Shorten parameter names, combine enable-tls and enable-nla into a single security parameter.
This commit is contained in:
parent
d2cdb055f8
commit
ac2bf524d9
@ -109,10 +109,9 @@ const char* GUAC_CLIENT_ARGS[] = {
|
||||
"console",
|
||||
"console-audio",
|
||||
"server-layout",
|
||||
"enable-nla",
|
||||
"enable-tls",
|
||||
"ignore-certificate",
|
||||
"enable-authentication",
|
||||
"security",
|
||||
"ignore-cert",
|
||||
"enable-auth",
|
||||
NULL
|
||||
};
|
||||
|
||||
@ -132,8 +131,7 @@ enum RDP_ARGS_IDX {
|
||||
IDX_CONSOLE,
|
||||
IDX_CONSOLE_AUDIO,
|
||||
IDX_SERVER_LAYOUT,
|
||||
IDX_ENABLE_NLA,
|
||||
IDX_ENABLE_TLS,
|
||||
IDX_SECURITY,
|
||||
IDX_IGNORE_CERT,
|
||||
IDX_ENABLE_AUTH,
|
||||
RDP_ARGS_COUNT
|
||||
@ -414,11 +412,19 @@ int guac_client_init(guac_client* client, int argc, char** argv) {
|
||||
settings->console_audio = (strcmp(argv[IDX_CONSOLE_AUDIO], "true") == 0);
|
||||
|
||||
/* Security */
|
||||
settings->enable_nla_security = (strcmp(argv[IDX_ENABLE_NLA], "true") == 0);
|
||||
settings->enable_tls_security = (strcmp(argv[IDX_ENABLE_TLS], "true") == 0);
|
||||
settings->ignore_certificate = (strcmp(argv[IDX_IGNORE_CERT], "true") == 0);
|
||||
settings->enable_authentication = (strcmp(argv[IDX_ENABLE_AUTH], "true") == 0);
|
||||
|
||||
/* Parse security mode */
|
||||
if (strcmp(argv[IDX_SECURITY], "nla") == 0)
|
||||
settings->security_mode = GUAC_SECURITY_NLA;
|
||||
else if (strcmp(argv[IDX_SECURITY], "tls") == 0)
|
||||
settings->security_mode = GUAC_SECURITY_TLS;
|
||||
else if (strcmp(argv[IDX_SECURITY], "any") == 0)
|
||||
settings->security_mode = GUAC_SECURITY_ANY;
|
||||
else
|
||||
settings->security_mode = GUAC_SECURITY_RDP;
|
||||
|
||||
/* Set hostname */
|
||||
settings->hostname = strdup(argv[IDX_HOSTNAME]);
|
||||
|
||||
|
@ -104,30 +104,81 @@ void guac_rdp_push_settings(guac_rdp_settings* guac_settings, freerdp* rdp) {
|
||||
#endif
|
||||
|
||||
/* Security */
|
||||
switch (guac_settings->security_mode) {
|
||||
|
||||
/* Standard RDP encryption */
|
||||
case GUAC_SECURITY_RDP:
|
||||
#ifdef LEGACY_RDPSETTINGS
|
||||
rdp_settings->rdp_security = TRUE;
|
||||
rdp_settings->tls_security = FALSE;
|
||||
rdp_settings->nla_security = FALSE;
|
||||
rdp_settings->encryption_level = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE;
|
||||
rdp_settings->encryption_method =
|
||||
ENCRYPTION_METHOD_40BIT
|
||||
| ENCRYPTION_METHOD_128BIT
|
||||
| ENCRYPTION_METHOD_FIPS;
|
||||
#else
|
||||
rdp_settings->RdpSecurity = TRUE;
|
||||
rdp_settings->TlsSecurity = FALSE;
|
||||
rdp_settings->NlaSecurity = FALSE;
|
||||
rdp_settings->EncryptionLevel = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE;
|
||||
rdp_settings->EncryptionMethods =
|
||||
ENCRYPTION_METHOD_40BIT
|
||||
| ENCRYPTION_METHOD_128BIT
|
||||
| ENCRYPTION_METHOD_FIPS;
|
||||
#endif
|
||||
break;
|
||||
|
||||
/* TLS encryption */
|
||||
case GUAC_SECURITY_TLS:
|
||||
#ifdef LEGACY_RDPSETTINGS
|
||||
rdp_settings->rdp_security = FALSE;
|
||||
rdp_settings->tls_security = TRUE;
|
||||
rdp_settings->nla_security = FALSE;
|
||||
#else
|
||||
rdp_settings->RdpSecurity = FALSE;
|
||||
rdp_settings->TlsSecurity = TRUE;
|
||||
rdp_settings->NlaSecurity = FALSE;
|
||||
#endif
|
||||
break;
|
||||
|
||||
/* Network level authentication */
|
||||
case GUAC_SECURITY_NLA:
|
||||
#ifdef LEGACY_RDPSETTINGS
|
||||
rdp_settings->rdp_security = FALSE;
|
||||
rdp_settings->tls_security = FALSE;
|
||||
rdp_settings->nla_security = TRUE;
|
||||
#else
|
||||
rdp_settings->RdpSecurity = FALSE;
|
||||
rdp_settings->TlsSecurity = FALSE;
|
||||
rdp_settings->NlaSecurity = TRUE;
|
||||
#endif
|
||||
break;
|
||||
|
||||
/* All security types */
|
||||
case GUAC_SECURITY_ANY:
|
||||
#ifdef LEGACY_RDPSETTINGS
|
||||
rdp_settings->rdp_security = TRUE;
|
||||
rdp_settings->tls_security = TRUE;
|
||||
rdp_settings->nla_security = TRUE;
|
||||
#else
|
||||
rdp_settings->RdpSecurity = TRUE;
|
||||
rdp_settings->TlsSecurity = TRUE;
|
||||
rdp_settings->NlaSecurity = TRUE;
|
||||
#endif
|
||||
break;
|
||||
|
||||
}
|
||||
|
||||
/* Authentication */
|
||||
#ifdef LEGACY_RDPSETTINGS
|
||||
rdp_settings->authentication = guac_settings->enable_authentication;
|
||||
rdp_settings->rdp_security = TRUE;
|
||||
rdp_settings->tls_security = guac_settings->enable_tls_security;
|
||||
rdp_settings->nla_security = guac_settings->enable_nla_security;
|
||||
rdp_settings->ignore_certificate = guac_settings->ignore_certificate;
|
||||
rdp_settings->encryption = TRUE;
|
||||
rdp_settings->encryption_level = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE;
|
||||
rdp_settings->encryption_method =
|
||||
ENCRYPTION_METHOD_40BIT
|
||||
| ENCRYPTION_METHOD_128BIT
|
||||
| ENCRYPTION_METHOD_FIPS;
|
||||
#else
|
||||
rdp_settings->Authentication = guac_settings->enable_authentication;
|
||||
rdp_settings->RdpSecurity = TRUE;
|
||||
rdp_settings->TlsSecurity = guac_settings->enable_tls_security;
|
||||
rdp_settings->NlaSecurity = guac_settings->enable_nla_security;
|
||||
rdp_settings->IgnoreCertificate = guac_settings->ignore_certificate;
|
||||
rdp_settings->DisableEncryption = FALSE;
|
||||
rdp_settings->EncryptionLevel = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE;
|
||||
rdp_settings->EncryptionMethods =
|
||||
ENCRYPTION_METHOD_40BIT
|
||||
| ENCRYPTION_METHOD_128BIT
|
||||
| ENCRYPTION_METHOD_FIPS;
|
||||
#endif
|
||||
|
||||
/* Order support */
|
||||
|
@ -63,6 +63,33 @@
|
||||
*/
|
||||
#define RDP_DEFAULT_DEPTH 16
|
||||
|
||||
/**
|
||||
* All supported combinations of security types.
|
||||
*/
|
||||
typedef enum guac_rdp_security {
|
||||
|
||||
/**
|
||||
* Standard RDP encryption.
|
||||
*/
|
||||
GUAC_SECURITY_RDP,
|
||||
|
||||
/**
|
||||
* TLS encryption.
|
||||
*/
|
||||
GUAC_SECURITY_TLS,
|
||||
|
||||
/**
|
||||
* Network level authentication.
|
||||
*/
|
||||
GUAC_SECURITY_NLA,
|
||||
|
||||
/**
|
||||
* Any method supported by the server.
|
||||
*/
|
||||
GUAC_SECURITY_ANY
|
||||
|
||||
} guac_rdp_security;
|
||||
|
||||
/**
|
||||
* All settings supported by the Guacamole RDP client.
|
||||
*/
|
||||
@ -139,14 +166,9 @@ typedef struct guac_rdp_settings {
|
||||
char* initial_program;
|
||||
|
||||
/**
|
||||
* Whether NLA security is enabled.
|
||||
* The type of security to use for the connection.
|
||||
*/
|
||||
int enable_nla_security;
|
||||
|
||||
/**
|
||||
* Whether TLS security is enabled.
|
||||
*/
|
||||
int enable_tls_security;
|
||||
guac_rdp_security security_mode;
|
||||
|
||||
/**
|
||||
* Whether bad server certificates should be ignored.
|
||||
|
Loading…
Reference in New Issue
Block a user