You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by mt...@apache.org on 2009/09/09 19:44:24 UTC

svn commit: r813057 - in /commons/sandbox/runtime/trunk/src/main/native: include/arch/windows/acr_arch.h include/arch/windows/acr_arch_private.h os/win32/signals.c

Author: mturk
Date: Wed Sep  9 17:44:24 2009
New Revision: 813057

URL: http://svn.apache.org/viewvc?rev=813057&view=rev
Log:
More on win32 signals. Add security signal message ticket

Modified:
    commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h
    commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h
    commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c

Modified: commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h?rev=813057&r1=813056&r2=813057&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h Wed Sep  9 17:44:24 2009
@@ -430,8 +430,8 @@
 #define SIG_DFL     (void (*)(int))0    /* default signal action */
 #define SIG_IGN     (void (*)(int))1    /* igore signal          */
 #define SIG_GET     (void (*)(int))2    /* return current value  */
-#define SIG_SGE     (void (*)(int))3    /* signal gets error     */
-#define SIG_ACK     (void (*)(int))3    /* acknowledge           */
+#define SIG_SGE     (void (*)(int))4    /* signal gets error     */
+#define SIG_ACK     (void (*)(int))5    /* acknowledge           */
 
 
 /*

Modified: commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h?rev=813057&r1=813056&r2=813057&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch_private.h Wed Sep  9 17:44:24 2009
@@ -139,6 +139,20 @@
 /**
  * Local functions from signal.c
  */
+/*
+ * Signal message data passed from the sender
+ * to us via signal pipe.
+ */
+typedef struct acr_sig_msg_t {
+   acr_uint32_t  signal;        /* Signal number   */
+   acr_uint32_t  sender;        /* Id of the process sending the signal */
+   acr_uint32_t  ticket;        /* Some semi random number              */
+   unsigned char cookie[20];    /* Security cookie
+                                 * SHA1 of the secret + signal + sender +
+                                 * ticket + our pid
+                                 */
+} acr_sig_msg_t;
+
 DWORD        ACR_DeliverSignals(void);
 extern volatile LONG current_signal_listeners;
 #define ACR_SIGNAL_REGISTER() InterlockedIncrement(&current_signal_listeners)

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c?rev=813057&r1=813056&r2=813057&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/signals.c Wed Sep  9 17:44:24 2009
@@ -50,6 +50,47 @@
 volatile LONG current_signal_value;
 volatile LONG current_signal_listeners;
 
+static void make_security_cookie(acr_sig_msg_t *msg, const wchar_t *salt,
+                                 DWORD sn, DWORD to)
+{
+    acr_sha1_ctx_t sha;
+    acr_uint32_t me = GetCurrentProcessId();
+    acr_uint32_t tc = GetTickCount();
+
+    ACR_SHA1Init(&sha);
+    if (salt)
+        ACR_SHA1UpdateW(&sha, salt, wcslen(salt));
+    ACR_SHA1Update(&sha, (unsigned char *)&sn, sizeof(acr_uint32_t));
+    ACR_SHA1Update(&sha, (unsigned char *)&me, sizeof(acr_uint32_t));
+    ACR_SHA1Update(&sha, (unsigned char *)&tc, sizeof(acr_uint32_t));
+    ACR_SHA1Update(&sha, (unsigned char *)&to, sizeof(acr_uint32_t));
+
+    ACR_SHA1Final(msg->cookie, &sha);
+    msg->signal = sn;
+    msg->sender = me;
+    msg->ticket = tc;
+}
+
+static int verify_security_cookie(acr_sig_msg_t *msg, const wchar_t *salt)
+{
+    unsigned char  digest[ACR_SHA1_DIGEST_LENGTH];
+    acr_sha1_ctx_t sha;
+    acr_uint32_t me = GetCurrentProcessId();
+
+    ACR_SHA1Init(&sha);
+    if (salt)
+        ACR_SHA1UpdateW(&sha, salt, wcslen(salt));
+
+    ACR_SHA1Update(&sha, (unsigned char *)&(msg->signal), sizeof(acr_uint32_t));
+    ACR_SHA1Update(&sha, (unsigned char *)&(msg->sender), sizeof(acr_uint32_t));
+    ACR_SHA1Update(&sha, (unsigned char *)&(msg->ticket), sizeof(acr_uint32_t));
+    ACR_SHA1Update(&sha, (unsigned char *)&me, sizeof(acr_uint32_t));
+
+    ACR_SHA1Final(digest, &sha);
+
+    return memcmp(digest, msg->cookie, 20);
+}
+
 /*
  * Make sure this handler is initialized again
  * after JVM is loaded. JVM installs it's own ConsoleHandler
@@ -59,16 +100,21 @@
  */
 static BOOL WINAPI console_event_handler(DWORD sig)
 {
+    BOOL handled = FALSE;
     LONG posix_signal = 0;
+
     switch (sig) {
         case CTRL_C_EVENT:
-            posix_signal = SIGHUP;
+            posix_signal = SIGINT;
         break;
         case CTRL_BREAK_EVENT:
             posix_signal = SIGINT;
         break;
         case CTRL_CLOSE_EVENT:
-            posix_signal = SIGQUIT;
+            /* If interactive process this happens on close console.
+             * We can FreeConsole and continue or completely close.
+             */
+            posix_signal = SIGHUP;
         break;
         case CTRL_LOGOFF_EVENT:
             /* Something not defined in POSIX land
@@ -76,13 +122,13 @@
              * if we are running as a service we just got an
              * info that someone logged off.
              */
-            if (dll_daemon_mode == 0)
-                posix_signal = SIGTSTP;
-            else
-                posix_signal = SIGQUIT;
+            posix_signal = SIGHUP;
         break;
         case CTRL_SHUTDOWN_EVENT:
-            posix_signal = SIGKILL;
+            /* Generated by system, so we cannot do much except
+             * shutdown gracefully.
+             */
+            posix_signal = SIGTERM;
         break;
     }
     if (posix_signal) {
@@ -96,19 +142,39 @@
         SetEvent(dll_auto_hevent);
         SetEvent(dll_psig_handle);
         LeaveCriticalSection(&signal_lock);
-        return TRUE;
+        handled = TRUE;
     }
-    else
-        return FALSE;
+    return handled;
 }
 
 
 int acr_SignalsInit()
 {
+    static int initialized = 0;
+
+    /* Guard against multiple invocations.
+     * We might initialize twice; in daemon and in JVM again
+     */
+    if (initialized++) {
+        if (initialized == 1) {
+            /* Second invocation.
+             * Put the ConsoleHandler routine on top of JVM handler routine.
+             */
+            if (!SetConsoleCtrlHandler(console_event_handler, TRUE))
+                return ACR_GET_OS_ERROR();
+        }
+        return 0;
+    }
     if (!InitializeCriticalSectionAndSpinCount(&signal_lock, ACR_SPINCOUNT)) {
         return ACR_GET_OS_ERROR();
     }
+    if (!SetConsoleCtrlHandler(console_event_handler, TRUE)) {
+        int rc = ACR_GET_OS_ERROR();
 
+        DeleteCriticalSection(&signal_lock);
+        initialized = 0;
+        return rc;
+    }
     return 0;
 }
 
@@ -144,6 +210,7 @@
     switch (current_signal_value) {
         case SIGKILL:
         case SIGQUIT:
+        case SIGTERM:
             rc = ACR_INCOMPLETE;
         default:
             rc = ACR_EINTR;