WinAbsSD::WinAbsSD(PSID owner, PSID group, PACL dacl, bool protect):
m_owner(nullptr),
m_group(nullptr),
m_dacl(nullptr),
m_sacl(nullptr)
{
m_sd = alloc(SECURITY_DESCRIPTOR_MIN_LENGTH);
CheckApi(::InitializeSecurityDescriptor(m_sd, SECURITY_DESCRIPTOR_REVISION));
try {
m_owner = Sid::clone(owner);
set_owner(m_sd, m_owner);
} catch (exception::Abstract & e) {
LogDebug(L"exception cought: %s, %s", e.what(), e.where());
}
try {
m_group = Sid::clone(group);
set_group(m_sd, m_group);
} catch (exception::Abstract & e) {
LogDebug(L"exception cought: %s, %s", e.what(), e.where());
}
try {
WinDacl(dacl).detach(m_dacl);
set_dacl(m_sd, m_dacl);
} catch (exception::Abstract & e) {
LogDebug(L"exception cought: %s, %s", e.what(), e.where());
}
CheckApi(::IsValidSecurityDescriptor(m_sd));
set_protect(protect);
}
ustring get_name(PCWSTR priv_name)
{
DWORD size = 0, lang = 0;
::LookupPrivilegeDisplayNameW(nullptr, priv_name, nullptr, &size, &lang);
CheckApi(::GetLastError() == ERROR_INSUFFICIENT_BUFFER);
memory::auto_array<wchar_t> name(size);
CheckApi(::LookupPrivilegeDisplayNameW(nullptr, priv_name, name, &size, &lang));
return ustring(name);
}
uint64_t Facade::get_position() const
{
LARGE_INTEGER tmp, np;
tmp.QuadPart = 0;
CheckApi(::SetFilePointerEx(m_hndl, tmp, &np, FILE_CURRENT));
return np.QuadPart;
}
bool is_exist(HANDLE token, const LUID & priv)
{
DWORD size = 0;
::GetTokenInformation(token, TokenPrivileges, nullptr, 0, &size);
CheckApi(::GetLastError() == ERROR_INSUFFICIENT_BUFFER);
memory::auto_buf<PTOKEN_PRIVILEGES> ptp(size);
CheckApi(::GetTokenInformation(token, TokenPrivileges, ptp, ptp.size(), &size));
for (DWORD i = 0; i < ptp->PrivilegeCount; ++i) {
if (ptp->Privileges[i].Luid == priv) {
return true;
}
}
return false;
}
Status Item::get_status() const
{
Status ret;
DWORD bytesNeeded;
CheckApi(::QueryServiceStatusEx(m_hndl, SC_STATUS_PROCESS_INFO, (PBYTE )&ret, sizeof(ret), &bytesNeeded));
return ret;
}
// PSID to sid string
ustring Sid::as_str(value_type psid)
{
check(psid);
memory::auto_close<PWSTR> ret(nullptr, ::LocalFree);
CheckApi(::ConvertSidToStringSidW(psid, &ret));
return ustring(ret);
}
Version::Version(const wchar_t* path)
{
DWORD size = version_dll::inst().GetFileVersionInfoSizeW(path, nullptr);
CheckApi(size);
memory::auto_array<BYTE> data(size);
CheckApi(version_dll::inst().GetFileVersionInfoW(path, 0, size, data.data()));
UINT bufLen;
VS_FIXEDFILEINFO * ffi;
CheckApi(version_dll::inst().VerQueryValueW(data, L"\\", (void** )&ffi, &bufLen));
wchar_t tmp[MAX_PATH];
_snwprintf(tmp, lengthof(tmp), L"%d.%d", HIWORD(ffi->dwFileVersionMS), LOWORD(ffi->dwFileVersionMS)
// ,HIWORD(ffi->dwFileVersionLS)
// LOWORD(ffi->dwFileVersionLS)
);
m_ver = tmp;
}
void create(const wchar_t* path, const void* content, ssize_t size, LPSECURITY_ATTRIBUTES sa)
{
memory::auto_close<HANDLE> file(CheckHandleErr(::CreateFileW(path, GENERIC_WRITE, 0, sa, CREATE_NEW, FILE_ATTRIBUTE_NORMAL, nullptr)));
DWORD bytesWritten = 0;
DWORD bytesToWrite = size;
CheckApi(::WriteFile(file, content, bytesToWrite, &bytesWritten, nullptr) && bytesToWrite == bytesWritten);
}
void Sid::get_name_dom(value_type sid, ustring& name, ustring& dom, PCWSTR srv)
{
check(sid);
DWORD size_nam = 0;
DWORD size_dom = 0;
SID_NAME_USE type;
// determine size of name
::LookupAccountSidW(srv, sid, nullptr, &size_nam, nullptr, &size_dom, &type);
CheckApi(::GetLastError() == ERROR_INSUFFICIENT_BUFFER);
memory::auto_array<wchar_t> pName(size_nam);
memory::auto_array<wchar_t> pDom(size_dom);
CheckApi(::LookupAccountSidW(srv, sid, pName.data(), &size_nam, pDom.data(), &size_dom, &type));
name = pName;
dom = pDom;
}
SMJS_Plugin *LoadPlugin(const char *dir){
auto plugin = SMJS_Plugin::GetPluginByDir(dir);
if(plugin != NULL) return plugin;
bool isSandboxed = true;
for(auto it = trustedPlugins.begin(); it != trustedPlugins.end(); ++it){
if(strcmp(dir, it->c_str()) == 0){
isSandboxed = false;
break;
}
}
plugin = new SMJS_Plugin(isSandboxed);
char path[512];
smutils->BuildPath(Path_SM, path, sizeof(path), "plugins.js/%s", dir);
plugin->SetDir(dir);
plugin->SetPath(path);
plugin->LoadModules();
plugin->CheckApi();
if(!plugin->LoadFile("Main.js", true)){
delete plugin;
return NULL;
}
// Late loading
if(smutils->IsMapRunning()){
HandleScope handle_scope(plugin->GetIsolate());
Context::Scope context_scope(plugin->GetContext());
auto hooks = plugin->GetHooks("OnMapStart");
for(auto it = hooks->begin(); it != hooks->end(); ++it){
(*it)->Call(plugin->GetContext()->Global(), 0, NULL);
}
for(int i = 0; i < sizeof(clients) / sizeof(clients[0]); ++i){
if(clients[i] == NULL) continue;
v8::Handle<v8::Value> arg = clients[i]->GetWrapper(plugin);
hooks = plugin->GetHooks("OnClientConnected");
for(auto it = hooks->begin(); it != hooks->end(); ++it){
(*it)->Call(plugin->GetContext()->Global(), 1, &arg);
}
if(clients[i]->inGame){
hooks = plugin->GetHooks("OnClientPutInGame");
for(auto it = hooks->begin(); it != hooks->end(); ++it){
(*it)->Call(plugin->GetContext()->Global(), 1, &arg);
}
}
}
}
return plugin;
}
void modify(HANDLE token, const LUID & priv, bool enable)
{
TOKEN_PRIVILEGES tp;
memory::zero(tp);
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = priv;
tp.Privileges[0].Attributes = (enable) ? SE_PRIVILEGE_ENABLED : 0;
CheckApi(::AdjustTokenPrivileges(token, false, &tp, sizeof(tp), nullptr, nullptr));
}
PSID Sid::get_sid(PCWSTR name, PCWSTR srv) {
DWORD size_sid = SECURITY_MAX_SID_SIZE;
PSID m_sid = (value_type)::LocalAlloc(LPTR, size_sid);
DWORD size_dom = MAX_PATH;
wchar_t dom[size_dom];
SID_NAME_USE type;
CheckApi(::LookupAccountNameW(srv, name, m_sid, &size_sid, dom, &size_dom, &type));
return m_sid;
}
ustring get_token_user(HANDLE hToken) {
DWORD size = 0;
if (!::GetTokenInformation(hToken, TokenUser, nullptr, 0, &size) && size) {
Base::auto_buf<PTOKEN_USER> buf(size);
CheckApi(::GetTokenInformation(hToken, TokenUser, buf, buf.size(), &size));
return Sid::get_name(buf->User.Sid);
}
return ustring();
}
WinAbsSD::WinAbsSD():
m_owner(nullptr),
m_group(nullptr),
m_dacl(nullptr),
m_sacl(nullptr)
{
LogTrace();
m_sd = alloc(SECURITY_DESCRIPTOR_MIN_LENGTH);
CheckApi(::InitializeSecurityDescriptor(m_sd, SECURITY_DESCRIPTOR_REVISION));
}
void read(PCWSTR path, astring &buf)
{
memory::auto_close<HANDLE> file(::CreateFileW(path, GENERIC_READ, 0, nullptr, OPEN_EXISTING,
FILE_FLAG_OPEN_REPARSE_POINT | FILE_FLAG_BACKUP_SEMANTICS,
nullptr));
if (file != INVALID_HANDLE_VALUE) {
DWORD size = (DWORD)get_size(file);
buf.reserve(size);
CheckApi(::ReadFile(file, (PWSTR )buf.c_str(), buf.size(), &size, nullptr));
}
}
bool is_enabled(HANDLE token, const LUID & priv)
{
BOOL ret = false;
PRIVILEGE_SET ps;
memory::zero(ps);
ps.PrivilegeCount = 1;
ps.Privilege[0].Luid = priv;
CheckApi(::PrivilegeCheck(token, &ps, &ret));
return ret;
}
uint64_t get_inode(PCWSTR path, size_t * nlink)
{
memory::auto_close<HANDLE> file(CheckHandle(::CreateFileW(path, FILE_READ_ATTRIBUTES,
FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
nullptr, OPEN_EXISTING,
FILE_FLAG_OPEN_REPARSE_POINT | FILE_FLAG_BACKUP_SEMANTICS,
nullptr)));
BY_HANDLE_FILE_INFORMATION info;
CheckApi(::GetFileInformationByHandle(file, &info));
if (nlink)
*nlink = info.nNumberOfLinks;
return make_uint64(info.nFileIndexHigh, info.nFileIndexLow);
}
Map::file_map_iterator & Map::file_map_iterator::operator ++()
{
m_impl->close();
if ((m_impl->m_seq->size() - m_impl->m_offs) > 0) {
if ((m_impl->m_seq->size() - m_impl->m_offs) < m_impl->m_seq->get_frame())
m_impl->m_size = m_impl->m_seq->size() - m_impl->m_offs;
ACCESS_MASK amask = (m_impl->m_seq->is_writeble()) ? FILE_MAP_WRITE : FILE_MAP_READ;
m_impl->m_data = ::MapViewOfFile(m_impl->m_seq->map(), amask, high_part_64(m_impl->m_offs), low_part_64(m_impl->m_offs), m_impl->m_size);
CheckApi(m_impl->m_data != nullptr);
m_impl->m_offs += m_impl->m_size;
}
return *this;
}
void ImplEnum::update()
{
PWTS_SESSION_INFOW all_info;
DWORD cnt = 0;
CheckApi(Wtsapi32_dll::inst().WTSEnumerateSessionsW(connection, 0, 1, &all_info, &cnt));
sessions.clear();
sessions.reserve(cnt);
for (DWORD i = 0; i < cnt; ++i) {
sessions.emplace_back(simstd::make_shared<ImplSessionInfo>(connection, all_info[i].SessionId, all_info[i].pWinStationName, all_info[i].State));
}
Wtsapi32_dll::inst().WTSFreeMemory(all_info);
}
WinAbsSD::WinAbsSD(const ustring& name, const ustring& group, bool prot):
m_owner(nullptr),
m_group(nullptr),
m_dacl(nullptr),
m_sacl(nullptr)
{
m_sd = alloc(SECURITY_DESCRIPTOR_MIN_LENGTH);
CheckApi(::InitializeSecurityDescriptor(m_sd, SECURITY_DESCRIPTOR_REVISION));
m_dacl = WinDacl::create(64);
if (!name.empty()) {
try {
Sid usr(name.c_str());
DWORD ownerSize = SECURITY_MAX_SID_SIZE;
m_owner = (PSID)::LocalAlloc(LPTR, ownerSize);
usr.copy_to(m_owner, ownerSize);
} catch (...) {
}
}
if (!group.empty()) {
try {
DWORD groupSize = SECURITY_MAX_SID_SIZE;
m_group = (PSID)::LocalAlloc(LPTR, groupSize);
Sid grp(group.c_str());
grp.copy_to(m_group, groupSize);
} catch (...) {
}
}
set_owner(m_sd, m_owner);
set_group(m_sd, m_group);
set_dacl(m_sd, m_dacl);
CheckApi(::IsValidSecurityDescriptor(m_sd));
set_protect(prot);
}
///==================================================================================== WinAbsSD
void WinAbsSD::Init(PSECURITY_DESCRIPTOR sd) {
m_owner = m_group = m_dacl = m_sacl = nullptr;
DWORD sdSize = SECURITY_DESCRIPTOR_MIN_LENGTH;
DWORD ownerSize = SECURITY_MAX_SID_SIZE;
DWORD groupSize = SECURITY_MAX_SID_SIZE;
DWORD daclSize = WinSD::get_dacl_size(sd);
DWORD saclSize = WinSD::get_sacl_size(sd);
m_sd = (PSECURITY_DESCRIPTOR)::LocalAlloc(LPTR, sdSize);
m_owner = (PSID)::LocalAlloc(LPTR, ownerSize);
m_group = (PSID)::LocalAlloc(LPTR, groupSize);
if (daclSize)
m_dacl = (PACL)::LocalAlloc(LPTR, daclSize);
if (saclSize)
m_sacl = (PACL)::LocalAlloc(LPTR, saclSize);
CheckApi(::MakeAbsoluteSD(sd, m_sd, &sdSize, m_dacl, &daclSize,
m_sacl, &saclSize, m_owner, &ownerSize, m_group, &groupSize));
}
Privilege::Privilege(PCWSTR priv_name)
: m_disable(false)
{
memory::auto_close<HANDLE> token;
if (::OpenProcessToken(::GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &token)) {
PRIVILEGE_SET ps;
memory::zero(ps);
ps.PrivilegeCount = 1;
ps.Privilege[0].Luid = privilege::as_luid(priv_name);
auto result = FALSE;
if (::PrivilegeCheck(token, &ps, &result) && !result) {
m_tp.PrivilegeCount = ps.PrivilegeCount;
m_tp.Privileges[0].Luid = ps.Privilege[0].Luid;
m_tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
m_disable = ::AdjustTokenPrivileges(token, false, &m_tp, sizeof(m_tp), nullptr, nullptr);
CheckApi(m_disable);
}
}
}
Item& ConfigRequest::execute(Item& svc) const
{
LogTrace("(%p)", static_cast<SC_HANDLE>(svc));
CheckApi(
::ChangeServiceConfigW(static_cast<SC_HANDLE>(svc),
serviceType,
(startType != SERVICE_NO_CHANGE) ? startType & 0xFFFF : startType,
errorControl,
binaryPathName,
loadOrderGroup,
tagId,
dependencies,
login,
passw,
displayName)
);
if (startType != SERVICE_NO_CHANGE) {
svc.set_delayed(startType == static_cast<DWORD>(Start::AUTO_DELAYED));
}
return svc;
}
uint64_t get_size(HANDLE handle)
{
LARGE_INTEGER size;
CheckApi(::GetFileSizeEx(handle, &size));
return size.QuadPart;
}
size_t write(HANDLE file, PCVOID data, size_t bytesToWrite)
{
DWORD bytesWritten = 0;
CheckApi(::WriteFile(file, data, bytesToWrite, &bytesWritten, nullptr));
return bytesWritten;
}
uint64_t get_size(const wchar_t* path)
{
WIN32_FILE_ATTRIBUTE_DATA info;
CheckApi(::GetFileAttributesExW(path, GetFileExInfoStandard, &info));
return make_uint64(info.nFileSizeHigh, info.nFileSizeLow);
}
void remove(const wchar_t* path)
{
LogTrace2(L"('%s')", path);
CheckApi(fsys::file::remove(path));
}
void link(const wchar_t* path, const wchar_t* new_path)
{
CheckApi(fsys::file::link(path, new_path));
}
uint64_t get_position(HANDLE handle)
{
LARGE_INTEGER pos;
CheckApi(::SetFilePointerEx(handle, pos, &pos, FILE_CURRENT));
return pos.QuadPart;
}
void set_position(HANDLE handle, uint64_t pos, DWORD m)
{
LARGE_INTEGER p;
p.QuadPart = pos;
CheckApi(::SetFilePointerEx(handle, p, nullptr, m));
}
