def process_server_packet(self, proto, packet):
packet_type = packet[0]
log("process_server_packet: %s", packet_type)
if packet_type==Protocol.CONNECTION_LOST:
self.stop("server connection lost", proto)
return
elif packet_type=="disconnect":
log("got disconnect from server: %s", packet[1])
if self.exit:
self.server_protocol.close()
else:
self.stop("disconnect from server: %s" % packet[1])
elif packet_type=="hello":
c = typedict(packet[1])
maxw, maxh = c.intpair("max_desktop_size", (4096, 4096))
caps = self.filter_server_caps(c)
#add new encryption caps:
if self.cipher:
from xpra.net.crypto import crypto_backend_init, new_cipher_caps, DEFAULT_PADDING
crypto_backend_init()
padding_options = self.caps.strlistget("cipher.padding.options", [DEFAULT_PADDING])
auth_caps = new_cipher_caps(self.client_protocol, self.cipher, self.encryption_key, padding_options)
caps.update(auth_caps)
#may need to bump packet size:
proto.max_packet_size = maxw*maxh*4*4
file_transfer = self.caps.boolget("file-transfer") and c.boolget("file-transfer")
file_size_limit = max(self.caps.intget("file-size-limit"), c.intget("file-size-limit"))
file_max_packet_size = int(file_transfer) * (1024 + file_size_limit*1024*1024)
self.client_protocol.max_packet_size = max(self.client_protocol.max_packet_size, file_max_packet_size)
self.server_protocol.max_packet_size = max(self.server_protocol.max_packet_size, file_max_packet_size)
packet = ("hello", caps)
elif packet_type=="info-response":
#adds proxy info:
#note: this is only seen by the client application
#"xpra info" is a new connection, which talks to the proxy server...
info = packet[1]
info.update(self.get_proxy_info(proto))
elif packet_type=="lost-window":
wid = packet[1]
#mark it as lost so we can drop any current/pending frames
self.lost_windows.add(wid)
#queue it so it gets cleaned safely (for video encoders mostly):
self.encode_queue.put(packet)
#and fall through so tell the client immediately
elif packet_type=="draw":
#use encoder thread:
self.encode_queue.put(packet)
#which will queue the packet itself when done:
return
#we do want to reformat cursor packets...
#as they will have been uncompressed by the network layer already:
elif packet_type=="cursor":
#packet = ["cursor", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", ""]
self._packet_recompress(packet, 8, "cursor")
elif packet_type=="window-icon":
self._packet_recompress(packet, 5, "icon")
self.queue_client_packet(packet)
def process_server_packet(self, proto, packet):
packet_type = packet[0]
log("process_server_packet: %s", packet_type)
if packet_type == Protocol.CONNECTION_LOST:
self.stop("server connection lost", proto)
return
elif packet_type == "disconnect":
log("got disconnect from server: %s", packet[1])
if self.exit:
self.server_protocol.close()
else:
self.stop("disconnect from server: %s" % packet[1])
elif packet_type == "hello":
c = typedict(packet[1])
maxw, maxh = c.intpair("max_desktop_size", (4096, 4096))
proto.max_packet_size = maxw * maxh * 4 * 4
caps = self.filter_server_caps(c)
#add new encryption caps:
if self.cipher:
auth_caps = new_cipher_caps(self.client_protocol, self.cipher,
self.encryption_key)
caps.update(auth_caps)
packet = ("hello", caps)
elif packet_type == "info-response":
#adds proxy info:
#note: this is only seen by the client application
#"xpra info" is a new connection, which talks to the proxy server...
info = packet[1]
info.update(self.get_proxy_info(proto))
elif packet_type == "lost-window":
wid = packet[1]
#mark it as lost so we can drop any current/pending frames
self.lost_windows.add(wid)
#queue it so it gets cleaned safely (for video encoders mostly):
self.encode_queue.put(packet)
#and fall through so tell the client immediately
elif packet_type == "draw":
#use encoder thread:
self.encode_queue.put(packet)
#which will queue the packet itself when done:
return
#we do want to reformat cursor packets...
#as they will have been uncompressed by the network layer already:
elif packet_type == "cursor":
#packet = ["cursor", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", ""]
self._packet_recompress(packet, 8, "cursor")
elif packet_type == "window-icon":
self._packet_recompress(packet, 5, "icon")
self.queue_client_packet(packet)
def process_server_packet(self, proto, packet):
packet_type = packet[0]
log("process_server_packet: %s", packet_type)
if packet_type==Protocol.CONNECTION_LOST:
self.stop("server connection lost", proto)
return
elif packet_type=="disconnect":
log("got disconnect from server: %s", packet[1])
if self.exit:
self.server_protocol.close()
else:
self.stop("disconnect from server: %s" % packet[1])
elif packet_type=="hello":
c = typedict(packet[1])
maxw, maxh = c.intpair("max_desktop_size", (4096, 4096))
caps = self.filter_server_caps(c)
#add new encryption caps:
if self.cipher:
from xpra.net.crypto import crypto_backend_init, new_cipher_caps, DEFAULT_PADDING
crypto_backend_init()
padding_options = self.caps.strlistget("cipher.padding.options", [DEFAULT_PADDING])
auth_caps = new_cipher_caps(self.client_protocol, self.cipher, self.encryption_key, padding_options)
caps.update(auth_caps)
#may need to bump packet size:
proto.max_packet_size = maxw*maxh*4*4
file_transfer = self.caps.boolget("file-transfer") and c.boolget("file-transfer")
file_size_limit = max(self.caps.intget("file-size-limit"), c.intget("file-size-limit"))
file_max_packet_size = int(file_transfer) * (1024 + file_size_limit*1024*1024)
self.client_protocol.max_packet_size = max(self.client_protocol.max_packet_size, file_max_packet_size)
self.server_protocol.max_packet_size = max(self.server_protocol.max_packet_size, file_max_packet_size)
packet = ("hello", caps)
elif packet_type=="info-response":
#adds proxy info:
#note: this is only seen by the client application
#"xpra info" is a new connection, which talks to the proxy server...
info = packet[1]
info.update(self.get_proxy_info(proto))
elif packet_type=="lost-window":
wid = packet[1]
#mark it as lost so we can drop any current/pending frames
self.lost_windows.add(wid)
#queue it so it gets cleaned safely (for video encoders mostly):
self.encode_queue.put(packet)
#and fall through so tell the client immediately
elif packet_type=="draw":
#use encoder thread:
self.encode_queue.put(packet)
#which will queue the packet itself when done:
return
#we do want to reformat cursor packets...
#as they will have been uncompressed by the network layer already:
elif packet_type=="cursor":
#packet = ["cursor", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", "png", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", ""]
if len(packet)>=8:
#hard to distinguish png cursors from normal cursors...
try:
int(packet[1])
self._packet_recompress(packet, 8, "cursor")
except:
self._packet_recompress(packet, 9, "cursor")
elif packet_type=="window-icon":
self._packet_recompress(packet, 5, "icon")
elif packet_type=="send-file":
if packet[6]:
packet[6] = Compressed("file-data", packet[6])
elif packet_type=="send-file-chunk":
if packet[3]:
packet[3] = Compressed("file-chunk-data", packet[3])
elif packet_type=="challenge":
from xpra.net.crypto import get_salt
#client may have already responded to the challenge,
#so we have to handle authentication from this end
salt = packet[1]
digest = packet[3]
client_salt = get_salt(len(salt))
salt = xor_str(salt, client_salt)
if digest!=b"hmac":
self.stop("digest mode '%s' not supported", std(digest))
return
password = self.disp_desc.get("password", self.session_options.get("password"))
log("password from %s / %s = %s", self.disp_desc, self.session_options, password)
if not password:
self.stop("authentication requested by the server, but no password available for this session")
return
import hmac, hashlib
password = strtobytes(password)
salt = strtobytes(salt)
challenge_response = hmac.HMAC(password, salt, digestmod=hashlib.md5).hexdigest()
log.info("sending %s challenge response", digest)
self.send_hello(challenge_response, client_salt)
return
self.queue_client_packet(packet)
def process_server_packet(self, proto, packet):
packet_type = packet[0]
log("process_server_packet: %s", packet_type)
if packet_type==Protocol.CONNECTION_LOST:
self.stop("server connection lost", proto)
return
elif packet_type=="disconnect":
log("got disconnect from server: %s", packet[1])
if self.exit:
self.server_protocol.close()
else:
self.stop("disconnect from server: %s" % packet[1])
elif packet_type=="hello":
c = typedict(packet[1])
maxw, maxh = c.intpair("max_desktop_size", (4096, 4096))
proto.max_packet_size = maxw*maxh*4*4
caps = self.filter_server_caps(c)
#add new encryption caps:
if self.cipher:
auth_caps = new_cipher_caps(self.client_protocol, self.cipher, self.encryption_key)
caps.update(auth_caps)
packet = ("hello", caps)
elif packet_type=="info-response":
#adds proxy info:
#note: this is only seen by the client application
#"xpra info" is a new connection, which talks to the proxy server...
info = packet[1]
info.update(self.get_proxy_info(proto))
elif packet_type=="lost-window":
wid = packet[1]
#mark it as lost so we can drop any current/pending frames
self.lost_windows.add(wid)
#queue it so it gets cleaned safely (for video encoders mostly):
self.encode_queue.put(packet)
#and fall through so tell the client immediately
elif packet_type=="draw":
#use encoder thread:
self.encode_queue.put(packet)
#which will queue the packet itself when done:
return
#we do want to reformat cursor packets...
#as they will have been uncompressed by the network layer already:
elif packet_type=="cursor":
#packet = ["cursor", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", ""]
if len(packet)>=9:
pixels = packet[8]
if len(pixels)<512:
packet[8] = str(pixels)
else:
#FIXME: this is ugly and not generic!
zlib = compression.use_zlib and self.caps.get("zlib", True)
lz4 = compression.use_lz4 and self.caps.get("lz4", False)
lzo = compression.use_lzo and self.caps.get("lzo", False)
if zlib or lz4 or lzo:
packet[8] = compressed_wrapper("cursor", pixels, zlib=zlib, lz4=lz4, lzo=lzo, can_inline=False)
else:
#prevent warnings about large uncompressed data
packet[8] = Compressed("raw cursor", pixels, can_inline=True)
self.queue_client_packet(packet)
def verify_hello(self, proto, c):
remote_version = c.strget("version")
verr = version_compat_check(remote_version)
if verr is not None:
self.disconnect_client(proto, VERSION_ERROR,
"incompatible version: %s" % verr)
proto.close()
return False
def auth_failed(msg):
authlog.error("Error: authentication failed")
authlog.error(" %s", msg)
self.timeout_add(1000, self.disconnect_client, proto, msg)
#authenticator:
username = c.strget("username")
if proto.authenticator is None and proto.auth_class:
authlog("creating authenticator %s", proto.auth_class)
try:
auth, aclass, options = proto.auth_class
ainstance = aclass(username, **options)
proto.authenticator = ainstance
authlog("%s=%s", auth, ainstance)
except Exception as e:
authlog.error("Error instantiating %s:", proto.auth_class)
authlog.error(" %s", e)
auth_failed("authentication failed")
return False
self.digest_modes = c.get("digest", ("hmac", ))
#client may have requested encryption:
cipher = c.strget("cipher")
cipher_iv = c.strget("cipher.iv")
key_salt = c.strget("cipher.key_salt")
iterations = c.intget("cipher.key_stretch_iterations")
padding = c.strget("cipher.padding", DEFAULT_PADDING)
padding_options = c.strlistget("cipher.padding.options",
[DEFAULT_PADDING])
auth_caps = {}
if cipher and cipher_iv:
if cipher not in ENCRYPTION_CIPHERS:
authlog.warn("unsupported cipher: %s", cipher)
auth_failed("unsupported cipher")
return False
encryption_key = self.get_encryption_key(proto.authenticator,
proto.keyfile)
if encryption_key is None:
auth_failed("encryption key is missing")
return False
if padding not in ALL_PADDING_OPTIONS:
auth_failed("unsupported padding: %s" % padding)
return False
authlog("set output cipher using encryption key '%s'",
repr_ellipsized(encryption_key))
proto.set_cipher_out(cipher, cipher_iv, encryption_key, key_salt,
iterations, padding)
#use the same cipher as used by the client:
auth_caps = new_cipher_caps(proto, cipher, encryption_key,
padding_options)
authlog("server cipher=%s", auth_caps)
else:
if proto.encryption:
authlog("client does not provide encryption tokens")
auth_failed("missing encryption tokens")
return False
auth_caps = None
#verify authentication if required:
if (proto.authenticator and proto.authenticator.requires_challenge()
) or c.get("challenge") is not None:
challenge_response = c.strget("challenge_response")
client_salt = c.strget("challenge_client_salt")
authlog(
"processing authentication with %s, response=%s, client_salt=%s, challenge_sent=%s",
proto.authenticator, challenge_response,
binascii.hexlify(client_salt or ""), proto.challenge_sent)
#send challenge if this is not a response:
if not challenge_response:
if proto.challenge_sent:
auth_failed(
"invalid state, challenge already sent - no response!")
return False
if proto.authenticator:
challenge = proto.authenticator.get_challenge()
if challenge is None:
auth_failed(
"invalid state, unexpected challenge response")
return False
authlog("challenge: %s", challenge)
salt, digest = challenge
authlog.info(
"Authentication required by %s authenticator module",
proto.authenticator)
authlog.info(" sending challenge for '%s' using %s digest",
username, digest)
if digest not in self.digest_modes:
auth_failed(
"cannot proceed without %s digest support" %
digest)
return False
else:
authlog.warn(
"Warning: client expects a challenge but this connection is unauthenticated"
)
#fake challenge so the client will send the real hello:
salt = get_salt()
digest = "hmac"
proto.challenge_sent = True
proto.send_now(("challenge", salt, auth_caps or "", digest))
return False
if not proto.authenticator.authenticate(challenge_response,
client_salt):
auth_failed("invalid challenge response")
return False
authlog("authentication challenge passed")
else:
#did the client expect a challenge?
if c.boolget("challenge"):
authlog.warn(
"this server does not require authentication (client supplied a challenge)"
)
return auth_caps
def process_server_packet(self, proto, packet):
packet_type = packet[0]
log("process_server_packet: %s", packet_type)
if packet_type==Protocol.CONNECTION_LOST:
self.stop("server connection lost", proto)
return
elif packet_type=="disconnect":
log("got disconnect from server: %s", packet[1])
if self.exit:
self.server_protocol.close()
else:
self.stop("disconnect from server: %s" % packet[1])
elif packet_type=="hello":
c = typedict(packet[1])
maxw, maxh = c.intpair("max_desktop_size", (4096, 4096))
caps = self.filter_server_caps(c)
#add new encryption caps:
if self.cipher:
from xpra.net.crypto import crypto_backend_init, new_cipher_caps, DEFAULT_PADDING
crypto_backend_init()
padding_options = self.caps.strlistget("cipher.padding.options", [DEFAULT_PADDING])
auth_caps = new_cipher_caps(self.client_protocol, self.cipher, self.encryption_key, padding_options)
caps.update(auth_caps)
#may need to bump packet size:
proto.max_packet_size = maxw*maxh*4*4
file_transfer = self.caps.boolget("file-transfer") and c.boolget("file-transfer")
file_size_limit = max(self.caps.intget("file-size-limit"), c.intget("file-size-limit"))
file_max_packet_size = int(file_transfer) * (1024 + file_size_limit*1024*1024)
self.client_protocol.max_packet_size = max(self.client_protocol.max_packet_size, file_max_packet_size)
self.server_protocol.max_packet_size = max(self.server_protocol.max_packet_size, file_max_packet_size)
packet = ("hello", caps)
elif packet_type=="info-response":
#adds proxy info:
#note: this is only seen by the client application
#"xpra info" is a new connection, which talks to the proxy server...
info = packet[1]
info.update(self.get_proxy_info(proto))
elif packet_type=="lost-window":
wid = packet[1]
#mark it as lost so we can drop any current/pending frames
self.lost_windows.add(wid)
#queue it so it gets cleaned safely (for video encoders mostly):
self.encode_queue.put(packet)
#and fall through so tell the client immediately
elif packet_type=="draw":
#use encoder thread:
self.encode_queue.put(packet)
#which will queue the packet itself when done:
return
#we do want to reformat cursor packets...
#as they will have been uncompressed by the network layer already:
elif packet_type=="cursor":
#packet = ["cursor", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", "png", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", ""]
if len(packet)>=8:
#hard to distinguish png cursors from normal cursors...
try:
int(packet[1])
self._packet_recompress(packet, 8, "cursor")
except:
self._packet_recompress(packet, 9, "cursor")
elif packet_type=="window-icon":
self._packet_recompress(packet, 5, "icon")
elif packet_type=="send-file":
if packet[6]:
packet[6] = Compressed("file-data", packet[6])
elif packet_type=="send-file-chunk":
if packet[3]:
packet[3] = Compressed("file-chunk-data", packet[3])
elif packet_type=="challenge":
from xpra.net.crypto import get_salt
#client may have already responded to the challenge,
#so we have to handle authentication from this end
salt = packet[1]
digest = packet[3]
client_salt = get_salt(len(salt))
salt = xor_str(salt, client_salt)
if digest!=b"hmac":
self.stop("digest mode '%s' not supported", std(digest))
return
password = self.session_options.get("password")
if not password:
self.stop("authentication requested by the server, but no password available for this session")
return
import hmac, hashlib
password = strtobytes(password)
salt = strtobytes(salt)
challenge_response = hmac.HMAC(password, salt, digestmod=hashlib.md5).hexdigest()
log.info("sending %s challenge response", digest)
self.send_hello(challenge_response, client_salt)
return
self.queue_client_packet(packet)
key_salt = c.strget("cipher.key_salt")
iterations = c.intget("cipher.key_stretch_iterations")
auth_caps = {}
if cipher and cipher_iv:
if cipher not in ENCRYPTION_CIPHERS:
log.warn("unsupported cipher: %s", cipher)
auth_failed("unsupported cipher")
return False
encryption_key = self.get_encryption_key(proto.authenticator)
if encryption_key is None:
auth_failed("encryption key is missing")
return False
proto.set_cipher_out(cipher, cipher_iv, encryption_key, key_salt,
iterations)
#use the same cipher as used by the client:
auth_caps = new_cipher_caps(proto, cipher, encryption_key)
log("server cipher=%s", auth_caps)
else:
auth_caps = None
#verify authentication if required:
if (proto.authenticator and proto.authenticator.requires_challenge()
) or c.get("challenge") is not None:
challenge_response = c.strget("challenge_response")
client_salt = c.strget("challenge_client_salt")
log(
"processing authentication with %s, response=%s, client_salt=%s, challenge_sent=%s",
proto.authenticator, challenge_response,
binascii.hexlify(client_salt or ""), proto.challenge_sent)
#send challenge if this is not a response:
if not challenge_response:
def process_server_packet(self, proto, packet):
packet_type = packet[0]
log("process_server_packet: %s", packet_type)
if packet_type == Protocol.CONNECTION_LOST:
self.stop("server connection lost", proto)
return
elif packet_type == "disconnect":
log("got disconnect from server: %s", packet[1])
if self.exit:
self.server_protocol.close()
else:
self.stop("disconnect from server: %s" % packet[1])
elif packet_type == "hello":
c = typedict(packet[1])
maxw, maxh = c.intpair("max_desktop_size", (4096, 4096))
caps = self.filter_server_caps(c)
#add new encryption caps:
if self.cipher:
from xpra.net.crypto import crypto_backend_init, new_cipher_caps, DEFAULT_PADDING
crypto_backend_init()
padding_options = self.caps.strlistget(
"cipher.padding.options", [DEFAULT_PADDING])
auth_caps = new_cipher_caps(self.client_protocol, self.cipher,
self.encryption_key,
padding_options)
caps.update(auth_caps)
#may need to bump packet size:
proto.max_packet_size = maxw * maxh * 4 * 4
file_transfer = self.caps.boolget("file-transfer") and c.boolget(
"file-transfer")
file_size_limit = max(self.caps.intget("file-size-limit"),
c.intget("file-size-limit"))
file_max_packet_size = int(file_transfer) * (
1024 + file_size_limit * 1024 * 1024)
self.client_protocol.max_packet_size = max(
self.client_protocol.max_packet_size, file_max_packet_size)
self.server_protocol.max_packet_size = max(
self.server_protocol.max_packet_size, file_max_packet_size)
packet = ("hello", caps)
elif packet_type == "info-response":
#adds proxy info:
#note: this is only seen by the client application
#"xpra info" is a new connection, which talks to the proxy server...
info = packet[1]
info.update(self.get_proxy_info(proto))
elif packet_type == "lost-window":
wid = packet[1]
#mark it as lost so we can drop any current/pending frames
self.lost_windows.add(wid)
#queue it so it gets cleaned safely (for video encoders mostly):
self.encode_queue.put(packet)
#and fall through so tell the client immediately
elif packet_type == "draw":
#use encoder thread:
self.encode_queue.put(packet)
#which will queue the packet itself when done:
return
#we do want to reformat cursor packets...
#as they will have been uncompressed by the network layer already:
elif packet_type == "cursor":
#packet = ["cursor", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", "png", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", ""]
if len(packet) >= 8:
#hard to distinguish png cursors from normal cursors...
try:
int(packet[1])
self._packet_recompress(packet, 8, "cursor")
except:
self._packet_recompress(packet, 9, "cursor")
elif packet_type == "window-icon":
self._packet_recompress(packet, 5, "icon")
elif packet_type == "send-file":
if packet[6]:
packet[6] = Compressed("file-data", packet[6])
elif packet_type == "send-file-chunk":
if packet[3]:
packet[3] = Compressed("file-chunk-data", packet[3])
elif packet_type == "challenge":
password = self.session_options.get("password")
if not password:
self.stop(
"authentication requested by the server, but no password available for this session"
)
return
from xpra.net.crypto import get_salt, gendigest
#client may have already responded to the challenge,
#so we have to handle authentication from this end
server_salt = bytestostr(packet[1])
l = len(server_salt)
digest = bytestostr(packet[3])
salt_digest = "xor"
if len(packet) >= 5:
salt_digest = bytestostr(packet[4])
if salt_digest in ("xor", "des"):
if not LEGACY_SALT_DIGEST:
self.stop("server uses legacy salt digest '%s'" %
salt_digest)
return
log.warn(
"Warning: server using legacy support for '%s' salt digest",
salt_digest)
if salt_digest == "xor":
#with xor, we have to match the size
assert l >= 16, "server salt is too short: only %i bytes, minimum is 16" % l
assert l <= 256, "server salt is too long: %i bytes, maximum is 256" % l
else:
#other digest, 32 random bytes is enough:
l = 32
client_salt = get_salt(l)
salt = gendigest(salt_digest, client_salt, server_salt)
challenge_response = gendigest(digest, password, salt)
if not challenge_response:
log("invalid digest module '%s': %s", digest)
self.stop(
"server requested '%s' digest but it is not supported" %
digest)
return
log.info("sending %s challenge response", digest)
self.send_hello(challenge_response, client_salt)
return
self.queue_client_packet(packet)
def verify_hello(self, proto, c):
remote_version = c.strget("version")
verr = version_compat_check(remote_version)
if verr is not None:
self.disconnect_client(proto, VERSION_ERROR,
"incompatible version: %s" % verr)
proto.close()
return False
def auth_failed(msg):
log.warn("Warning: authentication failed: %s", msg)
self.timeout_add(1000, self.disconnect_client, proto, msg)
#authenticator:
username = c.strget("username")
if proto.authenticator is None and proto.auth_class:
try:
proto.authenticator = proto.auth_class(username)
except Exception as e:
log.warn("error instantiating %s: %s", proto.auth_class, e)
auth_failed("authentication failed")
return False
self.digest_modes = c.get("digest", ("hmac", ))
#client may have requested encryption:
cipher = c.strget("cipher")
cipher_iv = c.strget("cipher.iv")
key_salt = c.strget("cipher.key_salt")
iterations = c.intget("cipher.key_stretch_iterations")
auth_caps = {}
if cipher and cipher_iv:
if cipher not in ENCRYPTION_CIPHERS:
log.warn("unsupported cipher: %s", cipher)
auth_failed("unsupported cipher")
return False
encryption_key = self.get_encryption_key(proto.authenticator)
if encryption_key is None:
auth_failed("encryption key is missing")
return False
proto.set_cipher_out(cipher, cipher_iv, encryption_key, key_salt,
iterations)
#use the same cipher as used by the client:
auth_caps = new_cipher_caps(proto, cipher, encryption_key)
log("server cipher=%s", auth_caps)
else:
auth_caps = None
#verify authentication if required:
if (proto.authenticator and proto.authenticator.requires_challenge()
) or c.get("challenge") is not None:
challenge_response = c.strget("challenge_response")
client_salt = c.strget("challenge_client_salt")
log(
"processing authentication with %s, response=%s, client_salt=%s, challenge_sent=%s",
proto.authenticator, challenge_response,
binascii.hexlify(client_salt or ""), proto.challenge_sent)
#send challenge if this is not a response:
if not challenge_response:
if proto.challenge_sent:
auth_failed(
"invalid state, challenge already sent - no response!")
return False
if proto.authenticator:
challenge = proto.authenticator.get_challenge()
if challenge is None:
auth_failed(
"invalid state: unexpected challenge response")
return False
salt, digest = challenge
log.info(
"Authentication required, %s sending challenge for '%s' using digest %s",
proto.authenticator, username, digest)
if digest not in self.digest_modes:
auth_failed(
"cannot proceed without %s digest support" %
digest)
return False
else:
log.warn(
"Warning: client expects a challenge but this connection is unauthenticated"
)
#fake challenge so the client will send the real hello:
from xpra.os_util import get_hex_uuid
salt = get_hex_uuid() + get_hex_uuid()
digest = "hmac"
proto.challenge_sent = True
proto.send_now(("challenge", salt, auth_caps or "", digest))
return False
if not proto.authenticator.authenticate(challenge_response,
client_salt):
auth_failed("invalid challenge response")
return False
log("authentication challenge passed")
else:
#did the client expect a challenge?
if c.boolget("challenge"):
log.warn(
"this server does not require authentication (client supplied a challenge)"
)
return auth_caps
def verify_hello(self, proto, c):
remote_version = c.strget("version")
verr = version_compat_check(remote_version)
if verr is not None:
self.disconnect_client(proto, VERSION_ERROR, "incompatible version: %s" % verr)
proto.close()
return False
def auth_failed(msg):
log.warn("Warning: authentication failed: %s", msg)
self.timeout_add(1000, self.disconnect_client, proto, msg)
# authenticator:
username = c.strget("username")
if proto.authenticator is None and proto.auth_class:
try:
proto.authenticator = proto.auth_class(username)
except Exception as e:
log.warn("error instantiating %s: %s", proto.auth_class, e)
auth_failed("authentication failed")
return False
self.digest_modes = c.get("digest", ("hmac",))
# client may have requested encryption:
cipher = c.strget("cipher")
cipher_iv = c.strget("cipher.iv")
key_salt = c.strget("cipher.key_salt")
iterations = c.intget("cipher.key_stretch_iterations")
auth_caps = {}
if cipher and cipher_iv:
if cipher not in ENCRYPTION_CIPHERS:
log.warn("unsupported cipher: %s", cipher)
auth_failed("unsupported cipher")
return False
encryption_key = self.get_encryption_key(proto.authenticator)
if encryption_key is None:
auth_failed("encryption key is missing")
return False
proto.set_cipher_out(cipher, cipher_iv, encryption_key, key_salt, iterations)
# use the same cipher as used by the client:
auth_caps = new_cipher_caps(proto, cipher, encryption_key)
log("server cipher=%s", auth_caps)
else:
auth_caps = None
# verify authentication if required:
if (proto.authenticator and proto.authenticator.requires_challenge()) or c.get("challenge") is not None:
challenge_response = c.strget("challenge_response")
client_salt = c.strget("challenge_client_salt")
log(
"processing authentication with %s, response=%s, client_salt=%s, challenge_sent=%s",
proto.authenticator,
challenge_response,
binascii.hexlify(client_salt or ""),
proto.challenge_sent,
)
# send challenge if this is not a response:
if not challenge_response:
if proto.challenge_sent:
auth_failed("invalid state, challenge already sent - no response!")
return False
if proto.authenticator:
challenge = proto.authenticator.get_challenge()
if challenge is None:
auth_failed("invalid state: unexpected challenge response")
return False
salt, digest = challenge
log.info(
"Authentication required, %s sending challenge for '%s' using digest %s",
proto.authenticator,
username,
digest,
)
if digest not in self.digest_modes:
auth_failed("cannot proceed without %s digest support" % digest)
return False
else:
log.warn("Warning: client expects a challenge but this connection is unauthenticated")
# fake challenge so the client will send the real hello:
from xpra.os_util import get_hex_uuid
salt = get_hex_uuid() + get_hex_uuid()
digest = "hmac"
proto.challenge_sent = True
proto.send_now(("challenge", salt, auth_caps or "", digest))
return False
if not proto.authenticator.authenticate(challenge_response, client_salt):
auth_failed("invalid challenge response")
return False
log("authentication challenge passed")
else:
# did the client expect a challenge?
if c.boolget("challenge"):
log.warn("this server does not require authentication (client supplied a challenge)")
return auth_caps
cipher_iv = c.strget("cipher.iv")
key_salt = c.strget("cipher.key_salt")
iterations = c.intget("cipher.key_stretch_iterations")
auth_caps = {}
if cipher and cipher_iv:
if cipher not in ENCRYPTION_CIPHERS:
log.warn("unsupported cipher: %s", cipher)
auth_failed("unsupported cipher")
return False
encryption_key = self.get_encryption_key(proto.authenticator)
if encryption_key is None:
auth_failed("encryption key is missing")
return False
proto.set_cipher_out(cipher, cipher_iv, encryption_key, key_salt, iterations)
#use the same cipher as used by the client:
auth_caps = new_cipher_caps(proto, cipher, encryption_key)
log("server cipher=%s", auth_caps)
else:
auth_caps = None
#verify authentication if required:
if (proto.authenticator and proto.authenticator.requires_challenge()) or c.get("challenge") is not None:
challenge_response = c.strget("challenge_response")
client_salt = c.strget("challenge_client_salt")
log("processing authentication with %s, response=%s, client_salt=%s, challenge_sent=%s", proto.authenticator, challenge_response, binascii.hexlify(client_salt or ""), proto.challenge_sent)
#send challenge if this is not a response:
if not challenge_response:
if proto.challenge_sent:
auth_failed("invalid state, challenge already sent - no response!")
return False
if proto.authenticator:
def process_server_packet(self, proto, packet):
packet_type = packet[0]
log("process_server_packet: %s", packet_type)
if packet_type == Protocol.CONNECTION_LOST:
self.stop("server connection lost", proto)
return
elif packet_type == "disconnect":
log("got disconnect from server: %s", packet[1])
if self.exit:
self.server_protocol.close()
else:
self.stop("disconnect from server: %s" % packet[1])
elif packet_type == "hello":
c = typedict(packet[1])
maxw, maxh = c.intpair("max_desktop_size", (4096, 4096))
caps = self.filter_server_caps(c)
#add new encryption caps:
if self.cipher:
from xpra.net.crypto import crypto_backend_init, new_cipher_caps, DEFAULT_PADDING
crypto_backend_init()
padding_options = self.caps.strlistget(
"cipher.padding.options", [DEFAULT_PADDING])
auth_caps = new_cipher_caps(self.client_protocol, self.cipher,
self.encryption_key,
padding_options)
caps.update(auth_caps)
#may need to bump packet size:
proto.max_packet_size = maxw * maxh * 4 * 4
file_transfer = self.caps.boolget("file-transfer") and c.boolget(
"file-transfer")
file_size_limit = max(self.caps.intget("file-size-limit"),
c.intget("file-size-limit"))
file_max_packet_size = int(file_transfer) * (
1024 + file_size_limit * 1024 * 1024)
self.client_protocol.max_packet_size = max(
self.client_protocol.max_packet_size, file_max_packet_size)
self.server_protocol.max_packet_size = max(
self.server_protocol.max_packet_size, file_max_packet_size)
packet = ("hello", caps)
elif packet_type == "info-response":
#adds proxy info:
#note: this is only seen by the client application
#"xpra info" is a new connection, which talks to the proxy server...
info = packet[1]
info.update(self.get_proxy_info(proto))
elif packet_type == "lost-window":
wid = packet[1]
#mark it as lost so we can drop any current/pending frames
self.lost_windows.add(wid)
#queue it so it gets cleaned safely (for video encoders mostly):
self.encode_queue.put(packet)
#and fall through so tell the client immediately
elif packet_type == "draw":
#use encoder thread:
self.encode_queue.put(packet)
#which will queue the packet itself when done:
return
#we do want to reformat cursor packets...
#as they will have been uncompressed by the network layer already:
elif packet_type == "cursor":
#packet = ["cursor", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", "png", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", ""]
if len(packet) >= 8:
#hard to distinguish png cursors from normal cursors...
try:
int(packet[1])
self._packet_recompress(packet, 8, "cursor")
except:
self._packet_recompress(packet, 9, "cursor")
elif packet_type == "window-icon":
self._packet_recompress(packet, 5, "icon")
self.queue_client_packet(packet)
def process_server_packet(self, proto, packet):
packet_type = packet[0]
log("process_server_packet: %s", packet_type)
if packet_type == Protocol.CONNECTION_LOST:
self.stop("server connection lost", proto)
return
elif packet_type == "disconnect":
log("got disconnect from server: %s", packet[1])
if self.exit:
self.server_protocol.close()
else:
self.stop("disconnect from server: %s" % packet[1])
elif packet_type == "hello":
c = typedict(packet[1])
maxw, maxh = c.intpair("max_desktop_size", (4096, 4096))
proto.max_packet_size = maxw * maxh * 4 * 4
caps = self.filter_server_caps(c)
#add new encryption caps:
if self.cipher:
auth_caps = new_cipher_caps(self.client_protocol, self.cipher,
self.encryption_key)
caps.update(auth_caps)
packet = ("hello", caps)
elif packet_type == "info-response":
#adds proxy info:
#note: this is only seen by the client application
#"xpra info" is a new connection, which talks to the proxy server...
info = packet[1]
info.update(self.get_proxy_info(proto))
elif packet_type == "lost-window":
wid = packet[1]
#mark it as lost so we can drop any current/pending frames
self.lost_windows.add(wid)
#queue it so it gets cleaned safely (for video encoders mostly):
self.encode_queue.put(packet)
#and fall through so tell the client immediately
elif packet_type == "draw":
#use encoder thread:
self.encode_queue.put(packet)
#which will queue the packet itself when done:
return
#we do want to reformat cursor packets...
#as they will have been uncompressed by the network layer already:
elif packet_type == "cursor":
#packet = ["cursor", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", ""]
if len(packet) >= 9:
pixels = packet[8]
if len(pixels) < 512:
packet[8] = str(pixels)
else:
#FIXME: this is ugly and not generic!
zlib = compression.use_zlib and self.caps.get("zlib", True)
lz4 = compression.use_lz4 and self.caps.get("lz4", False)
lzo = compression.use_lzo and self.caps.get("lzo", False)
if zlib or lz4 or lzo:
packet[8] = compressed_wrapper("cursor",
pixels,
zlib=zlib,
lz4=lz4,
lzo=lzo,
can_inline=False)
else:
#prevent warnings about large uncompressed data
packet[8] = Compressed("raw cursor",
pixels,
can_inline=True)
self.queue_client_packet(packet)
def process_server_packet(self, proto, packet):
packet_type = bytestostr(packet[0])
log("process_server_packet: %s", packet_type)
if packet_type == CONNECTION_LOST:
self.stop(proto, "server connection lost")
return
if packet_type == "disconnect":
reason = bytestostr(packet[1])
log("got disconnect from server: %s", reason)
if self.exit:
self.server_protocol.close()
else:
self.stop(None, "disconnect from server", reason)
elif packet_type == "hello":
c = typedict(packet[1])
if c.boolget("ping-echo-sourceid"):
self.schedule_server_ping()
maxw, maxh = c.intpair("max_desktop_size", (4096, 4096))
caps = self.filter_server_caps(c)
#add new encryption caps:
if self.cipher:
from xpra.net.crypto import crypto_backend_init, new_cipher_caps, DEFAULT_PADDING
crypto_backend_init()
padding_options = self.caps.strtupleget(
"cipher.padding.options", [DEFAULT_PADDING])
auth_caps = new_cipher_caps(self.client_protocol, self.cipher,
self.cipher_mode,
self.encryption_key,
padding_options)
caps.update(auth_caps)
#may need to bump packet size:
proto.max_packet_size = max(MAX_PACKET_SIZE, maxw * maxh * 4 * 4)
packet = ("hello", caps)
elif packet_type == "ping_echo" and self.server_ping_timer and len(
packet) >= 7 and strtobytes(packet[6]) == strtobytes(
self.uuid):
#this is one of our ping packets:
self.server_last_ping_echo = packet[1]
self.server_last_ping_latency = 1000 * monotonic(
) - self.server_last_ping_echo
log("ping-echo: server latency=%.1fms",
self.server_last_ping_latency)
return
elif packet_type == "info-response":
#adds proxy info:
#note: this is only seen by the client application
#"xpra info" is a new connection, which talks to the proxy server...
info = packet[1]
info.update(self.get_proxy_info(proto))
elif packet_type == "lost-window":
wid = packet[1]
#mark it as lost so we can drop any current/pending frames
self.lost_windows.add(wid)
#queue it so it gets cleaned safely (for video encoders mostly):
self.encode_queue.put(packet)
#and fall through so tell the client immediately
elif packet_type == "draw":
#use encoder thread:
self.encode_queue.put(packet)
#which will queue the packet itself when done:
return
elif packet_type == "sound-data":
sound_data = packet[2]
if sound_data:
#best if we use raw packets for the actual sound-data chunk:
packet[2] = Compressed("sound-data", sound_data)
#we do want to reformat cursor packets...
#as they will have been uncompressed by the network layer already:
elif packet_type == "cursor":
#packet = ["cursor", "png", x, y, width, height, xhot, yhot, serial, pixels, name]
#or:
#packet = ["cursor", ""]
if len(packet) >= 8:
self._packet_recompress(packet, 9, "cursor")
elif packet_type == "window-icon":
self._packet_recompress(packet, 5, "icon")
elif packet_type == "send-file":
if packet[6]:
packet[6] = Compressed("file-data", packet[6])
elif packet_type == "send-file-chunk":
if packet[3]:
packet[3] = Compressed("file-chunk-data", packet[3])
elif packet_type == "challenge":
password = self.disp_desc.get("password",
self.session_options.get("password"))
log("password from %s / %s = %s", self.disp_desc,
self.session_options, password)
if not password:
if not PASSTHROUGH_AUTH:
self.stop(None, "authentication requested by the server,",
"but no password is available for this session")
#otherwise, just forward it to the client
self.client_challenge_packet = packet
else:
#client may have already responded to the challenge,
#so we have to handle authentication from this end
server_salt = bytestostr(packet[1])
l = len(server_salt)
digest = bytestostr(packet[3])
salt_digest = "xor"
if len(packet) >= 5:
salt_digest = bytestostr(packet[4])
if salt_digest in ("xor", "des"):
if not LEGACY_SALT_DIGEST:
self.stop(
None, "server uses legacy salt digest '%s'" %
salt_digest)
return
log.warn(
"Warning: server using legacy support for '%s' salt digest",
salt_digest)
if salt_digest == "xor":
#with xor, we have to match the size
assert l >= 16, "server salt is too short: only %i bytes, minimum is 16" % l
assert l <= 256, "server salt is too long: %i bytes, maximum is 256" % l
else:
#other digest, 32 random bytes is enough:
l = 32
client_salt = get_salt(l)
salt = gendigest(salt_digest, client_salt, server_salt)
challenge_response = gendigest(digest, password, salt)
if not challenge_response:
log("invalid digest module '%s': %s", digest)
self.stop(
None,
"server requested '%s' digest but it is not supported"
% digest)
return
log.info("sending %s challenge response", digest)
self.send_hello(challenge_response, client_salt)
return
self.queue_client_packet(packet)
def verify_hello(self, proto, c):
remote_version = c.strget("version")
verr = version_compat_check(remote_version)
if verr is not None:
self.disconnect_client(proto, VERSION_ERROR, "incompatible version: %s" % verr)
proto.close()
return False
def auth_failed(msg):
authlog.error("Error: authentication failed")
authlog.error(" %s", msg)
self.timeout_add(1000, self.disconnect_client, proto, msg)
#authenticator:
username = c.strget("username")
if proto.authenticator is None and proto.auth_class:
authlog("creating authenticator %s", proto.auth_class)
try:
auth, aclass, options = proto.auth_class
ainstance = aclass(username, **options)
proto.authenticator = ainstance
authlog("%s=%s", auth, ainstance)
except Exception as e:
authlog.error("Error instantiating %s:", proto.auth_class)
authlog.error(" %s", e)
auth_failed("authentication failed")
return False
digest_modes = c.get("digest", ("hmac", ))
#client may have requested encryption:
cipher = c.strget("cipher")
cipher_iv = c.strget("cipher.iv")
key_salt = c.strget("cipher.key_salt")
iterations = c.intget("cipher.key_stretch_iterations")
padding = c.strget("cipher.padding", DEFAULT_PADDING)
padding_options = c.strlistget("cipher.padding.options", [DEFAULT_PADDING])
auth_caps = {}
if cipher and cipher_iv:
if cipher not in ENCRYPTION_CIPHERS:
authlog.warn("unsupported cipher: %s", cipher)
auth_failed("unsupported cipher")
return False
encryption_key = self.get_encryption_key(proto.authenticator, proto.keyfile)
if encryption_key is None:
auth_failed("encryption key is missing")
return False
if padding not in ALL_PADDING_OPTIONS:
auth_failed("unsupported padding: %s" % padding)
return False
authlog("set output cipher using encryption key '%s'", repr_ellipsized(encryption_key))
proto.set_cipher_out(cipher, cipher_iv, encryption_key, key_salt, iterations, padding)
#use the same cipher as used by the client:
auth_caps = new_cipher_caps(proto, cipher, encryption_key, padding_options)
authlog("server cipher=%s", auth_caps)
else:
if proto.encryption:
authlog("client does not provide encryption tokens")
auth_failed("missing encryption tokens")
return False
auth_caps = None
#verify authentication if required:
if (proto.authenticator and proto.authenticator.requires_challenge()) or c.get("challenge") is not None:
challenge_response = c.strget("challenge_response")
client_salt = c.strget("challenge_client_salt")
authlog("processing authentication with %s, response=%s, client_salt=%s, challenge_sent=%s", proto.authenticator, challenge_response, binascii.hexlify(client_salt or ""), proto.challenge_sent)
#send challenge if this is not a response:
if not challenge_response:
if proto.challenge_sent:
auth_failed("invalid state, challenge already sent - no response!")
return False
if proto.authenticator:
challenge = proto.authenticator.get_challenge()
if challenge is None:
auth_failed("invalid state, unexpected challenge response")
return False
authlog("challenge: %s", challenge)
salt, digest = challenge
authlog.info("Authentication required by %s authenticator module", proto.authenticator)
authlog.info(" sending challenge for '%s' using %s digest", username, digest)
if digest not in digest_modes:
auth_failed("cannot proceed without %s digest support" % digest)
return False
else:
authlog.warn("Warning: client expects a challenge but this connection is unauthenticated")
#fake challenge so the client will send the real hello:
salt = get_salt()
digest = "hmac"
proto.challenge_sent = True
proto.send_now(("challenge", salt, auth_caps or "", digest))
return False
if not proto.authenticator.authenticate(challenge_response, client_salt):
auth_failed("invalid challenge response")
return False
authlog("authentication challenge passed")
else:
#did the client expect a challenge?
if c.boolget("challenge"):
authlog.warn("this server does not require authentication (client supplied a challenge)")
return auth_caps
