Hi Vic, I have just pushed a fix that should address the issues mentioned, but I did not have the time to extensively test it. My Windows XP test virtual machine decided that today was its last day before it had to be activated :P I will create a new Windows XP virtual machine soon, and I am creating a Windows Server 2003 virtual machine as well to test the case where the server supports TLS + RDP, but not NLA. Windows XP is a nice case for older servers that truly have no support for TLS and NLA. For this fix, I configured my Windows Server 2008 R2 virtual machine to accept only RDP security. I tried setting it such that it would only accept TLS, but it kept accepting NLA.
The issue was that the negotiation code wouldn't explicitely kill the tcp connection and reconnect. I had to modify the negotiation code such that it does terminate the tcp connection and reconnect before attempting to negotiate something else. This is a weird way of "negotiating", but that is what mstsc.exe actually does. Normally, using the --sec option SHOULD force a certain security level, and fail if the required encryption is not negotiated. I will confirm once I get my new virtual machines set up to properly test those scenarios, but feel free to test in the meantime. On Wed, Feb 23, 2011 at 3:58 AM, Vic Lee <ll...@163.com> wrote: > Hi Marc, > > This is the only issue so far, other than that it works great. :) I can > only connect to XP and 2003 with the argument --no-tls --no-nla. If I > connect without any of the security argument, the negotiation won't work. > > 1. Previously when connecting to XP, after first TLS negotiation attempt > fails, it will downgrade to legacy RDP security and negotiation again > and succeed. > > 2. Previously when connecting to 2003, after first TLS negotiation > attempt fails, the server will force disconnect, and freerdp will > reconnect the TCP socket, use legacy RDP security and negotiation again > and succeed. > > Currently, freerdp will disconnect and quit after the first attempt > fails, in both test case. > > Thanks, > > Vic > > > > ------------------------------------------------------------------------------ > Free Software Download: Index, Search & Analyze Logs and other IT data in > Real-Time with Splunk. Collect, index and harness all the fast moving IT > data > generated by your applications, servers and devices whether physical, > virtual > or in the cloud. Deliver compliance at lower cost and gain new business > insights. http://p.sf.net/sfu/splunk-dev2dev > _______________________________________________ > Freerdp-devel mailing list > Freerdp-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/freerdp-devel >
------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
_______________________________________________ Freerdp-devel mailing list Freerdp-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freerdp-devel
