|
|
|
@ -51,39 +51,47 @@ xrdp_iso_delete(struct xrdp_iso *self)
|
|
|
|
/*****************************************************************************/
|
|
|
|
/*****************************************************************************/
|
|
|
|
/* returns error */
|
|
|
|
/* returns error */
|
|
|
|
static int APP_CC
|
|
|
|
static int APP_CC
|
|
|
|
xrdp_iso_negotiate_security(struct xrdp_iso *self) {
|
|
|
|
xrdp_iso_negotiate_security(struct xrdp_iso *self)
|
|
|
|
int rv = 0;
|
|
|
|
{
|
|
|
|
int server_security_layer = self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer;
|
|
|
|
int rv = 0;
|
|
|
|
|
|
|
|
int server_security_layer = self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer;
|
|
|
|
self->selectedProtocol = server_security_layer;
|
|
|
|
|
|
|
|
|
|
|
|
self->selectedProtocol = server_security_layer;
|
|
|
|
switch (server_security_layer) {
|
|
|
|
|
|
|
|
case PROTOCOL_RDP:
|
|
|
|
switch (server_security_layer)
|
|
|
|
self->rdpNegData = 0; /* no need to send rdp_neg_data back to client */
|
|
|
|
{
|
|
|
|
break;
|
|
|
|
case PROTOCOL_RDP:
|
|
|
|
case PROTOCOL_SSL:
|
|
|
|
self->rdpNegData = 0; /* no need to send rdp_neg_data back to client */
|
|
|
|
if (self->requestedProtocol & PROTOCOL_SSL) {
|
|
|
|
break;
|
|
|
|
self->selectedProtocol = PROTOCOL_SSL;
|
|
|
|
case PROTOCOL_SSL:
|
|
|
|
} else {
|
|
|
|
if (self->requestedProtocol & PROTOCOL_SSL)
|
|
|
|
self->failureCode = SSL_REQUIRED_BY_SERVER;
|
|
|
|
{
|
|
|
|
rv = 1; /* error */
|
|
|
|
self->selectedProtocol = PROTOCOL_SSL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
else
|
|
|
|
case PROTOCOL_HYBRID:
|
|
|
|
{
|
|
|
|
case PROTOCOL_HYBRID_EX:
|
|
|
|
self->failureCode = SSL_REQUIRED_BY_SERVER;
|
|
|
|
default:
|
|
|
|
rv = 1; /* error */
|
|
|
|
if (self->requestedProtocol & PROTOCOL_SSL) {
|
|
|
|
}
|
|
|
|
/* thats a patch since we don't support CredSSP for now */
|
|
|
|
break;
|
|
|
|
self->selectedProtocol = PROTOCOL_SSL;
|
|
|
|
case PROTOCOL_HYBRID:
|
|
|
|
} else {
|
|
|
|
case PROTOCOL_HYBRID_EX:
|
|
|
|
self->selectedProtocol = PROTOCOL_RDP;
|
|
|
|
default:
|
|
|
|
}
|
|
|
|
if (self->requestedProtocol & PROTOCOL_SSL)
|
|
|
|
break;
|
|
|
|
{
|
|
|
|
}
|
|
|
|
/* thats a patch since we don't support CredSSP for now */
|
|
|
|
|
|
|
|
self->selectedProtocol = PROTOCOL_SSL;
|
|
|
|
DEBUG(("xrdp_iso_negotiate_security: server security layer %d , client security layer %d",
|
|
|
|
}
|
|
|
|
self->selectedProtocol, self->requestedProtocol));
|
|
|
|
else
|
|
|
|
return rv;
|
|
|
|
{
|
|
|
|
|
|
|
|
self->selectedProtocol = PROTOCOL_RDP;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
DEBUG(("xrdp_iso_negotiate_security: server security layer %d , client security layer %d",
|
|
|
|
|
|
|
|
self->selectedProtocol, self->requestedProtocol));
|
|
|
|
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/*****************************************************************************/
|
|
|
|
/*****************************************************************************/
|
|
|
|
|
Jay Sorg
10 years ago