Merge pull request #4596 from p-pautov/rdg_ssl_fixes
RDG related fixes for better compatibility with mstsc
This commit is contained in:
commit
296b19e172
3
client/common/file.c
Normal file → Executable file
3
client/common/file.c
Normal file → Executable file
@ -855,8 +855,7 @@ BOOL freerdp_client_populate_settings_from_rdp_file(rdpFile* file, rdpSettings*
|
|||||||
* 2: If server authentication fails, show a warning and allow me to connect or refuse the connection (Warn me).
|
* 2: If server authentication fails, show a warning and allow me to connect or refuse the connection (Warn me).
|
||||||
* 3: No authentication requirement is specified.
|
* 3: No authentication requirement is specified.
|
||||||
*/
|
*/
|
||||||
freerdp_set_param_bool(settings, FreeRDP_IgnoreCertificate,
|
settings->AuthenticationLevel = file->AuthenticationLevel;
|
||||||
(file->AuthenticationLevel == 0) ? TRUE : FALSE);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (~file->ConnectionType)
|
if (~file->ConnectionType)
|
||||||
|
@ -734,7 +734,7 @@ static BOOL rdg_tls_connect(rdpRdg* rdg, rdpTls* tls, const char* peerAddress, i
|
|||||||
}
|
}
|
||||||
|
|
||||||
static BOOL rdg_establish_data_connection(rdpRdg* rdg, rdpTls* tls,
|
static BOOL rdg_establish_data_connection(rdpRdg* rdg, rdpTls* tls,
|
||||||
const char* method, const char* peerAddress, int timeout)
|
const char* method, const char* peerAddress, int timeout, BOOL* rpcFallback)
|
||||||
{
|
{
|
||||||
HttpResponse* response = NULL;
|
HttpResponse* response = NULL;
|
||||||
int statusCode;
|
int statusCode;
|
||||||
@ -755,6 +755,14 @@ static BOOL rdg_establish_data_connection(rdpRdg* rdg, rdpTls* tls,
|
|||||||
if (!response)
|
if (!response)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
|
if (response->StatusCode == HTTP_STATUS_NOT_FOUND)
|
||||||
|
{
|
||||||
|
WLog_INFO(TAG, "RD Gateway does not support HTTP transport.");
|
||||||
|
if (rpcFallback) *rpcFallback = TRUE;
|
||||||
|
http_response_free(response);
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
if (!rdg_handle_ntlm_challenge(rdg->ntlm, response))
|
if (!rdg_handle_ntlm_challenge(rdg->ntlm, response))
|
||||||
{
|
{
|
||||||
http_response_free(response);
|
http_response_free(response);
|
||||||
@ -825,7 +833,7 @@ static BOOL rdg_tunnel_connect(rdpRdg* rdg)
|
|||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
BOOL rdg_connect(rdpRdg* rdg, const char* hostname, UINT16 port, int timeout)
|
BOOL rdg_connect(rdpRdg* rdg, int timeout, BOOL* rpcFallback)
|
||||||
{
|
{
|
||||||
BOOL status;
|
BOOL status;
|
||||||
int outConnSocket = 0;
|
int outConnSocket = 0;
|
||||||
@ -833,7 +841,7 @@ BOOL rdg_connect(rdpRdg* rdg, const char* hostname, UINT16 port, int timeout)
|
|||||||
assert(rdg != NULL);
|
assert(rdg != NULL);
|
||||||
|
|
||||||
status = rdg_establish_data_connection(
|
status = rdg_establish_data_connection(
|
||||||
rdg, rdg->tlsOut, "RDG_OUT_DATA", NULL, timeout);
|
rdg, rdg->tlsOut, "RDG_OUT_DATA", NULL, timeout, rpcFallback);
|
||||||
|
|
||||||
if (status)
|
if (status)
|
||||||
{
|
{
|
||||||
@ -844,7 +852,7 @@ BOOL rdg_connect(rdpRdg* rdg, const char* hostname, UINT16 port, int timeout)
|
|||||||
peerAddress = freerdp_tcp_get_peer_address(outConnSocket);
|
peerAddress = freerdp_tcp_get_peer_address(outConnSocket);
|
||||||
|
|
||||||
status = rdg_establish_data_connection(
|
status = rdg_establish_data_connection(
|
||||||
rdg, rdg->tlsIn, "RDG_IN_DATA", peerAddress, timeout);
|
rdg, rdg->tlsIn, "RDG_IN_DATA", peerAddress, timeout, NULL);
|
||||||
|
|
||||||
free(peerAddress);
|
free(peerAddress);
|
||||||
}
|
}
|
||||||
|
@ -138,8 +138,7 @@ struct rdp_rdg
|
|||||||
FREERDP_LOCAL rdpRdg* rdg_new(rdpTransport* transport);
|
FREERDP_LOCAL rdpRdg* rdg_new(rdpTransport* transport);
|
||||||
FREERDP_LOCAL void rdg_free(rdpRdg* rdg);
|
FREERDP_LOCAL void rdg_free(rdpRdg* rdg);
|
||||||
|
|
||||||
FREERDP_LOCAL BOOL rdg_connect(rdpRdg* rdg, const char* hostname, UINT16 port,
|
FREERDP_LOCAL BOOL rdg_connect(rdpRdg* rdg, int timeout, BOOL* rpcFallback);
|
||||||
int timeout);
|
|
||||||
FREERDP_LOCAL DWORD rdg_get_event_handles(rdpRdg* rdg, HANDLE* events,
|
FREERDP_LOCAL DWORD rdg_get_event_handles(rdpRdg* rdg, HANDLE* events,
|
||||||
DWORD count);
|
DWORD count);
|
||||||
|
|
||||||
|
5
libfreerdp/core/transport.c
Normal file → Executable file
5
libfreerdp/core/transport.c
Normal file → Executable file
@ -354,6 +354,7 @@ BOOL transport_connect(rdpTransport* transport, const char* hostname,
|
|||||||
BOOL status = FALSE;
|
BOOL status = FALSE;
|
||||||
rdpSettings* settings = transport->settings;
|
rdpSettings* settings = transport->settings;
|
||||||
rdpContext* context = transport->context;
|
rdpContext* context = transport->context;
|
||||||
|
BOOL rpcFallback = !settings->GatewayHttpTransport;
|
||||||
transport->async = settings->AsyncTransport;
|
transport->async = settings->AsyncTransport;
|
||||||
|
|
||||||
if (transport->GatewayEnabled)
|
if (transport->GatewayEnabled)
|
||||||
@ -365,7 +366,7 @@ BOOL transport_connect(rdpTransport* transport, const char* hostname,
|
|||||||
if (!transport->rdg)
|
if (!transport->rdg)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
status = rdg_connect(transport->rdg, hostname, port, timeout);
|
status = rdg_connect(transport->rdg, timeout, &rpcFallback);
|
||||||
|
|
||||||
if (status)
|
if (status)
|
||||||
{
|
{
|
||||||
@ -381,7 +382,7 @@ BOOL transport_connect(rdpTransport* transport, const char* hostname,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!status && settings->GatewayRpcTransport)
|
if (!status && settings->GatewayRpcTransport && rpcFallback)
|
||||||
{
|
{
|
||||||
transport->tsg = tsg_new(transport);
|
transport->tsg = tsg_new(transport);
|
||||||
|
|
||||||
|
@ -78,12 +78,6 @@ struct _BIO_RDP_TLS
|
|||||||
};
|
};
|
||||||
typedef struct _BIO_RDP_TLS BIO_RDP_TLS;
|
typedef struct _BIO_RDP_TLS BIO_RDP_TLS;
|
||||||
|
|
||||||
static long bio_rdp_tls_callback(BIO* bio, int mode, const char* argp, int argi,
|
|
||||||
long argl, long ret)
|
|
||||||
{
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int bio_rdp_tls_write(BIO* bio, const char* buf, int size)
|
static int bio_rdp_tls_write(BIO* bio, const char* buf, int size)
|
||||||
{
|
{
|
||||||
int error;
|
int error;
|
||||||
@ -1052,21 +1046,6 @@ BOOL tls_send_alert(rdpTls* tls)
|
|||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
static BIO* findBufferedBio(BIO* front)
|
|
||||||
{
|
|
||||||
BIO* ret = front;
|
|
||||||
|
|
||||||
while (ret)
|
|
||||||
{
|
|
||||||
if (BIO_method_type(ret) == BIO_TYPE_BUFFERED)
|
|
||||||
return ret;
|
|
||||||
|
|
||||||
ret = BIO_next(ret);
|
|
||||||
}
|
|
||||||
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
int tls_write_all(rdpTls* tls, const BYTE* data, int length)
|
int tls_write_all(rdpTls* tls, const BYTE* data, int length)
|
||||||
{
|
{
|
||||||
int status;
|
int status;
|
||||||
@ -1245,8 +1224,11 @@ int tls_verify_certificate(rdpTls* tls, CryptoCert cert, char* hostname,
|
|||||||
if (tls->settings->IgnoreCertificate)
|
if (tls->settings->IgnoreCertificate)
|
||||||
return 1; /* success! */
|
return 1; /* success! */
|
||||||
|
|
||||||
|
if (!tls->isGatewayTransport && tls->settings->AuthenticationLevel == 0)
|
||||||
|
return 1; /* success! */
|
||||||
|
|
||||||
/* if user explicitly specified a certificate name, use it instead of the hostname */
|
/* if user explicitly specified a certificate name, use it instead of the hostname */
|
||||||
if (tls->settings->CertificateName)
|
if (!tls->isGatewayTransport && tls->settings->CertificateName)
|
||||||
hostname = tls->settings->CertificateName;
|
hostname = tls->settings->CertificateName;
|
||||||
|
|
||||||
/* attempt verification using OpenSSL and the ~/.freerdp/certs certificate store */
|
/* attempt verification using OpenSSL and the ~/.freerdp/certs certificate store */
|
||||||
|
Loading…
Reference in New Issue
Block a user