IPC between windows service and LSP DLL - dll

I'm writing a Winsock LSP (Layered Service Provider) DLL that needs to communicate with a windows service.
The communication is done using memory mapped files and events for synchronization. Everything works fine if the application is not running as a service but if it does it cannot find any events or file mappings (I get ERROR_FILE_NOT_FOUND error on OpenEvent).
I suspect this happens because when running as a service, the application runs as SYSTEM user and LSP is loaded by applications that run as local user.
I think that this could be solved by using a proper SECURITY_DESCRIPTOR but I don't know what should it be set to.
Any ideas on how to make this work?
Thanks,

Depending on the OS, it might be a problem of sessions. If you take another look at documentation for CreateEvent, CreateMemoryMapping etc., you will notice GLOBAL\ prefix to object name. This prefix (among with SESSION\x\ prefix) define visibility scope of the object. GLOBAL prefixes are seen across the whole system, while objects without prefix in the name are local to specific (current if the \SESSION prefix is omitted) session. Sessions appeared in Terminal Services for Windows XP, then got themselves into the OS in Windows 2003 Server and later.

Related

How to call Apache NMS from in a sandbox?

I'm trying to call Apache ActiveMQ NMS Version 1.6.0 from my code ('IntPub') that must run in a sandbox in a .NET 4.0 environment for security reasons. The program that creates the sandbox makes my code 'partially trusted' and therefore 'security-transparent' which seems to mean that it can't create a ConnectionFactory (see error log below) because NMS seems to be 'security-critical'. Here's the code that's causing this error:
connecturi = new Uri("tcp://my.server.com:61616");
var connectionFactory = new ConnectionFactory(connecturi);
I also tried this instead with similar results:
connecturi = new Uri("activemq:tcp://my.server.com:61616");
var connectionFactory = NMSConnectionFactory.CreateConnectionFactory(connecturi);
Since I can't change the security level of my assembly (the sandbox prevents it) is there a way to make NMS run as 'safe-critical' so it can be called by 'security-transparent' code? Would I have to recompile it to do so, or does NMS do some operation that would never be considered 'safe-critical?
I appreciate any help or suggestions...
Assembly 'IntPub, Version=1.0.0.0, Culture=neutral, PublicKeyToken=6fa620743b8dc60a' is partially trusted, which causes the CLR to make it entirely security transparent regardless of any transparency annotations in the assembly itself. In order to access security critical code, this assembly must be fully trusted.Detail:
<OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts">
<ErrorCode>-2147220956</ErrorCode>
<ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />
<Message>Unexpected exception from plug-in (Execute): Test.Client: System.MethodAccessException: Attempt by security transparent method 'Test.Client.Execute(System.IServiceProvider)' to access security critical method 'Apache.NMS.ActiveMQ.ConnectionFactory..ctor(System.Uri)' failed.
From the error message attributes, it looks like you're running a Dynamics CRM 2011 plugin in sandbox mode, which has some very specific rules about what you can and can't do. In particular, you're only allowed to make network connections via HTTP and HTTPS, so attempting raw TCP sockets will definitely fail.
Take a look at this MSDN page on Plug-in Isolation, Trusts, and Statistics. It looks like there may be a way to relax the network restrictions by modifying a system registry entry to include tcp, etc, in the regex value. Below is an excerpt from the page. Note: I have not done this myself, so can't say for sure it'll work.
Sandboxed plug-ins and custom workflow activities can access the
network through the HTTP and HTTPS protocols. This capability provides
support for accessing popular web resources like social sites, news
feeds, web services, and more. The following web access restrictions
apply to this sandbox capability.
Only the HTTP and HTTPS protocols are allowed.
Access to localhost (loopback) is not permitted.
IP addresses cannot be used. You must use a named web address that requires DNS name resolution.
Anonymous authentication is supported and recommended. There is no provision for prompting the logged on user for credentials or saving those credentials.
These default web access restrictions are defined in a registry key on
the server that is running the Microsoft.Crm.Sandbox.HostService.exe
process. The value of the registry key can be changed by the System
Administrator according to business and security needs. The registry
key path on the server is:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSCRM\SandboxWorkerOutboundUriPattern
The key value is a regular expression string that defines the web access restrictions.
The default key value is:
"^http[s]?://(?!((localhost[:/])|([.])|([0-9]+[:/])|(0x[0-9a-f]+[:/])|(((([0-9]+)|(0x[0-9A-F]+)).){3}(([0-9]+)|(0x[0-9A-F]+))[:/]))).+";*
By changing this registry key value, you can change the web access for sandboxed plug-ins.

WCF service operations not updated

I´m creating a new WCF service. I initially had only three operations. But after some time I decided to add two more. This operations doesn't appear in the Microsoft test client, neither in the list of operations when I try to add a service reference from my WPF client. Also I tried to comment one of the initial operations. It still apears in the Microsoft test client and can be invoked. I Tried also delete the dlls generated by the service and regenerate again. No luck. There are some kind of "cache" where Visual Studio stores the WCF services libraries that I can delete?
UPDATE: I'm working with the service running in the ASP.NET devolopment server.
You need to understand the order in which things happen.
You change your code, adding methods with [OperationContract] on them, or removing them, or changing their parameters or return values.
You then must build your service, producing a .DLL that contains the changes.
You must then deploy the changed DLL to the server it's going to run on
You must then restart the service (this may happen automatically depending on the server. For instance, IIS will recycle the service when it sees that the DLL changed)
You must then update your client, either the WCF Test Client, or "Add Service Reference", or the equivalent.
This last will have the effect of sending a request to the service for the new metadata or WSDL. Only then can the client see the changes you made to the definition of the service.
I don't know why, but I created a new project and copied the definitions of the operations from the problematic project and the problem is gone. One case more for Microsoft mysteries.
Make sure you are updating the services after adding the new operations.
Also make sure they have the attribute [OperationContract].
One thing we have discovered is that when you deploy the dlls that they must be in the bin, and cannot reside in the debug or release folder.
For me worked: just rebuild the wcf project
Did you close the client connection in client side
as showing your service
class Test
{
static void Main()
{
LocationClient client = new LocationClient();
// Use the 'client' variable to call operations on the service.
// Always close the client.
client.Close();
}
}
SOLUTION HERE :
Make sure your dataContract does NOT contain any enum
(You can use integer instead)
Be sure to reference a project in the solution and not a dll on your disk
Remove your "bin" and "obj" folders
Recompile
In IIS recycle the application pool
In IIS restart your service
In IIS "Browse" your service
=> You got it

Port listening with JScript

I'm Trying to write a plugin for NotePad++ using NppScripting - a platform for writing plugins using javascript (specifically - JScript).
I was wondering if there was a way (probably via ActiveXObject) with which I could listen to a port asynchronously (specifically - I'm trying to write a CSS-X-Fire port to NPP).
I know .NET has that capability via System.Net.Sockets but I couldn't figure out a way to access it via JScript.
Any help?
If I were doing this, I would write the Socket server in .NET as a standalone EXE.
If I understand CSS-X-Fire correctly, it is a plugin to IntelliJ Idea that listens to outgoing communications from Firebug, and then updates source files appropriately. It sounds relatively simple. The .NET socket server could do this very easily.
Then, rather than expose a 2nd interface directly from the socket server to the scripting environment - like a COM object or a COPYDATA channel or something like that - I'd use the filesystem for communication. In other words, script something in NPP that polls the filesystem file for updates. When the .NET Socket server gets a message that says "Firebug just updated file X.css", the .NET Socket server can apply those updates to the filesystem file, and save changes back to the filesystem. Because the Notepad++ app polls the filesystem, it will see the updated file and reload it, picking up those saved changes. You'd need to do cursor management within N++ intelligently.
Emacs has an "auto revert mode" for this sort of thing, so the .NET CSS-X-Fire Socket server would work with emacs out of the box - no additional scripting required. Not sure if N++ has an auto-revert equivalent.
I eventually decided to use Adobe AIR to create my solution. It provides an amazing set of APIs, including a set of Socket APIs.
You can look at my solution here

FluentNHibernate blows up in Windows Service but not website

I've got a class library doing all my NHibernate stuff. It also handles all the mapping using Fluent NHibernate - no mapping files to deploy.
This class library is consumed by a number of apps, including a Windows Service running on my computer. Although it works fine in all my web apps, the Windows Service gets this when it tries to use NHibernate:
An invalid or incomplete configuration was used while creating a SessionFactory. Check PotentialReasons collection, and InnerException for more detail.
at FluentNHibernate.Cfg.FluentConfiguration.BuildSessionFactory()
at Kctc.NHibernate.KctcSessionFactory.get_SessionFactory() in C:\Kctc\Trunk\Kctc.NHibernate\KctcSessionFactory.cs:line 28
...more stack trace...
I have checked for an InnerException and there doesn't appear to be one. I have no idea what the PotentialReasons collection is, and Google doesn't seem to be forthcoming either.
This is my dev machine, so when I'm working on my web apps they run locally (i.e. using the web server in Visual Studio). The fact that the Windows Service and my dev web apps are running on this same machine suggest it's not to do with trust settings or what have you.
Can anyone suggest what I should try? This is one of those ones where I'm so stumped I can't even think of how to get more information about the problem.
Just a wild guess. NHibernate picks up the hibernate.cfg.xml file from the execution directory. Did you configure the execution directory of the service that it can find this file?
I've found out what the problem is. The Service did not deploy with the required NHibernate.ByteCode.LinFu.dll.
I appear to have an ongoing problem with the Visual Studio compiler not always copying indirect dependencies (i.e. dlls required by class libraries required by the app) into the output folder during the build. I should have thought of this sooner really.
Thanks for racking your brains on my behalf guys.
I bet the name of the connection string is missing from the app.config. For me that message is almost exclusively a missing connection string.
Are you targeting the same database or could it be some sort of schema mismatch between databases?
Could it be authentication issues on the service like you use windows authentication where it can't be used (or the sql authentication that doesn't work)?
It's hard to tell when there is no code, just an exception!
EDIT Are you ever using HttpContext, HostingEnvironment or anything else specific to "web"?

WCF can only serialize parameters on development machine

I have created a WCF service using vb.net. Everything works fine on my development machine but when I deployed it it failed with the following error
'There was an error while trying to deserialize parameter http://tempuri.org/:querys'
I call a single method on the service and it has a single parameter called 'querys'. This parameter was a list(Of CustomType).
I then created a new method with a single parameter of type ArrayList. Thinking that this should serialize. Again it works fine on my development machine but fails when I deploy it with the same error a above.
I am completely stumped how it can serialize a parameter on one machine and not on another. I've tried it on 2 other machine and it doesn't work on either of them. So that rules out a problem with the machine itself.
All machines are running Win XP and .Net v3.5. The service was developed using VB .net in Visual Studio 2008.
Has anyone else experienced this?
I have not included any code because the error is happening System.ServiceModel and as I mentioned above the code does work on the development machine.
Please let me know if you need any more information.
Thanks in advance
Did you mark your 'CustomType' and its fields/properties you want to serialize with attribute DataContract, DataMember?
When you add the service reference to your client app which setting do you use? (Reuse types in referenced assemblies, always generate message contracts...)
If you host the WCF service on a IIS, then you should remember to run this command on the servers.
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe /i /x
Thanks to everyone who replied,
I have resolved the problem but unfortunately do not how. I tried many code changes but as far as I can tell I have reset the code back to the way it was. It is working now and I can not spend any more time on the issue to find out what caused it.
Just one of those things I guess.