libxrdp: added an option to enforce security layer in xrdp.ini

ulab-next-nosound
Idan Freiberg 11 years ago
parent 1330f340c6
commit 9007deae6f

@ -106,7 +106,7 @@ struct xrdp_client_info
char client_addr[256];
char client_port[256];
int nego_sec_layer; /* 0, 1, 2 = RDP security layer, TLS , Negotiate */
int security_layer; /* 0 = rdp, 1 = tls , 2 = hybrid */
int multimon; /* 0 = deny , 1 = allow */
int monitorCount; /* number of monitors detected (max = 16) */
struct monitor_info minfo[16]; /* client monitor data */

@ -156,6 +156,28 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info)
client_info->use_fast_path = 0;
}
}
else if (g_strcasecmp(item, "security_layer") == 0)
{
if (g_strcasecmp(value, "rdp") == 0)
{
client_info->security_layer = 1;
}
else if (g_strcasecmp(value, "tls") == 0)
{
client_info->security_layer = 2;
}
else if (g_strcasecmp(value, "hybrid") == 0)
{
client_info->security_layer = 3;
}
else
{
log_message(LOG_LEVEL_ALWAYS,"Warning: Your configured security layer is"
"undefined, xrdp will negotiate client compatible");
client_info->security_layer = -1;
}
}
}
list_delete(items);

@ -6,6 +6,7 @@ bitmap_cache=yes
bitmap_compression=yes
port=3389
crypt_level=high
security_layer=rdp
allow_channels=true
max_bpp=32
fork=yes
@ -46,7 +47,6 @@ bulk_compression=yes
# You can set the PAM error text in a gateway setup (MAX 256 chars)
#pamerrortxt=change your password according to policy at http://url
new_cursors=yes
#nego_sec_layer=0
allow_multimon=true
# fastpath - can be set to input / output / both / none

Loading…
Cancel
Save