# HG changeset patch # User Andre Heinecke # Date 1409660740 -7200 # Node ID 1c1964c27b39659d3581e693fb784dc205ca44d1 # Parent 7dff5c0c569c8ee74fe11fd699400412eac6a8eb (issue54) commit work in progress on start after installation diff -r 7dff5c0c569c -r 1c1964c27b39 CMakeLists.txt --- a/CMakeLists.txt Tue Sep 02 10:54:51 2014 +0200 +++ b/CMakeLists.txt Tue Sep 02 14:25:40 2014 +0200 @@ -141,12 +141,7 @@ add_subdirectory(manuals) endif() -# Configure packaging script for testing -configure_file (packaging/win-createpackage.sh.in packaging/win-createpackage.sh @ONLY) -configure_file (packaging/create-dist-package.sh.in packaging/create-dist-package.sh @ONLY) -configure_file (packaging/linux-createpackage.sh.in packaging/linux-createpackage.sh @ONLY) -configure_file (packaging/linux-installer.inc.in packaging/linux-installer.inc @ONLY) -configure_file (packaging/linux-installer.l10n-de packaging/linux-installer.l10n-de COPYONLY) +add_subdirectory(packaging) if (ENABLE_PROFILING) configure_file (make-coverage.sh.in make-coverage.sh) diff -r 7dff5c0c569c -r 1c1964c27b39 cinst/nssstore_win.c --- a/cinst/nssstore_win.c Tue Sep 02 10:54:51 2014 +0200 +++ b/cinst/nssstore_win.c Tue Sep 02 14:25:40 2014 +0200 @@ -39,7 +39,6 @@ */ #include -#include #include #include #include @@ -98,34 +97,6 @@ xfree (item); } -/** @brief get a restricted access token to execute nss process - * - * This function uses the Software Restriction API to obtain the - * access token for a process run als normal user. - * - * @returns A restricted handle or NULL on error. - */ -static HANDLE -get_restricted_token() -{ - SAFER_LEVEL_HANDLE user_level = NULL; - HANDLE retval = NULL; - if (!SaferCreateLevel(SAFER_SCOPEID_USER, - SAFER_LEVELID_NORMALUSER, - SAFER_LEVEL_OPEN, &user_level, NULL)) - { - PRINTLASTERROR ("Failed to create user level.\n"); - return NULL; - } - - if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL)) - { - SaferCloseLevel(user_level); - return NULL; - } - - return retval; -} /**@brief Write strv of instructions to a handle * diff -r 7dff5c0c569c -r 1c1964c27b39 common/util.c --- a/common/util.c Tue Sep 02 10:54:51 2014 +0200 +++ b/common/util.c Tue Sep 02 14:25:40 2014 +0200 @@ -16,6 +16,7 @@ #include #include #else +#include #include #include #include @@ -724,3 +725,56 @@ return retval; } #endif + +#ifdef WIN32 +/** @brief get a restricted access token + * + * This function uses the Software Restriction API to obtain the + * access token for a process run als normal user. + * + * @returns A restricted handle or NULL on error. + */ +HANDLE +get_restricted_token() +{ + SAFER_LEVEL_HANDLE user_level = NULL; + HANDLE retval = NULL; + if (!SaferCreateLevel(SAFER_SCOPEID_USER, + SAFER_LEVELID_NORMALUSER, + SAFER_LEVEL_OPEN, &user_level, NULL)) + { + PRINTLASTERROR ("Failed to create user level.\n"); + return NULL; + } + + if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL)) + { + SaferCloseLevel(user_level); + return NULL; + } + + return retval; +} + +HANDLE +get_normal_token() +{ + SAFER_LEVEL_HANDLE user_level = NULL; + HANDLE retval = NULL; + if (!SaferCreateLevel(SAFER_SCOPEID_USER, + SAFER_LEVELID_NORMALUSER, + SAFER_LEVEL_OPEN, &user_level, NULL)) + { + PRINTLASTERROR ("Failed to create user level.\n"); + return NULL; + } + + if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL)) + { + SaferCloseLevel(user_level); + return NULL; + } + + return retval; +} +#endif diff -r 7dff5c0c569c -r 1c1964c27b39 common/util.h --- a/common/util.h Tue Sep 02 10:54:51 2014 +0200 +++ b/common/util.h Tue Sep 02 14:25:40 2014 +0200 @@ -136,6 +136,23 @@ */ bool create_restricted_directory (LPWSTR path); +/** @brief get a restricted access token to execute nss process + * + * This function uses the Software Restriction API to obtain the + * access token for a process run als normal user. + * + * @returns A restricted handle or NULL on error. + */ +HANDLE get_restricted_token(); + +/** @brief get a normal user access token + * + * The trusted acces token is not elevated but has the normal user rights. + * + * @returns A normal user handle or NULL on error. + */ +HANDLE get_normal_token(); + #endif #ifdef __cplusplus diff -r 7dff5c0c569c -r 1c1964c27b39 packaging/CMakeLists.txt --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/packaging/CMakeLists.txt Tue Sep 02 14:25:40 2014 +0200 @@ -0,0 +1,22 @@ +# Configure packaging script for testing +configure_file (win-createpackage.sh.in win-createpackage.sh @ONLY) +configure_file (create-dist-package.sh.in create-dist-package.sh @ONLY) +configure_file (linux-createpackage.sh.in linux-createpackage.sh @ONLY) +configure_file (linux-installer.inc.in linux-installer.inc @ONLY) +configure_file (linux-installer.l10n-de linux-installer.l10n-de COPYONLY) + +if (WIN32) + # Build the nss safer plugin. + include_directories(${CMAKE_SOURCE_DIR}/common) + + add_library(saferrunas SHARED safer_run_as.c) + target_link_libraries(saferrunas + trustbridge_common + -luserenv + -lshell32 + -lcrypt32 + -lssp + ${POLARSSL_LIBRARIES}) # trustbridge_common pulls it in. + set_target_properties(saferrunas PROPERTIES PREFIX "") + set_target_properties(saferrunas PROPERTIES OUTPUT_NAME "SaferRunAs") +endif() diff -r 7dff5c0c569c -r 1c1964c27b39 packaging/create-dist-package.sh.in --- a/packaging/create-dist-package.sh.in Tue Sep 02 10:54:51 2014 +0200 +++ b/packaging/create-dist-package.sh.in Tue Sep 02 14:25:40 2014 +0200 @@ -58,6 +58,7 @@ # Create a temporary NSIS file for the uninstaller cration LC_ALL="de_DE.latin-1" makensis -Dfiles_dir=$TMPDIR/windows \ -Dcompany="Bundesamt für Sicherheit in der Informationstechnik" \ + -Dplugin_dir="@CMAKE_CURRENT_BINARY_DIR@" \ -Dversion_number=@PROJECT_VERSION@ \ -Dsetupname="$TMPDIR/TrustBridge-@PROJECT_VERSION@-uni.exe" \ -Dproductname="TrustBridge" \ diff -r 7dff5c0c569c -r 1c1964c27b39 packaging/exdll.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/packaging/exdll.h Tue Sep 02 14:25:40 2014 +0200 @@ -0,0 +1,106 @@ +/* exdll.h for use with gpg4win + * Copyright (C) 1999-2005 Nullsoft, Inc. + * + * This license applies to everything in the NSIS package, except + * where otherwise noted. + * + * This software is provided 'as-is', without any express or implied + * warranty. In no event will the authors be held liable for any + * damages arising from the use of this software. + * + * Permission is granted to anyone to use this software for any + * purpose, including commercial applications, and to alter it and + * redistribute it freely, subject to the following restrictions: + * + * 1. The origin of this software must not be misrepresented; you must + * not claim that you wrote the original software. If you use this + * software in a product, an acknowledgment in the product + * documentation would be appreciated but is not required. + * + * 2. Altered source versions must be plainly marked as such, and must + * not be misrepresented as being the original software. + * + * 3. This notice may not be removed or altered from any source + * distribution. + ************************************************************ + * 2005-11-14 wk Applied license text to orginal exdll.h file from + * NSIS 2.0.4 and did some formatting changes. + */ + +#ifndef _EXDLL_H_ +#define _EXDLL_H_ + +/* only include this file from one place in your DLL. (it is all + static, if you use it in two places it will fail) */ + +#define EXDLL_INIT() { \ + g_stringsize=(unsigned int)string_size; \ + g_stacktop=stacktop; \ + g_variables=variables; } + +/* For page showing plug-ins */ +#define WM_NOTIFY_OUTER_NEXT (WM_USER+0x8) +#define WM_NOTIFY_CUSTOM_READY (WM_USER+0xd) +#define NOTIFY_BYE_BYE 'x' + +typedef struct _stack_t { + struct _stack_t *next; + char text[1]; /* This should be the length of string_size. */ +} stack_t; + + +static unsigned int g_stringsize; +static stack_t **g_stacktop; +static char *g_variables; + +enum + { + INST_0, // $0 + INST_1, // $1 + INST_2, // $2 + INST_3, // $3 + INST_4, // $4 + INST_5, // $5 + INST_6, // $6 + INST_7, // $7 + INST_8, // $8 + INST_9, // $9 + INST_R0, // $R0 + INST_R1, // $R1 + INST_R2, // $R2 + INST_R3, // $R3 + INST_R4, // $R4 + INST_R5, // $R5 + INST_R6, // $R6 + INST_R7, // $R7 + INST_R8, // $R8 + INST_R9, // $R9 + INST_CMDLINE, // $CMDLINE + INST_INSTDIR, // $INSTDIR + INST_OUTDIR, // $OUTDIR + INST_EXEDIR, // $EXEDIR + INST_LANG, // $LANGUAGE + __INST_LAST +}; + +typedef struct { + int autoclose; + int all_user_var; + int exec_error; + int abort; + int exec_reboot; + int reboot_called; + int XXX_cur_insttype; /* deprecated */ + int XXX_insttype_changed; /* deprecated */ + int silent; + int instdir_error; + int rtl; + int errlvl; +} exec_flags_t; + +typedef struct { + exec_flags_t *exec_flags; + int (__stdcall *ExecuteCodeSegment)(int, HWND); +} extra_parameters_t; + +#endif//_EXDLL_H_ diff -r 7dff5c0c569c -r 1c1964c27b39 packaging/safer_run_as.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/packaging/safer_run_as.c Tue Sep 02 14:25:40 2014 +0200 @@ -0,0 +1,67 @@ +#include +#include "exdll.h" +#include "util.h" +#include "logging.h" + +static HINSTANCE g_hInstance; /* Our Instance. */ +static HWND g_hwndParent; /* Handle of parent window or NULL. */ + +#define UNUSED(x) (void)(x) + +/* Standard entry point for DLLs. */ +int WINAPI +DllMain (HANDLE hinst, DWORD reason, LPVOID reserved) +{ + UNUSED(reserved); + if (reason == DLL_PROCESS_ATTACH) + g_hInstance = hinst; + return TRUE; +} + +void __declspec(dllexport) __cdecl Exec(HWND hwndParent, + int string_size, + char *variables, + stack_t **stacktop) +{ + HANDLE restricted_token = NULL; + STARTUPINFO si; + PROCESS_INFORMATION pi; + + EXDLL_INIT(); + + UNUSED(hwndParent); + UNUSED(g_hwndParent); + + memset(&si, 0, sizeof(STARTUPINFO)); + + if (!stacktop || !*stacktop || !(*stacktop)->text) + { + ERRORPRINTF ("Invalid call to exec\n"); + return; + } + + restricted_token = get_normal_token(); + + if (restricted_token == NULL || restricted_token == INVALID_HANDLE_VALUE) + { + ERRORPRINTF ("Failed to obtain restricted token.\n"); + return; + } + + if (CreateProcessAsUser(restricted_token, + 0, + (*stacktop)->text, + 0, + 0, + FALSE, + CREATE_NEW_CONSOLE, + 0, + 0, + &si, + &pi)) + { + CloseHandle(pi.hProcess); + CloseHandle(pi.hThread); + } +} + diff -r 7dff5c0c569c -r 1c1964c27b39 packaging/trustbridge.nsi --- a/packaging/trustbridge.nsi Tue Sep 02 10:54:51 2014 +0200 +++ b/packaging/trustbridge.nsi Tue Sep 02 14:25:40 2014 +0200 @@ -27,6 +27,8 @@ !define MULTIUSER_INSTALLMODE_INSTDIR_REGISTRY_VALUENAME "" !define MULTIUSER_INSTALLMODE_INSTDIR "${productname_short}" +!addplugindir "${plugin_dir}" + !include "MultiUser.nsh" !include "MUI2.nsh" !include "FileFunc.nsh" @@ -93,9 +95,9 @@ Computer installliert. $\r$\n$\r$\n\ Klicken Sie auf 'Fertig stellen', um den Installations-Assistenten\ zu schließen." -;!define MUI_FINISHPAGE_RUN $INSTDIR\trustbridge.exe -;!define MUI_FINISHPAGE_RUN_TEXT "Anwendung starten" -;!define MUI_FINISHPAGE_RUN_FUNCTION RunAsUser +!define MUI_FINISHPAGE_RUN $INSTDIR\trustbridge.exe +!define MUI_FINISHPAGE_RUN_TEXT "Anwendung starten" +!define MUI_FINISHPAGE_RUN_FUNCTION RunAsUser !define MUI_FINISHPAGE_LINK "Mehr unter ${info_url}" !define MUI_FINISHPAGE_LINK_LOCATION "${info_url}" @@ -186,7 +188,8 @@ ; the UI elevated as this could be a security ; problem. Function RunAsUser - ExecShell "" "$INSTDIR\trustbridge.exe" + SaferRunAs::Exec "cmd.exe" + ;$INSTDIR\trustbridge.exe" FunctionEnd ;-------------------------------- @@ -258,6 +261,9 @@ !insertmacro MUI_STARTMENU_WRITE_END done: + StrCmp $is_update '1' run_silent dont_run +run_silent: +dont_run: SectionEnd diff -r 7dff5c0c569c -r 1c1964c27b39 packaging/win-createpackage.sh.in --- a/packaging/win-createpackage.sh.in Tue Sep 02 10:54:51 2014 +0200 +++ b/packaging/win-createpackage.sh.in Tue Sep 02 14:25:40 2014 +0200 @@ -26,6 +26,7 @@ makensis -Dfiles_dir=$TMPDIR \ -Dcompany="Bundesamt für Sicherheit in der Informationstechnik" \ + -Dplugin_dir="@CMAKE_CURRENT_BINARY_DIR@" \ -Dversion_number=@PROJECT_VERSION@ \ -Dsetupname="$TMPINST" \ -Dproductname="TrustBridge" \ @@ -41,6 +42,7 @@ makensis -Dfiles_dir=$TMPDIR \ -Dcompany="Bundesamt für Sicherheit in der Informationstechnik" \ + -Dplugin_dir="@CMAKE_CURRENT_BINARY_DIR@" \ -Dversion_number=@PROJECT_VERSION@ \ -Dsetupname="@CMAKE_BINARY_DIR@/TrustBridge-@PROJECT_VERSION@.exe" \ -Dproductname="TrustBridge" \