aleitner commented on code in PR #454:
URL: https://github.com/apache/guacamole-server/pull/454#discussion_r1282408196
##########
src/guacd/connection.c:
##########
@@ -181,6 +272,129 @@ void* guacd_connection_io_thread(void* data) {
*/
static int guacd_add_user(guacd_proc* proc, guac_parser* parser, guac_socket*
socket) {
+#ifdef CYGWIN_BUILD
+
+ SECURITY_ATTRIBUTES attributes = { 0 };
+ attributes.nLength = sizeof(SECURITY_ATTRIBUTES);
+
+ /*
+ * Attempt to create a Windows security descriptor that grants access only
+ * to the owner of this process.
+ */
+ if (!ConvertStringSecurityDescriptorToSecurityDescriptor(
+
+ /*
+ * An SDDL string that uses DACL to grant the General Access (GA)
+ * permission, only to the owner (OW). For more, see
+ *
https://learn.microsoft.com/en-us/windows/win32/secauthz/security-descriptor-string-format.
+ */
+ "D:P(A;;GA;;;OW)",
+ SDDL_REVISION_1,
+
+ /* The populated security descriptor output */
+ &(attributes.lpSecurityDescriptor),
+
+ /* There's no need to capture the descriptor size */
+ NULL
+
+ )) {
+ guacd_log(GUAC_LOG_ERROR, "Unable to initialize named pipe security
descriptor.");
+ return 1;
+ }
+
+ char pipe_name[GUAC_PIPE_NAME_LENGTH];
+
+ /* Required pipe name prefix */
+ memcpy(pipe_name, PIPE_NAME_PREFIX, strlen(PIPE_NAME_PREFIX));
+
+ /* UUID to ensure the pipe name is unique */
+ char* uuid = guac_generate_id('G');
+ if (uuid == NULL) {
+ guacd_log(GUAC_LOG_ERROR, "Unable to generate UUID for pipe name.");
+ return 1;
+ }
+
+ memcpy(pipe_name + strlen(PIPE_NAME_PREFIX), uuid, GUAC_UUID_LEN);
+
+ /* Null terminator */
+ pipe_name[GUAC_PIPE_NAME_LENGTH - 1] = '\0';
+
+ /*
+ * Set up a named pipe for communication with the user. For more, see
+ *
https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea
+ */
+ HANDLE pipe_handle = CreateNamedPipe(
Review Comment:
checking if `pipe_handle` is `NULL` below should cover the `pipe_name`
actually. Maybe if the UUID is formatted incorrectly that could also cause
problems but I don't think we really need to check that.
After calling `ConvertStringSecurityDescriptorToSecurityDescriptor`, ensure
`attributes.lpSecurityDescriptor` is not `Null`. If
ConvertStringSecurityDescriptorToSecurityDescriptor fails for any reason, the
pointer might be `NULL`. I suppose the `!` and the error printing handles this
context too.
You can disregard this validation comment!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
