github/FreeRDP
7
0
Fork 0
mirror of https://github.com/FreeRDP/FreeRDP.git synced 2025-06-03 00:00:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Accept both TLSv1 and SSLv3 as a server.

Browse Source 
This fixes SSL connections from Microsoft RDC for Mac OS X to FreeRDP server.
This commit is contained in:
Pawel Jakub Dawidek 2012-02-23 00:38:52 +01:00 committed by Anthony Tong
parent 78a4aa83c4
commit a46154e231
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libfreerdp-core/tls.c
View File

@ -73,7 +73,7 @@ boolean tls_accept(rdpTls* tls, const char* cert_file, const char* privatekey_fi
{ {
int connection_status; int connection_status;
tls->ctx = SSL_CTX_new(TLSv1_server_method()); tls->ctx = SSL_CTX_new(SSLv23_server_method());
if (tls->ctx == NULL) if (tls->ctx == NULL)
{ {
@ -81,6 +81,12 @@ boolean tls_accept(rdpTls* tls, const char* cert_file, const char* privatekey_fi
return false; return false;
} }
/*
* We only want SSLv3 and TLSv1, so disable SSLv2.
* SSLv3 is used by, eg. Microsoft RDC for Mac OS X.
*/
SSL_CTX_set_options(tls->ctx, SSL_OP_NO_SSLv2);
if (SSL_CTX_use_RSAPrivateKey_file(tls->ctx, privatekey_file, SSL_FILETYPE_PEM) <= 0) if (SSL_CTX_use_RSAPrivateKey_file(tls->ctx, privatekey_file, SSL_FILETYPE_PEM) <= 0)
{ {
printf("SSL_CTX_use_RSAPrivateKey_file failed\n"); printf("SSL_CTX_use_RSAPrivateKey_file failed\n");