return FALSE;
}
+static BOOL is_redirected(rdpTls* tls)
+{
+ rdpSettings* settings = tls->settings;
+
+ if (LB_NOREDIRECT & settings->RedirectionFlags)
+ return FALSE;
+
+ return settings->RedirectionFlags != 0;
+}
+
static BOOL is_accepted(rdpTls* tls, const BYTE* pem, size_t length)
{
rdpSettings* settings = tls->settings;
AccpetedKey = settings->GatewayAcceptedCert;
AcceptedKeyLength = settings->GatewayAcceptedCertLength;
}
- else if (settings->RedirectionFlags != 0)
+ else if (is_redirected(tls))
{
AccpetedKey = settings->RedirectionAcceptedCert;
AcceptedKeyLength = settings->RedirectionAcceptedCertLength;
settings->GatewayAcceptedCert = NULL;
settings->GatewayAcceptedCertLength = 0;
}
- else if (settings->RedirectionFlags != 0)
+ else if (is_redirected(tls))
{
free(settings->RedirectionAcceptedCert);
settings->RedirectionAcceptedCert = NULL;
settings->GatewayAcceptedCert = pem;
settings->GatewayAcceptedCertLength = length;
}
- else if (settings->RedirectionFlags != 0)
+ else if (is_redirected(tls))
{
settings->RedirectionAcceptedCert = pem;
settings->RedirectionAcceptedCertLength = length;
if (instance->VerifyX509Certificate)
status = instance->VerifyX509Certificate(instance, pemCert, length, hostname,
- port, tls->isGatewayTransport);
+ port, tls->isGatewayTransport | is_redirected(tls) ? 2 : 0);
else
WLog_ERR(TAG, "No VerifyX509Certificate callback registered!");