protocol

package
v0.0.0-...-a9e6128 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2024 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MajorVersion = 0x0
	MinorVersion = 0x0
	Version      = 0x00
)
View Source 
const (
	ERROR_SUCCESS                               = 0x00000000
	ERROR_ACCESS_DENIED                         = 0x00000005
	E_PROXY_INTERNALERROR                       = 0x800759D8
	E_PROXY_RAP_ACCESSDENIED                    = 0x800759DA
	E_PROXY_NAP_ACCESSDENIED                    = 0x800759DB
	E_PROXY_ALREADYDISCONNECTED                 = 0x800759DF
	E_PROXY_QUARANTINE_ACCESSDENIED             = 0x800759ED
	E_PROXY_NOCERTAVAILABLE                     = 0x800759EE
	E_PROXY_COOKIE_BADPACKET                    = 0x800759F7
	E_PROXY_COOKIE_AUTHENTICATION_ACCESS_DENIED = 0x800759F8
	E_PROXY_UNSUPPORTED_AUTHENTICATION_METHOD   = 0x800759F9
	E_PROXY_CAPABILITYMISMATCH                  = 0x800759E9
	E_PROXY_TS_CONNECTFAILED                    = 0x000059DD
	E_PROXY_MAXCONNECTIONSREACHED               = 0x000059E6
	// E_PROXY_INTERNALERROR                       = 0x000059D8
	ERROR_GRACEFUL_DISCONNECT       = 0x000004CA
	E_PROXY_NOTSUPPORTED            = 0x000059E8
	SEC_E_LOGON_DENIED              = 0x8009030C
	E_PROXY_SESSIONTIMEOUT          = 0x000059F6
	E_PROXY_REAUTH_AUTHN_FAILED     = 0x000059FA
	E_PROXY_REAUTH_CAP_FAILED       = 0x000059FB
	E_PROXY_REAUTH_RAP_FAILED       = 0x000059FC
	E_PROXY_SDR_NOT_SUPPORTED_BY_TS = 0x000059FD
	E_PROXY_REAUTH_NAP_FAILED       = 0x00005A00
	E_PROXY_CONNECTIONABORTED       = 0x000004D4
)

Common Error Code

View Source 
const (
	MethodRDGIN  = "RDG_IN_DATA"
	MethodRDGOUT = "RDG_OUT_DATA"
)
View Source 
const (
	PKT_TYPE_HANDSHAKE_REQUEST      = 0x1
	PKT_TYPE_HANDSHAKE_RESPONSE     = 0x2
	PKT_TYPE_EXTENDED_AUTH_MSG      = 0x3
	PKT_TYPE_TUNNEL_CREATE          = 0x4
	PKT_TYPE_TUNNEL_RESPONSE        = 0x5
	PKT_TYPE_TUNNEL_AUTH            = 0x6
	PKT_TYPE_TUNNEL_AUTH_RESPONSE   = 0x7
	PKT_TYPE_CHANNEL_CREATE         = 0x8
	PKT_TYPE_CHANNEL_RESPONSE       = 0x9
	PKT_TYPE_DATA                   = 0xA
	PKT_TYPE_SERVICE_MESSAGE        = 0xB
	PKT_TYPE_REAUTH_MESSAGE         = 0xC
	PKT_TYPE_KEEPALIVE              = 0xD
	PKT_TYPE_CLOSE_CHANNEL          = 0x10
	PKT_TYPE_CLOSE_CHANNEL_RESPONSE = 0x11
)
View Source 
const (
	HTTP_TUNNEL_RESPONSE_FIELD_TUNNEL_ID   = 0x01
	HTTP_TUNNEL_RESPONSE_FIELD_CAPS        = 0x02
	HTTP_TUNNEL_RESPONSE_FIELD_SOH_REQ     = 0x04
	HTTP_TUNNEL_RESPONSE_FIELD_CONSENT_MSG = 0x10
)
View Source 
const (
	HTTP_EXTENDED_AUTH_NONE      = 0x0
	HTTP_EXTENDED_AUTH_SC        = 0x1  /* Smart card authentication. */
	HTTP_EXTENDED_AUTH_PAA       = 0x02 /* Pluggable authentication. */
	HTTP_EXTENDED_AUTH_SSPI_NTLM = 0x04 /* NTLM extended authentication. */
)
View Source 
const (
	HTTP_TUNNEL_AUTH_RESPONSE_FIELD_REDIR_FLAGS  = 0x01
	HTTP_TUNNEL_AUTH_RESPONSE_FIELD_IDLE_TIMEOUT = 0x02
	HTTP_TUNNEL_AUTH_RESPONSE_FIELD_SOH_RESPONSE = 0x04
)
View Source 
const (
	HTTP_TUNNEL_REDIR_ENABLE_ALL        = 0x80000000
	HTTP_TUNNEL_REDIR_DISABLE_ALL       = 0x40000000
	HTTP_TUNNEL_REDIR_DISABLE_DRIVE     = 0x01
	HTTP_TUNNEL_REDIR_DISABLE_PRINTER   = 0x02
	HTTP_TUNNEL_REDIR_DISABLE_PORT      = 0x04
	HTTP_TUNNEL_REDIR_DISABLE_CLIPBOARD = 0x08
	HTTP_TUNNEL_REDIR_DISABLE_PNP       = 0x10
)
View Source 
const (
	HTTP_CHANNEL_RESPONSE_FIELD_CHANNELID   = 0x01
	HTTP_CHANNEL_RESPONSE_FIELD_AUTHNCOOKIE = 0x02
	HTTP_CHANNEL_RESPONSE_FIELD_UDPPORT     = 0x04
)
View Source 
const (
	SERVER_STATE_INITIALIZED      = 0x0
	SERVER_STATE_HANDSHAKE        = 0x1
	SERVER_STATE_TUNNEL_CREATE    = 0x2
	SERVER_STATE_TUNNEL_AUTHORIZE = 0x3
	SERVER_STATE_CHANNEL_CREATE   = 0x4
	SERVER_STATE_OPENED           = 0x5
	SERVER_STATE_CLOSED           = 0x6
)
View Source 
const (
	HTTP_CAPABILITY_TYPE_QUAR_SOH          = 0x1
	HTTP_CAPABILITY_IDLE_TIMEOUT           = 0x2
	HTTP_CAPABILITY_MESSAGING_CONSENT_SIGN = 0x4
	HTTP_CAPABILITY_MESSAGING_SERVICE_MSG  = 0x8
	HTTP_CAPABILITY_REAUTH                 = 0x10
	HTTP_CAPABILITY_UDP_TRANSPORT          = 0x20
)
View Source 
const (
	CtxTunnel = "github.com/bolkedebruin/rdpgw/tunnel"
)
View Source 
const (
	HTTP_TUNNEL_PACKET_FIELD_PAA_COOKIE = 0x1
)

Variables

View Source 
var Connections map[string]*Monitor

Functions

func DecodeUTF16 

func DecodeUTF16(b []byte) (string, error)

func Disconnect 

func Disconnect(id string) error

func EncodeUTF16 

func EncodeUTF16(s string) []byte

func RegisterTunnel 

func RegisterTunnel(t *Tunnel, p *Processor)

func RemoveTunnel 

func RemoveTunnel(t *Tunnel)

Types

type CheckClientNameFunc 

type CheckClientNameFunc func(context.Context, string) (bool, error)

type CheckHostFunc 

type CheckHostFunc func(context.Context, string) (bool, error)

type CheckPAACookieFunc 

type CheckPAACookieFunc func(context.Context, string) (bool, error)

type ClientConfig 

type ClientConfig struct {
	SmartCardAuth bool
	PAAToken      string
	NTLMAuth      bool
	Session       *Tunnel
	LocalConn     net.Conn
	Server        string
	Port          int
	Name          string
}

func (*ClientConfig) ConnectAndForward 

func (c *ClientConfig) ConnectAndForward() error

type Gateway 

type Gateway struct {
	// CheckPAACookie verifies if the PAA cookie sent by the client is valid
	CheckPAACookie CheckPAACookieFunc

	// CheckClientName verifies if the client name is allowed to connect
	CheckClientName CheckClientNameFunc

	// CheckHost verifies if the client is allowed to connect to the remote host
	CheckHost CheckHostFunc

	// RedirectFlags sets what devices the client is allowed to redirect to the remote host
	RedirectFlags RedirectFlags

	// IdleTimeOut is used to determine when to disconnect clients that have been idle
	IdleTimeout int

	// SmartCardAuth sets whether to use smart card based authentication
	SmartCardAuth bool

	// TokenAuth sets whether to use token/cookie based authentication
	TokenAuth bool

	ReceiveBuf int
	SendBuf    int
}

func (*Gateway) HandleGatewayProtocol 

func (g *Gateway) HandleGatewayProtocol(w http.ResponseWriter, r *http.Request)

type Monitor 

type Monitor struct {
	Processor *Processor
	Tunnel    *Tunnel
}

type Processor 

type Processor struct {
	// contains filtered or unexported fields
}

func NewProcessor 

func NewProcessor(gw *Gateway, tunnel *Tunnel) *Processor

func (*Processor) Process 

func (p *Processor) Process(ctx context.Context) error

type RedirectFlags 

type RedirectFlags struct {
	Clipboard  bool
	Port       bool
	Drive      bool
	Printer    bool
	Pnp        bool
	DisableAll bool
	EnableAll  bool
}

type Tunnel 

type Tunnel struct {
	// Id identifies the connection in the server
	Id string
	// The connection-id (RDG-ConnID) as reported by the client
	RDGId string

	// The remote desktop server (rdp, vnc etc) the clients intends to connect to
	TargetServer string
	// The obtained client ip address
	RemoteAddr string
	// User
	User identity.Identity

	// BytesSent is the total amount of bytes sent by the server to the client minus tunnel overhead
	BytesSent int64

	// BytesReceived is the total amount of bytes received by the server from the client minus tunnel overhad
	BytesReceived int64

	// ConnectedOn is when the client connected to the server
	ConnectedOn time.Time

	// LastSeen is when the server received the last packet from the client
	LastSeen time.Time
	// contains filtered or unexported fields
}

func (*Tunnel) Read 

func (t *Tunnel) Read() (pt int, size int, pkt []byte, err error)

Read picks up a packet from the transport and returns the packet type packet, with the header removed, and the packet size. It updates the statistics for bytes received

func (*Tunnel) Write 

func (t *Tunnel) Write(pkt []byte)

Write puts the packet on the transport and updates the statistics for bytes sent

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.