From d3c36b03761380f173ca691afb39e82179af11a9 Mon Sep 17 00:00:00 2001 From: Pavel Roskin Date: Mon, 28 Nov 2016 00:12:01 -0800 Subject: [PATCH] Don't select SSL protocol if no keys, fall back to RDP for "hybrid" If both the client and the server are configured to allow both RDP and SSL connections, the server is free to choose RDP in absense of the SSL keys. --- libxrdp/xrdp_iso.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libxrdp/xrdp_iso.c b/libxrdp/xrdp_iso.c index b903bb4d..b89e1616 100644 --- a/libxrdp/xrdp_iso.c +++ b/libxrdp/xrdp_iso.c @@ -98,7 +98,9 @@ xrdp_iso_negotiate_security(struct xrdp_iso *self) case PROTOCOL_HYBRID: case PROTOCOL_HYBRID_EX: default: - if (self->requestedProtocol & PROTOCOL_SSL) + if ((self->requestedProtocol & PROTOCOL_SSL) && + g_file_exist(client_info->certificate) && + g_file_exist(client_info->key_file)) { /* that's a patch since we don't support CredSSP for now */ self->selectedProtocol = PROTOCOL_SSL;