From b2b3555d1585b0eb7f06b7f09461bd47e4d89796 Mon Sep 17 00:00:00 2001
From: James Hodgkinson <james@terminaloutcomes.com>
Date: Tue, 8 Apr 2025 11:52:50 +1000
Subject: [PATCH 1/2] fix: incorrect import path for PlayerPDU

---
 pyrdp/convert/JSONEventHandler.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/pyrdp/convert/JSONEventHandler.py b/pyrdp/convert/JSONEventHandler.py
index 1968e4d11..dcdc7266d 100644
--- a/pyrdp/convert/JSONEventHandler.py
+++ b/pyrdp/convert/JSONEventHandler.py
@@ -5,7 +5,9 @@
 #
 
 from pyrdp.enum import CapabilityType, scancode
-from pyrdp.pdu import PlayerPDU, FormatDataResponsePDU, FastPathUnicodeEvent
+from pyrdp.pdu import FormatDataResponsePDU, FastPathUnicodeEvent
+
+from pyrdp.pdu.player import PlayerPDU
 from pyrdp.player.BaseEventHandler import BaseEventHandler
 from pyrdp.parser import ClientInfoParser, ClientConnectionParser, ClipboardParser
 from pyrdp.core import decodeUTF16LE

From 7c0e3d43324c7b1d9b3905304393fe3d42cc9379 Mon Sep 17 00:00:00 2001
From: James Hodgkinson <james@terminaloutcomes.com>
Date: Tue, 8 Apr 2025 12:14:38 +1000
Subject: [PATCH 2/2] fixes #294: ignore capabilityType 6 from XRDP

---
 pyrdp/parser/gcc.py          | 5 +----
 pyrdp/parser/rdp/slowpath.py | 4 ++++
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/pyrdp/parser/gcc.py b/pyrdp/parser/gcc.py
index 3d43b1a2a..3587a1e36 100644
--- a/pyrdp/parser/gcc.py
+++ b/pyrdp/parser/gcc.py
@@ -126,10 +126,7 @@ def write(self, pdu: GCCPDU) -> bytes:
         stream = BytesIO()
         stream.write(per.writeChoice(0))
         stream.write(per.writeObjectIdentifier(GCCParser.T124_02_98_OID))
-
-        # Normally this should be len(pdu.payload) + 14, but Windows seems to always send 0x2a. This value is also
-        # accepted by Wireshark.
-        stream.write(per.writeLength(0x2a))
+        stream.write(per.writeLength(len(pdu.payload) + 14))
         stream.write(per.writeChoice(pdu.header))
 
         self.writers[pdu.header](stream, pdu)
diff --git a/pyrdp/parser/rdp/slowpath.py b/pyrdp/parser/rdp/slowpath.py
index 6c84a9754..11aea753c 100644
--- a/pyrdp/parser/rdp/slowpath.py
+++ b/pyrdp/parser/rdp/slowpath.py
@@ -196,6 +196,10 @@ def parseCapabilitySets(self, capabilitySetsRaw, numberCapabilities):
             lengthCapability = Uint16LE.unpack(stream.read(2))
             capabilityData = stream.read(lengthCapability - 4)
             capability = Capability(capabilitySetType, capabilityData)
+            if capabilitySetType == 6:
+                # Workaround for XRDP returning bad capability type
+                # ref https://github.com/GoSecure/pyrdp/issues/294
+                continue
             capabilitySets[CapabilityType(capabilitySetType)] = capability
 
         # Fully parse the General capability set