apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From traw...@apache.org
Subject svn commit: r1531768 - in /apr/apr/trunk: CHANGES shmem/win32/shm.c
Date Sun, 13 Oct 2013 22:56:51 GMT
Author: trawick
Date: Sun Oct 13 22:56:51 2013
New Revision: 1531768

URL: http://svn.apache.org/r1531768
Log:
Windows:  Create named shared memory segments under the "Local" 
namespace if the caller is unprivileged, fixing an inability of
unprivileged callers to use apr_shm_create() with named shared
memory segments under recent Windows.

Modified:
    apr/apr/trunk/CHANGES
    apr/apr/trunk/shmem/win32/shm.c

Modified: apr/apr/trunk/CHANGES
URL: http://svn.apache.org/viewvc/apr/apr/trunk/CHANGES?rev=1531768&r1=1531767&r2=1531768&view=diff
==============================================================================
--- apr/apr/trunk/CHANGES [utf-8] (original)
+++ apr/apr/trunk/CHANGES [utf-8] Sun Oct 13 22:56:51 2013
@@ -1,6 +1,11 @@
                                                      -*- coding: utf-8 -*-
 Changes for APR 2.0.0
 
+  *) Windows:  Create named shared memory segments under the "Local"
+     namespace if the caller is unprivileged, fixing an inability of
+     unprivileged callers to use apr_shm_create() with named shared
+     memory segments under recent Windows.  [Jeff Trawick]
+
   *) Add apr_pbase64_encode() and apr_pbase64_decode() to encode to/from
      the pool. [Graham Leggett]
 

Modified: apr/apr/trunk/shmem/win32/shm.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/shmem/win32/shm.c?rev=1531768&r1=1531767&r2=1531768&view=diff
==============================================================================
--- apr/apr/trunk/shmem/win32/shm.c (original)
+++ apr/apr/trunk/shmem/win32/shm.c Sun Oct 13 22:56:51 2013
@@ -56,6 +56,64 @@ static apr_status_t shm_cleanup(void* sh
     return rv;
 }
 
+/* See if the caller is able to create a map in the global namespace by
+ * checking if the SE_CREATE_GLOBAL_NAME privilege is enabled.
+ *
+ * Prior to APR 1.5.0, named shared memory segments were always created
+ * in the global segment.  However, with recent versions of Windows this
+ * fails for unprivileged processes.  Thus, with older APR, named shared
+ * memory segments can't be created by unprivileged processes on newer
+ * Windows.
+ *
+ * By checking if the caller has the privilege, shm APIs can decide
+ * whether to use the Global or Local namespace.
+ *
+ * If running on an SDK without the required API definitions *OR*
+ * some processing failure occurs trying to check the privilege, fall
+ * back to earlier behavior -- always try to use the Global namespace.
+ */
+#ifdef SE_CREATE_GLOBAL_NAME
+static int can_create_global_maps(void)
+{
+    BOOL ok, has_priv;
+    LUID priv_id;
+    PRIVILEGE_SET privs;
+    HANDLE hToken;
+
+    ok = OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, TRUE, &hToken);
+    if (!ok && GetLastError() == ERROR_NO_TOKEN) {
+        /* no thread-specific access token, so try to get process access token
+         */
+        ok = OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken);
+    }
+
+    if (ok) {
+        ok = LookupPrivilegeValue(NULL, SE_CREATE_GLOBAL_NAME, &priv_id);
+    }
+
+    if (ok) {
+        privs.PrivilegeCount = 1;
+        privs.Control = PRIVILEGE_SET_ALL_NECESSARY;
+        privs.Privilege[0].Luid = priv_id;
+        privs.Privilege[0].Attributes = SE_PRIVILEGE_ENABLED;
+        ok = PrivilegeCheck(hToken, &privs, &has_priv);
+    }
+
+    if (ok && !has_priv) {
+        return 0;
+    }
+    else {
+        return 1;
+    }
+}
+#else /* SE_CREATE_GLOBAL_NAME */
+/* SDK definitions missing */
+static int can_create_global_maps(void)
+{
+    return 1;
+}
+#endif /* SE_CREATE_GLOBAL_NAME */
+
 APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
                                          apr_size_t reqsize,
                                          const char *file,
@@ -112,9 +170,9 @@ APR_DECLARE(apr_status_t) apr_shm_create
 
         /* res_name_from_filename turns file into a pseudo-name
          * without slashes or backslashes, and prepends the \global
-         * prefix on Win2K and later
+         * or \local prefix on Win2K and later
          */
-        mapkey = res_name_from_filename(file, 1, pool);
+        mapkey = res_name_from_filename(file, can_create_global_maps(), pool);
     }
 
 #if APR_HAS_UNICODE_FS
@@ -183,24 +241,20 @@ APR_DECLARE(apr_status_t) apr_shm_remove
     return apr_file_remove(filename, pool);
 }
 
-APR_DECLARE(apr_status_t) apr_shm_attach(apr_shm_t **m,
-                                         const char *file,
-                                         apr_pool_t *pool)
+static apr_status_t shm_attach_internal(apr_shm_t **m,
+                                        const char *file,
+                                        apr_pool_t *pool,
+                                        int global)
 {
     HANDLE hMap;
     void *mapkey;
     void *base;
 
-    if (!file) {
-        return APR_EINVAL;
-    }
-    else {
-        /* res_name_from_filename turns file into a pseudo-name
-         * without slashes or backslashes, and prepends the \global
-         * prefix on Win2K and later
-         */
-        mapkey = res_name_from_filename(file, 1, pool);
-    }
+    /* res_name_from_filename turns file into a pseudo-name
+     * without slashes or backslashes, and prepends the \global
+     * or local prefix on Win2K and later
+     */
+    mapkey = res_name_from_filename(file, global, pool);
 
 #if APR_HAS_UNICODE_FS
     IF_WIN_OS_IS_UNICODE
@@ -264,6 +318,36 @@ APR_DECLARE(apr_status_t) apr_shm_attach
     return APR_SUCCESS;
 }
 
+APR_DECLARE(apr_status_t) apr_shm_attach(apr_shm_t **m,
+                                         const char *file,
+                                         apr_pool_t *pool)
+{
+    apr_status_t rv;
+    int can_create_global = can_create_global_maps();
+    int try_global_local[3] = {1, /* first try to find shm under global namespace */
+                               0, /* next try to find it under local namespace */
+                               -1}; /* nothing more to try */
+    int cur;
+
+    if (!file) {
+        return APR_EINVAL;
+    }
+
+    if (!can_create_global) { /* unprivileged process */
+        try_global_local[0] = 0; /* search local before global */
+        try_global_local[1] = 1;
+    }
+
+    for (cur = 0; try_global_local[cur] != -1; cur++) {
+        rv = shm_attach_internal(m, file, pool, try_global_local[cur]);
+        if (!APR_STATUS_IS_ENOENT(rv)) {
+            break;
+        }
+    }
+
+    return rv;
+}
+
 APR_DECLARE(apr_status_t) apr_shm_detach(apr_shm_t *m)
 {
     apr_status_t rv = shm_cleanup(m);



Mime
View raw message