annotate cinst/nssstore_win.c @ 993:561cc777e0b6

Add failure indicator if translation load failed.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 01 Sep 2014 12:53:22 +0200
parents 1743895b39b8
children 1c1964c27b39 6684e5012b7a
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 392
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 392
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 392
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 392
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 392
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 392
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 392
diff changeset
7 */
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
8 #ifdef WIN32
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
9
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
10 /* @file
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
11 @brief Windows implementation of nssstore process control.
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
12
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
13 The windows process will write an instructions file for
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
14 the mozilla process into the current users temp directory
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
15 (%APPDATA%/Local/Temp/) and start the NSS installation process to
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
16 exectute those instructions. If the current process is elevated
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
17 the NSS process is run with a restricted token.
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
18 The execution of the mozilla process is not monitored.
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
19 You have to refer to the system log to check which certificates were
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
20 installed / removed by it.
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
21
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
22 If the installation process is running elevated it
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
23 will create the file in the ProgramData directory in
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
24 a subdirectory with the defined application name.
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
25 %PROGRAMDATA%/$APPLICATION_NAME
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
26 with the file name:
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
27 current_selection.txt
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
28 The folder will have restricted permissions so
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
29 that only Administrators are allowed to access it.
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
30
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
31 Additionally if this process is Elevated it also starts the
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
32 NSS installation process in default profile mode once to change
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
33 the default NSS certificate databases for new profiles.
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
34
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
35 The process then adds a new RunOnce registry key
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
36 for each user on the system that executes the NSS installation
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
37 process on login to make sure it is launched once in the
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
38 security context of that user.
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
39 */
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
40
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
41 #include <windows.h>
824
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
42 #include <winsafer.h>
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
43 #include <sddl.h>
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
44 #include <stdio.h>
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
45 #include <stdbool.h>
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
46 #include <userenv.h>
329
b1059360a0c7 Debugprintf with output debug string on windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 324
diff changeset
47 #include <io.h>
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
48 #include <accctrl.h>
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
49 #include <aclapi.h>
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
50
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
51 #include "logging.h"
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
52 #include "util.h"
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
53 #include "strhelp.h"
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
54
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
55 #ifndef APPNAME
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
56 #define APPNAME L"cinst"
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
57 #endif
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
58
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
59 /**@def The name of the nss installation process */
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
60 #define NSS_APP_NAME L"mozilla.exe"
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
61
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
62 #ifndef SELECTION_FILE_NAME
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
63 #define SELECTION_FILE_NAME L"currently_selected.txt"
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
64 #endif
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
65
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
66 /**@def The maximum time to wait for the NSS Process */
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
67 #define PROCESS_TIMEOUT 30000
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
68
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
69 /**@def The registry key to look for user profile directories */
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
70 #define PROFILE_LIST L"Software\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList"
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
71 #define RUNONCE_PATH L"Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce"
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
72
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
73 struct profile_key_path
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
74 {
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
75 char *sid;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
76 char *hive_path;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
77 struct profile_key_path *next;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
78 };
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
79
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
80 /**
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
81 * @brief combination of sid and hive path
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
82 */
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
83 typedef struct profile_key_path pkp_t;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
84
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
85 static void
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
86 pkp_t_free (pkp_t *item)
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
87 {
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
88 if (!item)
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
89 {
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
90 return;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
91 }
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
92 xfree (item->sid);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
93 xfree (item->hive_path);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
94 if (item->next)
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
95 {
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
96 pkp_t_free (item->next);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
97 }
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
98 xfree (item);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
99 }
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
100
824
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
101 /** @brief get a restricted access token to execute nss process
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
102 *
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
103 * This function uses the Software Restriction API to obtain the
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
104 * access token for a process run als normal user.
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
105 *
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
106 * @returns A restricted handle or NULL on error.
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
107 */
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
108 static HANDLE
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
109 get_restricted_token()
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
110 {
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
111 SAFER_LEVEL_HANDLE user_level = NULL;
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
112 HANDLE retval = NULL;
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
113 if (!SaferCreateLevel(SAFER_SCOPEID_USER,
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
114 SAFER_LEVELID_NORMALUSER,
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
115 SAFER_LEVEL_OPEN, &user_level, NULL))
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
116 {
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
117 PRINTLASTERROR ("Failed to create user level.\n");
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
118 return NULL;
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
119 }
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
120
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
121 if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL))
824
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
122 {
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
123 SaferCloseLevel(user_level);
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
124 return NULL;
824
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
125 }
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
126
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
127 return retval;
824
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
128 }
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
129
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
130 /**@brief Write strv of instructions to a handle
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
131 *
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
132 * Writes the null terminated list of instructions to
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
133 * the handle.
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
134 *
489
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
135 * @param [in] certificates base64 encoded der certificate to write
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
136 * @param [in] write_handle handle to write to
330
1e6d1eab8395 Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents: 329
diff changeset
137 * @param [in] remove weather the certificate should be installed or removed
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
138 *
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
139 * @returns true on success, false on failure
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
140 */
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
141 static bool
330
1e6d1eab8395 Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents: 329
diff changeset
142 write_instructions(char **certificates, HANDLE write_handle,
1e6d1eab8395 Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents: 329
diff changeset
143 bool remove)
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
144 {
489
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
145 bool retval = false;
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
146 int i = 0;
489
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
147 const char *line_end = "\r\n";
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
148 char *line_start = NULL;
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
149
330
1e6d1eab8395 Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents: 329
diff changeset
150 if (!certificates)
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
151 {
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
152 return true;
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
153 }
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
154
489
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
155 line_start = remove ? "R:" : "I:";
330
1e6d1eab8395 Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents: 329
diff changeset
156
1e6d1eab8395 Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents: 329
diff changeset
157 for (i = 0; certificates[i]; i++)
1e6d1eab8395 Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents: 329
diff changeset
158 {
489
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
159 DWORD written = 0;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
160 DWORD inst_len = strlen (certificates[i]);
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
161 retval = WriteFile (write_handle, (LPCVOID) line_start, 2, &written, NULL);
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
162 if (!retval)
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
163 {
489
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
164 PRINTLASTERROR ("Failed to write line start\n");
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
165 return false;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
166 }
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
167 if (written != 2)
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
168 {
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
169 ERRORPRINTF ("Failed to write line start\n");
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
170 retval = false;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
171 return false;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
172 }
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
173 written = 0;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
174 retval = WriteFile (write_handle, (LPCVOID) certificates[i], inst_len, &written, NULL);
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
175 if (!retval)
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
176 {
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
177 PRINTLASTERROR ("Failed to write certificate\n");
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
178 return false;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
179 }
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
180 if (inst_len != written)
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
181 {
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
182 ERRORPRINTF ("Failed to write everything\n");
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
183 retval = false;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
184 return false;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
185 }
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
186 written = 0;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
187 retval = WriteFile (write_handle, (LPCVOID) line_end, 2, &written, NULL);
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
188 if (!retval)
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
189 {
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
190 PRINTLASTERROR ("Failed to write line end\n");
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
191 return false;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
192 }
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
193 if (written != 2)
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
194 {
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
195 ERRORPRINTF ("Failed to write full line end\n");
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
196 retval = false;
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
197 return false;
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
198 }
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
199 }
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
200 return true;
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
201 }
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
202 /**@brief Get the path to all users default registry hive
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
203 *
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
204 * Enumerates the keys in #PROFILE_LIST and retuns a
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
205 * list of their profile path / sid pairs with the utf-8 encoded paths to
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
206 * their suggestedregistry hive location.
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
207 *
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
208 * Users with an SID not starting with S-1-5-21- are ignored
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
209 * as is the current user.
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
210 *
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
211 * The return value should be freed with pkp_t_free
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
212 *
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
213 * @returns a newly allocated strv of the paths to the registry hives or NULL
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
214 */
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
215 static pkp_t*
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
216 locate_other_hives()
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
217 {
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
218 HKEY profile_list = NULL;
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
219 int ret = 0;
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
220 DWORD index = 0,
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
221 key_len = 257;
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
222 /* According to
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
223 http://msdn.microsoft.com/en-us/library/windows/desktop/ms724872%28v=vs.85%29.aspx
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
224 a registry key is limited to 255 characters. But according to
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
225 http://www.sepago.de/e/holger/2010/07/20/how-long-can-a-registry-key-name-really-be
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
226 the actual limit is 256 + \0 thus we create a buffer for 257 wchar_t's*/
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
227 wchar_t key_name[257],
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
228 *current_user_sid = NULL;
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
229 pkp_t *retval = NULL,
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
230 *cur_item = NULL;
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
231 bool error = true;
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
232 PSID current_user = NULL;
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
233
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
234 ret = RegOpenKeyExW (HKEY_LOCAL_MACHINE, PROFILE_LIST, 0,
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
235 KEY_READ, &profile_list);
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
236 if (ret != ERROR_SUCCESS)
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
237 {
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
238 ERRORPRINTF ("Failed to open profile list. Error: %i", ret);
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
239 return NULL;
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
240 }
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
241
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
242 /* Obtain the current user sid to prevent it from being returned. */
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
243 current_user = get_process_owner (GetCurrentProcess());
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
244
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
245 if (!current_user)
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
246 {
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
247 ERRORPRINTF ("Failed to get the current user.");
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
248 goto done;
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
249 }
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
250
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
251 if (!ConvertSidToStringSidW (current_user, &current_user_sid))
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
252 {
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
253 PRINTLASTERROR ("Failed to convert sid to string.");
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
254 goto done;
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
255 }
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
256
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
257 while ((ret = RegEnumKeyExW (profile_list, index++,
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
258 key_name, &key_len,
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
259 NULL, NULL, NULL, NULL)) == ERROR_SUCCESS)
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
260 {
674
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
261 char *profile_path = NULL;
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
262 wchar_t *key_path = NULL;
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
263 size_t key_path_len = 0,
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
264 profile_path_len = 0;
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
265
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
266 if (key_len == 257)
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
267 {
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
268 ERRORPRINTF ("Registry key too long.");
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
269 goto done;
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
270 }
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
271
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
272 /* Reset key_len to buffer size */
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
273 key_len = 257;
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
274
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
275 if (wcsncmp (L"S-1-5-21-", key_name, 9) != 0 ||
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
276 wcscmp (current_user_sid, key_name) == 0)
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
277 {
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
278 /* S-1-5-21 is the well known prefix for local users. Skip all
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
279 others and the current user*/
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
280 continue;
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
281 }
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
282
674
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
283 key_path_len = key_len + wcslen(PROFILE_LIST L"\\") + 1;
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
284 key_path = xmalloc (key_path_len * sizeof (wchar_t));
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
285
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
286 wcscpy_s (key_path, key_path_len, PROFILE_LIST L"\\");
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
287 wcscat_s (key_path, key_path_len, key_name);
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
288 key_path[key_path_len - 1] = '\0';
674
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
289
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
290 DEBUGPRINTF ("Key : %S", key_name);
674
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
291 profile_path = read_registry_string (HKEY_LOCAL_MACHINE,
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
292 key_path, L"ProfileImagePath");
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
293 xfree (key_path);
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
294
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
295 if (profile_path == NULL)
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
296 {
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
297 ERRORPRINTF ("Failed to get profile path.");
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
298 continue;
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
299 }
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
300 profile_path_len = strlen (profile_path);
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
301 str_append_str (&profile_path, &profile_path_len, "\\ntuser.dat", 11);
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
302 if (retval == NULL)
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
303 {
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
304 retval = xmalloc (sizeof (pkp_t));
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
305 cur_item = retval;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
306 }
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
307 else
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
308 {
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
309 cur_item->next = xmalloc (sizeof(pkp_t));
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
310 cur_item = cur_item->next;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
311 }
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
312 cur_item->hive_path = profile_path;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
313 cur_item->sid = wchar_to_utf8 (key_name, wcslen(key_name));
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
314 cur_item->next = NULL;
674
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
315
f1795a232418 Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 671
diff changeset
316 DEBUGPRINTF ("Trying to access registry hive: %s", profile_path);
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
317 }
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
318
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
319 if (ret != ERROR_NO_MORE_ITEMS)
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
320 {
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
321 ERRORPRINTF ("Failed to enumeratre profile list. Error: %i", ret);
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
322 goto done;
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
323 }
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
324
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
325 error = false;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
326
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
327 done:
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
328 xfree (current_user);
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
329
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
330 RegCloseKey (profile_list);
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
331
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
332 if (current_user_sid)
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
333 {
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
334 LocalFree (current_user_sid);
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
335 }
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 668
diff changeset
336
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
337 if (error)
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
338 {
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
339 pkp_t_free (retval);
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
340 retval = NULL;
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
341 }
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
342
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
343 return retval;
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
344 }
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
345
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
346 /** @brief Build the command line for the NSS installation process
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
347 *
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
348 * Caller has to free the return value
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
349 *
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
350 * @param [in] selection_file the certificates to install
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
351 *
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
352 * @returns the command line to install the certificates. */
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
353 static wchar_t*
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
354 get_command_line(wchar_t *selection_file)
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
355 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
356 LPWSTR retval;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
357 char *install_dir = get_install_dir();
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
358 wchar_t *w_inst_dir;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
359 size_t cmd_line_len = 0;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
360
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
361 if (install_dir == NULL)
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
362 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
363 ERRORPRINTF ("Failed to get installation directory");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
364 return NULL;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
365 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
366
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
367 w_inst_dir = utf8_to_wchar (install_dir, strlen(install_dir));
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
368 xfree (install_dir);
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
369
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
370 if (w_inst_dir == NULL)
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
371 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
372 ERRORPRINTF ("Failed to convert installation directory");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
373 return NULL;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
374 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
375
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
376 /* installdir + dirsep + quotes + process name + space + quotes + selection_file
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
377 + NULL */
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
378 cmd_line_len = wcslen (w_inst_dir) + 1 + 2 + wcslen (NSS_APP_NAME) +
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
379 + 1 + 2 + wcslen(selection_file) + 1;
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
380 retval = xmalloc (cmd_line_len * sizeof(wchar_t));
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
381
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
382 wcscpy_s (retval, cmd_line_len, L"\"");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
383 wcscat_s (retval, cmd_line_len, w_inst_dir);
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
384 wcscat_s (retval, cmd_line_len, L"\\");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
385 wcscat_s (retval, cmd_line_len, NSS_APP_NAME);
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
386 wcscat_s (retval, cmd_line_len, L"\" \"");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
387 wcscat_s (retval, cmd_line_len, selection_file);
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
388 wcscat_s (retval, cmd_line_len, L"\"");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
389
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
390 return retval;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
391 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
392
676
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
393 /** @brief Increase the privileges of the current token to allow registry access
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
394 *
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
395 * To load another users registry you need SE_BACKUP_NAME and SE_RESTORE_NAME
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
396 * privileges. Normally if we are running elevated we can obtain them.
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
397 *
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
398 * @returns true if the privileges could be obtained. False otherwise
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
399 */
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
400 static bool
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
401 get_backup_restore_priv()
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
402 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
403 HANDLE hToken = NULL;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
404 PTOKEN_PRIVILEGES psToken = NULL;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
405 DWORD token_size = 0,
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
406 dwI = 0,
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
407 token_size_new = 0,
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
408 privilege_size = 128;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
409 char privilege_name[128];
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
410 bool retval = false;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
411 bool backup_found = false;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
412 bool restore_found = false;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
413
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
414
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
415 if (!OpenProcessToken (GetCurrentProcess(),
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
416 TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
417 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
418 PRINTLASTERROR ("Failed to get process token.");
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
419 return false;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
420 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
421
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
422 /* Get the size for the token */
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
423 GetTokenInformation (hToken, TokenPrivileges, NULL, 0, &token_size);
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
424 if (token_size == 0)
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
425 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
426 PRINTLASTERROR ("Failed to get token size.");
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
427 goto done;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
428 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
429
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
430 psToken = xmalloc(token_size);
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
431
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
432 if (!GetTokenInformation (hToken, TokenPrivileges, psToken, token_size, &token_size_new))
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
433 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
434 PRINTLASTERROR ("Failed to get token information.");
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
435 goto done;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
436 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
437
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
438 if (token_size != token_size_new)
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
439 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
440 ERRORPRINTF ("Size changed.");
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
441 goto done;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
442 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
443
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
444 for(dwI = 0; dwI < psToken->PrivilegeCount; dwI++)
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
445 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
446 privilege_size = sizeof (privilege_name);
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
447 if (!LookupPrivilegeNameA (NULL, &psToken->Privileges[dwI].Luid,
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
448 privilege_name, &privilege_size))
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
449 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
450 PRINTLASTERROR ("Failed to lookup privilege name");
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
451 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
452
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
453 if(strcmp(privilege_name, "SeRestorePrivilege") == 0)
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
454 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
455 psToken->Privileges[dwI].Attributes |= SE_PRIVILEGE_ENABLED;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
456 restore_found = true;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
457 continue;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
458 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
459 if(strcmp(privilege_name, "SeBackupPrivilege") == 0)
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
460 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
461 psToken->Privileges[dwI].Attributes |= SE_PRIVILEGE_ENABLED;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
462 backup_found = true;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
463 continue;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
464 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
465 if (backup_found && restore_found)
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
466 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
467 break;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
468 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
469 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
470
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
471 if (backup_found && restore_found)
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
472 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
473 if(!AdjustTokenPrivileges (hToken, 0, psToken, token_size, NULL, NULL))
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
474 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
475 PRINTLASTERROR ("Failed to adjust token privileges.");
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
476 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
477 else
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
478 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
479 retval = true;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
480 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
481 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
482
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
483 done:
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
484 if (hToken != NULL)
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
485 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
486 CloseHandle(hToken);
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
487 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
488 xfree(psToken);
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
489 return retval;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
490 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
491
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
492 /**@brief Register NSS process as runOnce for other users
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
493 *
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
494 * Loads the registry hives of other users on the system and
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
495 * adds a RunOnce registry key to start the NSS process to
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
496 * install the current selection on their next login.
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
497 *
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
498 * This should avoid conflicts with their firefox / thunderbird
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
499 * while making the certificates available for their applications.
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
500 *
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
501 * This function needs SE_BACKUP_NAME and SE_RESTORE_NAME
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
502 * privileges.
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
503 *
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
504 * @param [in] selection_file filename of the file containing
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
505 * the users install / remove selection.
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
506 */
676
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
507 static void
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
508 register_proccesses_for_others (wchar_t *selection_file)
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
509 {
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
510 pkp_t *pkplist = locate_other_hives(),
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
511 *cur = NULL;
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
512 wchar_t *run_command = NULL;
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
513
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
514 if (pkplist == NULL)
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
515 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
516 DEBUGPRINTF ("No hives found.");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
517 return;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
518 }
676
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
519
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
520 if (!get_backup_restore_priv())
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
521 {
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
522 ERRORPRINTF ("Failed to obtain backup / restore privileges.");
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
523 return;
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
524 }
cb40af11ec3a Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
525
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
526 run_command = get_command_line (selection_file);
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
527 for (cur = pkplist; cur != NULL; cur = cur->next)
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
528 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
529 LONG ret = 0;
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
530 wchar_t *hivepath = utf8_to_wchar (cur->hive_path, strlen(cur->hive_path));
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
531 HKEY key_handle = NULL;
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
532 bool key_loaded = false;
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
533
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
534 if (hivepath == NULL)
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
535 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
536 ERRORPRINTF ("Failed to read hive path");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
537 continue;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
538 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
539 ret = RegLoadKeyW (HKEY_LOCAL_MACHINE, APPNAME L"_tmphive", hivepath);
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
540
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
541 xfree (hivepath);
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
542 hivepath = NULL;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
543
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
544 if (ret != ERROR_SUCCESS)
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
545 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
546 /* This is somewhat expected if the registry is not located
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
547 in the standard location or already loaded. Try to access
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
548 the loaded registry in that case*/
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
549 wchar_t *user_key = NULL,
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
550 *w_sid = NULL;
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
551 size_t user_key_len = 0;
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
552
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
553 SetLastError((DWORD)ret);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
554 PRINTLASTERROR ("Failed to load hive. Trying to access already loaded hive.");
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
555
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
556 w_sid = utf8_to_wchar (cur->sid, strlen(cur->sid));
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
557 if (!w_sid)
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
558 {
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
559 ERRORPRINTF ("Failed to read sid.");
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
560 continue;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
561 }
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
562 user_key_len = wcslen (L"\\" RUNONCE_PATH) + wcslen(w_sid) + 1;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
563 user_key = xmalloc (user_key_len * sizeof (wchar_t));
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
564 wcscpy_s (user_key, user_key_len, w_sid);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
565 wcscat_s (user_key, user_key_len, L"\\" RUNONCE_PATH);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
566 user_key[user_key_len - 1] = '\0';
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
567 xfree (w_sid);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
568 w_sid = NULL;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
569
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
570 ret = RegOpenKeyExW (HKEY_USERS,
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
571 user_key,
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
572 0,
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
573 KEY_WRITE,
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
574 &key_handle);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
575 xfree (user_key);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
576 if (ret != ERROR_SUCCESS)
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
577 {
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
578 ERRORPRINTF ("Failed to find RunOnce key for sid: %s in HKEY_USERS.", cur->sid);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
579 continue;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
580 }
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
581 }
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
582 else
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
583 {
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
584 key_loaded = true;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
585 ret = RegOpenKeyExW (HKEY_LOCAL_MACHINE,
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
586 APPNAME L"_tmphive\\" RUNONCE_PATH,
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
587 0,
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
588 KEY_WRITE,
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
589 &key_handle);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
590
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
591 if (ret != ERROR_SUCCESS)
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
592 {
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
593 ERRORPRINTF ("Failed to find RunOnce key in other registry.");
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
594 RegUnLoadKey (HKEY_LOCAL_MACHINE, APPNAME L"_tmphive");
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
595 continue;
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
596 }
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
597
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
598 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
599
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
600 ret = RegSetValueExW (key_handle, APPNAME, 0, REG_SZ, (LPBYTE) run_command,
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
601 (wcslen(run_command) + 1) * sizeof(wchar_t));
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
602
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
603 if (ret != ERROR_SUCCESS)
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
604 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
605 ERRORPRINTF ("Failed to write RunOnce key.");
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
606 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
607
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
608 RegCloseKey (key_handle);
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
609 if (key_loaded)
677
85c5aa9aba2b Improve error handling and use unicode function for unload
Andre Heinecke <andre.heinecke@intevation.de>
parents: 676
diff changeset
610 {
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
611 ret = RegUnLoadKeyW (HKEY_LOCAL_MACHINE, APPNAME L"_tmphive");
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
612 if (ret != ERROR_SUCCESS)
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
613 {
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
614 SetLastError ((DWORD)ret);
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
615 PRINTLASTERROR ("Failed to unload hive.");
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
616 }
677
85c5aa9aba2b Improve error handling and use unicode function for unload
Andre Heinecke <andre.heinecke@intevation.de>
parents: 676
diff changeset
617 }
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
618 }
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
619
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
620 xfree (run_command);
856
797aa8d9c785 (issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
621 pkp_t_free (pkplist);
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
622 }
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
623
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
624 /**@brief Start the process to install / remove
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
625 *
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
626 * Starts the NSS installation process for the current user
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
627 *
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
628 * @param [in] selection_file filename of the file containing
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
629 * the users install / remove selection.
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
630 *
985
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
631 * @param [in] drop_privileges weather or not elevated privileges
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
632 * should be dropped before starting the process.
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
633 *
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
634 * @returns true on success, false on error.
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
635 */
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
636 static bool
985
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
637 start_procces_for_user (wchar_t *selection_file, bool drop_privileges)
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
638 {
825
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
639 HANDLE hToken = NULL;
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
640 LPWSTR lpApplicationPath = NULL,
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
641 lpCommandLine = NULL;
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
642 PROCESS_INFORMATION piProcInfo = {0};
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
643 STARTUPINFOW siStartInfo = {0};
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
644 BOOL success = FALSE;
825
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
645 char *install_dir = get_install_dir();
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
646 wchar_t *w_inst_dir;
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
647 size_t w_path_len = 0;
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
648
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
649 if (!selection_file)
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
650 {
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
651 ERRORPRINTF ("Invalid call\n");
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
652 return false;
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
653 }
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
654
825
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
655 /* Set up the application path. It's installdir + NSS_APP_NAME */
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
656 if (install_dir == NULL)
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
657 {
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
658 ERRORPRINTF ("Failed to get installation directory");
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
659 return FALSE;
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
660 }
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
661
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
662 w_inst_dir = utf8_to_wchar (install_dir, strlen(install_dir));
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
663 xfree (install_dir);
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
664 install_dir = NULL;
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
665
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
666 w_path_len = wcslen(w_inst_dir) + wcslen(L"\\" NSS_APP_NAME) + 1;
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
667 lpApplicationPath = xmalloc(w_path_len * sizeof (wchar_t));
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
668 wcscpy_s (lpApplicationPath, w_path_len, w_inst_dir);
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
669 xfree (w_inst_dir);
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
670 w_inst_dir = NULL;
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
671 wcscat_s (lpApplicationPath, w_path_len, L"\\" NSS_APP_NAME);
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
672
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
673 /* set up handles. stdin and stdout go to the same stdout*/
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
674 siStartInfo.cb = sizeof (STARTUPINFO);
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
675
985
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
676 if (is_elevated() && drop_privileges)
824
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
677 {
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
678 /* Start the child process as normal user */
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
679 hToken = get_restricted_token ();
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
680 if (hToken == NULL)
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
681 {
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
682 ERRORPRINTF ("Failed to get user level token.");
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
683 return false;
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
684 }
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
685 }
a511c1f45c70 (Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 677
diff changeset
686 else if(!OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken))
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
687 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
688 PRINTLASTERROR("Failed to get current handle.");
825
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
689 xfree (lpApplicationPath);
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
690 return false;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
691 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
692
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
693 lpCommandLine = get_command_line (selection_file);
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
694
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
695 if (lpCommandLine == NULL)
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
696 {
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
697 ERRORPRINTF ("Failed to build command line.");
825
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
698 xfree (lpApplicationPath);
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
699 return false;
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 674
diff changeset
700 }
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
701
825
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
702 DEBUGPRINTF ("Starting %S with command line %S\n", lpApplicationPath, lpCommandLine);
392
8090a1bc1b5b Add a space in the command line
Andre Heinecke <andre.heinecke@intevation.de>
parents: 391
diff changeset
703
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
704 success = CreateProcessAsUserW (hToken,
825
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
705 lpApplicationPath,
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
706 lpCommandLine, /* Commandline */
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
707 NULL, /* Process attributes. Take hToken */
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
708 NULL, /* Thread attribues. Take hToken */
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
709 FALSE, /* Inherit Handles */
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
710 0, /* Creation flags. */
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
711 NULL, /* Inherit environment */
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
712 NULL, /* Current working directory */
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
713 &siStartInfo,
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
714 &piProcInfo);
825
24e1e47e2d1a Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents: 824
diff changeset
715 xfree (lpApplicationPath);
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
716 xfree (lpCommandLine);
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
717 if (!success)
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
718 {
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
719 PRINTLASTERROR ("Failed to create process.\n");
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
720 return false;
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
721 }
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
722
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
723 if (WaitForSingleObject (piProcInfo.hProcess, PROCESS_TIMEOUT) != WAIT_OBJECT_0)
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
724 {
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
725 /* Should not happen... */
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
726 ERRORPRINTF ("Failed to wait for process.\n");
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
727 if (piProcInfo.hProcess)
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
728 CloseHandle (piProcInfo.hProcess);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
729 if (piProcInfo.hThread)
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
730 CloseHandle (piProcInfo.hThread);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
731 return false;
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
732 }
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
733 if (piProcInfo.hProcess)
330
1e6d1eab8395 Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents: 329
diff changeset
734 CloseHandle (piProcInfo.hProcess);
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
735 if (piProcInfo.hThread)
330
1e6d1eab8395 Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents: 329
diff changeset
736 CloseHandle (piProcInfo.hThread);
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
737 return true;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
738 }
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
739
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
740 /**@brief Writes the selection file containing the instructions
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
741 *
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
742 * If the process is running elevated the instructions are
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
743 * written to the global ProgramData directory otherwise
826
4aa33c408776 Remove TODO windows gracefully handles the case where the data directory is not accessible.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 825
diff changeset
744 * they are written in the directory of the current user.
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
745 *
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
746 * If the return value is not NULL it needs to be freed by the caller.
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
747 * The returned path will contain backslashes as directory seperators.
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
748 *
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
749 * @param[in] to_install Certificates that should be installed
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
750 * @param[in] to_remove Certificates that should be removed
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
751 * @returns pointer to the absolute filename of the selection file or NULL
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
752 */
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
753 wchar_t *
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
754 write_selection_file (char **to_install, char **to_remove)
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
755 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
756 wchar_t *folder_name = NULL,
905
698b6a9bd75e Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents: 856
diff changeset
757 *path = NULL;
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
758 HANDLE hFile = NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
759 size_t path_len;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
760
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
761 folder_name = get_program_data_folder();
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
762 if (!folder_name)
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
763 {
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 905
diff changeset
764 ERRORPRINTF("Failed to look up ProgramData folder.\n");
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
765 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
766 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
767
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
768 path_len = wcslen (folder_name) + wcslen (APPNAME) + 2; /* path + dirsep + \0 */
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
769 path_len += wcslen (SELECTION_FILE_NAME) + 1; /* filename + dirsep */
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
770
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
771 if (path_len >= MAX_PATH)
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
772 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
773 /* We could go and use the full 32,767 characters but this
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
774 should be a very weird setup if this is neccessary. */
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
775 ERRORPRINTF ("Path too long.\n");
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
776 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
777 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
778
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
779 path = xmalloc (path_len * sizeof (wchar_t));
363
d10d9bc2e84f Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents: 360
diff changeset
780 if (wcscpy_s (path, path_len, folder_name) != 0)
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
781 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
782 ERRORPRINTF ("Failed to copy folder name.\n");
363
d10d9bc2e84f Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents: 360
diff changeset
783
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
784 CoTaskMemFree (folder_name);
363
d10d9bc2e84f Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents: 360
diff changeset
785
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
786 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
787 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
788
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
789 CoTaskMemFree (folder_name);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
790
363
d10d9bc2e84f Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents: 360
diff changeset
791 if (wcscat_s (path, path_len, L"\\") != 0)
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
792 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
793 ERRORPRINTF ("Failed to cat dirsep.\n");
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
794 xfree(path);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
795 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
796 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
797
363
d10d9bc2e84f Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents: 360
diff changeset
798 if (wcscat_s (path, path_len, APPNAME) != 0)
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
799 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
800 ERRORPRINTF ("Failed to cat appname.\n");
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
801 xfree(path);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
802 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
803 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
804
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
805 /* Security: if someone has created this directory before
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
806 it might be a symlink to another place that a users
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
807 wants us to grant read access to or makes us overwrite
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
808 something */
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
809 if(!create_restricted_directory (path))
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
810 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
811 ERRORPRINTF ("Failed to create directory\n");
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
812 xfree(path);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
813 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
814 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
815
363
d10d9bc2e84f Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents: 360
diff changeset
816 if (wcscat_s (path, path_len, L"\\") != 0)
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
817 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
818 ERRORPRINTF ("Failed to cat dirsep.\n");
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
819 xfree(path);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
820 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
821 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
822
363
d10d9bc2e84f Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents: 360
diff changeset
823 if (wcscat_s (path, path_len, SELECTION_FILE_NAME) != 0)
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
824 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
825 ERRORPRINTF ("Failed to cat filename.\n");
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
826 xfree(path);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
827 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
828 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
829
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
830 hFile = CreateFileW(path,
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
831 GENERIC_WRITE,
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
832 0, /* don't share */
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
833 NULL, /* use the security attributes from the folder */
489
a9da8e4eeff7 Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
834 OPEN_ALWAYS | TRUNCATE_EXISTING,
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
835 0,
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
836 NULL);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
837
502
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
838 if (hFile == INVALID_HANDLE_VALUE && GetLastError() == ERROR_FILE_NOT_FOUND)
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
839 {
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
840 hFile = CreateFileW(path,
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
841 GENERIC_WRITE,
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
842 0, /* don't share */
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
843 NULL, /* use the security attributes from the folder */
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
844 CREATE_NEW,
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
845 0,
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
846 NULL);
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
847 }
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
848 if (hFile == INVALID_HANDLE_VALUE)
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
849 {
502
e551de11d8b6 Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents: 489
diff changeset
850 PRINTLASTERROR ("Failed to create file\n");
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
851 xfree(path);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
852 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
853 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
854 if (!write_instructions (to_install, hFile, false))
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
855 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
856 ERRORPRINTF ("Failed to write install instructions.\n");
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
857 CloseHandle(hFile);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
858 xfree(path);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
859 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
860 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
861 if (!write_instructions (to_remove, hFile, true))
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
862 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
863 ERRORPRINTF ("Failed to write remove instructions.\n");
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
864 CloseHandle(hFile);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
865 xfree(path);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
866 return NULL;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
867 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
868 CloseHandle(hFile);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
869
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
870 return path;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
871 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
872
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
873 int
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
874 write_stores_nss (char **to_install, char **to_remove)
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
875 {
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
876 wchar_t *selection_file_name = NULL;
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
877
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
878 selection_file_name = write_selection_file (to_install, to_remove);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
879 if (!selection_file_name)
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
880 {
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
881 ERRORPRINTF ("Failed to write instructions.\n");
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
882 return -1;
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
883 }
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
884
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
885 DEBUGPRINTF ("Wrote selection file. Loc: %S\n", selection_file_name);
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
886
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
887 if (is_elevated())
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
888 {
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
889 register_proccesses_for_others (selection_file_name);
985
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
890 /* Start the NSS process once with elevated rights to
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
891 install into the default profile directories. */
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
892 if (!start_procces_for_user (selection_file_name, false))
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
893 {
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
894 ERRORPRINTF ("Failed to run NSS installation process for default folders.\n");
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
895 xfree(selection_file_name);
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
896 return -1;
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
897 }
668
ef6d3dc9e930 Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents: 665
diff changeset
898 }
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
899
985
1743895b39b8 (issue86) Install into default profile folders on windows.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
900 if (!start_procces_for_user (selection_file_name, true))
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
901 {
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
902 ERRORPRINTF ("Failed to run NSS installation process.\n");
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
903 xfree(selection_file_name);
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
904 return -1;
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
905 }
360
c0eac5c8c245 Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents: 330
diff changeset
906 xfree(selection_file_name);
324
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
907 return 0;
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
908 }
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
909
eff8e7ce4dae Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
910 #endif

http://wald.intevation.org/projects/trustbridge/