summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLaxmikant Rashinkar <LK.Rashinkar@gmail.com>2013-08-03 15:47:26 -0700
committerLaxmikant Rashinkar <LK.Rashinkar@gmail.com>2013-08-03 15:47:26 -0700
commit474d17d556d1f056b4055643a6a897483100dd7e (patch)
tree5291b88cfd11898abd6ccc1637777350635806da
parent9c237d1cc6ab6d741eb945f5296d7f9c5cc11c79 (diff)
downloadxrdp-proprietary-474d17d556d1f056b4055643a6a897483100dd7e.tar.gz
xrdp-proprietary-474d17d556d1f056b4055643a6a897483100dd7e.zip
xrdp: added support for forcing credentials on command line
-rw-r--r--common/xrdp_client_info.h1
-rw-r--r--libxrdp/xrdp_rdp.c4
-rw-r--r--libxrdp/xrdp_sec.c2
-rw-r--r--xrdp/xrdp.ini4
4 files changed, 11 insertions, 0 deletions
diff --git a/common/xrdp_client_info.h b/common/xrdp_client_info.h
index aefc7119..43ff3f82 100644
--- a/common/xrdp_client_info.h
+++ b/common/xrdp_client_info.h
@@ -92,6 +92,7 @@ struct xrdp_client_info
int use_bulk_comp;
int pointer_flags; /* 0 color, 1 new, 2 no new */
int use_fast_path;
+ int require_credentials; /* when true, credentials *must* be passed on cmd line */
};
#endif
diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c
index 82ccdea0..93219968 100644
--- a/libxrdp/xrdp_rdp.c
+++ b/libxrdp/xrdp_rdp.c
@@ -135,6 +135,10 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info)
{
client_info->pointer_flags = text2bool(value) == 0 ? 2 : 0;
}
+ else if (g_strcasecmp(item, "require_credentials") == 0)
+ {
+ client_info->require_credentials = text2bool(value);
+ }
}
list_delete(items);
diff --git a/libxrdp/xrdp_sec.c b/libxrdp/xrdp_sec.c
index 54d5d0de..726fcde4 100644
--- a/libxrdp/xrdp_sec.c
+++ b/libxrdp/xrdp_sec.c
@@ -451,6 +451,8 @@ xrdp_sec_process_logon_info(struct xrdp_sec *self, struct stream *s)
else
{
in_uint8s(s, len_password + 2);
+ if (self->rdp_layer->client_info.require_credentials)
+ return 1; /* credentials on cmd line is mandatory */
}
unicode_in(s, len_program, self->rdp_layer->client_info.program, 255);
diff --git a/xrdp/xrdp.ini b/xrdp/xrdp.ini
index ea6576cb..8d97c0d3 100644
--- a/xrdp/xrdp.ini
+++ b/xrdp/xrdp.ini
@@ -24,6 +24,10 @@ tcp_keepalive=yes
#background=626c72
#autorun=xrdp1
#hidelogwindow=yes
+
+# when true, userid/password *must* be passed on cmd line
+# require_credentials=yes
+
#bulk_compression=yes
# You can set the PAM error text in a gateway setup (MAX 256 chars)
#pamerrortxt=change your password according to policy at http://url