====== FreeRdp ======
  * Official site: [[https://www.freerdp.com/|freerdp.com]]
  * Github repo: [[https://github.com/FreeRDP/FreeRDP/]]
  * Wiki: [[https://github.com/FreeRDP/FreeRDP/wiki]]
  * API documentation: [[https://pub.freerdp.com/api/]]
  * Information regarding the Microsoft Open Specifications can be found at: [[https://www.microsoft.com/openspecifications/]]
    * [[https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdsod/072543f9-4bd4-4dc6-ab97-9a04bf9d2c6a|[MS-RDSOD]: Remote Desktop Services Protocols Overview]], 备份:{{ :public:it:ms-rdsod_.pdf |[MS-RDSOD].pdf}}， 远程桌面协议概览
    * [[https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/5073f4ed-1e93-45e1-b039-6e30c385867c|[MS-RDPBCGR]: Remote Desktop Protocol: Basic Connectivity and Graphics Remoting]]， {{ :public:it:ms-rdpbcgr_.pdf |[MS-RDPBCGR].pdf}}, 基础协议
      * [[https://www.itu.int/rec/T-REC-X.224-199511-I/en|ITU X.224协议]], {{ :public:it:t-rec-x.224-199511-i_pdf-e.pdf | X.224.pdf}}
    * [[https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpegfx/da5c75f9-cd99-450c-98c4-014a496942b0|[MS-RDPEGFX]: Remote Desktop Protocol: Graphics Pipeline Extension]]
    * [[https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdperp/83275957-2d0e-4c52-88d1-1b4c998c6bec|[MS-RDPERP]: Remote Desktop Protocol: Remote Programs Virtual Channel Extension]]  远程应用相关协议
===== RDP 协议解析 =====
  * 基于TCP连接，标准没有规定服务端端口，默认端口为**3389**
  * 消息流里的多字节数据统一使用**小端**字节序(little-endian)

==== 消息结构 ====
  * 节选了几个有代表性的
=== 静态虚拟通道消息结构 ===
  * tpktHeader (4 字节):  TPKT 头, 详见 [[https://www.itu.int/rec/T-REC-T.123/en|[T123]]] section 8
  * x224Data (3 字节):  X.224 Class 0 Data TPDU, 详见 [[https://www.itu.int/rec/T-REC-X.224-199511-I/en|[X224]]] section 13.7.
  * mcsPdu (长度可变):
  * securityHeade (长度可变):可选,取决于服务端选择的加密级别与算法
  * channelPduHeader (8 字节) : CHANNEL_PDU_HEADER 结构
  * virtualChannelData (长度可变): 此通道具体数据，该字段的大小不得大于 CHANNEL_CHUNK_LENGTH (1600) 字节，除非在 Virtual Channel Capability 的 VCChunkSize 字段中指定了最大虚拟通道块大小
=== 基础输出消息结构 ===
  * The Slow-Path Graphics Update PDU
    * tpktHeader (4 字节)
    * x224Data (3 字节)
    * mcsSDin (长度可变)
    * securityHeade (长度可变):
    * slowPathGraphicsUpdates: TS_GRAPHICS_UPDATE 结构
      * shareDataHeader (8 字节)
      * updateType (2 字节): UPDATETYPE_ORDERS(0x0000) UPDATETYPE_BITMAP(0x0001) UPDATETYPE_PALETTE(0x0002) UPDATETYPE_SYNCHRONIZE(0x0003)
      * updateData (长度可变):
        * TS_UPDATE_PALETTE 
        * TS_UPDATE_BITMAP 
        * TS_UPDATE_SYNC 
  *  Server Fast-Path Update PDU (TS_FP_UPDATE_PDU): 为节省带宽而省略重复头的 Fast-Path 消息结构
    * fpOutputHeader (1 字节): 1字节8位，各个位的内容如下：
      * action (2 位): 识别位。 FASTPATH_OUTPUT_ACTION_FASTPATH(0x0) 表示此PDU为 Fast-Path;  FASTPATH_OUTPUT_ACTION_X224(0x3) 表示此PDU为 Slow-Path
      * reserved(4 位): 保留，为0；
      * flags (2 位): 描述此PDU的加密 FASTPATH_OUTPUT_SECURE_CHECKSUM(0x1), FASTPATH_OUTPUT_ENCRYPTED(0x2)
    * length1 (1 字节)
    * length2 (1 字节)(可选)
    * fipsInformation (4 字节)(可选)
    * dataSignature (8 字节)(可选)
    * fpOutputUpdates (可变长度): TS_FP_UPDATE 结构
      * TS_FP_UPDATE 基本结构：
        * updateHeader (1 字节)
          * updateCode (4 位)：类型代码
          * fragmentation (2 位): 消息分段标志位 FASTPATH_FRAGMENT_SINGLE(0x0) FASTPATH_FRAGMENT_LAST(0x1) FASTPATH_FRAGMENT_FIRST(0x2) FASTPATH_FRAGMENT_NEXT(0x3)
          * compression (2位): 标志是否使用 compressionFlags , FASTPATH_OUTPUT_COMPRESSION_USED(0x2)
        * compressionFlags (1 字节)(可选)
        * size (2 字节)
        * updateData (长度可变)： 比如 TS_UPDATE_BITMAP_DATA 
  * TS_UPDATE_BITMAP_DATA 结构
    * updateType (2 字节): 16位无符号整型， 此结构固定为值 UPDATETYPE_BITMAP (0x0001). 
    * numberRectangles (2 字节): 16位无符号整型. 标识下方rectangles 字段所包含的屏幕矩形数量。
    * rectangles (长度可变): TS_BITMAP_DATA 的不定长数组 
      * TS_BITMAP_DATA 的结构：
        * destLeft (2 字节): 16位无符号整型. Left bound of the rectangle. 
        * destTop (2 字节)
        * destRight (2 字节)
        * destBottom (2 字节)
        * width (2 字节): 16位无符号整型. 宽. 
        * height (2 字节): 16位无符号整型, 高 
        * bitsPerPixel (2 字节): 16位无符号整型. 颜色位深 bits-per-pixel. 
        * flags (2 字节): 16位无符号整型. 标识图像数据压缩 BITMAP_COMPRESSION(0x0001) NO_BITMAP_COMPRESSION_HDR(0x0400)
        * bitmapLength (2 字节):  16位无符号整型. bitmapComprHdr 和 bitmapDataStream 字段的字节长度. 
        * bitmapComprHdr (8 字节): 可选
        * bitmapDataStream (可变长度): A variable-length array of bytes describing a bitmap image. Bitmap data is either compressed or uncompressed, depending on whether the BITMAP_COMPRESSION flag is present in the flags field. Uncompressed bitmap data is formatted as a bottom-up, left-to-right series of pixels. Each pixel is a whole number of bytes. Each row contains a multiple of four bytes (including up to three bytes of padding, as necessary). Compressed bitmaps not in 32 bpp format are compressed using Interleaved RLE and encapsulated in an RLE Compressed Bitmap Stream structure (section 2.2.9.1.1.3.1.2.4), while compressed bitmaps at a color depth of 32 bpp are compressed using RDP 6.0 Bitmap Compression and stored inside an RDP 6.0 Bitmap Compressed Stream structure ([MS-RDPEGDI] section 2.2.2.5.1). 
==== RDP连接 ====
  * RDP连接示意
<uml>
@startuml rdpconn

skinparam sequenceMessageAlign center
skinparam shadowing false

header RDP 连接序列说明(无中间网关) V0.1.0 by weiyongjiu
hide footbox
participant RDP客户端
participant RD会话主机
autonumber "<b>[0]"
==初始化连接==
RDP客户端 -> RD会话主机:  X.224 Connection Request PDU
rnote right RDP客户端
**PDU**:(protocol data unit)协议数据单元
end note
return X.224 Connection Confirm PDU
==交换基本设置==
RDP客户端 -> RD会话主机:Multipoint Communication Service (MCS) \n Connect Initial PDU with GCC Conference Create Request
return MCS Connect Response PDU with \n GCC Conference Create Response
== 通道连接==
RDP客户端 -> RD会话主机: MCS Erect Domain Request PDU
RDP客户端 -> RD会话主机: MCS Attach User Request PDU
return MCS Attach User Confirm PDU
loop#Yellow 多个频道, 本例为6个
RDP客户端 -> RD会话主机: MCS Channel Join Request PDU
return MCS Channel Join Confirm PDU
|||
end
==RDP安全起步==
RDP客户端 -> RD会话主机: Security Exchange PDU
==交换安全设置==
RDP客户端 -> RD会话主机: Client Info PDU
==可选：自动侦测网络质量==
RD会话主机 -> RDP客户端: Auto-Detect Request PDU(s)
return Auto-Detect Response PDU(s)
==授权许可==
RD会话主机 -> RDP客户端: License Error PDU - Valid Client
==可选：多通道引导==
RD会话主机 -> RDP客户端: Initiate Multitransport Request PDU
return Initiate Multitransport Response PDU
==交换功能==
RD会话主机 -> RDP客户端: Demand Active PDU
return Confirm Active PDU
==连接完成==
rnote right  RDP客户端
连接完成阶段并不是固定的, 
消息流具体详见[MS-RDPBCGR] 章节 1.3.1.1 
end note
RDP客户端 -> RD会话主机: Synchronize PDU
RDP客户端 -> RD会话主机: Control PDU - Cooperate
RDP客户端 -> RD会话主机: Control PDU - Request Control
RDP客户端 -> RD会话主机: zero or more Persistent Key List PDU
RDP客户端 -> RD会话主机: Font List PDU
RD会话主机 -> RDP客户端: Synchronize PDU
RD会话主机 -> RDP客户端: Control PDU - Cooperate
RD会话主机 -> RDP客户端: Control PDU - Granted Control
RD会话主机 -> RDP客户端: Font Map PDU
|||

@enduml
</uml>