[Message Prev][Message Next][Thread Prev][Thread Next][Message Index][Thread Index]
Connection without encryption
- To: rdesktop@xxxxxxxx
- Subject: Connection without encryption
- From: Philippe MARTIN <pmartin@xxxxxxxxxxxxxx>
- Date: Tue, 28 Nov 2000 17:20:25 +0100
- Delivered-To: mailing list rdesktop@cifs.org
- Mailing-List: contact rdesktop-help@cifs.org; run by ezmlm
- Organization: ERIDAN Informatique
- Sender: root
Hi,
Here is a patch to connect to French Terminal Servers
(which do not use encryption).
It applies to rdesktop v1.0.0 (with or without 16bpp)
Reports on success and failure are welcome.
--
Philippe MARTIN
ERIDAN Informatique
http://www.eridan-info.fr
diff -ur rdesktop-1.0.0/licence.c rdesktop-1.0.0-fr-16bpp/licence.c
--- rdesktop-1.0.0/licence.c Tue Aug 15 12:23:22 2000
+++ rdesktop-1.0.0-fr-16bpp/licence.c Tue Nov 28 09:20:40 2000
@@ -28,6 +28,8 @@
static uint8 licence_key[16];
static uint8 licence_sign_key[16];
+BOOL licence_issued = False;
+
/* Generate a session key and RC4 keys, given client and server randoms */
void licence_generate_keys(uint8 *client_key, uint8 *server_key,
uint8 *client_rsa)
@@ -205,6 +207,7 @@
if (check != 0)
return;
+ licence_issued = True;
/* We should save the licence here */
STATUS("Server issued licence.\n");
}
diff -ur rdesktop-1.0.0/mcs.c rdesktop-1.0.0-fr-16bpp/mcs.c
--- rdesktop-1.0.0/mcs.c Tue Aug 15 12:23:22 2000
+++ rdesktop-1.0.0-fr-16bpp/mcs.c Tue Nov 28 17:01:18 2000
@@ -22,6 +22,9 @@
uint16 mcs_userid;
+extern BOOL encrypt;
+extern BOOL licence_issued;
+
/* Parse an ASN.1 BER header */
static BOOL ber_parse_header(STREAM s, int tagval, int *length)
{
@@ -183,8 +186,10 @@
s = iso_init(5);
out_uint8(s, (MCS_EDRQ << 2));
- out_uint16_be(s, 1); /* height */
- out_uint16_be(s, 1); /* interval */
+ /* out_uint16_be(s, 1); */ /* height */
+ /*out_uint16_be(s, 1); */ /* interval */
+ out_uint16_be(s, 0x0100); /* height */
+ out_uint16_be(s, 0x0100); /* interval */
s_mark_end(s);
iso_send(s);
diff -ur rdesktop-1.0.0/rdesktop.c rdesktop-1.0.0-fr-16bpp/rdesktop.c
--- rdesktop-1.0.0/rdesktop.c Tue Nov 28 16:58:17 2000
+++ rdesktop-1.0.0-fr-16bpp/rdesktop.c Tue Nov 28 16:53:49 2000
@@ -35,6 +35,7 @@
BOOL motion = True;
BOOL orders = True;
BOOL licence = True;
+BOOL encrypt = True;
/* Display usage information */
static void usage(char *program)
@@ -51,7 +52,8 @@
STATUS(" -k: keyboard layout (hex)\n");
STATUS(" -b: force bitmap updates\n");
STATUS(" -m: do not send motion events\n");
- STATUS(" -l: do not request licence\n\n");
+ STATUS(" -l: do not request licence\n");
+ STATUS(" -e: do not use encryption\n\n");
}
/* Client program */
@@ -74,7 +76,7 @@
flags = RDP_LOGON_NORMAL;
domain[0] = password[0] = shell[0] = directory[0] = 0;
- while ((c = getopt(argc, argv, "u:d:s:c:p:n:w:h:k:bml?")) != -1)
+ while ((c = getopt(argc, argv, "u:d:s:c:p:n:w:h:k:bmle?")) != -1)
{
switch (c)
{
@@ -125,6 +127,10 @@
case 'l':
licence = False;
+ break;
+
+ case 'e':
+ encrypt = False;
break;
case '?':
diff -ur rdesktop-1.0.0/rdp.c rdesktop-1.0.0-fr-16bpp/rdp.c
--- rdesktop-1.0.0/rdp.c Tue Nov 28 16:58:17 2000
+++ rdesktop-1.0.0-fr-16bpp/rdp.c Tue Nov 28 16:52:04 2000
@@ -23,6 +23,7 @@
extern uint16 mcs_userid;
extern char username[16];
extern BOOL orders;
+extern BOOL encrypt;
unsigned char *next_packet;
uint32 rdp_shareid;
@@ -32,7 +33,7 @@
{
STREAM s;
- s = sec_init(SEC_ENCRYPT, maxlen + 6);
+ s = sec_init(encrypt ? SEC_ENCRYPT : 0, maxlen + 6);
s_push_layer(s, rdp_hdr, 6);
return s;
@@ -50,7 +51,7 @@
out_uint16_le(s, (pdu_type | 0x10)); /* Version 1 */
out_uint16_le(s, (mcs_userid + 1001));
- sec_send(s, SEC_ENCRYPT);
+ sec_send(s, encrypt ? SEC_ENCRYPT : 0);
}
/* Receive an RDP packet */
@@ -92,7 +93,7 @@
{
STREAM s;
- s = sec_init(SEC_ENCRYPT, maxlen + 18);
+ s = sec_init(encrypt ? SEC_ENCRYPT : 0, maxlen + 18);
s_push_layer(s, rdp_hdr, 18);
return s;
@@ -118,7 +119,7 @@
out_uint8(s, 0); /* compress_type */
out_uint16(s, 0); /* compress_len */
- sec_send(s, SEC_ENCRYPT);
+ sec_send(s, encrypt ? SEC_ENCRYPT : 0);
}
/* Output a string in Unicode */
@@ -146,7 +147,7 @@
int len_password = 2 * strlen(password);
int len_program = 2 * strlen(program);
int len_directory = 2 * strlen(directory);
- uint32 sec_flags = SEC_LOGON_INFO | SEC_ENCRYPT;
+ uint32 sec_flags = encrypt ? (SEC_LOGON_INFO | SEC_ENCRYPT) : SEC_LOGON_INFO;
STREAM s;
s = sec_init(sec_flags, 18 + len_domain + len_user + len_password
diff -ur rdesktop-1.0.0/secure.c rdesktop-1.0.0-fr-16bpp/secure.c
--- rdesktop-1.0.0/secure.c Tue Aug 15 12:23:24 2000
+++ rdesktop-1.0.0-fr-16bpp/secure.c Tue Nov 28 16:52:48 2000
@@ -28,6 +28,8 @@
extern int width;
extern int height;
extern int keylayout;
+extern BOOL encrypt;
+extern BOOL licence_issued;
static int rc4_key_len;
static RC4_KEY rc4_decrypt_key;
@@ -295,8 +297,10 @@
{
int hdrlen;
STREAM s;
-
- hdrlen = (flags & SEC_ENCRYPT) ? 12 : 4;
+ if (!licence_issued)
+ hdrlen = (flags & SEC_ENCRYPT) ? 12 : 4;
+ else
+ hdrlen = (flags & SEC_ENCRYPT) ? 12 : 0;
s = mcs_init(maxlen + hdrlen);
s_push_layer(s, sec_hdr, hdrlen);
@@ -309,7 +313,8 @@
int datalen;
s_pop_layer(s, sec_hdr);
- out_uint32_le(s, flags);
+ if (!licence_issued || (flags & SEC_ENCRYPT))
+ out_uint32_le(s, flags);
if (flags & SEC_ENCRYPT)
{
@@ -393,7 +398,7 @@
/* Client encryption settings */
out_uint16_le(s, SEC_TAG_CLI_CRYPT);
out_uint16(s, 8); /* length */
- out_uint32_le(s, 1); /* encryption enabled */
+ out_uint32_le(s, encrypt ? 1 : 0); /* encryption enabled */
s_mark_end(s);
}
@@ -544,21 +549,23 @@
while ((s = mcs_recv()) != NULL)
{
- in_uint32_le(s, sec_flags);
-
- if (sec_flags & SEC_LICENCE_NEG)
+ if (encrypt || !licence_issued)
+ {
+ in_uint32_le(s, sec_flags);
+
+ if (sec_flags & SEC_LICENCE_NEG)
{
- licence_process(s);
- continue;
+ licence_process(s);
+ continue;
}
-
- if (sec_flags & SEC_ENCRYPT)
+
+ if (sec_flags & SEC_ENCRYPT)
{
- in_uint8s(s, 8); /* signature */
- sec_decrypt(s->p, s->end - s->p);
+ in_uint8s(s, 8); /* signature */
+ sec_decrypt(s->p, s->end - s->p);
}
-
- return s;
+ }
+ return s;
}
return NULL;
@@ -578,7 +585,8 @@
return False;
sec_process_mcs_data(&mcs_data);
- sec_establish_key();
+ if (encrypt)
+ sec_establish_key();
return True;
}