reapply outboud-resitrcted clipboard

2018-11-19 13:04:43 +01:00 · 2018-11-19 13:04:43 +01:00 · 751cd97018
commit 751cd97018
parent 0d8a49ab13
6 changed files with 52 additions and 2 deletions
--- a/docs/man/sesman.ini.5.in
+++ b/docs/man/sesman.ini.5.in
@ -196,6 +196,12 @@ login for all users is enabled.
 \fIThis option is currently ignored!\fR Only members of this group can
 have session management rights.

+.TP
+\fBRestrictOutboundClipboard\fR=\fI[true|false]\fR
+If set to \fB1\fR, \fBtrue\fR or \fByes\fR, will restrict the clipboard
+outbound from the server, to prevent data copied inside the xrdp session
+to be be pasted in the client host. Default value is \fBfalse\fR.
+
 .TP
 \fBAlwaysGroupCheck\fR=\fI[true|false]\fR
 If set to \fB1\fR, \fBtrue\fR or \fByes\fR, require group membership even
--- a/sesman/chansrv/Makefile.am
+++ b/sesman/chansrv/Makefile.am
@ -9,7 +9,9 @@ AM_CPPFLAGS = \
  -DXRDP_SHARE_PATH=\"${datadir}/xrdp\" \
  -DXRDP_PID_PATH=\"${localstatedir}/run\" \
  -DXRDP_SOCKET_PATH=\"${socketdir}\" \
-  -I$(top_srcdir)/common
+  -I$(top_srcdir)/common \
+  -I$(top_srcdir)/sesman \
+  -I$(top_srcdir)/sesman/libscp

 if XRDP_DEBUG
 AM_CPPFLAGS += -DXRDP_DEBUG
@ -54,6 +56,7 @@ xrdp_chansrv_SOURCES = \
  clipboard_common.h \
  clipboard_file.c \
  clipboard_file.h \
+  config.c \
  devredir.c \
  devredir.h \
  fifo.c \
--- a/sesman/chansrv/clipboard.c
+++ b/sesman/chansrv/clipboard.c
@ -170,6 +170,7 @@ x-special/gnome-copied-files
 #include "parse.h"
 #include "os_calls.h"
 #include "chansrv.h"
+#include "../config.h"
 #include "clipboard.h"
 #include "clipboard_file.h"
 #include "clipboard_common.h"
@ -229,12 +230,16 @@ static char g_bmp_image_header[] =

 extern int g_cliprdr_chan_id;   /* in chansrv.c */

+struct config_sesman g_cfg      /* config.h */
+
 extern Display *g_display;      /* in xcommon.c */
 extern int g_x_socket;          /* in xcommon.c */
 extern tbus g_x_wait_obj;       /* in xcommon.c */
 extern Screen *g_screen;        /* in xcommon.c */
 extern int g_screen_num;        /* in xcommon.c */

+int g_outbound_clipboard_restricted = 0;
+
 int g_clip_up = 0;

 static Atom g_clipboard_atom = 0;      /* CLIPBOARD */
@ -376,6 +381,17 @@ clipboard_init(void)
        return 0;
    }

+    if (0 != config_read(&g_cfg))
+     {
+         g_printf("clipboard: error reading config. quitting.\n");
+         return 1;
+     }
+
+     log_debug("clipboard_init: outbound clipboard restricted -> " + g_cfg.sec.restrict_oubound_clipboard)
+     //one-way clipboard
+     g_outbound_clipboard_restricted = g_cfg.sec.restrict_oubound_clipboard;
+
+
    xfuse_init();
    xcommon_init();
    g_incr_max_req_size = XMaxRequestSize(g_display) * 4 - 24;
@ -2485,6 +2501,8 @@ clipboard_xevent(void *xevent)
 {
    XEvent *lxevent;

+    log_debug("clipboard_xevent: event detected");
+
    if (!g_clip_up)
    {
        return 1;
@ -2495,7 +2513,13 @@ clipboard_xevent(void *xevent)
    switch (lxevent->type)
    {
        case SelectionNotify:
-            clipboard_event_selection_notify(lxevent);
+            if (g_outbound_clipboard_restricted == 0) {
+                 log_debug("clipboard_xevent: clipboard SelectionNotify event on xorg.")
+                 clipboard_event_selection_notify(lxevent);
+             } else {
+                 log_debug("clipboard_xevent: clipboard restricted, ignoring xorg event.")
+                 return 1;
+             }
            break;
        case SelectionRequest:
            clipboard_event_selection_request(lxevent);
--- a/sesman/config.c
+++ b/sesman/config.c
@ -235,6 +235,7 @@ config_read_security(int file, struct config_security *sc,
    sc->login_retry = 3;
    sc->ts_users_enable = 0;
    sc->ts_admins_enable = 0;
+    sc->restrict_oubound_clipboard = 0;

    file_read_section(file, SESMAN_CFG_SECURITY, param_n, param_v);

@ -273,6 +274,13 @@ config_read_security(int file, struct config_security *sc,
        {
            sc->ts_always_group_check = g_text2bool((char *)list_get_item(param_v, i));
        }
+        
+        if (0 == g_strcasecmp(buf, SESMAN_CFG_RESTRICT_CLIPBOARD))
+        {
+             sc->restrict_oubound_clipboard = g_text2bool((char *)list_get_item(param_v, i));
+        }
+
+
    }

    return 0;
@ -497,6 +505,7 @@ config_dump(struct config_sesman *config)
    g_writeln("    AllowRootLogin:           %d", sc->allow_root);
    g_writeln("    MaxLoginRetry:            %d", sc->login_retry);
    g_writeln("    AlwaysGroupCheck:         %d", sc->ts_always_group_check);
+    g_printf("\tRestrictOutboundClipboard: %i\r\n", sc->restrict_oubound_clipboard);

    g_printf( "    TSUsersGroup:             ");
    if (sc->ts_users_enable)
--- a/sesman/config.h
+++ b/sesman/config.h
@ -126,6 +126,11 @@ struct config_security
   * @brief if the Groups are not found deny access
   */
  int ts_always_group_check;
+  /**
+   * @var restrict_oubound_clipboard
+   * @brief if the clipboard should be enforced restricted. If true only allow client -> server, not vice versa.
+   */
+  int restrict_oubound_clipboard;
 };

 /**
--- a/sesman/sesman.ini.in
+++ b/sesman/sesman.ini.in
@ -19,6 +19,9 @@ TerminalServerAdmins=tsadmins
 ; When AlwaysGroupCheck=false access will be permitted
 ; if the group TerminalServerUsers is not defined.
 AlwaysGroupCheck=false
+; When RestrictOutboundClipboard=true clipboard from the
+; server is not pushed to the client.
+RestrictOutboundClipboard=false

 [Sessions]
 ;; X11DisplayOffset - x11 display number offset