uLab
/
xrdp-proprietary
mirror of https://mirror.git.trinitydesktop.org/gitea/uLab/xrdp-proprietary
0
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #509 from proski/sec_level

Browse Source 
Security level fixes
master
metalefty 8 years ago committed by GitHub
parent 679c4b3558 d3c36b0376
commit 8b40023801
2 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File

9
libxrdp/xrdp_iso.c
Unescape View File

@ -20,6 +20,7 @@
*/ */
#include "libxrdp.h" #include "libxrdp.h"
#include "log.h"
#define LOG_LEVEL 1 #define LOG_LEVEL 1
#define LLOG(_level, _args) \ #define LLOG(_level, _args) \
@ -97,7 +98,9 @@ xrdp_iso_negotiate_security(struct xrdp_iso *self)
case PROTOCOL_HYBRID: case PROTOCOL_HYBRID:
case PROTOCOL_HYBRID_EX: case PROTOCOL_HYBRID_EX:
default: default:
if (self->requestedProtocol & PROTOCOL_SSL) if ((self->requestedProtocol & PROTOCOL_SSL) &&
g_file_exist(client_info->certificate) &&
g_file_exist(client_info->key_file))
{ {
/* that's a patch since we don't support CredSSP for now */ /* that's a patch since we don't support CredSSP for now */
self->selectedProtocol = PROTOCOL_SSL; self->selectedProtocol = PROTOCOL_SSL;
@ -109,8 +112,8 @@ xrdp_iso_negotiate_security(struct xrdp_iso *self)
break; break;
} }
LLOGLN(10, ("xrdp_iso_negotiate_security: server security layer %d , client security layer %d", log_message(LOG_LEVEL_DEBUG, "Security layer: requested %d, selected %d",
self->selectedProtocol, self->requestedProtocol)); self->requestedProtocol, self->selectedProtocol);
return rv; return rv;
} }

9
libxrdp/xrdp_rdp.c
Unescape View File

@ -182,10 +182,15 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info)
{ {
client_info->security_layer = PROTOCOL_SSL | PROTOCOL_HYBRID; client_info->security_layer = PROTOCOL_SSL | PROTOCOL_HYBRID;
} }
else if (g_strcasecmp(value, "negotiate") == 0)
{
client_info->security_layer = PROTOCOL_SSL | PROTOCOL_HYBRID | PROTOCOL_HYBRID_EX;
}
else else
{ {
log_message(LOG_LEVEL_ALWAYS,"Warning: Your configured security layer is " log_message(LOG_LEVEL_ERROR, "security_layer=%s is not "
"undefined, xrdp will negotiate client compatible"); "recognized, will use security_layer=negotiate",
value);
client_info->security_layer = PROTOCOL_SSL | PROTOCOL_HYBRID | PROTOCOL_HYBRID_EX; client_info->security_layer = PROTOCOL_SSL | PROTOCOL_HYBRID | PROTOCOL_HYBRID_EX;
} }
} }

Write Preview
Loading…
Cancel
Save