nego.h File Reference
#include "transport.h"#include <freerdp/types.h>#include <freerdp/settings.h>#include <freerdp/log.h>#include <freerdp/api.h>#include <winpr/stream.h>
This graph shows which files directly or indirectly include this file:
Macros | |
| #define | PROTOCOL_RDP 0x00000000 |
| #define | PROTOCOL_SSL 0x00000001 |
| #define | PROTOCOL_HYBRID 0x00000002 |
| #define | PROTOCOL_RDSTLS 0x00000004 |
| #define | PROTOCOL_HYBRID_EX 0x00000008 |
| #define | PROTOCOL_RDSAAD 0x00000010 |
| #define | PROTOCOL_FAILED_NEGO 0x80000000 /* only used internally, not on the wire */ |
| #define | PRECONNECTION_PDU_V1_SIZE 16 |
| #define | PRECONNECTION_PDU_V2_MIN_SIZE (PRECONNECTION_PDU_V1_SIZE + 2) |
| #define | PRECONNECTION_PDU_V1 1 |
| #define | PRECONNECTION_PDU_V2 2 |
| #define | RESTRICTED_ADMIN_MODE_REQUIRED 0x01 |
| #define | REDIRECTED_AUTHENTICATION_MODE_REQUIRED 0x02 |
| #define | CORRELATION_INFO_PRESENT 0x08 |
Enumerations | |
| enum | RDP_NEG_FAILURE_FAILURECODES { SSL_REQUIRED_BY_SERVER = 0x00000001 , SSL_NOT_ALLOWED_BY_SERVER = 0x00000002 , SSL_CERT_NOT_ON_SERVER = 0x00000003 , INCONSISTENT_FLAGS = 0x00000004 , HYBRID_REQUIRED_BY_SERVER = 0x00000005 , SSL_WITH_USER_AUTH_REQUIRED_BY_SERVER = 0x00000006 } |
| enum | NEGO_STATE { NEGO_STATE_INITIAL , NEGO_STATE_RDSTLS , NEGO_STATE_AAD , NEGO_STATE_EXT , NEGO_STATE_NLA , NEGO_STATE_TLS , NEGO_STATE_RDP , NEGO_STATE_FAIL , NEGO_STATE_FINAL } |
| enum | RDP_NEG_MSG { TYPE_RDP_NEG_REQ = 0x1 , TYPE_RDP_NEG_RSP = 0x2 , TYPE_RDP_NEG_FAILURE = 0x3 , TYPE_RDP_CORRELATION_INFO = 0x6 } |
| enum | RdpNegRespFlags { EXTENDED_CLIENT_DATA_SUPPORTED = 0x01 , DYNVC_GFX_PROTOCOL_SUPPORTED = 0x02 , RDP_NEGRSP_RESERVED = 0x04 , RESTRICTED_ADMIN_MODE_SUPPORTED = 0x08 , REDIRECTED_AUTHENTICATION_MODE_SUPPORTED = 0x10 } |
Functions | |
| FREERDP_LOCAL BOOL | nego_connect (rdpNego *nego) |
| FREERDP_LOCAL BOOL | nego_disconnect (rdpNego *nego) |
| FREERDP_LOCAL int | nego_recv (rdpTransport *transport, wStream *s, void *extra) |
| FREERDP_LOCAL BOOL | nego_read_request (rdpNego *nego, wStream *s) |
| FREERDP_LOCAL BOOL | nego_send_negotiation_request (rdpNego *nego) |
| FREERDP_LOCAL BOOL | nego_send_negotiation_response (rdpNego *nego) |
| FREERDP_LOCAL void | nego_free (rdpNego *nego) |
| FREERDP_LOCAL rdpNego * | nego_new (rdpTransport *transport) |
| FREERDP_LOCAL void | nego_init (rdpNego *nego) |
| FREERDP_LOCAL BOOL | nego_set_target (rdpNego *nego, const char *hostname, UINT16 port) |
| FREERDP_LOCAL void | nego_set_negotiation_enabled (rdpNego *nego, BOOL NegotiateSecurityLayer) |
| FREERDP_LOCAL void | nego_set_restricted_admin_mode_required (rdpNego *nego, BOOL RestrictedAdminModeRequired) |
| FREERDP_LOCAL void | nego_set_RCG_required (rdpNego *nego, BOOL enabled) |
| FREERDP_LOCAL void | nego_set_RCG_supported (rdpNego *nego, BOOL enabled) |
| FREERDP_LOCAL BOOL | nego_get_remoteCredentialGuard (rdpNego *nego) |
| FREERDP_LOCAL void | nego_set_childsession_enabled (rdpNego *nego, BOOL ChildSessionEnabled) |
| FREERDP_LOCAL void | nego_set_gateway_enabled (rdpNego *nego, BOOL GatewayEnabled) |
| FREERDP_LOCAL void | nego_set_gateway_bypass_local (rdpNego *nego, BOOL GatewayBypassLocal) |
| FREERDP_LOCAL void | nego_enable_rdp (rdpNego *nego, BOOL enable_rdp) |
| FREERDP_LOCAL void | nego_enable_tls (rdpNego *nego, BOOL enable_tls) |
| FREERDP_LOCAL void | nego_enable_nla (rdpNego *nego, BOOL enable_nla) |
| FREERDP_LOCAL void | nego_enable_rdstls (rdpNego *nego, BOOL enable_rdstls) |
| FREERDP_LOCAL void | nego_enable_aad (rdpNego *nego, BOOL enable_aad) |
| FREERDP_LOCAL void | nego_enable_ext (rdpNego *nego, BOOL enable_ext) |
| FREERDP_LOCAL const BYTE * | nego_get_routing_token (rdpNego *nego, DWORD *RoutingTokenLength) |
| FREERDP_LOCAL BOOL | nego_set_routing_token (rdpNego *nego, const void *RoutingToken, DWORD RoutingTokenLength) |
| FREERDP_LOCAL BOOL | nego_set_cookie (rdpNego *nego, const char *cookie) |
| FREERDP_LOCAL void | nego_set_cookie_max_length (rdpNego *nego, UINT32 CookieMaxLength) |
| FREERDP_LOCAL void | nego_set_send_preconnection_pdu (rdpNego *nego, BOOL SendPreconnectionPdu) |
| FREERDP_LOCAL void | nego_set_preconnection_id (rdpNego *nego, UINT32 PreconnectionId) |
| FREERDP_LOCAL void | nego_set_preconnection_blob (rdpNego *nego, const char *PreconnectionBlob) |
| FREERDP_LOCAL UINT32 | nego_get_selected_protocol (rdpNego *nego) |
| FREERDP_LOCAL BOOL | nego_set_selected_protocol (rdpNego *nego, UINT32 SelectedProtocol) |
| FREERDP_LOCAL UINT32 | nego_get_requested_protocols (rdpNego *nego) |
| FREERDP_LOCAL BOOL | nego_set_requested_protocols (rdpNego *nego, UINT32 RequestedProtocols) |
| FREERDP_LOCAL BOOL | nego_update_settings_from_state (rdpNego *nego, rdpSettings *settings) |
| FREERDP_LOCAL BOOL | nego_set_state (rdpNego *nego, NEGO_STATE state) |
| FREERDP_LOCAL NEGO_STATE | nego_get_state (rdpNego *nego) |
| FREERDP_LOCAL SEC_WINNT_AUTH_IDENTITY * | nego_get_identity (rdpNego *nego) |
| FREERDP_LOCAL void | nego_free_nla (rdpNego *nego) |
Macro Definition Documentation
◆ CORRELATION_INFO_PRESENT
| #define CORRELATION_INFO_PRESENT 0x08 |
◆ PRECONNECTION_PDU_V1
| #define PRECONNECTION_PDU_V1 1 |
◆ PRECONNECTION_PDU_V1_SIZE
| #define PRECONNECTION_PDU_V1_SIZE 16 |
◆ PRECONNECTION_PDU_V2
| #define PRECONNECTION_PDU_V2 2 |
◆ PRECONNECTION_PDU_V2_MIN_SIZE
| #define PRECONNECTION_PDU_V2_MIN_SIZE (PRECONNECTION_PDU_V1_SIZE + 2) |
◆ PROTOCOL_FAILED_NEGO
| #define PROTOCOL_FAILED_NEGO 0x80000000 /* only used internally, not on the wire */ |
◆ PROTOCOL_HYBRID
| #define PROTOCOL_HYBRID 0x00000002 |
◆ PROTOCOL_HYBRID_EX
| #define PROTOCOL_HYBRID_EX 0x00000008 |
◆ PROTOCOL_RDP
| #define PROTOCOL_RDP 0x00000000 |
FreeRDP: A Remote Desktop Protocol Implementation RDP Protocol Security Negotiation
Copyright 2011-2012 Marc-Andre Moreau marcandre.moreau@gmail.com
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
◆ PROTOCOL_RDSAAD
| #define PROTOCOL_RDSAAD 0x00000010 |
◆ PROTOCOL_RDSTLS
| #define PROTOCOL_RDSTLS 0x00000004 |
◆ PROTOCOL_SSL
| #define PROTOCOL_SSL 0x00000001 |
◆ REDIRECTED_AUTHENTICATION_MODE_REQUIRED
| #define REDIRECTED_AUTHENTICATION_MODE_REQUIRED 0x02 |
◆ RESTRICTED_ADMIN_MODE_REQUIRED
| #define RESTRICTED_ADMIN_MODE_REQUIRED 0x01 |
Enumeration Type Documentation
◆ NEGO_STATE
| enum NEGO_STATE |
◆ RDP_NEG_FAILURE_FAILURECODES
◆ RDP_NEG_MSG
| enum RDP_NEG_MSG |
◆ RdpNegRespFlags
| enum RdpNegRespFlags |
Function Documentation
◆ nego_connect()
| FREERDP_LOCAL BOOL nego_connect | ( | rdpNego * | nego | ) |
Negotiate protocol security and connect.
- Parameters
-
nego A pointer to the NEGO struct
- Returns
- TRUE for success, FALSE otherwise
Advertise all supported encryption methods if the client implementation did not set any security methods
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_disconnect()
| FREERDP_LOCAL BOOL nego_disconnect | ( | rdpNego * | nego | ) |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_enable_aad()
| FREERDP_LOCAL void nego_enable_aad | ( | rdpNego * | nego, |
| BOOL | enable_aad | ||
| ) |
Enable RDS AAD security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_aad whether to enable RDS AAD Auth protocol (TRUE for enabled, FALSE for disabled)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_enable_ext()
| FREERDP_LOCAL void nego_enable_ext | ( | rdpNego * | nego, |
| BOOL | enable_ext | ||
| ) |
Enable NLA extended security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_ext whether to enable network level authentication extended protocol (TRUE for enabled, FALSE for disabled)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_enable_nla()
| FREERDP_LOCAL void nego_enable_nla | ( | rdpNego * | nego, |
| BOOL | enable_nla | ||
| ) |
Enable NLA security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_nla whether to enable network level authentication protocol (TRUE for enabled, FALSE for disabled)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_enable_rdp()
| FREERDP_LOCAL void nego_enable_rdp | ( | rdpNego * | nego, |
| BOOL | enable_rdp | ||
| ) |
Enable RDP security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_rdp whether to enable normal RDP protocol (TRUE for enabled, FALSE for disabled)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_enable_rdstls()
| FREERDP_LOCAL void nego_enable_rdstls | ( | rdpNego * | nego, |
| BOOL | enable_rdstls | ||
| ) |
Enable RDSTLS security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_rdstls whether to enable RDSTLS protocol (TRUE for enabled, FALSE for disabled)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_enable_tls()
| FREERDP_LOCAL void nego_enable_tls | ( | rdpNego * | nego, |
| BOOL | enable_tls | ||
| ) |
Enable TLS security protocol.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure enable_tls whether to enable TLS + RDP protocol (TRUE for enabled, FALSE for disabled)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_free()
| FREERDP_LOCAL void nego_free | ( | rdpNego * | nego | ) |
Free NEGO state machine.
- Parameters
-
nego A pointer to the NEGO struct
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_free_nla()
| FREERDP_LOCAL void nego_free_nla | ( | rdpNego * | nego | ) |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_get_identity()
| FREERDP_LOCAL SEC_WINNT_AUTH_IDENTITY* nego_get_identity | ( | rdpNego * | nego | ) |
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_get_remoteCredentialGuard()
| FREERDP_LOCAL BOOL nego_get_remoteCredentialGuard | ( | rdpNego * | nego | ) |
Here is the caller graph for this function:
◆ nego_get_requested_protocols()
| FREERDP_LOCAL UINT32 nego_get_requested_protocols | ( | rdpNego * | nego | ) |
Here is the caller graph for this function:
◆ nego_get_routing_token()
| FREERDP_LOCAL const BYTE* nego_get_routing_token | ( | rdpNego * | nego, |
| DWORD * | RoutingTokenLength | ||
| ) |
Here is the caller graph for this function:
◆ nego_get_selected_protocol()
| FREERDP_LOCAL UINT32 nego_get_selected_protocol | ( | rdpNego * | nego | ) |
Here is the caller graph for this function:
◆ nego_get_state()
| FREERDP_LOCAL NEGO_STATE nego_get_state | ( | rdpNego * | nego | ) |
Here is the caller graph for this function:
◆ nego_init()
| FREERDP_LOCAL void nego_init | ( | rdpNego * | nego | ) |
Initialize NEGO state machine.
- Parameters
-
nego A pointer to the NEGO struct
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_new()
| FREERDP_LOCAL rdpNego* nego_new | ( | rdpTransport * | transport | ) |
Create a new NEGO state machine instance.
- Parameters
-
transport The transport to use
- Returns
- A pointer to the allocated NEGO instance or NULL
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_read_request()
| FREERDP_LOCAL BOOL nego_read_request | ( | rdpNego * | nego, |
| wStream * | s | ||
| ) |
Read protocol security negotiation request message.
- Parameters
-
nego A pointer to the NEGO struct s A stream to read from
- Returns
- TRUE for success, FALSE for failure
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_recv()
| FREERDP_LOCAL int nego_recv | ( | rdpTransport * | transport, |
| wStream * | s, | ||
| void * | extra | ||
| ) |
Receive protocol security negotiation message. msdn{cc240501}
- Parameters
-
transport The transport to read from s A stream to read the received data from extra nego pointer
- Returns
- 0 for success, -1 for failure
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_send_negotiation_request()
| FREERDP_LOCAL BOOL nego_send_negotiation_request | ( | rdpNego * | nego | ) |
Send RDP Negotiation Request (RDP_NEG_REQ). msdn{cc240500} msdn{cc240470}
- Parameters
-
nego A pointer to the NEGO struct
- Returns
- TRUE for success, FALSE otherwise
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_send_negotiation_response()
| FREERDP_LOCAL BOOL nego_send_negotiation_response | ( | rdpNego * | nego | ) |
Send RDP Negotiation Response (RDP_NEG_RSP).
- Parameters
-
nego A pointer to the NEGO struct
If the server implementation did not explicitely set a encryption level we default to client compatible
Note: This hack was firstly introduced in commit 95f5e115 to disable the unnecessary encryption with peers connecting to 127.0.0.1 or local unix sockets. This also affects connections via port tunnels! (e.g. ssh -L)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_set_childsession_enabled()
| FREERDP_LOCAL void nego_set_childsession_enabled | ( | rdpNego * | nego, |
| BOOL | ChildSessionEnabled | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_cookie()
| FREERDP_LOCAL BOOL nego_set_cookie | ( | rdpNego * | nego, |
| const char * | cookie | ||
| ) |
Set cookie.
- Parameters
-
nego A pointer to the NEGO struct cookie A pointer to the cookie string
- Returns
- TRUE for success, FALSE otherwise
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_set_cookie_max_length()
| FREERDP_LOCAL void nego_set_cookie_max_length | ( | rdpNego * | nego, |
| UINT32 | CookieMaxLength | ||
| ) |
Set cookie maximum length
- Parameters
-
nego A pointer to the NEGO struct CookieMaxLength the length to set
Here is the caller graph for this function:
◆ nego_set_gateway_bypass_local()
| FREERDP_LOCAL void nego_set_gateway_bypass_local | ( | rdpNego * | nego, |
| BOOL | GatewayBypassLocal | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_gateway_enabled()
| FREERDP_LOCAL void nego_set_gateway_enabled | ( | rdpNego * | nego, |
| BOOL | GatewayEnabled | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_negotiation_enabled()
| FREERDP_LOCAL void nego_set_negotiation_enabled | ( | rdpNego * | nego, |
| BOOL | NegotiateSecurityLayer | ||
| ) |
Enable security layer negotiation.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure NegotiateSecurityLayer whether to enable security layer negotiation (TRUE for enabled, FALSE for disabled)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_set_preconnection_blob()
| FREERDP_LOCAL void nego_set_preconnection_blob | ( | rdpNego * | nego, |
| const char * | PreconnectionBlob | ||
| ) |
Set preconnection blob.
- Parameters
-
nego A pointer to the NEGO struct PreconnectionBlob A pointer to the blob to use
Here is the caller graph for this function:
◆ nego_set_preconnection_id()
| FREERDP_LOCAL void nego_set_preconnection_id | ( | rdpNego * | nego, |
| UINT32 | PreconnectionId | ||
| ) |
Set preconnection id.
- Parameters
-
nego A pointer to the NEGO struct PreconnectionId the ID to set
Here is the caller graph for this function:
◆ nego_set_RCG_required()
| FREERDP_LOCAL void nego_set_RCG_required | ( | rdpNego * | nego, |
| BOOL | enabled | ||
| ) |
Here is the call graph for this function:
◆ nego_set_RCG_supported()
| FREERDP_LOCAL void nego_set_RCG_supported | ( | rdpNego * | nego, |
| BOOL | enabled | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_requested_protocols()
| FREERDP_LOCAL BOOL nego_set_requested_protocols | ( | rdpNego * | nego, |
| UINT32 | RequestedProtocols | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_restricted_admin_mode_required()
| FREERDP_LOCAL void nego_set_restricted_admin_mode_required | ( | rdpNego * | nego, |
| BOOL | RestrictedAdminModeRequired | ||
| ) |
Enable restricted admin mode.
- Parameters
-
nego A pointer to the NEGO struct pointer to the negotiation structure RestrictedAdminModeRequired whether to enable security layer negotiation (TRUE for enabled, FALSE for disabled)
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_set_routing_token()
| FREERDP_LOCAL BOOL nego_set_routing_token | ( | rdpNego * | nego, |
| const void * | RoutingToken, | ||
| DWORD | RoutingTokenLength | ||
| ) |
Set routing token.
- Parameters
-
nego A pointer to the NEGO struct RoutingToken A pointer to the routing token RoutingTokenLength The lenght of the routing token
- Returns
- TRUE for success, FALSE otherwise
Here is the call graph for this function:
Here is the caller graph for this function:
◆ nego_set_selected_protocol()
| FREERDP_LOCAL BOOL nego_set_selected_protocol | ( | rdpNego * | nego, |
| UINT32 | SelectedProtocol | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_send_preconnection_pdu()
| FREERDP_LOCAL void nego_set_send_preconnection_pdu | ( | rdpNego * | nego, |
| BOOL | SendPreconnectionPdu | ||
| ) |
Enable / disable preconnection PDU.
- Parameters
-
nego A pointer to the NEGO struct SendPreconnectionPdu The value to set
Here is the caller graph for this function:
◆ nego_set_state()
| FREERDP_LOCAL BOOL nego_set_state | ( | rdpNego * | nego, |
| NEGO_STATE | state | ||
| ) |
Here is the caller graph for this function:
◆ nego_set_target()
| FREERDP_LOCAL BOOL nego_set_target | ( | rdpNego * | nego, |
| const char * | hostname, | ||
| UINT16 | port | ||
| ) |
Set target hostname and port.
- Parameters
-
nego A pointer to the NEGO struct hostname The hostname to set port The port to set
- Returns
- TRUE for success, FALSE otherwise
Here is the caller graph for this function:
◆ nego_update_settings_from_state()
| FREERDP_LOCAL BOOL nego_update_settings_from_state | ( | rdpNego * | nego, |
| rdpSettings * | settings | ||
| ) |
Here is the call graph for this function:
Here is the caller graph for this function:
