diff options
Diffstat (limited to 'libxrdp')
-rw-r--r-- | libxrdp/xrdp_rdp.c | 9 | ||||
-rw-r--r-- | libxrdp/xrdp_sec.c | 28 |
2 files changed, 14 insertions, 23 deletions
diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c index e0443a3b..4fc83ae8 100644 --- a/libxrdp/xrdp_rdp.c +++ b/libxrdp/xrdp_rdp.c @@ -385,15 +385,6 @@ xrdp_rdp_recv(struct xrdp_rdp *self, struct stream *s, int *code) chan = 0; error = xrdp_sec_recv(self->sec_layer, s, &chan); - if (error == 3) - { - /* unencrypted confirm active msg arrived */ - s->next_packet = 0; - *code = 3; - DEBUG(("out (0) xrdp_rdp_recv")); - return 0; - } - if (error == -1) /* special code for send demand active */ { s->next_packet = 0; diff --git a/libxrdp/xrdp_sec.c b/libxrdp/xrdp_sec.c index 035b8d54..63957a45 100644 --- a/libxrdp/xrdp_sec.c +++ b/libxrdp/xrdp_sec.c @@ -185,6 +185,8 @@ static const tui8 g_fips_ivec[8] = 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF }; +static int is_security_header_present = 1; /* next packet should contain security header? */ + /*****************************************************************************/ static void APP_CC hex_str_to_bin(char *in, char *out, int out_len) @@ -1206,17 +1208,9 @@ xrdp_sec_recv(struct xrdp_sec *self, struct stream *s, int *chan) return 1; } - /* TODO: HACK, we should recognize packets without security header - However, client info packet and license packet always have security header. */ - if (s->data[17] == 0x13) /* confirm active pdu */ - { - g_writeln("CONFIRM ACTIVE ARRIVED"); - return 0; - } - if (s->data[17] == 0x17 || s->data[16] == 0x17) /* rdp data pdu */ + if (!is_security_header_present) { - g_writeln("RDP DATA ARRIVED"); return 0; } @@ -1329,6 +1323,12 @@ xrdp_sec_recv(struct xrdp_sec *self, struct stream *s, int *chan) return 1; } + if (self->crypt_level == CRYPT_LEVEL_NONE + && self->crypt_method == CRYPT_METHOD_NONE) + { + is_security_header_present = 0; /* in tls mode, no more security header from now on */ + } + DEBUG((" out xrdp_sec_recv")); return -1; /* special error that means send demand active */ } @@ -1791,11 +1791,11 @@ xrdp_sec_process_mcs_data_CS_SECURITY(struct xrdp_sec *self, struct stream* s) found = 1; } } - if (found == 0) - { - g_writeln(" can not find client / server agreed encryption method"); - return 1; - } +// if (found == 0) +// { +// g_writeln(" can not find client / server agreed encryption method"); +// return 1; +// } return 0; } |