[PATCH 2/2] RDP compositor: enforce certificate and key
Hardening
rdp.effort at gmail.com
Thu May 21 00:03:49 PDT 2015
Le 21/05/2015 09:02, Pekka Paalanen a écrit :
> On Tue, 19 May 2015 10:07:40 +0200
> David FORT <rdp.effort at gmail.com> wrote:
>
>> The RDP compositor is usable without certificates and key in a very limited
>> number of cases (local usage using xfreerdp), so let's force the presence of
>> keys and certificates.
>> ---
>> src/compositor-rdp.c | 6 ++++++
>> 1 file changed, 6 insertions(+)
>>
>> diff --git a/src/compositor-rdp.c b/src/compositor-rdp.c
>> index f1dcda0..261fa4b 100644
>> --- a/src/compositor-rdp.c
>> +++ b/src/compositor-rdp.c
>> @@ -1278,5 +1278,11 @@ backend_init(struct wl_display *display, int *argc, char *argv[],
>> };
>>
>> parse_options(rdp_options, ARRAY_LENGTH(rdp_options), argc, argv);
>> + if (!config.rdp_key && (!config.server_cert || !config.server_key)) {
>> + weston_log("the RDP compositor requires keys and an optional certificate for RDP or TLS security ("
>> + "--rdp4-key or --rdp-tls-cert/--rdp-tls-key)\n");
>> + return NULL;
>> + }
>> +
>> return rdp_compositor_create(display, &config, argc, argv, wconfig);
>> }
>
> Hi,
>
> do you want to push this one with my Acked-by already given before RC2
> comes out tomorrow? I'd recommend it. :-)
>
Nice, I was about to send a mail in that sense.
--
David FORT
website: http://www.hardening-consulting.com/
More information about the wayland-devel
mailing list