lhm-server 0.3.0

Server for running LHM and allowing clients to connect to it without requiring admin rights
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114

use actor::{ComputerActor, ComputerActorHandle, ComputerActorMessage};
use interprocess::os::windows::{
    named_pipe::{
        PipeListenerOptions, pipe_mode,
        tokio::{DuplexPipeStream, PipeListenerOptionsExt},
    },
    security_descriptor::SecurityDescriptor,
};
use lhm_shared::{
    PIPE_NAME, PipeRequest, PipeResponse,
    codec::{LHMFrame, LHMFrameCodec},
};
use pipe::{PipeFuture, PipeTx};
use tokio::{spawn, sync::oneshot};
use tokio_util::{bytes::Bytes, codec::Framed};
use widestring::U16CString;

mod actor;
mod cache;
mod pipe;

/// Run the server
pub async fn run_server() -> std::io::Result<()> {
    // Security descriptor that allows user-land programs to access the pipe
    let security_descriptor = SecurityDescriptor::deserialize(
        U16CString::from_str_truncate("D:(A;;GA;;;WD)").as_ucstr(),
    )?;

    // Create the pipe
    let listener = PipeListenerOptions::new()
        .mode(interprocess::os::windows::named_pipe::PipeMode::Bytes)
        .security_descriptor(Some(security_descriptor))
        .path(PIPE_NAME)
        .create_tokio_duplex::<pipe_mode::Bytes>()?;

    loop {
        let stream = listener.accept().await?;
        handle_pipe_stream(stream);
    }
}

pub type Pipe = Framed<DuplexPipeStream<pipe_mode::Bytes>, LHMFrameCodec>;

pub fn handle_pipe_stream(stream: DuplexPipeStream<pipe_mode::Bytes>) {
    // Initialize an actor
    let handle = match ComputerActor::create() {
        Ok(value) => value,
        Err(_cause) => return,
    };

    let pipe = Framed::new(stream, LHMFrameCodec::default());
    let (future, mut rx, tx) = PipeFuture::new(pipe);

    // Spawn task to handle the pipe itself
    spawn(future);

    // Spawn task to handle messages from the pipe
    spawn(async move {
        while let Some(frame) = rx.recv().await {
            let handle = handle.clone();
            let tx = tx.clone();

            spawn(handle_frame(frame, handle, tx));
        }
    });
}

async fn handle_frame(frame: LHMFrame, handle: ComputerActorHandle, tx: PipeTx) {
    let request = rmp_serde::from_slice(&frame.body);
    let response = match request {
        // Handle the request
        Ok(request) => handle_request(request, handle)
            .await
            .unwrap_or_else(|err| err),
        // Failed to parse the request
        Err(err) => {
            let error = err.to_string();
            PipeResponse::Error { error }
        }
    };

    let response_bytes = match rmp_serde::to_vec(&response) {
        Ok(value) => value,
        Err(_cause) => {
            // Nothing we can do here
            return;
        }
    };

    _ = tx.send(LHMFrame {
        id: frame.id,
        body: Bytes::from(response_bytes),
    });
}

async fn handle_request(
    request: PipeRequest,
    handle: ComputerActorHandle,
) -> Result<PipeResponse, PipeResponse> {
    let (tx, rx) = oneshot::channel();

    handle
        .tx
        .send(ComputerActorMessage { request, tx })
        .map_err(|_| PipeResponse::Error {
            error: "request actor is closed".to_string(),
        })?;

    let response = rx.await.map_err(|_| PipeResponse::Error {
        error: "request actor is closed".to_string(),
    })?;

    Ok(response)
}