[Development] Allow to modify only "desktop", "SendCutText" and "AcceptCutText"

Xvnc's parameters via vncconfig.

Also Xvnc got new option called "-noclipboard" which disables "*CutText"
runtime modification.

git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4226 3789f03b-4d11-0410-bbf8-ca57d06f2519

diff --git a/unix/xserver/hw/vnc/vncExtInit.cc b/unix/xserver/hw/vnc/vncExtInit.cc
index a01483162a23f8845e9814b9e3a3d0ecee57739c..d3cfbe2645ca76ae8716f6f153ad7d3af7a1dd9d 100644 (file)
--- a/unix/xserver/hw/vnc/vncExtInit.cc
+++ b/unix/xserver/hw/vnc/vncExtInit.cc
@@ -86,6 +86,7 @@ int vncFbstride[MAXSCREENS];
 
 static char* clientCutText = 0;
 static int clientCutTextLen = 0;
+bool noclipboard = false;
 
 static XserverDesktop* queryConnectDesktop = 0;
 static void* queryConnectId = 0;
@@ -461,6 +462,10 @@ static void SendSelectionChangeEvent(Atom selection)
 
 static int ProcVncExtSetParam(ClientPtr client)
 {
+  char* value1 = 0;
+  char* value2 = 0;
+  rfb::VoidParameter *desktop1, *desktop2;
+
   REQUEST(xVncExtSetParamReq);
   REQUEST_FIXED_SIZE(xVncExtSetParamReq, stuff->paramLen);
   CharArray param(stuff->paramLen+1);
@@ -471,19 +476,28 @@ static int ProcVncExtSetParam(ClientPtr client)
   int n;
   rep.type = X_Reply;
   rep.length = 0;
+  rep.success = 0;
   rep.sequenceNumber = client->sequence;
 
   // Retrieve desktop name before setting
-  char* value1 = 0;
-  rfb::VoidParameter* desktop1 = rfb::Configuration::getParam("desktop");
+  desktop1 = rfb::Configuration::getParam("desktop");
   if (desktop1)
     value1 = desktop1->getValueStr();
 
+  /*
+   * Allow to change only clipboard parameters and desktop name.
+   * Changing other parameters (for example PAM service name)
+   * could have negative security impact.
+   */
+  if (strcasecmp(param.buf, "desktop") != 0 &&
+      (noclipboard || strcasecmp(param.buf, "SendCutText") != 0) &&
+      (noclipboard || strcasecmp(param.buf, "AcceptCutText") != 0))
+    goto deny;
+
   rep.success = rfb::Configuration::setParam(param.buf);
 
   // Send DesktopName update if desktop name has been changed
-  char* value2 = 0;
-  rfb::VoidParameter* desktop2 = rfb::Configuration::getParam("desktop");
+  desktop2 = rfb::Configuration::getParam("desktop");
   if (desktop2)
     value2 = desktop2->getValueStr();
   if (value1 && value2 && strcmp(value1, value2)) {
@@ -498,6 +512,7 @@ static int ProcVncExtSetParam(ClientPtr client)
   if (value2)
     delete [] value2;
 
+deny:
   if (client->swapped) {
     swaps(&rep.sequenceNumber, n);
     swapl(&rep.length, n);

diff --git a/unix/xserver/hw/vnc/vncExtInit.h b/unix/xserver/hw/vnc/vncExtInit.h
index af9b2ea679261d2248e9adfc7048170ac4699871..931c28f32ef72d7b8a88a1c17292594692181586 100644 (file)
--- a/unix/xserver/hw/vnc/vncExtInit.h
+++ b/unix/xserver/hw/vnc/vncExtInit.h
@@ -31,6 +31,7 @@ extern void vncClientGone(int fd);
 extern void vncBell();
 extern void* vncFbptr[];
 extern int vncFbstride[];
+extern bool noclipboard;
 extern int vncInetdSock;
 extern rfb::StringParameter httpDir;
 

diff --git a/unix/xserver/hw/vnc/xvnc.cc b/unix/xserver/hw/vnc/xvnc.cc
index 56912f9059bbd2ac57855a4a5d39b8f3a468176a..5d5b1ca490e2990a37f5a7fb80fb9ac41a6b036a 100644 (file)
--- a/unix/xserver/hw/vnc/xvnc.cc
+++ b/unix/xserver/hw/vnc/xvnc.cc
@@ -291,6 +291,7 @@ ddxUseMsg()
     ErrorF("-pixelformat fmt       set pixel format (rgbNNN or bgrNNN)\n");
     ErrorF("-inetd                 has been launched from inetd\n");
     ErrorF("-interface IP_address  listen on specified interface\n");
+    ErrorF("-noclipboard           disable clipboard settings modification via vncconfig utility\n");
     ErrorF("\nVNC parameters:\n");
 
     fprintf(stderr,"\n"
@@ -569,6 +570,11 @@ ddxProcessArgument(int argc, char *argv[], int i)
 
        return 2;
     }
+
+    if (strcmp(argv[i], "-noclipboard") == 0) {
+       noclipboard = true;
+       return 1;
+    }
     
     if (rfb::Configuration::setParam(argv[i]))
        return 1;