From cc288272d3334d133e47a0c1696cf42de6d2bf25 Mon Sep 17 00:00:00 2001 From: rustdesk Date: Wed, 18 Sep 2024 12:18:26 +0800 Subject: [PATCH] OPTION_ONE_WAY_CLIPBOARD_REDIRECTION, OPTION_ENABLE_CLIPBOARD_INIT_SYNC, OPTION_ALLOW_LOGON_SCREEN_PASSWORD, OPTION_ONE_WAY_FILE_TRANSFER, --- libs/hbb_common/src/config.rs | 8 +++++++ libs/hbb_common/src/platform/mod.rs | 6 +++++ src/client/io_loop.rs | 23 +++++++++++------- src/common.rs | 10 ++++++++ src/server/connection.rs | 37 +++++++++++++++++++++++------ src/ui_cm_interface.rs | 2 +- src/ui_interface.rs | 7 +----- 7 files changed, 70 insertions(+), 23 deletions(-) diff --git a/libs/hbb_common/src/config.rs b/libs/hbb_common/src/config.rs index c118070dd..0e91ecf42 100644 --- a/libs/hbb_common/src/config.rs +++ b/libs/hbb_common/src/config.rs @@ -2218,6 +2218,10 @@ pub mod keys { pub const OPTION_HIDE_HELP_CARDS: &str = "hide-help-cards"; pub const OPTION_DEFAULT_CONNECT_PASSWORD: &str = "default-connect-password"; pub const OPTION_HIDE_TRAY: &str = "hide-tray"; + pub const OPTION_ONE_WAY_CLIPBOARD_REDIRECTION: &str = "one-way-clipboard-redirection"; + pub const OPTION_ENABLE_CLIPBOARD_INIT_SYNC: &str = "enable-clipboard-init-sync"; + pub const OPTION_ALLOW_LOGON_SCREEN_PASSWORD: &str = "allow-logon-screen-password"; + pub const OPTION_ONE_WAY_FILE_TRANSFER: &str = "one-way-file-transfer"; // flutter local options pub const OPTION_FLUTTER_REMOTE_MENUBAR_STATE: &str = "remoteMenubarState"; @@ -2362,6 +2366,10 @@ pub mod keys { OPTION_HIDE_HELP_CARDS, OPTION_DEFAULT_CONNECT_PASSWORD, OPTION_HIDE_TRAY, + OPTION_ONE_WAY_CLIPBOARD_REDIRECTION, + OPTION_ENABLE_CLIPBOARD_INIT_SYNC, + OPTION_ALLOW_LOGON_SCREEN_PASSWORD, + OPTION_ONE_WAY_FILE_TRANSFER, ]; } diff --git a/libs/hbb_common/src/platform/mod.rs b/libs/hbb_common/src/platform/mod.rs index 5dc004a81..d01333558 100644 --- a/libs/hbb_common/src/platform/mod.rs +++ b/libs/hbb_common/src/platform/mod.rs @@ -79,3 +79,9 @@ where libc::signal(libc::SIGSEGV, breakdown_signal_handler as _); } } + +#[cfg(any(target_os = "android", target_os = "ios"))] +#[inline] +fn is_prelogin() -> bool { + false +} diff --git a/src/client/io_loop.rs b/src/client/io_loop.rs index 21a5af9a3..46eb6f546 100644 --- a/src/client/io_loop.rs +++ b/src/client/io_loop.rs @@ -26,7 +26,7 @@ use crossbeam_queue::ArrayQueue; use hbb_common::tokio::sync::mpsc::error::TryRecvError; use hbb_common::{ allow_err, - config::{PeerConfig, TransferSerde}, + config::{self, PeerConfig, TransferSerde}, fs::{ self, can_enable_overwrite_detection, get_job, get_string, new_send_confirm, DigestCheckResult, RemoveJobMeta, @@ -1201,13 +1201,18 @@ impl Remote { &peer_platform, crate::clipboard::ClipboardSide::Client, ) { - let sender = self.sender.clone(); - let permission_config = self.handler.get_permission_config(); - tokio::spawn(async move { - if permission_config.is_text_clipboard_required() { - sender.send(Data::Message(msg_out)).ok(); - } - }); + if crate::get_builtin_option( + config::keys::OPTION_ENABLE_CLIPBOARD_INIT_SYNC, + ) != "N" + { + let sender = self.sender.clone(); + let permission_config = self.handler.get_permission_config(); + tokio::spawn(async move { + if permission_config.is_text_clipboard_required() { + sender.send(Data::Message(msg_out)).ok(); + } + }); + } } // on connection established client @@ -1618,7 +1623,7 @@ impl Remote { }, Some(message::Union::MessageBox(msgbox)) => { let mut link = msgbox.link; - if let Some(v) = hbb_common::config::HELPER_URL.get(&link as &str) { + if let Some(v) = config::HELPER_URL.get(&link as &str) { link = v.to_string(); } else { log::warn!("Message box ignore link {} for security", &link); diff --git a/src/common.rs b/src/common.rs index 2e801e66d..995085070 100644 --- a/src/common.rs +++ b/src/common.rs @@ -1650,3 +1650,13 @@ mod tests { ); } } + +#[inline] +pub fn get_builtin_option(key: &str) -> String { + config::BUILTIN_SETTINGS + .read() + .unwrap() + .get(key) + .cloned() + .unwrap_or_default() +} diff --git a/src/server/connection.rs b/src/server/connection.rs index e351b0d50..2863c2365 100644 --- a/src/server/connection.rs +++ b/src/server/connection.rs @@ -27,7 +27,7 @@ use hbb_common::platform::linux::run_cmds; #[cfg(target_os = "android")] use hbb_common::protobuf::EnumOrUnknown; use hbb_common::{ - config::{self, Config, TrustedDevice}, + config::{self, keys, Config, TrustedDevice}, fs::{self, can_enable_overwrite_detection}, futures::{SinkExt, StreamExt}, get_time, get_version_number, @@ -335,7 +335,7 @@ impl Connection { clipboard: Connection::permission("enable-clipboard"), audio: Connection::permission("enable-audio"), // to-do: make sure is the option correct here - file: Connection::permission(config::keys::OPTION_ENABLE_FILE_TRANSFER), + file: Connection::permission(keys::OPTION_ENABLE_FILE_TRANSFER), restart: Connection::permission("enable-remote-restart"), recording: Connection::permission("enable-record-session"), block_input: Connection::permission("enable-block-input"), @@ -1359,7 +1359,10 @@ impl Connection { if !self.follow_remote_window { noperms.push(NAME_WINDOW_FOCUS); } - if !self.clipboard_enabled() || !self.peer_keyboard_enabled() { + if !self.clipboard_enabled() + || !self.peer_keyboard_enabled() + || crate::get_builtin_option(keys::OPTION_ONE_WAY_CLIPBOARD_REDIRECTION) == "Y" + { noperms.push(super::clipboard_service::NAME); } if !self.audio_enabled() { @@ -1621,8 +1624,8 @@ impl Connection { #[inline] fn enable_trusted_devices() -> bool { config::option2bool( - config::keys::OPTION_ENABLE_TRUSTED_DEVICES, - &Config::get_option(config::keys::OPTION_ENABLE_TRUSTED_DEVICES), + keys::OPTION_ENABLE_TRUSTED_DEVICES, + &Config::get_option(keys::OPTION_ENABLE_TRUSTED_DEVICES), ) } @@ -1689,7 +1692,7 @@ impl Connection { } match lr.union { Some(login_request::Union::FileTransfer(ft)) => { - if !Connection::permission(config::keys::OPTION_ENABLE_FILE_TRANSFER) { + if !Connection::permission(keys::OPTION_ENABLE_FILE_TRANSFER) { self.send_login_error("No permission of file transfer") .await; sleep(1.).await; @@ -1762,7 +1765,9 @@ impl Connection { self.send_login_error(crate::client::LOGIN_MSG_OFFLINE) .await; return false; - } else if password::approve_mode() == ApproveMode::Click + } else if (password::approve_mode() == ApproveMode::Click + && !(crate::platform::is_prelogin() + && crate::get_builtin_option(keys::OPTION_ALLOW_LOGON_SCREEN_PASSWORD) == "Y")) || password::approve_mode() == ApproveMode::Both && !password::has_valid_password() { self.try_start_cm(lr.my_id, lr.my_name, false); @@ -2133,6 +2138,24 @@ impl Connection { } return true; } + if crate::get_builtin_option(keys::OPTION_ONE_WAY_FILE_TRANSFER) == "Y" { + match fa.union { + Some(file_action::Union::Send(_)) + | Some(file_action::Union::RemoveFile(_)) + | Some(file_action::Union::Rename(_)) + | Some(file_action::Union::Create(_)) + | Some(file_action::Union::RemoveDir(_)) => { + self.send(fs::new_error( + 0, + "One-way file transfer is enabled on controlled side", + 0, + )) + .await; + return true; + } + _ => {} + } + } match fa.union { Some(file_action::Union::ReadDir(rd)) => { self.read_dir(&rd.path, rd.include_hidden); diff --git a/src/ui_cm_interface.rs b/src/ui_cm_interface.rs index 49f91a9da..e75683d8a 100644 --- a/src/ui_cm_interface.rs +++ b/src/ui_cm_interface.rs @@ -565,7 +565,7 @@ impl IpcTaskRunner { log::debug!( "Process clipboard message from clip, stop: {}, is_stopping_allowed: {}, is_clipboard_enabled: {}, file_transfer_enabled: {}, file_transfer_enabled_peer: {}", stop, is_stopping_allowed, is_clipboard_enabled, file_transfer_enabled, file_transfer_enabled_peer); - if stop { + if stop || crate::get_builtin_option(OPTION_ONE_WAY_FILE_TRANSFER) == "Y"{ ContextSend::set_is_stopped(); } else { allow_err!(self.tx.send(Data::ClipboardFile(_clip))); diff --git a/src/ui_interface.rs b/src/ui_interface.rs index ad2db6d01..e9f2875be 100644 --- a/src/ui_interface.rs +++ b/src/ui_interface.rs @@ -207,12 +207,7 @@ pub fn get_hard_option(key: String) -> String { #[inline] pub fn get_builtin_option(key: &str) -> String { - config::BUILTIN_SETTINGS - .read() - .unwrap() - .get(key) - .cloned() - .unwrap_or_default() + crate::get_builtin_option(key) } #[inline]