Implement RDP signing functionality with configuration options for ce…#164
Closed
aschumann-virtualcable wants to merge 1 commit intomstsc-rdp-fixfrom
Closed
Implement RDP signing functionality with configuration options for ce…#164aschumann-virtualcable wants to merge 1 commit intomstsc-rdp-fixfrom
aschumann-virtualcable wants to merge 1 commit intomstsc-rdp-fixfrom
Conversation
…rtificate and key
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request implements secure server-side signing of RDP files using a configured certificate, enabling Microsoft’s mstsc.exe to verify file authenticity and integrity. It introduces configuration options for RDP signing certificates and updates the RDP transport scripts to use this feature when available. The server now provides endpoints for clients to request signing information and to obtain signed RDP files, improving security and compatibility with Windows RDP clients.
RDP File Signing Feature:
_sign_rdp_content) that replicates Microsoft'srdpsign.exebehavior, including certificate chain support and correct message formatting for mstsc.exe verification.GlobalConfigfor the signing certificate, private key, and optional certificate chain, allowing administrators to enable and manage RDP signing.Client API and Workflow Changes:
/clientREST API to provide the signing certificate and chain to clients on request, and to allow clients to POST RDP content for signing, returning the signed file or errors as appropriate. [1] [2]Transport Script Updates:
direct.py,tunnel.py) to use the new signing workflow: if a signing ticket is present, the script requests a signed RDP file from the server, ensuring files are signed only when supported and configured. [1] [2]Submodule Update:
clientsubmodule to the latest commit, potentially to support new signing features or API changes.