Apply "authentication level" RDP property only to non-RDG connections (as mstsc does).

diff --git a/client/common/file.c b/client/common/file.c
old mode 100644 (file)
new mode 100755 (executable)
index ed43264..3ff7277
--- a/client/common/file.c
+++ b/client/common/file.c
@@ -855,8 +855,7 @@ BOOL freerdp_client_populate_settings_from_rdp_file(rdpFile* file, rdpSettings*
                 * 2: If server authentication fails, show a warning and allow me to connect or refuse the connection (Warn me).
                 * 3: No authentication requirement is specified.
                 */
-               freerdp_set_param_bool(settings, FreeRDP_IgnoreCertificate,
-                                      (file->AuthenticationLevel == 0) ? TRUE : FALSE);
+               settings->AuthenticationLevel = file->AuthenticationLevel;
        }
 
        if (~file->ConnectionType)

diff --git a/libfreerdp/crypto/tls.c b/libfreerdp/crypto/tls.c
index 8e2c68c..6e75f44 100644 (file)
--- a/libfreerdp/crypto/tls.c
+++ b/libfreerdp/crypto/tls.c
@@ -1245,6 +1245,9 @@ int tls_verify_certificate(rdpTls* tls, CryptoCert cert, char* hostname,
        if (tls->settings->IgnoreCertificate)
                return 1;  /* success! */
 
+       if (!tls->isGatewayTransport && tls->settings->AuthenticationLevel == 0)
+               return 1;  /* success! */
+
        /* if user explicitly specified a certificate name, use it instead of the hostname */
        if (!tls->isGatewayTransport && tls->settings->CertificateName)
                hostname = tls->settings->CertificateName;