Use fixed socket name instead of SecureSocketWithKey

chrome/common/service_process_util_mac.mm

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/service_process_util_posix.h"
 
 #import <Foundation/Foundation.h>
 #include <launch.h>
 
 #include <vector>
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/files/file_path.h"
 #include "base/mac/bundle_locations.h"
 #include "base/mac/foundation_util.h"
 #include "base/mac/mac_util.h"
 #include "base/mac/scoped_nsautorelease_pool.h"
 #include "base/mac/scoped_nsobject.h"
 #include "base/path_service.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/sys_string_conversions.h"
 #include "base/threading/thread_restrictions.h"
 #include "base/version.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/chrome_version_info.h"
 #include "chrome/common/mac/launchd.h"
+#include "ipc/unix_domain_socket_util.h"
 
 using ::base::FilePathWatcher;
 
 namespace {
 
 #define kServiceProcessSessionType "Aqua"
 
 CFStringRef CopyServiceProcessLaunchDName() {
   base::mac::ScopedNSAutoreleasePool pool;
   NSBundle* bundle = base::mac::FrameworkBundle();
   return CFStringCreateCopy(kCFAllocatorDefault,
                             base::mac::NSToCFCast([bundle bundleIdentifier]));
 }
 
 NSString* GetServiceProcessLaunchDLabel() {
   base::scoped_nsobject<NSString> name(
       base::mac::CFToNSCast(CopyServiceProcessLaunchDName()));
-  NSString *label = [name stringByAppendingString:@".service_process"];
+  NSString* label = [name stringByAppendingString:@".service_process"];
   base::FilePath user_data_dir;
   PathService::Get(chrome::DIR_USER_DATA, &user_data_dir);
   std::string user_data_dir_path = user_data_dir.value();
-  NSString *ns_path = base::SysUTF8ToNSString(user_data_dir_path);
+  NSString* ns_path = base::SysUTF8ToNSString(user_data_dir_path);
   ns_path = [ns_path stringByReplacingOccurrencesOfString:@" "
                                                withString:@"_"];
   label = [label stringByAppendingString:ns_path];
   return label;
 }
 
 NSString* GetServiceProcessLaunchDSocketKey() {
   return @"ServiceProcessSocket";
 }
 
@@ skipping 15 matching lines @@
   ExecFilePathWatcherCallback() {}
   ~ExecFilePathWatcherCallback() {}
 
   bool Init(const base::FilePath& path);
   void NotifyPathChanged(const base::FilePath& path, bool error);
 
  private:
   FSRef executable_fsref_;
 };
 
+base::FilePath GetServiceProcessSocketName() {
+  base::FilePath socket_name;
+  PathService::Get(base::DIR_TEMP, &socket_name);
+  std::string pipe_name = GetServiceProcessScopedName("srv");
+  socket_name = socket_name.Append(pipe_name);
+  if (socket_name.value().size() < IPC::kMaxSocketNameLength)
+    return socket_name;
+  // Fallback to /tmp if $TMPDIR is too long.

[Robert Sesek, 2015/03/11 22:20:29]

I'd suggest using an UMA histogram to track how often this happens.

+  return base::FilePath("/tmp").Append(pipe_name);
+}
+
 }  // namespace
 
-NSString* GetServiceProcessLaunchDSocketEnvVar() {
-  NSString *label = GetServiceProcessLaunchDLabel();
-  NSString *env_var = [label stringByReplacingOccurrencesOfString:@"."
-                                                       withString:@"_"];
-  env_var = [env_var stringByAppendingString:@"_SOCKET"];
-  env_var = [env_var uppercaseString];
-  return env_var;
-}
-
-// Gets the name of the service process IPC channel.
 IPC::ChannelHandle GetServiceProcessChannel() {
-  base::mac::ScopedNSAutoreleasePool pool;
-  std::string socket_path;
-  base::scoped_nsobject<NSDictionary> dictionary(
-      base::mac::CFToNSCast(Launchd::GetInstance()->CopyExports()));
-  NSString *ns_socket_path =
-      [dictionary objectForKey:GetServiceProcessLaunchDSocketEnvVar()];
-  if (ns_socket_path) {
-    socket_path = base::SysNSStringToUTF8(ns_socket_path);
-  }
-  return IPC::ChannelHandle(socket_path);
+  base::FilePath socket_name = GetServiceProcessSocketName();
+  VLOG(1) << "ServiceProcessChannel: " << socket_name.value();
+  return IPC::ChannelHandle(socket_name.value());
 }
 
 bool ForceServiceProcessShutdown(const std::string& /* version */,
                                  base::ProcessId /* process_id */) {
   base::mac::ScopedNSAutoreleasePool pool;
   CFStringRef label = base::mac::NSToCFCast(GetServiceProcessLaunchDLabel());
   CFErrorRef err = NULL;
   bool ret = Launchd::GetInstance()->RemoveJob(label, &err);
   if (!ret) {
     DLOG(ERROR) << "ForceServiceProcessShutdown: " << err << " "
                 << base::SysCFStringRefToUTF8(label);
     CFRelease(err);
   }
   return ret;
 }
 
 bool GetServiceProcessData(std::string* version, base::ProcessId* pid) {
   base::mac::ScopedNSAutoreleasePool pool;
   CFStringRef label = base::mac::NSToCFCast(GetServiceProcessLaunchDLabel());
   base::scoped_nsobject<NSDictionary> launchd_conf(
       base::mac::CFToNSCast(Launchd::GetInstance()->CopyJobDictionary(label)));
   if (!launchd_conf.get()) {
     return false;
   }
   // Anything past here will return true in that there does appear
   // to be a service process of some sort registered with launchd.
   if (version) {
     *version = "0";
-    NSString *exe_path = [launchd_conf objectForKey:@ LAUNCH_JOBKEY_PROGRAM];
+    NSString* exe_path = [launchd_conf objectForKey:@ LAUNCH_JOBKEY_PROGRAM];
     if (exe_path) {
-      NSString *bundle_path = [[[exe_path stringByDeletingLastPathComponent]
+      NSString* bundle_path = [[[exe_path stringByDeletingLastPathComponent]
                                 stringByDeletingLastPathComponent]
                                stringByDeletingLastPathComponent];
-      NSBundle *bundle = [NSBundle bundleWithPath:bundle_path];
+      NSBundle* bundle = [NSBundle bundleWithPath:bundle_path];
       if (bundle) {
-        NSString *ns_version =
+        NSString* ns_version =
             [bundle objectForInfoDictionaryKey:@"CFBundleShortVersionString"];
         if (ns_version) {
           *version = base::SysNSStringToUTF8(ns_version);
         } else {
           DLOG(ERROR) << "Unable to get version at: "
                       << reinterpret_cast<CFStringRef>(bundle_path);
         }
       } else {
         // The bundle has been deleted out from underneath the registered
         // job.
@@ skipping 23 matching lines @@
                 << "CopyLaunchdDictionaryByCheckingIn: " << err;
     CFRelease(err);
     return false;
   }
   state_->launchd_conf.reset(dict);
   return true;
 }
 
 IPC::ChannelHandle ServiceProcessState::GetServiceProcessChannel() {
   DCHECK(state_);
-  NSDictionary *ns_launchd_conf = base::mac::CFToNSCast(state_->launchd_conf);
+  NSDictionary* ns_launchd_conf = base::mac::CFToNSCast(state_->launchd_conf);
   NSDictionary* socket_dict =
       [ns_launchd_conf objectForKey:@ LAUNCH_JOBKEY_SOCKETS];
   NSArray* sockets =
       [socket_dict objectForKey:GetServiceProcessLaunchDSocketKey()];
   DCHECK_EQ([sockets count], 1U);
   int socket = [[sockets objectAtIndex:0] intValue];
   base::FileDescriptor fd(socket, false);
   return IPC::ChannelHandle(std::string(), fd);
 }
 
@@ skipping 24 matching lines @@
   if (!ready) {
     ForceServiceProcessShutdown(version, pid);
   }
   return ready;
 }
 
 CFDictionaryRef CreateServiceProcessLaunchdPlist(base::CommandLine* cmd_line,
                                                  bool for_auto_launch) {
   base::mac::ScopedNSAutoreleasePool pool;
 
-  NSString *program =
+  NSString* program =
       base::SysUTF8ToNSString(cmd_line->GetProgram().value());
 
   std::vector<std::string> args = cmd_line->argv();
-  NSMutableArray *ns_args = [NSMutableArray arrayWithCapacity:args.size()];
+  NSMutableArray* ns_args = [NSMutableArray arrayWithCapacity:args.size()];
 
   for (std::vector<std::string>::iterator iter = args.begin();
        iter < args.end();
        ++iter) {
     [ns_args addObject:base::SysUTF8ToNSString(*iter)];
   }
 
-  NSDictionary *socket =
-      [NSDictionary dictionaryWithObject:GetServiceProcessLaunchDSocketEnvVar()
-                                  forKey:@ LAUNCH_JOBSOCKETKEY_SECUREWITHKEY];
-  NSDictionary *sockets =
+  NSString* soket_name =
+      base::SysUTF8ToNSString(GetServiceProcessSocketName().value());
+
+  NSDictionary* socket =
+      [NSDictionary dictionaryWithObject:soket_name
+                                  forKey:@LAUNCH_JOBSOCKETKEY_PATHNAME];
+  NSDictionary* sockets =
       [NSDictionary dictionaryWithObject:socket
                                   forKey:GetServiceProcessLaunchDSocketKey()];
 
   // See the man page for launchd.plist.
-  NSMutableDictionary *launchd_plist =
+  NSMutableDictionary* launchd_plist =
       [[NSMutableDictionary alloc] initWithObjectsAndKeys:
-        GetServiceProcessLaunchDLabel(), @ LAUNCH_JOBKEY_LABEL,
-        program, @ LAUNCH_JOBKEY_PROGRAM,
-        ns_args, @ LAUNCH_JOBKEY_PROGRAMARGUMENTS,
-        sockets, @ LAUNCH_JOBKEY_SOCKETS,
+        GetServiceProcessLaunchDLabel(), @LAUNCH_JOBKEY_LABEL,
+        program, @LAUNCH_JOBKEY_PROGRAM,
+        ns_args, @LAUNCH_JOBKEY_PROGRAMARGUMENTS,
+        sockets, @LAUNCH_JOBKEY_SOCKETS,
         nil];
 
   if (for_auto_launch) {
     // We want the service process to be able to exit if there are no services
     // enabled. With a value of NO in the SuccessfulExit key, launchd will
     // relaunch the service automatically in any other case than exiting
     // cleanly with a 0 return code.
-    NSDictionary *keep_alive =
-      [NSDictionary
-        dictionaryWithObject:[NSNumber numberWithBool:NO]
-                      forKey:@ LAUNCH_JOBKEY_KEEPALIVE_SUCCESSFULEXIT];
-    NSDictionary *auto_launchd_plist =
-      [[NSDictionary alloc] initWithObjectsAndKeys:
-        [NSNumber numberWithBool:YES], @ LAUNCH_JOBKEY_RUNATLOAD,
-        keep_alive, @ LAUNCH_JOBKEY_KEEPALIVE,
-        @ kServiceProcessSessionType, @ LAUNCH_JOBKEY_LIMITLOADTOSESSIONTYPE,
-        nil];
+    NSDictionary* keep_alive =
+        [NSDictionary
+           dictionaryWithObject:[NSNumber numberWithBool:NO]
+                         forKey:@LAUNCH_JOBKEY_KEEPALIVE_SUCCESSFULEXIT];
+    NSDictionary* auto_launchd_plist =
+        [[NSDictionary alloc] initWithObjectsAndKeys:
+          [NSNumber numberWithBool:YES], @LAUNCH_JOBKEY_RUNATLOAD,
+          keep_alive, @LAUNCH_JOBKEY_KEEPALIVE,
+          @kServiceProcessSessionType, @LAUNCH_JOBKEY_LIMITLOADTOSESSIONTYPE,
+          nil];
     [launchd_plist addEntriesFromDictionary:auto_launchd_plist];
   }
   return reinterpret_cast<CFDictionaryRef>(launchd_plist);
 }
 
 // Writes the launchd property list into the user's LaunchAgents directory,
 // creating that directory if needed. This will cause the service process to be
 // auto launched on the next user login.
 bool ServiceProcessState::AddToAutoRun() {
   // We're creating directories and writing a file.
@@ skipping 147 matching lines @@
       CFErrorRef err = NULL;
       if (!Launchd::GetInstance()->RemoveJob(label, &err)) {
         base::ScopedCFTypeRef<CFErrorRef> scoped_err(err);
         DLOG(ERROR) << "RemoveJob " << err;
         // Exiting with zero, so launchd doesn't restart the process.
         exit(0);
       }
     }
   }
 }