diff --git a/src/protocols/rdp/settings.c b/src/protocols/rdp/settings.c index 21a32b72..c6db3c8f 100644 --- a/src/protocols/rdp/settings.c +++ b/src/protocols/rdp/settings.c @@ -235,8 +235,8 @@ enum RDP_ARGS_IDX { /** * The type of security to use for the connection. Valid values are "rdp", - * "tls", "nla", "nla-ext", or "any". By default, the security mode is - * negotiated ("any"). + * "tls", "nla", "nla-ext", "vmconnect", or "any". By default, the security + * mode is negotiated ("any"). */ IDX_SECURITY, @@ -611,6 +611,12 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user, settings->security_mode = GUAC_SECURITY_RDP; } + /* Negotiate security supported by VMConnect */ + else if (strcmp(argv[IDX_SECURITY], "vmconnect") == 0) { + guac_user_log(user, GUAC_LOG_INFO, "Security mode: Hyper-V / VMConnect"); + settings->security_mode = GUAC_SECURITY_VMCONNECT; + } + /* Negotiate security (allow server to choose) */ else if (strcmp(argv[IDX_SECURITY], "any") == 0) { guac_user_log(user, GUAC_LOG_INFO, "Security mode: Negotiate (ANY)"); @@ -628,10 +634,10 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user, guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv, IDX_HOSTNAME, ""); - /* If port specified, use it */ + /* If port specified, use it, otherwise use an appropriate default */ settings->port = - guac_user_parse_args_int(user, GUAC_RDP_CLIENT_ARGS, argv, - IDX_PORT, RDP_DEFAULT_PORT); + guac_user_parse_args_int(user, GUAC_RDP_CLIENT_ARGS, argv, IDX_PORT, + settings->security_mode == GUAC_SECURITY_VMCONNECT ? RDP_DEFAULT_VMCONNECT_PORT : RDP_DEFAULT_PORT); guac_user_log(user, GUAC_LOG_DEBUG, "User resolution is %ix%i at %i DPI", @@ -1268,6 +1274,15 @@ void guac_rdp_push_settings(guac_client* client, rdp_settings->ExtSecurity = TRUE; break; + /* Hyper-V "VMConnect" negotiation mode */ + case GUAC_SECURITY_VMCONNECT: + rdp_settings->RdpSecurity = FALSE; + rdp_settings->TlsSecurity = TRUE; + rdp_settings->NlaSecurity = TRUE; + rdp_settings->ExtSecurity = FALSE; + rdp_settings->VmConnectMode = TRUE; + break; + /* All security types */ case GUAC_SECURITY_ANY: rdp_settings->RdpSecurity = TRUE; diff --git a/src/protocols/rdp/settings.h b/src/protocols/rdp/settings.h index e4c579ed..70199b8f 100644 --- a/src/protocols/rdp/settings.h +++ b/src/protocols/rdp/settings.h @@ -38,6 +38,11 @@ */ #define RDP_DEFAULT_PORT 3389 +/** + * The default RDP port used by Hyper-V "VMConnect". + */ +#define RDP_DEFAULT_VMCONNECT_PORT 2179 + /** * Default screen width, in pixels. */ @@ -93,6 +98,11 @@ typedef enum guac_rdp_security { */ GUAC_SECURITY_EXTENDED_NLA, + /** + * Negotiate security methods supported by Hyper-V's "VMConnect" feature. + */ + GUAC_SECURITY_VMCONNECT, + /** * Negotiate a security method supported by both server and client. */