521
521
boolean nego_send_negotiation_response(rdpNego* nego)
524
rdpSettings* settings;
530
settings = nego->transport->settings;
527
532
s = transport_send_stream_init(nego->transport, 256);
528
533
length = TPDU_CONNECTION_CONFIRM_LENGTH;
538
543
stream_write_uint32(s, nego->selected_protocol); /* selectedProtocol */
546
else if (!settings->rdp_security)
548
stream_write_uint8(s, TYPE_RDP_NEG_FAILURE);
549
stream_write_uint8(s, 0); /* flags */
550
stream_write_uint16(s, 8); /* RDP_NEG_DATA length (8) */
552
* TODO: Check for other possibilities,
553
* like SSL_NOT_ALLOWED_BY_SERVER.
555
printf("nego_send_negotiation_response: client supports only Standard RDP Security\n");
556
stream_write_uint32(s, SSL_REQUIRED_BY_SERVER);
542
561
stream_get_mark(s, em);
543
562
stream_set_mark(s, bm);
548
567
if (transport_write(nego->transport, s) < 0)
551
/* update settings with negotiated protocol security */
552
nego->transport->settings->requested_protocols = nego->requested_protocols;
553
nego->transport->settings->selected_protocol = nego->selected_protocol;
572
/* update settings with negotiated protocol security */
573
settings->requested_protocols = nego->requested_protocols;
574
settings->selected_protocol = nego->selected_protocol;
576
if (settings->selected_protocol == PROTOCOL_RDP)
578
settings->tls_security = false;
579
settings->nla_security = false;
580
settings->rdp_security = true;
581
settings->encryption = true;
582
settings->encryption_method = ENCRYPTION_METHOD_40BIT | ENCRYPTION_METHOD_128BIT | ENCRYPTION_METHOD_FIPS;
583
settings->encryption_level = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE;
585
else if (settings->selected_protocol == PROTOCOL_TLS)
587
settings->tls_security = true;
588
settings->nla_security = false;
589
settings->rdp_security = false;
590
settings->encryption = false;
591
settings->encryption_method = ENCRYPTION_METHOD_NONE;
592
settings->encryption_level = ENCRYPTION_LEVEL_NONE;
594
else if (settings->selected_protocol == PROTOCOL_NLA)
596
settings->tls_security = true;
597
settings->nla_security = true;
598
settings->rdp_security = false;
599
settings->encryption = false;
600
settings->encryption_method = ENCRYPTION_METHOD_NONE;
601
settings->encryption_level = ENCRYPTION_LEVEL_NONE;