www.cendio.com

Bug 4451

Summary: Rephrase rdesktop message of protocol negotiation and credssp
Product: ThinLinc Reporter: Peter ├ůstrand <astrand@cendio.se>
Component: | rdesktop (deprecated)Assignee: Henrik Andersson <hean01@cendio.se>
Status: CLOSED FIXED QA Contact: Bugzilla mail exporter <bugzilla-qa@cendio.se>
Severity: Normal    
Priority: P2 Keywords: ossman_tester
Version: 3.4.0   
Target Milestone: 4.1.0   
Hardware: PC   
OS: Unknown   
Acceptance Criteria:

Description From cendio 2012-10-30 13:53:25
This is problem #1, split off bug 4347. Currently, if you don't get SSL,
rdesktop prints this:

WARNING: RDP protocol negotiation failed with reason: SSL not allowed by server
(error 0x2),
WARNING: retrying without negotiation using plain RDP protocol.

As Henrik and I have discussed, we should probably rephrase this as some kind
of informational message, that doesn't sound all that severe. One line is
probably enough. We could also consider printing the selected method even SSL
is selected, so that you always sees the selected method.
------- Comment #1 From cendio 2012-11-22 09:06:36 -------
Commit r1680 upstream adds a more informational message
about the protocol negotitation, also as oneliner.
Also a message was added for which protocol that was
negotiated and used for connection establishment.
------- Comment #2 From cendio 2012-11-22 09:24:07 -------
I did review the logging to the console in cssp.c and it does
look good imho, only questionable string is the following one:

ERROR: CredSSP: Initialize failed, do you have correct kerberos tgt initialized
?

Which is presented if CredSSP+Kerberos are negotiatied and a tgt is missing
any suggestions ?
------- Comment #3 From cendio 2012-12-04 07:42:47 -------
Testing of this bug is done with test description of bug 2571,
there has been some changes in connection flow which affects
this bug.
------- Comment #4 From cendio 2013-06-11 19:47:31 -------
This is now printed:

Failed to negotiate protocol, retrying with plain RDP.

It is only printed when both TLS and CredSSP are unavailable though.