[or-cvs] r19350: {torvm} Checkpoint the 0.0.2 restricted user setup changes for bundl (in torvm/trunk/build: kamikaze/patches win32 win32/files win32/patches win32/src/torvm-w32)
coderman at seul.org
coderman at seul.org
Mon Apr 20 02:43:02 UTC 2009
Author: coderman
Date: 2009-04-19 22:43:01 -0400 (Sun, 19 Apr 2009)
New Revision: 19350
Added:
torvm/trunk/build/win32/src/torvm-w32/torvmuser.bmp
Modified:
torvm/trunk/build/kamikaze/patches/001-kamikaze-tor-package.patch
torvm/trunk/build/win32/Makefile
torvm/trunk/build/win32/files/buildall.sh
torvm/trunk/build/win32/patches/openssl-0.9.8-mingw-shared.patch
torvm/trunk/build/win32/src/torvm-w32/Makefile
torvm/trunk/build/win32/src/torvm-w32/apicommon.c
torvm/trunk/build/win32/src/torvm-w32/apicommon.h
torvm/trunk/build/win32/src/torvm-w32/creds.c
torvm/trunk/build/win32/src/torvm-w32/creds.h
torvm/trunk/build/win32/src/torvm-w32/torvm.c
Log:
Checkpoint the 0.0.2 restricted user setup changes for bundle mode. Merge user cleanup and uninstaller work in subsequent patches.
Modified: torvm/trunk/build/kamikaze/patches/001-kamikaze-tor-package.patch
===================================================================
--- torvm/trunk/build/kamikaze/patches/001-kamikaze-tor-package.patch 2009-04-19 04:34:34 UTC (rev 19349)
+++ torvm/trunk/build/kamikaze/patches/001-kamikaze-tor-package.patch 2009-04-20 02:43:01 UTC (rev 19350)
@@ -456,8 +456,8 @@
+exit 0
diff -Naur a/package/tor/files/torrc b/package/tor/files/torrc
--- a/package/tor/files/torrc 1970-01-01 00:00:00.000000000 +0000
-+++ b/package/tor/files/torrc 2009-03-26 06:18:45.619258728 +0000
-@@ -0,0 +1,19 @@
++++ b/package/tor/files/torrc 2009-04-04 19:53:45.195224832 +0000
+@@ -0,0 +1,21 @@
+# Configuration for Tor VM
+User tor
+Group tor
@@ -476,4 +476,6 @@
+# options appended from command line placed below:
+SocksPort 9050
+DNSPort 9093
++DNSListenAddress 0.0.0.0
+TransPort 9095
++TransListenAddress 0.0.0.0
Modified: torvm/trunk/build/win32/Makefile
===================================================================
--- torvm/trunk/build/win32/Makefile 2009-04-19 04:34:34 UTC (rev 19349)
+++ torvm/trunk/build/win32/Makefile 2009-04-20 02:43:01 UTC (rev 19350)
@@ -17,27 +17,27 @@
# with an autorun.inf that launches a build of all the win32 parts.
#
ZLIB_F=zlib-1.2.3-bin.zip
-ZLIB_URL=http://downloads.sourceforge.net/gnuwin32/zlib-1.2.3-bin.zip?big_mirror=1
+ZLIB_URL=http://downloads.sourceforge.net/gnuwin32/$(ZLIB_F)?big_mirror=1
ZLIB_SUM=becbcaf5076e307e743b1edc6a5645849eba9ebc
GZIP_F=gzip-1.3.12-1-bin.zip
-GZIP_URL=http://downloads.sourceforge.net/gnuwin32/gzip-1.3.12-1-bin.zip?big_mirror=1
+GZIP_URL=http://downloads.sourceforge.net/gnuwin32/$(GZIP_F)?big_mirror=1
GZIP_SUM=69901b7a58e324e39653d4282deaf5ab5bb5c07f
BZIP2_F=bzip2-1.0.5-bin.zip
-BZIP2_URL=http://downloads.sourceforge.net/gnuwin32/bzip2-1.0.5-bin.zip?big_mirror=1
+BZIP2_URL=http://downloads.sourceforge.net/gnuwin32/$(BZIP2_F)?big_mirror=1
BZIP2_SUM=618ba51d3d6838e71a922febf717471b7d5f54e2
LIBARCH_F=libarchive-2.4.12-1-bin.zip
-LIBARCH_URL=http://downloads.sourceforge.net/gnuwin32/libarchive-2.4.12-1-bin.zip?big_mirror=1
+LIBARCH_URL=http://downloads.sourceforge.net/gnuwin32/$(LIBARCH_F)?big_mirror=1
LIBARCH_SUM=02eb2fe2200705d0067f03780c6d65f51ae69e42
BINUTILS_F=binutils-2.18.50-20080109-2.tar.gz
-BINUTILS_URL=http://downloads.sourceforge.net/mingw/binutils-2.18.50-20080109-2.tar.gz?big_mirror=1
+BINUTILS_URL=http://downloads.sourceforge.net/mingw/$(BINUTILS_F)?big_mirror=1
BINUTILS_SUM=4a47e75604765f671ca233bb503f1ca67fd93af0
GCCORE_F=gcc-core-3.4.5-20060117-3.tar.gz
-GCCORE_URL=http://downloads.sourceforge.net/mingw/gcc-core-3.4.5-20060117-3.tar.gz?big_mirror=1
+GCCORE_URL=http://downloads.sourceforge.net/mingw/$(GCCORE_F)?big_mirror=1
GCCORE_SUM=1ba77819f5749954fda080c0137af359a09760fc
GPP_F=gcc-g++-3.4.5-20060117-3.tar.gz
@@ -45,100 +45,100 @@
GPP_SUM=1d31f990d4027f171ab8c55374bec815a46c16dd
MINGWRUN_F=mingw-runtime-3.14.tar.gz
-MINGWRUN_URL=http://downloads.sourceforge.net/mingw/mingw-runtime-3.14.tar.gz?big_mirror=1
+MINGWRUN_URL=http://downloads.sourceforge.net/mingw/$(MINGWRUN_F)?big_mirror=1
MINGWRUN_SUM=ebd523dff5cb5bc476124a283b3ba9781f907fea
MINGWUTIL_F=mingw-utils-0.3.tar.gz
-MINGWUTIL_URL=http://downloads.sourceforge.net/mingw/mingw-utils-0.3.tar.gz?big_mirror=1
+MINGWUTIL_URL=http://downloads.sourceforge.net/mingw/$(MINGWUTIL_F)?big_mirror=1
MINGWUTIL_SUM=7ae32742ece1e89978784634aed824775cf47336
MAKE_F=mingw32-make-3.81-20080326-3.tar.gz
-MAKE_URL=http://downloads.sourceforge.net/mingw/mingw32-make-3.81-20080326-3.tar.gz?big_mirror=1
+MAKE_URL=http://downloads.sourceforge.net/mingw/$(MAKE_F)?big_mirror=1
MAKE_SUM=86ab2ddffdd2df6245856bb0dd50fbd8ba372767
W32API_F=w32api-3.11.tar.gz
-W32API_URL=http://downloads.sourceforge.net/mingw/w32api-3.11.tar.gz?big_mirror=1
+W32API_URL=http://downloads.sourceforge.net/mingw/$(W32API_F)?big_mirror=1
W32API_SUM=0969cde19c3a85012b4924cb49cf2e9ef3d1b6df
MSYS_F=MSYS-1.0.11-20071204.tar.bz2
-MSYS_URL=http://downloads.sourceforge.net/mingw/MSYS-1.0.11-20071204.tar.bz2?big_mirror=1
+MSYS_URL=http://downloads.sourceforge.net/mingw/$(MSYS_F)?big_mirror=1
MSYS_SUM=9a1207b04ffaf8880c58de643609e4deed3e1563
MSYSCORE_F=msysCORE-1.0.11-2007.01.19-1.tar.bz2
-MSYSCORE_URL=http://downloads.sourceforge.net/mingw/msysCORE-1.0.11-2007.01.19-1.tar.bz2?big_mirror=1
+MSYSCORE_URL=http://downloads.sourceforge.net/mingw/$(MSYSCORE_F)?big_mirror=1
MSYSCORE_SUM=65870650914925dfd8451a9452bff3cdb8320221
BASH_F=bash-3.1-MSYS-1.0.11-1.tar.bz2
-BASH_URL=http://downloads.sourceforge.net/mingw/bash-3.1-MSYS-1.0.11-1.tar.bz2?big_mirror=1
+BASH_URL=http://downloads.sourceforge.net/mingw/$(BASH_F)?big_mirror=1
BASH_SUM=a440bb5a6e2edfe703b67877c7e7e48504aad6dc
DIFFUTIL_F=diffutils-2.8.7-MSYS-1.0.11-1.tar.bz2
-DIFFUTIL_URL=http://downloads.sourceforge.net/mingw/diffutils-2.8.7-MSYS-1.0.11-1.tar.bz2?big_mirror=1
+DIFFUTIL_URL=http://downloads.sourceforge.net/mingw/$(DIFFUTIL_F)?big_mirror=1
DIFFUTIL_SUM=a34f0470674b6bb807e505839a477f9b9c70facf
LIBTOOL_F=libtool1.5-1.5.25a-1-bin.tar.bz2
-LIBTOOL_URL=http://downloads.sourceforge.net/mingw/libtool1.5-1.5.25a-1-bin.tar.bz2?big_mirror=1
+LIBTOOL_URL=http://downloads.sourceforge.net/mingw/$(LIBTOOL_F)?big_mirror=1
LIBTOOL_SUM=7e7206011471dbe79f5298d76ea9530288b2a6dd
MINIRES_F=minires-1.01-1-MSYS-1.0.11-1.tar.bz2
-MINIRES_URL=http://downloads.sourceforge.net/mingw/minires-1.01-1-MSYS-1.0.11-1.tar.bz2?big_mirror=1
+MINIRES_URL=http://downloads.sourceforge.net/mingw/$(MINIRES_F)?big_mirror=1
MINIRES_SUM=c077e08cce446656ff0c0b3f30a327652f9c9986
MSYSZLIB_F=zlib-1.2.3-MSYS-1.0.11-1.tar.bz2
-MSYSZLIB_URL=http://downloads.sourceforge.net/mingw/zlib-1.2.3-MSYS-1.0.11-1.tar.bz2?big_mirror=1
+MSYSZLIB_URL=http://downloads.sourceforge.net/mingw/$(MSYSZLIB_F)?big_mirror=1
MSYSZLIB_SUM=dff1a110b165d7ba4d7804b1c2f4a023823eec90
MSYSCRYPT_F=crypt-1.1-1-MSYS-1.0.11-1.tar.bz2
-MSYSCRYPT_URL=http://downloads.sourceforge.net/mingw/crypt-1.1-1-MSYS-1.0.11-1.tar.bz2?big_mirror=1
+MSYSCRYPT_URL=http://downloads.sourceforge.net/mingw/$(MSYSCRYPT_F)?big_mirror=1
MSYSCRYPT_SUM=072e9a158d41e73aa5a766df016494dab74085e4
M4_F=m4-1.4.7-MSYS.tar.bz2
-M4_URL=http://prdownloads.sourceforge.net/mingw/m4-1.4.7-MSYS.tar.bz2?download
+M4_URL=http://prdownloads.sourceforge.net/mingw/$(M4_F)?download
M4_SUM=a00ed987824456946777d92f600612f344211dcc
-SSL_F=openssl-0.9.8g-1-MSYS-1.0.11-2-dll098.tar.gz
-SSL_URL=http://downloads.sourceforge.net/mingw/openssl-0.9.8g-1-MSYS-1.0.11-2-dll098.tar.gz?big_mirror=1
-SSL_SUM=eba5f37fdec2982727556a3dbb5ea6fd04296b76
+MSYSSSL_F=openssl-0.9.8g-1-MSYS-1.0.11-2-dll098.tar.gz
+MSYSSSL_URL=http://downloads.sourceforge.net/mingw/$(SSL_F)?big_mirror=1
+MSYSSSL_SUM=eba5f37fdec2982727556a3dbb5ea6fd04296b76
-SSH_F=openssh-4.7p1-MSYS-1.0.11-1-bin.tar.gz
-SSH_URL=http://downloads.sourceforge.net/mingw/openssh-4.7p1-MSYS-1.0.11-1-bin.tar.gz?big_mirror=1
-SSH_SUM=bf1617bf43de198cea7c197621494baec9520bcb
+MSYSSSH_F=openssh-4.7p1-MSYS-1.0.11-1-bin.tar.gz
+MSYSSSH_URL=http://downloads.sourceforge.net/mingw/$(SSH_F)?big_mirror=1
+MSYSSSH_SUM=bf1617bf43de198cea7c197621494baec9520bcb
ZLIBSRC_F=zlib-1.2.3.tar.gz
ZLIBSRC_URL=http://www.zlib.net/zlib-1.2.3.tar.gz
ZLIBSRC_SUM=60faeaaf250642db5c0ea36cd6dcc9f99c8f3902
PTHREADS_F=pthreads-w32-2-8-0-release.tar.gz
-PTHREADS_URL=ftp://sourceware.org/pub/pthreads-win32/pthreads-w32-2-8-0-release.tar.gz
+PTHREADS_URL=ftp://sourceware.org/pub/pthreads-win32/$(PTHREADS_F)
PTHREADS_SUM=da8371cb20e8e238f96a1d0651212f154d84a9ac
LIBEVENT_F=libevent-1.4.8-stable.tar.gz
-LIBEVENT_URL=http://www.monkey.org/~provos/libevent-1.4.8-stable.tar.gz
+LIBEVENT_URL=http://www.monkey.org/~provos/$(LIBEVENT_F)
LIBEVENT_SUM=82c05a893688810aafc2b372b567a837eb115732
ACONF_F=autoconf2.5-2.61-1-bin.tar.bz2
-ACONF_URL=http://downloads.sourceforge.net/mingw/autoconf2.5-2.61-1-bin.tar.bz2?big_mirror=1
+ACONF_URL=http://downloads.sourceforge.net/mingw/$(ACONF_F)?big_mirror=1
ACONF_SUM=7f05699dfeb0fea12b490da7204eeb89644a3bf7
AMAKE_F=automake1.9-1.9.6-2-bin.tar.bz2
-AMAKE_URL=http://downloads.sourceforge.net/mingw/automake1.9-1.9.6-2-bin.tar.bz2?big_mirror=1
+AMAKE_URL=http://downloads.sourceforge.net/mingw/$(AMAKE_F)?big_mirror=1
AMAKE_SUM=685dd354868ebb6fca148a300f20b55e1c036fca
PERL_F=perl-5.6.1-MSYS-1.0.11-1.tar.bz2
-PERL_URL=http://downloads.sourceforge.net/mingw/perl-5.6.1-MSYS-1.0.11-1.tar.bz2?big_mirror=1
+PERL_URL=http://downloads.sourceforge.net/mingw/$(PERL_F)?big_mirror=1
PERL_SUM=ff1f07a061c7958bc9043f0085a55ff0101b1be4
GROFF_F=groff-1.19.2.tar.gz
-GROFF_URL=http://ftp.gnu.org/gnu/groff/groff-1.19.2.tar.gz
+GROFF_URL=http://ftp.gnu.org/gnu/groff/$(GROFF_F)
GROFF_SUM=cfad99a5c52933a6a9180e394bd94fbaec0ac956
CMAKE_F=cmake-2.6.2.tar.gz
-CMAKE_URL=http://www.cmake.org/files/v2.6/cmake-2.6.2.tar.gz
+CMAKE_URL=http://www.cmake.org/files/v2.6/$(CMAKE_F)
CMAKE_SUM=48d33afaf23d40f2ea9aa2f5018c7213983222c2
-SSLSRC_F=openssl-0.9.8j.tar.gz
-SSLSRC_URL=http://www.openssl.org/source/openssl-0.9.8j.tar.gz
-SSLSRC_SUM=f70f7127a26e951e8a0d854c0c9e6b4c24df78e4
+SSLSRC_F=openssl-0.9.8k.tar.gz
+SSLSRC_URL=http://www.openssl.org/source/$(SSLSRC_F)
+SSLSRC_SUM=3ba079f91d3c1ec90a36dcd1d43857165035703f
PYTHON_F=Python-3.0.1.tar.bz2
PYTHON_URL=http://www.python.org/ftp/python/3.0.1/$(PYTHON_F)
@@ -146,26 +146,26 @@
PY2EXE_F=py2exe-0.6.9.zip
PY2EXE_TGZ=py2exe.tar.gz
-PY2EXE_URL=http://downloads.sourceforge.net/py2exe/py2exe-0.6.9.zip?big_mirror=1
+PY2EXE_URL=http://downloads.sourceforge.net/py2exe/$(PY2EXE_F)?big_mirror=1
PY2EXE_SUM=f1a2cdfbf6d142f6ff54edfcf9d127e2d07169d5
WIX_F=wix3.0.4805.0-binaries.zip
WIX_TGZ=wix.tar.gz
-WIX_URL=http://downloads.sourceforge.net/wix/wix3.0.4805.0-binaries.zip?big_mirror=1
+WIX_URL=http://downloads.sourceforge.net/wix/$(WIX_F)?big_mirror=1
WIX_SUM=58dcedd89efcf9b80f7d6f1c0c5f9ee44a800892
WIXSRC_F=wix3.0.4805.0-sources.zip
WIXSRC_TGZ=wixsrc.tar.gz
-WIXSRC_URL=http://downloads.sourceforge.net/wix/wix3.0.4805.0-sources.zip?big_mirror=1
+WIXSRC_URL=http://downloads.sourceforge.net/wix/$(WIXSRC_F)?big_mirror=1
WIXSRC_SUM=60d5bfa98fcf8f902586067393eb3ac7e4b12f82
GNURX_F=mingw-libgnurx-2.5.1-src.tar.gz
-GNURX_URL=http://downloads.sourceforge.net/mingw/mingw-libgnurx-2.5.1-src.tar.gz?big_mirror=1
+GNURX_URL=http://downloads.sourceforge.net/mingw/$(GNURX_F)?big_mirror=1
GNURX_SUM=f1e4af2541645dac82362b618aaa849658cd4988
NSIS_VER=2.42
NSIS_F=nsis-$(NSIS_VER).zip
-NSIS_URL=http://downloads.sourceforge.net/nsis/nsis-2.42.zip?big_mirror=1
+NSIS_URL=http://downloads.sourceforge.net/nsis/$(NSIS_F)?big_mirror=1
NSIS_SUM=a1aef12a33f16273ac9109fde28713399f6a8016
NSIS_TGZ=nsis-2.42.tar.gz
@@ -174,11 +174,11 @@
SEVNZIP_INST=true
SEVNZIP_VER=464
SEVNZIP_F=7z464.msi
-SEVNZIP_URL=http://downloads.sourceforge.net/sevenzip/7z464.msi?big_mirror=1
+SEVNZIP_URL=http://downloads.sourceforge.net/sevenzip/$(SEVNZIP_F)?big_mirror=1
SEVNZIP_SUM=19a06e188a83452dc9273290dbef71220686c4c1
SDL_F=SDL-1.2.13.tar.gz
-SDL_URL=http://www.libsdl.org/release/SDL-1.2.13.tar.gz
+SDL_URL=http://www.libsdl.org/release/$(SDL_F)
SDL_SUM=51fcaa3e1d5c01fd813ea08688780f86b19cf539
WPCAPSRC_VER=4_1_beta5
@@ -247,7 +247,7 @@
# buildscripts need some dire clean up...
OK:=echo -n
-ALLFILES=$(ZLIB_F) $(GZIP_F) $(BZIP2_F) $(LIBARCH_F) $(BINUTILS_F) $(GCCORE_F) $(GPP_F) $(MINGWRUN_F) $(MINGWUTIL_F) $(MAKE_F) $(W32API_F) $(MSYS_F) $(MSYSCORE_F) $(BASH_F) $(DIFFUTIL_F) $(LIBTOOL_F) $(MINIRES_F) $(MSYSZLIB_F) $(MSYSCRYPT_F) $(M4_F) $(SSL_F) $(SSH_F) $(ZLIBSRC_F) $(PTHREADS_F) $(LIBEVENT_F) $(AMAKE_F) $(ACONF_F) $(PERL_F) $(GROFF_F) $(CMAKE_F) $(QT_F) $(NSIS_F) $(SSLSRC_F) $(PYTHON_F) $(PY2EXE_F) $(WIX_F) $(WIXSRC_F) $(GNURX_F) $(POLIPO_F) $(SDL_F) $(WPCAPSRC_F) $(QEMU_F) $(OVPN_F)
+ALLFILES=$(ZLIB_F) $(GZIP_F) $(BZIP2_F) $(LIBARCH_F) $(BINUTILS_F) $(GCCORE_F) $(GPP_F) $(MINGWRUN_F) $(MINGWUTIL_F) $(MAKE_F) $(W32API_F) $(MSYS_F) $(MSYSCORE_F) $(BASH_F) $(DIFFUTIL_F) $(LIBTOOL_F) $(MINIRES_F) $(MSYSZLIB_F) $(MSYSCRYPT_F) $(M4_F) $(MSYSSSL_F) $(MSYSSSH_F) $(ZLIBSRC_F) $(PTHREADS_F) $(LIBEVENT_F) $(AMAKE_F) $(ACONF_F) $(PERL_F) $(GROFF_F) $(CMAKE_F) $(QT_F) $(NSIS_F) $(SSLSRC_F) $(PYTHON_F) $(PY2EXE_F) $(WIX_F) $(WIXSRC_F) $(GNURX_F) $(POLIPO_F) $(SDL_F) $(WPCAPSRC_F) $(QEMU_F) $(OVPN_F)
# adjust if we're dealing with non source, zip or tar archives for a package
SEVNZIP_OPT_DL=
@@ -284,8 +284,8 @@
@if [ ! -e $(WDLDIR)/$(MSYSZLIB_F) ]; then $(DLCMD) "$(MSYSZLIB_URL)" $(MSYSZLIB_SUM) "$(WDLDIR)/$(MSYSZLIB_F)"; fi
@if [ ! -e $(WDLDIR)/$(MSYSCRYPT_F) ]; then $(DLCMD) "$(MSYSCRYPT_URL)" $(MSYSCRYPT_SUM) "$(WDLDIR)/$(MSYSCRYPT_F)"; fi
@if [ ! -e $(WDLDIR)/$(M4_F) ]; then $(DLCMD) "$(M4_URL)" $(M4_SUM) "$(WDLDIR)/$(M4_F)"; fi
- @if [ ! -e $(WDLDIR)/$(SSL_F) ]; then $(DLCMD) "$(SSL_URL)" $(SSL_SUM) "$(WDLDIR)/$(SSL_F)"; fi
- @if [ ! -e $(WDLDIR)/$(SSH_F) ]; then $(DLCMD) "$(SSH_URL)" $(SSH_SUM) "$(WDLDIR)/$(SSH_F)"; fi
+ @if [ ! -e $(WDLDIR)/$(MSYSSSL_F) ]; then $(DLCMD) "$(MSYSSSL_URL)" $(MSYSSSL_SUM) "$(WDLDIR)/$(MSYSSSL_F)"; fi
+ @if [ ! -e $(WDLDIR)/$(MSYSSSH_F) ]; then $(DLCMD) "$(MSYSSSH_URL)" $(MSYSSSH_SUM) "$(WDLDIR)/$(MSYSSSH_F)"; fi
@if [ ! -e $(WDLDIR)/$(ZLIBSRC_F) ]; then $(DLCMD) "$(ZLIBSRC_URL)" $(ZLIBSRC_SUM) "$(WDLDIR)/$(ZLIBSRC_F)"; fi
@if [ ! -e $(WDLDIR)/$(PTHREADS_F) ]; then $(DLCMD) "$(PTHREADS_URL)" $(PTHREADS_SUM) "$(WDLDIR)/$(PTHREADS_F)"; fi
@if [ ! -e $(WDLDIR)/$(LIBEVENT_F) ]; then $(DLCMD) "$(LIBEVENT_URL)" $(LIBEVENT_SUM) "$(WDLDIR)/$(LIBEVENT_F)"; fi
Modified: torvm/trunk/build/win32/files/buildall.sh
===================================================================
--- torvm/trunk/build/win32/files/buildall.sh 2009-04-19 04:34:34 UTC (rev 19349)
+++ torvm/trunk/build/win32/files/buildall.sh 2009-04-20 02:43:01 UTC (rev 19350)
@@ -89,7 +89,7 @@
export PTHREAD_DIR="pthreads-w32-${PTHREAD_VER}-release"
export PTHREAD_FILE="${PTHREAD_DIR}.tar.gz"
- export OPENSSL_VER="0.9.8j"
+ export OPENSSL_VER="0.9.8k"
export OPENSSL_DIR="openssl-${OPENSSL_VER}"
export OPENSSL_FILE="openssl-${OPENSSL_VER}.tar.gz"
@@ -554,8 +554,8 @@
./configure --prefix=/usr --interp-prefix=qemu-%M \
--enable-uname-release="Tor VM 2.6-alpha i386" \
--disable-werror \
+ --disable-system \
--disable-kqemu \
- --disable-system \
--disable-vnc-tls \
--extra-cflags="-DHAVE_INTSZ_TYPES -I. -I.. -I/src/$ZLIB_DIR -I/usr/include -I/usr/local/include $WPCAP_INCLUDE -I/src/pthreads-w32 -I/usr/include/SDL" \
--extra-ldflags="-L/src/$ZLIB_DIR -L/usr/lib -L/usr/local/lib $WPCAP_LDFLAGS -L/src/pthreads-w32" \
@@ -1094,7 +1094,7 @@
tail +4c fulldata-dir.wxs > fulldata-dir.wxs.tmp; dos2unix fulldata-dir.wxs.tmp; cat fulldata-dir.wxs.tmp > fulldata-dir.wxs; rm -f fulldata-dir.wxs.tmp
wixtool.exe splice -i pkg/win32/vidalia.wxs -o fulldata-tmpdir.wxs Directory:LocalPluginsDataDir=fulldata-dir.wxs:Directory:data
wixtool.exe splice -i fulldata-tmpdir.wxs -o fulldata-tmpall.wxs Feature:MainApplication=fulldata-dir.wxs:Feature:ProductFeature
- wixtool.exe userlocal -i fulldata-tmpall.wxs -o fulldata-all.wxs "Software/Vidalia:MainApplication"
+ wixtool.exe userlocal -i fulldata-tmpall.wxs -o fulldata-all.wxs "Software\\Vidalia:MainApplication"
rm -f fulldata-tmpdir.wxs fulldata-tmpall.wxs
candle.exe $CANDLE_OPTS fulldata-all.wxs
WIX_CAB_CACHE=_vidmrbl.cabcache
@@ -1127,7 +1127,7 @@
tail +4c mindata-dir.wxs > mindata-dir.wxs.tmp; dos2unix mindata-dir.wxs.tmp; cat mindata-dir.wxs.tmp > mindata-dir.wxs; rm -f mindata-dir.wxs.tmp
wixtool.exe splice -i pkg/win32/vidalia.wxs -o mindata-tmpdir.wxs Directory:LocalPluginsDataDir=mindata-dir.wxs:Directory:data
wixtool.exe splice -i mindata-tmpdir.wxs -o mindata-tmpall.wxs Feature:MainApplication=mindata-dir.wxs:Feature:ProductFeature
- wixtool.exe userlocal -i mindata-tmpall.wxs -o mindata-all.wxs "Software/Vidalia:MainApplication"
+ wixtool.exe userlocal -i mindata-tmpall.wxs -o mindata-all.wxs "Software\\Vidalia:MainApplication"
rm -f mindata-tmpdir.wxs mindata-tmpall.wxs
candle.exe $CANDLE_OPTS mindata-all.wxs
rm -rf $WIX_CAB_CACHE
@@ -1243,7 +1243,7 @@
tail +4c license-dir.wxs > license-dir.wxs.tmp; dos2unix license-dir.wxs.tmp; cat license-dir.wxs.tmp > license-dir.wxs; rm -f license-dir.wxs.tmp
wixtool.exe splice -i license.wxs -o license-tmpdir.wxs Directory:ProgramsInstDir=license-dir.wxs:Directory:LicenseDocs
wixtool.exe splice -i license-tmpdir.wxs -o license-tmpall.wxs Feature:MainApplication=license-dir.wxs:Feature:ProductFeature
- wixtool.exe userlocal -i license-tmpall.wxs -o license-all.wxs "Software/Tor License:MainApplication"
+ wixtool.exe userlocal -i license-tmpall.wxs -o license-all.wxs "Software\\Tor License:MainApplication"
rm -f license-tmpdir.wxs license-tmpall.wxs
candle.exe $CANDLE_OPTS license-all.wxs
echo "Linking Tor Vidalia bundle license docs package ..."
@@ -1274,7 +1274,7 @@
wixtool.exe splice -i torvm-tmpdir.wxs -o torvm-tmpall.wxs Feature:MainApplication=torvm-lib.wxs:Feature:ProductFeature
wixtool.exe splice -i torvm-tmpall.wxs -o torvm-tmpdir.wxs Directory:ProgramsInstDir=torvm-state.wxs:Directory:TARGETDIR
wixtool.exe splice -i torvm-tmpdir.wxs -o torvm-tmpall.wxs Feature:MainApplication=torvm-state.wxs:Feature:ProductFeature
- wixtool.exe userlocal -i torvm-tmpall.wxs -o torvm-all.wxs "Software/Tor VM:MainApplication"
+ wixtool.exe userlocal -i torvm-tmpall.wxs -o torvm-all.wxs "Software\\Tor VM:MainApplication"
rm -f torvm-tmpdir.wxs torvm-tmpall.wxs
candle.exe $CANDLE_OPTS torvm-all.wxs
WIX_CAB_CACHE=_torvm.cabcache
Modified: torvm/trunk/build/win32/patches/openssl-0.9.8-mingw-shared.patch
===================================================================
--- torvm/trunk/build/win32/patches/openssl-0.9.8-mingw-shared.patch 2009-04-19 04:34:34 UTC (rev 19349)
+++ torvm/trunk/build/win32/patches/openssl-0.9.8-mingw-shared.patch 2009-04-20 02:43:01 UTC (rev 19350)
@@ -1,7 +1,7 @@
diff -Naur a/Configure b/Configure
---- a/Configure 2008-12-29 00:18:23.000000000 +0000
-+++ b/Configure 2009-01-31 10:43:44.940555920 +0000
-@@ -475,7 +475,7 @@
+--- a/Configure 2009-02-16 08:44:22.000000000 +0000
++++ b/Configure 2009-04-05 02:24:48.927195384 +0000
+@@ -480,7 +480,7 @@
"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32",
# MinGW
@@ -10,7 +10,7 @@
# UWIN
"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
-@@ -1051,7 +1051,7 @@
+@@ -1059,7 +1059,7 @@
my $IsMK1MF=scalar grep /^$target$/, at MK1MF_Builds;
@@ -20,8 +20,8 @@
$no_shared = 0 if ($fipsdso && !$IsMK1MF);
diff -Naur a/Makefile.org b/Makefile.org
---- a/Makefile.org 2008-12-30 13:26:26.000000000 +0000
-+++ b/Makefile.org 2009-01-31 10:46:23.025523352 +0000
+--- a/Makefile.org 2009-03-03 22:40:29.000000000 +0000
++++ b/Makefile.org 2009-04-05 02:24:48.928195232 +0000
@@ -131,7 +131,7 @@
BASEADDR=
Modified: torvm/trunk/build/win32/src/torvm-w32/Makefile
===================================================================
--- torvm/trunk/build/win32/src/torvm-w32/Makefile 2009-04-19 04:34:34 UTC (rev 19349)
+++ torvm/trunk/build/win32/src/torvm-w32/Makefile 2009-04-20 02:43:01 UTC (rev 19350)
@@ -5,8 +5,8 @@
BINDIR=C:\Tor_VM
CPPFLAGS += -I. -I/usr/include -I/usr/local/include -MMD -MP
CPPFLAGS += -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
-#LDFLAGS += -L/usr/lib -L/usr/local/lib -lws2_32 -liphlpapi
-LDFLAGS += -lws2_32 -liphlpapi
+#LDFLAGS += -L/usr/lib -L/usr/local/lib
+LIBS += -lws2_32 -liphlpapi
all: torvm$(EXESUF)
Modified: torvm/trunk/build/win32/src/torvm-w32/apicommon.c
===================================================================
--- torvm/trunk/build/win32/src/torvm-w32/apicommon.c 2009-04-19 04:34:34 UTC (rev 19349)
+++ torvm/trunk/build/win32/src/torvm-w32/apicommon.c 2009-04-20 02:43:01 UTC (rev 19350)
@@ -4,6 +4,35 @@
#include "apicommon.h"
+/* Depending on _WIN32_WINNT version and mingw32 api we may
+ * have all of the socket structures defined. Needed by default.
+ */
+#ifndef __HAVE_IN_ADDR
+typedef struct _in_addr {
+ union {
+ struct {
+ unsigned char s_b1,
+ s_b2,
+ s_b3,
+ s_b4;
+ } S_un_b;
+ struct {
+ unsigned short s_w1,
+ s_w2;
+ } S_un_w;
+ unsigned long S_addr;
+ } S_un;
+} in_addr;
+#endif
+#ifndef __HAVE_SOCKADDR_IN
+typedef struct _sockaddr_in{
+ short sin_family;
+ unsigned short sin_port;
+ struct in_addr sin_addr;
+ char sin_zero[8];
+} sockaddr_in;
+#endif
+
/* jump hoops to read ethernet adapter MAC address.
*/
#define _NDIS_CONTROL_CODE(request,method) \
@@ -32,13 +61,160 @@
#define OID_WW_GEN_PERMANENT_ADDRESS 0x0901010B
#define OID_WW_GEN_CURRENT_ADDRESS 0x0901010C
+BOOL buildsyspath (DWORD syspathtype,
+ LPTSTR append,
+ LPTSTR *fpath)
+{
+ DWORD retval;
+ DWORD errnum;
+ LPTSTR defval = NULL;
+ LPTSTR envvar;
+ LPTSTR dsep = "\\";
+ *fpath = malloc(CMDMAX * sizeof(TCHAR));
+ if(*fpath == NULL) {
+ lerror ("buildsyspath: out of memory.");
+ free(envvar);
+ return FALSE;
+ }
+ if (syspathtype == SYSDIR_WINROOT) {
+ envvar = getenv("SYSTEMROOT");
+ defval = DEFAULT_WINDIR;
+ }
+ else if (syspathtype == SYSDIR_ALLPROFILE)
+ envvar = getenv("ALLUSERSPROFILE");
+ else if (syspathtype == SYSDIR_PROFILE)
+ envvar = getenv("USERPROFILE");
+ else if (syspathtype == SYSDIR_PROGRAMS)
+ envvar = getenv("PROGRAMFILES");
+ else if (syspathtype == SYSDIR_LCLDATA)
+ envvar = getenv("USERPROFILE");
+ else if (syspathtype == SYSDIR_LCLPROGRAMS)
+ envvar = getenv("USERPROFILE");
+ if(!envvar) {
+ if (defval) {
+ strncpy(*fpath, defval, (CMDMAX -1));
+ return TRUE;
+ }
+ free(*fpath);
+ *fpath = 0;
+ return FALSE;
+ }
+ if ( (syspathtype == SYSDIR_LCLPROGRAMS) || (syspathtype == SYSDIR_LCLDATA) ) {
+ LPTSTR lclpost = 0;
+ if (syspathtype == SYSDIR_LCLPROGRAMS)
+ lclpost = "Programs";
+ /* local appdata and programs is built against the user profile root */
+ snprintf (*fpath, (CMDMAX -1),
+ "%s%s%s%s%s%s%s",
+ envvar,
+ dsep,
+ "Local Settings\\Application Data",
+ lclpost ? dsep : "",
+ lclpost ? lclpost : "",
+ append ? dsep : "",
+ append ? append : "");
+ }
+ else {
+ snprintf (*fpath, (CMDMAX -1),
+ "%s%s%s",
+ envvar,
+ append ? dsep : "",
+ append ? append : "");
+ }
+ ldebug ("Returning system path %s for path type %d and append %s", *fpath, syspathtype, append ? append : "");
+ return TRUE;
+}
+
+BOOL buildfpath (DWORD pathtype,
+ DWORD subdirtype,
+ LPTSTR wdpath,
+ LPTSTR append,
+ LPTSTR *fpath)
+{
+ LPTSTR basepath;
+ DWORD buflen;
+ *fpath = NULL;
+ LPTSTR dsep = "\\";
+ if (pathtype == PATH_RELATIVE) {
+ if (!wdpath) {
+ basepath = strdup(".");
+ }
+ else {
+ /* TODO: for now, we check if we're in one of the bin/lib/state subdirs
+ * and adjust accordingly. what we really need to do is is build a full
+ * relative path based on cwd for situations when we might be executing
+ * in a location other than the usual subdirs above.
+ */
+ if ( (strstr(wdpath, "\\" TOR_VM_BIN)) ||
+ (strstr(wdpath, "\\" TOR_VM_LIB)) ||
+ (strstr(wdpath, "\\" TOR_VM_STATE)) ) {
+ basepath = (pathtype == PATH_MSYS) ? strdup("../") : strdup("..\\");
+ }
+ }
+ }
+ else {
+ if (!getmypath(&basepath)) {
+ lerror ("Unable to get current process working directory.");
+ /* TODO: what fallbacks should be used? check common locations? */
+ return FALSE;
+ }
+ if (pathtype == PATH_MSYS) {
+ /* TODO: split drive and path, then sub dir separator */
+ dsep = "/";
+ }
+ /* truncate off our program name from the basepath */
+ if (strlen(basepath) > 1) {
+ LPTSTR cp = basepath + strlen(basepath) - 1;
+ while (cp > basepath && *cp) {
+ if (*cp == '\\')
+ *cp = 0;
+ else
+ cp--;
+ }
+ }
+ }
+ buflen = strlen(basepath) + 32; /* leave plenty of room for subdir */
+ if (append)
+ buflen += strlen(append);
+ *fpath = malloc(buflen);
+ **fpath = 0;
+ if (subdirtype == VMDIR_BASE) {
+ snprintf (*fpath, buflen-1,
+ "%s%s%s",
+ basepath,
+ append ? dsep : "",
+ append ? append : "");
+ }
+ else {
+ LPTSTR csd = "";
+ if (subdirtype == VMDIR_BIN)
+ csd = TOR_VM_BIN;
+ else if (subdirtype == VMDIR_LIB)
+ csd = TOR_VM_LIB;
+ else if (subdirtype == VMDIR_STATE)
+ csd = TOR_VM_STATE;
+
+ snprintf (*fpath, buflen-1,
+ "%s%s%s%s%s",
+ basepath,
+ dsep,
+ csd,
+ append ? dsep : "",
+ append ? append : "");
+ }
+ ldebug ("Returning build file path %s for path type %d subdir type %d working path %s and append %s", *fpath, pathtype, subdirtype, wdpath ? wdpath : "", append ? append : "");
+
+ free (basepath);
+ return TRUE;
+}
+
BOOL getmypath (TCHAR **path)
{
- TCHAR mypath[MAX_PATH];
+ CHAR mypath[MAX_PATH];
memset (mypath, 0, sizeof(mypath));
- if (! GetModuleFileName(NULL,
- &mypath,
- sizeof(mypath)-1)) {
+ if (! GetModuleFileNameA(NULL,
+ mypath,
+ sizeof(mypath)-1)) {
lerror ("Unable to obtain current program path.");
return FALSE;
}
@@ -46,6 +222,63 @@
return TRUE;
}
+BOOL exists (LPTSTR path)
+{
+ HANDLE hnd;
+ hnd = CreateFile (path,
+ GENERIC_READ,
+ 0,
+ NULL,
+ OPEN_EXISTING,
+ FILE_ATTRIBUTE_NORMAL,
+ NULL);
+ if (hnd == INVALID_HANDLE_VALUE) {
+ return FALSE;
+ }
+ CloseHandle(hnd);
+ return TRUE;
+}
+
+BOOL copyfile (LPTSTR srcpath,
+ LPTSTR destpath)
+{
+ HANDLE src, dest;
+ DWORD buffsz = CMDMAX;
+ DWORD len, written;
+ LPTSTR buff;
+ src = CreateFile (srcpath,
+ GENERIC_READ,
+ 0,
+ NULL,
+ OPEN_EXISTING,
+ FILE_ATTRIBUTE_NORMAL,
+ NULL);
+ if (src == INVALID_HANDLE_VALUE) {
+ return FALSE;
+ }
+ DeleteFile (destpath);
+ dest = CreateFile (destpath,
+ GENERIC_WRITE,
+ 0,
+ NULL,
+ CREATE_NEW,
+ FILE_ATTRIBUTE_NORMAL,
+ NULL);
+ if (dest == INVALID_HANDLE_VALUE) {
+ return FALSE;
+ }
+ buff = malloc(buffsz);
+ if (!buff)
+ return FALSE;
+ while (ReadFile(src, buff, buffsz, &len, NULL) && (len > 0))
+ WriteFile(dest, buff, len, &written, NULL);
+ free (buff);
+ CloseHandle (src);
+ CloseHandle (dest);
+
+ return TRUE;
+}
+
void bgstartupinfo (STARTUPINFO *si)
{
si->dwXCountChars = 48;
@@ -57,6 +290,42 @@
return;
}
+BOOL runcommand(LPSTR cmd,
+ LPSTR dir)
+{
+ STARTUPINFO si;
+ PROCESS_INFORMATION pi;
+ DWORD exitcode;
+ DWORD opts = CREATE_NEW_PROCESS_GROUP;
+
+ ZeroMemory( &pi, sizeof(pi) );
+ ZeroMemory( &si, sizeof(si) );
+ si.cb = sizeof(si);
+
+ if( !CreateProcess(NULL,
+ cmd,
+ NULL, // process handle no inherit
+ NULL, // thread handle no inherit
+ FALSE, // default handle inheritance false
+ opts,
+ NULL, // environment block
+ dir,
+ &si,
+ &pi) ) {
+ lerror ("Failed to launch process. Error code: %d", GetLastError());
+ return FALSE;
+ }
+
+ while ( GetExitCodeProcess(pi.hProcess, &exitcode) && (exitcode == STILL_ACTIVE) ) {
+ Sleep (500);
+ }
+ ldebug ("runcommand process %s exited with status: %d", cmd, exitcode);
+ CloseHandle(pi.hThread);
+ CloseHandle(pi.hProcess);
+
+ return TRUE;
+}
+
BOOL localhnd (HANDLE *hnd)
{
HANDLE orighnd = *hnd;
@@ -144,9 +413,9 @@
}
}
else if (info.dwMajorVersion == 6) {
- OSVERSIONINFOEX exinfo;
- ZeroMemory(&exinfo, sizeof(OSVERSIONINFOEX));
- exinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
+ OSVERSIONINFOEXA exinfo;
+ ZeroMemory(&exinfo, sizeof(OSVERSIONINFOEXA));
+ exinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEXA);
GetVersionEx(&exinfo);
if (exinfo.wProductType != VER_NT_WORKSTATION) {
ldebug ("Operating system version is Windows Vista");
@@ -284,6 +553,33 @@
return retval;
}
+BOOL tryconnect(const char * addr,
+ DWORD port)
+{
+ WSADATA wsadata;
+ SOCKET csocket;
+ int result = WSAStartup(MAKEWORD(2,2), &wsadata);
+ csocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+ if (csocket == INVALID_SOCKET) {
+ ldebug("Error at socket(): %ld\n", WSAGetLastError());
+ WSACleanup();
+ return FALSE;
+ }
+ sockaddr_in dest;
+ dest.sin_family = AF_INET;
+ dest.sin_addr.s_addr = inet_addr(addr);
+ dest.sin_port = htons(port);
+ if (connect(csocket,
+ (SOCKADDR*)&dest,
+ sizeof(dest)) == SOCKET_ERROR) {
+ WSACleanup();
+ return FALSE;
+ }
+ closesocket(csocket);
+ WSACleanup();
+ return TRUE;
+}
+
BOOL base16encode(LPBYTE data,
DWORD len,
char ** hexstr)
@@ -305,9 +601,9 @@
return FALSE;
}
for (i = 0; i < len; i++) {
- snprintf(*hexstr[i * 2], 3, "%02hhx", data[i]);
+ snprintf(*hexstr+(i*2), 3, "%02hhx", (short)data[i]);
}
- *hexstr[i] = NULL;
+ (*hexstr)[olen-1] = NULL;
return retval;
}
Modified: torvm/trunk/build/win32/src/torvm-w32/apicommon.h
===================================================================
--- torvm/trunk/build/win32/src/torvm-w32/apicommon.h 2009-04-19 04:34:34 UTC (rev 19349)
+++ torvm/trunk/build/win32/src/torvm-w32/apicommon.h 2009-04-20 02:43:01 UTC (rev 19350)
@@ -20,6 +20,7 @@
#include <winioctl.h>
#include <winerror.h>
#include <wincrypt.h>
+#include <winsock2.h>
#include <stdlib.h>
#include <stdio.h>
#include <stdarg.h>
@@ -35,7 +36,40 @@
/* misc win32 api utility functions
*/
+#define CMDMAX 4096
+#define DEFAULT_WINDIR "C:\\WINDOWS"
+#define TOR_VM_BASE "Tor_VM"
+#define W_TOR_VM_BASE L"Tor_VM"
+#define TOR_VM_BIN "bin"
+#define TOR_VM_LIB "lib"
+#define TOR_VM_STATE "state"
+BOOL buildpath (const TCHAR *dirname,
+ TCHAR **fullpath);
+#define PATH_FQ 1
+#define PATH_RELATIVE 2
+#define PATH_MSYS 3
+#define VMDIR_BASE 1
+#define VMDIR_BIN 2
+#define VMDIR_LIB 3
+#define VMDIR_STATE 4
+BOOL buildfpath (DWORD pathtype,
+ DWORD subdirtype,
+ LPTSTR wdpath,
+ LPTSTR append,
+ LPTSTR *fpath);
+#define SYSDIR_WINROOT 1
+#define SYSDIR_PROFILE 2
+#define SYSDIR_ALLPROFILE 3
+#define SYSDIR_PROGRAMS 4
+#define SYSDIR_LCLDATA 5
+#define SYSDIR_LCLPROGRAMS 6
+BOOL buildsyspath (DWORD syspathtype,
+ LPTSTR append,
+ LPTSTR *fpath);
BOOL getmypath (TCHAR **path);
+BOOL exists (LPTSTR path);
+BOOL copyfile (LPTSTR srcpath,
+ LPTSTR destpath);
BOOL getprocwd (TCHAR **cwd);
BOOL setprocwd (const TCHAR *cwd);
@@ -83,11 +117,16 @@
BOOL getcompguid (TCHAR **guid);
void bgstartupinfo (STARTUPINFO *si);
+BOOL runcommand(LPSTR cmd,
+ LPSTR dir);
BOOL getmacaddr(const char * devguid,
char ** mac);
BOOL isconnected(const char * devguid);
+BOOL tryconnect(const char * addr,
+ DWORD port);
+
/* Caller is responsible for free'ing hexstr. Note that it will be exactly
* twice as long plus 1 (null terminated) as the input buffer.
*/
Modified: torvm/trunk/build/win32/src/torvm-w32/creds.c
===================================================================
--- torvm/trunk/build/win32/src/torvm-w32/creds.c 2009-04-19 04:34:34 UTC (rev 19349)
+++ torvm/trunk/build/win32/src/torvm-w32/creds.c 2009-04-20 02:43:01 UTC (rev 19350)
@@ -1,7 +1,9 @@
-/* Copyright (C) 2008 The Tor Project, Inc.
+/* Copyright (C) 2008-2009 The Tor Project, Inc.
* See LICENSE file for rights and terms.
*/
#include "creds.h"
+#include <userenv.h>
+#include <accctrl.h>
BOOL setdriversigning (BOOL sigcheck)
{
@@ -135,14 +137,20 @@
return TRUE;
}
-/* keep linkage to these dynamic, in case the requisite Dll's don't exist. */
+/* keep linkage to advapi32 and shell32 dynamic
+ * in case the requisite Dll's don't exist on this OS version.
+ */
#define NTSTATUS ULONG
+#define ACCOUNT_VIEW 1
+#define ACCOUNT_ADJUST_PRIVILEGES 2
+#define ACCOUNT_ADJUST_SYSTEM_ACCESS 8
+typedef DWORD SECURITY_INFORMATION, *PSECURITY_INFORMATION;
typedef struct _LSA_TRANSLATED_SID2 {
- SID_NAME_USE Use;
- PSID Sid;
- LONG DomainIndex;
- ULONG Flags;
+ SID_NAME_USE Use;
+ PSID Sid;
+ LONG DomainIndex;
+ ULONG Flags;
} LSA_TRANSLATED_SID2, *PLSA_TRANSLATED_SID2;
typedef BOOL (__stdcall *PFnIsUserAnAdmin)(void);
@@ -171,6 +179,14 @@
PLSA_UNICODE_STRING Names,
PLSA_REFERENCED_DOMAIN_LIST *ReferencedDomains,
PLSA_TRANSLATED_SID2 *Sids);
+typedef NTSTATUS (__stdcall *PFnLsaCreateAccount)(LSA_HANDLE PolicyHandle,
+ PSID AccountSid,
+ ULONG Flags,
+ PLSA_HANDLE AccountHandle);
+typedef NTSTATUS (__stdcall *PFnLsaOpenAccount)(LSA_HANDLE PolicyHandle,
+ PSID AccountSid,
+ ULONG Flags,
+ PLSA_HANDLE AccountHandle);
typedef NTSTATUS (__stdcall *PFnLsaAddAccountRights)(LSA_HANDLE PolicyHandle,
PSID AccountSid,
PLSA_UNICODE_STRING UserRights,
@@ -184,6 +200,26 @@
PSID AccountSid,
PLSA_UNICODE_STRING *UserRights,
PULONG CountOfRights);
+typedef NTSTATUS (__stdcall *PFnLsaLookupPrivilegeValue)(LSA_HANDLE PolicyHandle,
+ PLSA_UNICODE_STRING PrivilegeString,
+ PLUID Luid);
+typedef NTSTATUS (__stdcall *PFnLsaAddPrivilegesToAccount)(LSA_HANDLE AccountHandle,
+ PRIVILEGE_SET * ps);
+typedef BOOL (__stdcall *PFnImpersonateLoggedOnUser)(HANDLE Token);
+typedef BOOL (__stdcall *PFnImpersonateAnonymousToken)(HANDLE ThreadHandle);
+typedef BOOL (__stdcall *PFnCreateRestrictedToken)(HANDLE ExistingTokenHandle,
+ DWORD Flags,
+ DWORD DisableSidCount,
+ PSID_AND_ATTRIBUTES SidsToDisable,
+ DWORD DeletePrivilegeCount,
+ PLUID_AND_ATTRIBUTES PrivilegesToDelete,
+ DWORD RestrictedSidCount,
+ PSID_AND_ATTRIBUTES SidsToRestrict,
+ PHANDLE NewTokenHandle);
+typedef BOOL (__stdcall *PFnRevertToSelf)(void);
+typedef BOOL (__stdcall *PFnLookupPrivilegeValue)(LPTSTR SystemName,
+ LPTSTR Name,
+ PLUID Luid);
typedef BOOL (__stdcall *PFnAdjustTokenPrivileges)(HANDLE TokenHandle,
BOOL DisableAllPrivileges,
PTOKEN_PRIVILEGES NewState,
@@ -191,6 +227,69 @@
PTOKEN_PRIVILEGES PreviousState,
PDWORD ReturnLength);
typedef ULONG (__stdcall *PFnLsaNtStatusToWinError)(NTSTATUS Status);
+typedef BOOL (__stdcall *PFnLookupAccountName)(LPTSTR SystemName,
+ LPTSTR AccountName,
+ PSID Sid,
+ LPDWORD cbSid,
+ LPTSTR ReferencedDomainName,
+ LPDWORD cchReferencedDomainName,
+ PSID_NAME_USE peUse);
+typedef BOOL (__stdcall *PFnLogonUser)(LPTSTR Username,
+ LPTSTR Domain,
+ LPTSTR Password,
+ DWORD LogonType,
+ DWORD LogonProvider,
+ HANDLE * Token);
+typedef BOOL (__stdcall *PFnLogonUserEx)(LPTSTR Username,
+ LPTSTR Domain,
+ LPTSTR Password,
+ DWORD LogonType,
+ DWORD LogonProvider,
+ HANDLE * Token,
+ PSID *LogonSid,
+ PVOID *ProfileBuffer,
+ LPDWORD ProfileLength,
+ PQUOTA_LIMITS QuotaLimits);
+typedef BOOL (__stdcall *PFnGetFileSecurity)(LPCTSTR Filename,
+ SECURITY_INFORMATION Request,
+ PSECURITY_DESCRIPTOR SecurityDescriptor,
+ DWORD Length,
+ LPDWORD LengthNeeded);
+typedef BOOL (__stdcall *PFnSetFileSecurity)(LPCTSTR Filename,
+ SECURITY_INFORMATION Request,
+ PSECURITY_DESCRIPTOR SecurityDescriptor);
+typedef NTSTATUS (__stdcall *PFnGetSecurityInfo)(HANDLE ObjHandle,
+ SE_OBJECT_TYPE ObjectType,
+ SECURITY_INFORMATION SecurityInfo,
+ PSID *Owner,
+ PSID *Group,
+ PACL *Dacl,
+ PACL *Sacl,
+ PSECURITY_DESCRIPTOR *SecurityDescriptor);
+typedef NTSTATUS (__stdcall *PFnSetSecurityInfo)(HANDLE ObjHandle,
+ SE_OBJECT_TYPE ObjectType,
+ SECURITY_INFORMATION SecurityInfo,
+ PSID *Owner,
+ PSID *Group,
+ PACL *Dacl,
+ PACL *Sacl);
+typedef NTSTATUS (__stdcall *PFnGetNamedSecurityInfo)(LPTSTR ObjectName,
+ SE_OBJECT_TYPE ObjectType,
+ SECURITY_INFORMATION SecurityInfo,
+ PSID *Owner,
+ PSID *Group,
+ PACL *Dacl,
+ PACL *Sacl,
+ PSECURITY_DESCRIPTOR *SecurityDescriptor);
+typedef NTSTATUS (__stdcall *PFnSetNamedSecurityInfo)(LPTSTR ObjectName,
+ SE_OBJECT_TYPE ObjectType,
+ SECURITY_INFORMATION SecurityInfo,
+ PSID *Owner,
+ PSID *Group,
+ PACL *Dacl,
+ PACL *Sacl);
+typedef BOOL (__stdcall *PFnLoadUserProfile)(HANDLE Token,
+ LPPROFILEINFO ProfileInfo);
struct ft_advapi {
PFnAllocateAndInitializeSid AllocateAndInitializeSid;
@@ -198,16 +297,112 @@
PFnCheckTokenMembership CheckTokenMembership;
PFnLsaOpenPolicy LsaOpenPolicy;
PFnLsaLookupNames2 LsaLookupNames2;
+ PFnLsaCreateAccount LsaCreateAccount;
+ PFnLsaOpenAccount LsaOpenAccount;
PFnLsaAddAccountRights LsaAddAccountRights;
PFnLsaRemoveAccountRights LsaRemoveAccountRights;
PFnLsaEnumerateAccountRights LsaEnumerateAccountRights;
+ PFnLsaLookupPrivilegeValue LsaLookupPrivilegeValue;
+ PFnLsaAddPrivilegesToAccount LsaAddPrivilegesToAccount;
+ PFnImpersonateLoggedOnUser ImpersonateLoggedOnUser;
+ PFnImpersonateAnonymousToken ImpersonateAnonymousToken;
+ PFnCreateRestrictedToken CreateRestrictedToken;
+ PFnRevertToSelf RevertToSelf;
+ PFnLookupPrivilegeValue LookupPrivilegeValue;
PFnAdjustTokenPrivileges AdjustTokenPrivileges;
PFnLsaNtStatusToWinError LsaNtStatusToWinError;
+ PFnLookupAccountName LookupAccountName;
+ PFnLogonUser LogonUser;
+ PFnLogonUserEx LogonUserEx;
+ PFnGetFileSecurity GetFileSecurity;
+ PFnSetFileSecurity SetFileSecurity;
+ PFnGetSecurityInfo GetSecurityInfo;
+ PFnSetSecurityInfo SetSecurityInfo;
+ PFnGetNamedSecurityInfo GetNamedSecurityInfo;
+ PFnSetNamedSecurityInfo SetNamedSecurityInfo;
+ PFnLoadUserProfile LoadUserProfile;
};
-static struct ft_advapi *s_advapi = NULL;
-static HMODULE s_advapi_hnd = INVALID_HANDLE_VALUE;
+static struct ft_advapi *s_advapi = NULL;
+static HMODULE s_advapi_hnd = INVALID_HANDLE_VALUE;
+static HMODULE s_userenv_hnd = INVALID_HANDLE_VALUE;
+static void lsastr(PLSA_UNICODE_STRING lsastring,
+ LPWSTR cstring)
+{
+ DWORD len;
+ lsastring->Buffer = NULL;
+ lsastring->Length = 0;
+ lsastring->MaximumLength = 0;
+ if (cstring) {
+ len = wcslen(cstring);
+ lsastring->Buffer = cstring;
+ lsastring->Length = (USHORT)len * sizeof(WCHAR);
+ lsastring->MaximumLength = (USHORT)(len + 1) * sizeof(WCHAR);
+ }
+}
+
+static void lsacstr(PLSA_UNICODE_STRING lsastring,
+ LPCSTR srcstring)
+{
+ DWORD len;
+ lsastring->Buffer = NULL;
+ lsastring->Length = 0;
+ lsastring->MaximumLength = 0;
+ if (srcstring) {
+ len = strlen(srcstring);
+ lsastring->Length = (USHORT)len * sizeof(WCHAR);
+ lsastring->MaximumLength = (USHORT)(len + 1) * sizeof(WCHAR);
+ lsastring->Buffer = malloc(lsastring->MaximumLength);
+ wsprintfW(lsastring->Buffer, L"%hS", srcstring);
+ }
+}
+
+BOOL dispntstatus(NTSTATUS ntstatusval,
+ LPSTR * dispstatus)
+{
+ BOOL retval = FALSE;
+ LPSTR strfmtstatus;
+ DWORD winerrno;
+ *dispstatus = NULL;
+ if (s_advapi->LsaNtStatusToWinError) {
+ winerrno = s_advapi->LsaNtStatusToWinError(ntstatusval);
+ DWORD buffsz = 0;
+ buffsz = FormatMessageA(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM,
+ NULL,
+ winerrno,
+ GetUserDefaultLangID(),
+ (LPSTR) &strfmtstatus,
+ 0,
+ NULL);
+ *dispstatus = malloc(buffsz + 1);
+ memcpy(*dispstatus, strfmtstatus, buffsz);
+ (*dispstatus)[buffsz] = 0;
+ free(strfmtstatus);
+ retval = TRUE;
+ }
+ return (retval);
+}
+
+BOOL dispwinstatus(LPSTR *dispstatus)
+{
+ LPSTR strfmtstatus;
+ DWORD buffsz = 0;
+ *dispstatus = NULL;
+ buffsz = FormatMessageA(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM,
+ NULL,
+ GetLastError(),
+ GetUserDefaultLangID(),
+ (LPSTR) &strfmtstatus,
+ 0,
+ NULL);
+ *dispstatus = malloc(buffsz + 1);
+ memcpy(*dispstatus, strfmtstatus, buffsz);
+ (*dispstatus)[buffsz] = 0;
+ free(strfmtstatus);
+ return TRUE;
+}
+
static void loadadvapifuncs (void)
{
if (s_advapi != NULL)
@@ -218,20 +413,83 @@
s_advapi_hnd = LoadLibrary("advapi32.dll");
if (s_advapi_hnd) {
ldebug ("Loading advapi functions from library.");
+
+ /* XXX: Note that we don't even attempt to handle non-ascii charsets yet.
+ * Refactoring for wide charsets must be done cautiously as these API calls
+ * have known inconsistent and potentially vulnernable semantic differences
+ * between the single byte ascii and wide character type of invocation.
+ * (for example, LogonUserW fails without a Domain passed, etc.)
+ */
s_advapi->AllocateAndInitializeSid = (PFnAllocateAndInitializeSid) GetProcAddress(s_advapi_hnd, "AllocateAndInitializeSid");
s_advapi->FreeSid = (PFnFreeSid) GetProcAddress(s_advapi_hnd, "FreeSid");
s_advapi->CheckTokenMembership = (PFnCheckTokenMembership) GetProcAddress(s_advapi_hnd, "CheckTokenMembership");
s_advapi->LsaOpenPolicy = (PFnLsaOpenPolicy) GetProcAddress(s_advapi_hnd, "LsaOpenPolicy");
s_advapi->LsaLookupNames2 = (PFnLsaLookupNames2) GetProcAddress(s_advapi_hnd, "LsaLookupNames2");
+ s_advapi->LsaCreateAccount = (PFnLsaCreateAccount) GetProcAddress(s_advapi_hnd, "LsaCreateAccount");
+ s_advapi->LsaOpenAccount = (PFnLsaOpenAccount) GetProcAddress(s_advapi_hnd, "LsaOpenAccount");
s_advapi->LsaAddAccountRights = (PFnLsaAddAccountRights) GetProcAddress(s_advapi_hnd, "LsaAddAccountRights");
s_advapi->LsaRemoveAccountRights = (PFnLsaRemoveAccountRights) GetProcAddress(s_advapi_hnd, "LsaRemoveAccountRights");
s_advapi->LsaEnumerateAccountRights = (PFnLsaEnumerateAccountRights) GetProcAddress(s_advapi_hnd, "LsaEnumerateAccountRights");
+ s_advapi->LsaLookupPrivilegeValue = (PFnLsaLookupPrivilegeValue) GetProcAddress(s_advapi_hnd, "LsaLookupPrivilegeValue");
+ s_advapi->LsaAddPrivilegesToAccount = (PFnLsaAddPrivilegesToAccount) GetProcAddress(s_advapi_hnd, "LsaAddPrivilegesToAccount");
+ s_advapi->ImpersonateLoggedOnUser = (PFnImpersonateLoggedOnUser) GetProcAddress(s_advapi_hnd, "ImpersonateLoggedOnUser");
+ s_advapi->ImpersonateAnonymousToken = (PFnImpersonateAnonymousToken) GetProcAddress(s_advapi_hnd, "ImpersonateAnonymousToken");
+ s_advapi->CreateRestrictedToken = (PFnCreateRestrictedToken) GetProcAddress(s_advapi_hnd, "CreateRestrictedToken");
+ s_advapi->RevertToSelf = (PFnRevertToSelf) GetProcAddress(s_advapi_hnd, "RevertToSelf");
+ s_advapi->LookupPrivilegeValue = (PFnLookupPrivilegeValue) GetProcAddress(s_advapi_hnd, "LookupPrivilegeValueA");
s_advapi->AdjustTokenPrivileges = (PFnAdjustTokenPrivileges) GetProcAddress(s_advapi_hnd, "AdjustTokenPrivileges");
s_advapi->LsaNtStatusToWinError = (PFnLsaNtStatusToWinError) GetProcAddress(s_advapi_hnd, "LsaNtStatusToWinError");
+ s_advapi->LookupAccountName = (PFnLookupAccountName) GetProcAddress(s_advapi_hnd, "LookupAccountNameA");
+ s_advapi->LogonUser = (PFnLogonUser) GetProcAddress(s_advapi_hnd, "LogonUserA");
+ s_advapi->LogonUserEx = (PFnLogonUserEx) GetProcAddress(s_advapi_hnd, "LogonUserExA");
+ s_advapi->GetFileSecurity = (PFnGetFileSecurity) GetProcAddress(s_advapi_hnd, "GetFileSecurityA");
+ s_advapi->SetFileSecurity = (PFnSetFileSecurity) GetProcAddress(s_advapi_hnd, "SetFileSecurityA");
+ s_advapi->GetSecurityInfo = (PFnGetSecurityInfo) GetProcAddress(s_advapi_hnd, "GetSecurityInfo");
+ s_advapi->SetSecurityInfo = (PFnSetSecurityInfo) GetProcAddress(s_advapi_hnd, "SetSecurityInfo");
+ s_advapi->GetNamedSecurityInfo = (PFnGetNamedSecurityInfo) GetProcAddress(s_advapi_hnd, "GetNamedSecurityInfoA");
+ s_advapi->SetNamedSecurityInfo = (PFnSetNamedSecurityInfo) GetProcAddress(s_advapi_hnd, "SetNamedSecurityInfoA");
+
+ s_advapi->AllocateAndInitializeSid ? ldebug ("Loaded symbol AllocateAndInitializeSid") : ldebug ("DID NOT find symbol AllocateAndInitializeSid");
+ s_advapi->FreeSid ? ldebug ("Loaded symbol FreeSid") : ldebug ("DID NOT find symbol FreeSid");
+ s_advapi->CheckTokenMembership ? ldebug ("Loaded symbol CheckTokenMembership") : ldebug ("DID NOT find symbol CheckTokenMembership");
+ s_advapi->LsaOpenPolicy ? ldebug ("Loaded symbol LsaOpenPolicy") : ldebug ("DID NOT find symbol LsaOpenPolicy");
+ s_advapi->LsaLookupNames2 ? ldebug ("Loaded symbol LsaLookupNames2") : ldebug ("DID NOT find symbol LsaLookupNames2");
+ s_advapi->LsaCreateAccount ? ldebug ("Loaded symbol LsaCreateAccount") : ldebug ("DID NOT find symbol LsaCreateAccount");
+ s_advapi->LsaOpenAccount ? ldebug ("Loaded symbol LsaOpenAccount") : ldebug ("DID NOT find symbol LsaOpenAccount");
+ s_advapi->LsaAddAccountRights ? ldebug ("Loaded symbol LsaAddAccountRights") : ldebug ("DID NOT find symbol LsaAddAccountRights");
+ s_advapi->LsaRemoveAccountRights ? ldebug ("Loaded symbol LsaRemoveAccountRights") : ldebug ("DID NOT find symbol LsaRemoveAccountRights");
+ s_advapi->LsaEnumerateAccountRights ? ldebug ("Loaded symbol LsaEnumerateAccountRights") : ldebug ("DID NOT find symbol LsaEnumerateAccountRights");
+ s_advapi->LsaLookupPrivilegeValue ? ldebug ("Loaded symbol LsaLookupPrivilegeValue") : ldebug ("DID NOT find symbol LsaLookupPrivilegeValue");
+ s_advapi->LsaAddPrivilegesToAccount ? ldebug ("Loaded symbol LsaAddPrivilegesToAccount") : ldebug ("DID NOT find symbol LsaAddPrivilegesToAccount");
+ s_advapi->ImpersonateLoggedOnUser ? ldebug ("Loaded symbol ImpersonateLoggedOnUser") : ldebug ("DID NOT find symbol ImpersonateLoggedOnUser");
+ s_advapi->ImpersonateAnonymousToken ? ldebug ("Loaded symbol ImpersonateAnonymousToken") : ldebug ("DID NOT find symbol ImpersonateAnonymousToken");
+ s_advapi->CreateRestrictedToken ? ldebug ("Loaded symbol CreateRestrictedToken") : ldebug ("DID NOT find symbol CreateRestrictedToken");
+ s_advapi->RevertToSelf ? ldebug ("Loaded symbol RevertToSelf") : ldebug ("DID NOT find symbol RevertToSelf");
+ s_advapi->LookupPrivilegeValue ? ldebug ("Loaded symbol LookupPrivilegeValue") : ldebug ("DID NOT find symbol LookupPrivilegeValue");
+ s_advapi->AdjustTokenPrivileges ? ldebug ("Loaded symbol AdjustTokenPrivileges") : ldebug ("DID NOT find symbol AdjustTokenPrivileges");
+ s_advapi->LsaNtStatusToWinError ? ldebug ("Loaded symbol LsaNtStatusToWinError") : ldebug ("DID NOT find symbol LsaNtStatusToWinError");
+ s_advapi->LogonUser ? ldebug ("Loaded symbol LogonUser") : ldebug ("DID NOT find symbol LogonUser");
+ s_advapi->LogonUserEx ? ldebug ("Loaded symbol LogonUserEx") : ldebug ("DID NOT find symbol LogonUserEx");
+ s_advapi->GetFileSecurity ? ldebug ("Loaded symbol GetFileSecurity") : ldebug ("DID NOT find symbol GetFileSecurity");
+ s_advapi->SetFileSecurity ? ldebug ("Loaded symbol SetFileSecurity") : ldebug ("DID NOT find symbol SetFileSecurity");
+ s_advapi->GetSecurityInfo ? ldebug ("Loaded symbol GetSecurityInfo") : ldebug ("DID NOT find symbol GetSecurityInfo");
+ s_advapi->SetSecurityInfo ? ldebug ("Loaded symbol SetSecurityInfo") : ldebug ("DID NOT find symbol SetSecurityInfo");
+ s_advapi->GetNamedSecurityInfo ? ldebug ("Loaded symbol GetNamedSecurityInfo") : ldebug ("DID NOT find symbol GetNamedSecurityInfo");
+ s_advapi->SetNamedSecurityInfo ? ldebug ("Loaded symbol SetNamedSecurityInfo") : ldebug ("DID NOT find symbol SetNamedSecurityInfo");
}
else {
ldebug ("No advapi library located; unable to map API functions.");
}
+ s_userenv_hnd = LoadLibrary("userenv.dll");
+ if (s_userenv_hnd) {
+ ldebug ("Loading userenv functions from library.");
+ s_advapi->LoadUserProfile = (PFnLoadUserProfile) GetProcAddress(s_userenv_hnd, "LoadUserProfileA");
+ s_advapi->LoadUserProfile ? ldebug ("Loaded symbol LoadUserProfile") : ldebug ("DID NOT find symbol LoadUserProfile");
+ }
+ else {
+ ldebug ("No userenv library located; unable to map API functions.");
+ }
+
return;
}
@@ -243,6 +501,9 @@
HMODULE module;
PFnIsUserAnAdmin pfnIsUserAnAdmin;
+ if (s_advapi == NULL)
+ loadadvapifuncs();
+
/* use IsUserAnAdmin when possible (Vista or greater). otherwise we fall back to checking
* token membership manually. For Vista and greater we want to know if we are currently running
* with Administrator rights, not only that user is a member of Administrator group.
@@ -251,6 +512,7 @@
if (module) {
pfnIsUserAnAdmin = (PFnIsUserAnAdmin) GetProcAddress(module, "IsUserAnAdmin");
if (pfnIsUserAnAdmin) {
+ ldebug ("Using shell32.dll API to check for admin rights.");
isadmin = pfnIsUserAnAdmin();
FreeLibrary(module);
return isadmin;
@@ -258,12 +520,10 @@
FreeLibrary(module);
}
- if (s_advapi == NULL)
- loadadvapifuncs();
-
if (s_advapi->AllocateAndInitializeSid &&
s_advapi->CheckTokenMembership &&
s_advapi->FreeSid) {
+ ldebug ("Using advapi32 to check for admin rights.");
if(s_advapi->AllocateAndInitializeSid(&ntauth,
2,
SECURITY_BUILTIN_DOMAIN_RID,
@@ -279,9 +539,317 @@
s_advapi->FreeSid(admgroup);
}
}
+ else {
+ ldebug ("Unable to check for admin rights; no suitable library found.");
+ }
return isadmin;
}
+/* XXX not used yet... vista, svr2008, win7 ex api.
+ * when as service with SYSTEM can launch to active desktop
+ * and enforce admin / resitricted user rights for Tor apps.
+ */
+static BOOL setupexuser(userinfo *info)
+{
+ HWINSTA savesta;
+ HWINSTA newsta;
+ HDESK hdesk;
+ DWORD deskopts = 0;
+ SECURITY_ATTRIBUTES dsa;
+ LPSTR errmsg;
+
+#if 0 /* XXX no station or desktop enumeration callbacks yet. */
+ if (!EnumWindowStations(&_enumscb,
+ NULL)) {
+ dispwinstatus(&errmsg);
+ ldebug("EnumWindowStations failed. Error code: %s", errmsg);
+ }
+ else {
+ ldebug("EnumWindowStations finished.");
+ }
+#endif /* no enum */
+
+ savesta = GetProcessWindowStation();
+ /* XXX test config, only defaults supported. note rights are too permissive. */
+ newsta = OpenWindowStation("WinSta0",
+ TRUE,
+ READ_CONTROL | WRITE_DAC | WINSTA_ALL_ACCESS);
+ if (newsta) {
+ ldebug("OpenWindowStation passed.");
+ SetProcessWindowStation(newsta);
+ /* default, screen-saver, and Winlogon desktops expected at primary station.
+ * you don't get to mess with Winlogon unless you re-write GINA. patches welcome. :)
+ */
+#if 0 /* XXX no station or desktop enumeration callbacks yet. */
+ if (!EnumDesktopsA(newsta,
+ &_enumdcb,
+ NULL)) {
+ dispwinstatus(&errmsg);
+ ldebug("EnumDesktops failed. Error code: %s", errmsg);
+ }
+ else {
+ ldebug("EnumDesktops finished.");
+ }
+#endif /* no enum */
+
+ deskopts = READ_CONTROL | WRITE_DAC | WRITE_OWNER |
+ DESKTOP_CREATEMENU | DESKTOP_CREATEWINDOW | DESKTOP_ENUMERATE |
+ DESKTOP_HOOKCONTROL | DESKTOP_JOURNALPLAYBACK | DESKTOP_JOURNALRECORD |
+ DESKTOP_READOBJECTS | DESKTOP_SWITCHDESKTOP | DESKTOP_WRITEOBJECTS;
+ hdesk = OpenDesktop(info->name,
+ 0,
+ TRUE,
+ deskopts);
+ if (hdesk) {
+ ldebug("OpenDesktop \"%s\" passed.", info->name);
+ }
+ else {
+ dispwinstatus(&errmsg);
+ ldebug("OpenDesktop failed. Error code: %s", errmsg);
+ ZeroMemory( &dsa, sizeof(dsa) );
+ dsa.nLength = sizeof(SECURITY_ATTRIBUTES);
+ dsa.bInheritHandle = TRUE;
+ dsa.lpSecurityDescriptor = NULL;
+ hdesk = CreateDesktop(info->name,
+ NULL,
+ NULL,
+ 0,
+ deskopts,
+ &dsa);
+ if (!hdesk) {
+ dispwinstatus(&errmsg);
+ ldebug("CreateDesktop \"%s\" failed. Error code: %s", info->name, errmsg);
+ }
+ else {
+ ldebug("CreateDesktop \"%s\" passed.", info->name);
+ }
+ }
+ if (hdesk) {
+ if (!SwitchDesktop(hdesk)) {
+ dispwinstatus(&errmsg);
+ ldebug("SwitchDesktop failed. Error code: %s", errmsg);
+ }
+ else {
+ ldebug("SwitchDesktop passed.");
+ }
+ }
+ }
+ else {
+ dispwinstatus(&errmsg);
+ ldebug("OpenWindowStation failed. Error code: %s", errmsg);
+ }
+
+ if (!s_advapi->ImpersonateLoggedOnUser(info->hnd)) {
+ dispwinstatus(&errmsg);
+ ldebug("ImpersonateLoggedOnUser failed. Error code: %s", errmsg);
+ }
+ else {
+ ldebug("ImpersonateLoggedOnUser passed.");
+ }
+
+ return TRUE;
+}
+
+BOOL createruser (LPTSTR hostname,
+ LPTSTR username,
+ userinfo **info)
+{
+ BOOL retval = FALSE;
+ LSA_HANDLE accthnd;
+ LSA_HANDLE policyhnd;
+ ULONG prevaccess;
+ NTSTATUS ntstatus;
+ SID *acctsid = NULL;
+ DWORD sidsz = 1024;
+ DWORD domainsz = 0;
+ PROFILEINFO pi;
+ LSA_OBJECT_ATTRIBUTES policyattrs;
+ LSA_UNICODE_STRING lsahostname;
+ SID_NAME_USE acctuse;
+ PRIVILEGE_SET ps;
+ LUID_AND_ATTRIBUTES luidattr;
+ LSA_UNICODE_STRING lsaprivname;
+ LPSTR errmsg;
+
+ *info = NULL;
+ *info = malloc(sizeof(userinfo));
+ (*info)->name = strdup(username);
+ (*info)->host = strdup(hostname);
+
+ memset(&policyattrs, 0, sizeof(policyattrs));
+ memset(&pi, 0, sizeof(pi));
+ lsacstr(&lsahostname, hostname);
+ acctsid = malloc(sidsz);
+
+ if (s_advapi == NULL)
+ loadadvapifuncs();
+
+ if (s_advapi->LsaOpenPolicy &&
+ s_advapi->LookupAccountName &&
+ s_advapi->LsaAddAccountRights) {
+ ldebug("Creating restricted user account: %s\\%s", hostname, username);
+ runcommand("net.exe user Tor \"\" /add",NULL);
+ runcommand("net.exe localgroup Users Tor /add",NULL);
+ /* just to be sure in case someone did something stupid with local or domain policy ... */
+ runcommand("net.exe localgroup Administrators Tor /delete",NULL);
+ /* this may need to be removed... */
+ runcommand("net.exe accounts /maxpwage:unlimited",NULL);
+
+ ntstatus = s_advapi->LsaOpenPolicy(&lsahostname,
+ &policyattrs,
+ POLICY_CREATE_ACCOUNT | POLICY_LOOKUP_NAMES,
+ &policyhnd);
+ if (ntstatus) {
+ dispntstatus(ntstatus, &errmsg);
+ ldebug("LsaOpenPolicy failed. Error code: %s", errmsg);
+ }
+ ldebug("LsaOpenPolicy passed.");
+ /* XXX: should check for insufficient buffer in sidsz fail */
+ ntstatus = s_advapi->LookupAccountName(hostname,
+ username,
+ acctsid,
+ &sidsz,
+ 0,
+ &domainsz,
+ &acctuse);
+ if (ntstatus) {
+ dispntstatus(ntstatus, &errmsg);
+ ldebug("LookupAccountName failed. Error code: %s", errmsg);
+ }
+ else {
+ ldebug("LookupAccountName passed.");
+ retval = TRUE;
+ }
+
+#if 0
+/* XXX: more not-yet support service / vista+ api ... */
+ lsacstr(&lsaprivname, "SeInteractiveLogonRight");
+ ntstatus = s_advapi->LsaLookupPrivilegeValue(policyhnd,
+ &lsaprivname,
+ &luidattr.Luid);
+ if (ntstatus) {
+ dispntstatus(ntstatus, &errmsg);
+ ldebug("LsaLookupPrivilegeValue failed. Error code: %s", errmsg);
+ if (! s_advapi->LookupPrivilegeValue(0,
+ "SeInteractiveLogonRight",
+ &luidattr.Luid)) {
+ dispwinstatus(&errmsg);
+ ldebug("LookupPrivilegeValue failed. Error code: %s", errmsg);
+ }
+ }
+ ldebug("LsaLookupPrivilegeValue passed.");
+
+ luidattr.Attributes=0;
+ ps.PrivilegeCount=1;
+ ps.Control=0;
+ ps.Privilege[0]=luidattr;
+ ntstatus = s_advapi->LsaOpenAccount(policyhnd,
+ acctsid,
+ ACCOUNT_ADJUST_PRIVILEGES,
+ &accthnd);
+ if (ntstatus) {
+ dispntstatus(ntstatus, &errmsg);
+ ldebug("LsaOpenAccount failed with error: %s , trying CreateAccount ...", errmsg);
+ ntstatus = s_advapi->LsaCreateAccount(policyhnd,
+ acctsid,
+ ACCOUNT_ADJUST_PRIVILEGES,
+ &accthnd);
+ if (ntstatus) {
+ dispntstatus(ntstatus, &errmsg);
+ ldebug("LsaCreateAccount failed. Error code: %s", errmsg);
+ }
+ }
+ ldebug("LsaOpenAccount/LsaCreateAccount passed.");
+
+ ntstatus = s_advapi->LsaAddPrivilegesToAccount(accthnd,
+ &ps);
+ if (ntstatus) {
+ dispntstatus(ntstatus, &errmsg);
+ ldebug("LsaAddPrivilegesToAccount failed. Error code: %s", errmsg);
+ }
+
+ if (!LogonUser(username,
+ hostname,
+ "",
+ LOGON32_LOGON_INTERACTIVE,
+ LOGON32_PROVIDER_DEFAULT,
+ &((*info)->hnd))) {
+ dispwinstatus(&errmsg);
+ ldebug("LogonUser failed. Error code: %s", errmsg);
+ }
+ else {
+ ldebug("LogonUser passed.");
+ }
+
+ if (!SetHandleInformation ((*info)->hnd,
+ HANDLE_FLAG_INHERIT,
+ HANDLE_FLAG_INHERIT)) {
+ dispwinstatus(&errmsg);
+ ldebug("SetHandleInformation failed for user login handle. Error code: %s", errmsg);
+ }
+ else {
+ ldebug("SetHandleInformation inheritable passed.");
+ }
+
+ pi.dwSize = sizeof(pi);
+ pi.lpUserName = username;
+ pi.dwFlags = PI_NOUI;
+ // pi.hProfile is registry hive ref
+ if (!s_advapi->LoadUserProfile((*info)->hnd,
+ &pi)) {
+ dispwinstatus(&errmsg);
+ ldebug("LoadUserProfile failed. Error code: %s", errmsg);
+ }
+ ldebug("LoadUserProfile passed.");
+#endif /* XXX vista api */
+
+ }
+ else {
+ ldebug("Failed to load all required advapi32 symbols in create restricted user.");
+ }
+
+ return (retval);
+}
+
+BOOL userswitcher(void)
+{
+ LPTSTR errmsg;
+ if (!LockWorkStation()) {
+ dispwinstatus(&errmsg);
+ ldebug("LockWorkStation failed. Error code: %s", errmsg);
+ free(errmsg);
+ return FALSE;
+ }
+ ldebug("LockWorkStation for user switch passed.");
+ return TRUE;
+}
+
+BOOL initruserprofile(userinfo * info)
+{
+ LPTSTR relpath;
+ LPTSTR imgsrc;
+ LPTSTR imgdest;
+ ldebug ("Initializing user profile %s on host %s.", info->name, info->host);
+ if (!buildfpath(PATH_FQ, VMDIR_LIB, NULL, "torvmuser.bmp", &imgsrc)) {
+ lerror ("Unable to build path for profile image in lib dir.");
+ return FALSE;
+ }
+ relpath = malloc(1024);
+ snprintf(relpath, 1023, "Application Data\\Microsoft\\User Account Pictures\\%s.bmp", info->name);
+ if (!buildsyspath(SYSDIR_ALLPROFILE, relpath, &imgdest)) {
+ lerror ("Unable to build path for all users profile destination.");
+ free(imgsrc);
+ return FALSE;
+ }
+ if (!copyfile(imgsrc, imgdest)) {
+ ldebug ("Failed to copy user profile image from %s to %s.", imgsrc, imgdest);
+ }
+ free(relpath);
+ free(imgsrc);
+ free(imgdest);
+ return TRUE;
+}
+
BOOL entropy (LPBYTE buf,
DWORD len)
{
Modified: torvm/trunk/build/win32/src/torvm-w32/creds.h
===================================================================
--- torvm/trunk/build/win32/src/torvm-w32/creds.h 2009-04-19 04:34:34 UTC (rev 19349)
+++ torvm/trunk/build/win32/src/torvm-w32/creds.h 2009-04-20 02:43:01 UTC (rev 19350)
@@ -8,6 +8,18 @@
#include <ntsecpkg.h>
#include <ntsecapi.h>
+typedef struct s_userinfo {
+ BOOL isrestricted;
+ BOOL isadmin;
+ BOOL isinteractive;
+ LPTSTR name;
+ LPTSTR host;
+ HANDLE hnd;
+ struct s_rconnelem * next;
+} userinfo;
+
+BOOL userswitcher (void);
+
/* We gotta have 'em! */
BOOL haveadminrights (void);
@@ -18,6 +30,14 @@
*/
BOOL setdriversigning (BOOL sigcheck);
+/* Create or open restricted user account. */
+BOOL createruser (LPTSTR hostname,
+ LPTSTR username,
+ userinfo **info);
+
+BOOL initruserprofile(userinfo *info);
+
+
/* Obtain entropy from Crypto API */
BOOL entropy (LPBYTE buf,
DWORD len);
Modified: torvm/trunk/build/win32/src/torvm-w32/torvm.c
===================================================================
--- torvm/trunk/build/win32/src/torvm-w32/torvm.c 2009-04-19 04:34:34 UTC (rev 19349)
+++ torvm/trunk/build/win32/src/torvm-w32/torvm.c 2009-04-20 02:43:01 UTC (rev 19350)
@@ -4,12 +4,6 @@
#include "torvm.h"
#include <getopt.h>
-#define DEFAULT_WINDIR "C:\\WINDOWS"
-#define TOR_VM_BASE "Tor_VM"
-#define W_TOR_VM_BASE L"Tor_VM"
-#define TOR_VM_BIN "bin"
-#define TOR_VM_LIB "lib"
-#define TOR_VM_STATE "state"
#define WIN_DRV_DIR "system32\\drivers"
#define TOR_TAP_NAME "Tor VM Tap32"
#define TOR_TAP_SVC "tortap91"
@@ -23,33 +17,7 @@
#define TOR_HDD_FILE "hdd.img"
#define QEMU_DEF_MEM 32
#define CAP_MTU 1480
-#define CMDMAX 4096
-BOOL buildpath (const TCHAR *dirname,
- TCHAR **fullpath);
-
-#define PATH_FQ 1
-#define PATH_RELATIVE 2
-#define PATH_MSYS 3
-#define VMDIR_BASE 1
-#define VMDIR_BIN 2
-#define VMDIR_LIB 3
-#define VMDIR_STATE 4
-static BOOL buildfpath (DWORD pathtype,
- DWORD subdirtype,
- LPTSTR wdpath,
- LPTSTR append,
- LPTSTR *fpath);
-
-#define SYSDIR_WINROOT 1
-#define SYSDIR_PROFILE 2
-#define SYSDIR_PROGRAMS 3
-#define SYSDIR_LCLDATA 4
-#define SYSDIR_LCLPROGRAMS 5
-static BOOL buildsyspath (DWORD syspathtype,
- LPTSTR append,
- LPTSTR *fpath);
-
struct s_rconnelem {
BOOL isactive;
BOOL isdefgw;
@@ -236,67 +204,6 @@
return;
}
-static BOOL buildsyspath (DWORD syspathtype,
- LPTSTR append,
- LPTSTR *fpath)
-{
- DWORD retval;
- DWORD errnum;
- LPTSTR defval = NULL;
- LPTSTR envvar;
- LPTSTR dsep = "\\";
- *fpath = malloc(CMDMAX * sizeof(TCHAR));
- if(*fpath == NULL) {
- lerror ("buildsyspath: out of memory.");
- free(envvar);
- return FALSE;
- }
- if (syspathtype == SYSDIR_WINROOT) {
- envvar = getenv("SYSTEMROOT");
- defval = DEFAULT_WINDIR;
- }
- else if (syspathtype == SYSDIR_PROFILE)
- envvar = getenv("USERPROFILE");
- else if (syspathtype == SYSDIR_PROGRAMS)
- envvar = getenv("PROGRAMFILES");
- else if (syspathtype == SYSDIR_LCLDATA)
- envvar = getenv("USERPROFILE");
- else if (syspathtype == SYSDIR_LCLPROGRAMS)
- envvar = getenv("USERPROFILE");
- if(!envvar) {
- if (defval) {
- strncpy(*fpath, defval, (CMDMAX -1));
- return TRUE;
- }
- free(*fpath);
- *fpath = 0;
- return FALSE;
- }
- if ( (syspathtype == SYSDIR_LCLPROGRAMS) || (syspathtype == SYSDIR_LCLDATA) ) {
- LPTSTR lclpost = 0;
- if (syspathtype == SYSDIR_LCLPROGRAMS)
- lclpost = "Programs";
- /* local appdata and programs is built against the user profile root */
- snprintf (*fpath, (CMDMAX -1),
- "%s%s%s%s%s%s%s",
- envvar,
- dsep,
- "Local Settings\\Application Data",
- lclpost ? dsep : "",
- lclpost ? lclpost : "",
- append ? dsep : "",
- append ? append : "");
- }
- else {
- snprintf (*fpath, (CMDMAX -1),
- "%s%s%s",
- envvar,
- append ? dsep : "",
- append ? append : "");
- }
- return TRUE;
-}
-
static BOOL escquote(LPTSTR path,
LPTSTR *epath)
{
@@ -325,148 +232,6 @@
return TRUE;
}
-/* initial attempt to keep file locations dynamic and configurable.
- */
-static BOOL buildfpath (DWORD pathtype,
- DWORD subdirtype,
- LPTSTR wdpath,
- LPTSTR append,
- LPTSTR *fpath)
-{
- LPTSTR basepath;
- DWORD buflen;
- *fpath = NULL;
- LPTSTR dsep = "\\";
- if (pathtype == PATH_RELATIVE) {
- if (!wdpath) {
- basepath = strdup(".");
- }
- else {
- /* TODO: for now, we check if we're in one of the bin/lib/state subdirs
- * and adjust accordingly. what we really need to do is is build a full
- * relative path based on cwd for situations when we might be executing
- * in a location other than the usual subdirs above.
- */
- if ( (strstr(wdpath, "\\" TOR_VM_BIN)) ||
- (strstr(wdpath, "\\" TOR_VM_LIB)) ||
- (strstr(wdpath, "\\" TOR_VM_STATE)) ) {
- basepath = (pathtype == PATH_MSYS) ? strdup("../") : strdup("..\\");
- }
- }
- }
- else {
- if (!getmypath(&basepath)) {
- lerror ("Unable to get current process working directory.");
- /* TODO: what fallbacks should be used? check common locations? */
- return FALSE;
- }
- if (pathtype == PATH_MSYS) {
- /* TODO: split drive and path, then sub dir separator */
- dsep = "/";
- }
- /* truncate off our program name from the basepath */
- if (strlen(basepath) > 1) {
- LPTSTR cp = basepath + strlen(basepath) - 1;
- while (cp > basepath && *cp) {
- if (*cp == '\\')
- *cp = 0;
- else
- cp--;
- }
- }
- }
- buflen = strlen(basepath) + 32; /* leave plenty of room for subdir */
- if (append)
- buflen += strlen(append);
- *fpath = malloc(buflen);
- **fpath = 0;
- if (subdirtype == VMDIR_BASE) {
- snprintf (*fpath, buflen-1,
- "%s%s%s",
- basepath,
- append ? dsep : "",
- append ? append : "");
- }
- else {
- LPTSTR csd = "";
- if (subdirtype == VMDIR_BIN)
- csd = TOR_VM_BIN;
- else if (subdirtype == VMDIR_LIB)
- csd = TOR_VM_LIB;
- else if (subdirtype == VMDIR_STATE)
- csd = TOR_VM_STATE;
-
- snprintf (*fpath, buflen-1,
- "%s%s%s%s%s",
- basepath,
- dsep,
- csd,
- append ? dsep : "",
- append ? append : "");
- }
- ldebug ("Returning build file path %s for path type %d subdir type %d working path %s and append %s", *fpath, pathtype, subdirtype, wdpath ? wdpath : "", append ? append : "");
-
- free (basepath);
- return TRUE;
-}
-
-BOOL exists(LPTSTR path)
-{
- HANDLE hnd;
- hnd = CreateFile (path,
- GENERIC_READ,
- 0,
- NULL,
- OPEN_EXISTING,
- FILE_ATTRIBUTE_NORMAL,
- NULL);
- if (hnd == INVALID_HANDLE_VALUE) {
- return FALSE;
- }
- CloseHandle(hnd);
- return TRUE;
-}
-
-BOOL copyfile (LPTSTR srcpath,
- LPTSTR destpath)
-{
- HANDLE src, dest;
- DWORD buffsz = CMDMAX;
- DWORD len, written;
- LPTSTR buff;
- src = CreateFile (srcpath,
- GENERIC_READ,
- 0,
- NULL,
- OPEN_EXISTING,
- FILE_ATTRIBUTE_NORMAL,
- NULL);
- if (src == INVALID_HANDLE_VALUE) {
- return FALSE;
- }
- DeleteFile (destpath);
- dest = CreateFile (destpath,
- GENERIC_WRITE,
- 0,
- NULL,
- CREATE_NEW,
- FILE_ATTRIBUTE_NORMAL,
- NULL);
- if (dest == INVALID_HANDLE_VALUE) {
- return FALSE;
- }
- buff = malloc(buffsz);
- if (!buff)
- return FALSE;
- while (ReadFile(src, buff, buffsz, &len, NULL) && (len > 0))
- WriteFile(dest, buff, len, &written, NULL);
- free (buff);
- CloseHandle (src);
- CloseHandle (dest);
-
- return TRUE;
-}
-
BOOL copyvidaliacfg (LPTSTR srcpath,
LPTSTR destpath,
LPTSTR datadir,
@@ -633,7 +398,7 @@
free (cmd);
while ( GetExitCodeProcess(pi.hProcess, &exitcode) && (exitcode == STILL_ACTIVE) ) {
- Sleep (200);
+ Sleep (500);
}
CloseHandle(pi.hThread);
CloseHandle(pi.hProcess);
@@ -854,7 +619,7 @@
{
LPTSTR fname = NULL;
LPTSTR cmd = "\"net.exe\" stop tornpf";
- if (! runcommand(cmd)) {
+ if (! runcommand(cmd,NULL)) {
lerror ("Unable to run net stop for tornpf service.");
}
if (0) { /* XXX: for now we don't ever delete the npf device file. */
@@ -893,7 +658,7 @@
*/
if (getosversion() >= OS_VISTA) {
cmd = "\"netsh.exe\" advfirewall export \"" TOR_VM_STATE "\\firewall.wfw\"";
- runcommand(cmd);
+ runcommand(cmd,NULL);
linfo ("Saved current firewall configuration state.");
}
@@ -988,7 +753,7 @@
if (getosversion() >= OS_VISTA) {
cmd = "\"netsh.exe\" advfirewall import \"" TOR_VM_STATE "\\firewall.wfw\"";
- runcommand(cmd);
+ runcommand(cmd,NULL);
linfo ("Imported saved firewall configuration.");
}
@@ -1020,7 +785,7 @@
}
while ( GetExitCodeProcess(pi.hProcess, &exitcode) && (exitcode == STILL_ACTIVE) ) {
- Sleep (200);
+ Sleep (500);
}
CloseHandle(pi.hThread);
@@ -1033,48 +798,6 @@
return TRUE;
}
-BOOL runcommand(LPSTR cmd)
-{
- STARTUPINFO si;
- PROCESS_INFORMATION pi;
- LPTSTR dir = NULL;
- DWORD exitcode;
- DWORD opts = 0;
-
- opts = CREATE_NEW_PROCESS_GROUP;
-
- if (!buildfpath(PATH_FQ, VMDIR_BIN, NULL, NULL, &dir)) {
- lerror ("Unable to build path for bin dir.");
- return FALSE;
- }
-
- ZeroMemory( &pi, sizeof(pi) );
- ZeroMemory( &si, sizeof(si) );
- si.cb = sizeof(si);
-
- if( !CreateProcess(NULL,
- cmd,
- NULL, // process handle no inherit
- NULL, // thread handle no inherit
- FALSE, // default handle inheritance false
- opts,
- NULL, // environment block
- dir,
- &si,
- &pi) ) {
- lerror ("Failed to launch process. Error code: %d", GetLastError());
- return FALSE;
- }
-
- while ( GetExitCodeProcess(pi.hProcess, &exitcode) && (exitcode == STILL_ACTIVE) ) {
- Sleep (200);
- }
- CloseHandle(pi.hThread);
- CloseHandle(pi.hProcess);
-
- return TRUE;
-}
-
BOOL disableservices(void)
{
/* TODO: check which of the following are running and stop them.
@@ -1088,7 +811,7 @@
{
LPTSTR cmd = "\"netsh.exe\" firewall set opmode disable";
ldebug ("Disable firewall cmd: %s", cmd);
- if (! runcommand(cmd)) {
+ if (! runcommand(cmd,NULL)) {
return FALSE;
}
return TRUE;
@@ -1098,8 +821,13 @@
{
/* TODO: we need to check if exceptions are disabled, and set opmode enable disable accordingly. */
LPTSTR cmd = "\"netsh.exe\" firewall set opmode enable";
+ LPTSTR dir = NULL;
+ if (!buildfpath(PATH_FQ, VMDIR_BIN, NULL, NULL, &dir)) {
+ lerror ("Unable to build path for bin dir.");
+ return FALSE;
+ }
ldebug ("Re-enable firewall cmd: %s", cmd);
- if (! runcommand(cmd)) {
+ if (! runcommand(cmd,NULL)) {
return FALSE;
}
return TRUE;
@@ -1110,7 +838,7 @@
LPSTR cmd;
cmd = "\"netsh.exe\" interface ip delete arpcache";
ldebug ("Clear ARP cache cmd: %s", cmd);
- if (! runcommand(cmd)) {
+ if (! runcommand(cmd,NULL)) {
return FALSE;
}
return TRUE;
@@ -1118,10 +846,9 @@
BOOL flushdns(void)
{
- LPSTR cmd;
- cmd = "\"ipconfig.exe\" /flushdns";
+ LPSTR cmd = "\"ipconfig.exe\" /flushdns";
ldebug ("Flush DNS cmd: %s", cmd);
- if (! runcommand(cmd)) {
+ if (! runcommand(cmd,NULL)) {
return FALSE;
}
return TRUE;
@@ -1129,10 +856,9 @@
BOOL configtap(void)
{
- const DWORD cmdlen = 1024;
+ const DWORD cmdlen = 1024;
LPTSTR cmd;
LPTSTR netsh = "netsh.exe";
-
cmd = malloc(cmdlen);
snprintf (cmd, cmdlen,
@@ -1143,7 +869,7 @@
TOR_TAP_NET,
TOR_TAP_VMIP);
ldebug ("Tap config cmd: %s", cmd);
- if (! runcommand(cmd)) {
+ if (! runcommand(cmd,NULL)) {
free (cmd);
return FALSE;
}
@@ -1153,7 +879,7 @@
TOR_TAP_NAME,
TOR_TAP_DNS1);
ldebug ("Tap dns config cmd: %s", cmd);
- if (! runcommand(cmd)) {
+ if (! runcommand(cmd,NULL)) {
free (cmd);
return FALSE;
}
@@ -1163,7 +889,7 @@
TOR_TAP_NAME,
TOR_TAP_DNS2);
ldebug ("Tap dns2 config cmd: %s", cmd);
- if (! runcommand(cmd)) {
+ if (! runcommand(cmd,NULL)) {
free (cmd);
return FALSE;
}
@@ -1177,7 +903,7 @@
LPSTR cmd;
cmd = "\"netsh.exe\" interface ip set address \"Local Area Connection\" static 10.231.254.1 255.255.255.254";
ldebug ("Bridge interface null route cmd: %s", cmd);
- if (! runcommand(cmd)) {
+ if (! runcommand(cmd,NULL)) {
return FALSE;
}
return TRUE;
@@ -1967,7 +1693,7 @@
DWORD exitcode;
while ( GetExitCodeProcess(pi->hProcess, &exitcode) && (exitcode == STILL_ACTIVE) ) {
ldebug ("waiting for process to exit ...");
- Sleep (2000);
+ Sleep (1000);
}
ldebug ("Done.");
CloseHandle(pi->hThread);
@@ -2069,6 +1795,26 @@
return TRUE;
}
+BOOL setupuser (void)
+{
+ BOOL retval = FALSE;
+ userinfo * ui;
+ char * myhostname = getenv("COMPUTERNAME");
+ if (!myhostname)
+ myhostname = getenv("HOSTNAME");
+ if (createruser (myhostname,
+ "Tor",
+ &ui)) {
+ if (!initruserprofile(ui)) {
+ ldebug ("Failed to initialize user profile data in setupuser.");
+ }
+ else {
+ retval = TRUE;
+ }
+ }
+ return retval;
+}
+
BOOL setupenv (void)
{
#define EBUFSZ 4096
@@ -2158,6 +1904,7 @@
* int* flag | NULL,
* 'x' (char) OR flag && lval
*/
+ { "accel" , no_argument , NULL, 'a' },
{ "verbose" , no_argument , NULL, 'v' },
{ "update" , no_argument , NULL, 'u' },
{ "bundle" , no_argument , NULL, 'b' },
@@ -2175,6 +1922,7 @@
fprintf(stderr, "Usage:\t"
"torvm.exe [options]\n\n"
"Valid options are:\n"
+ " --accel\n"
" --verbose\n"
" --update\n"
" --bundle\n"
@@ -2194,6 +1942,7 @@
struct s_rconnelem *connlist = NULL;
struct s_rconnelem *ce = NULL;
struct s_rconnelem *tapconn = NULL;
+ BOOL vmaccel = FALSE;
BOOL bundle = FALSE;
BOOL indebug = FALSE;
BOOL vmnop = FALSE;
@@ -2205,11 +1954,16 @@
int c, optidx = 0;
while (1) {
- c = getopt_long(argc, argv, "vubshrcXZ", torvm_options, &optidx);
+ c = getopt_long(argc, argv, "avubshrcXZ", torvm_options, &optidx);
if (c == -1)
break;
switch (c) {
+ case 'a':
+ ldebug ("Set option %s.", torvm_options[optidx].name);
+ vmaccel = TRUE;
+ break;
+
case 'v':
ldebug ("Set option %s.", torvm_options[optidx].name);
indebug = TRUE;
@@ -2269,6 +2023,17 @@
}
}
+ if (buildfpath(PATH_FQ, VMDIR_STATE, NULL, "vmlog.txt", &logfile)) {
+ logto (logfile);
+ free (logfile);
+ logfile = NULL;
+ }
+ if (buildfpath(PATH_FQ, VMDIR_STATE, NULL, "debug.txt", &logfile)) {
+ debugto (logfile);
+ free (logfile);
+ logfile = NULL;
+ }
+
if (getosbits() > 32) {
lerror ("Error: only 32bit operating systems are currently supported.");
MessageBox(NULL,
@@ -2278,10 +2043,6 @@
exit (1);
}
- if (!setupenv()) {
- fatal ("Unable to prepare process environment.");
- }
-
if (!haveadminrights()) {
if (promptrunasadmin()) {
if (respawnasadmin() == TRUE) {
@@ -2291,22 +2052,19 @@
return 1;
}
- if (buildfpath(PATH_FQ, VMDIR_STATE, NULL, "vmlog.txt", &logfile)) {
- logto (logfile);
- free (logfile);
- logfile = NULL;
+ if (!setupenv()) {
+ fatal ("Unable to prepare process environment.");
}
- if (buildfpath(PATH_FQ, VMDIR_STATE, NULL, "debug.txt", &logfile)) {
- debugto (logfile);
- free (logfile);
- logfile = NULL;
- }
if (!vmnop) {
if (!savenetconfig()) {
fatal ("Unable to save current network configuration.");
}
+ if (!setupuser()) {
+ lerror ("Unable to setup restricted user.");
+ }
+
ce = NULL;
numintf = loadnetinfo(&connlist);
if (numintf > 0) {
@@ -2439,7 +2197,17 @@
* for the 10. tap control port and externally managed Tor instance.
*/
if (bundle) {
- runvidalia(indebug);
+ /* try to confirm control port is up before launching vidalia... */
+ int i = 10;
+ while ( (!tryconnect(TOR_TAP_VMIP, 9051)) && (i > 0) ) {
+ ldebug("Control port connect attempt failed, trying again... [%d left]", i);
+ Sleep(1000);
+ }
+ if (i > 0) {
+ ldebug("Control port connected. Starting controller ...");
+ runvidalia(indebug);
+ userswitcher();
+ }
}
/* TODO: once the pcap bridge is up we can re-enable the firewall IF we
Added: torvm/trunk/build/win32/src/torvm-w32/torvmuser.bmp
===================================================================
(Binary files differ)
Property changes on: torvm/trunk/build/win32/src/torvm-w32/torvmuser.bmp
___________________________________________________________________
Added: svn:mime-type
+ image/x-ms-bmp
More information about the tor-commits
mailing list