annotate common/util.h @ 1338:ba7e36306085

(issue164) README updated.
author Emanuel Schuetze <emanuel@intevation.de>
date Thu, 16 Oct 2014 15:00:52 +0200
parents 8362e30f7b55
children
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 323
diff changeset
7 */
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
8 #ifndef COMMON_UTIL_H
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
9 #define COMMON_UTIL_H
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
10 /* @file util.h
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
11 * @brief The usual useful stuff that fit nowhere else
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
12 */
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
13 #include <stdbool.h>
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
14
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
15 #ifdef WIN32
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
16 #include <windows.h>
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
17 #include <psapi.h>
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
18 #endif
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
19
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
20 #ifdef __cplusplus
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
21 extern "C" {
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
22 #endif
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
23
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
24 #ifndef WIN32
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
25 /**@def Some value to use as equivalent as MAX_PATH on windows */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
26 #define MAX_PATH_LINUX 4000
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
27 #endif
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
28
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
29 /**@brief Check if the current process is running with elevated privileges.
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
30 *
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
31 * Elevates the current process token to check if it is marked as elevated.
323
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
32 * Uses TokenElevation on windows and checks effective UID on Linux.
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
33 *
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
34 * @returns true if the current process is elevated.*/
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
35 bool is_elevated();
323
31ba7ed4d50f Made is_elevated portable.
Sascha Wilde <wilde@intevation.de>
parents: 321
diff changeset
36
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
37 /**@brief Check if the Software is installed system wide
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
38 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
39 * On Windows this checks if a registry key under HKLM exists for
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
40 * trustbridge and that the installation path mentioned there matches
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
41 * the current module path.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
42 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
43 * On linux this looks for the installation configuration in /etc
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
44 * and checks if the current process is inside the installation prefix.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
45 *
1053
78798d3af8f0 Fixed doxygen build warnings.
Emanuel Schuetze <emanuel@intevation.de>
parents: 1030
diff changeset
46 * The checked path is limited to MAX_PATH on Windows and \@MAX_PATH_LINUX on
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
47 * Linux.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
48 */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
49 bool is_system_install();
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
50
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
51 /**@brief Check if the user is in the administrators group.
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
52 *
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
53 * The function checks if the account that startet this process
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
54 * belongs to a user that is a member of the Administrators group.
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
55 *
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
56 * @returns True if the user is in the admin group. False otherwise or on error.
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
57 */
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
58 bool is_admin();
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
59
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
60 /**@brief Get the directory in which the current process resides in
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
61 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
62 * Look up the directory in which the current process is placed.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
63 * If the path is longer then MAX_PATH NULL is returned.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
64 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
65 * Returns a utf-8 encoded string that has to be freed by the caller
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
66 * on linux the path is returned as is including the last /.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
67 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
68 * @returns The directory of the current process
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
69 */
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
70 char * get_install_dir();
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
71
1332
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
72 #ifndef WIN32
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
73 /**@brief Get the directory in which the process proc resides in
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
74 *
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
75 * Look up the directory in which the process proc is placed.
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
76 * If the path is longer then MAX_PATH NULL is returned.
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
77 *
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
78 * Returns a utf-8 encoded string that has to be freed by the caller
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
79 * on linux the path is returned as is including the last /.
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
80 *
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
81 * @param[in] A process id or special name from the proc file system.
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
82 *
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
83 * @returns The directory of the process
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
84 */
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
85 char * get_proc_install_dir(const char *proc);
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
86 #endif
8362e30f7b55 (issue139) Check that pid is not running if the lock can be aquired
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1208
diff changeset
87
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
88 #ifdef WIN32
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
89 /**@brief Get a copy of the processes owner sid
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
90 *
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
91 * Copy the SID of the owner of the process hProcess.
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
92 *
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
93 * The returned sid structure has to be freed with free by the caller
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
94 *
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
95 * @param[in] hProcess A handle to the process whose user should be obtained.
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
96 * The process must have the PROCESS_QUERY_INFORMATION access permission.
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
97 *
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
98 * @returns A copy of the process owners sid or NULL on error.
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
99 */
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
100 PSID get_process_owner(HANDLE hProcess);
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 670
diff changeset
101
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
102 /**@brief Read (and expand if necessary) a registry string.
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 670
diff changeset
103 *
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
104 * Reads a registry string and calls ExpandEnvironmentString
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
105 * if necessary on it. Returns a newly allocated string array
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
106 * with the expanded registry value converted to UTF-8
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 670
diff changeset
107 *
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
108 * Caller has to free return value with free.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
109 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
110 * @param [in] root the root key (e.g. HKEY_LOCAL_MACHINE)
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
111 * @param [in] key the key
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
112 * @param [in] name the name of the value to read.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
113 *
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
114 * @returns the expanded, null terminated utf-8 string of the value.
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
115 * or NULL on error.
675
4ad764bfb39c Add writing of the NSS line into the registry
Andre Heinecke <andre.heinecke@intevation.de>
parents: 670
diff changeset
116 */
841
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
117 char * read_registry_string (const HKEY root, const wchar_t *key,
216a65d7fc4b (issue66) Implement is_system_install and use it
Andre Heinecke <andre.heinecke@intevation.de>
parents: 675
diff changeset
118 const wchar_t *name);
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
119
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
120 /**@brief Get the utf-8 encoded path to the program files folder.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
121 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
122 * Uses SHGetKnownFolderPath to look up the ProgramFiles folder.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
123 * @returns a newly allocated string containing the value or NULL on
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
124 * error.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
125 */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
126 char * get_program_files_folder ();
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
127
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
128 /**@brief Get the path to the program data folder.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
129 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
130 * Uses SHGetKnownFolderPath to look up the ProgramData folder.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
131 * The return value should be freed with CoTaskMemFree
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
132 * @returns a reference containing the value or NULL on error.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
133 */
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
134 wchar_t * get_program_data_folder ();
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
135
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
136 /**@brief Create a directory with restricted access rights
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
137 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
138 * This creates a security attributes structure that restricts
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
139 * write access to the Administrators group but allows everyone to read files
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
140 * in that directory.
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
141 * Basically a very complicated version of mkdir path -m 644
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
142 *
1208
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1118
diff changeset
143 * If the directory exists and propagate_acl is set the permissions
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1118
diff changeset
144 * of that directory are overwritten with the DACL that would have
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1118
diff changeset
145 * been used to create the directory.
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
146 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
147 * Code based on msdn example:
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
148 * http://msdn.microsoft.com/en-us/library/windows/desktop/aa446595%28v=vs.85%29.aspx
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
149 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
150 * @param[in] path Path of the directory to create
1070
f110a3f6e387 (issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1053
diff changeset
151 * @param[in] propagate_acl weather or not objects should inherit
f110a3f6e387 (issue114) Fine tune ACL propagation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1053
diff changeset
152 * the ACL of this directory.
1208
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1118
diff changeset
153 * @param[out] rACL optional pointer to an PACL pointer that should be
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1118
diff changeset
154 * the returned value. If rACL is not NULL the caller needs to free the
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1118
diff changeset
155 * returned pointer with LocalFree.
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
156 *
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
157 * @returns true on success of if the directory exists, false on error
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
158 */
1208
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1118
diff changeset
159 bool create_restricted_directory (LPWSTR path, bool propagate_acl, PACL *rACL);
983
427e2e18b8c8 Move Shell functions into util
Andre Heinecke <andre.heinecke@intevation.de>
parents: 841
diff changeset
160
1208
0a803c3fb5a6 (issue138) Set the ACL explictly on existing files or directories
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1118
diff changeset
161 /**@brief Check the integrity level of the token
1029
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
162 *
1030
76cae27b5d83 Clarify doc of has_high_integrity
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1029
diff changeset
163 * Returns true if the token has at least SECURITY_MANADTORY_HIGH_RID or
76cae27b5d83 Clarify doc of has_high_integrity
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1029
diff changeset
164 * higher.
1029
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
165 *
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
166 * @param[in] hToken the Token to check
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
167 *
1030
76cae27b5d83 Clarify doc of has_high_integrity
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1029
diff changeset
168 * @returns true if the token has at least high integrity. False on error
76cae27b5d83 Clarify doc of has_high_integrity
Andre Heinecke <andre.heinecke@intevation.de>
parents: 1029
diff changeset
169 * or otherwise.
1029
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
170 */
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
171 bool has_high_integrity(HANDLE hToken);
6684e5012b7a (issue98) Set integrity level to medium on restricted token and
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
172
1010
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
173 /** @brief get a restricted access token to execute nss process
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
174 *
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
175 * This function uses the Software Restriction API to obtain the
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
176 * access token for a process run als normal user.
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
177 *
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
178 * @returns A restricted handle or NULL on error.
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
179 */
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
180 HANDLE get_restricted_token();
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
181
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
182 /** @brief get a normal user access token
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
183 *
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
184 * The trusted acces token is not elevated but has the normal user rights.
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
185 *
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
186 * @returns A normal user handle or NULL on error.
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
187 */
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
188 HANDLE get_normal_token();
1c1964c27b39 (issue54) commit work in progress on start after installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 983
diff changeset
189
670
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
190 #endif
175370634226 Move getProcessOwner to util and use it to skip the current user in locate other hives
Andre Heinecke <andre.heinecke@intevation.de>
parents: 505
diff changeset
191
505
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
192 #ifdef __cplusplus
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
193 }
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
194 #endif
78959fd970b0 Add is_admin and implement it for windows
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
195
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
diff changeset
196 #endif // COMMON_UTIL_H

http://wald.intevation.org/projects/trustbridge/