summaryrefslogtreecommitdiffstats
path: root/libxrdp
diff options
context:
space:
mode:
Diffstat (limited to 'libxrdp')
-rw-r--r--libxrdp/xrdp_rdp.c9
-rw-r--r--libxrdp/xrdp_sec.c28
2 files changed, 14 insertions, 23 deletions
diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c
index e0443a3b..4fc83ae8 100644
--- a/libxrdp/xrdp_rdp.c
+++ b/libxrdp/xrdp_rdp.c
@@ -385,15 +385,6 @@ xrdp_rdp_recv(struct xrdp_rdp *self, struct stream *s, int *code)
chan = 0;
error = xrdp_sec_recv(self->sec_layer, s, &chan);
- if (error == 3)
- {
- /* unencrypted confirm active msg arrived */
- s->next_packet = 0;
- *code = 3;
- DEBUG(("out (0) xrdp_rdp_recv"));
- return 0;
- }
-
if (error == -1) /* special code for send demand active */
{
s->next_packet = 0;
diff --git a/libxrdp/xrdp_sec.c b/libxrdp/xrdp_sec.c
index 035b8d54..63957a45 100644
--- a/libxrdp/xrdp_sec.c
+++ b/libxrdp/xrdp_sec.c
@@ -185,6 +185,8 @@ static const tui8 g_fips_ivec[8] =
0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF
};
+static int is_security_header_present = 1; /* next packet should contain security header? */
+
/*****************************************************************************/
static void APP_CC
hex_str_to_bin(char *in, char *out, int out_len)
@@ -1206,17 +1208,9 @@ xrdp_sec_recv(struct xrdp_sec *self, struct stream *s, int *chan)
return 1;
}
- /* TODO: HACK, we should recognize packets without security header
- However, client info packet and license packet always have security header. */
- if (s->data[17] == 0x13) /* confirm active pdu */
- {
- g_writeln("CONFIRM ACTIVE ARRIVED");
- return 0;
- }
- if (s->data[17] == 0x17 || s->data[16] == 0x17) /* rdp data pdu */
+ if (!is_security_header_present)
{
- g_writeln("RDP DATA ARRIVED");
return 0;
}
@@ -1329,6 +1323,12 @@ xrdp_sec_recv(struct xrdp_sec *self, struct stream *s, int *chan)
return 1;
}
+ if (self->crypt_level == CRYPT_LEVEL_NONE
+ && self->crypt_method == CRYPT_METHOD_NONE)
+ {
+ is_security_header_present = 0; /* in tls mode, no more security header from now on */
+ }
+
DEBUG((" out xrdp_sec_recv"));
return -1; /* special error that means send demand active */
}
@@ -1791,11 +1791,11 @@ xrdp_sec_process_mcs_data_CS_SECURITY(struct xrdp_sec *self, struct stream* s)
found = 1;
}
}
- if (found == 0)
- {
- g_writeln(" can not find client / server agreed encryption method");
- return 1;
- }
+// if (found == 0)
+// {
+// g_writeln(" can not find client / server agreed encryption method");
+// return 1;
+// }
return 0;
}