diff options
| author | Pavel Roskin <plroskin@gmail.com> | 2016-11-28 00:12:01 -0800 |
|---|---|---|
| committer | Pavel Roskin <plroskin@gmail.com> | 2016-11-28 00:18:33 -0800 |
| commit | d3c36b03761380f173ca691afb39e82179af11a9 (patch) | |
| tree | efb2fd0bffd299189c632dfa68f74b0cf0f21838 | |
| parent | d73f20499e9b345b84c7ed4a088fed8d2e5facda (diff) | |
| download | xrdp-proprietary-d3c36b03761380f173ca691afb39e82179af11a9.tar.gz xrdp-proprietary-d3c36b03761380f173ca691afb39e82179af11a9.zip | |
Don't select SSL protocol if no keys, fall back to RDP for "hybrid"
If both the client and the server are configured to allow both RDP and
SSL connections, the server is free to choose RDP in absense of the SSL
keys.
| -rw-r--r-- | libxrdp/xrdp_iso.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/libxrdp/xrdp_iso.c b/libxrdp/xrdp_iso.c index b903bb4d..b89e1616 100644 --- a/libxrdp/xrdp_iso.c +++ b/libxrdp/xrdp_iso.c @@ -98,7 +98,9 @@ xrdp_iso_negotiate_security(struct xrdp_iso *self) case PROTOCOL_HYBRID: case PROTOCOL_HYBRID_EX: default: - if (self->requestedProtocol & PROTOCOL_SSL) + if ((self->requestedProtocol & PROTOCOL_SSL) && + g_file_exist(client_info->certificate) && + g_file_exist(client_info->key_file)) { /* that's a patch since we don't support CredSSP for now */ self->selectedProtocol = PROTOCOL_SSL; |