| Index: rlz/win/lib/rlz_lib_win.cc
|
| diff --git a/rlz/win/lib/rlz_lib_win.cc b/rlz/win/lib/rlz_lib_win.cc
|
| deleted file mode 100644
|
| index e7b145e132cb6079f62f264e583677f567d9023d..0000000000000000000000000000000000000000
|
| --- a/rlz/win/lib/rlz_lib_win.cc
|
| +++ /dev/null
|
| @@ -1,260 +0,0 @@
|
| -// Copyright (c) 2012 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -//
|
| -// A library to manage RLZ information for access-points shared
|
| -// across different client applications.
|
| -
|
| -#include "rlz/win/lib/rlz_lib.h"
|
| -
|
| -#include <windows.h>
|
| -#include <aclapi.h>
|
| -#include <winerror.h>
|
| -
|
| -#include "base/basictypes.h"
|
| -#include "base/win/registry.h"
|
| -#include "base/win/windows_version.h"
|
| -#include "rlz/lib/assert.h"
|
| -#include "rlz/lib/rlz_value_store.h"
|
| -#include "rlz/win/lib/machine_deal.h"
|
| -#include "rlz/win/lib/rlz_value_store_registry.h"
|
| -
|
| -namespace {
|
| -
|
| -// Path to recursively copy into the replacemment hives. These are needed
|
| -// to make sure certain win32 APIs continue to run correctly once the real
|
| -// hives are replaced.
|
| -const wchar_t* kHKLMAccessProviders =
|
| - L"System\\CurrentControlSet\\Control\\Lsa\\AccessProviders";
|
| -
|
| -// Helper functions
|
| -
|
| -void CopyRegistryTree(const base::win::RegKey& src, base::win::RegKey* dest) {
|
| - // First copy values.
|
| - for (base::win::RegistryValueIterator i(src.Handle(), L"");
|
| - i.Valid(); ++i) {
|
| - dest->WriteValue(i.Name(), reinterpret_cast<const void*>(i.Value()),
|
| - i.ValueSize(), i.Type());
|
| - }
|
| -
|
| - // Next copy subkeys recursively.
|
| - for (base::win::RegistryKeyIterator i(src.Handle(), L"");
|
| - i.Valid(); ++i) {
|
| - base::win::RegKey subkey(dest->Handle(), i.Name(), KEY_ALL_ACCESS);
|
| - CopyRegistryTree(base::win::RegKey(src.Handle(), i.Name(), KEY_READ),
|
| - &subkey);
|
| - }
|
| -}
|
| -
|
| -} // namespace anonymous
|
| -
|
| -
|
| -namespace rlz_lib {
|
| -
|
| -// OEM Deal confirmation storage functions.
|
| -
|
| -template<class T>
|
| -class typed_buffer_ptr {
|
| - scoped_array<char> buffer_;
|
| -
|
| - public:
|
| - typed_buffer_ptr() {
|
| - }
|
| -
|
| - explicit typed_buffer_ptr(size_t size) : buffer_(new char[size]) {
|
| - }
|
| -
|
| - void reset(size_t size) {
|
| - buffer_.reset(new char[size]);
|
| - }
|
| -
|
| - operator T*() {
|
| - return reinterpret_cast<T*>(buffer_.get());
|
| - }
|
| -};
|
| -
|
| -// Check if this SID has the desired access by scanning the ACEs in the DACL.
|
| -// This function is part of the rlz_lib namespace so that it can be called from
|
| -// unit tests. Non-unit test code should not call this function.
|
| -bool HasAccess(PSID sid, ACCESS_MASK access_mask, ACL* dacl) {
|
| - if (dacl == NULL)
|
| - return false;
|
| -
|
| - ACL_SIZE_INFORMATION info;
|
| - if (!GetAclInformation(dacl, &info, sizeof(info), AclSizeInformation))
|
| - return false;
|
| -
|
| - GENERIC_MAPPING generic_mapping = {KEY_READ, KEY_WRITE, KEY_EXECUTE,
|
| - KEY_ALL_ACCESS};
|
| - MapGenericMask(&access_mask, &generic_mapping);
|
| -
|
| - for (DWORD i = 0; i < info.AceCount; ++i) {
|
| - ACCESS_ALLOWED_ACE* ace;
|
| - if (GetAce(dacl, i, reinterpret_cast<void**>(&ace))) {
|
| - if ((ace->Header.AceFlags & INHERIT_ONLY_ACE) == INHERIT_ONLY_ACE)
|
| - continue;
|
| -
|
| - PSID existing_sid = reinterpret_cast<PSID>(&ace->SidStart);
|
| - DWORD mask = ace->Mask;
|
| - MapGenericMask(&mask, &generic_mapping);
|
| -
|
| - if (ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE &&
|
| - (mask & access_mask) == access_mask && EqualSid(existing_sid, sid))
|
| - return true;
|
| -
|
| - if (ace->Header.AceType == ACCESS_DENIED_ACE_TYPE &&
|
| - (mask & access_mask) != 0 && EqualSid(existing_sid, sid))
|
| - return false;
|
| - }
|
| - }
|
| -
|
| - return false;
|
| -}
|
| -
|
| -bool CreateMachineState() {
|
| - LibMutex lock;
|
| - if (lock.failed())
|
| - return false;
|
| -
|
| - base::win::RegKey hklm_key;
|
| - if (hklm_key.Create(HKEY_LOCAL_MACHINE,
|
| - RlzValueStoreRegistry::GetWideLibKeyName().c_str(),
|
| - KEY_ALL_ACCESS | KEY_WOW64_32KEY) != ERROR_SUCCESS) {
|
| - ASSERT_STRING("rlz_lib::CreateMachineState: "
|
| - "Unable to create / open machine key.");
|
| - return false;
|
| - }
|
| -
|
| - // Create a SID that represents ALL USERS.
|
| - DWORD users_sid_size = SECURITY_MAX_SID_SIZE;
|
| - typed_buffer_ptr<SID> users_sid(users_sid_size);
|
| - CreateWellKnownSid(WinBuiltinUsersSid, NULL, users_sid, &users_sid_size);
|
| -
|
| - // Get the security descriptor for the registry key.
|
| - DWORD original_sd_size = 0;
|
| - ::RegGetKeySecurity(hklm_key.Handle(), DACL_SECURITY_INFORMATION, NULL,
|
| - &original_sd_size);
|
| - typed_buffer_ptr<SECURITY_DESCRIPTOR> original_sd(original_sd_size);
|
| -
|
| - LONG result = ::RegGetKeySecurity(hklm_key.Handle(),
|
| - DACL_SECURITY_INFORMATION, original_sd, &original_sd_size);
|
| - if (result != ERROR_SUCCESS) {
|
| - ASSERT_STRING("rlz_lib::CreateMachineState: "
|
| - "Unable to create / open machine key.");
|
| - return false;
|
| - }
|
| -
|
| - // Make a copy of the security descriptor so we can modify it. The one
|
| - // returned by RegGetKeySecurity() is self-relative, so we need to make it
|
| - // absolute.
|
| - DWORD new_sd_size = 0;
|
| - DWORD dacl_size = 0;
|
| - DWORD sacl_size = 0;
|
| - DWORD owner_size = 0;
|
| - DWORD group_size = 0;
|
| - ::MakeAbsoluteSD(original_sd, NULL, &new_sd_size, NULL, &dacl_size,
|
| - NULL, &sacl_size, NULL, &owner_size,
|
| - NULL, &group_size);
|
| -
|
| - typed_buffer_ptr<SECURITY_DESCRIPTOR> new_sd(new_sd_size);
|
| - // Make sure the DACL is big enough to add one more ACE.
|
| - typed_buffer_ptr<ACL> dacl(dacl_size + SECURITY_MAX_SID_SIZE);
|
| - typed_buffer_ptr<ACL> sacl(sacl_size);
|
| - typed_buffer_ptr<SID> owner(owner_size);
|
| - typed_buffer_ptr<SID> group(group_size);
|
| -
|
| - if (!::MakeAbsoluteSD(original_sd, new_sd, &new_sd_size, dacl, &dacl_size,
|
| - sacl, &sacl_size, owner, &owner_size,
|
| - group, &group_size)) {
|
| - ASSERT_STRING("rlz_lib::CreateMachineState: MakeAbsoluteSD failed");
|
| - return false;
|
| - }
|
| -
|
| - // If all users already have read/write access to the registry key, then
|
| - // nothing to do. Otherwise change the security descriptor of the key to
|
| - // give everyone access.
|
| - if (HasAccess(users_sid, KEY_ALL_ACCESS, dacl)) {
|
| - return false;
|
| - }
|
| -
|
| - // Add ALL-USERS ALL-ACCESS ACL.
|
| - EXPLICIT_ACCESS ea;
|
| - ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS));
|
| - ea.grfAccessPermissions = GENERIC_ALL | KEY_ALL_ACCESS;
|
| - ea.grfAccessMode = GRANT_ACCESS;
|
| - ea.grfInheritance= SUB_CONTAINERS_AND_OBJECTS_INHERIT;
|
| - ea.Trustee.TrusteeForm = TRUSTEE_IS_NAME;
|
| - ea.Trustee.ptstrName = L"Everyone";
|
| -
|
| - ACL* new_dacl = NULL;
|
| - result = SetEntriesInAcl(1, &ea, dacl, &new_dacl);
|
| - if (result != ERROR_SUCCESS) {
|
| - ASSERT_STRING("rlz_lib::CreateMachineState: SetEntriesInAcl failed");
|
| - return false;
|
| - }
|
| -
|
| - BOOL ok = SetSecurityDescriptorDacl(new_sd, TRUE, new_dacl, FALSE);
|
| - if (!ok) {
|
| - ASSERT_STRING("rlz_lib::CreateMachineState: "
|
| - "SetSecurityDescriptorOwner failed");
|
| - LocalFree(new_dacl);
|
| - return false;
|
| - }
|
| -
|
| - result = ::RegSetKeySecurity(hklm_key.Handle(),
|
| - DACL_SECURITY_INFORMATION,
|
| - new_sd);
|
| - // Note that the new DACL cannot be freed until after the call to
|
| - // RegSetKeySecurity().
|
| - LocalFree(new_dacl);
|
| -
|
| - bool success = true;
|
| - if (result != ERROR_SUCCESS) {
|
| - ASSERT_STRING("rlz_lib::CreateMachineState: "
|
| - "Unable to create / open machine key.");
|
| - success = false;
|
| - }
|
| -
|
| -
|
| - return success;
|
| -}
|
| -
|
| -bool SetMachineDealCode(const char* dcc) {
|
| - return MachineDealCode::Set(dcc);
|
| -}
|
| -
|
| -bool GetMachineDealCodeAsCgi(char* cgi, size_t cgi_size) {
|
| - return MachineDealCode::GetAsCgi(cgi, cgi_size);
|
| -}
|
| -
|
| -bool GetMachineDealCode(char* dcc, size_t dcc_size) {
|
| - return MachineDealCode::Get(dcc, dcc_size);
|
| -}
|
| -
|
| -// Combined functions.
|
| -
|
| -bool SetMachineDealCodeFromPingResponse(const char* response) {
|
| - return MachineDealCode::SetFromPingResponse(response);
|
| -}
|
| -
|
| -void InitializeTempHivesForTesting(const base::win::RegKey& temp_hklm_key,
|
| - const base::win::RegKey& temp_hkcu_key) {
|
| - // For the moment, the HKCU hive requires no initialization.
|
| -
|
| - if (base::win::GetVersion() >= base::win::VERSION_WIN7) {
|
| - // Copy the following HKLM subtrees to the temporary location so that the
|
| - // win32 APIs used by the tests continue to work:
|
| - //
|
| - // HKLM\System\CurrentControlSet\Control\Lsa\AccessProviders
|
| - //
|
| - // This seems to be required since Win7.
|
| - base::win::RegKey dest(temp_hklm_key.Handle(), kHKLMAccessProviders,
|
| - KEY_ALL_ACCESS);
|
| - CopyRegistryTree(base::win::RegKey(HKEY_LOCAL_MACHINE,
|
| - kHKLMAccessProviders,
|
| - KEY_READ),
|
| - &dest);
|
| - }
|
| -}
|
| -
|
| -} // namespace rlz_lib
|
|
|
Chromium Code Reviews
Issue 10642009:
Add a regenerate button to regenerate the password in Windows. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master