fix_nla-8cd156a-backport.patch 1.45 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
From: Bernhard Miklautz <bernhard.miklautz@thincast.com>
Date: Wed, 14 Mar 2018 13:39:23 +0100
Subject: [PATCH] fix nla: don't use server version

FreeRDP currently only supports CredSSP protocol version 3. However the
current implementation always sent back the version received by the
server indicating that this version was supported.
With recent windows updates applied the protocol changed and this approach
doesn't work anymore (see
https://msdn.microsoft.com/en-us/library/mt752485.aspx for protocol changes).

With this fix FreeRDP always sends version 3 as supported version.

Credit goes to @mfleisz.

Fixes #4449

(patch above adjusted to apply on top of FreeRDP-2.0.0-rc1)
---
 libfreerdp/core/nla.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libfreerdp/core/nla.c b/trunk/src/FreeRDP-2.0.0-rc1/libfreerdp/core/nla.c
index 47e0870..4bfcf7e 100644
--- a/libfreerdp/core/nla.c
+++ b/libfreerdp/core/nla.c
@@ -1663,14 +1663,17 @@ BOOL nla_send(rdpNla* nla)
 static int nla_decode_ts_request(rdpNla* nla, wStream* s)
 {
 	int length;
+	UINT32 version = 0;
 
 	/* TSRequest */
 	if (!ber_read_sequence_tag(s, &length) ||
 	    !ber_read_contextual_tag(s, 0, &length, TRUE) ||
-	    !ber_read_integer(s, &nla->version))
+	    !ber_read_integer(s, &version))
 	{
 		return -1;
 	}
+	if (version < nla->version)
+		nla->version = version;
 
 	/* [1] negoTokens (NegoData) */
 	if (ber_read_contextual_tag(s, 1, &length, TRUE) != FALSE)
-- 
2.16.2