diff options
author | Adam Tkac <atkac@redhat.com> | 2010-12-13 11:27:06 +0000 |
---|---|---|
committer | Adam Tkac <atkac@redhat.com> | 2010-12-13 11:27:06 +0000 |
commit | 7cc163dbe5c34a694de87a68c4483491990a9b32 (patch) | |
tree | b3742be1db809f0df8e5a4f9d9b1cd20250f02a4 /unix/xserver | |
parent | 03a1ec5eafc1455f9400fa8014907f543fe7f030 (diff) | |
download | tigervnc-7cc163dbe5c34a694de87a68c4483491990a9b32.tar.gz tigervnc-7cc163dbe5c34a694de87a68c4483491990a9b32.zip |
[Development] Allow to modify only "desktop", "SendCutText" and "AcceptCutText"
Xvnc's parameters via vncconfig.
Also Xvnc got new option called "-noclipboard" which disables "*CutText"
runtime modification.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4226 3789f03b-4d11-0410-bbf8-ca57d06f2519
Diffstat (limited to 'unix/xserver')
-rw-r--r-- | unix/xserver/hw/vnc/vncExtInit.cc | 23 | ||||
-rw-r--r-- | unix/xserver/hw/vnc/vncExtInit.h | 1 | ||||
-rw-r--r-- | unix/xserver/hw/vnc/xvnc.cc | 6 |
3 files changed, 26 insertions, 4 deletions
diff --git a/unix/xserver/hw/vnc/vncExtInit.cc b/unix/xserver/hw/vnc/vncExtInit.cc index a0148316..d3cfbe26 100644 --- a/unix/xserver/hw/vnc/vncExtInit.cc +++ b/unix/xserver/hw/vnc/vncExtInit.cc @@ -86,6 +86,7 @@ int vncFbstride[MAXSCREENS]; static char* clientCutText = 0; static int clientCutTextLen = 0; +bool noclipboard = false; static XserverDesktop* queryConnectDesktop = 0; static void* queryConnectId = 0; @@ -461,6 +462,10 @@ static void SendSelectionChangeEvent(Atom selection) static int ProcVncExtSetParam(ClientPtr client) { + char* value1 = 0; + char* value2 = 0; + rfb::VoidParameter *desktop1, *desktop2; + REQUEST(xVncExtSetParamReq); REQUEST_FIXED_SIZE(xVncExtSetParamReq, stuff->paramLen); CharArray param(stuff->paramLen+1); @@ -471,19 +476,28 @@ static int ProcVncExtSetParam(ClientPtr client) int n; rep.type = X_Reply; rep.length = 0; + rep.success = 0; rep.sequenceNumber = client->sequence; // Retrieve desktop name before setting - char* value1 = 0; - rfb::VoidParameter* desktop1 = rfb::Configuration::getParam("desktop"); + desktop1 = rfb::Configuration::getParam("desktop"); if (desktop1) value1 = desktop1->getValueStr(); + /* + * Allow to change only clipboard parameters and desktop name. + * Changing other parameters (for example PAM service name) + * could have negative security impact. + */ + if (strcasecmp(param.buf, "desktop") != 0 && + (noclipboard || strcasecmp(param.buf, "SendCutText") != 0) && + (noclipboard || strcasecmp(param.buf, "AcceptCutText") != 0)) + goto deny; + rep.success = rfb::Configuration::setParam(param.buf); // Send DesktopName update if desktop name has been changed - char* value2 = 0; - rfb::VoidParameter* desktop2 = rfb::Configuration::getParam("desktop"); + desktop2 = rfb::Configuration::getParam("desktop"); if (desktop2) value2 = desktop2->getValueStr(); if (value1 && value2 && strcmp(value1, value2)) { @@ -498,6 +512,7 @@ static int ProcVncExtSetParam(ClientPtr client) if (value2) delete [] value2; +deny: if (client->swapped) { swaps(&rep.sequenceNumber, n); swapl(&rep.length, n); diff --git a/unix/xserver/hw/vnc/vncExtInit.h b/unix/xserver/hw/vnc/vncExtInit.h index af9b2ea6..931c28f3 100644 --- a/unix/xserver/hw/vnc/vncExtInit.h +++ b/unix/xserver/hw/vnc/vncExtInit.h @@ -31,6 +31,7 @@ extern void vncClientGone(int fd); extern void vncBell(); extern void* vncFbptr[]; extern int vncFbstride[]; +extern bool noclipboard; extern int vncInetdSock; extern rfb::StringParameter httpDir; diff --git a/unix/xserver/hw/vnc/xvnc.cc b/unix/xserver/hw/vnc/xvnc.cc index 56912f90..5d5b1ca4 100644 --- a/unix/xserver/hw/vnc/xvnc.cc +++ b/unix/xserver/hw/vnc/xvnc.cc @@ -291,6 +291,7 @@ ddxUseMsg() ErrorF("-pixelformat fmt set pixel format (rgbNNN or bgrNNN)\n"); ErrorF("-inetd has been launched from inetd\n"); ErrorF("-interface IP_address listen on specified interface\n"); + ErrorF("-noclipboard disable clipboard settings modification via vncconfig utility\n"); ErrorF("\nVNC parameters:\n"); fprintf(stderr,"\n" @@ -569,6 +570,11 @@ ddxProcessArgument(int argc, char *argv[], int i) return 2; } + + if (strcmp(argv[i], "-noclipboard") == 0) { + noclipboard = true; + return 1; + } if (rfb::Configuration::setParam(argv[i])) return 1; |