FREERDP_API int tls_read(rdpTls* tls, uint8* data, int length);
FREERDP_API int tls_write(rdpTls* tls, uint8* data, int length);
+FREERDP_API int tls_read_all(rdpTls* tls, uint8* data, int length);
FREERDP_API int tls_write_all(rdpTls* tls, uint8* data, int length);
FREERDP_API boolean tls_verify_certificate(rdpTls* tls, CryptoCert cert, char* hostname);
{
int i;
- rdpListener* listener = (rdpListener*)instance->listener;
+ rdpListener* listener = (rdpListener*) instance->listener;
for (i = 0; i < listener->num_sockfds; i++)
{
close(listener->sockfds[i]);
}
+
listener->num_sockfds = 0;
}
else
fcntl(tcp->sockfd, F_SETFL, flags | O_NONBLOCK);
#else
+ int status;
u_long arg = blocking;
- ioctlsocket(tcp->sockfd, FIONBIO, &arg);
+
+ status = ioctlsocket(tcp->sockfd, FIONBIO, &arg);
+
+ if (status != NO_ERROR)
+ printf("ioctlsocket() failed with error: %ld\n", status);
+
tcp->wsa_event = WSACreateEvent();
WSAEventSelect(tcp->sockfd, tcp->wsa_event, FD_READ);
#endif
return -1;
#ifdef WITH_DEBUG_CREDSSP
- printf("Receiving Authentication Token\n");
+ printf("Receiving Authentication Token (%d)\n", credssp->negoToken.cbBuffer);
winpr_HexDump(credssp->negoToken.pvBuffer, credssp->negoToken.cbBuffer);
#endif
have_context = false;
have_input_buffer = false;
have_pub_key_auth = false;
- memset(&input_buffer, 0, sizeof(SecBuffer));
- memset(&output_buffer, 0, sizeof(SecBuffer));
- memset(&credssp->ContextSizes, 0, sizeof(SecPkgContext_Sizes));
+ ZeroMemory(&input_buffer, sizeof(SecBuffer));
+ ZeroMemory(&output_buffer, sizeof(SecBuffer));
+ ZeroMemory(&credssp->ContextSizes, sizeof(SecPkgContext_Sizes));
fContextReq = ASC_REQ_REPLAY_DETECT | ASC_REQ_SEQUENCE_DETECT |
ASC_REQ_CONFIDENTIALITY | ASC_REQ_DELEGATE;
p_buffer->pvBuffer = credssp->negoToken.pvBuffer;
p_buffer->cbBuffer = credssp->negoToken.cbBuffer;
+ if (credssp->negoToken.cbBuffer < 1)
+ {
+ printf("CredSSP: invalid negoToken!\n");
+ return -1;
+ }
+
output_buffer_desc.ulVersion = SECBUFFER_VERSION;
output_buffer_desc.cBuffers = 1;
output_buffer_desc.pBuffers = &output_buffer;
int status;
UINT32 version;
- s = stream_new(2048);
- status = tls_read(credssp->tls, s->data, stream_get_left(s));
- s->size = status;
+ s = stream_new(4096);
+
+ status = tls_read_all(credssp->tls, s->p, stream_get_left(s));
if (status < 0)
{
+ printf("credssp_recv() error: %d\n", status);
stream_free(s);
return -1;
}
return false;
}
- if (!tls_verify_certificate(tls, cert, tls->settings->hostname)) {
+ if (!tls_verify_certificate(tls, cert, tls->settings->hostname))
+ {
printf("tls_connect: certificate not trusted, aborting.\n");
tls_disconnect(tls);
tls_free_certificate(cert);
return false;
}
- connection_status = SSL_accept(tls->ssl);
-
- if (connection_status <= 0)
+ while (1)
{
- if (tls_print_error("SSL_accept", tls->ssl, connection_status))
- return false;
+ connection_status = SSL_accept(tls->ssl);
+
+ if (connection_status <= 0)
+ {
+ switch (SSL_get_error(tls->ssl, connection_status))
+ {
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_WRITE:
+ break;
+
+ default:
+ if (tls_print_error("SSL_accept", tls->ssl, connection_status))
+ return false;
+ break;
+
+ }
+ }
+ else
+ {
+ break;
+ }
}
printf("TLS connection accepted\n");
return status;
}
+int tls_read_all(rdpTls* tls, uint8* data, int length)
+{
+ int status;
+
+ do
+ {
+ status = tls_read(tls, data, length);
+ }
+ while (status == 0);
+
+ return status;
+}
+
int tls_write(rdpTls* tls, uint8* data, int length)
{
int status;
return true;
case SSL_ERROR_WANT_READ:
- printf("SSL_ERROR_WANT_READ\n");
+ printf("%s: SSL_ERROR_WANT_READ\n", func);
return false;
case SSL_ERROR_WANT_WRITE:
- printf("SSL_ERROR_WANT_WRITE\n");
+ printf("%s: SSL_ERROR_WANT_WRITE\n", func);
return false;
case SSL_ERROR_SYSCALL:
/* Initialize the real server settings here */
client->settings->cert_file = xstrdup("server.crt");
client->settings->privatekey_file = xstrdup("server.key");
+
client->settings->nla_security = true;
+ client->settings->tls_security = false;
+ client->settings->rdp_security = false;
client->PostConnect = wf_peer_post_connect;
client->Activate = wf_peer_activate;
g_thread_count++;
}
-static void test_server_main_loop(freerdp_listener* instance)
+static void wf_server_main_loop(freerdp_listener* instance)
{
int rcount;
void* rfds[32];
if (instance->Open(instance, NULL, port))
{
/* Entering the server main loop. In a real server the listener can be run in its own thread. */
- test_server_main_loop(instance);
+ wf_server_main_loop(instance);
}
if (g_thread_count > 0)