commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r897144 - in /commons/sandbox/runtime/trunk/src/main/native: include/arch/windows/acr_arch.h include/arch/windows/acr_arch_private.h os/win32/exec.c os/win32/main.c os/win32/posix.c os/win32/wusec.c
Date Fri, 08 Jan 2010 09:33:44 GMT
Author: mturk
Date: Fri Jan  8 09:33:42 2010
New Revision: 897144

URL: http://svn.apache.org/viewvc?rev=897144&view=rev
Log:
Add fake getsid to the windows port

Modified:
    commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h
    commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h
    commons/sandbox/runtime/trunk/src/main/native/os/win32/exec.c
    commons/sandbox/runtime/trunk/src/main/native/os/win32/main.c
    commons/sandbox/runtime/trunk/src/main/native/os/win32/posix.c
    commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c

Modified: commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h?rev=897144&r1=897143&r2=897144&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h Fri Jan
 8 09:33:42 2010
@@ -589,7 +589,7 @@
         case SIG_BLOCK:
     	    current |= *set;
         break;
-        case SIG_UNBLOCK:        
+        case SIG_UNBLOCK:
             current &= ~*set;
         break;
         case SIG_SETMASK:

Modified: commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h?rev=897144&r1=897143&r2=897144&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h
(original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h
Fri Jan  8 09:33:42 2010
@@ -154,6 +154,7 @@
 HANDLE       ACR_GetCurrentAccessToken(JNIEnv *_E);
 PSID         ACR_AllocateWellKnownSid(JNIEnv *_E, WELL_KNOWN_SID_TYPE type);
 DWORD        ACR_SetTokenPrivilege(LPCWSTR szPrivilege, BOOL bEnablePrivilege);
+DWORD        ACR_EnableTokenPrivilege(HANDLE hToken, LPCWSTR szPrivilege);
 DWORD        ACR_EnablePrivilege(LPCWSTR szPrivilege);
 PSID         ACR_DuplicateSid(JNIEnv *_E, PSID sSID);
 int          ACR_InitSecurityDescriptorTable(JNIEnv *);
@@ -261,7 +262,8 @@
 #else
 pid_t    getppid(void);
 #endif
-
+/* Our fake getsid */
+HANDLE getsid(pid_t pid);
 HANDLE dup3(HANDLE, HANDLE, int);
 
 /**

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/exec.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/exec.c?rev=897144&r1=897143&r2=897144&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/exec.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/exec.c Fri Jan  8 09:33:42 2010
@@ -39,21 +39,13 @@
 #define PROC_TIMEOUT_STEP   100
 #define PROC_BUFFER_SIZE    512
 
-#define PIPE_STDINP         0
 #define PIPE_STDINP_RDS     0
 #define PIPE_STDINP_WRS     1
-#define PIPE_STDOUT         2
 #define PIPE_STDOUT_RDS     2
 #define PIPE_STDOUT_WRS     3
-#define PIPE_STDERR         4
 #define PIPE_STDERR_RDS     4
 #define PIPE_STDERR_WRS     5
-#define PIPE_SIGERR         6
-#define PIPE_SIGERR_RDS     6
-#define PIPE_SIGERR_WRS     7
-#define PIPE_SIGPID         8
-#define PIPE_SIGPID_RDS     8
-#define PIPE_SIGPID_WRS     9
+
 
 ACR_DECLARE(acr_exec_t *) ACR_ExecNew(int flags)
 {

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/main.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/main.c?rev=897144&r1=897143&r2=897144&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/main.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/main.c Fri Jan  8 09:33:42 2010
@@ -205,7 +205,7 @@
             late_dll_handles[fnLib] = LoadLibraryA(late_dll_names[fnLib]);
             SetErrorMode(em);
         }
-    }    
+    }
     return late_dll_handles[fnLib];
 }
 
@@ -261,7 +261,10 @@
                 SetErrorMode(em);
             }
             if (!late_dll_handles[fnLib] && (fnLib < SYSDLL_JVM)) {
-                /* Unable to load required library */
+                /* Unable to load required library
+                 * Make sure all optional libs are defined after
+                 * SYSDLL_JVM (see win32/arc_arch.h)
+                 */
                 return rc;
             }
         }
@@ -318,6 +321,7 @@
     L"SeCreateSymbolicLinkPrivilege",
     L"SeDebugPrivilege",
     L"SeTakeOwnershipPrivilege",
+    L"SeTcbPrivilege",
     NULL
 };
 

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/posix.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/posix.c?rev=897144&r1=897143&r2=897144&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/posix.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/posix.c Fri Jan  8 09:33:42 2010
@@ -65,6 +65,112 @@
     return ppid;
 }
 
+/* Get token of the currently logged on user
+ * If pid is 0 the current user token is
+ * duplicated.
+ */
+HANDLE getsid(pid_t pid)
+{
+    pid_t           psid = pid;
+    HANDLE          snap;
+    HANDLE          ctok = NULL;
+    HANDLE          ptok = NULL;
+    PROCESSENTRY32W e;
+    DWORD           asid;
+    DWORD           wsid;
+
+    asid = WTSGetActiveConsoleSessionId();
+    if (asid == 0xFFFFFFFF) {
+        /* No logged on users
+         */
+        return INVALID_HANDLE_VALUE;
+    }
+
+    if (psid == -1) {
+        if (!WTSQueryUserToken(asid, &ctok)) {
+            /* Not running under LocalSystem account ?
+             */
+            if (GetLastError() == ERROR_PRIVILEGE_NOT_HELD) {
+                /* Enable SE_TCB_NAME privilege and retry.
+                 */
+                ACR_EnablePrivilege(L"SeTcbPrivilege");
+                if (!WTSQueryUserToken(asid, &ctok)) {
+                    /* Not running under LocalSystem account
+                     */
+                    ctok = NULL;
+                }
+            }
+        }
+    }
+    if (psid == -1 && ctok == NULL) {
+        /* Fallback to a standard way
+         */
+        snap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
+        if (IS_INVALID_HANDLE(snap))
+            return INVALID_HANDLE_VALUE;
+
+        e.dwSize = (DWORD)sizeof(PROCESSENTRY32W);
+        if (!Process32FirstW(snap, &e)) {
+            CloseHandle(snap);
+            return INVALID_HANDLE_VALUE;
+        }
+        do {
+            if (!_wcsicmp(e.szExeFile, L"winlogon.exe")) {
+                if (ProcessIdToSessionId(e.th32ProcessID, &wsid)) {
+                    if (wsid == asid) {
+                        /* We found winlogon with active session id.
+                         */
+                        psid = e.th32ProcessID;
+                        break;
+                    }
+                }
+            }
+
+        } while (Process32NextW(snap, &e));
+        CloseHandle(snap);
+    }
+    if (psid != -1) {
+        HANDLE process;
+        if (psid)
+            process = OpenProcess(MAXIMUM_ALLOWED, FALSE, psid);
+        else
+            process = GetCurrentProcess();
+        if (process != NULL) {
+            if (!OpenProcessToken(process,
+                                  TOKEN_ADJUST_PRIVILEGES |
+                                  TOKEN_QUERY |
+                                  TOKEN_DUPLICATE |
+                                  TOKEN_ASSIGN_PRIMARY |
+                                  TOKEN_ADJUST_SESSIONID |
+                                  TOKEN_READ|TOKEN_WRITE,
+                                  &ctok)) {
+                /* Unable to open the process token
+                 */
+                CloseHandle(process);
+                return INVALID_HANDLE_VALUE;
+            }
+            CloseHandle(process);
+
+        }
+    }
+    if (IS_VALID_HANDLE(ctok)) {
+        if (DuplicateTokenEx(ctok,
+                             TOKEN_ASSIGN_PRIMARY | TOKEN_ALL_ACCESS,
+                             0,
+                             SecurityImpersonation,
+                             TokenPrimary,
+                             &ptok)) {
+            /* Allow debug privilege to the token
+             */
+            ACR_EnableTokenPrivilege(ptok, L"SeDebugPrivilege");
+        }
+        else
+            ptok = INVALID_HANDLE_VALUE;
+        CloseHandle(ctok);
+    }
+    return ptok;
+}
+
 HANDLE dup3(HANDLE oldfd, HANDLE newfd, int flags)
 {
     int    osfd;
@@ -77,10 +183,13 @@
         ACR_SET_OS_ERROR(ACR_EINVAL);
         return INVALID_HANDLE_VALUE;
     }
-    if (oldfd == newfd)
+    if (oldfd == newfd) {
+        /* If the descriptors are equal
+         * return the newfd
+         */
         return newfd;
-
-    if (newfd == GetStdHandle(STD_INPUT_HANDLE)) {
+    }
+    else if (newfd == GetStdHandle(STD_INPUT_HANDLE)) {
         fflush(stdin);
         setvbuf(stdin, NULL, _IONBF, 0);
         _commit(STDIN_FILENO);
@@ -97,7 +206,6 @@
         duph = (HANDLE)_get_osfhandle(STDIN_FILENO);
         if (IS_VALID_HANDLE(duph) && flags)
             SetHandleInformation(duph, HANDLE_FLAG_INHERIT, 0);
-        return duph;
     }
     else if (newfd == GetStdHandle(STD_OUTPUT_HANDLE)) {
         fflush(stdout);
@@ -116,7 +224,6 @@
         duph = (HANDLE)_get_osfhandle(STDOUT_FILENO);
         if (IS_VALID_HANDLE(duph) && flags)
             SetHandleInformation(duph, HANDLE_FLAG_INHERIT, 0);
-        return duph;
     }
     else if (newfd == GetStdHandle(STD_ERROR_HANDLE)) {
         fflush(stderr);
@@ -135,18 +242,18 @@
         duph = (HANDLE)_get_osfhandle(STDERR_FILENO);
         if (IS_VALID_HANDLE(duph) && flags)
             SetHandleInformation(duph, HANDLE_FLAG_INHERIT, 0);
-        return duph;
     }
-    if (!DuplicateHandle(GetCurrentProcess(),
-                         oldfd,
-                         GetCurrentProcess(),
-                         &duph,
-                         0,
-                         flags ? FALSE : TRUE,
-                         DUPLICATE_SAME_ACCESS))
-        return INVALID_HANDLE_VALUE;
-
-
-    CloseHandle(newfd);
+    else {
+        if (!DuplicateHandle(GetCurrentProcess(),
+                             oldfd,
+                             GetCurrentProcess(),
+                             &duph,
+                             0,
+                             flags ? FALSE : TRUE,
+                             DUPLICATE_SAME_ACCESS))
+            duph = INVALID_HANDLE_VALUE;
+        else
+            CloseHandle(newfd);
+    }
     return duph;
 }

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c?rev=897144&r1=897143&r2=897144&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/wusec.c Fri Jan  8 09:33:42 2010
@@ -268,21 +268,15 @@
     return dwError;
 }
 
-DWORD ACR_EnablePrivilege(LPCWSTR szPrivilege)
+DWORD ACR_EnableTokenPrivilege(HANDLE hToken, LPCWSTR szPrivilege)
 {
     DWORD dwError;
-    HANDLE hToken;
     TOKEN_PRIVILEGES tp;
     LUID luid;
 
     if (!LookupPrivilegeValueW(NULL, szPrivilege, &luid))
         return ERROR_NO_SUCH_PRIVILEGE;
 
-    if (!OpenProcessToken(GetCurrentProcess(),
-                          TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES,
-                          &hToken))
-        return GetLastError();
-
     tp.PrivilegeCount           = 1;
     tp.Privileges[0].Luid       = luid;
     tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
@@ -294,6 +288,21 @@
                           NULL,
                           NULL);
     dwError = GetLastError();
+
+    return dwError;
+}
+
+DWORD ACR_EnablePrivilege(LPCWSTR szPrivilege)
+{
+    DWORD dwError;
+    HANDLE hToken;
+
+    if (!OpenProcessToken(GetCurrentProcess(),
+                          TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES,
+                          &hToken))
+        return GetLastError();
+
+    dwError =  ACR_EnableTokenPrivilege(hToken, szPrivilege);
     CloseHandle(hToken);
 
     return dwError;



Mime
View raw message