Link to -lcrypto instead of -lssl.

[rdpsrv] / secure.c

diff --git a/secure.c b/secure.c
index 1282a7f1d096f3211435752c0961f0099d9168de..1f7797b023e73fc05601a09ad89dfe9fbc8d0ebf 100644 (file)
--- a/secure.c
+++ b/secure.c
@@ -39,12 +39,12 @@ extern uint16 mcs_userid;
 extern VCHANNEL g_channels[];
 extern unsigned int g_num_channels;
 
-static int rc4_key_len;
+int rc4_key_len;
 static RC4_KEY rc4_decrypt_key;
 static RC4_KEY rc4_encrypt_key;
 static RSA *server_public_key;
 
-static uint8 sec_sign_key[16];
+uint8 sec_sign_key[16];
 static uint8 sec_decrypt_key[16];
 static uint8 sec_encrypt_key[16];
 static uint8 sec_decrypt_update_key[16];
@@ -169,6 +169,8 @@ sec_generate_keys(uint8 * client_key, uint8 * server_key, int rc4_key_size)
                        printf("0x%02x ", sec_encrypt_key[i]);
                printf("\n");
        }
+
+       g_encryption = 1;
 }
 
 static uint8 pad_54[40] = {
@@ -252,7 +254,7 @@ sec_update(uint8 * key, uint8 * update_key)
 }
 
 /* Encrypt data using RC4 */
-static void
+void
 sec_encrypt(uint8 * data, int length)
 {
        static int use_count;
@@ -264,6 +266,8 @@ sec_encrypt(uint8 * data, int length)
                use_count = 0;
        }
 
+       printf("RC4-ing %u bytes with DECRYPT, uc=%u\n", length, use_count);
+
        RC4(&rc4_decrypt_key, length, data, data);
        use_count++;
 }
@@ -346,6 +350,7 @@ sec_init(uint32 flags, int maxlen)
                hdrlen = (flags & SEC_ENCRYPT) ? 12 : 4;
        else
                hdrlen = (flags & SEC_ENCRYPT) ? 12 : 0; 
+       printf("HDRLEN is %u\n", hdrlen);
        s = mcs_init(maxlen + hdrlen);
        s_push_layer(s, sec_hdr, hdrlen);
 
@@ -370,7 +375,7 @@ sec_send_to_channel(STREAM s, uint32 flags, uint16 channel)
                flags &= ~SEC_ENCRYPT;
                datalen = s->end - s->p - 8;
 
-#if WITH_DEBUG
+#if WITH_DEBUG && 0
                DEBUG(("Sending encrypted packet:\n"));
                hexdump(s->p + 8, datalen);
 #endif
@@ -837,7 +842,7 @@ sec_recv(void)
        uint16 channel;
        STREAM s;
 
-       while ((s = mcs_recv(&channel)) != NULL)
+       if ((s = mcs_recv(&channel)) != NULL)
        {
                if (/*g_encryption || !g_licence_issued*/ 1)
                {
@@ -860,21 +865,25 @@ sec_recv(void)
                                if (tag == LICENCE_TAG_PRESENT) {
                                        process_presented_license(s);
 
-                                       s = sec_init(sizeof(result_license), SEC_LICENCE_NEG);
-                                       out_uint8p(s, result_license, sizeof(result_license));
-                                       s_mark_end(s);
-                                       sec_send(s, SEC_LICENCE_NEG);
+                                       {
+                                               STREAM s;
+                                               s = sec_init(SEC_LICENCE_NEG, sizeof(result_license));
+                                               out_uint8p(s, result_license, sizeof(result_license));
+                                               s_mark_end(s);
+                                               sec_send(s, SEC_LICENCE_NEG);
+                                       }
                                        
-                                       //g_licence_issued = 1;
-                                       
-                                       printf("Sending DEMAND_ACTIVE (0x%x bytes)\n", sizeof(demand_active));
-                                       s = sec_init(sizeof(demand_active), SEC_ENCRYPT);
-                                       out_uint8p(s, demand_active, sizeof(demand_active));
-                                       s_mark_end(s);
-                                       sec_send(s, SEC_ENCRYPT);
+                                       {
+                                               STREAM s;
+                                               printf("Sending DEMAND_ACTIVE (0x%x bytes)\n", sizeof(demand_active));
+                                               s = sec_init(SEC_ENCRYPT, sizeof(demand_active));
+                                               out_uint8p(s, demand_active, sizeof(demand_active));
+                                               s_mark_end(s);
+                                               sec_send(s, SEC_ENCRYPT);
+                                       }
                                }
                                
-                               continue;
+                               return NULL;
                        }
 
                        if (sec_flags & SEC_LOGON_INFO) 
@@ -886,13 +895,13 @@ sec_recv(void)
                                {
                                        STREAM s;
 
-                                       s = sec_init(sizeof(demand_license), SEC_LICENCE_NEG);
+                                       s = sec_init(SEC_LICENCE_NEG, sizeof(demand_license));
                                        out_uint8p(s, demand_license, sizeof(demand_license));
                                        s_mark_end(s);
                                        sec_send(s, SEC_LICENCE_NEG);
                                }
                                
-                               continue;
+                               return NULL;
                        }
 
                        if (sec_flags & SEC_CLIENT_RANDOM) {
@@ -925,7 +934,7 @@ sec_recv(void)
 
                                // now we can generate the keys
                                sec_generate_keys(inr + SEC_RANDOM_SIZE, cacert, 1);
-                               continue;
+                               return NULL;
                        }
                }
 
@@ -933,7 +942,7 @@ sec_recv(void)
                if (channel != MCS_GLOBAL_CHANNEL)
                {
                        channel_process(s, channel);
-                       continue;
+                       return NULL;
                }
 
                return s;