1 files changed, 89 insertions, 17 deletions
diff --git a/src/libs/dutil/WixToolset.DUtil/procutil.cpp b/src/libs/dutil/WixToolset.DUtil/procutil.cpp
index 29f575ae..376aec6d 100644
--- a/src/libs/dutil/WixToolset.DUtil/procutil.cpp
+++ b/src/libs/dutil/WixToolset.DUtil/procutil.cpp
@@ -85,7 +85,7 @@ extern "C" HRESULT DAPI ProcSystem(
    HRESULT hr = S_OK;
    TOKEN_USER* pTokenUser = NULL;
-    hr = ProcTokenUser(hProcess, &pTokenUser);
+    hr = ProcGetTokenInformation(hProcess, TokenUser, reinterpret_cast<LPVOID*>(&pTokenUser));
    ProcExitOnFailure(hr, "Failed to get TokenUser from process token.");
    *pfSystem = ::IsWellKnownSid(pTokenUser->User.Sid, WinLocalSystemSid);
@@ -96,15 +96,16 @@ LExit:
    return hr;
 }
-extern "C" HRESULT DAPI ProcTokenUser(
+extern "C" HRESULT DAPI ProcGetTokenInformation(
    __in HANDLE hProcess,
-    __out TOKEN_USER** ppTokenUser
+    __in TOKEN_INFORMATION_CLASS tokenInformationClass,
+    __out LPVOID* ppvTokenInformation
    )
 {
    HRESULT hr = S_OK;
    DWORD er = ERROR_SUCCESS;
    HANDLE hToken = NULL;
-    TOKEN_USER* pTokenUser = NULL;
+    LPVOID pvTokenInformation = NULL;
    DWORD cbToken = 0;
    if (!::OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))
@@ -112,33 +113,104 @@ extern "C" HRESULT DAPI ProcTokenUser(
        ProcExitWithLastError(hr, "Failed to open process token.");
    }
-    if (::GetTokenInformation(hToken, TokenUser, pTokenUser, 0, &cbToken))
+    if (!::GetTokenInformation(hToken, tokenInformationClass, pvTokenInformation, 0, &cbToken))
-    {
-        er = ERROR_SUCCESS;
-    }
-    else
    {
        er = ::GetLastError();
    }
    if (er != ERROR_INSUFFICIENT_BUFFER)
    {
-        ProcExitOnWin32Error(er, hr, "Failed to get user from process token size.");
+        ProcExitOnWin32Error(er, hr, "Failed to get information from process token size.");
    }
-    pTokenUser = reinterpret_cast<TOKEN_USER*>(MemAlloc(cbToken, TRUE));
+    pvTokenInformation = MemAlloc(cbToken, TRUE);
-    ProcExitOnNull(pTokenUser, hr, E_OUTOFMEMORY, "Failed to allocate token information.");
+    ProcExitOnNull(pvTokenInformation, hr, E_OUTOFMEMORY, "Failed to allocate token information.");
-    if (!::GetTokenInformation(hToken, TokenUser, pTokenUser, cbToken, &cbToken))
+    if (!::GetTokenInformation(hToken, tokenInformationClass, pvTokenInformation, cbToken, &cbToken))
    {
-        ProcExitWithLastError(hr, "Failed to get user from process token.");
+        ProcExitWithLastError(hr, "Failed to get information from process token.");
    }
-    *ppTokenUser = pTokenUser;
+    *ppvTokenInformation = pvTokenInformation;
-    pTokenUser = NULL;
+    pvTokenInformation = NULL;
+LExit:
+    ReleaseMem(pvTokenInformation);
+    ReleaseHandle(hToken);
+    return hr;
+}
+extern "C" HRESULT DAPI ProcHasPrivilege(
+    __in HANDLE hProcess,
+    __in LPCWSTR wzPrivilegeName,
+    __out BOOL* pfHasPrivilege
+    )
+{
+    HRESULT hr = S_OK;
+    TOKEN_PRIVILEGES* pTokenPrivileges = NULL;
+    LUID luidPrivilege = { };
+    *pfHasPrivilege = FALSE;
+    if (!::LookupPrivilegeValueW(NULL, wzPrivilegeName, &luidPrivilege))
+    {
+        ProcExitWithLastError(hr, "Failed to get privilege LUID: %ls", wzPrivilegeName);
+    }
+    hr = ProcGetTokenInformation(hProcess, TokenPrivileges, reinterpret_cast<LPVOID*>(&pTokenPrivileges));
+    ProcExitOnFailure(hr, "Failed to get token privilege information.");
+    for (DWORD i = 0; i < pTokenPrivileges->PrivilegeCount; ++i)
+    {
+        LUID* pTokenLuid = &pTokenPrivileges->Privileges[i].Luid;
+        if (luidPrivilege.LowPart == pTokenLuid->LowPart && luidPrivilege.HighPart == pTokenLuid->HighPart)
+        {
+            *pfHasPrivilege = TRUE;
+            break;
+        }
+    }
+LExit:
+    ReleaseMem(pTokenPrivileges);
+    return hr;
+}
+extern "C" HRESULT DAPI ProcEnablePrivilege(
+    __in HANDLE hProcess,
+    __in LPCWSTR wzPrivilegeName
+    )
+{
+    HRESULT hr = S_OK;
+    HANDLE hToken = NULL;
+    TOKEN_PRIVILEGES priv = { };
+    priv.PrivilegeCount = 1;
+    priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
+    if (!::LookupPrivilegeValueW(NULL, wzPrivilegeName, &priv.Privileges[0].Luid))
+    {
+        ProcExitWithLastError(hr, "Failed to get privilege LUID: %ls", wzPrivilegeName);
+    }
+    if (!::OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES, &hToken))
+    {
+        ProcExitWithLastError(hr, "Failed to get process token to adjust privileges.");
+    }
+    if (!::AdjustTokenPrivileges(hToken, FALSE, &priv, sizeof(TOKEN_PRIVILEGES), NULL, 0))
+    {
+        ProcExitWithLastError(hr, "Failed to adjust token to add privilege: %ls", wzPrivilegeName);
+    }
+    if (ERROR_NOT_ALL_ASSIGNED == ::GetLastError())
+    {
+        hr = S_FALSE;
+    }
 LExit:
-    ReleaseMem(pTokenUser);
    ReleaseHandle(hToken);
    return hr;

diff --git a/src/libs/dutil/WixToolset.DUtil/procutil.cpp b/src/libs/dutil/WixToolset.DUtil/procutil.cpp index 29f575ae..376aec6d 100644 --- a/src/libs/dutil/WixToolset.DUtil/procutil.cpp +++ b/src/libs/dutil/WixToolset.DUtil/procutil.cpp
@@ -85,7 +85,7 @@ extern "C" HRESULT DAPI ProcSystem(
85	HRESULT hr = S_OK;	85	HRESULT hr = S_OK;
86	TOKEN_USER* pTokenUser = NULL;	86	TOKEN_USER* pTokenUser = NULL;
87		87
88	hr = ProcTokenUser(hProcess, &pTokenUser);	88	hr = ProcGetTokenInformation(hProcess, TokenUser, reinterpret_cast<LPVOID*>(&pTokenUser));
89	ProcExitOnFailure(hr, "Failed to get TokenUser from process token.");	89	ProcExitOnFailure(hr, "Failed to get TokenUser from process token.");
90		90
91	*pfSystem = ::IsWellKnownSid(pTokenUser->User.Sid, WinLocalSystemSid);	91	*pfSystem = ::IsWellKnownSid(pTokenUser->User.Sid, WinLocalSystemSid);
@@ -96,15 +96,16 @@ LExit:
96	return hr;	96	return hr;
97	}	97	}
98		98
99	extern "C" HRESULT DAPI ProcTokenUser(	99	extern "C" HRESULT DAPI ProcGetTokenInformation(
100	__in HANDLE hProcess,	100	__in HANDLE hProcess,
101	__out TOKEN_USER** ppTokenUser	101	__in TOKEN_INFORMATION_CLASS tokenInformationClass,
		102	__out LPVOID* ppvTokenInformation
102	)	103	)
103	{	104	{
104	HRESULT hr = S_OK;	105	HRESULT hr = S_OK;
105	DWORD er = ERROR_SUCCESS;	106	DWORD er = ERROR_SUCCESS;
106	HANDLE hToken = NULL;	107	HANDLE hToken = NULL;
107	TOKEN_USER* pTokenUser = NULL;	108	LPVOID pvTokenInformation = NULL;
108	DWORD cbToken = 0;	109	DWORD cbToken = 0;
109		110
110	if (!::OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))	111	if (!::OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))
@@ -112,33 +113,104 @@ extern "C" HRESULT DAPI ProcTokenUser(
112	ProcExitWithLastError(hr, "Failed to open process token.");	113	ProcExitWithLastError(hr, "Failed to open process token.");
113	}	114	}
114		115
115	if (::GetTokenInformation(hToken, TokenUser, pTokenUser, 0, &cbToken))	116	if (!::GetTokenInformation(hToken, tokenInformationClass, pvTokenInformation, 0, &cbToken))
116	{
117	er = ERROR_SUCCESS;
118	}
119	else
120	{	117	{
121	er = ::GetLastError();	118	er = ::GetLastError();
122	}	119	}
123		120
124	if (er != ERROR_INSUFFICIENT_BUFFER)	121	if (er != ERROR_INSUFFICIENT_BUFFER)
125	{	122	{
126	ProcExitOnWin32Error(er, hr, "Failed to get user from process token size.");	123	ProcExitOnWin32Error(er, hr, "Failed to get information from process token size.");
127	}	124	}
128		125
129	pTokenUser = reinterpret_cast<TOKEN_USER*>(MemAlloc(cbToken, TRUE));	126	pvTokenInformation = MemAlloc(cbToken, TRUE);
130	ProcExitOnNull(pTokenUser, hr, E_OUTOFMEMORY, "Failed to allocate token information.");	127	ProcExitOnNull(pvTokenInformation, hr, E_OUTOFMEMORY, "Failed to allocate token information.");
131		128
132	if (!::GetTokenInformation(hToken, TokenUser, pTokenUser, cbToken, &cbToken))	129	if (!::GetTokenInformation(hToken, tokenInformationClass, pvTokenInformation, cbToken, &cbToken))
133	{	130	{
134	ProcExitWithLastError(hr, "Failed to get user from process token.");	131	ProcExitWithLastError(hr, "Failed to get information from process token.");
135	}	132	}
136		133
137	*ppTokenUser = pTokenUser;	134	*ppvTokenInformation = pvTokenInformation;
138	pTokenUser = NULL;	135	pvTokenInformation = NULL;
		136
		137	LExit:
		138	ReleaseMem(pvTokenInformation);
		139	ReleaseHandle(hToken);
		140
		141	return hr;
		142	}
		143
		144	extern "C" HRESULT DAPI ProcHasPrivilege(
		145	__in HANDLE hProcess,
		146	__in LPCWSTR wzPrivilegeName,
		147	__out BOOL* pfHasPrivilege
		148	)
		149	{
		150	HRESULT hr = S_OK;
		151	TOKEN_PRIVILEGES* pTokenPrivileges = NULL;
		152	LUID luidPrivilege = { };
		153
		154	*pfHasPrivilege = FALSE;
		155
		156	if (!::LookupPrivilegeValueW(NULL, wzPrivilegeName, &luidPrivilege))
		157	{
		158	ProcExitWithLastError(hr, "Failed to get privilege LUID: %ls", wzPrivilegeName);
		159	}
		160
		161	hr = ProcGetTokenInformation(hProcess, TokenPrivileges, reinterpret_cast<LPVOID*>(&pTokenPrivileges));
		162	ProcExitOnFailure(hr, "Failed to get token privilege information.");
		163
		164	for (DWORD i = 0; i < pTokenPrivileges->PrivilegeCount; ++i)
		165	{
		166	LUID* pTokenLuid = &pTokenPrivileges->Privileges[i].Luid;
		167
		168	if (luidPrivilege.LowPart == pTokenLuid->LowPart && luidPrivilege.HighPart == pTokenLuid->HighPart)
		169	{
		170	*pfHasPrivilege = TRUE;
		171	break;
		172	}
		173	}
		174
		175	LExit:
		176	ReleaseMem(pTokenPrivileges);
		177
		178	return hr;
		179	}
		180
		181	extern "C" HRESULT DAPI ProcEnablePrivilege(
		182	__in HANDLE hProcess,
		183	__in LPCWSTR wzPrivilegeName
		184	)
		185	{
		186	HRESULT hr = S_OK;
		187	HANDLE hToken = NULL;
		188	TOKEN_PRIVILEGES priv = { };
		189
		190	priv.PrivilegeCount = 1;
		191	priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
		192
		193	if (!::LookupPrivilegeValueW(NULL, wzPrivilegeName, &priv.Privileges[0].Luid))
		194	{
		195	ProcExitWithLastError(hr, "Failed to get privilege LUID: %ls", wzPrivilegeName);
		196	}
		197
		198	if (!::OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES, &hToken))
		199	{
		200	ProcExitWithLastError(hr, "Failed to get process token to adjust privileges.");
		201	}
		202
		203	if (!::AdjustTokenPrivileges(hToken, FALSE, &priv, sizeof(TOKEN_PRIVILEGES), NULL, 0))
		204	{
		205	ProcExitWithLastError(hr, "Failed to adjust token to add privilege: %ls", wzPrivilegeName);
		206	}
		207
		208	if (ERROR_NOT_ALL_ASSIGNED == ::GetLastError())
		209	{
		210	hr = S_FALSE;
		211	}
139		212
140	LExit:	213	LExit:
141	ReleaseMem(pTokenUser);
142	ReleaseHandle(hToken);	214	ReleaseHandle(hToken);
143		215
144	return hr;	216	return hr;