source: gsdl/tags/initial/gsinstaller/gsPlatform.cpp@ 18629

#include "gsPlatform.h"

#define ACCESS_READ 0x01
#define ACCESS_WRITE 0x02

gsPlatform::gsPlatform()
{ this->platformInfo.dwOSVersionInfoSize    = sizeof(OSVERSIONINFO);
    GetVersionEx(&this->platformInfo);
}

bool gsPlatform::isWindows9x()
{   return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32_WINDOWS);
}

bool gsPlatform::isWindowsNT()
{   return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32_NT);
}

bool gsPlatform::isWindows32s()
{   return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32s);
}

bool gsPlatform::isOldWindows32s()
{   if (this->platformInfo.dwMajorVersion == 0 ||
            this->platformInfo.dwMinorVersion < 30)
    {   return true;
  }
  return false;
}

bool gsPlatform::isExplorerShell()
{   if (this->isWindows9x() ||
            (this->isWindowsNT() && this->platformInfo.dwMajorVersion >= 4))
    {   return true;
  }
  return false;
}

bool gsPlatform::isUserAdministrator()
{ if (this->isWindowsNT())
    { HANDLE    token;
    PSID    adminId;
    PACL        aclData;
    PSECURITY_DESCRIPTOR            psdAdmin;
    SID_IDENTIFIER_AUTHORITY    systemSidAuthority;
    GENERIC_MAPPING                     genericMapping;
    PRIVILEGE_SET                           privilegeSet;
    DWORD       aclSize, status, structureSize;
    BOOL        result;

    // Get an impersonation token
    ImpersonateSelf(SecurityImpersonation);

    if (!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE, &token))
    {   if (GetLastError() != ERROR_NO_TOKEN)
        {   return false;
      }

      // if we didn't have an access token, take the process token instead
      if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token))
      { return false;
      }
    }

    // By now we have a valid process/thread token; now get information on the
    // admin group in this domain
    if (!AllocateAndInitializeSid(&systemSidAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
                                                                DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0,
                                  &adminId))
    {   return false;
    }

    // allocate space for security descriptor
        psdAdmin    =   LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
    if (psdAdmin == NULL)
    {   return false;
    }

        // initialise descriptor
    if (!InitializeSecurityDescriptor(psdAdmin, SECURITY_DESCRIPTOR_REVISION))
    {   return false;
    }

    // get ACL size and allocate ACL block
        aclSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(adminId) - sizeof(DWORD);
    aclData =   (PACL) LocalAlloc(LPTR, aclSize);
    if (aclData == NULL)
    {   return false;
    }

    // initalise the acl block
    if (!InitializeAcl(aclData, aclSize, ACL_REVISION2))
    {   return false;
    }

    // try to add the given item to the Access Control Entry (ACE) list (ACL)
    if (!AddAccessAllowedAce(aclData, ACL_REVISION2, ACCESS_READ | ACCESS_WRITE, adminId))
    {   return false;
    }

    // endeavour to add the acl to the discretionary acl (DACL)
    if (!SetSecurityDescriptorDacl(psdAdmin, TRUE, aclData, FALSE))
    {   return false;
    }

    // endeavour to set the owner/group identification
    SetSecurityDescriptorGroup(psdAdmin, adminId, FALSE);
    SetSecurityDescriptorOwner(psdAdmin, adminId, FALSE);

    // right, we've now built up a discretionary acl on the current user,
    // finally get the generic mapping ready
        genericMapping.GenericRead      = ACCESS_READ;
    genericMapping.GenericWrite     = ACCESS_WRITE;
    genericMapping.GenericExecute   = 0;
    genericMapping.GenericAll           = ACCESS_READ | ACCESS_WRITE;

    // do the actual access check
    if (!AccessCheck(   psdAdmin, token, ACCESS_READ, &genericMapping,
                                        &privilegeSet, &structureSize, &status, &result))
    {   return false;
    }

    // end impersonisation
    RevertToSelf();
    return result;
  }
    return true;
}

bool gsPlatform::reboot()
{
    // Check for appropriate privileges if this is NT
    if (this->isWindowsNT())
  { HANDLE token;
    TOKEN_PRIVILEGES tkp;

    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
                                                &token))
        {   return false;
    }

    LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &tkp.Privileges[0].Luid);

    tkp.PrivilegeCount  = 1; // set one privilege
    tkp.Privileges[0].Attributes    = SE_PRIVILEGE_ENABLED;

    // Get the actual shutdown privilege
    AdjustTokenPrivileges(token, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES) NULL, 0);

    // as we can't test a return value on the previous call, use GetLastError
    if (GetLastError() != ERROR_SUCCESS)
    {   return false;
    }
  }
  return ExitWindowsEx(EWX_REBOOT | EWX_FORCE, 0);
}

string gsPlatform::platformString()
{   if (this->isWindowsNT())
    {   return gsPlatform_WINDOWSNT;
  }
  else if (this->isWindows9x())
  { return gsPlatform_WINDOWS9X;
  }
  else if (this->isWindows32s())
  { return gsPlatform_WINDOWS32S;
  }
  else
  { return gsPlatform_WINDOWS;
  }
}