source: trunk/gsinstaller/gsPlatform.cpp@ 1537

#include "gsPlatform.h"

#define ACCESS_READ 0x01
#define ACCESS_WRITE 0x02

gsPlatform::gsPlatform()
{ this->platformInfo.dwOSVersionInfoSize    = sizeof(OSVERSIONINFO);
    GetVersionEx(&this->platformInfo);
}

bool gsPlatform::isWindows9x()
{   return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32_WINDOWS);
}

bool gsPlatform::isWindowsNT()
{   return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32_NT);
}

bool gsPlatform::isWindows32s()
{   return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32s);
}

bool gsPlatform::isOldWindows32s()
{   if (this->platformInfo.dwMajorVersion == 0 ||
            this->platformInfo.dwMinorVersion < 30)
    {   return true;
  }
  return false;
}

bool gsPlatform::isExplorerShell()
{   if (this->isWindows9x() ||
            (this->isWindowsNT() && this->platformInfo.dwMajorVersion >= 4))
    {   return true;
  }
  return false;
}

bool gsPlatform::isUserAdministrator()
{ 
  if (this->isWindowsNT())
    {
      HANDLE token;
      PSID adminId;
      PACL aclData;
      PSECURITY_DESCRIPTOR psdAdmin;
      SID_IDENTIFIER_AUTHORITY systemSidAuthority;
      GENERIC_MAPPING genericMapping;
      PRIVILEGE_SET privilegeSet;
      DWORD aclSize, status, structureSize;
      BOOL result;

      // Get an impersonation token
      ImpersonateSelf(SecurityImpersonation);

      if (!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE, &token))
    {
      if (GetLastError() != ERROR_NO_TOKEN)
        {   
          return false;
        }

      // if we didn't have an access token, take the process token instead
      if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token))
        {   
          return false;
        }
    }

      // By now we have a valid process/thread token; now get information on the
      // admin group in this domain
      if (!AllocateAndInitializeSid(&systemSidAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
                    DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0,
                    &adminId))
    {   
      return false;
    }

      // allocate space for security descriptor
      psdAdmin = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
      if (psdAdmin == NULL)
    {
      return false;
    }

      // initialise descriptor
      if (!InitializeSecurityDescriptor(psdAdmin, SECURITY_DESCRIPTOR_REVISION))
    {
      return false;
    }

      // get ACL size and allocate ACL block
      aclSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(adminId) - sizeof(DWORD);
      aclData = (PACL) LocalAlloc(LPTR, aclSize);
      if (aclData == NULL)
    {
      return false;
    }

      // initalise the acl block
      if (!InitializeAcl(aclData, aclSize, ACL_REVISION2))
    {   
      return false;
    }

      // try to add the given item to the Access Control Entry (ACE) list (ACL)
      if (!AddAccessAllowedAce(aclData, ACL_REVISION2, ACCESS_READ | ACCESS_WRITE, adminId))
    {   
      return false;
    }

      // endeavour to add the acl to the discretionary acl (DACL)
      if (!SetSecurityDescriptorDacl(psdAdmin, TRUE, aclData, FALSE))
    {
      return false;
    }

      // endeavour to set the owner/group identification
      SetSecurityDescriptorGroup(psdAdmin, adminId, FALSE);
      SetSecurityDescriptorOwner(psdAdmin, adminId, FALSE);

      // right, we've now built up a discretionary acl on the current user,
      // finally get the generic mapping ready
      genericMapping.GenericRead = ACCESS_READ;
      genericMapping.GenericWrite = ACCESS_WRITE;
      genericMapping.GenericExecute = 0;
      genericMapping.GenericAll = ACCESS_READ | ACCESS_WRITE;

      // do the actual access check
      if (!AccessCheck (psdAdmin, token, ACCESS_READ, &genericMapping,
            &privilegeSet, &structureSize, &status, &result))
    {
      return false;
    }

      // end impersonisation
      RevertToSelf();
      return result;
    }
  return true;
}

bool gsPlatform::reboot()
{
  // Check for appropriate privileges if this is NT
  if (this->isWindowsNT())
    {
      HANDLE token;
      TOKEN_PRIVILEGES tkp;

      if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
                &token))
    {   
      return false;
    }
      
      LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &tkp.Privileges[0].Luid);

      tkp.PrivilegeCount = 1; // set one privilege
      tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

      // Get the actual shutdown privilege
      AdjustTokenPrivileges(token, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES) NULL, 0);

      // as we can't test a return value on the previous call, use GetLastError
      if (GetLastError() != ERROR_SUCCESS)
    {
      return false;
    }
    }
  return ExitWindowsEx(EWX_REBOOT | EWX_FORCE, 0);
}

string gsPlatform::platformString()
{
  if (this->isWindowsNT())
    {
      return gsPlatform_WINDOWSNT;
    }
  else if (this->isWindows9x())
  { 
    return gsPlatform_WINDOWS9X;
  }
  else if (this->isWindows32s())
  {
    return gsPlatform_WINDOWS32S;
  }
  else
  {
    return gsPlatform_WINDOWS;
  }
}