You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by mt...@apache.org on 2009/09/18 12:56:08 UTC
svn commit: r816582 -
/commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c
Author: mturk
Date: Fri Sep 18 10:56:08 2009
New Revision: 816582
URL: http://svn.apache.org/viewvc?rev=816582&view=rev
Log:
If no security is given use the HW guid
Modified:
commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c
Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c?rev=816582&r1=816581&r2=816582&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c Fri Sep 18 10:56:08 2009
@@ -66,6 +66,7 @@
static HANDLE sig_pipe_handle = INVALID_HANDLE_VALUE;
static wchar_t sig_pipe_name[64];
static BYTE sig_pipe_salt[ACR_SHA1_DIGEST_LENGTH];
+static int sig_pipe_local = 1;
static DWORD proc_priority_class = NORMAL_PRIORITY_CLASS;
typedef struct sig_pipe_data_t {
@@ -86,30 +87,33 @@
static void make_security_cookie(acr_sig_msg_t *msg, const wchar_t *key,
DWORD sn, DWORD to)
{
- acr_sha1_ctx_t sha;
- unsigned char salt[ACR_SHA1_DIGEST_LENGTH];
+ acr_sha1_ctx_t sha;
+ HW_PROFILE_INFOW hw;
+ unsigned char salt[ACR_SHA1_DIGEST_LENGTH];
acr_uint32_t me = GetCurrentProcessId();
acr_uint32_t tc = GetTickCount();
ACR_SHA1Init(&sha);
if (key && *key) {
- acr_sha1_ctx_t sk;
- ACR_SHA1Init(&sk);
- ACR_SHA1UpdateW(&sk, key, wcslen(key));
- ACR_SHA1Update(&sk, (unsigned char *)&to, sizeof(acr_uint32_t));
- ACR_SHA1Final(salt, &sk);
+ acr_sha1_ctx_t shk;
+
+ ACR_SHA1Init(&shk);
+ ACR_SHA1UpdateW(&shk, key, wcslen(key));
+ ACR_SHA1Update(&shk, (unsigned char *)&to, sizeof(acr_uint32_t));
+ ACR_SHA1Final(salt, &shk);
+ ACR_SHA1Update(&sha, salt, ACR_SHA1_DIGEST_LENGTH);
}
- else {
+ else if (GetCurrentHwProfileW(&hw)) {
/* No security set.
- * In most of the cases setting security is not needed.
- * One could write a malicious sofware that when installed
- * on the box could send signals to what ever process using ACR
- * by using this API. With security, that software would have to
- * guess the key as well.
+ * In most of the cases setting security is not needed if
+ * the system is propery secured against malitious software.
*/
- memset(salt, 0, ACR_SHA1_DIGEST_LENGTH);
+ ACR_SHA1UpdateW(&sha, hw.szHwProfileGuid, wcslen(hw.szHwProfileGuid));
+ }
+ else {
+ memset(salt, 0, sizeof(salt));
+ ACR_SHA1Update(&sha, salt, ACR_SHA1_DIGEST_LENGTH);
}
- ACR_SHA1Update(&sha, salt, ACR_SHA1_DIGEST_LENGTH);
ACR_SHA1Update(&sha, (unsigned char *)&sn, sizeof(acr_uint32_t));
ACR_SHA1Update(&sha, (unsigned char *)&me, sizeof(acr_uint32_t));
ACR_SHA1Update(&sha, (unsigned char *)&tc, sizeof(acr_uint32_t));
@@ -126,9 +130,25 @@
unsigned char digest[ACR_SHA1_DIGEST_LENGTH];
acr_sha1_ctx_t sha;
acr_uint32_t me = GetCurrentProcessId();
+ acr_uint32_t tc = GetTickCount();
+
+ /* We have future TickCount. Make sure it's inside the PIPE_TIMEOUT*2S limits.
+ */
+ if ((tc - msg->ticket) > (PIPE_TIMEOUT * 2)) {
+ /* Even if our TickCount overflowed from MAX_UINT
+ * to zero we should still have a valid limit.
+ */
+ return 1;
+ }
ACR_SHA1Init(&sha);
- ACR_SHA1Update(&sha, sig_pipe_salt, ACR_SHA1_DIGEST_LENGTH);
+ if (sig_pipe_local) {
+ HW_PROFILE_INFOW hw;
+ if (GetCurrentHwProfileW(&hw))
+ ACR_SHA1UpdateW(&sha, hw.szHwProfileGuid, wcslen(hw.szHwProfileGuid));
+ }
+ else
+ ACR_SHA1Update(&sha, sig_pipe_salt, ACR_SHA1_DIGEST_LENGTH);
ACR_SHA1Update(&sha, (unsigned char *)&(msg->signal), sizeof(acr_uint32_t));
ACR_SHA1Update(&sha, (unsigned char *)&(msg->sender), sizeof(acr_uint32_t));
ACR_SHA1Update(&sha, (unsigned char *)&(msg->ticket), sizeof(acr_uint32_t));
@@ -536,7 +556,6 @@
{
HANDLE h;
DWORD i;
-
/* Guard against multiple invocations.
* We might initialize twice; in daemon and in JVM again
*/
@@ -800,6 +819,7 @@
ACR_SHA1Update(&sha, (unsigned char *)&me, sizeof(acr_uint32_t));
ACR_SHA1Final(sig_pipe_salt, &sha);
+ sig_pipe_local = 0;
return 0;
}