GUACAMOLE-474: Add parameter processing for file upload/download disable.

This commit is contained in:
Nick Couchman 2019-12-25 18:29:07 -05:00
parent 68a6285818
commit 42e382062c
6 changed files with 146 additions and 0 deletions

View File

@ -55,6 +55,8 @@ const char* GUAC_RDP_CLIENT_ARGS[] = {
"drive-name", "drive-name",
"drive-path", "drive-path",
"create-drive-path", "create-drive-path",
"disable-download",
"disable-upload",
"console", "console",
"console-audio", "console-audio",
"server-layout", "server-layout",
@ -91,6 +93,8 @@ const char* GUAC_RDP_CLIENT_ARGS[] = {
"sftp-directory", "sftp-directory",
"sftp-root-directory", "sftp-root-directory",
"sftp-server-alive-interval", "sftp-server-alive-interval",
"sftp-disable-download",
"sftp-disable-upload",
#endif #endif
"recording-path", "recording-path",
@ -214,6 +218,18 @@ enum RDP_ARGS_IDX {
* drive if it does not yet exist, "false" or blank otherwise. * drive if it does not yet exist, "false" or blank otherwise.
*/ */
IDX_CREATE_DRIVE_PATH, IDX_CREATE_DRIVE_PATH,
/**
* "true" to disable the ability to download files from a remote server to
* the local client over RDP, "false" or blank otherwise.
*/
IDX_DISABLE_DOWNLOAD,
/**
* "true" to disable the ability to upload files from the local client to
* the remote server over RDP, "false" or blank otherwise.
*/
IDX_DISABLE_UPLOAD,
/** /**
* "true" if this session is a console session, "false" or blank otherwise. * "true" if this session is a console session, "false" or blank otherwise.
@ -430,6 +446,20 @@ enum RDP_ARGS_IDX {
* cases. * cases.
*/ */
IDX_SFTP_SERVER_ALIVE_INTERVAL, IDX_SFTP_SERVER_ALIVE_INTERVAL,
/**
* "true" to disable file download from the SFTP server to the local client
* over the SFTP connection, if SFTP is configured and enabled. "false" or
* blank otherwise.
*/
IDX_SFTP_DISABLE_DOWNLOAD,
/**
* "true" to disable file upload from the SFTP server to the local client
* over the SFTP connection, if SFTP is configured and enabled. "false" or
* blank otherwise.
*/
IDX_SFTP_DISABLE_UPLOAD,
#endif #endif
/** /**
@ -842,13 +872,25 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_DRIVE_NAME, "Guacamole Filesystem"); IDX_DRIVE_NAME, "Guacamole Filesystem");
/* The path on the server to connect the drive. */
settings->drive_path = settings->drive_path =
guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_DRIVE_PATH, ""); IDX_DRIVE_PATH, "");
/* If the server path should be created if it doesn't already exist. */
settings->create_drive_path = settings->create_drive_path =
guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv, guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_CREATE_DRIVE_PATH, 0); IDX_CREATE_DRIVE_PATH, 0);
/* If file downloads over RDP should be disabled. */
settings->disable_download =
guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_DISABLE_DOWNLOAD, 0);
/* If file uploads over RDP should be disabled. */
settings->disable_upload =
guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_DISABLE_UPLOAD, 0);
/* Pick keymap based on argument */ /* Pick keymap based on argument */
settings->server_layout = NULL; settings->server_layout = NULL;
@ -921,6 +963,16 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
settings->sftp_server_alive_interval = settings->sftp_server_alive_interval =
guac_user_parse_args_int(user, GUAC_RDP_CLIENT_ARGS, argv, guac_user_parse_args_int(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_SFTP_SERVER_ALIVE_INTERVAL, 0); IDX_SFTP_SERVER_ALIVE_INTERVAL, 0);
/* Whether or not to disable file download over SFTP. */
settings->sftp_disable_download =
guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_SFTP_DISABLE_DOWNLOAD, 0);
/* Whether or not to disable file upload over SFTP. */
settings->sftp_disable_upload =
guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_SFTP_DISABLE_UPLOAD, 0);
#endif #endif
/* Read recording path */ /* Read recording path */

View File

@ -218,6 +218,16 @@ typedef struct guac_rdp_settings {
* exist. * exist.
*/ */
int create_drive_path; int create_drive_path;
/**
* Whether or not to disable file download over RDP.
*/
int disable_download;
/**
* Wether or not to disable file upload over RDP.
*/
int disable_upload;
/** /**
* Whether this session is a console session. * Whether this session is a console session.
@ -440,6 +450,16 @@ typedef struct guac_rdp_settings {
* cases. * cases.
*/ */
int sftp_server_alive_interval; int sftp_server_alive_interval;
/**
* Whether or not to disable file download over SFTP.
*/
int sftp_disable_download;
/**
* Whether or not to disable file upload over SFTP.
*/
int sftp_disable_upload;
#endif #endif
/** /**

View File

@ -39,6 +39,8 @@ const char* GUAC_SSH_CLIENT_ARGS[] = {
"font-size", "font-size",
"enable-sftp", "enable-sftp",
"sftp-root-directory", "sftp-root-directory",
"sftp-disable-download",
"sftp-disable-upload",
"private-key", "private-key",
"passphrase", "passphrase",
#ifdef ENABLE_SSH_AGENT #ifdef ENABLE_SSH_AGENT
@ -114,6 +116,18 @@ enum SSH_ARGS_IDX {
* filesystem guac_object. If omitted, "/" will be used by default. * filesystem guac_object. If omitted, "/" will be used by default.
*/ */
IDX_SFTP_ROOT_DIRECTORY, IDX_SFTP_ROOT_DIRECTORY,
/**
* "true" if file downloads over SFTP should be blocked. "false" or blank
* if file downloads should be allowed.
*/
IDX_SFTP_DISABLE_DOWNLOAD,
/**
* "true" if file uploads over SFTP should be blocked. "false" or blank if
* file uploads should be allowed.
*/
IDX_SFTP_DISABLE_UPLOAD,
/** /**
* The private key to use for authentication, if any. * The private key to use for authentication, if any.
@ -350,6 +364,16 @@ guac_ssh_settings* guac_ssh_parse_args(guac_user* user,
settings->sftp_root_directory = settings->sftp_root_directory =
guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv,
IDX_SFTP_ROOT_DIRECTORY, "/"); IDX_SFTP_ROOT_DIRECTORY, "/");
/* Disable file downloads. */
settings->sftp_disable_download =
guac_user_parse_args_boolean(user, GUAC_SSH_CLIENT_ARGS, argv,
IDX_SFTP_DISABLE_DOWNLAOD, false);
/* Disable file uploads. */
settings->sftp_disable_upload =
guac_user_parse_args_boolean(user, GUAC_SSH_CLIENT_ARGS, argv,
IDX_SFTP_DISABLE_UPLOAD, false);
#ifdef ENABLE_SSH_AGENT #ifdef ENABLE_SSH_AGENT
settings->enable_agent = settings->enable_agent =

View File

@ -179,6 +179,20 @@ typedef struct guac_ssh_settings {
* filesystem guac_object. * filesystem guac_object.
*/ */
char* sftp_root_directory; char* sftp_root_directory;
/**
* Whether file download over SFTP should be disabled. If set to true, file
* downloads will not be allowed over SFTP. If not set or set to false, file
* downloads will be allowed.
*/
bool disable_download;
/**
* Whether file uploads over SFTP should be disabled. If set to true, file
* uploads will not be allowed over SFTP. If not set or set to false, file
* uploads will be allowed.
*/
bool disable_upload;
#ifdef ENABLE_SSH_AGENT #ifdef ENABLE_SSH_AGENT
/** /**

View File

@ -70,6 +70,8 @@ const char* GUAC_VNC_CLIENT_ARGS[] = {
"sftp-directory", "sftp-directory",
"sftp-root-directory", "sftp-root-directory",
"sftp-server-alive-interval", "sftp-server-alive-interval",
"sftp-disable-download",
"sftp-disable-upload",
#endif #endif
"recording-path", "recording-path",
@ -259,6 +261,18 @@ enum VNC_ARGS_IDX {
* cases. * cases.
*/ */
IDX_SFTP_SERVER_ALIVE_INTERVAL, IDX_SFTP_SERVER_ALIVE_INTERVAL,
/**
* If set to "true", file downloads over SFTP will be blocked. If set to
* "false" or not set, file downloads will be allowed.
*/
IDX_SFTP_DISABLE_DOWNLOAD,
/**
* If set to "true", file uploads over SFTP will be blocked. If set to
* "false" or not set, file uploads will be allowed.
*/
IDX_SFTP_DISABLE_UPLOAD,
#endif #endif
/** /**
@ -486,6 +500,14 @@ guac_vnc_settings* guac_vnc_parse_args(guac_user* user,
settings->sftp_server_alive_interval = settings->sftp_server_alive_interval =
guac_user_parse_args_int(user, GUAC_VNC_CLIENT_ARGS, argv, guac_user_parse_args_int(user, GUAC_VNC_CLIENT_ARGS, argv,
IDX_SFTP_SERVER_ALIVE_INTERVAL, 0); IDX_SFTP_SERVER_ALIVE_INTERVAL, 0);
settings->sftp_disable_download =
guac_user_parse_args_boolean(user, GUAC_VNC_CLIENT_ARGS, argv,
IDX_SFTP_DISABLE_DOWNLOAD, false);
settings->sftp_disable_upload =
guac_user_parse_args_boolean(user, GUAC_VNC_CLIENT_ARGS, argv,
IDX_SFTP_DISABLE_UPLOAD, false);
#endif #endif
/* Read recording path */ /* Read recording path */

View File

@ -211,6 +211,20 @@ typedef struct guac_vnc_settings {
* cases. * cases.
*/ */
int sftp_server_alive_interval; int sftp_server_alive_interval;
/**
* Whether file downloads over SFTP should be blocked. If set to "true",
* the local client will not be able to download files from the SFTP server.
* If set to "false" or not set, file downloads will be allowed.
*/
bool sftp_disable_download;
/**
* Whether file uploads over SFTP should be blocked. If set to "true", the
* local client will not be able to upload files to the SFTP server. If set
* to "false" or not set, file uploads will be allowed.
*/
bool sftp_disable_upload;
#endif #endif
/** /**