diff options
author | Idan Freiberg <speidy@gmail.com> | 2014-07-14 15:33:41 +0300 |
---|---|---|
committer | Idan Freiberg <speidy@gmail.com> | 2014-07-14 15:33:41 +0300 |
commit | 5fcf6beffa3367b8b313bf4414ffd6b3419c76d1 (patch) | |
tree | 66905b9d18b56e3c57126a2c15dfc227cec94514 /libxrdp/xrdp_iso.c | |
parent | 4ded149eb59e7bc75eb33c3cd91a521c37e4befc (diff) | |
download | xrdp-proprietary-5fcf6beffa3367b8b313bf4414ffd6b3419c76d1.tar.gz xrdp-proprietary-5fcf6beffa3367b8b313bf4414ffd6b3419c76d1.zip |
libxrdp: enforce server security layer when rdpNegData is not exists
Diffstat (limited to 'libxrdp/xrdp_iso.c')
-rw-r--r-- | libxrdp/xrdp_iso.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/libxrdp/xrdp_iso.c b/libxrdp/xrdp_iso.c index 633dc5a9..b15be2ad 100644 --- a/libxrdp/xrdp_iso.c +++ b/libxrdp/xrdp_iso.c @@ -305,12 +305,10 @@ xrdp_iso_incoming(struct xrdp_iso *self) } } + int serverSecurityLayer = self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer; /* security layer negotiation */ if (self->rdpNegData) { - int - serverSecurityLayer = - self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer; self->selectedProtocol = PROTOCOL_RDP; /* set default security layer */ switch (serverSecurityLayer) @@ -371,6 +369,11 @@ xrdp_iso_incoming(struct xrdp_iso *self) self->failureCode = INCONSISTENT_FLAGS; //TODO: ? } } + else if (self->requestedProtocol != serverSecurityLayer) + { + /* enforce server security */ + return 1; + } /* set things for tls connection */ |