Modified server code to honor the negotiated settings for 1) SEC_LICENSE_ENCRYPT_SC in the security exchange PDU (which controls the encryption of license PDUs from the server to the client) and 2) ENC_SALTED_CHECKSUM in the bitmap capability set.

2014-09-18 19:38:04 -04:00 · 2014-09-18 19:38:04 -04:00 · 65d38b54be
commit 65d38b54be
parent 62f4b0be2e
1 changed files with 5 additions and 3 deletions
--- a/libfreerdp/core/connection.c
+++ b/libfreerdp/core/connection.c
@ -528,6 +528,8 @@ BOOL rdp_server_establish_keys(rdpRdp* rdp, wStream* s)
 		return FALSE;
 	}

+	rdp->do_crypt_license = (sec_flags & SEC_LICENSE_ENCRYPT_SC) != 0 ? TRUE : FALSE;
+
 	if (Stream_GetRemainingLength(s) < 4)
 		return FALSE;

@ -565,9 +567,6 @@ BOOL rdp_server_establish_keys(rdpRdp* rdp, wStream* s)

 	rdp->do_crypt = TRUE;

-	if (rdp->settings->SaltedChecksum)
-		rdp->do_secure_checksum = TRUE;
-
 	if (rdp->settings->EncryptionMethods == ENCRYPTION_METHOD_FIPS)
 	{
 		rdp->fips_encrypt = crypto_des3_encrypt_init(rdp->fips_encrypt_key, fips_ivec);
@ -1111,6 +1110,9 @@ BOOL rdp_server_accept_confirm_active(rdpRdp* rdp, wStream* s)
 	if (!rdp_recv_confirm_active(rdp, s))
 		return FALSE;

+	if (rdp->settings->SaltedChecksum)
+		rdp->do_secure_checksum = TRUE;
+
 	rdp_server_transition_to_state(rdp, CONNECTION_STATE_FINALIZATION);

 	if (!rdp_send_server_synchronize_pdu(rdp))