OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // This file implements the Windows service controlling Me2Me host processes | 5 // This file implements the Windows service controlling Me2Me host processes |
6 // running within user sessions. | 6 // running within user sessions. |
7 | 7 |
8 #include "remoting/host/win/unprivileged_process_delegate.h" | 8 #include "remoting/host/win/unprivileged_process_delegate.h" |
9 | 9 |
10 #include "base/base_switches.h" | 10 #include "base/base_switches.h" |
11 #include "base/command_line.h" | 11 #include "base/command_line.h" |
12 #include "base/logging.h" | 12 #include "base/logging.h" |
13 #include "base/single_thread_task_runner.h" | 13 #include "base/single_thread_task_runner.h" |
14 #include "base/stringprintf.h" | 14 #include "base/stringprintf.h" |
15 #include "base/utf_string_conversions.h" | 15 #include "base/utf_string_conversions.h" |
16 #include "base/win/scoped_handle.h" | 16 #include "base/win/scoped_handle.h" |
| 17 #include "ipc/ipc_channel.h" |
17 #include "ipc/ipc_channel_proxy.h" | 18 #include "ipc/ipc_channel_proxy.h" |
18 #include "ipc/ipc_message.h" | 19 #include "ipc/ipc_message.h" |
19 #include "remoting/host/host_exit_codes.h" | 20 #include "remoting/host/host_exit_codes.h" |
20 #include "remoting/host/ipc_consts.h" | 21 #include "remoting/host/ipc_consts.h" |
21 #include "remoting/host/win/launch_process_with_token.h" | 22 #include "remoting/host/win/launch_process_with_token.h" |
22 | 23 |
23 using base::win::ScopedHandle; | 24 using base::win::ScopedHandle; |
24 | 25 |
25 namespace { | 26 namespace { |
26 | 27 |
27 // The security descriptor used to protect the named pipe in between | 28 // The security descriptor used to protect the named pipe in between |
28 // CreateNamedPipe() and CreateFile() calls before it will be passed to | 29 // CreateNamedPipe() and CreateFile() calls before it will be passed to |
29 // the network process. It gives full access to LocalSystem and denies access by | 30 // the network process. It gives full access to LocalSystem and denies access by |
30 // anyone else. | 31 // anyone else. |
31 const char kDaemonIpcSecurityDescriptor[] = "O:SYG:SYD:(A;;GA;;;SY)"; | 32 const char kDaemonIpcSecurityDescriptor[] = "O:SYG:SYD:(A;;GA;;;SY)"; |
32 | 33 |
33 // The command line parameters that should be copied from the service's command | 34 // The command line parameters that should be copied from the service's command |
34 // line to the host process. | 35 // line to the host process. |
35 const char* kCopiedSwitchNames[] = { | 36 const char* kCopiedSwitchNames[] = { |
36 "host-config", switches::kV, switches::kVModule }; | 37 "host-config", switches::kV, switches::kVModule }; |
37 | 38 |
38 // Creates an already connected IPC channel. The server end of the channel | 39 } // namespace |
39 // is wrapped into a channel proxy that will invoke methods of |delegate| | |
40 // on the caller's thread while using |io_task_runner| to send and receive | |
41 // messages in the background. The client end is returned as an inheritable NT | |
42 // handle. | |
43 bool CreateConnectedIpcChannel( | |
44 const std::string& channel_name, | |
45 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner, | |
46 IPC::Listener* delegate, | |
47 base::win::ScopedHandle* client_out, | |
48 scoped_ptr<IPC::ChannelProxy>* server_out, | |
49 base::win::ScopedHandle* pipe_out) { | |
50 // Create the server end of the channel. | |
51 ScopedHandle pipe; | |
52 if (!remoting::CreateIpcChannel(channel_name, kDaemonIpcSecurityDescriptor, | |
53 &pipe)) { | |
54 return false; | |
55 } | |
56 | |
57 // Wrap the pipe into an IPC channel. | |
58 scoped_ptr<IPC::ChannelProxy> server(new IPC::ChannelProxy( | |
59 IPC::ChannelHandle(pipe), | |
60 IPC::Channel::MODE_SERVER, | |
61 delegate, | |
62 io_task_runner)); | |
63 | |
64 // Convert the channel name to the pipe name. | |
65 std::string pipe_name(remoting::kChromePipeNamePrefix); | |
66 pipe_name.append(channel_name); | |
67 | |
68 SECURITY_ATTRIBUTES security_attributes; | |
69 security_attributes.nLength = sizeof(security_attributes); | |
70 security_attributes.lpSecurityDescriptor = NULL; | |
71 security_attributes.bInheritHandle = TRUE; | |
72 | |
73 // Create the client end of the channel. This code should match the code in | |
74 // IPC::Channel. | |
75 ScopedHandle client; | |
76 client.Set(CreateFile(UTF8ToUTF16(pipe_name).c_str(), | |
77 GENERIC_READ | GENERIC_WRITE, | |
78 0, | |
79 &security_attributes, | |
80 OPEN_EXISTING, | |
81 SECURITY_SQOS_PRESENT | SECURITY_IDENTIFICATION | | |
82 FILE_FLAG_OVERLAPPED, | |
83 NULL)); | |
84 if (!client.IsValid()) | |
85 return false; | |
86 | |
87 *client_out = client.Pass(); | |
88 *server_out = server.Pass(); | |
89 *pipe_out = pipe.Pass(); | |
90 return true; | |
91 } | |
92 | |
93 } // namespace | |
94 | 40 |
95 namespace remoting { | 41 namespace remoting { |
96 | 42 |
97 UnprivilegedProcessDelegate::UnprivilegedProcessDelegate( | 43 UnprivilegedProcessDelegate::UnprivilegedProcessDelegate( |
98 scoped_refptr<base::SingleThreadTaskRunner> main_task_runner, | 44 scoped_refptr<base::SingleThreadTaskRunner> main_task_runner, |
99 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner, | 45 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner, |
100 const FilePath& binary_path) | 46 const FilePath& binary_path) |
101 : main_task_runner_(main_task_runner), | 47 : main_task_runner_(main_task_runner), |
102 io_task_runner_(io_task_runner), | 48 io_task_runner_(io_task_runner), |
103 binary_path_(binary_path) { | 49 binary_path_(binary_path) { |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
146 if (worker_process_.IsValid()) { | 92 if (worker_process_.IsValid()) { |
147 TerminateProcess(worker_process_, exit_code); | 93 TerminateProcess(worker_process_, exit_code); |
148 } | 94 } |
149 } | 95 } |
150 | 96 |
151 bool UnprivilegedProcessDelegate::LaunchProcess( | 97 bool UnprivilegedProcessDelegate::LaunchProcess( |
152 IPC::Listener* delegate, | 98 IPC::Listener* delegate, |
153 ScopedHandle* process_exit_event_out) { | 99 ScopedHandle* process_exit_event_out) { |
154 DCHECK(main_task_runner_->BelongsToCurrentThread()); | 100 DCHECK(main_task_runner_->BelongsToCurrentThread()); |
155 // Generate a unique name for the channel. | 101 // Generate a unique name for the channel. |
156 std::string channel_name = GenerateIpcChannelName(this); | 102 std::string channel_name = IPC::Channel::GenerateUniqueRandomChannelID(); |
157 | 103 |
158 // Create a connected IPC channel. | 104 // Create a connected IPC channel. |
159 ScopedHandle client; | 105 ScopedHandle client; |
160 scoped_ptr<IPC::ChannelProxy> server; | 106 scoped_ptr<IPC::ChannelProxy> server; |
161 ScopedHandle pipe; | 107 if (!CreateConnectedIpcChannel(channel_name, kDaemonIpcSecurityDescriptor, |
162 if (!CreateConnectedIpcChannel(channel_name, io_task_runner_, delegate, | 108 io_task_runner_, delegate, &client, &server)) { |
163 &client, &server, &pipe)) { | |
164 return false; | 109 return false; |
165 } | 110 } |
166 | 111 |
167 // Convert the handle value into a decimal integer. Handle values are 32bit | 112 // Convert the handle value into a decimal integer. Handle values are 32bit |
168 // even on 64bit platforms. | 113 // even on 64bit platforms. |
169 std::string pipe_handle = base::StringPrintf( | 114 std::string pipe_handle = base::StringPrintf( |
170 "%d", reinterpret_cast<ULONG_PTR>(client.Get())); | 115 "%d", reinterpret_cast<ULONG_PTR>(client.Get())); |
171 | 116 |
172 // Create the command line passing the name of the IPC channel to use and | 117 // Create the command line passing the name of the IPC channel to use and |
173 // copying known switches from the caller's command line. | 118 // copying known switches from the caller's command line. |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
206 KillProcess(CONTROL_C_EXIT); | 151 KillProcess(CONTROL_C_EXIT); |
207 return false; | 152 return false; |
208 } | 153 } |
209 | 154 |
210 channel_ = server.Pass(); | 155 channel_ = server.Pass(); |
211 *process_exit_event_out = process_exit_event.Pass(); | 156 *process_exit_event_out = process_exit_event.Pass(); |
212 return true; | 157 return true; |
213 } | 158 } |
214 | 159 |
215 } // namespace remoting | 160 } // namespace remoting |
OLD | NEW |