search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
update dev300-m57
[ooovba.git] / sal / osl / w32 / security.c
blobadf1b988a750dd8cf1aa4589d726ae0069ef444f
1 /*************************************************************************
2 *
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * Copyright 2008 by Sun Microsystems, Inc.
6 *
7 * OpenOffice.org - a multi-platform office productivity suite
8 *
9 * $RCSfile: security.c,v $
10 * $Revision: 1.14 $
11 *
12 * This file is part of OpenOffice.org.
13 *
14 * OpenOffice.org is free software: you can redistribute it and/or modify
15 * it under the terms of the GNU Lesser General Public License version 3
16 * only, as published by the Free Software Foundation.
17 *
18 * OpenOffice.org is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU Lesser General Public License version 3 for more details
22 * (a copy is included in the LICENSE file that accompanied this code).
23 *
24 * You should have received a copy of the GNU Lesser General Public License
25 * version 3 along with OpenOffice.org. If not, see
26 * <http://www.openoffice.org/license.html>
27 * for a copy of the LGPLv3 License.
28 *
29 ************************************************************************/
30
31
32 #include "system.h"
33
34 #include <osl/security.h>
35 #include <osl/diagnose.h>
36 #include <osl/thread.h>
37 #include <osl/file.h>
38 #include <systools/win32/uwinapi.h>
39 #include "secimpl.h"
40
41 /*****************************************************************************/
42 /* Data Type Definition */
43 /*****************************************************************************/
44
45
46 /* Data for use in (un)LoadProfile Functions */
47 /* Declarations based on USERENV.H for Windows 2000 Beta 2 */
48 #define PI_NOUI 0x00000001 // Prevents displaying of messages
49 #define PI_APPLYPOLICY 0x00000002 // Apply NT4 style policy
50
51 typedef struct _PROFILEINFOW {
52 DWORD dwSize; // Must be set to sizeof(PROFILEINFO)
53 DWORD dwFlags; // See flags above
54 LPWSTR lpUserName; // User name (required)
55 LPWSTR lpProfilePath; // Roaming profile path
56 LPWSTR lpDefaultPath; // Default user profile path
57 LPWSTR lpServerName; // Validating DC name in netbios format
58 LPWSTR lpPolicyPath; // Path to the NT4 style policy file
59 HANDLE hProfile; // Registry key handle - filled by function
60 } PROFILEINFOW, FAR * LPPROFILEINFOW;
61
62 /* Typedefs for function pointers in USERENV.DLL */
63 typedef BOOL (STDMETHODCALLTYPE FAR * LPFNLOADUSERPROFILE) (
64 HANDLE hToken,
65 LPPROFILEINFOW lpProfileInfo
66 );
67
68 typedef BOOL (STDMETHODCALLTYPE FAR * LPFNUNLOADUSERPROFILE) (
69 HANDLE hToken,
70 HANDLE hProfile
71 );
72
73 typedef BOOL (STDMETHODCALLTYPE FAR * LPFNGETUSERPROFILEDIR) (
74 HANDLE hToken,
75 LPTSTR lpProfileDir,
76 LPDWORD lpcchSize
77 );
78
79 /* To get an impersonation token we need to create an impersonation
80 duplicate so every access token has to be created with duplicate
81 access rights */
82
83 #define TOKEN_DUP_QUERY (TOKEN_QUERY|TOKEN_DUPLICATE)
84
85 /*****************************************************************************/
86 /* Static Module Function Declarations */
87 /*****************************************************************************/
88
89 static sal_Bool isWNT(void);
90 static sal_Bool GetSpecialFolder(rtl_uString **strPath,int nFolder);
91 static BOOL Privilege(LPTSTR pszPrivilege, BOOL bEnable);
92 static sal_Bool SAL_CALL getUserNameImpl(oslSecurity Security, rtl_uString **strName, sal_Bool bIncludeDomain);
93
94 /*****************************************************************************/
95 /* Exported Module Functions */
96 /*****************************************************************************/
97
98 oslSecurity SAL_CALL osl_getCurrentSecurity(void)
99 {
100 oslSecurityImpl* pSecImpl = malloc(sizeof(oslSecurityImpl));
101
102 pSecImpl->m_pNetResource = NULL;
103 pSecImpl->m_User[0] = '\0';
104 pSecImpl->m_hToken = NULL;
105 pSecImpl->m_hProfile = NULL;
106
107 return ((oslSecurity)pSecImpl);
108 }
109
110 oslSecurityError SAL_CALL osl_loginUser( rtl_uString *strUserName, rtl_uString *strPasswd, oslSecurity *pSecurity )
111 {
112 oslSecurityError ret;
113
114 if (!isWNT())
115 {
116 *pSecurity = osl_getCurrentSecurity();
117 ret = osl_Security_E_None;
118 }
119 else
120 {
121 sal_Unicode* strUser;
122 sal_Unicode* strDomain = _wcsdup(rtl_uString_getStr(strUserName));
123 HANDLE hUserToken;
124
125 #if OSL_DEBUG_LEVEL > 0
126 LUID luid;
127 #endif
128
129 if (NULL != (strUser = wcschr(strDomain, L'/')))
130 *strUser++ = L'\0';
131 else
132 {
133 strUser = strDomain;
134 strDomain = NULL;
135 }
136
137 // this process must have the right: 'act as a part of operatingsystem'
138 OSL_ASSERT(LookupPrivilegeValue(NULL, SE_TCB_NAME, &luid));
139
140 if (LogonUserW(strUser, strDomain ? strDomain : L"", rtl_uString_getStr(strPasswd),
141 LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
142 &hUserToken))
143 {
144 oslSecurityImpl* pSecImpl = malloc(sizeof(oslSecurityImpl));
145
146 pSecImpl->m_pNetResource = NULL;
147 pSecImpl->m_hToken = hUserToken;
148 pSecImpl->m_hProfile = NULL;
149 wcscpy(pSecImpl->m_User, strUser);
150
151 *pSecurity = (oslSecurity)pSecImpl;
152 ret = osl_Security_E_None;
153 }
154 else
155 ret = osl_Security_E_UserUnknown;
156
157 if (strDomain)
158 free(strDomain);
159 else
160 free(strUser);
161 }
162
163 return ret;
164 }
165
166 oslSecurityError SAL_CALL osl_loginUserOnFileServer(rtl_uString *strUserName,
167 rtl_uString *strPasswd,
168 rtl_uString *strFileServer,
169 oslSecurity *pSecurity)
170 {
171 oslSecurityError ret;
172 DWORD err;
173 NETRESOURCEW netResource;
174 sal_Unicode* remoteName;
175 sal_Unicode* userName;
176
177 remoteName = malloc(rtl_uString_getLength(strFileServer) + rtl_uString_getLength(strUserName) + 4);
178 userName = malloc(rtl_uString_getLength(strFileServer) + rtl_uString_getLength(strUserName) + 2);
179
180 wcscpy(remoteName, L"\\\\");
181 wcscat(remoteName, rtl_uString_getStr(strFileServer));
182 wcscat(remoteName, L"\\");
183 wcscat(remoteName, rtl_uString_getStr(strUserName));
184
185 wcscpy(userName, rtl_uString_getStr(strFileServer));
186 wcscat(userName, L"\\");
187 wcscat(userName, rtl_uString_getStr(strUserName));
188
189 netResource.dwScope = RESOURCE_GLOBALNET;
190 netResource.dwType = RESOURCETYPE_DISK;
191 netResource.dwDisplayType = RESOURCEDISPLAYTYPE_SHARE;
192 netResource.dwUsage = RESOURCEUSAGE_CONNECTABLE;
193 netResource.lpLocalName = NULL;
194 netResource.lpRemoteName = remoteName;
195 netResource.lpComment = NULL;
196 netResource.lpProvider = NULL;
197
198 err = WNetAddConnection2W(&netResource, rtl_uString_getStr(strPasswd), userName, 0);
199
200 if ((err == NO_ERROR) || (err == ERROR_ALREADY_ASSIGNED))
201 {
202 oslSecurityImpl* pSecImpl = malloc(sizeof(oslSecurityImpl));
203
204 pSecImpl->m_pNetResource = malloc(sizeof(NETRESOURCE));
205 *pSecImpl->m_pNetResource = netResource;
206
207 pSecImpl->m_hToken = NULL;
208 pSecImpl->m_hProfile = NULL;
209 wcscpy(pSecImpl->m_User, rtl_uString_getStr(strUserName));
210
211 *pSecurity = (oslSecurity)pSecImpl;
212
213 ret = osl_Security_E_None;
214 }
215 else
216 ret = osl_Security_E_UserUnknown;
217
218 free(remoteName);
219 free(userName);
220
221 return ret;
222 }
223
224
225 static BOOL WINAPI CheckTokenMembership_Stub( HANDLE TokenHandle, PSID SidToCheck, PBOOL IsMember )
226 {
227 typedef BOOL (WINAPI *CheckTokenMembership_PROC)( HANDLE, PSID, PBOOL );
228
229 static HMODULE hModule = NULL;
230 static CheckTokenMembership_PROC pCheckTokenMembership = NULL;
231
232 if ( !hModule )
233 {
234 /* SAL is always linked against ADVAPI32 so we can rely on that it is already mapped */
235
236 hModule = GetModuleHandleA( "ADVAPI32.DLL" );
237
238 pCheckTokenMembership = (CheckTokenMembership_PROC)GetProcAddress( hModule, "CheckTokenMembership" );
239 }
240
241 if ( pCheckTokenMembership )
242 return pCheckTokenMembership( TokenHandle, SidToCheck, IsMember );
243 else
244 {
245 SetLastError( ERROR_CALL_NOT_IMPLEMENTED );
246 return FALSE;
247 }
248
249 }
250
251
252 sal_Bool SAL_CALL osl_isAdministrator(oslSecurity Security)
253 {
254 if (Security != NULL)
255 {
256 /* ts: on Window 95 systems any user seems to be an adminstrator */
257 if (!isWNT())
258 {
259 return(sal_True);
260 }
261 else
262 {
263 HANDLE hImpersonationToken = NULL;
264 PSID psidAdministrators;
265 SID_IDENTIFIER_AUTHORITY siaNtAuthority = SECURITY_NT_AUTHORITY;
266 sal_Bool bSuccess = sal_False;
267
268
269 /* If Security contains an access token we need to duplicate it to an impersonation
270 access token. NULL works with CheckTokenMembership() as the current effective
271 impersonation token
272 */
273
274 if ( ((oslSecurityImpl*)Security)->m_hToken )
275 {
276 if ( !DuplicateToken (((oslSecurityImpl*)Security)->m_hToken, SecurityImpersonation, &hImpersonationToken) )
277 return sal_False;
278 }
279
280 /* CheckTokenMembership() can be used on W2K and higher (NT4 no longer supported by OOo)
281 and also works on Vista to retrieve the effective user rights. Just checking for
282 membership of Administrators group is not enough on Vista this would require additional
283 complicated checks as described in KB arcticle Q118626: http://support.microsoft.com/kb/118626/en-us
284 */
285
286 if (AllocateAndInitializeSid(&siaNtAuthority,
287 2,
288 SECURITY_BUILTIN_DOMAIN_RID,
289 DOMAIN_ALIAS_RID_ADMINS,
290 0, 0, 0, 0, 0, 0,
291 &psidAdministrators))
292 {
293 BOOL fSuccess = FALSE;
294
295 if ( CheckTokenMembership_Stub( hImpersonationToken, psidAdministrators, &fSuccess ) && fSuccess )
296 bSuccess = sal_True;
297
298 FreeSid(psidAdministrators);
299 }
300
301 if ( hImpersonationToken )
302 CloseHandle( hImpersonationToken );
303
304 return (bSuccess);
305 }
306 }
307 else
308 return (sal_False);
309 }
310
311
312 void SAL_CALL osl_freeSecurityHandle(oslSecurity Security)
313 {
314 if (Security)
315 {
316 oslSecurityImpl *pSecImpl = (oslSecurityImpl*)Security;
317
318 if (pSecImpl->m_pNetResource != NULL)
319 {
320 WNetCancelConnection2W(pSecImpl->m_pNetResource->lpRemoteName, 0, sal_True);
321
322 free(pSecImpl->m_pNetResource->lpRemoteName);
323 free(pSecImpl->m_pNetResource);
324 }
325
326 if (pSecImpl->m_hToken)
327 CloseHandle(pSecImpl->m_hToken);
328
329 if ( pSecImpl->m_hProfile )
330 CloseHandle(pSecImpl->m_hProfile);
331
332 free (pSecImpl);
333 }
334 }
335
336
337 sal_Bool SAL_CALL osl_getUserIdent(oslSecurity Security, rtl_uString **strIdent)
338 {
339 if (Security != NULL)
340 {
341 oslSecurityImpl *pSecImpl = (oslSecurityImpl*)Security;
342
343 HANDLE hAccessToken = pSecImpl->m_hToken;
344
345 if (hAccessToken == NULL)
346 OpenProcessToken(GetCurrentProcess(), TOKEN_DUP_QUERY, &hAccessToken);
347
348 if (hAccessToken)
349 {
350 sal_Char *Ident;
351 DWORD nInfoBuffer = 512;
352 UCHAR* pInfoBuffer = malloc(nInfoBuffer);
353
354
355 while (!GetTokenInformation(hAccessToken, TokenUser,
356 pInfoBuffer, nInfoBuffer, &nInfoBuffer))
357 {
358 if (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
359 pInfoBuffer = realloc(pInfoBuffer, nInfoBuffer);
360 else
361 {
362 free(pInfoBuffer);
363 pInfoBuffer = NULL;
364 break;
365 }
366 }
367
368 if (pSecImpl->m_hToken == NULL)
369 CloseHandle(hAccessToken);
370
371 if (pInfoBuffer)
372 {
373 PSID pSid = ((PTOKEN_USER)pInfoBuffer)->User.Sid;
374 PSID_IDENTIFIER_AUTHORITY psia;
375 DWORD dwSubAuthorities;
376 DWORD dwSidRev=SID_REVISION;
377 DWORD dwCounter;
378 DWORD dwSidSize;
379
380 /* obtain SidIdentifierAuthority */
381 psia=GetSidIdentifierAuthority(pSid);
382
383 /* obtain sidsubauthority count */
384 dwSubAuthorities=min(*GetSidSubAuthorityCount(pSid), 5);
385
386 /* buffer length: S-SID_REVISION- + identifierauthority- + subauthorities- + NULL */
387 Ident=malloc(88*sizeof(sal_Char));
388
389 /* prepare S-SID_REVISION- */
390 dwSidSize=wsprintf(Ident, TEXT("S-%lu-"), dwSidRev);
391
392 /* prepare SidIdentifierAuthority */
393 if ((psia->Value[0] != 0) || (psia->Value[1] != 0))
394 {
395 dwSidSize+=wsprintf(Ident + strlen(Ident),
396 TEXT("0x%02hx%02hx%02hx%02hx%02hx%02hx"),
397 (USHORT)psia->Value[0],
398 (USHORT)psia->Value[1],
399 (USHORT)psia->Value[2],
400 (USHORT)psia->Value[3],
401 (USHORT)psia->Value[4],
402 (USHORT)psia->Value[5]);
403 }
404 else
405 {
406 dwSidSize+=wsprintf(Ident + strlen(Ident),
407 TEXT("%lu"),
408 (ULONG)(psia->Value[5] ) +
409 (ULONG)(psia->Value[4] << 8) +
410 (ULONG)(psia->Value[3] << 16) +
411 (ULONG)(psia->Value[2] << 24) );
412 }
413
414 /* loop through SidSubAuthorities */
415 for (dwCounter=0; dwCounter < dwSubAuthorities; dwCounter++)
416 {
417 dwSidSize+=wsprintf(Ident + dwSidSize, TEXT("-%lu"),
418 *GetSidSubAuthority(pSid, dwCounter) );
419 }
420
421 rtl_uString_newFromAscii( strIdent, Ident );
422
423 free(pInfoBuffer);
424 free(Ident);
425
426 return (sal_True);
427 }
428 }
429 else
430 {
431 DWORD needed=0;
432 sal_Unicode *Ident;
433
434 WNetGetUserA(NULL, NULL, &needed);
435 needed = max( 16 , needed );
436 Ident=malloc(needed*sizeof(sal_Unicode));
437
438 if (WNetGetUserW(NULL, Ident, &needed) != NO_ERROR)
439 {
440 wcscpy(Ident, L"unknown");
441 Ident[7] = L'\0';
442 }
443
444 rtl_uString_newFromStr( strIdent, Ident);
445
446 free(Ident);
447
448 return sal_True;
449 }
450 }
451
452 return sal_False;
453 }
454
455
456
457 sal_Bool SAL_CALL osl_getUserName(oslSecurity Security, rtl_uString **strName)
458 {
459 return getUserNameImpl(Security, strName, sal_True);
460 }
461
462
463 sal_Bool SAL_CALL osl_getHomeDir(oslSecurity Security, rtl_uString **pustrDirectory)
464 {
465 rtl_uString *ustrSysDir = NULL;
466 sal_Bool bSuccess = sal_False;
467
468 if (Security != NULL)
469 {
470 oslSecurityImpl *pSecImpl = (oslSecurityImpl*)Security;
471
472 if (pSecImpl->m_pNetResource != NULL)
473 {
474 rtl_uString_newFromStr( &ustrSysDir, pSecImpl->m_pNetResource->lpRemoteName);
475
476 bSuccess = (sal_Bool)(osl_File_E_None == osl_getFileURLFromSystemPath( ustrSysDir, pustrDirectory ));
477 }
478 else
479 {
480 #if 0
481 if (pSecImpl->m_hToken)
482 {
483 DWORD nInfoBuffer = 512;
484 UCHAR* pInfoBuffer = malloc(nInfoBuffer);
485
486 while (!GetTokenInformation(pSecImpl->m_hToken, TokenUser,
487 pInfoBuffer, nInfoBuffer, &nInfoBuffer))
488 {
489 if (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
490 pInfoBuffer = realloc(pInfoBuffer, nInfoBuffer);
491 else
492 {
493 free(pInfoBuffer);
494 pInfoBuffer = NULL;
495 break;
496 }
497 }
498
499 /* not implemented */
500 OSL_ASSERT(sal_False);
501
502 if (pInfoBuffer)
503 {
504 /* if (EqualSid() ... */
505
506 }
507 }
508 else
509 #endif
510
511 bSuccess = (sal_Bool)(GetSpecialFolder(&ustrSysDir, CSIDL_PERSONAL) &&
512 (osl_File_E_None == osl_getFileURLFromSystemPath(ustrSysDir, pustrDirectory)));
513 }
514 }
515
516 if ( ustrSysDir )
517 rtl_uString_release( ustrSysDir );
518
519 return bSuccess;
520 }
521
522 sal_Bool SAL_CALL osl_getConfigDir(oslSecurity Security, rtl_uString **pustrDirectory)
523 {
524 sal_Bool bSuccess = sal_False;
525
526 if (Security != NULL)
527 {
528 oslSecurityImpl *pSecImpl = (oslSecurityImpl*)Security;
529
530 if (pSecImpl->m_pNetResource != NULL)
531 {
532 rtl_uString *ustrSysDir = NULL;
533
534 rtl_uString_newFromStr( &ustrSysDir, pSecImpl->m_pNetResource->lpRemoteName);
535 bSuccess = (sal_Bool)(osl_File_E_None == osl_getFileURLFromSystemPath( ustrSysDir, pustrDirectory));
536
537 if ( ustrSysDir )
538 rtl_uString_release( ustrSysDir );
539 }
540 else
541 {
542 if (pSecImpl->m_hToken)
543 {
544 /* not implemented */
545 OSL_ASSERT(sal_False);
546 }
547 else
548 {
549 rtl_uString *ustrFile = NULL;
550 sal_Unicode sFile[_MAX_PATH];
551
552 if ( !GetSpecialFolder( &ustrFile, CSIDL_APPDATA) )
553 {
554 OSL_VERIFY(GetWindowsDirectoryW(sFile, _MAX_DIR) > 0);
555
556 rtl_uString_newFromStr( &ustrFile, sFile);
557 }
558
559 bSuccess = (sal_Bool)(osl_File_E_None == osl_getFileURLFromSystemPath(ustrFile, pustrDirectory));
560
561 if ( ustrFile )
562 rtl_uString_release( ustrFile );
563 }
564 }
565 }
566
567 return bSuccess;
568 }
569
570
571 sal_Bool SAL_CALL osl_loadUserProfile(oslSecurity Security)
572 {
573 /* CreateProcessAsUser does not load the specified user's profile
574 into the HKEY_USERS registry key. This means that access to information
575 in the HKEY_CURRENT_USER registry key may not produce results consistent
576 with a normal interactive logon.
577 It is your responsibility to load the user's registry hive into HKEY_USERS
578 with the LoadUserProfile function before calling CreateProcessAsUser.
579 */
580 BOOL bOk = FALSE;
581
582 RegCloseKey(HKEY_CURRENT_USER);
583
584 if (Privilege(SE_RESTORE_NAME, TRUE))
585 {
586 HMODULE hUserEnvLib = NULL;
587 LPFNLOADUSERPROFILE fLoadUserProfile = NULL;
588 LPFNUNLOADUSERPROFILE fUnloadUserProfile = NULL;
589 HANDLE hAccessToken = ((oslSecurityImpl*)Security)->m_hToken;
590 DWORD nError = 0;
591
592 /* try to create user profile */
593 if ( !hAccessToken )
594 {
595 /* retrieve security handle if not done before e.g. osl_getCurrentSecurity()
596 */
597 HANDLE hProcess = GetCurrentProcess();
598
599 if (hProcess != NULL)
600 {
601 OpenProcessToken(hProcess, TOKEN_IMPERSONATE, &hAccessToken);
602 CloseHandle(hProcess);
603 }
604 }
605
606 hUserEnvLib = LoadLibraryA("userenv.dll");
607
608 if (hUserEnvLib)
609 {
610 fLoadUserProfile = (LPFNLOADUSERPROFILE)GetProcAddress(hUserEnvLib, "LoadUserProfileW");
611 fUnloadUserProfile = (LPFNUNLOADUSERPROFILE)GetProcAddress(hUserEnvLib, "UnloadUserProfile");
612
613 if (fLoadUserProfile && fUnloadUserProfile)
614 {
615 rtl_uString *buffer = 0;
616 PROFILEINFOW pi;
617
618 getUserNameImpl(Security, &buffer, sal_False);
619
620 ZeroMemory( &pi, sizeof(pi) );
621 pi.dwSize = sizeof(pi);
622 pi.lpUserName = rtl_uString_getStr(buffer);
623 pi.dwFlags = PI_NOUI;
624
625 if (fLoadUserProfile(hAccessToken, &pi))
626 {
627 fUnloadUserProfile(hAccessToken, pi.hProfile);
628
629 bOk = TRUE;
630 }
631 else
632 nError = GetLastError();
633
634 rtl_uString_release(buffer);
635 }
636
637 FreeLibrary(hUserEnvLib);
638 }
639
640 if (hAccessToken && (hAccessToken != ((oslSecurityImpl*)Security)->m_hToken))
641 CloseHandle(hAccessToken);
642 }
643
644 return (sal_Bool)bOk;
645 }
646
647
648 void SAL_CALL osl_unloadUserProfile(oslSecurity Security)
649 {
650 if ( ((oslSecurityImpl*)Security)->m_hProfile != NULL )
651 {
652 HMODULE hUserEnvLib = NULL;
653 LPFNLOADUSERPROFILE fLoadUserProfile = NULL;
654 LPFNUNLOADUSERPROFILE fUnloadUserProfile = NULL;
655 BOOL bOk = FALSE;
656 HANDLE hAccessToken = ((oslSecurityImpl*)Security)->m_hToken;
657
658 if ( !hAccessToken )
659 {
660 /* retrieve security handle if not done before e.g. osl_getCurrentSecurity()
661 */
662 HANDLE hProcess = GetCurrentProcess();
663
664 if (hProcess != NULL)
665 {
666 OpenProcessToken(hProcess, TOKEN_IMPERSONATE, &hAccessToken);
667 CloseHandle(hProcess);
668 }
669 }
670
671 hUserEnvLib = LoadLibrary("userenv.dll");
672
673 if (hUserEnvLib)
674 {
675 fLoadUserProfile = (LPFNLOADUSERPROFILE)GetProcAddress(hUserEnvLib, "LoadUserProfileA");
676 fUnloadUserProfile = (LPFNUNLOADUSERPROFILE)GetProcAddress(hUserEnvLib, "UnloadUserProfile");
677
678 if (fLoadUserProfile && fUnloadUserProfile)
679 {
680 /* unloading the user profile */
681 if (fLoadUserProfile && fUnloadUserProfile)
682 bOk = fUnloadUserProfile(hAccessToken, ((oslSecurityImpl*)Security)->m_hProfile);
683
684 if (hUserEnvLib)
685 FreeLibrary(hUserEnvLib);
686 }
687 }
688
689 ((oslSecurityImpl*)Security)->m_hProfile;
690
691 if (hAccessToken && (hAccessToken != ((oslSecurityImpl*)Security)->m_hToken))
692 {
693 CloseHandle(hAccessToken);
694 }
695 }
696 }
697
698 /*****************************************************************************/
699 /* Static Module Functions */
700 /*****************************************************************************/
701
702
703 static sal_Bool GetSpecialFolder(rtl_uString **strPath, int nFolder)
704 {
705 sal_Bool bRet = sal_False;
706 HINSTANCE hLibrary;
707 sal_Char PathA[_MAX_PATH];
708 sal_Unicode PathW[_MAX_PATH];
709
710 if ((hLibrary = LoadLibrary("shell32.dll")) != NULL)
711 {
712 BOOL (WINAPI *pSHGetSpecialFolderPathA)(HWND, LPSTR, int, BOOL);
713 BOOL (WINAPI *pSHGetSpecialFolderPathW)(HWND, LPWSTR, int, BOOL);
714
715 pSHGetSpecialFolderPathA = (BOOL (WINAPI *)(HWND, LPSTR, int, BOOL))GetProcAddress(hLibrary, "SHGetSpecialFolderPathA");
716 pSHGetSpecialFolderPathW = (BOOL (WINAPI *)(HWND, LPWSTR, int, BOOL))GetProcAddress(hLibrary, "SHGetSpecialFolderPathW");
717
718 if (pSHGetSpecialFolderPathA)
719 {
720 if (pSHGetSpecialFolderPathA(GetActiveWindow(), PathA, nFolder, TRUE))
721 {
722 rtl_string2UString( strPath, PathA, strlen(PathA), osl_getThreadTextEncoding(), OUSTRING_TO_OSTRING_CVTFLAGS);
723 OSL_ASSERT(*strPath != NULL);
724 bRet = sal_True;
725 }
726 }
727 else if (pSHGetSpecialFolderPathW)
728 {
729 if (pSHGetSpecialFolderPathW(GetActiveWindow(), PathW, nFolder, TRUE))
730 {
731 rtl_uString_newFromStr( strPath, PathW);
732 bRet = sal_True;
733 }
734 }
735 else
736 {
737 HRESULT (WINAPI *pSHGetSpecialFolderLocation)(HWND, int, LPITEMIDLIST *) = (HRESULT (WINAPI *)(HWND, int, LPITEMIDLIST *))GetProcAddress(hLibrary, "SHGetSpecialFolderLocation");
738 BOOL (WINAPI *pSHGetPathFromIDListA)(LPCITEMIDLIST, LPSTR) = (BOOL (WINAPI *)(LPCITEMIDLIST, LPSTR))GetProcAddress(hLibrary, "SHGetPathFromIDListA");
739 BOOL (WINAPI *pSHGetPathFromIDListW)(LPCITEMIDLIST, LPWSTR) = (BOOL (WINAPI *)(LPCITEMIDLIST, LPWSTR))GetProcAddress(hLibrary, "SHGetPathFromIDListW");
740 HRESULT (WINAPI *pSHGetMalloc)(LPMALLOC *) = (HRESULT (WINAPI *)(LPMALLOC *))GetProcAddress(hLibrary, "SHGetMalloc");
741
742
743 if (pSHGetSpecialFolderLocation && (pSHGetPathFromIDListA || pSHGetPathFromIDListW ) && pSHGetMalloc )
744 {
745 LPITEMIDLIST pidl;
746 LPMALLOC pMalloc;
747 HRESULT hr;
748
749 hr = pSHGetSpecialFolderLocation(GetActiveWindow(), nFolder, &pidl);
750
751 /* Get SHGetSpecialFolderLocation fails if directory does not exists. */
752 /* If it fails we try to create the directory and redo the call */
753 if (! SUCCEEDED(hr))
754 {
755 HKEY hRegKey;
756
757 if (RegOpenKey(HKEY_CURRENT_USER,
758 "Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Shell Folders",
759 &hRegKey) == ERROR_SUCCESS)
760 {
761 LONG lRet;
762 DWORD lSize = elementsof(PathA);
763 DWORD Type = REG_SZ;
764
765 switch (nFolder)
766 {
767 case CSIDL_APPDATA:
768 lRet = RegQueryValueEx(hRegKey, "AppData", NULL, &Type, (LPBYTE)PathA, &lSize);
769 break;
770
771 case CSIDL_PERSONAL:
772 lRet = RegQueryValueEx(hRegKey, "Personal", NULL, &Type, (LPBYTE)PathA, &lSize);
773 break;
774
775 default:
776 lRet = -1l;
777 }
778
779 if ((lRet == ERROR_SUCCESS) && (Type == REG_SZ))
780 {
781 if (_access(PathA, 0) < 0)
782 CreateDirectory(PathA, NULL);
783
784 hr = pSHGetSpecialFolderLocation(GetActiveWindow(), nFolder, &pidl);
785 }
786
787 RegCloseKey(hRegKey);
788 }
789 }
790
791 if (SUCCEEDED(hr))
792 {
793 if (pSHGetPathFromIDListW && pSHGetPathFromIDListW(pidl, PathW))
794 {
795 /* if directory does not exist, create it */
796 if (_waccess(PathW, 0) < 0)
797 CreateDirectoryW(PathW, NULL);
798
799 rtl_uString_newFromStr( strPath, PathW);
800 bRet = sal_True;
801 }
802 else if (pSHGetPathFromIDListA && pSHGetPathFromIDListA(pidl, PathA))
803 {
804 /* if directory does not exist, create it */
805 if (_access(PathA, 0) < 0)
806 CreateDirectoryA(PathA, NULL);
807
808 rtl_string2UString( strPath, PathA, strlen(PathA), osl_getThreadTextEncoding(), OUSTRING_TO_OSTRING_CVTFLAGS);
809 OSL_ASSERT(*strPath != NULL);
810 bRet = sal_True;
811 }
812 }
813
814 if (SUCCEEDED(pSHGetMalloc(&pMalloc)))
815 {
816 pMalloc->lpVtbl->Free(pMalloc, pidl);
817 pMalloc->lpVtbl->Release(pMalloc);
818 }
819 }
820 }
821 }
822
823 FreeLibrary(hLibrary);
824
825 return (bRet);
826 }
827
828
829 static sal_Bool isWNT(void)
830 {
831 static sal_Bool isInit = sal_False;
832 static sal_Bool isWNT = sal_False;
833
834 if (!isInit)
835 {
836 OSVERSIONINFO VersionInformation =
837
838 {
839 sizeof(OSVERSIONINFO),
840 0,
841 0,
842 0,
843 0,
844 "",
845 };
846
847 if (
848 GetVersionEx(&VersionInformation) &&
849 (VersionInformation.dwPlatformId == VER_PLATFORM_WIN32_NT)
850 )
851 {
852 isWNT = sal_True;
853 }
854
855 isInit = sal_True;
856 }
857
858 return(isWNT);
859 }
860
861 static BOOL Privilege(LPTSTR strPrivilege, BOOL bEnable)
862 {
863 HANDLE hToken;
864 TOKEN_PRIVILEGES tp;
865
866 /*
867 obtain the processes token
868 */
869 if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_DUP_QUERY, &hToken))
870 return FALSE;
871
872 /*
873 get the luid
874 */
875 if (!LookupPrivilegeValue(NULL, strPrivilege, &tp.Privileges[0].Luid))
876 return FALSE;
877
878 tp.PrivilegeCount = 1;
879
880 if (bEnable)
881 tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
882 else
883 tp.Privileges[0].Attributes = 0;
884
885 /*
886 enable or disable the privilege
887 */
888 if (!AdjustTokenPrivileges(hToken, FALSE, &tp, 0, (PTOKEN_PRIVILEGES)NULL, 0))
889 return FALSE;
890
891 if (!CloseHandle(hToken))
892 return FALSE;
893
894 return TRUE;
895 }
896
897 static sal_Bool SAL_CALL getUserNameImpl(oslSecurity Security, rtl_uString **strName, sal_Bool bIncludeDomain)
898 {
899 if (Security != NULL)
900 {
901 oslSecurityImpl *pSecImpl = (oslSecurityImpl*)Security;
902
903 HANDLE hAccessToken = pSecImpl->m_hToken;
904
905 if (hAccessToken == NULL)
906 OpenProcessToken(GetCurrentProcess(), TOKEN_DUP_QUERY, &hAccessToken);
907
908 if (hAccessToken)
909 {
910 DWORD nInfoBuffer = 512;
911 UCHAR* pInfoBuffer = malloc(nInfoBuffer);
912
913 while (!GetTokenInformation(hAccessToken, TokenUser,
914 pInfoBuffer, nInfoBuffer, &nInfoBuffer))
915 {
916 if (GetLastError() == ERROR_INSUFFICIENT_BUFFER)
917 pInfoBuffer = realloc(pInfoBuffer, nInfoBuffer);
918 else
919 {
920 free(pInfoBuffer);
921 pInfoBuffer = NULL;
922 break;
923 }
924 }
925
926 if (pSecImpl->m_hToken == NULL)
927 CloseHandle(hAccessToken);
928
929 if (pInfoBuffer)
930 {
931 sal_Unicode UserName[128];
932 sal_Unicode DomainName[128];
933 sal_Unicode Name[257];
934 DWORD nUserName = sizeof(UserName);
935 DWORD nDomainName = sizeof(DomainName);
936 SID_NAME_USE sUse;
937
938 if (LookupAccountSidW(NULL, ((PTOKEN_USER)pInfoBuffer)->User.Sid,
939 UserName, &nUserName,
940 DomainName, &nDomainName, &sUse))
941 {
942 if (bIncludeDomain)
943 {
944 wcscpy(Name, DomainName);
945 wcscat(Name, L"/");
946 wcscat(Name, UserName);
947 }
948 else
949 {
950 wcscpy(Name, UserName);
951 }
952 }
953 rtl_uString_newFromStr( strName, Name);
954
955 free(pInfoBuffer);
956
957 return (sal_True);
958 }
959 }
960 else
961 {
962 DWORD needed=0;
963 sal_Unicode *pNameW=NULL;
964
965 WNetGetUserW(NULL, NULL, &needed);
966 pNameW = malloc (needed*sizeof(sal_Unicode));
967
968 if (WNetGetUserW(NULL, pNameW, &needed) == NO_ERROR)
969 {
970 rtl_uString_newFromStr( strName, pNameW);
971
972 if (pNameW)
973 free(pNameW);
974 return (sal_True);
975 }
976 else
977 if (wcslen(pSecImpl->m_User) > 0)
978 {
979 rtl_uString_newFromStr( strName, pSecImpl->m_pNetResource->lpRemoteName);
980
981 if (pNameW)
982 free(pNameW);
983
984 return (sal_True);
985 }
986
987 if (pNameW)
988 free(pNameW);
989 }
990 }
991
992 return sal_False;
993 }
994
vba interoperability for OOo