00
Pawel Jakub Dawidek
af5501cdc5 Introduce CRYPTO_SHA1_DIGEST_LENGTH and CRYPTO_MD5_DIGEST_LENGTH that hold
number of bytes needed for a given hash.
2012-01-19 04:48:23 +01:00