static int eb_oper(const char *data, struct Client *client_p,
struct Channel *chptr, long mode_type)
{
(void)chptr;
(void)mode_type;
if (data != NULL)
{
struct PrivilegeSet *set = privilegeset_get(data);
if (set != NULL && client_p->localClient->privset == set)
return EXTBAN_MATCH;
/* $o:admin or whatever */
return HasPrivilege(client_p, data) ? EXTBAN_MATCH : EXTBAN_NOMATCH;
}
return IsOper(client_p) ? EXTBAN_MATCH : EXTBAN_NOMATCH;
}
Result<SelfTestStatistic> SelfTest::GetStatistic(const Settings& settings) const
{
Trace trace(settings.GetLogLevel());
trace < L"SelfTest::GetStatistic";
Handle processToken(L"Process token");
if (!::OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &processToken))
{
return Error(L"OpenProcessToken");
}
trace < L"Token groups:";
auto tokenGroupsResult = _securityManager.GetTokenGroups(trace, processToken);
if (!tokenGroupsResult.HasError())
{
auto tokenGroups = tokenGroupsResult.GetResultValue();
for (auto groupsIterator = tokenGroups.begin(); groupsIterator != tokenGroups.end(); ++groupsIterator)
{
trace < groupsIterator->ToString();
}
}
auto isServiceResult = IsService(trace, processToken);
if (isServiceResult.HasError())
{
return isServiceResult.GetError();
}
trace < L"SelfTest::IsService: ";
trace << isServiceResult.GetResultValue();
auto hasAdministrativePrivilegesResult = HasAdministrativePrivileges(trace);
if (hasAdministrativePrivilegesResult.HasError())
{
return hasAdministrativePrivilegesResult.GetError();
}
trace < L"SelfTest::HasAdministrativePrivileges: ";
trace << hasAdministrativePrivilegesResult.GetResultValue();
auto hasSeAssignPrimaryTokenPrivilegeResult = HasPrivilege(trace, processToken, SE_ASSIGNPRIMARYTOKEN_NAME);
if (hasSeAssignPrimaryTokenPrivilegeResult.HasError())
{
return hasSeAssignPrimaryTokenPrivilegeResult.GetError();
}
trace < L"SelfTest::HasPrivilege(SE_ASSIGNPRIMARYTOKEN_NAME): ";
trace << hasSeAssignPrimaryTokenPrivilegeResult.GetResultValue();
auto hasSeTcbPrivilegeResult = HasPrivilege(trace, processToken, SE_TCB_NAME);
if (hasSeTcbPrivilegeResult.HasError())
{
return hasSeTcbPrivilegeResult.GetError();
}
trace < L"SelfTest::HasPrivilege(SE_TCB_NAME): ";
trace << hasSeTcbPrivilegeResult.GetResultValue();
auto integrityLevelResult = GetIntegrityLevel(trace, processToken);
if (integrityLevelResult.HasError())
{
return integrityLevelResult.GetError();
}
trace < L"SelfTest::GetIntegrityLevel: ";
trace << integrityLevelResult.GetResultValue();
return SelfTestStatistic(
isServiceResult.GetResultValue(),
hasAdministrativePrivilegesResult.GetResultValue(),
hasSeAssignPrimaryTokenPrivilegeResult.GetResultValue(),
hasSeTcbPrivilegeResult.GetResultValue(),
integrityLevelResult.GetResultValue());
}
