Mercurial > trustbridge
comparison cinst/nssstore_win.c @ 670:175370634226
Move getProcessOwner to util and use it to skip the current user in locate other hives
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Fri, 27 Jun 2014 10:27:08 +0200 |
| parents | ef6d3dc9e930 |
| children | d4766b4922c9 |
comparison
equal
deleted
inserted
replaced
| 669:7147550ee15d | 670:175370634226 |
|---|---|
| 37 process on login to make sure it is launched once in the | 37 process on login to make sure it is launched once in the |
| 38 security context of that user. | 38 security context of that user. |
| 39 */ | 39 */ |
| 40 | 40 |
| 41 #include <windows.h> | 41 #include <windows.h> |
| 42 #include <sddl.h> | |
| 42 #include <stdio.h> | 43 #include <stdio.h> |
| 43 #include <stdbool.h> | 44 #include <stdbool.h> |
| 44 #include <userenv.h> | 45 #include <userenv.h> |
| 45 #include <io.h> | 46 #include <io.h> |
| 46 #include <accctrl.h> | 47 #include <accctrl.h> |
| 162 /* According to | 163 /* According to |
| 163 http://msdn.microsoft.com/en-us/library/windows/desktop/ms724872%28v=vs.85%29.aspx | 164 http://msdn.microsoft.com/en-us/library/windows/desktop/ms724872%28v=vs.85%29.aspx |
| 164 a registry key is limited to 255 characters. But according to | 165 a registry key is limited to 255 characters. But according to |
| 165 http://www.sepago.de/e/holger/2010/07/20/how-long-can-a-registry-key-name-really-be | 166 http://www.sepago.de/e/holger/2010/07/20/how-long-can-a-registry-key-name-really-be |
| 166 the actual limit is 256 + \0 thus we create a buffer for 257 wchar_t's*/ | 167 the actual limit is 256 + \0 thus we create a buffer for 257 wchar_t's*/ |
| 167 wchar_t key_name[257]; | 168 wchar_t key_name[257], |
| 169 *current_user_sid = NULL; | |
| 168 char **retval = NULL; | 170 char **retval = NULL; |
| 169 bool error = true; | 171 bool error = true; |
| 172 PSID current_user = NULL; | |
| 170 | 173 |
| 171 ret = RegOpenKeyExW (HKEY_LOCAL_MACHINE, PROFILE_LIST, 0, | 174 ret = RegOpenKeyExW (HKEY_LOCAL_MACHINE, PROFILE_LIST, 0, |
| 172 KEY_READ, &profile_list); | 175 KEY_READ, &profile_list); |
| 173 if (ret != ERROR_SUCCESS) | 176 if (ret != ERROR_SUCCESS) |
| 174 { | 177 { |
| 175 ERRORPRINTF ("Failed to open profile list. Error: %i", ret); | 178 ERRORPRINTF ("Failed to open profile list. Error: %i", ret); |
| 176 return NULL; | 179 return NULL; |
| 177 } | 180 } |
| 178 | 181 |
| 182 | |
| 183 /* Obtain the current user sid to prevent it from being returned. */ | |
| 184 current_user = get_process_owner (GetCurrentProcess()); | |
| 185 | |
| 186 if (!current_user) | |
| 187 { | |
| 188 ERRORPRINTF ("Failed to get the current user."); | |
| 189 goto done; | |
| 190 } | |
| 191 | |
| 192 if (!ConvertSidToStringSidW (current_user, ¤t_user_sid)) | |
| 193 { | |
| 194 PRINTLASTERROR ("Failed to convert sid to string."); | |
| 195 goto done; | |
| 196 } | |
| 197 | |
| 179 while ((ret = RegEnumKeyExW (profile_list, index++, | 198 while ((ret = RegEnumKeyExW (profile_list, index++, |
| 180 key_name, &key_len, | 199 key_name, &key_len, |
| 181 NULL, NULL, NULL, NULL)) == ERROR_SUCCESS) | 200 NULL, NULL, NULL, NULL)) == ERROR_SUCCESS) |
| 182 { | 201 { |
| 183 if (key_len == 257) | 202 if (key_len == 257) |
| 184 { | 203 { |
| 185 ERRORPRINTF ("Registry key too long."); | 204 ERRORPRINTF ("Registry key too long."); |
| 186 goto done; | 205 goto done; |
| 187 } | 206 } |
| 188 DEBUGPRINTF ("Key : %S", key_name); | |
| 189 | 207 |
| 190 /* Reset key_len to buffer size */ | 208 /* Reset key_len to buffer size */ |
| 191 key_len = 257; | 209 key_len = 257; |
| 192 | 210 |
| 193 if (wcsncmp (L"S-1-5-21-", key_name, 9) != 0) | 211 if (wcsncmp (L"S-1-5-21-", key_name, 9) != 0 || |
| 194 { | 212 wcscmp (current_user_sid, key_name) == 0) |
| 195 /* S-1-5-21 is the well known prefix for local users. Skip all others */ | 213 { |
| 214 /* S-1-5-21 is the well known prefix for local users. Skip all | |
| 215 others and the current user*/ | |
| 196 continue; | 216 continue; |
| 197 } | 217 } |
| 218 | |
| 219 DEBUGPRINTF ("Key : %S", key_name); | |
| 198 } | 220 } |
| 199 | 221 |
| 200 if (ret != ERROR_NO_MORE_ITEMS) | 222 if (ret != ERROR_NO_MORE_ITEMS) |
| 201 { | 223 { |
| 202 ERRORPRINTF ("Failed to enumeratre profile list. Error: %i", ret); | 224 ERRORPRINTF ("Failed to enumeratre profile list. Error: %i", ret); |
| 203 goto done; | 225 goto done; |
| 204 } | 226 } |
| 205 | 227 |
| 206 done: | 228 done: |
| 229 xfree (current_user); | |
| 230 | |
| 207 RegCloseKey (profile_list); | 231 RegCloseKey (profile_list); |
| 232 | |
| 233 if (current_user_sid) | |
| 234 { | |
| 235 LocalFree (current_user_sid); | |
| 236 } | |
| 208 | 237 |
| 209 if (error) | 238 if (error) |
| 210 { | 239 { |
| 211 strv_free (retval); | 240 strv_free (retval); |
| 212 retval = NULL; | 241 retval = NULL; |