| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "remoting/host/win/launch_native_messaging_host_process.h" |
| 6 |
| 7 #include <windows.h> |
| 8 #include <shellapi.h> |
| 9 |
| 10 #include <cstdint> |
| 11 #include <string> |
| 12 |
| 13 #include "base/command_line.h" |
| 14 #include "base/files/file_path.h" |
| 15 #include "base/logging.h" |
| 16 #include "base/macros.h" |
| 17 #include "base/strings/stringprintf.h" |
| 18 #include "base/strings/utf_string_conversions.h" |
| 19 #include "base/win/win_util.h" |
| 20 #include "ipc/ipc_channel.h" |
| 21 #include "remoting/host/switches.h" |
| 22 #include "remoting/host/win/security_descriptor.h" |
| 23 |
| 24 namespace { |
| 25 |
| 26 // Windows will use default buffer size when 0 is passed to CreateNamedPipeW(). |
| 27 const uint32_t kBufferSize = 0; |
| 28 const int kTimeOutMilliseconds = 2000; |
| 29 const char kChromePipeNamePrefix[] = "\\\\.\\pipe\\chrome_remote_desktop."; |
| 30 |
| 31 uint32_t CreateNamedPipe(const std::string& pipe_name, |
| 32 const remoting::ScopedSd& security_descriptor, |
| 33 uint32_t open_mode, |
| 34 base::win::ScopedHandle* file_handle) { |
| 35 DCHECK(file_handle); |
| 36 |
| 37 SECURITY_ATTRIBUTES security_attributes = {0}; |
| 38 security_attributes.nLength = sizeof(security_attributes); |
| 39 security_attributes.lpSecurityDescriptor = security_descriptor.get(); |
| 40 security_attributes.bInheritHandle = FALSE; |
| 41 |
| 42 base::win::ScopedHandle temp_handle(::CreateNamedPipe( |
| 43 base::ASCIIToUTF16(pipe_name).c_str(), open_mode, |
| 44 PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE | PIPE_REJECT_REMOTE_CLIENTS, 1, |
| 45 kBufferSize, kBufferSize, kTimeOutMilliseconds, &security_attributes)); |
| 46 |
| 47 if (!temp_handle.IsValid()) { |
| 48 uint32_t error = GetLastError(); |
| 49 PLOG(ERROR) << "Failed to create named pipe '" << pipe_name << "'"; |
| 50 return error; |
| 51 } |
| 52 |
| 53 file_handle->Set(temp_handle.Take()); |
| 54 return 0; |
| 55 } |
| 56 |
| 57 } // namespace |
| 58 |
| 59 namespace remoting { |
| 60 |
| 61 ProcessLaunchResult LaunchNativeMessagingHostProcess( |
| 62 const base::FilePath& binary_path, |
| 63 intptr_t parent_window_handle, |
| 64 bool elevate_process, |
| 65 base::win::ScopedHandle* read_handle, |
| 66 base::win::ScopedHandle* write_handle) { |
| 67 DCHECK(read_handle); |
| 68 DCHECK(write_handle); |
| 69 |
| 70 // presubmit: allow wstring |
| 71 std::wstring user_sid; |
| 72 if (!base::win::GetUserSidString(&user_sid)) { |
| 73 LOG(ERROR) << "Failed to query the current user SID."; |
| 74 return PROCESS_LAUNCH_RESULT_FAILED; |
| 75 } |
| 76 |
| 77 // Create a security descriptor that gives full access to the caller and |
| 78 // BUILTIN_ADMINISTRATORS and denies access by anyone else. |
| 79 // Local admins need access because the privileged host process will run |
| 80 // as a local admin which may not be the same user as the current user. |
| 81 std::string user_sid_ascii = base::UTF16ToASCII(user_sid); |
| 82 std::string security_descriptor = base::StringPrintf( |
| 83 "O:%sG:%sD:(A;;GA;;;%s)(A;;GA;;;BA)", user_sid_ascii.c_str(), |
| 84 user_sid_ascii.c_str(), user_sid_ascii.c_str()); |
| 85 |
| 86 ScopedSd sd = ConvertSddlToSd(security_descriptor); |
| 87 if (!sd) { |
| 88 PLOG(ERROR) << "Failed to create a security descriptor."; |
| 89 return PROCESS_LAUNCH_RESULT_FAILED; |
| 90 } |
| 91 |
| 92 uint32_t result; |
| 93 std::string input_pipe_name(kChromePipeNamePrefix); |
| 94 input_pipe_name.append(IPC::Channel::GenerateUniqueRandomChannelID()); |
| 95 base::win::ScopedHandle temp_write_handle; |
| 96 result = CreateNamedPipe(input_pipe_name, sd, PIPE_ACCESS_OUTBOUND, |
| 97 &temp_write_handle); |
| 98 if (!temp_write_handle.IsValid()) { |
| 99 return PROCESS_LAUNCH_RESULT_FAILED; |
| 100 } |
| 101 |
| 102 std::string output_pipe_name(kChromePipeNamePrefix); |
| 103 output_pipe_name.append(IPC::Channel::GenerateUniqueRandomChannelID()); |
| 104 base::win::ScopedHandle temp_read_handle; |
| 105 result = CreateNamedPipe(output_pipe_name, sd, PIPE_ACCESS_INBOUND, |
| 106 &temp_read_handle); |
| 107 if (!temp_read_handle.IsValid()) { |
| 108 return PROCESS_LAUNCH_RESULT_FAILED; |
| 109 } |
| 110 |
| 111 const base::CommandLine* current_command_line = |
| 112 base::CommandLine::ForCurrentProcess(); |
| 113 |
| 114 // Create the child process command line by copying switches from the current |
| 115 // command line. |
| 116 base::CommandLine command_line(base::CommandLine::NO_PROGRAM); |
| 117 |
| 118 DCHECK(!current_command_line->HasSwitch(kElevateSwitchName)); |
| 119 // Always add the elevation switch when launched via this function. |
| 120 command_line.AppendSwitch(kElevateSwitchName); |
| 121 command_line.AppendSwitchASCII(kInputSwitchName, input_pipe_name); |
| 122 command_line.AppendSwitchASCII(kOutputSwitchName, output_pipe_name); |
| 123 |
| 124 for (const auto& switch_data : current_command_line->GetSwitches()) { |
| 125 command_line.AppendSwitchNative(switch_data.first, switch_data.second); |
| 126 } |
| 127 for (const auto& arg : current_command_line->GetArgs()) { |
| 128 command_line.AppendArgNative(arg); |
| 129 } |
| 130 |
| 131 // Get the parameters for the binary to launch. |
| 132 base::CommandLine::StringType params = command_line.GetCommandLineString(); |
| 133 |
| 134 // Launch the child process, requesting elevation if needed. |
| 135 SHELLEXECUTEINFO info; |
| 136 memset(&info, 0, sizeof(info)); |
| 137 info.cbSize = sizeof(info); |
| 138 info.hwnd = reinterpret_cast<HWND>(parent_window_handle); |
| 139 info.lpFile = binary_path.value().c_str(); |
| 140 info.lpParameters = params.c_str(); |
| 141 info.nShow = SW_HIDE; |
| 142 |
| 143 if (elevate_process) { |
| 144 info.lpVerb = L"runas"; |
| 145 } |
| 146 |
| 147 if (!ShellExecuteEx(&info)) { |
| 148 uint32_t error = GetLastError(); |
| 149 PLOG(ERROR) << "Unable to launch '" << binary_path.value() << "'"; |
| 150 if (error == ERROR_CANCELLED) { |
| 151 return PROCESS_LAUNCH_RESULT_CANCELLED; |
| 152 } else { |
| 153 return PROCESS_LAUNCH_RESULT_FAILED; |
| 154 } |
| 155 } |
| 156 |
| 157 if (!ConnectNamedPipe(temp_write_handle.Get(), nullptr)) { |
| 158 uint32_t error = GetLastError(); |
| 159 if (error != ERROR_PIPE_CONNECTED) { |
| 160 PLOG(ERROR) << "Unable to connect '" << output_pipe_name << "'"; |
| 161 return PROCESS_LAUNCH_RESULT_FAILED; |
| 162 } |
| 163 } |
| 164 |
| 165 if (!ConnectNamedPipe(temp_read_handle.Get(), nullptr)) { |
| 166 uint32_t error = GetLastError(); |
| 167 if (error != ERROR_PIPE_CONNECTED) { |
| 168 PLOG(ERROR) << "Unable to connect '" << input_pipe_name << "'"; |
| 169 return PROCESS_LAUNCH_RESULT_FAILED; |
| 170 } |
| 171 } |
| 172 |
| 173 read_handle->Set(temp_read_handle.Take()); |
| 174 write_handle->Set(temp_write_handle.Take()); |
| 175 return PROCESS_LAUNCH_RESULT_SUCCESS; |
| 176 } |
| 177 |
| 178 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2152953002:
Refactoring Native Messaging Host process launching code into its own file. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master