#if DARWIN
#include <mach-o/ldsyms.h>
#include <mach-o/dyld.h>
+#elif WINDOWS
+#include <windows.h>
#endif
+
#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__)
#define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file (kind, "util", syscall, filename)
*
* @param binary the name of the file to check.
* W32: must not have an .exe suffix.
- * @return GNUNET_YES if the file is SUID,
- * GNUNET_NO if not SUID (but binary exists)
+ * @param check_suid input true if the binary should be checked for SUID (*nix)
+ * W32: checks if the program has sufficient privileges by executing this
+ * binary with the -d flag. -d omits a programs main loop and only
+ * executes all privileged operations in an binary.
+ * @param params parameters used for w32 privilege checking (can be NULL for != w32 )
+ * @return GNUNET_YES if the file is SUID (*nix) or can be executed with current privileges (W32),
+ * GNUNET_NO if not SUID (but binary exists),
* GNUNET_SYSERR on error (no such binary or not executable)
*/
int
-GNUNET_OS_check_helper_binary (const char *binary)
+GNUNET_OS_check_helper_binary (const char *binary, int check_suid, const char *params)
{
struct stat statbuf;
char *p;
char *pf;
#ifdef MINGW
- SOCKET rawsock;
char *binaryexe;
GNUNET_asprintf (&binaryexe, "%s.exe", binary);
GNUNET_free (p);
return GNUNET_SYSERR;
}
+ if (check_suid){
#ifndef MINGW
- if ((0 != (statbuf.st_mode & S_ISUID)) && (0 == statbuf.st_uid))
- {
- GNUNET_free (p);
- return GNUNET_YES;
- }
- /* binary exists, but not SUID */
- GNUNET_free (p);
- return GNUNET_NO;
-#else
- GNUNET_free (p);
- {
- static int once; /* remember result from previous runs... */
-
- if (0 == once)
+ if ((0 != (statbuf.st_mode & S_ISUID)) && (0 == statbuf.st_uid))
{
- rawsock = socket (AF_INET, SOCK_RAW, IPPROTO_ICMP);
- if (INVALID_SOCKET == rawsock)
- {
- DWORD err = GetLastError ();
-
- LOG (GNUNET_ERROR_TYPE_DEBUG,
- "socket (AF_INET, SOCK_RAW, IPPROTO_ICMP) failed! GLE = %d\n", err);
- once = -1;
- return GNUNET_NO; /* not running as administrator */
- }
- once = 1;
- closesocket (rawsock);
+ GNUNET_free (p);
+ return GNUNET_YES;
}
- if (-1 == once)
- return GNUNET_NO;
- return GNUNET_YES;
- }
+ /* binary exists, but not SUID */
+#else
+ STARTUPINFO start;
+ char parameters[512];
+ PROCESS_INFORMATION proc;
+ DWORD exit_value;
+
+ GNUNET_snprintf (parameters,
+ sizeof (parameters),
+ "-d %s", params);
+ memset (&start, 0, sizeof (start));
+ start.cb = sizeof (start);
+ memset (&proc, 0, sizeof (proc));
+
+
+ // Start the child process.
+ if ( ! (CreateProcess( p, // current windows (2k3 and up can handle / instead of \ in paths))
+ parameters, // execute dryrun/priviliege checking mode
+ NULL, // Process handle not inheritable
+ NULL, // Thread handle not inheritable
+ FALSE, // Set handle inheritance to FALSE
+ CREATE_DEFAULT_ERROR_MODE, // No creation flags
+ NULL, // Use parent's environment block
+ NULL, // Use parent's starting directory
+ &start, // Pointer to STARTUPINFO structure
+ &proc ) // Pointer to PROCESS_INFORMATION structure
+ ))
+ {
+ LOG (GNUNET_ERROR_TYPE_ERROR,
+ _("CreateProcess failed for binary %s (%d).\n"),
+ p, GetLastError());
+ return GNUNET_SYSERR;
+ }
+
+ // Wait until child process exits.
+ WaitForSingleObject( proc.hProcess, INFINITE );
+
+ if ( ! GetExitCodeProcess (proc.hProcess, &exit_value)){
+ LOG (GNUNET_ERROR_TYPE_ERROR,
+ _("GetExitCodeProcess failed for binary %s (%d).\n"),
+ p, GetLastError() );
+ return GNUNET_SYSERR;
+ }
+ // Close process and thread handles.
+ CloseHandle( proc.hProcess );
+ CloseHandle( proc.hThread );
+
+ if (!exit_value)
+ return GNUNET_YES;
#endif
+ }
+ GNUNET_free (p);
+ return GNUNET_NO;
}
projects / oweals / gnunet.git / blobdiff