summaryrefslogtreecommitdiffstats
path: root/remoting/host
diff options
context:
space:
mode:
Diffstat (limited to 'remoting/host')
-rw-r--r--remoting/host/desktop_session_proxy.cc5
-rw-r--r--remoting/host/setup/daemon_installer_win.cc2
-rw-r--r--remoting/host/win/chromoting_module.cc5
-rw-r--r--remoting/host/win/launch_process_with_token.cc18
-rw-r--r--remoting/host/win/unprivileged_process_delegate.cc23
-rw-r--r--remoting/host/win/worker_process_launcher_unittest.cc10
-rw-r--r--remoting/host/win/wts_session_process_delegate.cc5
7 files changed, 41 insertions, 27 deletions
diff --git a/remoting/host/desktop_session_proxy.cc b/remoting/host/desktop_session_proxy.cc
index 9e52f8d..058a2f4 100644
--- a/remoting/host/desktop_session_proxy.cc
+++ b/remoting/host/desktop_session_proxy.cc
@@ -230,9 +230,9 @@ bool DesktopSessionProxy::AttachToDesktop(
#if defined(OS_WIN)
// On Windows: |desktop_process| is a valid handle, but |desktop_pipe| needs
// to be duplicated from the desktop process.
- base::win::ScopedHandle pipe;
+ HANDLE temp_handle;
if (!DuplicateHandle(desktop_process_, desktop_pipe, GetCurrentProcess(),
- pipe.Receive(), 0, FALSE, DUPLICATE_SAME_ACCESS)) {
+ &temp_handle, 0, FALSE, DUPLICATE_SAME_ACCESS)) {
LOG_GETLASTERROR(ERROR) << "Failed to duplicate the desktop-to-network"
" pipe handle";
@@ -240,6 +240,7 @@ bool DesktopSessionProxy::AttachToDesktop(
base::CloseProcessHandle(desktop_process);
return false;
}
+ base::win::ScopedHandle pipe(temp_handle);
IPC::ChannelHandle desktop_channel_handle(pipe);
diff --git a/remoting/host/setup/daemon_installer_win.cc b/remoting/host/setup/daemon_installer_win.cc
index dbb72192..176efa1 100644
--- a/remoting/host/setup/daemon_installer_win.cc
+++ b/remoting/host/setup/daemon_installer_win.cc
@@ -300,7 +300,7 @@ void DaemonCommandLineInstallerWin::Install() {
kOmahaLanguage));
base::LaunchOptions options;
- if (!base::LaunchProcess(command_line, options, process_.Receive())) {
+ if (!base::LaunchProcess(command_line, options, &process_)) {
result = GetLastError();
Done(HRESULT_FROM_WIN32(result));
return;
diff --git a/remoting/host/win/chromoting_module.cc b/remoting/host/win/chromoting_module.cc
index 724ce7e..630c6c2 100644
--- a/remoting/host/win/chromoting_module.cc
+++ b/remoting/host/win/chromoting_module.cc
@@ -42,12 +42,13 @@ base::LazyInstance<scoped_refptr<AutoThreadTaskRunner> > g_module_task_runner =
// Lowers the process integrity level such that it does not exceed |max_level|.
// |max_level| is expected to be one of SECURITY_MANDATORY_XXX constants.
bool LowerProcessIntegrityLevel(DWORD max_level) {
- base::win::ScopedHandle token;
+ HANDLE temp_handle;
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_WRITE,
- token.Receive())) {
+ &temp_handle)) {
PLOG(ERROR) << "OpenProcessToken() failed";
return false;
}
+ base::win::ScopedHandle token(temp_handle);
TypedBuffer<TOKEN_MANDATORY_LABEL> mandatory_label;
DWORD length = 0;
diff --git a/remoting/host/win/launch_process_with_token.cc b/remoting/host/win/launch_process_with_token.cc
index e579c09..f45332c 100644
--- a/remoting/host/win/launch_process_with_token.cc
+++ b/remoting/host/win/launch_process_with_token.cc
@@ -122,26 +122,26 @@ bool ConnectToExecutionServer(uint32 session_id,
// Copies the process token making it a primary impersonation token.
// The returned handle will have |desired_access| rights.
bool CopyProcessToken(DWORD desired_access, ScopedHandle* token_out) {
- ScopedHandle process_token;
+ HANDLE temp_handle;
if (!OpenProcessToken(GetCurrentProcess(),
TOKEN_DUPLICATE | desired_access,
- process_token.Receive())) {
+ &temp_handle)) {
LOG_GETLASTERROR(ERROR) << "Failed to open process token";
return false;
}
+ ScopedHandle process_token(temp_handle);
- ScopedHandle copied_token;
if (!DuplicateTokenEx(process_token,
desired_access,
NULL,
SecurityImpersonation,
TokenPrimary,
- copied_token.Receive())) {
+ &temp_handle)) {
LOG_GETLASTERROR(ERROR) << "Failed to duplicate the process token";
return false;
}
- *token_out = copied_token.Pass();
+ token_out->Set(temp_handle);
return true;
}
@@ -467,7 +467,7 @@ bool LaunchProcessWithToken(const base::FilePath& binary,
if (desktop_name)
startup_info.lpDesktop = const_cast<char16*>(desktop_name);
- base::win::ScopedProcessInformation process_info;
+ PROCESS_INFORMATION temp_process_info = {};
BOOL result = CreateProcessAsUser(user_token,
application_name.c_str(),
const_cast<LPWSTR>(command_line.c_str()),
@@ -478,7 +478,7 @@ bool LaunchProcessWithToken(const base::FilePath& binary,
NULL,
NULL,
&startup_info,
- process_info.Receive());
+ &temp_process_info);
// CreateProcessAsUser will fail on XP and W2K3 with ERROR_PIPE_NOT_CONNECTED
// if the user hasn't logged to the target session yet. In such a case
@@ -502,7 +502,7 @@ bool LaunchProcessWithToken(const base::FilePath& binary,
command_line,
creation_flags,
desktop_name,
- process_info.Receive());
+ &temp_process_info);
} else {
// Restore the error status returned by CreateProcessAsUser().
result = FALSE;
@@ -516,6 +516,8 @@ bool LaunchProcessWithToken(const base::FilePath& binary,
return false;
}
+ base::win::ScopedProcessInformation process_info(temp_process_info);
+
CHECK(process_info.IsValid());
process_out->Set(process_info.TakeProcessHandle());
thread_out->Set(process_info.TakeThreadHandle());
diff --git a/remoting/host/win/unprivileged_process_delegate.cc b/remoting/host/win/unprivileged_process_delegate.cc
index dcdad94..006b9e5 100644
--- a/remoting/host/win/unprivileged_process_delegate.cc
+++ b/remoting/host/win/unprivileged_process_delegate.cc
@@ -74,11 +74,12 @@ const char kWorkerThreadSd[] = "O:SYG:SYD:(A;;GA;;;SY)(A;;0x120801;;;BA)";
// process.
bool CreateRestrictedToken(ScopedHandle* token_out) {
// Create a token representing LocalService account.
- ScopedHandle token;
+ HANDLE temp_handle;
if (!LogonUser(L"LocalService", L"NT AUTHORITY", NULL, LOGON32_LOGON_SERVICE,
- LOGON32_PROVIDER_DEFAULT, token.Receive())) {
+ LOGON32_PROVIDER_DEFAULT, &temp_handle)) {
return false;
}
+ ScopedHandle token(temp_handle);
sandbox::RestrictedToken restricted_token;
if (restricted_token.Init(token) != ERROR_SUCCESS)
@@ -97,8 +98,12 @@ bool CreateRestrictedToken(ScopedHandle* token_out) {
}
// Return the resulting token.
- return restricted_token.GetRestrictedTokenHandle(token_out->Receive()) ==
- ERROR_SUCCESS;
+ if (restricted_token.GetRestrictedTokenHandle(&temp_handle) ==
+ ERROR_SUCCESS) {
+ token_out->Set(temp_handle);
+ return true;
+ }
+ return false;
}
// Creates a window station with a given name and the default desktop giving
@@ -273,12 +278,13 @@ void UnprivilegedProcessDelegate::LaunchProcess(
base::AutoLock lock(g_inherit_handles_lock.Get());
// Create a connected IPC channel.
- ScopedHandle client;
- if (!CreateConnectedIpcChannel(io_task_runner_, this, client.Receive(),
+ HANDLE temp_handle;
+ if (!CreateConnectedIpcChannel(io_task_runner_, this, &temp_handle,
&server)) {
ReportFatalError();
return;
}
+ ScopedHandle client(temp_handle);
// Convert the handle value into a decimal integer. Handle values are 32bit
// even on 64bit platforms.
@@ -397,11 +403,11 @@ void UnprivilegedProcessDelegate::ReportProcessLaunched(
// query information about the process and duplicate handles.
DWORD desired_access =
SYNCHRONIZE | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION;
- ScopedHandle limited_handle;
+ HANDLE temp_handle;
if (!DuplicateHandle(GetCurrentProcess(),
worker_process_,
GetCurrentProcess(),
- limited_handle.Receive(),
+ &temp_handle,
desired_access,
FALSE,
0)) {
@@ -409,6 +415,7 @@ void UnprivilegedProcessDelegate::ReportProcessLaunched(
ReportFatalError();
return;
}
+ ScopedHandle limited_handle(temp_handle);
event_handler_->OnProcessLaunched(limited_handle.Pass());
}
diff --git a/remoting/host/win/worker_process_launcher_unittest.cc b/remoting/host/win/worker_process_launcher_unittest.cc
index 3737f8b..cd92b11 100644
--- a/remoting/host/win/worker_process_launcher_unittest.cc
+++ b/remoting/host/win/worker_process_launcher_unittest.cc
@@ -343,7 +343,7 @@ void WorkerProcessLauncherTest::DoLaunchProcess() {
STARTUPINFOW startup_info = { 0 };
startup_info.cb = sizeof(startup_info);
- base::win::ScopedProcessInformation process_information;
+ PROCESS_INFORMATION temp_process_info = {};
ASSERT_TRUE(CreateProcess(NULL,
notepad,
NULL, // default process attibutes
@@ -353,7 +353,8 @@ void WorkerProcessLauncherTest::DoLaunchProcess() {
NULL, // no environment
NULL, // default current directory
&startup_info,
- process_information.Receive()));
+ &temp_process_info));
+ base::win::ScopedProcessInformation process_information(temp_process_info);
worker_process_.Set(process_information.TakeProcessHandle());
ASSERT_TRUE(worker_process_.IsValid());
@@ -368,14 +369,15 @@ void WorkerProcessLauncherTest::DoLaunchProcess() {
this,
task_runner_));
- ScopedHandle copy;
+ HANDLE temp_handle;
ASSERT_TRUE(DuplicateHandle(GetCurrentProcess(),
worker_process_,
GetCurrentProcess(),
- copy.Receive(),
+ &temp_handle,
0,
FALSE,
DUPLICATE_SAME_ACCESS));
+ ScopedHandle copy(temp_handle);
event_handler_->OnProcessLaunched(copy.Pass());
}
diff --git a/remoting/host/win/wts_session_process_delegate.cc b/remoting/host/win/wts_session_process_delegate.cc
index 8cb7325..0781649 100644
--- a/remoting/host/win/wts_session_process_delegate.cc
+++ b/remoting/host/win/wts_session_process_delegate.cc
@@ -513,11 +513,11 @@ void WtsSessionProcessDelegate::Core::ReportProcessLaunched(
// query information about the process and duplicate handles.
DWORD desired_access =
SYNCHRONIZE | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION;
- ScopedHandle limited_handle;
+ HANDLE temp_handle;
if (!DuplicateHandle(GetCurrentProcess(),
worker_process_,
GetCurrentProcess(),
- limited_handle.Receive(),
+ &temp_handle,
desired_access,
FALSE,
0)) {
@@ -525,6 +525,7 @@ void WtsSessionProcessDelegate::Core::ReportProcessLaunched(
ReportFatalError();
return;
}
+ ScopedHandle limited_handle(temp_handle);
event_handler_->OnProcessLaunched(limited_handle.Pass());
}
generated by cgit v1.1 at 2025-02-04 02:53:36 +0000