feat(connector,session): dispatch multitransport PDUs on IO channel #1096
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
decode_io_channel() assumed all IO channel PDUs begin with a ShareControlHeader. Multitransport Request PDUs use a BasicSecurityHeader with SEC_TRANSPORT_REQ instead. Add peek-based dispatch: check the first u16 for TRANSPORT_REQ, decode as MultitransportRequestPdu if set, otherwise fall through to existing path. Propagate new variant through ProcessorOutput and ActiveStageOutput so applications can handle multitransport requests. Client and web consumers log the request for now.
There was a problem hiding this comment.
Pull request overview
Adds support for decoding and surfacing server “Initiate Multitransport Request” PDUs received on the RDP IO channel, so higher layers (session, web/client apps, and FFI) can observe and react to multitransport bootstrap requests.
Changes:
- Adds an IO-channel peek/dispatch path to decode
MultitransportRequestPdu(Basic Security Header) in addition to existing ShareControl PDUs. - Propagates the new multitransport request event through
IoChannelPdu→ProcessorOutput→ActiveStageOutput. - Logs multitransport request receipt in native client and web session consumers.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
crates/ironrdp-connector/src/legacy.rs |
Adds multitransport-aware dispatch in decode_io_channel() and an IoChannelPdu variant. |
crates/ironrdp-session/src/x224/mod.rs |
Adds ProcessorOutput::MultitransportRequest and forwards decoded IO-channel multitransport requests. |
crates/ironrdp-session/src/active_stage.rs |
Adds ActiveStageOutput::MultitransportRequest and maps from x224 outputs. |
crates/ironrdp-client/src/rdp.rs |
Handles/logs the new ActiveStageOutput::MultitransportRequest in the client loop. |
crates/ironrdp-web/src/session.rs |
Handles/logs the new ActiveStageOutput::MultitransportRequest in the web session loop. |
ffi/src/session/mod.rs |
Adds an FFI enum discriminator for MultitransportRequest and maps it from session output. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
… dispatch - Fix misclassification: check flagsHi == 0 and use from_bits (strict) to distinguish BasicSecurityHeader from ShareControlHeader, fall back to ShareControl decode on failure - Don't log security_cookie — only log request_id and requested_protocol - Add FFI accessor for multitransport request data (non-sensitive fields)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
decode_io_channel()assumes all IO channel PDUs begin with aShareControlHeader. Multitransport Request PDUs use aBasicSecurityHeaderwithSEC_TRANSPORT_REQinstead (MS-RDPBCGR 2.2.15.1).This adds a peek-based dispatch: check the first
u16forTRANSPORT_REQ, decode asMultitransportRequestPduif set, otherwise fall through to the existingdecode_share_control()path unchanged.The new variant is propagated through
ProcessorOutputand 'ActiveStageOutput` so applications can handle multitransport requests. Client and web consumers log the request (no UDP transport yet).Builds on #1091.