PSID get_user_sid(void) { HANDLE proc = NULL, tok = NULL; TOKEN_USER *user = NULL; DWORD toklen, sidlen; PSID sid = NULL, ret = NULL; if (usersid) return usersid; if (!got_advapi()) goto cleanup; if ((proc = OpenProcess(MAXIMUM_ALLOWED, FALSE, GetCurrentProcessId())) == NULL) goto cleanup; if (!p_OpenProcessToken(proc, TOKEN_QUERY, &tok)) goto cleanup; if (!p_GetTokenInformation(tok, TokenUser, NULL, 0, &toklen) && GetLastError() != ERROR_INSUFFICIENT_BUFFER) goto cleanup; if ((user = (TOKEN_USER *)LocalAlloc(LPTR, toklen)) == NULL) goto cleanup; if (!p_GetTokenInformation(tok, TokenUser, user, toklen, &toklen)) goto cleanup; sidlen = GetLengthSid(user->User.Sid); sid = (PSID)smalloc(sidlen); if (!CopySid(sidlen, sid, user->User.Sid)) goto cleanup; /* Success. Move sid into the return value slot, and null it out * to stop the cleanup code freeing it. */ ret = usersid = sid; sid = NULL; cleanup: if (proc != NULL) CloseHandle(proc); if (tok != NULL) CloseHandle(tok); if (user != NULL) LocalFree(user); if (sid != NULL) sfree(sid); return ret; }
/* * Setup privileges we think we will need. We probably do not need * the SE_SECURITY_NAME, but since nothing seems to be working, * we get it hoping to fix the problems. */ int win32_enable_backup_privileges() { int ret=0; HANDLE hToken; HANDLE hProcess; if(!p_OpenProcessToken) return 0; /* No avail on this OS */ hProcess=OpenProcess(PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId()); // Get a token for this process. if(!p_OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) { logp("Could not OpenProcessToken\n"); /* Forge on anyway */ } if(enable_priv(hToken, SE_BACKUP_NAME)) ret=-1; if(enable_priv(hToken, SE_RESTORE_NAME)) ret=-1; /* enable_priv(hToken, SE_SECURITY_NAME); enable_priv(hToken, SE_TAKE_OWNERSHIP_NAME); enable_priv(hToken, SE_ASSIGNPRIMARYTOKEN_NAME); enable_priv(hToken, SE_SYSTEM_ENVIRONMENT_NAME); enable_priv(hToken, SE_CREATE_TOKEN_NAME); enable_priv(hToken, SE_MACHINE_ACCOUNT_NAME); enable_priv(hToken, SE_TCB_NAME); enable_priv(hToken, SE_CREATE_PERMANENT_NAME); */ CloseHandle(hToken); CloseHandle(hProcess); if(ret) { logp("Some privileges were not enabled.\n\n"); logp("Are you running as Administrator?\n\n"); } return ret; }