Update command line option /sec*

* Deprecate /sec-* flags
* Allow multiple arguments for /sec
This commit is contained in:
Armin Novak 2022-10-19 14:09:03 +02:00 committed by akallabeth
parent ed3bc5c51a
commit 1f6476016d
4 changed files with 46 additions and 37 deletions

View File

@ -2897,43 +2897,46 @@ int freerdp_client_settings_parse_command_line_arguments(rdpSettings* settings,
} }
CommandLineSwitchCase(arg, "sec") CommandLineSwitchCase(arg, "sec")
{ {
if (!arg->Value) BOOL RdpSecurity = FALSE;
BOOL TlsSecurity = FALSE;
BOOL NlaSecurity = FALSE;
BOOL ExtSecurity = FALSE;
size_t count = 0, x;
char** ptr = CommandLineParseCommaSeparatedValues(arg->Value, &count);
if (count == 0)
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE; return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
if (strcmp("rdp", arg->Value) == 0) /* Standard RDP */ for (x = 0; x < count; x++)
{ {
settings->RdpSecurity = TRUE; const char* cur = ptr[x];
settings->TlsSecurity = FALSE; if (strcmp("rdp", cur) == 0) /* Standard RDP */
settings->NlaSecurity = FALSE; RdpSecurity = TRUE;
settings->ExtSecurity = FALSE; else if (strcmp("tls", cur) == 0) /* TLS */
settings->UseRdpSecurityLayer = TRUE; TlsSecurity = TRUE;
} else if (strcmp("nla", cur) == 0) /* NLA */
else if (strcmp("tls", arg->Value) == 0) /* TLS */ NlaSecurity = TRUE;
{ else if (strcmp("ext", cur) == 0) /* NLA Extended */
settings->RdpSecurity = FALSE; ExtSecurity = TRUE;
settings->TlsSecurity = TRUE;
settings->NlaSecurity = FALSE;
settings->ExtSecurity = FALSE;
}
else if (strcmp("nla", arg->Value) == 0) /* NLA */
{
settings->RdpSecurity = FALSE;
settings->TlsSecurity = FALSE;
settings->NlaSecurity = TRUE;
settings->ExtSecurity = FALSE;
}
else if (strcmp("ext", arg->Value) == 0) /* NLA Extended */
{
settings->RdpSecurity = FALSE;
settings->TlsSecurity = FALSE;
settings->NlaSecurity = FALSE;
settings->ExtSecurity = TRUE;
}
else else
{ {
WLog_ERR(TAG, "unknown protocol security: %s", arg->Value); WLog_ERR(TAG, "unknown protocol security: %s", arg->Value);
free(ptr);
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
} }
} }
free(ptr);
if (!freerdp_settings_set_bool(settings, FreeRDP_UseRdpSecurityLayer, RdpSecurity))
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
if (!freerdp_settings_set_bool(settings, FreeRDP_RdpSecurity, RdpSecurity))
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
if (!freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, TlsSecurity))
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, NlaSecurity))
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
if (!freerdp_settings_set_bool(settings, FreeRDP_ExtSecurity, ExtSecurity))
return COMMAND_LINE_ERROR_UNEXPECTED_VALUE;
}
CommandLineSwitchCase(arg, "encryption-methods") CommandLineSwitchCase(arg, "encryption-methods")
{ {
if (arg->Flags & COMMAND_LINE_VALUE_PRESENT) if (arg->Flags & COMMAND_LINE_VALUE_PRESENT)
@ -2990,6 +2993,7 @@ int freerdp_client_settings_parse_command_line_arguments(rdpSettings* settings,
if (!WLog_AddStringLogFilters(arg->Value)) if (!WLog_AddStringLogFilters(arg->Value))
return COMMAND_LINE_ERROR; return COMMAND_LINE_ERROR;
} }
#if defined(WITH_FREERDP_DEPRECATED)
CommandLineSwitchCase(arg, "sec-rdp") CommandLineSwitchCase(arg, "sec-rdp")
{ {
settings->RdpSecurity = enable; settings->RdpSecurity = enable;
@ -3006,6 +3010,7 @@ int freerdp_client_settings_parse_command_line_arguments(rdpSettings* settings,
{ {
settings->ExtSecurity = enable; settings->ExtSecurity = enable;
} }
#endif
CommandLineSwitchCase(arg, "tls") CommandLineSwitchCase(arg, "tls")
{ {
size_t count, x; size_t count, x;

View File

@ -329,14 +329,16 @@ static const COMMAND_LINE_ARGUMENT_A global_cmd_args[] = {
"Scaling factor for app store applications" }, "Scaling factor for app store applications" },
{ "sec", COMMAND_LINE_VALUE_REQUIRED, "[rdp|tls|nla|ext]", NULL, NULL, -1, NULL, { "sec", COMMAND_LINE_VALUE_REQUIRED, "[rdp|tls|nla|ext]", NULL, NULL, -1, NULL,
"Force specific protocol security" }, "Force specific protocol security" },
#if defined(WITH_FREERDP_DEPRECATED)
{ "sec-ext", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueFalse, NULL, -1, NULL, { "sec-ext", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueFalse, NULL, -1, NULL,
"NLA extended protocol security" }, "[deprecated use /sec:ext instead] NLA extended protocol security" },
{ "sec-nla", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL, { "sec-nla", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
"NLA protocol security" }, "[deprecated use /sec:nla instead] NLA protocol security" },
{ "sec-rdp", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL, { "sec-rdp", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
"RDP protocol security" }, "[deprecated use /sec:rdp instead] RDP protocol security" },
{ "sec-tls", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL, { "sec-tls", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
"TLS protocol security" }, "[deprecated use /sec:tls instead] TLS protocol security" },
#endif
{ "serial", COMMAND_LINE_VALUE_OPTIONAL, "<name>[,<path>[,<driver>[,permissive]]]", NULL, NULL, { "serial", COMMAND_LINE_VALUE_OPTIONAL, "<name>[,<path>[,<driver>[,permissive]]]", NULL, NULL,
-1, "tty", "Redirect serial device" }, -1, "tty", "Redirect serial device" },
{ "server-name", COMMAND_LINE_VALUE_REQUIRED, "<name>", NULL, NULL, -1, NULL, { "server-name", COMMAND_LINE_VALUE_REQUIRED, "<name>", NULL, NULL, -1, NULL,

View File

@ -223,7 +223,7 @@ static int testSuccess(int port)
STARTUPINFOA si = { 0 }; STARTUPINFOA si = { 0 };
PROCESS_INFORMATION process = { 0 }; PROCESS_INFORMATION process = { 0 };
char arg1[] = "/v:127.0.0.1:XXXXX"; char arg1[] = "/v:127.0.0.1:XXXXX";
char* clientArgs[] = { "test", "/v:127.0.0.1:XXXXX", "/cert-ignore", "/rfx", NULL }; char* clientArgs[] = { "test", "/v:127.0.0.1:XXXXX", "/cert:ignore", "/rfx", NULL };
char* commandLine = NULL; char* commandLine = NULL;
size_t commandLineLen; size_t commandLineLen;
int argc = 4; int argc = 4;

View File

@ -158,6 +158,7 @@ int TestCmdLine(int argc, char* argv[])
"protocol security negotiation" }, "protocol security negotiation" },
{ "sec", COMMAND_LINE_VALUE_REQUIRED, NULL, NULL, NULL, -1, NULL, { "sec", COMMAND_LINE_VALUE_REQUIRED, NULL, NULL, NULL, -1, NULL,
"force specific protocol security" }, "force specific protocol security" },
#if defined(WITH_FREERDP_DEPRECATED)
{ "sec-rdp", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL, { "sec-rdp", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
"rdp protocol security" }, "rdp protocol security" },
{ "sec-tls", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL, { "sec-tls", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
@ -170,6 +171,7 @@ int TestCmdLine(int argc, char* argv[])
"certificate name" }, "certificate name" },
{ "cert-ignore", COMMAND_LINE_VALUE_FLAG, NULL, NULL, NULL, -1, NULL, { "cert-ignore", COMMAND_LINE_VALUE_FLAG, NULL, NULL, NULL, -1, NULL,
"ignore certificate" }, "ignore certificate" },
#endif
{ "valuelist", COMMAND_LINE_VALUE_REQUIRED, "<val1>,<val2>", NULL, NULL, -1, NULL, { "valuelist", COMMAND_LINE_VALUE_REQUIRED, "<val1>,<val2>", NULL, NULL, -1, NULL,
"List of comma separated values." }, "List of comma separated values." },
{ "valuelist-empty", COMMAND_LINE_VALUE_REQUIRED, "<val1>,<val2>", NULL, NULL, -1, NULL, { "valuelist-empty", COMMAND_LINE_VALUE_REQUIRED, "<val1>,<val2>", NULL, NULL, -1, NULL,