changeset 1010:1c1964c27b39 runafterinstall

(issue54) commit work in progress on start after installation
author Andre Heinecke <andre.heinecke@intevation.de>
date Tue, 02 Sep 2014 14:25:40 +0200
parents 7dff5c0c569c
children fd85a02d771d cc7a5c12a429
files CMakeLists.txt cinst/nssstore_win.c common/util.c common/util.h packaging/CMakeLists.txt packaging/create-dist-package.sh.in packaging/exdll.h packaging/safer_run_as.c packaging/trustbridge.nsi packaging/win-createpackage.sh.in
diffstat 10 files changed, 280 insertions(+), 39 deletions(-) [+]
line wrap: on
line diff
--- a/CMakeLists.txt	Tue Sep 02 10:54:51 2014 +0200
+++ b/CMakeLists.txt	Tue Sep 02 14:25:40 2014 +0200
@@ -141,12 +141,7 @@
    add_subdirectory(manuals)
 endif()
 
-# Configure packaging script for testing
-configure_file (packaging/win-createpackage.sh.in packaging/win-createpackage.sh @ONLY)
-configure_file (packaging/create-dist-package.sh.in packaging/create-dist-package.sh @ONLY)
-configure_file (packaging/linux-createpackage.sh.in packaging/linux-createpackage.sh @ONLY)
-configure_file (packaging/linux-installer.inc.in packaging/linux-installer.inc @ONLY)
-configure_file (packaging/linux-installer.l10n-de packaging/linux-installer.l10n-de COPYONLY)
+add_subdirectory(packaging)
 
 if (ENABLE_PROFILING)
    configure_file (make-coverage.sh.in make-coverage.sh)
--- a/cinst/nssstore_win.c	Tue Sep 02 10:54:51 2014 +0200
+++ b/cinst/nssstore_win.c	Tue Sep 02 14:25:40 2014 +0200
@@ -39,7 +39,6 @@
 */
 
 #include <windows.h>
-#include <winsafer.h>
 #include <sddl.h>
 #include <stdio.h>
 #include <stdbool.h>
@@ -98,34 +97,6 @@
   xfree (item);
 }
 
-/** @brief get a restricted access token to execute nss process
-  *
-  * This function uses the Software Restriction API to obtain the
-  * access token for a process run als normal user.
-  *
-  * @returns A restricted handle or NULL on error.
-  */
-static HANDLE
-get_restricted_token()
-{
-  SAFER_LEVEL_HANDLE user_level = NULL;
-  HANDLE retval = NULL;
-  if (!SaferCreateLevel(SAFER_SCOPEID_USER,
-                        SAFER_LEVELID_NORMALUSER,
-                        SAFER_LEVEL_OPEN, &user_level, NULL))
-    {
-      PRINTLASTERROR ("Failed to create user level.\n");
-      return NULL;
-    }
-
-  if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL))
-    {
-      SaferCloseLevel(user_level);
-      return NULL;
-    }
-
-  return retval;
-}
 
 /**@brief Write strv of instructions to a handle
 *
--- a/common/util.c	Tue Sep 02 10:54:51 2014 +0200
+++ b/common/util.c	Tue Sep 02 14:25:40 2014 +0200
@@ -16,6 +16,7 @@
 #include <grp.h>
 #include <string.h>
 #else
+#include <winsafer.h>
 #include <windows.h>
 #include <accctrl.h>
 #include <aclapi.h>
@@ -724,3 +725,56 @@
   return retval;
 }
 #endif
+
+#ifdef WIN32
+/** @brief get a restricted access token
+  *
+  * This function uses the Software Restriction API to obtain the
+  * access token for a process run als normal user.
+  *
+  * @returns A restricted handle or NULL on error.
+  */
+HANDLE
+get_restricted_token()
+{
+  SAFER_LEVEL_HANDLE user_level = NULL;
+  HANDLE retval = NULL;
+  if (!SaferCreateLevel(SAFER_SCOPEID_USER,
+                        SAFER_LEVELID_NORMALUSER,
+                        SAFER_LEVEL_OPEN, &user_level, NULL))
+    {
+      PRINTLASTERROR ("Failed to create user level.\n");
+      return NULL;
+    }
+
+  if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL))
+    {
+      SaferCloseLevel(user_level);
+      return NULL;
+    }
+
+  return retval;
+}
+
+HANDLE
+get_normal_token()
+{
+  SAFER_LEVEL_HANDLE user_level = NULL;
+  HANDLE retval = NULL;
+  if (!SaferCreateLevel(SAFER_SCOPEID_USER,
+                        SAFER_LEVELID_NORMALUSER,
+                        SAFER_LEVEL_OPEN, &user_level, NULL))
+    {
+      PRINTLASTERROR ("Failed to create user level.\n");
+      return NULL;
+    }
+
+  if (!SaferComputeTokenFromLevel(user_level, NULL, &retval, 0, NULL))
+    {
+      SaferCloseLevel(user_level);
+      return NULL;
+    }
+
+  return retval;
+}
+#endif
--- a/common/util.h	Tue Sep 02 10:54:51 2014 +0200
+++ b/common/util.h	Tue Sep 02 14:25:40 2014 +0200
@@ -136,6 +136,23 @@
   */
 bool create_restricted_directory (LPWSTR path);
 
+/** @brief get a restricted access token to execute nss process
+  *
+  * This function uses the Software Restriction API to obtain the
+  * access token for a process run als normal user.
+  *
+  * @returns A restricted handle or NULL on error.
+  */
+HANDLE get_restricted_token();
+
+/** @brief get a normal user access token
+  *
+  * The trusted acces token is not elevated but has the normal user rights.
+  *
+  * @returns A normal user handle or NULL on error.
+  */
+HANDLE get_normal_token();
+
 #endif
 
 #ifdef __cplusplus
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/packaging/CMakeLists.txt	Tue Sep 02 14:25:40 2014 +0200
@@ -0,0 +1,22 @@
+# Configure packaging script for testing
+configure_file (win-createpackage.sh.in win-createpackage.sh @ONLY)
+configure_file (create-dist-package.sh.in create-dist-package.sh @ONLY)
+configure_file (linux-createpackage.sh.in linux-createpackage.sh @ONLY)
+configure_file (linux-installer.inc.in linux-installer.inc @ONLY)
+configure_file (linux-installer.l10n-de linux-installer.l10n-de COPYONLY)
+
+if (WIN32)
+   # Build the nss safer plugin.
+   include_directories(${CMAKE_SOURCE_DIR}/common)
+
+   add_library(saferrunas SHARED safer_run_as.c)
+   target_link_libraries(saferrunas
+      trustbridge_common
+      -luserenv
+      -lshell32
+      -lcrypt32
+      -lssp
+      ${POLARSSL_LIBRARIES}) # trustbridge_common pulls it in.
+   set_target_properties(saferrunas PROPERTIES PREFIX "")
+   set_target_properties(saferrunas PROPERTIES OUTPUT_NAME "SaferRunAs")
+endif()
--- a/packaging/create-dist-package.sh.in	Tue Sep 02 10:54:51 2014 +0200
+++ b/packaging/create-dist-package.sh.in	Tue Sep 02 14:25:40 2014 +0200
@@ -58,6 +58,7 @@
 # Create a temporary NSIS file for the uninstaller cration
 LC_ALL="de_DE.latin-1" makensis -Dfiles_dir=$TMPDIR/windows \
     -Dcompany="Bundesamt für Sicherheit in der Informationstechnik" \
+    -Dplugin_dir="@CMAKE_CURRENT_BINARY_DIR@" \
     -Dversion_number=@PROJECT_VERSION@ \
     -Dsetupname="$TMPDIR/TrustBridge-@PROJECT_VERSION@-uni.exe" \
     -Dproductname="TrustBridge" \
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/packaging/exdll.h	Tue Sep 02 14:25:40 2014 +0200
@@ -0,0 +1,106 @@
+/* exdll.h for use with gpg4win
+ * Copyright (C) 1999-2005 Nullsoft, Inc.
+ * 
+ * This license applies to everything in the NSIS package, except
+ * where otherwise noted.
+ * 
+ * This software is provided 'as-is', without any express or implied
+ * warranty. In no event will the authors be held liable for any
+ * damages arising from the use of this software.
+ * 
+ * Permission is granted to anyone to use this software for any
+ * purpose, including commercial applications, and to alter it and
+ * redistribute it freely, subject to the following restrictions:
+ * 
+ * 1. The origin of this software must not be misrepresented; you must
+ *    not claim that you wrote the original software. If you use this
+ *    software in a product, an acknowledgment in the product
+ *    documentation would be appreciated but is not required.
+ * 
+ * 2. Altered source versions must be plainly marked as such, and must
+ *    not be misrepresented as being the original software.
+ * 
+ * 3. This notice may not be removed or altered from any source
+ *    distribution.
+ ************************************************************
+ * 2005-11-14 wk  Applied license text to orginal exdll.h file from
+ *                NSIS 2.0.4 and did some formatting changes.
+ */
+
+#ifndef _EXDLL_H_
+#define _EXDLL_H_
+
+/* only include this file from one place in your DLL.  (it is all
+   static, if you use it in two places it will fail) */
+
+#define EXDLL_INIT()           {  \
+        g_stringsize=(unsigned int)string_size; \
+        g_stacktop=stacktop;      \
+        g_variables=variables; }
+
+/* For page showing plug-ins */
+#define WM_NOTIFY_OUTER_NEXT (WM_USER+0x8)
+#define WM_NOTIFY_CUSTOM_READY (WM_USER+0xd)
+#define NOTIFY_BYE_BYE 'x'
+
+typedef struct _stack_t {
+  struct _stack_t *next;
+  char text[1];          /* This should be the length of string_size. */
+} stack_t;
+
+
+static unsigned int g_stringsize;
+static stack_t **g_stacktop;
+static char *g_variables;
+
+enum
+  {
+    INST_0,         // $0
+    INST_1,         // $1
+    INST_2,         // $2
+    INST_3,         // $3
+    INST_4,         // $4
+    INST_5,         // $5
+    INST_6,         // $6
+    INST_7,         // $7
+    INST_8,         // $8
+    INST_9,         // $9
+    INST_R0,        // $R0
+    INST_R1,        // $R1
+    INST_R2,        // $R2
+    INST_R3,        // $R3
+    INST_R4,        // $R4
+    INST_R5,        // $R5
+    INST_R6,        // $R6
+    INST_R7,        // $R7
+    INST_R8,        // $R8
+    INST_R9,        // $R9
+    INST_CMDLINE,   // $CMDLINE
+    INST_INSTDIR,   // $INSTDIR
+    INST_OUTDIR,    // $OUTDIR
+    INST_EXEDIR,    // $EXEDIR
+    INST_LANG,      // $LANGUAGE
+    __INST_LAST
+};
+
+typedef struct {
+  int autoclose;
+  int all_user_var;
+  int exec_error;
+  int abort;
+  int exec_reboot;
+  int reboot_called;
+  int XXX_cur_insttype; /* deprecated */
+  int XXX_insttype_changed; /* deprecated */
+  int silent;
+  int instdir_error;
+  int rtl;
+  int errlvl;
+} exec_flags_t;
+
+typedef struct {
+  exec_flags_t *exec_flags;
+  int (__stdcall *ExecuteCodeSegment)(int, HWND);
+} extra_parameters_t;
+
+#endif//_EXDLL_H_
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/packaging/safer_run_as.c	Tue Sep 02 14:25:40 2014 +0200
@@ -0,0 +1,67 @@
+#include <windows.h>
+#include "exdll.h"
+#include "util.h"
+#include "logging.h"
+
+static HINSTANCE g_hInstance; /* Our Instance. */
+static HWND g_hwndParent;     /* Handle of parent window or NULL. */
+
+#define UNUSED(x) (void)(x)
+
+/* Standard entry point for DLLs. */
+int WINAPI
+DllMain (HANDLE hinst, DWORD reason, LPVOID reserved)
+{
+  UNUSED(reserved);
+  if (reason == DLL_PROCESS_ATTACH)
+    g_hInstance = hinst;
+  return TRUE;
+}
+
+void __declspec(dllexport) __cdecl Exec(HWND hwndParent,
+                                        int string_size,
+                                        char *variables,
+                                        stack_t **stacktop)
+{
+  HANDLE restricted_token = NULL;
+  STARTUPINFO si;
+  PROCESS_INFORMATION pi;
+
+  EXDLL_INIT();
+
+  UNUSED(hwndParent);
+  UNUSED(g_hwndParent);
+
+  memset(&si, 0, sizeof(STARTUPINFO));
+
+  if (!stacktop || !*stacktop || !(*stacktop)->text)
+    {
+      ERRORPRINTF ("Invalid call to exec\n");
+      return;
+    }
+
+  restricted_token = get_normal_token();
+
+  if (restricted_token == NULL || restricted_token == INVALID_HANDLE_VALUE)
+    {
+      ERRORPRINTF ("Failed to obtain restricted token.\n");
+      return;
+    }
+
+  if (CreateProcessAsUser(restricted_token,
+                          0,
+                          (*stacktop)->text,
+                          0,
+                          0,
+                          FALSE,
+                          CREATE_NEW_CONSOLE,
+                          0,
+                          0,
+                          &si,
+                          &pi))
+    {
+      CloseHandle(pi.hProcess);
+      CloseHandle(pi.hThread);
+    }
+}
+
--- a/packaging/trustbridge.nsi	Tue Sep 02 10:54:51 2014 +0200
+++ b/packaging/trustbridge.nsi	Tue Sep 02 14:25:40 2014 +0200
@@ -27,6 +27,8 @@
 !define MULTIUSER_INSTALLMODE_INSTDIR_REGISTRY_VALUENAME ""
 !define MULTIUSER_INSTALLMODE_INSTDIR "${productname_short}"
 
+!addplugindir "${plugin_dir}"
+
 !include "MultiUser.nsh"
 !include "MUI2.nsh"
 !include "FileFunc.nsh"
@@ -93,9 +95,9 @@
 Computer installliert. $\r$\n$\r$\n\
 Klicken Sie auf 'Fertig stellen', um den Installations-Assistenten\
 zu schließen."
-;!define MUI_FINISHPAGE_RUN $INSTDIR\trustbridge.exe
-;!define MUI_FINISHPAGE_RUN_TEXT "Anwendung starten"
-;!define MUI_FINISHPAGE_RUN_FUNCTION RunAsUser
+!define MUI_FINISHPAGE_RUN $INSTDIR\trustbridge.exe
+!define MUI_FINISHPAGE_RUN_TEXT "Anwendung starten"
+!define MUI_FINISHPAGE_RUN_FUNCTION RunAsUser
 !define MUI_FINISHPAGE_LINK "Mehr unter ${info_url}"
 !define MUI_FINISHPAGE_LINK_LOCATION "${info_url}"
 
@@ -186,7 +188,8 @@
 ; the UI elevated as this could be a security
 ; problem.
 Function RunAsUser
-  ExecShell "" "$INSTDIR\trustbridge.exe"
+  SaferRunAs::Exec "cmd.exe"
+  ;$INSTDIR\trustbridge.exe"
 FunctionEnd
 
 ;--------------------------------
@@ -258,6 +261,9 @@
 
   !insertmacro MUI_STARTMENU_WRITE_END
 done:
+  StrCmp $is_update '1' run_silent dont_run
+run_silent:
+dont_run:
 
 SectionEnd
 
--- a/packaging/win-createpackage.sh.in	Tue Sep 02 10:54:51 2014 +0200
+++ b/packaging/win-createpackage.sh.in	Tue Sep 02 14:25:40 2014 +0200
@@ -26,6 +26,7 @@
 
 makensis -Dfiles_dir=$TMPDIR \
     -Dcompany="Bundesamt für Sicherheit in der Informationstechnik" \
+    -Dplugin_dir="@CMAKE_CURRENT_BINARY_DIR@" \
     -Dversion_number=@PROJECT_VERSION@ \
     -Dsetupname="$TMPINST" \
     -Dproductname="TrustBridge" \
@@ -41,6 +42,7 @@
 
 makensis -Dfiles_dir=$TMPDIR \
     -Dcompany="Bundesamt für Sicherheit in der Informationstechnik" \
+    -Dplugin_dir="@CMAKE_CURRENT_BINARY_DIR@" \
     -Dversion_number=@PROJECT_VERSION@ \
     -Dsetupname="@CMAKE_BINARY_DIR@/TrustBridge-@PROJECT_VERSION@.exe" \
     -Dproductname="TrustBridge" \

http://wald.intevation.org/projects/trustbridge/