From 43899b7e0c30cde282ef72f6431029c04c8ab242 Mon Sep 17 00:00:00 2001
From: Pavel Roskin <plroskin@gmail.com>
Date: Fri, 3 Mar 2017 23:27:03 -0800
Subject: [PATCH] Allocate space for tls_ciphers dynamically

---
 common/xrdp_client_info.h | 2 +-
 docs/man/xrdp.ini.5.in    | 4 ++--
 libxrdp/xrdp_rdp.c        | 3 ++-
 xrdp/xrdp.ini             | 2 +-
 4 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/common/xrdp_client_info.h b/common/xrdp_client_info.h
index ec82a871..e8e91da4 100644
--- a/common/xrdp_client_info.h
+++ b/common/xrdp_client_info.h
@@ -148,7 +148,7 @@ struct xrdp_client_info
   int max_unacknowledged_frame_count;
 
   long ssl_protocols;
-  char tls_ciphers[64];
+  char *tls_ciphers;
 
   int client_os_major;
   int client_os_minor;
diff --git a/docs/man/xrdp.ini.5.in b/docs/man/xrdp.ini.5.in
index 612adcd7..2f6c65fd 100644
--- a/docs/man/xrdp.ini.5.in
+++ b/docs/man/xrdp.ini.5.in
@@ -168,8 +168,8 @@ Specify send/recv buffer sizes in bytes.  The default value depends on operating
 
 .TP
 \fBtls_ciphers\fP=\fIcipher_suite\fP
-Specifies TLS cipher suite in 63 characters or less.  The format of this parameter is
-equivalent to which \fBopenssl\fP(1) ciphers subcommand accepts.
+Specifies TLS cipher suite. The format of this parameter is equivalent
+to which \fBopenssl\fP(1) ciphers subcommand accepts.
 
 (ex. $ openssl ciphers 'HIGH:!ADH:!SHA1')
 
diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c
index adb66d99..0409f96c 100644
--- a/libxrdp/xrdp_rdp.c
+++ b/libxrdp/xrdp_rdp.c
@@ -216,7 +216,7 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info)
         }
         else if (g_strcasecmp(item, "tls_ciphers") == 0)
         {
-            g_strcpy(client_info->tls_ciphers, value);
+            client_info->tls_ciphers = g_strdup(value);
         }
         else if (g_strcasecmp(item, "security_layer") == 0)
         {
@@ -405,6 +405,7 @@ xrdp_rdp_delete(struct xrdp_rdp *self)
 #if defined(XRDP_NEUTRINORDP)
     rfx_context_free((RFX_CONTEXT *)(self->rfx_enc));
 #endif
+    g_free(self->client_info.tls_ciphers);
     g_free(self);
 }
 
diff --git a/xrdp/xrdp.ini b/xrdp/xrdp.ini
index 1edfd087..cb6d7c36 100644
--- a/xrdp/xrdp.ini
+++ b/xrdp/xrdp.ini
@@ -28,7 +28,7 @@ key_file=
 ; set SSL protocols
 ; can be comma separated list of 'SSLv3', 'TLSv1', 'TLSv1.1', 'TLSv1.2'
 ssl_protocols=TLSv1, TLSv1.1, TLSv1.2
-; set TLS cipher suites (up to 63 characters)
+; set TLS cipher suites
 #tls_ciphers=HIGH
 
 ; Section name to use for automatic login if the client sends username