Example 1 with NtlmState
use of rdpclient.ntlmssp.NtlmState in project cloudstack by apache.
the class RdpClient method assembleRDPPipeline.
// /* DEBUG */
// @Override
// protected HashMap<String, streamer.Element> initElementMap(String id) {
// HashMap<String, streamer.Element> map = new HashMap<String, streamer.Element>();
// map.put("IN", new ServerPacketSniffer("server <"));
// map.put("OUT", new ClientPacketSniffer("> client"));
// return map;
// }
/**
* Assemble connection sequence and main pipeline.
*
* Connection sequence for RDP w/o NLA: cookie(TPKT) SSL x224(TPKT)
* main(FastPath).
*
* Connection sequence for RDP w NLA: cookie(TPKT) SSL credssp x224(TPKT)
* main(FastPath).
*
* Connection sequence for HyperV w NLA: pcb SSL credssp cookie(TPKT)
* x224(TPKT) main(FastPath).
*/
protected void assembleRDPPipeline(String serverHostName, String domain, String userName, String password, String pcb, ScreenDescription screen, BufferedImageCanvas canvas, SSLState sslState) {
// If preconnection blob with VM ID is specified, then we are connecting to
// HyperV server
boolean hyperv = (pcb != null && !pcb.isEmpty());
// HyperV server requires NLA (CredSSP/SPNEGO/NTLMSSP) to connect, because
// it cannot display login screen
boolean credssp = hyperv || (password != null && !password.isEmpty());
String workstation;
try {
workstation = InetAddress.getLocalHost().getHostName();
} catch (UnknownHostException e) {
workstation = "workstation";
}
//
// Handshake chain
//
RdpState state = new RdpState();
NtlmState ntlmState = new NtlmState();
int[] channelsToJoin = new int[] { RdpConstants.CHANNEL_IO };
// first packet
if (hyperv) {
add(new ClientPreConnectionBlob("pcb", pcb));
}
// If password is specified, then use CredSSP/NTLM (NTLMSSP)
int protocol = RdpConstants.RDP_NEG_REQ_PROTOCOL_SSL;
if (credssp) {
protocol = RdpConstants.RDP_NEG_REQ_PROTOCOL_HYBRID;
add(new ClientNtlmsspNegotiate("client_ntlmssp_nego", ntlmState), new ServerNtlmsspChallenge("server_ntlmssp_challenge", ntlmState), new ClientNtlmsspPubKeyAuth("client_ntlmssp_auth", ntlmState, sslState, serverHostName, domain, workstation, userName, password), new ServerNtlmsspPubKeyPlus1("server_ntlmssp_confirm", ntlmState), new ClientNtlmsspUserCredentials("client_ntlmssp_finish", ntlmState));
}
add(new ClientX224ConnectionRequestPDU("client_connection_req", userName, protocol), new ServerX224ConnectionConfirmPDU("server_connection_conf"), new UpgradeSocketToSSL("upgrade_to_ssl"), new ClientMCSConnectInitial("client_initial_conference_create"), new ServerMCSConnectResponse("server_initial_conference_create"), new ClientMCSErectDomainRequest("client_erect_domain"), new ClientMCSAttachUserRequest("client_atach_user"), new ServerMCSAttachUserConfirmPDU("server_atach_user_confirm", state), new ClientMCSChannelJoinRequestServerMCSChannelConfirmPDUs("client_channel_join_rdprdr", channelsToJoin, state), new ClientInfoPDU("client_info_req", userName), new ServerLicenseErrorPDUValidClient("server_valid_client"), new ServerFastPath("server_fastpath"), new ServerX224DataPdu("server_x224_data"), // handshake sequence
new ClientTpkt("client_tpkt_ot"), new ClientX224DataPDU("client_x224_data_ot"));
// first packet of connection, before other packets
if (hyperv) {
// HyperV: pcb SSL credssp cookie x224 main.
link("IN", // Pre Connection Blob
"pcb", // Main (will be used after connection seq) or tpkt (to X224)
"server_fastpath >tpkt", // SSL
"upgrade_to_ssl", // CredSSP
"client_ntlmssp_nego", "server_ntlmssp_challenge", "client_ntlmssp_auth", "server_ntlmssp_confirm", "client_ntlmssp_finish", // Cookie
"client_connection_req", "server_connection_conf", // X224
"client_initial_conference_create");
for (String element : new String[] { "pcb", "client_ntlmssp_nego", "server_ntlmssp_challenge", "client_ntlmssp_auth", "server_ntlmssp_confirm", "client_ntlmssp_finish" }) {
link(element + " >otout", element + "< OUT");
}
} else {
// RDP: cookie SSL (credssp) x224 main.
link("IN", // Main or tpkt
"server_fastpath >tpkt", // Cookie
"client_connection_req", "server_connection_conf", // SSL
"upgrade_to_ssl");
if (credssp) {
// SSL
link("upgrade_to_ssl", // CredSSP
"client_ntlmssp_nego", "server_ntlmssp_challenge", "client_ntlmssp_auth", "server_ntlmssp_confirm", "client_ntlmssp_finish", // X224
"client_initial_conference_create");
for (String element : new String[] { "client_ntlmssp_nego", "server_ntlmssp_challenge", "client_ntlmssp_auth", "server_ntlmssp_confirm", "client_ntlmssp_finish" }) {
link(element + " >otout", element + "< OUT");
}
} else {
link(// SSL
"upgrade_to_ssl", // X224
"client_initial_conference_create");
}
}
link(// X224
"client_initial_conference_create", "server_initial_conference_create", "client_erect_domain", "server_x224_data", "client_atach_user", "server_atach_user_confirm", "client_channel_join_rdprdr", "client_info_req", "server_valid_client");
// Chain for direct handshake responses (without involving of queue)
link("client_x224_data_ot", "client_tpkt_ot", "client_tpkt_ot< OUT");
// Connect one time outputs to client TPKT input
String[] tpkt_peers = new String[] { "client_connection_req", "server_connection_conf", "upgrade_to_ssl", "client_x224_data_ot" };
for (String element : tpkt_peers) {
link(element + " >otout", element + "< client_tpkt_ot");
}
// Connect one time outputs to client X224 input
String[] x224_peers = new String[] { "client_initial_conference_create", "server_initial_conference_create", "client_erect_domain", "client_atach_user", "server_atach_user_confirm", "client_channel_join_rdprdr", "client_info_req", "server_valid_client" };
for (String element : x224_peers) {
link(element + " >otout", element + "< client_x224_data_ot");
}
//
// Transition
//
add(// To transfer packets between input threads and output thread.
new Queue("queue"), // Slow path: MultiChannel Support
new ServerMCSPDU("server_mcs"));
// Last element of handshake sequence will wake up queue and and socket
// output pull loop, which will switch links, between socket output and
// queue, from push mode to pull mode.
link(HANDSHAKE_END + " >queue", "queue", "OUT");
// Transition from handshake sequence for slow path packets
link(HANDSHAKE_END, "server_mcs");
//
// Main network
//
mouseEventSource = new AwtMouseEventSource("mouse");
keyEventSource = new AwtKeyEventSource("keyboard");
// Subscribe packet sender to various events
canvas.addMouseListener(mouseEventSource);
canvas.addMouseMotionListener(mouseEventSource);
canvas.addKeyListener(keyEventSource);
// Add elements
add(new ServerIOChannelRouter("server_io_channel", state), new ServerDemandActivePDU("server_demand_active", screen, state), new ClientConfirmActivePDU("client_confirm_active", screen, state), new ServerBitmapUpdate("server_bitmap_update"), new AwtCanvasAdapter("canvas_adapter", canvas, screen), new ServerPaletteUpdate("server_palette", screen), keyEventSource, new AwtRdpKeyboardAdapter("keyboard_adapter"), mouseEventSource, new AwtRdpMouseAdapter("mouse_adapter"), // These FastPath, TPKT, and X224 wrappers are connected to queue
new ClientTpkt("client_tpkt_queue"), new ClientX224DataPDU("client_x224_data_queue"), new ClientFastPathPDU("client_fastpath_queue"));
// Server packet handlers
link("server_mcs >channel_1003", "server_io_channel");
link("server_fastpath >bitmap", "fastpath< server_bitmap_update", "server_bitmap_update< canvas_adapter");
link("server_io_channel >bitmap", "slowpath< server_bitmap_update");
link("server_fastpath >palette", "fastpath< server_palette");
link("server_io_channel >palette", "slowpath< server_palette");
link("server_io_channel >demand_active", "slowpath< server_demand_active");
// link("server_demand_active >confirm_active", "client_confirm_active",
// "confirm_active< client_channel_1003");
link("server_demand_active >confirm_active", "client_confirm_active", "confirm_active< client_x224_data_queue");
// Link mouse and keyboard to socket via adapters and send them using
// FastPath protocol
link(mouseEventSource.getId(), "mouse_adapter", "mouse_adapter< client_fastpath_queue");
link(keyEventSource.getId(), "keyboard_adapter", "keyboard_adapter< client_fastpath_queue");
// Link packet wrappers to outgoing queue
link("client_fastpath_queue", "client_fastpath_queue< queue");
link("client_x224_data_queue", "client_tpkt_queue", "client_tpkt_queue< queue");
}
Also used :
ServerX224ConnectionConfirmPDU(rdpclient.rdp.ServerX224ConnectionConfirmPDU)
ServerFastPath(rdpclient.rdp.ServerFastPath)
ServerMCSPDU(rdpclient.rdp.ServerMCSPDU)
AwtMouseEventSource(common.AwtMouseEventSource)
ClientFastPathPDU(rdpclient.rdp.ClientFastPathPDU)
ServerNtlmsspChallenge(rdpclient.ntlmssp.ServerNtlmsspChallenge)
ServerX224DataPdu(rdpclient.rdp.ServerX224DataPdu)
ServerMCSConnectResponse(rdpclient.rdp.ServerMCSConnectResponse)
ClientNtlmsspNegotiate(rdpclient.ntlmssp.ClientNtlmsspNegotiate)
Queue(streamer.Queue)
UpgradeSocketToSSL(streamer.ssl.UpgradeSocketToSSL)
ClientMCSAttachUserRequest(rdpclient.rdp.ClientMCSAttachUserRequest)
ServerMCSAttachUserConfirmPDU(rdpclient.rdp.ServerMCSAttachUserConfirmPDU)
NtlmState(rdpclient.ntlmssp.NtlmState)
ServerNtlmsspPubKeyPlus1(rdpclient.ntlmssp.ServerNtlmsspPubKeyPlus1)
ClientNtlmsspUserCredentials(rdpclient.ntlmssp.ClientNtlmsspUserCredentials)
ClientMCSErectDomainRequest(rdpclient.rdp.ClientMCSErectDomainRequest)
AwtCanvasAdapter(common.adapter.AwtCanvasAdapter)
UnknownHostException(java.net.UnknownHostException)
RdpState(rdpclient.rdp.RdpState)
ClientX224DataPDU(rdpclient.rdp.ClientX224DataPDU)
ClientPreConnectionBlob(rdpclient.hyperv.ClientPreConnectionBlob)
ClientNtlmsspPubKeyAuth(rdpclient.ntlmssp.ClientNtlmsspPubKeyAuth)
ClientInfoPDU(rdpclient.rdp.ClientInfoPDU)
ServerDemandActivePDU(rdpclient.rdp.ServerDemandActivePDU)
ServerBitmapUpdate(rdpclient.rdp.ServerBitmapUpdate)
ClientMCSConnectInitial(rdpclient.rdp.ClientMCSConnectInitial)
AwtKeyEventSource(common.AwtKeyEventSource)
ClientConfirmActivePDU(rdpclient.rdp.ClientConfirmActivePDU)
AwtRdpMouseAdapter(rdpclient.adapter.AwtRdpMouseAdapter)
ServerIOChannelRouter(rdpclient.rdp.ServerIOChannelRouter)
ClientTpkt(rdpclient.rdp.ClientTpkt)
ClientMCSChannelJoinRequestServerMCSChannelConfirmPDUs(rdpclient.rdp.ClientMCSChannelJoinRequestServerMCSChannelConfirmPDUs)
ServerLicenseErrorPDUValidClient(rdpclient.rdp.ServerLicenseErrorPDUValidClient)
ServerPaletteUpdate(rdpclient.rdp.ServerPaletteUpdate)
ClientX224ConnectionRequestPDU(rdpclient.rdp.ClientX224ConnectionRequestPDU)
AwtRdpKeyboardAdapter(rdpclient.adapter.AwtRdpKeyboardAdapter)
Aggregations
AwtKeyEventSource (common.AwtKeyEventSource)1
AwtMouseEventSource (common.AwtMouseEventSource)1
AwtCanvasAdapter (common.adapter.AwtCanvasAdapter)1
UnknownHostException (java.net.UnknownHostException)1
AwtRdpKeyboardAdapter (rdpclient.adapter.AwtRdpKeyboardAdapter)1
AwtRdpMouseAdapter (rdpclient.adapter.AwtRdpMouseAdapter)1
ClientPreConnectionBlob (rdpclient.hyperv.ClientPreConnectionBlob)1
ClientNtlmsspNegotiate (rdpclient.ntlmssp.ClientNtlmsspNegotiate)1
ClientNtlmsspPubKeyAuth (rdpclient.ntlmssp.ClientNtlmsspPubKeyAuth)1
ClientNtlmsspUserCredentials (rdpclient.ntlmssp.ClientNtlmsspUserCredentials)1
NtlmState (rdpclient.ntlmssp.NtlmState)1
ServerNtlmsspChallenge (rdpclient.ntlmssp.ServerNtlmsspChallenge)1
ServerNtlmsspPubKeyPlus1 (rdpclient.ntlmssp.ServerNtlmsspPubKeyPlus1)1
ClientConfirmActivePDU (rdpclient.rdp.ClientConfirmActivePDU)1
ClientFastPathPDU (rdpclient.rdp.ClientFastPathPDU)1
ClientInfoPDU (rdpclient.rdp.ClientInfoPDU)1
ClientMCSAttachUserRequest (rdpclient.rdp.ClientMCSAttachUserRequest)1
ClientMCSChannelJoinRequestServerMCSChannelConfirmPDUs (rdpclient.rdp.ClientMCSChannelJoinRequestServerMCSChannelConfirmPDUs)1
ClientMCSConnectInitial (rdpclient.rdp.ClientMCSConnectInitial)1
ClientMCSErectDomainRequest (rdpclient.rdp.ClientMCSErectDomainRequest)1
