From 5ab47e210de76d29cffbc9ea47800775a3627210 Mon Sep 17 00:00:00 2001
From: Garrett D'Amore <garrett@damore.org>
Date: Sun, 24 Nov 2024 13:04:34 -0800
Subject: Remove the NNG_OPT_IPC_SECURITY_DESCRIPTOR option.

This is now replaced with nng_listener_set_security_descriptor
and nng_stream_listener_set_security_descriptor functions.  We
may elect to remove these entirely, but for named pipe users they
are probably still quite useful.  Moving towards UNIX domain sockets
would obsolete this functionality.
---
 src/platform/windows/win_ipc_sec_test.c | 40 +++++++--------------------------
 src/platform/windows/win_ipclisten.c    | 11 ++-------
 2 files changed, 10 insertions(+), 41 deletions(-)

(limited to 'src/platform/windows')

diff --git a/src/platform/windows/win_ipc_sec_test.c b/src/platform/windows/win_ipc_sec_test.c
index ab65533b..8b76770e 100644
--- a/src/platform/windows/win_ipc_sec_test.c
+++ b/src/platform/windows/win_ipc_sec_test.c
@@ -1,5 +1,5 @@
 //
-// Copyright 2021 Staysail Systems, Inc. <info@staysail.tech>
+// Copyright 2024 Staysail Systems, Inc. <info@staysail.tech>
 // Copyright 2018 Capitar IT Group BV <info@capitar.com>
 //
 // This software is supplied under the terms of the MIT License, a
@@ -72,12 +72,12 @@ test_ipc_security_descriptor(void)
 	NUTS_ASSERT(acl != NULL);
 	NUTS_PASS(nng_aio_alloc(&aio, NULL, NULL));
 
-	NUTS_PASS(nng_stream_listener_set_ptr(
-	    l, NNG_OPT_IPC_SECURITY_DESCRIPTOR, sd));
+	NUTS_PASS(nng_stream_listener_set_security_descriptor(l, sd));
 	NUTS_PASS(nng_stream_listener_listen(l));
 	nng_stream_listener_accept(l, aio);
 
-	(void) snprintf(pipe, sizeof(pipe), "\\\\.\\pipe\\%s", address+strlen("ipc://"));
+	(void) snprintf(
+	    pipe, sizeof(pipe), "\\\\.\\pipe\\%s", address + strlen("ipc://"));
 	HANDLE ph = CreateFileA(pipe, READ_CONTROL, 0, NULL, OPEN_EXISTING,
 	    FILE_FLAG_OVERLAPPED, NULL);
 
@@ -132,9 +132,8 @@ test_ipc_security_descriptor_busy(void)
 
 	NUTS_PASS(nng_stream_listener_listen(l));
 
-	NUTS_FAIL(nng_stream_listener_set_ptr(
-	              l, NNG_OPT_IPC_SECURITY_DESCRIPTOR, sd),
-	    NNG_EBUSY);
+	NUTS_FAIL(
+	    nng_stream_listener_set_security_descriptor(l, sd), NNG_EBUSY);
 
 	free(sd);
 	nng_stream_listener_close(l);
@@ -151,40 +150,17 @@ test_ipc_security_descriptor_bogus(void)
 
 	NUTS_PASS(nng_stream_listener_alloc(&l, address));
 
-	NUTS_FAIL(nng_stream_listener_set_ptr(
-	              l, NNG_OPT_IPC_SECURITY_DESCRIPTOR, NULL),
-	    NNG_EINVAL);
+	NUTS_FAIL(
+	    nng_stream_listener_set_security_descriptor(l, NULL), NNG_EINVAL);
 
 	nng_stream_listener_close(l);
 	nng_stream_listener_free(l);
 }
 
-void
-test_ipc_security_descriptor_dialer(void)
-{
-	nng_stream_dialer   *d;
-	char                 address[64];
-	SECURITY_DESCRIPTOR *sdesc;
-
-	nuts_scratch_addr("ipc", sizeof(address), address);
-	NUTS_PASS(nng_stream_dialer_alloc(&d, address));
-
-	sdesc = calloc(SECURITY_DESCRIPTOR_MIN_LENGTH, 1);
-	NUTS_ASSERT(sdesc != NULL);
-	InitializeSecurityDescriptor(sdesc, SECURITY_DESCRIPTOR_REVISION);
-	NUTS_FAIL(nng_stream_dialer_set_ptr(
-	              d, NNG_OPT_IPC_SECURITY_DESCRIPTOR, sdesc),
-	    NNG_ENOTSUP);
-	free(sdesc);
-	nng_stream_dialer_free(d);
-}
-
 NUTS_TESTS = {
 	{ "ipc security descriptor", test_ipc_security_descriptor },
 	{ "ipc security descriptor busy", test_ipc_security_descriptor_busy },
 	{ "ipc security descriptor bogus",
 	    test_ipc_security_descriptor_bogus },
-	{ "ipc security descriptor dialer",
-	    test_ipc_security_descriptor_dialer },
 	{ NULL, NULL },
 };
diff --git a/src/platform/windows/win_ipclisten.c b/src/platform/windows/win_ipclisten.c
index e81f4b46..3d39ed71 100644
--- a/src/platform/windows/win_ipclisten.c
+++ b/src/platform/windows/win_ipclisten.c
@@ -132,15 +132,11 @@ ipc_accept_cb(nni_win_io *io, int rv, size_t cnt)
 }
 
 static int
-ipc_listener_set_sec_desc(void *arg, const void *buf, size_t sz, nni_type t)
+ipc_listener_set_sec_desc(void *arg, void *desc)
 {
 	ipc_listener *l = arg;
-	void         *desc;
 	int           rv;
 
-	if ((rv = nni_copyin_ptr(&desc, buf, sz, t)) != 0) {
-		return (rv);
-	}
 	if (!IsValidSecurityDescriptor((SECURITY_DESCRIPTOR *) desc)) {
 		return (NNG_EINVAL);
 	}
@@ -162,10 +158,6 @@ ipc_listener_get_addr(void *arg, void *buf, size_t *szp, nni_type t)
 }
 
 static const nni_option ipc_listener_options[] = {
-	{
-	    .o_name = NNG_OPT_IPC_SECURITY_DESCRIPTOR,
-	    .o_set  = ipc_listener_set_sec_desc,
-	},
 	{
 	    .o_name = NNG_OPT_LOCADDR,
 	    .o_get  = ipc_listener_get_addr,
@@ -339,6 +331,7 @@ nni_ipc_listener_alloc(nng_stream_listener **lp, const nng_url *url)
 	l->sl.sl_accept                  = ipc_listener_accept;
 	l->sl.sl_get                     = ipc_listener_get;
 	l->sl.sl_set                     = ipc_listener_set;
+	l->sl.sl_set_security_descriptor = ipc_listener_set_sec_desc;
 	snprintf(l->sa.s_ipc.sa_path, NNG_MAXADDRLEN, "%s", url->u_path);
 	nni_aio_list_init(&l->aios);
 	nni_mtx_init(&l->mtx);
-- 
cgit v1.2.3-70-g09d2