[1536] | 1 | #include "gsPlatform.h"
|
---|
| 2 |
|
---|
| 3 | #define ACCESS_READ 0x01
|
---|
| 4 | #define ACCESS_WRITE 0x02
|
---|
| 5 |
|
---|
[1541] | 6 | #include <stdio.h>
|
---|
| 7 |
|
---|
[1536] | 8 | gsPlatform::gsPlatform()
|
---|
[1543] | 9 | {
|
---|
| 10 | this->platformInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
|
---|
| 11 | GetVersionEx(&this->platformInfo);
|
---|
[1536] | 12 | }
|
---|
| 13 |
|
---|
| 14 | bool gsPlatform::isWindows9x()
|
---|
[1543] | 15 | {
|
---|
| 16 | return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32_WINDOWS);
|
---|
[1536] | 17 | }
|
---|
| 18 |
|
---|
| 19 | bool gsPlatform::isWindowsNT()
|
---|
[1543] | 20 | {
|
---|
| 21 | return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32_NT);
|
---|
[1536] | 22 | }
|
---|
| 23 |
|
---|
| 24 | bool gsPlatform::isWindows32s()
|
---|
[1543] | 25 | {
|
---|
| 26 | return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32s);
|
---|
[1536] | 27 | }
|
---|
| 28 |
|
---|
| 29 | bool gsPlatform::isOldWindows32s()
|
---|
[1543] | 30 | {
|
---|
| 31 | if (this->platformInfo.dwMajorVersion == 0 ||
|
---|
| 32 | this->platformInfo.dwMinorVersion < 30)
|
---|
| 33 | {
|
---|
| 34 | return true;
|
---|
| 35 | }
|
---|
[1536] | 36 | return false;
|
---|
| 37 | }
|
---|
| 38 |
|
---|
| 39 | bool gsPlatform::isExplorerShell()
|
---|
[1543] | 40 | {
|
---|
| 41 | if (this->isWindows9x() ||
|
---|
| 42 | (this->isWindowsNT() && this->platformInfo.dwMajorVersion >= 4))
|
---|
| 43 | {
|
---|
| 44 | return true;
|
---|
| 45 | }
|
---|
[1536] | 46 | return false;
|
---|
| 47 | }
|
---|
| 48 |
|
---|
| 49 | bool gsPlatform::isUserAdministrator()
|
---|
[1541] | 50 | {
|
---|
[1536] | 51 | if (this->isWindowsNT())
|
---|
| 52 | {
|
---|
| 53 | HANDLE token;
|
---|
| 54 | PSID adminId;
|
---|
| 55 | PACL aclData;
|
---|
[1541] | 56 | PSECURITY_DESCRIPTOR psdAdmin = NULL;
|
---|
| 57 | SID_IDENTIFIER_AUTHORITY systemSidAuthority = SECURITY_NT_AUTHORITY;
|
---|
[1536] | 58 | GENERIC_MAPPING genericMapping;
|
---|
| 59 | PRIVILEGE_SET privilegeSet;
|
---|
[1541] | 60 | DWORD aclSize, accessMask, status, structureSize;
|
---|
[1536] | 61 | BOOL result;
|
---|
| 62 |
|
---|
| 63 | // Get an impersonation token
|
---|
| 64 | ImpersonateSelf(SecurityImpersonation);
|
---|
| 65 |
|
---|
| 66 | if (!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE, &token))
|
---|
| 67 | {
|
---|
| 68 | if (GetLastError() != ERROR_NO_TOKEN)
|
---|
[1541] | 69 | {
|
---|
[1536] | 70 | return false;
|
---|
| 71 | }
|
---|
| 72 |
|
---|
| 73 | // if we didn't have an access token, take the process token instead
|
---|
| 74 | if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token))
|
---|
[1541] | 75 | {
|
---|
[1536] | 76 | return false;
|
---|
| 77 | }
|
---|
| 78 | }
|
---|
| 79 |
|
---|
| 80 | // By now we have a valid process/thread token; now get information on the
|
---|
| 81 | // admin group in this domain
|
---|
| 82 | if (!AllocateAndInitializeSid(&systemSidAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
|
---|
| 83 | DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0,
|
---|
| 84 | &adminId))
|
---|
[1541] | 85 | {
|
---|
[1536] | 86 | return false;
|
---|
| 87 | }
|
---|
| 88 |
|
---|
| 89 | // allocate space for security descriptor
|
---|
| 90 | psdAdmin = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
|
---|
| 91 | if (psdAdmin == NULL)
|
---|
| 92 | {
|
---|
| 93 | return false;
|
---|
| 94 | }
|
---|
| 95 |
|
---|
| 96 | // initialise descriptor
|
---|
| 97 | if (!InitializeSecurityDescriptor(psdAdmin, SECURITY_DESCRIPTOR_REVISION))
|
---|
| 98 | {
|
---|
| 99 | return false;
|
---|
| 100 | }
|
---|
| 101 |
|
---|
| 102 | // get ACL size and allocate ACL block
|
---|
| 103 | aclSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(adminId) - sizeof(DWORD);
|
---|
| 104 | aclData = (PACL) LocalAlloc(LPTR, aclSize);
|
---|
| 105 | if (aclData == NULL)
|
---|
| 106 | {
|
---|
| 107 | return false;
|
---|
| 108 | }
|
---|
| 109 |
|
---|
| 110 | // initalise the acl block
|
---|
| 111 | if (!InitializeAcl(aclData, aclSize, ACL_REVISION2))
|
---|
[1541] | 112 | {
|
---|
[1536] | 113 | return false;
|
---|
| 114 | }
|
---|
[1543] | 115 |
|
---|
| 116 | accessMask = ACCESS_READ | ACCESS_WRITE;
|
---|
| 117 |
|
---|
[1536] | 118 | // try to add the given item to the Access Control Entry (ACE) list (ACL)
|
---|
[1541] | 119 | if (!AddAccessAllowedAce(aclData, ACL_REVISION2, accessMask, adminId))
|
---|
| 120 | {
|
---|
[1536] | 121 | return false;
|
---|
| 122 | }
|
---|
[1543] | 123 |
|
---|
[1536] | 124 | // endeavour to add the acl to the discretionary acl (DACL)
|
---|
| 125 | if (!SetSecurityDescriptorDacl(psdAdmin, TRUE, aclData, FALSE))
|
---|
| 126 | {
|
---|
| 127 | return false;
|
---|
| 128 | }
|
---|
| 129 |
|
---|
| 130 | // endeavour to set the owner/group identification
|
---|
| 131 | SetSecurityDescriptorGroup(psdAdmin, adminId, FALSE);
|
---|
| 132 | SetSecurityDescriptorOwner(psdAdmin, adminId, FALSE);
|
---|
| 133 |
|
---|
| 134 | // right, we've now built up a discretionary acl on the current user,
|
---|
| 135 | // finally get the generic mapping ready
|
---|
| 136 | genericMapping.GenericRead = ACCESS_READ;
|
---|
| 137 | genericMapping.GenericWrite = ACCESS_WRITE;
|
---|
| 138 | genericMapping.GenericExecute = 0;
|
---|
| 139 | genericMapping.GenericAll = ACCESS_READ | ACCESS_WRITE;
|
---|
| 140 |
|
---|
[1541] | 141 | structureSize = sizeof(PRIVILEGE_SET);
|
---|
| 142 |
|
---|
[1536] | 143 | // do the actual access check
|
---|
| 144 | if (!AccessCheck (psdAdmin, token, ACCESS_READ, &genericMapping,
|
---|
| 145 | &privilegeSet, &structureSize, &status, &result))
|
---|
[1543] | 146 | {
|
---|
| 147 | return false;
|
---|
[1536] | 148 | }
|
---|
[1543] | 149 |
|
---|
[1536] | 150 | // end impersonisation
|
---|
| 151 | RevertToSelf();
|
---|
[1543] | 152 |
|
---|
[1541] | 153 | LocalFree(psdAdmin);
|
---|
| 154 | LocalFree(aclData);
|
---|
| 155 | FreeSid(adminId);
|
---|
[1536] | 156 | return result;
|
---|
| 157 | }
|
---|
| 158 | return true;
|
---|
| 159 | }
|
---|
| 160 |
|
---|
| 161 | bool gsPlatform::reboot()
|
---|
| 162 | {
|
---|
| 163 | // Check for appropriate privileges if this is NT
|
---|
| 164 | if (this->isWindowsNT())
|
---|
| 165 | {
|
---|
| 166 | HANDLE token;
|
---|
| 167 | TOKEN_PRIVILEGES tkp;
|
---|
[1543] | 168 |
|
---|
[1536] | 169 | if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
|
---|
| 170 | &token))
|
---|
[1541] | 171 | {
|
---|
[1536] | 172 | return false;
|
---|
| 173 | }
|
---|
[1543] | 174 |
|
---|
[1536] | 175 | LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &tkp.Privileges[0].Luid);
|
---|
| 176 |
|
---|
| 177 | tkp.PrivilegeCount = 1; // set one privilege
|
---|
| 178 | tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
|
---|
| 179 |
|
---|
| 180 | // Get the actual shutdown privilege
|
---|
| 181 | AdjustTokenPrivileges(token, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES) NULL, 0);
|
---|
| 182 |
|
---|
| 183 | // as we can't test a return value on the previous call, use GetLastError
|
---|
| 184 | if (GetLastError() != ERROR_SUCCESS)
|
---|
| 185 | {
|
---|
| 186 | return false;
|
---|
| 187 | }
|
---|
| 188 | }
|
---|
| 189 | return ExitWindowsEx(EWX_REBOOT | EWX_FORCE, 0);
|
---|
| 190 | }
|
---|
| 191 |
|
---|
| 192 | string gsPlatform::platformString()
|
---|
| 193 | {
|
---|
| 194 | if (this->isWindowsNT())
|
---|
| 195 | {
|
---|
| 196 | return gsPlatform_WINDOWSNT;
|
---|
| 197 | }
|
---|
| 198 | else if (this->isWindows9x())
|
---|
| 199 | {
|
---|
| 200 | return gsPlatform_WINDOWS9X;
|
---|
| 201 | }
|
---|
| 202 | else if (this->isWindows32s())
|
---|
| 203 | {
|
---|
| 204 | return gsPlatform_WINDOWS32S;
|
---|
| 205 | }
|
---|
| 206 | else
|
---|
| 207 | {
|
---|
| 208 | return gsPlatform_WINDOWS;
|
---|
| 209 | }
|
---|
| 210 | }
|
---|