summaryrefslogtreecommitdiffstats
path: root/libxrdp
diff options
context:
space:
mode:
authorIdan Freiberg <speidy@gmail.com>2014-07-14 15:33:41 +0300
committerIdan Freiberg <speidy@gmail.com>2014-07-14 15:33:41 +0300
commit5fcf6beffa3367b8b313bf4414ffd6b3419c76d1 (patch)
tree66905b9d18b56e3c57126a2c15dfc227cec94514 /libxrdp
parent4ded149eb59e7bc75eb33c3cd91a521c37e4befc (diff)
downloadxrdp-proprietary-5fcf6beffa3367b8b313bf4414ffd6b3419c76d1.tar.gz
xrdp-proprietary-5fcf6beffa3367b8b313bf4414ffd6b3419c76d1.zip
libxrdp: enforce server security layer when rdpNegData is not exists
Diffstat (limited to 'libxrdp')
-rw-r--r--libxrdp/xrdp_iso.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/libxrdp/xrdp_iso.c b/libxrdp/xrdp_iso.c
index 633dc5a9..b15be2ad 100644
--- a/libxrdp/xrdp_iso.c
+++ b/libxrdp/xrdp_iso.c
@@ -305,12 +305,10 @@ xrdp_iso_incoming(struct xrdp_iso *self)
}
}
+ int serverSecurityLayer = self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer;
/* security layer negotiation */
if (self->rdpNegData)
{
- int
- serverSecurityLayer =
- self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer;
self->selectedProtocol = PROTOCOL_RDP; /* set default security layer */
switch (serverSecurityLayer)
@@ -371,6 +369,11 @@ xrdp_iso_incoming(struct xrdp_iso *self)
self->failureCode = INCONSISTENT_FLAGS; //TODO: ?
}
}
+ else if (self->requestedProtocol != serverSecurityLayer)
+ {
+ /* enforce server security */
+ return 1;
+ }
/* set things for tls connection */