2 * FreeRDP: A Remote Desktop Protocol Client
5 * Copyright 2011 Vic Lee
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
23 #include <freerdp/api.h>
24 #include <freerdp/utils/stream.h>
34 * Fast-Path packet format is defined in [MS-RDPBCGR] 2.2.9.1.2, which revises
35 * server output packets from the first byte with the goal of improving
38 * Slow-Path packet always starts with TPKT header, which has the first
39 * byte 0x03, while Fast-Path packet starts with 2 zero bits in the first
40 * two less significant bits of the first byte.
43 #define FASTPATH_MAX_PACKET_SIZE 0x3FFF
46 * The fastpath header may be two or three bytes long.
47 * This function assumes that at least two bytes are available in the stream
48 * and doesn't touch third byte.
50 uint16 fastpath_header_length(STREAM* s)
55 stream_read_uint8(s, length1);
58 return ((length1 & 0x80) != 0 ? 3 : 2);
62 * Read a Fast-Path packet header.\n
64 * @param encryptionFlags
67 uint16 fastpath_read_header(rdpFastPath* fastpath, STREAM* s)
72 stream_read_uint8(s, header);
76 fastpath->encryptionFlags = (header & 0xC0) >> 6;
77 fastpath->numberEvents = (header & 0x3C) >> 2;
80 per_read_length(s, &length);
85 INLINE void fastpath_read_update_header(STREAM* s, uint8* updateCode, uint8* fragmentation, uint8* compression)
89 stream_read_uint8(s, updateHeader);
90 *updateCode = updateHeader & 0x0F;
91 *fragmentation = (updateHeader >> 4) & 0x03;
92 *compression = (updateHeader >> 6) & 0x03;
95 INLINE void fastpath_write_update_header(STREAM* s, uint8 updateCode, uint8 fragmentation, uint8 compression)
97 uint8 updateHeader = 0;
99 updateHeader |= updateCode & 0x0F;
100 updateHeader |= (fragmentation & 0x03) << 4;
101 updateHeader |= (compression & 0x03) << 6;
102 stream_write_uint8(s, updateHeader);
105 uint16 fastpath_read_header_rdp(rdpFastPath* fastpath, STREAM* s)
110 stream_read_uint8(s, header);
112 if (fastpath != NULL)
114 fastpath->encryptionFlags = (header & 0xC0) >> 6;
115 fastpath->numberEvents = (header & 0x3C) >> 2;
118 per_read_length(s, &length);
120 return length - stream_get_length(s);
123 static void fastpath_recv_orders(rdpFastPath* fastpath, STREAM* s)
125 rdpUpdate* update = fastpath->rdp->update;
128 stream_read_uint16(s, numberOrders); /* numberOrders (2 bytes) */
130 while (numberOrders > 0)
132 update_recv_order(update, s);
137 static void fastpath_recv_update_common(rdpFastPath* fastpath, STREAM* s)
140 rdpUpdate* update = fastpath->rdp->update;
141 rdpContext* context = update->context;
143 stream_read_uint16(s, updateType); /* updateType (2 bytes) */
147 case UPDATE_TYPE_BITMAP:
148 update_read_bitmap(update, s, &update->bitmap_update);
149 IFCALL(update->BitmapUpdate, context, &update->bitmap_update);
152 case UPDATE_TYPE_PALETTE:
153 update_read_palette(update, s, &update->palette_update);
154 IFCALL(update->Palette, context, &update->palette_update);
159 static void fastpath_recv_update_synchronize(rdpFastPath* fastpath, STREAM* s)
161 stream_seek_uint16(s); /* size (2 bytes), must be set to zero */
164 static void fastpath_recv_update(rdpFastPath* fastpath, uint8 updateCode, uint32 size, STREAM* s)
166 rdpUpdate* update = fastpath->rdp->update;
167 rdpContext* context = fastpath->rdp->update->context;
168 rdpPointerUpdate* pointer = update->pointer;
172 case FASTPATH_UPDATETYPE_ORDERS:
173 fastpath_recv_orders(fastpath, s);
176 case FASTPATH_UPDATETYPE_BITMAP:
177 case FASTPATH_UPDATETYPE_PALETTE:
178 fastpath_recv_update_common(fastpath, s);
181 case FASTPATH_UPDATETYPE_SYNCHRONIZE:
182 fastpath_recv_update_synchronize(fastpath, s);
183 IFCALL(update->Synchronize, context);
186 case FASTPATH_UPDATETYPE_SURFCMDS:
187 update_recv_surfcmds(update, size, s);
190 case FASTPATH_UPDATETYPE_PTR_NULL:
191 pointer->pointer_system.type = SYSPTR_NULL;
192 IFCALL(pointer->PointerSystem, context, &pointer->pointer_system);
195 case FASTPATH_UPDATETYPE_PTR_DEFAULT:
196 update->pointer->pointer_system.type = SYSPTR_DEFAULT;
197 IFCALL(pointer->PointerSystem, context, &pointer->pointer_system);
200 case FASTPATH_UPDATETYPE_PTR_POSITION:
201 update_read_pointer_position(s, &pointer->pointer_position);
202 IFCALL(pointer->PointerPosition, context, &pointer->pointer_position);
205 case FASTPATH_UPDATETYPE_COLOR:
206 update_read_pointer_color(s, &pointer->pointer_color);
207 IFCALL(pointer->PointerColor, context, &pointer->pointer_color);
210 case FASTPATH_UPDATETYPE_CACHED:
211 update_read_pointer_cached(s, &pointer->pointer_cached);
212 IFCALL(pointer->PointerCached, context, &pointer->pointer_cached);
215 case FASTPATH_UPDATETYPE_POINTER:
216 update_read_pointer_new(s, &pointer->pointer_new);
217 IFCALL(pointer->PointerNew, context, &pointer->pointer_new);
221 DEBUG_WARN("unknown updateCode 0x%X", updateCode);
226 static void fastpath_recv_update_data(rdpFastPath* fastpath, STREAM* s)
234 uint8 compressionFlags;
235 STREAM* update_stream;
243 fastpath_read_update_header(s, &updateCode, &fragmentation, &compression);
245 if (compression == FASTPATH_OUTPUT_COMPRESSION_USED)
246 stream_read_uint8(s, compressionFlags);
248 compressionFlags = 0;
250 stream_read_uint16(s, size);
251 next_pos = stream_get_pos(s) + size;
254 if (compressionFlags & PACKET_COMPRESSED)
256 if (decompress_rdp(rdp, s->p, size, compressionFlags, &roff, &rlen))
258 comp_stream = stream_new(0);
259 comp_stream->data = rdp->mppc->history_buf + roff;
260 comp_stream->p = comp_stream->data;
261 comp_stream->size = rlen;
262 size = comp_stream->size;
266 printf("decompress_rdp() failed\n");
267 stream_seek(s, size);
271 update_stream = NULL;
272 if (fragmentation == FASTPATH_FRAGMENT_SINGLE)
275 update_stream = comp_stream;
279 if (fragmentation == FASTPATH_FRAGMENT_FIRST)
280 stream_set_pos(fastpath->updateData, 0);
282 stream_check_size(fastpath->updateData, size);
283 stream_copy(fastpath->updateData, comp_stream, size);
285 if (fragmentation == FASTPATH_FRAGMENT_LAST)
287 update_stream = fastpath->updateData;
288 totalSize = stream_get_length(update_stream);
289 stream_set_pos(update_stream, 0);
294 fastpath_recv_update(fastpath, updateCode, totalSize, update_stream);
296 stream_set_pos(s, next_pos);
298 if (comp_stream != s)
302 boolean fastpath_recv_updates(rdpFastPath* fastpath, STREAM* s)
304 rdpUpdate* update = fastpath->rdp->update;
306 IFCALL(update->BeginPaint, update->context);
308 while (stream_get_left(s) >= 3)
310 fastpath_recv_update_data(fastpath, s);
313 IFCALL(update->EndPaint, update->context);
318 static boolean fastpath_read_input_event_header(STREAM* s, uint8* eventFlags, uint8* eventCode)
322 if (stream_get_left(s) < 1)
325 stream_read_uint8(s, eventHeader); /* eventHeader (1 byte) */
327 *eventFlags = (eventHeader & 0x1F);
328 *eventCode = (eventHeader >> 5);
333 static boolean fastpath_recv_input_event_scancode(rdpFastPath* fastpath, STREAM* s, uint8 eventFlags)
338 if (stream_get_left(s) < 1)
341 stream_read_uint8(s, code); /* keyCode (1 byte) */
344 if ((eventFlags & FASTPATH_INPUT_KBDFLAGS_RELEASE))
345 flags |= KBD_FLAGS_RELEASE;
347 flags |= KBD_FLAGS_DOWN;
349 if ((eventFlags & FASTPATH_INPUT_KBDFLAGS_EXTENDED))
350 flags |= KBD_FLAGS_EXTENDED;
352 IFCALL(fastpath->rdp->input->KeyboardEvent, fastpath->rdp->input, flags, code);
357 static boolean fastpath_recv_input_event_mouse(rdpFastPath* fastpath, STREAM* s, uint8 eventFlags)
363 if (stream_get_left(s) < 6)
366 stream_read_uint16(s, pointerFlags); /* pointerFlags (2 bytes) */
367 stream_read_uint16(s, xPos); /* xPos (2 bytes) */
368 stream_read_uint16(s, yPos); /* yPos (2 bytes) */
370 IFCALL(fastpath->rdp->input->MouseEvent, fastpath->rdp->input, pointerFlags, xPos, yPos);
375 static boolean fastpath_recv_input_event_mousex(rdpFastPath* fastpath, STREAM* s, uint8 eventFlags)
381 if (stream_get_left(s) < 6)
384 stream_read_uint16(s, pointerFlags); /* pointerFlags (2 bytes) */
385 stream_read_uint16(s, xPos); /* xPos (2 bytes) */
386 stream_read_uint16(s, yPos); /* yPos (2 bytes) */
388 IFCALL(fastpath->rdp->input->ExtendedMouseEvent, fastpath->rdp->input, pointerFlags, xPos, yPos);
393 static boolean fastpath_recv_input_event_sync(rdpFastPath* fastpath, STREAM* s, uint8 eventFlags)
395 IFCALL(fastpath->rdp->input->SynchronizeEvent, fastpath->rdp->input, eventFlags);
400 static boolean fastpath_recv_input_event_unicode(rdpFastPath* fastpath, STREAM* s, uint8 eventFlags)
405 if (stream_get_left(s) < 2)
408 stream_read_uint16(s, unicodeCode); /* unicodeCode (2 bytes) */
411 if ((eventFlags & FASTPATH_INPUT_KBDFLAGS_RELEASE))
412 flags |= KBD_FLAGS_RELEASE;
414 flags |= KBD_FLAGS_DOWN;
416 IFCALL(fastpath->rdp->input->UnicodeKeyboardEvent, fastpath->rdp->input, flags, unicodeCode);
421 static boolean fastpath_recv_input_event(rdpFastPath* fastpath, STREAM* s)
426 if (!fastpath_read_input_event_header(s, &eventFlags, &eventCode))
431 case FASTPATH_INPUT_EVENT_SCANCODE:
432 if (!fastpath_recv_input_event_scancode(fastpath, s, eventFlags))
436 case FASTPATH_INPUT_EVENT_MOUSE:
437 if (!fastpath_recv_input_event_mouse(fastpath, s, eventFlags))
441 case FASTPATH_INPUT_EVENT_MOUSEX:
442 if (!fastpath_recv_input_event_mousex(fastpath, s, eventFlags))
446 case FASTPATH_INPUT_EVENT_SYNC:
447 if (!fastpath_recv_input_event_sync(fastpath, s, eventFlags))
451 case FASTPATH_INPUT_EVENT_UNICODE:
452 if (!fastpath_recv_input_event_unicode(fastpath, s, eventFlags))
457 printf("Unknown eventCode %d\n", eventCode);
464 boolean fastpath_recv_inputs(rdpFastPath* fastpath, STREAM* s)
468 if (fastpath->numberEvents == 0)
471 * If numberEvents is not provided in fpInputHeader, it will be provided
472 * as one additional byte here.
475 if (stream_get_left(s) < 1)
478 stream_read_uint8(s, fastpath->numberEvents); /* eventHeader (1 byte) */
481 for (i = 0; i < fastpath->numberEvents; i++)
483 if (!fastpath_recv_input_event(fastpath, s))
490 static uint32 fastpath_get_sec_bytes(rdpRdp* rdp)
497 if (rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS)
505 STREAM* fastpath_input_pdu_init(rdpFastPath* fastpath, uint8 eventFlags, uint8 eventCode)
512 s = transport_send_stream_init(rdp->transport, 256);
513 stream_seek(s, 3); /* fpInputHeader, length1 and length2 */
515 rdp->sec_flags |= SEC_ENCRYPT;
516 if (rdp->do_secure_checksum)
517 rdp->sec_flags |= SEC_SECURE_CHECKSUM;
519 stream_seek(s, fastpath_get_sec_bytes(rdp));
520 stream_write_uint8(s, eventFlags | (eventCode << 5)); /* eventHeader (1 byte) */
524 boolean fastpath_send_input_pdu(rdpFastPath* fastpath, STREAM* s)
533 length = stream_get_length(s);
536 printf("Maximum FastPath PDU length is 127\n");
540 eventHeader = FASTPATH_INPUT_ACTION_FASTPATH;
541 eventHeader |= (1 << 2); /* numberEvents */
542 if (rdp->sec_flags & SEC_ENCRYPT)
543 eventHeader |= (FASTPATH_INPUT_ENCRYPTED << 6);
544 if (rdp->sec_flags & SEC_SECURE_CHECKSUM)
545 eventHeader |= (FASTPATH_INPUT_SECURE_CHECKSUM << 6);
547 stream_set_pos(s, 0);
548 stream_write_uint8(s, eventHeader);
549 sec_bytes = fastpath_get_sec_bytes(fastpath->rdp);
551 * We always encode length in two bytes, eventhough we could use
552 * only one byte if length <= 0x7F. It is just easier that way,
553 * because we can leave room for fixed-length header, store all
554 * the data first and then store the header.
556 stream_write_uint16_be(s, 0x8000 | (length + sec_bytes));
562 ptr = stream_get_tail(s) + sec_bytes;
563 if (rdp->sec_flags & SEC_SECURE_CHECKSUM)
564 security_salted_mac_signature(rdp, ptr, length - 3, true, stream_get_tail(s));
566 security_mac_signature(rdp, ptr, length - 3, stream_get_tail(s));
567 security_encrypt(ptr, length - 3, rdp);
572 stream_set_pos(s, length + sec_bytes);
573 if (transport_write(fastpath->rdp->transport, s) < 0)
579 STREAM* fastpath_update_pdu_init(rdpFastPath* fastpath)
582 s = transport_send_stream_init(fastpath->rdp->transport, FASTPATH_MAX_PACKET_SIZE);
583 stream_seek(s, 3); /* fpOutputHeader, length1 and length2 */
584 stream_seek(s, fastpath_get_sec_bytes(fastpath->rdp));
585 stream_seek(s, 3); /* updateHeader, size */
589 boolean fastpath_send_update_pdu(rdpFastPath* fastpath, uint8 updateCode, STREAM* s)
608 sec_bytes = fastpath_get_sec_bytes(rdp);
609 maxLength = FASTPATH_MAX_PACKET_SIZE - 6 - sec_bytes;
610 totalLength = stream_get_length(s) - 6 - sec_bytes;
611 stream_set_pos(s, 0);
612 update = stream_new(0);
614 for (fragment = 0; totalLength > 0; fragment++)
616 length = MIN(maxLength, totalLength);
617 totalLength -= length;
618 pduLength = length + 6 + sec_bytes;
620 if (totalLength == 0)
621 fragmentation = (fragment == 0) ? FASTPATH_FRAGMENT_SINGLE : FASTPATH_FRAGMENT_LAST;
623 fragmentation = (fragment == 0) ? FASTPATH_FRAGMENT_FIRST : FASTPATH_FRAGMENT_NEXT;
625 stream_get_mark(s, bm);
628 header |= (FASTPATH_OUTPUT_ENCRYPTED << 6);
629 stream_write_uint8(s, header); /* fpOutputHeader (1 byte) */
630 stream_write_uint8(s, 0x80 | (pduLength >> 8)); /* length1 */
631 stream_write_uint8(s, pduLength & 0xFF); /* length2 */
633 stream_seek(s, sec_bytes);
634 fastpath_write_update_header(s, updateCode, fragmentation, 0);
635 stream_write_uint16(s, length);
637 stream_attach(update, bm, pduLength);
638 stream_seek(update, pduLength);
641 ptr = bm + 3 + sec_bytes;
642 if (rdp->sec_flags & SEC_SECURE_CHECKSUM)
643 security_salted_mac_signature(rdp, ptr, length + 3, true, bm + 3);
645 security_mac_signature(rdp, ptr, length + 3, bm + 3);
646 security_encrypt(ptr, length + 3, rdp);
648 if (transport_write(fastpath->rdp->transport, update) < 0)
650 stream_detach(update);
654 stream_detach(update);
656 /* Reserve 6+sec_bytes bytes for the next fragment header, if any. */
657 stream_seek(s, length - 6 - sec_bytes);
665 rdpFastPath* fastpath_new(rdpRdp* rdp)
667 rdpFastPath* fastpath;
669 fastpath = xnew(rdpFastPath);
671 fastpath->updateData = stream_new(4096);
676 void fastpath_free(rdpFastPath* fastpath)
678 stream_free(fastpath->updateData);