| blob | 73e19d518fd424730f3384697ec42ed78c81b543 |
1 /* Copyright (c) 2003, Roger Dingledine
2 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3 * Copyright (c) 2007-2018, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
6 /**
7 * \file process_win32.c
8 * \brief Module for working with Windows processes.
9 **/
11 #define PROCESS_WIN32_PRIVATE
23 #ifdef HAVE_SYS_TIME_H
24 #include <sys/time.h>
25 #endif
27 #ifdef HAVE_STRING_H
28 #include <string.h>
29 #endif
31 #ifdef _WIN32
33 /** The size of our intermediate buffers. */
34 #define BUFFER_SIZE (1024)
36 /** Timer that ticks once a second and calls the process_win32_timer_callback()
37 * function. */
40 /** Structure to represent the state around the pipe HANDLE.
41 *
42 * This structure is used to store state about a given HANDLE, including
43 * whether we have reached end of file, its intermediate buffers, and how much
44 * data that is available in the intermediate buffer. */
46 /** Standard out pipe handle. */
47 HANDLE pipe;
49 /** True iff we have reached EOF from the pipe. */
52 /** How much data is available in buffer. */
55 /** Intermediate buffer for ReadFileEx() and WriteFileEx(). */
58 /** Overlapped structure for ReadFileEx() and WriteFileEx(). */
59 OVERLAPPED overlapped;
61 /** Are we waiting for another I/O operation to complete? */
63 };
65 /** Structure to represent the Windows specific implementation details of this
66 * Process backend.
67 *
68 * This structure is attached to <b>process_t</b> (see process.h) and is
69 * reachable from <b>process_t</b> via the <b>process_get_win32_process()</b>
70 * method. */
72 /** Standard in state. */
73 process_win32_handle_t stdin_handle;
75 /** Standard out state. */
76 process_win32_handle_t stdout_handle;
78 /** Standard error state. */
79 process_win32_handle_t stderr_handle;
81 /** Process Information. */
82 PROCESS_INFORMATION process_information;
83 };
85 /** Create a new <b>process_win32_t</b>.
86 *
87 * This function constructs a new <b>process_win32_t</b> and initializes the
88 * default values. */
89 process_win32_t *
91 {
100 }
102 /** Free a given <b>process_win32_t</b>.
103 *
104 * This function deinitializes and frees up the resources allocated for the
105 * given <b>process_win32_t</b>. */
106 void
108 {
112 /* Cleanup our handles. */
118 }
120 /** Initialize the Windows backend of the Process subsystem. */
121 void
123 {
124 /* We don't start the periodic timer here because it makes no sense to have
125 * the timer running until we have some processes that benefits from the
126 * timer timer ticks. */
127 }
129 /** Deinitialize the Windows backend of the Process subsystem. */
130 void
132 {
133 /* Stop our timer, but only if it's running. */
136 }
138 /** Execute the given process. This function is responsible for setting up
139 * named pipes for I/O between the child process and the Tor process. Returns
140 * <b>PROCESS_STATUS_RUNNING</b> upon success. */
141 process_status_t
143 {
157 /* Not much we can do if we haven't been told what to start. */
161 /* Setup our security attributes. */
162 SECURITY_ATTRIBUTES security_attributes;
165 /* FIXME: should we set explicit security attributes?
166 * (See Ticket #2046, comment 5) */
169 /* Create our standard out pipe. */
173 PROCESS_WIN32_PIPE_TYPE_READER)) {
175 }
177 /* Create our standard error pipe. */
181 PROCESS_WIN32_PIPE_TYPE_READER)) {
183 }
185 /* Create out standard in pipe. */
189 PROCESS_WIN32_PIPE_TYPE_WRITER)) {
191 }
193 /* Configure startup info for our child process. */
194 STARTUPINFOA startup_info;
203 /* Create the env value for our new process. */
206 /* Create the argv value for our new process. */
209 /* Windows expects argv to be a whitespace delimited string, so join argv up
210 */
213 /* Create the child process */
215 joined_argv,
216 NULL,
217 NULL,
218 TRUE,
219 CREATE_NO_WINDOW,
222 NULL,
234 /* Cleanup our handles. */
243 }
245 /* TODO: Should we close hProcess and hThread in
246 * process_handle->process_information? */
251 /* Used by the callback functions from ReadFileEx() and WriteFileEx() such
252 * that we can figure out which process_t that was responsible for the event.
253 *
254 * Warning, here be dragons:
255 *
256 * MSDN says that the hEvent member of the overlapped structure is unused
257 * for ReadFileEx() and WriteFileEx, which allows us to store a pointer to
258 * our process state there.
259 */
264 /* Start our timer if it is not already running. */
268 /* We use Windows Extended I/O functions, so our completion callbacks are
269 * called automatically for us when there is data to read. Because of this
270 * we start the read of standard out and error right away. */
275 }
277 /** Terminate the given process. Returns true on success, otherwise false. */
278 bool
280 {
285 /* Terminate our process. */
286 BOOL ret;
294 }
297 }
299 /** Returns the unique process identifier for the given <b>process</b>. */
300 process_pid_t
302 {
307 }
309 /** Schedule an async write of the data found in <b>buffer</b> for the given
310 * process. This function runs an async write operation of the content of
311 * buffer, if we are not already waiting for a pending I/O request. Returns the
312 * number of bytes that Windows will hopefully write for us in the background.
313 * */
314 int
316 {
324 /* Windows is still writing our buffer. */
328 /* Nothing for us to do right now. */
332 /* We have reached end of file already? */
336 /* Figure out how much data we should read. */
340 /* Read data from the process_t buffer into our intermediate buffer. */
343 /* Schedule our write. */
346 write_size,
348 process_win32_stdin_write_done);
354 }
356 /* This cast should be safe since our buffer can maximum be BUFFER_SIZE
357 * large. */
359 }
361 /** This function is called from the Process subsystem whenever the Windows
362 * backend says it has data ready. This function also ensures that we are
363 * starting a new background read from the standard output of the child process
364 * and asks Windows to call process_win32_stdout_read_done() when that
365 * operation is finished. Returns the number of bytes moved into <b>buffer</b>.
366 * */
367 int
369 {
376 buffer,
377 process_win32_stdout_read_done);
378 }
380 /** This function is called from the Process subsystem whenever the Windows
381 * backend says it has data ready. This function also ensures that we are
382 * starting a new background read from the standard error of the child process
383 * and asks Windows to call process_win32_stderr_read_done() when that
384 * operation is finished. Returns the number of bytes moved into <b>buffer</b>.
385 * */
386 int
388 {
395 buffer,
396 process_win32_stderr_read_done);
397 }
399 /** This function is responsible for moving the Tor process into what Microsoft
400 * calls an "alertable" state. Once the process is in an alertable state the
401 * Windows kernel will notify us when our background I/O requests have finished
402 * and the callbacks will be executed. */
403 void
405 {
406 DWORD ret;
408 /* The call to SleepEx(dwMilliseconds, dwAlertable) makes the process sleep
409 * for dwMilliseconds and if dwAlertable is set to TRUE it will also cause
410 * the process to enter alertable state, where the Windows kernel will notify
411 * us about completed I/O requests from ReadFileEx() and WriteFileEX(), which
412 * will cause our completion callbacks to be executed.
413 *
414 * This function returns 0 if the time interval expired or WAIT_IO_COMPLETION
415 * if one or more I/O callbacks were executed. */
418 /* Warn us if the function returned something we did not anticipate. */
421 }
422 }
424 /** Start the periodic timer which is reponsible for checking whether processes
425 * are still alive and to make sure that the Tor process is periodically being
426 * moved into an alertable state. */
427 STATIC void
429 {
430 /* Make sure we never start our timer if it's already running. */
434 /* Wake up once a second. */
440 process_win32_timer_callback,
441 NULL);
442 }
444 /** Stops the periodic timer. */
445 STATIC void
447 {
453 }
455 /** Returns true iff the periodic timer is running. */
456 STATIC bool
458 {
460 }
462 /** This function is called whenever the periodic_timer ticks. The function is
463 * responsible for moving the Tor process into an alertable state once a second
464 * and checking for whether our child processes have terminated since the last
465 * tick. */
466 STATIC void
468 {
474 /* Move the process into an alertable state. */
477 /* Check if our processes are still alive. */
482 }
484 /** Test whether a given process is still alive. Notify the Process subsystem
485 * if our process have died. */
486 STATIC void
488 {
491 /* No need to look at processes that don't claim they are running. */
499 /* We start by testing whether our process is still running. */
507 }
509 /* Notify our process_t that our process have terminated. */
512 }
514 /** Create a new overlapped named pipe. This function creates a new connected,
515 * named, pipe in <b>*read_pipe</b> and <b>*write_pipe</b> if the function is
516 * succesful. Returns true on sucess, false on failure. */
517 STATIC bool
521 process_win32_pipe_type_t pipe_type)
522 {
529 /* Buffer size. */
532 /* Our additional read/write modes that depends on which pipe type we are
533 * creating. */
537 /* Generate the unique pipe name. */
549 /* Only one of our handles can be overlapped. */
558 /* LCOV_EXCL_START */
560 /* LCOV_EXCL_STOP */
561 }
563 /* Setup our read and write handles. */
564 HANDLE read_handle;
565 HANDLE write_handle;
567 /* Create our named pipe. */
572 size,
573 size,
575 attributes);
581 }
583 /* Create our file in the pipe namespace. */
585 GENERIC_WRITE,
587 attributes,
588 OPEN_EXISTING,
590 NULL);
599 }
601 /* Set the inherit flag for our pipe. */
610 /* LCOV_EXCL_START */
612 /* LCOV_EXCL_STOP */
613 }
623 }
625 /* Everything is good. */
630 }
632 /** Cleanup a given <b>handle</b>. */
633 STATIC void
635 {
638 #if 0
639 /* FIXME(ahf): My compiler does not set _WIN32_WINNT to a high enough value
640 * for this code to be available. Should we force it? CancelIoEx() is
641 * available from Windows 7 and above. If we decide to require this, we need
642 * to update the checks in all the three I/O completion callbacks to handle
643 * the ERROR_OPERATION_ABORTED as well as ERROR_BROKEN_PIPE. */
645 #if _WIN32_WINNT >= 0x0600
646 /* This code is only supported from Windows 7 and onwards. */
647 BOOL ret;
648 DWORD error_code;
650 /* Cancel any pending I/O requests. */
656 /* There was no pending I/O requests for our handle. */
660 }
661 }
662 #endif
663 #endif
665 /* Close our handle. */
669 }
670 }
672 /** This function is called when ReadFileEx() completes its background read
673 * from the child process's standard output. We notify the Process subsystem if
674 * there is data available for it to read from us. */
675 STATIC VOID WINAPI
677 DWORD byte_count,
678 LPOVERLAPPED overlapped)
679 {
683 /* This happens when we have asked ReadFileEx() to read some data, but we
684 * then decided to call CloseHandle() on the HANDLE. This can happen if
685 * someone runs process_free() in the exit_callback of process_t, which means
686 * we cannot call process_get_win32_process() here. */
690 }
692 /* Extract our process_t from the hEvent member of OVERLAPPED. */
697 error_code,
698 byte_count)) {
699 /* Schedule our next read. */
701 }
702 }
704 /** This function is called when ReadFileEx() completes its background read
705 * from the child process's standard error. We notify the Process subsystem if
706 * there is data available for it to read from us. */
707 STATIC VOID WINAPI
709 DWORD byte_count,
710 LPOVERLAPPED overlapped)
711 {
715 /* This happens when we have asked ReadFileEx() to read some data, but we
716 * then decided to call CloseHandle() on the HANDLE. This can happen if
717 * someone runs process_free() in the exit_callback of process_t, which means
718 * we cannot call process_get_win32_process() here. */
722 }
724 /* Extract our process_t from the hEvent member of OVERLAPPED. */
729 error_code,
730 byte_count)) {
731 /* Schedule our next read. */
733 }
734 }
736 /** This function is called when WriteFileEx() completes its background write
737 * to the child process's standard input. We notify the Process subsystem that
738 * it can write data to us again. */
739 STATIC VOID WINAPI
741 DWORD byte_count,
742 LPOVERLAPPED overlapped)
743 {
749 /* This happens when we have asked WriteFileEx() to write some data, but we
750 * then decided to call CloseHandle() on the HANDLE. This can happen if
751 * someone runs process_free() in the exit_callback of process_t, which means
752 * we cannot call process_get_win32_process() here. */
756 }
761 /* Mark our handle as not having any outstanding I/O requests. */
764 /* Check if we have been asked to write to the handle that have been marked
765 * as having reached EOF. */
770 /** Our data have been succesfully written. Clear our state and schedule
771 * the next write. */
776 /* Schedule the next write. */
779 /* Our WriteFileEx() call was succesful, but we reached the end of our
780 * file. We mark our handle as having reached EOF and returns. */
785 /* An error happened: We warn the user and mark our handle as having
786 * reached EOF */
791 }
792 }
794 /** This function reads data from the given <b>handle</b>'s internal buffer and
795 * moves it into the given <b>buffer</b>. Additionally, we start the next
796 * ReadFileEx() background operation with the given <b>callback</b> as
797 * completion callback. Returns the number of bytes written to the buffer. */
798 STATIC int
801 LPOVERLAPPED_COMPLETION_ROUTINE callback)
802 {
810 /* We already have a request to read data that isn't complete yet. */
814 /* Check if we have been asked to read from a handle that have already told
815 * us that we have reached the end of the file. */
819 /* This cast should be safe since our buffer can be at maximum up to
820 * BUFFER_SIZE in size. */
824 /* Read data from our intermediate buffer into the process_t buffer. */
827 /* Reset our read state. */
830 }
832 /* Ask the Windows kernel to read data from our pipe into our buffer and call
833 * the callback function when it is done. */
838 callback);
844 }
846 /* We mark our handle as having a pending I/O request. */
850 }
852 /** This function checks the callback values from ReadFileEx() in
853 * <b>error_code</b> and <b>byte_count</b> if we have read data. Returns true
854 * iff our caller should request more data from ReadFileEx(). */
855 STATIC bool
857 DWORD error_code,
858 DWORD byte_count)
859 {
862 /* Mark our handle as not having any outstanding I/O requests. */
866 /* Our ReadFileEx() call was succesful and there is data for us. */
868 /* This cast should be safe since byte_count should never be larger than
869 * BUFFER_SIZE. */
873 /* Tell our caller to schedule the next read. */
876 /* Our ReadFileEx() call was succesful, but we reached the end of our file.
877 * We mark our handle as having reached EOF and returns. */
882 /* An error happened: We warn the user and mark our handle as having
883 * reached EOF */
889 }
891 /* Our caller should NOT schedule the next read. */
893 }
895 /** Format a single argument for being put on a Windows command line.
896 * Returns a newly allocated string */
899 {
905 /* Backslash we can point to when one is inserted into the string */
908 /* Smartlist of *char */
912 /* Quote string if it contains whitespace or is empty */
915 /* Build up smartlist of *chars */
918 /* Double up backslashes preceding a quote */
922 /* Escape the quote */
926 /* Count backslashes until we know whether to double up */
927 bs_counter++;
929 /* Don't double up slashes preceding a non-quote */
934 }
935 }
936 /* Don't double up trailing backslashes */
940 /* Allocate space for argument, quotes (if needed), and terminator */
945 /* Add leading quote */
950 /* Add characters */
952 {
954 });
956 /* Add trailing quote */
963 }
965 /** Format a command line for use on Windows, which takes the command as a
966 * string rather than string array. Follows the rules from "Parsing C++
967 * Command-Line Arguments" in MSDN. Algorithm based on list2cmdline in the
968 * Python subprocess module. Returns a newly allocated string */
971 {
976 /* Format each argument and put the result in a smartlist */
980 }
982 /* Join the arguments with whitespace */
985 /* Free the newly allocated arguments, and the smartlist */
987 {
989 });
993 }