Merge branch 'users' into packages_and_multiuser_passwd

common/rfb/CMakeLists.txt

@@ -1,4 +1,5 @@
-include_directories(${CMAKE_SOURCE_DIR}/common ${JPEG_INCLUDE_DIR})
+include_directories(${CMAKE_SOURCE_DIR}/common ${JPEG_INCLUDE_DIR}
+                    ${CMAKE_SOURCE_DIR}/unix/kasmvncpasswd)
 
 set(RFB_SOURCES
   Blacklist.cxx

common/rfb/ConnParams.cxx

@@ -26,6 +26,7 @@
 #include <rfb/ledStates.h>
 #include <rfb/ConnParams.h>
 #include <rfb/ServerCore.h>
+#include <rfb/SMsgHandler.h>
 #include <rfb/util.h>
 
 using namespace rfb;
@@ -43,7 +44,7 @@ ConnParams::ConnParams()
     supportsContinuousUpdates(false),
     compressLevel(2), qualityLevel(-1), fineQualityLevel(-1),
     subsampling(subsampleUndefined), name_(0), verStrPos(0),
-    ledState_(ledUnknown)
+    ledState_(ledUnknown), shandler(NULL)
 {
   memset(kasmPassed, 0, KASM_NUM_SETTINGS);
   setName("");
@@ -124,6 +125,8 @@ void ConnParams::setEncodings(int nEncodings, const rdr::S32* encodings)
   encodings_.clear();
   encodings_.insert(encodingRaw);
 
+  bool canChangeSettings = !shandler || shandler->canChangeKasmSettings();
+
   for (int i = nEncodings-1; i >= 0; i--) {
     switch (encodings[i]) {
     case encodingCopyRect:
@@ -184,11 +187,11 @@ void ConnParams::setEncodings(int nEncodings, const rdr::S32* encodings)
       subsampling = subsample16X;
       break;
     case pseudoEncodingPreferBandwidth:
-      if (!rfb::Server::ignoreClientSettingsKasm)
+      if (!rfb::Server::ignoreClientSettingsKasm && canChangeSettings)
         Server::preferBandwidth.setParam();
       break;
     case pseudoEncodingMaxVideoResolution:
-      if (!rfb::Server::ignoreClientSettingsKasm)
+      if (!rfb::Server::ignoreClientSettingsKasm && canChangeSettings)
         kasmPassed[KASM_MAX_VIDEO_RESOLUTION] = true;
       break;
     }
@@ -205,7 +208,7 @@ void ConnParams::setEncodings(int nEncodings, const rdr::S32* encodings)
         encodings[i] <= pseudoEncodingFineQualityLevel100)
       fineQualityLevel = encodings[i] - pseudoEncodingFineQualityLevel0;
 
-    if (!rfb::Server::ignoreClientSettingsKasm) {
+    if (!rfb::Server::ignoreClientSettingsKasm && canChangeSettings) {
       if (encodings[i] >= pseudoEncodingJpegVideoQualityLevel0 &&
           encodings[i] <= pseudoEncodingJpegVideoQualityLevel9)
           Server::jpegVideoQuality.setParam(encodings[i] - pseudoEncodingJpegVideoQualityLevel0);

common/rfb/ConnParams.h

@@ -42,6 +42,8 @@ namespace rfb {
   const int subsample8X = 4;
   const int subsample16X = 5;
 
+  class SMsgHandler;
+
   class ConnParams {
   public:
     ConnParams();
@@ -74,6 +76,8 @@ namespace rfb {
     const PixelFormat& pf() const { return pf_; }
     void setPF(const PixelFormat& pf);
 
+    void setSHandler(SMsgHandler *s) { shandler = s; }
+
     const char* name() const { return name_; }
     void setName(const char* name);
 
@@ -136,6 +140,7 @@ namespace rfb {
     char verStr[13];
     int verStrPos;
     unsigned int ledState_;
+    SMsgHandler *shandler;
   };
 }
 #endif

common/rfb/SMsgHandler.cxx

@@ -24,6 +24,7 @@ using namespace rfb;
 
 SMsgHandler::SMsgHandler()
 {
+  cp.setSHandler(this);
 }
 
 SMsgHandler::~SMsgHandler()

common/rfb/SMsgHandler.h

@@ -56,6 +56,8 @@ namespace rfb {
 
     virtual void sendStats() = 0;
 
+    virtual bool canChangeKasmSettings() const = 0;
+
     // InputHandler interface
     // The InputHandler methods will be called for the corresponding messages.
 

common/rfb/SMsgReader.cxx

@@ -151,7 +151,7 @@ void SMsgReader::readSetMaxVideoResolution()
   width = is->readU16();
   height = is->readU16();
 
-  if (!rfb::Server::ignoreClientSettingsKasm) {
+  if (!rfb::Server::ignoreClientSettingsKasm && handler->canChangeKasmSettings()) {
     sprintf(tmp, "%ux%u", width, height);
     rfb::Server::maxVideoResolution.setParam(tmp);
   }

common/rfb/VNCSConnectionST.cxx

@@ -38,6 +38,9 @@
 #include <ctype.h>
 #include <stdlib.h>
 #include <stdint.h>
+#include <wordexp.h>
+
+#include "kasmpasswd.h"
 
 using namespace rfb;
 
@@ -45,6 +48,8 @@ static LogWriter vlog("VNCSConnST");
 
 static Cursor emptyCursor(0, 0, Point(0, 0), NULL);
 
+extern rfb::StringParameter basicauth;
+
 VNCSConnectionST::VNCSConnectionST(VNCServerST* server_, network::Socket *s,
                                    bool reverse)
   : sock(s), reverseConnection(reverse),
@@ -54,7 +59,7 @@ VNCSConnectionST::VNCSConnectionST(VNCServerST* server_, network::Socket *s,
     losslessTimer(this), kbdLogTimer(this), server(server_), updates(false),
     updateRenderedCursor(false), removeRenderedCursor(false),
     continuousUpdates(false), encodeManager(this, &server_->encCache),
-    pointerEventTime(0),
+    needsPermCheck(false), pointerEventTime(0),
     clientHasCursor(false),
     accessRights(AccessDefault), startTime(time(0))
 {
@@ -65,6 +70,25 @@ VNCSConnectionST::VNCSConnectionST(VNCServerST* server_, network::Socket *s,
   memset(bstats_total, 0, sizeof(bstats_total));
   gettimeofday(&connStart, NULL);
 
+  // Check their permissions, if applicable
+  kasmpasswdpath[0] = '\0';
+  wordexp_t wexp;
+  if (!wordexp(rfb::Server::kasmPasswordFile, &wexp, WRDE_NOCMD))
+    strncpy(kasmpasswdpath, wexp.we_wordv[0], 4096);
+  kasmpasswdpath[4095] = '\0';
+  wordfree(&wexp);
+
+  user[0] = '\0';
+  const char *at = strchr(peerEndpoint.buf, '@');
+  if (at && at - peerEndpoint.buf > 1 && at - peerEndpoint.buf < 32) {
+    memcpy(user, peerEndpoint.buf, at - peerEndpoint.buf);
+    user[at - peerEndpoint.buf] = '\0';
+  }
+
+  bool write, owner;
+  if (!getPerms(write, owner) || !write)
+    accessRights = (accessRights & ~(AccessPtrEvents | AccessKeyEvents | AccessSetDesktopSize));
+
   // Configure the socket
   setSocketTimeouts();
   lastEventTime = time(0);
@@ -1001,6 +1025,34 @@ bool VNCSConnectionST::isShiftPressed()
   return false;
 }
 
+bool VNCSConnectionST::getPerms(bool &write, bool &owner) const
+{
+  bool found = false;
+  const char *colon = strchr(basicauth, ':');
+  if (!colon || colon[1]) {
+    // We're running without basicauth, or with both user:pass on the command line
+    write = true;
+    return true;
+  }
+  if (colon && !colon[1] && user[0]) {
+    struct kasmpasswd_t *set = readkasmpasswd(kasmpasswdpath);
+    unsigned i;
+    for (i = 0; i < set->num; i++) {
+      if (!strcmp(set->entries[i].user, user)) {
+        write = set->entries[i].write;
+        owner = set->entries[i].owner;
+        found = true;
+        break;
+      }
+    }
+
+    free(set->entries);
+    free(set);
+  }
+
+  return found;
+}
+
 void VNCSConnectionST::writeRTTPing()
 {
   char type;
@@ -1081,6 +1133,22 @@ void VNCSConnectionST::writeFramebufferUpdate()
   if (isCongested())
     return;
 
+  // Check for permission changes?
+  if (needsPermCheck) {
+    needsPermCheck = false;
+
+    bool write, owner, ret;
+    ret = getPerms(write, owner);
+    if (!ret) {
+      close("User was deleted");
+      return;
+    } else if (!write) {
+      accessRights = (accessRights & ~(AccessPtrEvents | AccessKeyEvents | AccessSetDesktopSize));
+    } else {
+      accessRights |= AccessPtrEvents | AccessKeyEvents | AccessSetDesktopSize;
+    }
+  }
+
   // Updates often consists of many small writes, and in continuous
   // mode, we will also have small fence messages around the update. We
   // need to aggregate these in order to not clog up TCP's congestion

common/rfb/VNCSConnectionST.h

@@ -102,6 +102,10 @@ namespace rfb {
     // or because the current cursor position has not been set by this client.
     bool needRenderedCursor();
 
+    void recheckPerms() {
+        needsPermCheck = true;
+    }
+
     network::Socket* getSock() { return sock; }
     void add_changed(const Region& region) { updates.add_changed(region); }
     void add_changed_all() { updates.add_changed(server->pb->getRect()); }
@@ -179,12 +183,23 @@ namespace rfb {
     virtual void supportsLEDState();
 
     virtual void sendStats();
+    virtual bool canChangeKasmSettings() const {
+        return (accessRights & (AccessPtrEvents | AccessKeyEvents)) ==
+               (AccessPtrEvents | AccessKeyEvents);
+    }
 
     // setAccessRights() allows a security package to limit the access rights
     // of a VNCSConnectioST to the server.  These access rights are applied
     // such that the actual rights granted are the minimum of the server's
     // default access settings and the connection's access settings.
-    virtual void setAccessRights(AccessRights ar) {accessRights=ar;}
+    virtual void setAccessRights(AccessRights ar) {
+        accessRights = ar;
+
+        bool write, owner;
+        if (!getPerms(write, owner) || !write)
+            accessRights = (accessRights & ~(AccessPtrEvents | AccessKeyEvents));
+        needsPermCheck = false;
+    }
 
     // Timer callbacks
     virtual bool handleTimeout(Timer* t);
@@ -193,6 +208,8 @@ namespace rfb {
 
     bool isShiftPressed();
 
+    bool getPerms(bool &write, bool &owner) const;
+
     // Congestion control
     void writeRTTPing();
     bool isCongested();
@@ -249,6 +266,10 @@ namespace rfb {
     rdr::U64 bstats_total[BS_NUM];
     struct timeval connStart;
 
+    char user[32];
+    char kasmpasswdpath[4096];
+    bool needsPermCheck;
+
     time_t lastEventTime;
     time_t pointerEventTime;
     Point pointerEventPos;

common/rfb/VNCServerST.cxx

@@ -63,6 +63,11 @@
 
 #include <rdr/types.h>
 
+#include <fcntl.h>
+#include <sys/inotify.h>
+#include <unistd.h>
+#include <wordexp.h>
+
 using namespace rfb;
 
 static LogWriter slog("VNCServerST");
@@ -73,6 +78,9 @@ EncCache VNCServerST::encCache;
 // -=- VNCServerST Implementation
 //
 
+static char kasmpasswdpath[4096];
+extern rfb::StringParameter basicauth;
+
 // -=- Constructors/Destructor
 
 VNCServerST::VNCServerST(const char* name_, SDesktop* desktop_)
@@ -87,6 +95,26 @@ VNCServerST::VNCServerST(const char* name_, SDesktop* desktop_)
 {
   lastUserInputTime = lastDisconnectTime = time(0);
   slog.debug("creating single-threaded server %s", name.buf);
+
+  kasmpasswdpath[0] = '\0';
+  wordexp_t wexp;
+  if (!wordexp(rfb::Server::kasmPasswordFile, &wexp, WRDE_NOCMD))
+    strncpy(kasmpasswdpath, wexp.we_wordv[0], 4096);
+  kasmpasswdpath[4095] = '\0';
+  wordfree(&wexp);
+
+  if (kasmpasswdpath[0] && access(kasmpasswdpath, R_OK) == 0) {
+    // Set up a watch on the password file
+    inotifyfd = inotify_init();
+    if (inotifyfd < 0)
+      slog.error("Failed to init inotify");
+
+    int flags = fcntl(inotifyfd, F_GETFL, 0);
+    fcntl(inotifyfd, F_SETFL, flags | O_NONBLOCK);
+
+    if (inotify_add_watch(inotifyfd, kasmpasswdpath, IN_CLOSE_WRITE | IN_DELETE_SELF) < 0)
+      slog.error("Failed to set watch");
+  }
 }
 
 VNCServerST::~VNCServerST()
@@ -659,8 +687,34 @@ void VNCServerST::writeUpdate()
   encCache.clear();
   encCache.enabled = clients.size() > 1;
 
+  // Check if the password file was updated
+  bool permcheck = false;
+  if (inotifyfd >= 0) {
+    char buf[256];
+    int ret = read(inotifyfd, buf, 256);
+    int pos = 0;
+    while (ret > 0) {
+      const struct inotify_event * const ev = (struct inotify_event *) &buf[pos];
+
+      if (ev->mask & IN_IGNORED) {
+        // file was deleted, set new watch
+        if (inotify_add_watch(inotifyfd, kasmpasswdpath, IN_CLOSE_WRITE | IN_DELETE_SELF) < 0)
+          slog.error("Failed to set watch");
+      }
+
+      permcheck = true;
+
+      ret -= sizeof(struct inotify_event) - ev->len;
+      pos += sizeof(struct inotify_event) - ev->len;
+    }
+  }
+
   for (ci = clients.begin(); ci != clients.end(); ci = ci_next) {
     ci_next = ci; ci_next++;
+
+    if (permcheck)
+      (*ci)->recheckPerms();
+
     (*ci)->add_copied(ui.copied, ui.copy_delta);
     (*ci)->add_copypassed(ui.copypassed);
     (*ci)->add_changed(ui.changed);

common/rfb/VNCServerST.h

@@ -249,6 +249,8 @@ namespace rfb {
     bool disableclients;
 
     Timer frameTimer;
+
+    int inotifyfd;
   };
 
 };