GUACAMOLE-952: Merge correct security negotiation behavior for Hyper-V / VMConnect.
This commit is contained in:
commit
e78eb589d9
@ -235,8 +235,8 @@ enum RDP_ARGS_IDX {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* The type of security to use for the connection. Valid values are "rdp",
|
* The type of security to use for the connection. Valid values are "rdp",
|
||||||
* "tls", "nla", "nla-ext", or "any". By default, the security mode is
|
* "tls", "nla", "nla-ext", "vmconnect", or "any". By default, the security
|
||||||
* negotiated ("any").
|
* mode is negotiated ("any").
|
||||||
*/
|
*/
|
||||||
IDX_SECURITY,
|
IDX_SECURITY,
|
||||||
|
|
||||||
@ -611,6 +611,12 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
|
|||||||
settings->security_mode = GUAC_SECURITY_RDP;
|
settings->security_mode = GUAC_SECURITY_RDP;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Negotiate security supported by VMConnect */
|
||||||
|
else if (strcmp(argv[IDX_SECURITY], "vmconnect") == 0) {
|
||||||
|
guac_user_log(user, GUAC_LOG_INFO, "Security mode: Hyper-V / VMConnect");
|
||||||
|
settings->security_mode = GUAC_SECURITY_VMCONNECT;
|
||||||
|
}
|
||||||
|
|
||||||
/* Negotiate security (allow server to choose) */
|
/* Negotiate security (allow server to choose) */
|
||||||
else if (strcmp(argv[IDX_SECURITY], "any") == 0) {
|
else if (strcmp(argv[IDX_SECURITY], "any") == 0) {
|
||||||
guac_user_log(user, GUAC_LOG_INFO, "Security mode: Negotiate (ANY)");
|
guac_user_log(user, GUAC_LOG_INFO, "Security mode: Negotiate (ANY)");
|
||||||
@ -628,10 +634,10 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
|
|||||||
guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv,
|
guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv,
|
||||||
IDX_HOSTNAME, "");
|
IDX_HOSTNAME, "");
|
||||||
|
|
||||||
/* If port specified, use it */
|
/* If port specified, use it, otherwise use an appropriate default */
|
||||||
settings->port =
|
settings->port =
|
||||||
guac_user_parse_args_int(user, GUAC_RDP_CLIENT_ARGS, argv,
|
guac_user_parse_args_int(user, GUAC_RDP_CLIENT_ARGS, argv, IDX_PORT,
|
||||||
IDX_PORT, RDP_DEFAULT_PORT);
|
settings->security_mode == GUAC_SECURITY_VMCONNECT ? RDP_DEFAULT_VMCONNECT_PORT : RDP_DEFAULT_PORT);
|
||||||
|
|
||||||
guac_user_log(user, GUAC_LOG_DEBUG,
|
guac_user_log(user, GUAC_LOG_DEBUG,
|
||||||
"User resolution is %ix%i at %i DPI",
|
"User resolution is %ix%i at %i DPI",
|
||||||
@ -808,15 +814,6 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
|
|||||||
"Preconnection BLOB: \"%s\"", settings->preconnection_blob);
|
"Preconnection BLOB: \"%s\"", settings->preconnection_blob);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Warn if support for the preconnection BLOB / ID is absent */
|
|
||||||
if (settings->preconnection_blob != NULL
|
|
||||||
|| settings->preconnection_id != -1) {
|
|
||||||
guac_user_log(user, GUAC_LOG_WARNING,
|
|
||||||
"Installed version of FreeRDP lacks support for the "
|
|
||||||
"preconnection PDU. The specified preconnection BLOB and/or "
|
|
||||||
"ID will be ignored.");
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Audio enable/disable */
|
/* Audio enable/disable */
|
||||||
settings->audio_enabled =
|
settings->audio_enabled =
|
||||||
!guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
|
!guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
|
||||||
@ -1277,6 +1274,15 @@ void guac_rdp_push_settings(guac_client* client,
|
|||||||
rdp_settings->ExtSecurity = TRUE;
|
rdp_settings->ExtSecurity = TRUE;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
/* Hyper-V "VMConnect" negotiation mode */
|
||||||
|
case GUAC_SECURITY_VMCONNECT:
|
||||||
|
rdp_settings->RdpSecurity = FALSE;
|
||||||
|
rdp_settings->TlsSecurity = TRUE;
|
||||||
|
rdp_settings->NlaSecurity = TRUE;
|
||||||
|
rdp_settings->ExtSecurity = FALSE;
|
||||||
|
rdp_settings->VmConnectMode = TRUE;
|
||||||
|
break;
|
||||||
|
|
||||||
/* All security types */
|
/* All security types */
|
||||||
case GUAC_SECURITY_ANY:
|
case GUAC_SECURITY_ANY:
|
||||||
rdp_settings->RdpSecurity = TRUE;
|
rdp_settings->RdpSecurity = TRUE;
|
||||||
|
@ -38,6 +38,11 @@
|
|||||||
*/
|
*/
|
||||||
#define RDP_DEFAULT_PORT 3389
|
#define RDP_DEFAULT_PORT 3389
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The default RDP port used by Hyper-V "VMConnect".
|
||||||
|
*/
|
||||||
|
#define RDP_DEFAULT_VMCONNECT_PORT 2179
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Default screen width, in pixels.
|
* Default screen width, in pixels.
|
||||||
*/
|
*/
|
||||||
@ -93,6 +98,11 @@ typedef enum guac_rdp_security {
|
|||||||
*/
|
*/
|
||||||
GUAC_SECURITY_EXTENDED_NLA,
|
GUAC_SECURITY_EXTENDED_NLA,
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Negotiate security methods supported by Hyper-V's "VMConnect" feature.
|
||||||
|
*/
|
||||||
|
GUAC_SECURITY_VMCONNECT,
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Negotiate a security method supported by both server and client.
|
* Negotiate a security method supported by both server and client.
|
||||||
*/
|
*/
|
||||||
|
Loading…
Reference in New Issue
Block a user