libxrdp: xrdp_iso: changed logs, some fixes in security layer

negotiation.
ulab-next-nosound
speidy 10 years ago
parent 8904252a98
commit 9fb02e381d

@ -21,6 +21,15 @@
#include "libxrdp.h"
#define LOG_LEVEL 1
#define LLOG(_level, _args) \
do { if (_level < LOG_LEVEL) { g_write _args ; } } while (0)
#define LLOGLN(_level, _args) \
do { if (_level < LOG_LEVEL) { g_writeln _args ; } } while (0)
#define LHEXDUMP(_level, _args) \
do { if (_level < LOG_LEVEL) { g_hexdump _args ; } } while (0)
/*****************************************************************************/
struct xrdp_iso *
APP_CC
@ -28,11 +37,11 @@ xrdp_iso_create(struct xrdp_mcs *owner, struct trans *trans)
{
struct xrdp_iso *self;
DEBUG((" in xrdp_iso_create"));
LLOGLN(10, (" in xrdp_iso_create"));
self = (struct xrdp_iso *) g_malloc(sizeof(struct xrdp_iso), 1);
self->mcs_layer = owner;
self->trans = trans;
DEBUG((" out xrdp_iso_create"));
LLOGLN(10, (" out xrdp_iso_create"));
return self;
}
@ -54,20 +63,31 @@ static int APP_CC
xrdp_iso_negotiate_security(struct xrdp_iso *self)
{
int rv = 0;
int server_security_layer = self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer;
struct xrdp_client_info *client_info = &(self->mcs_layer->sec_layer->rdp_layer->client_info);
self->selectedProtocol = server_security_layer;
self->selectedProtocol = client_info->security_layer;
switch (server_security_layer)
switch (client_info->security_layer)
{
case PROTOCOL_RDP:
self->rdpNegData = 0; /* no need to send rdp_neg_data back to client */
break;
case PROTOCOL_SSL:
if (self->requestedProtocol & PROTOCOL_SSL)
{
if(!g_file_exist(client_info->certificate) ||
!g_file_exist(client_info->key_file))
{
/* certificate file doesn't exist */
LLOGLN(0, ("xrdp_iso_negotiate_security: TLS certificate not found on server"));
self->failureCode = SSL_CERT_NOT_ON_SERVER;
rv = 1; /* error */
}
else
{
self->selectedProtocol = PROTOCOL_SSL;
}
}
else
{
self->failureCode = SSL_REQUIRED_BY_SERVER;
@ -89,7 +109,7 @@ xrdp_iso_negotiate_security(struct xrdp_iso *self)
break;
}
DEBUG(("xrdp_iso_negotiate_security: server security layer %d , client security layer %d",
LLOGLN(10, ("xrdp_iso_negotiate_security: server security layer %d , client security layer %d",
self->selectedProtocol, self->requestedProtocol));
return rv;
}
@ -105,21 +125,21 @@ xrdp_iso_process_rdp_neg_req(struct xrdp_iso *self, struct stream *s)
in_uint8(s, flags);
if (flags != 0x0 && flags != 0x8 && flags != 0x1)
{
DEBUG(("xrdp_iso_process_rdpNegReq: error, flags: %x",flags));
LLOGLN(10, ("xrdp_iso_process_rdpNegReq: error, flags: %x",flags));
return 1;
}
in_uint16_le(s, len);
if (len != 8)
{
DEBUG(("xrdp_iso_process_rdpNegReq: error, length: %x",len));
LLOGLN(10, ("xrdp_iso_process_rdpNegReq: error, length: %x",len));
return 1;
}
in_uint32_le(s, self->requestedProtocol);
if (self->requestedProtocol > 0xb)
{
DEBUG(("xrdp_iso_process_rdpNegReq: error, requestedProtocol: %x",
LLOGLN(10, ("xrdp_iso_process_rdpNegReq: error, requestedProtocol: %x",
self->requestedProtocol));
return 1;
}
@ -139,15 +159,15 @@ xrdp_iso_recv_msg(struct xrdp_iso *self, struct stream *s, int *code, int *len)
if (s != self->trans->in_s)
{
g_writeln("xrdp_iso_recv_msg error logic");
LLOGLN(10, ("xrdp_iso_recv_msg error logic"));
}
in_uint8(s, ver);
if (ver != 3)
{
g_writeln("xrdp_iso_recv_msg: bad ver");
g_hexdump(s->data, 4);
LLOGLN(10, ("xrdp_iso_recv_msg: bad ver"));
LHEXDUMP(10, (s->data, 4));
return 1;
}
@ -195,21 +215,21 @@ xrdp_iso_recv(struct xrdp_iso *self, struct stream *s)
int code;
int len;
DEBUG((" in xrdp_iso_recv"));
LLOGLN(10, (" in xrdp_iso_recv"));
if (xrdp_iso_recv_msg(self, s, &code, &len) != 0)
{
DEBUG((" out xrdp_iso_recv xrdp_iso_recv_msg return non zero"));
LLOGLN(10, (" out xrdp_iso_recv xrdp_iso_recv_msg return non zero"));
return 1;
}
if (code != ISO_PDU_DT || len != 2)
{
DEBUG((" out xrdp_iso_recv code != ISO_PDU_DT or length != 2"));
LLOGLN(10, (" out xrdp_iso_recv code != ISO_PDU_DT or length != 2"));
return 1;
}
DEBUG((" out xrdp_iso_recv"));
LLOGLN(10, (" out xrdp_iso_recv"));
return 0;
}
/*****************************************************************************/
@ -289,7 +309,7 @@ xrdp_iso_incoming(struct xrdp_iso *self)
char *pend;
struct stream *s;
DEBUG((" in xrdp_iso_incoming"));
LLOGLN(10, (" in xrdp_iso_incoming"));
s = libxrdp_force_read(self->trans);
if (s == 0)
@ -299,7 +319,7 @@ xrdp_iso_incoming(struct xrdp_iso *self)
if (xrdp_iso_recv_msg(self, s, &code, &len) != 0)
{
g_writeln("xrdp_iso_incoming: xrdp_iso_recv_msg returned non zero");
LLOGLN(0, ("xrdp_iso_incoming: xrdp_iso_recv_msg returned non zero"));
return 1;
}
@ -322,7 +342,7 @@ xrdp_iso_incoming(struct xrdp_iso *self)
self->rdpNegData = 1;
if (xrdp_iso_process_rdp_neg_req(self, s) != 0)
{
g_writeln("xrdp_iso_incoming: xrdp_iso_process_rdpNegReq returned non zero");
LLOGLN(0, ("xrdp_iso_incoming: xrdp_iso_process_rdpNegReq returned non zero"));
return 1;
}
break;
@ -354,11 +374,11 @@ xrdp_iso_incoming(struct xrdp_iso *self)
/* send connection confirm back to client */
if (xrdp_iso_send_cc(self) != 0)
{
g_writeln("xrdp_iso_incoming: xrdp_iso_send_cc returned non zero");
LLOGLN(0, ("xrdp_iso_incoming: xrdp_iso_send_cc returned non zero"));
return 1;
}
DEBUG((" out xrdp_iso_incoming"));
LLOGLN(10, (" out xrdp_iso_incoming"));
return rv;
}
@ -379,7 +399,7 @@ xrdp_iso_send(struct xrdp_iso *self, struct stream *s)
{
int len;
DEBUG((" in xrdp_iso_send"));
LLOGLN(10, (" in xrdp_iso_send"));
s_pop_layer(s, iso_hdr);
len = (int) (s->end - s->p);
out_uint8(s, 3);
@ -394,6 +414,6 @@ xrdp_iso_send(struct xrdp_iso *self, struct stream *s)
return 1;
}
DEBUG((" out xrdp_iso_send"));
LLOGLN(10, (" out xrdp_iso_send"));
return 0;
}

@ -204,7 +204,7 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info)
{
/* default key_file path */
g_snprintf(client_info->key_file, 1023, "%s/key.pem", XRDP_CFG_PATH);
log_message(LOG_LEVEL_ALWAYS,"WARNING: Invalid x.509 certificate path defined, "
log_message(LOG_LEVEL_WARNING,"Invalid X.509 certificate path defined, "
"default path will be used: %s", client_info->key_file);
}
else

Loading…
Cancel
Save