自学教程：C++ winpr_HexDump函数代码示例

void license_write_new_license_request_packet(rdpLicense* license, wStream* s){	UINT32 PlatformId;	UINT32 PreferredKeyExchangeAlg = KEY_EXCHANGE_ALG_RSA;	PlatformId = CLIENT_OS_ID_WINNT_POST_52 | CLIENT_IMAGE_ID_MICROSOFT;	Stream_Write_UINT32(s, PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */	Stream_Write_UINT32(s, PlatformId); /* PlatformId (4 bytes) */	Stream_Write(s, license->ClientRandom, 32); /* ClientRandom (32 bytes) */	license_write_encrypted_premaster_secret_blob(s, license->EncryptedPremasterSecret, license->ModulusLength); /* EncryptedPremasterSecret */	license_write_binary_blob(s, license->ClientUserName); /* ClientUserName */	license_write_binary_blob(s, license->ClientMachineName); /* ClientMachineName */#ifdef WITH_DEBUG_LICENSE	fprintf(stderr, "PreferredKeyExchangeAlg: 0x%08X/n", PreferredKeyExchangeAlg);	fprintf(stderr, "/n");	fprintf(stderr, "ClientRandom:/n");	winpr_HexDump(license->ClientRandom, 32);	fprintf(stderr, "/n");	fprintf(stderr, "EncryptedPremasterSecret/n");	winpr_HexDump(license->EncryptedPremasterSecret->data, license->EncryptedPremasterSecret->length);	fprintf(stderr, "/n");	fprintf(stderr, "ClientUserName (%d): %s/n", license->ClientUserName->length, (char*) license->ClientUserName->data);	fprintf(stderr, "/n");	fprintf(stderr, "ClientMachineName (%d): %s/n", license->ClientMachineName->length, (char*) license->ClientMachineName->data);	fprintf(stderr, "/n");#endif}

BOOL license_write_new_license_request_packet(rdpLicense* license, wStream* s){	UINT32 PlatformId;	UINT32 PreferredKeyExchangeAlg = KEY_EXCHANGE_ALG_RSA;	PlatformId = CLIENT_OS_ID_WINNT_POST_52 | CLIENT_IMAGE_ID_MICROSOFT;	Stream_Write_UINT32(s, PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */	Stream_Write_UINT32(s, PlatformId); /* PlatformId (4 bytes) */	Stream_Write(s, license->ClientRandom, 32); /* ClientRandom (32 bytes) */		/* EncryptedPremasterSecret */	if (!license_write_encrypted_premaster_secret_blob(s, license->EncryptedPremasterSecret, license->ModulusLength) ||		/* ClientUserName */		!license_write_binary_blob(s, license->ClientUserName) ||		/* ClientMachineName */		!license_write_binary_blob(s, license->ClientMachineName))	{		return FALSE;	}#ifdef WITH_DEBUG_LICENSE	WLog_DBG(TAG, "PreferredKeyExchangeAlg: 0x%08X", PreferredKeyExchangeAlg);	WLog_DBG(TAG, "ClientRandom:");	winpr_HexDump(TAG, WLOG_DEBUG, license->ClientRandom, 32);	WLog_DBG(TAG, "EncryptedPremasterSecret");	winpr_HexDump(TAG, WLOG_DEBUG, license->EncryptedPremasterSecret->data, license->EncryptedPremasterSecret->length);	WLog_DBG(TAG, "ClientUserName (%d): %s", license->ClientUserName->length, (char*) license->ClientUserName->data);	WLog_DBG(TAG, "ClientMachineName (%d): %s", license->ClientMachineName->length, (char*) license->ClientMachineName->data);#endif	return TRUE;}

BOOL license_encrypt_premaster_secret(rdpLicense* license){	BYTE* EncryptedPremasterSecret;	if (!license_get_server_rsa_public_key(license))		return FALSE;#ifdef WITH_DEBUG_LICENSE	WLog_DBG(TAG, "Modulus (%d bits):", license->ModulusLength * 8);	winpr_HexDump(TAG, WLOG_DEBUG, license->Modulus, license->ModulusLength);	WLog_DBG(TAG, "Exponent:");	winpr_HexDump(TAG, WLOG_DEBUG, license->Exponent, 4);#endif	EncryptedPremasterSecret = (BYTE*) calloc(1, license->ModulusLength);	if (!EncryptedPremasterSecret)		return FALSE;	license->EncryptedPremasterSecret->type = BB_RANDOM_BLOB;	license->EncryptedPremasterSecret->length = PREMASTER_SECRET_LENGTH;#ifndef LICENSE_NULL_PREMASTER_SECRET	license->EncryptedPremasterSecret->length =		crypto_rsa_public_encrypt(license->PremasterSecret, PREMASTER_SECRET_LENGTH,			license->ModulusLength, license->Modulus, license->Exponent, EncryptedPremasterSecret);#endif	license->EncryptedPremasterSecret->data = EncryptedPremasterSecret;	return TRUE;}

BOOL license_read_platform_challenge_packet(rdpLicense* license, wStream* s){	BYTE MacData[16];	UINT32 ConnectFlags = 0;	DEBUG_LICENSE("Receiving Platform Challenge Packet");	if (Stream_GetRemainingLength(s) < 4)		return FALSE;	Stream_Read_UINT32(s, ConnectFlags); /* ConnectFlags, Reserved (4 bytes) */	/* EncryptedPlatformChallenge */	license->EncryptedPlatformChallenge->type = BB_ANY_BLOB;	license_read_binary_blob(s, license->EncryptedPlatformChallenge);	license->EncryptedPlatformChallenge->type = BB_ENCRYPTED_DATA_BLOB;	if (Stream_GetRemainingLength(s) < 16)		return FALSE;	Stream_Read(s, MacData, 16); /* MACData (16 bytes) */	if (!license_decrypt_platform_challenge(license))		return FALSE;#ifdef WITH_DEBUG_LICENSE	WLog_DBG(TAG, "ConnectFlags: 0x%08X", ConnectFlags);	WLog_DBG(TAG, "EncryptedPlatformChallenge:");	winpr_HexDump(TAG, WLOG_DEBUG, license->EncryptedPlatformChallenge->data, license->EncryptedPlatformChallenge->length);	WLog_DBG(TAG, "PlatformChallenge:");	winpr_HexDump(TAG, WLOG_DEBUG, license->PlatformChallenge->data, license->PlatformChallenge->length);	WLog_DBG(TAG, "MacData:");	winpr_HexDump(TAG, WLOG_DEBUG, MacData, 16);#endif	return TRUE;}

void license_decrypt_platform_challenge(rdpLicense* license){	CryptoRc4 rc4;	license->platform_challenge->data =			(BYTE*) malloc(license->encrypted_platform_challenge->length);	license->platform_challenge->length =			license->encrypted_platform_challenge->length;	rc4 = crypto_rc4_init(license->licensing_encryption_key, LICENSING_ENCRYPTION_KEY_LENGTH);	crypto_rc4(rc4, license->encrypted_platform_challenge->length,			license->encrypted_platform_challenge->data,			license->platform_challenge->data);#ifdef WITH_DEBUG_LICENSE	printf("encrypted_platform challenge:/n");	winpr_HexDump(license->encrypted_platform_challenge->data,			license->encrypted_platform_challenge->length);	printf("platform challenge:/n");	winpr_HexDump(license->platform_challenge->data, license->platform_challenge->length);#endif	crypto_rc4_free(rc4);}

void license_encrypt_premaster_secret(rdpLicense* license){	BYTE* EncryptedPremasterSecret;	license_get_server_rsa_public_key(license);#ifdef WITH_DEBUG_LICENSE	fprintf(stderr, "Modulus (%d bits):/n", license->ModulusLength * 8);	winpr_HexDump(license->Modulus, license->ModulusLength);	fprintf(stderr, "/n");	fprintf(stderr, "Exponent:/n");	winpr_HexDump(license->Exponent, 4);	fprintf(stderr, "/n");#endif	EncryptedPremasterSecret = (BYTE*) malloc(license->ModulusLength);	ZeroMemory(EncryptedPremasterSecret, license->ModulusLength);	license->EncryptedPremasterSecret->type = BB_RANDOM_BLOB;	license->EncryptedPremasterSecret->length = PREMASTER_SECRET_LENGTH;#ifndef LICENSE_NULL_PREMASTER_SECRET	license->EncryptedPremasterSecret->length =		crypto_rsa_public_encrypt(license->PremasterSecret, PREMASTER_SECRET_LENGTH,			license->ModulusLength, license->Modulus, license->Exponent, EncryptedPremasterSecret);#endif	license->EncryptedPremasterSecret->data = EncryptedPremasterSecret;}

BOOL license_send_platform_challenge_response_packet(rdpLicense* license){    wStream* s;    int length;    BYTE* buffer;    WINPR_RC4_CTX* rc4;    BYTE mac_data[16];    BOOL status;    DEBUG_LICENSE("Sending Platform Challenge Response Packet");    s = license_send_stream_init(license);    license->EncryptedPlatformChallenge->type = BB_DATA_BLOB;    length = license->PlatformChallenge->length + HWID_LENGTH;    buffer = (BYTE*) malloc(length);    if (!buffer)        return FALSE;    CopyMemory(buffer, license->PlatformChallenge->data, license->PlatformChallenge->length);    CopyMemory(&buffer[license->PlatformChallenge->length], license->HardwareId, HWID_LENGTH);    status = security_mac_data(license->MacSaltKey, buffer, length, mac_data);    free(buffer);    if (!status)        return FALSE;    rc4 = winpr_RC4_New(license->LicensingEncryptionKey,                        LICENSING_ENCRYPTION_KEY_LENGTH);    if (!rc4)        return FALSE;    buffer = (BYTE*) malloc(HWID_LENGTH);    if (!buffer)        return FALSE;    status = winpr_RC4_Update(rc4, HWID_LENGTH, license->HardwareId, buffer);    winpr_RC4_Free(rc4);    if (!status)    {        free(buffer);        return FALSE;    }    license->EncryptedHardwareId->type = BB_DATA_BLOB;    license->EncryptedHardwareId->data = buffer;    license->EncryptedHardwareId->length = HWID_LENGTH;#ifdef WITH_DEBUG_LICENSE    WLog_DBG(TAG, "LicensingEncryptionKey:");    winpr_HexDump(TAG, WLOG_DEBUG, license->LicensingEncryptionKey, 16);    WLog_DBG(TAG, "HardwareId:");    winpr_HexDump(TAG, WLOG_DEBUG, license->HardwareId, HWID_LENGTH);    WLog_DBG(TAG, "EncryptedHardwareId:");    winpr_HexDump(TAG, WLOG_DEBUG, license->EncryptedHardwareId->data, HWID_LENGTH);#endif    return license_write_platform_challenge_response_packet(license, s, mac_data) &&           license_send(license, s, PLATFORM_CHALLENGE_RESPONSE);}

void ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, char* hash){	WINPR_SAM* sam;	WINPR_SAM_ENTRY* entry;	sam = SamOpen(1);	if (sam == NULL)		return;	entry = SamLookupUserW(sam,			(LPWSTR) context->identity.User, context->identity.UserLength * 2,			(LPWSTR) context->identity.Domain, context->identity.DomainLength * 2);	if (entry != NULL)	{#ifdef WITH_DEBUG_NTLM		fprintf(stderr, "NTLM Hash:/n");		winpr_HexDump(entry->NtHash, 16);#endif		NTOWFv2FromHashW(entry->NtHash,			(LPWSTR) context->identity.User, context->identity.UserLength * 2,			(LPWSTR) context->identity.Domain, context->identity.DomainLength * 2,			(BYTE*) hash);		SamFreeEntry(sam, entry);		SamClose(sam);		return;	}	entry = SamLookupUserW(sam,		(LPWSTR) context->identity.User, context->identity.UserLength * 2, NULL, 0);	if (entry != NULL)	{#ifdef WITH_DEBUG_NTLM		fprintf(stderr, "NTLM Hash:/n");		winpr_HexDump(entry->NtHash, 16);#endif		NTOWFv2FromHashW(entry->NtHash,			(LPWSTR) context->identity.User, context->identity.UserLength * 2,			(LPWSTR) context->identity.Domain, context->identity.DomainLength * 2,			(BYTE*) hash);		SamFreeEntry(sam, entry);		SamClose(sam);		return;	}	else	{		fprintf(stderr, "Error: Could not find user in SAM database/n");	}	SamClose(sam);}

int ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash){	WINPR_SAM* sam;	WINPR_SAM_ENTRY* entry;	SSPI_CREDENTIALS* credentials = context->credentials;	sam = SamOpen(context->SamFile, TRUE);	if (!sam)		return -1;	entry = SamLookupUserW(sam, (LPWSTR) credentials->identity.User,	                       credentials->identity.UserLength * 2,	                       (LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2);	if (entry)	{#ifdef WITH_DEBUG_NTLM		WLog_DBG(TAG, "NTLM Hash:");		winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16);#endif		NTOWFv2FromHashW(entry->NtHash,		                 (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,		                 (LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,		                 (BYTE*) hash);		SamFreeEntry(sam, entry);		SamClose(sam);		return 1;	}	entry = SamLookupUserW(sam, (LPWSTR) credentials->identity.User,	                       credentials->identity.UserLength * 2, NULL, 0);	if (entry)	{#ifdef WITH_DEBUG_NTLM		WLog_DBG(TAG, "NTLM Hash:");		winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16);#endif		NTOWFv2FromHashW(entry->NtHash,		                 (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,		                 (LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,		                 (BYTE*) hash);		SamFreeEntry(sam, entry);		SamClose(sam);		return 1;	}	else	{		SamClose(sam);		WLog_ERR(TAG, "Error: Could not find user in SAM database");		return 0;	}	SamClose(sam);	return 1;}

void license_send_platform_challenge_response_packet(rdpLicense* license){	wStream* s;	int length;	BYTE* buffer;	CryptoRc4 rc4;	BYTE mac_data[16];	DEBUG_LICENSE("Sending Platform Challenge Response Packet");	s = license_send_stream_init(license);	license->EncryptedPlatformChallenge->type = BB_DATA_BLOB;	length = license->PlatformChallenge->length + HWID_LENGTH;	buffer = (BYTE*) malloc(length);	CopyMemory(buffer, license->PlatformChallenge->data, license->PlatformChallenge->length);	CopyMemory(&buffer[license->PlatformChallenge->length], license->HardwareId, HWID_LENGTH);	security_mac_data(license->MacSaltKey, buffer, length, mac_data);	free(buffer);	buffer = (BYTE*) malloc(HWID_LENGTH);	rc4 = crypto_rc4_init(license->LicensingEncryptionKey, LICENSING_ENCRYPTION_KEY_LENGTH);	if (!rc4)	{		fprintf(stderr, "%s: unable to allocate a rc4/n", __FUNCTION__);		return;	}	crypto_rc4(rc4, HWID_LENGTH, license->HardwareId, buffer);	crypto_rc4_free(rc4);	license->EncryptedHardwareId->type = BB_DATA_BLOB;	license->EncryptedHardwareId->data = buffer;	license->EncryptedHardwareId->length = HWID_LENGTH;#ifdef WITH_DEBUG_LICENSE	fprintf(stderr, "LicensingEncryptionKey:/n");	winpr_HexDump(license->LicensingEncryptionKey, 16);	fprintf(stderr, "/n");	fprintf(stderr, "HardwareId:/n");	winpr_HexDump(license->HardwareId, HWID_LENGTH);	fprintf(stderr, "/n");	fprintf(stderr, "EncryptedHardwareId:/n");	winpr_HexDump(license->EncryptedHardwareId->data, HWID_LENGTH);	fprintf(stderr, "/n");#endif	license_write_platform_challenge_response_packet(license, s, mac_data);	license_send(license, s, PLATFORM_CHALLENGE_RESPONSE);}

BOOL TsProxyCreateChannelReadResponse(rdpTsg* tsg, RPC_PDU* pdu){	BYTE* buffer;	UINT32 length;	UINT32 offset;	rdpRpc* rpc = tsg->rpc;	if (!pdu)		return FALSE;	length = Stream_Length(pdu->s);	buffer = Stream_Buffer(pdu->s);	if (!(pdu->Flags & RPC_PDU_FLAG_STUB))		buffer = &buffer[24];	offset = 0;	/* ChannelContext (20 bytes) */	CopyMemory(&tsg->ChannelContext.ContextType, &buffer[offset], 4); /* ContextType (4 bytes) */	CopyMemory(tsg->ChannelContext.ContextUuid, &buffer[offset + 4], 16); /* ContextUuid (16 bytes) */#ifdef WITH_DEBUG_TSG	fprintf(stderr, "ChannelContext:/n");	winpr_HexDump((void*) &tsg->ChannelContext, 20);	fprintf(stderr, "/n");#endif	rpc_client_receive_pool_return(rpc, pdu);	return TRUE;}

void cliprdr_packet_send(cliprdrPlugin* cliprdr, wStream* s){	int pos;	UINT32 dataLen;	UINT32 status = 0;	pos = Stream_GetPosition(s);	dataLen = pos - 8;	Stream_SetPosition(s, 4);	Stream_Write_UINT32(s, dataLen);	Stream_SetPosition(s, pos);#ifdef WITH_DEBUG_CLIPRDR	WLog_DBG(TAG, "Cliprdr Sending (%d bytes)", dataLen + 8);	winpr_HexDump(TAG, WLOG_DEBUG, Stream_Buffer(s), dataLen + 8);#endif	if (!cliprdr)	{		status = CHANNEL_RC_BAD_INIT_HANDLE;	}	else	{		status = cliprdr->channelEntryPoints.pVirtualChannelWrite(cliprdr->OpenHandle,			Stream_Buffer(s), (UINT32) Stream_GetPosition(s), s);	}	if (status != CHANNEL_RC_OK)	{		Stream_Free(s, TRUE);		WLog_ERR(TAG,  "cliprdr_packet_send: VirtualChannelWrite failed %d", status);	}}

RPC_PDU* rpc_recv_dequeue_pdu(rdpRpc* rpc){	RPC_PDU* pdu;	DWORD dwMilliseconds;	DWORD result;	dwMilliseconds = rpc->client->SynchronousReceive ? SYNCHRONOUS_TIMEOUT * 4 : 0;	result = WaitForSingleObject(Queue_Event(rpc->client->ReceiveQueue), dwMilliseconds);	if (result == WAIT_TIMEOUT)	{		WLog_ERR(TAG, "timed out waiting for receive event");		return NULL;	}	if (result != WAIT_OBJECT_0)		return NULL;	pdu = (RPC_PDU*)Queue_Dequeue(rpc->client->ReceiveQueue);#ifdef WITH_DEBUG_TSG	if (pdu)	{		WLog_DBG(TAG, "Receiving PDU (length: %d, CallId: %d)", pdu->s->length, pdu->CallId);		winpr_HexDump(TAG, WLOG_DEBUG, Stream_Buffer(pdu->s), Stream_Length(pdu->s));	}	else	{		WLog_DBG(TAG, "Receiving a NULL PDU");	}#endif	return pdu;}

BOOL certificate_read_server_x509_certificate_chain(rdpCertificate* certificate, wStream* s){	int i;	UINT32 certLength;	UINT32 numCertBlobs;	BOOL ret;	DEBUG_CERTIFICATE("Server X.509 Certificate Chain");	if (Stream_GetRemainingLength(s) < 4)		return FALSE;	Stream_Read_UINT32(s, numCertBlobs); /* numCertBlobs */	certificate->x509_cert_chain = certificate_new_x509_certificate_chain(numCertBlobs);	if (!certificate->x509_cert_chain)		return FALSE;	for (i = 0; i < (int) numCertBlobs; i++)	{		if (Stream_GetRemainingLength(s) < 4)			return FALSE;		Stream_Read_UINT32(s, certLength);		if (Stream_GetRemainingLength(s) < certLength)			return FALSE;		DEBUG_CERTIFICATE("/nX.509 Certificate #%d, length:%d", i + 1, certLength);		certificate->x509_cert_chain->array[i].data = (BYTE*) malloc(certLength);		if (!certificate->x509_cert_chain->array[i].data)			return FALSE;		Stream_Read(s, certificate->x509_cert_chain->array[i].data, certLength);		certificate->x509_cert_chain->array[i].length = certLength;		if (numCertBlobs - i == 2)		{			rdpCertInfo cert_info;			DEBUG_CERTIFICATE("License Server Certificate");			ret = certificate_read_x509_certificate(&certificate->x509_cert_chain->array[i], &cert_info);			DEBUG_LICENSE("modulus length:%d", (int) cert_info.ModulusLength);			if (cert_info.Modulus)				free(cert_info.Modulus);			if (!ret) {				fprintf(stderr, "failed to read License Server, content follows:/n");				winpr_HexDump(certificate->x509_cert_chain->array[i].data, certificate->x509_cert_chain->array[i].length);				return FALSE;			}		}		else if (numCertBlobs - i == 1)		{			DEBUG_CERTIFICATE("Terminal Server Certificate");			if (!certificate_read_x509_certificate(&certificate->x509_cert_chain->array[i], &certificate->cert_info))				return FALSE;			DEBUG_CERTIFICATE("modulus length:%d", (int) certificate->cert_info.ModulusLength);		}	}	return TRUE;}

static int test_rdp_channel_data(freerdp* instance, int chan_id, BYTE* data, int data_size){	printf("chan_id %d data_size %d/n", chan_id, data_size);	winpr_HexDump(data, data_size);	data_received = 1;	return 0;}

RPC_PDU* rpc_recv_dequeue_pdu(rdpRpc* rpc){	RPC_PDU* pdu;	DWORD dwMilliseconds;	pdu = NULL;	dwMilliseconds = rpc->client->SynchronousReceive ? INFINITE : 0;	if (WaitForSingleObject(Queue_Event(rpc->client->ReceiveQueue), dwMilliseconds) == WAIT_OBJECT_0)	{		pdu = (RPC_PDU*) Queue_Dequeue(rpc->client->ReceiveQueue);#ifdef WITH_DEBUG_TSG		if (pdu)		{			fprintf(stderr, "Receiving PDU (length: %d, CallId: %d)/n", pdu->s->length, pdu->CallId);			winpr_HexDump(Stream_Buffer(pdu->s), Stream_Length(pdu->s));			fprintf(stderr, "/n");		}#endif		return pdu;	}	return pdu;}

/** * Function description * * @return 0 on success, otherwise a Win32 error code */UINT cliprdr_packet_send(cliprdrPlugin* cliprdr, wStream* s){	UINT32 pos;	UINT32 dataLen;	UINT status = CHANNEL_RC_OK;	pos = Stream_GetPosition(s);	dataLen = pos - 8;	Stream_SetPosition(s, 4);	Stream_Write_UINT32(s, dataLen);	Stream_SetPosition(s, pos);#ifdef WITH_DEBUG_CLIPRDR	WLog_DBG(TAG, "Cliprdr Sending (%d bytes)", dataLen + 8);	winpr_HexDump(TAG, WLOG_DEBUG, Stream_Buffer(s), dataLen + 8);#endif	if (!cliprdr)	{		status = CHANNEL_RC_BAD_INIT_HANDLE;	}	else	{		status = cliprdr->channelEntryPoints.pVirtualChannelWrite(cliprdr->OpenHandle,			Stream_Buffer(s), (UINT32) Stream_GetPosition(s), s);	}	if (status != CHANNEL_RC_OK)		WLog_ERR(TAG, "VirtualChannelWrite failed with %s [%08X]",				 WTSErrorToString(status), status);	return status;}

BOOL license_send(rdpLicense* license, STREAM* s, BYTE type){	int length;	BYTE flags;	UINT16 wMsgSize;	UINT16 sec_flags;	DEBUG_LICENSE("Sending %s Packet", LICENSE_MESSAGE_STRINGS[type & 0x1F]);	length = stream_get_length(s);	stream_set_pos(s, 0);	sec_flags = SEC_LICENSE_PKT;	wMsgSize = length - LICENSE_PACKET_HEADER_MAX_LENGTH + 4;	/**	 * Using EXTENDED_ERROR_MSG_SUPPORTED here would cause mstsc to crash when	 * running in server mode! This flag seems to be incorrectly documented.	 */	flags = PREAMBLE_VERSION_3_0;	rdp_write_header(license->rdp, s, length, MCS_GLOBAL_CHANNEL_ID);	rdp_write_security_header(s, sec_flags);	license_write_preamble(s, type, flags, wMsgSize);#ifdef WITH_DEBUG_LICENSE	printf("Sending %s Packet, length %d/n", LICENSE_MESSAGE_STRINGS[type & 0x1F], wMsgSize);	winpr_HexDump(s->p - 4, wMsgSize);#endif	stream_set_pos(s, length);	if (transport_write(license->rdp->transport, s) < 0)		return FALSE;	return TRUE;}

BOOL license_send(rdpLicense* license, wStream* s, BYTE type){	int length;	BYTE flags;	UINT16 wMsgSize;	rdpRdp* rdp = license->rdp;	DEBUG_LICENSE("Sending %s Packet", LICENSE_MESSAGE_STRINGS[type & 0x1F]);	length = Stream_GetPosition(s);	wMsgSize = length - license->PacketHeaderLength;	Stream_SetPosition(s, license->PacketHeaderLength);	flags = PREAMBLE_VERSION_3_0;	/**	 * Using EXTENDED_ERROR_MSG_SUPPORTED here would cause mstsc to crash when	 * running in server mode! This flag seems to be incorrectly documented.	 */	if (!rdp->settings->ServerMode)		flags |= EXTENDED_ERROR_MSG_SUPPORTED;	license_write_preamble(s, type, flags, wMsgSize);#ifdef WITH_DEBUG_LICENSE	WLog_DBG(TAG, "Sending %s Packet, length %d", LICENSE_MESSAGE_STRINGS[type & 0x1F], wMsgSize);	winpr_HexDump(TAG, WLOG_DEBUG, Stream_Pointer(s) - LICENSE_PREAMBLE_LENGTH, wMsgSize);#endif	Stream_SetPosition(s, length);	rdp_send(rdp, s, MCS_GLOBAL_CHANNEL_ID);	rdp->sec_flags = 0;	return TRUE;}

int transport_write(rdpTransport* transport, STREAM* s){	int status = -1;	int length;	length = stream_get_length(s);	stream_set_pos(s, 0);#ifdef WITH_DEBUG_TRANSPORT	if (length > 0)	{		printf("Local > Remote/n");		winpr_HexDump(s->data, length);	}#endif	while (length > 0)	{		if (transport->layer == TRANSPORT_LAYER_TLS)			status = tls_write(transport->TlsOut, stream_get_tail(s), length);		else if (transport->layer == TRANSPORT_LAYER_TCP)			status = tcp_write(transport->TcpOut, stream_get_tail(s), length);		else if (transport->layer == TRANSPORT_LAYER_TSG)			status = tsg_write(transport->tsg, stream_get_tail(s), length);		if (status < 0)			break; /* error occurred */		if (status == 0)		{			/* when sending is blocked in nonblocking mode, the receiving buffer should be checked */			if (!transport->blocking)			{				/* and in case we do have buffered some data, we set the event so next loop will get it */				if (transport_read_nonblocking(transport) > 0)					SetEvent(transport->ReceiveEvent);			}			if (transport->layer == TRANSPORT_LAYER_TLS)				tls_wait_write(transport->TlsOut);			else if (transport->layer == TRANSPORT_LAYER_TCP)				tcp_wait_write(transport->TcpOut);			else				USleep(transport->SleepInterval);		}		length -= status;		stream_seek(s, status);	}	if (status < 0)	{		/* A write error indicates that the peer has dropped the connection */		transport->layer = TRANSPORT_LAYER_CLOSED;	}	return status;}

void license_generate_keys(rdpLicense* license){	security_master_secret(license->PremasterSecret, license->ClientRandom,						   license->ServerRandom, license->MasterSecret); /* MasterSecret */	security_session_key_blob(license->MasterSecret, license->ClientRandom,							  license->ServerRandom, license->SessionKeyBlob); /* SessionKeyBlob */	security_mac_salt_key(license->SessionKeyBlob, license->ClientRandom,						  license->ServerRandom, license->MacSaltKey); /* MacSaltKey */	security_licensing_encryption_key(license->SessionKeyBlob, license->ClientRandom,									  license->ServerRandom, license->LicensingEncryptionKey); /* LicensingEncryptionKey */#ifdef WITH_DEBUG_LICENSE	WLog_DBG(TAG, "ClientRandom:");	winpr_HexDump(TAG, WLOG_DEBUG, license->ClientRandom, CLIENT_RANDOM_LENGTH);	WLog_DBG(TAG, "ServerRandom:");	winpr_HexDump(TAG, WLOG_DEBUG, license->ServerRandom, SERVER_RANDOM_LENGTH);	WLog_DBG(TAG, "PremasterSecret:");	winpr_HexDump(TAG, WLOG_DEBUG, license->PremasterSecret, PREMASTER_SECRET_LENGTH);	WLog_DBG(TAG, "MasterSecret:");	winpr_HexDump(TAG, WLOG_DEBUG, license->MasterSecret, MASTER_SECRET_LENGTH);	WLog_DBG(TAG, "SessionKeyBlob:");	winpr_HexDump(TAG, WLOG_DEBUG, license->SessionKeyBlob, SESSION_KEY_BLOB_LENGTH);	WLog_DBG(TAG, "MacSaltKey:");	winpr_HexDump(TAG, WLOG_DEBUG, license->MacSaltKey, MAC_SALT_KEY_LENGTH);	WLog_DBG(TAG, "LicensingEncryptionKey:");	winpr_HexDump(TAG, WLOG_DEBUG, license->LicensingEncryptionKey, LICENSING_ENCRYPTION_KEY_LENGTH);#endif}

void xf_process_rail_appid_resp_event(xfContext* xfc, rdpChannels* channels, wMessage* event){	RAIL_GET_APPID_RESP_ORDER* appid_resp =		(RAIL_GET_APPID_RESP_ORDER*) event->wParam;	DEBUG_WARN("Server Application ID Response PDU: windowId=0x%X "			   "applicationId=(length=%d dump)/n",			   appid_resp->windowId, 512);	winpr_HexDump(TAG, WLOG_ERROR, (BYTE*) &appid_resp->applicationId, 512);}

void license_encrypt_premaster_secret(rdpLicense* license){	BYTE* encrypted_premaster_secret;#if 0	int key_length;	BYTE* modulus;	BYTE* exponent;	rdpCertificate *certificate;	if (license->server_certificate->length)		certificate = license->certificate;	else		certificate = license->rdp->settings->server_cert;	exponent = certificate->cert_info.exponent;	modulus = certificate->cert_info.modulus.data;	key_length = certificate->cert_info.modulus.length;#ifdef WITH_DEBUG_LICENSE	printf("modulus (%d bits):/n", key_length * 8);	winpr_HexDump(modulus, key_length);	printf("exponent:/n");	winpr_HexDump(exponent, 4);#endif	encrypted_premaster_secret = (BYTE*) malloc(MODULUS_MAX_SIZE);	memset(encrypted_premaster_secret, 0, MODULUS_MAX_SIZE);	crypto_rsa_public_encrypt(license->premaster_secret, PREMASTER_SECRET_LENGTH,			key_length, modulus, exponent, encrypted_premaster_secret);	license->encrypted_premaster_secret->type = BB_RANDOM_BLOB;	license->encrypted_premaster_secret->length = PREMASTER_SECRET_LENGTH;	license->encrypted_premaster_secret->data = encrypted_premaster_secret;#else	encrypted_premaster_secret = (BYTE*) malloc(MODULUS_MAX_SIZE);	memset(encrypted_premaster_secret, 0, MODULUS_MAX_SIZE);	license->encrypted_premaster_secret->type = BB_RANDOM_BLOB;	license->encrypted_premaster_secret->length = PREMASTER_SECRET_LENGTH;	license->encrypted_premaster_secret->data = encrypted_premaster_secret;#endif}

int bulk_compress_validate(rdpBulk* bulk, BYTE* pSrcData, UINT32 SrcSize, BYTE** ppDstData, UINT32* pDstSize, UINT32* pFlags){    int status;    BYTE* _pSrcData = NULL;    BYTE* _pDstData = NULL;    UINT32 _SrcSize = 0;    UINT32 _DstSize = 0;    UINT32 _Flags = 0;    _pSrcData = *ppDstData;    _SrcSize = *pDstSize;    _Flags = *pFlags | bulk->CompressionLevel;    status = bulk_decompress(bulk, _pSrcData, _SrcSize, &_pDstData, &_DstSize, _Flags);    if (status < 0)    {        printf("compression/decompression failure/n");        return status;    }    if (_DstSize != SrcSize)    {        printf("compression/decompression size mismatch: Actual: %d, Expected: %d/n", _DstSize, SrcSize);        return -1;    }    if (memcmp(_pDstData, pSrcData, SrcSize) != 0)    {        printf("compression/decompression input/output mismatch! flags: 0x%04X/n", _Flags);#if 1        printf("Actual:/n");        winpr_HexDump(_pDstData, SrcSize);        printf("Expected:/n");        winpr_HexDump(pSrcData, SrcSize);#endif        return -1;    }    return status;}

BOOL TsProxyCreateChannelWriteRequest(rdpTsg* tsg, PTUNNEL_CONTEXT_HANDLE_NOSERIALIZE tunnelContext){	int status;	UINT32 count;	BYTE* buffer;	UINT32 length;	CONTEXT_HANDLE* handle;	rdpRpc* rpc = tsg->rpc;	count = _wcslen(tsg->Hostname) + 1;#ifdef WITH_DEBUG_TSG	DEBUG_WARN( "ResourceName:/n");	winpr_HexDump((BYTE*) tsg->Hostname, (count - 1) * 2);	DEBUG_WARN( "/n");#endif	length = 60 + (count * 2);	buffer = (BYTE*) malloc(length);	if (!buffer)		return FALSE;	/* TunnelContext */	handle = (CONTEXT_HANDLE*) tunnelContext;	CopyMemory(&buffer[0], &handle->ContextType, 4); /* ContextType */	CopyMemory(&buffer[4], handle->ContextUuid, 16); /* ContextUuid */	/* TSENDPOINTINFO */	*((UINT32*) &buffer[20]) = 0x00020000; /* ResourceNamePtr */	*((UINT32*) &buffer[24]) = 0x00000001; /* NumResourceNames */	*((UINT32*) &buffer[28]) = 0x00000000; /* AlternateResourceNamesPtr */	*((UINT16*) &buffer[32]) = 0x0000; /* NumAlternateResourceNames */	*((UINT16*) &buffer[34]) = 0x0000; /* Pad (2 bytes) */	/* Port (4 bytes) */	*((UINT16*) &buffer[36]) = 0x0003; /* ProtocolId (RDP = 3) */	*((UINT16*) &buffer[38]) = tsg->Port; /* PortNumber (0xD3D = 3389) */	*((UINT32*) &buffer[40]) = 0x00000001; /* NumResourceNames */	*((UINT32*) &buffer[44]) = 0x00020004; /* ResourceNamePtr */	*((UINT32*) &buffer[48]) = count; /* MaxCount */	*((UINT32*) &buffer[52]) = 0; /* Offset */	*((UINT32*) &buffer[56]) = count; /* ActualCount */	CopyMemory(&buffer[60], tsg->Hostname, count * 2); /* Array */	status = rpc_write(rpc, buffer, length, TsProxyCreateChannelOpnum);	if (status <= 0)		return FALSE;	free(buffer);	return TRUE;}

void license_send_platform_challenge_response_packet(rdpLicense* license){	STREAM* s;	int length;	BYTE* buffer;	CryptoRc4 rc4;	BYTE mac_data[16];	s = license_send_stream_init(license);	DEBUG_LICENSE("Sending Platform Challenge Response Packet");	license->encrypted_platform_challenge->type = BB_DATA_BLOB;	length = license->platform_challenge->length + HWID_LENGTH;	buffer = (BYTE*) malloc(length);	memcpy(buffer, license->platform_challenge->data, license->platform_challenge->length);	memcpy(&buffer[license->platform_challenge->length], license->hwid, HWID_LENGTH);	security_mac_data(license->mac_salt_key, buffer, length, mac_data);	free(buffer);	buffer = (BYTE*) malloc(HWID_LENGTH);	rc4 = crypto_rc4_init(license->licensing_encryption_key, LICENSING_ENCRYPTION_KEY_LENGTH);	crypto_rc4(rc4, HWID_LENGTH, license->hwid, buffer);	crypto_rc4_free(rc4);#ifdef WITH_DEBUG_LICENSE	printf("Licensing Encryption Key:/n");	winpr_HexDump(license->licensing_encryption_key, 16);	printf("HardwareID:/n");	winpr_HexDump(license->hwid, 20);	printf("Encrypted HardwareID:/n");	winpr_HexDump(buffer, 20);#endif	license->encrypted_hwid->type = BB_DATA_BLOB;	license->encrypted_hwid->data = buffer;	license->encrypted_hwid->length = HWID_LENGTH;	license_write_platform_challenge_response_packet(license, s, mac_data);	license_send(license, s, PLATFORM_CHALLENGE_RESPONSE);}

SECURITY_STATUS schannel_openssl_client_process_tokens(SCHANNEL_OPENSSL* context, PSecBufferDesc pInput, PSecBufferDesc pOutput){	int status;	int ssl_error;	PSecBuffer pBuffer;	if (!context->connected)	{		if (pInput)		{			if (pInput->cBuffers < 1)				return SEC_E_INVALID_TOKEN;			pBuffer = &pInput->pBuffers[0];			if (pBuffer->BufferType != SECBUFFER_TOKEN)				return SEC_E_INVALID_TOKEN;			status = BIO_write(context->bioRead, pBuffer->pvBuffer, pBuffer->cbBuffer);		}		status = SSL_connect(context->ssl);		if (status < 0)		{			ssl_error = SSL_get_error(context->ssl, status);			printf("SSL_connect error: %s/n", openssl_get_ssl_error_string(ssl_error));		}		status = BIO_read(context->bioWrite, context->ReadBuffer, SCHANNEL_CB_MAX_TOKEN);		if (status >= 0)		{			winpr_HexDump(context->ReadBuffer, status);		}		if (pOutput->cBuffers < 1)			return SEC_E_INVALID_TOKEN;		pBuffer = &pOutput->pBuffers[0];		if (pBuffer->BufferType != SECBUFFER_TOKEN)			return SEC_E_INVALID_TOKEN;		if (pBuffer->cbBuffer < status)			return SEC_E_INSUFFICIENT_MEMORY;		CopyMemory(pBuffer->pvBuffer, context->ReadBuffer, status);		pBuffer->cbBuffer = status;		return SEC_I_CONTINUE_NEEDED;	}	return SEC_E_OK;}

void nla_buffer_print(rdpNla* nla){	if (nla->negoToken.cbBuffer > 0)	{		WLog_DBG(TAG, "NLA.negoToken (length = %d):", (int) nla->negoToken.cbBuffer);		winpr_HexDump(TAG, WLOG_DEBUG, nla->negoToken.pvBuffer, nla->negoToken.cbBuffer);	}	if (nla->pubKeyAuth.cbBuffer > 0)	{		WLog_DBG(TAG, "NLA.pubKeyAuth (length = %d):", (int) nla->pubKeyAuth.cbBuffer);		winpr_HexDump(TAG, WLOG_DEBUG, nla->pubKeyAuth.pvBuffer, nla->pubKeyAuth.cbBuffer);	}	if (nla->authInfo.cbBuffer > 0)	{		WLog_DBG(TAG, "NLA.authInfo (length = %d):", (int) nla->authInfo.cbBuffer);		winpr_HexDump(TAG, WLOG_DEBUG, nla->authInfo.pvBuffer, nla->authInfo.cbBuffer);	}}

void xf_process_rail_appid_resp_event(xfContext* xfc, rdpChannels* channels, wMessage* event){	RAIL_GET_APPID_RESP_ORDER* appid_resp =		(RAIL_GET_APPID_RESP_ORDER*) event->wParam;	fprintf(stderr, "Server Application ID Response PDU: windowId=0x%X "		"applicationId=(length=%d dump)/n",		appid_resp->windowId, appid_resp->applicationId.length);	winpr_HexDump(appid_resp->applicationId.string, appid_resp->applicationId.length);}

void credssp_buffer_print(rdpCredssp* credssp){	if (credssp->negoToken.cbBuffer > 0)	{		fprintf(stderr, "CredSSP.negoToken (length = %d):/n", (int) credssp->negoToken.cbBuffer);		winpr_HexDump(credssp->negoToken.pvBuffer, credssp->negoToken.cbBuffer);	}	if (credssp->pubKeyAuth.cbBuffer > 0)	{		fprintf(stderr, "CredSSP.pubKeyAuth (length = %d):/n", (int) credssp->pubKeyAuth.cbBuffer);		winpr_HexDump(credssp->pubKeyAuth.pvBuffer, credssp->pubKeyAuth.cbBuffer);	}	if (credssp->authInfo.cbBuffer > 0)	{		fprintf(stderr, "CredSSP.authInfo (length = %d):/n", (int) credssp->authInfo.cbBuffer);		winpr_HexDump(credssp->authInfo.pvBuffer, credssp->authInfo.cbBuffer);	}}