source: trunk/gsinstaller/gsPlatform.cpp@ 1543

#include "gsPlatform.h"

#define ACCESS_READ 0x01
#define ACCESS_WRITE 0x02

#include <stdio.h>

gsPlatform::gsPlatform()
{
  this->platformInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
  GetVersionEx(&this->platformInfo);
}

bool gsPlatform::isWindows9x()
{
  return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32_WINDOWS);
}

bool gsPlatform::isWindowsNT()
{
  return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32_NT);
}

bool gsPlatform::isWindows32s()
{
  return (this->platformInfo.dwPlatformId & VER_PLATFORM_WIN32s);
}

bool gsPlatform::isOldWindows32s()
{   
  if (this->platformInfo.dwMajorVersion == 0 ||
      this->platformInfo.dwMinorVersion < 30)
    {
      return true;
    }
  return false;
}

bool gsPlatform::isExplorerShell()
{
  if (this->isWindows9x() ||
      (this->isWindowsNT() && this->platformInfo.dwMajorVersion >= 4))
    {
      return true;
    }
  return false;
}

bool gsPlatform::isUserAdministrator()
{
  if (this->isWindowsNT())
    {
      HANDLE token;
      PSID adminId;
      PACL aclData;
      PSECURITY_DESCRIPTOR psdAdmin = NULL;
      SID_IDENTIFIER_AUTHORITY systemSidAuthority = SECURITY_NT_AUTHORITY;
      GENERIC_MAPPING genericMapping;
      PRIVILEGE_SET privilegeSet;
      DWORD aclSize, accessMask, status, structureSize;
      BOOL result;

      // Get an impersonation token
      ImpersonateSelf(SecurityImpersonation);

      if (!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE, &token))
    {
      if (GetLastError() != ERROR_NO_TOKEN)
        {
          return false;
        }

      // if we didn't have an access token, take the process token instead
      if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &token))
        {
          return false;
        }
    }

      // By now we have a valid process/thread token; now get information on the
      // admin group in this domain
      if (!AllocateAndInitializeSid(&systemSidAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID,
                    DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0,
                    &adminId))
    {
      return false;
    }

      // allocate space for security descriptor
      psdAdmin = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
      if (psdAdmin == NULL)
    {
      return false;
    }

      // initialise descriptor
      if (!InitializeSecurityDescriptor(psdAdmin, SECURITY_DESCRIPTOR_REVISION))
    {
      return false;
    }

      // get ACL size and allocate ACL block
      aclSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(adminId) - sizeof(DWORD);
      aclData = (PACL) LocalAlloc(LPTR, aclSize);
      if (aclData == NULL)
    {
      return false;
    }

      // initalise the acl block
      if (!InitializeAcl(aclData, aclSize, ACL_REVISION2))
    {
      return false;
    }
      
      accessMask = ACCESS_READ | ACCESS_WRITE;
      
      // try to add the given item to the Access Control Entry (ACE) list (ACL)
      if (!AddAccessAllowedAce(aclData, ACL_REVISION2, accessMask, adminId))
    {
      return false;
    }
      
      // endeavour to add the acl to the discretionary acl (DACL)
      if (!SetSecurityDescriptorDacl(psdAdmin, TRUE, aclData, FALSE))
    {
      return false;
    }

      // endeavour to set the owner/group identification
      SetSecurityDescriptorGroup(psdAdmin, adminId, FALSE);
      SetSecurityDescriptorOwner(psdAdmin, adminId, FALSE);

      // right, we've now built up a discretionary acl on the current user,
      // finally get the generic mapping ready
      genericMapping.GenericRead = ACCESS_READ;
      genericMapping.GenericWrite = ACCESS_WRITE;
      genericMapping.GenericExecute = 0;
      genericMapping.GenericAll = ACCESS_READ | ACCESS_WRITE;

      structureSize = sizeof(PRIVILEGE_SET);

      // do the actual access check
      if (!AccessCheck (psdAdmin, token, ACCESS_READ, &genericMapping,
            &privilegeSet, &structureSize, &status, &result))
    {
      return false;
    }
      
      // end impersonisation
      RevertToSelf();
      
      LocalFree(psdAdmin);
      LocalFree(aclData);
      FreeSid(adminId);
      return result;
    }
  return true;
}

bool gsPlatform::reboot()
{
  // Check for appropriate privileges if this is NT
  if (this->isWindowsNT())
    {
      HANDLE token;
      TOKEN_PRIVILEGES tkp;
      
      if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,
                &token))
    {
      return false;
    }
      
      LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &tkp.Privileges[0].Luid);

      tkp.PrivilegeCount = 1; // set one privilege
      tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

      // Get the actual shutdown privilege
      AdjustTokenPrivileges(token, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES) NULL, 0);

      // as we can't test a return value on the previous call, use GetLastError
      if (GetLastError() != ERROR_SUCCESS)
    {
      return false;
    }
    }
  return ExitWindowsEx(EWX_REBOOT | EWX_FORCE, 0);
}

string gsPlatform::platformString()
{
  if (this->isWindowsNT())
    {
      return gsPlatform_WINDOWSNT;
    }
  else if (this->isWindows9x())
  { 
    return gsPlatform_WINDOWS9X;
  }
  else if (this->isWindows32s())
  {
    return gsPlatform_WINDOWS32S;
  }
  else
  {
    return gsPlatform_WINDOWS;
  }
}