GUACAMOLE-381: Merge add parameters for disabling clipboard copy/paste.

This commit is contained in:
Virtually Nick 2019-02-24 22:41:47 -05:00 committed by GitHub
commit 5e2ddb890a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
24 changed files with 277 additions and 35 deletions

View File

@ -237,7 +237,7 @@ void* guac_kubernetes_client_thread(void* data) {
/* Create terminal */ /* Create terminal */
kubernetes_client->term = guac_terminal_create(client, kubernetes_client->term = guac_terminal_create(client,
kubernetes_client->clipboard, kubernetes_client->clipboard, settings->disable_copy,
settings->max_scrollback, settings->font_name, settings->font_size, settings->max_scrollback, settings->font_name, settings->font_size,
settings->resolution, settings->width, settings->height, settings->resolution, settings->width, settings->height,
settings->color_scheme, settings->backspace); settings->color_scheme, settings->backspace);

View File

@ -50,6 +50,8 @@ const char* GUAC_KUBERNETES_CLIENT_ARGS[] = {
"read-only", "read-only",
"backspace", "backspace",
"scrollback", "scrollback",
"disable-copy",
"disable-paste",
NULL NULL
}; };
@ -216,6 +218,20 @@ enum KUBERNETES_ARGS_IDX {
*/ */
IDX_SCROLLBACK, IDX_SCROLLBACK,
/**
* Whether outbound clipboard access should be blocked. If set to "true",
* it will not be possible to copy data from the terminal to the client
* using the clipboard. By default, clipboard access is not blocked.
*/
IDX_DISABLE_COPY,
/**
* Whether inbound clipboard access should be blocked. If set to "true", it
* will not be possible to paste data from the client to the terminal using
* the clipboard. By default, clipboard access is not blocked.
*/
IDX_DISABLE_PASTE,
KUBERNETES_ARGS_COUNT KUBERNETES_ARGS_COUNT
}; };
@ -364,6 +380,16 @@ guac_kubernetes_settings* guac_kubernetes_parse_args(guac_user* user,
guac_user_parse_args_int(user, GUAC_KUBERNETES_CLIENT_ARGS, argv, guac_user_parse_args_int(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
IDX_BACKSPACE, 127); IDX_BACKSPACE, 127);
/* Parse clipboard copy disable flag */
settings->disable_copy =
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
IDX_DISABLE_COPY, false);
/* Parse clipboard paste disable flag */
settings->disable_paste =
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
IDX_DISABLE_PASTE, false);
/* Parsing was successful */ /* Parsing was successful */
return settings; return settings;

View File

@ -170,6 +170,20 @@ typedef struct guac_kubernetes_settings {
*/ */
int resolution; int resolution;
/**
* Whether outbound clipboard access should be blocked. If set, it will not
* be possible to copy data from the terminal to the client using the
* clipboard.
*/
bool disable_copy;
/**
* Whether inbound clipboard access should be blocked. If set, it will not
* be possible to paste data from the client to the terminal using the
* clipboard.
*/
bool disable_paste;
/** /**
* The path in which the typescript should be saved, if enabled. If no * The path in which the typescript should be saved, if enabled. If no
* typescript should be saved, this will be NULL. * typescript should be saved, this will be NULL.

View File

@ -79,9 +79,12 @@ int guac_kubernetes_user_join_handler(guac_user* user, int argc, char** argv) {
/* Only handle events if not read-only */ /* Only handle events if not read-only */
if (!settings->read_only) { if (!settings->read_only) {
/* General mouse/keyboard/clipboard events */ /* General mouse/keyboard events */
user->key_handler = guac_kubernetes_user_key_handler; user->key_handler = guac_kubernetes_user_key_handler;
user->mouse_handler = guac_kubernetes_user_mouse_handler; user->mouse_handler = guac_kubernetes_user_mouse_handler;
/* Inbound (client to server) clipboard transfer */
if (!settings->disable_paste)
user->clipboard_handler = guac_kubernetes_clipboard_handler; user->clipboard_handler = guac_kubernetes_clipboard_handler;
/* STDIN redirection */ /* STDIN redirection */

View File

@ -240,11 +240,13 @@ BOOL rdp_freerdp_pre_connect(freerdp* instance) {
guac_rdp_audio_load_plugin(instance->context, dvc_list); guac_rdp_audio_load_plugin(instance->context, dvc_list);
} }
/* Load clipboard plugin */ /* Load clipboard plugin if not disabled */
if (freerdp_channels_load_plugin(channels, instance->settings, if (!(settings->disable_copy && settings->disable_paste)
"cliprdr", NULL)) && freerdp_channels_load_plugin(channels, instance->settings,
"cliprdr", NULL)) {
guac_client_log(client, GUAC_LOG_WARNING, guac_client_log(client, GUAC_LOG_WARNING,
"Failed to load cliprdr plugin. Clipboard will not work."); "Failed to load cliprdr plugin. Clipboard will not work.");
}
/* If RDPSND/RDPDR required, load them */ /* If RDPSND/RDPDR required, load them */
if (settings->printing_enabled if (settings->printing_enabled

View File

@ -230,6 +230,10 @@ void guac_rdp_process_cb_data_response(guac_client* client,
guac_rdp_client* rdp_client = (guac_rdp_client*) client->data; guac_rdp_client* rdp_client = (guac_rdp_client*) client->data;
char received_data[GUAC_RDP_CLIPBOARD_MAX_LENGTH]; char received_data[GUAC_RDP_CLIPBOARD_MAX_LENGTH];
/* Ignore received text if outbound clipboard transfer is disabled */
if (rdp_client->settings->disable_copy)
return;
guac_iconv_read* reader; guac_iconv_read* reader;
const char* input = (char*) event->data; const char* input = (char*) event->data;
char* output = received_data; char* output = received_data;

View File

@ -118,6 +118,8 @@ const char* GUAC_RDP_CLIENT_ARGS[] = {
"load-balance-info", "load-balance-info",
#endif #endif
"disable-copy",
"disable-paste",
NULL NULL
}; };
@ -545,6 +547,20 @@ enum RDP_ARGS_IDX {
IDX_LOAD_BALANCE_INFO, IDX_LOAD_BALANCE_INFO,
#endif #endif
/**
* Whether outbound clipboard access should be blocked. If set to "true",
* it will not be possible to copy data from the remote desktop to the
* client using the clipboard. By default, clipboard access is not blocked.
*/
IDX_DISABLE_COPY,
/**
* Whether inbound clipboard access should be blocked. If set to "true", it
* will not be possible to paste data from the client to the remote desktop
* using the clipboard. By default, clipboard access is not blocked.
*/
IDX_DISABLE_PASTE,
RDP_ARGS_COUNT RDP_ARGS_COUNT
}; };
@ -1007,6 +1023,16 @@ guac_rdp_settings* guac_rdp_parse_args(guac_user* user,
IDX_LOAD_BALANCE_INFO, NULL); IDX_LOAD_BALANCE_INFO, NULL);
#endif #endif
/* Parse clipboard copy disable flag */
settings->disable_copy =
guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_DISABLE_COPY, 0);
/* Parse clipboard paste disable flag */
settings->disable_paste =
guac_user_parse_args_boolean(user, GUAC_RDP_CLIENT_ARGS, argv,
IDX_DISABLE_PASTE, 0);
/* Success */ /* Success */
return settings; return settings;

View File

@ -268,6 +268,20 @@ typedef struct guac_rdp_settings {
*/ */
char** svc_names; char** svc_names;
/**
* Whether outbound clipboard access should be blocked. If set, it will not
* be possible to copy data from the remote desktop to the client using the
* clipboard.
*/
int disable_copy;
/**
* Whether inbound clipboard access should be blocked. If set, it will not
* be possible to paste data from the client to the remote desktop using
* the clipboard.
*/
int disable_paste;
/** /**
* Whether the desktop wallpaper should be visible. If unset, the desktop * Whether the desktop wallpaper should be visible. If unset, the desktop
* wallpaper will be hidden, reducing the amount of bandwidth required. * wallpaper will be hidden, reducing the amount of bandwidth required.

View File

@ -97,9 +97,12 @@ int guac_rdp_user_join_handler(guac_user* user, int argc, char** argv) {
/* Only handle events if not read-only */ /* Only handle events if not read-only */
if (!settings->read_only) { if (!settings->read_only) {
/* General mouse/keyboard/clipboard events */ /* General mouse/keyboard events */
user->mouse_handler = guac_rdp_user_mouse_handler; user->mouse_handler = guac_rdp_user_mouse_handler;
user->key_handler = guac_rdp_user_key_handler; user->key_handler = guac_rdp_user_key_handler;
/* Inbound (client to server) clipboard transfer */
if (!settings->disable_paste)
user->clipboard_handler = guac_rdp_clipboard_handler; user->clipboard_handler = guac_rdp_clipboard_handler;
/* Display size change events */ /* Display size change events */

View File

@ -62,6 +62,8 @@ const char* GUAC_SSH_CLIENT_ARGS[] = {
"scrollback", "scrollback",
"locale", "locale",
"timezone", "timezone",
"disable-copy",
"disable-paste",
NULL NULL
}; };
@ -258,6 +260,20 @@ enum SSH_ARGS_IDX {
*/ */
IDX_TIMEZONE, IDX_TIMEZONE,
/**
* Whether outbound clipboard access should be blocked. If set to "true",
* it will not be possible to copy data from the terminal to the client
* using the clipboard. By default, clipboard access is not blocked.
*/
IDX_DISABLE_COPY,
/**
* Whether inbound clipboard access should be blocked. If set to "true", it
* will not be possible to paste data from the client to the terminal using
* the clipboard. By default, clipboard access is not blocked.
*/
IDX_DISABLE_PASTE,
SSH_ARGS_COUNT SSH_ARGS_COUNT
}; };
@ -426,6 +442,16 @@ guac_ssh_settings* guac_ssh_parse_args(guac_user* user,
guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_SSH_CLIENT_ARGS, argv,
IDX_TIMEZONE, NULL); IDX_TIMEZONE, NULL);
/* Parse clipboard copy disable flag */
settings->disable_copy =
guac_user_parse_args_boolean(user, GUAC_SSH_CLIENT_ARGS, argv,
IDX_DISABLE_COPY, false);
/* Parse clipboard paste disable flag */
settings->disable_paste =
guac_user_parse_args_boolean(user, GUAC_SSH_CLIENT_ARGS, argv,
IDX_DISABLE_PASTE, false);
/* Parsing was successful */ /* Parsing was successful */
return settings; return settings;

View File

@ -155,6 +155,20 @@ typedef struct guac_ssh_settings {
*/ */
int resolution; int resolution;
/**
* Whether outbound clipboard access should be blocked. If set, it will not
* be possible to copy data from the terminal to the client using the
* clipboard.
*/
bool disable_copy;
/**
* Whether inbound clipboard access should be blocked. If set, it will not
* be possible to paste data from the client to the terminal using the
* clipboard.
*/
bool disable_paste;
/** /**
* Whether SFTP is enabled. * Whether SFTP is enabled.
*/ */

View File

@ -207,9 +207,10 @@ void* ssh_client_thread(void* data) {
/* Create terminal */ /* Create terminal */
ssh_client->term = guac_terminal_create(client, ssh_client->clipboard, ssh_client->term = guac_terminal_create(client, ssh_client->clipboard,
settings->max_scrollback, settings->font_name, settings->font_size, settings->disable_copy, settings->max_scrollback,
settings->resolution, settings->width, settings->height, settings->font_name, settings->font_size, settings->resolution,
settings->color_scheme, settings->backspace); settings->width, settings->height, settings->color_scheme,
settings->backspace);
/* Fail if terminal init failed */ /* Fail if terminal init failed */
if (ssh_client->term == NULL) { if (ssh_client->term == NULL) {

View File

@ -80,9 +80,12 @@ int guac_ssh_user_join_handler(guac_user* user, int argc, char** argv) {
/* Only handle events if not read-only */ /* Only handle events if not read-only */
if (!settings->read_only) { if (!settings->read_only) {
/* General mouse/keyboard/clipboard events */ /* General mouse/keyboard events */
user->key_handler = guac_ssh_user_key_handler; user->key_handler = guac_ssh_user_key_handler;
user->mouse_handler = guac_ssh_user_mouse_handler; user->mouse_handler = guac_ssh_user_mouse_handler;
/* Inbound (client to server) clipboard transfer */
if (!settings->disable_paste)
user->clipboard_handler = guac_ssh_clipboard_handler; user->clipboard_handler = guac_ssh_clipboard_handler;
/* STDIN redirection */ /* STDIN redirection */

View File

@ -55,6 +55,8 @@ const char* GUAC_TELNET_CLIENT_ARGS[] = {
"scrollback", "scrollback",
"login-success-regex", "login-success-regex",
"login-failure-regex", "login-failure-regex",
"disable-copy",
"disable-paste",
NULL NULL
}; };
@ -216,6 +218,20 @@ enum TELNET_ARGS_IDX {
*/ */
IDX_LOGIN_FAILURE_REGEX, IDX_LOGIN_FAILURE_REGEX,
/**
* Whether outbound clipboard access should be blocked. If set to "true",
* it will not be possible to copy data from the terminal to the client
* using the clipboard. By default, clipboard access is not blocked.
*/
IDX_DISABLE_COPY,
/**
* Whether inbound clipboard access should be blocked. If set to "true", it
* will not be possible to paste data from the client to the terminal using
* the clipboard. By default, clipboard access is not blocked.
*/
IDX_DISABLE_PASTE,
TELNET_ARGS_COUNT TELNET_ARGS_COUNT
}; };
@ -428,6 +444,16 @@ guac_telnet_settings* guac_telnet_parse_args(guac_user* user,
guac_user_parse_args_string(user, GUAC_TELNET_CLIENT_ARGS, argv, guac_user_parse_args_string(user, GUAC_TELNET_CLIENT_ARGS, argv,
IDX_TERMINAL_TYPE, "linux"); IDX_TERMINAL_TYPE, "linux");
/* Parse clipboard copy disable flag */
settings->disable_copy =
guac_user_parse_args_boolean(user, GUAC_TELNET_CLIENT_ARGS, argv,
IDX_DISABLE_COPY, false);
/* Parse clipboard paste disable flag */
settings->disable_paste =
guac_user_parse_args_boolean(user, GUAC_TELNET_CLIENT_ARGS, argv,
IDX_DISABLE_PASTE, false);
/* Parsing was successful */ /* Parsing was successful */
return settings; return settings;

View File

@ -171,6 +171,20 @@ typedef struct guac_telnet_settings {
*/ */
int resolution; int resolution;
/**
* Whether outbound clipboard access should be blocked. If set, it will not
* be possible to copy data from the terminal to the client using the
* clipboard.
*/
bool disable_copy;
/**
* Whether inbound clipboard access should be blocked. If set, it will not
* be possible to paste data from the client to the terminal using the
* clipboard.
*/
bool disable_paste;
/** /**
* The path in which the typescript should be saved, if enabled. If no * The path in which the typescript should be saved, if enabled. If no
* typescript should be saved, this will be NULL. * typescript should be saved, this will be NULL.

View File

@ -568,7 +568,7 @@ void* guac_telnet_client_thread(void* data) {
/* Create terminal */ /* Create terminal */
telnet_client->term = guac_terminal_create(client, telnet_client->term = guac_terminal_create(client,
telnet_client->clipboard, telnet_client->clipboard, settings->disable_copy,
settings->max_scrollback, settings->font_name, settings->font_size, settings->max_scrollback, settings->font_name, settings->font_size,
settings->resolution, settings->width, settings->height, settings->resolution, settings->width, settings->height,
settings->color_scheme, settings->backspace); settings->color_scheme, settings->backspace);

View File

@ -79,9 +79,12 @@ int guac_telnet_user_join_handler(guac_user* user, int argc, char** argv) {
/* Only handle events if not read-only */ /* Only handle events if not read-only */
if (!settings->read_only) { if (!settings->read_only) {
/* General mouse/keyboard/clipboard events */ /* General mouse/keyboard events */
user->key_handler = guac_telnet_user_key_handler; user->key_handler = guac_telnet_user_key_handler;
user->mouse_handler = guac_telnet_user_mouse_handler; user->mouse_handler = guac_telnet_user_mouse_handler;
/* Inbound (client to server) clipboard transfer */
if (!settings->disable_paste)
user->clipboard_handler = guac_telnet_clipboard_handler; user->clipboard_handler = guac_telnet_clipboard_handler;
/* STDIN redirection */ /* STDIN redirection */

View File

@ -125,6 +125,10 @@ void guac_vnc_cut_text(rfbClient* client, const char* text, int textlen) {
guac_client* gc = rfbClientGetClientData(client, GUAC_VNC_CLIENT_KEY); guac_client* gc = rfbClientGetClientData(client, GUAC_VNC_CLIENT_KEY);
guac_vnc_client* vnc_client = (guac_vnc_client*) gc->data; guac_vnc_client* vnc_client = (guac_vnc_client*) gc->data;
/* Ignore received text if outbound clipboard transfer is disabled */
if (vnc_client->settings->disable_copy)
return;
char received_data[GUAC_VNC_CLIPBOARD_MAX_LENGTH]; char received_data[GUAC_VNC_CLIPBOARD_MAX_LENGTH];
const char* input = text; const char* input = text;

View File

@ -77,7 +77,8 @@ const char* GUAC_VNC_CLIENT_ARGS[] = {
"recording-exclude-mouse", "recording-exclude-mouse",
"recording-include-keys", "recording-include-keys",
"create-recording-path", "create-recording-path",
"disable-copy",
"disable-paste",
NULL NULL
}; };
@ -298,6 +299,20 @@ enum VNC_ARGS_IDX {
*/ */
IDX_CREATE_RECORDING_PATH, IDX_CREATE_RECORDING_PATH,
/**
* Whether outbound clipboard access should be blocked. If set to "true",
* it will not be possible to copy data from the remote desktop to the
* client using the clipboard. By default, clipboard access is not blocked.
*/
IDX_DISABLE_COPY,
/**
* Whether inbound clipboard access should be blocked. If set to "true", it
* will not be possible to paste data from the client to the remote desktop
* using the clipboard. By default, clipboard access is not blocked.
*/
IDX_DISABLE_PASTE,
VNC_ARGS_COUNT VNC_ARGS_COUNT
}; };
@ -493,6 +508,16 @@ guac_vnc_settings* guac_vnc_parse_args(guac_user* user,
guac_user_parse_args_boolean(user, GUAC_VNC_CLIENT_ARGS, argv, guac_user_parse_args_boolean(user, GUAC_VNC_CLIENT_ARGS, argv,
IDX_CREATE_RECORDING_PATH, false); IDX_CREATE_RECORDING_PATH, false);
/* Parse clipboard copy disable flag */
settings->disable_copy =
guac_user_parse_args_boolean(user, GUAC_VNC_CLIENT_ARGS, argv,
IDX_DISABLE_COPY, false);
/* Parse clipboard paste disable flag */
settings->disable_paste =
guac_user_parse_args_boolean(user, GUAC_VNC_CLIENT_ARGS, argv,
IDX_DISABLE_PASTE, false);
return settings; return settings;
} }

View File

@ -127,6 +127,20 @@ typedef struct guac_vnc_settings {
*/ */
char* clipboard_encoding; char* clipboard_encoding;
/**
* Whether outbound clipboard access should be blocked. If set, it will not
* be possible to copy data from the remote desktop to the client using the
* clipboard.
*/
bool disable_copy;
/**
* Whether inbound clipboard access should be blocked. If set, it will not
* be possible to paste data from the client to the remote desktop using
* the clipboard.
*/
bool disable_paste;
#ifdef ENABLE_COMMON_SSH #ifdef ENABLE_COMMON_SSH
/** /**
* Whether SFTP should be enabled for the VNC connection. * Whether SFTP should be enabled for the VNC connection.

View File

@ -91,9 +91,12 @@ int guac_vnc_user_join_handler(guac_user* user, int argc, char** argv) {
/* Only handle events if not read-only */ /* Only handle events if not read-only */
if (!settings->read_only) { if (!settings->read_only) {
/* General mouse/keyboard/clipboard events */ /* General mouse/keyboard events */
user->mouse_handler = guac_vnc_user_mouse_handler; user->mouse_handler = guac_vnc_user_mouse_handler;
user->key_handler = guac_vnc_user_key_handler; user->key_handler = guac_vnc_user_key_handler;
/* Inbound (client to server) clipboard transfer */
if (!settings->disable_paste)
user->clipboard_handler = guac_vnc_clipboard_handler; user->clipboard_handler = guac_vnc_clipboard_handler;
#ifdef ENABLE_COMMON_SSH #ifdef ENABLE_COMMON_SSH

View File

@ -375,8 +375,10 @@ void guac_terminal_select_end(guac_terminal* terminal) {
} }
/* Send data */ /* Send data */
if (!terminal->disable_copy) {
guac_common_clipboard_send(terminal->clipboard, client); guac_common_clipboard_send(terminal->clipboard, client);
guac_socket_flush(socket); guac_socket_flush(socket);
}
guac_terminal_notify(terminal); guac_terminal_notify(terminal);

View File

@ -306,8 +306,8 @@ void* guac_terminal_thread(void* data) {
} }
guac_terminal* guac_terminal_create(guac_client* client, guac_terminal* guac_terminal_create(guac_client* client,
guac_common_clipboard* clipboard, int max_scrollback, guac_common_clipboard* clipboard, bool disable_copy,
const char* font_name, int font_size, int dpi, int max_scrollback, const char* font_name, int font_size, int dpi,
int width, int height, const char* color_scheme, int width, int height, const char* color_scheme,
const int backspace) { const int backspace) {
@ -404,6 +404,7 @@ guac_terminal* guac_terminal_create(guac_client* client,
term->current_attributes = default_char.attributes; term->current_attributes = default_char.attributes;
term->default_char = default_char; term->default_char = default_char;
term->clipboard = clipboard; term->clipboard = clipboard;
term->disable_copy = disable_copy;
/* Calculate character size */ /* Calculate character size */
int rows = height / term->display->char_height; int rows = height / term->display->char_height;

View File

@ -511,6 +511,14 @@ struct guac_terminal {
*/ */
char backspace; char backspace;
/**
* Whether copying from the terminal clipboard should be blocked. If set,
* the contents of the terminal can still be copied, but will be usable
* only within the terminal itself. The clipboard contents will not be
* automatically streamed to the client.
*/
bool disable_copy;
}; };
/** /**
@ -533,6 +541,12 @@ struct guac_terminal {
* clipboard instructions. This clipboard will not be automatically * clipboard instructions. This clipboard will not be automatically
* freed when this terminal is freed. * freed when this terminal is freed.
* *
* @param disable_copy
* Whether copying from the terminal clipboard should be blocked. If set,
* the contents of the terminal can still be copied, but will be usable
* only within the terminal itself. The clipboard contents will not be
* automatically streamed to the client.
*
* @param max_scrollback * @param max_scrollback
* The maximum number of rows to allow within the scrollback buffer. The * The maximum number of rows to allow within the scrollback buffer. The
* user may still alter the size of the scrollback buffer using terminal * user may still alter the size of the scrollback buffer using terminal
@ -575,8 +589,8 @@ struct guac_terminal {
* which renders all text to the given client. * which renders all text to the given client.
*/ */
guac_terminal* guac_terminal_create(guac_client* client, guac_terminal* guac_terminal_create(guac_client* client,
guac_common_clipboard* clipboard, int max_scrollback, guac_common_clipboard* clipboard, bool disable_copy,
const char* font_name, int font_size, int dpi, int max_scrollback, const char* font_name, int font_size, int dpi,
int width, int height, const char* color_scheme, int width, int height, const char* color_scheme,
const int backspace); const int backspace);