ServerRdpSecurity = FALSE
ClientTlsSecurity = TRUE
ClientRdpSecurity = FALSE
-ClientNlaSecurity = FALSE
+ClientNlaSecurity = TRUE
+ClientAllowFallbackToTls = TRUE
[Channels]
GFX = TRUE
rdpSettings* settings = pc->context.settings;
proxyConfig* config = pc->pdata->config;
- if (!settings->NlaSecurity)
+ if (!config->ClientAllowFallbackToTls || !settings->NlaSecurity)
return FALSE;
return config->ClientTlsSecurity || config->ClientRdpSecurity;
{
pClientContext* pc = (pClientContext*)instance->context;
BOOL rc = FALSE;
+ BOOL retry = FALSE;
pf_client_set_security_settings(pc);
if (pf_client_should_retry_without_nla(pc))
- pc->allow_next_conn_failure = TRUE;
+ retry = pc->allow_next_conn_failure = TRUE;
if (!freerdp_connect(instance))
{
- WLog_ERR(TAG, "failed to connect with NLA. disabling NLA and retyring...");
+ if (!retry)
+ goto out;
+
+ WLog_ERR(TAG, "failed to connect with NLA. retrying to connect without NLA");
if (!pf_client_connect_without_nla(pc))
{
str_value = IniFile_GetKeyValueString(ini, section, key);
if (!str_value)
{
- WLog_WARN(TAG, "[%s]: key '%s.%s' not found, value defaults to false.", __FUNCTION__, key,
- section);
+ WLog_WARN(TAG, "[%s]: key '%s.%s' not found, value defaults to false.", __FUNCTION__,
+ section, key);
return FALSE;
}
config->ClientTlsSecurity = pf_config_get_bool(ini, "Security", "ClientTlsSecurity");
config->ClientNlaSecurity = pf_config_get_bool(ini, "Security", "ClientNlaSecurity");
config->ClientRdpSecurity = pf_config_get_bool(ini, "Security", "ClientRdpSecurity");
+ config->ClientAllowFallbackToTls =
+ pf_config_get_bool(ini, "Security", "ClientAllowFallbackToTls");
return TRUE;
}
CONFIG_PRINT_BOOL(config, ClientNlaSecurity);
CONFIG_PRINT_BOOL(config, ClientTlsSecurity);
CONFIG_PRINT_BOOL(config, ClientRdpSecurity);
+ CONFIG_PRINT_BOOL(config, ClientAllowFallbackToTls);
CONFIG_PRINT_SECTION("Channels");
CONFIG_PRINT_BOOL(config, GFX);