1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
|
// Licensed to the Apache Software Foundation(ASF) under one
// or more contributor license agreements.See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership.The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
using Microsoft.Win32.SafeHandles;
using System;
using System.IO.Pipes;
using System.Runtime.InteropServices;
using System.Threading;
using System.Threading.Tasks;
using System.ComponentModel;
using System.Security.AccessControl;
using System.Security.Principal;
namespace Thrift.Transport.Server
{
// ReSharper disable once InconsistentNaming
public class TNamedPipeServerTransport : TServerTransport
{
/// <summary>
/// This is the address of the Pipe on the localhost.
/// </summary>
private readonly string _pipeAddress;
private bool _asyncMode = true;
private volatile bool _isPending = true;
private NamedPipeServerStream _stream = null;
public TNamedPipeServerTransport(string pipeAddress)
{
_pipeAddress = pipeAddress;
}
public override void Listen()
{
// nothing to do here
}
public override void Close()
{
if (_stream != null)
{
try
{
if (_stream.IsConnected)
_stream.Disconnect();
_stream.Dispose();
}
finally
{
_stream = null;
_isPending = false;
}
}
}
public override bool IsClientPending()
{
return _isPending;
}
private void EnsurePipeInstance()
{
if (_stream == null)
{
const PipeDirection direction = PipeDirection.InOut;
const int maxconn = NamedPipeServerStream.MaxAllowedServerInstances;
const PipeTransmissionMode mode = PipeTransmissionMode.Byte;
const int inbuf = 4096;
const int outbuf = 4096;
var options = _asyncMode ? PipeOptions.Asynchronous : PipeOptions.None;
// TODO: "CreatePipeNative" ist only a workaround, and there are have basically two possible outcomes:
// - once NamedPipeServerStream() gets a CTOR that supports pipesec, remove CreatePipeNative()
// - if 31190 gets resolved before, use _stream.SetAccessControl(pipesec) instead of CreatePipeNative()
// EITHER WAY,
// - if CreatePipeNative() finally gets removed, also remove "allow unsafe code" from the project settings
try
{
var handle = CreatePipeNative(_pipeAddress, inbuf, outbuf);
if( (handle != null) && (!handle.IsInvalid))
_stream = new NamedPipeServerStream(PipeDirection.InOut, _asyncMode, false, handle);
else
_stream = new NamedPipeServerStream(_pipeAddress, direction, maxconn, mode, options, inbuf, outbuf/*, pipesec*/);
}
catch (NotImplementedException) // Mono still does not support async, fallback to sync
{
if (_asyncMode)
{
options &= (~PipeOptions.Asynchronous);
_stream = new NamedPipeServerStream(_pipeAddress, direction, maxconn, mode, options, inbuf, outbuf);
_asyncMode = false;
}
else
{
throw;
}
}
}
}
#region CreatePipeNative workaround
[StructLayout(LayoutKind.Sequential)]
internal class SECURITY_ATTRIBUTES
{
internal int nLength = 0;
internal IntPtr lpSecurityDescriptor = IntPtr.Zero;
internal int bInheritHandle = 0;
}
private const string Kernel32 = "kernel32.dll";
[DllImport(Kernel32, SetLastError = true)]
internal static extern IntPtr CreateNamedPipe(
string lpName, uint dwOpenMode, uint dwPipeMode,
uint nMaxInstances, uint nOutBufferSize, uint nInBufferSize, uint nDefaultTimeOut,
SECURITY_ATTRIBUTES pipeSecurityDescriptor
);
// Workaround: create the pipe via API call
// we have to do it this way, since NamedPipeServerStream() for netstd still lacks a few CTORs
// and _stream.SetAccessControl(pipesec); only keeps throwing ACCESS_DENIED errors at us
// References:
// - https://github.com/dotnet/corefx/issues/30170 (closed, continued in 31190)
// - https://github.com/dotnet/corefx/issues/31190 System.IO.Pipes.AccessControl package does not work
// - https://github.com/dotnet/corefx/issues/24040 NamedPipeServerStream: Provide support for WRITE_DAC
// - https://github.com/dotnet/corefx/issues/34400 Have a mechanism for lower privileged user to connect to a privileged user's pipe
private SafePipeHandle CreatePipeNative(string name, int inbuf, int outbuf)
{
if (Environment.OSVersion.Platform != PlatformID.Win32NT)
return null; // Windows only
var pinningHandle = new GCHandle();
try
{
// owner gets full access, everyone else read/write
var pipesec = new PipeSecurity();
using (var currentIdentity = WindowsIdentity.GetCurrent())
{
var sidOwner = currentIdentity.Owner;
var sidWorld = new SecurityIdentifier(WellKnownSidType.WorldSid, null);
pipesec.SetOwner(sidOwner);
pipesec.AddAccessRule(new PipeAccessRule(sidOwner, PipeAccessRights.FullControl, AccessControlType.Allow));
pipesec.AddAccessRule(new PipeAccessRule(sidWorld, PipeAccessRights.ReadWrite, AccessControlType.Allow));
}
// create a security descriptor and assign it to the security attribs
var secAttrs = new SECURITY_ATTRIBUTES();
byte[] sdBytes = pipesec.GetSecurityDescriptorBinaryForm();
pinningHandle = GCHandle.Alloc(sdBytes, GCHandleType.Pinned);
unsafe {
fixed (byte* pSD = sdBytes) {
secAttrs.lpSecurityDescriptor = (IntPtr)pSD;
}
}
// a bunch of constants we will need shortly
const int PIPE_ACCESS_DUPLEX = 0x00000003;
const int FILE_FLAG_OVERLAPPED = 0x40000000;
const int WRITE_DAC = 0x00040000;
const int PIPE_TYPE_BYTE = 0x00000000;
const int PIPE_READMODE_BYTE = 0x00000000;
const int PIPE_UNLIMITED_INSTANCES = 255;
// create the pipe via API call
var rawHandle = CreateNamedPipe(
@"\\.\pipe\" + name,
PIPE_ACCESS_DUPLEX | FILE_FLAG_OVERLAPPED | WRITE_DAC,
PIPE_TYPE_BYTE | PIPE_READMODE_BYTE,
PIPE_UNLIMITED_INSTANCES, (uint)inbuf, (uint)outbuf,
5 * 1000,
secAttrs
);
// make a SafePipeHandle() from it
var handle = new SafePipeHandle(rawHandle, true);
if (handle.IsInvalid)
throw new Win32Exception(Marshal.GetLastWin32Error());
// return it (to be packaged)
return handle;
}
finally
{
if (pinningHandle.IsAllocated)
pinningHandle.Free();
}
}
#endregion
protected override async ValueTask<TTransport> AcceptImplementationAsync(CancellationToken cancellationToken)
{
try
{
EnsurePipeInstance();
await _stream.WaitForConnectionAsync(cancellationToken);
var trans = new ServerTransport(_stream);
_stream = null; // pass ownership to ServerTransport
//_isPending = false;
return trans;
}
catch (TTransportException)
{
Close();
throw;
}
catch (Exception e)
{
Close();
throw new TTransportException(TTransportException.ExceptionType.NotOpen, e.Message);
}
}
private class ServerTransport : TTransport
{
private readonly NamedPipeServerStream PipeStream;
public ServerTransport(NamedPipeServerStream stream)
{
PipeStream = stream;
}
public override bool IsOpen => PipeStream != null && PipeStream.IsConnected;
public override async Task OpenAsync(CancellationToken cancellationToken)
{
if (cancellationToken.IsCancellationRequested)
{
await Task.FromCanceled(cancellationToken);
}
}
public override void Close()
{
PipeStream?.Dispose();
}
public override async ValueTask<int> ReadAsync(byte[] buffer, int offset, int length, CancellationToken cancellationToken)
{
if (PipeStream == null)
{
throw new TTransportException(TTransportException.ExceptionType.NotOpen);
}
return await PipeStream.ReadAsync(buffer, offset, length, cancellationToken);
}
public override async Task WriteAsync(byte[] buffer, int offset, int length, CancellationToken cancellationToken)
{
if (PipeStream == null)
{
throw new TTransportException(TTransportException.ExceptionType.NotOpen);
}
// if necessary, send the data in chunks
// there's a system limit around 0x10000 bytes that we hit otherwise
// MSDN: "Pipe write operations across a network are limited to 65,535 bytes per write. For more information regarding pipes, see the Remarks section."
var nBytes = Math.Min(15 * 4096, length); // 16 would exceed the limit
while (nBytes > 0)
{
await PipeStream.WriteAsync(buffer, offset, nBytes, cancellationToken);
offset += nBytes;
length -= nBytes;
nBytes = Math.Min(nBytes, length);
}
}
public override async Task FlushAsync(CancellationToken cancellationToken)
{
if (cancellationToken.IsCancellationRequested)
{
await Task.FromCanceled(cancellationToken);
}
}
protected override void Dispose(bool disposing)
{
PipeStream?.Dispose();
}
}
}
}
|
