diff options
| author | Jay Sorg <jay.sorg@gmail.com> | 2017-06-08 09:39:07 -0700 |
|---|---|---|
| committer | metalefty <meta@vmeta.jp> | 2017-06-22 11:47:48 +0900 |
| commit | 8d63c32899ff9972e45cbb19f7aa020da31bbd8e (patch) | |
| tree | 85e1cb7dea383aaeeb0d616d6464fe8dce1eead4 /libxrdp | |
| parent | 5def0596e0c8832d8c47396b7b5ab91258e3e4d9 (diff) | |
| download | xrdp-proprietary-8d63c32899ff9972e45cbb19f7aa020da31bbd8e.tar.gz xrdp-proprietary-8d63c32899ff9972e45cbb19f7aa020da31bbd8e.zip | |
move openssl calls to common/libssl.c, check for defines
Diffstat (limited to 'libxrdp')
| -rw-r--r-- | libxrdp/xrdp_rdp.c | 43 |
1 files changed, 6 insertions, 37 deletions
diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c index ea3f446e..099cec47 100644 --- a/libxrdp/xrdp_rdp.c +++ b/libxrdp/xrdp_rdp.c @@ -22,9 +22,9 @@ #include <config_ac.h> #endif -#include <openssl/ssl.h> #include "libxrdp.h" #include "log.h" +#include "ssl_calls.h" #if defined(XRDP_NEUTRINORDP) #include <freerdp/codec/rfx.h> @@ -49,7 +49,7 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info) char *item = NULL; char *value = NULL; char cfg_file[256]; - char *p = NULL; + int pos; char *tmp = NULL; int tmp_length = 0; @@ -174,44 +174,13 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info) tmp_length = g_strlen(value) + 3; tmp = g_new(char, tmp_length); g_snprintf(tmp, tmp_length, "%s%s%s", ",", value, ","); + /* replace all spaces with comma */ /* to accept space after comma */ - while ((p = (char *) g_strchr(tmp, ' ')) != NULL) + while ((pos = g_pos(tmp, " ")) != -1) { - *p = ','; - } - - /* disable all protocols first, enable later */ - client_info->ssl_protocols = - SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2; - - if (g_pos(tmp, ",TLSv1.2,") >= 0) - { - log_message(LOG_LEVEL_DEBUG, "TLSv1.2 enabled"); - client_info->ssl_protocols &= ~SSL_OP_NO_TLSv1_2; - } - if (g_pos(tmp, ",TLSv1.1,") >= 0) - { - log_message(LOG_LEVEL_DEBUG, "TLSv1.1 enabled"); - client_info->ssl_protocols &= ~SSL_OP_NO_TLSv1_1; - } - if (g_pos(tmp, ",TLSv1,") >= 0) - { - log_message(LOG_LEVEL_DEBUG, "TLSv1 enabled"); - client_info->ssl_protocols &= ~SSL_OP_NO_TLSv1; - } - if (g_pos(tmp, ",SSLv3,") >= 0) - { - log_message(LOG_LEVEL_DEBUG, "SSLv3 enabled"); - client_info->ssl_protocols &= ~SSL_OP_NO_SSLv3; - } - - if (client_info->ssl_protocols == - (SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2)) - { - log_message(LOG_LEVEL_WARNING, "No SSL/TLS protocols enabled. " - "At least one protocol should be enabled to accept " - "TLS connections."); + tmp[pos] = ','; } + ssl_get_protocols_from_string(tmp, &(client_info->ssl_protocols)); g_free(tmp); } else if (g_strcasecmp(item, "tls_ciphers") == 0) |