GUACAMOLE-952: Add security negotiation mode specific to Hyper-V / VMConnect.

This commit is contained in:
Michael Jumper 2020-03-22 16:22:55 -07:00
parent aa8c8cac84
commit 04b8633410
2 changed files with 30 additions and 5 deletions

View File

@ -235,8 +235,8 @@ enum RDP_ARGS_IDX {
/**
* The type of security to use for the connection. Valid values are "rdp",
* "tls", "nla", "nla-ext", or "any". By default, the security mode is
* negotiated ("any").
* "tls", "nla", "nla-ext", "vmconnect", or "any". By default, the security
* mode is negotiated ("any").
*/
IDX_SECURITY,
@ -611,6 +611,12 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
settings->security_mode = GUAC_SECURITY_RDP;
}
/* Negotiate security supported by VMConnect */
else if (strcmp(argv[IDX_SECURITY], "vmconnect") == 0) {
guac_user_log(user, GUAC_LOG_INFO, "Security mode: Hyper-V / VMConnect");
settings->security_mode = GUAC_SECURITY_VMCONNECT;
}
/* Negotiate security (allow server to choose) */
else if (strcmp(argv[IDX_SECURITY], "any") == 0) {
guac_user_log(user, GUAC_LOG_INFO, "Security mode: Negotiate (ANY)");
@ -628,10 +634,10 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_HOSTNAME, "");
/* If port specified, use it */
/* If port specified, use it, otherwise use an appropriate default */
settings->port =
guac_user_parse_args_int(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_PORT, RDP_DEFAULT_PORT);
guac_user_parse_args_int(user, GUAC_RDP_CLIENT_ARGS, argv, IDX_PORT,
settings->security_mode == GUAC_SECURITY_VMCONNECT ? RDP_DEFAULT_VMCONNECT_PORT : RDP_DEFAULT_PORT);
guac_user_log(user, GUAC_LOG_DEBUG,
"User resolution is %ix%i at %i DPI",
@ -1268,6 +1274,15 @@ void guac_rdp_push_settings(guac_client* client,
rdp_settings->ExtSecurity = TRUE;
break;
/* Hyper-V "VMConnect" negotiation mode */
case GUAC_SECURITY_VMCONNECT:
rdp_settings->RdpSecurity = FALSE;
rdp_settings->TlsSecurity = TRUE;
rdp_settings->NlaSecurity = TRUE;
rdp_settings->ExtSecurity = FALSE;
rdp_settings->VmConnectMode = TRUE;
break;
/* All security types */
case GUAC_SECURITY_ANY:
rdp_settings->RdpSecurity = TRUE;

View File

@ -38,6 +38,11 @@
*/
#define RDP_DEFAULT_PORT 3389
/**
* The default RDP port used by Hyper-V "VMConnect".
*/
#define RDP_DEFAULT_VMCONNECT_PORT 2179
/**
* Default screen width, in pixels.
*/
@ -93,6 +98,11 @@ typedef enum guac_rdp_security {
*/
GUAC_SECURITY_EXTENDED_NLA,
/**
* Negotiate security methods supported by Hyper-V's "VMConnect" feature.
*/
GUAC_SECURITY_VMCONNECT,
/**
* Negotiate a security method supported by both server and client.
*/