jh163888/xrdp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use CHANSRV_RESTRICT_OUTBOUND_CLIPBOARD env between sesman -> chansrv

Browse Source
This commit is contained in:
Jaroslaw Osmanski 2019-03-02 15:36:56 +01:00
parent 1b6bfa682c
commit 7d7e8184ae
5 changed files with 17 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sesman/chansrv/Makefile.am
View File

@ -9,9 +9,7 @@ AM_CPPFLAGS = \
-DXRDP_SHARE_PATH=\"${datadir}/xrdp\" \ -DXRDP_SHARE_PATH=\"${datadir}/xrdp\" \
-DXRDP_PID_PATH=\"${localstatedir}/run\" \ -DXRDP_PID_PATH=\"${localstatedir}/run\" \
-DXRDP_SOCKET_PATH=\"${socketdir}\" \ -DXRDP_SOCKET_PATH=\"${socketdir}\" \
-I$(top_srcdir)/common \ -I$(top_srcdir)/common
-I$(top_srcdir)/sesman \
-I$(top_srcdir)/sesman/libscp
if XRDP_DEBUG if XRDP_DEBUG
AM_CPPFLAGS += -DXRDP_DEBUG AM_CPPFLAGS += -DXRDP_DEBUG
@ -56,7 +54,6 @@ xrdp_chansrv_SOURCES = \
clipboard_common.h \ clipboard_common.h \
clipboard_file.c \ clipboard_file.c \
clipboard_file.h \ clipboard_file.h \
config.c \
devredir.c \ devredir.c \
devredir.h \ devredir.h \
fifo.c \ fifo.c \

10
sesman/chansrv/chansrv.c
View File

@ -59,6 +59,7 @@ int g_cliprdr_chan_id = -1; /* cliprdr */
int g_rdpsnd_chan_id = -1; /* rdpsnd */ int g_rdpsnd_chan_id = -1; /* rdpsnd */
int g_rdpdr_chan_id = -1; /* rdpdr */ int g_rdpdr_chan_id = -1; /* rdpdr */
int g_rail_chan_id = -1; /* rail */ int g_rail_chan_id = -1; /* rail */
int g_restrict_outbound_clipboard = 0;
char *g_exec_name; char *g_exec_name;
tbus g_exec_event; tbus g_exec_event;
@ -1780,7 +1781,7 @@ main(int argc, char **argv)
enum logReturns error; enum logReturns error;
struct log_config logconfig; struct log_config logconfig;
enum logLevels log_level; enum logLevels log_level;
char *restrict_outbound_clipboard_env;
g_init("xrdp-chansrv"); /* os_calls */ g_init("xrdp-chansrv"); /* os_calls */
log_path[255] = 0; log_path[255] = 0;
@ -1791,6 +1792,13 @@ main(int argc, char **argv)
return 1; return 1;
} }
restrict_outbound_clipboard_env = g_getenv("CHANSRV_RESTRICT_OUTBOUND_CLIPBOARD");
if (restrict_outbound_clipboard_env != 0) {
if (g_strcmp(restrict_outbound_clipboard_env, "1") == 0) {
g_restrict_outbound_clipboard = 1;
}
}
read_ini(); read_ini();
pid = g_getpid(); pid = g_getpid();
display_text = g_getenv("DISPLAY"); display_text = g_getenv("DISPLAY");

28
sesman/chansrv/clipboard.c
View File

@ -170,7 +170,6 @@ x-special/gnome-copied-files
#include "parse.h" #include "parse.h"
#include "os_calls.h" #include "os_calls.h"
#include "chansrv.h" #include "chansrv.h"
#include "../config.h"
#include "clipboard.h" #include "clipboard.h"
#include "clipboard_file.h" #include "clipboard_file.h"
#include "clipboard_common.h" #include "clipboard_common.h"
@ -230,15 +229,13 @@ static char g_bmp_image_header[] =
extern int g_cliprdr_chan_id; /* in chansrv.c */ extern int g_cliprdr_chan_id; /* in chansrv.c */
struct config_sesman *g_cfg; /* config.h */
extern Display *g_display; /* in xcommon.c */ extern Display *g_display; /* in xcommon.c */
extern int g_x_socket; /* in xcommon.c */ extern int g_x_socket; /* in xcommon.c */
extern tbus g_x_wait_obj; /* in xcommon.c */ extern tbus g_x_wait_obj; /* in xcommon.c */
extern Screen *g_screen; /* in xcommon.c */ extern Screen *g_screen; /* in xcommon.c */
extern int g_screen_num; /* in xcommon.c */ extern int g_screen_num; /* in xcommon.c */
int g_outbound_clipboard_restricted = 0; extern int g_restrict_outbound_clipboard; /* in chansrv.c */
int g_clip_up = 0; int g_clip_up = 0;
@ -381,25 +378,6 @@ clipboard_init(void)
return 0; return 0;
} }
/* reading config */
g_cfg = g_new0(struct config_sesman, 1);
if (0 == g_cfg)
{
g_printf("error creating config: quitting.\n");
g_deinit();
g_exit(1);
}
if (0 != config_read(g_cfg))
{
log_error("clipboard: error reading config. quitting.");
return 1;
}
//one-way clipboard
g_outbound_clipboard_restricted = g_cfg->sec.restrict_outbound_clipboard;
xfuse_init(); xfuse_init();
xcommon_init(); xcommon_init();
g_incr_max_req_size = XMaxRequestSize(g_display) * 4 - 24; g_incr_max_req_size = XMaxRequestSize(g_display) * 4 - 24;
@ -2521,13 +2499,13 @@ clipboard_xevent(void *xevent)
switch (lxevent->type) switch (lxevent->type)
{ {
case SelectionNotify: case SelectionNotify:
if (g_outbound_clipboard_restricted == 0) if (g_restrict_outbound_clipboard == 0)
{ {
clipboard_event_selection_notify(lxevent); clipboard_event_selection_notify(lxevent);
} }
else else
{ {
log_debug("outbound clipboard is restricted because %s is True in config", SESMAN_CFG_RESTRICT_CLIPBOARD); log_debug("outbound clipboard is restricted because of config");
return 1; return 1;
} }
break; break;

1
sesman/chansrv/config.c
View File

@ -1 +0,0 @@
#include "../config.c"

4
sesman/session.c
View File

@ -374,6 +374,10 @@ session_start_chansrv(char *username, int display)
g_cfg->env_names, g_cfg->env_names,
g_cfg->env_values); g_cfg->env_values);
if (g_cfg->sec.restrict_outbound_clipboard == 1) {
g_setenv("CHANSRV_RESTRICT_OUTBOUND_CLIPBOARD", "1", 1);
}
/* executing chansrv */ /* executing chansrv */
g_execvp(exe_path, (char **) (chansrv_params->items)); g_execvp(exe_path, (char **) (chansrv_params->items));
/* should not get here */ /* should not get here */