Avoid calling GetNamedPipeClientProcessId() which is not available on XP.

BUG=121496


Review URL: https://chromiumcodereview.appspot.com/10824316

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@151816 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 13 insertions, 26 deletions

diff --git a/remoting/host/win/worker_process_launcher.cc b/remoting/host/win/worker_process_launcher.cc
index cf781b2..79f196e 100644
--- a/remoting/host/win/worker_process_launcher.cc
+++ b/remoting/host/win/worker_process_launcher.cc
@@ -109,16 +109,15 @@ void WorkerProcessLauncher::OnChannelConnected(int32 peer_pid) {
   DCHECK(pipe_.IsValid());
   DCHECK(process_exit_event_.IsValid());
 
-  // Get the actual peer's PID (i.e. reported by the OS) instead of the PID
-  // reported by the peer itself (|peer_pid|).
-  DWORD actual_peer_pid;
-  if (!GetNamedPipeClientProcessId(pipe_, &actual_peer_pid)) {
-    LOG_GETLASTERROR(ERROR) << "Failed to query the peer's PID";
-    Stop();
-    return;
-  }
-
-  delegate_->OnChannelConnected(actual_peer_pid);
+  // |peer_pid| is send by the client and cannot be trusted.
+  // GetNamedPipeClientProcessId() is not available on XP. The pipe's security
+  // descriptor is the only protection we currently have against malicious
+  // clients.
+  //
+  // If we'd like to be able to launch low-privileged workers and let them
+  // connect back, the pipe handle should be passed to the worker instead of
+  // the pipe name.
+  delegate_->OnChannelConnected();
 }
 
 void WorkerProcessLauncher::OnChannelError() {
diff --git a/remoting/host/win/worker_process_launcher.h b/remoting/host/win/worker_process_launcher.h
index 7dc71eb..f57ecd8 100644
--- a/remoting/host/win/worker_process_launcher.h
+++ b/remoting/host/win/worker_process_launcher.h
@@ -53,12 +53,8 @@ class WorkerProcessLauncher
     // Terminates the worker process with the given exit code.
     virtual void DoKillProcess(DWORD exit_code) = 0;
 
-    // Notifies that a client has been connected to the channel. |peer_pid|
-    // is the peer process's ID that the delegate can use to verify identity of
-    // the client. The verification code has to make sure that the client
-    // process's PID will not be assigned to another process (for instance by
-    // keeping an opened handle of the client process).
-    virtual void OnChannelConnected(DWORD peer_pid) = 0;
+    // Notifies that a client has been connected to the channel.
+    virtual void OnChannelConnected() = 0;
 
     // Processes messages sent by the client.
     virtual bool OnMessageReceived(const IPC::Message& message) = 0;
diff --git a/remoting/host/win/wts_session_process_launcher.cc b/remoting/host/win/wts_session_process_launcher.cc
index e57d37c..42cb702 100644
--- a/remoting/host/win/wts_session_process_launcher.cc
+++ b/remoting/host/win/wts_session_process_launcher.cc
@@ -205,16 +205,8 @@ void WtsSessionProcessLauncher::DoKillProcess(DWORD exit_code) {
   }
 }
 
-void WtsSessionProcessLauncher::OnChannelConnected(DWORD peer_pid) {
+void WtsSessionProcessLauncher::OnChannelConnected() {
   DCHECK(main_message_loop_->BelongsToCurrentThread());
-
-  DWORD expected_pid = GetProcessId(worker_process_);
-  if (peer_pid != expected_pid) {
-    LOG(ERROR)
-        << "Unexpected client connected: expected=" << expected_pid
-        << ", actual=" << peer_pid;
-    Stop();
-  }
 }
 
 bool WtsSessionProcessLauncher::OnMessageReceived(const IPC::Message& message) {
diff --git a/remoting/host/win/wts_session_process_launcher.h b/remoting/host/win/wts_session_process_launcher.h
index 3bde4c1..9a91903 100644
--- a/remoting/host/win/wts_session_process_launcher.h
+++ b/remoting/host/win/wts_session_process_launcher.h
@@ -56,7 +56,7 @@ class WtsSessionProcessLauncher
       const std::string& channel_name,
       base::win::ScopedHandle* process_exit_event_out) OVERRIDE;
   virtual void DoKillProcess(DWORD exit_code) OVERRIDE;
-  virtual void OnChannelConnected(DWORD peer_pid) OVERRIDE;
+  virtual void OnChannelConnected() OVERRIDE;
   virtual bool OnMessageReceived(const IPC::Message& message) OVERRIDE;
 
   // WtsConsoleObserver implementation.