zydronium/rdpgw
1
0
Fork 0
mirror of https://github.com/bolkedebruin/rdpgw.git synced 2025-07-26 04:18:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

Allow caps settings

Browse source
This commit is contained in:
Bolke de Bruin 2020-07-18 20:16:32 +02:00
parent cbb4c29b4d
commit 89bf784a04
2 changed files with 41 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -52,6 +52,7 @@ openId:
caps: caps:
SmartCardAuth: false SmartCardAuth: false
tokenAuth: true tokenAuth: true
# connection timeout in minutes, 0 is limitless
idleTimeout: 10 idleTimeout: 10
DisablePrinter: true DisablePrinter: true
DisablePort: true DisablePort: true

43
rdg.go
View file

@ -450,11 +450,19 @@ func readHeader(data []byte) (packetType uint16, size uint32, packet []byte, err
// HTTP_EXTENDED_AUTH_SSPI_NTLM is not supported in Linux // HTTP_EXTENDED_AUTH_SSPI_NTLM is not supported in Linux
// but could be in Windows. However the NTLM protocol is insecure // but could be in Windows. However the NTLM protocol is insecure
func handshakeResponse(major byte, minor byte, auth uint16) []byte { func handshakeResponse(major byte, minor byte, auth uint16) []byte {
var caps uint16
if conf.Caps.SmartCardAuth {
caps = caps | HTTP_EXTENDED_AUTH_PAA
}
if conf.Caps.TokenAuth {
caps = caps | HTTP_EXTENDED_AUTH_PAA
}
buf := new(bytes.Buffer) buf := new(bytes.Buffer)
binary.Write(buf, binary.LittleEndian, uint32(0)) // error_code binary.Write(buf, binary.LittleEndian, uint32(0)) // error_code
buf.Write([]byte{major, minor}) buf.Write([]byte{major, minor})
binary.Write(buf, binary.LittleEndian, uint16(0)) // server version binary.Write(buf, binary.LittleEndian, uint16(0)) // server version
binary.Write(buf, binary.LittleEndian, uint16(HTTP_EXTENDED_AUTH_PAA|HTTP_EXTENDED_AUTH_SC)) // extended auth binary.Write(buf, binary.LittleEndian, uint16(caps)) // extended auth
return createPacket(PKT_TYPE_HANDSHAKE_RESPONSE, buf.Bytes()) return createPacket(PKT_TYPE_HANDSHAKE_RESPONSE, buf.Bytes())
} }
@ -526,8 +534,37 @@ func createTunnelAuthResponse() []byte {
binary.Write(buf, binary.LittleEndian, uint16(0)) // reserved binary.Write(buf, binary.LittleEndian, uint16(0)) // reserved
// flags // flags
binary.Write(buf, binary.LittleEndian, uint32(HTTP_TUNNEL_REDIR_ENABLE_ALL)) // redir flags var redir uint32
binary.Write(buf, binary.LittleEndian, uint32(0)) // timeout in minutes if conf.Caps.RedirectAll {
redir = HTTP_TUNNEL_REDIR_ENABLE_ALL
} else if conf.Caps.DisableRedirect {
redir = HTTP_TUNNEL_REDIR_DISABLE_ALL
} else {
if conf.Caps.DisableClipboard {
redir = redir | HTTP_TUNNEL_REDIR_DISABLE_CLIPBOARD
}
if conf.Caps.DisableDrive {
redir = redir | HTTP_TUNNEL_REDIR_DISABLE_DRIVE
}
if conf.Caps.DisablePnp {
redir = redir | HTTP_TUNNEL_REDIR_DISABLE_PNP
}
if conf.Caps.DisablePrinter {
redir = redir | HTTP_TUNNEL_REDIR_DISABLE_PRINTER
}
if conf.Caps.DisablePort {
redir = redir | HTTP_TUNNEL_REDIR_DISABLE_PORT
}
}
// idle timeout
timeout := conf.Caps.IdleTimeout
if timeout < 0 {
timeout = 0
}
binary.Write(buf, binary.LittleEndian, uint32(redir)) // redir flags
binary.Write(buf, binary.LittleEndian, uint32(timeout)) // timeout in minutes
return createPacket(PKT_TYPE_TUNNEL_AUTH_RESPONSE, buf.Bytes()) return createPacket(PKT_TYPE_TUNNEL_AUTH_RESPONSE, buf.Bytes())
} }