Skip to content

Commit 2b7f37e

Browse files
TheBestTvarynkaTheBestTvarynka
committed
refactor(devolutions-gateway): code clean-up;
1 parent b63601e commit 2b7f37e

File tree

1 file changed

+10
-16
lines changed

1 file changed

+10
-16
lines changed

devolutions-gateway/src/rdp_proxy.rs

Lines changed: 10 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ use crate::subscriber::SubscriberSender;
1111

1212
use anyhow::Context as _;
1313
use ironrdp_acceptor::credssp::CredsspProcessGenerator as CredsspServerProcessGenerator;
14-
use ironrdp_connector::credssp::{CredsspProcessGenerator as CredsspClientProcessGenerator, KerberosConfig};
14+
use ironrdp_connector::credssp::CredsspProcessGenerator as CredsspClientProcessGenerator;
1515
use ironrdp_connector::sspi::credssp::{ClientState, ServerError, ServerState};
1616
use ironrdp_connector::sspi::generator::GeneratorState;
1717
use ironrdp_connector::sspi::kerberos::ServerProperties;
@@ -101,12 +101,8 @@ where
101101

102102
let (client_stream, server_stream) = tokio::join!(client_tls_upgrade_fut, server_tls_upgrade_fut);
103103

104-
let client_stream = client_stream
105-
.inspect_err(|err| warn!(?err, "client stream error"))
106-
.context("TLS upgrade with client failed")?;
107-
let server_stream = server_stream
108-
.inspect_err(|err| warn!(?err, "server stream error"))
109-
.context("TLS upgrade with server failed")?;
104+
let client_stream = client_stream.context("TLS upgrade with client failed")?;
105+
let server_stream = server_stream.context("TLS upgrade with server failed")?;
110106

111107
let server_public_key =
112108
extract_tls_server_public_key(&server_stream).context("extract target server TLS public key")?;
@@ -174,11 +170,9 @@ where
174170
Some(&mut network_client),
175171
);
176172

177-
// let (client_credssp_res, server_credssp_res) = tokio::join!(client_credssp_fut, server_credssp_fut);
178-
// client_credssp_res.context("CredSSP with client")?;
179-
// server_credssp_res.context("CredSSP with server")?;
180-
client_credssp_fut.await.context("CredSSP with client")?;
181-
server_credssp_fut.await.context("CredSSP with server")?;
173+
let (client_credssp_res, server_credssp_res) = tokio::join!(client_credssp_fut, server_credssp_fut);
174+
client_credssp_res.context("CredSSP with client")?;
175+
server_credssp_res.context("CredSSP with server")?;
182176

183177
// -- Intercept the Connect Confirm PDU, to override the server_security_protocol field -- //
184178

@@ -406,10 +400,8 @@ where
406400
security_protocol,
407401
ironrdp_connector::ServerName::new(server_name),
408402
server_public_key,
409-
Some(KerberosConfig {
410-
kdc_proxy_url: Some(url::Url::parse("tcp://192.168.1.103:88").unwrap()),
411-
hostname: Some("myroniuk-p-laptop".into()),
412-
}),
403+
// We do not need to specify the Kerberos config here: the sspi-rs can automatically resolve the KDC host via DNS and/or env variable.
404+
None,
413405
)?;
414406

415407
let mut buf = ironrdp_pdu::WriteBuf::new();
@@ -526,6 +518,8 @@ where
526518
.await;
527519

528520
if security_protocol.intersects(nego::SecurityProtocol::HYBRID_EX) {
521+
trace!(?result, "HYBRID_EX");
522+
529523
let result = if result.is_ok() {
530524
EarlyUserAuthResult::Success
531525
} else {

0 commit comments

Comments
 (0)