Index: rlz/win/lib/rlz_lib_win.cc |
diff --git a/rlz/win/lib/rlz_lib_win.cc b/rlz/win/lib/rlz_lib_win.cc |
deleted file mode 100644 |
index e7b145e132cb6079f62f264e583677f567d9023d..0000000000000000000000000000000000000000 |
--- a/rlz/win/lib/rlz_lib_win.cc |
+++ /dev/null |
@@ -1,260 +0,0 @@ |
-// Copyright (c) 2012 The Chromium Authors. All rights reserved. |
-// Use of this source code is governed by a BSD-style license that can be |
-// found in the LICENSE file. |
-// |
-// A library to manage RLZ information for access-points shared |
-// across different client applications. |
- |
-#include "rlz/win/lib/rlz_lib.h" |
- |
-#include <windows.h> |
-#include <aclapi.h> |
-#include <winerror.h> |
- |
-#include "base/basictypes.h" |
-#include "base/win/registry.h" |
-#include "base/win/windows_version.h" |
-#include "rlz/lib/assert.h" |
-#include "rlz/lib/rlz_value_store.h" |
-#include "rlz/win/lib/machine_deal.h" |
-#include "rlz/win/lib/rlz_value_store_registry.h" |
- |
-namespace { |
- |
-// Path to recursively copy into the replacemment hives. These are needed |
-// to make sure certain win32 APIs continue to run correctly once the real |
-// hives are replaced. |
-const wchar_t* kHKLMAccessProviders = |
- L"System\\CurrentControlSet\\Control\\Lsa\\AccessProviders"; |
- |
-// Helper functions |
- |
-void CopyRegistryTree(const base::win::RegKey& src, base::win::RegKey* dest) { |
- // First copy values. |
- for (base::win::RegistryValueIterator i(src.Handle(), L""); |
- i.Valid(); ++i) { |
- dest->WriteValue(i.Name(), reinterpret_cast<const void*>(i.Value()), |
- i.ValueSize(), i.Type()); |
- } |
- |
- // Next copy subkeys recursively. |
- for (base::win::RegistryKeyIterator i(src.Handle(), L""); |
- i.Valid(); ++i) { |
- base::win::RegKey subkey(dest->Handle(), i.Name(), KEY_ALL_ACCESS); |
- CopyRegistryTree(base::win::RegKey(src.Handle(), i.Name(), KEY_READ), |
- &subkey); |
- } |
-} |
- |
-} // namespace anonymous |
- |
- |
-namespace rlz_lib { |
- |
-// OEM Deal confirmation storage functions. |
- |
-template<class T> |
-class typed_buffer_ptr { |
- scoped_array<char> buffer_; |
- |
- public: |
- typed_buffer_ptr() { |
- } |
- |
- explicit typed_buffer_ptr(size_t size) : buffer_(new char[size]) { |
- } |
- |
- void reset(size_t size) { |
- buffer_.reset(new char[size]); |
- } |
- |
- operator T*() { |
- return reinterpret_cast<T*>(buffer_.get()); |
- } |
-}; |
- |
-// Check if this SID has the desired access by scanning the ACEs in the DACL. |
-// This function is part of the rlz_lib namespace so that it can be called from |
-// unit tests. Non-unit test code should not call this function. |
-bool HasAccess(PSID sid, ACCESS_MASK access_mask, ACL* dacl) { |
- if (dacl == NULL) |
- return false; |
- |
- ACL_SIZE_INFORMATION info; |
- if (!GetAclInformation(dacl, &info, sizeof(info), AclSizeInformation)) |
- return false; |
- |
- GENERIC_MAPPING generic_mapping = {KEY_READ, KEY_WRITE, KEY_EXECUTE, |
- KEY_ALL_ACCESS}; |
- MapGenericMask(&access_mask, &generic_mapping); |
- |
- for (DWORD i = 0; i < info.AceCount; ++i) { |
- ACCESS_ALLOWED_ACE* ace; |
- if (GetAce(dacl, i, reinterpret_cast<void**>(&ace))) { |
- if ((ace->Header.AceFlags & INHERIT_ONLY_ACE) == INHERIT_ONLY_ACE) |
- continue; |
- |
- PSID existing_sid = reinterpret_cast<PSID>(&ace->SidStart); |
- DWORD mask = ace->Mask; |
- MapGenericMask(&mask, &generic_mapping); |
- |
- if (ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE && |
- (mask & access_mask) == access_mask && EqualSid(existing_sid, sid)) |
- return true; |
- |
- if (ace->Header.AceType == ACCESS_DENIED_ACE_TYPE && |
- (mask & access_mask) != 0 && EqualSid(existing_sid, sid)) |
- return false; |
- } |
- } |
- |
- return false; |
-} |
- |
-bool CreateMachineState() { |
- LibMutex lock; |
- if (lock.failed()) |
- return false; |
- |
- base::win::RegKey hklm_key; |
- if (hklm_key.Create(HKEY_LOCAL_MACHINE, |
- RlzValueStoreRegistry::GetWideLibKeyName().c_str(), |
- KEY_ALL_ACCESS | KEY_WOW64_32KEY) != ERROR_SUCCESS) { |
- ASSERT_STRING("rlz_lib::CreateMachineState: " |
- "Unable to create / open machine key."); |
- return false; |
- } |
- |
- // Create a SID that represents ALL USERS. |
- DWORD users_sid_size = SECURITY_MAX_SID_SIZE; |
- typed_buffer_ptr<SID> users_sid(users_sid_size); |
- CreateWellKnownSid(WinBuiltinUsersSid, NULL, users_sid, &users_sid_size); |
- |
- // Get the security descriptor for the registry key. |
- DWORD original_sd_size = 0; |
- ::RegGetKeySecurity(hklm_key.Handle(), DACL_SECURITY_INFORMATION, NULL, |
- &original_sd_size); |
- typed_buffer_ptr<SECURITY_DESCRIPTOR> original_sd(original_sd_size); |
- |
- LONG result = ::RegGetKeySecurity(hklm_key.Handle(), |
- DACL_SECURITY_INFORMATION, original_sd, &original_sd_size); |
- if (result != ERROR_SUCCESS) { |
- ASSERT_STRING("rlz_lib::CreateMachineState: " |
- "Unable to create / open machine key."); |
- return false; |
- } |
- |
- // Make a copy of the security descriptor so we can modify it. The one |
- // returned by RegGetKeySecurity() is self-relative, so we need to make it |
- // absolute. |
- DWORD new_sd_size = 0; |
- DWORD dacl_size = 0; |
- DWORD sacl_size = 0; |
- DWORD owner_size = 0; |
- DWORD group_size = 0; |
- ::MakeAbsoluteSD(original_sd, NULL, &new_sd_size, NULL, &dacl_size, |
- NULL, &sacl_size, NULL, &owner_size, |
- NULL, &group_size); |
- |
- typed_buffer_ptr<SECURITY_DESCRIPTOR> new_sd(new_sd_size); |
- // Make sure the DACL is big enough to add one more ACE. |
- typed_buffer_ptr<ACL> dacl(dacl_size + SECURITY_MAX_SID_SIZE); |
- typed_buffer_ptr<ACL> sacl(sacl_size); |
- typed_buffer_ptr<SID> owner(owner_size); |
- typed_buffer_ptr<SID> group(group_size); |
- |
- if (!::MakeAbsoluteSD(original_sd, new_sd, &new_sd_size, dacl, &dacl_size, |
- sacl, &sacl_size, owner, &owner_size, |
- group, &group_size)) { |
- ASSERT_STRING("rlz_lib::CreateMachineState: MakeAbsoluteSD failed"); |
- return false; |
- } |
- |
- // If all users already have read/write access to the registry key, then |
- // nothing to do. Otherwise change the security descriptor of the key to |
- // give everyone access. |
- if (HasAccess(users_sid, KEY_ALL_ACCESS, dacl)) { |
- return false; |
- } |
- |
- // Add ALL-USERS ALL-ACCESS ACL. |
- EXPLICIT_ACCESS ea; |
- ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS)); |
- ea.grfAccessPermissions = GENERIC_ALL | KEY_ALL_ACCESS; |
- ea.grfAccessMode = GRANT_ACCESS; |
- ea.grfInheritance= SUB_CONTAINERS_AND_OBJECTS_INHERIT; |
- ea.Trustee.TrusteeForm = TRUSTEE_IS_NAME; |
- ea.Trustee.ptstrName = L"Everyone"; |
- |
- ACL* new_dacl = NULL; |
- result = SetEntriesInAcl(1, &ea, dacl, &new_dacl); |
- if (result != ERROR_SUCCESS) { |
- ASSERT_STRING("rlz_lib::CreateMachineState: SetEntriesInAcl failed"); |
- return false; |
- } |
- |
- BOOL ok = SetSecurityDescriptorDacl(new_sd, TRUE, new_dacl, FALSE); |
- if (!ok) { |
- ASSERT_STRING("rlz_lib::CreateMachineState: " |
- "SetSecurityDescriptorOwner failed"); |
- LocalFree(new_dacl); |
- return false; |
- } |
- |
- result = ::RegSetKeySecurity(hklm_key.Handle(), |
- DACL_SECURITY_INFORMATION, |
- new_sd); |
- // Note that the new DACL cannot be freed until after the call to |
- // RegSetKeySecurity(). |
- LocalFree(new_dacl); |
- |
- bool success = true; |
- if (result != ERROR_SUCCESS) { |
- ASSERT_STRING("rlz_lib::CreateMachineState: " |
- "Unable to create / open machine key."); |
- success = false; |
- } |
- |
- |
- return success; |
-} |
- |
-bool SetMachineDealCode(const char* dcc) { |
- return MachineDealCode::Set(dcc); |
-} |
- |
-bool GetMachineDealCodeAsCgi(char* cgi, size_t cgi_size) { |
- return MachineDealCode::GetAsCgi(cgi, cgi_size); |
-} |
- |
-bool GetMachineDealCode(char* dcc, size_t dcc_size) { |
- return MachineDealCode::Get(dcc, dcc_size); |
-} |
- |
-// Combined functions. |
- |
-bool SetMachineDealCodeFromPingResponse(const char* response) { |
- return MachineDealCode::SetFromPingResponse(response); |
-} |
- |
-void InitializeTempHivesForTesting(const base::win::RegKey& temp_hklm_key, |
- const base::win::RegKey& temp_hkcu_key) { |
- // For the moment, the HKCU hive requires no initialization. |
- |
- if (base::win::GetVersion() >= base::win::VERSION_WIN7) { |
- // Copy the following HKLM subtrees to the temporary location so that the |
- // win32 APIs used by the tests continue to work: |
- // |
- // HKLM\System\CurrentControlSet\Control\Lsa\AccessProviders |
- // |
- // This seems to be required since Win7. |
- base::win::RegKey dest(temp_hklm_key.Handle(), kHKLMAccessProviders, |
- KEY_ALL_ACCESS); |
- CopyRegistryTree(base::win::RegKey(HKEY_LOCAL_MACHINE, |
- kHKLMAccessProviders, |
- KEY_READ), |
- &dest); |
- } |
-} |
- |
-} // namespace rlz_lib |