mirror of
https://github.com/kasmtech/KasmVNC.git
synced 2025-06-22 10:41:50 +02:00
Prevent read-only clients from changing kasm settings
This commit is contained in:
parent
a27744bca6
commit
1f69d1584a
@ -26,6 +26,7 @@
|
|||||||
#include <rfb/ledStates.h>
|
#include <rfb/ledStates.h>
|
||||||
#include <rfb/ConnParams.h>
|
#include <rfb/ConnParams.h>
|
||||||
#include <rfb/ServerCore.h>
|
#include <rfb/ServerCore.h>
|
||||||
|
#include <rfb/SMsgHandler.h>
|
||||||
#include <rfb/util.h>
|
#include <rfb/util.h>
|
||||||
|
|
||||||
using namespace rfb;
|
using namespace rfb;
|
||||||
@ -43,7 +44,7 @@ ConnParams::ConnParams()
|
|||||||
supportsContinuousUpdates(false),
|
supportsContinuousUpdates(false),
|
||||||
compressLevel(2), qualityLevel(-1), fineQualityLevel(-1),
|
compressLevel(2), qualityLevel(-1), fineQualityLevel(-1),
|
||||||
subsampling(subsampleUndefined), name_(0), verStrPos(0),
|
subsampling(subsampleUndefined), name_(0), verStrPos(0),
|
||||||
ledState_(ledUnknown)
|
ledState_(ledUnknown), shandler(NULL)
|
||||||
{
|
{
|
||||||
memset(kasmPassed, 0, KASM_NUM_SETTINGS);
|
memset(kasmPassed, 0, KASM_NUM_SETTINGS);
|
||||||
setName("");
|
setName("");
|
||||||
@ -124,6 +125,8 @@ void ConnParams::setEncodings(int nEncodings, const rdr::S32* encodings)
|
|||||||
encodings_.clear();
|
encodings_.clear();
|
||||||
encodings_.insert(encodingRaw);
|
encodings_.insert(encodingRaw);
|
||||||
|
|
||||||
|
bool canChangeSettings = !shandler || shandler->canChangeKasmSettings();
|
||||||
|
|
||||||
for (int i = nEncodings-1; i >= 0; i--) {
|
for (int i = nEncodings-1; i >= 0; i--) {
|
||||||
switch (encodings[i]) {
|
switch (encodings[i]) {
|
||||||
case encodingCopyRect:
|
case encodingCopyRect:
|
||||||
@ -184,11 +187,11 @@ void ConnParams::setEncodings(int nEncodings, const rdr::S32* encodings)
|
|||||||
subsampling = subsample16X;
|
subsampling = subsample16X;
|
||||||
break;
|
break;
|
||||||
case pseudoEncodingPreferBandwidth:
|
case pseudoEncodingPreferBandwidth:
|
||||||
if (!rfb::Server::ignoreClientSettingsKasm)
|
if (!rfb::Server::ignoreClientSettingsKasm && canChangeSettings)
|
||||||
Server::preferBandwidth.setParam();
|
Server::preferBandwidth.setParam();
|
||||||
break;
|
break;
|
||||||
case pseudoEncodingMaxVideoResolution:
|
case pseudoEncodingMaxVideoResolution:
|
||||||
if (!rfb::Server::ignoreClientSettingsKasm)
|
if (!rfb::Server::ignoreClientSettingsKasm && canChangeSettings)
|
||||||
kasmPassed[KASM_MAX_VIDEO_RESOLUTION] = true;
|
kasmPassed[KASM_MAX_VIDEO_RESOLUTION] = true;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -205,7 +208,7 @@ void ConnParams::setEncodings(int nEncodings, const rdr::S32* encodings)
|
|||||||
encodings[i] <= pseudoEncodingFineQualityLevel100)
|
encodings[i] <= pseudoEncodingFineQualityLevel100)
|
||||||
fineQualityLevel = encodings[i] - pseudoEncodingFineQualityLevel0;
|
fineQualityLevel = encodings[i] - pseudoEncodingFineQualityLevel0;
|
||||||
|
|
||||||
if (!rfb::Server::ignoreClientSettingsKasm) {
|
if (!rfb::Server::ignoreClientSettingsKasm && canChangeSettings) {
|
||||||
if (encodings[i] >= pseudoEncodingJpegVideoQualityLevel0 &&
|
if (encodings[i] >= pseudoEncodingJpegVideoQualityLevel0 &&
|
||||||
encodings[i] <= pseudoEncodingJpegVideoQualityLevel9)
|
encodings[i] <= pseudoEncodingJpegVideoQualityLevel9)
|
||||||
Server::jpegVideoQuality.setParam(encodings[i] - pseudoEncodingJpegVideoQualityLevel0);
|
Server::jpegVideoQuality.setParam(encodings[i] - pseudoEncodingJpegVideoQualityLevel0);
|
||||||
|
@ -42,6 +42,8 @@ namespace rfb {
|
|||||||
const int subsample8X = 4;
|
const int subsample8X = 4;
|
||||||
const int subsample16X = 5;
|
const int subsample16X = 5;
|
||||||
|
|
||||||
|
class SMsgHandler;
|
||||||
|
|
||||||
class ConnParams {
|
class ConnParams {
|
||||||
public:
|
public:
|
||||||
ConnParams();
|
ConnParams();
|
||||||
@ -74,6 +76,8 @@ namespace rfb {
|
|||||||
const PixelFormat& pf() const { return pf_; }
|
const PixelFormat& pf() const { return pf_; }
|
||||||
void setPF(const PixelFormat& pf);
|
void setPF(const PixelFormat& pf);
|
||||||
|
|
||||||
|
void setSHandler(SMsgHandler *s) { shandler = s; }
|
||||||
|
|
||||||
const char* name() const { return name_; }
|
const char* name() const { return name_; }
|
||||||
void setName(const char* name);
|
void setName(const char* name);
|
||||||
|
|
||||||
@ -136,6 +140,7 @@ namespace rfb {
|
|||||||
char verStr[13];
|
char verStr[13];
|
||||||
int verStrPos;
|
int verStrPos;
|
||||||
unsigned int ledState_;
|
unsigned int ledState_;
|
||||||
|
SMsgHandler *shandler;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
@ -24,6 +24,7 @@ using namespace rfb;
|
|||||||
|
|
||||||
SMsgHandler::SMsgHandler()
|
SMsgHandler::SMsgHandler()
|
||||||
{
|
{
|
||||||
|
cp.setSHandler(this);
|
||||||
}
|
}
|
||||||
|
|
||||||
SMsgHandler::~SMsgHandler()
|
SMsgHandler::~SMsgHandler()
|
||||||
|
@ -56,6 +56,8 @@ namespace rfb {
|
|||||||
|
|
||||||
virtual void sendStats() = 0;
|
virtual void sendStats() = 0;
|
||||||
|
|
||||||
|
virtual bool canChangeKasmSettings() const = 0;
|
||||||
|
|
||||||
// InputHandler interface
|
// InputHandler interface
|
||||||
// The InputHandler methods will be called for the corresponding messages.
|
// The InputHandler methods will be called for the corresponding messages.
|
||||||
|
|
||||||
|
@ -151,7 +151,7 @@ void SMsgReader::readSetMaxVideoResolution()
|
|||||||
width = is->readU16();
|
width = is->readU16();
|
||||||
height = is->readU16();
|
height = is->readU16();
|
||||||
|
|
||||||
if (!rfb::Server::ignoreClientSettingsKasm) {
|
if (!rfb::Server::ignoreClientSettingsKasm && handler->canChangeKasmSettings()) {
|
||||||
sprintf(tmp, "%ux%u", width, height);
|
sprintf(tmp, "%ux%u", width, height);
|
||||||
rfb::Server::maxVideoResolution.setParam(tmp);
|
rfb::Server::maxVideoResolution.setParam(tmp);
|
||||||
}
|
}
|
||||||
|
@ -183,6 +183,10 @@ namespace rfb {
|
|||||||
virtual void supportsLEDState();
|
virtual void supportsLEDState();
|
||||||
|
|
||||||
virtual void sendStats();
|
virtual void sendStats();
|
||||||
|
virtual bool canChangeKasmSettings() const {
|
||||||
|
return (accessRights & (AccessPtrEvents | AccessKeyEvents)) ==
|
||||||
|
(AccessPtrEvents | AccessKeyEvents);
|
||||||
|
}
|
||||||
|
|
||||||
// setAccessRights() allows a security package to limit the access rights
|
// setAccessRights() allows a security package to limit the access rights
|
||||||
// of a VNCSConnectioST to the server. These access rights are applied
|
// of a VNCSConnectioST to the server. These access rights are applied
|
||||||
|
Loading…
x
Reference in New Issue
Block a user