Read sesman config in clipboard

This commit is contained in:
Jaroslaw Osmanski 2019-02-26 11:36:32 +01:00
parent 751cd97018
commit 46c33ddaf4
4 changed files with 33 additions and 22 deletions

View File

@ -230,7 +230,7 @@ static char g_bmp_image_header[] =
extern int g_cliprdr_chan_id; /* in chansrv.c */ extern int g_cliprdr_chan_id; /* in chansrv.c */
struct config_sesman g_cfg /* config.h */ struct config_sesman *g_cfg; /* config.h */
extern Display *g_display; /* in xcommon.c */ extern Display *g_display; /* in xcommon.c */
extern int g_x_socket; /* in xcommon.c */ extern int g_x_socket; /* in xcommon.c */
@ -381,16 +381,24 @@ clipboard_init(void)
return 0; return 0;
} }
if (0 != config_read(&g_cfg)) /* reading config */
{ g_cfg = g_new0(struct config_sesman, 1);
g_printf("clipboard: error reading config. quitting.\n");
return 1;
}
log_debug("clipboard_init: outbound clipboard restricted -> " + g_cfg.sec.restrict_oubound_clipboard) if (0 == g_cfg)
//one-way clipboard {
g_outbound_clipboard_restricted = g_cfg.sec.restrict_oubound_clipboard; g_printf("error creating config: quitting.\n");
g_deinit();
g_exit(1);
}
if (0 != config_read(g_cfg))
{
log_error("clipboard: error reading config. quitting.");
return 1;
}
//one-way clipboard
g_outbound_clipboard_restricted = g_cfg->sec.restrict_outbound_clipboard;
xfuse_init(); xfuse_init();
xcommon_init(); xcommon_init();
@ -2513,13 +2521,14 @@ clipboard_xevent(void *xevent)
switch (lxevent->type) switch (lxevent->type)
{ {
case SelectionNotify: case SelectionNotify:
if (g_outbound_clipboard_restricted == 0) { if (g_outbound_clipboard_restricted == 0)
log_debug("clipboard_xevent: clipboard SelectionNotify event on xorg.") {
clipboard_event_selection_notify(lxevent); clipboard_event_selection_notify(lxevent);
} else { }
log_debug("clipboard_xevent: clipboard restricted, ignoring xorg event.") else
return 1; {
} return 1;
}
break; break;
case SelectionRequest: case SelectionRequest:
clipboard_event_selection_request(lxevent); clipboard_event_selection_request(lxevent);

1
sesman/chansrv/config.c Normal file
View File

@ -0,0 +1 @@
#include "../config.c"

View File

@ -235,7 +235,7 @@ config_read_security(int file, struct config_security *sc,
sc->login_retry = 3; sc->login_retry = 3;
sc->ts_users_enable = 0; sc->ts_users_enable = 0;
sc->ts_admins_enable = 0; sc->ts_admins_enable = 0;
sc->restrict_oubound_clipboard = 0; sc->restrict_outbound_clipboard = 0;
file_read_section(file, SESMAN_CFG_SECURITY, param_n, param_v); file_read_section(file, SESMAN_CFG_SECURITY, param_n, param_v);
@ -274,10 +274,10 @@ config_read_security(int file, struct config_security *sc,
{ {
sc->ts_always_group_check = g_text2bool((char *)list_get_item(param_v, i)); sc->ts_always_group_check = g_text2bool((char *)list_get_item(param_v, i));
} }
if (0 == g_strcasecmp(buf, SESMAN_CFG_RESTRICT_CLIPBOARD)) if (0 == g_strcasecmp(buf, SESMAN_CFG_RESTRICT_CLIPBOARD))
{ {
sc->restrict_oubound_clipboard = g_text2bool((char *)list_get_item(param_v, i)); sc->restrict_outbound_clipboard = g_text2bool((char *)list_get_item(param_v, i));
} }
@ -505,7 +505,7 @@ config_dump(struct config_sesman *config)
g_writeln(" AllowRootLogin: %d", sc->allow_root); g_writeln(" AllowRootLogin: %d", sc->allow_root);
g_writeln(" MaxLoginRetry: %d", sc->login_retry); g_writeln(" MaxLoginRetry: %d", sc->login_retry);
g_writeln(" AlwaysGroupCheck: %d", sc->ts_always_group_check); g_writeln(" AlwaysGroupCheck: %d", sc->ts_always_group_check);
g_printf("\tRestrictOutboundClipboard: %i\r\n", sc->restrict_oubound_clipboard); g_writeln(" RestrictOutboundClipboard: %d", sc->restrict_outbound_clipboard);
g_printf( " TSUsersGroup: "); g_printf( " TSUsersGroup: ");
if (sc->ts_users_enable) if (sc->ts_users_enable)

View File

@ -60,6 +60,7 @@
#define SESMAN_CFG_SEC_USR_GROUP "TerminalServerUsers" #define SESMAN_CFG_SEC_USR_GROUP "TerminalServerUsers"
#define SESMAN_CFG_SEC_ADM_GROUP "TerminalServerAdmins" #define SESMAN_CFG_SEC_ADM_GROUP "TerminalServerAdmins"
#define SESMAN_CFG_SEC_ALWAYSGROUPCHECK "AlwaysGroupCheck" #define SESMAN_CFG_SEC_ALWAYSGROUPCHECK "AlwaysGroupCheck"
#define SESMAN_CFG_RESTRICT_CLIPBOARD "RestrictOutboundClipboard"
#define SESMAN_CFG_SESSIONS "Sessions" #define SESMAN_CFG_SESSIONS "Sessions"
#define SESMAN_CFG_SESS_MAX "MaxSessions" #define SESMAN_CFG_SESS_MAX "MaxSessions"
@ -127,10 +128,10 @@ struct config_security
*/ */
int ts_always_group_check; int ts_always_group_check;
/** /**
* @var restrict_oubound_clipboard * @var restrict_outbound_clipboard
* @brief if the clipboard should be enforced restricted. If true only allow client -> server, not vice versa. * @brief if the clipboard should be enforced restricted. If true only allow client -> server, not vice versa.
*/ */
int restrict_oubound_clipboard; int restrict_outbound_clipboard;
}; };
/** /**