mirrors/xrdp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

work on tls mode

Browse Source
This commit is contained in:
speidy 2014-08-22 09:13:33 +03:00
parent 4afe769467
commit 4015f526db
5 changed files with 68 additions and 236 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
common/trans.c
View File

@ -23,6 +23,42 @@
#include "arch.h"
#include "parse.h"
/*****************************************************************************/
int APP_CC
trans_tls_recv(struct trans *self, void *ptr, int len)
{
if (self->tls == NULL)
{
return 1;
}
return xrdp_tls_read(self->tls, ptr, len);
}
/*****************************************************************************/
int APP_CC
trans_tls_send(struct trans *self, const void *data, int len)
{
if (self->tls == NULL)
{
return 1;
}
return xrdp_tls_write(self->tls, data, len);
}
/*****************************************************************************/
int APP_CC
trans_tcp_recv(struct trans *self, void *ptr, int len)
{
return g_tcp_recv(self->sck, ptr, len, 0);
}
/*****************************************************************************/
int APP_CC
trans_tcp_send(struct trans *self, const void *data, int len)
{
return g_tcp_send(self->sck, data, len, 0);
}
/*****************************************************************************/
struct trans *
APP_CC
@ -40,9 +76,9 @@ trans_create(int mode, int in_size, int out_size)
init_stream(self->out_s, out_size);
self->mode = mode;
self->tls = 0;
/* assign tcp functions */
self->trans_read_call = trans_tcp_force_read_s;
self->trans_write_call = trans_tcp_force_write_s;
/* assign tcp calls by default */
self->trans_recv = trans_tcp_recv;
self->trans_send = trans_tcp_send;
}
return self;
@ -147,7 +183,7 @@ send_waiting(struct trans *self, int block)
if (g_tcp_can_send(self->sck, timeout))
{
bytes = (int) (temp_s->end - temp_s->p);
sent = g_tcp_send(self->sck, temp_s->p, bytes, 0);
sent = self->trans_send(self, temp_s->p, bytes);
if (sent > 0)
{
temp_s->p += sent;
@ -259,7 +295,7 @@ trans_check_wait_objs(struct trans *self)
if (to_read > 0)
{
read_bytes = g_tcp_recv(self->sck, self->in_s->end, to_read, 0);
read_bytes = self->trans_recv(self, self->in_s->end, to_read);
if (read_bytes == -1)
{
@ -313,12 +349,6 @@ trans_check_wait_objs(struct trans *self)
/*****************************************************************************/
int APP_CC
trans_force_read_s(struct trans *self, struct stream *in_s, int size)
{
return self->trans_read_call(self, in_s, size);
}
/*****************************************************************************/
int APP_CC
trans_tcp_force_read_s(struct trans *self, struct stream *in_s, int size)
{
int rcvd;
@ -335,7 +365,7 @@ trans_tcp_force_read_s(struct trans *self, struct stream *in_s, int size)
return 1;
}
rcvd = g_tcp_recv(self->sck, in_s->end, size, 0);
rcvd = self->trans_recv(self, in_s->end, size);
if (rcvd == -1)
{
@ -388,12 +418,6 @@ trans_force_read(struct trans *self, int size)
/*****************************************************************************/
int APP_CC
trans_force_write_s(struct trans *self, struct stream *out_s)
{
return self->trans_write_call(self, out_s);
}
/*****************************************************************************/
int APP_CC
trans_tcp_force_write_s(struct trans *self, struct stream *out_s)
{
int size;
int total;
@ -415,7 +439,7 @@ trans_tcp_force_write_s(struct trans *self, struct stream *out_s)
while (total < size)
{
sent = g_tcp_send(self->sck, out_s->data + total, size - total, 0);
sent = self->trans_send(self, out_s->data + total, size - total);
if (sent == -1)
{
@ -690,8 +714,8 @@ trans_set_tls_mode(struct trans *self, const char *key, const char *cert)
}
/* assign tls functions */
self->trans_read_call = xrdp_tls_force_read_s;
self->trans_write_call = xrdp_tls_force_write_s;
self->trans_recv = trans_tls_recv;
self->trans_send = trans_tls_send;
return 0;
}
@ -705,9 +729,9 @@ trans_shutdown_tls_mode(struct trans *self)
return xrdp_tls_disconnect(self->tls);
}
/* set callback back to tcp
self->trans_read_call = trans_tcp_force_read_s;
self->trans_write_call = trans_tcp_force_write_s;
*/
/* assign callback back to tcp cal */
self->trans_recv = trans_tcp_recv;
self->trans_send = trans_tcp_send;
return 0;
}

14
common/trans.h
View File

@ -41,8 +41,8 @@ typedef int (DEFAULT_CC *ttrans_data_in)(struct trans* self);
typedef int (DEFAULT_CC *ttrans_conn_in)(struct trans* self,
struct trans* new_self);
typedef int (DEFAULT_CC *tis_term)(void);
typedef int (APP_CC *trans_read_call) (struct trans *self, struct stream *in_s, int size);
typedef int (APP_CC *trans_write_call) (struct trans *self, struct stream *out_s);
typedef int (APP_CC *trans_recv) (struct trans *self, void *ptr, int len);
typedef int (APP_CC *trans_send) (struct trans *self, const void *data, int len);
struct trans
{
@ -64,8 +64,8 @@ struct trans
int no_stream_init_on_data_in;
int extra_flags; /* user defined */
struct xrdp_tls *tls;
trans_read_call trans_read_call;
trans_write_call trans_write_call;
trans_recv trans_recv;
trans_send trans_send;
};
/* xrdp_tls */
@ -87,10 +87,6 @@ int APP_CC
xrdp_tls_disconnect(struct xrdp_tls *self);
void APP_CC
xrdp_tls_delete(struct xrdp_tls *self);
int APP_CC
xrdp_tls_force_read_s(struct trans *self, struct stream *in_s, int size);
int APP_CC
xrdp_tls_force_write_s(struct trans *self, struct stream *out_s);
struct trans* APP_CC
trans_create(int mode, int in_size, int out_size);
@ -132,6 +128,6 @@ trans_shutdown_tls_mode(struct trans *self);
int APP_CC
trans_tcp_force_read_s(struct trans *self, struct stream *in_s, int size);
int APP_CC
trans_tcp_force_write_s(struct trans *self, struct stream *out_s);
trans_force_write_s(struct trans *self, struct stream *out_s);
#endif

179
common/xrdp_tls.c
View File

@ -266,183 +266,4 @@ xrdp_tls_write(struct xrdp_tls *tls, char *data, int length)
return status;
}
/*****************************************************************************/
int APP_CC
xrdp_tls_force_read_s(struct trans *self, struct stream *in_s, int size)
{
int rcvd;
if (self->status != TRANS_STATUS_UP)
{
return 1;
}
while (size > 0)
{
/* make sure stream has room */
if ((in_s->end + size) > (in_s->data + in_s->size))
{
return 1;
}
rcvd = xrdp_tls_read(self->tls, in_s->end, size);
if (rcvd == -1)
{
if (g_tcp_last_error_would_block(self->sck))
{
if (!g_tcp_can_recv(self->sck, 100))
{
/* check for term here */
if (self->is_term != 0)
{
if (self->is_term())
{
/* term */
self->status = TRANS_STATUS_DOWN;
return 1;
}
}
}
}
else
{
/* error */
self->status = TRANS_STATUS_DOWN;
return 1;
}
}
else if (rcvd == 0)
{
/* error */
self->status = TRANS_STATUS_DOWN;
return 1;
}
else
{
in_s->end += rcvd;
size -= rcvd;
}
}
return 0;
}
/*****************************************************************************/
int APP_CC
xrdp_tls_send_waiting(struct trans *self, int block)
{
struct stream *temp_s;
int bytes;
int sent;
int timeout;
int cont;
timeout = block ? 100 : 0;
cont = 1;
while (cont)
{
if (self->wait_s != 0)
{
temp_s = self->wait_s;
if (g_tcp_can_send(self->sck, timeout))
{
bytes = (int) (temp_s->end - temp_s->p);
sent = xrdp_tls_write(self->tls, temp_s->p, bytes);
if (sent > 0)
{
temp_s->p += sent;
if (temp_s->p >= temp_s->end)
{
self->wait_s = (struct stream *) (temp_s->next_packet);
free_stream(temp_s);
}
}
else if (sent == 0)
{
return 1;
}
else
{
if (!g_tcp_last_error_would_block(self->sck))
{
return 1;
}
}
}
}
else
{
break;
}
cont = block;
}
return 0;
}
/*****************************************************************************/
int APP_CC
xrdp_tls_force_write_s(struct trans *self, struct stream *out_s)
{
int size;
int total;
int sent;
if (self->status != TRANS_STATUS_UP)
{
return 1;
}
size = (int) (out_s->end - out_s->data);
total = 0;
if (xrdp_tls_send_waiting(self, 1) != 0)
{
self->status = TRANS_STATUS_DOWN;
return 1;
}
while (total < size)
{
sent = xrdp_tls_write(self->tls, out_s->data + total, size - total);
if (sent == -1)
{
if (g_tcp_last_error_would_block(self->sck))
{
if (!g_tcp_can_send(self->sck, 100))
{
/* check for term here */
if (self->is_term != 0)
{
if (self->is_term())
{
/* term */
self->status = TRANS_STATUS_DOWN;
return 1;
}
}
}
}
else
{
/* error */
self->status = TRANS_STATUS_DOWN;
return 1;
}
}
else if (sent == 0)
{
/* error */
self->status = TRANS_STATUS_DOWN;
return 1;
}
else
{
total = total + sent;
}
}
return 0;
}

9
libxrdp/xrdp_rdp.c
View File

@ -385,15 +385,6 @@ xrdp_rdp_recv(struct xrdp_rdp *self, struct stream *s, int *code)
chan = 0;
error = xrdp_sec_recv(self->sec_layer, s, &chan);
if (error == 3)
{
/* unencrypted confirm active msg arrived */
s->next_packet = 0;
*code = 3;
DEBUG(("out (0) xrdp_rdp_recv"));
return 0;
}
if (error == -1) /* special code for send demand active */
{
s->next_packet = 0;

28
libxrdp/xrdp_sec.c
View File

@ -185,6 +185,8 @@ static const tui8 g_fips_ivec[8] =
0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF
};
static int is_security_header_present = 1; /* next packet should contain security header? */
/*****************************************************************************/
static void APP_CC
hex_str_to_bin(char *in, char *out, int out_len)
@ -1206,17 +1208,9 @@ xrdp_sec_recv(struct xrdp_sec *self, struct stream *s, int *chan)
return 1;
}
/* TODO: HACK, we should recognize packets without security header
However, client info packet and license packet always have security header. */
if (s->data[17] == 0x13) /* confirm active pdu */
{
g_writeln("CONFIRM ACTIVE ARRIVED");
return 0;
}
if (s->data[17] == 0x17 || s->data[16] == 0x17) /* rdp data pdu */
if (!is_security_header_present)
{
g_writeln("RDP DATA ARRIVED");
return 0;
}
@ -1329,6 +1323,12 @@ xrdp_sec_recv(struct xrdp_sec *self, struct stream *s, int *chan)
return 1;
}
if (self->crypt_level == CRYPT_LEVEL_NONE
&& self->crypt_method == CRYPT_METHOD_NONE)
{
is_security_header_present = 0; /* in tls mode, no more security header from now on */
}
DEBUG((" out xrdp_sec_recv"));
return -1; /* special error that means send demand active */
}
@ -1791,11 +1791,11 @@ xrdp_sec_process_mcs_data_CS_SECURITY(struct xrdp_sec *self, struct stream* s)
found = 1;
}
}
if (found == 0)
{
g_writeln(" can not find client / server agreed encryption method");
return 1;
}
// if (found == 0)
// {
// g_writeln(" can not find client / server agreed encryption method");
// return 1;
// }
return 0;
}