summaryrefslogtreecommitdiffstats
path: root/libxrdp/xrdp_iso.c
diff options
context:
space:
mode:
Diffstat (limited to 'libxrdp/xrdp_iso.c')
-rw-r--r--libxrdp/xrdp_iso.c15
1 files changed, 7 insertions, 8 deletions
diff --git a/libxrdp/xrdp_iso.c b/libxrdp/xrdp_iso.c
index 6fb803ad..ee490839 100644
--- a/libxrdp/xrdp_iso.c
+++ b/libxrdp/xrdp_iso.c
@@ -56,8 +56,6 @@ xrdp_iso_process_rdpNegReq(struct xrdp_iso *self, struct stream *s)
int flags;
int len;
- DEBUG((" in xrdp_iso_process_neg_req"));
-
in_uint8(s, flags);
if (flags != 0x0 && flags != 0x8 && flags != 0x1)
{
@@ -80,7 +78,6 @@ xrdp_iso_process_rdpNegReq(struct xrdp_iso *self, struct stream *s)
return 1;
}
- DEBUG((" out xrdp_iso_process_rdpNegReq"));
return 0;
}
/*****************************************************************************/
@@ -279,8 +276,7 @@ xrdp_iso_incoming(struct xrdp_iso *self)
self->rdpNegData = 1;
if (xrdp_iso_process_rdpNegReq(self, s) != 0)
{
- g_writeln(
- "xrdp_iso_incoming: xrdp_iso_process_rdpNegReq returned non zero");
+ g_writeln("xrdp_iso_incoming: xrdp_iso_process_rdpNegReq returned non zero");
return 1;
}
break;
@@ -306,12 +302,10 @@ xrdp_iso_incoming(struct xrdp_iso *self)
}
}
+ int serverSecurityLayer = self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer;
/* security layer negotiation */
if (self->rdpNegData)
{
- int
- serverSecurityLayer =
- self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer;
self->selectedProtocol = PROTOCOL_RDP; /* set default security layer */
switch (serverSecurityLayer)
@@ -372,6 +366,11 @@ xrdp_iso_incoming(struct xrdp_iso *self)
self->failureCode = INCONSISTENT_FLAGS; //TODO: ?
}
}
+ else if (self->requestedProtocol != serverSecurityLayer)
+ {
+ /* enforce server security */
+ return 1;
+ }
/* set things for tls connection */