add ssl server side

bin/server.js

@@ -4,6 +4,9 @@
 var rdp = require("../lib");
 
 
-rdp.createServer({}, function (server) {
+rdp.createServer({
+	key : '/home/sylvain/dev/node-rdp-cert/ryans-key.pem',
+	cert : '/home/sylvain/dev/node-rdp-cert/ryans-cert.pem'
+}, function (server) {
 
-}).listen(33389);
+}).listen(33390);

lib/core/layer.js

@@ -18,6 +18,7 @@
  */
 
 var inherits = require('util').inherits;
+var fs = require('fs');
 var type = require('./type');
 var log = require('./log');
 var starttls = require('starttls');
@@ -118,13 +119,45 @@ BufferLayer.prototype.expect = function(expectedSize) {
 /**
  * Convert connection to TLS connection
  * Use nodejs starttls module
- * @param isServer {bool} true when you are as server side
  * @param callback {func} when connection is done
  */
-BufferLayer.prototype.startTLS = function(isServer, callback) {
+BufferLayer.prototype.startTLS = function(callback) {
 	options = {
 			socket : this.socket,
-			pair : tls.createSecurePair(crypto.createCredentials(), isServer, false, false)
+			pair : tls.createSecurePair(crypto.createCredentials(), false, false, false)
+	};
+	var self = this;
+	starttls(options, function(err) {
+		log.warn(err);
+		self.cleartext = this.cleartext;
+		self.cleartext.on('data', function(data) {
+			try {
+				self.recv(data);
+			}
+			catch(e) {
+				self.socket.destroy();
+				self.emit('error', e);
+			}
+		}).on('error', function (err) {
+			self.emit('error', err);
+		});
+		callback();
+	});
+};
+
+/**
+ * Convert connection to TLS server
+ * @param keyFilePath	{string} key file path
+ * @param crtFilePath	{string} certificat file path
+ * @param callback	{function} 
+ */
+BufferLayer.prototype.listenTLS = function(keyFilePath, crtFilePath, callback) {
+	options = {
+			socket : this.socket,
+			pair : tls.createSecurePair(crypto.createCredentials({
+				key: fs.readFileSync(keyFilePath),
+				cert: fs.readFileSync(crtFilePath),
+			}), true, false, false)
 	};
 	var self = this;
 	starttls(options, function(err) {

lib/protocol/rdp.js

@@ -161,7 +161,6 @@ function RdpClient(config) {
 	});
 }
 
-//inherit from Layer
 inherits(RdpClient, events.EventEmitter);
 
 /**
@@ -311,13 +310,17 @@ function createClient(config) {
  * @param socket {net.Socket}
  */
 function RdpServer(config, socket) {
-	config = config || {};
+	if (!(config.key && config.cert)) {
+		throw new error.FatalError('NODE_RDP_PROTOCOL_RDP_SERVER_CONFIG_MISSING', 'missing cryptographic tools')
+	}
 	this.connected = false;
 	this.bufferLayer = new layer.BufferLayer(socket);
 	this.tpkt = new TPKT(this.bufferLayer);
-	this.x224 = new x224.Server(this.tpkt);
+	this.x224 = new x224.Server(this.tpkt, config.key, config.cert);
 };
 
+inherits(RdpServer, events.EventEmitter);
+
 function createServer (config, next) {
 	return net.createServer(function (socket) {
 		next(new RdpServer(config, socket));

lib/protocol/x224.js

@@ -242,7 +242,7 @@ Client.prototype.recvConnectionConfirm = function(s) {
 
 	if(this.selectedProtocol == Protocols.PROTOCOL_SSL) {
 		log.info("SSL standard security selected");
-		this.transport.transport.startTLS(false, function() {
+		this.transport.transport.startTLS(function() {
 			self.emit('connect', self.selectedProtocol);
 		});
 		return;
@@ -252,8 +252,10 @@ Client.prototype.recvConnectionConfirm = function(s) {
 /**
  * Server x224 automata
  */
-function Server(transport) {
+function Server(transport, keyFilePath, crtFilePath) {
 	X224.call(this, transport);
+	this.keyFilePath = keyFilePath;
+	this.crtFilePath = crtFilePath;
 	var self = this;
 	this.transport.once('data', function (s) {
 		self.recvConnectionRequest(s);
@@ -297,10 +299,9 @@ Server.prototype.sendConnectionConfirm = function () {
 	confirm.obj.protocolNeg.obj.result.value = this.selectedProtocol;
 	this.transport.send(confirm);
 
-	log.info('start SSL connection');
-
 	var self = this;
-	this.transport.transport.startTLS(true, function() {
+	this.transport.transport.listenTLS(this.keyFilePath, this.crtFilePath, function() {
+		log.info('start SSL connection');
 		self.emit('connect', self.selectedProtocol);
 	});
 };