Fix WebSocket handshake for RDP by removing Sec-WebSocket-Protocol header

The client was failing WebSocket connection because the server was sending Sec-WebSocket-Protocol: binary header in the handshake response, but the client did not request any protocol. According to WebSocket RFC 6455, servers should not send protocol headers if not requested by the client. Changed the handshake response for RDP to not include the protocol header, matching the terminal WebSocket behavior.

Fix WebSocket handshake for RDP by removing Sec-WebSocket-Protocol header
The client was failing WebSocket connection because the server was sending Sec-WebSocket-Protocol: binary header in the handshake response, but the client did not request any protocol. According to WebSocket RFC 6455, servers should not send protocol headers if not requested by the client. Changed the handshake response for RDP to not include the protocol header, matching the terminal WebSocket behavior.
d30f31c1 · Stefy Lanza (nextime / spora ) · 864ad89e · d30f31c1
Commit d30f31c1 authored Sep 24, 2025 by Stefy Lanza (nextime / spora )
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 9 deletions

web.c wssshd2/web.c +12 -9

No files found.
--- a/wssshd2/web.c
+++ b/wssshd2/web.c
@@ -641,10 +641,10 @@ static void *websocket_rdp_handler(void *arg) {
                printf("\n");
            }
            // Send initial data to WebSocket
-            char *b64 = base64_encode((unsigned char *)output, output_len);
+            if (!ws_send_binary_frame(ws_conn->ws_conn, output, output_len, global_config->debug_rdp)) {
-            if (b64) {
+                free(output);
-                ws_send_frame(ws_conn->ws_conn, WS_OPCODE_TEXT, b64, strlen(b64));
+                remove_websocket_rdp_connection(ws_conn->request_id);
-                free(b64);
+                return NULL;
            }
            free(output);
            connection_ready = true;
@@ -685,10 +685,13 @@ static void *websocket_rdp_handler(void *arg) {
                }
                printf("\n");
            }
-            char *b64 = base64_encode((unsigned char *)output, output_len);
-            if (b64) {
+            // Send RDP data as binary frames (not base64-encoded text)
-                ws_send_frame(ws_conn->ws_conn, WS_OPCODE_TEXT, b64, strlen(b64));
+            if (!ws_send_binary_frame(ws_conn->ws_conn, output, output_len, global_config->debug_rdp)) {
-                free(b64);
+                printf("Failed to send RDP data frame, disconnecting...\n");
+                free(output);
+                remove_websocket_rdp_connection(ws_conn->request_id);
+                return NULL;
            }
            free(output);
        }
@@ -1799,7 +1802,7 @@ static int handle_request(int client_fd, const http_request_t *req) {
            // Send WebSocket handshake response
            char response[512];
            int response_len;
-            if (is_vnc || is_rdp) {
+            if (is_vnc) {
                response_len = snprintf(response, sizeof(response),
                    "HTTP/1.1 101 Switching Protocols\r\n"
                    "Upgrade: websocket\r\n"