Allocate space for tls_ciphers dynamically

common/xrdp_client_info.h

@@ -148,7 +148,7 @@ struct xrdp_client_info
   int max_unacknowledged_frame_count;
 
   long ssl_protocols;
-  char tls_ciphers[64];
+  char *tls_ciphers;
 
   int client_os_major;
   int client_os_minor;

docs/man/xrdp.ini.5.in

@@ -168,8 +168,8 @@ Specify send/recv buffer sizes in bytes.  The default value depends on operating
 
 .TP
 \fBtls_ciphers\fP=\fIcipher_suite\fP
-Specifies TLS cipher suite in 63 characters or less.  The format of this parameter is
-equivalent to which \fBopenssl\fP(1) ciphers subcommand accepts.
+Specifies TLS cipher suite. The format of this parameter is equivalent
+to which \fBopenssl\fP(1) ciphers subcommand accepts.
 
 (ex. $ openssl ciphers 'HIGH:!ADH:!SHA1')
 

libxrdp/xrdp_rdp.c

@@ -216,7 +216,7 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info)
         }
         else if (g_strcasecmp(item, "tls_ciphers") == 0)
         {
-            g_strcpy(client_info->tls_ciphers, value);
+            client_info->tls_ciphers = g_strdup(value);
         }
         else if (g_strcasecmp(item, "security_layer") == 0)
         {
@@ -405,6 +405,7 @@ xrdp_rdp_delete(struct xrdp_rdp *self)
 #if defined(XRDP_NEUTRINORDP)
     rfx_context_free((RFX_CONTEXT *)(self->rfx_enc));
 #endif
+    g_free(self->client_info.tls_ciphers);
     g_free(self);
 }
 

xrdp/xrdp.ini

@@ -28,7 +28,7 @@ key_file=
 ; set SSL protocols
 ; can be comma separated list of 'SSLv3', 'TLSv1', 'TLSv1.1', 'TLSv1.2'
 ssl_protocols=TLSv1, TLSv1.1, TLSv1.2
-; set TLS cipher suites (up to 63 characters)
+; set TLS cipher suites
 #tls_ciphers=HIGH
 
 ; Section name to use for automatic login if the client sends username