Rev 5715 | Rev 5722 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 5715 | Rev 5720 | ||
---|---|---|---|
Line 68... | Line 68... | ||
68 | ; Connect to the server |
68 | ; Connect to the server |
69 | mcall connect, [socketnum], sockaddr1, 18 |
69 | mcall connect, [socketnum], sockaddr1, 18 |
70 | cmp eax, -1 |
70 | cmp eax, -1 |
71 | je err_connect |
71 | je err_connect |
Line 72... | Line 72... | ||
72 | 72 | ||
73 | ; Wait for handshake from server |
- | |
74 | ; TODO: implement timeout |
73 | ; Verify handshake from server |
75 | call wait_for_data |
74 | call wait_for_data |
76 | cmp dword[receive_buffer], "RFB " |
75 | cmp dword[receive_buffer], "RFB " |
- | 76 | jne err_proto |
|
- | 77 | add esi, 12 |
|
- | 78 | ||
- | 79 | ; Did we get an error message already? |
|
- | 80 | cmp eax, 16 |
|
- | 81 | jb @f |
|
- | 82 | lodsd |
|
- | 83 | test eax, eax |
|
- | 84 | je err_handshake |
|
Line 77... | Line 85... | ||
77 | jne err_proto |
85 | @@: |
78 | 86 | ||
79 | ; Reply to handshake |
87 | ; Reply to handshake |
80 | DEBUGF 1, "Sending handshake\n" |
- | |
Line -... | Line 88... | ||
- | 88 | DEBUGF 1, "Sending handshake\n" |
|
- | 89 | mcall send, [socketnum], HandShake, 12, 0 |
|
- | 90 | ||
- | 91 | ; VNC 3.3 protocol: server decides security type |
|
- | 92 | call wait_for_data |
|
81 | mcall send, [socketnum], HandShake, 12, 0 |
93 | lodsd |
82 | call wait_for_data |
94 | cmp eax, 0x00000000 |
83 | 95 | je err_handshake |
|
84 | cmp dword[receive_buffer], 0x01000000 ; no security |
96 | cmp eax, 0x01000000 ; no security |
85 | je initialize |
- | |
86 | cmp dword[receive_buffer], 0x02000000 ; VNC security |
97 | je initialize |
Line 87... | Line 98... | ||
87 | je vnc_security |
98 | cmp eax, 0x02000000 ; VNC security |
Line -... | Line 99... | ||
- | 99 | je vnc_security |
|
- | 100 | jmp err_proto |
|
88 | 101 | ||
89 | jmp err_security |
102 | vnc_security: |
Line 90... | Line 103... | ||
90 | 103 | ||
91 | vnc_security: |
104 | push esi ; pointer to message |
Line 108... | Line 121... | ||
108 | mcall -1 |
121 | mcall -1 |
109 | @@: |
122 | @@: |
110 | DEBUGF 1, "VNC authentication\n" |
123 | DEBUGF 1, "VNC authentication\n" |
Line 111... | Line 124... | ||
111 | 124 | ||
112 | ; Bit reverse the password and create DES keys |
- | |
113 | 125 | ; Bit reverse the password and create DES keys |
|
114 | mov ebx, dword[password] |
126 | mov ebx, dword[password] |
115 | mov edx, ebx |
127 | mov edx, ebx |
116 | and ebx, 0xf0f0f0f0 |
128 | and ebx, 0xf0f0f0f0 |
117 | shr ebx, 4 |
129 | shr ebx, 4 |
Line 155... | Line 167... | ||
155 | 167 | ||
156 | mov edi, keys |
168 | mov edi, keys |
Line 157... | Line 169... | ||
157 | call DES_create_keys |
169 | call DES_create_keys |
158 | - | ||
- | 170 | ||
159 | ; Encrypt message with DES |
171 | ; Encrypt message with DES |
160 | 172 | mov esi, [esp] |
|
161 | mov ebx, dword[receive_buffer+4] |
173 | mov ebx, dword[esi+0] |
- | 174 | mov edx, dword[esi+4] |
|
162 | mov edx, dword[receive_buffer+8] |
175 | call encrypt_DES |
163 | call encrypt_DES |
176 | mov esi, [esp] |
Line 164... | Line 177... | ||
164 | mov dword[receive_buffer+4], ebx |
177 | mov dword[esi+0], ebx |
165 | mov dword[receive_buffer+8], edx |
178 | mov dword[esi+4], edx |
166 | 179 | ||
- | 180 | mov ebx, dword[esi+8] |
|
167 | mov ebx, dword[receive_buffer+12] |
181 | mov edx, dword[esi+12] |
168 | mov edx, dword[receive_buffer+16] |
182 | call encrypt_DES |
Line 169... | Line 183... | ||
169 | call encrypt_DES |
183 | mov esi, [esp] |
170 | mov dword[receive_buffer+12], ebx |
- | |
171 | mov dword[receive_buffer+16], edx |
184 | mov dword[esi+8], ebx |
172 | 185 | mov dword[esi+12], edx |
|
173 | ; Blank out the password and key fields in RAM |
186 | |
174 | 187 | ; Blank out the password and key fields in RAM |
|
Line 175... | Line 188... | ||
175 | mov edi, password |
188 | mov edi, password |
- | 189 | mov ecx, 384/4 |
|
- | 190 | xor eax, eax |
|
Line -... | Line 191... | ||
- | 191 | rep stosd |
|
176 | mov ecx, 384/4 |
192 | |
177 | xor eax, eax |
- | |
178 | rep stosd |
193 | ; Send the authentication response to server |
179 | 194 | pop edx |
|
180 | ; Send the authentication response to server |
195 | mcall send, [socketnum], , 16, 0 |
181 | - | ||
Line 182... | Line 196... | ||
182 | mcall send, [socketnum], receive_buffer+4, 16, 0 |
196 | |
183 | 197 | securityresult: |
|
184 | call wait_for_data |
198 | ; Wait for SecurityResult from server |
Line 305... | Line 319... | ||
305 | je encoding_raw |
319 | je encoding_raw |
306 | cmp eax, 1 |
320 | cmp eax, 1 |
307 | je encoding_CopyRect |
321 | je encoding_CopyRect |
308 | cmp eax, 2 |
322 | cmp eax, 2 |
309 | je encoding_RRE |
323 | je encoding_RRE |
310 | ; cmp eax, 5 |
- | |
311 | ; je encoding_hextile |
- | |
312 | ; cmp eax, 15 |
324 | cmp eax, 15 |
313 | ; je encoding_TRLE |
325 | je encoding_TRLE |
314 | ; cmp eax, 16 |
326 | cmp eax, 16 |
315 | ; je encoding_ZRLE |
327 | je encoding_ZRLE |
Line 316... | Line 328... | ||
316 | 328 | ||
317 | DEBUGF 2, "unknown encoding: %u\n", eax |
329 | DEBUGF 2, "unknown encoding: %u\n", eax |
Line 318... | Line 330... | ||
318 | jmp thread_loop |
330 | jmp thread_loop |
Line 414... | Line 426... | ||
414 | jz err_disconnected |
426 | jz err_disconnected |
415 | add [datapointer], eax |
427 | add [datapointer], eax |
416 | ret |
428 | ret |
Line 417... | Line 429... | ||
417 | 429 | ||
- | 430 | .buffer_end_reached: |
|
- | 431 | DEBUGF 1, "end of buffer reached, re-organizing\n" |
|
418 | .buffer_end_reached: |
432 | pop edi esi edx ecx ebx |
419 | ; Buffer is full, first needed data by program is pointed to by esi. |
433 | ; Buffer is full, first needed data by program is pointed to by esi. |
420 | ; Move all usefull data to begin of buffer |
434 | ; Move all usefull data to begin of buffer |
421 | cmp esi, receive_buffer |
435 | cmp esi, receive_buffer |
422 | je err_proto |
436 | je err_proto |
Line 434... | Line 448... | ||
434 | mcall recv, [socketnum], receive_buffer, 4096, 0 ; MSG_DONTWAIT |
448 | mcall recv, [socketnum], receive_buffer, 4096, 0 ; MSG_DONTWAIT |
435 | cmp eax, -1 |
449 | cmp eax, -1 |
436 | je err_sock |
450 | je err_sock |
437 | test eax, eax |
451 | test eax, eax |
438 | jz err_disconnected |
452 | jz err_disconnected |
- | 453 | mov esi, receive_buffer |
|
439 | ret |
454 | ret |
Line 440... | Line 455... | ||
440 | 455 | ||
441 | 456 | ||
Line 464... | Line 479... | ||
464 | mov [status], STATUS_PROTO_ERR |
479 | mov [status], STATUS_PROTO_ERR |
465 | inc [update_gui] |
480 | inc [update_gui] |
466 | mcall -1 |
481 | mcall -1 |
467 | ret |
482 | ret |
Line 468... | Line 483... | ||
468 | 483 | ||
469 | err_security: |
484 | err_handshake: |
- | 485 | mov [status], STATUS_SECURITY_ERR |
|
- | 486 | ||
- | 487 | lodsd ; Custom message from server? |
|
- | 488 | test eax, eax |
|
- | 489 | jz .no_msg |
|
- | 490 | bswap eax |
|
- | 491 | mov ecx, eax |
|
- | 492 | cmp ecx, 512 |
|
- | 493 | jb @f |
|
- | 494 | mov ecx, 512 |
|
- | 495 | @@: |
|
- | 496 | mov edi, sz_err_security_c |
|
- | 497 | rep movsb |
|
- | 498 | mov byte[edi], 0 |
|
- | 499 | mov [status], STATUS_SECURITY_ERR_C |
|
- | 500 | .no_msg: |
|
470 | mov [status], STATUS_SECURITY_ERR |
501 | |
471 | inc [update_gui] |
502 | inc [update_gui] |
472 | mcall -1 |
503 | mcall -1 |
Line 473... | Line 504... | ||
473 | ret |
504 | ret |