libxrdp: enforce server security layer when rdpNegData is not exists

2014-07-14 15:33:41 +03:00 · 2014-07-14 15:33:41 +03:00 · 5fcf6beffa
commit 5fcf6beffa
parent 4ded149eb5
1 changed files with 6 additions and 3 deletions
--- a/libxrdp/xrdp_iso.c
+++ b/libxrdp/xrdp_iso.c
@ -305,12 +305,10 @@ xrdp_iso_incoming(struct xrdp_iso *self)
        }
    }

+    int serverSecurityLayer = self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer;
    /* security layer negotiation */
    if (self->rdpNegData)
    {
-        int
-                serverSecurityLayer =
-                        self->mcs_layer->sec_layer->rdp_layer->client_info.security_layer;
        self->selectedProtocol = PROTOCOL_RDP; /* set default security layer */

        switch (serverSecurityLayer)
@ -371,6 +369,11 @@ xrdp_iso_incoming(struct xrdp_iso *self)
                self->failureCode = INCONSISTENT_FLAGS; //TODO: ?
        }
    }
+    else if (self->requestedProtocol != serverSecurityLayer)
+    {
+    	/* enforce server security */
+    	return 1;
+    }

    /* set things for tls connection */