From cc6420b037ff40a69d240dbcb8277c6b2c59d762 Mon Sep 17 00:00:00 2001
From: Bolke de Bruin <bolke@xs4all.nl>
Date: Fri, 9 Sep 2022 08:49:35 +0200
Subject: [PATCH] Fix check against disabled TLS
---
cmd/rdpgw/config/configuration.go | 14 ++++++++++++++
cmd/rdpgw/main.go | 6 +++---
2 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/cmd/rdpgw/config/configuration.go b/cmd/rdpgw/config/configuration.go
index 28b9b7a..673a9eb 100644
--- a/cmd/rdpgw/config/configuration.go
+++ b/cmd/rdpgw/config/configuration.go
@@ -11,6 +11,20 @@ import (
"strings"
)
+const (
+ TlsDisable = "disable"
+ TlsAuto = "auto"
+
+ HostSelectionSigned = "signed"
+ HostSelectionRoundRobin = "roundrobin"
+
+ SessionStoreCookie = "cookie"
+ SessionStoreFile = "file"
+
+ AuthenticationOpenId = "openid"
+ AuthenticationBasic = "local"
+)
+
type Configuration struct {
Server ServerConfig `koanf:"server"`
OpenId OpenIDConfig `koanf:"openid"`
diff --git a/cmd/rdpgw/main.go b/cmd/rdpgw/main.go
index 6a7ea82..27ed783 100644
--- a/cmd/rdpgw/main.go
+++ b/cmd/rdpgw/main.go
@@ -124,7 +124,7 @@ func main() {
log.Printf("Starting remote desktop gateway server")
cfg := &tls.Config{}
- if conf.Server.Tls == "disable" {
+ if conf.Server.Tls == config.TlsDisable {
log.Printf("TLS disabled - rdp gw connections require tls, make sure to have a terminator")
} else {
// auto config
@@ -203,7 +203,7 @@ func main() {
ServerConf: &gwConfig,
}
- if conf.Server.Authentication == "local" {
+ if conf.Server.Authentication == config.AuthenticationBasic {
h := web.BasicAuthHandler{SocketAddress: conf.Server.AuthSocket}
http.Handle("/remoteDesktopGateway/", common.EnrichContext(h.BasicAuth(gw.HandleGatewayProtocol)))
} else {
@@ -216,7 +216,7 @@ func main() {
http.Handle("/metrics", promhttp.Handler())
http.HandleFunc("/tokeninfo", web.TokenInfo)
- if conf.Server.Tls == "disabled" {
+ if conf.Server.Tls == config.TlsDisable {
err = server.ListenAndServe()
} else {
err = server.ListenAndServeTLS("", "")
--
GitLab