diff options
author | Martin Fleisz <martin.fleisz@thincast.com> | 2022-11-09 16:43:34 +0300 |
---|---|---|
committer | akallabeth <akallabeth@users.noreply.github.com> | 2022-11-09 17:27:11 +0300 |
commit | 1da0d63c7850275dd56a59749f51a60cf6eaabd6 (patch) | |
tree | 012ef4b34e1d23765a198e98ec205d5e2087dda6 | |
parent | ebc8cd1d4a314494dfc9c73d12507f28efb5b3f1 (diff) |
proxy: Allow NLA when using proxy smartcard authentication
Previously smartcard authentication was only supported with TLS
connections so the proxy forced that security mode.
Since we now have a working NLA smartcard auth implementation we can
remove that code and leave the correct configuration to the proxy user.
-rw-r--r-- | server/proxy/pf_client.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/server/proxy/pf_client.c b/server/proxy/pf_client.c index 7d30ad05d..cb41f6140 100644 --- a/server/proxy/pf_client.c +++ b/server/proxy/pf_client.c @@ -667,19 +667,15 @@ static void pf_client_set_security_settings(pClientContext* pc) freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, config->ClientTlsSecurity); freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, config->ClientNlaSecurity); - /* Smartcard authentication currently does not work with NLA */ if (pf_client_use_proxy_smartcard_auth(settings)) { - freerdp_settings_set_bool(settings, FreeRDP_NlaSecurity, FALSE); - freerdp_settings_set_bool(settings, FreeRDP_TlsSecurity, TRUE); + /* Smartcard authentication requires smartcard redirection to be enabled */ freerdp_settings_set_bool(settings, FreeRDP_RedirectSmartCards, TRUE); - } - - if (!config->ClientNlaSecurity) - return; - if (!settings->Username || !settings->Password) - return; + /* Reset username/domain, we will get that info later from the sc cert */ + freerdp_settings_set_string(settings, FreeRDP_Username, NULL); + freerdp_settings_set_string(settings, FreeRDP_Domain, NULL); + } } static BOOL pf_client_connect_without_nla(pClientContext* pc) |