From 619f7fa0324c0eecdb7d32c5721c46b7d9a7f80b Mon Sep 17 00:00:00 2001 From: Egor Duda Date: Mon, 9 Apr 2001 07:21:32 +0000 Subject: * fhandler.h (class fhandler_socket): Add members and methods to support secure connections on AF_UNIX sockets. * fhandler_socket.cc (fhandler_socket::set_connect_secret): New method. (fhandler_socket::get_connect_secret): Ditto. (fhandler_socket::create_secret_event): Ditto. (fhandler_socket::close_secret_event): Ditto. (fhandler_socket::check_peer_secret_event): Ditto. (fhandler_socket::fixup_after_fork): Duplicate secret event to child. (fhandler_socket::dup): Copy address family. (fhandler_socket::close): Close secret event. * net.cc (get_inet_addr): Read secret cookie. (cygwin_connect): Check if peer knows secret cookie value. (cygwin_accept): Ditto. Copy address family to newly created socket. (cygwin_bind): Generate and write secret cookie. (wsock_init): Initialize random number generator. --- winsup/cygwin/fhandler_socket.cc | 89 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) (limited to 'winsup/cygwin/fhandler_socket.cc') diff --git a/winsup/cygwin/fhandler_socket.cc b/winsup/cygwin/fhandler_socket.cc index a52d2851a..3b3ba7bac 100644 --- a/winsup/cygwin/fhandler_socket.cc +++ b/winsup/cygwin/fhandler_socket.cc @@ -16,6 +16,7 @@ #include #include +#include #include #include #define USE_SYS_TYPES_FD_SET @@ -26,6 +27,8 @@ #include "dtable.h" #include "sigproc.h" +#define SECRET_EVENT_NAME "cygwin.local_socket.secret.%d.%08x-%08x-%08x-%08x" + /**********************************************************************/ /* fhandler_socket */ @@ -44,6 +47,87 @@ fhandler_socket::~fhandler_socket () cfree (prot_info_ptr); } +void +fhandler_socket::set_connect_secret () +{ + for (int i = 0; i < 4; i++) + connect_secret [i] = random (); +} + +void +fhandler_socket::get_connect_secret (char* buf) +{ + __small_sprintf (buf, "%08x-%08x-%08x-%08x", + connect_secret [0], connect_secret [1], + connect_secret [2], connect_secret [3]); +} + +HANDLE +fhandler_socket::create_secret_event (int* secret) +{ + char buf [128]; + int* secret_ptr = (secret ? : connect_secret); + struct sockaddr_in sin; + int sin_len = sizeof (sin); + + if (getsockname (get_socket (), (struct sockaddr*) &sin, &sin_len)) + { + debug_printf ("error getting local socket name (%d)", WSAGetLastError ()); + return NULL; + } + + __small_sprintf (buf, SECRET_EVENT_NAME, sin.sin_port, + secret_ptr [0], secret_ptr [1], + secret_ptr [2], secret_ptr [3]); + secret_event = CreateEvent ( NULL, FALSE, FALSE, buf); + if (!secret_event && GetLastError () == ERROR_ALREADY_EXISTS) + secret_event = OpenEvent (EVENT_ALL_ACCESS, FALSE, buf); + + if (secret_event) + { + ProtectHandle (secret_event); + SetEvent (secret_event); + } + + return secret_event; +} + +void +fhandler_socket::close_secret_event () +{ + if (secret_event) + ForceCloseHandle (secret_event); + secret_event = NULL; +} + +int +fhandler_socket::check_peer_secret_event (struct sockaddr_in* peer, int* secret) +{ + char buf [128]; + HANDLE ev; + int* secret_ptr = (secret ? : connect_secret); + + __small_sprintf (buf, SECRET_EVENT_NAME, peer->sin_port, + secret_ptr [0], secret_ptr [1], + secret_ptr [2], secret_ptr [3]); + ev = CreateEvent (NULL, FALSE, FALSE, buf); + if (!ev && GetLastError () == ERROR_ALREADY_EXISTS) + { + debug_printf ("%s event already exist"); + ev = OpenEvent (EVENT_ALL_ACCESS, FALSE, buf); + } + + if (ev) + { + DWORD rc = WaitForSingleObject (ev, 10000); + debug_printf ("WFSO rc=%d", rc); + CloseHandle (ev); + return (rc == WAIT_OBJECT_0 ? 1 : 0 ); + } + else + return 0; +} + void fhandler_socket::fixup_before_fork_exec (DWORD win_proc_id) { @@ -93,12 +177,15 @@ fhandler_socket::fixup_after_fork (HANDLE parent) fhandler_base::fixup_after_fork (parent); debug_printf ("Without Winsock 2.0"); } + if (secret_event) + fork_fixup (parent, secret_event, "secret_event"); } int fhandler_socket::dup (fhandler_base *child) { fhandler_socket *fhs = (fhandler_socket *) child; + fhs->addr_family = addr_family; fhs->set_io_handle (get_io_handle ()); fhs->fixup_before_fork_exec (GetCurrentProcessId ()); if (ws2_32_handle) @@ -148,6 +235,8 @@ fhandler_socket::close () res = -1; } + close_secret_event (); + return res; } -- cgit v1.2.3