GUACAMOLE-249: Default to negotiated security mode, not old "RDP" encryption.

This commit is contained in:
Michael Jumper 2019-09-29 14:34:05 -07:00
parent a76e307176
commit 2ed0d042a3
2 changed files with 9 additions and 8 deletions

View File

@ -232,7 +232,8 @@ enum RDP_ARGS_IDX {
/**
* The type of security to use for the connection. Valid values are "rdp",
* "tls", "nla", or "any". By default, "rdp" security is used.
* "tls", "nla", "nla-ext", or "any". By default, the security mode is
* negotiated ("any").
*/
IDX_SECURITY,
@ -587,16 +588,16 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
settings->security_mode = GUAC_SECURITY_RDP;
}
/* ANY security (allow server to choose) */
/* Negotiate security (allow server to choose) */
else if (strcmp(argv[IDX_SECURITY], "any") == 0) {
guac_user_log(user, GUAC_LOG_INFO, "Security mode: ANY");
guac_user_log(user, GUAC_LOG_INFO, "Security mode: Negotiate (ANY)");
settings->security_mode = GUAC_SECURITY_ANY;
}
/* If nothing given, default to RDP */
else {
guac_user_log(user, GUAC_LOG_INFO, "No security mode specified. Defaulting to RDP.");
settings->security_mode = GUAC_SECURITY_RDP;
guac_user_log(user, GUAC_LOG_INFO, "No security mode specified. Defaulting to security mode negotiation with server.");
settings->security_mode = GUAC_SECURITY_ANY;
}
/* Set hostname */
@ -1202,7 +1203,7 @@ void guac_rdp_push_settings(guac_client* client,
/* Security */
switch (guac_settings->security_mode) {
/* Standard RDP encryption */
/* Legacy RDP encryption */
case GUAC_SECURITY_RDP:
rdp_settings->RdpSecurity = TRUE;
rdp_settings->TlsSecurity = FALSE;

View File

@ -64,7 +64,7 @@
typedef enum guac_rdp_security {
/**
* Standard RDP encryption.
* Legacy RDP encryption.
*/
GUAC_SECURITY_RDP,
@ -79,7 +79,7 @@ typedef enum guac_rdp_security {
GUAC_SECURITY_NLA,
/**
* Any method supported by the server.
* Negotiate a security method supported by both server and client.
*/
GUAC_SECURITY_ANY