view common/util.h @ 1287:d3d66d43365f

Merged
author Emanuel Schuetze <emanuel@intevation.de>
date Mon, 29 Sep 2014 13:02:41 +0200
parents 0a803c3fb5a6
children 8362e30f7b55
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#ifndef COMMON_UTIL_H
#define COMMON_UTIL_H
/* @file util.h
 * @brief The usual useful stuff that fit nowhere else
 */
#include <stdbool.h>

#ifdef WIN32
#include <windows.h>
#include <psapi.h>
#endif

#ifdef __cplusplus
extern "C" {
#endif

#ifndef WIN32
/**@def Some value to use as equivalent as MAX_PATH on windows */
#define MAX_PATH_LINUX 4000
#endif

/**@brief Check if the current process is running with elevated privileges.
 *
 * Elevates the current process token to check if it is marked as elevated.
 * Uses TokenElevation on windows and checks effective UID on Linux.
 *
 * @returns true if the current process is elevated.*/
bool is_elevated();

/**@brief Check if the Software is installed system wide
 *
 * On Windows this checks if a registry key under HKLM exists for
 * trustbridge and that the installation path mentioned there matches
 * the current module path.
 *
 * On linux this looks for the installation configuration in /etc
 * and checks if the current process is inside the installation prefix.
 *
 * The checked path is limited to MAX_PATH on Windows and \@MAX_PATH_LINUX on
 * Linux.
 */
bool is_system_install();

/**@brief Check if the user is in the administrators group.
 *
 * The function checks if the account that startet this process
 * belongs to a user that is a member of the Administrators group.
 *
 * @returns True if the user is in the admin group. False otherwise or on error.
 */
bool is_admin();

/**@brief Get the directory in which the current process resides in
 *
 * Look up the directory in which the current process is placed.
 * If the path is longer then MAX_PATH NULL is returned.
 *
 * Returns a utf-8 encoded string that has to be freed by the caller
 * on linux the path is returned as is including the last /.
 *
 * @returns The directory of the current process
 */
char * get_install_dir();

#ifdef WIN32
/**@brief Get a copy of the processes owner sid
 *
 * Copy the SID of the owner of the process hProcess.
 *
 * The returned sid structure has to be freed with free by the caller
 *
 * @param[in] hProcess A handle to the process whose user should be obtained.
 * The process must have the PROCESS_QUERY_INFORMATION access permission.
 *
 * @returns A copy of the process owners sid or NULL on error.
 */
PSID get_process_owner(HANDLE hProcess);

/**@brief Read (and expand if necessary) a registry string.
 *
 * Reads a registry string and calls ExpandEnvironmentString
 * if necessary on it. Returns a newly allocated string array
 * with the expanded registry value converted to UTF-8
 *
 * Caller has to free return value with free.
 *
 * @param [in] root the root key (e.g. HKEY_LOCAL_MACHINE)
 * @param [in] key the key
 * @param [in] name the name of the value to read.
 *
 * @returns the expanded, null terminated utf-8 string of the value.
 *          or NULL on error.
 */
char * read_registry_string (const HKEY root, const wchar_t *key,
                             const wchar_t *name);

/**@brief Get the utf-8 encoded path to the program files folder.
 *
 * Uses SHGetKnownFolderPath to look up the ProgramFiles folder.
 * @returns a newly allocated string containing the value or NULL on
 * error.
 */
char * get_program_files_folder ();

/**@brief Get the path to the program data folder.
 *
 * Uses SHGetKnownFolderPath to look up the ProgramData folder.
 * The return value should be freed with CoTaskMemFree
 * @returns a reference containing the value or NULL on error.
 */
wchar_t * get_program_data_folder ();

/**@brief Create a directory with restricted access rights
  *
  * This creates a security attributes structure that restricts
  * write access to the Administrators group but allows everyone to read files
  * in that directory.
  * Basically a very complicated version of mkdir path -m 644
  *
  * If the directory exists and propagate_acl is set the permissions
  * of that directory are overwritten with the DACL that would have
  * been used to create the directory.
  *
  * Code based on msdn example:
  * http://msdn.microsoft.com/en-us/library/windows/desktop/aa446595%28v=vs.85%29.aspx
  *
  * @param[in] path Path of the directory to create
  * @param[in] propagate_acl weather or not objects should inherit
  * the ACL of this directory.
  * @param[out] rACL optional pointer to an PACL pointer that should be
  * the returned value. If rACL is not NULL the caller needs to free the
  * returned pointer with LocalFree.
  *
  * @returns true on success of if the directory exists, false on error
  */
bool create_restricted_directory (LPWSTR path, bool propagate_acl, PACL *rACL);

/**@brief Check the integrity level of the token
  *
  * Returns true if the token has at least SECURITY_MANADTORY_HIGH_RID or
  * higher.
  *
  * @param[in] hToken the Token to check
  *
  * @returns true if the token has at least high integrity. False on error
  * or otherwise.
  */
bool has_high_integrity(HANDLE hToken);

/** @brief get a restricted access token to execute nss process
  *
  * This function uses the Software Restriction API to obtain the
  * access token for a process run als normal user.
  *
  * @returns A restricted handle or NULL on error.
  */
HANDLE get_restricted_token();

/** @brief get a normal user access token
  *
  * The trusted acces token is not elevated but has the normal user rights.
  *
  * @returns A normal user handle or NULL on error.
  */
HANDLE get_normal_token();

#endif

#ifdef __cplusplus
}
#endif

#endif // COMMON_UTIL_H

http://wald.intevation.org/projects/trustbridge/