[GitHub] [guacamole-server] jmuehlner commented on a diff in pull request #454: GUACAMOLE-1841: Create a Cygwin build option.

Wed, 02 Aug 2023 13:56:48 -0700 


jmuehlner commented on code in PR #454:
URL: https://github.com/apache/guacamole-server/pull/454#discussion_r1282411468


##########
src/guacd/connection.c:
##########
@@ -181,6 +272,129 @@ void* guacd_connection_io_thread(void* data) {
  */
 static int guacd_add_user(guacd_proc* proc, guac_parser* parser, guac_socket* 
socket) {
 
+#ifdef CYGWIN_BUILD
+
+    SECURITY_ATTRIBUTES attributes = { 0 };
+    attributes.nLength = sizeof(SECURITY_ATTRIBUTES);
+
+    /*
+     * Attempt to create a Windows security descriptor that grants access only
+     * to the owner of this process.
+     */
+    if (!ConvertStringSecurityDescriptorToSecurityDescriptor(
+
+            /* 
+             * An SDDL string that uses DACL to grant the General Access (GA)
+             * permission, only to the owner (OW). For more, see
+             * 
https://learn.microsoft.com/en-us/windows/win32/secauthz/security-descriptor-string-format.
+             */
+            "D:P(A;;GA;;;OW)",
+            SDDL_REVISION_1,
+
+            /* The populated security descriptor output */
+            &(attributes.lpSecurityDescriptor),
+
+            /* There's no need to capture the descriptor size */
+            NULL
+
+    )) {
+        guacd_log(GUAC_LOG_ERROR, "Unable to initialize named pipe security 
descriptor.");
+        return 1;
+    }
+
+    char pipe_name[GUAC_PIPE_NAME_LENGTH];
+
+    /* Required pipe name prefix */
+    memcpy(pipe_name, PIPE_NAME_PREFIX, strlen(PIPE_NAME_PREFIX));
+
+    /* UUID to ensure the pipe name is unique */
+    char* uuid = guac_generate_id('G');
+    if (uuid == NULL) {
+        guacd_log(GUAC_LOG_ERROR, "Unable to generate UUID for pipe name.");
+        return 1;
+    }
+
+    memcpy(pipe_name + strlen(PIPE_NAME_PREFIX), uuid, GUAC_UUID_LEN);
+
+    /* Null terminator */
+    pipe_name[GUAC_PIPE_NAME_LENGTH - 1] = '\0';
+
+    /* 
+     * Set up a named pipe for communication with the user. For more, see
+     * 
https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea
+     */
+    HANDLE pipe_handle = CreateNamedPipe(

Review Comment:
   Cool, sounds good. 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to