jh163888/xrdp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Updating all error messages to use LOG instead of LOG_DEVEL, and adding s_check_rem_and_log()

Browse Source
This commit is contained in:
Alexandre Quesnel 2021-01-23 17:48:58 +00:00
parent 5530c9107d
commit 0c677aaa5c
13 changed files with 742 additions and 629 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
common/log.h
View File

@ -22,6 +22,7 @@
#include <pthread.h> #include <pthread.h>
#include "arch.h" #include "arch.h"
#include "defines.h"
#include "list.h" #include "list.h"
/* logging buffer size */ /* logging buffer size */
@ -95,7 +96,7 @@ enum logReturns
* @param ... the arguments for the printf format c-string * @param ... the arguments for the printf format c-string
*/ */
#define LOG_DEVEL(log_level, args...) \ #define LOG_DEVEL(log_level, args...) \
log_message_with_location(__func__, __FILE__, __LINE__, log_level, args); log_message_with_location(__func__, __FILE__, __LINE__, log_level, args)
/** /**
* @brief Logging macro for messages that are for a systeam administrator to * @brief Logging macro for messages that are for a systeam administrator to
@ -109,7 +110,7 @@ enum logReturns
* @param ... the arguments for the printf format c-string * @param ... the arguments for the printf format c-string
*/ */
#define LOG(log_level, args...) \ #define LOG(log_level, args...) \
log_message_with_location(__func__, __FILE__, __LINE__, log_level, args); log_message_with_location(__func__, __FILE__, __LINE__, log_level, args)
/** /**
* @brief Logging macro for logging the contents of a byte array using a hex * @brief Logging macro for logging the contents of a byte array using a hex
@ -124,12 +125,16 @@ enum logReturns
* @param length, the length of the byte array to log * @param length, the length of the byte array to log
*/ */
#define LOG_DEVEL_HEXDUMP(log_level, message, buffer, length) \ #define LOG_DEVEL_HEXDUMP(log_level, message, buffer, length) \
log_hexdump_with_location(__func__, __FILE__, __LINE__, log_level, message, buffer, length); log_hexdump_with_location(__func__, __FILE__, __LINE__, log_level, message, buffer, length)
#else #else
#define LOG_DEVEL(log_level, args...) #define LOG(log_level, args...) log_message(log_level, args)
#define LOG(log_level, args...) log_message(log_level, args);
#define LOG_DEVEL_HEXDUMP(log_level, message, buffer, length) /* Since log_message() returns a value ensure that the elided versions of
* LOG_DEVEL and LOG_DEVEL_HEXDUMP also "fake" returning the success value
*/
#define LOG_DEVEL(log_level, args...) UNUSED_VAR(LOG_STARTUP_OK)
#define LOG_DEVEL_HEXDUMP(log_level, message, buffer, length) UNUSED_VAR(LOG_STARTUP_OK)
#endif #endif

43
common/parse.h
View File

@ -26,6 +26,7 @@
#define PARSE_H #define PARSE_H
#include "arch.h" #include "arch.h"
#include "log.h"
#if defined(L_ENDIAN) #if defined(L_ENDIAN)
#elif defined(B_ENDIAN) #elif defined(B_ENDIAN)
@ -54,17 +55,57 @@ struct stream
}; };
/******************************************************************************/ /******************************************************************************/
#define s_check(s) ((s)->p <= (s)->end) #define s_check(s) s_check_rem(s, 0)
/******************************************************************************/ /******************************************************************************/
#define s_check_rem(s, n) ((s)->p + (n) <= (s)->end) #define s_check_rem(s, n) ((s)->p + (n) <= (s)->end)
/******************************************************************************/
/**
* @returns true if there are at least n bytes remaining in the stream,
* else false and logs an error message
*/
#define s_check_rem_and_log(s, n, msg_prefix) \
( s_check_rem((s), (n)) ? \
1 : \
LOG(LOG_LEVEL_ERROR, \
"%s Not enough bytes in the stream: expected %d, remaining %d", \
(msg_prefix), (n), s_rem(s)) \
&& 0 )
/******************************************************************************/ /******************************************************************************/
#define s_check_rem_out(s, n) ((s)->p + (n) <= (s)->data + (s)->size) #define s_check_rem_out(s, n) ((s)->p + (n) <= (s)->data + (s)->size)
/******************************************************************************/
/**
* @returns true if there are at least n bytes remaining in the stream,
* else false and logs an error message
*/
#define s_check_rem_out_and_log(s, n, msg_prefix) \
( s_check_rem_out((s), (n)) ? \
1 : \
LOG(LOG_LEVEL_ERROR, \
"%s Not enough bytes in the stream: expected %d, remaining %d", \
(msg_prefix), (n), s_rem_out(s)) \
&& 0 )
/******************************************************************************/ /******************************************************************************/
#define s_check_end(s) ((s)->p == (s)->end) #define s_check_end(s) ((s)->p == (s)->end)
/******************************************************************************/
/**
* @returns true if there are exactly 0 bytes remaining in the stream,
* else false and logs an error message
*/
#define s_check_end_and_log(s, msg_prefix) \
( s_check_end((s)) ? \
1 : \
LOG(LOG_LEVEL_ERROR, \
"%s Expected to be at the end of the stream, " \
"but there are %d bytes remaining", \
(msg_prefix), s_rem(s)) \
&& 0 )
/******************************************************************************/ /******************************************************************************/
#define s_rem(s) ((int) ((s)->end - (s)->p)) #define s_rem(s) ((int) ((s)->end - (s)->p))

8
libxrdp/libxrdp.h
View File

@ -550,9 +550,9 @@ xrdp_codec_jpeg_compress(void *handle,
int cy, /* height of area to compress */ int cy, /* height of area to compress */
int quality, /* higher numbers compress less */ int quality, /* higher numbers compress less */
char *out_data, /* dest for jpg image */ char *out_data, /* dest for jpg image */
int *io_len /* length of out_data and on return */ int *io_len /* length of out_data and on return
/* len of compressed data */ len of compressed data */
); );
void * void *
xrdp_jpeg_init(void); xrdp_jpeg_init(void);
@ -560,7 +560,7 @@ int
xrdp_jpeg_deinit(void *handle); xrdp_jpeg_deinit(void *handle);
/* xrdp_channel.c */ /* xrdp_channel.c */
struct xrdp_channel* struct xrdp_channel *
xrdp_channel_create(struct xrdp_sec *owner, struct xrdp_mcs *mcs_layer); xrdp_channel_create(struct xrdp_sec *owner, struct xrdp_mcs *mcs_layer);
void void
xrdp_channel_delete(struct xrdp_channel *self); xrdp_channel_delete(struct xrdp_channel *self);

27
libxrdp/xrdp_caps.c
View File

@ -668,29 +668,34 @@ xrdp_caps_process_confirm_active(struct xrdp_rdp *self, struct stream *s)
if ((cap_len < 0) || (cap_len > 1024 * 1024)) if ((cap_len < 0) || (cap_len > 1024 * 1024))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Received [MS-RDPBCGR] TS_CONFIRM_ACTIVE_PDU " LOG(LOG_LEVEL_ERROR, "Received [MS-RDPBCGR] TS_CONFIRM_ACTIVE_PDU "
"lengthCombinedCapabilities %d is too long (> %d)", "lengthCombinedCapabilities %d is too long (> %d)",
cap_len, 1024 * 1024); cap_len, 1024 * 1024);
return 1; return 1;
} }
for (index = 0; index < num_caps; index++) for (index = 0; index < num_caps; index++)
{ {
p = s->p; p = s->p;
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4,
"Parsing [MS-RDPBCGR] TS_CONFIRM_ACTIVE_PDU - TS_CAPS_SET"))
{ {
LOG(LOG_LEVEL_ERROR, "Not enough bytes in the stream: "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_le(s, type); in_uint16_le(s, type);
in_uint16_le(s, len); in_uint16_le(s, len);
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_CONFIRM_ACTIVE_PDU - TS_CAPS_SET " LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_CONFIRM_ACTIVE_PDU - TS_CAPS_SET "
"capabilitySetType %d, lengthCapability %d", type, len); "capabilitySetType %d, lengthCapability %d", type, len);
if ((len < 4) || !s_check_rem(s, len - 4)) if (len < 4)
{
LOG(LOG_LEVEL_ERROR,
"Protocol error [MS-RDPBCGR] TS_CONFIRM_ACTIVE_PDU - TS_CAPS_SET "
"lengthCapability must be greater than 3, received %d", len);
return 1;
}
if (!s_check_rem_and_log(s, len - 4,
"Parsing [MS-RDPBCGR] TS_CONFIRM_ACTIVE_PDU - TS_CAPS_SET "))
{ {
LOG(LOG_LEVEL_ERROR, "Not enough bytes in the stream: "
"len %d, remaining %d", (len - 4), s_rem(s));
return 1; return 1;
} }
len -= 4; len -= 4;
@ -861,7 +866,7 @@ xrdp_caps_send_demand_active(struct xrdp_rdp *self)
if (xrdp_rdp_init(self, s) != 0) if (xrdp_rdp_init(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_caps_send_demand_active: xrdp_rdp_init failed"); LOG(LOG_LEVEL_ERROR, "xrdp_caps_send_demand_active: xrdp_rdp_init failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1178,7 +1183,7 @@ xrdp_caps_send_demand_active(struct xrdp_rdp *self)
"message with the server's capabilities"); "message with the server's capabilities");
if (xrdp_rdp_send(self, s, PDUTYPE_DEMANDACTIVEPDU) != 0) if (xrdp_rdp_send(self, s, PDUTYPE_DEMANDACTIVEPDU) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_caps_send_demand_active: xrdp_rdp_send failed"); LOG(LOG_LEVEL_ERROR, "xrdp_caps_send_demand_active: xrdp_rdp_send failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }

190
libxrdp/xrdp_channel.c
View File

@ -108,7 +108,7 @@ xrdp_channel_init(struct xrdp_channel *self, struct stream *s)
{ {
if (xrdp_sec_init(self->sec_layer, s) != 0) if (xrdp_sec_init(self->sec_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_channel_init: xrdp_sec_init failed"); LOG(LOG_LEVEL_ERROR, "xrdp_channel_init: xrdp_sec_init failed");
return 1; return 1;
} }
@ -270,30 +270,24 @@ drdynvc_get_chan_id(struct stream *s, char cmd, uint32_t *chan_id_p)
cbChId = cmd & 0x03; cbChId = cmd & 0x03;
if (cbChId == 0) if (cbChId == 0)
{ {
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [MS-RDPEDYC] channel id"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8(s, chan_id); in_uint8(s, chan_id);
} }
else if (cbChId == 1) else if (cbChId == 1)
{ {
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPEDYC] channel id"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_le(s, chan_id); in_uint16_le(s, chan_id);
} }
else else
{ {
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [MS-RDPEDYC] channel id"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint32_le(s, chan_id); in_uint32_le(s, chan_id);
@ -314,6 +308,10 @@ drdynvc_process_capability_response(struct xrdp_channel *self,
int cap_version; int cap_version;
int rv; int rv;
if (!s_check_rem_and_log(s, 3, "Parsing [MS-RDPEDYC] DYNVC_CAPS_RSP"))
{
return 1;
}
in_uint8s(s, 1); /* skip padding */ in_uint8s(s, 1); /* skip padding */
in_uint16_le(s, cap_version); /* Version */ in_uint16_le(s, cap_version); /* Version */
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPEDYC] DYNVC_CAPS_RSP " LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPEDYC] DYNVC_CAPS_RSP "
@ -347,14 +345,12 @@ drdynvc_process_open_channel_response(struct xrdp_channel *self,
if (drdynvc_get_chan_id(s, cmd, &chan_id) != 0) /* ChannelId */ if (drdynvc_get_chan_id(s, cmd, &chan_id) != 0) /* ChannelId */
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"drdynvc_process_open_channel_response: drdynvc_get_chan_id failed"); "Parsing [MS-RDPEDYC] DYNVC_CREATE_RSP failed");
return 1; return 1;
} }
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [MS-RDPEDYC] DYNVC_CREATE_RSP"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint32_le(s, creation_status); /* CreationStatus */ in_uint32_le(s, creation_status); /* CreationStatus */
@ -362,8 +358,8 @@ drdynvc_process_open_channel_response(struct xrdp_channel *self,
"ChannelId %d, CreationStatus %d", chan_id, creation_status); "ChannelId %d, CreationStatus %d", chan_id, creation_status);
if (chan_id > 255) if (chan_id > 255)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Received message for an invalid " LOG(LOG_LEVEL_ERROR, "Received [MS-RDPEDYC] DYNVC_CREATE_RSP for an "
"channel id. channel id %d", chan_id); "invalid channel id. Max allowed 255, received %d", chan_id);
return 1; return 1;
} }
@ -407,8 +403,8 @@ drdynvc_process_close_channel_response(struct xrdp_channel *self,
if (drdynvc_get_chan_id(s, cmd, &chan_id) != 0) /* ChannelId */ if (drdynvc_get_chan_id(s, cmd, &chan_id) != 0) /* ChannelId */
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"drdynvc_process_close_channel_response: drdynvc_get_chan_id failed"); "drdynvc_process_close_channel_response: drdynvc_get_chan_id failed");
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPEDYC] DYNVC_CLOSE " LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPEDYC] DYNVC_CLOSE "
@ -416,8 +412,8 @@ drdynvc_process_close_channel_response(struct xrdp_channel *self,
session = self->sec_layer->rdp_layer->session; session = self->sec_layer->rdp_layer->session;
if (chan_id > 255) if (chan_id > 255)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Received message for an invalid " LOG(LOG_LEVEL_ERROR, "Received message for an invalid "
"channel id. channel id %d", chan_id); "channel id. channel id %d", chan_id);
return 1; return 1;
} }
@ -457,37 +453,31 @@ drdynvc_process_data_first(struct xrdp_channel *self,
if (drdynvc_get_chan_id(s, cmd, &chan_id) != 0) /* ChannelId */ if (drdynvc_get_chan_id(s, cmd, &chan_id) != 0) /* ChannelId */
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"drdynvc_process_data_first: drdynvc_get_chan_id failed"); "Parsing [MS-RDPEDYC] DYNVC_DATA_FIRST failed");
return 1; return 1;
} }
len = (cmd >> 2) & 0x03; len = (cmd >> 2) & 0x03;
if (len == 0) if (len == 0)
{ {
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [MS-RDPEDYC] DYNVC_DATA_FIRST"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8(s, total_bytes); /* Length */ in_uint8(s, total_bytes); /* Length */
} }
else if (len == 1) else if (len == 1)
{ {
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPEDYC] DYNVC_DATA_FIRST"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_le(s, total_bytes); /* Length */ in_uint16_le(s, total_bytes); /* Length */
} }
else else
{ {
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [MS-RDPEDYC] DYNVC_DATA_FIRST"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint32_le(s, total_bytes); /* Length */ in_uint32_le(s, total_bytes); /* Length */
@ -500,8 +490,8 @@ drdynvc_process_data_first(struct xrdp_channel *self,
session = self->sec_layer->rdp_layer->session; session = self->sec_layer->rdp_layer->session;
if (chan_id > 255) if (chan_id > 255)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Received message for an invalid " LOG(LOG_LEVEL_ERROR, "Received [MS-RDPEDYC] DYNVC_DATA_FIRST for an "
"channel id. channel id %d", chan_id); "invalid channel id. Max allowed 255, received %d", chan_id);
return 1; return 1;
} }
drdynvc = self->drdynvcs + chan_id; drdynvc = self->drdynvcs + chan_id;
@ -532,7 +522,7 @@ drdynvc_process_data(struct xrdp_channel *self,
if (drdynvc_get_chan_id(s, cmd, &chan_id) != 0) /* ChannelId */ if (drdynvc_get_chan_id(s, cmd, &chan_id) != 0) /* ChannelId */
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "drdynvc_process_data: drdynvc_get_chan_id failed"); LOG(LOG_LEVEL_ERROR, "drdynvc_process_data: drdynvc_get_chan_id failed");
return 1; return 1;
} }
bytes = (int) (s->end - s->p); bytes = (int) (s->end - s->p);
@ -542,8 +532,8 @@ drdynvc_process_data(struct xrdp_channel *self,
session = self->sec_layer->rdp_layer->session; session = self->sec_layer->rdp_layer->session;
if (chan_id > 255) if (chan_id > 255)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Received message for an invalid " LOG(LOG_LEVEL_ERROR, "Received message for an invalid "
"channel id. channel id %d", chan_id); "channel id. channel id %d", chan_id);
return 1; return 1;
} }
drdynvc = self->drdynvcs + chan_id; drdynvc = self->drdynvcs + chan_id;
@ -575,10 +565,8 @@ xrdp_channel_process_drdynvc(struct xrdp_channel *self,
int rv; int rv;
struct stream *ls; struct stream *ls;
if (!s_check_rem(s, 8)) if (!s_check_rem_and_log(s, 8, "Parsing [MS-RDPBCGR] CHANNEL_PDU_HEADER"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 8, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint32_le(s, total_length); /* length */ in_uint32_le(s, total_length); /* length */
@ -594,9 +582,9 @@ xrdp_channel_process_drdynvc(struct xrdp_channel *self,
"length %d", length); "length %d", length);
if (length > s_rem_out(self->s)) if (length > s_rem_out(self->s))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Data chunk length is bigger than " LOG(LOG_LEVEL_ERROR, "[MS-RDPBCGR] Data chunk length is bigger than "
"the remaining chunk buffer size. length %d, reaiming %d", "the remaining chunk buffer size. length %d, remaining %d",
length, s_rem_out(self->s)); length, s_rem_out(self->s));
return 1; return 1;
} }
out_uint8a(self->s, s->p, length); /* append data to chunk buffer */ out_uint8a(self->s, s->p, length); /* append data to chunk buffer */
@ -611,9 +599,9 @@ xrdp_channel_process_drdynvc(struct xrdp_channel *self,
"length %d", length); "length %d", length);
if (length > s_rem_out(self->s)) if (length > s_rem_out(self->s))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Data chunk length is bigger than " LOG(LOG_LEVEL_ERROR, "[MS-RDPBCGR] Data chunk length is bigger than "
"the remaining chunk buffer size. length %d, reaiming %d", "the remaining chunk buffer size. length %d, remaining %d",
length, s_rem_out(self->s)); length, s_rem_out(self->s));
return 1; return 1;
} }
out_uint8a(self->s, s->p, length); /* append data to chunk buffer */ out_uint8a(self->s, s->p, length); /* append data to chunk buffer */
@ -625,9 +613,9 @@ xrdp_channel_process_drdynvc(struct xrdp_channel *self,
"length %d", length); "length %d", length);
if (length > s_rem_out(self->s)) if (length > s_rem_out(self->s))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Data chunk length is bigger than " LOG(LOG_LEVEL_ERROR, "[MS-RDPBCGR] Data chunk length is bigger than "
"the remaining chunk buffer size. length %d, reaiming %d", "the remaining chunk buffer size. length %d, remaining %d",
length, s_rem_out(self->s)); length, s_rem_out(self->s));
return 1; return 1;
} }
out_uint8a(self->s, s->p, length); /* append data to chunk buffer */ out_uint8a(self->s, s->p, length); /* append data to chunk buffer */
@ -646,7 +634,7 @@ xrdp_channel_process_drdynvc(struct xrdp_channel *self,
} }
if (ls == NULL) if (ls == NULL)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "BUG: ls must not be NULL"); LOG(LOG_LEVEL_ERROR, "BUG: ls must not be NULL");
return 1; return 1;
} }
in_uint8(ls, cmd); /* cbId (low 2 bits), Sp (2 bits), Cmd (hi 4 bits) */ in_uint8(ls, cmd); /* cbId (low 2 bits), Sp (2 bits), Cmd (hi 4 bits) */
@ -672,8 +660,8 @@ xrdp_channel_process_drdynvc(struct xrdp_channel *self,
rv = drdynvc_process_data(self, cmd, s); rv = drdynvc_process_data(self, cmd, s);
break; break;
default: default:
LOG_DEVEL(LOG_LEVEL_ERROR, "Received header [MS-RDPEDYC] with " LOG(LOG_LEVEL_ERROR, "Received header [MS-RDPEDYC] with "
"unknown command 0x%2.2x", cmd); "unknown command 0x%2.2x", cmd);
break; break;
} }
return rv; return rv;
@ -746,8 +734,8 @@ xrdp_channel_drdynvc_send_capability_request(struct xrdp_channel *self)
init_stream(s, 8192); init_stream(s, 8192);
if (xrdp_channel_init(self, s) != 0) if (xrdp_channel_init(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_channel_drdynvc_send_capability_request: xrdp_channel_init failed"); "xrdp_channel_drdynvc_send_capability_request: xrdp_channel_init failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -770,8 +758,8 @@ xrdp_channel_drdynvc_send_capability_request(struct xrdp_channel *self)
"PriorityCharge1 0, PriorityCharge2 0, PriorityCharge3 0"); "PriorityCharge1 0, PriorityCharge2 0, PriorityCharge3 0");
if (xrdp_channel_send(self, s, channel_id, total_data_len, flags) != 0) if (xrdp_channel_send(self, s, channel_id, total_data_len, flags) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_channel_drdynvc_send_capability_request: xrdp_channel_send failed"); "xrdp_channel_drdynvc_send_capability_request: xrdp_channel_send failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -813,9 +801,9 @@ xrdp_channel_drdynvc_start(struct xrdp_channel *self)
} }
else else
{ {
LOG_DEVEL(LOG_LEVEL_WARNING, LOG(LOG_LEVEL_WARNING,
"Dynamic Virtual Channel named 'drdynvc' not found, " "Dynamic Virtual Channel named 'drdynvc' not found, "
"channel not initialized"); "channel not initialized");
} }
return 0; return 0;
} }
@ -843,8 +831,8 @@ xrdp_channel_drdynvc_open(struct xrdp_channel *self, const char *name,
init_stream(s, 8192); init_stream(s, 8192);
if (xrdp_channel_init(self, s) != 0) if (xrdp_channel_init(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_channel_drdynvc_open: xrdp_channel_init failed"); "xrdp_channel_drdynvc_open: xrdp_channel_init failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -856,10 +844,10 @@ xrdp_channel_drdynvc_open(struct xrdp_channel *self, const char *name,
ChId++; ChId++;
if (ChId > 255) if (ChId > 255)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"Attempting to create a new channel when the maximum " "Attempting to create a new channel when the maximum "
"number of chanels have already been created. " "number of channels have already been created. "
"XRDP only supports 255 open channels."); "XRDP only supports 255 open channels.");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -881,8 +869,8 @@ xrdp_channel_drdynvc_open(struct xrdp_channel *self, const char *name,
if (xrdp_channel_send(self, s, static_channel_id, total_data_len, if (xrdp_channel_send(self, s, static_channel_id, total_data_len,
static_flags) != 0) static_flags) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_channel_drdynvc_open: xrdp_channel_send failed"); "Sending [MS-RDPEDYC] DYNVC_CREATE_REQ failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -913,26 +901,26 @@ xrdp_channel_drdynvc_close(struct xrdp_channel *self, int chan_id)
if ((chan_id < 0) || (chan_id > 255)) if ((chan_id < 0) || (chan_id > 255))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Attempting to close an invalid channel id. " LOG(LOG_LEVEL_ERROR, "Attempting to close an invalid channel id. "
"channel id %d", chan_id); "channel id %d", chan_id);
return 1; return 1;
} }
if ((self->drdynvcs[chan_id].status != XRDP_DRDYNVC_STATUS_OPEN) && if ((self->drdynvcs[chan_id].status != XRDP_DRDYNVC_STATUS_OPEN) &&
(self->drdynvcs[chan_id].status != XRDP_DRDYNVC_STATUS_OPEN_SENT)) (self->drdynvcs[chan_id].status != XRDP_DRDYNVC_STATUS_OPEN_SENT))
{ {
/* not open */ /* not open */
LOG_DEVEL(LOG_LEVEL_ERROR, "Attempting to close a channel that is not open. " LOG(LOG_LEVEL_ERROR, "Attempting to close a channel that is not open. "
"channel id %d, channel status %s", "channel id %d, channel status %s",
chan_id, chan_id,
XRDP_DRDYNVC_STATUS_TO_STR(self->drdynvcs[chan_id].status)); XRDP_DRDYNVC_STATUS_TO_STR(self->drdynvcs[chan_id].status));
return 1; return 1;
} }
make_stream(s); make_stream(s);
init_stream(s, 8192); init_stream(s, 8192);
if (xrdp_channel_init(self, s) != 0) if (xrdp_channel_init(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_channel_drdynvc_close: xrdp_channel_init failed"); "xrdp_channel_drdynvc_close: xrdp_channel_init failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -953,8 +941,8 @@ xrdp_channel_drdynvc_close(struct xrdp_channel *self, int chan_id)
if (xrdp_channel_send(self, s, static_channel_id, total_data_len, if (xrdp_channel_send(self, s, static_channel_id, total_data_len,
static_flags) != 0) static_flags) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_channel_drdynvc_open: xrdp_channel_send failed"); "xrdp_channel_drdynvc_open: xrdp_channel_send failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -983,30 +971,30 @@ xrdp_channel_drdynvc_data_first(struct xrdp_channel *self, int chan_id,
if ((chan_id < 0) || (chan_id > 255)) if ((chan_id < 0) || (chan_id > 255))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Attempting to send data to an invalid " LOG(LOG_LEVEL_ERROR, "Attempting to send data to an invalid "
"channel id. channel id %d", chan_id); "channel id. channel id %d", chan_id);
return 1; return 1;
} }
if (self->drdynvcs[chan_id].status != XRDP_DRDYNVC_STATUS_OPEN) if (self->drdynvcs[chan_id].status != XRDP_DRDYNVC_STATUS_OPEN)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Attempting to send data to a channel that " LOG(LOG_LEVEL_ERROR, "Attempting to send data to a channel that "
"is not open. channel id %d, channel status %s", "is not open. channel id %d, channel status %s",
chan_id, chan_id,
XRDP_DRDYNVC_STATUS_TO_STR(self->drdynvcs[chan_id].status)); XRDP_DRDYNVC_STATUS_TO_STR(self->drdynvcs[chan_id].status));
return 1; return 1;
} }
if (data_bytes > 1590) if (data_bytes > 1590)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Payload for channel id %d is is too big. " LOG(LOG_LEVEL_ERROR, "Payload for channel id %d is is too big. "
"data_bytes %d", chan_id, data_bytes); "data_bytes %d", chan_id, data_bytes);
return 1; return 1;
} }
make_stream(s); make_stream(s);
init_stream(s, 8192); init_stream(s, 8192);
if (xrdp_channel_init(self, s) != 0) if (xrdp_channel_init(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_channel_drdynvc_data_first: xrdp_channel_init failed"); "xrdp_channel_drdynvc_data_first: xrdp_channel_init failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1028,8 +1016,8 @@ xrdp_channel_drdynvc_data_first(struct xrdp_channel *self, int chan_id,
if (xrdp_channel_send(self, s, static_channel_id, total_data_len, if (xrdp_channel_send(self, s, static_channel_id, total_data_len,
static_flags) != 0) static_flags) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_channel_drdynvc_data_first: xrdp_channel_send failed"); "xrdp_channel_drdynvc_data_first: xrdp_channel_send failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1055,30 +1043,30 @@ xrdp_channel_drdynvc_data(struct xrdp_channel *self, int chan_id,
if ((chan_id < 0) || (chan_id > 255)) if ((chan_id < 0) || (chan_id > 255))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Attempting to send data to an invalid " LOG(LOG_LEVEL_ERROR, "Attempting to send data to an invalid "
"channel id. channel id %d", chan_id); "channel id. channel id %d", chan_id);
return 1; return 1;
} }
if (self->drdynvcs[chan_id].status != XRDP_DRDYNVC_STATUS_OPEN) if (self->drdynvcs[chan_id].status != XRDP_DRDYNVC_STATUS_OPEN)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Attempting to send data to a channel that " LOG(LOG_LEVEL_ERROR, "Attempting to send data to a channel that "
"is not open. channel id %d, channel status %s", "is not open. channel id %d, channel status %s",
chan_id, chan_id,
XRDP_DRDYNVC_STATUS_TO_STR(self->drdynvcs[chan_id].status)); XRDP_DRDYNVC_STATUS_TO_STR(self->drdynvcs[chan_id].status));
return 1; return 1;
} }
if (data_bytes > 1590) if (data_bytes > 1590)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Payload for channel id %d is is too big. " LOG(LOG_LEVEL_ERROR, "Payload for channel id %d is is too big. "
"data_bytes %d", chan_id, data_bytes); "data_bytes %d", chan_id, data_bytes);
return 1; return 1;
} }
make_stream(s); make_stream(s);
init_stream(s, 8192); init_stream(s, 8192);
if (xrdp_channel_init(self, s) != 0) if (xrdp_channel_init(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_channel_drdynvc_data: xrdp_channel_init failed"); "xrdp_channel_drdynvc_data: xrdp_channel_init failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1099,8 +1087,8 @@ xrdp_channel_drdynvc_data(struct xrdp_channel *self, int chan_id,
if (xrdp_channel_send(self, s, static_channel_id, total_data_len, if (xrdp_channel_send(self, s, static_channel_id, total_data_len,
static_flags) != 0) static_flags) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_channel_drdynvc_data: xrdp_channel_send failed"); "xrdp_channel_drdynvc_data: xrdp_channel_send failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }

47
libxrdp/xrdp_fastpath.c
View File

@ -68,9 +68,8 @@ xrdp_fastpath_recv(struct xrdp_fastpath *self, struct stream *s)
holdp = s->p; holdp = s->p;
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPBCGR] TS_FP_INPUT_PDU"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_fastpath_recv: ERROR the stream does not contain enough bytes");
return 1; return 1;
} }
in_uint8(s, fp_hdr); /* fpInputHeader (1 byte) */ in_uint8(s, fp_hdr); /* fpInputHeader (1 byte) */
@ -84,9 +83,8 @@ xrdp_fastpath_recv(struct xrdp_fastpath *self, struct stream *s)
byte &= ~(0x80); byte &= ~(0x80);
len = (byte << 8); len = (byte << 8);
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [MS-RDPBCGR] TS_FP_INPUT_PDU length2"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_fastpath_recv: ERROR the stream does not contain enough bytes");
return 1; return 1;
} }
in_uint8(s, byte); /* length 2 (1 byte) */ in_uint8(s, byte); /* length 2 (1 byte) */
@ -98,7 +96,9 @@ xrdp_fastpath_recv(struct xrdp_fastpath *self, struct stream *s)
len = byte; len = byte;
} }
s->next_packet = holdp + len; s->next_packet = holdp + len;
LOG_DEVEL(LOG_LEVEL_TRACE, "xrdp_fastpath_recv: numEvents %d secFlags 0x%x length %d", LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [MS-RDPBCGR] TS_FP_INPUT_PDU "
"fpInputHeader.action (ignored), fpInputHeader.numEvents %d, "
"fpInputHeader.flags 0x%1.1x, length %d",
self->numEvents, self->secFlags, len); self->numEvents, self->secFlags, len);
return 0; return 0;
} }
@ -136,6 +136,10 @@ xrdp_fastpath_session_callback(struct xrdp_fastpath *self, int msg,
self->session->callback(self->session->id, msg, self->session->callback(self->session->id, msg,
param1, param2, param3, param4); param1, param2, param3, param4);
} }
else
{
LOG_DEVEL(LOG_LEVEL_WARNING, "Bug: session is NULL");
}
return 0; return 0;
} }
@ -165,11 +169,14 @@ xrdp_fastpath_process_EVENT_SCANCODE(struct xrdp_fastpath *self,
int code; int code;
flags = 0; flags = 0;
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [MS-RDPBCGR] TS_FP_KEYBOARD_EVENT"))
{ {
return 1; return 1;
} }
in_uint8(s, code); /* keyCode (1 byte) */ in_uint8(s, code); /* keyCode (1 byte) */
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_FP_KEYBOARD_EVENT "
"eventHeader.eventFlags 0x%2.2x, eventHeader.eventCode (ignored), "
"keyCode %d", eventFlags, code);
if ((eventFlags & FASTPATH_INPUT_KBDFLAGS_RELEASE)) if ((eventFlags & FASTPATH_INPUT_KBDFLAGS_RELEASE))
{ {
@ -207,13 +214,16 @@ xrdp_fastpath_process_EVENT_MOUSE(struct xrdp_fastpath *self,
return 1; return 1;
} }
if (!s_check_rem(s, 2 + 2 + 2)) if (!s_check_rem_and_log(s, 2 + 2 + 2, "Parsing [MS-RDPBCGR] TS_FP_POINTER_EVENT"))
{ {
return 1; return 1;
} }
in_uint16_le(s, pointerFlags); /* pointerFlags (2 bytes) */ in_uint16_le(s, pointerFlags); /* pointerFlags (2 bytes) */
in_uint16_le(s, xPos); /* xPos (2 bytes) */ in_uint16_le(s, xPos); /* xPos (2 bytes) */
in_uint16_le(s, yPos); /* yPos (2 bytes) */ in_uint16_le(s, yPos); /* yPos (2 bytes) */
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_FP_POINTER_EVENT "
"eventHeader.eventFlags 0x00, eventHeader.eventCode (ignored), "
"pointerFlags 0x%4.4x, xPos %d, yPos %d", pointerFlags, xPos, yPos);
xrdp_fastpath_session_callback(self, RDP_INPUT_MOUSE, xrdp_fastpath_session_callback(self, RDP_INPUT_MOUSE,
xPos, yPos, pointerFlags, 0); xPos, yPos, pointerFlags, 0);
@ -237,13 +247,18 @@ xrdp_fastpath_process_EVENT_MOUSEX(struct xrdp_fastpath *self,
return 1; return 1;
} }
if (!s_check_rem(s, 2 + 2 + 2)) if (!s_check_rem_and_log(s, 2 + 2 + 2,
"Parsing [MS-RDPBCGR] TS_FP_POINTERX_EVENT"))
{ {
return 1; return 1;
} }
in_uint16_le(s, pointerFlags); /* pointerFlags (2 bytes) */ in_uint16_le(s, pointerFlags); /* pointerFlags (2 bytes) */
in_uint16_le(s, xPos); /* xPos (2 bytes) */ in_uint16_le(s, xPos); /* xPos (2 bytes) */
in_uint16_le(s, yPos); /* yPos (2 bytes) */ in_uint16_le(s, yPos); /* yPos (2 bytes) */
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_FP_POINTERX_EVENT "
"eventHeader.eventFlags 0x%2.2x, eventHeader.eventCode (ignored), "
"pointerFlags 0x%4.4x, xPos %d, yPos %d",
eventFlags, pointerFlags, xPos, yPos);
xrdp_fastpath_session_callback(self, RDP_INPUT_MOUSEX, xrdp_fastpath_session_callback(self, RDP_INPUT_MOUSEX,
xPos, yPos, pointerFlags, 0); xPos, yPos, pointerFlags, 0);
@ -265,6 +280,10 @@ xrdp_fastpath_process_EVENT_SYNC(struct xrdp_fastpath *self,
* status of the keyboard toggle keys. * status of the keyboard toggle keys.
*/ */
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_FP_SYNC_EVENT"
"eventHeader.eventFlags 0x%2.2x, eventHeader.eventCode (ignored), ",
eventFlags);
xrdp_fastpath_session_callback(self, RDP_INPUT_SYNCHRONIZE, xrdp_fastpath_session_callback(self, RDP_INPUT_SYNCHRONIZE,
eventFlags, 0, 0, 0); eventFlags, 0, 0, 0);
@ -281,11 +300,16 @@ xrdp_fastpath_process_EVENT_UNICODE(struct xrdp_fastpath *self,
int code; int code;
flags = 0; flags = 0;
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPBCGR] TS_FP_UNICODE_KEYBOARD_EVENT"))
{ {
return 1; return 1;
} }
in_uint16_le(s, code); /* unicode (2 byte) */ in_uint16_le(s, code); /* unicode (2 byte) */
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_FP_UNICODE_KEYBOARD_EVENT"
"eventHeader.eventFlags 0x%2.2x, eventHeader.eventCode (ignored), "
"unicodeCode %d",
eventFlags, code);
if (eventFlags & FASTPATH_INPUT_KBDFLAGS_RELEASE) if (eventFlags & FASTPATH_INPUT_KBDFLAGS_RELEASE)
{ {
flags |= KBD_FLAG_UP; flags |= KBD_FLAG_UP;
@ -317,7 +341,7 @@ xrdp_fastpath_process_input_event(struct xrdp_fastpath *self,
/* process fastpath input events */ /* process fastpath input events */
for (i = 0; i < self->numEvents; i++) for (i = 0; i < self->numEvents; i++)
{ {
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [MS-RDPBCGR] TS_FP_INPUT_EVENT eventHeader"))
{ {
return 1; return 1;
} }
@ -325,6 +349,9 @@ xrdp_fastpath_process_input_event(struct xrdp_fastpath *self,
eventFlags = (eventHeader & 0x1F); eventFlags = (eventHeader & 0x1F);
eventCode = (eventHeader >> 5); eventCode = (eventHeader >> 5);
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_FP_INPUT_EVENT"
"eventHeader.eventFlags 0x%2.2x, eventHeader.eventCode 0x%1.1x",
eventFlags, eventCode);
switch (eventCode) switch (eventCode)
{ {

62
libxrdp/xrdp_iso.c
View File

@ -94,7 +94,7 @@ xrdp_iso_negotiate_security(struct xrdp_iso *self)
} }
else else
{ {
LOG(LOG_LEVEL_ERROR, "Server requiers TLS for security, " LOG(LOG_LEVEL_ERROR, "Server requires TLS for security, "
"but the client did not request TLS."); "but the client did not request TLS.");
self->failureCode = SSL_REQUIRED_BY_SERVER; self->failureCode = SSL_REQUIRED_BY_SERVER;
rv = 1; /* error */ rv = 1; /* error */
@ -132,10 +132,8 @@ xrdp_iso_process_rdp_neg_req(struct xrdp_iso *self, struct stream *s)
int flags; int flags;
int len; int len;
if (!s_check_rem(s, 7)) if (!s_check_rem_and_log(s, 7, "Parsing [MS-RDPBCGR] RDP_NEG_REQ"))
{ {
LOG(LOG_LEVEL_ERROR, "unexpected end-of-record. "
"expected 7, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -205,21 +203,24 @@ xrdp_iso_recv_msg(struct xrdp_iso *self, struct stream *s, int *code, int *len)
"transport input stream"); "transport input stream");
} }
/* TPKT header is 4 bytes, then first 2 bytes of the X.224 CR-TPDU */ /* [ITU-T T.123] TPKT header is 4 bytes, then first 2 bytes of the X.224 CR-TPDU */
if (!s_check_rem(s, 6)) if (!s_check_rem_and_log(s, 6,
"Parsing [ITU-T T.123] TPKT header and [ITU-T X.224] TPDU header"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "unexpected end-of-record. "
"expected 6, remaining %d", s_rem(s));
return 1; return 1;
} }
/* [ITU-T T.123] TPKT header */ /* [ITU-T T.123] TPKT header */
in_uint8(s, ver); /* version */ in_uint8(s, ver); /* version */
in_uint8s(s, 3); /* Skip reserved field (1 byte), plus length (2 bytes) */ in_uint8s(s, 3); /* Skip reserved field (1 byte), plus length (2 bytes) */
LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [ITU-T T.123] TPKT "
"version %d, length (ignored)", ver);
/* [ITU-T X.224] TPDU header */ /* [ITU-T X.224] TPDU header */
in_uint8(s, *len); /* LI (length indicator) */ in_uint8(s, *len); /* LI (length indicator) */
in_uint8(s, *code); /* TPDU code */ in_uint8(s, *code); /* TPDU code */
LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [ITU-T X.224] TPDU "
"length indicator %d, TDPU code 0x%2.2x", *len, *code);
if (ver != 3) if (ver != 3)
{ {
@ -241,10 +242,8 @@ xrdp_iso_recv_msg(struct xrdp_iso *self, struct stream *s, int *code, int *len)
if (*code == ISO_PDU_DT) if (*code == ISO_PDU_DT)
{ {
/* Data PDU : X.224 13.7 class 0 */ /* Data PDU : X.224 13.7 class 0 */
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [ITU-T X.224] DT-TPDU (Data) header"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "unexpected end-of-record. "
"expected 1, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 1); /* EOT (End of TSDU Mark) (upper 1 bit) and in_uint8s(s, 1); /* EOT (End of TSDU Mark) (upper 1 bit) and
@ -257,10 +256,8 @@ xrdp_iso_recv_msg(struct xrdp_iso *self, struct stream *s, int *code, int *len)
CR Connection request (13.3) CR Connection request (13.3)
CC Connection confirm (13.4) CC Connection confirm (13.4)
DR Disconnect request (13.5) */ DR Disconnect request (13.5) */
if (!s_check_rem(s, 5)) if (!s_check_rem_and_log(s, 5, "Parsing [ITU-T X.224] Other PDU header"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "unexpected end-of-record. "
"expected 5, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 5); /* DST-REF (2 bytes) in_uint8s(s, 5); /* DST-REF (2 bytes)
@ -268,10 +265,6 @@ xrdp_iso_recv_msg(struct xrdp_iso *self, struct stream *s, int *code, int *len)
[CR, CC] CLASS OPTION (1 byte) or [DR] REASON (1 byte) */ [CR, CC] CLASS OPTION (1 byte) or [DR] REASON (1 byte) */
} }
LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [ITU-T T.123] TPKT "
"version %d, length (ignored)", ver);
LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [ITU-T X.224] TPDU "
"length indicator %d, TDPU code 0x%2.2x", *len, *code);
return 0; return 0;
} }
@ -379,7 +372,7 @@ xrdp_iso_send_cc(struct xrdp_iso *self)
if (trans_write_copy_s(self->trans, s) != 0) if (trans_write_copy_s(self->trans, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_iso_send_cc: trans_write_copy_s failed"); LOG(LOG_LEVEL_ERROR, "Sending [ITU-T X.224] CC-TPDU (Connection Confirm) failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -412,26 +405,26 @@ xrdp_iso_incoming(struct xrdp_iso *self)
struct stream *s; struct stream *s;
int expected_pdu_len; int expected_pdu_len;
LOG_DEVEL(LOG_LEVEL_DEBUG, "X.224 Connection Sequence: receive connection request"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[ITU-T X.224] Connection Sequence: receive connection request");
s = libxrdp_force_read(self->trans); s = libxrdp_force_read(self->trans);
if (s == NULL) if (s == NULL)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_iso_incoming: libxrdp_force_read failed"); LOG(LOG_LEVEL_ERROR, "[ITU-T X.224] Connection Sequence: CR-TPDU (Connection Request) failed");
return 1; return 1;
} }
if (xrdp_iso_recv_msg(self, s, &code, &len) != 0) if (xrdp_iso_recv_msg(self, s, &code, &len) != 0)
{ {
LOG(LOG_LEVEL_ERROR, "xrdp_iso_incoming: xrdp_iso_recv_msg failed"); LOG(LOG_LEVEL_ERROR, "[ITU-T X.224] Connection Sequence: CR-TPDU (Connection Request) failed");
return 1; return 1;
} }
if (code != ISO_PDU_CR) if (code != ISO_PDU_CR)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_iso_incoming only supports processing " LOG(LOG_LEVEL_ERROR, "xrdp_iso_incoming only supports processing "
"[ITU-T X.224] CR-TPDU (Connection Request) headers. " "[ITU-T X.224] CR-TPDU (Connection Request) headers. "
"Received TPDU header: length indicator %d, TDPU code 0x%2.2x", "Received TPDU header: length indicator %d, TDPU code 0x%2.2x",
len, code); len, code);
return 1; return 1;
} }
@ -461,7 +454,7 @@ xrdp_iso_incoming(struct xrdp_iso *self)
{ {
default: default:
LOG_DEVEL(LOG_LEVEL_WARNING, LOG_DEVEL(LOG_LEVEL_WARNING,
"Unknown structure type in X.224 Connection Request. " "Ignoring unknown structure type in [ITU-T X.224] CR-TPDU (Connection Request). "
"type 0x%2.2x", cc_type); "type 0x%2.2x", cc_type);
break; break;
case RDP_NEG_REQ: /* rdpNegReq 1 */ case RDP_NEG_REQ: /* rdpNegReq 1 */
@ -469,16 +462,15 @@ xrdp_iso_incoming(struct xrdp_iso *self)
if (xrdp_iso_process_rdp_neg_req(self, s) != 0) if (xrdp_iso_process_rdp_neg_req(self, s) != 0)
{ {
LOG(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_iso_incoming: xrdp_iso_process_rdp_neg_req failed"); "[ITU-T X.224] Connection Sequence: failed");
return 1; return 1;
} }
break; break;
case RDP_CORRELATION_INFO: /* rdpCorrelationInfo 6 */ case RDP_CORRELATION_INFO: /* rdpCorrelationInfo 6 */
// TODO // TODO
if (!s_check_rem(s, 1 + 2 + 16 + 16)) if (!s_check_rem_and_log(s, 1 + 2 + 16 + 16,
"Parsing [MS-RDPBCGR] RDP_NEG_CORRELATION_INFO"))
{ {
LOG(LOG_LEVEL_ERROR, "unexpected end-of-record. "
"expected 35, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -515,14 +507,14 @@ xrdp_iso_incoming(struct xrdp_iso *self)
rv = xrdp_iso_negotiate_security(self); rv = xrdp_iso_negotiate_security(self);
/* send connection confirm back to client */ /* send connection confirm back to client */
LOG_DEVEL(LOG_LEVEL_DEBUG, "X.224 Connection Sequence: send connection confirmation"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[ITU-T X.224] Connection Sequence: send connection confirmation");
if (xrdp_iso_send_cc(self) != 0) if (xrdp_iso_send_cc(self) != 0)
{ {
LOG(LOG_LEVEL_ERROR, "xrdp_iso_incoming: xrdp_iso_send_cc failed"); LOG(LOG_LEVEL_ERROR, "[ITU-T X.224] Connection Sequence: send connection confirmation failed");
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_DEBUG, "X.224 Connection Sequence: completed"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[ITU-T X.224] Connection Sequence: completed");
return rv; return rv;
} }
@ -567,7 +559,7 @@ xrdp_iso_send(struct xrdp_iso *self, struct stream *s)
if (trans_write_copy_s(self->trans, s) != 0) if (trans_write_copy_s(self->trans, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_iso_send: trans_write_copy_s failed"); LOG(LOG_LEVEL_ERROR, "xrdp_iso_send: trans_write_copy_s failed");
return 1; return 1;
} }

321
libxrdp/xrdp_mcs.c
View File

@ -115,7 +115,7 @@ xrdp_mcs_send_cjcf(struct xrdp_mcs *self, int userid, int chanid)
if (xrdp_iso_send(self->iso_layer, s) != 0) if (xrdp_iso_send(self->iso_layer, s) != 0)
{ {
free_stream(s); free_stream(s);
LOG(LOG_LEVEL_ERROR, "xrdp_mcs_send_cjcf: xrdp_iso_send failed"); LOG(LOG_LEVEL_ERROR, "Sening [ITU-T T.125] ChannelJoinConfirm failed");
return 1; return 1;
} }
@ -150,10 +150,8 @@ xrdp_mcs_recv(struct xrdp_mcs *self, struct stream *s, int *chan)
return 1; return 1;
} }
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [ITU-T T.125] DomainMCSPDU"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -167,6 +165,7 @@ xrdp_mcs_recv(struct xrdp_mcs *self, struct stream *s, int *chan)
if (appid == MCS_DPUM) /* Disconnect Provider Ultimatum */ if (appid == MCS_DPUM) /* Disconnect Provider Ultimatum */
{ {
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] DisconnectProviderUltimatum"); LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] DisconnectProviderUltimatum");
LOG(LOG_LEVEL_DEBUG, "Recieved disconnection request");
return 1; return 1;
} }
@ -174,10 +173,8 @@ xrdp_mcs_recv(struct xrdp_mcs *self, struct stream *s, int *chan)
this is channels getting added from the client */ this is channels getting added from the client */
if (appid == MCS_CJRQ) if (appid == MCS_CJRQ)
{ {
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [ITU-T T.125] ChannelJoinRequest"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -188,7 +185,7 @@ xrdp_mcs_recv(struct xrdp_mcs *self, struct stream *s, int *chan)
if (xrdp_mcs_send_cjcf(self, userid, chanid) != 0) if (xrdp_mcs_send_cjcf(self, userid, chanid) != 0)
{ {
LOG(LOG_LEVEL_WARNING, "xrdp_mcs_recv: xrdp_mcs_send_cjcf failed"); LOG(LOG_LEVEL_WARNING, "[ITU-T T.125] Channel join sequence: failed");
} }
s = libxrdp_force_read(self->iso_layer->trans); s = libxrdp_force_read(self->iso_layer->trans);
@ -212,10 +209,8 @@ xrdp_mcs_recv(struct xrdp_mcs *self, struct stream *s, int *chan)
return 1; return 1;
} }
if (!s_check_rem(s, 6)) if (!s_check_rem_and_log(s, 6, "Parsing [ITU-T T.125] SendDataRequest"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 6, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -232,10 +227,8 @@ xrdp_mcs_recv(struct xrdp_mcs *self, struct stream *s, int *chan)
The first byte will have the two highest order bits set to 1 and 0 The first byte will have the two highest order bits set to 1 and 0
(ie. len & 0xC0 == 0x80) and the length is encoded as remaining 14 bits of (ie. len & 0xC0 == 0x80) and the length is encoded as remaining 14 bits of
the two bytes (ie. len & 0x3fff). */ the two bytes (ie. len & 0x3fff). */
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [ITU-T T.125] SendDataRequest userData Length"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 1); /* userData Length (byte 2) */ in_uint8s(s, 1); /* userData Length (byte 2) */
@ -249,8 +242,8 @@ xrdp_mcs_recv(struct xrdp_mcs *self, struct stream *s, int *chan)
to 1 and 1 (ie. len & 0xC0 == 0xC0) and the remaining 6 bits contain to 1 and 1 (ie. len & 0xC0 == 0xC0) and the remaining 6 bits contain
a multiplyer for 16K (ie. n = (len & 0x3f) * 0x3f) a multiplyer for 16K (ie. n = (len & 0x3f) * 0x3f)
*/ */
LOG_DEVEL(LOG_LEVEL_ERROR, "[ITU-T T.125] SendDataRequest with length greater " LOG(LOG_LEVEL_ERROR, "[ITU-T T.125] SendDataRequest with length greater "
"than 16K is not supported. len 0x%2.2x", len); "than 16K is not supported. len 0x%2.2x", len);
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] SendDataRequest " LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] SendDataRequest "
@ -281,20 +274,16 @@ xrdp_mcs_ber_parse_header(struct xrdp_mcs *self, struct stream *s,
if (tag_val > 0xff) if (tag_val > 0xff)
{ {
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [ITU-T X.690] Identifier"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_be(s, tag); in_uint16_be(s, tag);
} }
else else
{ {
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [ITU-T X.690] Identifier"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8(s, tag); in_uint8(s, tag);
@ -302,15 +291,13 @@ xrdp_mcs_ber_parse_header(struct xrdp_mcs *self, struct stream *s,
if (tag != tag_val) if (tag != tag_val)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Parsed [ITU-T X.690] Identifier: " LOG(LOG_LEVEL_ERROR, "Parsed [ITU-T X.690] Identifier: "
"expected 0x%4.4x, actual 0x%4.4x", tag_val, tag); "expected 0x%4.4x, actual 0x%4.4x", tag_val, tag);
return 1; return 1;
} }
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [ITU-T X.690] Length"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -323,10 +310,8 @@ xrdp_mcs_ber_parse_header(struct xrdp_mcs *self, struct stream *s,
while (l > 0) while (l > 0)
{ {
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [ITU-T X.690] Length"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8(s, i); in_uint8(s, i);
@ -341,16 +326,7 @@ xrdp_mcs_ber_parse_header(struct xrdp_mcs *self, struct stream *s,
LOG_DEVEL(LOG_LEVEL_TRACE, "Parsed BER header [ITU-T X.690] " LOG_DEVEL(LOG_LEVEL_TRACE, "Parsed BER header [ITU-T X.690] "
"Identifier 0x%4.4x, Length %d", tag, *len); "Identifier 0x%4.4x, Length %d", tag, *len);
if (s_check(s)) return !s_check_rem_and_log(s, 0, "Parsing [ITU-T X.690]");
{
return 0;
}
else
{
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 0, remaining %d", s_rem(s));
return 1;
}
} }
/*****************************************************************************/ /*****************************************************************************/
@ -363,31 +339,26 @@ xrdp_mcs_parse_domain_params(struct xrdp_mcs *self, struct stream *s)
if (xrdp_mcs_ber_parse_header(self, s, MCS_TAG_DOMAIN_PARAMS, &len) != 0) if (xrdp_mcs_ber_parse_header(self, s, MCS_TAG_DOMAIN_PARAMS, &len) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_mcs_parse_domain_params: xrdp_mcs_ber_parse_header " "Parsing [ITU-T T.125] DomainParameters failed");
"with MCS_TAG_DOMAIN_PARAMS failed");
return 1; return 1;
} }
if ((len < 0) || !s_check_rem(s, len)) if (len < 0)
{
LOG(LOG_LEVEL_ERROR,
"Parsing [ITU-T T.125] DomainParameters length field is "
"invalid. Expected > 0, acctual %d", len);
return 1;
}
if (!s_check_rem_and_log(s, len, "Parsing [ITU-T T.125] DomainParameters"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len %d, remaining %d", len, s_rem(s));
return 1; return 1;
} }
in_uint8s(s, len); /* skip all fields */ in_uint8s(s, len); /* skip all fields */
if (s_check(s)) return !s_check_rem_and_log(s, 0, "Parsing [ITU-T T.125] DomainParameters");
{
return 0;
}
else
{
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 0, remaining %d", s_rem(s));
return 1;
}
} }
/*****************************************************************************/ /*****************************************************************************/
@ -402,36 +373,39 @@ xrdp_mcs_recv_connect_initial(struct xrdp_mcs *self)
s = libxrdp_force_read(self->iso_layer->trans); s = libxrdp_force_read(self->iso_layer->trans);
if (s == 0) if (s == 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_recv_connect_initial: libxrdp_force_read failed"); LOG(LOG_LEVEL_ERROR, "Processing [ITU-T T.125] Connect-Initial failed");
return 1; return 1;
} }
if (xrdp_iso_recv(self->iso_layer, s) != 0) if (xrdp_iso_recv(self->iso_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_recv_connect_initial: xrdp_iso_recv failed"); LOG(LOG_LEVEL_ERROR, "Processing [ITU-T T.125] Connect-Initial failed");
return 1; return 1;
} }
if (xrdp_mcs_ber_parse_header(self, s, MCS_CONNECT_INITIAL, &len) != 0) if (xrdp_mcs_ber_parse_header(self, s, MCS_CONNECT_INITIAL, &len) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_mcs_recv_connect_initial: xrdp_mcs_ber_parse_header " "Parsing [ITU-T T.125] Connect-Initial failed");
"with MCS_CONNECT_INITIAL failed");
return 1; return 1;
} }
if (xrdp_mcs_ber_parse_header(self, s, BER_TAG_OCTET_STRING, &len) != 0) if (xrdp_mcs_ber_parse_header(self, s, BER_TAG_OCTET_STRING, &len) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_mcs_recv_connect_initial: xrdp_mcs_ber_parse_header " "Parsing [ITU-T T.125] Connect-Initial callingDomainSelector failed");
"with BER_TAG_OCTET_STRING failed");
return 1; return 1;
} }
if ((len < 0) || !s_check_rem(s, len)) if (len < 0)
{
LOG(LOG_LEVEL_ERROR,
"Parsing [ITU-T T.125] Connect-Initial callingDomainSelector length field is "
"invalid. Expected > 0, acctual %d", len);
return 1;
}
if (!s_check_rem_and_log(s, len, "Parsing [ITU-T T.125] Connect-Initial callingDomainSelector"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len %d, remaining %d", len, s_rem(s));
return 1; return 1;
} }
@ -439,16 +413,19 @@ xrdp_mcs_recv_connect_initial(struct xrdp_mcs *self)
if (xrdp_mcs_ber_parse_header(self, s, BER_TAG_OCTET_STRING, &len) != 0) if (xrdp_mcs_ber_parse_header(self, s, BER_TAG_OCTET_STRING, &len) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_mcs_recv_connect_initial: xrdp_mcs_ber_parse_header " "Parsing [ITU-T T.125] Connect-Initial calledDomainSelector failed");
"with BER_TAG_OCTET_STRING failed");
return 1; return 1;
} }
if (len < 0)
if ((len < 0) || !s_check_rem(s, len)) {
LOG(LOG_LEVEL_ERROR,
"Parsing [ITU-T T.125] Connect-Initial calledDomainSelector length field is "
"invalid. Expected > 0, acctual %d", len);
return 1;
}
if (!s_check_rem_and_log(s, len, "Parsing [ITU-T T.125] Connect-Initial calledDomainSelector"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len %d, remaining %d", len, s_rem(s));
return 1; return 1;
} }
@ -456,16 +433,19 @@ xrdp_mcs_recv_connect_initial(struct xrdp_mcs *self)
if (xrdp_mcs_ber_parse_header(self, s, BER_TAG_BOOLEAN, &len) != 0) if (xrdp_mcs_ber_parse_header(self, s, BER_TAG_BOOLEAN, &len) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_mcs_recv_connect_initial: xrdp_mcs_ber_parse_header " "Parsing [ITU-T T.125] Connect-Initial upwardFlag failed");
"with BER_TAG_BOOLEAN failed");
return 1; return 1;
} }
if (len < 0)
if ((len < 0) || !s_check_rem(s, len)) {
LOG(LOG_LEVEL_ERROR,
"Parsing [ITU-T T.125] Connect-Initial upwardFlag length field is "
"invalid. Expected > 0, acctual %d", len);
return 1;
}
if (!s_check_rem_and_log(s, len, "Parsing [ITU-T T.125] Connect-Initial upwardFlag"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len %d, remaining %d", len, s_rem(s));
return 1; return 1;
} }
@ -474,46 +454,43 @@ xrdp_mcs_recv_connect_initial(struct xrdp_mcs *self)
/* [ITU-T T.125] Connect-Initial targetParameters */ /* [ITU-T T.125] Connect-Initial targetParameters */
if (xrdp_mcs_parse_domain_params(self, s) != 0) if (xrdp_mcs_parse_domain_params(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_mcs_recv_connect_initial: xrdp_mcs_parse_domain_params failed"); "Parsing [ITU-T T.125] Connect-Initial targetParameters failed");
return 1; return 1;
} }
/* [ITU-T T.125] Connect-Initial minimumParameters */ /* [ITU-T T.125] Connect-Initial minimumParameters */
if (xrdp_mcs_parse_domain_params(self, s) != 0) if (xrdp_mcs_parse_domain_params(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_mcs_recv_connect_initial: xrdp_mcs_parse_domain_params failed"); "Parsing [ITU-T T.125] Connect-Initial minimumParameters failed");
return 1; return 1;
} }
/* [ITU-T T.125] Connect-Initial maximumParameters */ /* [ITU-T T.125] Connect-Initial maximumParameters */
if (xrdp_mcs_parse_domain_params(self, s) != 0) if (xrdp_mcs_parse_domain_params(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_mcs_recv_connect_initial: xrdp_mcs_parse_domain_params failed"); "Parsing [ITU-T T.125] Connect-Initial maximumParameters failed");
return 1; return 1;
} }
if (xrdp_mcs_ber_parse_header(self, s, BER_TAG_OCTET_STRING, &len) != 0) if (xrdp_mcs_ber_parse_header(self, s, BER_TAG_OCTET_STRING, &len) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_recv_connect_initial: " LOG(LOG_LEVEL_ERROR,
"xrdp_mcs_ber_parse_header with BER_TAG_OCTET_STRING failed"); "Parsing [ITU-T T.125] Connect-Initial userData failed");
return 1; return 1;
} }
/* mcs userData can not be zero length */
/* mcs data can not be zero length */
if ((len <= 0) || (len > 16 * 1024)) if ((len <= 0) || (len > 16 * 1024))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "MCS Protocol error: length too big. " LOG(LOG_LEVEL_ERROR,
"max length %d, len %d", 16 * 1024, len); "Parsing [ITU-T T.125] Connect-Initial userData: length too big. "
"max length %d, len %d", 16 * 1024, len);
return 1; return 1;
} }
if (!s_check_rem_and_log(s, len, "Parsing [ITU-T T.125] Connect-Initial userData"))
if (!s_check_rem(s, len))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len %d, remaining %d", len, s_rem(s));
return 1; return 1;
} }
@ -528,16 +505,13 @@ xrdp_mcs_recv_connect_initial(struct xrdp_mcs *self)
in_uint8s(s, len); in_uint8s(s, len);
s_mark_end(self->client_mcs_data); s_mark_end(self->client_mcs_data);
if (s_check_end(s)) if (!s_check_end_and_log(s, "MCS protocol error [ITU-T T.125] Connect-Initial"))
{ {
return 0;
}
else
{
LOG_DEVEL(LOG_LEVEL_ERROR, "MCS protocol error: "
"the stream should be at the end but it is not");
return 1; return 1;
} }
return 0;
} }
/*****************************************************************************/ /*****************************************************************************/
@ -555,20 +529,18 @@ xrdp_mcs_recv_edrq(struct xrdp_mcs *self)
s = libxrdp_force_read(self->iso_layer->trans); s = libxrdp_force_read(self->iso_layer->trans);
if (s == 0) if (s == 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_recv_edrq: libxrdp_force_read failed"); LOG(LOG_LEVEL_ERROR, "Processing [ITU-T T.125] ErectDomainRequest failed");
return 1; return 1;
} }
if (xrdp_iso_recv(self->iso_layer, s) != 0) if (xrdp_iso_recv(self->iso_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_recv_edrq: xrdp_iso_recv failed"); LOG(LOG_LEVEL_ERROR, "Processing [ITU-T T.125] ErectDomainRequest failed");
return 1; return 1;
} }
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [ITU-T T.125] DomainMCSPDU"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -579,15 +551,13 @@ xrdp_mcs_recv_edrq(struct xrdp_mcs *self)
if ((opcode >> 2) != MCS_EDRQ) if ((opcode >> 2) != MCS_EDRQ)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Parsed [ITU-T T.125] DomainMCSPDU choice index " LOG(LOG_LEVEL_ERROR, "Parsed [ITU-T T.125] DomainMCSPDU choice index "
"expected %d, received %d", MCS_EDRQ, (opcode >> 2)); "expected %d, received %d", MCS_EDRQ, (opcode >> 2));
return 1; return 1;
} }
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [ITU-T T.125] ErectDomainRequest"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -608,10 +578,8 @@ xrdp_mcs_recv_edrq(struct xrdp_mcs *self)
*/ */
if (opcode & 2) /* ErectDomainRequest v3 nonStandard optional field is present? */ if (opcode & 2) /* ErectDomainRequest v3 nonStandard optional field is present? */
{ {
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [ITU-T T.125] ErectDomainRequest nonStandard"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_be(s, self->userid); /* NonStandardParameter.key in_uint16_be(s, self->userid); /* NonStandardParameter.key
@ -620,10 +588,8 @@ xrdp_mcs_recv_edrq(struct xrdp_mcs *self)
"choice index %d (ErectDomainRequest)", (opcode >> 2)); "choice index %d (ErectDomainRequest)", (opcode >> 2));
} }
if (!(s_check_end(s))) if (!s_check_end_and_log(s, "MCS protocol error [ITU-T T.125] ErectDomainRequest"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Expected to be at the end of the stream, "
"but there are %d bytes remaining", s_rem(s));
return 1; return 1;
} }
@ -645,20 +611,18 @@ xrdp_mcs_recv_aurq(struct xrdp_mcs *self)
s = libxrdp_force_read(self->iso_layer->trans); s = libxrdp_force_read(self->iso_layer->trans);
if (s == 0) if (s == 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_recv_aurq: libxrdp_force_read failed"); LOG(LOG_LEVEL_ERROR, "Processing [ITU-T T.125] AttachUserRequest failed");
return 1; return 1;
} }
if (xrdp_iso_recv(self->iso_layer, s) != 0) if (xrdp_iso_recv(self->iso_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_recv_aurq: xrdp_iso_recv failed"); LOG(LOG_LEVEL_ERROR, "Processing [ITU-T T.125] AttachUserRequest failed");
return 1; return 1;
} }
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [ITU-T T.125] DomainMCSPDU"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -669,8 +633,8 @@ xrdp_mcs_recv_aurq(struct xrdp_mcs *self)
if ((opcode >> 2) != MCS_AURQ) if ((opcode >> 2) != MCS_AURQ)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Parsed [ITU-T T.125] DomainMCSPDU choice index " LOG(LOG_LEVEL_ERROR, "Parsed [ITU-T T.125] DomainMCSPDU choice index "
"expected %d, received %d", MCS_AURQ, (opcode >> 2)); "expected %d, received %d", MCS_AURQ, (opcode >> 2));
return 1; return 1;
} }
@ -681,26 +645,24 @@ xrdp_mcs_recv_aurq(struct xrdp_mcs *self)
*/ */
if (opcode & 2) if (opcode & 2)
{ {
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [ITU-T T.125] AttachUserRequest nonStandard"))
{ {
return 1; return 1;
} }
in_uint16_be(s, self->userid); /* NonStandardParameter.key in_uint16_be(s, self->userid); /* NonStandardParameter.key
NonStandardParameter.data */ NonStandardParameter.data */
} }
if (!(s_check_end(s)))
{
LOG_DEVEL(LOG_LEVEL_ERROR, "Expected to be at the end of the stream, "
"but there are %d bytes remaining", s_rem(s));
return 1;
}
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] DomainMCSPDU " LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] DomainMCSPDU "
"choice index %d (AttachUserRequest)", (opcode >> 2)); "choice index %d (AttachUserRequest)", (opcode >> 2));
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] AttachUserRequest " LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] AttachUserRequest "
"nonStandard (%s)", "nonStandard (%s)",
(opcode & 2) ? "present" : "not present"); (opcode & 2) ? "present" : "not present");
if (!s_check_end_and_log(s, "MCS protocol error [ITU-T T.125] AttachUserRequest"))
{
return 1;
}
return 0; return 0;
} }
@ -737,7 +699,7 @@ xrdp_mcs_send_aucf(struct xrdp_mcs *self)
if (xrdp_iso_send(self->iso_layer, s) != 0) if (xrdp_iso_send(self->iso_layer, s) != 0)
{ {
free_stream(s); free_stream(s);
LOG(LOG_LEVEL_ERROR, "xrdp_mcs_send_aucf: xrdp_iso_send failed"); LOG(LOG_LEVEL_ERROR, "Sending [ITU-T T.125] AttachUserConfirm failed");
return 1; return 1;
} }
@ -760,36 +722,34 @@ xrdp_mcs_recv_cjrq(struct xrdp_mcs *self)
s = libxrdp_force_read(self->iso_layer->trans); s = libxrdp_force_read(self->iso_layer->trans);
if (s == 0) if (s == 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_recv_cjrq: libxrdp_force_read failed"); LOG(LOG_LEVEL_ERROR, "Processing [ITU-T T.25] ChannelJoinRequest failed");
return 1; return 1;
} }
if (xrdp_iso_recv(self->iso_layer, s) != 0) if (xrdp_iso_recv(self->iso_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_recv_cjrq: xrdp_iso_recv failed"); LOG(LOG_LEVEL_ERROR, "Processing [ITU-T T.25] ChannelJoinRequest failed");
return 1; return 1;
} }
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [ITU-T T.125] DomainMCSPDU"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8(s, opcode); in_uint8(s, opcode);
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] DomainMCSPDU "
"choice index %d (ChannelJoinRequest)", (opcode >> 2));
if ((opcode >> 2) != MCS_CJRQ) if ((opcode >> 2) != MCS_CJRQ)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Parsed [ITU-T T.125] DomainMCSPDU choice index " LOG(LOG_LEVEL_ERROR, "Parsed [ITU-T T.125] DomainMCSPDU choice index "
"expected %d, received %d", MCS_CJRQ, (opcode >> 2)); "expected %d, received %d", MCS_CJRQ, (opcode >> 2));
return 1; return 1;
} }
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [ITU-T T.125] ChannelJoinRequest"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -803,30 +763,24 @@ xrdp_mcs_recv_cjrq(struct xrdp_mcs *self)
*/ */
if (opcode & 2) if (opcode & 2)
{ {
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [ITU-T T.125] ChannelJoinRequest nonStandard"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream, "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 2); /* NonStandardParameter.key in_uint8s(s, 2); /* NonStandardParameter.key
NonStandardParameter.data */ NonStandardParameter.data */
} }
if (!(s_check_end(s)))
{
LOG_DEVEL(LOG_LEVEL_ERROR, "Expected to be at the end of the stream, "
"but there are %d bytes remaining", s_rem(s));
return 1;
}
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] DomainMCSPDU "
"choice index %d (ChannelJoinRequest)", (opcode >> 2));
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] ChannelJoinRequest " LOG_DEVEL(LOG_LEVEL_TRACE, "Received [ITU-T T.125] ChannelJoinRequest "
"initiator (ignored), channelId (ignored), " "initiator (ignored), channelId (ignored), "
"nonStandard (%s)", "nonStandard (%s)",
(opcode & 2) ? "present" : "not present"); (opcode & 2) ? "present" : "not present");
if (!s_check_end_and_log(s, "MCS protocol error [ITU-T T.125] ChannelJoinRequest"))
{
return 1;
}
return 0; return 0;
} }
@ -857,8 +811,8 @@ xrdp_mcs_ber_out_header(struct xrdp_mcs *self, struct stream *s,
out_uint8(s, len); out_uint8(s, len);
} }
// LOG_DEVEL(LOG_LEVEL_TRACE, "Added header [ITU-T X.690] Identifier %d, Length %d", LOG_DEVEL(LOG_LEVEL_TRACE, "Adding header [ITU-T X.690] Identifier %d, Length %d",
// tag_val, len); tag_val, len);
return 0; return 0;
} }
@ -915,7 +869,7 @@ xrdp_mcs_out_domain_params(struct xrdp_mcs *self, struct stream *s,
xrdp_mcs_ber_out_int24(self, s, max_pdu_size); xrdp_mcs_ber_out_int24(self, s, max_pdu_size);
xrdp_mcs_ber_out_int8(self, s, 2); /* protocolVersion */ xrdp_mcs_ber_out_int8(self, s, 2); /* protocolVersion */
LOG_DEVEL(LOG_LEVEL_TRACE, "Write to stream [ITU-T T.125] DomainParameters " LOG_DEVEL(LOG_LEVEL_TRACE, "Adding struct [ITU-T T.125] DomainParameters "
"maxChannelIds %d, maxUserIds %d, maxTokenIds %d, numPriorities 1, " "maxChannelIds %d, maxUserIds %d, maxTokenIds %d, numPriorities 1, "
"minThroughput 0 B/s, maxHeight 1, maxMCSPDUsize %d, " "minThroughput 0 B/s, maxHeight 1, maxMCSPDUsize %d, "
"protocolVersion 2", "protocolVersion 2",
@ -1223,7 +1177,7 @@ xrdp_mcs_send_connect_response(struct xrdp_mcs *self)
out_uint8a(s, self->server_mcs_data->data, data_len); out_uint8a(s, self->server_mcs_data->data, data_len);
s_mark_end(s); s_mark_end(s);
LOG_DEVEL(LOG_LEVEL_TRACE, "Sening [ITU-T T.125] Connect-Response " LOG_DEVEL(LOG_LEVEL_TRACE, "Sending [ITU-T T.125] Connect-Response "
"result SUCCESS, calledConnectId 0, " "result SUCCESS, calledConnectId 0, "
"domainParameters (see xrdp_mcs_out_domain_params() trace logs), " "domainParameters (see xrdp_mcs_out_domain_params() trace logs), "
"userData (see xrdp_mcs_out_gcc_data() trace logs and " "userData (see xrdp_mcs_out_gcc_data() trace logs and "
@ -1233,7 +1187,7 @@ xrdp_mcs_send_connect_response(struct xrdp_mcs *self)
if (xrdp_iso_send(self->iso_layer, s) != 0) if (xrdp_iso_send(self->iso_layer, s) != 0)
{ {
free_stream(s); free_stream(s);
LOG(LOG_LEVEL_ERROR, "xrdp_mcs_send_connect_response: xrdp_iso_send failed"); LOG(LOG_LEVEL_ERROR, "Sending [ITU-T T.125] Connect-Response failed");
return 1; return 1;
} }
@ -1252,73 +1206,74 @@ xrdp_mcs_incoming(struct xrdp_mcs *self)
{ {
int index; int index;
LOG_DEVEL(LOG_LEVEL_DEBUG, "MCS Connection Sequence: receive connection request"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MCS Connection Sequence] receive connection request");
if (xrdp_mcs_recv_connect_initial(self) != 0) if (xrdp_mcs_recv_connect_initial(self) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_incoming: xrdp_mcs_recv_connect_initial failed"); LOG(LOG_LEVEL_ERROR, "[MCS Connection Sequence] receive connection request failed");
return 1; return 1;
} }
/* in xrdp_sec.c */ /* in xrdp_sec.c */
if (xrdp_sec_process_mcs_data(self->sec_layer) != 0) if (xrdp_sec_process_mcs_data(self->sec_layer) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_incoming: xrdp_sec_process_mcs_data failed"); LOG(LOG_LEVEL_ERROR, "[MCS Connection Sequence] Connect Initial PDU with GCC Conference Create Request failed");
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_DEBUG, "[MCS Connection Sequence] construct connection reponse");
if (xrdp_mcs_out_gcc_data(self->sec_layer) != 0) if (xrdp_mcs_out_gcc_data(self->sec_layer) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_incoming: xrdp_mcs_out_gcc_data failed"); LOG(LOG_LEVEL_ERROR, "[MCS Connection Sequence] construct connection reponse failed");
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_DEBUG, "MCS Connection Sequence: send connection reponse"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MCS Connection Sequence] send connection reponse");
if (xrdp_mcs_send_connect_response(self) != 0) if (xrdp_mcs_send_connect_response(self) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_incoming: xrdp_mcs_send_connect_response failed"); LOG(LOG_LEVEL_ERROR, "[MCS Connection Sequence] send connection reponse failed");
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_DEBUG, "MCS Connection Sequence: receive erect domain request"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MCS Connection Sequence] receive erect domain request");
if (xrdp_mcs_recv_edrq(self) != 0) if (xrdp_mcs_recv_edrq(self) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_incoming: xrdp_mcs_recv_edrq failed"); LOG(LOG_LEVEL_ERROR, "[MCS Connection Sequence] receive erect domain request failed");
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_DEBUG, "MCS Connection Sequence: receive attach user request"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MCS Connection Sequence] receive attach user request");
if (xrdp_mcs_recv_aurq(self) != 0) if (xrdp_mcs_recv_aurq(self) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_incoming: xrdp_mcs_recv_aurq failed"); LOG(LOG_LEVEL_ERROR, "[MCS Connection Sequence] receive attach user request failed");
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_DEBUG, "MCS Connection Sequence: send attach user confirm"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MCS Connection Sequence] send attach user confirm");
if (xrdp_mcs_send_aucf(self) != 0) if (xrdp_mcs_send_aucf(self) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_incoming: xrdp_mcs_send_aucf failed"); LOG(LOG_LEVEL_ERROR, "[MCS Connection Sequence] send attach user confirm failed");
return 1; return 1;
} }
for (index = 0; index < self->channel_list->count + 2; index++) for (index = 0; index < self->channel_list->count + 2; index++)
{ {
LOG_DEVEL(LOG_LEVEL_DEBUG, "MCS Connection Sequence: receive channel join request"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MCS Connection Sequence] receive channel join request");
if (xrdp_mcs_recv_cjrq(self) != 0) if (xrdp_mcs_recv_cjrq(self) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_incoming: xrdp_mcs_recv_cjrq failed"); LOG(LOG_LEVEL_ERROR, "[MCS Connection Sequence] receive channel join request failed");
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_DEBUG, "MCS Connection Sequence: send channel join confirm"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MCS Connection Sequence] send channel join confirm");
if (xrdp_mcs_send_cjcf(self, self->userid, if (xrdp_mcs_send_cjcf(self, self->userid,
self->userid + MCS_USERCHANNEL_BASE + index) != 0) self->userid + MCS_USERCHANNEL_BASE + index) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_mcs_incoming: xrdp_mcs_send_cjcf failed"); LOG(LOG_LEVEL_ERROR, "[MCS Connection Sequence] send channel join confirm failed");
return 1; return 1;
} }
} }
LOG_DEVEL(LOG_LEVEL_DEBUG, "MCS Connection Sequence: completed"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MCS Connection Sequence] completed");
return 0; return 0;
} }
@ -1485,7 +1440,7 @@ xrdp_mcs_disconnect(struct xrdp_mcs *self)
{ {
free_stream(s); free_stream(s);
close_rdp_socket(self); close_rdp_socket(self);
LOG(LOG_LEVEL_ERROR, "xrdp_mcs_disconnect: xrdp_iso_send failed"); LOG(LOG_LEVEL_ERROR, "Sending [ITU T.125] DisconnectProviderUltimatum failed");
return 1; return 1;
} }

16
libxrdp/xrdp_orders.c
View File

@ -83,7 +83,7 @@ xrdp_orders_reset(struct xrdp_orders *self)
{ {
if (xrdp_orders_force_send(self) != 0) if (xrdp_orders_force_send(self) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_orders_reset: xrdp_orders_force_send failed"); LOG(LOG_LEVEL_ERROR, "xrdp_orders_reset: xrdp_orders_force_send failed");
return 1; return 1;
} }
g_free(self->orders_state.text_data); g_free(self->orders_state.text_data);
@ -110,7 +110,7 @@ xrdp_orders_init(struct xrdp_orders *self)
LOG_DEVEL(LOG_LEVEL_DEBUG, "xrdp_orders_init: fastpath"); LOG_DEVEL(LOG_LEVEL_DEBUG, "xrdp_orders_init: fastpath");
if (xrdp_rdp_init_fastpath(self->rdp_layer, self->out_s) != 0) if (xrdp_rdp_init_fastpath(self->rdp_layer, self->out_s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_orders_init: xrdp_rdp_init_fastpath failed"); LOG(LOG_LEVEL_ERROR, "xrdp_orders_init: xrdp_rdp_init_fastpath failed");
return 1; return 1;
} }
self->order_count_ptr = self->out_s->p; self->order_count_ptr = self->out_s->p;
@ -121,7 +121,7 @@ xrdp_orders_init(struct xrdp_orders *self)
{ {
if (xrdp_rdp_init_data(self->rdp_layer, self->out_s) != 0) if (xrdp_rdp_init_data(self->rdp_layer, self->out_s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_orders_init: xrdp_rdp_init_data failed"); LOG(LOG_LEVEL_ERROR, "xrdp_orders_init: xrdp_rdp_init_data failed");
return 1; return 1;
} }
out_uint16_le(self->out_s, RDP_UPDATE_ORDERS); /* updateType */ out_uint16_le(self->out_s, RDP_UPDATE_ORDERS); /* updateType */
@ -161,8 +161,8 @@ xrdp_orders_send(struct xrdp_orders *self)
if (xrdp_rdp_send_fastpath(self->rdp_layer, if (xrdp_rdp_send_fastpath(self->rdp_layer,
self->out_s, 0) != 0) self->out_s, 0) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_orders_send: xrdp_rdp_send_fastpath failed"); "xrdp_orders_send: xrdp_rdp_send_fastpath failed");
rv = 1; rv = 1;
} }
} }
@ -171,8 +171,8 @@ xrdp_orders_send(struct xrdp_orders *self)
if (xrdp_rdp_send_data(self->rdp_layer, self->out_s, if (xrdp_rdp_send_data(self->rdp_layer, self->out_s,
RDP_DATA_PDU_UPDATE) != 0) RDP_DATA_PDU_UPDATE) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_orders_send: xrdp_rdp_send_data failed"); "xrdp_orders_send: xrdp_rdp_send_data failed");
rv = 1; rv = 1;
} }
} }
@ -2192,7 +2192,7 @@ xrdp_orders_send_palette(struct xrdp_orders *self, int *palette,
if (xrdp_orders_check(self, 2000) != 0) if (xrdp_orders_check(self, 2000) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_orders_send_palette: xrdp_orders_check failed"); LOG(LOG_LEVEL_ERROR, "xrdp_orders_send_palette: xrdp_orders_check failed");
return 1; return 1;
} }
self->order_count++; self->order_count++;

28
libxrdp/xrdp_orders_rail.c
View File

@ -42,8 +42,8 @@ xrdp_orders_send_window_delete(struct xrdp_orders *self, int window_id)
order_size = 11; order_size = 11;
if (xrdp_orders_check(self, order_size) != 0) if (xrdp_orders_check(self, order_size) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_orders_send_window_delete: xrdp_orders_check failed"); "xrdp_orders_send_window_delete: xrdp_orders_check failed");
return 1; return 1;
} }
self->order_count++; self->order_count++;
@ -88,8 +88,8 @@ xrdp_orders_send_window_cached_icon(struct xrdp_orders *self,
order_size = 14; order_size = 14;
if (xrdp_orders_check(self, order_size) != 0) if (xrdp_orders_check(self, order_size) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_orders_send_window_cached_icon: xrdp_orders_check failed"); "xrdp_orders_send_window_cached_icon: xrdp_orders_check failed");
return 1; return 1;
} }
self->order_count++; self->order_count++;
@ -208,8 +208,8 @@ xrdp_orders_send_window_icon(struct xrdp_orders *self,
if (xrdp_orders_check(self, order_size) != 0) if (xrdp_orders_check(self, order_size) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_orders_send_window_icon: xrdp_orders_check failed"); "xrdp_orders_send_window_icon: xrdp_orders_check failed");
return 1; return 1;
} }
self->order_count++; self->order_count++;
@ -422,8 +422,8 @@ xrdp_orders_send_window_new_update(struct xrdp_orders *self, int window_id,
if (xrdp_orders_check(self, order_size) != 0) if (xrdp_orders_check(self, order_size) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_orders_send_window_new_update: xrdp_orders_check failed"); "xrdp_orders_send_window_new_update: xrdp_orders_check failed");
return 1; return 1;
} }
self->order_count++; self->order_count++;
@ -653,8 +653,8 @@ xrdp_orders_send_notify_delete(struct xrdp_orders *self, int window_id,
order_size = 15; order_size = 15;
if (xrdp_orders_check(self, order_size) != 0) if (xrdp_orders_check(self, order_size) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_orders_send_notify_delete: xrdp_orders_check failed"); "xrdp_orders_send_notify_delete: xrdp_orders_check failed");
return 1; return 1;
} }
self->order_count++; self->order_count++;
@ -759,8 +759,8 @@ xrdp_orders_send_notify_new_update(struct xrdp_orders *self,
if (xrdp_orders_check(self, order_size) != 0) if (xrdp_orders_check(self, order_size) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_orders_send_notify_new_update: xrdp_orders_check failed"); "xrdp_orders_send_notify_new_update: xrdp_orders_check failed");
return 1; return 1;
} }
self->order_count++; self->order_count++;
@ -882,8 +882,8 @@ xrdp_orders_send_monitored_desktop(struct xrdp_orders *self,
if (xrdp_orders_check(self, order_size) != 0) if (xrdp_orders_check(self, order_size) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_orders_send_monitored_desktop: xrdp_orders_check failed"); "xrdp_orders_send_monitored_desktop: xrdp_orders_check failed");
return 1; return 1;
} }
self->order_count++; self->order_count++;

158
libxrdp/xrdp_rdp.c
View File

@ -399,7 +399,7 @@ xrdp_rdp_init(struct xrdp_rdp *self, struct stream *s)
{ {
if (xrdp_sec_init(self->sec_layer, s) != 0) if (xrdp_sec_init(self->sec_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_init: xrdp_sec_init failed"); LOG(LOG_LEVEL_ERROR, "xrdp_rdp_init: xrdp_sec_init failed");
return 1; return 1;
} }
@ -414,7 +414,7 @@ xrdp_rdp_init_data(struct xrdp_rdp *self, struct stream *s)
{ {
if (xrdp_sec_init(self->sec_layer, s) != 0) if (xrdp_sec_init(self->sec_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_init_data: xrdp_sec_init failed"); LOG(LOG_LEVEL_ERROR, "xrdp_rdp_init_data: xrdp_sec_init failed");
return 1; return 1;
} }
@ -449,7 +449,7 @@ xrdp_rdp_recv(struct xrdp_rdp *self, struct stream *s, int *code)
{ {
if (xrdp_sec_recv_fastpath(self->sec_layer, s) != 0) if (xrdp_sec_recv_fastpath(self->sec_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_recv: xrdp_sec_recv_fastpath failed"); LOG(LOG_LEVEL_ERROR, "xrdp_rdp_recv: xrdp_sec_recv_fastpath failed");
return 1; return 1;
} }
/* next_packet gets set in xrdp_sec_recv_fastpath */ /* next_packet gets set in xrdp_sec_recv_fastpath */
@ -510,13 +510,13 @@ xrdp_rdp_recv(struct xrdp_rdp *self, struct stream *s, int *code)
s->p = s->next_packet; s->p = s->next_packet;
} }
if (!s_check_rem(s, 6)) if (!s_check_rem_and_log(s, 6, "Parsing [MS-RDPBCGR] TS_SHARECONTROLHEADER"))
{ {
s->next_packet = 0; s->next_packet = 0;
*code = 0; *code = 0;
len = (int)(s->end - s->p); len = (int)(s->end - s->p);
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_recv: out code 0 (skip data) " LOG(LOG_LEVEL_ERROR, "xrdp_rdp_recv: out code 0 (skip data) "
"bad RDP packet, length [%d]", len); "bad RDP packet");
return 0; return 0;
} }
else else
@ -679,7 +679,7 @@ xrdp_rdp_init_fastpath(struct xrdp_rdp *self, struct stream *s)
{ {
if (xrdp_sec_init_fastpath(self->sec_layer, s) != 0) if (xrdp_sec_init_fastpath(self->sec_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_init_fastpath: xrdp_sec_init_fastpath failed"); LOG(LOG_LEVEL_ERROR, "xrdp_rdp_init_fastpath: xrdp_sec_init_fastpath failed");
return 1; return 1;
} }
if (self->client_info.rdp_compression) if (self->client_info.rdp_compression)
@ -765,7 +765,7 @@ xrdp_rdp_send_fastpath(struct xrdp_rdp *self, struct stream *s,
} }
} }
send_len = no_comp_len; send_len = no_comp_len;
LOG_DEVEL(LOG_LEVEL_DEBUG, "xrdp_rdp_send_fastpath: no_comp_len %d fragmentation %d", LOG_DEVEL(LOG_LEVEL_DEBUG, "xrdp_rdp_send_fastpath: no_comp_len %d, fragmentation %d",
no_comp_len, fragmentation); no_comp_len, fragmentation);
if ((compression != 0) && (no_comp_len > header_bytes + 16)) if ((compression != 0) && (no_comp_len > header_bytes + 16))
{ {
@ -790,10 +790,10 @@ xrdp_rdp_send_fastpath(struct xrdp_rdp *self, struct stream *s,
} }
else else
{ {
LOG_DEVEL(LOG_LEVEL_DEBUG, LOG(LOG_LEVEL_DEBUG,
"compress_rdp failed, sending uncompressed data. " "compress_rdp failed, sending uncompressed data. "
"type %d, flags %d", mppc_enc->protocol_type, "type %d, flags %d", mppc_enc->protocol_type,
mppc_enc->flags); mppc_enc->flags);
} }
} }
updateHeader = (updateCode & 15) | updateHeader = (updateCode & 15) |
@ -841,7 +841,7 @@ xrdp_rdp_send_data_update_sync(struct xrdp_rdp *self)
{ {
if (xrdp_rdp_init_fastpath(self, s) != 0) if (xrdp_rdp_init_fastpath(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_send_data_update_sync: xrdp_rdp_init_fastpath failed"); LOG(LOG_LEVEL_ERROR, "xrdp_rdp_send_data_update_sync: xrdp_rdp_init_fastpath failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -867,7 +867,7 @@ xrdp_rdp_send_data_update_sync(struct xrdp_rdp *self)
if (xrdp_rdp_send_fastpath(self, s, if (xrdp_rdp_send_fastpath(self, s,
FASTPATH_UPDATETYPE_SYNCHRONIZE) != 0) FASTPATH_UPDATETYPE_SYNCHRONIZE) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_send_data_update_sync: xrdp_rdp_send_fastpath failed"); LOG(LOG_LEVEL_ERROR, "Sending [MS-RDPBCGR] TS_FP_UPDATE_SYNCHRONIZE failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -880,7 +880,7 @@ xrdp_rdp_send_data_update_sync(struct xrdp_rdp *self)
RDP_UPDATE_SYNCHRONIZE); RDP_UPDATE_SYNCHRONIZE);
if (xrdp_rdp_send_data(self, s, RDP_DATA_PDU_UPDATE) != 0) if (xrdp_rdp_send_data(self, s, RDP_DATA_PDU_UPDATE) != 0)
{ {
LOG(LOG_LEVEL_ERROR, "xrdp_rdp_send_data_update_sync: xrdp_rdp_send_data failed"); LOG(LOG_LEVEL_ERROR, "Sending [MS-RDPBCGR] TS_UPDATE_SYNC failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -899,7 +899,7 @@ xrdp_rdp_incoming(struct xrdp_rdp *self)
if (xrdp_sec_incoming(self->sec_layer) != 0) if (xrdp_sec_incoming(self->sec_layer) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_incoming: xrdp_sec_incoming failed"); LOG(LOG_LEVEL_ERROR, "xrdp_rdp_incoming: xrdp_sec_incoming failed");
return 1; return 1;
} }
self->mcs_channel = self->sec_layer->mcs_layer->userid + self->mcs_channel = self->sec_layer->mcs_layer->userid +
@ -958,10 +958,8 @@ xrdp_rdp_process_data_input(struct xrdp_rdp *self, struct stream *s)
int param2; int param2;
int time; int time;
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [MS-RDPBCGR] TS_INPUT_PDU_DATA"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_le(s, num_events); in_uint16_le(s, num_events);
@ -971,10 +969,8 @@ xrdp_rdp_process_data_input(struct xrdp_rdp *self, struct stream *s)
for (index = 0; index < num_events; index++) for (index = 0; index < num_events; index++)
{ {
if (!s_check_rem(s, 12)) if (!s_check_rem_and_log(s, 12, "Parsing [MS-RDPBCGR] TS_INPUT_EVENT"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 12, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint32_le(s, time); in_uint32_le(s, time);
@ -1049,7 +1045,7 @@ xrdp_rdp_send_synchronise(struct xrdp_rdp *self)
if (xrdp_rdp_init_data(self, s) != 0) if (xrdp_rdp_init_data(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_send_synchronise: xrdp_rdp_init_data failed"); LOG(LOG_LEVEL_ERROR, "xrdp_rdp_send_synchronise: xrdp_rdp_init_data failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1062,7 +1058,7 @@ xrdp_rdp_send_synchronise(struct xrdp_rdp *self)
if (xrdp_rdp_send_data(self, s, RDP_DATA_PDU_SYNCHRONISE) != 0) if (xrdp_rdp_send_data(self, s, RDP_DATA_PDU_SYNCHRONISE) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_send_synchronise: xrdp_rdp_send_data failed"); LOG(LOG_LEVEL_ERROR, "Sending [MS-RDPBCGR] TS_SYNCHRONIZE_PDU failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1083,7 +1079,7 @@ xrdp_rdp_send_control(struct xrdp_rdp *self, int action)
if (xrdp_rdp_init_data(self, s) != 0) if (xrdp_rdp_init_data(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_send_control: xrdp_rdp_init_data failed"); LOG(LOG_LEVEL_ERROR, "xrdp_rdp_send_control: xrdp_rdp_init_data failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1097,7 +1093,7 @@ xrdp_rdp_send_control(struct xrdp_rdp *self, int action)
if (xrdp_rdp_send_data(self, s, RDP_DATA_PDU_CONTROL) != 0) if (xrdp_rdp_send_data(self, s, RDP_DATA_PDU_CONTROL) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_send_control: xrdp_rdp_send_data failed"); LOG(LOG_LEVEL_ERROR, "Sending [MS-RDPBCGR] TS_CONTROL_PDU failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1162,10 +1158,8 @@ xrdp_rdp_process_screen_update(struct xrdp_rdp *self, struct stream *s)
int cx; int cx;
int cy; int cy;
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [MS-RDPBCGR] TS_REFRESH_RECT_PDU"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8(s, num_rects); in_uint8(s, num_rects);
@ -1174,10 +1168,8 @@ xrdp_rdp_process_screen_update(struct xrdp_rdp *self, struct stream *s)
"numberOfAreas %d", num_rects); "numberOfAreas %d", num_rects);
for (index = 0; index < num_rects; index++) for (index = 0; index < num_rects; index++)
{ {
if (!s_check_rem(s, 8)) if (!s_check_rem_and_log(s, 8, "Parsing [MS-RDPBCGR] TS_RECTANGLE16"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 8, remaining %d", s_rem(s));
return 1; return 1;
} }
/* Inclusive Rectangle (TS_RECTANGLE16) */ /* Inclusive Rectangle (TS_RECTANGLE16) */
@ -1186,7 +1178,7 @@ xrdp_rdp_process_screen_update(struct xrdp_rdp *self, struct stream *s)
in_uint16_le(s, right); in_uint16_le(s, right);
in_uint16_le(s, bottom); in_uint16_le(s, bottom);
LOG_DEVEL(LOG_LEVEL_TRACE, "With field [MS-RDPBCGR] TS_RECTANGLE16 " LOG_DEVEL(LOG_LEVEL_TRACE, "With field [MS-RDPBCGR] TS_RECTANGLE16 "
"left %d top %d right %d bottom %d", "left %d, top %d, right %d, bottom %d",
left, top, right, bottom); left, top, right, bottom);
cx = (right - left) + 1; cx = (right - left) + 1;
cy = (bottom - top) + 1; cy = (bottom - top) + 1;
@ -1216,8 +1208,8 @@ xrdp_rdp_send_fontmap(struct xrdp_rdp *self)
if (xrdp_rdp_init_data(self, s) != 0) if (xrdp_rdp_init_data(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_rdp_send_fontmap: xrdp_rdp_init_data failed"); "xrdp_rdp_send_fontmap: xrdp_rdp_init_data failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1233,8 +1225,8 @@ xrdp_rdp_send_fontmap(struct xrdp_rdp *self)
if (xrdp_rdp_send_data(self, s, 0x28) != 0) if (xrdp_rdp_send_data(self, s, 0x28) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_rdp_send_data: xrdp_rdp_init_data failed"); "Sending [MS-RDPBCGR] TS_FONT_MAP_PDU failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1250,6 +1242,11 @@ xrdp_rdp_process_data_font(struct xrdp_rdp *self, struct stream *s)
{ {
int seq; int seq;
if (!s_check_rem_and_log(s, 6, "Parsing [MS-RDPBCGR] TS_FONT_LIST_PDU"))
{
return 1;
}
in_uint8s(s, 2); /* NumberFonts: 0x0, SHOULD be set to 0 */ in_uint8s(s, 2); /* NumberFonts: 0x0, SHOULD be set to 0 */
in_uint8s(s, 2); /* TotalNumberFonts: 0x0, SHOULD be set to 0 */ in_uint8s(s, 2); /* TotalNumberFonts: 0x0, SHOULD be set to 0 */
in_uint16_le(s, seq); /* ListFlags */ in_uint16_le(s, seq); /* ListFlags */
@ -1294,8 +1291,8 @@ xrdp_rdp_send_disconnect_query_response(struct xrdp_rdp *self)
if (xrdp_rdp_init_data(self, s) != 0) if (xrdp_rdp_init_data(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_rdp_send_disconnect_query_response: xrdp_rdp_init_data failed"); "xrdp_rdp_send_disconnect_query_response: xrdp_rdp_init_data failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1305,8 +1302,8 @@ xrdp_rdp_send_disconnect_query_response(struct xrdp_rdp *self)
if (xrdp_rdp_send_data(self, s, PDUTYPE2_SHUTDOWN_DENIED) != 0) if (xrdp_rdp_send_data(self, s, PDUTYPE2_SHUTDOWN_DENIED) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_rdp_send_disconnect_query_response: xrdp_rdp_send_data failed"); "Sending [MS-RDPBCGR] TS_SHUTDOWN_DENIED_PDU failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1328,8 +1325,8 @@ xrdp_rdp_send_disconnect_reason(struct xrdp_rdp *self, int reason)
if (xrdp_rdp_init_data(self, s) != 0) if (xrdp_rdp_init_data(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_rdp_send_disconnect_reason: xrdp_rdp_init_data failed"); "xrdp_rdp_send_disconnect_reason: xrdp_rdp_init_data failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1341,8 +1338,8 @@ xrdp_rdp_send_disconnect_reason(struct xrdp_rdp *self, int reason)
if (xrdp_rdp_send_data(self, s, RDP_DATA_PDU_DISCONNECT) != 0) if (xrdp_rdp_send_data(self, s, RDP_DATA_PDU_DISCONNECT) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_rdp_send_disconnect_reason: xrdp_rdp_send_data failed"); "Sending [MS-RDPBCGR] TS_SET_ERROR_INFO_PDU failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1359,6 +1356,10 @@ xrdp_rdp_process_frame_ack(struct xrdp_rdp *self, struct stream *s)
{ {
int frame_id; int frame_id;
if (!s_check_rem_and_log(s, 4, "Parsing [MS-RDPRFX] TS_FRAME_ACKNOWLEDGE_PDU"))
{
return 1;
}
in_uint32_le(s, frame_id); in_uint32_le(s, frame_id);
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPRFX] TS_FRAME_ACKNOWLEDGE_PDU " LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPRFX] TS_FRAME_ACKNOWLEDGE_PDU "
"frameID %d", frame_id); "frameID %d", frame_id);
@ -1387,10 +1388,8 @@ xrdp_rdp_process_suppress(struct xrdp_rdp *self, struct stream *s)
int right; int right;
int bottom; int bottom;
if (!s_check_rem(s, 1)) if (!s_check_rem_and_log(s, 1, "Parsing [MS-RDPBCGR] TS_SUPPRESS_OUTPUT_PDU"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 1, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8(s, allowDisplayUpdates); in_uint8(s, allowDisplayUpdates);
@ -1415,10 +1414,8 @@ xrdp_rdp_process_suppress(struct xrdp_rdp *self, struct stream *s)
case 1: /* ALLOW_DISPLAY_UPDATES */ case 1: /* ALLOW_DISPLAY_UPDATES */
self->client_info.suppress_output = 0; self->client_info.suppress_output = 0;
LOG_DEVEL(LOG_LEVEL_DEBUG, "Client requested display output to be enabled"); LOG_DEVEL(LOG_LEVEL_DEBUG, "Client requested display output to be enabled");
if (!s_check_rem(s, 11)) if (!s_check_rem_and_log(s, 11, "Parsing [MS-RDPBCGR] Padding and TS_RECTANGLE16"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 11, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 3); /* pad */ in_uint8s(s, 3); /* pad */
@ -1455,10 +1452,8 @@ xrdp_rdp_process_data(struct xrdp_rdp *self, struct stream *s)
int compressedType; int compressedType;
int compressedLength; int compressedLength;
if (!s_check_rem(s, 12)) if (!s_check_rem_and_log(s, 12, "Parsing [MS-RDPBCGR] TS_SHAREDATAHEADER"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 12, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 6); /* shareID (4 bytes), padding (1 byte), streamID (1 byte) */ in_uint8s(s, 6); /* shareID (4 bytes), padding (1 byte), streamID (1 byte) */
@ -1466,6 +1461,11 @@ xrdp_rdp_process_data(struct xrdp_rdp *self, struct stream *s)
in_uint8(s, pduType2); in_uint8(s, pduType2);
in_uint8(s, compressedType); in_uint8(s, compressedType);
in_uint16_le(s, compressedLength); in_uint16_le(s, compressedLength);
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_SHAREDATAHEADER "
"shareID (ignored), streamID (ignored), uncompressedLength %d, "
"pduType2 0x%2.2x, compressedType 0x%2.2x, compressedLength %d",
uncompressedLength, pduType2, compressedType, compressedLength);
if (compressedType != 0) if (compressedType != 0)
{ {
/* don't support compression */ /* don't support compression */
@ -1476,15 +1476,11 @@ xrdp_rdp_process_data(struct xrdp_rdp *self, struct stream *s)
} }
if (compressedLength > uncompressedLength) if (compressedLength > uncompressedLength)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "The compressed length %d is larger than " LOG(LOG_LEVEL_ERROR, "The compressed length %d is larger than "
"the uncompressed length %d, failing the processing of this " "the uncompressed length %d, failing the processing of this "
"PDU", compressedLength, uncompressedLength); "PDU", compressedLength, uncompressedLength);
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_SHAREDATAHEADER "
"shareID (ignored), streamID (ignored), uncompressedLength %d, "
"pduType2 0x%2.2x, compressedType 0x%2.2x, compressedLength %d",
uncompressedLength, pduType2, compressedType, compressedLength);
switch (pduType2) switch (pduType2)
{ {
@ -1520,7 +1516,9 @@ xrdp_rdp_process_data(struct xrdp_rdp *self, struct stream *s)
xrdp_rdp_process_frame_ack(self, s); xrdp_rdp_process_frame_ack(self, s);
break; break;
default: default:
LOG_DEVEL(LOG_LEVEL_WARNING, "unknown pduType2 %d (ignoring)", pduType2); LOG(LOG_LEVEL_WARNING,
"Received unknown [MS-RDPBCGR] TS_SHAREDATAHEADER pduType2 %d (ignoring)",
pduType2);
break; break;
} }
return 0; return 0;
@ -1529,12 +1527,7 @@ xrdp_rdp_process_data(struct xrdp_rdp *self, struct stream *s)
int int
xrdp_rdp_disconnect(struct xrdp_rdp *self) xrdp_rdp_disconnect(struct xrdp_rdp *self)
{ {
int rv; return xrdp_sec_disconnect(self->sec_layer);
LOG_DEVEL(LOG_LEVEL_TRACE, "in xrdp_rdp_disconnect");
rv = xrdp_sec_disconnect(self->sec_layer);
LOG_DEVEL(LOG_LEVEL_TRACE, "out xrdp_rdp_disconnect");
return rv;
} }
/*****************************************************************************/ /*****************************************************************************/
@ -1543,28 +1536,30 @@ xrdp_rdp_send_deactivate(struct xrdp_rdp *self)
{ {
struct stream *s; struct stream *s;
LOG_DEVEL(LOG_LEVEL_TRACE, "in xrdp_rdp_send_deactivate");
make_stream(s); make_stream(s);
init_stream(s, 8192); init_stream(s, 8192);
if (xrdp_rdp_init(self, s) != 0) if (xrdp_rdp_init(self, s) != 0)
{ {
free_stream(s); free_stream(s);
LOG(LOG_LEVEL_ERROR, "out xrdp_rdp_send_deactivate error"); LOG(LOG_LEVEL_ERROR, "xrdp_rdp_send_deactivate: xrdp_rdp_init failed");
return 1; return 1;
} }
/* TODO: why are all the fields missing from the TS_DEACTIVATE_ALL_PDU? */
s_mark_end(s); s_mark_end(s);
LOG_DEVEL(LOG_LEVEL_TRACE, "Sending [MS-RDPBCGR] TS_DEACTIVATE_ALL_PDU "
"shareID <not set>, lengthSourceDescriptor <not set>, "
"sourceDescriptor <not set>");
if (xrdp_rdp_send(self, s, PDUTYPE_DEACTIVATEALLPDU) != 0) if (xrdp_rdp_send(self, s, PDUTYPE_DEACTIVATEALLPDU) != 0)
{ {
free_stream(s); free_stream(s);
LOG(LOG_LEVEL_ERROR, "out xrdp_rdp_send_deactivate error"); LOG(LOG_LEVEL_ERROR, "Sending [MS-RDPBCGR] TS_DEACTIVATE_ALL_PDU failed");
return 1; return 1;
} }
free_stream(s); free_stream(s);
LOG_DEVEL(LOG_LEVEL_TRACE, "out xrdp_rdp_send_deactivate");
return 0; return 0;
} }
@ -1586,12 +1581,12 @@ xrdp_rdp_send_session_info(struct xrdp_rdp *self, const char *data,
if (data == NULL) if (data == NULL)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "data must not be null"); LOG(LOG_LEVEL_ERROR, "data must not be null");
return 1; return 1;
} }
if (data_bytes < 4) if (data_bytes < 4)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "data_bytes must greater than or equal to 4"); LOG(LOG_LEVEL_ERROR, "data_bytes must greater than or equal to 4");
return 1; return 1;
} }
@ -1600,31 +1595,26 @@ xrdp_rdp_send_session_info(struct xrdp_rdp *self, const char *data,
if (xrdp_rdp_init_data(self, s) != 0) if (xrdp_rdp_init_data(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_send_session_info: xrdp_rdp_init_data failed"); LOG(LOG_LEVEL_ERROR, "xrdp_rdp_send_session_info: xrdp_rdp_init_data failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
if (s_check_rem_out(s, data_bytes)) if (!s_check_rem_out_and_log(s, data_bytes, "Sending [MS-RDPBCGR] TS_SAVE_SESSION_INFO_PDU_DATA"))
{ {
out_uint8a(s, data, data_bytes);
}
else
{
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough space in the stream "
"len %d, remaining %d", data_bytes, s_rem_out(s));
free_stream(s); free_stream(s);
return 1; return 1;
} }
out_uint8a(s, data, data_bytes);
s_mark_end(s); s_mark_end(s);
LOG_DEVEL(LOG_LEVEL_TRACE, "Sending [MS-RDPBCGR] TS_SAVE_SESSION_INFO_PDU_DATA " LOG_DEVEL(LOG_LEVEL_TRACE, "Sending [MS-RDPBCGR] TS_SAVE_SESSION_INFO_PDU_DATA "
"infoType 0x%8.8x", "infoType 0x%8.8x, infoData <omitted from log>",
*((unsigned int *) data)); *((unsigned int *) data));
if (xrdp_rdp_send_data(self, s, RDP_DATA_PDU_LOGON) != 0) if (xrdp_rdp_send_data(self, s, RDP_DATA_PDU_LOGON) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_rdp_send_session_info: xrdp_rdp_send_data failed"); LOG(LOG_LEVEL_ERROR, "Sending [MS-RDPBCGR] TS_SAVE_SESSION_INFO_PDU_DATA failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }

452
libxrdp/xrdp_sec.c
View File

@ -45,30 +45,94 @@ static tui8 g_pad_92[48] =
92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92
}; };
/* TODO: this appears to be a MS-RDPBCGR 2.2.1.12 LICENSE_VALID_CLIENT_DATA
with the security header included */ /*****************************************************************************/
/* Licensing request v2 PDU
*
* [MS-RDPBCGR] TS_SECURITY_HEADER - Basic
* [MS-RDPELE] SERVER_LICENSE_REQUEST with PREAMBLE_VERSION_2_0
*/
/* some compilers need unsigned char to avoid warnings */ /* some compilers need unsigned char to avoid warnings */
static tui8 g_lic1[322] = static tui8 g_lic1[322] =
{ {
/* [MS-RDPBCGR] TS_SECURITY_HEADER - Basic
* flags (2) = 0x0080 (SEC_LICENSE_PKT)
* flagsHi (2) = unused (arbitrary data)
* [MS-RDPBCGR] LICENSE_PREAMBLE
* bMsgType (1) = 0x01 (LICENSE_REQUEST)
* flags (1) = 0x02 (PREAMBLE_VERSION_2_0)
* wMsgSize (2) = 318 (excludes the 4 bytes TS_SECURITY_HEADER Basic)
*/
0x80, 0x00, 0x3e, 0x01, 0x01, 0x02, 0x3e, 0x01, 0x80, 0x00, 0x3e, 0x01, 0x01, 0x02, 0x3e, 0x01,
/* [MS-RDPELE] SERVER_LICENSE_REQUEST
* ServerRandom (32) = <see hex below>
*/
0x7b, 0x3c, 0x31, 0xa6, 0xae, 0xe8, 0x74, 0xf6, 0x7b, 0x3c, 0x31, 0xa6, 0xae, 0xe8, 0x74, 0xf6,
0xb4, 0xa5, 0x03, 0x90, 0xe7, 0xc2, 0xc7, 0x39, 0xb4, 0xa5, 0x03, 0x90, 0xe7, 0xc2, 0xc7, 0x39,
0xba, 0x53, 0x1c, 0x30, 0x54, 0x6e, 0x90, 0x05, 0xba, 0x53, 0x1c, 0x30, 0x54, 0x6e, 0x90, 0x05,
0xd0, 0x05, 0xce, 0x44, 0x18, 0x91, 0x83, 0x81, 0xd0, 0x05, 0xce, 0x44, 0x18, 0x91, 0x83, 0x81,
/* [MS-RDPELE] SERVER_LICENSE_REQUEST - ProductInfo
* [MS-RDPELE] PRODUCT_INFO
* dwVersion (4) = 0x00040000
* cbCompanyName (4) = 0x0000002c (44)
*/
0x00, 0x00, 0x04, 0x00, 0x2c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x2c, 0x00, 0x00, 0x00,
/*
* pbCompanyName (44) = UTF-16("Microsoft Corporation")
* cbProductId (4) = 0x00000008 (8)
*/
0x4d, 0x00, 0x69, 0x00, 0x63, 0x00, 0x72, 0x00, 0x4d, 0x00, 0x69, 0x00, 0x63, 0x00, 0x72, 0x00,
0x6f, 0x00, 0x73, 0x00, 0x6f, 0x00, 0x66, 0x00, 0x6f, 0x00, 0x73, 0x00, 0x6f, 0x00, 0x66, 0x00,
0x74, 0x00, 0x20, 0x00, 0x43, 0x00, 0x6f, 0x00, 0x74, 0x00, 0x20, 0x00, 0x43, 0x00, 0x6f, 0x00,
0x72, 0x00, 0x70, 0x00, 0x6f, 0x00, 0x72, 0x00, 0x72, 0x00, 0x70, 0x00, 0x6f, 0x00, 0x72, 0x00,
0x61, 0x00, 0x74, 0x00, 0x69, 0x00, 0x6f, 0x00, 0x61, 0x00, 0x74, 0x00, 0x69, 0x00, 0x6f, 0x00,
0x6e, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x6e, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00,
/*
* pbProductId (8) = UTF-16("236")
*/
0x32, 0x00, 0x33, 0x00, 0x36, 0x00, 0x00, 0x00, 0x32, 0x00, 0x33, 0x00, 0x36, 0x00, 0x00, 0x00,
/* [MS-RDPELE] SERVER_LICENSE_REQUEST - KeyExchangeList
* [MS-RDPBCGR] LICENSE_BINARY_BLOB
* wBlobType (2) = 0x000d (BB_KEY_EXCHG_ALG_BLOB)
* wBlobLen (2) = 0x0004 (4)
* blobData (4) = 0x00000001 (KEY_EXCHANGE_ALG_RSA)
*/
0x0d, 0x00, 0x04, 0x00, 0x01, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x04, 0x00, 0x01, 0x00, 0x00, 0x00,
/* [MS-RDPELE] SERVER_LICENSE_REQUEST - ServerCertificate
* [MS-RDPBCGR] LICENSE_BINARY_BLOB
* wBlobType (2) = BB_CERTIFICATE_BLOB (0x0003)
* wBlobLen (2) = 0x00b8 (184)
* blobData = <SERVER_CERTIFICATE>
*
* [MS-RDPBCGR] SERVER_CERTIFICATE
* dwVersion (31 bits) = 0x00000001 (CERT_CHAIN_VERSION_1)
* t (1 bit) = 0 (temporary certificate)
*/
0x03, 0x00, 0xb8, 0x00, 0x01, 0x00, 0x00, 0x00, 0x03, 0x00, 0xb8, 0x00, 0x01, 0x00, 0x00, 0x00,
/*
* certData = <PROPRIETARYSERVERCERTIFICATE>
*
* [MS-RDPBCGR] PROPRIETARYSERVERCERTIFICATE
* dwSigAlgId (4) = 0x00000001 (SIGNATURE_ALG_RSA)
* dwKeyAlgId (4) = 0x00000001 (KEY_EXCHANGE_ALG_RSA)
* wPublicKeyBlobType (2) = 0x0006 (BB_RSA_KEY_BLOB)
* wPublicKeyBlobLen (2) = 0x005c (92)
* PublicKeyBlob = <RSA_PUBLIC_KEY>
*
* [MS-RDPBCGR] RSA_PUBLIC_KEY
* magic (4) = 0x31415352
* keylen (4) = 0x00000048 (72)
* bitlen (4) = 0x00000200 (512)
* datalen (4) = 0x0000003f (63)
* pubExp (4) = 0x00010001 (65537)
*/
0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x06, 0x00, 0x5c, 0x00, 0x52, 0x53, 0x41, 0x31, 0x06, 0x00, 0x5c, 0x00, 0x52, 0x53, 0x41, 0x31,
0x48, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x48, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00,
0x3f, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x3f, 0x00, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00,
/*
* modulus (72) = <see hex below>
*/
0x01, 0xc7, 0xc9, 0xf7, 0x8e, 0x5a, 0x38, 0xe4, 0x01, 0xc7, 0xc9, 0xf7, 0x8e, 0x5a, 0x38, 0xe4,
0x29, 0xc3, 0x00, 0x95, 0x2d, 0xdd, 0x4c, 0x3e, 0x29, 0xc3, 0x00, 0x95, 0x2d, 0xdd, 0x4c, 0x3e,
0x50, 0x45, 0x0b, 0x0d, 0x9e, 0x2a, 0x5d, 0x18, 0x50, 0x45, 0x0b, 0x0d, 0x9e, 0x2a, 0x5d, 0x18,
@ -78,6 +142,14 @@ static tui8 g_lic1[322] =
0xc8, 0xc7, 0xb4, 0xa8, 0x47, 0xc8, 0x50, 0x71, 0xc8, 0xc7, 0xb4, 0xa8, 0x47, 0xc8, 0x50, 0x71,
0x74, 0x29, 0x53, 0x89, 0x6d, 0x9c, 0xed, 0x70, 0x74, 0x29, 0x53, 0x89, 0x6d, 0x9c, 0xed, 0x70,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
/* [MS-RDPELE] SERVER_LICENSE_REQUEST - ServerCertificate
* [MS-RDPBCGR] LICENSE_BINARY_BLOB - blobData
* [MS-RDPBCGR] SERVER_CERTIFICATE - certData
* [MS-RDPBCGR] PROPRIETARYSERVERCERTIFICATE
* wSignatureBlobType (2) = 0x0008 (BB_RSA_SIGNATURE_BLOB)
* wSignatureBlobLen (2) = 0x0048 (72)
* SignatureBlob (72) = <see hex below, calculated using [MS-RDPBCGR] 5.3.3.1.2>
*/
0x08, 0x00, 0x48, 0x00, 0xa8, 0xf4, 0x31, 0xb9, 0x08, 0x00, 0x48, 0x00, 0xa8, 0xf4, 0x31, 0xb9,
0xab, 0x4b, 0xe6, 0xb4, 0xf4, 0x39, 0x89, 0xd6, 0xab, 0x4b, 0xe6, 0xb4, 0xf4, 0x39, 0x89, 0xd6,
0xb1, 0xda, 0xf6, 0x1e, 0xec, 0xb1, 0xf0, 0x54, 0xb1, 0xda, 0xf6, 0x1e, 0xec, 0xb1, 0xf0, 0x54,
@ -87,26 +159,90 @@ static tui8 g_lic1[322] =
0xcb, 0x11, 0xc3, 0xf2, 0xdb, 0x09, 0x42, 0x68, 0xcb, 0x11, 0xc3, 0xf2, 0xdb, 0x09, 0x42, 0x68,
0x29, 0x56, 0x58, 0x01, 0x56, 0xdb, 0x59, 0x03, 0x29, 0x56, 0x58, 0x01, 0x56, 0xdb, 0x59, 0x03,
0x69, 0xdb, 0x7d, 0x37, 0x00, 0x00, 0x00, 0x00, 0x69, 0xdb, 0x7d, 0x37, 0x00, 0x00, 0x00, 0x00,
/* <last 4 bytes of SignatureBlob>
*
* [MS-RDPELE] SERVER_LICENSE_REQUEST - ScopeList
* [MS-RDPELE] SCOPE_LIST
* ScopeCount (4) = 0x00000001 (1)
* ScopeArray = <LICENSE_BINARY_BLOB>
*
* [MS-RDPBCGR] LICENSE_BINARY_BLOB
* wBlobType (2) = 0x000e (BB_SCOPE_BLOB)
* wBlobLen (2) = 0x000e (14)
* blobData (14) = ISO-8859-1("microsoft.com")
*/
0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x0e, 0x00, 0x0e, 0x00, 0x6d, 0x69, 0x63, 0x72, 0x0e, 0x00, 0x0e, 0x00, 0x6d, 0x69, 0x63, 0x72,
0x6f, 0x73, 0x6f, 0x66, 0x74, 0x2e, 0x63, 0x6f, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x2e, 0x63, 0x6f,
0x6d, 0x00 0x6d, 0x00
}; };
/*****************************************************************************/
/* Licensing success response v2 PDU
*
* [MS-RDPBCGR] TS_SECURITY_HEADER - Basic
* [MS-RDPELE] LICENSE_ERROR_MESSAGE with STATUS_VALID_CLIENT
*/
/* some compilers need unsigned char to avoid warnings */ /* some compilers need unsigned char to avoid warnings */
static tui8 g_lic2[20] = static tui8 g_lic2[20] =
{ {
/* [MS-RDPBCGR] TS_SECURITY_HEADER - Basic
* flags (2) = 0x0080 (SEC_LICENSE_PKT)
* flagsHi (2) = unused (arbitrary data)
* [MS-RDPBCGR] LICENSE_PREAMBLE
* bMsgType (1) = 0xff (ERROR_ALERT)
* flags (1) = 0x02 (PREAMBLE_VERSION_2_0)
* wMsgSize (2) = 0x10 (16, excludes the 4 bytes TS_SECURITY_HEADER Basic)
*/
0x80, 0x00, 0x10, 0x00, 0xff, 0x02, 0x10, 0x00, 0x80, 0x00, 0x10, 0x00, 0xff, 0x02, 0x10, 0x00,
/*
* [MS-RDPBCGR] LICENSE_ERROR_MESSAGE
* dwErrorCode (4) = 0x00000007 (STATUS_VALID_CLIENT)
* dwStateTransition (4) = 0x00000002 (ST_NO_TRANSITION)
* bbErrorInfo = <LICENSE_BINARY_BLOB>
*/
0x07, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
/*
* [MS-RDPBCGR] LICENSE_BINARY_BLOB
* wBlobType (2) = 0x1428 <ignored by client> (should be 0x0004 BB_ERROR_BLOB)
* wBlobLen (2) = 0x0000 (0)
*/
0x28, 0x14, 0x00, 0x00 0x28, 0x14, 0x00, 0x00
}; };
/* mce */ /*****************************************************************************/
/* Licensing success response v3 PDU
*
* [MS-RDPBCGR] TS_SECURITY_HEADER - Basic
* [MS-RDPELE] LICENSE_ERROR_MESSAGE with STATUS_VALID_CLIENT
*
* used for Media Center Edition
*/
/* some compilers need unsigned char to avoid warnings */ /* some compilers need unsigned char to avoid warnings */
static tui8 g_lic3[20] = static tui8 g_lic3[20] =
{ {
/* S */
/* [MS-RDPBCGR] TS_SECURITY_HEADER - Basic
* flags (2) = 0x0280 (SEC_LICENSE_PKT | SEC_LICENSE_ENCRYPT_CS)
* flagsHi (2) = unused (arbitrary data)
* [MS-RDPBCGR] LICENSE_PREAMBLE
* bMsgType (1) = 0xff (ERROR_ALERT)
* flags (1) = 0x03 (PREAMBLE_VERSION_3_0)
* wMsgSize (2) = 0x0010 (16, excludes the 4 bytes TS_SECURITY_HEADER Basic)
*/
0x80, 0x02, 0x10, 0x00, 0xff, 0x03, 0x10, 0x00, 0x80, 0x02, 0x10, 0x00, 0xff, 0x03, 0x10, 0x00,
/*
* [MS-RDPBCGR] LICENSE_ERROR_MESSAGE
* dwErrorCode (4) = 0x00000007 (STATUS_VALID_CLIENT)
* dwStateTransition (4) = 0x00000002 (ST_NO_TRANSITION)
* bbErrorInfo = <LICENSE_BINARY_BLOB>
*/
0x07, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
/*
* [MS-RDPBCGR] LICENSE_BINARY_BLOB
* wBlobType (2) = 0x99f3 <ignored by client> (should be 0x0004 BB_ERROR_BLOB)
* wBlobLen (2) = 0x0000 (0)
*/
0xf3, 0x99, 0x00, 0x00 0xf3, 0x99, 0x00, 0x00
}; };
@ -487,7 +623,7 @@ xrdp_sec_init(struct xrdp_sec *self, struct stream *s)
{ {
if (xrdp_mcs_init(self->mcs_layer, s) != 0) if (xrdp_mcs_init(self->mcs_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_init: xrdp_mcs_init failed"); LOG(LOG_LEVEL_ERROR, "xrdp_sec_init: xrdp_mcs_init failed");
return 1; return 1;
} }
@ -614,6 +750,7 @@ xrdp_sec_encrypt(struct xrdp_sec *self, char *data, int len)
/***************************************************************************** /*****************************************************************************
* convert utf-16 encoded string from stream into utf-8 string. * convert utf-16 encoded string from stream into utf-8 string.
* note: src_bytes doesn't include the null-terminator char. * note: src_bytes doesn't include the null-terminator char.
* Copied From: xrdp_sec.c
*/ */
static int static int
unicode_utf16_in(struct stream *s, int src_bytes, char *dst, int dst_len) unicode_utf16_in(struct stream *s, int src_bytes, char *dst, int dst_len)
@ -626,10 +763,8 @@ unicode_utf16_in(struct stream *s, int src_bytes, char *dst, int dst_len)
LOG_DEVEL(LOG_LEVEL_TRACE, "unicode_utf16_in: uni_len %d, dst_len %d", src_bytes, dst_len); LOG_DEVEL(LOG_LEVEL_TRACE, "unicode_utf16_in: uni_len %d, dst_len %d", src_bytes, dst_len);
if (src_bytes == 0) if (src_bytes == 0)
{ {
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing UTF-16"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_TRACE, "unicode_utf16_in: num_chars 0, dst '' (empty string)"); LOG_DEVEL(LOG_LEVEL_TRACE, "unicode_utf16_in: num_chars 0, dst '' (empty string)");
@ -641,10 +776,8 @@ unicode_utf16_in(struct stream *s, int src_bytes, char *dst, int dst_len)
src = g_new0(twchar, bytes); src = g_new0(twchar, bytes);
for (i = 0; i < bytes / 2; ++i) for (i = 0; i < bytes / 2; ++i)
{ {
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing UTF-16"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 2, remaining %d", s_rem(s));
g_free(src); g_free(src);
return 1; return 1;
} }
@ -680,10 +813,8 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
/* initialize (zero out) local variables */ /* initialize (zero out) local variables */
g_memset(tmpdata, 0, sizeof(char) * 256); g_memset(tmpdata, 0, sizeof(char) * 256);
if (!s_check_rem(s, 8)) if (!s_check_rem_and_log(s, 8, "Parsing [MS-RDPBCGR] TS_INFO_PACKET"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 8, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 4); in_uint8s(s, 4);
@ -701,7 +832,7 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
if (flags & RDP_LOGON_LEAVE_AUDIO) if (flags & RDP_LOGON_LEAVE_AUDIO)
{ {
self->rdp_layer->client_info.sound_code = 1; self->rdp_layer->client_info.sound_code = 1;
LOG_DEVEL(LOG_LEVEL_DEBUG, "TS_INFO_PACKET flag INFO_REMOTECONSOLEAUDIO found"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MS-RDPBCGR] TS_INFO_PACKET flag INFO_REMOTECONSOLEAUDIO found");
LOG(LOG_LEVEL_DEBUG, LOG(LOG_LEVEL_DEBUG,
"Client requested that audio on the server be played on the server."); "Client requested that audio on the server be played on the server.");
} }
@ -709,14 +840,14 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
if (flags & RDP_LOGON_RAIL) if (flags & RDP_LOGON_RAIL)
{ {
self->rdp_layer->client_info.rail_enable = 1; self->rdp_layer->client_info.rail_enable = 1;
LOG_DEVEL(LOG_LEVEL_DEBUG, "TS_INFO_PACKET flag INFO_RAIL found"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MS-RDPBCGR] TS_INFO_PACKET flag INFO_RAIL found");
LOG(LOG_LEVEL_DEBUG, LOG(LOG_LEVEL_DEBUG,
"Client requested Remote Application Integrated Locally (RAIL)."); "Client requested Remote Application Integrated Locally (RAIL).");
} }
if (flags & RDP_LOGON_AUTO) if (flags & RDP_LOGON_AUTO)
{ {
LOG_DEVEL(LOG_LEVEL_DEBUG, "TS_INFO_PACKET flag INFO_AUTOLOGON found"); LOG_DEVEL(LOG_LEVEL_DEBUG, "[MS-RDPBCGR] TS_INFO_PACKET flag INFO_AUTOLOGON found");
/* todo, for now not allowing autologon and mce both */ /* todo, for now not allowing autologon and mce both */
if (!self->rdp_layer->client_info.is_mce) if (!self->rdp_layer->client_info.is_mce)
{ {
@ -731,7 +862,7 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
if (flags & RDP_COMPRESSION) if (flags & RDP_COMPRESSION)
{ {
LOG_DEVEL(LOG_LEVEL_DEBUG, "TS_INFO_PACKET flag INFO_COMPRESSION found, " LOG_DEVEL(LOG_LEVEL_DEBUG, "[MS-RDPBCGR] TS_INFO_PACKET flag INFO_COMPRESSION found, "
"CompressionType 0x%1.1x", (flags & 0x00001E00) >> 9); "CompressionType 0x%1.1x", (flags & 0x00001E00) >> 9);
/* TODO: check the client's supported compression type vs the server /* TODO: check the client's supported compression type vs the server
compression used */ compression used */
@ -748,10 +879,8 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
} }
} }
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPBCGR] TS_INFO_PACKET cbDomain"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_le(s, len_domain); in_uint16_le(s, len_domain);
@ -764,10 +893,8 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
return 1; return 1;
} }
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPBCGR] TS_INFO_PACKET cbUserName"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_le(s, len_user); in_uint16_le(s, len_user);
@ -791,10 +918,8 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
return 1; return 1;
} }
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPBCGR] TS_INFO_PACKET cbPassword"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_le(s, len_password); in_uint16_le(s, len_password);
@ -807,10 +932,8 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
return 1; return 1;
} }
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPBCGR] TS_INFO_PACKET cbAlternateShell"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_le(s, len_program); in_uint16_le(s, len_program);
@ -823,10 +946,8 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
return 1; return 1;
} }
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPBCGR] TS_INFO_PACKET cbWorkingDir"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_le(s, len_directory); in_uint16_le(s, len_directory);
@ -841,13 +962,13 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
if (unicode_utf16_in(s, len_domain, self->rdp_layer->client_info.domain, sizeof(self->rdp_layer->client_info.domain) - 1) != 0) if (unicode_utf16_in(s, len_domain, self->rdp_layer->client_info.domain, sizeof(self->rdp_layer->client_info.domain) - 1) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "ERROR reading domain"); LOG(LOG_LEVEL_ERROR, "ERROR reading domain");
return 1; return 1;
} }
if (unicode_utf16_in(s, len_user, self->rdp_layer->client_info.username, sizeof(self->rdp_layer->client_info.username) - 1) != 0) if (unicode_utf16_in(s, len_user, self->rdp_layer->client_info.username, sizeof(self->rdp_layer->client_info.username) - 1) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "ERROR reading user name"); LOG(LOG_LEVEL_ERROR, "ERROR reading user name");
return 1; return 1;
} }
@ -855,7 +976,7 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
{ {
if (unicode_utf16_in(s, len_password, self->rdp_layer->client_info.password, sizeof(self->rdp_layer->client_info.password) - 1) != 0) if (unicode_utf16_in(s, len_password, self->rdp_layer->client_info.password, sizeof(self->rdp_layer->client_info.password) - 1) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "ERROR reading password"); LOG(LOG_LEVEL_ERROR, "ERROR reading password");
return 1; return 1;
} }
} }
@ -872,10 +993,8 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
} }
else else
{ {
if (!s_check_rem(s, len_password + 2)) if (!s_check_rem_and_log(s, len_password + 2, "Parsing [MS-RDPBCGR] TS_INFO_PACKET Password"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len %d, remaining %d", len_password + 2, s_rem(s));
return 1; return 1;
} }
in_uint8s(s, len_password + 2); in_uint8s(s, len_password + 2);
@ -898,13 +1017,13 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
if (unicode_utf16_in(s, len_program, self->rdp_layer->client_info.program, sizeof(self->rdp_layer->client_info.program) - 1) != 0) if (unicode_utf16_in(s, len_program, self->rdp_layer->client_info.program, sizeof(self->rdp_layer->client_info.program) - 1) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "ERROR reading program"); LOG(LOG_LEVEL_ERROR, "ERROR reading program");
return 1; return 1;
} }
if (unicode_utf16_in(s, len_directory, self->rdp_layer->client_info.directory, sizeof(self->rdp_layer->client_info.directory) - 1) != 0) if (unicode_utf16_in(s, len_directory, self->rdp_layer->client_info.directory, sizeof(self->rdp_layer->client_info.directory) - 1) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "ERROR reading directory"); LOG(LOG_LEVEL_ERROR, "ERROR reading directory");
return 1; return 1;
} }
@ -920,7 +1039,7 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
self->rdp_layer->client_info.directory); self->rdp_layer->client_info.directory);
LOG(LOG_LEVEL_DEBUG, "Client supplied domain: %s", self->rdp_layer->client_info.domain); LOG(LOG_LEVEL_DEBUG, "Client supplied domain: %s", self->rdp_layer->client_info.domain);
LOG(LOG_LEVEL_DEBUG, "Client supplied username: %s", self->rdp_layer->client_info.username); LOG(LOG_LEVEL_DEBUG, "Client supplied username: %s", self->rdp_layer->client_info.username);
LOG(LOG_LEVEL_DEBUG, "Client supplied password: ommitted from the log"); LOG(LOG_LEVEL_DEBUG, "Client supplied password: <ommitted from log>");
LOG(LOG_LEVEL_DEBUG, "Client supplied program: %s", self->rdp_layer->client_info.program); LOG(LOG_LEVEL_DEBUG, "Client supplied program: %s", self->rdp_layer->client_info.program);
LOG(LOG_LEVEL_DEBUG, "Client supplied directory: %s", self->rdp_layer->client_info.directory); LOG(LOG_LEVEL_DEBUG, "Client supplied directory: %s", self->rdp_layer->client_info.directory);
@ -928,10 +1047,9 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
TS_EXTENDED_INFO_PACKET should be parsed */ TS_EXTENDED_INFO_PACKET should be parsed */
if (flags & RDP_LOGON_BLOB) /* INFO_ENABLEWINDOWSKEY */ if (flags & RDP_LOGON_BLOB) /* INFO_ENABLEWINDOWSKEY */
{ {
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [MS-RDPBCGR] TS_EXTENDED_INFO_PACKET "
"clientAddressFamily and cbClientAddress"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
/* TS_EXTENDED_INFO_PACKET requiered fields */ /* TS_EXTENDED_INFO_PACKET requiered fields */
@ -939,19 +1057,17 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
in_uint16_le(s, len_ip); in_uint16_le(s, len_ip);
if (unicode_utf16_in(s, len_ip - 2, tmpdata, sizeof(tmpdata) - 1) != 0) if (unicode_utf16_in(s, len_ip - 2, tmpdata, sizeof(tmpdata) - 1) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "ERROR reading ip"); LOG(LOG_LEVEL_ERROR, "ERROR reading ip");
return 1; return 1;
} }
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPBCGR] TS_EXTENDED_INFO_PACKET clientDir"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint16_le(s, len_dll); in_uint16_le(s, len_dll);
if (unicode_utf16_in(s, len_dll - 2, tmpdata, sizeof(tmpdata) - 1) != 0) if (unicode_utf16_in(s, len_dll - 2, tmpdata, sizeof(tmpdata) - 1) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "ERROR reading clientDir"); LOG(LOG_LEVEL_ERROR, "ERROR reading clientDir");
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_EXTENDED_INFO_PACKET " LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_EXTENDED_INFO_PACKET "
@ -961,19 +1077,19 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
/* TODO: MS-BCGR 2.2.1.11.1.1.1 says that all fields after the /* TODO: MS-BCGR 2.2.1.11.1.1.1 says that all fields after the
client directory are optional. */ client directory are optional. */
if (!s_check_rem(s, 4 + 62 + 22 + 62 + 26 + 4)) if (!s_check_rem_and_log(s, 4 + 64 + 20 + 64 + 20 + 4 + 4,
"Parsing [MS-RDPBCGR] TS_EXTENDED_INFO_PACKET "
"clientTimeZone, clientSessionId, and performanceFlags"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len %d, remaining %d", 4 + 62 + 22 + 62 + 26 + 4, s_rem(s));
return 1; return 1;
} }
/* TS_TIME_ZONE_INFORMATION */ /* TS_TIME_ZONE_INFORMATION */
in_uint8s(s, 4); /* Bias (4) */ in_uint8s(s, 4); /* Bias (4) */
in_uint8s(s, 62); /* StandardName (64) */ in_uint8s(s, 64); /* StandardName (64) */
in_uint8s(s, 22); /* StandardDate (16), StandardBias (4) */ in_uint8s(s, 20); /* StandardDate (16), StandardBias (4) */
in_uint8s(s, 62); /* DaylightName (64) */ in_uint8s(s, 64); /* DaylightName (64) */
in_uint8s(s, 26); /* DaylightDate (16), DaylightBias (4) */ in_uint8s(s, 20); /* DaylightDate (16), DaylightBias (4) */
/* TS_EXTENDED_INFO_PACKET clientSessionId (4) */ in_uint8s(s, 4); /* TS_EXTENDED_INFO_PACKET clientSessionId (4) */
/* TS_EXTENDED_INFO_PACKET optional fields */ /* TS_EXTENDED_INFO_PACKET optional fields */
in_uint32_le(s, self->rdp_layer->client_info.rdp5_performanceflags); in_uint32_le(s, self->rdp_layer->client_info.rdp5_performanceflags);
@ -1005,18 +1121,18 @@ xrdp_sec_send_lic_initial(struct xrdp_sec *self)
if (xrdp_mcs_init(self->mcs_layer, s) != 0) if (xrdp_mcs_init(self->mcs_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_send_lic_initial: xrdp_mcs_init failed"); LOG(LOG_LEVEL_ERROR, "xrdp_sec_send_lic_initial: xrdp_mcs_init failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
out_uint8a(s, g_lic1, 322); out_uint8a(s, g_lic1, sizeof(g_lic1));
s_mark_end(s); s_mark_end(s);
LOG_DEVEL(LOG_LEVEL_TRACE, "Sending g_lic1"); LOG_DEVEL(LOG_LEVEL_TRACE, "Sending [MS-RDPELE] SERVER_LICENSE_REQUEST");
if (xrdp_mcs_send(self->mcs_layer, s, MCS_GLOBAL_CHANNEL) != 0) if (xrdp_mcs_send(self->mcs_layer, s, MCS_GLOBAL_CHANNEL) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_send_lic_initial: xrdp_mcs_send failed"); LOG(LOG_LEVEL_ERROR, "Sending [MS-RDPELE] SERVER_LICENSE_REQUEST failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1026,6 +1142,10 @@ xrdp_sec_send_lic_initial(struct xrdp_sec *self)
} }
/*****************************************************************************/ /*****************************************************************************/
/*
* Send a [MS-RDPELE] LICENSE_ERROR_MESSAGE with STATUS_VALID_CLIENT
* See also: [MS-RDPELE] 1.3.3 Licensing PDU Flows
*/
/* returns error */ /* returns error */
static int static int
xrdp_sec_send_lic_response(struct xrdp_sec *self) xrdp_sec_send_lic_response(struct xrdp_sec *self)
@ -1037,18 +1157,18 @@ xrdp_sec_send_lic_response(struct xrdp_sec *self)
if (xrdp_mcs_init(self->mcs_layer, s) != 0) if (xrdp_mcs_init(self->mcs_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_send_lic_response: xrdp_mcs_init failed"); LOG(LOG_LEVEL_ERROR, "xrdp_sec_send_lic_response: xrdp_mcs_init failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
out_uint8a(s, g_lic2, 20); out_uint8a(s, g_lic2, sizeof(g_lic2));
s_mark_end(s); s_mark_end(s);
LOG_DEVEL(LOG_LEVEL_TRACE, "Sending g_lic2"); LOG_DEVEL(LOG_LEVEL_TRACE, "Sending [MS-RDPELE] LICENSE_ERROR_MESSAGE with STATUS_VALID_CLIENT");
if (xrdp_mcs_send(self->mcs_layer, s, MCS_GLOBAL_CHANNEL) != 0) if (xrdp_mcs_send(self->mcs_layer, s, MCS_GLOBAL_CHANNEL) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_send_lic_response: xrdp_mcs_send failed"); LOG(LOG_LEVEL_ERROR, "Sending [MS-RDPELE] LICENSE_ERROR_MESSAGE with STATUS_VALID_CLIENT failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1069,7 +1189,7 @@ xrdp_sec_send_media_lic_response(struct xrdp_sec *self)
if (xrdp_mcs_init(self->mcs_layer, s) != 0) if (xrdp_mcs_init(self->mcs_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_send_media_lic_response: xrdp_mcs_init failed"); LOG(LOG_LEVEL_ERROR, "xrdp_sec_send_media_lic_response: xrdp_mcs_init failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1077,10 +1197,10 @@ xrdp_sec_send_media_lic_response(struct xrdp_sec *self)
out_uint8a(s, g_lic3, sizeof(g_lic3)); out_uint8a(s, g_lic3, sizeof(g_lic3));
s_mark_end(s); s_mark_end(s);
LOG_DEVEL(LOG_LEVEL_TRACE, "Sending g_lic3"); LOG_DEVEL(LOG_LEVEL_TRACE, "Sending [MS-RDPELE] LICENSE_ERROR_MESSAGE with STATUS_VALID_CLIENT");
if (xrdp_mcs_send(self->mcs_layer, s, MCS_GLOBAL_CHANNEL) != 0) if (xrdp_mcs_send(self->mcs_layer, s, MCS_GLOBAL_CHANNEL) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_send_media_lic_response: xrdp_mcs_send failed"); LOG(LOG_LEVEL_ERROR, "Sending [MS-RDPELE] LICENSE_ERROR_MESSAGE with STATUS_VALID_CLIENT failed");
free_stream(s); free_stream(s);
return 1; return 1;
} }
@ -1294,7 +1414,7 @@ xrdp_sec_recv_fastpath(struct xrdp_sec *self, struct stream *s)
if (xrdp_fastpath_recv(self->fastpath_layer, s) != 0) if (xrdp_fastpath_recv(self->fastpath_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_recv_fastpath: xrdp_fastpath_recv failed"); LOG(LOG_LEVEL_ERROR, "xrdp_sec_recv_fastpath: xrdp_fastpath_recv failed");
return 1; return 1;
} }
@ -1302,24 +1422,22 @@ xrdp_sec_recv_fastpath(struct xrdp_sec *self, struct stream *s)
{ {
if (self->crypt_level == CRYPT_LEVEL_FIPS) if (self->crypt_level == CRYPT_LEVEL_FIPS)
{ {
if (!s_check_rem(s, 12)) if (!s_check_rem_and_log(s, 12, "Parsing [MS-RDPBCGR] TS_FP_FIPS_INFO"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 12, remaining %d", s_rem(s));
return 1; return 1;
} }
/* TS_FP_FIPS_INFO */ /* TS_FP_FIPS_INFO */
in_uint16_le(s, len); in_uint16_le(s, len);
in_uint8(s, ver); /* length (2 bytes) */ in_uint8(s, ver); /* length (2 bytes) */
if (len != 0x10) /* length MUST set to 0x10 */
{
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_recv_fastpath: CRYPT_LEVEL_FIPS - "
"invalid fastpath length. Expected 16, received %d", len);
return 1;
}
in_uint8(s, pad); in_uint8(s, pad);
LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [MS-RDPBCGR] TS_FP_FIPS_INFO " LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [MS-RDPBCGR] TS_FP_FIPS_INFO "
"length %d, version %d, padlen %d", len, ver, pad); "length %d, version %d, padlen %d", len, ver, pad);
if (len != 0x10) /* length MUST set to 0x10 */
{
LOG(LOG_LEVEL_ERROR, "Received header [MS-RDPBCGR] TS_FP_FIPS_INFO "
"invalid fastpath length. Expected 16, received %d", len);
return 1;
}
/* remainder of TS_FP_INPUT_PDU */ /* remainder of TS_FP_INPUT_PDU */
in_uint8s(s, 8); /* dataSignature (8 bytes), skip for now */ in_uint8s(s, 8); /* dataSignature (8 bytes), skip for now */
@ -1330,10 +1448,9 @@ xrdp_sec_recv_fastpath(struct xrdp_sec *self, struct stream *s)
} }
else else
{ {
if (!s_check_rem(s, 8)) if (!s_check_rem_and_log(s, 8,
"Parsing [MS-RDPBCGR] TS_FP_INPUT_PDU dataSignature"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 8, remaining %d", s_rem(s));
return 1; return 1;
} }
/* remainder of TS_FP_INPUT_PDU */ /* remainder of TS_FP_INPUT_PDU */
@ -1348,10 +1465,8 @@ xrdp_sec_recv_fastpath(struct xrdp_sec *self, struct stream *s)
* If numberEvents is not provided in fpInputHeader, it will be provided * If numberEvents is not provided in fpInputHeader, it will be provided
* as one additional byte here. * as one additional byte here.
*/ */
if (!s_check_rem(s, 8)) if (!s_check_rem_and_log(s, 8, "Parsing [MS-RDPBCGR] TS_FP_INPUT_PDU numEvents"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 8, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8(s, self->fastpath_layer->numEvents); /* numEvents (1 byte) (optional) */ in_uint8(s, self->fastpath_layer->numEvents); /* numEvents (1 byte) (optional) */
@ -1390,10 +1505,8 @@ xrdp_sec_recv(struct xrdp_sec *self, struct stream *s, int *chan)
the security header is optional (eg. TLS connections), so this the security header is optional (eg. TLS connections), so this
check should really be after the check if the security header is present, check should really be after the check if the security header is present,
this currently seems to be working by coincidence at the moment. */ this currently seems to be working by coincidence at the moment. */
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [MS-RDPBCGR] TS_SECURITY_HEADER"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
@ -1415,34 +1528,37 @@ xrdp_sec_recv(struct xrdp_sec *self, struct stream *s, int *chan)
{ {
if (self->crypt_level == CRYPT_LEVEL_FIPS) if (self->crypt_level == CRYPT_LEVEL_FIPS)
{ {
if (!s_check_rem(s, 12)) if (!s_check_rem_and_log(s, 12, "Parsing [MS-RDPBCGR] TS_SECURITY_HEADER2"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 12, remaining %d", s_rem(s));
return 1; return 1;
} }
/* TS_SECURITY_HEADER2 */ /* TS_SECURITY_HEADER2 */
in_uint16_le(s, len); /* length */ in_uint16_le(s, len); /* length */
in_uint8(s, ver); /* version */ in_uint8(s, ver); /* version */
if ((len != 16) || (ver != 1))
{
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_recv: error - unknown version %d "
"or unexpected length %d", ver, len);
return 1;
}
in_uint8(s, pad); /* padlen */ in_uint8(s, pad); /* padlen */
in_uint8s(s, 8); /* signature(8) */ in_uint8s(s, 8); /* signature(8) */
LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [MS-RDPBCGR] TS_SECURITY_HEADER2 " LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [MS-RDPBCGR] TS_SECURITY_HEADER2 "
"length %d, version %d, padlen %d, dataSignature (ignored)", "length %d, version %d, padlen %d, dataSignature (ignored)",
len, ver, pad); len, ver, pad);
if (len != 16)
{
LOG(LOG_LEVEL_ERROR, "Received header [MS-RDPBCGR] TS_SECURITY_HEADER2 "
"has unexpected length. Expected 16, actual %d", len);
return 1;
}
if (ver != 1)
{
LOG(LOG_LEVEL_ERROR, "Received header [MS-RDPBCGR] TS_SECURITY_HEADER2 "
"has unexpected version. Expected 1, actual %d", ver);
return 1;
}
xrdp_sec_fips_decrypt(self, s->p, (int)(s->end - s->p)); xrdp_sec_fips_decrypt(self, s->p, (int)(s->end - s->p));
s->end -= pad; s->end -= pad;
} }
else if (self->crypt_level > CRYPT_LEVEL_NONE) else if (self->crypt_level > CRYPT_LEVEL_NONE)
{ {
if (!s_check_rem(s, 8)) if (!s_check_rem_and_log(s, 8, "Parsing [MS-RDPBCGR] TS_SECURITY_HEADER1"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_recv: error - not enough bytes in the stream");
return 1; return 1;
} }
/* TS_SECURITY_HEADER1 */ /* TS_SECURITY_HEADER1 */
@ -1455,23 +1571,20 @@ xrdp_sec_recv(struct xrdp_sec *self, struct stream *s, int *chan)
if (flags & SEC_CLIENT_RANDOM) /* 0x01 TS_SECURITY_PACKET */ if (flags & SEC_CLIENT_RANDOM) /* 0x01 TS_SECURITY_PACKET */
{ {
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [MS-RDPBCGR] TS_SECURITY_PACKET"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint32_le(s, len); in_uint32_le(s, len);
/* 512, 2048 bit */ /* 512, 2048 bit */
if ((len != 64 + 8) && (len != 256 + 8)) if ((len != 64 + 8) && (len != 256 + 8))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_recv : error - unexpected length %d", len); LOG(LOG_LEVEL_ERROR, "xrdp_sec_recv : error - unexpected length %d", len);
return 1; return 1;
} }
if (!s_check_rem(s, len - 8)) if (!s_check_rem_and_log(s, len - 8,
"Parsing [MS-RDPBCGR] TS_SECURITY_PACKET encryptedClientRandom"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len %d, remaining %d", (len - 8), s_rem(s));
return 1; return 1;
} }
in_uint8a(s, self->client_crypt_random, len - 8); in_uint8a(s, self->client_crypt_random, len - 8);
@ -1658,7 +1771,7 @@ xrdp_sec_send(struct xrdp_sec *self, struct stream *s, int chan)
if (xrdp_mcs_send(self->mcs_layer, s, chan) != 0) if (xrdp_mcs_send(self->mcs_layer, s, chan) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_send: xrdp_mcs_send failed"); LOG(LOG_LEVEL_ERROR, "xrdp_sec_send: xrdp_mcs_send failed");
return 1; return 1;
} }
@ -1688,8 +1801,8 @@ xrdp_sec_init_fastpath(struct xrdp_sec *self, struct stream *s)
{ {
if (xrdp_fastpath_init(self->fastpath_layer, s) != 0) if (xrdp_fastpath_init(self->fastpath_layer, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_sec_init_fastpath: xrdp_fastpath_init failed"); "xrdp_sec_init_fastpath: xrdp_fastpath_init failed");
return 1; return 1;
} }
if (self->crypt_level == CRYPT_LEVEL_FIPS) if (self->crypt_level == CRYPT_LEVEL_FIPS)
@ -1791,8 +1904,8 @@ xrdp_sec_send_fastpath(struct xrdp_sec *self, struct stream *s)
} }
if (error != 0) if (error != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_sec_send_fastpath: xrdp_fastpath_send failed"); "xrdp_sec_send_fastpath: xrdp_fastpath_send failed");
return 1; return 1;
} }
return 0; return 0;
@ -2135,28 +2248,24 @@ xrdp_sec_process_mcs_data_channels(struct xrdp_sec *self, struct stream *s)
LOG(LOG_LEVEL_DEBUG, "All channels are disabled by configuration"); LOG(LOG_LEVEL_DEBUG, "All channels are disabled by configuration");
return 0; return 0;
} }
if (!s_check_rem(s, 4)) if (!s_check_rem_and_log(s, 4, "Parsing [MS-RDPBCGR] TS_UD_CS_NET"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 4, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint32_le(s, num_channels); in_uint32_le(s, num_channels);
if (num_channels > 31)
{
LOG_DEVEL(LOG_LEVEL_ERROR, "Protocol error: too many channels requested. "
"max 31, received %d", num_channels);
return 1;
}
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_UD_CS_NET " LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_UD_CS_NET "
"channelCount %d", num_channels); "channelCount %d", num_channels);
if (num_channels > 31)
{
LOG(LOG_LEVEL_ERROR, "[MS-RDPBCGR] Protocol error: too many channels requested. "
"max 31, received %d", num_channels);
return 1;
}
for (index = 0; index < num_channels; index++) for (index = 0; index < num_channels; index++)
{ {
channel_item = g_new0(struct mcs_channel_item, 1); channel_item = g_new0(struct mcs_channel_item, 1);
if (!s_check_rem(s, 12)) if (!s_check_rem_and_log(s, 12, "Parsing [MS-RDPBCGR] TS_UD_CS_NET.CHANNEL_DEF"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 12, remaining %d", s_rem(s));
g_free(channel_item); g_free(channel_item);
return 1; return 1;
} }
@ -2213,28 +2322,32 @@ xrdp_sec_process_mcs_data_monitors(struct xrdp_sec *self, struct stream *s)
LOG(LOG_LEVEL_INFO, "Multi-monitor is disabled by server config"); LOG(LOG_LEVEL_INFO, "Multi-monitor is disabled by server config");
return 0; return 0;
} }
if (!s_check_rem_and_log(s, 8, "Parsing [MS-RDPBCGR] TS_UD_CS_MONITOR"))
{
return 1;
}
in_uint32_le(s, flags); /* flags */ in_uint32_le(s, flags); /* flags */
in_uint32_le(s, monitorCount);
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_UD_CS_MONITOR "
"flags 0x%8.8x, monitorCount %d", flags, monitorCount);
//verify flags - must be 0x0 //verify flags - must be 0x0
if (flags != 0) if (flags != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"Protocol error: TS_UD_CS_MONITOR flags MUST be zero, " "[MS-RDPBCGR] Protocol error: TS_UD_CS_MONITOR flags MUST be zero, "
"received: 0x%8.8x", flags); "received: 0x%8.8x", flags);
return 1; return 1;
} }
in_uint32_le(s, monitorCount);
//verify monitorCount - max 16 //verify monitorCount - max 16
if (monitorCount > 16) if (monitorCount > 16)
{ {
LOG(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"Protocol error: TS_UD_CS_MONITOR monitorCount " "[MS-RDPBCGR] Protocol error: TS_UD_CS_MONITOR monitorCount "
"MUST be less than 16, received: %d", monitorCount); "MUST be less than 16, received: %d", monitorCount);
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_UD_CS_MONITOR "
"flags 0x%8.8x, monitorCount %d", flags, monitorCount);
client_info->monitorCount = monitorCount; client_info->monitorCount = monitorCount;
x1 = 0; x1 = 0;
@ -2245,6 +2358,10 @@ xrdp_sec_process_mcs_data_monitors(struct xrdp_sec *self, struct stream *s)
/* Add client_monitor_data to client_info struct, will later pass to X11rdp */ /* Add client_monitor_data to client_info struct, will later pass to X11rdp */
for (index = 0; index < monitorCount; index++) for (index = 0; index < monitorCount; index++)
{ {
if (!s_check_rem_and_log(s, 20, "Parsing [MS-RDPBCGR] TS_UD_CS_MONITOR.TS_MONITOR_DEF"))
{
return 1;
}
in_uint32_le(s, client_info->minfo[index].left); in_uint32_le(s, client_info->minfo[index].left);
in_uint32_le(s, client_info->minfo[index].top); in_uint32_le(s, client_info->minfo[index].top);
in_uint32_le(s, client_info->minfo[index].right); in_uint32_le(s, client_info->minfo[index].right);
@ -2354,10 +2471,8 @@ xrdp_sec_process_mcs_data(struct xrdp_sec *self)
/* set p to beginning */ /* set p to beginning */
s->p = s->data; s->p = s->data;
/* skip header */ /* skip header */
if (!s_check_rem(s, 23)) if (!s_check_rem_and_log(s, 23, "Parsing [ITU T.124] ConferenceCreateRequest"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 23, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 23); /* skip [ITU T.124] ConferenceCreateRequest fields until userData */ in_uint8s(s, 23); /* skip [ITU T.124] ConferenceCreateRequest fields until userData */
@ -2367,50 +2482,55 @@ xrdp_sec_process_mcs_data(struct xrdp_sec *self)
hold_p = s->p; hold_p = s->p;
in_uint16_le(s, tag); in_uint16_le(s, tag);
in_uint16_le(s, size); in_uint16_le(s, size);
LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [MS-RDPBCGR] TS_UD_HEADER "
"type 0x%4.4x, length %d", tag, size);
if ((size < 4) || (!s_check_rem(s, size - 4))) if (size < 4)
{
LOG(LOG_LEVEL_WARNING, "[MS-RDPBCGR] Protocol error: Invalid TS_UD_HEADER length value. "
"expected >= 4, actual %d", size);
break;
}
if (!s_check_rem_and_log(s, size - 4,
"Parsing [MS-RDPBCGR] GCC Conference Create Request client data field"))
{ {
LOG(LOG_LEVEL_WARNING, "Not enough bytes in the stream "
"len %d, remaining %d", size - 4, s_rem(s));
break; break;
} }
LOG_DEVEL(LOG_LEVEL_TRACE, "Received header [MS-RDPBCGR] TS_UD_HEADER "
"type 0x%4.4x, length %d", tag, size);
switch (tag) switch (tag)
{ {
case SEC_TAG_CLI_INFO: /* CS_CORE 0xC001 */ case SEC_TAG_CLI_INFO: /* CS_CORE 0xC001 */
if (xrdp_sec_process_mcs_data_CS_CORE(self, s) != 0) if (xrdp_sec_process_mcs_data_CS_CORE(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_sec_process_mcs_data: xrdp_sec_process_mcs_data_CS_CORE failed"); "Processing [MS-RDPBCGR] TS_UD_CS_CORE failed");
return 1; return 1;
} }
break; break;
case SEC_TAG_CLI_CRYPT: /* CS_SECURITY 0xC002 */ case SEC_TAG_CLI_CRYPT: /* CS_SECURITY 0xC002 */
if (xrdp_sec_process_mcs_data_CS_SECURITY(self, s) != 0) if (xrdp_sec_process_mcs_data_CS_SECURITY(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_sec_process_mcs_data: xrdp_sec_process_mcs_data_CS_SECURITY failed"); "Processing [MS-RDPBCGR] TS_UD_CS_SEC failed");
return 1; return 1;
} }
break; break;
case SEC_TAG_CLI_CHANNELS: /* CS_NET 0xC003 */ case SEC_TAG_CLI_CHANNELS: /* CS_NET 0xC003 */
if (xrdp_sec_process_mcs_data_channels(self, s) != 0) if (xrdp_sec_process_mcs_data_channels(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_sec_process_mcs_data: xrdp_sec_process_mcs_data_channels failed"); "Processing [MS-RDPBCGR] TS_UD_CS_NET failed");
return 1; return 1;
} }
break; break;
case SEC_TAG_CLI_4: /* CS_CLUSTER 0xC004 */ case SEC_TAG_CLI_4: /* CS_CLUSTER 0xC004 */
LOG_DEVEL(LOG_LEVEL_TRACE, "Received [MS-RDPBCGR] TS_UD_CS_CLUSTER - no-op"); LOG_DEVEL(LOG_LEVEL_DEBUG, "Received [MS-RDPBCGR] TS_UD_CS_CLUSTER - no-op");
break; break;
case SEC_TAG_CLI_MONITOR: /* CS_MONITOR 0xC005 */ case SEC_TAG_CLI_MONITOR: /* CS_MONITOR 0xC005 */
if (xrdp_sec_process_mcs_data_monitors(self, s) != 0) if (xrdp_sec_process_mcs_data_monitors(self, s) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG(LOG_LEVEL_ERROR,
"xrdp_sec_process_mcs_data: xrdp_sec_process_mcs_data_monitors failed"); "Processing [MS-RDPBCGR] TS_UD_CS_MONITOR failed");
return 1; return 1;
} }
break; break;
@ -2476,10 +2596,8 @@ xrdp_sec_in_mcs_data(struct xrdp_sec *self)
s = &(self->client_mcs_data); s = &(self->client_mcs_data);
/* get hostname, it's unicode */ /* get hostname, it's unicode */
s->p = s->data; s->p = s->data;
if (!s_check_rem(s, 47)) if (!s_check_rem_and_log(s, 47, "Parsing [ITU T.124] ConferenceCreateRequest"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 47, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 47); /* skip [ITU T.124] ConferenceCreateRequest up to the in_uint8s(s, 47); /* skip [ITU T.124] ConferenceCreateRequest up to the
@ -2493,10 +2611,8 @@ xrdp_sec_in_mcs_data(struct xrdp_sec *self)
like we do in xrdp_sec_process_mcs_data_CS_CORE? */ like we do in xrdp_sec_process_mcs_data_CS_CORE? */
while (index < 16 && c != 0) while (index < 16 && c != 0)
{ {
if (!s_check_rem(s, 2)) if (!s_check_rem_and_log(s, 2, "Parsing [MS-RDPBCGR] TS_UD_CS_CORE clientName"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 2, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8(s, c); in_uint8(s, c);
@ -2506,30 +2622,24 @@ xrdp_sec_in_mcs_data(struct xrdp_sec *self)
} }
/* get build */ /* get build */
s->p = s->data; s->p = s->data;
if (!s_check_rem(s, 43 + 4)) if (!s_check_rem_and_log(s, 43 + 4, "Parsing [MS-RDPBCGR] TS_UD_CS_CORE clientBuild"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 47, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 43); in_uint8s(s, 43);
in_uint32_le(s, client_info->build); /* [MS-RDPBCGR] TS_UD_CS_CORE clientBuild */ in_uint32_le(s, client_info->build); /* [MS-RDPBCGR] TS_UD_CS_CORE clientBuild */
/* get keylayout */ /* get keylayout */
s->p = s->data; s->p = s->data;
if (!s_check_rem(s, 39 + 4)) if (!s_check_rem_and_log(s, 39 + 4, "Parsing [MS-RDPBCGR] TS_UD_CS_CORE keyboardLayout"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 43, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 39); in_uint8s(s, 39);
in_uint32_le(s, client_info->keylayout); /* [MS-RDPBCGR] TS_UD_CS_CORE keyboardLayout */ in_uint32_le(s, client_info->keylayout); /* [MS-RDPBCGR] TS_UD_CS_CORE keyboardLayout */
/* get keyboard type / subtype */ /* get keyboard type / subtype */
s->p = s->data; s->p = s->data;
if (!s_check_rem(s, 79 + 8)) if (!s_check_rem_and_log(s, 79 + 8, "Parsing [MS-RDPBCGR] TS_UD_CS_CORE keyboardType"))
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "Not enough bytes in the stream "
"len 87, remaining %d", s_rem(s));
return 1; return 1;
} }
in_uint8s(s, 79); in_uint8s(s, 79);
@ -2642,12 +2752,12 @@ xrdp_sec_incoming(struct xrdp_sec *self)
self->rdp_layer->client_info.ssl_protocols, self->rdp_layer->client_info.ssl_protocols,
self->rdp_layer->client_info.tls_ciphers) != 0) self->rdp_layer->client_info.tls_ciphers) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_incoming: trans_set_tls_mode failed"); LOG(LOG_LEVEL_ERROR, "xrdp_sec_incoming: trans_set_tls_mode failed");
return 1; return 1;
} }
LOG_DEVEL(LOG_LEVEL_DEBUG, "Using TLS security, and " LOG(LOG_LEVEL_DEBUG, "Using TLS security, and "
"setting RDP security crypto to LEVEL_NONE and METHOD_NONE"); "setting RDP security crypto to LEVEL_NONE and METHOD_NONE");
self->crypt_level = CRYPT_LEVEL_NONE; self->crypt_level = CRYPT_LEVEL_NONE;
self->crypt_method = CRYPT_METHOD_NONE; self->crypt_method = CRYPT_METHOD_NONE;
self->rsa_key_bytes = 0; self->rsa_key_bytes = 0;
@ -2658,13 +2768,13 @@ xrdp_sec_incoming(struct xrdp_sec *self)
/* init rdp security */ /* init rdp security */
if (xrdp_sec_init_rdp_security(self) != 0) if (xrdp_sec_init_rdp_security(self) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_incoming: xrdp_sec_init_rdp_security failed"); LOG(LOG_LEVEL_ERROR, "xrdp_sec_incoming: xrdp_sec_init_rdp_security failed");
return 1; return 1;
} }
if (self->crypt_method != CRYPT_METHOD_NONE) if (self->crypt_method != CRYPT_METHOD_NONE)
{ {
LOG_DEVEL(LOG_LEVEL_DEBUG, "Using RDP security, and " LOG(LOG_LEVEL_DEBUG, "Using RDP security, and "
"reading the server configuration"); "reading the server configuration");
g_memset(key_file, 0, sizeof(char) * 256); g_memset(key_file, 0, sizeof(char) * 256);
g_random(self->server_random, 32); g_random(self->server_random, 32);
@ -2677,7 +2787,7 @@ xrdp_sec_incoming(struct xrdp_sec *self)
if (file_by_name_read_section(key_file, "keys", items, values) != 0) if (file_by_name_read_section(key_file, "keys", items, values) != 0)
{ {
/* this is a show stopper */ /* this is a show stopper */
LOG(LOG_LEVEL_ALWAYS, "XRDP cannot read file: %s " LOG(LOG_LEVEL_ERROR, "XRDP cannot read file: %s "
"(check permissions)", key_file); "(check permissions)", key_file);
list_delete(items); list_delete(items);
list_delete(values); list_delete(values);
@ -2727,7 +2837,7 @@ xrdp_sec_incoming(struct xrdp_sec *self)
/* negotiate mcs layer */ /* negotiate mcs layer */
if (xrdp_mcs_incoming(self->mcs_layer) != 0) if (xrdp_mcs_incoming(self->mcs_layer) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_incoming: xrdp_mcs_incoming failed"); LOG(LOG_LEVEL_ERROR, "xrdp_sec_incoming: xrdp_mcs_incoming failed");
return 1; return 1;
} }
@ -2740,7 +2850,7 @@ xrdp_sec_incoming(struct xrdp_sec *self)
if (xrdp_sec_in_mcs_data(self) != 0) if (xrdp_sec_in_mcs_data(self) != 0)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, "xrdp_sec_incoming: xrdp_sec_in_mcs_data failed"); LOG(LOG_LEVEL_ERROR, "xrdp_sec_incoming: xrdp_sec_in_mcs_data failed");
return 1; return 1;
} }

2
sesman/chansrv/chansrv_fuse.c
View File

@ -789,7 +789,7 @@ xfuse_add_clip_dir_item(const char *filename, int flags, int size, int lindex)
if (g_xfs == NULL) if (g_xfs == NULL)
{ {
LOG_DEVEL(LOG_LEVEL_ERROR, LOG_DEVEL(LOG_LEVEL_ERROR,
"xfuse_add_clip_dir_item() called with no filesystem") "xfuse_add_clip_dir_item() called with no filesystem");
} }
else else
{ {