GUACAMOLE-249: Default to negotiated security mode, not old "RDP" encryption.
This commit is contained in:
parent
a76e307176
commit
2ed0d042a3
@ -232,7 +232,8 @@ enum RDP_ARGS_IDX {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* The type of security to use for the connection. Valid values are "rdp",
|
* The type of security to use for the connection. Valid values are "rdp",
|
||||||
* "tls", "nla", or "any". By default, "rdp" security is used.
|
* "tls", "nla", "nla-ext", or "any". By default, the security mode is
|
||||||
|
* negotiated ("any").
|
||||||
*/
|
*/
|
||||||
IDX_SECURITY,
|
IDX_SECURITY,
|
||||||
|
|
||||||
@ -587,16 +588,16 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
|
|||||||
settings->security_mode = GUAC_SECURITY_RDP;
|
settings->security_mode = GUAC_SECURITY_RDP;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ANY security (allow server to choose) */
|
/* Negotiate security (allow server to choose) */
|
||||||
else if (strcmp(argv[IDX_SECURITY], "any") == 0) {
|
else if (strcmp(argv[IDX_SECURITY], "any") == 0) {
|
||||||
guac_user_log(user, GUAC_LOG_INFO, "Security mode: ANY");
|
guac_user_log(user, GUAC_LOG_INFO, "Security mode: Negotiate (ANY)");
|
||||||
settings->security_mode = GUAC_SECURITY_ANY;
|
settings->security_mode = GUAC_SECURITY_ANY;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If nothing given, default to RDP */
|
/* If nothing given, default to RDP */
|
||||||
else {
|
else {
|
||||||
guac_user_log(user, GUAC_LOG_INFO, "No security mode specified. Defaulting to RDP.");
|
guac_user_log(user, GUAC_LOG_INFO, "No security mode specified. Defaulting to security mode negotiation with server.");
|
||||||
settings->security_mode = GUAC_SECURITY_RDP;
|
settings->security_mode = GUAC_SECURITY_ANY;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Set hostname */
|
/* Set hostname */
|
||||||
@ -1202,7 +1203,7 @@ void guac_rdp_push_settings(guac_client* client,
|
|||||||
/* Security */
|
/* Security */
|
||||||
switch (guac_settings->security_mode) {
|
switch (guac_settings->security_mode) {
|
||||||
|
|
||||||
/* Standard RDP encryption */
|
/* Legacy RDP encryption */
|
||||||
case GUAC_SECURITY_RDP:
|
case GUAC_SECURITY_RDP:
|
||||||
rdp_settings->RdpSecurity = TRUE;
|
rdp_settings->RdpSecurity = TRUE;
|
||||||
rdp_settings->TlsSecurity = FALSE;
|
rdp_settings->TlsSecurity = FALSE;
|
||||||
|
@ -64,7 +64,7 @@
|
|||||||
typedef enum guac_rdp_security {
|
typedef enum guac_rdp_security {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Standard RDP encryption.
|
* Legacy RDP encryption.
|
||||||
*/
|
*/
|
||||||
GUAC_SECURITY_RDP,
|
GUAC_SECURITY_RDP,
|
||||||
|
|
||||||
@ -79,7 +79,7 @@ typedef enum guac_rdp_security {
|
|||||||
GUAC_SECURITY_NLA,
|
GUAC_SECURITY_NLA,
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Any method supported by the server.
|
* Negotiate a security method supported by both server and client.
|
||||||
*/
|
*/
|
||||||
GUAC_SECURITY_ANY
|
GUAC_SECURITY_ANY
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user