diff options
| author | jsorg71 <jay.sorg@gmail.com> | 2014-07-23 19:54:55 -0700 |
|---|---|---|
| committer | jsorg71 <jay.sorg@gmail.com> | 2014-07-23 19:54:55 -0700 |
| commit | a4721e8c7ce94f49ba1730784a651275e430fd9b (patch) | |
| tree | 5dda767c72daf9dd9e202331139935693266d970 /libxrdp/xrdp_iso.c | |
| parent | fde7be5151f7db096610cb59ca964e22e6af79fb (diff) | |
| parent | 16929efb059e1e29c826388e5d57be82014d241b (diff) | |
| download | xrdp-proprietary-a4721e8c7ce94f49ba1730784a651275e430fd9b.tar.gz xrdp-proprietary-a4721e8c7ce94f49ba1730784a651275e430fd9b.zip | |
Merge pull request #156 from speidy/devel
work on TLS security mode
Diffstat (limited to 'libxrdp/xrdp_iso.c')
| -rw-r--r-- | libxrdp/xrdp_iso.c | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/libxrdp/xrdp_iso.c b/libxrdp/xrdp_iso.c index 6fb803ad..ee490839 100644 --- a/libxrdp/xrdp_iso.c +++ b/libxrdp/xrdp_iso.c @@ -56,8 +56,6 @@ xrdp_iso_process_rdpNegReq(struct xrdp_iso *self, struct stream *s) int flags; int len; - DEBUG((" in xrdp_iso_process_neg_req")); - in_uint8(s, flags); if (flags != 0x0 && flags != 0x8 && flags != 0x1) { @@ -80,7 +78,6 @@ xrdp_iso_process_rdpNegReq(struct xrdp_iso *self, struct stream *s) return 1; } - DEBUG((" out xrdp_iso_process_rdpNegReq")); return 0; } /*****************************************************************************/ @@ -279,8 +276,7 @@ xrdp_iso_incoming(struct xrdp_iso *self) self->rdpNegData = 1; if (xrdp_iso_process_rdpNegReq(self, s) != 0) { - g_writeln( - "xrdp_iso_incoming: xrdp_iso_process_rdpNegReq returned non zero"); + g_writeln("xrdp_iso_incoming: xrdp_iso_process_rdpNegReq returned non zero"); return 1; } break; @@ -306,12 +302,10 @@ xrdp_iso_incoming(struct xrdp_iso *self) } } + int serverSecurityLayer = self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer; /* security layer negotiation */ if (self->rdpNegData) { - int - serverSecurityLayer = - self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer; self->selectedProtocol = PROTOCOL_RDP; /* set default security layer */ switch (serverSecurityLayer) @@ -372,6 +366,11 @@ xrdp_iso_incoming(struct xrdp_iso *self) self->failureCode = INCONSISTENT_FLAGS; //TODO: ? } } + else if (self->requestedProtocol != serverSecurityLayer) + { + /* enforce server security */ + return 1; + } /* set things for tls connection */ |