From 3b560044bcb81202c7fcb837f5f7df59c97bcf0a Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sun, 22 Sep 2019 12:12:26 -0700 Subject: [PATCH] GUACAMOLE-249: Correct prototype of certificate verification callback. If accepting the certificate, request that FreeRDP not store it. --- src/protocols/rdp/rdp.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/protocols/rdp/rdp.c b/src/protocols/rdp/rdp.c index 7b0644b2..a9e4b7d6 100644 --- a/src/protocols/rdp/rdp.c +++ b/src/protocols/rdp/rdp.c @@ -378,8 +378,9 @@ static BOOL rdp_freerdp_authenticate(freerdp* instance, char** username, * @return * TRUE if the certificate passes verification, FALSE otherwise. */ -static BOOL rdp_freerdp_verify_certificate(freerdp* instance, char* subject, - char* issuer, char* fingerprint) { +static DWORD rdp_freerdp_verify_certificate(freerdp* instance, + const char* common_name, const char* subject, const char* issuer, + const char* fingerprint, BOOL host_mismatch) { rdpContext* context = instance->context; guac_client* client = ((rdp_freerdp_context*) context)->client; @@ -389,11 +390,11 @@ static BOOL rdp_freerdp_verify_certificate(freerdp* instance, char* subject, /* Bypass validation if ignore_certificate given */ if (rdp_client->settings->ignore_certificate) { guac_client_log(client, GUAC_LOG_INFO, "Certificate validation bypassed"); - return TRUE; + return 2; /* Accept only for this session */ } guac_client_log(client, GUAC_LOG_INFO, "Certificate validation failed"); - return FALSE; + return 0; /* Reject certificate */ }