Fix NLA authentication for server-side

This patch make copies of the server public key so that the NLA
authentication can be performed server-side.
This commit is contained in:
Hardening 2014-06-03 11:04:35 +02:00
parent 0ce300125b
commit 4f1b77408a

View File

@ -624,9 +624,6 @@ int tls_do_handshake(rdpTls* tls, BOOL clientMode)
}
while (TRUE);
if (!clientMode)
return 1;
cert = tls_get_certificate(tls, clientMode);
if (!cert)
{
@ -648,6 +645,12 @@ int tls_do_handshake(rdpTls* tls, BOOL clientMode)
return -1;
}
if (!clientMode)
{
/* NLA needs public keys so let's just copy the keys from the server and return now */
return 1;
}
verify_status = tls_verify_certificate(tls, cert, tls->hostname, tls->port);
if (verify_status < 1)