Ping On Sun, May 14, 2017 at 3:53 PM, Sameeh Jubran <sam...@daynix.com> wrote:
> Reviewed-by: Sameeh Jubran <sam...@daynix.com> > > On Thu, Apr 27, 2017 at 4:21 PM, Daniel Rempel <dan...@daynix.com> wrote: > >> Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1357789 >> Replace hardcoded user and group names ("Administrators", "SYSTEM") with >> the ones acquired from system. Windows uses localized strings for these >> names and it may cause the installation to fail. >> Windows has Well-known SIDs for "Administrators" group and "SYSTEM" user >> so they were used to identify required users and groups. >> Well-known SIDs: https://support.microsoft.com/ >> en-us/help/243330/well-known-security-identifiers-in-windows >> -operating-systems >> >> Signed-off-by: Daniel Rempel <dan...@daynix.com> >> --- >> qga/vss-win32/install.cpp | 35 +++++++++++++++++++++++++++++++++-- >> 1 file changed, 33 insertions(+), 2 deletions(-) >> >> diff --git a/qga/vss-win32/install.cpp b/qga/vss-win32/install.cpp >> index f4160a3..1be482a 100644 >> --- a/qga/vss-win32/install.cpp >> +++ b/qga/vss-win32/install.cpp >> @@ -18,6 +18,9 @@ >> #include <wbemidl.h> >> #include <comdef.h> >> #include <comutil.h> >> +#include <sddl.h> >> + >> +#define BUFFER_SIZE 1024 >> >> extern HINSTANCE g_hinstDll; >> >> @@ -135,6 +138,27 @@ out: >> return hr; >> } >> >> +/* Acquire group or user name by SID */ >> +static HRESULT getNameByStringSID( >> + const wchar_t *sid, LPWSTR buffer, LPDWORD bufferLen) >> +{ >> + HRESULT hr = S_OK; >> + PSID psid = NULL; >> + SID_NAME_USE groupType; >> + DWORD domainNameLen = BUFFER_SIZE; >> + wchar_t domainName[BUFFER_SIZE]; >> + >> + chk(ConvertStringSidToSidW(sid, &psid)); >> + LookupAccountSidW(NULL, psid, buffer, bufferLen, >> + domainName, &domainNameLen, &groupType); >> + hr = HRESULT_FROM_WIN32(GetLastError()); >> + >> + LocalFree(psid); >> + >> +out: >> + return hr; >> +} >> + >> /* Find and iterate QGA VSS provider in COM+ Application Catalog */ >> static HRESULT QGAProviderFind( >> HRESULT (*found)(ICatalogCollection *, int, void *), void *arg) >> @@ -216,6 +240,10 @@ STDAPI COMRegister(void) >> CHAR dllPath[MAX_PATH], tlbPath[MAX_PATH]; >> bool unregisterOnFailure = false; >> int count = 0; >> + DWORD bufferLen = BUFFER_SIZE; >> + wchar_t buffer[BUFFER_SIZE]; >> + const wchar_t *administratorsGroupSID = L"S-1-5-32-544"; >> + const wchar_t *systemUserSID = L"S-1-5-18"; >> >> if (!g_hinstDll) { >> errmsg(E_FAIL, "Failed to initialize DLL"); >> @@ -284,11 +312,12 @@ STDAPI COMRegister(void) >> >> /* Setup roles of the applicaion */ >> >> + chk(getNameByStringSID(administratorsGroupSID, buffer, &bufferLen)); >> chk(pApps->GetCollection(_bstr_t(L"Roles"), key, >> (IDispatch **)pRoles.replace())); >> chk(pRoles->Populate()); >> chk(pRoles->Add((IDispatch **)pObj.replace())); >> - chk(put_Value(pObj, L"Name", L"Administrators")); >> + chk(put_Value(pObj, L"Name", buffer)); >> chk(put_Value(pObj, L"Description", L"Administrators group")); >> chk(pRoles->SaveChanges(&n)); >> chk(pObj->get_Key(&key)); >> @@ -303,8 +332,10 @@ STDAPI COMRegister(void) >> chk(GetAdminName(&name)); >> chk(put_Value(pObj, L"User", _bstr_t(".\\") + name)); >> >> + bufferLen = BUFFER_SIZE; >> + chk(getNameByStringSID(systemUserSID, buffer, &bufferLen)); >> chk(pUsersInRole->Add((IDispatch **)pObj.replace())); >> - chk(put_Value(pObj, L"User", L"SYSTEM")); >> + chk(put_Value(pObj, L"User", buffer)); >> chk(pUsersInRole->SaveChanges(&n)); >> >> out: >> -- >> 2.9.3 >> >> >> > > > -- > Respectfully, > *Sameeh Jubran* > *Linkedin <https://il.linkedin.com/pub/sameeh-jubran/87/747/a8a>* > *Software Engineer @ Daynix <http://www.daynix.com>.* > -- Respectfully, *Sameeh Jubran* *Linkedin <https://il.linkedin.com/pub/sameeh-jubran/87/747/a8a>* *Software Engineer @ Daynix <http://www.daynix.com>.*
