[Tigervnc-commits] SF.net SVN: tigervnc:[4226] trunk/unix/xserver/hw/vnc

Mon, 13 Dec 2010 03:27:23 -0800 

Revision: 4226
          http://tigervnc.svn.sourceforge.net/tigervnc/?rev=4226&view=rev
Author:   atkac
Date:     2010-12-13 11:27:06 +0000 (Mon, 13 Dec 2010)

Log Message:
-----------
[Development] Allow to modify only "desktop", "SendCutText" and "AcceptCutText"
Xvnc's parameters via vncconfig.

Also Xvnc got new option called "-noclipboard" which disables "*CutText"
runtime modification.

Modified Paths:
--------------
    trunk/unix/xserver/hw/vnc/vncExtInit.cc
    trunk/unix/xserver/hw/vnc/vncExtInit.h
    trunk/unix/xserver/hw/vnc/xvnc.cc

Modified: trunk/unix/xserver/hw/vnc/vncExtInit.cc
===================================================================
--- trunk/unix/xserver/hw/vnc/vncExtInit.cc     2010-12-08 16:31:39 UTC (rev 
4225)
+++ trunk/unix/xserver/hw/vnc/vncExtInit.cc     2010-12-13 11:27:06 UTC (rev 
4226)
@@ -86,6 +86,7 @@
 
 static char* clientCutText = 0;
 static int clientCutTextLen = 0;
+bool noclipboard = false;
 
 static XserverDesktop* queryConnectDesktop = 0;
 static void* queryConnectId = 0;
@@ -461,6 +462,10 @@
 
 static int ProcVncExtSetParam(ClientPtr client)
 {
+  char* value1 = 0;
+  char* value2 = 0;
+  rfb::VoidParameter *desktop1, *desktop2;
+
   REQUEST(xVncExtSetParamReq);
   REQUEST_FIXED_SIZE(xVncExtSetParamReq, stuff->paramLen);
   CharArray param(stuff->paramLen+1);
@@ -471,19 +476,28 @@
   int n;
   rep.type = X_Reply;
   rep.length = 0;
+  rep.success = 0;
   rep.sequenceNumber = client->sequence;
 
   // Retrieve desktop name before setting
-  char* value1 = 0;
-  rfb::VoidParameter* desktop1 = rfb::Configuration::getParam("desktop");
+  desktop1 = rfb::Configuration::getParam("desktop");
   if (desktop1)
     value1 = desktop1->getValueStr();
 
+  /*
+   * Allow to change only clipboard parameters and desktop name.
+   * Changing other parameters (for example PAM service name)
+   * could have negative security impact.
+   */
+  if (strcasecmp(param.buf, "desktop") != 0 &&
+      (noclipboard || strcasecmp(param.buf, "SendCutText") != 0) &&
+      (noclipboard || strcasecmp(param.buf, "AcceptCutText") != 0))
+    goto deny;
+
   rep.success = rfb::Configuration::setParam(param.buf);
 
   // Send DesktopName update if desktop name has been changed
-  char* value2 = 0;
-  rfb::VoidParameter* desktop2 = rfb::Configuration::getParam("desktop");
+  desktop2 = rfb::Configuration::getParam("desktop");
   if (desktop2)
     value2 = desktop2->getValueStr();
   if (value1 && value2 && strcmp(value1, value2)) {
@@ -498,6 +512,7 @@
   if (value2)
     delete [] value2;
 
+deny:
   if (client->swapped) {
     swaps(&rep.sequenceNumber, n);
     swapl(&rep.length, n);

Modified: trunk/unix/xserver/hw/vnc/vncExtInit.h
===================================================================
--- trunk/unix/xserver/hw/vnc/vncExtInit.h      2010-12-08 16:31:39 UTC (rev 
4225)
+++ trunk/unix/xserver/hw/vnc/vncExtInit.h      2010-12-13 11:27:06 UTC (rev 
4226)
@@ -31,6 +31,7 @@
 extern void vncBell();
 extern void* vncFbptr[];
 extern int vncFbstride[];
+extern bool noclipboard;
 extern int vncInetdSock;
 extern rfb::StringParameter httpDir;
 

Modified: trunk/unix/xserver/hw/vnc/xvnc.cc
===================================================================
--- trunk/unix/xserver/hw/vnc/xvnc.cc   2010-12-08 16:31:39 UTC (rev 4225)
+++ trunk/unix/xserver/hw/vnc/xvnc.cc   2010-12-13 11:27:06 UTC (rev 4226)
@@ -291,6 +291,7 @@
     ErrorF("-pixelformat fmt       set pixel format (rgbNNN or bgrNNN)\n");
     ErrorF("-inetd                 has been launched from inetd\n");
     ErrorF("-interface IP_address  listen on specified interface\n");
+    ErrorF("-noclipboard           disable clipboard settings modification via 
vncconfig utility\n");
     ErrorF("\nVNC parameters:\n");
 
     fprintf(stderr,"\n"
@@ -569,6 +570,11 @@
 
        return 2;
     }
+
+    if (strcmp(argv[i], "-noclipboard") == 0) {
+       noclipboard = true;
+       return 1;
+    }
     
     if (rfb::Configuration::setParam(argv[i]))
        return 1;


This was sent by the SourceForge.net collaborative development platform, the 
world's largest Open Source development site.

------------------------------------------------------------------------------
Oracle to DB2 Conversion Guide: Learn learn about native support for PL/SQL,
new data types, scalar functions, improved concurrency, built-in packages, 
OCI, SQL*Plus, data movement tools, best practices and more.
http://p.sf.net/sfu/oracle-sfdev2dev 
_______________________________________________
Tigervnc-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/tigervnc-commits

Reply via email to