You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by mt...@apache.org on 2009/09/15 16:30:35 UTC
svn commit: r815345 -
/commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c
Author: mturk
Date: Tue Sep 15 14:30:35 2009
New Revision: 815345
URL: http://svn.apache.org/viewvc?rev=815345&view=rev
Log:
Store the key as hashed with pid value. Increases the security a bit
Modified:
commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c
Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c?rev=815345&r1=815344&r2=815345&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c Tue Sep 15 14:30:35 2009
@@ -63,7 +63,7 @@
static HANDLE sig_pipe_handle = INVALID_HANDLE_VALUE;
static wchar_t sig_pipe_name[64];
-static wchar_t sig_pipe_salt[64];
+static BYTE sig_pipe_salt[ACR_SHA1_DIGEST_LENGTH];
typedef struct sig_pipe_data_t {
OVERLAPPED ctx;
@@ -71,7 +71,7 @@
HANDLE pipe;
} sig_pipe_data_t;
-static void make_security_cookie(acr_sig_msg_t *msg, const wchar_t *salt,
+static void make_security_cookie(acr_sig_msg_t *msg, const wchar_t *key,
DWORD sn, DWORD to)
{
acr_sha1_ctx_t sha;
@@ -79,8 +79,15 @@
acr_uint32_t tc = GetTickCount();
ACR_SHA1Init(&sha);
- if (salt && *salt)
- ACR_SHA1UpdateW(&sha, salt, wcslen(salt));
+ if (key && *key) {
+ acr_sha1_ctx_t sk;
+ unsigned char salt[ACR_SHA1_DIGEST_LENGTH];
+ ACR_SHA1Init(&sk);
+ ACR_SHA1UpdateW(&sk, key, wcslen(key));
+ ACR_SHA1Update(&sk, (unsigned char *)&to, sizeof(acr_uint32_t));
+ ACR_SHA1Final(salt, &sk);
+ ACR_SHA1Update(&sha, salt, ACR_SHA1_DIGEST_LENGTH);
+ }
ACR_SHA1Update(&sha, (unsigned char *)&sn, sizeof(acr_uint32_t));
ACR_SHA1Update(&sha, (unsigned char *)&me, sizeof(acr_uint32_t));
ACR_SHA1Update(&sha, (unsigned char *)&tc, sizeof(acr_uint32_t));
@@ -92,15 +99,15 @@
msg->ticket = tc;
}
-static int verify_security_cookie(acr_sig_msg_t *msg, const wchar_t *salt)
+static int verify_security_cookie(acr_sig_msg_t *msg)
{
unsigned char digest[ACR_SHA1_DIGEST_LENGTH];
acr_sha1_ctx_t sha;
acr_uint32_t me = GetCurrentProcessId();
ACR_SHA1Init(&sha);
- if (salt && *salt)
- ACR_SHA1UpdateW(&sha, salt, wcslen(salt));
+ if (sig_pipe_salt[0] && sig_pipe_salt[1])
+ ACR_SHA1Update(&sha, sig_pipe_salt, ACR_SHA1_DIGEST_LENGTH);
ACR_SHA1Update(&sha, (unsigned char *)&(msg->signal), sizeof(acr_uint32_t));
ACR_SHA1Update(&sha, (unsigned char *)&(msg->sender), sizeof(acr_uint32_t));
@@ -229,7 +236,7 @@
BOOL ws = FALSE;
if ((err == 0) && (nread == (DWORD)sizeof(acr_sig_msg_t))) {
- if (verify_security_cookie(&pd->msg, sig_pipe_salt)) {
+ if (verify_security_cookie(&pd->msg)) {
/* Invalid message signature.
*/
#if defined(DEBUG)
@@ -481,7 +488,7 @@
if (IS_INVALID_HANDLE(sig_raised_event))
return ACR_GET_OS_ERROR();
-
+
for (i = 0; i < ACR_NUMSIG; i++)
signal_handlers[i] = SIG_IGN;
signal_handlers[SIGBUS] = default_signal_handler;
@@ -633,3 +640,18 @@
return ACR_GET_OS_ERROR();
}
}
+
+ACR_DECLARE(int) ACR_SignalSetKey(const wchar_t *key)
+{
+ acr_sha1_ctx_t sha;
+ acr_uint32_t me = GetCurrentProcessId();
+
+ if (!key || !*key)
+ return ACR_EINVAL;
+ ACR_SHA1Init(&sha);
+ ACR_SHA1UpdateW(&sha, key, wcslen(key));
+ ACR_SHA1Update(&sha, (unsigned char *)&me, sizeof(acr_uint32_t));
+ ACR_SHA1Final(sig_pipe_salt, &sha);
+
+ return 0;
+}