diff --git a/common/xrdp_client_info.h b/common/xrdp_client_info.h index 6536db48..7a7aed92 100644 --- a/common/xrdp_client_info.h +++ b/common/xrdp_client_info.h @@ -106,7 +106,7 @@ struct xrdp_client_info char client_addr[256]; char client_port[256]; - int nego_sec_layer; /* 0, 1, 2 = RDP security layer, TLS , Negotiate */ + int security_layer; /* 0 = rdp, 1 = tls , 2 = hybrid */ int multimon; /* 0 = deny , 1 = allow */ int monitorCount; /* number of monitors detected (max = 16) */ struct monitor_info minfo[16]; /* client monitor data */ diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c index e63e6f58..13c72a6d 100644 --- a/libxrdp/xrdp_rdp.c +++ b/libxrdp/xrdp_rdp.c @@ -156,6 +156,28 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info) client_info->use_fast_path = 0; } } + else if (g_strcasecmp(item, "security_layer") == 0) + { + if (g_strcasecmp(value, "rdp") == 0) + { + client_info->security_layer = 1; + } + else if (g_strcasecmp(value, "tls") == 0) + { + client_info->security_layer = 2; + } + else if (g_strcasecmp(value, "hybrid") == 0) + { + client_info->security_layer = 3; + } + else + { + log_message(LOG_LEVEL_ALWAYS,"Warning: Your configured security layer is" + "undefined, xrdp will negotiate client compatible"); + client_info->security_layer = -1; + } + } + } list_delete(items); diff --git a/xrdp/xrdp.ini b/xrdp/xrdp.ini index c40f8165..5b86d4c2 100644 --- a/xrdp/xrdp.ini +++ b/xrdp/xrdp.ini @@ -6,6 +6,7 @@ bitmap_cache=yes bitmap_compression=yes port=3389 crypt_level=high +security_layer=rdp allow_channels=true max_bpp=32 fork=yes @@ -46,7 +47,6 @@ bulk_compression=yes # You can set the PAM error text in a gateway setup (MAX 256 chars) #pamerrortxt=change your password according to policy at http://url new_cursors=yes -#nego_sec_layer=0 allow_multimon=true # fastpath - can be set to input / output / both / none