github/FreeRDP
7
0
Fork 0
mirror of https://github.com/FreeRDP/FreeRDP.git synced 2025-06-03 00:00:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support non-RDP security when shadow server running as Hyper-V console

Browse Source
This commit is contained in:
gpotter2 2025-05-06 22:08:53 +02:00
parent 0a10fe8ce3
commit a175640025
3 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
libfreerdp/core/connection.c
View File

@ -1525,7 +1525,11 @@ BOOL rdp_server_accept_nego(rdpRdp* rdp, wStream* s)
SelectedProtocol = nego_get_selected_protocol(nego);
status = FALSE;
if (SelectedProtocol & PROTOCOL_RDSTLS)
if (freerdp_settings_get_bool(rdp->settings, FreeRDP_VmConnectMode) &&
SelectedProtocol != PROTOCOL_RDP)
/* When behind a Hyper-V proxy, security != RDP is handled by the host. */
status = TRUE;
else if (SelectedProtocol & PROTOCOL_RDSTLS)
status = transport_accept_rdstls(rdp->transport);
else if (SelectedProtocol & PROTOCOL_HYBRID)
status = transport_accept_nla(rdp->transport);

2
server/shadow/cli/shadow.c
View File

@ -64,6 +64,8 @@ int main(int argc, char** argv)
"Remote credential guard" },
{ "restricted-admin", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
"Restricted Admin" },
{ "vmconnect", COMMAND_LINE_VALUE_FLAG | COMMAND_LINE_VALUE_BOOL, NULL, BoolValueFalse,
NULL, -1, NULL, "Hyper-V console server (bind on vsock://1)" },
{ "may-view", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,
"Clients may view without prompt" },
{ "may-interact", COMMAND_LINE_VALUE_BOOL, NULL, BoolValueTrue, NULL, -1, NULL,

8
server/shadow/shadow_server.c
View File

@ -395,6 +395,12 @@ int shadow_server_parse_command_line(rdpShadowServer* server, int argc, char** a
arg->Value ? TRUE : FALSE))
return fail_at(arg, COMMAND_LINE_ERROR);
}
CommandLineSwitchCase(arg, "vmconnect")
{
if (!freerdp_settings_set_bool(settings, FreeRDP_VmConnectMode,
arg->Value ? TRUE : FALSE))
return fail_at(arg, COMMAND_LINE_ERROR);
}
CommandLineSwitchCase(arg, "sec")
{
if (strcmp("rdp", arg->Value) == 0) /* Standard RDP */
@ -597,7 +603,7 @@ int shadow_server_parse_command_line(rdpShadowServer* server, int argc, char** a
/* If we want to disable authentication we need to ensure that NLA security
* is not activated. Only TLS and RDP security allow anonymous login.
*/
if (!server->authentication)
if (!server->authentication && !freerdp_settings_get_bool(settings, FreeRDP_VmConnectMode))
{
if (!freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE))
return COMMAND_LINE_ERROR;