Update command line option /sec*

* Deprecate /sec-* flags
* Allow multiple arguments for /sec
This commit is contained in:
Armin Novak 2022-10-19 14:09:03 +02:00 committed by akallabeth
parent ed3bc5c51a
commit 1f6476016d
4 changed files with 46 additions and 37 deletions

View File

@ -2897,42 +2897,45 @@ int freerdp_client_settings_parse_command_line_arguments(rdpSettings* settings,
}
CommandLineSwitchCase(arg, "sec")
{
if (!arg->Value)
BOOL RdpSecurity = FALSE;
BOOL TlsSecurity = FALSE;
BOOL NlaSecurity = FALSE;
BOOL ExtSecurity = FALSE;
size_t count = 0, x;
char** ptr = CommandLineParseCommaSeparatedValues(arg->Value, &count);
if (count == 0)
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
if (strcmp("rdp", arg->Value) == 0) /* Standard RDP */
for (x = 0; x < count; x++)
{
settings->RdpSecurity = TRUE;
settings->TlsSecurity = FALSE;
settings->NlaSecurity = FALSE;
settings->ExtSecurity = FALSE;
settings->UseRdpSecurityLayer = TRUE;
}
else if (strcmp("tls", arg->Value) == 0) /* TLS */
{
settings->RdpSecurity = FALSE;
settings->TlsSecurity = TRUE;
settings->NlaSecurity = FALSE;
settings->ExtSecurity = FALSE;
}
else if (strcmp("nla", arg->Value) == 0) /* NLA */
{
settings->RdpSecurity = FALSE;
settings->TlsSecurity = FALSE;
settings->NlaSecurity = TRUE;
settings->ExtSecurity = FALSE;
}
else if (strcmp("ext", arg->Value) == 0) /* NLA Extended */
{
settings->RdpSecurity = FALSE;
settings->TlsSecurity = FALSE;
settings->NlaSecurity = FALSE;
settings->ExtSecurity = TRUE;
}
else
{
WLog_ERR(TAG, "unknown protocol security: %s", arg->Value);
const char* cur = ptr[x];
if (strcmp("rdp", cur) == 0) /* Standard RDP */
RdpSecurity = TRUE;
else if (strcmp("tls", cur) == 0) /* TLS */
TlsSecurity = TRUE;
else if (strcmp("nla", cur) == 0) /* NLA */
NlaSecurity = TRUE;
else if (strcmp("ext", cur) == 0) /* NLA Extended */
ExtSecurity = TRUE;
else
{
WLog_ERR(TAG, "unknown protocol security: %s", arg->Value);
free(ptr);
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
}
}
free(ptr);
if (!freerdp_settings_set_bool(settings, FreeRDP_UseRdpSecurityLayer, RdpSecurity))
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
if (!freerdp_settings_set_bool(settings, FreeRDP_RdpSecurity, RdpSecurity))
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
if (!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, TlsSecurity))
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, NlaSecurity))
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
if (!freerdp_settings_set_bool(settings, FreeRDP_ExtSecurity, ExtSecurity))
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
}
CommandLineSwitchCase(arg, "encryption-methods")
{
@ -2990,6 +2993,7 @@ int freerdp_client_settings_parse_command_line_arguments(rdpSettings* settings,
if (!WLog_AddStringLogFilters(arg->Value))
return COMMAND_LINE_ERROR;
}
#if defined(WITH_FREERDP_DEPRECATED)
CommandLineSwitchCase(arg, "sec-rdp")
{
settings->RdpSecurity = enable;
@ -3006,6 +3010,7 @@ int freerdp_client_settings_parse_command_line_arguments(rdpSettings* settings,
{
settings->ExtSecurity = enable;
}
#endif
CommandLineSwitchCase(arg, "tls")
{
size_t count, x;

View File

@ -329,14 +329,16 @@ static const COMMAND_LINE_ARGUMENT_A global_cmd_args[] = {
"Scaling factor for app store applications" },
{ "sec", COMMAND_LINE_VALUE_REQUIRED, "[rdp|tls|nla|ext]", NULL, NULL, -1, NULL,
"Force specific protocol security" },
#if defined(WITH_FREERDP_DEPRECATED)
{ "sec-ext", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueFalse, NULL, -1, NULL,
"NLA extended protocol security" },
"[deprecated use /sec:ext instead] NLA extended protocol security" },
{ "sec-nla", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
"NLA protocol security" },
"[deprecated use /sec:nla instead] NLA protocol security" },
{ "sec-rdp", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
"RDP protocol security" },
"[deprecated use /sec:rdp instead] RDP protocol security" },
{ "sec-tls", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
"TLS protocol security" },
"[deprecated use /sec:tls instead] TLS protocol security" },
#endif
{ "serial", COMMAND_LINE_VALUE_OPTIONAL, "<name>[,<path>[,<driver>[,permissive]]]", NULL, NULL,
-1, "tty", "Redirect serial device" },
{ "server-name", COMMAND_LINE_VALUE_REQUIRED, "<name>", NULL, NULL, -1, NULL,

View File

@ -223,7 +223,7 @@ static int testSuccess(int port)
STARTUPINFOA si = { 0 };
PROCESS_INFORMATION process = { 0 };
char arg1[] = "/v:127.0.0.1:XXXXX";
char* clientArgs[] = { "test", "/v:127.0.0.1:XXXXX", "/cert-ignore", "/rfx", NULL };
char* clientArgs[] = { "test", "/v:127.0.0.1:XXXXX", "/cert:ignore", "/rfx", NULL };
char* commandLine = NULL;
size_t commandLineLen;
int argc = 4;

View File

@ -158,6 +158,7 @@ int TestCmdLine(int argc, char* argv[])
"protocol security negotiation" },
{ "sec", COMMAND_LINE_VALUE_REQUIRED, NULL, NULL, NULL, -1, NULL,
"force specific protocol security" },
#if defined(WITH_FREERDP_DEPRECATED)
{ "sec-rdp", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
"rdp protocol security" },
{ "sec-tls", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
@ -170,6 +171,7 @@ int TestCmdLine(int argc, char* argv[])
"certificate name" },
{ "cert-ignore", COMMAND_LINE_VALUE_FLAG, NULL, NULL, NULL, -1, NULL,
"ignore certificate" },
#endif
{ "valuelist", COMMAND_LINE_VALUE_REQUIRED, "<val1>,<val2>", NULL, NULL, -1, NULL,
"List of comma separated values." },
{ "valuelist-empty", COMMAND_LINE_VALUE_REQUIRED, "<val1>,<val2>", NULL, NULL, -1, NULL,