Mercurial > trustbridge
annotate cinst/nssstore_win.c @ 975:b3695a3399de
(issue86) Install into default directories on Linux
If the mozilla process is now started as root it will
try to write into the default directories for NSS Shared
and mozilla / thunderbird profiles.
Cinst will now start the mozilla process once as root.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Fri, 29 Aug 2014 12:59:44 +0200 |
parents | 698b6a9bd75e |
children | 427e2e18b8c8 |
rev | line source |
---|---|
404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
2 * Software engineering by Intevation GmbH | |
3 * | |
4 * This file is Free Software under the GNU GPL (v>=2) | |
5 * and comes with ABSOLUTELY NO WARRANTY! | |
6 * See LICENSE.txt for details. | |
7 */ | |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 #ifdef WIN32 |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
9 |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
10 /* @file |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
11 @brief Windows implementation of nssstore process control. |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
12 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
13 The windows process will write an instructions file for |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
14 the mozilla process into the current users temp directory |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
15 (%APPDATA%/Local/Temp/) and start the NSS installation process to |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
16 exectute those instructions. If the current process is elevated |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
17 the NSS process is run with a restricted token. |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
18 The execution of the mozilla process is not monitored. |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
19 You have to refer to the system log to check which certificates were |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
20 installed / removed by it. |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
21 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
22 If the installation process is running elevated it |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
23 will create the file in the ProgramData directory in |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
24 a subdirectory with the defined application name. |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
25 %PROGRAMDATA%/$APPLICATION_NAME |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
26 with the file name: |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
27 current_selection.txt |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
28 The folder will have restricted permissions so |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
29 that only Administrators are allowed to access it. |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
30 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
31 Additionally if this process is Elevated it also starts the |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
32 NSS installation process in default profile mode once to change |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
33 the default NSS certificate databases for new profiles. |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
34 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
35 The process then adds a new RunOnce registry key |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
36 for each user on the system that executes the NSS installation |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
37 process on login to make sure it is launched once in the |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
38 security context of that user. |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
39 */ |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
40 |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
41 #include <windows.h> |
824
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
42 #include <winsafer.h> |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
43 #include <sddl.h> |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
44 #include <stdio.h> |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
45 #include <stdbool.h> |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
46 #include <userenv.h> |
329
b1059360a0c7
Debugprintf with output debug string on windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
324
diff
changeset
|
47 #include <io.h> |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
48 #include <accctrl.h> |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
49 #include <aclapi.h> |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
50 #include <shlobj.h> |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
51 |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
52 #include "logging.h" |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
53 #include "util.h" |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
54 #include "strhelp.h" |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
55 |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
56 #ifndef APPNAME |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
57 #define APPNAME L"cinst" |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
58 #endif |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
59 |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
60 /**@def The name of the nss installation process */ |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
61 #define NSS_APP_NAME L"mozilla.exe" |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
62 |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
63 #ifndef SELECTION_FILE_NAME |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
64 #define SELECTION_FILE_NAME L"currently_selected.txt" |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
65 #endif |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
66 |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
67 /**@def The maximum time to wait for the NSS Process */ |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
68 #define PROCESS_TIMEOUT 30000 |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
69 |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
70 /**@def The registry key to look for user profile directories */ |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
71 #define PROFILE_LIST L"Software\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList" |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
72 #define RUNONCE_PATH L"Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce" |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
73 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
74 struct profile_key_path |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
75 { |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
76 char *sid; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
77 char *hive_path; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
78 struct profile_key_path *next; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
79 }; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
80 |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
81 /** |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
82 * @brief combination of sid and hive path |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
83 */ |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
84 typedef struct profile_key_path pkp_t; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
85 |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
86 static void |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
87 pkp_t_free (pkp_t *item) |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
88 { |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
89 if (!item) |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
90 { |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
91 return; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
92 } |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
93 xfree (item->sid); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
94 xfree (item->hive_path); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
95 if (item->next) |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
96 { |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
97 pkp_t_free (item->next); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
98 } |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
99 xfree (item); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
100 } |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
101 |
824
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
102 /** @brief get a restricted access token to execute nss process |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
103 * |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
104 * This function uses the Software Restriction API to obtain the |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
105 * access token for a process run als normal user. |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
106 * |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
107 * @returns A restricted handle or NULL on error. |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
108 */ |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
109 static HANDLE |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
110 get_restricted_token() |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
111 { |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
112 SAFER_LEVEL_HANDLE user_level = NULL; |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
113 HANDLE retval = NULL; |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
114 if (!SaferCreateLevel(SAFER_SCOPEID_USER, |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
115 SAFER_LEVELID_NORMALUSER, |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
116 SAFER_LEVEL_OPEN, &user_level, NULL)) |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
117 { |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
118 PRINTLASTERROR ("Failed to create user level.\n"); |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
119 return NULL; |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
120 } |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
121 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
122 if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL)) |
824
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
123 { |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
124 SaferCloseLevel(user_level); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
125 return NULL; |
824
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
126 } |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
127 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
128 return retval; |
824
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
129 } |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
130 |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
131 /**@brief Write strv of instructions to a handle |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
132 * |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
133 * Writes the null terminated list of instructions to |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
134 * the handle. |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
135 * |
489
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
136 * @param [in] certificates base64 encoded der certificate to write |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
137 * @param [in] write_handle handle to write to |
330
1e6d1eab8395
Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents:
329
diff
changeset
|
138 * @param [in] remove weather the certificate should be installed or removed |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
139 * |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
140 * @returns true on success, false on failure |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
141 */ |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
142 static bool |
330
1e6d1eab8395
Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents:
329
diff
changeset
|
143 write_instructions(char **certificates, HANDLE write_handle, |
1e6d1eab8395
Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents:
329
diff
changeset
|
144 bool remove) |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
145 { |
489
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
146 bool retval = false; |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
147 int i = 0; |
489
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
148 const char *line_end = "\r\n"; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
149 char *line_start = NULL; |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
150 |
330
1e6d1eab8395
Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents:
329
diff
changeset
|
151 if (!certificates) |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
152 { |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
153 return true; |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
154 } |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
155 |
489
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
156 line_start = remove ? "R:" : "I:"; |
330
1e6d1eab8395
Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents:
329
diff
changeset
|
157 |
1e6d1eab8395
Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents:
329
diff
changeset
|
158 for (i = 0; certificates[i]; i++) |
1e6d1eab8395
Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents:
329
diff
changeset
|
159 { |
489
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
160 DWORD written = 0; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
161 DWORD inst_len = strlen (certificates[i]); |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
162 retval = WriteFile (write_handle, (LPCVOID) line_start, 2, &written, NULL); |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
163 if (!retval) |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
164 { |
489
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
165 PRINTLASTERROR ("Failed to write line start\n"); |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
166 return false; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
167 } |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
168 if (written != 2) |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
169 { |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
170 ERRORPRINTF ("Failed to write line start\n"); |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
171 retval = false; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
172 return false; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
173 } |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
174 written = 0; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
175 retval = WriteFile (write_handle, (LPCVOID) certificates[i], inst_len, &written, NULL); |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
176 if (!retval) |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
177 { |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
178 PRINTLASTERROR ("Failed to write certificate\n"); |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
179 return false; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
180 } |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
181 if (inst_len != written) |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
182 { |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
183 ERRORPRINTF ("Failed to write everything\n"); |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
184 retval = false; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
185 return false; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
186 } |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
187 written = 0; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
188 retval = WriteFile (write_handle, (LPCVOID) line_end, 2, &written, NULL); |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
189 if (!retval) |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
190 { |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
191 PRINTLASTERROR ("Failed to write line end\n"); |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
192 return false; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
193 } |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
194 if (written != 2) |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
195 { |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
196 ERRORPRINTF ("Failed to write full line end\n"); |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
197 retval = false; |
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
198 return false; |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
199 } |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
200 } |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
201 return true; |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
202 } |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
203 /**@brief Get the path to all users default registry hive |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
204 * |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
205 * Enumerates the keys in #PROFILE_LIST and retuns a |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
206 * list of their profile path / sid pairs with the utf-8 encoded paths to |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
207 * their suggestedregistry hive location. |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
208 * |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
209 * Users with an SID not starting with S-1-5-21- are ignored |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
210 * as is the current user. |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
211 * |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
212 * The return value should be freed with pkp_t_free |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
213 * |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
214 * @returns a newly allocated strv of the paths to the registry hives or NULL |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
215 */ |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
216 static pkp_t* |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
217 locate_other_hives() |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
218 { |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
219 HKEY profile_list = NULL; |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
220 int ret = 0; |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
221 DWORD index = 0, |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
222 key_len = 257; |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
223 /* According to |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
224 http://msdn.microsoft.com/en-us/library/windows/desktop/ms724872%28v=vs.85%29.aspx |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
225 a registry key is limited to 255 characters. But according to |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
226 http://www.sepago.de/e/holger/2010/07/20/how-long-can-a-registry-key-name-really-be |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
227 the actual limit is 256 + \0 thus we create a buffer for 257 wchar_t's*/ |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
228 wchar_t key_name[257], |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
229 *current_user_sid = NULL; |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
230 pkp_t *retval = NULL, |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
231 *cur_item = NULL; |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
232 bool error = true; |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
233 PSID current_user = NULL; |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
234 |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
235 ret = RegOpenKeyExW (HKEY_LOCAL_MACHINE, PROFILE_LIST, 0, |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
236 KEY_READ, &profile_list); |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
237 if (ret != ERROR_SUCCESS) |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
238 { |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
239 ERRORPRINTF ("Failed to open profile list. Error: %i", ret); |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
240 return NULL; |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
241 } |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
242 |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
243 /* Obtain the current user sid to prevent it from being returned. */ |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
244 current_user = get_process_owner (GetCurrentProcess()); |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
245 |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
246 if (!current_user) |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
247 { |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
248 ERRORPRINTF ("Failed to get the current user."); |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
249 goto done; |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
250 } |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
251 |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
252 if (!ConvertSidToStringSidW (current_user, ¤t_user_sid)) |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
253 { |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
254 PRINTLASTERROR ("Failed to convert sid to string."); |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
255 goto done; |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
256 } |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
257 |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
258 while ((ret = RegEnumKeyExW (profile_list, index++, |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
259 key_name, &key_len, |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
260 NULL, NULL, NULL, NULL)) == ERROR_SUCCESS) |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
261 { |
674
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
262 char *profile_path = NULL; |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
263 wchar_t *key_path = NULL; |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
264 size_t key_path_len = 0, |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
265 profile_path_len = 0; |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
266 |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
267 if (key_len == 257) |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
268 { |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
269 ERRORPRINTF ("Registry key too long."); |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
270 goto done; |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
271 } |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
272 |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
273 /* Reset key_len to buffer size */ |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
274 key_len = 257; |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
275 |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
276 if (wcsncmp (L"S-1-5-21-", key_name, 9) != 0 || |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
277 wcscmp (current_user_sid, key_name) == 0) |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
278 { |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
279 /* S-1-5-21 is the well known prefix for local users. Skip all |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
280 others and the current user*/ |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
281 continue; |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
282 } |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
283 |
674
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
284 key_path_len = key_len + wcslen(PROFILE_LIST L"\\") + 1; |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
285 key_path = xmalloc (key_path_len * sizeof (wchar_t)); |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
286 |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
287 wcscpy_s (key_path, key_path_len, PROFILE_LIST L"\\"); |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
288 wcscat_s (key_path, key_path_len, key_name); |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
289 key_path[key_path_len - 1] = '\0'; |
674
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
290 |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
291 DEBUGPRINTF ("Key : %S", key_name); |
674
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
292 profile_path = read_registry_string (HKEY_LOCAL_MACHINE, |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
293 key_path, L"ProfileImagePath"); |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
294 xfree (key_path); |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
295 |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
296 if (profile_path == NULL) |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
297 { |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
298 ERRORPRINTF ("Failed to get profile path."); |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
299 continue; |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
300 } |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
301 profile_path_len = strlen (profile_path); |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
302 str_append_str (&profile_path, &profile_path_len, "\\ntuser.dat", 11); |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
303 if (retval == NULL) |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
304 { |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
305 retval = xmalloc (sizeof (pkp_t)); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
306 cur_item = retval; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
307 } |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
308 else |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
309 { |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
310 cur_item->next = xmalloc (sizeof(pkp_t)); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
311 cur_item = cur_item->next; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
312 } |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
313 cur_item->hive_path = profile_path; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
314 cur_item->sid = wchar_to_utf8 (key_name, wcslen(key_name)); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
315 cur_item->next = NULL; |
674
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
316 |
f1795a232418
Implement reading registry entries for other users.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
671
diff
changeset
|
317 DEBUGPRINTF ("Trying to access registry hive: %s", profile_path); |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
318 } |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
319 |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
320 if (ret != ERROR_NO_MORE_ITEMS) |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
321 { |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
322 ERRORPRINTF ("Failed to enumeratre profile list. Error: %i", ret); |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
323 goto done; |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
324 } |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
325 |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
326 error = false; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
327 |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
328 done: |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
329 xfree (current_user); |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
330 |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
331 RegCloseKey (profile_list); |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
332 |
670
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
333 if (current_user_sid) |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
334 { |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
335 LocalFree (current_user_sid); |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
336 } |
175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents:
668
diff
changeset
|
337 |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
338 if (error) |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
339 { |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
340 pkp_t_free (retval); |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
341 retval = NULL; |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
342 } |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
343 |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
344 return retval; |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
345 } |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
346 |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
347 /** @brief Build the command line for the NSS installation process |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
348 * |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
349 * Caller has to free the return value |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
350 * |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
351 * @param [in] selection_file the certificates to install |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
352 * |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
353 * @returns the command line to install the certificates. */ |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
354 static wchar_t* |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
355 get_command_line(wchar_t *selection_file) |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
356 { |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
357 LPWSTR retval; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
358 char *install_dir = get_install_dir(); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
359 wchar_t *w_inst_dir; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
360 size_t cmd_line_len = 0; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
361 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
362 if (install_dir == NULL) |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
363 { |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
364 ERRORPRINTF ("Failed to get installation directory"); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
365 return NULL; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
366 } |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
367 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
368 w_inst_dir = utf8_to_wchar (install_dir, strlen(install_dir)); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
369 xfree (install_dir); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
370 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
371 if (w_inst_dir == NULL) |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
372 { |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
373 ERRORPRINTF ("Failed to convert installation directory"); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
374 return NULL; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
375 } |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
376 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
377 /* installdir + dirsep + quotes + process name + space + quotes + selection_file |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
378 + NULL */ |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
379 cmd_line_len = wcslen (w_inst_dir) + 1 + 2 + wcslen (NSS_APP_NAME) + |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
380 + 1 + 2 + wcslen(selection_file) + 1; |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
381 retval = xmalloc (cmd_line_len * sizeof(wchar_t)); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
382 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
383 wcscpy_s (retval, cmd_line_len, L"\""); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
384 wcscat_s (retval, cmd_line_len, w_inst_dir); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
385 wcscat_s (retval, cmd_line_len, L"\\"); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
386 wcscat_s (retval, cmd_line_len, NSS_APP_NAME); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
387 wcscat_s (retval, cmd_line_len, L"\" \""); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
388 wcscat_s (retval, cmd_line_len, selection_file); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
389 wcscat_s (retval, cmd_line_len, L"\""); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
390 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
391 return retval; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
392 } |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
393 |
676
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
394 /** @brief Increase the privileges of the current token to allow registry access |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
395 * |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
396 * To load another users registry you need SE_BACKUP_NAME and SE_RESTORE_NAME |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
397 * privileges. Normally if we are running elevated we can obtain them. |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
398 * |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
399 * @returns true if the privileges could be obtained. False otherwise |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
400 */ |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
401 static bool |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
402 get_backup_restore_priv() |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
403 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
404 HANDLE hToken = NULL; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
405 PTOKEN_PRIVILEGES psToken = NULL; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
406 DWORD token_size = 0, |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
407 dwI = 0, |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
408 token_size_new = 0, |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
409 privilege_size = 128; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
410 char privilege_name[128]; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
411 bool retval = false; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
412 bool backup_found = false; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
413 bool restore_found = false; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
414 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
415 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
416 if (!OpenProcessToken (GetCurrentProcess(), |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
417 TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
418 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
419 PRINTLASTERROR ("Failed to get process token."); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
420 return false; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
421 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
422 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
423 /* Get the size for the token */ |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
424 GetTokenInformation (hToken, TokenPrivileges, NULL, 0, &token_size); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
425 if (token_size == 0) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
426 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
427 PRINTLASTERROR ("Failed to get token size."); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
428 goto done; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
429 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
430 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
431 psToken = xmalloc(token_size); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
432 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
433 if (!GetTokenInformation (hToken, TokenPrivileges, psToken, token_size, &token_size_new)) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
434 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
435 PRINTLASTERROR ("Failed to get token information."); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
436 goto done; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
437 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
438 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
439 if (token_size != token_size_new) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
440 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
441 ERRORPRINTF ("Size changed."); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
442 goto done; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
443 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
444 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
445 for(dwI = 0; dwI < psToken->PrivilegeCount; dwI++) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
446 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
447 privilege_size = sizeof (privilege_name); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
448 if (!LookupPrivilegeNameA (NULL, &psToken->Privileges[dwI].Luid, |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
449 privilege_name, &privilege_size)) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
450 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
451 PRINTLASTERROR ("Failed to lookup privilege name"); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
452 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
453 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
454 if(strcmp(privilege_name, "SeRestorePrivilege") == 0) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
455 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
456 psToken->Privileges[dwI].Attributes |= SE_PRIVILEGE_ENABLED; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
457 restore_found = true; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
458 continue; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
459 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
460 if(strcmp(privilege_name, "SeBackupPrivilege") == 0) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
461 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
462 psToken->Privileges[dwI].Attributes |= SE_PRIVILEGE_ENABLED; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
463 backup_found = true; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
464 continue; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
465 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
466 if (backup_found && restore_found) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
467 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
468 break; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
469 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
470 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
471 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
472 if (backup_found && restore_found) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
473 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
474 if(!AdjustTokenPrivileges (hToken, 0, psToken, token_size, NULL, NULL)) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
475 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
476 PRINTLASTERROR ("Failed to adjust token privileges."); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
477 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
478 else |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
479 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
480 retval = true; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
481 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
482 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
483 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
484 done: |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
485 if (hToken != NULL) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
486 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
487 CloseHandle(hToken); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
488 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
489 xfree(psToken); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
490 return retval; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
491 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
492 |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
493 /**@brief Register NSS process as runOnce for other users |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
494 * |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
495 * Loads the registry hives of other users on the system and |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
496 * adds a RunOnce registry key to start the NSS process to |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
497 * install the current selection on their next login. |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
498 * |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
499 * This should avoid conflicts with their firefox / thunderbird |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
500 * while making the certificates available for their applications. |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
501 * |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
502 * This function needs SE_BACKUP_NAME and SE_RESTORE_NAME |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
503 * privileges. |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
504 * |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
505 * @param [in] selection_file filename of the file containing |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
506 * the users install / remove selection. |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
507 */ |
676
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
508 static void |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
509 register_proccesses_for_others (wchar_t *selection_file) |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
510 { |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
511 pkp_t *pkplist = locate_other_hives(), |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
512 *cur = NULL; |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
513 wchar_t *run_command = NULL; |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
514 |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
515 if (pkplist == NULL) |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
516 { |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
517 DEBUGPRINTF ("No hives found."); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
518 return; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
519 } |
676
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
520 |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
521 if (!get_backup_restore_priv()) |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
522 { |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
523 ERRORPRINTF ("Failed to obtain backup / restore privileges."); |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
524 return; |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
525 } |
cb40af11ec3a
Obtain privileges required for registry modification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
675
diff
changeset
|
526 |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
527 run_command = get_command_line (selection_file); |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
528 for (cur = pkplist; cur != NULL; cur = cur->next) |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
529 { |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
530 LONG ret = 0; |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
531 wchar_t *hivepath = utf8_to_wchar (cur->hive_path, strlen(cur->hive_path)); |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
532 HKEY key_handle = NULL; |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
533 bool key_loaded = false; |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
534 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
535 if (hivepath == NULL) |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
536 { |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
537 ERRORPRINTF ("Failed to read hive path"); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
538 continue; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
539 } |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
540 ret = RegLoadKeyW (HKEY_LOCAL_MACHINE, APPNAME L"_tmphive", hivepath); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
541 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
542 xfree (hivepath); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
543 hivepath = NULL; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
544 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
545 if (ret != ERROR_SUCCESS) |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
546 { |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
547 /* This is somewhat expected if the registry is not located |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
548 in the standard location or already loaded. Try to access |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
549 the loaded registry in that case*/ |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
550 wchar_t *user_key = NULL, |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
551 *w_sid = NULL; |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
552 size_t user_key_len = 0; |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
553 |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
554 SetLastError((DWORD)ret); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
555 PRINTLASTERROR ("Failed to load hive. Trying to access already loaded hive."); |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
556 |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
557 w_sid = utf8_to_wchar (cur->sid, strlen(cur->sid)); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
558 if (!w_sid) |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
559 { |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
560 ERRORPRINTF ("Failed to read sid."); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
561 continue; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
562 } |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
563 user_key_len = wcslen (L"\\" RUNONCE_PATH) + wcslen(w_sid) + 1; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
564 user_key = xmalloc (user_key_len * sizeof (wchar_t)); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
565 wcscpy_s (user_key, user_key_len, w_sid); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
566 wcscat_s (user_key, user_key_len, L"\\" RUNONCE_PATH); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
567 user_key[user_key_len - 1] = '\0'; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
568 xfree (w_sid); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
569 w_sid = NULL; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
570 |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
571 ret = RegOpenKeyExW (HKEY_USERS, |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
572 user_key, |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
573 0, |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
574 KEY_WRITE, |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
575 &key_handle); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
576 xfree (user_key); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
577 if (ret != ERROR_SUCCESS) |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
578 { |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
579 ERRORPRINTF ("Failed to find RunOnce key for sid: %s in HKEY_USERS.", cur->sid); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
580 continue; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
581 } |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
582 } |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
583 else |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
584 { |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
585 key_loaded = true; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
586 ret = RegOpenKeyExW (HKEY_LOCAL_MACHINE, |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
587 APPNAME L"_tmphive\\" RUNONCE_PATH, |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
588 0, |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
589 KEY_WRITE, |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
590 &key_handle); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
591 |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
592 if (ret != ERROR_SUCCESS) |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
593 { |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
594 ERRORPRINTF ("Failed to find RunOnce key in other registry."); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
595 RegUnLoadKey (HKEY_LOCAL_MACHINE, APPNAME L"_tmphive"); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
596 continue; |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
597 } |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
598 |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
599 } |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
600 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
601 ret = RegSetValueExW (key_handle, APPNAME, 0, REG_SZ, (LPBYTE) run_command, |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
602 (wcslen(run_command) + 1) * sizeof(wchar_t)); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
603 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
604 if (ret != ERROR_SUCCESS) |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
605 { |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
606 ERRORPRINTF ("Failed to write RunOnce key."); |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
607 } |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
608 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
609 RegCloseKey (key_handle); |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
610 if (key_loaded) |
677
85c5aa9aba2b
Improve error handling and use unicode function for unload
Andre Heinecke <andre.heinecke@intevation.de>
parents:
676
diff
changeset
|
611 { |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
612 ret = RegUnLoadKeyW (HKEY_LOCAL_MACHINE, APPNAME L"_tmphive"); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
613 if (ret != ERROR_SUCCESS) |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
614 { |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
615 SetLastError ((DWORD)ret); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
616 PRINTLASTERROR ("Failed to unload hive."); |
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
617 } |
677
85c5aa9aba2b
Improve error handling and use unicode function for unload
Andre Heinecke <andre.heinecke@intevation.de>
parents:
676
diff
changeset
|
618 } |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
619 } |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
620 |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
621 xfree (run_command); |
856
797aa8d9c785
(issue48) Fallback to HKEY_USERS on hive load failure
Andre Heinecke <andre.heinecke@intevation.de>
parents:
841
diff
changeset
|
622 pkp_t_free (pkplist); |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
623 } |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
624 |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
625 /**@brief Start the process to install / remove |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
626 * |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
627 * Starts the NSS installation process for the current user |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
628 * |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
629 * @param [in] selection_file filename of the file containing |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
630 * the users install / remove selection. |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
631 * |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
632 * @returns true on success, false on error. |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
633 */ |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
634 static bool |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
635 start_procces_for_user (wchar_t *selection_file) |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
636 { |
825
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
637 HANDLE hToken = NULL; |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
638 LPWSTR lpApplicationPath = NULL, |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
639 lpCommandLine = NULL; |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
640 PROCESS_INFORMATION piProcInfo = {0}; |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
641 STARTUPINFOW siStartInfo = {0}; |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
642 BOOL success = FALSE; |
825
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
643 char *install_dir = get_install_dir(); |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
644 wchar_t *w_inst_dir; |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
645 size_t w_path_len = 0; |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
646 |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
647 if (!selection_file) |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
648 { |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
649 ERRORPRINTF ("Invalid call\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
650 return false; |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
651 } |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
652 |
825
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
653 /* Set up the application path. It's installdir + NSS_APP_NAME */ |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
654 if (install_dir == NULL) |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
655 { |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
656 ERRORPRINTF ("Failed to get installation directory"); |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
657 return FALSE; |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
658 } |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
659 |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
660 w_inst_dir = utf8_to_wchar (install_dir, strlen(install_dir)); |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
661 xfree (install_dir); |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
662 install_dir = NULL; |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
663 |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
664 w_path_len = wcslen(w_inst_dir) + wcslen(L"\\" NSS_APP_NAME) + 1; |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
665 lpApplicationPath = xmalloc(w_path_len * sizeof (wchar_t)); |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
666 wcscpy_s (lpApplicationPath, w_path_len, w_inst_dir); |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
667 xfree (w_inst_dir); |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
668 w_inst_dir = NULL; |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
669 wcscat_s (lpApplicationPath, w_path_len, L"\\" NSS_APP_NAME); |
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
670 |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
671 /* set up handles. stdin and stdout go to the same stdout*/ |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
672 siStartInfo.cb = sizeof (STARTUPINFO); |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
673 |
824
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
674 if (is_elevated()) |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
675 { |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
676 /* Start the child process as normal user */ |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
677 hToken = get_restricted_token (); |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
678 if (hToken == NULL) |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
679 { |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
680 ERRORPRINTF ("Failed to get user level token."); |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
681 return false; |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
682 } |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
683 } |
a511c1f45c70
(Issue47) Drop privileges before executing NSS process.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
677
diff
changeset
|
684 else if(!OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken)) |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
685 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
686 PRINTLASTERROR("Failed to get current handle."); |
825
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
687 xfree (lpApplicationPath); |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
688 return false; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
689 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
690 |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
691 lpCommandLine = get_command_line (selection_file); |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
692 |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
693 if (lpCommandLine == NULL) |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
694 { |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
695 ERRORPRINTF ("Failed to build command line."); |
825
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
696 xfree (lpApplicationPath); |
675
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
697 return false; |
4ad764bfb39c
Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents:
674
diff
changeset
|
698 } |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
699 |
825
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
700 DEBUGPRINTF ("Starting %S with command line %S\n", lpApplicationPath, lpCommandLine); |
392
8090a1bc1b5b
Add a space in the command line
Andre Heinecke <andre.heinecke@intevation.de>
parents:
391
diff
changeset
|
701 |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
702 success = CreateProcessAsUserW (hToken, |
825
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
703 lpApplicationPath, |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
704 lpCommandLine, /* Commandline */ |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
705 NULL, /* Process attributes. Take hToken */ |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
706 NULL, /* Thread attribues. Take hToken */ |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
707 FALSE, /* Inherit Handles */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
708 0, /* Creation flags. */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
709 NULL, /* Inherit environment */ |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
710 NULL, /* Current working directory */ |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
711 &siStartInfo, |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
712 &piProcInfo); |
825
24e1e47e2d1a
Start NSS process only from the current installation directory
Andre Heinecke <andre.heinecke@intevation.de>
parents:
824
diff
changeset
|
713 xfree (lpApplicationPath); |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
714 xfree (lpCommandLine); |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
715 if (!success) |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
716 { |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
717 PRINTLASTERROR ("Failed to create process.\n"); |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
718 return false; |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
719 } |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
720 |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
721 if (WaitForSingleObject (piProcInfo.hProcess, PROCESS_TIMEOUT) != WAIT_OBJECT_0) |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
722 { |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
723 /* Should not happen... */ |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
724 ERRORPRINTF ("Failed to wait for process.\n"); |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
725 if (piProcInfo.hProcess) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
726 CloseHandle (piProcInfo.hProcess); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
727 if (piProcInfo.hThread) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
728 CloseHandle (piProcInfo.hThread); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
729 return false; |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
730 } |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
731 if (piProcInfo.hProcess) |
330
1e6d1eab8395
Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents:
329
diff
changeset
|
732 CloseHandle (piProcInfo.hProcess); |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
733 if (piProcInfo.hThread) |
330
1e6d1eab8395
Fix NSS unit test for Windows and change how instructions are written
Andre Heinecke <aheinecke@intevation.de>
parents:
329
diff
changeset
|
734 CloseHandle (piProcInfo.hThread); |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
735 return true; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
736 } |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
737 |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
738 /**@brief Create a directory with restricted access rights |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
739 * |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
740 * This creates a security attributes structure that restricts |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
741 * write access to the Administrators group but allows everyone to read files |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
742 * in that directory. |
363
d10d9bc2e84f
Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents:
360
diff
changeset
|
743 * Basically a very complicated version of mkdir path -m 644 |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
744 * |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
745 * If the directory exists the permissions of that directory are checked if |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
746 * they are acceptable and true or false is returned accordingly. |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
747 * |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
748 * Code based on msdn example: |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
749 * http://msdn.microsoft.com/en-us/library/windows/desktop/aa446595%28v=vs.85%29.aspx |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
750 * |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
751 * @param[in] path Path of the directory to create |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
752 * |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
753 * @returns true on success of if the directory exists, false on error |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
754 */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
755 bool |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
756 create_restricted_directory (LPWSTR path) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
757 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
758 bool retval = false; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
759 PSID everyone_SID = NULL, |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
760 admin_SID = NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
761 PACL access_control_list = NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
762 PSECURITY_DESCRIPTOR descriptor = NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
763 EXPLICIT_ACCESS explicit_access[2]; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
764 SID_IDENTIFIER_AUTHORITY world_identifier = {SECURITY_WORLD_SID_AUTHORITY}, |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
765 admin_identifier = {SECURITY_NT_AUTHORITY}; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
766 SECURITY_ATTRIBUTES security_attributes; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
767 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
768 ZeroMemory(&security_attributes, sizeof(security_attributes)); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
769 ZeroMemory(&explicit_access, 2 * sizeof(EXPLICIT_ACCESS)); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
770 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
771 /* Create a well-known SID for the Everyone group. */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
772 if(!AllocateAndInitializeSid(&world_identifier, /* top-level identifier */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
773 1, /* subauthorties count */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
774 SECURITY_WORLD_RID, /* Only one authority */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
775 0, 0, 0, 0, 0, 0, 0, /* No other authorities*/ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
776 &everyone_SID)) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
777 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
778 PRINTLASTERROR ("Failed to allocate world sid.\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
779 return false; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
780 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
781 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
782 /* Initialize the first EXPLICIT_ACCESS structure for an ACE. |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
783 to allow everyone read access */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
784 explicit_access[0].grfAccessPermissions = GENERIC_READ; /* Give read access */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
785 explicit_access[0].grfAccessMode = SET_ACCESS; /* Overwrite other access for all users */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
786 explicit_access[0].grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT; /* make it stick */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
787 explicit_access[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
788 explicit_access[0].Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
789 explicit_access[0].Trustee.ptstrName = (LPTSTR) everyone_SID; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
790 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
791 /* Create the SID for the BUILTIN\Administrators group. */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
792 if(!AllocateAndInitializeSid(&admin_identifier, |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
793 2, |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
794 SECURITY_BUILTIN_DOMAIN_RID, /*BUILTIN\ */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
795 DOMAIN_ALIAS_RID_ADMINS, /*\Administrators */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
796 0, 0, 0, 0, 0, 0, /* No other */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
797 &admin_SID)) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
798 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
799 PRINTLASTERROR ("Failed to allocate admin sid."); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
800 goto done; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
801 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
802 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
803 /* explicit_access[1] grants admins full rights for this object and inherits |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
804 it to the children */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
805 explicit_access[1].grfAccessPermissions = GENERIC_ALL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
806 explicit_access[1].grfAccessMode = SET_ACCESS; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
807 explicit_access[1].grfInheritance = SUB_CONTAINERS_AND_OBJECTS_INHERIT; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
808 explicit_access[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
809 explicit_access[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
810 explicit_access[1].Trustee.ptstrName = (LPTSTR) admin_SID; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
811 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
812 /* Set up the ACL structure. */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
813 if (ERROR_SUCCESS != SetEntriesInAcl(2, explicit_access, NULL, &access_control_list)) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
814 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
815 PRINTLASTERROR ("Failed to set up Acl."); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
816 goto done; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
817 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
818 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
819 /* Initialize a security descriptor */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
820 descriptor = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
821 SECURITY_DESCRIPTOR_MIN_LENGTH); |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
822 if (descriptor == NULL) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
823 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
824 PRINTLASTERROR("Failed to allocate descriptor."); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
825 goto done; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
826 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
827 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
828 if (!InitializeSecurityDescriptor(descriptor, |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
829 SECURITY_DESCRIPTOR_REVISION)) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
830 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
831 PRINTLASTERROR("Failed to initialize descriptor."); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
832 goto done; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
833 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
834 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
835 /* Now we add the ACL to the the descriptor */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
836 if (!SetSecurityDescriptorDacl(descriptor, |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
837 TRUE, /* bDaclPresent flag */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
838 access_control_list, |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
839 FALSE)) /* not a default DACL */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
840 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
841 PRINTLASTERROR("Failed to set security descriptor."); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
842 goto done; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
843 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
844 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
845 /* Finally set up the security attributes structure */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
846 security_attributes.nLength = sizeof (SECURITY_ATTRIBUTES); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
847 security_attributes.lpSecurityDescriptor = descriptor; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
848 security_attributes.bInheritHandle = FALSE; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
849 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
850 /* Use the security attributes to create the directory */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
851 if (!CreateDirectoryW(path, &security_attributes)) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
852 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
853 DWORD err = GetLastError(); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
854 if (err == ERROR_ALREADY_EXISTS) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
855 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
856 /* Verify that the directory has the correct rights */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
857 // TODO |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
858 retval = true; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
859 goto done; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
860 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
861 ERRORPRINTF ("Failed to create directory. Err: %lu", err); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
862 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
863 retval = true; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
864 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
865 done: |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
866 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
867 if (everyone_SID) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
868 FreeSid(everyone_SID); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
869 if (admin_SID) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
870 FreeSid(admin_SID); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
871 if (access_control_list) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
872 LocalFree(access_control_list); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
873 if (descriptor) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
874 LocalFree(descriptor); |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
875 |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
876 return retval; |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
877 } |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
878 |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
879 /**@brief Writes the selection file containing the instructions |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
880 * |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
881 * If the process is running elevated the instructions are |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
882 * written to the global ProgramData directory otherwise |
826
4aa33c408776
Remove TODO windows gracefully handles the case where the data directory is not accessible.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
825
diff
changeset
|
883 * they are written in the directory of the current user. |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
884 * |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
885 * If the return value is not NULL it needs to be freed by the caller. |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
886 * The returned path will contain backslashes as directory seperators. |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
887 * |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
888 * @param[in] to_install Certificates that should be installed |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
889 * @param[in] to_remove Certificates that should be removed |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
890 * @returns pointer to the absolute filename of the selection file or NULL |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
891 */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
892 wchar_t * |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
893 write_selection_file (char **to_install, char **to_remove) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
894 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
895 wchar_t *folder_name = NULL, |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
856
diff
changeset
|
896 *path = NULL; |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
897 HRESULT result = E_FAIL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
898 HANDLE hFile = NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
899 size_t path_len; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
900 |
363
d10d9bc2e84f
Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents:
360
diff
changeset
|
901 result = SHGetKnownFolderPath (&FOLDERID_ProgramData, /* Get program data dir */ |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
902 KF_FLAG_CREATE | /* Create if it does not exist */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
903 KF_FLAG_INIT, /* Initialize it if created */ |
363
d10d9bc2e84f
Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents:
360
diff
changeset
|
904 INVALID_HANDLE_VALUE, /* Get it for the default user */ |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
905 &folder_name); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
906 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
907 if (result != S_OK) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
908 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
909 PRINTLASTERROR ("Failed to get folder path"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
910 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
911 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
912 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
913 path_len = wcslen (folder_name) + wcslen (APPNAME) + 2; /* path + dirsep + \0 */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
914 path_len += wcslen (SELECTION_FILE_NAME) + 1; /* filename + dirsep */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
915 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
916 if (path_len >= MAX_PATH) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
917 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
918 /* We could go and use the full 32,767 characters but this |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
919 should be a very weird setup if this is neccessary. */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
920 ERRORPRINTF ("Path too long.\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
921 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
922 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
923 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
924 path = xmalloc (path_len * sizeof (wchar_t)); |
363
d10d9bc2e84f
Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents:
360
diff
changeset
|
925 if (wcscpy_s (path, path_len, folder_name) != 0) |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
926 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
927 ERRORPRINTF ("Failed to copy folder name.\n"); |
363
d10d9bc2e84f
Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents:
360
diff
changeset
|
928 |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
929 CoTaskMemFree (folder_name); |
363
d10d9bc2e84f
Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents:
360
diff
changeset
|
930 |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
931 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
932 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
933 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
934 CoTaskMemFree (folder_name); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
935 |
363
d10d9bc2e84f
Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents:
360
diff
changeset
|
936 if (wcscat_s (path, path_len, L"\\") != 0) |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
937 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
938 ERRORPRINTF ("Failed to cat dirsep.\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
939 xfree(path); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
940 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
941 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
942 |
363
d10d9bc2e84f
Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents:
360
diff
changeset
|
943 if (wcscat_s (path, path_len, APPNAME) != 0) |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
944 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
945 ERRORPRINTF ("Failed to cat appname.\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
946 xfree(path); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
947 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
948 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
949 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
950 /* Security: if someone has created this directory before |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
951 it might be a symlink to another place that a users |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
952 wants us to grant read access to or makes us overwrite |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
953 something */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
954 if(!create_restricted_directory (path)) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
955 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
956 ERRORPRINTF ("Failed to create directory\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
957 xfree(path); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
958 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
959 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
960 |
363
d10d9bc2e84f
Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents:
360
diff
changeset
|
961 if (wcscat_s (path, path_len, L"\\") != 0) |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
962 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
963 ERRORPRINTF ("Failed to cat dirsep.\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
964 xfree(path); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
965 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
966 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
967 |
363
d10d9bc2e84f
Update Windows api usage. Warning: To build on windows you need
Andre Heinecke <aheinecke@intevation.de>
parents:
360
diff
changeset
|
968 if (wcscat_s (path, path_len, SELECTION_FILE_NAME) != 0) |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
969 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
970 ERRORPRINTF ("Failed to cat filename.\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
971 xfree(path); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
972 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
973 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
974 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
975 hFile = CreateFileW(path, |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
976 GENERIC_WRITE, |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
977 0, /* don't share */ |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
978 NULL, /* use the security attributes from the folder */ |
489
a9da8e4eeff7
Fix instruction writing for Windows.
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
979 OPEN_ALWAYS | TRUNCATE_EXISTING, |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
980 0, |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
981 NULL); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
982 |
502
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
983 if (hFile == INVALID_HANDLE_VALUE && GetLastError() == ERROR_FILE_NOT_FOUND) |
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
984 { |
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
985 hFile = CreateFileW(path, |
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
986 GENERIC_WRITE, |
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
987 0, /* don't share */ |
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
988 NULL, /* use the security attributes from the folder */ |
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
989 CREATE_NEW, |
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
990 0, |
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
991 NULL); |
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
992 } |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
993 if (hFile == INVALID_HANDLE_VALUE) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
994 { |
502
e551de11d8b6
Properly handle the case that the file does not exist.
Andre Heinecke <aheinecke@intevation.de>
parents:
489
diff
changeset
|
995 PRINTLASTERROR ("Failed to create file\n"); |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
996 xfree(path); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
997 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
998 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
999 if (!write_instructions (to_install, hFile, false)) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1000 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1001 ERRORPRINTF ("Failed to write install instructions.\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1002 CloseHandle(hFile); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1003 xfree(path); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1004 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1005 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1006 if (!write_instructions (to_remove, hFile, true)) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1007 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1008 ERRORPRINTF ("Failed to write remove instructions.\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1009 CloseHandle(hFile); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1010 xfree(path); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1011 return NULL; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1012 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1013 CloseHandle(hFile); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1014 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1015 return path; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1016 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1017 |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1018 int |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1019 write_stores_nss (char **to_install, char **to_remove) |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1020 { |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1021 wchar_t *selection_file_name = NULL; |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1022 |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1023 selection_file_name = write_selection_file (to_install, to_remove); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1024 if (!selection_file_name) |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1025 { |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1026 ERRORPRINTF ("Failed to write instructions.\n"); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1027 return -1; |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1028 } |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1029 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1030 DEBUGPRINTF ("Wrote selection file. Loc: %S\n", selection_file_name); |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1031 |
668
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
1032 if (is_elevated()) |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
1033 { |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
1034 register_proccesses_for_others (selection_file_name); |
ef6d3dc9e930
Framework for NSS multiuser installation on windows
Andre Heinecke <andre.heinecke@intevation.de>
parents:
665
diff
changeset
|
1035 } |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1036 |
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1037 if (!start_procces_for_user (selection_file_name)) |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1038 { |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1039 ERRORPRINTF ("Failed to run NSS installation process.\n"); |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1040 xfree(selection_file_name); |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1041 return -1; |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1042 } |
360
c0eac5c8c245
Keep working on nssstore_win and clarify its specification
Andre Heinecke <andre.heinecke@intevation.de>
parents:
330
diff
changeset
|
1043 xfree(selection_file_name); |
324
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1044 return 0; |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1045 } |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1046 |
eff8e7ce4dae
Add first compiling implementation of nssstore_win.c
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1047 #endif |