From: Bernhard Miklautz Date: Wed, 14 Mar 2018 13:39:23 +0100 Subject: [PATCH] fix nla: don't use server version FreeRDP currently only supports CredSSP protocol version 3. However the current implementation always sent back the version received by the server indicating that this version was supported. With recent windows updates applied the protocol changed and this approach doesn't work anymore (see https://msdn.microsoft.com/en-us/library/mt752485.aspx for protocol changes). With this fix FreeRDP always sends version 3 as supported version. Credit goes to @mfleisz. Fixes #4449 (patch above adjusted to apply on top of FreeRDP-2.0.0-rc1) --- libfreerdp/core/nla.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libfreerdp/core/nla.c b/trunk/src/FreeRDP-2.0.0-rc1/libfreerdp/core/nla.c index 47e0870..4bfcf7e 100644 --- a/libfreerdp/core/nla.c +++ b/libfreerdp/core/nla.c @@ -1663,14 +1663,17 @@ BOOL nla_send(rdpNla* nla) static int nla_decode_ts_request(rdpNla* nla, wStream* s) { int length; + UINT32 version = 0; /* TSRequest */ if (!ber_read_sequence_tag(s, &length) || !ber_read_contextual_tag(s, 0, &length, TRUE) || - !ber_read_integer(s, &nla->version)) + !ber_read_integer(s, &version)) { return -1; } + if (version < nla->version) + nla->version = version; /* [1] negoTokens (NegoData) */ if (ber_read_contextual_tag(s, 1, &length, TRUE) != FALSE) -- 2.16.2