Windows Installer work, fix 100% CPU bug in EthernetTap on Windows, Windows lockDownFile() implementation that uses 'cacls' utility.
This commit is contained in:
Adam Ierymenko
parent
f19d1e253a
commit
22efa1ab53
5 changed files with 119 additions and 17 deletions
|
|
@ -1465,7 +1465,7 @@ void EthernetTap::threadMain()
|
|||
|
||||
for(;;) {
|
||||
if (!_run) break;
|
||||
WaitForMultipleObjectsEx(3,wait4,FALSE,INFINITE,TRUE);
|
||||
DWORD r = WaitForMultipleObjectsEx(writeInProgress ? 3 : 2,wait4,FALSE,INFINITE,TRUE);
|
||||
if (!_run) break;
|
||||
|
||||
if (HasOverlappedIoCompleted(&_tapOvlRead)) {
|
||||
|
|
|
|||
|
|
@ -419,12 +419,16 @@ Node::ReasonForTermination Node::run()
|
|||
}
|
||||
Utils::lockDownFile(identitySecretPath.c_str(),false);
|
||||
|
||||
// Make sure networks.d exists
|
||||
// Make sure networks.d exists and is secure
|
||||
{
|
||||
std::string networksDotD(_r->homePath + ZT_PATH_SEPARATOR_S + "networks.d");
|
||||
#ifdef __WINDOWS__
|
||||
CreateDirectoryA((_r->homePath + ZT_PATH_SEPARATOR_S + "networks.d").c_str(),NULL);
|
||||
CreateDirectoryA(networksDotD.c_str(),NULL);
|
||||
#else
|
||||
mkdir((_r->homePath + ZT_PATH_SEPARATOR_S + "networks.d").c_str(),0700);
|
||||
mkdir(networksDotD.c_str(),0700);
|
||||
#endif
|
||||
Utils::lockDownFile(networksDotD.c_str(),true);
|
||||
}
|
||||
|
||||
// Load or generate config authentication secret
|
||||
std::string configAuthTokenPath(_r->homePath + ZT_PATH_SEPARATOR_S + "authtoken.secret");
|
||||
|
|
|
|||
|
|
@ -280,17 +280,13 @@ void Topology::_loadPeers()
|
|||
buf.setSize(buf.size() - ptr);
|
||||
}
|
||||
} while (rlen > 0);
|
||||
fclose(pd);
|
||||
} else {
|
||||
fclose(pd);
|
||||
Utils::rm(pdpath);
|
||||
}
|
||||
} catch ( ... ) {
|
||||
// Membership cert dump file invalid. We'll re-learn them off the net.
|
||||
_activePeers.clear();
|
||||
fclose(pd);
|
||||
Utils::rm(pdpath);
|
||||
}
|
||||
|
||||
fclose(pd);
|
||||
Utils::rm(pdpath);
|
||||
}
|
||||
|
||||
} // namespace ZeroTier
|
||||
|
|
|
|||
|
|
@ -251,8 +251,19 @@ void Utils::lockDownFile(const char *path,bool isDir)
|
|||
#ifdef __UNIX_LIKE__
|
||||
chmod(path,isDir ? 0700 : 0600);
|
||||
#else
|
||||
#ifdef _WIN32
|
||||
// TODO: windows ACL hell...
|
||||
#ifdef __WINDOWS__
|
||||
{
|
||||
STARTUPINFOA startupInfo;
|
||||
startupInfo.cb = sizeof(startupInfo);
|
||||
PROCESS_INFORMATION processInfo;
|
||||
memset(&startupInfo,0,sizeof(STARTUPINFOA));
|
||||
memset(&processInfo,0,sizeof(PROCESS_INFORMATION));
|
||||
if (CreateProcessA(NULL,(LPSTR)(std::string("C:\\Windows\\System32\\cacls.exe \"") + path + "\" /E /R Users").c_str(),NULL,NULL,FALSE,0,NULL,NULL,&startupInfo,&processInfo)) {
|
||||
WaitForSingleObject(processInfo.hProcess,INFINITE);
|
||||
CloseHandle(processInfo.hProcess);
|
||||
CloseHandle(processInfo.hThread);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue