mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix NLA authentication for server-side

Browse Source 
This patch make copies of the server public key so that the NLA
authentication can be performed server-side.
This commit is contained in:
Hardening 2014-06-03 11:04:35 +02:00
parent 0ce300125b
commit 4f1b77408a
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
libfreerdp/crypto/tls.c
View File

@ -624,9 +624,6 @@ int tls_do_handshake(rdpTls* tls, BOOL clientMode)
} }
while (TRUE); while (TRUE);
if (!clientMode)
return 1;
cert = tls_get_certificate(tls, clientMode); cert = tls_get_certificate(tls, clientMode);
if (!cert) if (!cert)
{ {
@ -648,6 +645,12 @@ int tls_do_handshake(rdpTls* tls, BOOL clientMode)
return -1; return -1;
} }
if (!clientMode)
{
/* NLA needs public keys so let's just copy the keys from the server and return now */
return 1;
}
verify_status = tls_verify_certificate(tls, cert, tls->hostname, tls->port); verify_status = tls_verify_certificate(tls, cert, tls->hostname, tls->port);
if (verify_status < 1) if (verify_status < 1)