/* Send a Licensing packet with Platform Challenge Response */
static void
licence_send_authresp(rdpLicence * licence, uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
    uint32 sec_flags = SEC_LICENSE_PKT;
    uint16 length = 58;
    STREAM s;

    s = sec_init(licence->sec, sec_flags, length + 2);

    /* Licensing Preamble (LICENSE_PREAMBLE) */
    out_uint8(s, PLATFORM_CHALLENGE_RESPONSE);	/* PLATFORM_CHALLENGE_RESPONSE */
    out_uint8(s, 2);	/* PREAMBLE_VERSION_2_0 */
    out_uint16_le(s, length);

    /* Licensing Binary BLOB with EncryptedPlatformChallengeResponse: */
    out_uint16_le(s, 1);	/* wBlobType should be 0x0009 (BB_ENCRYPTED_DATA_BLOB) */
    out_uint16_le(s, LICENCE_TOKEN_SIZE);	/* wBlobLen */
    out_uint8p(s, token, LICENCE_TOKEN_SIZE);	/* RC4-encrypted challenge data */

    /* Licensing Binary BLOB with EncryptedHWID: */
    out_uint16_le(s, 1);	/* wBlobType should be 0x0009 (BB_ENCRYPTED_DATA_BLOB) */
    out_uint16_le(s, LICENCE_HWID_SIZE);	/* wBlobLen */
    out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);	/* RC4-encrypted Client Hardware Identification */

    out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);	/* MACData */

    s_mark_end(s);
    sec_send(licence->sec, s, sec_flags);
}

/* Send a platform challenge response packet */
static void
licence_send_platform_challenge_response(uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
	uint32 sec_flags = SEC_LICENSE_PKT;
	uint16 length = 58;
	STREAM s;

	s = sec_init(sec_flags, length + 2);

	out_uint8(s, LICENCE_TAG_PLATFORM_CHALLENGE_RESPONSE);
	out_uint8(s, ((g_rdp_version >= RDP_V5) ? 3 : 2));	/* version */
	out_uint16_le(s, length);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_TOKEN_SIZE);
	out_uint8p(s, token, LICENCE_TOKEN_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	sec_send(s, sec_flags);
}

/* 004 */
enum SCP_CLIENT_STATES_E
scp_v1c_resend_credentials(struct SCP_CONNECTION *c, struct SCP_SESSION *s)
{
    tui8 sz;
    tui32 size;

    init_stream(c->out_s, c->out_s->size);
    init_stream(c->in_s, c->in_s->size);

    size = 12 + 2 + g_strlen(s->username) + g_strlen(s->password);

    /* sending request */
    /* header */
    out_uint32_be(c->out_s, 1); /* version */
    out_uint32_be(c->out_s, size);
    out_uint16_be(c->out_s, SCP_COMMAND_SET_DEFAULT);
    out_uint16_be(c->out_s, 4);

    /* body */
    sz = g_strlen(s->username);
    out_uint8(c->out_s, sz);
    out_uint8p(c->out_s, s->username, sz);
    sz = g_strlen(s->password);
    out_uint8(c->out_s, sz);
    out_uint8p(c->out_s, s->password, sz);

    if (0 != scp_tcp_force_send(c->in_sck, c->out_s->data, size))
    {
        return SCP_CLIENT_STATE_NETWORK_ERR;
    }

    /* wait for response */
    return _scp_v1c_check_response(c, s);
}

/* Send an authentication response packet */
static BOOL
licence_send_authresp(RDPCLIENT * This, uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
	uint32 sec_flags = SEC_LICENCE_NEG;
	uint16 length = 58;
	STREAM s;

	s = sec_init(This, sec_flags, length + 2);

	if(s == NULL)
		return False;

	out_uint8(s, LICENCE_TAG_AUTHRESP);
	out_uint8(s, 2);	/* version */
	out_uint16_le(s, length);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_TOKEN_SIZE);
	out_uint8p(s, token, LICENCE_TOKEN_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	return sec_send(This, s, sec_flags);
}

/* Send an authentication response packet */
static void
licence_send_authresp(uint8 *token, uint8 *crypt_hwid, uint8 *signature)
{
	uint32 sec_flags = SEC_LICENCE_NEG;
	uint16 length = 58;
	STREAM s;

	s = sec_init(sec_flags, length + 2);

	out_uint16_le(s, LICENCE_TAG_AUTHRESP);
	out_uint16_le(s, length);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_TOKEN_SIZE);
	out_uint8p(s, token, LICENCE_TOKEN_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	sec_send(s, sec_flags);
}

/* Send an authentication response packet */
static void
licence_send_authresp(RDConnectionRef conn, uint8 * token, uint8 * crypt_hwid, uint8 * signature)
{
	uint32 sec_flags = SEC_LICENCE_NEG;
	uint16 length = 58;
	RDStreamRef s;

	s = sec_init(conn, sec_flags, length + 2);

	out_uint8(s, LICENCE_TAG_AUTHRESP);
	out_uint8(s, 2);	/* version */
	out_uint16_le(s, length);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_TOKEN_SIZE);
	out_uint8p(s, token, LICENCE_TOKEN_SIZE);

	out_uint16_le(s, 1);
	out_uint16_le(s, LICENCE_HWID_SIZE);
	out_uint8p(s, crypt_hwid, LICENCE_HWID_SIZE);

	out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);

	s_mark_end(s);
	sec_send(conn, s, sec_flags);
}

static void
iso_send_connection_request(char *username)
{
	STREAM s;
	int length = 30 + strlen(username);

	s = tcp_init(length);

	out_uint8(s, 3);	/* version */
	out_uint8(s, 0);	/* reserved */
	out_uint16_be(s, length);	/* length */

	out_uint8(s, length - 5);	/* hdrlen */
	out_uint8(s, ISO_PDU_CR);
	out_uint16(s, 0);	/* dst_ref */
	out_uint16(s, 0);	/* src_ref */
	out_uint8(s, 0);	/* class */

	out_uint8p(s, "Cookie: mstshash=", strlen("Cookie: mstshash="));
	out_uint8p(s, username, strlen(username));

	out_uint8(s, 0x0d);	/* Unknown */
	out_uint8(s, 0x0a);	/* Unknown */

	s_mark_end(s);
	tcp_send(s);
}

static void
rdpdr_send_available(RDPCLIENT * This)
{

	uint8 magic[4] = "rDAD";
	uint32 driverlen, printerlen, bloblen;
	int i;
	STREAM s;
	PRINTER *printerinfo;

	s = channel_init(This, This->rdpdr.channel, announcedata_size(This));
	out_uint8a(s, magic, 4);
	out_uint32_le(s, This->num_devices);

	for (i = 0; i < This->num_devices; i++)
	{
		out_uint32_le(s, This->rdpdr_device[i].device_type);
		out_uint32_le(s, i);	/* RDP Device ID */
		/* Is it possible to use share names longer than 8 chars?
		   /astrand */
		out_uint8p(s, This->rdpdr_device[i].name, 8);

		switch (This->rdpdr_device[i].device_type)
		{
			case DEVICE_TYPE_PRINTER:
				printerinfo = (PRINTER *) This->rdpdr_device[i].pdevice_data;

				driverlen = 2 * strlen(printerinfo->driver) + 2;
				printerlen = 2 * strlen(printerinfo->printer) + 2;
				bloblen = printerinfo->bloblen;

				out_uint32_le(s, 24 + driverlen + printerlen + bloblen);	/* length of extra info */
				out_uint32_le(s, printerinfo->default_printer ? 2 : 0);
				out_uint8s(s, 8);	/* unknown */
				out_uint32_le(s, driverlen);
				out_uint32_le(s, printerlen);
				out_uint32_le(s, bloblen);
				rdp_out_unistr(This, s, printerinfo->driver, driverlen - 2);
				rdp_out_unistr(This, s, printerinfo->printer, printerlen - 2);
				out_uint8a(s, printerinfo->blob, bloblen);

				if (printerinfo->blob)
					xfree(printerinfo->blob);	/* Blob is sent twice if reconnecting */
				break;
			default:
				out_uint32(s, 0);
		}
	}
#if 0
	out_uint32_le(s, 0x20);	/* Device type 0x20 - smart card */
	out_uint32_le(s, 0);
	out_uint8p(s, "SCARD", 5);
	out_uint8s(s, 3);
	out_uint32(s, 0);
#endif

	s_mark_end(s);
	channel_send(This, s, This->rdpdr.channel);
}

static STREAM
cssp_encode_tspasswordcreds(char *username, char *password, char *domain)
{
	STREAM out, h1, h2;
	struct stream tmp = { 0 };
	struct stream message = { 0 };

	memset(&tmp, 0, sizeof(tmp));
	memset(&message, 0, sizeof(message));

	// domainName [0]
	s_realloc(&tmp, 4 + strlen(domain) * sizeof(uint16));
	s_reset(&tmp);
	rdp_out_unistr(&tmp, domain, strlen(domain) * sizeof(uint16));
	s_mark_end(&tmp);
	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 0, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// userName [1]
	s_realloc(&tmp, 4 + strlen(username) * sizeof(uint16));
	s_reset(&tmp);
	rdp_out_unistr(&tmp, username, strlen(username) * sizeof(uint16));
	s_mark_end(&tmp);

	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 1, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// password [2]
	s_realloc(&tmp, 4 + strlen(password) * sizeof(uint16));
	s_reset(&tmp);
	rdp_out_unistr(&tmp, password, strlen(password) * sizeof(uint16));
	s_mark_end(&tmp);
	h2 = ber_wrap_hdr_data(BER_TAG_OCTET_STRING, &tmp);
	h1 = ber_wrap_hdr_data(BER_TAG_CTXT_SPECIFIC | BER_TAG_CONSTRUCTED | 2, h2);
	s_realloc(&message, s_length(&message) + s_length(h1));
	out_uint8p(&message, h1->data, s_length(h1));
	s_mark_end(&message);
	s_free(h2);
	s_free(h1);

	// build message
	out = ber_wrap_hdr_data(BER_TAG_SEQUENCE | BER_TAG_CONSTRUCTED, &message);

	// cleanup
	xfree(tmp.data);
	xfree(message.data);
	return out;
}

/* Output and send X.224 Connection Request TPDU with routing for username */
void
x224_send_connection_request(rdpIso * iso)
{
	STREAM s;
	int length = 11;
	int cookie_length;

	cookie_length = strlen(iso->cookie);

	if (iso->mcs->sec->rdp->redirect_routingtoken)
		/* routingToken */
		length += iso->mcs->sec->rdp->redirect_routingtoken_len;
	else
		/* cookie */
		length += 19 + cookie_length;

	if (iso->nego->requested_protocols > PROTOCOL_RDP)
		length += 8;

	/* FIXME: Use x224_send_dst_src_class */
	s = tcp_init(iso->tcp, length);

	tpkt_output_header(s, length);

	/* X.224 Connection Request (CR) TPDU */
	out_uint8(s, length - 5);	/* length indicator */
	out_uint8(s, X224_TPDU_CONNECTION_REQUEST);
	out_uint16_le(s, 0);	/* dst_ref */
	out_uint16_le(s, 0);	/* src_ref */
	out_uint8(s, 0);	/* class */

	if (iso->mcs->sec->rdp->redirect_routingtoken)
	{
		/* routingToken */
		out_uint8p(s, iso->mcs->sec->rdp->redirect_routingtoken, iso->mcs->sec->rdp->redirect_routingtoken_len);
	}
	else
	{
		/* cookie */
		out_uint8p(s, "Cookie: mstshash=", strlen("Cookie: mstshash="));
		out_uint8p(s, iso->cookie, cookie_length);
		out_uint8(s, 0x0D);	/* CR */
		out_uint8(s, 0x0A);	/* LF */
	}

	if (iso->nego->requested_protocols > PROTOCOL_RDP)
	{
		out_uint8(s, TYPE_RDP_NEG_REQ); /* When using TLS, NLA, or both, RDP_NEG_DATA should be present */
		out_uint8(s, 0x00);	/* flags, must be set to zero */
		out_uint16_le(s, 8);	/* RDP_NEG_DATA length (8) */
		out_uint32_le(s, iso->nego->requested_protocols); /* requestedProtocols */
	}

	s_mark_end(s);
	tcp_send(iso->tcp, s);
}

/* Output unknown capability sets */
static void rdp_out_unknown_caps(STREAM s, uint16 id, uint16 length,
		uint8 * caps) {
	out_uint16_le(s, id);
	out_uint16_le(s, length);

	out_uint8p(s, caps, length - 4);
}

enum SCP_SERVER_STATES_E
scp_v1s_deny_connection(struct SCP_CONNECTION* c, char* reason)
{
  int rlen;

  init_stream(c->out_s,c->out_s->size);

  /* forcing message not to exceed 64k */
  rlen = g_strlen(reason);
  if (rlen > 65535)
  {
    rlen = 65535;
  }

  out_uint32_be(c->out_s, 1);
  /* packet size: 4 + 4 + 2 + 2 + 2 + strlen(reason)*/
  /* version + size + cmdset + cmd + msglen + msg */
  out_uint32_be(c->out_s, rlen+14);
  out_uint16_be(c->out_s, SCP_COMMAND_SET_DEFAULT);
  out_uint16_be(c->out_s, 2);
  out_uint16_be(c->out_s, rlen);
  out_uint8p(c->out_s, reason, rlen);

  if (0!=scp_tcp_force_send(c->in_sck, c->out_s->data, rlen+14))
  {
    log_message(LOG_LEVEL_WARNING, "[v1s:%d] connection aborted: network error", __LINE__);
    return SCP_SERVER_STATE_NETWORK_ERR;
  }

  return SCP_SERVER_STATE_END;
}

static BOOL
iso_send_connection_request(RDPCLIENT * This, char *cookie)
{
	STREAM s;
	int cookielen = (int)strlen(cookie);
	int length = 11 + cookielen;

	s = tcp_init(This, length);

	if(s == NULL)
		return False;

	out_uint8(s, 3);	/* version */
	out_uint8(s, 0);	/* reserved */
	out_uint16_be(s, length);	/* length */

	out_uint8(s, length - 5);	/* hdrlen */
	out_uint8(s, ISO_PDU_CR);
	out_uint16(s, 0);	/* dst_ref */
	out_uint16(s, 0);	/* src_ref */
	out_uint8(s, 0);	/* class */

	out_uint8p(s, cookie, cookielen);

	s_mark_end(s);
	return tcp_send(This, s);
}

/* 003 */
enum SCP_SERVER_STATES_E
scp_v1s_mng_deny_connection(struct SCP_CONNECTION *c, char *reason)
{
    int rlen;

    init_stream(c->out_s, c->out_s->size);

    /* forcing message not to exceed 64k */
    rlen = g_strlen(reason);

    if (rlen > 65535)
    {
        rlen = 65535;
    }

    out_uint32_be(c->out_s, 1);
    /* packet size: 4 + 4 + 2 + 2 + 2 + strlen(reason)*/
    /* version + size + cmdset + cmd + msglen + msg */
    out_uint32_be(c->out_s, rlen + 14);
    out_uint16_be(c->out_s, SCP_COMMAND_SET_MANAGE);
    out_uint16_be(c->out_s, SCP_CMD_MNG_LOGIN_DENY);
    out_uint16_be(c->out_s, rlen);
    out_uint8p(c->out_s, reason, rlen);

    if (0 != scp_tcp_force_send(c->in_sck, c->out_s->data, rlen + 14))
    {
        return SCP_SERVER_STATE_NETWORK_ERR;
    }

    return SCP_SERVER_STATE_END;
}

static RD_BOOL
cssp_gss_unwrap(gss_ctx_id_t * ctx, STREAM in, STREAM out)
{
	OM_uint32 major_status;
	OM_uint32 minor_status;
	gss_qop_t qop_state;
	gss_buffer_desc inbuf, outbuf;
	int conf_state;

	inbuf.value = in->data;
	inbuf.length = s_length(in);

	major_status = gss_unwrap(&minor_status, ctx, &inbuf, &outbuf, &conf_state, &qop_state);

	if (major_status != GSS_S_COMPLETE)
	{
		cssp_gss_report_error(GSS_C_GSS_CODE, "Failed to decrypt message",
				      major_status, minor_status);
		return False;
	}

	out->data = out->p = xmalloc(outbuf.length);
	out->size = outbuf.length;
	out_uint8p(out, outbuf.value, outbuf.length);
	s_mark_end(out);

	gss_release_buffer(&minor_status, &outbuf);

	return True;
}

void
rdpdr_send_completion(uint32 device, uint32 id, uint32 status, uint32 result, uint8 * buffer,
		      uint32 length)
{
	uint8 magic[4] = "rDCI";
	STREAM s;

#ifdef WITH_SCARD
	scard_lock(SCARD_LOCK_RDPDR);
#endif
	s = channel_init(rdpdr_channel, 20 + length);
	out_uint8a(s, magic, 4);
	out_uint32_le(s, device);
	out_uint32_le(s, id);
	out_uint32_le(s, status);
	out_uint32_le(s, result);
	out_uint8p(s, buffer, length);
	s_mark_end(s);
	/* JIF */
#ifdef WITH_DEBUG_RDP5
	printf("--> rdpdr_send_completion\n");
	/* hexdump(s->channel_hdr + 8, s->end - s->channel_hdr - 8); */
#endif
	channel_send(s, rdpdr_channel);
#ifdef WITH_SCARD
	scard_unlock(SCARD_LOCK_RDPDR);
#endif
}

/* Send a confirm active PDU */
static void rdp_send_confirm_active(void) {
	STREAM s;
	uint32 sec_flags = g_encryption ? (RDP5_FLAG | SEC_ENCRYPT) : RDP5_FLAG;
	uint16 caplen = RDP_CAPLEN_GENERAL + RDP_CAPLEN_BITMAP + RDP_CAPLEN_ORDER
			+ RDP_CAPLEN_COLCACHE + RDP_CAPLEN_ACTIVATE + RDP_CAPLEN_CONTROL
			+ RDP_CAPLEN_SHARE + RDP_CAPLEN_BRUSHCACHE + 0x58 + 0x08 + 0x08
			+ 0x34 /* unknown caps */+ 4 /* w2k fix, sessionid */;

	if (g_use_rdp5) {
		caplen += RDP_CAPLEN_BMPCACHE2;
		caplen += RDP_CAPLEN_NEWPOINTER;
	} else {
		caplen += RDP_CAPLEN_BMPCACHE;
		caplen += RDP_CAPLEN_POINTER;
	}

	s = sec_init(sec_flags, 6 + 14 + caplen + sizeof(RDP_SOURCE));

	out_uint16_le(s, 2 + 14 + caplen + sizeof(RDP_SOURCE));
	out_uint16_le(s, (RDP_PDU_CONFIRM_ACTIVE | 0x10));
	/* Version 1 */
	out_uint16_le(s, (g_mcs_userid + 1001));

	out_uint32_le(s, g_rdp_shareid);
	out_uint16_le(s, 0x3ea);
	/* userid */
	out_uint16_le(s, sizeof(RDP_SOURCE));
	out_uint16_le(s, caplen);

	out_uint8p(s, RDP_SOURCE, sizeof(RDP_SOURCE));
	out_uint16_le(s, 0xe);
	/* num_caps */
	out_uint8s(s, 2);
	/* pad */

	rdp_out_general_caps(s);
	rdp_out_bitmap_caps(s);
	rdp_out_order_caps(s);
	if (g_use_rdp5) {
		rdp_out_bmpcache2_caps(s);
		rdp_out_newpointer_caps(s);
	} else {
		rdp_out_bmpcache_caps(s);
		rdp_out_pointer_caps(s);
	}
	rdp_out_colcache_caps(s);
	rdp_out_activate_caps(s);
	rdp_out_control_caps(s);
	rdp_out_share_caps(s);
	rdp_out_brushcache_caps(s);

	rdp_out_unknown_caps(s, 0x0d, 0x58, caps_0x0d); /* CAPSTYPE_INPUT */
	rdp_out_unknown_caps(s, 0x0c, 0x08, caps_0x0c); /* CAPSTYPE_SOUND */
	rdp_out_unknown_caps(s, 0x0e, 0x08, caps_0x0e); /* CAPSTYPE_FONT */
	rdp_out_unknown_caps(s, 0x10, 0x34, caps_0x10); /* CAPSTYPE_GLYPHCACHE */

	s_mark_end(s);
	sec_send(s, sec_flags);
}

/* Output unknown capability sets (number 13, 12, 14 and 16) */
static void
rdp_out_unknown_caps(STREAM s)
{
	out_uint16_le(s, RDP_CAPSET_UNKNOWN);
	out_uint16_le(s, 0x58);

	out_uint8p(s, canned_caps, RDP_CAPLEN_UNKNOWN - 4);
}

void
channel_send(STREAM s, VCHANNEL * channel)
{
	uint32 length, flags;
	uint32 thislength, remaining;
	uint8 *data;

#ifdef WITH_SCARD
	scard_lock(SCARD_LOCK_CHANNEL);
#endif

	/* first fragment sent in-place */
	s_pop_layer(s, channel_hdr);
	length = s->end - s->p - 8;

	DEBUG_CHANNEL(("channel_send, length = %d\n", length));

	thislength = MIN(length, CHANNEL_CHUNK_LENGTH);
/* Note: In the original clipboard implementation, this number was
   1592, not 1600. However, I don't remember the reason and 1600 seems
   to work so.. This applies only to *this* length, not the length of
   continuation or ending packets. */
	remaining = length - thislength;
	flags = (remaining == 0) ? CHANNEL_FLAG_FIRST | CHANNEL_FLAG_LAST : CHANNEL_FLAG_FIRST;
	if (channel->flags & CHANNEL_OPTION_SHOW_PROTOCOL)
		flags |= CHANNEL_FLAG_SHOW_PROTOCOL;

	out_uint32_le(s, length);
	out_uint32_le(s, flags);
	data = s->end = s->p + thislength;
	DEBUG_CHANNEL(("Sending %d bytes with FLAG_FIRST\n", thislength));
	sec_send_to_channel(s, g_encryption ? SEC_ENCRYPT : 0, channel->mcs_id);

	/* subsequent segments copied (otherwise would have to generate headers backwards) */
	while (remaining > 0)
	{
		thislength = MIN(remaining, CHANNEL_CHUNK_LENGTH);
		remaining -= thislength;
		flags = (remaining == 0) ? CHANNEL_FLAG_LAST : 0;
		if (channel->flags & CHANNEL_OPTION_SHOW_PROTOCOL)
			flags |= CHANNEL_FLAG_SHOW_PROTOCOL;

		DEBUG_CHANNEL(("Sending %d bytes with flags %d\n", thislength, flags));

		s = sec_init(g_encryption ? SEC_ENCRYPT : 0, thislength + 8);
		out_uint32_le(s, length);
		out_uint32_le(s, flags);
		out_uint8p(s, data, thislength);
		s_mark_end(s);
		sec_send_to_channel(s, g_encryption ? SEC_ENCRYPT : 0, channel->mcs_id);

		data += thislength;
	}

#ifdef WITH_SCARD
	scard_unlock(SCARD_LOCK_CHANNEL);
#endif
}

/* Send a Licensing packet with Client License Information */
static void
licence_present(rdpLicence * licence, uint8 * client_random, uint8 * rsa_data,
                uint8 * licence_data, int licence_size, uint8 * hwid, uint8 * signature)
{
    uint32 sec_flags = SEC_LICENSE_PKT;
    uint16 length =
        16 + SEC_RANDOM_SIZE + SEC_MODULUS_SIZE + SEC_PADDING_SIZE +
        licence_size + LICENCE_HWID_SIZE + LICENCE_SIGNATURE_SIZE;
    STREAM s;

    s = sec_init(licence->sec, sec_flags, length + 4);

    /* Licensing Preamble (LICENSE_PREAMBLE) */
    out_uint8(s, LICENSE_INFO);	/* bMsgType LICENSE_INFO */
    out_uint8(s, 2);	/* bVersion PREAMBLE_VERSION_2_0 */
    out_uint16_le(s, length);

    /* Client License Information: */
    out_uint32_le(s, 1);	/* PreferredKeyExchangeAlg KEY_EXCHANGE_ALG_RSA */
    out_uint16_le(s, 0);	/* PlatformId, unknown platform and ISV */
    out_uint16_le(s, 0x0201);	/* PlatformId, build/version */

    out_uint8p(s, client_random, SEC_RANDOM_SIZE);	/* ClientRandom */

    /* Licensing Binary Blob with EncryptedPreMasterSecret: */
    out_uint16_le(s, 0);	/* wBlobType should be 0x0002 (BB_RANDOM_BLOB) */
    out_uint16_le(s, (SEC_MODULUS_SIZE + SEC_PADDING_SIZE));	/* wBlobLen */
    out_uint8p(s, rsa_data, SEC_MODULUS_SIZE);	/* 48 bit random number encrypted for server */
    out_uint8s(s, SEC_PADDING_SIZE);

    /* Licensing Binary Blob with LicenseInfo: */
    out_uint16_le(s, 1);	/* wBlobType BB_DATA_BLOB */
    out_uint16_le(s, licence_size);	/* wBlobLen */
    out_uint8p(s, licence_data, licence_size);	/* CAL issued by servers license server */

    /* Licensing Binary Blob with EncryptedHWID */
    out_uint16_le(s, 1);	/* wBlobType BB_DATA_BLOB */
    out_uint16_le(s, LICENCE_HWID_SIZE);	/* wBlobLen */
    out_uint8p(s, hwid, LICENCE_HWID_SIZE);	/* RC4-encrypted Client Hardware Identification */

    out_uint8p(s, signature, LICENCE_SIGNATURE_SIZE);	/* MACData */

    s_mark_end(s);
    sec_send(licence->sec, s, sec_flags);
}