static int eb_oper(const char *data, struct Client *client_p, struct Channel *chptr, long mode_type) { (void)chptr; (void)mode_type; if (data != NULL) { struct PrivilegeSet *set = privilegeset_get(data); if (set != NULL && client_p->localClient->privset == set) return EXTBAN_MATCH; /* $o:admin or whatever */ return HasPrivilege(client_p, data) ? EXTBAN_MATCH : EXTBAN_NOMATCH; } return IsOper(client_p) ? EXTBAN_MATCH : EXTBAN_NOMATCH; }
Result<SelfTestStatistic> SelfTest::GetStatistic(const Settings& settings) const { Trace trace(settings.GetLogLevel()); trace < L"SelfTest::GetStatistic"; Handle processToken(L"Process token"); if (!::OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &processToken)) { return Error(L"OpenProcessToken"); } trace < L"Token groups:"; auto tokenGroupsResult = _securityManager.GetTokenGroups(trace, processToken); if (!tokenGroupsResult.HasError()) { auto tokenGroups = tokenGroupsResult.GetResultValue(); for (auto groupsIterator = tokenGroups.begin(); groupsIterator != tokenGroups.end(); ++groupsIterator) { trace < groupsIterator->ToString(); } } auto isServiceResult = IsService(trace, processToken); if (isServiceResult.HasError()) { return isServiceResult.GetError(); } trace < L"SelfTest::IsService: "; trace << isServiceResult.GetResultValue(); auto hasAdministrativePrivilegesResult = HasAdministrativePrivileges(trace); if (hasAdministrativePrivilegesResult.HasError()) { return hasAdministrativePrivilegesResult.GetError(); } trace < L"SelfTest::HasAdministrativePrivileges: "; trace << hasAdministrativePrivilegesResult.GetResultValue(); auto hasSeAssignPrimaryTokenPrivilegeResult = HasPrivilege(trace, processToken, SE_ASSIGNPRIMARYTOKEN_NAME); if (hasSeAssignPrimaryTokenPrivilegeResult.HasError()) { return hasSeAssignPrimaryTokenPrivilegeResult.GetError(); } trace < L"SelfTest::HasPrivilege(SE_ASSIGNPRIMARYTOKEN_NAME): "; trace << hasSeAssignPrimaryTokenPrivilegeResult.GetResultValue(); auto hasSeTcbPrivilegeResult = HasPrivilege(trace, processToken, SE_TCB_NAME); if (hasSeTcbPrivilegeResult.HasError()) { return hasSeTcbPrivilegeResult.GetError(); } trace < L"SelfTest::HasPrivilege(SE_TCB_NAME): "; trace << hasSeTcbPrivilegeResult.GetResultValue(); auto integrityLevelResult = GetIntegrityLevel(trace, processToken); if (integrityLevelResult.HasError()) { return integrityLevelResult.GetError(); } trace < L"SelfTest::GetIntegrityLevel: "; trace << integrityLevelResult.GetResultValue(); return SelfTestStatistic( isServiceResult.GetResultValue(), hasAdministrativePrivilegesResult.GetResultValue(), hasSeAssignPrimaryTokenPrivilegeResult.GetResultValue(), hasSeTcbPrivilegeResult.GetResultValue(), integrityLevelResult.GetResultValue()); }